Commit Graph

71985 Commits

Author SHA1 Message Date
v8-ci-autoroll-builder
121601a414 Update V8 DEPS.
Rolling v8/build: 110f470..ee9068d

Rolling v8/buildtools/third_party/libc++abi/trunk: 9eb0245..4c834ab

Rolling v8/buildtools/third_party/libunwind/trunk: 557b51a..6f77fbf

Rolling v8/third_party/aemu-linux-x64: oT0j0p3wnLGyIs4qDcea3sRhW4YKoAhTY2LDWkJ4T4QC..CtkoubyWN1QNNB68v2CsV0fsa-ikErKqmbujQdM_iGMC

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/876bab7..2d03634

Rolling v8/third_party/depot_tools: 756e98f..ed33756

Rolling v8/third_party/googletest/src: 075810f..16f637f

Rolling v8/tools/clang: c00aa10..2b09788

TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I779a9da6804d29e4f7a05d646d1f8a6cbff3de8f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3233925
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77493}
2021-10-21 10:46:12 +00:00
Patrick Thier
88c0f72927 [turbofan] Fix calling class constructors with spread
Calling class constructors without new is a spec violation and should
raise an exception.
In [1] calling class constructors with spread (without new) was handled
by reducing the node to a call to runtime to raise the exception.
However, arguments of the call have to be evaluated first ([2]).
This CL changes the reduction of JSCallWithSpread/JSCallWithArrayLike to
a no-op in JSCallReducer if the target is a class constructor, delaying
raising of the exception to the call builtin.

[1] https://crrev.com/c/3229369
[2] https://tc39.es/ecma262/#sec-evaluatecall

Bug: chromium:1262007
Change-Id: I2ef504d4ce6e51d582b5951beb6debb983cefba6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3236348
Commit-Queue: Patrick Thier <pthier@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77492}
2021-10-21 10:14:12 +00:00
Victor Porof
21d2dec521 Create an async stack tagging prototype API
This CL exposes the async stack traces instrumentation on the console
object, behind a --experimental-async-stack-tagging-api flag. It serves
as a prototype that aims to validate whether the debugging experience
can be improved for userland code that uses custom schedulers. The tests
are implemented as Blink web tests in the following CL:
https://chromium-review.googlesource.com/c/chromium/src/+/3226418

Bug: chromium:332624
Change-Id: Ib1ee71de68f7bb9aff5b944812ce681d8711d217
Signed-off-by: Victor Porof <victorporof@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3212506
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77491}
2021-10-21 09:57:52 +00:00
Victor Gomes
af1ccea736 [heap] Support registering code on the background thread
We use a mutex to avoid data race when reading/writing to the
code object registry.

Functions called only by the sweeper happens during safepoints and
do not need to be protected by the mutex.

Bug: v8:12054
Change-Id: Ie85bf0422622eee7f2836ecae132397a6aa4ed59
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3234721
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77490}
2021-10-21 09:55:23 +00:00
Leszek Swirski
eaf40c2008 Manually update instrumented_libraries DEPS
Rolling this manually because we have to update paths in sync with
instrumented_libraries due to https://crrev.com/c/3224627.

Rolling v8/third_party/instrumented_libraries:
6527a4e..3c149f5

Bug: chromium:1261909
Change-Id: Ibcb6ebefa287e0125e0cb75be8dc51dea392a502
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3233138
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77489}
2021-10-21 09:54:22 +00:00
Leszek Swirski
66fd941a47 Reland "[Fuchsia] Remove checkout_fuchsia_for_arm64_host"
This is a reland of 6cd14492aa

Additionally rolls buildtools to include https://crrev.com/c/3045960

Rolling v8/build: f78b0bd..110f470

Rolling v8/buildtools: a9bc3e2..f5750f5

Original change's description:
> [Fuchsia] Remove checkout_fuchsia_for_arm64_host
>
> Also roll /build to a version that contains the cl removing
> checkout_fuchsia_for_arm64_host
>
> Bug: chromium:1137662
> Change-Id: I72851e5ab4e1daabf6ea62fb7935dfd28d8dee25
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3232816
> Auto-Submit: Chong Gu <chonggu@google.com>
> Commit-Queue: Chong Gu <chonggu@google.com>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77486}

Bug: chromium:1137662
Change-Id: Iaa142fd3e61ce14972381f309a83f45e1a0cb318
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3236347
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77488}
2021-10-21 08:33:13 +00:00
Leszek Swirski
24693010d9 Revert "[Fuchsia] Remove checkout_fuchsia_for_arm64_host"
This reverts commit 6cd14492aa.

Reason for revert: The build roll is breaking out Android Arm64 build (https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Android%20Arm64%20-%20builder/41853/overview)

Original change's description:
> [Fuchsia] Remove checkout_fuchsia_for_arm64_host
>
> Also roll /build to a version that contains the cl removing
> checkout_fuchsia_for_arm64_host
>
> Bug: chromium:1137662
> Change-Id: I72851e5ab4e1daabf6ea62fb7935dfd28d8dee25
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3232816
> Auto-Submit: Chong Gu <chonggu@google.com>
> Commit-Queue: Chong Gu <chonggu@google.com>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77486}

Bug: chromium:1137662
Change-Id: I48f8f030cee277b761d17fa3c891737f84c25970
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3234962
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Owners-Override: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77487}
2021-10-21 07:59:32 +00:00
Chong Gu
6cd14492aa [Fuchsia] Remove checkout_fuchsia_for_arm64_host
Also roll /build to a version that contains the cl removing
checkout_fuchsia_for_arm64_host

Bug: chromium:1137662
Change-Id: I72851e5ab4e1daabf6ea62fb7935dfd28d8dee25
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3232816
Auto-Submit: Chong Gu <chonggu@google.com>
Commit-Queue: Chong Gu <chonggu@google.com>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77486}
2021-10-21 07:43:02 +00:00
Lu Yahan
6b2809df52 [riscv64][regexp] Compact codegen for large character classes
Port 8bbb44e537
Port 7c08633bf6

Change-Id: Iebc3e223a0a7bc5f31ef0f21d8589e60ccdc0833
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3233695
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Commit-Queue: ji qiu <qiuji@iscas.ac.cn>
Reviewed-by: ji qiu <qiuji@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#77485}
2021-10-21 01:58:51 +00:00
Ng Zhi An
c3f346b7ac [wasm-relaxed-simd][x64] Prototype relaxed min and max
Relaxed f32x4 and f64x2 min and max.

These instructions only guarantee results when the inputs are non nans,
and when the inputs are not 0s of opposite signs.

Reuse existing float binop testing harnesses and add special checks for
such constants when relaxed operations are being tested.

Drive-by rename of x64 instruction codes to be Minps/Maxps/Minpd/Maxpd
since they map down exactly to a single instruction.

Bug: v8:12284
Change-Id: I1449dbfa87935a96d7d260db22667ab7b9e86601
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3218196
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77484}
2021-10-21 00:58:24 +00:00
Shu-yu Guo
24af42e8a3 [test] Fix flag misconfig
--no-stress-flush-bytecode doesn't exist and should be
--no-stress-flush-code. Not supressing it means a tester could pass
--stress-flush-code and --no-flush-bytecode, which are contradictory and
will assert.

Bug: v8:12331
Cq-Include-Trybots: luci.v8.try:v8_numfuzz_dbg_ng,v8_numfuzz_ng
Change-Id: I6490271bcb11f5ea925eb8b65fbe0455c2dafeaf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3233952
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77483}
2021-10-20 20:24:51 +00:00
Michael Achenbach
50708676f9 Revert "Update V8 DEPS."
This reverts commit 17a99fec25.

Reason for revert: https://crbug.com/1261909

Original change's description:
> Update V8 DEPS.
>
> Rolling v8/build: f78b0bd..50ef978
>
> Rolling v8/buildtools: a9bc3e2..aa2fb01
>
> Rolling v8/buildtools/third_party/libc++abi/trunk: 9eb0245..025086b
>
> Rolling v8/buildtools/third_party/libunwind/trunk: 557b51a..10f4e4a
>
> Rolling v8/third_party/aemu-linux-x64: oT0j0p3wnLGyIs4qDcea3sRhW4YKoAhTY2LDWkJ4T4QC..p2K77JFqGXfOhd-k7kwHxN1jcMy1onKpHYDko4dJTnwC
>
> Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/876bab7..2d03634
>
> Rolling v8/third_party/depot_tools: 756e98f..b6ce244
>
> Rolling v8/third_party/googletest/src: 075810f..16f637f
>
> Rolling v8/third_party/instrumented_libraries: 6527a4e..3c149f5
>
> Rolling v8/tools/clang: c00aa10..79b0bc1
>
> TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com
>
> Change-Id: Ied2105fc229f34fd8b454eac0b01aed99a417de6
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3234818
> Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
> Cr-Commit-Position: refs/heads/main@{#77481}

Bug: chromium:1261909
Change-Id: I9e02280aad8ba14883856c2421f6d61ebb012775
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3234724
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77482}
2021-10-20 19:25:13 +00:00
v8-ci-autoroll-builder
17a99fec25 Update V8 DEPS.
Rolling v8/build: f78b0bd..50ef978

Rolling v8/buildtools: a9bc3e2..aa2fb01

Rolling v8/buildtools/third_party/libc++abi/trunk: 9eb0245..025086b

Rolling v8/buildtools/third_party/libunwind/trunk: 557b51a..10f4e4a

Rolling v8/third_party/aemu-linux-x64: oT0j0p3wnLGyIs4qDcea3sRhW4YKoAhTY2LDWkJ4T4QC..p2K77JFqGXfOhd-k7kwHxN1jcMy1onKpHYDko4dJTnwC

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/876bab7..2d03634

Rolling v8/third_party/depot_tools: 756e98f..b6ce244

Rolling v8/third_party/googletest/src: 075810f..16f637f

Rolling v8/third_party/instrumented_libraries: 6527a4e..3c149f5

Rolling v8/tools/clang: c00aa10..79b0bc1

TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: Ied2105fc229f34fd8b454eac0b01aed99a417de6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3234818
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77481}
2021-10-20 16:57:31 +00:00
Milad Fa
d219d39a80 PPC/s390: [turbofan] Handle class constructor
Port e127f58410

Original Commit Message:

    Handling of class constructors was moved from CallFunction to Call
    in [1].
    When reducing calls with spread we forward varargs directly to
    CallFunction, if we are spreading to inlined arguments or arguments of
    the outermost function.
    In that case we didn't check for class constructors and therefore didn't
    raise an exception.
    This CL adds checks for class constructors to all JSCall* nodes in
    JSCallReducer that missed them before.

    [1] https://crrev.com/c/3186434

R=pthier@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N

Change-Id: I02cba90369354f064201daa1bf8812e17cb2dc21
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3234040
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#77480}
2021-10-20 16:31:01 +00:00
Igor Sheludko
4d64208e4d [ext-code-space] Make the code space external for real
... when the v8_enable_external_code_space build flag is enabled.

Bug: v8:11880
Change-Id: I754c6229dcd25f81ef6dfbedc5885ac025c0aeff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3164458
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77479}
2021-10-20 16:29:51 +00:00
Shu-yu Guo
4fb132b855 Add no bytecode flush flags to call-with-arraylike-or-spread tests
These tests depend on predictable optimize/deoptimize movements.
--no-stress-flush-bytecode and --no-flush-bytecode ensure the feedback
vector is not flushed, causing unexpected deoptimizations.

Bug: v8:12328, v8:12311
Change-Id: I2eb7575e8c943a92c907831d4d66d2b0c9716869
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3232825
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77478}
2021-10-20 15:34:51 +00:00
JianxiaoLuIntel
cac5e4bfb3 [heap] Fix fast path for young allocations
Bug: v8:12305
Change-Id: Ibc71e864bfb19c720d4cecf61f1254402859db6b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3215100
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77477}
2021-10-20 15:11:42 +00:00
Michael Achenbach
ee74e71833 [test] Bump shards on slow bots
No-Try: true
Change-Id: Ib665f238db8dba7ca460f1fdb84e0e0e3a3d9e97
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3234720
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77476}
2021-10-20 14:25:51 +00:00
Victor Gomes
a0482ec3ad [baseline] Fix cctest Flags when ConcurrentSP
The cctest enables concurrent-sparplug during startup, which creates
a job_handler_, then disables the flag before destroying the isolate,
which calls the destructor of ConcurrentBaselineCompiler.
This does not call job_handle_->Cancel and fails in a DCHECK inside
the default_job implementation.

Bug: v8:12054
Change-Id: I8975e2ad2c0aafaa86aedb13018617a08f0fded9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3234718
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77475}
2021-10-20 14:04:43 +00:00
Michael Lippautz
ae4832e5cb Manually update google_benchmark
V8 fix: Temporarily allow using deprecated methods until upstream is fixed.

Rolling v8/third_party/google_benchmark/src: 59bbc7f..1e3ab7f

Merge remote-tracking branch 'upstream/pr/1240' (Roman Lebedev)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/1e3ab7f

cmake: allow to use package config from build directory (Sergiu Deitsch)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/1be88c0

Merge remote-tracking branch 'upstream/pr/1244' (Roman Lebedev)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/3395949

cmake: make package config relocatable (Sergiu Deitsch)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/eb9100b

GoogleTest.cmake.in: mention BENCHMARK_USE_BUNDLED_GTEST (Roman Lebedev)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/2f30903

GoogleTest.cmake.in: immediately error-out after failure message, Closes #1255 (Roman Lebedev)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/8c8052a

Introduce additional memory metrics (#1238) (Vy Nguyen)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/7fad964

Fix -Wdeprecated-declarations warning triggered by clang-cl. (#1245) (Byoungchan Lee)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/f730846

...

Change-Id: Ia10c33f512fae7bcc889e36a9cb368d8628f3e5f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3234197
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77474}
2021-10-20 13:43:30 +00:00
Milad Fa
841d33a591 PPC/s390: [regexp] Compact codegen for large character classes
Port 8bbb44e537

Original Commit Message:

    Large character classes may easily be created when unicode
    properties (e.g.: /\p{L}/u and /\P{L}/u) are used - these are
    expanded internally into character classes that consist of hundreds
    of character ranges. Previously to this CL, we'd emit branching code
    for each of these ranges, leading to very large regexp code objects.

    This CL adds a new codegen mode for large character classes (where
    'large' currently means > 16 ranges). Instead of emitting branching
    code inline, the ranges are written into a ByteArray and we call into
    the C function IsCharacterInRangeArray for the actual branching logic.
    The ByteArray is smaller than emitted code and is deduplicated if the
    same character class is matched repeatedly in the same pattern.

    Note this mode is *not* implemented for the interpreter, since we
    currently don't have a constant pool for irregexp bytecode, and thus
    cannot reference ByteArrays.

R=jgruber@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N

Change-Id: I2ded01fa2767e56e72be81b949eefb5fb85b7013
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3231981
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#77473}
2021-10-20 13:33:50 +00:00
Patrick Thier
e127f58410 [turbofan] Handle class constructor
Handling of class constructors was moved from CallFunction to Call
in [1].
When reducing calls with spread we forward varargs directly to
CallFunction, if we are spreading to inlined arguments or arguments of
the outermost function.
In that case we didn't check for class constructors and therefore didn't
raise an exception.
This CL adds checks for class constructors to all JSCall* nodes in
JSCallReducer that missed them before.

[1] https://crrev.com/c/3186434

Bug: chromium:1260623
Change-Id: Id39cdfd09ff5aae804ae30d96909518e408c9613
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229369
Commit-Queue: Patrick Thier <pthier@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77472}
2021-10-20 13:18:00 +00:00
Victor Gomes
f7d3555701 [baseline] Skip batch focus tests when using ConcurrentSP
These two tests rely on the functions being immediately compiled with SP.
Concurrent SP might add a delay and fail the test.

Bug: v8:12054
Change-Id: I52dbdfeb5c49c23f2d20a43bb8a87aba1f16358e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3233233
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77471}
2021-10-20 12:49:20 +00:00
Victor Gomes
28ad7986dc [baseline] Compile --always-sparkplug on the main thread
When --always-sparkplug, we compile on the main thread. This fixes the
CodeBuilder path when also running with --concurrent-sparkplug

Bug: v8:12054
Change-Id: Ifafcd68b635e99ca39c5eebc3e1ff839a2193eb4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3233232
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77470}
2021-10-20 12:44:00 +00:00
Victor Gomes
a19359fa6f [baseline] Fix task queue size
last_index_ is already incremented in Enqueue and points to one past
the end of the array.

Bug: v8:12054
Change-Id: I63b9a315464af9366f39c863fbd40e58adb69f1b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3233230
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77469}
2021-10-20 12:32:00 +00:00
Zhao Jiazhong
58559fb7c1 [loong64][mips][regexp] Compact codegen for large character classes
Port commit 8bbb44e537

Bug: v8:11069
Change-Id: I66532e8410390bc220d7811e320bb44181b00d1f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3234303
Reviewed-by: Liu yu <liuyu@loongson.cn>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/main@{#77468}
2021-10-20 10:53:40 +00:00
Victor Gomes
9e857ef398 [baseline] Fix RecordVirtualCodeDetails
Avoid accessing deoptimzation_data and source_position_table
in RecordVirtualCodeDetails for baseline code.

Bug: v8:12321
Change-Id: I8d1bebc973ea2cb3de88102965281314facbc864
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229568
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77467}
2021-10-20 10:34:40 +00:00
Leszek Swirski
8ef02420e6 [dict-tracking] Expose dict tracking as a flag
Add a readonly --dict-property-const-tracking flag so that we can
correctly specify negative implications for --concurrent-inlining and
--turboprop, and correctly fail flag contradictions where needed.

Change-Id: I1b20c6a2bef42c868ccde3b8db60f1107eb29550
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3233222
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77466}
2021-10-20 09:48:40 +00:00
Hao Xu
a7194874fd [sparkplug] Implement OS::GetFreeMemoryRangesWithin() for Windows
Search for free memory ranges within the +/- 2GB boundary to the
embedded builtins. So that code range can be allocated close to the
binary to enable short builtin calls when pointer compression is
disabled.

Bug: v8:12045, v8:11527
Change-Id: I4698625882c3c7c39aff73b0bc874ddcfc990881
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3212466
Commit-Queue: Hao A Xu <hao.a.xu@intel.com>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77465}
2021-10-20 09:47:19 +00:00
Jakob Gruber
8da845df71 [objects] Modern style DCHECKs in ByteArray accessors
Change-Id: I4ed4d0c53a90af4a8d3a58fa3f418576aadd09c3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3234195
Commit-Queue: Patrick Thier <pthier@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77464}
2021-10-20 06:45:00 +00:00
Jakob Gruber
8bbb44e537 [regexp] Compact codegen for large character classes
Large character classes may easily be created when unicode
properties (e.g.: /\p{L}/u and /\P{L}/u) are used - these are
expanded internally into character classes that consist of hundreds
of character ranges. Previously to this CL, we'd emit branching code
for each of these ranges, leading to very large regexp code objects.

This CL adds a new codegen mode for large character classes (where
'large' currently means > 16 ranges). Instead of emitting branching
code inline, the ranges are written into a ByteArray and we call into
the C function IsCharacterInRangeArray for the actual branching logic.
The ByteArray is smaller than emitted code and is deduplicated if the
same character class is matched repeatedly in the same pattern.

Note this mode is *not* implemented for the interpreter, since we
currently don't have a constant pool for irregexp bytecode, and thus
cannot reference ByteArrays.

Bug: v8:11069
Change-Id: I2d728e42d85114b796c637f791848731a104cd54
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229377
Reviewed-by: Patrick Thier <pthier@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77463}
2021-10-19 18:20:54 +00:00
Leszek Swirski
fec145d1cb [dict-tracking] Add turboprop as dict-tracking incompatible
It also enables concurrent inlining.

Change-Id: I894800b34e950a0e786d9f462b21273cc1d3b181
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3231342
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77462}
2021-10-19 16:22:53 +00:00
Clemens Backes
184213d305 [compiler] Fall back to mid-tier register allocation
Huge functions can take a really long time (several minutes) in register
allocation. This is caused by a big number of virtual registers combined
with a big number of blocks.
We can avoid such long-running register allocation by falling back to
the mid-tier register allocation if we detect a huge number of virtual
registers.
Note that this is mostly relevant for bigger WebAssembly modules, but we
implement it as a general TurboFan flag.

The flag is off by default for now, since there seem to be bugs lurking
in the mid-tier register allocator. Once those are fixed, we can stage
it behind --future and then ship it.

R=mslekova@chromium.org
CC=thibaudm@chromium.org

Bug: v8:12320
Change-Id: Iff14de456c2b3a91ee2b2b12221295dd56b69463
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3231336
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77461}
2021-10-19 16:18:03 +00:00
Leszek Swirski
70a0baaa59 [test] Robustify wait in regress-bug-9161
mjsunit/regress/regress-crbug-9161 had two spinlocks on an atomic:

  1. WaitUntil(lock == kStageRunning)
  2. WaitUntil(lock == kStageDone)

But, in theory the worker updating the "lock" could progress all the way
to kStageDone before the first loop manages to check the lock value
again.

We can make this more robust by checking:

  1. WaitUntil(lock != kStageInit)
  2. WaitUntil(lock == kStageDone)

That way both loops check for _any_ state past the state they want to
progress past.

Bug: v8:11437
Change-Id: I5220e61070a305301c678928edb0925c04dae970
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3231339
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77460}
2021-10-19 16:03:54 +00:00
Igor Sheludko
a20499e02a [ext-code-space] Prepare GC for making code space external
... by explicitly passing pointer compression cage base value to various
IsXXX() and map() calls in order to avoid using incorrect auto-computed
cage base value when applied to objects allocated in external code space.

This CL also introduces IsCodeObject(HeapObject) predicate which checks
the IS_EXECUTABLE bit in the page header's flags.

Bug: v8:11880
Change-Id: Ib44398c3125392e46e939044a9bd27e09d7944d5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229368
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77459}
2021-10-19 15:48:43 +00:00
Nico Hartmann
bd4ea1e178 [turbofan] Support for BigInt.asIntN
This CL adds support for BigInt.asIntN, the necessary operations and
extensions of the compiler's type system to allow lowering of BigInts
to word64 representations that are interpreted as signed 64 bit BigInts.

Bug: v8:9407
Change-Id: Id4f1f45437c1caf94e01c7b4e063c2ae2386c88a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3198070
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77458}
2021-10-19 14:41:45 +00:00
Victor Gomes
ca6bb80546 [util] Fix LockedQueue size
We increment the size before enqueueing the next element.
This guarantees that size > 0 when decrementing.

Bug: v8:12325
Change-Id: Ida256d9b22a9dd5cacb21312f099ee7186e2ca53
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3231335
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77457}
2021-10-19 13:25:27 +00:00
Milad Fa
c2757f6ca2 [baseline] Fix compilation on platforms without sparkplug
A few of the changes added by https://crrev.com/c/3229379 are
causing compilation errors on platforms without sparkplug.

Change-Id: Ic6088b33ba910ae5a96881fa7609e30d35db5d8a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3226548
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#77456}
2021-10-19 12:58:17 +00:00
Leszek Swirski
b7acd5100b [dict-tracking] Disable --concurrent-inlining under dict-tracking
Disable --concurrent-inlining when v8_dict_property_const_tracking is
enabled, since the latter doesn't support the former. Add statusfile
variables to mark this as an incompatible flag, and otherwise disable it
via flags.

Change-Id: Ie2e7dac6f4a1ddc97e7e7f4d4d2c77e638e216a0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229565
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77455}
2021-10-19 12:08:37 +00:00
Samuel Groß
c6388cd94f Move heap sandbox related code into a new security/ directory
Bug: v8:10391
Change-Id: Ia123d8034c4ade76c9843df5d947fdc4ee3d8e35
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3226337
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77454}
2021-10-19 12:00:34 +00:00
Benedikt Meurer
b141fedfed [inspector] Improve class name inference.
Previously having a `Symbol.toStringTag` property holding a string
somewhere in the prototype chain would always take predence over trying
to determine a reasonable name from the "constructor" (in case of
subclassing). This would lead to confusing behavior when diagnosing
objects in DevTools, for example

```js
class A extends URLSearchParams {};
new A()
```

would show `URLSearchParam` as class name for the instance rather than
`A`.

With this CL, we change the lookup logic to explicitly check for
`Symbol.toStringTag` and "constructor" along each step of the prototype
chain (skipping the "constructor" for the leaf object) and pick the
first one that yields a string (that is the function debug name in case
of "constructor").

Fixed: chromium:980018
Change-Id: Ic920b4bae02f965bc383c711f8de89c0de55fcac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3231078
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77453}
2021-10-19 11:40:06 +00:00
Hans Wennborg
1526103616 Fix Wbitwise-instead-of-logical warning
`a || b` only evaluates b if a is false. `a | b` always evaluates
both a and b. If a and b are of type bool, `||` is usually what you
want, so clang now warns on `|` where both arguments are of type bool.

In this case the difference isn't important, but || is more
conventional to express this

Bug: chromium:1255745
Change-Id: I8fb090abc9863f7db8761bddb1440613a49bc84b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3231077
Auto-Submit: Hans Wennborg <hans@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77452}
2021-10-19 10:29:44 +00:00
Peter Kasting
f6fd4969c9 Fix an unused variable warning in release builds.
Bug: chromium:1203071
Change-Id: I32481d9918aa4a86510570dfb4997f7645f0df23
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3226965
Auto-Submit: Peter Kasting <pkasting@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77451}
2021-10-19 10:21:25 +00:00
QiuJi
bd137b25af [riscv64][wasm-gc][liftoff] Reserve a stack slot for feedback
Port the rest part of 9d3c9d471f

The first part is at:
https://chromium-review.googlesource.com/c/v8/v8/+/3212059

Bug: v8:7748
Change-Id: I8b39deec2eee35511f56e826d92bf52e32a81daf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3226551
Reviewed-by: Yahan Lu <yahan@iscas.ac.cn>
Commit-Queue: Yahan Lu <yahan@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#77450}
2021-10-19 08:45:04 +00:00
Victor Gomes
db8a2914a7 [bazel] Adds unmarker.h
No-Try: true
Bug: v8:12324
Change-Id: I4d8ea351b0aecaad704a0d0aa2e67eff4ce5eff0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3226336
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77449}
2021-10-19 08:14:55 +00:00
Dominik Inführ
535242ff6e Reland "[heap] Attach to shared isolate after setting up main thread"
This is a reland of 929b83fb7b

This version of the CL also fixes initialization of the
marking_barrier_ in the LocalHeap constructor.

This CL also got rebased on Victor's CL in https://crrev.com/c/3229361.
It added a code_space_allocator_ in LocalHeap which needs to be
initialized a bit later on the main thread as well.

Original change's description:
> [heap] Attach to shared isolate after setting up main thread
>
> Attach to the shared isolate after the main thread was set up. Otherwise
> it could happen that a shared GC initiated from another isolate might
> see no threads are running and performs the safepoint operation in the
> middle of isolate deserialization.
>
> We use DisallowSafepoints to check that the isolate doesn't join a
> global safepoint before deserialization is complete. DisallowSafepoints
> used to prevent only invocations of Safepoint() but was updated to
> also prevent Park() and Unpark() invocations. Each state change could
> cause the thread to reach a safepoint, which would allow a shared GC
> to run.
>
> We now also DCHECK that every isolate has at least one local heap and
> that shared collections aren't started before deserialization is
> complete.
>
> Bug: v8:11708
> Change-Id: Iba3fb59dd951d5ee4fc9934158062287302fc279
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3221157
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Shu-yu Guo <syg@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77424}

Bug: v8:11708
Change-Id: I7d44e4a5f76cc09092c2444cede10e9331222c1d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229361
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77448}
2021-10-19 07:15:00 +00:00
Leszek Swirski
490f729270 Reland "[snapshot] Fix two stress_snapshot failures"
This is a reland of dca83ff7e7

Relanding without changes, looks like the bot that failed succeeded
again before the revert landed (https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN/38915/overview)

Original change's description:
> [snapshot] Fix two stress_snapshot failures
>
> 1. Stress snapshot discards code on SFIs, which breaks flushing
>    invariants. Add --stress-snapshot to those invariants.
> 2. Another test failing on IsScript, added it to the disabled list.
>
> Change-Id: Ic415923a9cc96d34b74f7450b29be99c1b53d077
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229375
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Auto-Submit: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77430}

Change-Id: I18fd290c3794d90addc2a94765d57a3ee3ceab86
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229563
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77447}
2021-10-19 06:17:33 +00:00
Yolanda Chen
83a58b70e6 [x64] Implement 256-bit assembly for v(p)broadcast*
Bug: v8:12228
Change-Id: I434b07e3d7a2e270dc7dd26950b9dd047eb46a56
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3219944
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Yolanda Chen <yolanda.chen@intel.com>
Cr-Commit-Position: refs/heads/main@{#77446}
2021-10-19 02:21:19 +00:00
Michael Lippautz
dfbd9edb87 cppgc-js: Make use of simple unmarker when young gen is enabled
Young generation collection requires that full GCs unmark before
starting marking.

Bug: v8:12324
Change-Id: Id6cc218057252cbf0664326126f34b07ac8ea247
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229570
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77445}
2021-10-18 21:35:01 +00:00
Shu-yu Guo
43633af0e3 [interpreter] Use fast paths again for object literals with spread cloning
[1] fixes the behavior of StaNamedOwnProperty to no longer do prototype
lookups. This lets us revert [2] and go back to using the fast path in
the clone spread object literal bytecode.

The test case from [2] is kept.

[1] https://chromium-review.googlesource.com/c/v8/v8/+/2795831
[2] https://chromium-review.googlesource.com/c/v8/v8/+/3178969

Bug: v8:9888, chromium:1251366
Change-Id: I9d2cb69b803c403f63365f55d27c4de20ff7dafb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3224666
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Patrick Thier <pthier@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77444}
2021-10-18 16:54:00 +00:00