Avoid data race when enabling flag with concurrent thread that reads
that flag as well.
Bug: v8:10315
Change-Id: I9eecc48e21b1070e8db444021264eec2784f5102
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2567697
Auto-Submit: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71528}
This reverts commit 064ee3c835.
Reason for revert: Causing blink_web_tests to fail on builder "WebKit Linux MSAN"
https://bugs.chromium.org/p/chromium/issues/detail?id=1153968
Original change's description:
> Reland "[wasm]: Use CancelAndDetach and barrier on BackgroundCompileJob."
>
> Reason for revert: Data race:
> https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20TSAN/34121
>
> It was assume that MockPlatform runs everything on 1 thread. However,
> MockPlatform::PostJob previously would schedule the job through
> TestPlatform, which eventually posts concurrent tasks, thus causing
> data race.
> Fix: Manually calling NewDefaultJobHandle and passing the MockPlatform
> ensures the jobs also run sequentially.
>
> Additional change:
> - CancelAndDetach is now called in ~CompilationStateImpl() to make sure
> it's called in sequence with ScheduleCompileJobForNewUnits
>
> Original CL description:
> To avoid keeping around a list of job handles, CancelAndDetach() is
> used in CancelCompilation. Dependency on WasmEngine is handled by a
> barrier that waits on all jobs to finish.
>
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2498659
> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Original-Commit-Position: refs/heads/master@{#71074}
> Change-Id: Ie9556f7f96f6fb9a61ada0e5cbd58d4fb4a0f571
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2559137
> Commit-Queue: Etienne Pierre-Doray <etiennep@chromium.org>
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71459}
TBR=ulan@chromium.org,jkummerow@chromium.org,ahaas@chromium.org,clemensb@chromium.org,etiennep@chromium.org
Bug: chromium:1153968, v8:11209, v8:11210, v8:11212
# Not skipping CQ checks because original CL landed > 1 day ago.
Change-Id: I2c8406bea81ee7cf6c5726c2fec50fffdce09611
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2566446
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71519}
This CL applies kSetOverflowToMin in TruncateFloat32ToInt32,
TruncateFloat32ToUint32, and TruncateFloat64ToInt64, allowing
EffectControlLinearizer to request truncating to INT32_MIN
or INT64_MIN in case of overflow.
Port: d4b29d7525
Bug: v8:11121
Change-Id: I1ef794e89641d0be6e9be9bdb99fd7737f465821
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2537417
Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Auto-Submit: Liu yu <liuyu@loongson.cn>
Cr-Commit-Position: refs/heads/master@{#71516}
The auto-generated inspector fuzzer corpus seed files will overwrite the
'utils' class by a proxy which provides non-existing functions.
See https://crrev.com/c/2563552.
R=szuend@chromium.org
Bug: chromium:1142437
Change-Id: If1e86617c4244f1b12fe007b5059b5a5f57454d5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2565127
Reviewed-by: Simon Zünd <szuend@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71515}
This reverts commit a69b7ef2ff.
Reason for revert: Broke msvc https://ci.chromium.org/p/v8/builders/ci/V8%20Win64%20-%20msvc/15975?
Original change's description:
> [wasm-simd][ia32] Prototype store lane
>
> Prototype v128.store{8,16,32,64}_lane on IA32.
>
> Drive by fix for wrong disassembly of movlps.
>
> Also added more test cases for StoreLane, test for more alignment and offset.
>
> Bug: v8:10975
> Change-Id: I0e16f1b5be824b6fc818d02d0fd84ebc0dff4174
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557068
> Commit-Queue: Zhi An Ng <zhin@chromium.org>
> Reviewed-by: Bill Budge <bbudge@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71511}
TBR=bbudge@chromium.org,zhin@chromium.org
Change-Id: Ic9386ea1254c1e0d9b42e92723b1a951fafe3a8b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10975
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2567315
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71512}
Prototype v128.store{8,16,32,64}_lane on IA32.
Drive by fix for wrong disassembly of movlps.
Also added more test cases for StoreLane, test for more alignment and offset.
Bug: v8:10975
Change-Id: I0e16f1b5be824b6fc818d02d0fd84ebc0dff4174
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557068
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71511}
This change completes the necessary API changes for import assertions
discussed in
https://docs.google.com/document/d/1yuXgNHSbTAPubT1Mg0JXp5uTrfirkvO1g5cHHCe-LmY.
The old ResolveCallback is deprecated and replaced with a
ResolveModuleCallback that includes import assertions. Until
ResolveCallback is removed, InstantiateModule and associated functions
are modified to accept both types of callback, using the new one if it
was supplied and the old one otherwise. An alternative that I chose not
to go with would be to just duplicate InstantiateModule and associated
functions for both callback types.
SyntheticModule::PrepareInstantiate's callback parameter was unused so I
removed it.
Bug: v8:10958
Change-Id: I8e9fbaf9c2853b076b13da02473fbbe039b9db57
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2551919
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Dan Clark <daniec@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#71506}
The streaming decoder computed the code section start from the passed
"offset". That offset is computed from the module offset *after* the
number of functions has been read. Hence 1 is subtracted, with the
comment:
// The offset passed to {ProcessCodeSectionHeader} is an error offset and
// not the start offset of a buffer. Therefore we need the -1 here.
That subtraction of 1 worked when the number of functions was encoded in
a 1-byte LEB, otherwise it was off.
This CL fixes the immediate issue of passing the right code offset. The
usage of the previously existing offset also seems wrong, and I will try
to clean that up in a follow-up CL.
R=ahaas@chromium.orgCC=szuend@chromium.org
Bug: chromium:1150303
Change-Id: I64bb2ececeb4749b7ba2096cd148ccb4079eca4f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2562383
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71503}
Since one of the latest Clang rolls, ASan builds on MacOS appear
to be using bigger stack frames, so reduce the maximum recursion
depth a bit in that configuration.
Fixed: v8:11176
Change-Id: I00942194a6c4d8046ec6abd24219912ebd153e57
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2563465
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71501}
ScopeInfo objects generally start with three fields: flags, parameter
count, and local variable count. But a single read-only ScopeInfo
instance has none of those fields. This is the empty ScopeInfo, which is
used for contexts that don't correspond to any scope (the native context
and contexts for builtin functions). Since there is only ever a single
instance of the empty ScopeInfo, the memory savings of omitting these
fields is trivial, and we can simplify logic somewhat by including them.
Rather than checking for length to be zero, this change introduces a new
flag indicating that a ScopeInfo instance is the empty one.
On its own, this change doesn't provide a whole lot of value. However,
it sets us up for two further improvements, which are consistent with
the goals outlined in [1]:
1. We should fully describe ScopeInfo fields in Torque. Getting rid of
the requirement to check for emptiness would substantially simplify the
indexed field expressions.
2. ScopeInfo shouldn't inherit from FixedArray, and shouldn't begin with
a `length` field when the length can be computed from the other fields.
This would save a small amount of heap memory and avoid any possibility
of a mismatch between the two ways of computing the length.
[1] https://docs.google.com/document/d/1tiGK7_lubxPHnInI2vscUwMHfadn8gIEa1apmI8HxR4/edit#heading=h.n63k76b3zfwa
Bug: v8:8952
Change-Id: I018127698a5d91fb2a91684bc3aec2e27ee27c41
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2561598
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#71500}
While working on C++ debug evaluate, we found that several builtins and
intrinsics aren't marked as side effect free, although they are clearly
side effect free, and that breaks the C++ side effect free evaluation.
- %DefineClass() and %TypedArray%.of(), and
- various WebAssembly getters ("buffer", "exports" and "length") as
well as the C++ functions for the debug proxy.
Also-By: pfaffe@chromium.org
Bug: chromium:1137514
Change-Id: Iebd333dc2014f1ad218908f64c9199c157dc08b5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2565135
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71498}
- Timeline.selection is now a Timeline as well
- Allow remove the current timeline-track selection by double-clicking
outside-the selection
- Update the timeline-track stats based on the current selection
- Simplify DOM element creation methods
- Add separate SelectionHandler class for timeline-track
Bug: v8:10644
Change-Id: I4f15d6ab4f5ec6b7330e22769472ca3074b00edd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2565130
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71497}
This is the 3rd step in a series of CLs to move the SharedFunctionInfo
class to kNeverSerialized and make it concurrently accessible from
the background thread. This CL:
* Adds synchronization to PrepareFunctionForDebugExecution
* Adds tests that mess with SharedFunctionInfo while it is accessed
by another thread.
Bug: v8:7790
Change-Id: I2200fc7b6e977cda4e1003cb83d6ff49b1f1e337
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2523318
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71495}
Safepoints encode which slots in a stack frame store references when a
function is called. Safepoints for normal function calls in Liftoff were
already implemented before. With this CL, a safepoint for the runtime
call in a stack check is emitted.
R=thibaudm@chromium.org, clemensb@chromium.org
Bug: v8:7581
Change-Id: Iacb8b15559502adb7622935edb0cfa7ca03d634e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2563266
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71494}
This is a reland of 4719dae1a4.
The "V8 Linux64 TSAN - stress-incremental-marking" bot adds the
--stress-incremental-marking flag for all variants, hence the SKIP in
the status file was not triggered. We just explicitly disable the
--stress-incremental-marking flag for the two new tests. This works for
the "stress_incremental_marking" variant as well as the specific bot.
Original change's description:
> [wasm][inspector][test] Add more tests for code offsets
>
> The code offsets are sometimes wrong when compiled with streaming
> compilation. Thus add more tests for synchronous, asynchronous, and
> streaming compilation. The reported code offsets should all match. This
> will be fixed in a follow-up CL.
>
> In order to make asynchronous WebAssembly compilation finish, the
> inspector-test executable needs to pump the message loop before waiting
> for new tasks to come in, just as other executables like d8.
> This is added in this CL, but because of another bug this is skipped in
> the stress-incremental-marking variant. Hence the new tests are also
> skipped there.
>
> R=szuend@chromium.org
> CC=ahaas@chromium.org
>
> Bug: chromium:1150303, v8:10748
> Change-Id: Ie1d63c8d6795e61627d838b7fa7b21e6728befc0
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2562382
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71483}
Bug: chromium:1150303
Bug: v8:10748
Change-Id: I9adb9fc0250fab5c43dc85b695f4d338a9c7183c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2565128
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71492}
When a function returns multiple result, we check the only the first
result. We correctly get the first return value from the interpreter
results, but did not handle the compiled code correctly, which returns a
JSArray.
Bug: chromium:1153406
Change-Id: I32198cea131cab18094fac3e66a44e976907773d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2562816
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71488}
This reverts commit 4719dae1a4.
Reason for revert: Timeouts with --stress-incremental-marking: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20stress-incremental-marking/1093
Original change's description:
> [wasm][inspector][test] Add more tests for code offsets
>
> The code offsets are sometimes wrong when compiled with streaming
> compilation. Thus add more tests for synchronous, asynchronous, and
> streaming compilation. The reported code offsets should all match. This
> will be fixed in a follow-up CL.
>
> In order to make asynchronous WebAssembly compilation finish, the
> inspector-test executable needs to pump the message loop before waiting
> for new tasks to come in, just as other executables like d8.
> This is added in this CL, but because of another bug this is skipped in
> the stress-incremental-marking variant. Hence the new tests are also
> skipped there.
>
> R=szuend@chromium.org
> CC=ahaas@chromium.org
>
> Bug: chromium:1150303, v8:10748
> Change-Id: Ie1d63c8d6795e61627d838b7fa7b21e6728befc0
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2562382
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71483}
TBR=ahaas@chromium.org,clemensb@chromium.org,szuend@chromium.org
Change-Id: Ia4361183bfafeca3cc7d71ffe12d0ec2b0722b49
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:1150303
Bug: v8:10748
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2565126
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71484}
The code offsets are sometimes wrong when compiled with streaming
compilation. Thus add more tests for synchronous, asynchronous, and
streaming compilation. The reported code offsets should all match. This
will be fixed in a follow-up CL.
In order to make asynchronous WebAssembly compilation finish, the
inspector-test executable needs to pump the message loop before waiting
for new tasks to come in, just as other executables like d8.
This is added in this CL, but because of another bug this is skipped in
the stress-incremental-marking variant. Hence the new tests are also
skipped there.
R=szuend@chromium.orgCC=ahaas@chromium.org
Bug: chromium:1150303, v8:10748
Change-Id: Ie1d63c8d6795e61627d838b7fa7b21e6728befc0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2562382
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71483}
With this change, there are const and mutable version of slices, in
analogy to const and mutable references, which we already have.
A const slice as a readonly view into memory, it doesn't mean that
nobody else has a writable view on it.
An array field in a Torque class produces const slices if it is declared
as const.
Due to limitations in the Torque type system, mutable slices are not
a subtype of const slices of the same type.
Bug: v8:7793
Change-Id: I1ba96e1ee82bf03b5fdc824488981f2a6b5eae8a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2560195
Reviewed-by: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71481}
The flags were added because scalar lowering was not implemented for the
instructions in the test. Now that scalar lowering is complete, we can
remove these flags.
Fixed: v8:11137
Change-Id: Ic7bdedbfe558fafebe98917fe4e6a7922203ba91
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2565078
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71474}
This is a reland of 21e479441e
The fix is in the encoding of vmov. Bit 23 (the U bit) should be 0,
whether the NeonDataType is NeonS32 or NeonU32. Also added a DCHECK
in the simulator to assert this.
Original change's description:
> [wasm-simd][arm] Prototype i64x2.bitmask
>
> Cleanup to simulator to remove repetitive logic to get instruction
> fields.
>
> Bug: v8:10997
> Change-Id: I01f0b99f85788b41e4cab505fc94362d637c396f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2554256
> Commit-Queue: Zhi An Ng <zhin@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Bill Budge <bbudge@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71391}
Bug: v8:10997
Change-Id: I93b5d2168a50446d4a3b487ad83d6af8ea9ba8ab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2558262
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71467}
Reason for revert: Data race:
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20TSAN/34121
It was assume that MockPlatform runs everything on 1 thread. However,
MockPlatform::PostJob previously would schedule the job through
TestPlatform, which eventually posts concurrent tasks, thus causing
data race.
Fix: Manually calling NewDefaultJobHandle and passing the MockPlatform
ensures the jobs also run sequentially.
Additional change:
- CancelAndDetach is now called in ~CompilationStateImpl() to make sure
it's called in sequence with ScheduleCompileJobForNewUnits
Original CL description:
To avoid keeping around a list of job handles, CancelAndDetach() is
used in CancelCompilation. Dependency on WasmEngine is handled by a
barrier that waits on all jobs to finish.
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2498659
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#71074}
Change-Id: Ie9556f7f96f6fb9a61ada0e5cbd58d4fb4a0f571
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2559137
Commit-Queue: Etienne Pierre-Doray <etiennep@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71459}
Remove TRACE_BACKGROUND_GC which was used to emit events on the
background thread. It is replaced by TRACE_GC1, which uses the ThreadKind
argument to work both on main and background threads.
This CL also removes the dedicated BackgroundScope enum, all scopes
are now in GCTracer::Scope.
Change-Id: Ie377082d6a278dd46f2fa359611fdd99a08afcea
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2560203
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71458}
cppgc_unittests uses tracing (e.g. when setting the TracingController in
tests.h) and thus needs to depend on v8_tracing. It cannot inherit the
dependency since the cppgc_unittests_sources v8_source_set doesn't
depend on cppgc.
Bug: v8:11203
Change-Id: I7227f696f841132f174435751a42a02ff865df26
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2563658
Auto-Submit: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71453}
This CL extends the TruncateFloat64ToInt64 machine operator with a
TruncateKind, allowing EffectControlLinearizer to request truncating
to INT64_MIN in case of overflow. The CL adds the necessary low-level
support when generating code for kArm64Float64ToInt64. It also enables
relevant tests as part of the fast API call suite.
Bug: v8:11121
Change-Id: I0cb9964cc3c2ff49e6b0bbfe4a20f280e4aab337
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2560718
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71449}
Currently MockPlatform has shorter lifetime than the isolate that uses
it. Creating isolate before MockPlatform leads to races in concurrent
tasks that were scheduled before the MockPlatform replaced the default
TestPlatform. This caused issues after landing
https://chromium-review.googlesource.com/c/v8/v8/+/2561198
This CL ensures that MockPlatform is valid throughout the whole
lifetime of the isolate
Bug: v8:11198
Change-Id: I79f82712165d1f1fbe0fe9af68aedf126e54b241
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2562121
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Etienne Pierre-Doray <etiennep@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71443}
This specific case was not implemented or tested before. Implementing it
actually simplifies some of the existing logic, since StepOut can now
reuse the generic logic in debug.cc for all cases (Wasm->Wasm, Wasm->JS,
JS->Wasm).
Drive-by:
1) Fix typo ("skip" -> "step").
2) Move the check for Liftoff code from debug.cc to wasm-debug.cc, where
it fits better.
3) Remove a TODO which is done already.
R=thibaudm@chromium.org, szuend@chromium.org
Bug: chromium:1145176
Change-Id: I415ca1d8bacef5b21bf1dafd9e16417ec2d12c7c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2560719
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71428}
Scopes in V8 are used to guarantee one or more properties during its
lifetimes. If a scope is not named e.g MyClassScope(args) instead of
MyClassScope scope(args) it will get created and automatically destroyed
and therefore, being useless as a scope. This CL would produce a
compiling warning when that happens to ward off this developer error.
Follow-up to ccrev.com/2552415 in which it was introduced and
implemented for Guard classes.
Change-Id: Ifa0fb89cc3d9bdcdee0fd8150a2618af5ef45cbf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2555001
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71425}
Fixed: chromium:1151890
Change-Id: I26f5c76494a9ff3f5a141f381e1c9a543e368571
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2561618
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71422}
Both sample are essentially the same up to string constants since
cppgc's default platform started using libplatform.
The only diff between the sample is whether we call
v8::V8::IntializePlatform or cppgc::InitializeProcess.
Drive-by: replace CPPGC_BUILD_IN_V8 with CPPGC_IS_STANDALONE which is
more descriptive.
Bug: chromium:1056170
Change-Id: I8fdeb59c3345af77f1bccd8b93255ab39b4d3181
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557516
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71421}
Function tables have been removed from the scope object in
https://crrev.com/c/2507696, hence the code for printing them is dead
now.
R=bmeurer@chromium.org
Change-Id: Ib36fb314ae54468239737f100a6594d8d2031218
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557982
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71412}
After preparing Liftoff, TurboFan, and the interpreter for this change,
we now store the memory offset as uint64_t. {LoadLane} and {StoreLane}
were added after the TurboFan refactoring, so those two are adapted
similar to the other memory operations.
TBR=manoskouk@chromium.org
Bug: v8:10949
Cq-Include-Trybots: luci.v8.try:v8_win64_msvc_rel_ng
Change-Id: I8f3084c21a7d99f72df1bc18c2b507c4e84570cd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2560720
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71411}
Refactor write barriers and split calls, as e.g. DijkstraWriteBarrier
also contained logic for recording slots (cards) for the young
generation.
The new API exposes the following:
- GetWriteBarrierType(): Retrieving the type of barrier that must be
emitted;
- DijkstraWriteBarrier(), DijkstraWriteBarrierRange(): Dijkstra-style
write barriers;
- SteeleWriteBarrier(): Steele-style write barrier;
- GenerationalBarrier(): Barrier for recording slots when using
multiple generations;
Compilers running with -O3 optimize the DijkstraWriteBarrierPolicy
down to the same instructions as before the split.
Change-Id: If68839cc6357b2f568986c9ce8ca753b1e96a70a
Bug: chromium:1056170
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557514
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71407}
In the generic wrapper we popped the wrong number of parameters off the
stack. We always popped the number of parameters needed by the generic
wrapper, according to the signature. The correct number though is
max(parameters provide, parameters needed).
R=victorgomes@chromium.org, thibaudm@chromium.orgCC=vkont@google.com
Bug: v8:10982
Change-Id: If9b8d4dbe093eb6df08ddf9f3594d5c60b9be33f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2558317
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71406}
Pass the Isolate/LocalIsolate through to StringTable matchers and
WriteToFlat, so avoid having to get the Isolate via the String, and to
avoid locking on the main thread entirely. This allows us to remove the
String overload of the SharedStringAccessGuardIfNeeded constructor
entirely, to avoid this anti-pattern in the future.
Bug: chromium:1146972
Change-Id: I53bba126b105e1c9629d6e64d8bb574e62e3ad45
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557988
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71398}
Port 3836aeb039
Original Commit Message:
Apart from removing Min and Max (utils.h), this is mostly a renaming.
In a few cases I had to add a cast. In a bunch of cases I had to use
initializer lists to force call-by-value for static member constants
because call-by-reference wouldn't compile (like in the previous CL).
In a few places I used initializer lists in place of nested min/max
operations.
R=neis@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N
Change-Id: Iecb43c19b8e16721e942553d7d811daf74bedc02
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557570
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71396}
Prototype v128.load{8,16,32,64}_lane on IA32 (stores will come later).
This is pretty similar to x64 version, except that there is no signal
handler for OOB access, so kProtected is not a valid access mode.
Left some TODOs for myself to merge the new instruction codes
(kIA32Pinsrb) with the replace lane Wasm instructions.
Bug: v8:10975
Change-Id: I5c9f9a45e2e7f06e8fab4a28cdfe1857ccc35880
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557063
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71394}
Cleanup to simulator to remove repetitive logic to get instruction
fields.
Bug: v8:10997
Change-Id: I01f0b99f85788b41e4cab505fc94362d637c396f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2554256
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71391}