AuroraMiddleware/v8 - v8 - Gitea: Git with a cup of tea

Author	SHA1	Message	Date
Lu Yahan	a4f8bb5939	[riscv64] Fix name ambiguous Change-Id: I30042811cec8fc2821b7a240c2f8b4e748f437e1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3673913 Reviewed-by: ji qiu <qiuji@iscas.ac.cn> Auto-Submit: Yahan Lu <yahan@iscas.ac.cn> Commit-Queue: ji qiu <qiuji@iscas.ac.cn> Cr-Commit-Position: refs/heads/main@{#80794}	2022-05-30 01:34:06 +00:00
Frank Tang	c61c73ad0d	[Temporal] Add toJSON and non-intl version ot toLocaleString to PlainDateTime Implement AO: TemporalDateTimeToString Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaindatetime.prototype.tojson https://tc39.es/proposal-temporal/#sec-temporal.plaindatetime.prototype.tolocalestring https://tc39.es/proposal-temporal/#sec-temporal-temporaldatetimetostring Bug: v8:11544 Change-Id: I170fa13822d87cfd668bd4cd8df50476f00c86f8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3672001 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80793}	2022-05-28 19:17:45 +00:00
Frank Tang	8ea33c9f54	[Temporal] Add PlainTime toString and non-intl toLocaleString Also implement AOs: ToTemporalRoundingMode, ToSmallestTemporalUnit, RoundNumberToIncrement, RoundTime, ToSecondsStringPrecision Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaintime.prototype.tostring https://tc39.es/proposal-temporal/#sec-temporal.plaintime.prototype.tolocalestring https://tc39.es/proposal-temporal/#sec-temporal-totemporalroundingmode https://tc39.es/proposal-temporal/#sec-temporal-tosmallesttemporalunit https://tc39.es/proposal-temporal/#sec-temporal-roundnumbertoincrement https://tc39.es/proposal-temporal/#sec-temporal-roundtime https://tc39.es/proposal-temporal/#sec-temporal-tosecondsstringprecision Bug: v8:11544 Change-Id: I47ea27e966232e89bab48bf15a48c2c00ce5e160 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3665937 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80792}	2022-05-28 19:05:25 +00:00
Shu-yu Guo	60e02cfb0c	Revert "[shared-struct] Add Atomics.Mutex" This reverts commit `ea9a1f1cbe`. Reason for revert: arm64 pointer alignment issue https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket/8812962856609920785/+/u/Check/mutex-workers Original change's description: > [shared-struct] Add Atomics.Mutex > > This CL adds a moving GC-safe, JS-exposed mutex behind the > --harmony-struct flag. It uses a ParkingLot-inspired algorithm and > each mutex manages its own waiter queue. > > For more details, please see the design doc: https://docs.google.com/document/d/1QHkmiTF770GKxtoP-VQ1eKF42MpedLUeqiQPfCqus0Y/edit?usp=sharing > > Bug: v8:12547 > Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng > Change-Id: Ic58f8750d2e14ecd573173d17d5235a136bedef9 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3595460 > Commit-Queue: Shu-yu Guo <syg@chromium.org> > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> > Reviewed-by: Adam Klein <adamk@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80789} Bug: v8:12547 Change-Id: I226e16b743dc4b157fac33a9cbabab4d72cf290b Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3673353 Owners-Override: Shu-yu Guo <syg@chromium.org> Auto-Submit: Shu-yu Guo <syg@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#80790}	2022-05-28 01:31:54 +00:00
Shu-yu Guo	ea9a1f1cbe	[shared-struct] Add Atomics.Mutex This CL adds a moving GC-safe, JS-exposed mutex behind the --harmony-struct flag. It uses a ParkingLot-inspired algorithm and each mutex manages its own waiter queue. For more details, please see the design doc: https://docs.google.com/document/d/1QHkmiTF770GKxtoP-VQ1eKF42MpedLUeqiQPfCqus0Y/edit?usp=sharing Bug: v8:12547 Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng Change-Id: Ic58f8750d2e14ecd573173d17d5235a136bedef9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3595460 Commit-Queue: Shu-yu Guo <syg@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80789}	2022-05-28 01:04:34 +00:00
Frank Tang	6fdea7b040	[Temporal] Add ZonedDateTime to(Instant\|Plain(Date)?(Time)?) Also change some AO's return type from MaybeHandle to Handle and call ToHandleChecked() on the right spot. Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.toinstant https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.toplaindate https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.toplaintime https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.toplaindatetime Bug: v8:11544 Change-Id: I140b6a7053d00837bc48fb70980d69778715c0c9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3385603 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80788}	2022-05-27 23:03:08 +00:00
Frank Tang	e85a0243ce	[Temporal] Add PlainDate(Time)?.(compare\|prototype.equals) Also add AO CalendarEquals, CompareISODateTime Remove Isolate from CompareISODate argument Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaindate.compare https://tc39.es/proposal-temporal/#sec-temporal.plaindate.prototype.equals https://tc39.es/proposal-temporal/#sec-temporal.plaindatetime.compare https://tc39.es/proposal-temporal/#sec-temporal.plaindatetime.prototype.equals https://tc39.es/proposal-temporal/#sec-temporal-calendarequals https://tc39.es/proposal-temporal/#sec-temporal-compareisodatetime Bug: v8:11544 Change-Id: I5505c7923e3c1f76d44e292135b489ea20fbf13c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3534458 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80787}	2022-05-27 23:02:04 +00:00
Shu-yu Guo	978506c3e2	[change-array-by-copy] Refactor ConvertToRelativeIndex This refactors ConvertToRelativeIndex into a clamping version and a version that takes OOB labels for the upcoming implementation of Array#with and TypedArray#with. Also gets rid of the the "to" in the name, because these macros are actually converting _from_ a relative index to an absolute one, not the other way around. Bug: v8:12764 Change-Id: I8bf1c16ce73008164acbd6b849f4259fb9315274 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3669655 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#80786}	2022-05-27 21:13:14 +00:00
Shu-yu Guo	5299e11bda	[change-array-by-copy] Add RAB/GSAB tests for toReversed Bug: v8:12764 Change-Id: I51130143494e6442b335660d2fdcbc75f289fd92 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3671759 Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#80785}	2022-05-27 21:00:34 +00:00
Frank Tang	17087937da	[Temporal] Add Plain(YearMonth\|MonthDay).prototype.toPlainDate Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plainyearmonth.prototype.toplaindate https://tc39.es/proposal-temporal/#sec-temporal.plainmonthday.prototype.toplaindate Bug: v8:11544 Change-Id: I506efe3fa3685f621596fa34301a73d8c57ded38 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3566114 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80783}	2022-05-27 17:32:24 +00:00
Manos Koukoutos	ae2c0b1dd2	[wasm][turbofan] Annotate nodes with wasm types We introduce wasm types to Turbofan. They are represented by a new subtype of {TypeBase}. Types are attached to nodes during graph generation, as nodes are assigned to wasm values. Therefore, phi nodes corresponding to merges are not typed. Missing types will be computed, and assigned types will be narrowed as much as possible, in a retyping phase that will be introduced later. Bug: v8:7748 Change-Id: I943559cf1d512edfab3bb2d22f8748c072cb1911 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3660248 Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80778}	2022-05-27 11:25:53 +00:00
Leszek Swirski	38a0bf1e79	Revert "[ic] Shadow smi_handler on LoadHandler to always be Smi" This reverts commit `5f0e7dd44f`. Reason for revert: Turns out this isn't true: https://source.chromium.org/chromium/chromium/src/+/main:v8/src/ic/ic.cc;l=946 Original change's description: > [ic] Shadow smi_handler on LoadHandler to always be Smi > > StoreHandlers can store either a Code object or a Smi, so the > smi_handler field on DataHandler is a Code\|Smi. But, LoadHandlers can > only store Smis here so add a shadowing smi_handler definition which > only allows / returns Smis. > > Change-Id: Icc1c508db268950990b9c84b9e682b9a9b1f43e5 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663745 > Commit-Queue: Igor Sheludko <ishell@chromium.org> > Auto-Submit: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80775} Change-Id: Ia2c14141ab5929be3ded883f0cecb40645a72dfd No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3672419 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Owners-Override: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80776}	2022-05-27 09:51:14 +00:00
Leszek Swirski	5f0e7dd44f	[ic] Shadow smi_handler on LoadHandler to always be Smi StoreHandlers can store either a Code object or a Smi, so the smi_handler field on DataHandler is a Code\|Smi. But, LoadHandlers can only store Smis here so add a shadowing smi_handler definition which only allows / returns Smis. Change-Id: Icc1c508db268950990b9c84b9e682b9a9b1f43e5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663745 Commit-Queue: Igor Sheludko <ishell@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#80775}	2022-05-27 09:47:35 +00:00
Thibaud Michaud	3065af5325	[codegen] Fuzz gap resolver with codegen The cctest test-code-generator/FuzzAssembleMove fuzzes codegen for a random list of sequential moves by simulating the moves on a FixedArray, and comparing the result to the output of the generated code. Add a variant of this test that resolves parallel moves first, to also test integration with the gap resolver. Bug: chromium:1313647 Change-Id: I02f385a957dafc89d91a4ab2216e0ac72147536d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3660252 Reviewed-by: Darius Mercadier <dmercadier@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#80774}	2022-05-27 09:36:13 +00:00
Leszek Swirski	9ed9dff9dd	Revert "[builtins] use SIMD IndexOf/includes on large arrays" This reverts commit `ab76ffc8bd`. Reason for revert: Breaks on UBSan: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/21444/overview Original change's description: > [builtins] use SIMD IndexOf/includes on large arrays > > Change-Id: If751e813c7f45a4d18b84e8c0314a54c84894d61 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3639203 > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Commit-Queue: Darius Mercadier <dmercadier@chromium.org> > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80771} Change-Id: I62dd4249df122af567680cbaa18deb3c9ed44c90 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3672416 Owners-Override: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80773}	2022-05-27 09:17:44 +00:00
Darius M	ab76ffc8bd	[builtins] use SIMD IndexOf/includes on large arrays Change-Id: If751e813c7f45a4d18b84e8c0314a54c84894d61 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3639203 Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Darius Mercadier <dmercadier@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#80771}	2022-05-27 08:40:25 +00:00
Frank Tang	4ad4ba1dff	[Temporal] Add Plain(Date)?Time.prototype.with Refactor ToTemporalTimeRecord to a new routine ToTemporalTimeRecordOrPartialTime to share code with ToPartilTime Change the return type of ToTemporalTimeRecord, RegulateTime Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaintime.prototype.with https://tc39.es/proposal-temporal/#sec-temporal.plaindatetime.prototype.with https://tc39.es/proposal-temporal/#sec-temporal-topartialtime Bug: v8:11544 Change-Id: I214147f497a405ee48e264833c7c0b9401596c01 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3665269 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80769}	2022-05-27 04:00:13 +00:00
QiuJi	ee6c6a2f1c	[riscv64] Using SystemPointerSize to index address for PrologueFillFrame Also remove useless comment in test-assembler-riscv64 Change-Id: I28451386449f15542b02383d8bf1aa9c4539469c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3669660 Auto-Submit: ji qiu <qiuji@iscas.ac.cn> Reviewed-by: Yahan Lu <yahan@iscas.ac.cn> Commit-Queue: Yahan Lu <yahan@iscas.ac.cn> Cr-Commit-Position: refs/heads/main@{#80768}	2022-05-27 03:35:03 +00:00
Frank Tang	86a219d9c9	[Temporal] Add Duration.prototype.with Also add AO: ToPartialDuration Spec Text: https://tc39.es/proposal-temporal/#sec-temporal-topartialduration https://tc39.es/proposal-temporal/#sec-temporal.duration.prototype.with Bug: v8:11544 Change-Id: I43282f5285a3c884229445547add6db2cde4fbe4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3380102 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80767}	2022-05-27 00:53:03 +00:00
Adam Klein	2c2280554e	Enable mjsunit/wasm/shared-memory-worker-gc This test had been skipped since it was added in `4a416dbbe1`. Bug: v8:9380 Change-Id: I700f83fa4242baf44dd260fbc74520abf05101dd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3670052 Commit-Queue: Adam Klein <adamk@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/main@{#80766}	2022-05-26 22:19:29 +00:00
Frank Tang	1b13172df3	[Temporal] Add PlainDateTime.prototype.withPlainDate Also add AO: ConsolidateCalendars Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaindatetime.prototype.withplaindate https://tc39.es/proposal-temporal/#sec-temporal-consolidatecalendars Bug: v8:11544 Change-Id: I98084f7cc92a837f6401a88ad10389a7c5df8b3d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3563541 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80764}	2022-05-26 20:42:09 +00:00
Manos Koukoutos	66d3d28149	[wasm-gc] Improve array allocation We inline array allocation for wasm-gc in the TF graph by using AllocateRaw nodes. Additionally, we use memset to initialize large, zero-initialized arrays. These changes give measurable speedup in some benchmarks. Bug: v8:7748 Change-Id: Icbd37d0fe673c673379139b96d0e1c175e95e357 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3666618 Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80762}	2022-05-26 17:19:19 +00:00
Frank Tang	cc8b442773	[Temporal] Add PlainTime.prototype.toPlainDateTime Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaintime.prototype.toplaindatetime Bug: v8:11544 Change-Id: I95bab9814471bb9347101d654f6dc902159f8fe3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3538670 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80757}	2022-05-26 04:45:19 +00:00
Frank Tang	600cebb4d0	[Temporal] Add Date.prototype.toTemporalInstant Spec Text: https://tc39.es/proposal-temporal/#sec-date.prototype.totemporalinstant Bug: v8:11544 Change-Id: I65315152333291f76edc05cc41a528912a185d02 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3609214 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80755}	2022-05-25 18:20:10 +00:00
Frank Tang	06d61bd575	[Temporal] Add ZonedDateTime.prototype.startOfDay Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.startofday Bug: v8:11544 Change-Id: I475e03fa9ba43290896a906524414cfbddd1f7bb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3385610 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80754}	2022-05-25 18:19:08 +00:00
Manos Koukoutos	fe44d70604	[test] Skip failing test Bug: v8:12907 Change-Id: I8a6da86b4c88b5cfcc9bbb349841c422ac81b64e No-Tree-Checks: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3667082 Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#80751}	2022-05-25 15:04:47 +00:00
Andy Wingo	e4941131f1	[stringrefs] Implement string.new_wtf8 Bug: v8:12868 Also adds the equivalent of Utf8Decoder, but for WTF-8. Change-Id: I1548a44b0aea912cdd429eb85be4dfc606355cad Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3660257 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Andy Wingo <wingo@igalia.com> Cr-Commit-Position: refs/heads/main@{#80750}	2022-05-25 14:38:38 +00:00
Maya Lekova	5480e036d2	[megadom] Add TF inlining for Megadom The generated code checks if the receiver is a JS_API_OBJECT and if the receiver requires an access check, and if not it lowers the call to an API call. We also add compilation dependencies on the protector cell to deopt if our invariants change. (Note - the actual invalidation of these cells will be implemented in a follow up CL) Bug: v8:11321 Change-Id: I15722f1e5fac7176e292da4a35186e4609636aba Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2719563 Commit-Queue: Maya Lekova <mslekova@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#80748}	2022-05-25 14:07:01 +00:00
Anton Bikineev	51d2256b8a	cppgc: Conservatively scan compressed pointers Due to collections with inlined storage, Oilpan still supports on-stack Members, which are always compressed if pointer compression is enabled. This CL scans halfwords (together with full words) on stack to find potential pointers. Since on-heap pointers can only be compressed and in-construction objects always reside on heap, only halfwords need to be scanned for them. The alternative potential followup approaches: 1) Use a separate uncompressed type for pointer in inlined collections; 2) Dynamically register regions of stack containing compressed pointers. Bug: chromium:1325007 Change-Id: Ia706fd8e7383d30aff11f4014faa9edd3d289a55 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644959 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#80747}	2022-05-25 14:04:41 +00:00
Seth Brenith	d21b37d3f2	Revert several changes that caused performance regressions This change reverts the following: `400b2cc2c6` Don't rescue old top-level SharedFunctionInfos Reviewed on https://chromium-review.googlesource.com/c/v8/v8/+/3657472 `16a7150bae` Reland "Disable recompilation of existing Scripts from Isolate compilation cache" Reviewed on https://chromium-review.googlesource.com/c/v8/v8/+/3655011 `2df4d58a9e` Fix rehashing of script compilation cache Reviewed on https://chromium-review.googlesource.com/c/v8/v8/+/3654413 `c8848cf493` Refactor CompilationSubCache Reviewed on https://chromium-review.googlesource.com/c/v8/v8/+/3629603 `2507217839` Improve Script reuse in isolate compilation cache, part 1 Reviewed on https://chromium-review.googlesource.com/c/v8/v8/+/3597106 Bug: v8:12808, chromium:1325566, chromium:1325567, chromium:1325601, chromium:1328671, chromium:1328672, chromium:1328678, chromium:1328811, chromium:1328810 Change-Id: I1d318dc172e5214166d3b15f19903186f4fe6024 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3664023 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80744}	2022-05-25 12:11:28 +00:00
Simon Zünd	50f84564b4	[inspector] Reset the async task stack when resetting the context group This CL fixes an issue with async stacks. The async task stack is not torn down between page navigations or reloads. The result is that any new async tasks are stacked on top of the old pages async task stack. This was not prominent until now for two reasons: 1) Async tasks created in blink are always finished as long as destructors have time to run. 2) When V8 is terminated while running the micro task queue also all async tasks created for Promises (including `await`) are cleaned up properly. Introducing the stack tagging API made it more common for having unfinished async tasks open outside the MTQ, which left the async task stack non-empty during navigation. This CL fixes this problem by clearing out all the async task and async stack data structures for a context group when that context group is reset. R=bmeurer@chromium.org, victorporof@chromium.org Fixed: chromium:1328785 Change-Id: Iee0c3c4a55f66e643829dae3726dc03c735da1dd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3666620 Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/main@{#80741}	2022-05-25 10:51:23 +00:00
Darius M	702f0ff111	[compiler] Inline Array.prototype.at in JSCallReducer Bug: v8:12865 Change-Id: I539a5b0a9c3c78ef9a767de75b71dd06de337d9a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647351 Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Darius Mercadier <dmercadier@chromium.org> Cr-Commit-Position: refs/heads/main@{#80740}	2022-05-25 10:01:03 +00:00
Simon Zünd	9e27dbca79	[debug] Fix crash when live editing unused inner functions This CL fixes a wrong assumption in the LiveEdit machinery. Namely the assumption that every FunctionLiteral the parser finds, will have a corresponding SFI created by the compiler. This assumption does not hold in all cases. Inner functions that are never referenced by the outer function don't get an SFI. R=bmeurer@chromium.org Fixed: chromium:1328453 Change-Id: I674f023f948954c1fcae04a4aa2afb69ea1642aa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663443 Commit-Queue: Simon Zünd <szuend@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/main@{#80735}	2022-05-25 07:51:03 +00:00
Frank Tang	3ba8390cb9	[Temporal] Add PlainTime.(compare\|prototype.equals) Also add AO: CompareTemporalTime Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaintime.compare https://tc39.es/proposal-temporal/#sec-temporal.plaintime.prototype.equals https://tc39.es/proposal-temporal/#sec-temporal-comparetemporaltime Bug: v8:11544 Change-Id: I8e2a320c2e296558e1fb15ef6e855e6b6a14ece2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3538669 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80732}	2022-05-25 03:10:23 +00:00
Frank Tang	702f874a3b	[Temporal] Add PlainDateTime.prototype.toPlain(Date\|Time) Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaindatetime.prototype.toplaindate https://tc39.es/proposal-temporal/#sec-temporal.plaindatetime.prototype.toplaintime Bug: v8:11544 Change-Id: Ifb7115823d1d3d1ff53806f1b376d69302e00ae1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3385761 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80731}	2022-05-25 01:17:21 +00:00
Frank Tang	38e56036dd	[Temporal] Add PlainTime.prototype.toZonedDateTime Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaintime.prototype.tozoneddatetime Bug: v8:11544 Change-Id: I147b1d21b4728520c5667a30548ec77f71d7445a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3554456 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80730}	2022-05-24 22:10:12 +00:00
Patrick Thier	9964283126	Re-enable shared-memory tests under tsan/stress_incremental_marking The underlying issue was fixed with https://crrev.com/c/3660258 Bug: v8:12883 Change-Id: If7a1fdaf122396396cfbaaae3a68ef89bafc1703 Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663342 Auto-Submit: Patrick Thier <pthier@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#80728}	2022-05-24 18:05:03 +00:00
Peter Kasting	db24d136fb	C++20 fixes. Math between disparate enums is deprecated. Use constexprs instead. This requires switching some caller code to work with the new non-enum constants also. Bug: chromium:1284275 Change-Id: Ifb3c8757ed62e2a0966120f830f0a7e282b53a16 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3661148 Auto-Submit: Peter Kasting <pkasting@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Peter Kasting <pkasting@chromium.org> Cr-Commit-Position: refs/heads/main@{#80722}	2022-05-24 13:58:20 +00:00
Dominik Inführ	3674876cd6	[heap] Fix test failure with disabled map space Fix failing tests with --no-use-map-space enabled. Bug: v8:12578 Change-Id: I121b0d22cd69e76b6c5c02d1f83a166af0610b83 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663343 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#80717}	2022-05-24 12:31:51 +00:00
jameslahm	560ce080fe	[test] split websnapshot tests to avoid ... timeout in the big websnapshot tests. Bug: v8:12891 Change-Id: I7837ba985f835e20af294ea0206dfafb5def7619 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3660705 Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80713}	2022-05-24 09:57:58 +00:00
Solomon Kinard	ab2aa72dc7	v8: Copyright: Remove extra slashes Change-Id: I924a2b4dc4ab5e7be22fd2a9a1084473ba65fc35 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3651039 Reviewed-by: Hannes Payer <hpayer@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80711}	2022-05-24 09:40:28 +00:00
Frank Tang	fc50b033e3	[Temporal] Add PlainDate.prototype.toZonedDateTime Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaindate.prototype.tozoneddatetime Bug: v8:11544 Change-Id: I758e46efdc33cfc3f336e5c595a402123ae6c485 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3535920 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80709}	2022-05-24 07:54:30 +00:00
Frank Tang	8516c9bed5	[Temporal] Add Plain(Date\|YearMonth\|MonthDay).prototype.with Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaindate.prototype.with https://tc39.es/proposal-temporal/#sec-temporal.plainyearmonth.prototype.with https://tc39.es/proposal-temporal/#sec-temporal.plainmonthday.prototype.with Bug: v8:11544 Change-Id: I311d6246646ce18503804352bc95a374af3d8c6e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3565014 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80708}	2022-05-24 06:04:35 +00:00
Frank Tang	a663b1ff66	[Temporal] Add PlainDate toPlainDateTime Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaindate.prototype.toplaindatetime Bug: v8:11544 Change-Id: Ie86a5d8a2f1206a44d0e74638392ae26e0f8e900 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3534454 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80707}	2022-05-24 05:13:47 +00:00
Frank Tang	3c53e9adae	[Temporal] Add PlainDateTime.prototype.withPlainTime Spec text: https://tc39.es/proposal-temporal/#sec-temporal.plaindatetime.prototype.withplaintime Bug: v8:11544 Change-Id: I5277fb88675bb6d99b028a289329db06b95cc003 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3565026 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80706}	2022-05-24 05:11:48 +00:00
Frank Tang	2fc37ae5e2	[Temporal] Syntax error if DateExtendedYear is -000000 Sync to PR2036 https://github.com/tc39/proposal-temporal/pull/2036 Treat -000000 in DateExtendedYear as syntax error Bug: v8:11544 Change-Id: I8cf7a506e85ad2b74d572142d646f3f98cd8bffa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3633620 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#80705}	2022-05-24 04:58:31 +00:00
Shu-yu Guo	116e6a528d	[change-array-by-copy] Implement toReversed Bug: v8:12764 Change-Id: I7e76647be838749b723400914b144b9ec2a27cd7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3656520 Commit-Queue: Shu-yu Guo <syg@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80703}	2022-05-24 00:57:21 +00:00
Deepti Gandluri	37569a5a99	[wasm-relaxed-simd] Enable relaxed Swizzle on Arm/Arm64 Also remove the SKIP statement for relaxed min/max tests Bug: v8:12284 Change-Id: Iff67fe2a1c281295f237fbb95a9a36da668f27e1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3651530 Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/main@{#80701}	2022-05-23 20:24:27 +00:00
Joyee Cheung	bb98b38735	[ic] handle access check for private names Previously the LookupIterator ignores private symbols (including private names) for the access check. This patch removes these exceptions so that they are always checked. Drive-by: removes the unused should_throw parameter in Runtime::DefineObjectOwnProperty() Bug: chromium:1321899 Change-Id: I9677b1e377f01d966daa1603eee1ed9535ffab92 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3623419 Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Joyee Cheung <joyee@igalia.com> Cr-Commit-Position: refs/heads/main@{#80700}	2022-05-23 18:30:07 +00:00
Leszek Swirski	9ec29a4428	[maglev] Implement BranchIfInt32Compare Add an implementation of BranchIfInt32Compare, which is emitted whenever a compare op is immediately followed by a branch. Bug: v8:7700 Change-Id: I2c56d9de199bac8de33b33201f8614aee8e9894e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647693 Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80694}	2022-05-23 11:40:57 +00:00
Frank Tang	05f3596f80	[Temporal] Add PlainDateTime.prototype.toZonedDateTime Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaindatetime.prototype.tozoneddatetime Bug: v8:11544 Change-Id: Ic4464e6d4521fb7e006164933df4f38c5d3115b1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3554666 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80685}	2022-05-21 01:38:55 +00:00
Frank Tang	a90169d304	[Temporal] Add Instant.prototype.toZonedDateTime(ISO)? Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.instant.prototype.tozoneddatetime https://tc39.es/proposal-temporal/#sec-temporal.instant.prototype.tozoneddatetimeiso Bug: v8:11544 Change-Id: I452dfbf027e5d58edde9f9691519204ff29d8082 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3382058 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80684}	2022-05-21 01:30:26 +00:00
Frank Tang	4cf301722c	[Temporal] Add PlainYearMonth.from Also Add AOs: ToTemporalYearMonth, YearMonthFromFields, ParseTemporalYearMonthString Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plainyearmonth.from https://tc39.es/proposal-temporal/#sec-temporal-totemporalyearmonth https://tc39.es/proposal-temporal/#sec-temporal-parsetemporalyearmonthstring https://tc39.es/proposal-temporal/#sec-temporal-yearmonthfromfields Bug: v8:11544 Change-Id: I04b30a4159142a996c765c542f19e66bee593e4e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3538666 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80683}	2022-05-21 01:19:45 +00:00
Frank Tang	9473a5e987	[Temporal] Add toJSON to PlainTime Bug: v8:11544 Change-Id: Iaf440009b2abdf9e90de3ed0e6e02eb35060a65b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3437889 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80682}	2022-05-21 01:14:05 +00:00
Frank Tang	db2dc63535	[Temporal] Add ZonedDateTime.prototype.withPlainTime Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.withplaintime Bug: v8:11544 Change-Id: I1c35c1105c9f2cc051d3b17718f52170fbee2a5f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3565027 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80681}	2022-05-21 01:04:45 +00:00
Frank Tang	a2f22f4355	[Temporal] Add PlainDate(Time)? toPlainMonth Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaindate.prototype.toplainmonthday https://tc39.es/proposal-temporal/#sec-temporal.plaindate.prototype.toplainyearmonth https://tc39.es/proposal-temporal/#sec-temporal.plaindatetime.prototype.toplainyearmonth https://tc39.es/proposal-temporal/#sec-temporal.plaindatetime.prototype.toplainmonthday Bug: v8:11544 Change-Id: Ia97de3b4dde183ae4ee514deb4d13da5d5ff9bae Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3534451 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80680}	2022-05-21 00:26:07 +00:00
Frank Tang	71fb98092b	[Temporal] Add ZonedDateTime.prototype.* forward to calendar Implement the following methods of ZonedDateTime year, month, monthCode, day, dayOfWeek, dayOfYear, weekOfYear, daysInWeek, daysInMonth, daysInYear, monthsInYear, inLeapYear, era, eraYear Also implement corresponding AOs (CalendarXXX). Spec Text: https://tc39.es/proposal-temporal/#sec-get-temporal.zoneddatetime.prototype.year https://tc39.es/proposal-temporal/#sec-get-temporal.zoneddatetime.prototype.month https://tc39.es/proposal-temporal/#sec-get-temporal.zoneddatetime.prototype.monthcode https://tc39.es/proposal-temporal/#sec-get-temporal.zoneddatetime.prototype.day https://tc39.es/proposal-temporal/#sec-get-temporal.zoneddatetime.prototype.dayofweek https://tc39.es/proposal-temporal/#sec-get-temporal.zoneddatetime.prototype.dayofyear https://tc39.es/proposal-temporal/#sec-get-temporal.zoneddatetime.prototype.weekofyear https://tc39.es/proposal-temporal/#sec-get-temporal.zoneddatetime.prototype.daysinweek https://tc39.es/proposal-temporal/#sec-get-temporal.zoneddatetime.prototype.daysinmonth https://tc39.es/proposal-temporal/#sec-get-temporal.zoneddatetime.prototype.daysinyear https://tc39.es/proposal-temporal/#sec-get-temporal.zoneddatetime.prototype.monthsinyear https://tc39.es/proposal-temporal/#sec-get-temporal.zoneddatetime.prototype.inleapyear https://tc39.es/proposal-temporal/#sec-get-temporal.zoneddatetime.prototype.era https://tc39.es/proposal-temporal/#sec-get-temporal.zoneddatetime.prototype.erayear Bug: v8:11544 Change-Id: I7d7008a719f0109836834d170c5f52b49c3ffb7e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3565028 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80678}	2022-05-20 23:07:26 +00:00
Frank Tang	74aa5e7d68	[Temporal] Add Temporal.Duration.prototype.toJSON Also add AO: TemporalDurationToString Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.duration.prototype.tojson https://tc39.es/proposal-temporal/#sec-temporal-temporaldurationtostring Bug: v8:11544 Change-Id: I7dfdb5458b88646a4ac7b7713e7c8e63352f7539 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3438375 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80677}	2022-05-20 22:38:35 +00:00
Frank Tang	caccea8d09	[Temporal] Add PlainMonthDay.from Also add AOs: ParseTemporalMonthDayString, MonthDayFromFields, ToTemporalMonthDay Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plainmonthday.from https://tc39.es/proposal-temporal/#sec-temporal-totemporalmonthday https://tc39.es/proposal-temporal/#sec-temporal-parsetemporalmonthdaystring https://tc39.es/proposal-temporal/#sec-temporal-monthdayfromfields Bug: v8:11544 Change-Id: I971b5a0f43b9dbeefe38ebe28035f7c9b1a617ff Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3538664 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80676}	2022-05-20 22:34:05 +00:00
Frank Tang	c68336252d	[Temporal] Add Plain(Date\|MonthDay\|YearMonth)..to(Locale)?String Spec Text: https://tc39.es/proposal-temporal/#sup-temporal.plaindate.prototype.tostring https://tc39.es/proposal-temporal/#sup-temporal.plaindate.prototype.tolocalestring https://tc39.es/proposal-temporal/#sup-temporal.plainmonthday.prototype.tostring https://tc39.es/proposal-temporal/#sup-temporal.plainmonthday.prototype.tolocalestring https://tc39.es/proposal-temporal/#sup-temporal.plainyearmonth.prototype.tostring https://tc39.es/proposal-temporal/#sup-temporal.plainyearmonth.prototype.tolocalestring Implement toString/toLocaleString as non-intl version. Because toString took options bag in Temporal, we cannot use the same way how we handle Date.prototype.toLocaleString() for non-intl build by just forwarding to it's toString implementation. Change built-ins-defintions.h to always has built-ins for .toLocaleString , not just in intl build. Change src/init/bootstrapper.cc away of the toLocaleString forward to toString approach. Implement the non-intl version of ToLocaleString in js-temporal-objects.cc for Temporal.Plain(Date\|YearMonth\|MonthDay) Bug: v8:11544 Change-Id: I202bcf28ef05ed03c337475300cfdfd18b52ffb3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3656137 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80675}	2022-05-20 20:35:35 +00:00
Andy Wingo	44932c1689	[stringrefs] Parse the string literals section Bug: v8:12868 Also adds wtf8.cc, wtf8.h to src/wasm, to implement WTF-8 validation and possibly other utilities. Also fixes a bug when parsing the string literals section; I had misunderstood the way the unordered/ordered sections mechanism worked. Change-Id: I3c4205e0872379a69575f84ba33e0090a9d8d656 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652789 Commit-Queue: Andy Wingo <wingo@igalia.com> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#80674}	2022-05-20 20:04:35 +00:00
Marja Hölttä	e819612aaf	[web snap] Enable context referring to function Bug: v8:11525,v8:12820 Change-Id: Ic4cd3172a4d6884b8234ca6b6463dfc405e10ba1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652793 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80672}	2022-05-20 16:10:44 +00:00
Tobias Tebbi	6e1fcf22f3	[test] remove flaky isOptimized check in regress-crbug-1323114.js Bug: v8:12893 Change-Id: Ibc2068011243b2ec811cd90646f0ec2a0d93cc05 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3657433 Auto-Submit: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80671}	2022-05-20 14:50:02 +00:00
Leszek Swirski	47090774a4	[maglev] Add more Int32/Float64 arithmetic nodes Add Int32/Float64 nodes for: * Subtract * Multiply * Divide and additionally Int32 nodes for * BitwiseOr/And/Xor * ShiftLeft/Right/RightLogical The latter ones don't have Float64 equivalents since they're implicitly Int32 operations. In the future we'll add support for Number feedback by adding Float64-to-Int32 conversions and using the Int32 nodes. The divide node does an Int32 division and deopts if there's a remainder to the division -- we may want to make it output a Float64 instead if we think that's more likely in real-world code. There's also no peephole optimisations for constant operations, which would generate much better code, especially for shifts. Bug: v8:7700 Change-Id: Ief1d24b46557cf4d2b7929ed50956df7b0d25992 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652301 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#80670}	2022-05-20 14:48:59 +00:00
Tobias Tebbi	c2430b4ff2	Revert "[heap] Disable map space with --future" This reverts commit `74c68e2a04`. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/21353/overview Original change's description: > [heap] Disable map space with --future > > Original CL got reverted, this time the failing test should be fixed. > > Bug: v8:12578 > Change-Id: Id2d8801f07742e8b00884fefec8200e4270f4250 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3657434 > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80668} Bug: v8:12578 Change-Id: I2ee20c79ec09ff4f7bece6ddcc1c3a5cd9351223 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647692 Owners-Override: Tobias Tebbi <tebbi@chromium.org> Auto-Submit: Tobias Tebbi <tebbi@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80669}	2022-05-20 14:47:24 +00:00
Dominik Inführ	74c68e2a04	[heap] Disable map space with --future Original CL got reverted, this time the failing test should be fixed. Bug: v8:12578 Change-Id: Id2d8801f07742e8b00884fefec8200e4270f4250 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3657434 Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80668}	2022-05-20 13:22:44 +00:00
Marja Hölttä	0d57c9a863	[web snap] Fix context tree serialization Enforce the parent context has a smaller id, this time more forcefully. Bug: v8:11525,v8:12820 Change-Id: I05bf675545b81b818eebfcaa40ee6bb93f5bcf9e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652792 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80666}	2022-05-20 12:21:50 +00:00
Jakob Kummerow	86be87df9c	[bigint] Fix object literal property keys like `0x0n` Fixed: chromium:1327321 Change-Id: I4868e0127b9dd14a0812cafca1681280534faa46 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652788 Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Auto-Submit: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#80661}	2022-05-20 11:21:15 +00:00
Andy Wingo	b48262d719	[stringrefs] Add generalized UTF-8 decoder / validator Bug: v8:12868 A slight modification to the existing DFA-based UTF-8 allocator to allow decoding surrogates, for use in decoding WTF-8. We'll need to additionally constrain the decoder to disallow surrogate pairs. Change-Id: Ifddbf08d4eeeff8f270df52a68f01769ea790eec Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652787 Commit-Queue: Andy Wingo <wingo@igalia.com> Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#80654}	2022-05-20 08:05:04 +00:00
Seth Brenith	16a7150bae	Reland "Disable recompilation of existing Scripts from Isolate compilation cache" This is a reland of commit `a76072217a` The bug exposed by landing this change the first time has been fixed separately in https://crrev.com/c/3654413 . Original change's description: > Disable recompilation of existing Scripts from Isolate compilation cache > > My previous change https://crrev.com/c/3597106 led to some performance > regressions in time spent on parsing and compilation. This change > disables the ability to recompile an existing uncompiled Script, as an > attempt to both fix the regressions and isolate which part of the > previous change was the cause of those problems. > > Bug: v8:12808, chromium:1325566, chromium:1325567, chromium:1325601 > Change-Id: Ifa086bf27070da8f4b3c0e4415af5ca7b6706b0a > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652252 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> > Cr-Commit-Position: refs/heads/main@{#80616} Bug: v8:12808, chromium:1325566, chromium:1325567, chromium:1325601 Change-Id: Ib31864bef90ff3340d1dfd4e25e21bef121f2d49 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3655011 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/main@{#80645}	2022-05-19 16:50:14 +00:00
Clemens Backes	4a6e65bf56	[wasm] Avoid HandleScope when triggering tier-up Triggering tier-up can happen very often, so the runtime function should be as slim as possible. This CL adds two DisallowGarbageCollection scopes and removes a HandleScope which was unnecessarily created. R=jkummerow@chromium.org Bug: v8:12281 Change-Id: I43e7f2b449630856ac8dfb36d294fbd29191d0eb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652300 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#80644}	2022-05-19 16:43:05 +00:00
Issack John	a679edbb6e	JSON.parse errors made user-friendly part 2 Part of the improve error messages initiative. Based on a resource of JSON.parse() errors found at https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Errors/JSON_bad_parse added support for: - 'Bad control character in string literal' - 'Bad Unicode escape' Previously JSON.parse('"a\bz"') would output: SyntaxError: Unexpected token in JSON at position 2 Now the output is: SyntaxError: Bad control character in string literal in JSON at position 2 Previously JSON.parse("[\"\\t\\u") would output: SyntaxError: Unexpected end of JSON input Now the output is: SyntaxError: Bad Unicode escape in JSON at position 6 Bug: v8:6551 Change-Id: I3ba5450c41b8a388643a15bc58e4e3fc75855d13 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652254 Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Issack John <issackjohn@microsoft.com> Cr-Commit-Position: refs/heads/main@{#80642}	2022-05-19 15:07:03 +00:00
Stephen Roettger	4d6ddf1b5f	Remove deprecated AccessorSignatures Bug: chromium:1310790 Change-Id: I739161f47fc1fc32d832f106d5ef6b7df4aed213 Fixed: chromium:1310790 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3654096 Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Stephen Röttger <sroettger@google.com> Cr-Commit-Position: refs/heads/main@{#80639}	2022-05-19 14:15:54 +00:00
Clemens Backes	16fb5ccfa5	[wasm] Add comment about WasmOpcode encoding As a follow-up to https://crrev.com/c/3625835, document how we internally encode Wasm opcodes in the WasmOpcode enum. In particular, it's important for the mapping to be bijective. R=thibaudm@chromium.org CC=gdeepti@chromium.org Bug: v8:12284 Change-Id: Ic4bcd70211e83b1eabb45204bdcce3209a4432b3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647360 Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/main@{#80635}	2022-05-19 10:40:05 +00:00
Frank Tang	5354d8a1c6	[Temporal] Add PlainYearMonth.prototype.toJSON Also add AOs: TemporalYearMonthToString Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plainyearmonth.prototype.tojson https://tc39.es/proposal-temporal/#sec-temporal-temporalyearmonthtostring Bug: v8:11544 Change-Id: Ibe8bd20ae5eb5b7721e50cf5386c20d8d23e18e6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3437894 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80627}	2022-05-19 05:06:23 +00:00
Frank Tang	0b44a86009	[Temporal] Add PlainMonthDay.prototype.toJSON Also add AO: TemporalMonthDayToString Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plainmonthday.prototype.tojson https://tc39.es/proposal-temporal/#sec-temporal-temporalmonthdaytostring Bug: v8:11544 Change-Id: Ibbc5b28a9c73474f7edc1b67c9beabf5bca54dbc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3437891 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80624}	2022-05-19 02:44:13 +00:00
jiepan	852e075639	[wasm-simd][x64] Optimize I8x16Shuffle if one input is S128Zero If b is S128Zero, Shuffle(a,b,s) can be optimized to Swizzle(a,s). By setting s[i] to 0x80, we can avoid access b. If a is S128Zero, we can swap a and b first. If one input of I8x16Shuffle is S128Zero, this patch can save ~60% instructions(7 of 12), and more than 30% improvement is observed in local microbenchmarks. Change-Id: I5953fa9064e01203cd4cf423c55dd5ed33cad57e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3544992 Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Jie Pan <jie.pan@intel.com> Cr-Commit-Position: refs/heads/main@{#80623}	2022-05-19 01:26:03 +00:00
Frank Tang	a5697616eb	[Temporal] Add PlainDate.prototype.toJSON Also add AOs: PadISOYear, FormatCalendarAnnotation, TemporalDateToString Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaindate.prototype.tojson https://tc39.es/proposal-temporal/#sec-temporal-padisoyear https://tc39.es/proposal-temporal/#sec-temporal-formatcalendarannotation https://tc39.es/proposal-temporal/#sec-temporal-temporaldatetostring Change the ISODateTimeWithinLimits from -8.64 × 10^21 - 8.64 × 10^16, 8.64 × 10^21 + 8.64 × 10^16 to -8.64 × 10^21 - 8.64 × 10^13, 8.64 × 10^21 + 8.64 × 10^13 per https://github.com/tc39/proposal-temporal/pull/1723 Change to use AppendCStringLiteral instead of AppendCharacter when appropriate. Bug: v8:11544 Change-Id: I01f22657b2c3e5aacbea790593d7e9f60076ec74 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3438379 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80622}	2022-05-19 01:22:23 +00:00
Deepti Gandluri	0236d7b5b4	[wasm-relaxed-simd] Add liftoff min/max operations on Arm and Arm64 Instruction lowering on ARM uses pmin/pmax as there is no hardware support. More details here: https://github.com/WebAssembly/relaxed-simd/issues/33 Bug: v8:12284 Change-Id: I075d4a6660afc4418fcc91c5d48e8e9096536dc9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3646075 Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#80621}	2022-05-18 23:22:03 +00:00
Adam Klein	09c1012b21	Skip shared-memory tests under tsan/stress_incremental_marking Goal is to keep the tree green while the issue is investigated. No impact on shipped product since shared-memory is flag-guarded off. Bug: v8:12883 Change-Id: I9a434bdebc781023fa6693eef47db6dbe81cd4bb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3653320 Auto-Submit: Adam Klein <adamk@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80619}	2022-05-18 18:48:01 +00:00
Adam Klein	de877f7497	Revert "Disable recompilation of existing Scripts from Isolate compilation cache" This reverts commit `a76072217a`. Reason for revert: fails on GC Stress bot: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20gc%20stress/38512/overview Original change's description: > Disable recompilation of existing Scripts from Isolate compilation cache > > My previous change https://crrev.com/c/3597106 led to some performance > regressions in time spent on parsing and compilation. This change > disables the ability to recompile an existing uncompiled Script, as an > attempt to both fix the regressions and isolate which part of the > previous change was the cause of those problems. > > Bug: v8:12808, chromium:1325566, chromium:1325567, chromium:1325601 > Change-Id: Ifa086bf27070da8f4b3c0e4415af5ca7b6706b0a > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652252 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> > Cr-Commit-Position: refs/heads/main@{#80616} Bug: v8:12808, chromium:1325566, chromium:1325567, chromium:1325601 Change-Id: I0f56163856d04ff49da96b0fb344fb59b5501a40 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3653273 Auto-Submit: Adam Klein <adamk@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80617}	2022-05-18 16:45:11 +00:00
Seth Brenith	a76072217a	Disable recompilation of existing Scripts from Isolate compilation cache My previous change https://crrev.com/c/3597106 led to some performance regressions in time spent on parsing and compilation. This change disables the ability to recompile an existing uncompiled Script, as an attempt to both fix the regressions and isolate which part of the previous change was the cause of those problems. Bug: v8:12808, chromium:1325566, chromium:1325567, chromium:1325601 Change-Id: Ifa086bf27070da8f4b3c0e4415af5ca7b6706b0a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652252 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/main@{#80616}	2022-05-18 15:47:59 +00:00
Dominik Inführ	e9af212a11	[heap] Check liveness of invalidated objects in UpdateUntypedPointers This is a follow-up CL to https://crrev.com/c/3623542. When updating pointers during a full GC, a page might not be swept already. In such cases there might be invalid objects in free memory. Since these objects might be dead, their maps might have been reclaimed already as well. The previous CL cached the size of invalid objects in order to avoid accessing an invalid object's map. However, as soon as a slot is within an invalid object, we also need to check whether this slot is still a tagged pointer which would require map access. This CL checks marking bits on invalid objects to skip that check on such invalid objects. Bug: v8:12578, chromium:1316289 Change-Id: Ie1d736f897a2994dbed7bfb95ed37732cd3b0882 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596123 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#80609}	2022-05-18 07:47:28 +00:00
Marja Hölttä	2cb5a08f43	[web snapshot] Add support for derived constructors Especially, this requires having the __proto__s of functions serialized. Drive-by fix (gc stress): Handlify IterateBuiltinObjects. Bug: v8:11525 Change-Id: I8dc50b9144d17134a7c9b8fdbabe23f5e44f197f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644613 Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#80608}	2022-05-18 07:42:21 +00:00
Frank Tang	972d7e5abf	[Temporal] Add TimeZone getOffset(Nanoseconds\|String)For Also add the non-intl version of AO GetIANATimeZoneOffsetNanoseconds which only implement for UTC. (intl version implement other tz come later) Also fix bug in JSTemporalTimeZone::offset_nanoseconds() that "1000000L * offset_milliseconds()" may overflow int32_t before returning as int64_t by first casting offset_milliseconds() to int64_t in the operation so the whole formula is calculating under 64 bits not 32 bits. This bug fix some *timezone-string-datetime tests. Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.timezone.prototype.getoffsetnanosecondsfor https://tc39.es/proposal-temporal/#sec-temporal.timezone.prototype.getoffsetstringfor https://tc39.es/proposal-temporal/#sec-temporal-getianatimezoneoffsetnanoseconds Bug: v8:11544 Change-Id: I2227dbfc8d6ed3ef83edcef5a9b903b8642b5902 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3534622 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80606}	2022-05-18 07:15:48 +00:00
Andy Wingo	010de10eb8	[stringref] Add support for stringrefs in tables Bug: v8:12868 Change-Id: I42ef3e15b2a7fd2ef157aa0e657ddf98973e8d79 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644956 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Andy Wingo <wingo@igalia.com> Cr-Commit-Position: refs/heads/main@{#80605}	2022-05-18 06:11:20 +00:00
Andy Wingo	59b7d6a0c1	[stringref] Add test for wasm-to-js calls Bug: v8:12868 Change-Id: I8d789457c725708e06f482d362d17c16a802a1f3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644950 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Andy Wingo <wingo@igalia.com> Cr-Commit-Position: refs/heads/main@{#80603}	2022-05-17 19:14:37 +00:00
George Wort	1e12c1f7ff	[wasm-simd][arm64] Do not emit Bic(x, imm) for AndNot(imm, x) Fix bug where AndNot(x, imm) and AndNot(imm, x) both become Bic(x, imm). Bug: chromium:1318092 Change-Id: I0ca2c65a1e5d64da0347c86346e7c4dc04943eff Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3613386 Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: George Wort <george.wort@arm.com> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/main@{#80600}	2022-05-17 16:13:27 +00:00
Solomon Kinard	87b4acd3d6	v8: Remove extra slashes Change-Id: Ib5d2e24ee4a83547b9d403d5d8b5d75173b8310b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3648093 Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Solomon Kinard <solomonkinard@chromium.org> Cr-Commit-Position: refs/heads/main@{#80597}	2022-05-17 15:27:27 +00:00
Clemens Backes	4fef561880	[wasm] Clean up SetCompiledModuleBytes - Pass base::Vector instead of pointer plus size - Remove always-true return value - Remove unused SetCompiledModuleBytes in tests - Drive-by: Use std::move for std::function callback R=ahaas@chromium.org Bug: v8:12425 Change-Id: I698abb64e4c8d8229997f09d6a79ef664fe9c933 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644952 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#80596}	2022-05-17 14:27:13 +00:00
Leszek Swirski	1ab43384ca	[maglev] Make maglev frames optimized frames Split off a TurbofanFrame from OptimizedFrame, and make MaglevFrame a subclass of OptimizedFrame. This allows it to be treated as an optimized frame by code that is looking at deoptimization data. Bug: v8:7700 Change-Id: Ia38e0f1c2cd73f054f63be81dff187d9197c1202 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644798 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#80592}	2022-05-17 13:43:22 +00:00
jameslahm	bc5677de91	[test] Move cctest/parsing to unittests/parser This CL moves cctest/parsing/{test-parse-decision, test-scanner-streams, test-scanner} to unittests/{ parse-decision-unittest, scanner-streams-unittest, scanner-unittest}. Bug: v8:12781 Change-Id: I2adfeaf2ccc796f17d6b7010c77b1f65c6ce593e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3612668 Commit-Queue: 王澳 <wangao.james@bytedance.com> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80588}	2022-05-17 13:07:30 +00:00
Manos Koukoutos	2a606bdb27	[wasm-gc][turbofan] Allow incompatible mutability in CsaLoadElimination Loading from/storing to the same field with incompatible mutabilities is possible in unreachable code, specifically when a value is cast to two different types with incompatible mutability for the same field offset. Therefore, we allow this pattern in CsaLoadElimination. When we detect it, we emit an Unreachable node to immediately crash the program in case this unreachable code is somehow executed. Bug: v8:7748, v8:12874 Change-Id: Ieb359d3e1b9f7bc4a91c556af2bba0507526d20e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644806 Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#80587}	2022-05-17 13:06:28 +00:00
Andy Wingo	1a3edfb7e5	[stringref] Add support for stringref globals, with JS interface Bug: v8:12868 Change-Id: I955155db468b2ecd86fa6c5a73c616b0e4c66446 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644949 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Andy Wingo <wingo@igalia.com> Cr-Commit-Position: refs/heads/main@{#80584}	2022-05-17 11:35:47 +00:00
Marja Hölttä	eb56775a69	[rab/gsab]: RAB/GSAB support for Function.p.apply Bug: v8:11111, chromium:1321013 Change-Id: Iec45b885e844ab02059470dd514f47133b0a6efe Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3650596 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#80583}	2022-05-17 10:50:27 +00:00
Solomon Kinard	b5c95961bd	v8: Copyright: Remove extra slashes Change-Id: I3d3b1f0b86714e0d654ed18c055d394002dbec2c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3650832 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80582}	2022-05-17 10:18:24 +00:00
jameslahm	2eeed60520	[test] move cctest/libsampler to unittests/libsampler This Cl moves cctest/libsampler/{test-sampler, test-signals-and-mutexes} to unittests/libsampler/{sampler-unittest, signals-and-mutexes-unittest}. Bug: v8:12781 Change-Id: I106e709a66d00d23df76c6868d0843dd0ac1887e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3612666 Commit-Queue: 王澳 <wangao.james@bytedance.com> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80581}	2022-05-17 09:51:27 +00:00
Andy Wingo	e5af9c4f97	[stringref] Add support for passing stringref values to/from JS Bug: v8:12868 Change-Id: Ib4540352c7db4b4bdbf88b559da44b08e71dd483 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3650603 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Andy Wingo <wingo@igalia.com> Cr-Commit-Position: refs/heads/main@{#80580}	2022-05-17 09:42:28 +00:00
jameslahm	6faa6d553b	[test] Move cctest/test-roots to unittests ... /objects/roots-unittest. Bug: v8:12781 Change-Id: Id76a0e1ffaea18849866fa0f55c9a056dbdf6e2b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3612670 Commit-Queue: 王澳 <wangao.james@bytedance.com> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80579}	2022-05-17 09:12:17 +00:00
jameslahm	552ffd38dc	[test] Migrate cctest/test-api-accessors.cc to unittests/ ... api/accessor-unittest.cc. - Add IsInt32, IsString, IsUndefined matcher in testing/gmock-support.h. Bug: v8:12781 Change-Id: I764491d7643e35fb8bc1621e857873aa24f64ccd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3593573 Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80577}	2022-05-17 08:27:55 +00:00
jameslahm	e740932949	[test] Move cctest/{test-bignum-dtoa, test-dtoa ... ,test-fast-dtoa, test-fixed-dtoa} to unittests/base/ {bignum-dtoa-unittest, dtoa-unittest, fast-dtoa-unittest, fixed-dtoa-unittest}. This CL also moves cctest/{gay-fixed, gay-precision, gay-shortest} to unittest/{gay-fixed, gay-precision, gay-shortest}. Bug: v8:12781 Change-Id: Id6072f92908ad3abfe683c69dac041227de2553f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607114 Commit-Queue: 王澳 <wangao.james@bytedance.com> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80572}	2022-05-17 01:38:57 +00:00
Solomon Kinard	f54408434b	v8: Copyright: Remove extra slashes Change-Id: Ib8ca0c771b50b712e5fd6acb470213235f69a99b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3650833 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Solomon Kinard <solomonkinard@chromium.org> Cr-Commit-Position: refs/heads/main@{#80569}	2022-05-16 18:19:06 +00:00
Issack John	718f743750	JSON.parse errors made user-friendly Part of the improve error messages initiative. Based on a resource of JSON.parse() errors found at https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Errors/JSON_bad_parse Previously JSON.parse(NaN) would output: SyntaxError: Unexpected token N in JSON at position 0 Now the output is: SyntaxError: "NaN" is not valid JSON Previously JSON.parse("{a:1}") would output: SyntaxError: Unexpected token a in JSON at position 1 Now the output is: SyntaxError: Expected property name or '}' in JSON at position 1 Bug: v8:6551 Change-Id: Ic9fad1fdbd295e1302805b81e6603fc526121960 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3513684 Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Issack John <issackjohn@microsoft.com> Cr-Commit-Position: refs/heads/main@{#80567}	2022-05-16 17:02:37 +00:00
Clemens Backes	b33179ae4d	[API] Pass OOMDetails to OOMErrorCallback This adds a new struct "OOMDetails" which is passed to the OOMErrorCallback. It currently holds the "is_heap_oom" bool that was also passed before, plus an optional "detail" string. The struct can later be extended without having to change the signature of the OOMErrorCallback. Removing fields will have to follow the standard deprecation rules, but this is also easily possible without the hassle for this initial change. We modify the deprecated OOMErrorCallback definition and un-deprecate it, which can be seen as removing a deprecated API and adding a new one in one CL. R=mlippautz@chromium.org, jkummerow@chromium.org Bug: chromium:1323177 Change-Id: Ic4c2cb5856906ebd664626fe463d8e96cb99b0a5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647827 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#80565}	2022-05-16 16:43:07 +00:00
Omer Katz	72bea1abd3	[heap] Remove references to semi spaces from heap.cc This includes: 1) Inline UncommintFromSpace into Shrink (always called together) 2) Replace ZapFromSpace with virtual ZapUnusedMemory 3) Replace EnsureFromSpaceIsCommited with virtual Prologue Bug: v8:12612 Change-Id: I934479761c877e10734f54e6d5896a4741b92ef7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3650738 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80563}	2022-05-16 15:45:40 +00:00
Nikolaos Papaspyrou	b514973d72	cleanup: Fix some typos Mostly in comments, not much to be said... Bug: v8:12425 Change-Id: Ib1e4d3913f9b91eeafefbef13330fd1388223c06 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3650597 Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80562}	2022-05-16 15:44:37 +00:00
jameslahm	37654f8fdd	[test] Move cctest/test-representation to unittests ... /objects/representation-unittest. Bug: v8:12781 Change-Id: I3ae39df619ac6920c5ff722ed481bed20b5a5c6d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3612669 Commit-Queue: 王澳 <wangao.james@bytedance.com> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80557}	2022-05-16 14:15:36 +00:00
jameslahm	3bfb0466ed	[test] Move cctest/test-double to unittests ... /base/double-unittest. Bug: v8:12781 Change-Id: I13817728735a53fbc28a4e2d1babdcbd9bbf419d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607113 Commit-Queue: 王澳 <wangao.james@bytedance.com> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80556}	2022-05-16 14:13:16 +00:00
jameslahm	0598bb38d8	[test] Move cctest/test-elements-kind to unittests ... /objects/elements-kind-unittest. Bug: v8:12781 Change-Id: I335cec050faf584652a43041437ec0a14539cf1e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607115 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80553}	2022-05-16 13:20:28 +00:00
Milad Fa	3ca7c29b69	AIX: skip some of the LogTest tests A few of LogTests have been crashing intermittently after they were moved to unittests in this CL: https://crrev.com/c/3616424 Will re-enable once issue is investigated. Change-Id: I53435596274c935c028a625b610c54eadda9d1de Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647092 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#80551}	2022-05-16 13:04:06 +00:00
Tobias Tebbi	b209cdf5bb	[compiler] add test for crbug-1323114 This is a follow-up to https://chromium-review.googlesource.com/c/v8/v8/+/3630081 Bug: chromium:1323114 Change-Id: Ie6e3cbdecf370c5fdf9544c2f47f7b4f8f27bd70 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647826 Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Auto-Submit: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#80550}	2022-05-16 11:50:56 +00:00
Jakob Kummerow	48a4195370	[wasm-gc] Fix type checking of null/undefined The LookupIterator only handles JSReceivers, so special-case oddballs. Change-Id: I03d2875124775390c9b928fb7cfe4d938213b5d0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3645409 Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Auto-Submit: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80548}	2022-05-16 10:44:46 +00:00
Clemens Backes	5696b52624	[utils] Introduce SparseBitVector We currently have a BitVector implementation which is used a lot by the two (mid-tier and top-tier) register allocators. Their size is the number of virtual registers or the number of blocks in the function. If one of those numbers gets huge, the BitVector does not perform well any more, and it consumes huge amounts of memory (we see up to several GBs for huge Wasm functions). This CL introduces a SparseBitVector implementation with a compatible interface, meant to replace the BitVector implementation. Usages will be introduced in follow-up CLs, first for the mid-tier allocator, then top-tier. This will allow us to assess performance changes better, and revert individual usages. R=mslekova@chromium.org Bug: chromium:1313379, v8:12780 Change-Id: I804311e0c188526961f70e88a43dd1ea26497cda Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3634780 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/main@{#80546}	2022-05-16 10:23:26 +00:00
Andy Wingo	7d8b8b4f2f	[stringref] Add support for parsing stringref instructions Bug: v8:12868 This wires up the parser and the decoder interface for stringref. All of the interfaces throw UNIMPLEMENTED, however. Change-Id: If8cb131032e425a5672f793c6e4c24ddd188aebc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3645115 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Andy Wingo <wingo@igalia.com> Cr-Commit-Position: refs/heads/main@{#80545}	2022-05-16 10:10:06 +00:00
Dominik Inführ	34da5f5b5b	Reland^3: [heap] Store size with invalidated object This is a reland of commit `2b79eefed3` A DCHECK was using map[key] and inadvertently inserted into the map that way. Original change's description: > Reland^2: [heap] Store size with invalidated object > > This is a reland of commit `23b2d571a7` > > When updating pointers during a full GC, a page might not be swept > already. In such cases there might be invalid objects and slots > recorded in free memory. Updating tagged slots in free memory is fine > even though not strictly necessary. > > However, the GC also needs to calculate the size of potentially dead > invalid objects in order to be able to check whether a slot is within > that object. But since that object is dead, its map might be dead as > well which makes size calculation impossible on such objects. The CL > changes this to cache the size of invalid objects. A follow-up CL will > also check the marking bit of invalid objects. > > Reason for reverts: > > Revert #2: In-object slack tracking on JSObjects doesn't update the > cached size of invalidated objects. The fix here was to stop > invalidating recorded slots on JSObjects at all and avoid that problem > completely (see https://crrev.com/c/3620274). > > Revert #1: Not all size changes go through NotifyObjectLayoutChange, so > https://crrev.com/c/3607992 introduced NotifyObjectSizeChange as a > bottleneck for object size changes/right-trimming. This method is > now used to update the size of invalidated objects. > > Bug: v8:12578, chromium:1316289 > Change-Id: I0478d04601c0270ddb39419ca6cf98719951eb4d > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3623542 > Reviewed-by: Jakob Linke <jgruber@chromium.org> > Reviewed-by: Patrick Thier <pthier@chromium.org> > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80344} Bug: v8:12578, chromium:1316289 Change-Id: Ibcc04c209213c584860a7c473082526cb4e53c59 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3627635 Reviewed-by: Patrick Thier <pthier@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#80542}	2022-05-16 09:25:16 +00:00
Marja Hölttä	36565f6b5c	[rab/gsab] Fix memory size computations close to size_t limit Bug: v8:11111,v8:1321980 Change-Id: I4dead5d50a2e1a9c1011c16d13aad2722598e456 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3642297 Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#80541}	2022-05-16 09:13:38 +00:00
Nikolaos Papaspyrou	36610bbdd7	heap: Recalculate the object start bitmap if needed This CL adds to the existing experimental implementation of the object start bitmap, that is evaluated as a mechanism for resolving inner pointers (behind the flag v8_enable_conservative_stack_scanning). It fixes method ObjectStartBitmap::FindBasePtr to ensure that the correct base pointer is returned, even if the bitmap is not fully populated (e.g., with object evacuation or inline object allocation). This method now recalculates the part of the bitmap that is required for returning the correct result, by iterating through objects of the page. A special constructor has been introduced to the PagedSpaceObjectIterator for this purpose. It also moves the existing inline methods of ObjectStartBitmap to a new -inl.h header file, to avoid circular dependencies. Bug: v8:12851 Change-Id: Iabd0df020bee3bb63ef9d4888591b25d24d79dd9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3641179 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80538}	2022-05-16 08:48:56 +00:00
Simon Zünd	9ca7491b35	Reland "[inspector] Re-enable Debugger#restartFrame" This is a reland of commit `8278cb5015` The reland adds the RestartFrameTrampoline to the list of builtins that the deoptimizer is allowed to return from for control flow integrity. Original change's description: > [inspector] Re-enable Debugger#restartFrame > > Doc: https://bit.ly/revive-restart-frame > > This CL "undeprecates" Debugger#restartFrame and adds a new optional > "mode" parameter for back-wards compatibility. Moreover, the return > values are all deprecated. They were never actually used in the > DevTools frontend and the same information is available from the > Debugger#paused event that fires once execution stops at the > beginning of the restarted function. > > The CL also re-baselines all the restart-frame inspector tests that > now run successfully. > > R=bmeurer@chromium.org, kimanh@chromium.org > > Bug: chromium:1303521 > Change-Id: I34bddeb1f2f4ff3dee58dd82e779c111495566f3 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616505 > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> > Reviewed-by: Kim-Anh Tran <kimanh@chromium.org> > Commit-Queue: Simon Zünd <szuend@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80491} Bug: chromium:1303521 Change-Id: I13e2f8b5011795a38e541310622b8333a3d08049 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644624 Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Reviewed-by: Kim-Anh Tran <kimanh@chromium.org> Cr-Commit-Position: refs/heads/main@{#80534}	2022-05-14 09:32:14 +00:00
Clemens Backes	16d948312f	Fix MSVC compilation of FormattedStringTest MSVC does not implicitly convert the std::array iterator to a char*, hence explicitly use the {data()} accessor instead of {begin()}, which is cleaner anyway. R=mlippautz@chromium.org Bug: chromium:1323177 Change-Id: I65c6836889eb57a18b655cb9e6c98008a8fbcaac Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644794 Auto-Submit: Clemens Backes <clemensb@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/main@{#80533}	2022-05-13 17:46:23 +00:00
Leszek Swirski	e0d0fa2dec	[maglev] Disable on TickLines test This test tests the interpreted/baseline and optimized behaviour of cpu profiler ticks. We should eventually support this for maglev too, but for now just disable it. Bug: v8:7700 Change-Id: Iba89ab2c718025ebf90c86a84ed937c2d1d0af7f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647363 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#80531}	2022-05-13 16:25:34 +00:00
Samuel Groß	6f5f5662cc	[sandbox] Turn V8_SANDBOX into V8_ENABLE_SANDBOX This is more consistent with similar features, for example V8_ENABLE_WEBASSEMBLY or V8_ENABLE_MAGLEV. Drive-by: remove V8_SANDBOX_IS_AVAILABLE as it's no longer needed. Bug: v8:10391 Change-Id: I8658c5b0c331a4c73892737083b2c2f9b8f84056 Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647355 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Auto-Submit: Samuel Groß <saelo@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#80530}	2022-05-13 16:23:23 +00:00
Clemens Backes	fa8c5950e0	[base] Introduce FormattedString This introduces a class which can be used for formatting dynamic values into a constant-size, stack-allocated array. You get ostream-style code but printf-style performance, and in particular no dynamic allocation. This makes this class also suitable to be used in OOM or other fatal situations where we cannot rely on dynamic memory allocation to still work. Using FormattedString will automatically compute the format string depending on the types. It also computes the maximum size of the output. Last but not least, it makes the code a lot more readable than traditional printf style printing. R=mlippautz@chromium.org Bug: chromium:1323177 Change-Id: I47228b3603c694c1fa23516dd3f1c57e39c0ca35 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644622 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80529}	2022-05-13 16:20:43 +00:00
Andy Wingo	59518b083a	[stringref] Add stringref type, section, feature flag definitions Bug: v8:12868 Change-Id: I69e149aa607ee77dd00267a0bbe4e5828dceb75e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647350 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Andy Wingo <wingo@igalia.com> Cr-Commit-Position: refs/heads/main@{#80526}	2022-05-13 14:28:43 +00:00
Clemens Backes	dd74a0232c	Replace STATIC_ASSERT with static_assert Now that we require C++17 support, we can just use the standard static_assert without message, instead of our STATIC_ASSERT macro. R=leszeks@chromium.org Bug: v8:12425 Change-Id: I1d4e39c310b533bcd3a4af33d027827e6c083afe Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647353 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#80524}	2022-05-13 13:46:27 +00:00
Andy Wingo	94ba69011e	[stringref] Add tests that stringrefs are unsupported by default Bug: v8:12868 Change-Id: I9008da5f89c4c18ea45ddbe44cae832087c76b01 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647349 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Andy Wingo <wingo@igalia.com> Cr-Commit-Position: refs/heads/main@{#80523}	2022-05-13 13:44:24 +00:00
Anton Bikineev	2c40f3af4f	cppgc: Speed up pointer decompression With this CL, the decompression simply becomes: movsxd rax, edi add rax, rax and rax, qword ptr fs:[base@TPOFF] Bug: chromium:1325007 Change-Id: I931e4e667a9b9697671bccf14575420f8cb705e8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3629871 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#80521}	2022-05-13 12:38:43 +00:00
Anton Bikineev	19b6e5f468	cppgc: Introduce pointer compression based on thread-local base With caged heap enabled, we can halve Member<> by storing only the least significant half. The base of the heap is stored in a thread local variable. The feature has therefore an implication that only single heap is allowed per thread. The feature is gated by the new GN arg: cppgc_enable_pointer_compression. Bug: chromium:1325007 Change-Id: Ic7f1ecb7b9ded57caad63d95bbc8e8ad6ad65031 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2739979 Reviewed-by: Almothana Athamneh <almuthanna@chromium.org> Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> Commit-Queue: Tamer Tas <tmrts@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Tamer Tas <tmrts@chromium.org> Auto-Submit: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#80518}	2022-05-13 11:15:43 +00:00
Al Muthanna Athamina	ad126104f1	Skipping benchmarks/octane/typescript on NumFuzz until the issue is fixed NOTRY=true Bug: v8:12445 Change-Id: I67bd72e2369ffc0e4afc75e0436d80d3c5c0fae2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3632101 Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> Auto-Submit: Almothana Athamneh <almuthanna@chromium.org> Cr-Commit-Position: refs/heads/main@{#80515}	2022-05-13 09:45:18 +00:00
jameslahm	557cc8a464	[web snapshot] Add support for double array This CL adds serialization and deserialization for packed double array and holey double array. Bug: v8:11525 Change-Id: Idce22e1c5d707e45127ae972587c6b7808ca2cda Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3640751 Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80514}	2022-05-13 09:22:45 +00:00
Frank Tang	4819584a2c	[Temporal] Implement the iso8601 part of Calendar.prototype.era(Year)? Spec text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.era https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.erayear Notice this only implement the "iso8601" calendar and we will implement the code for other calendar later by calling ICU with other Calendar methods. This CL reduce the differences of testing result between ALWAYS and no_i18n because the code in no_i18n will not call Calendar era or eraYear and therefore passed the test even w/o this CL but the ALWAYS tests will cause Temporal object to internal call era and eraYear and therefore fail if w/o this CL. Bug: v8:11544 Change-Id: I921fbfbbd26473c238024161eb58b096c38b881b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3641938 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80513}	2022-05-13 09:01:23 +00:00
Tobias Tebbi	b16d2a4e2f	[wasm] add experimental string/Wasm GC array conversion fast-path This CL adds two experimental JS builtins to convert between i16 Wasm GC and JS strings. This is a non-standard experimental feature only available with the flag --wasm-gc-js-interop. WebAssembly.experimentalConvertArrayToString(array, start, count) Convert the `count`-many WTF-16 code units starting at index `start` into a JS string. Throws a TypeError if `array` is not an i16 array, or if `start` and `count` are not numbers or not in range. WebAssembly.experimentalConvertStringToArray(string, sampleArray) Convert `string` to an i16 array. The `sampleArray` parameter needs to be an arbitrary i16 array, which is only used to extract the rtt. Throws a TypeError if `string` is not a string or `sampleArray` is not an i16 array. Change-Id: I7ac2f6bd89b8f638427f61da1bb01ccba90d735b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3642301 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#80505}	2022-05-12 20:12:53 +00:00
Deepti Gandluri	334cc5f8d6	[wasm-relaxed-simd][liftoff] Enable relaxed LaneSelect on Arm/Arm64 Bug: v8:12284 Change-Id: Ica2564e8b34f8edd9492ef379cf3a3eb5575633d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3642948 Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#80504}	2022-05-12 19:49:33 +00:00
Deepti Gandluri	6a9c8553f9	[wasm-relaxed-simd] Enable relaxed swizzle tests on all platforms Bug: v8:12284 Change-Id: I7f6a4a5182ad61dfdc13faf2ced99fba7d64c9c5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3640926 Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/main@{#80502}	2022-05-12 18:25:52 +00:00
Chong Gu	2eaf6205ed	[Fuchsia] Deprecate fuchsia_package_runner Change-Id: Id6c520cd3cc6218fb32fea2c82b0ff8985e2b58e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3627012 Commit-Queue: Anton Bikineev <bikineev@chromium.org> Auto-Submit: Chong Gu <chonggu@google.com> Reviewed-by: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#80501}	2022-05-12 18:07:18 +00:00
Jakob Kummerow	8f3581125a	[wasm-gc] Fix instantiation of modules with no types Fixed: v8:12866 Change-Id: Icba2ffc7837bf4942fd4bc741abeb7c98694c2d8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644607 Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> Auto-Submit: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Andy Wingo <wingo@igalia.com> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80500}	2022-05-12 17:48:17 +00:00
Deepti Gandluri	8709819285	[wasm-simd][Arm]Prototype Relaxed Rounding Q-format Multiplication Bug: v8:12284 Change-Id: I9d8f9da8ed736d5119e7af4354e1ddd8a255713d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3640925 Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#80497}	2022-05-12 16:40:21 +00:00
Francis McCabe	c31105569f	Revert "[inspector] Re-enable Debugger#restartFrame" This reverts commit `8278cb5015`. Reason for revert: breaking https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20CFI/10778/overview Original change's description: > [inspector] Re-enable Debugger#restartFrame > > Doc: https://bit.ly/revive-restart-frame > > This CL "undeprecates" Debugger#restartFrame and adds a new optional > "mode" parameter for back-wards compatibility. Moreover, the return > values are all deprecated. They were never actually used in the > DevTools frontend and the same information is available from the > Debugger#paused event that fires once execution stops at the > beginning of the restarted function. > > The CL also re-baselines all the restart-frame inspector tests that > now run successfully. > > R=bmeurer@chromium.org, kimanh@chromium.org > > Bug: chromium:1303521 > Change-Id: I34bddeb1f2f4ff3dee58dd82e779c111495566f3 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616505 > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> > Reviewed-by: Kim-Anh Tran <kimanh@chromium.org> > Commit-Queue: Simon Zünd <szuend@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80491} Bug: chromium:1303521 Change-Id: Ibc33328c31a4b6ea736d07ce5e5ee109039eec8b No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3645767 Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Owners-Override: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/main@{#80495}	2022-05-12 16:38:03 +00:00
Jakob Kummerow	2f8f536b55	[wasm] Properly reject modules with unknown sections The IsValidSectionCode function shouldn't include internally-used numeric identifiers of well-known optional sections. Fixed: v8:12867 Change-Id: I9d894ee57157455e92a17ddcde94f32f05fb038d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644612 Auto-Submit: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#80494}	2022-05-12 15:08:02 +00:00
Simon Zünd	8278cb5015	[inspector] Re-enable Debugger#restartFrame Doc: https://bit.ly/revive-restart-frame This CL "undeprecates" Debugger#restartFrame and adds a new optional "mode" parameter for back-wards compatibility. Moreover, the return values are all deprecated. They were never actually used in the DevTools frontend and the same information is available from the Debugger#paused event that fires once execution stops at the beginning of the restarted function. The CL also re-baselines all the restart-frame inspector tests that now run successfully. R=bmeurer@chromium.org, kimanh@chromium.org Bug: chromium:1303521 Change-Id: I34bddeb1f2f4ff3dee58dd82e779c111495566f3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616505 Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Kim-Anh Tran <kimanh@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/main@{#80491}	2022-05-12 14:24:58 +00:00
Jakob Kummerow	c875e86df1	[bigint] Convert BigInt property names to decimal Hexadecimal/octal/binary BigInt property names should be converted to decimal, i.e. the following object literals should all be equivalent: var o = {0xF: 1}, p = {0xFn: 1}, q = {15: 1}, r = {15n: 1}. Test case by yangwenming@bytedance.com, uploaded at https://chromium-review.googlesource.com/c/v8/v8/+/3634937 Fixed: v8:10600 Change-Id: Ie1d8a16e95697cd31cbc0784843779c921ce91fa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3642302 Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#80490}	2022-05-12 13:28:02 +00:00
Igor Sheludko	42dbddf0c4	Fix includes in test-api-interceptors.cc Bug: chromium:1310062 Change-Id: Iba231f98ef88df07b24b1c2bc9026a5b8ca18e15 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644228 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#80487}	2022-05-12 13:08:15 +00:00
Andreas Haas	6b57581d24	[wasm] Update spec tests R=thibaudm@chromium.org Bug: v8:12864 Change-Id: Ic8f031eafaeab6e17fa070a8447cd093ebb9adf5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3643656 Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#80486}	2022-05-12 12:34:21 +00:00
Igor Sheludko	8437ed16e3	[runtime] Add interceptors side effects detector This CL introduces SideEffectDetectorScope which requires explicit allowlisting of cases when side effects are allowed after calling interceptor callbacks. Side effects are not allowed when the callback does not intercept the request. The side effects detector is not enabled yet, it will be enabled in a follow-up CL. Bug: chromium:1310062 Change-Id: I805764920ed016cb37390aef7bb02cbdf5f72846 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3641172 Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#80484}	2022-05-12 10:33:10 +00:00
Omer Katz	b415cd7c05	[heap] Extend and rename NewSpace base class NewSpace is renamed to SemiSpaceNewSpace and NewSpaceBase is renamed to NewSpace (the new PagedSpace new space implementation will be named PagedNewSpace). Most usecases are updated to use the base class rather than the concrete semi space based implementation. To that end, the base class is extended with additional virtual methods (for delegating to the concrete class). This CL follows these guidelines: () If at a method callsite we should know the exact new space implementation we use, we cast to the concrete class. This is the case for example for callsites in scavenger.. () If a method is called from outside the heap implementation or should be present regardless of the concrete implementation, that method is made virtual. () Other cases are usually methods that are specific to a concrete implementation but the concrete implementation is not known at the callsite and there's no clear way to nicely abstract the method. In such cases we cast to the concrete SemiSpaceNewSpace implementation for now and we will revisit these cases once PagedNewSpace exists. Bug: v8:12612 Change-Id: I7b85626774ce0d785b0257bf8d32b9f50eeaf292 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3625975 Commit-Queue: Omer Katz <omerkatz@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80482}	2022-05-12 07:17:23 +00:00
Deepti Gandluri	fe443a4e1f	[wasm-simd] Prototype Relaxed Rounding Q-format Multiplication Prototype the instruction on the interpreter, and Arm64. Details of instruction lowerings on all relevant architectures can be found at: https://github.com/WebAssembly/relaxed-simd/issues/40 Bug: v8:12284 Change-Id: Id4cb3889d94cf0bb7169ea068efe5ca68cfcbad9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3636365 Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#80475}	2022-05-11 16:10:32 +00:00
Marja Hölttä	94b4391dab	[web snap] Support inheriting from builtins Side product: enable null as __proto__. Bug: v8:11525,v8:12820 Change-Id: I2b9508d0f3563d9000ddede24e7684aab18c2b5e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3637791 Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#80474}	2022-05-11 14:54:43 +00:00
Seth Brenith	2507217839	Improve Script reuse in isolate compilation cache, part 1 Once the root SharedFunctionInfo for any Script gets its bytecode flushed, the Isolate's compilation cache currently evicts that entry, to reduce memory usage. However, the associated Script is likely still alive, since scripts often declare functions which outlive the initial evaluation of the script. If an identical script is loaded later, a duplicate Script is created for it, which can waste memory. In this change, I propose that the compilation cache keys can refer weakly to the Script. When the root SharedFunctionInfo gets old, instead of deleting the cache entry entirely, we can just drop the strong reference to the SharedFunctionInfo. A subsequent lookup in the cache will retrieve the Script instead of the root SharedFunctionInfo, indicating an opportunity to save some memory by reusing the existing Script. Eventually, all callers to CompilationCache::LookupScript should reuse the Script if possible. This change implements only the easy case of reusing the Script for synchronous parsing. Follow-up changes will be required for the TODO comments left by this change. Bug: v8:12808 Change-Id: Ia8b0389441a682de9a43e73329049fd2e7835d3d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3597106 Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80472}	2022-05-11 14:27:43 +00:00
Jakob Kummerow	8fbefa4797	[wasm-gc] Experiment: ref.cast_nop_static This adds a non-standard, unsafe instruction for performance experiments: ref.cast_nop_static behaves like ref.cast_static as far as static types are concerned, but emits no code. Bug: v8:7748 Change-Id: Ic5797a941146a06d7c6ff249d8e29919145d8ea1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3639206 Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#80471}	2022-05-11 13:19:12 +00:00
Igor Sheludko	a62c040451	[rwx][mac] Fix component build The issue is that a thread_local variable used in RwxMemoryWriteScope can't be directly accessed from another component, so the workaround is to avoid inlining accesses the variable into other components. Bug: v8:12797, chromium:1324333 Change-Id: I0f83358ac0c663c92ef7b3dff54a068472d61aed Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3641169 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Auto-Submit: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#80470}	2022-05-11 12:33:52 +00:00
Nico Hartmann	338c12b3af	[turbofan] Fix length accessor for RAB/GSAB in compiled code Bug: v8:11111, chromium:1307340 Change-Id: I7c68d4985c080bf5c595a4ae3360fc924b1bdefb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3627595 Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#80452}	2022-05-10 15:34:25 +00:00
jameslahm	abe1b97dd2	[web snapshot] Add support for sparse array This CL adds the array type flag to distinguish between sparse array and dense array and adds serialization and deserialization for sparse array. Bug: v8:11525 Change-Id: Ia302af017d6f52924256a2b3fa9e3d2b34caa442 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3629739 Commit-Queue: 王澳 <wangao.james@bytedance.com> Reviewed-by: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#80449}	2022-05-10 12:40:58 +00:00
Marja Hölttä	395350c064	[web snap] Fix: allow empty objects to have non-trivial prototypes Bug: v8:11525 Change-Id: I226ba870cee7df20a7960defb0c03607d64e27b0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3634962 Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#80445}	2022-05-10 10:29:16 +00:00
Igor Sheludko	7beb93cdff	[rwx][mac] Fix jitless mode In some cases we were still trying to change permissions of RWX pages which is not allowed. Bug: v8:12797 Change-Id: I9f4ca319d842c524fc6f60bfd3bb3726f8d3029d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3635719 Auto-Submit: Igor Sheludko <ishell@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80442}	2022-05-10 09:00:23 +00:00
Frank Tang	1f09e46859	[Temporal] Change Parser from Maybe to Optional Bug: v8:11544 Change-Id: I16b1fb2cb4f6f4104b2f972a06b8fe0798ac6835 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3632675 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80435}	2022-05-10 05:31:24 +00:00
Frank Tang	988aa5139f	[Temporal] Sync w/ PR2028 Sync to spec changes in PR2028 Consistently call observable operations with undefined options https://github.com/tc39/proposal-temporal/pull/2028 Bug: v8:11544 Change-Id: I850761e76ba1bb33f6c3b655a71163d1b68bb4c8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3633618 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80433}	2022-05-09 23:09:34 +00:00
Deepti Gandluri	e6b50eb017	[wasm-simd] Update new relaxed SIMD opcodes Add new opcode numbers for relaxed-simd opcodes as in: https://github.com/WebAssembly/relaxed-simd/pull/61, and updates for decoded opcodes larger than two bytes. Bug: v8:12284 Change-Id: I0bff22812243a39599bfeee3c0bc69171dd3c7d2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3625835 Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/main@{#80432}	2022-05-09 22:47:24 +00:00
Marja Hölttä	ce488c0156	Reland: [web snapshot] Recognize builtins Builtins are not snapshotted, but instead we insert "builtin wrappers" into the snapshot, and create references to the corresponding builtin when deserializing. Subclassing builtins will be implemented in a follow-up CL. First version: https://chromium-review.googlesource.com/c/v8/v8/+/3630080 Fix: initialize builtin_objects_handle_ Bug: v8:11525,v8:12820 Change-Id: Ia2b5d41af5d7f577f1b02356b22a8760963009e4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3635718 Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#80430}	2022-05-09 16:41:25 +00:00
henrika	fee2336535	[api] Adds script column number to code-creation events in CodeEventLogger Bug: v8:11043 Change-Id: I8cbdd8a5f68bdadbe7fc44414c6d46cdd57e6802 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3627512 Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Henrik Andreasson <henrika@chromium.org> Cr-Commit-Position: refs/heads/main@{#80429}	2022-05-09 14:29:24 +00:00
Peter Kasting	190fda57ee	Remove "volatile" on arguments where deprecated in C++20. Many uses of "volatile" are deprecated in C++20 because they don't actually do anything. Remove "volatile" in these cases. Bug: chromium:1284275 Change-Id: I64a3989d73f25e0cd933375dd6fa0b3f2b3acb54 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3630343 Auto-Submit: Peter Kasting <pkasting@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#80428}	2022-05-09 14:15:44 +00:00
Camillo Bruni	d60d36a89f	[log] Use v8_file_logger variable names more consistently In preparation of renaming i::CodeEventDispatcher to i::Logger Bug: v8:12795, chromium:1316443 Change-Id: I28e129130852d41cf5e464e083bc27cff97a0fff Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3623543 Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80427}	2022-05-09 13:58:24 +00:00
jameslahm	9e3f20b225	[test] Move cctest/test-log to unittests/logging/log-unittest This is a reland of https://chromium-review.googlesource.com/c/v8/v8/+/3607389. The previous revert is https://chromium-review.googlesource.com/c/v8/v8/+/3610448. Reason for revert: https://crbug.com/v8/12838. The original CL has merge conflicts and cannot be relanded, so this CL is newly opened. This CL moves cctest/test-log to unittests/logging/log-unittest , fixes the flaky tests in https://bugs.chromium.org/p/v8/issues/detail?id=12838 and updates the unittests status for log-unittest. Flaky Tests: - https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20stress-incremental-marking/7287/overview - flaky LogTest.Issue539892 is caused by in stress-incremental-marking mode, Heap::MarkCompact will trigger CodeMovingGCEvent in https://source.chromium.org/chromium/chromium/src/+/main:v8/src/heap/heap.cc;l=2586;drc=52f06e6b43ff95eccf79e0a5df8d4d83c029130a for FakeCodeEventLogger which was already destructed when Heap::PerformGarbageCollection task was handled in DefaultPlatform::PumpMessageLoop. This should be fixed by removing FakeCodeEventLogger in LogTest.Issue539892. - flaky LogTest.LogAccessorCallbacks is caused by the data race in Sampler::DoSample. This should be fixed in https://chromium- review.googlesource.com/c/v8/v8/+/3616429. -https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN/41327/overview - flaky LogTest.ExternalLogEventListenerWithInterpretedFramesNativeStack is caused by the data race of i::FLAG_* which were written again after setting up the isolate. This should be fixed by only writting i::FLAG_* before setting up the Isolate. - https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64/47277/overview - flaky LogTest.BuiltinsNotLoggedAsLazyCompile is caused by the data race in Sampler::DoSample. This should be fixed in https://chromium- review.googlesource.com/c/v8/v8/+/3616429. Bug: v8:12781 Change-Id: I3f736d4ffb3b8f147006bebe92285684b0c3952a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616424 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80423}	2022-05-09 12:31:45 +00:00
Clemens Backes	d48558e6b7	Revert "[web snapshot] Recognize builtins" This reverts commit `71dbb03e21`. Reason for revert: gc-stress failures: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20gc%20stress/38357 Original change's description: > [web snapshot] Recognize builtins > > Builtins are not snapshotted, but instead we insert "builtin wrappers" > into the snapshot, and create references to the corresponding builtin > when deserializing. > > Subclassing builtins will be implemented in a follow-up CL. > > Bug: v8:11525,v8:12820 > Change-Id: If72695d46bdfc8bf7e477471be1264b668551854 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3630080 > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Commit-Queue: Marja Hölttä <marja@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80419} Bug: v8:11525,v8:12820 Change-Id: I49f65103ad7b367c5bccb498f698e9afb29b1fec No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3634799 Auto-Submit: Clemens Backes <clemensb@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Owners-Override: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#80422}	2022-05-09 12:25:24 +00:00
Marja Hölttä	71dbb03e21	[web snapshot] Recognize builtins Builtins are not snapshotted, but instead we insert "builtin wrappers" into the snapshot, and create references to the corresponding builtin when deserializing. Subclassing builtins will be implemented in a follow-up CL. Bug: v8:11525,v8:12820 Change-Id: If72695d46bdfc8bf7e477471be1264b668551854 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3630080 Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#80419}	2022-05-09 10:45:44 +00:00
Anton Bikineev	070b5f309f	cppgc: young-gen: Return range size for AgeTable to 4KB Allocation granularity (8 bytes on 64bit platforms) is already subsumed by whatever range size we choose. Bug: chromium:1029379 Change-Id: Iab95e6f36955c9ffbbe9ea0c98cb9d1f8dd0337b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3629869 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Auto-Submit: Anton Bikineev <bikineev@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80415}	2022-05-09 08:42:44 +00:00
Frank Tang	d36c7f1f8a	[Temporal] Add TimeZone.prototype.getPossibleInstantsFor Also add the basic version of GetIANATimeZoneEpochValue AO which only implement UTC. Verison to support other TimeZone will come later w/ intl work which depends on ICU. Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.timezone.prototype.getpossibleinstantsfor https://tc39.es/proposal-temporal/#sec-temporal-getianatimezoneepochvalue Bug: v8:11544 Change-Id: Ib603530d1c70f7a2b85691860a815d44b48eece2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3624980 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80406}	2022-05-07 00:25:33 +00:00
Frank Tang	187ecb8b72	Reland "[Temporal] Add TimeZone getTransition and getPlainDateTimeFor" This is a reland of commit `4251c285e6` Change the test262.status by moving test which passing on no_i18n but not on ALWAYS: 1) Change the [FAIL] of that test in the ALWAYS section to [SKIP]. 2) Add the same test the no_i18n section as [PASS] Original change's description: > [Temporal] Add TimeZone getTransition and getPlainDateTimeFor > > Also add non-intl (only support UTC) version of AO: > GetIANATimeZoneNextTransition, GetIANATimeZonePreviousTransition > (support of other timezone in Intl will come later) > > Spec Text: > https://tc39.es/proposal-temporal/#sec-temporal.timezone.prototype.getplaindatetimefor > https://tc39.es/proposal-temporal/#sec-temporal.timezone.prototype.getnexttransition > https://tc39.es/proposal-temporal/#sec-temporal.timezone.prototype.getprevioustransition > https://tc39.es/proposal-temporal/#sec-temporal-getianatimezonenexttransition > https://tc39.es/proposal-temporal/#sec-temporal-getianatimezoneprevioustransition > > > Bug: v8:11544 > Change-Id: I17d5a60638dcd8543e5d9f22c6560b311f2f402a > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3534450 > Commit-Queue: Frank Tang <ftang@chromium.org> > Reviewed-by: Adam Klein <adamk@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80383} Bug: v8:11544 Change-Id: Ieddadbc9d0708bda24f88dd2083b0dbe7dc1b9f3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3632607 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80405}	2022-05-06 20:30:53 +00:00
Thibaud Michaud	bd22e3bec0	[wasm-relaxed-simd] Add relaxed laneselect in Liftoff on ia32/x64 R=clemensb@chromium.org CC=gdeepti@chromium.org Bug: v8:12284 Change-Id: Ied63b2c7b57210f2cf2e1580520405ce1be5dc33 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3625979 Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#80400}	2022-05-06 15:51:42 +00:00
Frank Tang	9ae5bfa5b9	Reland "[Temporal] Add Calendar.prototype.yearMonthFromFields" This is a reland of commit `2b140a9f96` Original change's description: > [Temporal] Add Calendar.prototype.yearMonthFromFields > > Add AO: IsValidISOMonth, RegulateISOYearMonth, ISOYearMonthFromFields > Spec Text: > https://tc39.es/proposal-temporal/#sec-temporal-isvalidisomonth > https://tc39.es/proposal-temporal/#sec-temporal-regulateisoyearmonth > https://tc39.es/proposal-temporal/#sec-temporal-isoyearmonthfromfields > https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.yearmonthfromfields > > > Bug: v8:11544 > Change-Id: I1baadbbe54fb0c3fd45750eddb13b790465c3a3b > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3408773 > Commit-Queue: Frank Tang <ftang@chromium.org> > Reviewed-by: Adam Klein <adamk@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80384} Bug: v8:11544 Change-Id: Ic5831c7094cd235526d93010cd722110f2951d77 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3631706 Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80399}	2022-05-06 15:01:23 +00:00
Peter Kasting	cb222018a3	Avoid math with disparate enums. This is deprecated in C++20. Use constexprs and explicit casts to work around. Bug: chromium:1284275 Change-Id: I6a3974f3c678cb797081938622036a12a99c5d1b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3630349 Auto-Submit: Peter Kasting <pkasting@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#80392}	2022-05-06 08:36:19 +00:00
Michael Lippautz	08348dba4e	[api] Rework heap snapshot exposing internals - Repurpose flag `treat_global_objects_as_roots` when taking a heap snapshot for toggling whether internals should be exposed (to `hide_internals`). - Use the toggle in creating heap snapshots for exposing class names as object names for C++ objects that have not explicitly been given a name. Change-Id: I77d71babfdfe53269964fe81ed985037a431c28b Bug: chromium:1321620 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3623740 Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80391}	2022-05-06 08:10:40 +00:00
nedenwang	3c7b563e28	Fix typos, shit_right -> shift_right Change-Id: I88a1bbddc7604fc5e557ae875ca196cf9c46574c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3626453 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Auto-Submit: Neden Wang <nedenwang@tencent.com> Cr-Commit-Position: refs/heads/main@{#80390}	2022-05-06 07:51:55 +00:00
Michael Achenbach	9b3bd2c81a	Revert "[Temporal] Add TimeZone getTransition and getPlainDateTimeFor" This reverts commit `4251c285e6`. Reason for revert: Fails on CI bots: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux/46503/overview Original change's description: > [Temporal] Add TimeZone getTransition and getPlainDateTimeFor > > Also add non-intl (only support UTC) version of AO: > GetIANATimeZoneNextTransition, GetIANATimeZonePreviousTransition > (support of other timezone in Intl will come later) > > Spec Text: > https://tc39.es/proposal-temporal/#sec-temporal.timezone.prototype.getplaindatetimefor > https://tc39.es/proposal-temporal/#sec-temporal.timezone.prototype.getnexttransition > https://tc39.es/proposal-temporal/#sec-temporal.timezone.prototype.getprevioustransition > https://tc39.es/proposal-temporal/#sec-temporal-getianatimezonenexttransition > https://tc39.es/proposal-temporal/#sec-temporal-getianatimezoneprevioustransition > > > Bug: v8:11544 > Change-Id: I17d5a60638dcd8543e5d9f22c6560b311f2f402a > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3534450 > Commit-Queue: Frank Tang <ftang@chromium.org> > Reviewed-by: Adam Klein <adamk@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80383} Bug: v8:11544 Change-Id: Icfbb643578ac028b06aa07c3ac6bbce030f49390 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3630079 Auto-Submit: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80386}	2022-05-06 06:13:12 +00:00
Michael Achenbach	4dc48c7841	Revert "[Temporal] Add Calendar.prototype.yearMonthFromFields" This reverts commit `2b140a9f96`. Reason for revert: Need to revert parent CL. Original change's description: > [Temporal] Add Calendar.prototype.yearMonthFromFields > > Add AO: IsValidISOMonth, RegulateISOYearMonth, ISOYearMonthFromFields > Spec Text: > https://tc39.es/proposal-temporal/#sec-temporal-isvalidisomonth > https://tc39.es/proposal-temporal/#sec-temporal-regulateisoyearmonth > https://tc39.es/proposal-temporal/#sec-temporal-isoyearmonthfromfields > https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.yearmonthfromfields > > > Bug: v8:11544 > Change-Id: I1baadbbe54fb0c3fd45750eddb13b790465c3a3b > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3408773 > Commit-Queue: Frank Tang <ftang@chromium.org> > Reviewed-by: Adam Klein <adamk@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80384} Bug: v8:11544 Change-Id: I1d93a25ee36b08d7a0bc86937d5b0a18ab6cdf86 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3632098 Auto-Submit: Michael Achenbach <machenbach@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80385}	2022-05-06 06:12:10 +00:00
Frank Tang	2b140a9f96	[Temporal] Add Calendar.prototype.yearMonthFromFields Add AO: IsValidISOMonth, RegulateISOYearMonth, ISOYearMonthFromFields Spec Text: https://tc39.es/proposal-temporal/#sec-temporal-isvalidisomonth https://tc39.es/proposal-temporal/#sec-temporal-regulateisoyearmonth https://tc39.es/proposal-temporal/#sec-temporal-isoyearmonthfromfields https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.yearmonthfromfields Bug: v8:11544 Change-Id: I1baadbbe54fb0c3fd45750eddb13b790465c3a3b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3408773 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80384}	2022-05-06 00:30:29 +00:00
Frank Tang	4251c285e6	[Temporal] Add TimeZone get*Transition and getPlainDateTimeFor Also add non-intl (only support UTC) version of AO: GetIANATimeZoneNextTransition, GetIANATimeZonePreviousTransition (support of other timezone in Intl will come later) Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.timezone.prototype.getplaindatetimefor https://tc39.es/proposal-temporal/#sec-temporal.timezone.prototype.getnexttransition https://tc39.es/proposal-temporal/#sec-temporal.timezone.prototype.getprevioustransition https://tc39.es/proposal-temporal/#sec-temporal-getianatimezonenexttransition https://tc39.es/proposal-temporal/#sec-temporal-getianatimezoneprevioustransition Bug: v8:11544 Change-Id: I17d5a60638dcd8543e5d9f22c6560b311f2f402a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3534450 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80383}	2022-05-06 00:29:09 +00:00
Peter Kasting	b7345d4108	Avoid u8"", just use "". In C++20, u8"" generates a const char8_t, not a const char. Since "" accepts UTF-8 already, just switch to it. Bug: chromium:1284275 Change-Id: I873321a62a4d9e32b3b463913a3bc10231db3db3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3630347 Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Auto-Submit: Peter Kasting <pkasting@chromium.org> Commit-Queue: Peter Kasting <pkasting@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/main@{#80382}	2022-05-05 21:59:30 +00:00
Frank Tang	3f10a72c2f	[Temporal] Use MAYBE_ASSIGN_RETURN_ON_EXCEPTION_VALUE 1. Move the use of MAYBE_RETURN to MAYBE_ASSIGN_RETURN_ON_EXCEPTION_VALUE if possible. 2. Remove some MYABE_RETURN in the wrong spot and therefore fix some tests. 3. Change Intl::GetTimeZoneIndex() to return Maybe<int32_t> as index and use < 0 value to indicate not getting index to make the function signature simpler. Bug: v8:11544 Change-Id: I685cbff142e9dea69ef316a1bc180730aef5aec8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3625839 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80379}	2022-05-05 18:29:29 +00:00
Peter Kasting	a7f4ca5fd0	Place bit_cast<>() in the v8::base:: namespace. This prevents ambiguity errors in C++20 due to ADL when casting types in std::, which gains std::bit_cast<>(). Bug: chromium:1284275 Change-Id: I25046d1952a9304852e481ad8b84049c6769c289 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3625838 Auto-Submit: Peter Kasting <pkasting@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80378}	2022-05-05 17:56:39 +00:00
Al Muthanna Athamina	9694663248	Skip failing tests due to stress-concurrent-inlining flag NOTRY=true Bug: v8:12842 Change-Id: If3cac473407fc60523de5924170b7c3b99074d54 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3629546 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Auto-Submit: Almothana Athamneh <almuthanna@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#80375}	2022-05-05 14:36:58 +00:00
jameslahm	e43cfdd800	Reland "[web snapshot] Add support for object with dictionary mode" This is a reland of commit `507fa4d7f5` This CL moves the NewJSObjectFromMap after deserializing object properties with dictionary map and fixes the DCHECK failure in JSReceiver::HasFastProperties when triggering GC. Original change's description: > [web snapshot] Add support for object with dictionary mode > > This CL adds the serialization support for object properties > with dictionary map. Shape id is used to distinguish between if the object has dictionary map. And add TODO to support “no map objects” which can have fast map and “objects with map” which needs to be turned to dictionary mode. > > Bug: v8:11525 > Change-Id: If3eb4195115a41d4a3f6cc7372924b982ca96fc1 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3621593 > Commit-Queue: 王澳 <wangao.james@bytedance.com> > Reviewed-by: Marja Hölttä <marja@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80366} Bug: v8:11525 Change-Id: I88422d698aa03fb7d3b21b5709eec2d0cf306256 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3629738 Commit-Queue: 王澳 <wangao.james@bytedance.com> Reviewed-by: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#80374}	2022-05-05 14:33:09 +00:00
Caitlin Potter	190128ce7c	[js-perf-test] add microbenchmarks for (Object\|Reflect).getOwnPropertyDescriptor Based on the robust test suite for checking property "has/in" queries, with the intention of measuring the performance of accessing getOwnPropertyDescriptor. Background: getOwnPropertyDescriptor and defineProperty were identified as hot code taking up a significant chunk of startup time in a customer application. This benchmark aims to measure the difference made by a modifying Object.getOwnPropertyDescriptor. By current measurements, the geometric mean time of the new version is typically 1/6 that of the current upstream implementation, using this test specifically (however, only on arm64 / Apple M1... On Linux/x64, the results look more reasonable at a roughly 5-12% improvement in score). In its current form, this benchmark does very little to attempt to verify the results of the object, which may result in branches being discarded in Turbofan (but given the enormous difference between x64 and arm64, I'm not positive this is what is happening, and have not yet verified this). BUG= Change-Id: I0f10735315313ed97efd00fcccaedc1272d4d314 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3624979 Commit-Queue: Caitlin Potter <caitp@igalia.com> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#80373}	2022-05-05 14:15:55 +00:00
Al Muthanna Athamina	82339990dc	Move skipped tests on Numfuzz to a separate section to reduce duplication NOTRY=true Bug: v8:12826 Change-Id: Ibe1bad5837221903a7a47af7f2cc49963952a67e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3629335 Reviewed-by: Michael Achenbach <machenbach@chromium.org> Auto-Submit: Almothana Athamneh <almuthanna@chromium.org> Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> Cr-Commit-Position: refs/heads/main@{#80372}	2022-05-05 13:35:49 +00:00
Leszek Swirski	dc92fe0931	[maglev] Fix result regalloc clobbering inputs Consider the following * A ValueNode has inputs A and B * Input A has later uses, input B doesn't * The ValueNode's result must be in the same register as A It can then happen that UpdateUses frees B, and the result allocation emits a gap move from A's register to B's old register (now free) to preserve the value of A when the ValueNode writes into its register. This gap move is emmitted before the ValueNode start, which means that it clobbers B. Now, UpdateUses only clears registers _after_ node result allocation, so that the known free registers are still the ones before updating uses. Done naively, this would have bad consequences -- in the case where A has no later uses, it would still force the regalloc to save its value thinking that it is still live. So, this patch also introduces a concept of "AllocationStage" where we're either allocating at the start or end of a Node. Inputs are allocated at the start, results at the end. When walking registers during an allocation, nodes whose lifetimes end at the current node are considered to be dead at the "end" allocation stage, and we are allowed to a) use their registers, and b) drop them without preserving their value. Bug: v8:7700 Change-Id: I5ca764ed04b12269f189577e81eb7e2a27cd1b09 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3625978 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#80371}	2022-05-05 13:07:16 +00:00
Al Muthanna Athamina	c56edd3eba	Skip mjsunit/turboshaft/simple on numfuzz until flake is solved NOTRY=true Bug: v8:12826 Change-Id: I08be2980f92c69504290bb6152e48595e6a6c9aa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3629540 Auto-Submit: Almothana Athamneh <almuthanna@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#80369}	2022-05-05 12:34:33 +00:00
Nico Hartmann	f479b0163f	Revert "[web snapshot] Add support for object with dictionary mode" This reverts commit `507fa4d7f5`. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20gc%20stress/38308/overview Original change's description: > [web snapshot] Add support for object with dictionary mode > > This CL adds the serialization support for object properties > with dictionary map. Shape id is used to distinguish between if the object has dictionary map. And add TODO to support “no map objects” which can have fast map and “objects with map” which needs to be turned to dictionary mode. > > Bug: v8:11525 > Change-Id: If3eb4195115a41d4a3f6cc7372924b982ca96fc1 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3621593 > Commit-Queue: 王澳 <wangao.james@bytedance.com> > Reviewed-by: Marja Hölttä <marja@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80366} Bug: v8:11525 Change-Id: I0d236a9937a5942b387553a61991716321b063e6 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3629541 Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Owners-Override: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#80368}	2022-05-05 12:33:29 +00:00
jameslahm	507fa4d7f5	[web snapshot] Add support for object with dictionary mode This CL adds the serialization support for object properties with dictionary map. Shape id is used to distinguish between if the object has dictionary map. And add TODO to support “no map objects” which can have fast map and “objects with map” which needs to be turned to dictionary mode. Bug: v8:11525 Change-Id: If3eb4195115a41d4a3f6cc7372924b982ca96fc1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3621593 Commit-Queue: 王澳 <wangao.james@bytedance.com> Reviewed-by: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#80366}	2022-05-05 11:33:48 +00:00
Nikolaos Papaspyrou	579cf96cee	heap: Clean up conservative stack scanning prototype This CL cleans up the existing experimental implementation of conservative stack scanning. It retains the object start bitmap, to evaluate it as a mechanism for resolving inner pointers, and the conservative stack scanning visitor (which is currently not used). The flag v8_enable_conservative_stack_scanning is kept and will be used for experimental purposes. It currently does not imply any other flag. Bug: v8:10614 Bug: v8:12851 Change-Id: Id0ae0f437ed2601eed9ec634d2d1dd2f030d814e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602516 Reviewed-by: Omer Katz <omerkatz@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Jakob Linke <jgruber@chromium.org> Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org> Cr-Commit-Position: refs/heads/main@{#80365}	2022-05-05 10:52:19 +00:00
Frank Tang	c8c0632388	[Temporal] Add Calendar.prototype.dateAdd Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.dateadd is not yet implemented. Note: The intl version stated in https: //tc39.es/proposal-temporal/#sup-temporal.calendar.prototype.dateadd Bug: v8:11544 Change-Id: Id7fd043d234f559c0e03bdf3f0f31d8bc91da27f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3609208 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80364}	2022-05-05 07:29:30 +00:00
Frank Tang	904b372be3	[Temporal] (Calendar\|TimeZone).prototype.toJSON Also change the macro to pass method name directly to CHECK_RECEIVER() Remove MACROs which has up to only two usage. Sync with changes in https://github.com/tc39/proposal-temporal/pull/1693 Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.tojson https://tc39.es/proposal-temporal/#sec-temporal.timezone.prototype.tojson Bug: v8:11544 Change-Id: I31f4ef6f725462da885893f1266d30590098b031 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3438378 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80363}	2022-05-05 06:02:39 +00:00
Frank Tang	bf54cc83a5	[Temporal] Add monthDayFromFields to Calendar Add AO: ISOMonthDayFromFields Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.monthdayfromfields https://tc39.es/proposal-temporal/#sec-temporal-isomonthdayfromfields Bug: v8:11544 Change-Id: I8a04a8e61af8abdb902de33efbf5635b8e8300aa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3408576 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80360}	2022-05-04 23:02:58 +00:00
Frank Tang	10bbb38fed	[Temporal] Add Temporal.Calendar.prototype.month Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.month Note- this is only the non-intl version. intl version in https://tc39.es/proposal-temporal/#sup-temporal.calendar.prototype.month will be implemented in later cl. Bug: v8:11544 Change-Id: Ibbbb00faa0bdb4d49784cd9aae69fb779d95f924 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3531554 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80359}	2022-05-04 21:35:58 +00:00
Dominik Inführ	7840320f53	Revert "Reland^2: [heap] Store size with invalidated object" This reverts commit `2b79eefed3`. Reason for revert: Speculative revert because of https://crbug.com/1322305 Original change's description: > Reland^2: [heap] Store size with invalidated object > > This is a reland of commit `23b2d571a7` > > When updating pointers during a full GC, a page might not be swept > already. In such cases there might be invalid objects and slots > recorded in free memory. Updating tagged slots in free memory is fine > even though not strictly necessary. > > However, the GC also needs to calculate the size of potentially dead > invalid objects in order to be able to check whether a slot is within > that object. But since that object is dead, its map might be dead as > well which makes size calculation impossible on such objects. The CL > changes this to cache the size of invalid objects. A follow-up CL will > also check the marking bit of invalid objects. > > Reason for reverts: > > Revert #2: In-object slack tracking on JSObjects doesn't update the > cached size of invalidated objects. The fix here was to stop > invalidating recorded slots on JSObjects at all and avoid that problem > completely (see https://crrev.com/c/3620274). > > Revert #1: Not all size changes go through NotifyObjectLayoutChange, so > https://crrev.com/c/3607992 introduced NotifyObjectSizeChange as a > bottleneck for object size changes/right-trimming. This method is > now used to update the size of invalidated objects. > > Bug: v8:12578, chromium:1316289 > Change-Id: I0478d04601c0270ddb39419ca6cf98719951eb4d > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3623542 > Reviewed-by: Jakob Linke <jgruber@chromium.org> > Reviewed-by: Patrick Thier <pthier@chromium.org> > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80344} Bug: v8:12578, chromium:1316289 Change-Id: I6dd2dd13583123b9cb7933b15e2113fddc0c0b0b No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3627511 Owners-Override: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80357}	2022-05-04 13:32:38 +00:00
Anton Bikineev	7e8b4bb645	cppgc: young-gen: Fix gcc build failure Old gcc versions (< gcc-8) have problems with parameter packs in capture-lists wrapped in fold-expressions. Bug: chromium:1029379 Change-Id: I0c0ee7caa2d750f551e93fdfeb2667328bee4acb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3627594 Commit-Queue: Anton Bikineev <bikineev@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Anton Bikineev <bikineev@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80356}	2022-05-04 13:15:38 +00:00
Michael Lippautz	e9244f379c	cppgc: Fix official build Bug: chromium:1322318 Change-Id: Id3899a493eb1519e2f7498dcad1e607cc2b6a5db Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3627509 Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80353}	2022-05-04 08:34:38 +00:00
Frank Tang	2dd3cc3054	[Temporal] Add TimeZone.prototype.getInstantFor Spec Text: https://tc39.es/proposal-temporal/#sec-temporal-totemporaldatetime https://tc39.es/proposal-temporal/#sec-temporal-totemporaldisambiguation Bug: v8:11544 Change-Id: Ibb38f807386c4e213bfd2bb568911a96a17cf1be Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3623196 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80350}	2022-05-04 00:00:37 +00:00
Shu-yu Guo	dd3289d794	[weakrefs] Set unregister_token to undefined when unregistering Bug: chromium:1321078 Change-Id: I426327ffc3d7eebdb562c01a87039a93dfb79a88 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620836 Commit-Queue: Shu-yu Guo <syg@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80349}	2022-05-03 21:09:47 +00:00
Frank Tang	08a5a57311	[Temporal] Add Temporal.Calendar.prototype.monthCode Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.monthcode Note- this is only the non-intl version. intl version in https://tc39.es/proposal-temporal/#sup-temporal.calendar.prototype.monthcode will be implemented in later cl. Bug: v8:11544 Change-Id: I52dfc1bda6d2ed8c0aba735c64d7ae8227844ed1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3531555 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80348}	2022-05-03 21:07:47 +00:00
Frank Tang	97122a4838	[Temporal] Add Temporal.Calendar.prototype.day Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.day Note- this is only the non-intl version. intl version in https://tc39.es/proposal-temporal/#sup-temporal.calendar.prototype.day will be implemented in later cl. Bug: v8:11544 Change-Id: If56182cf65b3b8cc91ed843f0e20edeb6a065954 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3531556 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80347}	2022-05-03 19:58:20 +00:00
Frank Tang	e86bde3dfa	Revert "[test] Skip flaking test" This reverts commit `0a5fcd8a78`. Reason for revert: reenable TSAN test after moving best_fit out from stage Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_isolates_rel_ng,v8_linux64_tsan_no_cm_rel_ng,v8_linux64_tsan_rel_ng,v8_numfuzz_tsan_ng;luci.chromium.try:linux_chromium_tsan_rel_ng,linux_chromium_tsan_rel_ng-compilator Original change's description: > [test] Skip flaking test > > Bug: v8:12697 > Change-Id: I124f2f0fd3c98d6a5233a0e2a8236a2b15d791fd > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3532261 > Auto-Submit: Manos Koukoutos <manoskouk@chromium.org> > Reviewed-by: Victor Gomes <victorgomes@chromium.org> > Commit-Queue: Victor Gomes <victorgomes@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79518} Bug: v8:12697 Change-Id: I53d109674ecd938d8be915099c412d174600edfc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3624464 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80346}	2022-05-03 19:16:37 +00:00
Dominik Inführ	2b79eefed3	Reland^2: [heap] Store size with invalidated object This is a reland of commit `23b2d571a7` When updating pointers during a full GC, a page might not be swept already. In such cases there might be invalid objects and slots recorded in free memory. Updating tagged slots in free memory is fine even though not strictly necessary. However, the GC also needs to calculate the size of potentially dead invalid objects in order to be able to check whether a slot is within that object. But since that object is dead, its map might be dead as well which makes size calculation impossible on such objects. The CL changes this to cache the size of invalid objects. A follow-up CL will also check the marking bit of invalid objects. Reason for reverts: Revert #2: In-object slack tracking on JSObjects doesn't update the cached size of invalidated objects. The fix here was to stop invalidating recorded slots on JSObjects at all and avoid that problem completely (see https://crrev.com/c/3620274). Revert #1: Not all size changes go through NotifyObjectLayoutChange, so https://crrev.com/c/3607992 introduced NotifyObjectSizeChange as a bottleneck for object size changes/right-trimming. This method is now used to update the size of invalidated objects. Bug: v8:12578, chromium:1316289 Change-Id: I0478d04601c0270ddb39419ca6cf98719951eb4d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3623542 Reviewed-by: Jakob Linke <jgruber@chromium.org> Reviewed-by: Patrick Thier <pthier@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80344}	2022-05-03 14:36:28 +00:00
Marja Hölttä	80d8f0c06e	[web snap] Support Symbols as property keys Bug: v8:11525,v8:12820 Change-Id: I58bde48322c89bf33f3b28080659387a3c14de91 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620277 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80341}	2022-05-03 12:54:37 +00:00
Danil Somsikov	c42e620355	Distinguish untrusted clients in v8 inspector and disable Profiler, HeapProfiler and Schema CDP domains for them. Bug: chromium:1313437 Change-Id: I7544c64acb4bc368392ba5f6a87ed62176828304 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616517 Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Danil Somsikov <dsv@chromium.org> Cr-Commit-Position: refs/heads/main@{#80340}	2022-05-03 12:38:17 +00:00
Marja Hölttä	d762376714	[rab/gsab] Skip a test in predictable mode No-Try: true Bug: v8:12847, v8:11111 Change-Id: Id0c2749970333b82650b33c9cddcb028ac03709c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3623541 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#80339}	2022-05-03 12:31:57 +00:00
Michael Lippautz	b0fbe1aff3	cppgc: Allow overriding heap object name at runtime Before this CL, the heap object name of unnamed objects(those not inheriting from NameProvider) would be solely determined by whether the build-time configuration cppgc_enable_object_names is enabled. This patch adds a way to override that value at runtime. This is useful for preserving default behavior with custom builds but at the same time allow them to still enable the feature. Bug: chromium:1321620 Change-Id: I3aa06db15e58d9ba9773be6797572f17f007e9ee Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620279 Reviewed-by: Anton Bikineev <bikineev@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80338}	2022-05-03 12:19:57 +00:00
Camillo Bruni	e3e8ea5d65	[flags] Rename --opt to --turbofan To be consistent with the all the other tiers and avoid confusion, we rename --opt to ---turbofan, and --always-opt to --always-turbofan. Change-Id: Ie23dc8282b3fb4cf2fbf73b6c3d5264de5d09718 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3610431 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#80336}	2022-05-03 12:10:30 +00:00
Anton Bikineev	99e90c55f4	cppgc: young-gen: Fix ubsan failures in minor gc tests This fixes: runtime error: upcast of misaligned address 0x000000000001 for type 'cppgc::internal::(anonymous namespace)::SimpleGCed<64>', which requires 8 byte alignment Bug: chromium:1029379 Change-Id: Id03ce022e72fc07a18c171d4cf5e42f50cb684f1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3622918 Auto-Submit: Anton Bikineev <bikineev@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80332}	2022-05-03 11:04:07 +00:00
Marja Hölttä	1ac6b3a662	Reland: [web snap] Support Symbols Fix: copy-paste error in raw ptr GC update function. Bug: v8:11525 Change-Id: I915ae92191b2add60962395a2d0ad28f57e02fd4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3622915 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80328}	2022-05-03 09:03:39 +00:00
Camillo Bruni	35fc0c17c9	[snapshot][api] Expose the snapshot checksum as crash key Due to the consistent overhead of snapshot checksum verification we ideally want to avoid it all-together. However there are still enough devices out there that suffer from corrupted snapshots that might cause hard to debug heap corruptions. This CL exposes the calculated (dummy value for now) and the expected snapshot checksum as a crash key, so it can be easily consulted during investigation. Note: The calculated crash key contains 0x0 for now as a dummy value. We will come up with a strategy later-on to limit the overhead of calculating the checksum. Bug: v8:12195 Change-Id: I6da6d74c035cb6f9b0edae212a36e6c41c048a5b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605813 Reviewed-by: Jakob Linke <jgruber@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80325}	2022-05-03 08:30:07 +00:00
Benedikt Meurer	3b1509389a	[inspector] Consistently format value wrappers in console messages. When formatting console messages (for consumption in Chromium/Blink), we have special logic to unwrap value wrapper objects. But this logic was not very consistent, and especially Number values and NumberObject values were formatted differently. This changes the V8ValueStringBuilder::append() logic to always unwrap any value wrapper first and then use the regular dispatch for the primitive value. Fixed: chromium:1321833 Change-Id: I9996671e1f91da0841e5d5f1687cf647ab72a561 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3622913 Commit-Queue: Yang Guo <yangguo@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/main@{#80323}	2022-05-03 06:41:38 +00:00
Frank Tang	d43080a7f7	[intl] Fix ResolvedOptions to output. In v3 we allow both significant digits and fraction digits to be set in some conditions. Also fix the case in v2 we didn't handle "precision-integer" with currency format. Related spec text: https://tc39.es/proposal-intl-numberformat-v3/out/numberformat/diff.html#sec-intl.numberformat.prototype.resolvedoptions https://tc39.es/proposal-intl-numberformat-v3/out/numberformat/diff.html#sec-setnfdigitoptions Bug: v8:11544 Change-Id: I89c147dcc7803eae7aad2a380e85d1d877e30370 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3615217 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#80322}	2022-05-03 03:23:46 +00:00
Rob Paveza	5e1f856d18	Add support for source hashing in stack traces. This change adds support for computing SHA-256 hashes in the stack output of errors by adding a function to the prototype of the `CallSite` object, passed to `Error.prepareStackTrace`. Additionally, it updates the `hash` property from `Debugger.scriptParsed` and `Debugger.scriptFailedToParse` to be SHA-256 instead of the proprietary hash it is today. It is intended to be an advancement in indexing source maps to support improved tooling, especially for post-hoc or in-production diagnostics scenarios. The explainer can be found here: https://docs.google.com/document/d/13hNeeLC2Ve_FVieNndZUUUP15x2O4ltvjnGWwOsMlrU/edit?usp=sharing Change-Id: Ifbbed4b22c8256e74e6d79974d2dd1e444143eda Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229957 Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Auto-Submit: Robert Paveza <Rob.Paveza@microsoft.com> Commit-Queue: Shu-yu Guo <syg@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/main@{#80320}	2022-05-03 00:57:46 +00:00
Frank Tang	4776aee651	Reland "[Temporal] Fix Calendar.prototype.fields CSA" This is a reland of commit `8960031432` Changes since revert: None, reverted wrong suspect CL Original change's description: > [Temporal] Fix Calendar.prototype.fields CSA > > Use LoadAndUntagToWord32ObjectField instead of LoadObjectField<Uint32T> > to load the flag since it is defined as > flags: SmiTagged<JSTemporalCalendarFlags>; > > Otherwise LoadObjectField<Uint32T> will load the zero part when > v8_enable_pointer_compression = false > > Add unit tests to intl (because the problem only show up on calendar > other than non iso8601. > > Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel > > > Bug: v8:12848 > Change-Id: I44b685af99dc9820dfa228447e2b42ae0a82464c > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3617388 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Frank Tang <ftang@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80314} Bug: v8:12848 Change-Id: I423ea5f0a4a30fc73546df208d24aec84db76eb4 Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620838 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#80319}	2022-05-02 20:56:55 +00:00
Shu-yu Guo	f478546b18	Revert "[Temporal] Fix Calendar.prototype.fields CSA" This reverts commit `8960031432`. Reason for revert: UBSAN errors in GC tests https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/21069/overview Original change's description: > [Temporal] Fix Calendar.prototype.fields CSA > > Use LoadAndUntagToWord32ObjectField instead of LoadObjectField<Uint32T> > to load the flag since it is defined as > flags: SmiTagged<JSTemporalCalendarFlags>; > > Otherwise LoadObjectField<Uint32T> will load the zero part when > v8_enable_pointer_compression = false > > Add unit tests to intl (because the problem only show up on calendar > other than non iso8601. > > Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel > > > Bug: v8:12848 > Change-Id: I44b685af99dc9820dfa228447e2b42ae0a82464c > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3617388 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Frank Tang <ftang@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80314} Bug: v8:12848 Change-Id: I3a8af8acbbdfc5d0f5386f2a9d50d62b9f422fb8 Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620837 Auto-Submit: Shu-yu Guo <syg@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80317}	2022-05-02 19:13:17 +00:00
Frank Tang	8960031432	[Temporal] Fix Calendar.prototype.fields CSA Use LoadAndUntagToWord32ObjectField instead of LoadObjectField<Uint32T> to load the flag since it is defined as flags: SmiTagged<JSTemporalCalendarFlags>; Otherwise LoadObjectField<Uint32T> will load the zero part when v8_enable_pointer_compression = false Add unit tests to intl (because the problem only show up on calendar other than non iso8601. Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel Bug: v8:12848 Change-Id: I44b685af99dc9820dfa228447e2b42ae0a82464c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3617388 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80314}	2022-05-02 17:43:46 +00:00
jameslahm	c4281cd933	[web snapshot] Add support for arrays w/holes This CL adds serialization and deserialization support for HOLEY_ELEMENTS and HOLEY_SMI_ELEMENTS kind arrays. Bug: v8:11525 Change-Id: Ib6fdcd1916badd02e567571e1c0748dce85cd8a0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620753 Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80313}	2022-05-02 17:07:19 +00:00
Patrick Thier	ee247818e6	[string] Fix string table lookup with SlicedStrings https://crrev.com/c/3571817 introduced a bug that string table lookups failed on SlicedStrings with a start offset of 0. This CL fixes the issue by re-using the already computed hash only if the length of the source string matches the length of the string to lookup. Bug: chromium:1320179, chromium:1321573 Change-Id: Ic8755a0266a9ec67fe5eb9c96fdab1b55d5009f2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616723 Auto-Submit: Patrick Thier <pthier@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80309}	2022-05-02 14:47:44 +00:00
Jakob Linke	0e9a55d24f	Reland "Reland "[osr] Use the new OSR cache"" This is a reland of commit `9145388055` Fixed: properly reference the ClearedValue in CSA (i.e. without the cage_base upper 32 bits). Original change's description: > Reland "[osr] Use the new OSR cache" > > This is a reland of commit `91da38831d` > > Fixed: Use an X register for JumpIfCodeTIsMarkedForDeoptimization > on arm64. > > Original change's description: > > [osr] Use the new OSR cache > > > > This CL switches over our OSR system to be based on the feedback > > vector osr caches. > > > > - OSRing to Sparkplug is fully separated from OSR urgency. If > > SP code exists, we simply jump to it, no need to maintain an > > installation request. > > - Each JumpLoop checks its dedicated FeedbackVector cache slot. > > If a valid target code object exists, we enter it without > > calling into runtime to fetch the code object. > > - Finally, OSR urgency still remains as the heuristic for > > requesting Turbofan OSR compile jobs. Note it no longer has a > > double purpose of being a generic untargeted installation > > request. > > > > With the new system in place, we can remove now-unnecessary > > hacks: > > > > - Early OSR tierup is replaced by the standard OSR system. Any > > present OSR code is automatically entered. > > - The synchronous OSR compilation fallback is removed. With > > precise installation (= per-JumpLoop-bytecode) we no longer > > have the problem of 'getting unlucky' with JumpLoop/cache entry > > mismatches. Execution has moved on while compiling? Simply spawn > > a new concurrent compile job. > > - Remove the synchronous (non-OSR) Turbofan compile request now > > that we always enter available OSR code as early as possible. > > - Tiering into Sparkplug no longer messes with OSR state. > > > > Bug: v8:12161 > > Change-Id: I0a85e53d363504b7dac174dbaf69c03c35e66700 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596167 > > Commit-Queue: Jakob Linke <jgruber@chromium.org> > > Auto-Submit: Jakob Linke <jgruber@chromium.org> > > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > > Cr-Commit-Position: refs/heads/main@{#80147} > > Bug: v8:12161 > Change-Id: Ib3597cf1d99cdb5d0f2c5ac18e311914f376231d > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3606232 > Auto-Submit: Jakob Linke <jgruber@chromium.org> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80167} Bug: v8:12161,chromium:1320189 Change-Id: Ibd9a2ab61f51ebb32a3f5a66f7c602faead71c3e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620273 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#80306}	2022-05-02 14:26:14 +00:00
Anton Bikineev	5c92b06ead	cppgc: young-gen: Fix compilation and tests with cppgc_enable_young_gen The CL prepares the sources and the tests for enabling cppgc_enable_young_generation by default. The static initializer in YoungGenerationEnabler (due to v8::base::Mutex) changed to be lazy. The tests are now checking the runtime flag. Bug: chromium:1029379 Change-Id: I1497a3dd2b8d62c1acd48496821f07324b7944d5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616726 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Auto-Submit: Anton Bikineev <bikineev@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#80304}	2022-05-02 13:34:04 +00:00
Leszek Swirski	9b78282370	Revert "[web snap] Support Symbols" This reverts commit `1267e51873`. Reason for revert: Turned out to not support them: https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket/8815278972589078465/+/u/Bisect_1267e518/Retry/web-snapshot-4 Original change's description: > [web snap] Support Symbols > > Bug: v8:11525,v8:12820 > Change-Id: Ie8b1bbe209d8bb6f759623ea01223a05d11090aa > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616514 > Commit-Queue: Marja Hölttä <marja@chromium.org> > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80299} Bug: v8:11525,v8:12820 Change-Id: Ia0107dfec12e72dc976348985e5c35dac28c170a No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620278 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Owners-Override: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80302}	2022-05-02 13:04:14 +00:00
Marja Hölttä	1267e51873	[web snap] Support Symbols Bug: v8:11525,v8:12820 Change-Id: Ie8b1bbe209d8bb6f759623ea01223a05d11090aa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616514 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80299}	2022-05-02 11:18:05 +00:00
Maksim Sadym	c674a1f608	Follow-up after https://crrev.com/c/3472077 1. Use `StringBuffer` instead of `StringView` in `WebDriverValue`. 2. Add some `DCHECK`s. 3. Reserve vector size. 4. Respect properties with `undefined` values. 5. Minor clean-ups. Change-Id: Ic109acb1e3adf2d950767173c17a9203e3c816dc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596173 Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Auto-Submit: Maksim Sadym <sadym@chromium.org> Cr-Commit-Position: refs/heads/main@{#80296}	2022-05-02 09:54:03 +00:00
jameslahm	76751fc3aa	[test] Update unittests.status for tests ... moved into unittests. - test-compiler was moved under https://chromium-review.googlesource.com/c/v8/v8/+/3596442. And move test-compiler/DeepEagerCompilationPeakMemory to unittests.status. Remove test-compiler/DecideToPretenureDuringCompilation because it has been removed in https://chromium-review.googlesource.com/c/v8/v8/+/2839550. - test-code-pages was moved under https://chromium-review.googlesource.com/c/v8/v8/+/3599404. - test-api/TEST(TryCatch...) was moved under https://chromium-review.googlesource.com/c/v8/v8/+/3586770. And added ''APIExceptionTest.*': [SKIP],' in unittests.status according to here https://source.chromium.org/chromium/chromium/src/+/master:v8/test/cctest/cctest.status;l=549. Bug: v8:12781 Change-Id: Ie5067c1312c9d69f75d3efb831e15bea2eb38fa1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3612665 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80295}	2022-05-02 09:52:04 +00:00
Benedikt Meurer	d821a6a373	[inspector] Fix mapping between location and offset. We weren't really translating between location (line and column number) and source position (character offset) consistently, especially when it came to inline <script>s. There were also inconsistencies between what Debugger.getPossibleBreakpoints and Debugger.setBreakpointByUrl would do. With this CL, we are now consistently operating under the following assumptions: (1) For inline <scripts>s with a //@ sourceURL annotation, we assume that the line and column number that comes in via the protocol is in terms of the source text of the script. (2) For inline <script>s without said annotation, we assume that the line and column numbers are in terms of the surrounding document. This is finally aligned with how the DevTools front-end operates. Fixed: chromium:1319828 Change-Id: I98c4ef04b34a97caf060ff4f32690b135edb6ee6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3610622 Reviewed-by: Kim-Anh Tran <kimanh@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Kim-Anh Tran <kimanh@chromium.org> Cr-Commit-Position: refs/heads/main@{#80292}	2022-05-02 06:33:54 +00:00
Igor Sheludko	1a80bfc1d5	Revert "Reland "[heap] Store size with invalidated object"" This reverts commit `23b2d571a7`. Reason for revert: Breaks the V8 roll https://ci.chromium.org/ui/p/chromium/builders/try/linux-rel/1000394/ Original change's description: > Reland "[heap] Store size with invalidated object" > > This is a reland of commit `5d235def26` > > The previous version of this CL got reverted because the cached > size of an invalidated object wasn't up-to-date when performing a GC. > > Not all size changes go through NotifyObjectLayoutChange, so > https://crrev.com/c/3607992 introduced NotifyObjectSizeChange as a > bottleneck for object size changes/right-trimming. This method is > now used to update the size of invalidated objects. > > Original change's description: > > [heap] Store size with invalidated object > > > > When updating pointers during a full GC, a page might not be swept > > already. In such cases there might be invalid objects and slots recorded > > in free memory. Updating tagged slots in free memory is fine even though > > it is superfluous work. > > > > However, the GC also needs to calculate the size of potentially dead > > invalid objects in order to be able to check whether a slot is within > > that object. But since that object is dead, its map might be dead as > > well which makes size calculation impossible on such objects. The CL > > changes this to cache the size of invalid objects. A follow-up CL will > > also check the marking bit of invalid objects. > > > > Bug: v8:12578, chromium:1316289 > > Change-Id: Ie773d0862a565982957e0dc409630d76552d1a32 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599482 > > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > > Reviewed-by: Jakob Linke <jgruber@chromium.org> > > Reviewed-by: Patrick Thier <pthier@chromium.org> > > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > > Cr-Commit-Position: refs/heads/main@{#80169} > > Bug: v8:12578, chromium:1316289 > Change-Id: I1f7c6070b8e7d116aeb1a8d03d4f87927ab40872 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3608632 > Reviewed-by: Jakob Linke <jgruber@chromium.org> > Reviewed-by: Patrick Thier <pthier@chromium.org> > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80262} Bug: v8:12578, chromium:1316289 Change-Id: I88b73ebe09bb923ba4ac57b0dbdceb08a1badd99 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616730 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Auto-Submit: Igor Sheludko <ishell@chromium.org> Owners-Override: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#80291}	2022-05-02 06:02:44 +00:00
Anton Bikineev	2655d3d18d	api: Allow v8::Maybe<MovableType>. Change-Id: I29bcdf3302f37568e8c8925e70a01ba342c17925 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3606229 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#80288}	2022-04-30 21:47:24 +00:00
Rohan Pavone	896f6e749a	Revert "Reland "[osr] Use the new OSR cache"" This reverts commit `9145388055`. Reason for revert: Breaking the Fuchsia Deterministic Builder Original change's description: > Reland "[osr] Use the new OSR cache" > > This is a reland of commit `91da38831d` > > Fixed: Use an X register for JumpIfCodeTIsMarkedForDeoptimization > on arm64. > > Original change's description: > > [osr] Use the new OSR cache > > > > This CL switches over our OSR system to be based on the feedback > > vector osr caches. > > > > - OSRing to Sparkplug is fully separated from OSR urgency. If > > SP code exists, we simply jump to it, no need to maintain an > > installation request. > > - Each JumpLoop checks its dedicated FeedbackVector cache slot. > > If a valid target code object exists, we enter it without > > calling into runtime to fetch the code object. > > - Finally, OSR urgency still remains as the heuristic for > > requesting Turbofan OSR compile jobs. Note it no longer has a > > double purpose of being a generic untargeted installation > > request. > > > > With the new system in place, we can remove now-unnecessary > > hacks: > > > > - Early OSR tierup is replaced by the standard OSR system. Any > > present OSR code is automatically entered. > > - The synchronous OSR compilation fallback is removed. With > > precise installation (= per-JumpLoop-bytecode) we no longer > > have the problem of 'getting unlucky' with JumpLoop/cache entry > > mismatches. Execution has moved on while compiling? Simply spawn > > a new concurrent compile job. > > - Remove the synchronous (non-OSR) Turbofan compile request now > > that we always enter available OSR code as early as possible. > > - Tiering into Sparkplug no longer messes with OSR state. > > > > Bug: v8:12161 > > Change-Id: I0a85e53d363504b7dac174dbaf69c03c35e66700 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596167 > > Commit-Queue: Jakob Linke <jgruber@chromium.org> > > Auto-Submit: Jakob Linke <jgruber@chromium.org> > > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > > Cr-Commit-Position: refs/heads/main@{#80147} > > Bug: v8:12161 > Change-Id: Ib3597cf1d99cdb5d0f2c5ac18e311914f376231d > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3606232 > Auto-Submit: Jakob Linke <jgruber@chromium.org> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80167} Bug: v8:12161 Change-Id: I73e2d98660e9edfbe07a152a14402380ea9227de Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3615219 Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Owners-Override: Deepti Gandluri <gdeepti@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80287}	2022-04-29 21:53:02 +00:00
Igor Sheludko	98f6f100c5	[rwx][mac] Fix broken component build Bug: v8:12797 Change-Id: I2e7f7812b47882766d5accb1963301e7c0731fcd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616725 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#80285}	2022-04-29 18:24:51 +00:00
jameslahm	907b31bc45	Reland "[test] Move cctest/test-regexp to unittests" This is a reland of commit `b36c87e358`. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20noi18n%20-%20debug/42210/overview. This CL moves cctest/test-regexp to unittests/regexp/regexp-unittest and updates unittest.status file for test-regexp. Original change's description: > [test] Move cctest/test-regexp to unittests > > ... /regexp/regexp-unittest. > > Bug: v8:12781 > Change-Id: I3c3ba4c519ff503b242c39d0e3b2350f25d7e84c > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607370 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: 王澳 <wangao.james@bytedance.com> > Cr-Commit-Position: refs/heads/main@{#80217} Bug: v8:12781 Change-Id: I8e08147f21feb1e97b681204bc5b771794c3768f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3612663 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80283}	2022-04-29 16:23:32 +00:00
Anton Bikineev	3cb4634153	cppgc: young-gen: Use ref-counting scheme to enable the barrier The CL uses the different scheme to enable the generational barrier. The separate global counter (is_enabled_) keeps track of the number of heaps that enable generational GC. If at least one of the heaps enables the generational GC, the counter will enable the write barrier. Technically, the counter could be merged with WriteBarrier::is_enabled_, but having a separate variable allows us to keep DCHECKs if generational barrier is enabled. Bug: chromium:1029379 Change-Id: Iafaa76f96acb18a73f8bde7231434e68c04cb683 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616518 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#80281}	2022-04-29 13:34:41 +00:00
Victor Gomes	bf5e9512a7	[maglev] Add CreateObjectLiteral nodes Bug: v8:7700 Change-Id: Ia76a091e013aa7649da132c113fcefef06534f3b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616511 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80278}	2022-04-29 12:20:11 +00:00
Anton Bikineev	c7dfa3fac8	cppgc: young-gen: Add runtime option for young generation The CL introduces a new option --cppgc-young-generation. This option can't be enabled statically, because V8 options are parsed after heap initialization. The CL changes minor GC so that it can be enabled dynamically. The way it works is as follows: - the user calls YoungGenerationEnabler::Enable(); - a heap checks in the next atomic pause whether the flag was enabled; - if so, the heap enables young generation for itself. To avoid barrier regressions without young-generation enabled, the CL changes the meaning of the global flag is-any-incremental-or-concurrent-marking to is-barrier-enabled. The runtime option would enable us to test young generation on try- and performance-bots. Bug: chromium:1029379 Change-Id: I664cccdcd208225ffcbf9901f1284b56d088c5c3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607993 Commit-Queue: Anton Bikineev <bikineev@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80274}	2022-04-29 08:39:08 +00:00
Dominik Inführ	23b2d571a7	Reland "[heap] Store size with invalidated object" This is a reland of commit `5d235def26` The previous version of this CL got reverted because the cached size of an invalidated object wasn't up-to-date when performing a GC. Not all size changes go through NotifyObjectLayoutChange, so https://crrev.com/c/3607992 introduced NotifyObjectSizeChange as a bottleneck for object size changes/right-trimming. This method is now used to update the size of invalidated objects. Original change's description: > [heap] Store size with invalidated object > > When updating pointers during a full GC, a page might not be swept > already. In such cases there might be invalid objects and slots recorded > in free memory. Updating tagged slots in free memory is fine even though > it is superfluous work. > > However, the GC also needs to calculate the size of potentially dead > invalid objects in order to be able to check whether a slot is within > that object. But since that object is dead, its map might be dead as > well which makes size calculation impossible on such objects. The CL > changes this to cache the size of invalid objects. A follow-up CL will > also check the marking bit of invalid objects. > > Bug: v8:12578, chromium:1316289 > Change-Id: Ie773d0862a565982957e0dc409630d76552d1a32 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599482 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Jakob Linke <jgruber@chromium.org> > Reviewed-by: Patrick Thier <pthier@chromium.org> > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80169} Bug: v8:12578, chromium:1316289 Change-Id: I1f7c6070b8e7d116aeb1a8d03d4f87927ab40872 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3608632 Reviewed-by: Jakob Linke <jgruber@chromium.org> Reviewed-by: Patrick Thier <pthier@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80262}	2022-04-28 15:35:09 +00:00
Camillo Bruni	8a744da3b4	[snapshot] Reduce startup snapshot checksum check overhead Avoid calculating the checksum on every snapshot deserialization. - Desktop: by default only in release - Android: once per process Most snapshot corruptions happen on android devices but there we also have the highest overhead from calculating the checksum. Findings doc: https://docs.google.com/document/d/e/2PACX-1vQWdJjrZpTL5VjbP_LHH-qQj-9vcmuLez93WPZhoacJT2bTXfCAdJpbexfJWP9jrAI5ek_416uZE6_W/pub Bug: v8:12195 Change-Id: Ic7f2f45a9e8ade31c3774a7b659d9c30769e2b44 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3583983 Reviewed-by: Jakob Linke <jgruber@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80260}	2022-04-28 14:35:18 +00:00
Igor Sheludko	449ece383b	Reland "[rwx][mac] Support fast W^X permission switching on Apple Silicon (M1)" This is a reland of commit `9d31f8663a` There were issues with --future flag implications on M1. Original change's description: > [rwx][mac] Support fast W^X permission switching on Apple Silicon (M1) > > ... for V8 code space. The feature is currently disabled. > > In order to use fast W^X permission switching we must allocate > executable pages with readable writable executable permissions (RWX). > However, MacOS on ARM64 ("Apple M1"/Apple Silicon) prohibits further > permission changing of RWX memory pages. This means that the code page > headers must be allocated with RWX permissions too because otherwise > it wouldn't be possible to allocate a large code page over the freed > regular code page and vice versa. > > When enabled, the new machinery works as follows: > > 1) when memory region is reserved for allocating executable pages, the > whole region is committed with RWX permissions and then decommitted, > 2) since reconfiguration of RWX page permissions is not allowed on > MacOS on ARM64 ("Apple M1"/Apple Silicon), there must be no attempts > to change them, > 3) the request to set RWX permissions in the executable page region > just recommits the pages without changing permissions (see (1), they > were already allocated as RWX and then discarded), > 4) in order to make executable pages inaccessible one must use > OS::DiscardSystemPages() instead of OS::DecommitPages() or > setting permissions to kNoAccess because the latter two are not > allowed by the MacOS (see (2)). > 5) since code space page headers are allocated as RWX pages it's also > necessary to switch between W^X modes when updating the data in the > page headers (i.e. when marking, updating stats, wiring pages in > lists, etc.). The new CodePageHeaderModificationScope class is used > in the respective places. On unrelated configurations it's a no-op. > > The fast permission switching can't be used for V8 configuration with > enabled pointer compression and disabled external code space because > a) the pointer compression cage has to be reserved with MAP_JIT flag > which is too expensive, > b) in case of shared pointer compression cage if the code range will > be deleted while the cage is still alive then attempt to configure > permissions of pages that were previously set to RWX will fail. > > This also CL extends the unmapper unit tests with permissions tracking > for discarded pages. > > Bug: v8:12797 > Change-Id: Idb28cbc481306477589eee9962d2e75167d87c61 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3579303 > Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> > Reviewed-by: Clemens Backes <clemensb@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Commit-Queue: Igor Sheludko <ishell@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80238} Bug: v8:12797 Change-Id: I0fe86666f31bad37d7074e217555c95900d2afba Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3610433 Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#80259}	2022-04-28 14:08:11 +00:00
Benoît Lizé	03b69480db	[base/platform] Simplify /proc/self/maps parsing There are three ways to parse /proc/self/maps in platform-linux.cc, remove one to use common code. In the process, add a unit test, and fix some issues in the latest iteration of /proc/self/maps parsing. Change-Id: I4701ea49fe8cce53aea0179e194dc48fbebb2ff5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605226 Commit-Queue: Benoit Lize <lizeb@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#80258}	2022-04-28 14:00:18 +00:00
Omer Katz	cf6ad387ff	cppgc: Revise WeakContainerTest.* For some reason the compiler was optimizing away the reference to the object in WeakContainerTest.ConservativeGCTracesWeakContainer and thus not finding it conservatively. This CL revises the tests such that the compiler is no longer able to optimize references away. Bug: v8:12824 Change-Id: Ie598a1cf1124c2983a6c61fd4e990734d36f5832 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3610627 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Omer Katz <omerkatz@chromium.org> Reviewed-by: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#80257}	2022-04-28 13:31:42 +00:00
Victor Gomes	4837f37279	[maglev] Float64 box/unbox elision - Supports Float64 Add for SmiAdd bytecode - Adds a Float64Constant and ChangeInt32ToFloat64 nodes - Converts floats to tagged in Phi node inputs - Fixes spill double representation - Fixes materialisation during a deopt of a double in the stack Bug: v8:7700 Change-Id: I9217a64313b4bd5d0015f935c23771ecf9a2c7ca Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3610426 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80255}	2022-04-28 13:17:48 +00:00
Andreas Haas	231dfdef4c	[wasm] Disable limits test on Android The test is very resource intensive and is therefore not reliable on weaker systems. The limits are the same for all configurations, so it's not a problem if we disable the test for some configurations. R=machenbach@chromium.org Fixes: v8:12836 Change-Id: If187bd3d5d352b1685d3a6e43a76860a263f53de Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3608631 Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#80253}	2022-04-28 12:53:38 +00:00
Camillo Bruni	759e841a05	[api] Rename isolate variables * Prefix all isolate variables with i_ for i::Isolate and v8_ for v8::Isolate * Change _DO_NOT_USE macro suffix to _INTERNAL Change-Id: I005efbe0192cf202741448c63a4263e6a4b1fa1b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3610429 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Anton Bikineev <bikineev@chromium.org> Reviewed-by: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#80252}	2022-04-28 12:51:08 +00:00
Marja Hölttä	a64bb79987	[rab/gsab] Atomics.*: Support RAB / GSAB Bug: v8:11111 Change-Id: I3c350dd98b3da995b52c8366876d66b87fc47c28 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605611 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#80244}	2022-04-28 08:05:18 +00:00
Andreas Haas	ee866433ad	[wasm] Remove SIMD proposal tests The SIMD proposal has been merged into the main spec, it is not necessary anymore to execute the SIMD proposal tests additionally. R=gdeepti@chromium.org Change-Id: I1c5847a1bfba2d0c956cf353816fd71417506a1f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3609848 Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#80241}	2022-04-28 05:22:59 +00:00
Frank Tang	f09026a6f2	[Temporal] Add PlainDateTime.from Also add AOs: ToTemporalDateTime, ParseTemporalDateTimeString, InterpretTemporalDateTimeFields Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaindatetime.from https://tc39.es/proposal-temporal/#sec-temporal-totemporaldatetime https://tc39.es/proposal-temporal/#sec-temporal-parsetemporaldatetimestring https://tc39.es/proposal-temporal/#sec-temporal-interprettemporaldatetimefields Bug: v8:11544 Change-Id: I3cf5c7c0f876dd8f384d62a47d7b24d8780bf03f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3538667 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80240}	2022-04-27 23:39:04 +00:00
Adam Klein	10807c9f5e	Revert "[rwx][mac] Support fast W^X permission switching on Apple Silicon (M1)" This reverts commit `9d31f8663a`. Reason for revert: crashes on Mac/arm64 bots: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Mac%20-%20arm64%20-%20debug/5923/overview Original change's description: > [rwx][mac] Support fast W^X permission switching on Apple Silicon (M1) > > ... for V8 code space. The feature is currently disabled. > > In order to use fast W^X permission switching we must allocate > executable pages with readable writable executable permissions (RWX). > However, MacOS on ARM64 ("Apple M1"/Apple Silicon) prohibits further > permission changing of RWX memory pages. This means that the code page > headers must be allocated with RWX permissions too because otherwise > it wouldn't be possible to allocate a large code page over the freed > regular code page and vice versa. > > When enabled, the new machinery works as follows: > > 1) when memory region is reserved for allocating executable pages, the > whole region is committed with RWX permissions and then decommitted, > 2) since reconfiguration of RWX page permissions is not allowed on > MacOS on ARM64 ("Apple M1"/Apple Silicon), there must be no attempts > to change them, > 3) the request to set RWX permissions in the executable page region > just recommits the pages without changing permissions (see (1), they > were already allocated as RWX and then discarded), > 4) in order to make executable pages inaccessible one must use > OS::DiscardSystemPages() instead of OS::DecommitPages() or > setting permissions to kNoAccess because the latter two are not > allowed by the MacOS (see (2)). > 5) since code space page headers are allocated as RWX pages it's also > necessary to switch between W^X modes when updating the data in the > page headers (i.e. when marking, updating stats, wiring pages in > lists, etc.). The new CodePageHeaderModificationScope class is used > in the respective places. On unrelated configurations it's a no-op. > > The fast permission switching can't be used for V8 configuration with > enabled pointer compression and disabled external code space because > a) the pointer compression cage has to be reserved with MAP_JIT flag > which is too expensive, > b) in case of shared pointer compression cage if the code range will > be deleted while the cage is still alive then attempt to configure > permissions of pages that were previously set to RWX will fail. > > This also CL extends the unmapper unit tests with permissions tracking > for discarded pages. > > Bug: v8:12797 > Change-Id: Idb28cbc481306477589eee9962d2e75167d87c61 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3579303 > Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> > Reviewed-by: Clemens Backes <clemensb@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Commit-Queue: Igor Sheludko <ishell@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80238} Bug: v8:12797 Change-Id: Ic07948e036db36326d464a2a901d052aa060a406 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3611665 Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Auto-Submit: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80239}	2022-04-27 23:29:11 +00:00
Igor Sheludko	9d31f8663a	[rwx][mac] Support fast W^X permission switching on Apple Silicon (M1) ... for V8 code space. The feature is currently disabled. In order to use fast W^X permission switching we must allocate executable pages with readable writable executable permissions (RWX). However, MacOS on ARM64 ("Apple M1"/Apple Silicon) prohibits further permission changing of RWX memory pages. This means that the code page headers must be allocated with RWX permissions too because otherwise it wouldn't be possible to allocate a large code page over the freed regular code page and vice versa. When enabled, the new machinery works as follows: 1) when memory region is reserved for allocating executable pages, the whole region is committed with RWX permissions and then decommitted, 2) since reconfiguration of RWX page permissions is not allowed on MacOS on ARM64 ("Apple M1"/Apple Silicon), there must be no attempts to change them, 3) the request to set RWX permissions in the executable page region just recommits the pages without changing permissions (see (1), they were already allocated as RWX and then discarded), 4) in order to make executable pages inaccessible one must use OS::DiscardSystemPages() instead of OS::DecommitPages() or setting permissions to kNoAccess because the latter two are not allowed by the MacOS (see (2)). 5) since code space page headers are allocated as RWX pages it's also necessary to switch between W^X modes when updating the data in the page headers (i.e. when marking, updating stats, wiring pages in lists, etc.). The new CodePageHeaderModificationScope class is used in the respective places. On unrelated configurations it's a no-op. The fast permission switching can't be used for V8 configuration with enabled pointer compression and disabled external code space because a) the pointer compression cage has to be reserved with MAP_JIT flag which is too expensive, b) in case of shared pointer compression cage if the code range will be deleted while the cage is still alive then attempt to configure permissions of pages that were previously set to RWX will fail. This also CL extends the unmapper unit tests with permissions tracking for discarded pages. Bug: v8:12797 Change-Id: Idb28cbc481306477589eee9962d2e75167d87c61 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3579303 Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#80238}	2022-04-27 22:05:21 +00:00
Camillo Bruni	e5c1ada31f	[counters] Remove unused counters from V8 Change-Id: Iec93e286c8067453cc1f9a978fa09b8734999f83 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596159 Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Jakob Linke <jgruber@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#80236}	2022-04-27 20:40:51 +00:00
Clemens Backes	bbdb891668	[wasm] Fix termination on breakpoint If the debug handler (called via {OnDebugBreak}) requests termination of the isolate, this would only get considered on the next stack check, where it is turned into a proper termination exception. Handling this correctly is further complicated by the {DebugScope} blocking any handling of interrupts via the included {PostponeInterruptsScope}. Hence this CL refactors the code to call any debug handlers in a second function which has the {DebugScope}, and to check for interrupts after leaving that scope. R=thibaudm@chromium.org CC=bmeurer@chromium.org Bug: chromium:1319343 Change-Id: Ia2df0f2610d50eedc6437841c4bf1d2ad3ac9125 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605228 Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#80235}	2022-04-27 19:58:41 +00:00
Milad Fa	bf582f16e6	[wasm] skip spec-test on ppc Tests runs out of code space on ppc as size exceeds 32MB. More details can be found under the comment section of this CL: https://crrev.com/c/3605814. Bug: v8:11577 Change-Id: Iadfbc3b9618a0873f5f08a030b799d5761946671 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3610628 Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#80234}	2022-04-27 18:29:51 +00:00
Frank Tang	2ae06b31b5	[test262] Roll test262 `33a5433d..8f5c7aed09` Bug: v8:7834 Change-Id: I0b1419127becef463044a5c1b62fb45a2a9569ac Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3606546 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#80232}	2022-04-27 17:18:51 +00:00
Jakob Linke	b1fbd0dc19	Revert "[test] Move cctest/test-regexp to unittests" This reverts commit `b36c87e358`. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20noi18n%20-%20debug/42210/overview Original change's description: > [test] Move cctest/test-regexp to unittests > > ... /regexp/regexp-unittest. > > Bug: v8:12781 > Change-Id: I3c3ba4c519ff503b242c39d0e3b2350f25d7e84c > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607370 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: 王澳 <wangao.james@bytedance.com> > Cr-Commit-Position: refs/heads/main@{#80217} Bug: v8:12781 Change-Id: I0c5fae4b156df0a305b83acfa639bb0ff6eeb87f No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3610626 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#80229}	2022-04-27 15:44:11 +00:00
Milad Fa	29e737bdef	[test] skip peephole tests on big endian tests where moved from cctest to unittests under this cl: https://crrev.com/c/3607370 Bug: v8:12781 Change-Id: If625e0dda51034e731c5e7fe87d591dce9804888 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3611182 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#80227}	2022-04-27 15:09:21 +00:00
Camillo Bruni	b4165a3590	[d8] Add ValueSerializer JS api for better fuzzing Change-Id: Ib94979f4cf7f52a1544f2b3c0d51c0266a4fa14c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3586985 Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80223}	2022-04-27 15:05:07 +00:00
Camillo Bruni	5647e65451	[log] Rename v8::Log to v8::LogFile Bug: v8:12795, chromium:1316443 Change-Id: I0ecaf8ebbf1a83d0d5b305fd014bc5a765c0d2f5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3610446 Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80222}	2022-04-27 15:04:03 +00:00
Leszek Swirski	7ada6c8bbc	[maglev] Add LoadDoubleField Add an unboxing double field load node, and fix a couple of locations where it might be used enough to pass tests. Bug: v8:7700 Change-Id: Ic134484e87a4fa363cbd8a3de667ac8e8116d502 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3610623 Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80221}	2022-04-27 13:12:17 +00:00
Nico Hartmann	c84b8fa42f	Revert "[test] Move cctest/test-log to unittests/logging/log-unittest" This reverts commit `f196c878da`. Reason for revert: https://crbug.com/v8/12838 Original change's description: > [test] Move cctest/test-log to unittests/logging/log-unittest > > Bug: v8:12781 > Change-Id: If94de50440b15f000ff2f961f2dd77abd9c90ca4 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607389 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: 王澳 <wangao.james@bytedance.com> > Cr-Commit-Position: refs/heads/main@{#80209} Bug: v8:12781 Change-Id: I9e2d9496f16581ebbb851fb207191d6b77b51c0d No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3610448 Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80220}	2022-04-27 12:57:21 +00:00
Leszek Swirski	fb3b972c32	[maglev] Drop register values before adding them to the free list This fixes the ordering of DCHECKs which expect the value to not be in the free list yet when it is dropped. Bug: v8:7700 Change-Id: Ifb85d0e20cfe5c083d1f2bc971817143265fdc7f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3610444 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#80218}	2022-04-27 12:15:41 +00:00
jameslahm	b36c87e358	[test] Move cctest/test-regexp to unittests ... /regexp/regexp-unittest. Bug: v8:12781 Change-Id: I3c3ba4c519ff503b242c39d0e3b2350f25d7e84c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607370 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80217}	2022-04-27 12:04:26 +00:00
jameslahm	dccd1ed265	[test] Move cctest/test-object to unittests ... /objects/object-unittest. Bug: v8:12781 Change-Id: I48156098cf2ce216b8231a05dd68cfa96e04911d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607388 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80215}	2022-04-27 12:02:21 +00:00
Victor Gomes	5f77a1b30b	[maglev] Fix float64 add deoptimization CheckedFloat64Unbox mutates the input value, but the register allocator does not expects this behaviour and propagates a wrong value in the register. In particular we deopt with the wrong value if the second Float64Unbox in a Float64Add needs to deopt. This fixes the input value after we convert to double. Bug: v8:7700 Change-Id: Ib89573e9f728dc3a34b817fc84f1afcb96f14d18 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3610422 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80214}	2022-04-27 12:01:17 +00:00
Thibaud Michaud	3f695391b3	[wasm] Fix stack-switching import wrapper return The JS import returns a tagged value, not a value of the machine representation that corresponds to the signature's return type, since it hasn't been converted yet. R=ahaas@chromium.org Bug: v8:12191 Change-Id: I0783af85eed9c5d25347200540e3e4eee48edfd4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3464036 Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#80213}	2022-04-27 10:19:01 +00:00
Jakob Gruber	4ac65c1b11	[osr] Fix DeoptExitIsInsideOsrLoop in presence of inlining This logic was confused in the presence of inlined frames; the deopt exit offset would point inside the innermost inlined frame while we incorrectly assumed it points at the outermost frame. Fix this by always referring to the bytecode offset of the outermost frame. Bug: v8:12161 Fixed: chromium:1320094 Change-Id: I2eb28498639432c5344859f64a9388d93ee23bde Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3608630 Auto-Submit: Jakob Linke <jgruber@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#80212}	2022-04-27 10:11:15 +00:00
Clemens Backes	c33257e1a2	[wasm] Use AssemblerBufferCache also for TurboFan The AssemblerBufferCache was so far only used for Liftoff compilation. Hence all TurboFan compilation was using unprotected assembler buffers. This CL passes the AssemblerBufferCache from the function compiler down to the TurboFan PipelineData. From there it is used when instantiating the CodeGenerator to generate the AssemblerBuffer for the TurboAssembler. This will protect the assembler buffers used for TurboFan Wasm compilation via PKU, if available. Since PipelineData has a single constructor for all Wasm compilation, we have a single choke point to ensure that an AssemblerBufferCache is passed down. For Wasm stub compilation (import wrappers etc) we currently explicitly pass a nullptr, this will be fixed in a follow-up CL. R=thibaudm@chromium.org, tebbi@chromium.org Bug: v8:12809 Change-Id: I268bd21047adbd7f0aab78e8b0a4b4df1d1f8ddf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596172 Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#80210}	2022-04-27 09:42:30 +00:00
jameslahm	f196c878da	[test] Move cctest/test-log to unittests/logging/log-unittest Bug: v8:12781 Change-Id: If94de50440b15f000ff2f961f2dd77abd9c90ca4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607389 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80209}	2022-04-27 09:39:30 +00:00
Al Muthanna Athamina	6df1aef278	Add prefix to cctests when listed to make retrieving them more robust Bug: v8:12802 Change-Id: I4e12edc71ce110f603026f2b9a446af8965f9510 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3598887 Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> Cr-Commit-Position: refs/heads/main@{#80208}	2022-04-27 09:26:10 +00:00
Patrick Thier	e6d2edd710	[string] Add flag to use string forwarding table instead of ThinString Add flag --always-use-string-forwarding-table to always use the forwarding table (usually only used for shared strings) instead of ThinString migrations initially (during GC strings will be migrated to normal ThinStrings). The goal is to get more coverage of this code that is designed for shared strings. Bug: v8:12007 Change-Id: I7eb2e5ccf0018c4ac349611aebe337d8288de5c8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3536650 Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/main@{#80206}	2022-04-27 09:09:30 +00:00
Dominik Inführ	dbff30456e	[heap] Add Heap::NotifyObjectSizeChange for right-trimming Introduce a bottleneck for right-trimming an object. In a subsequent CL we will use this method to update the cached size of invalidated objects. This CL also tries to clean-up the various CreateFillerObjectAt methods. CreateFillerObjectAtRaw is now the internal method for all these methods. After moving right-trimming to NotifyObjectSizeChange, both CreateFillerObjectAt and CreateFillerObjectAtBackground don't need those arguments for clearing slots or memory anymore. Bug: v8:12578, chromium:1316289 Change-Id: I6ff0bfaced3e0a1765152700e68a4ad33a155723 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607992 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#80200}	2022-04-27 08:01:24 +00:00
jameslahm	07dca4cd3c	[test] Move cctest/test-modules to unittests ... /objects/modules-unittest. Bug: v8:12781 Change-Id: Ie3d63ac470e435858dfd0e32b7fda2f78502aa17 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607369 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80199}	2022-04-27 07:36:54 +00:00
yufeng.freeman	40605a3ddb	Include count value to InvalidCountValue error message This CL includes count value to InvalidCountValue error message to make it easier to dignoise RangeError of String.prototype.repeat. When InvalidCountValue error throw, we could not know it's caused by which count value if count value is not included. Bug: none Change-Id: I16e6693da0fc3b181241cb90daca27957f59c77c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3593574 Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80198}	2022-04-27 06:32:35 +00:00
Frank Tang	f47452080c	[intl] NumberFormat v3 sync w/ spec PR 85 and 91 PR85 https://github.com/tc39/proposal-intl-numberformat-v3/pull/85 Throw RangeError while roundingIncrement is not 1 and minimumFractionDigits != maximumFractionDigits Test by new test cases in intl/number-format/rounding-increment-v3.js Add more unit test to check the resolved options of roundingIncrement, minimumFractionDigits, and maximumFractionDigits. PR91 https://github.com/tc39/proposal-intl-numberformat-v3/pull/91 Throw TypeError instead of RangeError while roundingIncrement is not 1 and RoundingType is not fractionDigits Test by intl402/NumberFormat/constructor-roundingIncrement-invalid.js in test262 Bug: v8:10776 Change-Id: I071bfe8b3e844c5999144d74bb5f79ea9811e37b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3603059 Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80196}	2022-04-26 20:50:43 +00:00
Frank Tang	9143c55387	[Temporal] Add Temporal.Duration.from Also add AOs: IsIntegralNumber, ToIntegerWithoutRounding, ToTemporalDurationRecord, ToTemporalDuration, ParseTemporalDurationString, CreateDurationRecord Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.duration.from https://tc39.es/ecma262/#sec-isintegralnumber https://tc39.es/proposal-temporal/#sec-temporal-totemporaldurationrecord https://tc39.es/proposal-temporal/#sec-temporal-totemporalduration https://tc39.es/proposal-temporal/#sec-temporal-parsetemporaldurationstring https://tc39.es/proposal-temporal/#sec-temporal-createdurationrecord Bug: v8:11544 Change-Id: I0f4176921e088bd2f2fd48ddd28f22f3b454bd3b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3379233 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80195}	2022-04-26 20:09:13 +00:00
Igor Sheludko	3e2d5bfafa	[rwx][mac] Extend PageAllocator API with RecommitPages() It's necessary to support fast W^X permission switching on MacOS on ARM64 ("Apple M1"/Apple Silicon) where permission modification of RWX pages to anything else is prohibited. On all the other architectures/platforms RecommitPages() is equivalent to SetPermissions(). The new API will be used in a follow-up CLs. Bug: v8:12797 Change-Id: Id0d8b8c42c81b80cd8fa6b47c227680d7d1f9b10 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3606231 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Samuel Groß <saelo@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#80190}	2022-04-26 16:17:43 +00:00
Andreas Haas	5cd1a4cf1f	[wasm] Re-enable spec test I cannot reproduce the original problem anymore. The test passes nicely. If the test (wasm-js/limits) fails again, then we should just disable it for those platforms where it is failing. Fixed: v8:11577 Change-Id: I186da2ec2dd8fd518ce4034e8e3838376fefbc3b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605814 Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#80186}	2022-04-26 13:41:32 +00:00
Patrick Thier	fa1caae9ea	Reland "[string] Non-transitioning shared strings" This is a reland of commit `8ba60b7a8e` Changes to original: - Weaken DCHECK in MakeThin to allow direct transitions of shared strings during deserialization. This is safe as the string to be transitioned is freshly created and hasn't escaped the thread yet. - To enable this, add has_active_deserializer() to LocalIsolate - Shared thin string transitions are subject to the same layout changes as non-shared thin string transitions, thus treat them equally when checking if a map transition is safe. Original change's description: > [string] Non-transitioning shared strings > > Instead of transitioning shared strings to ThinString on > internalization, use a forwarding table to the internalized string and > store the index into the forwarding table in the string's hash field. > > This way we don't need to handle concurrent string transitions that > modify the underlying string data. > > During stop-the-world GC, live strings in the forwarding table are > migrated to regular ThinStrings. > > Bug: v8:12007 > Change-Id: I6c6f3d41c6f644e0aaeafbf25ecec5ce0aa0d2d8 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3536647 > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> > Reviewed-by: Jakob Linke <jgruber@chromium.org> > Reviewed-by: Shu-yu Guo <syg@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Commit-Queue: Patrick Thier <pthier@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79801} Bug: v8:12007 Change-Id: I022e5c4768b763a86bb28c9c82218c3b807371a0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3571817 Reviewed-by: Shu-yu Guo <syg@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Jakob Linke <jgruber@chromium.org> Commit-Queue: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/main@{#80183}	2022-04-26 11:56:15 +00:00
Andreas Haas	3790b0edd8	[wasm] Update spec tests Drive-by change: fix stray "//". R=clemensb@chromium.org Change-Id: I614bbc545ab8cd803f0c64f04e01fa55c4c2ec7b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605610 Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#80182}	2022-04-26 11:55:12 +00:00
Jakob Kummerow	bac984e69a	[wasm-gc] Fix roundtrips of JS functions through Wasm When passing anyref-typed things to Wasm, we cannot expect that all functions are WasmExternalFunctions. Instead of adding a relatively expensive type check to such calls, this patch disables function unwrapping for anyref-typed values. Fixed: v8:12789 Change-Id: Ied57187bac7fde0326634f7b4fc428ad21dc9c2f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605231 Auto-Submit: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#80179}	2022-04-26 11:02:22 +00:00
Victor Gomes	755b7d863f	[maglev] Add Box/UnboxNumbers and Float64Add nodes - For simplicity we call a builtin when allocating a number. - Elision of boxing/unboxing nodes will be done in a followup CL. Bug: v8:7700 Change-Id: Iec4422d84c6597d3369ab512a1662adb0f077c98 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602514 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#80178}	2022-04-26 10:56:22 +00:00
Andreas Haas	2f535cdf89	[wasm] Fix argument count of Table.set Table.set has two arguments, the table index and the value. Therefore Table.set was defined with a length of 2. However, the value argument is optional, so the length should actually be 1. Change-Id: Ica2ea13a8e78c974cb011df2b5dc99f8e7eb4bcd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3398496 Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#80176}	2022-04-26 10:40:22 +00:00
Anton Bikineev	7ae52c1521	cppgc: young-gen: Take into account ages of adjacent cards When setting a range for a newly allocated lab, consider adjacent cards. If either is young, don't mark it as kMixed. Bug: chromium:1029379 Change-Id: If7d1d920dd5769679de68800eae61f3a8dc1eb17 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3584116 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#80175}	2022-04-26 10:36:12 +00:00
jameslahm	237116d99d	[test] Move cctest/test-concurrent-transition-array to ... unittests/objects/concurrent-transition-array-unittest. Bug: v8:12781 Change-Id: Ic6fbef71e1439c0a0056b122a4b42dcad674ca3b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3604961 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80174}	2022-04-26 09:46:06 +00:00
Nico Hartmann	95dab01426	Revert "[heap] Store size with invalidated object" This reverts commit `5d235def26`. Reason for revert: Speculative revert because of https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20gc%20stress/38153/overview Original change's description: > [heap] Store size with invalidated object > > When updating pointers during a full GC, a page might not be swept > already. In such cases there might be invalid objects and slots recorded > in free memory. Updating tagged slots in free memory is fine even though > it is superfluous work. > > However, the GC also needs to calculate the size of potentially dead > invalid objects in order to be able to check whether a slot is within > that object. But since that object is dead, its map might be dead as > well which makes size calculation impossible on such objects. The CL > changes this to cache the size of invalid objects. A follow-up CL will > also check the marking bit of invalid objects. > > Bug: v8:12578, chromium:1316289 > Change-Id: Ie773d0862a565982957e0dc409630d76552d1a32 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599482 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Jakob Linke <jgruber@chromium.org> > Reviewed-by: Patrick Thier <pthier@chromium.org> > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80169} Bug: v8:12578, chromium:1316289 Change-Id: I6949412c5d6e1aa15718d027043d9528137a60a0 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605812 Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Owners-Override: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80173}	2022-04-26 08:45:13 +00:00
jameslahm	acd134dea1	[test] Move cctest/test-conversions to unittests ... /numbers/conversions-unittest. Bug: v8:12781 Change-Id: I81043f8bcebf5ce1292111211af1bea297c9eea4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3604962 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80172}	2022-04-26 08:17:34 +00:00
jameslahm	1b68c62b98	[test] Move cctest/test-date to unittests ... /date/date-unittest. Bug: v8:12781 Change-Id: Id5c7fd1ec11a427849c01acf992c7e398c456a4c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599655 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80171}	2022-04-26 08:14:32 +00:00
Dominik Inführ	5d235def26	[heap] Store size with invalidated object When updating pointers during a full GC, a page might not be swept already. In such cases there might be invalid objects and slots recorded in free memory. Updating tagged slots in free memory is fine even though it is superfluous work. However, the GC also needs to calculate the size of potentially dead invalid objects in order to be able to check whether a slot is within that object. But since that object is dead, its map might be dead as well which makes size calculation impossible on such objects. The CL changes this to cache the size of invalid objects. A follow-up CL will also check the marking bit of invalid objects. Bug: v8:12578, chromium:1316289 Change-Id: Ie773d0862a565982957e0dc409630d76552d1a32 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599482 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Jakob Linke <jgruber@chromium.org> Reviewed-by: Patrick Thier <pthier@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#80169}	2022-04-26 07:37:42 +00:00
jameslahm	9080b8acf7	[test] Move cctest/test-concurrent-prototype to unittests ... /objects/concurrent-prototype-unittest. Bug: v8:12781 Change-Id: Id283af4940a8cff19da78e0404022bc0faf2412e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599654 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80168}	2022-04-26 07:27:55 +00:00
Jakob Gruber	9145388055	Reland "[osr] Use the new OSR cache" This is a reland of commit `91da38831d` Fixed: Use an X register for JumpIfCodeTIsMarkedForDeoptimization on arm64. Original change's description: > [osr] Use the new OSR cache > > This CL switches over our OSR system to be based on the feedback > vector osr caches. > > - OSRing to Sparkplug is fully separated from OSR urgency. If > SP code exists, we simply jump to it, no need to maintain an > installation request. > - Each JumpLoop checks its dedicated FeedbackVector cache slot. > If a valid target code object exists, we enter it without > calling into runtime to fetch the code object. > - Finally, OSR urgency still remains as the heuristic for > requesting Turbofan OSR compile jobs. Note it no longer has a > double purpose of being a generic untargeted installation > request. > > With the new system in place, we can remove now-unnecessary > hacks: > > - Early OSR tierup is replaced by the standard OSR system. Any > present OSR code is automatically entered. > - The synchronous OSR compilation fallback is removed. With > precise installation (= per-JumpLoop-bytecode) we no longer > have the problem of 'getting unlucky' with JumpLoop/cache entry > mismatches. Execution has moved on while compiling? Simply spawn > a new concurrent compile job. > - Remove the synchronous (non-OSR) Turbofan compile request now > that we always enter available OSR code as early as possible. > - Tiering into Sparkplug no longer messes with OSR state. > > Bug: v8:12161 > Change-Id: I0a85e53d363504b7dac174dbaf69c03c35e66700 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596167 > Commit-Queue: Jakob Linke <jgruber@chromium.org> > Auto-Submit: Jakob Linke <jgruber@chromium.org> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80147} Bug: v8:12161 Change-Id: Ib3597cf1d99cdb5d0f2c5ac18e311914f376231d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3606232 Auto-Submit: Jakob Linke <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80167}	2022-04-26 07:26:52 +00:00
Frank Tang	07601b124e	[Temporal] Add Calendar.prototype.dateUntil Also add AOs: ToLargestTemporalUnit, ToISODayOfYear, RegulateISODate, AddISODate, DifferenceISODate Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.dateuntil https://tc39.es/proposal-temporal/#sec-temporal-tolargesttemporalunit https://tc39.es/proposal-temporal/#sec-temporal-toisodayofyear https://tc39.es/proposal-temporal/#sec-temporal-regulateisodate https://tc39.es/proposal-temporal/#sec-temporal-addisodate https://tc39.es/proposal-temporal/#sec-temporal-differenceisodate Bug: v8:11544 Change-Id: I03a28bf07ddfae036491e49cb06278d050ddebf6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3534620 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80166}	2022-04-26 06:49:32 +00:00
Shu-yu Guo	0407423bd0	Plumb Isolate through own property enumeration functions Currently the Isolate is gotten off of the object that the operation is being performed on. Shared objects return the shared Isolate, which is incorrect as it shouldn't be used to run JS, nor does it have HandleScopes open. Plumb the executing Isolate through. Bug: v8:12547 Change-Id: I3d960751c798ac657a6122598154e36d9d504c31 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3606489 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#80163}	2022-04-25 22:54:22 +00:00
Igor Sheludko	3eead7e32e	[rwx][muc] Prepare BoundedPageAllocator for fast W^X on M1 This CL extends BoundedPageAllocator with PageFreeingMode parameter which controls how pages should be freed: by setting permissions to kNoAccess (preferred) or by discarding pages (Apple Silicon specific behavior for RWX pages). The latter mode allows to ensure that once pages are configured with RWX permissions they are never reconfigured to anything else again. The new mode will be used in a follow-up CL. Bug: v8:12797 Change-Id: I3277f56ea6fee9c9b38b1682e68c22e66e9a02a4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3606228 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#80162}	2022-04-25 20:09:22 +00:00
jameslahm	48ac33bea6	[test] Move cctest/test-circular-queue to unittests ... /profiler/circular-queue-unittest. Bug: v8:12781 Change-Id: Ic74c49cf25462fccae63435ff09f70c09de2506e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599402 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80150}	2022-04-25 14:49:26 +00:00
Nico Hartmann	c34b7b41a7	Revert "[osr] Use the new OSR cache" This reverts commit `91da38831d`. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20-%20arm64%20-%20sim%20-%20pointer%20compression%20-%20builder/21150/overview Original change's description: > [osr] Use the new OSR cache > > This CL switches over our OSR system to be based on the feedback > vector osr caches. > > - OSRing to Sparkplug is fully separated from OSR urgency. If > SP code exists, we simply jump to it, no need to maintain an > installation request. > - Each JumpLoop checks its dedicated FeedbackVector cache slot. > If a valid target code object exists, we enter it without > calling into runtime to fetch the code object. > - Finally, OSR urgency still remains as the heuristic for > requesting Turbofan OSR compile jobs. Note it no longer has a > double purpose of being a generic untargeted installation > request. > > With the new system in place, we can remove now-unnecessary > hacks: > > - Early OSR tierup is replaced by the standard OSR system. Any > present OSR code is automatically entered. > - The synchronous OSR compilation fallback is removed. With > precise installation (= per-JumpLoop-bytecode) we no longer > have the problem of 'getting unlucky' with JumpLoop/cache entry > mismatches. Execution has moved on while compiling? Simply spawn > a new concurrent compile job. > - Remove the synchronous (non-OSR) Turbofan compile request now > that we always enter available OSR code as early as possible. > - Tiering into Sparkplug no longer messes with OSR state. > > Bug: v8:12161 > Change-Id: I0a85e53d363504b7dac174dbaf69c03c35e66700 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596167 > Commit-Queue: Jakob Linke <jgruber@chromium.org> > Auto-Submit: Jakob Linke <jgruber@chromium.org> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80147} Bug: v8:12161 Change-Id: I4a6955f4f20b6f3b13e98d5600c7c6a5205915bc No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605608 Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Owners-Override: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80148}	2022-04-25 14:47:22 +00:00
Jakob Gruber	91da38831d	[osr] Use the new OSR cache This CL switches over our OSR system to be based on the feedback vector osr caches. - OSRing to Sparkplug is fully separated from OSR urgency. If SP code exists, we simply jump to it, no need to maintain an installation request. - Each JumpLoop checks its dedicated FeedbackVector cache slot. If a valid target code object exists, we enter it without calling into runtime to fetch the code object. - Finally, OSR urgency still remains as the heuristic for requesting Turbofan OSR compile jobs. Note it no longer has a double purpose of being a generic untargeted installation request. With the new system in place, we can remove now-unnecessary hacks: - Early OSR tierup is replaced by the standard OSR system. Any present OSR code is automatically entered. - The synchronous OSR compilation fallback is removed. With precise installation (= per-JumpLoop-bytecode) we no longer have the problem of 'getting unlucky' with JumpLoop/cache entry mismatches. Execution has moved on while compiling? Simply spawn a new concurrent compile job. - Remove the synchronous (non-OSR) Turbofan compile request now that we always enter available OSR code as early as possible. - Tiering into Sparkplug no longer messes with OSR state. Bug: v8:12161 Change-Id: I0a85e53d363504b7dac174dbaf69c03c35e66700 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596167 Commit-Queue: Jakob Linke <jgruber@chromium.org> Auto-Submit: Jakob Linke <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80147}	2022-04-25 13:01:43 +00:00
jameslahm	3deb0ec34f	[test] Move cctest/test-code-layout to unittests ... /codegen/code-layout-unittest. Bug: v8:12781 Change-Id: I39d2af33f38dc2f06668b6b390b15e607e2dbb73 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599403 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80146}	2022-04-25 12:57:44 +00:00
Clemens Backes	af7c307d82	[wasm] Introduce AssemblerBufferCache This introduces an AssemblerBufferCache class which will (later) cache the backing store of AssemblerBuffers. This is needed for PKU-protected assembler buffers, which are expensive to allocate and deallocate. For now, the AssemblerBufferCache does not do any caching, this will be added in a follow-up CL. R=thibaudm@chromium.org Bug: v8:12809 Change-Id: I4a7ccff49c9930584a9fcda8899cfe38cfc61419 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3593136 Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#80145}	2022-04-25 11:56:51 +00:00
Marja Hölttä	2176ead6dc	[rab/gsab] Atomics.wait + waitAsync: Support GSAB Bug: v8:11111 Change-Id: Ifb3776bce308d869064120d5e28a2ea7df943757 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3578652 Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#80142}	2022-04-25 11:05:33 +00:00
jameslahm	fce1047f00	Reland "[interpreter] Optimize strict equal boolean" This is a reland of commit `62632c0805`. Reason for previous revert: Performance regressions crbug.com/1315724. The reland only optimizes strict equal boolean literal like "a===true" or "a===false", and we generate TestReferenceEqual rather than TestStrictEqual for the comparasion. And also add typed optimization for ReferenceEqual when all inputs are boolean with boolean constant. Original change's description: > [interpreter] Optimize strict equal boolean > > For strict equal boolean literal like "a===true" > or "a===false", we could generate TestReferenceEqual > rather than TestStrictEqual. And in `execution_result()->IsTest()` > case, we could directly emit JumpIfTrue/JumpIfFalse. > > E.g. > ``` > a === true > ``` > Generated Bytecode From: > ``` > LdaGlobal > Star1 > LdaTrue > TestEqualStrict > ``` > To: > ``` > LdaGlobal > Star1 > LdaTrue > TestReferenceEqual > ``` > > E.g. > ``` > if (a === true) > ``` > Generated Bytecode From: > ``` > LdaGlobal > Star1 > LdaTrue > TestEqualStrict > JumpIfFalse > ``` > To > ``` > LdaGlobal > JumpIfTrue > Jump > ``` > > > Bug: v8:6403 > Change-Id: Ieaca147acd2d523ac0d2466e7861afb2d29a1310 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3568923 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Commit-Queue: 王澳 <wangao.james@bytedance.com> > Cr-Commit-Position: refs/heads/main@{#79935} Bug: v8:6403 Change-Id: I2ae3ab57dce85313af200fa522e3632af5c3a554 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3592039 Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#80141}	2022-04-25 10:02:05 +00:00
jameslahm	2e3fb275e7	[test] Move cctest/test-bignum to unittests ... /base/bignum-unittest. Bug: v8:12781 Change-Id: I217dd7c4ef59cf1fdbe83a268d0288c38f0e9d4d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599401 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80138}	2022-04-25 09:39:19 +00:00
Nico Hartmann	e1705d4755	[unittest] Temporarily disable ConservativeGCTracesWeakContainer test Bug: v8:12824 Change-Id: I96adf6c5d930b1476f7f1063ede4fc2344fb5885 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605242 Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#80137}	2022-04-25 09:38:16 +00:00
Tobias Tebbi	e4cc6ed44b	[turboshaft] initial commit TurboShaft is a new, CFG-based IR for TurboFan. This CL adds the basic IR and bidirectional translation from/to TurboFan's sea-of-nodes-based IR for some common operators (still incomplete even for JS). Bug: v8:12783 Change-Id: I162fdf10d583a9275a9f655f5b44b888faf813f6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3563562 Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#80136}	2022-04-25 09:12:15 +00:00
jameslahm	c2cd3e64f9	[test] Move cctest/test-code-pages to unittests ... /codegen/code-pages-unittest. Bug: v8:12781 Change-Id: Ied73476c801257fc9497b5101ea49a98b657f8ea Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599404 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80134}	2022-04-25 08:35:52 +00:00
jameslahm	0dbe725713	[web-snapshot] Fix snapshot scope info in Context - In DeserializeContext, scope info local values snapshot is in order of `name,value,name,value`, and we should ReadValue after ReadString. - Support non-inlined ScopeInfo locals, use NameToIndexHashTable to serialize and deserialize scope info local values when its local count is more than kScopeInfoMaxInlinedLocalNamesSize. Bug: v8:11525, v8:12820 Change-Id: I6ea2c498b594bed7ba8ca5be6af2ab9f0d39aa2b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3600531 Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80130}	2022-04-25 08:11:45 +00:00
jameslahm	f32335fea7	[test] Move cctest/test-concurrent-script-context-table to unittests ... /objects/concurrent-script-context-table-unittest. Bug: v8:12781 Change-Id: I6576d5d4cf9c07c189cef9e70e8a6e6f377eb41a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3600551 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80128}	2022-04-23 02:07:26 +00:00
Frank Tang	5c3627754e	[Temporal] Add Calendar.prototype.fields Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.fields Bug: v8:11544 Change-Id: I8df987ddbbf08372da637d7c4620c428fce97cae Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3534619 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80127}	2022-04-22 21:50:26 +00:00
Frank Tang	3ae42771de	[intl] Fix arm64-N5X failure in NumberFormat v3 due to precision issue Use the new ICU 71-1 API Precision::incrementExact https://unicode-org.github.io/icu-docs/apidoc/dev/icu4c/classicu_1_1number_1_1Precision.html#aedfb413e5a37c69868594c870a87134b Change-Id: I6d8841e5a07972d1be36026ce150eb83dbf300e7 Cq-Include-Trybots: luci.v8.try:v8_android_arm64_n5x_rel_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3430378 Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80126}	2022-04-22 21:42:15 +00:00
Deepti Gandluri	b0819480b4	[wasm-simd] Remove F32x4RecipApprox and F32x4RecipSqrtApprox These were originally proposed as a part of the fixed-width SIMD proposal, and were then migrated to the relaxed-simd proposal which also deems these operations out of scope. Github issue: https://github.com/WebAssembly/relaxed-simd/issues/4 Bug: v8:12284 Change-Id: I65ceb6dfd25c43cf49bd7ec5b5ecd6b32cc3516a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3595970 Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/main@{#80125}	2022-04-22 17:37:19 +00:00
legendecas	9135859a91	[ShadowRealm] Implement ShadowRealm.prototype.importValue As per https://tc39.es/ecma262/#sec-hostimportmoduledynamically defined, referencingScriptOrModule in HostImportModuleDynamically can be a Script Record, a Module Record, or null. So to https://tc39.es/proposal-shadowrealm/#sec-shadowrealmimportvalue, the HostImportModuleDynamicallyCallback is been invoked with a `null` resource_name. This may not be considered a breaking change as the parameter resource_name is defined as Local<Value>. Updates d8's DoHostImportModuleDynamically to handle null resource_name, and resolve the dynamically imported specifier relative to the executing script's origin. In this way, we have to set ModuleEmbedderData.origin even if the JavaScript source to be evaluated is Script. Also, a ModuleEmbedderData is created for each ShadowRealm to separate their module maps from the initiator context's. Bug: v8:11989 Change-Id: If70fb140657da4f2dd92eedfcc4515211602aa46 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3522883 Reviewed-by: Shu-yu Guo <syg@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Chengzhong Wu <legendecas@gmail.com> Cr-Commit-Position: refs/heads/main@{#80118}	2022-04-22 15:04:26 +00:00
jameslahm	3508f70cb7	[test] Move cctest/test-concurrent-js-array to unittests ... /objects/concurrent-js-array-unittest. Bug: v8:12781 Change-Id: Ie23432df7ffa785f96684060f5f2df3716713fd6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3600549 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80115}	2022-04-22 13:59:26 +00:00
jameslahm	4a285a2549	[iterator] Extend GetIterator to Check iterator type This CL extends GetIterator to check whether the result of calling @@iterator is JSReceiver and throw SymbolIteratorInvalid if it's not JSReceiver. GetIterator bytecode involves 3 steps now: - method = GetMethod(obj, @@iterator) - iterator = Call(method, obj) - if(!IsJSReceiver(iterator)) throw SymbolIteratorInvalid [Added] New Builtin: CallIteratorWithFeedbackLazyDeoptContinuation, which is used when lazy deopt is triggered by call @@iterator. Related spec: https://tc39.es/ecma262/#sec-getiterator. Related doc: https://docs.google.com/document/d/1s67HC2f-4zxA_s1Bmm7dfwMFv_KDUfMiWIKkNSeQNKw/edit#heading=h.kdzv8mq4g4ks. Bug: v8:9489 Change-Id: I17952c0f3e24e1e600ee1348809fb188c2c70f8e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3563447 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80112}	2022-04-22 12:58:56 +00:00
Milad Fa	0603f8a953	PPC/S390: Disable builtin remap on P/Z linux There is currently a bug in docker where fstat may not return the correct device id and as a result a check under `OS::RemapPages, stat_buf.st_dev != enclosing_region.dev` fails, details on the bug: https://github.com/moby/moby/issues/43512 Platform specific page sizes are also defined for kMaxPageSize to fix compilation errors. Change-Id: I026609329aa6432eda4f1880a0f586c0c2162461 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3601211 Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#80111}	2022-04-22 12:46:46 +00:00
jameslahm	b7f551cb94	[test] Move cctest/test-concurrent-feedback-vector to unittests ... /objects/concurrent-feedback-vector-unittest. Bug: v8:12781 Change-Id: Ib294adbf57d77fd6fff2801b35fd53cffd0d46c3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3600509 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80104}	2022-04-22 09:27:56 +00:00
jameslahm	62130792d1	[test] Move cctest/test-concurrent-string to unittests ... /objects/concurrent-string-unittest. - Add AsciiToTwoByteString to convert ascii string to two byte string. Bug: v8:12781 Change-Id: Icc2f745846fa10ec940085eab0ef022d7c277e0a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3600552 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80101}	2022-04-22 08:22:57 +00:00
Frank Tang	7a919fe25f	[Temporal] Add ZoneDateTime.prototype.offset* Spec Text: https://tc39.es/proposal-temporal/#sec-get-temporal.zoneddatetime.prototype.offset https://tc39.es/proposal-temporal/#sec-get-temporal.zoneddatetime.prototype.offsetnanoseconds Bug: v8:11544 Change-Id: Ia88d96b038117a8e528ff9d0cdb9a07fb7cbcda5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3385606 Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80096}	2022-04-21 20:24:35 +00:00
Joyee Cheung	e9ad915a65	Fix the NearHeapLimitCallback test when single genration is enabled Normally, taking a heap snapshot in the near heap limit would result in a full GC, then the overhead of the promotions would cause another invocation of the heap limit callback and it can raise the limit in the second call to avoid an OOM, so we test that the callback can indeed raise the limit this way in this case. When there is only one generation, however, there would not be the overhead of promotions so the callback may not be triggered again during the generation of the heap snapshot. In that case we only need to check that the callback is called and it can perform GC-triggering operations jsut fine there. Bug: v8:12815 Change-Id: If244417624b56bc068aed480fb3391d26c19005a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3600357 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Joyee Cheung <joyee@igalia.com> Cr-Commit-Position: refs/heads/main@{#80094}	2022-04-21 18:50:15 +00:00
Tobias Tebbi	4e9cb635b5	[test] skip regress/regress-crbug-1239907 on TSAN Bug: v8:12822 Change-Id: Idc8225640e132d175d2c06b530d77fcda7362b55 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599486 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#80092}	2022-04-21 16:35:35 +00:00
jameslahm	ea9870747d	[test] Move cctest/concurrent-descriptor-array-unittest to ... unittests/objects/concurrent-descriptor-array-unittest. Bug: v8:12781 Change-Id: Iad4e99e256745d2874e6b03c2fe1c91b5599ab30 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596443 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80091}	2022-04-21 16:26:18 +00:00
Leszek Swirski	88976125a6	[maglev] Implement LdaContextSlot In the simplest way possible. Bug: v8:7700 Change-Id: I155aaf85192b75c89617820d6f127a2ae04c7d9b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599484 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#80089}	2022-04-21 16:06:15 +00:00
jameslahm	058e5fa6a8	[test] Move cctest/test-bit-vector to unittests ... /utils/bit-vector-unittest. Bug: v8:12781 Change-Id: I26b9c2b8a911b513d65d54476b78a0bbac7aa78f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596445 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80086}	2022-04-21 15:27:09 +00:00
jameslahm	b8a01ce09f	[test] Move cctest/test-compiler to unittests ... /compiler/compiler-unittest. - Add PrintExtension for adding print function. - Add WithPrintExtensionMixin to register PrintExtension. - Add StreamerThread to run a ScriptStreamingTask in a separate thread. Bug: v8:12781 Change-Id: I9d3324f3a8dcf00b5b121db6007c9a3cb2972313 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596442 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80084}	2022-04-21 14:35:16 +00:00
Michael Lippautz	91badec697	[api] Deprecate unused GlobalHandles APIs that peek into internals When moving forward and optimizing internals, these APIs cannot be trusted anymore as their semantics are tangled to the current implementation. Bug: v8:12819 Change-Id: I0e3370724307a420ee42fed8070b55542be9400d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599475 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Auto-Submit: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#80082}	2022-04-21 12:55:15 +00:00
Leszek Swirski	c0a63243e9	[maglev] Start implenting inlining Add a --maglev-inlining flag, and add some half-baked support for inlining functions when there is call feedback. When the flag is enabled and there is call feedback, we create a nested MaglevGraphBuilder for the current graph, and pause building the graph of the outer function. We manually set up its prologue to set up its frame with the arguments pass into the call, build the body with the nested graph builder. This inner builder knows that it is building an inlined function, and all Return bytecodes will instead emit a Jump to a single merge block at the end of the function, where execution of the outer function can resume. These inner function basic blocks are wired into the outer graph with new JumpToInline and JumpFromInline control nodes. The idea is that subsequent passes will know what the inline function is, and will use these to manage the function stack (particularly for codegen and especially deopts). Bug: v8:7700 Change-Id: I4e9b153f8cf4d06c56e7be6365e7a18b86a773c0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3585958 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#80077}	2022-04-21 10:43:35 +00:00
jameslahm	056f7e526c	[test] Move cctest/test-array-list to unittests ... /objects/array-list-unittest. Bug: v8:12781 Change-Id: I8bf50cd6680b6a875fb7029a6767eebc39ed8b13 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596444 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80074}	2022-04-21 09:49:26 +00:00
Benoît Lizé	63b3d33245	[builtins] Embedded builtins don't depend on RAM on Android So don't test it. This was changed in https://chromium-review.googlesource.com/c/v8/v8/+/3596164, breaking this test on low-RAM ARM64 Android devices. Bug: v8:12814 Change-Id: I25caf748607c33f5f632eb5236643ea5e327f867 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596129 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80073}	2022-04-21 08:27:21 +00:00
Michael Lippautz	2ae2aa92b1	[api] Remove APIs for resurrecting finalizers Removes support for specifying weak handles with finalizers that allow for object resurrection. This CL removes the public facing APIs. Internal support will be removed in a follow up. Bug: v8:12672 Change-Id: Ia6ea269093aaa128caadb7508aca2e5a1254923c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596174 Auto-Submit: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#80070}	2022-04-21 07:05:25 +00:00
Shu-yu Guo	0e9be2c2c7	Revert "[test] Move tracing cctest to unittests" This reverts commit `a7d6bf9662`. Reason for revert: GN breakage preventing lkgr: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Blink%20Linux/16971/overview Original change's description: > [test] Move tracing cctest to unittests > > Bug: v8:12781 > Change-Id: Idc50a20f17de3af25372833b28cb16ac9a0e6485 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3574552 > Auto-Submit: Leszek Swirski <leszeks@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Commit-Queue: Michael Lippautz <mlippautz@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80065} Bug: v8:12781 Change-Id: Icb295f7203cec4aef4bda491d08a39ce0c66fa0b No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3597242 Auto-Submit: Shu-yu Guo <syg@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80068}	2022-04-20 22:35:14 +00:00
Shu-yu Guo	9eb426cb2e	Fix #if -> #ifdef in platform-unittest.cc to unblock roll See https://ci.chromium.org/ui/p/chromium/builders/try/linux-chromeos-rel/1172178/overview Change-Id: I97d25fd36c4b5fce4eb1d86c423443c2395af793 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3598030 Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#80067}	2022-04-20 20:58:06 +00:00
legendecas	c779a08f7c	[builtins] Handle broken promises in AsyncGenerator.prototype.return As ecma262 normative change https://github.com/tc39/ecma262/pull/2683, exception thrown on PromiseResolve the broken promises need to be caught and use it to reject the promise returned by `AsyncGenerator.prototype.return`. AsyncGeneratorReturn didn't handle the exception thrown by Await. This CL add an exception handler around it and pass through the caught exception to the returned promise and resume the generator by AsyncGeneratorAwaitResume if the generator is not closed, otherwise reject the promise by AsyncGeneratorReject and drain the queue. Bug: v8:12770 Change-Id: Ic3cac4ce36a6d8ecfeb5d7d762a37a2e0524831c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3581158 Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Chengzhong Wu <legendecas@gmail.com> Cr-Commit-Position: refs/heads/main@{#80066}	2022-04-20 17:14:14 +00:00
Leszek Swirski	a7d6bf9662	[test] Move tracing cctest to unittests Bug: v8:12781 Change-Id: Idc50a20f17de3af25372833b28cb16ac9a0e6485 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3574552 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80065}	2022-04-20 16:53:44 +00:00
Marja Hölttä	c071cc96b3	[web snapshots] Add a JS API for deserializing Web snapshots This enables downloading web snapshots with XMLHttpRequest and deserializing them. Bug: v8:11525 Change-Id: I498f1e99795d474a1715fce9aa1d8c1a34651c42 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3585961 Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#80064}	2022-04-20 16:02:20 +00:00
Liu Yu	7aa4cc4bae	Reland "[loong64][mips64][fastcall] Enable float support on loong64 and mips64" Besides, enable float support on simulator. Port commit `098f31f495` Port commit `a6da816119` As defined in https://loongson.github.io/LoongArch-Documentation/LoongArch-ELF-ABI-EN.html#_procedure_calling_convention Loongarch calling convention uses GP to pass floating-point arguments when no FP is available. Bug: v8:12614, chromium:1052746 Change-Id: I33d4115674604604b2b7e9178a306efb6000222b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3448195 Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Yu Liu <liuyu@loongson.cn> Auto-Submit: Yu Liu <liuyu@loongson.cn> Cr-Commit-Position: refs/heads/main@{#80062}	2022-04-20 15:56:05 +00:00
Al Muthanna Athamina	e2f9c45e6d	Unify naming convention for tests and filter them in TestLoader for cctest Bug: v8:12802 Change-Id: I2573ed6b59fe51a135bbec5734ff1b7414316b0a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596163 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#80056}	2022-04-20 14:19:55 +00:00
Thibaud Michaud	ae9464668b	[wasm-relaxed-simd] Add relaxed swizzle in Liftoff on ia32/x64 R=clemensb@chromium.org CC=gdeepti@chromium.org Bug: v8:12284 Change-Id: Idddb0b7648b29612fa0308520ca2fc2a3e5647f9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3593218 Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#80055}	2022-04-20 14:11:55 +00:00
Benoît Lizé	8d186bb453	Reland "[builtins] Remap builtins on Linux" Reason for reland: Fixed Fuchsia build. Original change's description: > [builtins] Remap builtins on Linux > > This is a CL similar to > https://chromium-review.googlesource.com/c/v8/v8/+/3553006, but on Linux > rather than macOS. The goal is to allow builtins to use short builtin > calls without paying a memory cost, by remapping rather than copying > them. > > However, while macOS has a system call making this easier, on Linux we > don't have one on most kernels. There is the recently-introduced > mremap(MREMAP_DONTUNMMAP), which is available in 5.7, but only works on > anonymous mappings until 5.13, which is too recent for most Android > devices. > > Instead, we open() the file containing the builtins, and mmap() it at > the desired location. > > Change-Id: I4524f349948b8f48c4536cf392a1cd179662a6cc > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3570426 > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Reviewed-by: Jakob Linke <jgruber@chromium.org> > Commit-Queue: Benoit Lize <lizeb@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80022} Change-Id: I0cc8cf510bd2cb8621130bea8406d79aa209948c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596164 Reviewed-by: Jakob Linke <jgruber@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Benoit Lize <lizeb@chromium.org> Cr-Commit-Position: refs/heads/main@{#80049}	2022-04-20 13:04:34 +00:00
Jakob Gruber	447bf33d78	[osr] Add JumpLoop feedback slot operand .. which points back at the corresponding feedback vector slot for each JumpLoop bytecode. Bug: v8:12161 Change-Id: I95f4d013544a69e088314655af7eb1dc504a8657 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596166 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#80048}	2022-04-20 12:57:44 +00:00
Thibaud Michaud	4f7d37a574	[wasm-relaxed-simd] Implement qfma in Liftoff on ia32/x64 R=clemensb@chromium.org CC=gdeepti@chromium.org Bug: v8:12284 Change-Id: If78b5a86364b015483131ef321ca9e928e8ddfc1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3585338 Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#80047}	2022-04-20 12:43:24 +00:00
Simon Zünd	ec41a70e38	[inspector] Add 'canBeRestarted' flag to CallFrames when debugger pauses Doc: https://bit.ly/revive-restart-frame Context: https://crrev.com/c/3582395 (whole feature) This CL adds a new optional flag `canBeRestarted` to every call frame in Debugger.paused events. As the name suggests, the flag indicates whether we can restart a particular frame through Debugger.restartFrame once implemented. We are not able to safely restart all frames: * We don't support WASM frames * We don't support frames where resumable functions (async fns, generators) and embedder C++ frames are between the top-most frame and the to-be-restarted frame. Note that from a CDP perspective the flag doesn't actually guarantee a successful restart. CDP clients can issue CDP commands between the Debugger.paused event and before a user decides to restart a frame, which can potentially mess with the stack. The `canBeRestarted` flag tests are folded into the Debugger.restartFrame tests. As the feature is not yet fully implemented we short-circuit most of the tests for now and only run them up until the first Debugger.restartFrame call fails (except "fails-for-resumables.js"). This means the tests exercise the `canBeRestarted` flag, but not the restarting functionality itself. R=bmeurer@chromium.org, kimanh@chromium.org Bug: chromium:1303521 Change-Id: I01ab46dc3557ab8383960969fbe03e00604cc5e2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596160 Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Kim-Anh Tran <kimanh@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/main@{#80046}	2022-04-20 12:40:34 +00:00
Clemens Backes	71ed79beb3	[wasm] Add regression test for 1314184 The fix is merged to all channels, add the regression test. R=thibaudm@chromium.org Bug: chromium:1314184 Change-Id: I7b7ca13ff34b19c3dbb727d248619dc1ff874873 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596161 Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#80044}	2022-04-20 11:40:19 +00:00
Andreas Haas	6cdc42b7dc	[wasm] Update spec tests R=manoskouk@chromium.org Change-Id: I931e8ab0847db5126c2895412b4b357d482dfeb1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3593782 Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#80040}	2022-04-20 09:23:44 +00:00
Simon Zünd	29c4cf0e3c	[inspector] Move restart-frame test helpers into protocol-test.js R=bmeurer@chromium.org Bug: chromium:1303521 Change-Id: Iff7247fda94037ff4f9d37f334d386eb4e63ce62 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3595819 Commit-Queue: Simon Zünd <szuend@chromium.org> Auto-Submit: Simon Zünd <szuend@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/main@{#80038}	2022-04-20 08:02:34 +00:00
Simon Zünd	f6cb798753	[inspector] Add disabled tests for 'Restart frame' 2/2 Doc: https://bit.ly/revive-restart-frame Context: https://crrev.com/c/3582395 (whole feature) This CL adds the second batch of inspector tests for the upcoming "Restart frame" feature. Landing the tests upfront allows us to better discuss the proposed API as well as think early about corner cases we should test. The tests check for the functionality of `Debugger.restartFrame`, as well as the newly added parameter `canBeRestarted` in the `Debugger.paused` event. Bug: chromium:1303521 Change-Id: Ie9dda100cdc5217a4e4cc2f0cf7019a33d124120 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3585947 Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Kim-Anh Tran <kimanh@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/main@{#80037}	2022-04-20 06:55:35 +00:00
Clemens Backes	f1b6092c52	[liftoff] Move more options into LiftoffOptions {LiftoffOptions} already contains many (optional) parameters for Liftoff compilation, but not all of them. This CL moves the function index and the {for_debugging} field also into that struct, to further reduce the number of parameters to {ExecuteLiftoffCompilation} and to improve readability by having a factory-like initialization of the {LiftoffOptions} struct. That struct is now also passed down to the LiftoffCompiler directly instead of unpacking the fields again. R=thibaudm@chromium.org Bug: v8:12809 Change-Id: I8824a1908f214cbf4c21f113934fef3ece1bf88b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3513894 Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#80032}	2022-04-19 16:21:21 +00:00
Shu-yu Guo	a8b04431a8	Revert "[builtins] Remap builtins on Linux" This reverts commit `b1dd828707`. Reason for revert: Breaking fuschia build https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Fuchsia%20-%20builder/13592/overview Original change's description: > [builtins] Remap builtins on Linux > > This is a CL similar to > https://chromium-review.googlesource.com/c/v8/v8/+/3553006, but on Linux > rather than macOS. The goal is to allow builtins to use short builtin > calls without paying a memory cost, by remapping rather than copying > them. > > However, while macOS has a system call making this easier, on Linux we > don't have one on most kernels. There is the recently-introduced > mremap(MREMAP_DONTUNMMAP), which is available in 5.7, but only works on > anonymous mappings until 5.13, which is too recent for most Android > devices. > > Instead, we open() the file containing the builtins, and mmap() it at > the desired location. > > Change-Id: I4524f349948b8f48c4536cf392a1cd179662a6cc > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3570426 > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Reviewed-by: Jakob Linke <jgruber@chromium.org> > Commit-Queue: Benoit Lize <lizeb@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80022} Change-Id: I0093fe84216f8c8fd1a8691c53817e578d92fa40 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3594009 Auto-Submit: Shu-yu Guo <syg@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Shu-yu Guo <syg@chromium.org> Owners-Override: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#80028}	2022-04-19 15:27:28 +00:00
jameslahm	e2679ec79a	[test] Migrate TEST(TryCatch...) in cctest/test-api to unittests. - Add RunJSNoChecked to run the script which possibly throws. - Add CompileRun to run the script outside TEST_F, e.g., in FunctionTemplate and helpers etc. Bug: v8:12781 Change-Id: Ibab2e19cf1f7c76f7a81a90fc5894e7e6bfb7cdf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3586770 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80025}	2022-04-19 15:11:37 +00:00
Benoît Lizé	b1dd828707	[builtins] Remap builtins on Linux This is a CL similar to https://chromium-review.googlesource.com/c/v8/v8/+/3553006, but on Linux rather than macOS. The goal is to allow builtins to use short builtin calls without paying a memory cost, by remapping rather than copying them. However, while macOS has a system call making this easier, on Linux we don't have one on most kernels. There is the recently-introduced mremap(MREMAP_DONTUNMMAP), which is available in 5.7, but only works on anonymous mappings until 5.13, which is too recent for most Android devices. Instead, we open() the file containing the builtins, and mmap() it at the desired location. Change-Id: I4524f349948b8f48c4536cf392a1cd179662a6cc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3570426 Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Jakob Linke <jgruber@chromium.org> Commit-Queue: Benoit Lize <lizeb@chromium.org> Cr-Commit-Position: refs/heads/main@{#80022}	2022-04-19 13:35:07 +00:00
Yolanda Chen	c48ec6f7bb	[x64] Implement 256-bit assembly for SSE2_UNOP instructions The SSE2_UNOP instructions have various src and dst register types for 256-bit AVX. One of them, the ucomisd instruction does not support YMM. Other two: vcvtpd2ps and vcvttpd2dq use XMM as dst register. We extend the Operand type to Operand256 to represent m256 to distiguish with the 128-bit AVX instruction. Since this is a small suite, we explicitly specify the operand type for each instruction. Bug: v8:12228 Change-Id: I07c8168bd49f75eb8e4df8d6adfcfb37c1d34fff Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3518423 Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Yolanda Chen <yolanda.chen@intel.com> Cr-Commit-Position: refs/heads/main@{#80020}	2022-04-19 13:01:50 +00:00
Camillo Bruni	4b0737d29d	[log] Rename logging classes i::Logger => i::V8Log i::PerfJitLogger => i::LinuxPerfJitLogger i::PerfBasicLogger => i::LinuxPerfBasicLogger Note: V8Log is currently still managing instances of other loggers, this functionality will be moved to a separate class in the future. Bug: v8:12795, chromium:1316443 Change-Id: Id1b44e65abb7819eb6d6c718a1baa9ed61ad51aa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3593133 Reviewed-by: Jakob Linke <jgruber@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80016}	2022-04-19 12:07:16 +00:00
Ilja Iskovs	9e55269b45	[wasm-simd][arm64] Use Bic(x, imm) for And(x, [Not](imm)) when possible Immediate version of the Bitclear instruction can be used for logical And with some immediates. It can also be used to implement And(x, Not(imm)) in a single instruction. This patch gives ~0.5% runtime improvement in one benchmark on Neoverse N1. Change-Id: Ia926c6746f0c252f81626c6fca21c4dfb41679d9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3160667 Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Martyn Capewell <martyn.capewell@arm.com> Cr-Commit-Position: refs/heads/main@{#80015}	2022-04-19 10:09:37 +00:00
Simon Zünd	ad0677129b	[inspector] Add disabled tests for 'Restart frame' 1/2 Doc: https://bit.ly/revive-restart-frame Context: https://crrev.com/c/3582395 (whole feature) This CL adds the first batch of inspector tests for the upcoming "Restart frame" feature. Landing the tests upfront allows us to better discuss the proposed API as well as think early about corner cases we should test. The tests check for the functionality of `Debugger.restartFrame`, as well as the newly added parameter `canBeRestarted` in the `Debugger.paused` event. Bug: chromium:1303521 Change-Id: Ibda6d8b6110fce893e0844f8902fbd5d901ae01d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3585946 Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Kim-Anh Tran <kimanh@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/main@{#80013}	2022-04-19 09:00:17 +00:00
Igor Sheludko	fe392704aa	Reland "[rwx][mac] Introduce RwxMemoryWriteScope" This is a reland of commit `4d8e1846a7` One of the Mac arm64 bots failed to link an exported thread_local static variable (crbug/1316800). Original change's description: > [rwx][mac] Introduce RwxMemoryWriteScope > > ... as a single bottleneck that encapsulates the semantics and > implementation of fast per-thread W^X permission switching supported > by Apple Silicon (arm64 M1). > On other architectures this class is a no-op. > > Bug: v8:12797 > Change-Id: Ica842ff9f843e20b7f61fd7e80591e7a1fd29771 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3586986 > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Commit-Queue: Igor Sheludko <ishell@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79994} Bug: v8:12797 Change-Id: Ifbd15c233bb343f11daa89b1328b5bf65c4806f4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3591332 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#80011}	2022-04-19 08:48:47 +00:00
Jakob Linke	3b772a2397	Revert "[interpreter] Optimize strict equal boolean" This reverts commit `62632c0805`. Reason for revert: Performance regressions crbug.com/1315724 Original change's description: > [interpreter] Optimize strict equal boolean > > For strict equal boolean literal like "a===true" > or "a===false", we could generate TestReferenceEqual > rather than TestStrictEqual. And in `execution_result()->IsTest()` > case, we could directly emit JumpIfTrue/JumpIfFalse. > > E.g. > ``` > a === true > ``` > Generated Bytecode From: > ``` > LdaGlobal > Star1 > LdaTrue > TestEqualStrict > ``` > To: > ``` > LdaGlobal > Star1 > LdaTrue > TestReferenceEqual > ``` > > E.g. > ``` > if (a === true) > ``` > Generated Bytecode From: > ``` > LdaGlobal > Star1 > LdaTrue > TestEqualStrict > JumpIfFalse > ``` > To > ``` > LdaGlobal > JumpIfTrue > Jump > ``` > > > Bug: v8:6403 > Change-Id: Ieaca147acd2d523ac0d2466e7861afb2d29a1310 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3568923 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Commit-Queue: 王澳 <wangao.james@bytedance.com> > Cr-Commit-Position: refs/heads/main@{#79935} Bug: v8:6403, chromium:1315724 Change-Id: I65c520590093724e838f738c795d229687efb9de Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3592752 Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80010}	2022-04-19 08:29:07 +00:00
Deepti Gandluri	e73757beaa	Revert "[rwx][mac] Introduce RwxMemoryWriteScope" This reverts commit `4d8e1846a7`. Reason for revert: Blocks V8 roll, crbug.com/1316800 Original change's description: > [rwx][mac] Introduce RwxMemoryWriteScope > > ... as a single bottleneck that encapsulates the semantics and > implementation of fast per-thread W^X permission switching supported > by Apple Silicon (arm64 M1). > On other architectures this class is a no-op. > > Bug: v8:12797 > Change-Id: Ica842ff9f843e20b7f61fd7e80591e7a1fd29771 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3586986 > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Commit-Queue: Igor Sheludko <ishell@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79994} Bug: v8:12797 Change-Id: I81792567839e72b4147d009c0845b0c0de003eb0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3590752 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Owners-Override: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/main@{#80007}	2022-04-18 18:18:47 +00:00
Frank Tang	c9617b66fd	[test262] Roll test262 `d7c0a207..33a5433d` Bug: v8:7834 Change-Id: I2c10e4470bf02de864666fa7410ce472a42b8359 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3585357 Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80006}	2022-04-18 18:10:46 +00:00
jameslahm	f2c4c598fb	[error] Improve error message for array spread ... on non-iterable object. In CallPrinter::VisitAssignment, when found_ is true, we could print node->target to show the error node value, avoid printing twice for the assignment. Bug: v8:10854 Change-Id: I5f295f46b5639b715f762935e675598d1d780f98 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3586763 Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#79997}	2022-04-15 01:23:54 +00:00
Igor Sheludko	4d8e1846a7	[rwx][mac] Introduce RwxMemoryWriteScope ... as a single bottleneck that encapsulates the semantics and implementation of fast per-thread W^X permission switching supported by Apple Silicon (arm64 M1). On other architectures this class is a no-op. Bug: v8:12797 Change-Id: Ica842ff9f843e20b7f61fd7e80591e7a1fd29771 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3586986 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#79994}	2022-04-14 15:20:40 +00:00
Clemens Backes	f6a559e2c0	[wasm] Make DynamicTiering a boolean enum This makes usages less verbose, and is consistent with other existing enums. Also, we can use brace initialization to avoid boilerplate when creating a DynamicTiering value. Drive-by: Rename a 'kIncludeLiftoff' variable to 'include_liftoff' because it is not a static constant. R=jkummerow@chromium.org Bug: v8:12281 Change-Id: Ie45fdb550241a8b9ca4e2a31b7c27500939fa247 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3585566 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#79993}	2022-04-14 14:57:40 +00:00
Camillo Bruni	3608b831e9	[log] CodeEventDispatcher refactoring - Rename CodeEventDispatcher to LogEventDispatcher - Use std::vector instead of std::unordered_set, dispatching speed is more important than addition/removal of listeners - Changing the LogEventDispatcher code to be more code-search friendly - Use a raw pointer for the LogEventDispatcher instance on the isolate it's a single-owned entity Bug: v8:12795 Change-Id: I139f05431519c18cba33d1506467be918f52658c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3582125 Reviewed-by: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Jakob Linke <jgruber@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#79990}	2022-04-14 13:11:51 +00:00
Tobias Tebbi	52fd8054be	[test] skip all Torque unittests on Mac Arm64 Change-Id: I0dbb0e800908d02a783393c3e329d306316b03c7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3585949 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#79985}	2022-04-14 08:49:11 +00:00
Corentin Pescheloche	ac2275b81b	[profiler] prevent duplicate id With the switch to primitive ids make sure no profiler can be returned with the same id. Bug: chromium:1297283 Change-Id: I9cf944e9a472ea45679feb0f30137dba95a32ca6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3582786 Auto-Submit: Corentin Pescheloche <cpescheloche@fb.com> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#79975}	2022-04-13 21:19:29 +00:00
Anton Bikineev	0d57754cbf	cppgc: young-gen: Pack AgeTable knowing allocation granularity This reduces card granularity from 4096 to 512 bytes with the goal to improve write barrier filtering. Bug: chromium:1029379 Change-Id: I22e2a9c61ef4c36c3db65404370213d0a8048e08 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3582393 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#79960}	2022-04-13 14:58:17 +00:00
Marja Hölttä	682ba0efd3	[valueserializer] Implement a compatibility mode for deserializing broken data For a while, we shipped a version which writes version 13 data with JSArrayBufferView flags, and then fixed version 13 to not include the flags. This CL adds a compatibility mode for parsing the the version 13 data which includes the flags, since it still occurs in the wild. Bug: chromium:1314833,chromium:1284506 Change-Id: I96cc432c8574a40b11ec0037394feb1853515760 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3583982 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#79959}	2022-04-13 13:58:49 +00:00
Michael Lippautz	431da4644a	[heap] Convert test-lab.cc -> lab-unittest.cc Bug: v8:12781 Change-Id: I4cf23035a7679efdb4830335b75d8616abfbbe08 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3582385 Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#79958}	2022-04-13 13:30:59 +00:00
Nikolaos Papaspyrou	ae0480a01b	heap: Inline GCTracer::Scope constructor and destructor Tracer scopes are used in numerous places in src/heap to track time spent during various phases of the garbage collection. Usually, they are introduced with the TRACE_GC* family of macros, taking the scope identifier as a parameter. At most call sites, the scope identifier is known at compile time. This CL inlines the constructor and destructor of GCTracer::Scope, in order to enable the C++ compiler to properly optimize the introduction of such scopes when the scope identifier is known at compile time, using constant propagation. This is expected to have a performance impact for short-lived and frequently used scopes, e.g., in incremental marking and sweeping steps. Change-Id: I6f1a2954a437de1fa6dab5e464c20c952d84ffd4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3581774 Reviewed-by: Omer Katz <omerkatz@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org> Cr-Commit-Position: refs/heads/main@{#79957}	2022-04-13 13:17:39 +00:00
Omer Katz	39f419f045	[heap] Move allocation logic to SpaceWithLinearArea NewSpace and PagedSpace both inherit from SpaceWithLinearArena and implement allocation logic on top of it. The parts of the allocation path that deal specifically with the linear allocation area are equivalent (only minor syntactic differences between them). This CL refactors the allocation from a linear allocation area out of NewSpace and PagedSpace and moves it to SpaceWithLinearArea. This eliminates code duplication and keeps everything generally still working the same. This is done as part of an effort to create a stable NewSpace interface to allow introducing an alternative paged new space. Bug: v8:12612 Change-Id: Ie24345a2d51f6e67ebe8a1d67e586038f7aec8de Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3578547 Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/main@{#79955}	2022-04-13 10:48:00 +00:00
Nikolaos Papaspyrou	d609cd9829	heap: Fix reporting of incremental and background scopes Method GCTracer::UpdateStatistics was responsible for copying incremental and background scopes to the current event, before reporting. It was called, however, at the end of the atomic pause and, as a result, some of these scopes would be prematurely copied to the current event (e.g., incremental and background sweeping scopes) and misreported. This CL fixes this by splitting the update of statistics and the copying of incremental and background scopes. It introduces the method GCTracer::FinalizeCurrentEvent which does the latter, which is called from GCTracer::StopCycle. It also introduces methods for correctly accessing and updating scopes, before the current event is finalized, and eliminates the distinction between GCTracer::AddScopeSample and GCTracer::AddScopeSampleBackground. Bug: chromium:1154636 Change-Id: I2a6d9abb3daa2c48b2dce12dc2685cfc84130abf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3576792 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org> Cr-Commit-Position: refs/heads/main@{#79938}	2022-04-12 10:24:18 +00:00
jameslahm	a544b4967e	[runtime] Fix arguments length DCHECK ... in Runtime::kCopyDataPropertiesWithExcludedPropertiesOnStack. Bug: v8:11614 Change-Id: Ief6d62fff242d3d38c4e586c7252935d3527ddf1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3581534 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#79937}	2022-04-12 10:23:15 +00:00
jameslahm	62632c0805	[interpreter] Optimize strict equal boolean For strict equal boolean literal like "a===true" or "a===false", we could generate TestReferenceEqual rather than TestStrictEqual. And in `execution_result()->IsTest()` case, we could directly emit JumpIfTrue/JumpIfFalse. E.g. ``` a === true ``` Generated Bytecode From: ``` LdaGlobal Star1 LdaTrue TestEqualStrict ``` To: ``` LdaGlobal Star1 LdaTrue TestReferenceEqual ``` E.g. ``` if (a === true) ``` Generated Bytecode From: ``` LdaGlobal Star1 LdaTrue TestEqualStrict JumpIfFalse ``` To ``` LdaGlobal JumpIfTrue Jump ``` Bug: v8:6403 Change-Id: Ieaca147acd2d523ac0d2466e7861afb2d29a1310 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3568923 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#79935}	2022-04-12 08:58:28 +00:00
Joyee Cheung	4c29cf1b78	[heap] fix invocation of NearHeapLimitCallback This patch makes sure that NearHeapLimitCallback can invoke operations that trigger garbage collections. In addition this adds code to make the tracers aware of NearHeapLimitCallback. Bug: v8:12777 Change-Id: I959a23a3e0224ba536cb18b14933813e56fc5292 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3575468 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Joyee Cheung <joyee@igalia.com> Cr-Commit-Position: refs/heads/main@{#79934}	2022-04-12 08:04:55 +00:00
Michael Lippautz	1b405b145f	[heap] Don't publish marking barrier in final marking step The barrier is published in the atomic pause following the final step. Bug: v8:12775 Change-Id: Ia77e1d213cc02a086d7a557999481b633e6b4df4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3582039 Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#79928}	2022-04-11 18:56:15 +00:00
Maksim Sadym	a913a75b8c	Add `WebDriverBiDi` serialization to CDP 1. Added `generateWebDriverValue` flag to `Runtime.evaluate` and `Runtime.callFunctionOn`. 2. Added `webDriverValue` field to `RemoteObject`, and set it in case of the `generateWebDriverValue` flag was set. 3. Added virtual method `bidiSerialize` to allow embedder-implemented serialization (like in https://crrev.com/c/3472491). 4. Implemented V8 serialization in a separate class `V8WebDriverSerializer`. 5. Hardcode `max_depth=1`. 6. Added tests. Not implemented yet: 1. `objectId`. 2. Test of embedder-implemented serialization. Tested automatically by: ``` python3 tools/run-tests.py --outdir out/foo inspector/runtime/add-web-driver-value ``` Naming to be discussed. Suggestions are very welcome. Design doc: http://go/bidi-serialization Change-Id: Ib35ed8ff58e40b3304423cc2139050136d844e2c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3472077 Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Maksim Sadym <sadym@chromium.org> Cr-Commit-Position: refs/heads/main@{#79922}	2022-04-11 15:51:54 +00:00
Lu Yahan	b33075961b	[wasm] flag_liftoff_only should disable wasm-dynamic-tiering in cctest FlagScope can't automatically disable wasm-dynamic-tiering. Bug: v8:7748 Change-Id: Ieb59e20b4cb4436277aa88b615bca07657a1212c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3578109 Auto-Submit: Yahan Lu <yahan@iscas.ac.cn> Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#79920}	2022-04-11 14:59:35 +00:00
Jakob Gruber	65885dab44	Reland "[osr] Enable concurrent OSR" This is a reland of commit `6879c515d0` Original change's description: > [osr] Enable concurrent OSR > > Fixed: v8:12161 > Change-Id: Ie6e83dd4f261fff2d1fa8613116e83ef6b61561f > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3576116 > Auto-Submit: Jakob Linke <jgruber@chromium.org> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79857} Change-Id: I418a1166c5eff4156f0c4406f024fc1ba5746732 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3582038 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79915}	2022-04-11 13:09:35 +00:00
Clemens Backes	d3db97f8ce	[codegen] Bring back path for non-sse4.1 and non-avx The roundss / vroundss instruction is only available on AVX or SSE4_1 hardware. Thus bring back the old code path with much longer code for such old hardware. R=tebbi@chromium.org Bug: chromium:1314363 Change-Id: I79a58627c8b406817330e9f9601234cea28182c1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3578642 Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#79914}	2022-04-11 12:53:04 +00:00
Nico Hartmann	3864c9610a	[turbofan] Print an additional Turbolizer phase for SLVerifier To make the existing mechanism for printing JSON for turbolizer able to print types other than the ones stored in the nodes (so the verifier can print its own types here), this CL restructures the printing mechanism into a single non-private class that can be inherited to override certain parts of the printing. In this CL only GetType is made virtual to allow verifier to override it, but additional parts can be made overridable whenever necessary. Bug: v8:12619 Change-Id: Idf31f8cdb49eb6c3204c6abfbb74fc981330d6d2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3571818 Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#79909}	2022-04-11 09:46:04 +00:00
Camillo Bruni	1b8d4e3adb	[api] Remove FLAG_log_api API logging has not been used in a while and we have valid alternatives: - Runtime call stats - Profiling - Timer events Together they make --log-api superfluous and we can remove it and reduce the number of branches when calling into the V8 API. Change-Id: Ie10f70b61ebdb82166270e7630ebcf20a27c4902 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3574549 Reviewed-by: Marja Hölttä <marja@chromium.org> Auto-Submit: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Jakob Linke <jgruber@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79904}	2022-04-11 06:24:44 +00:00
jameslahm	14718889ee	[error] Improve error message for static methods This CL changes frame message from `Function.${staticMethodName}` to `${className}.${staticMethodName}` for stack trace in class static methods. Bug: v8:12778 Change-Id: Ie2b9471066a6ba38265412f4af471789bd375c98 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3575759 Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#79898}	2022-04-09 01:56:02 +00:00
Anton Bikineev	8b1fb3abda	cppgc: young-gen: Enable concurrent sweeping for minor GCs Similar to full GCs, the GC defers metric reporting until sweeping is finished. Bug: chromium:1029379 Change-Id: Ib06adb3be691c1ad2bd530eb77fc01cc22537338 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3576130 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Nikolaos Papaspyrou <nikolaos@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#79891}	2022-04-08 14:40:15 +00:00
Leszek Swirski	fef7720fd3	Revert "[osr] Enable concurrent OSR" This reverts commit `6879c515d0`. Reason for revert: Speculative revert for roll failures https://ci.chromium.org/ui/p/chromium/builders/try/win_optional_gpu_tests_rel/80674/overview Original change's description: > [osr] Enable concurrent OSR > > Fixed: v8:12161 > Change-Id: Ie6e83dd4f261fff2d1fa8613116e83ef6b61561f > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3576116 > Auto-Submit: Jakob Linke <jgruber@chromium.org> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79857} Change-Id: I05bd9594e8ce3db71acb31cf4c626c066158ceaa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3579163 Owners-Override: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#79890}	2022-04-08 14:33:06 +00:00
Thibaud Michaud	04b8124b34	[wasm] Clean up type size computation Rename element_size_bytes() to value_kind_size(), and add the uncompressed version: value_kind_full_size(). R=clemensb@chromium.org Change-Id: I956142937fd1134ecbdaaa617c402ed8fff2cf17 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3568477 Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#79884}	2022-04-08 12:46:45 +00:00
Michael Lippautz	ec09a8236c	heap: Convert embedder tracing tests to unittests test-embedder-tracing.cc -> embedder-tracing-unittest.cc In addition - Add heap helpers - CHECK -> EXPECT macros Bug: v8:12781 Change-Id: Ibd17a4e6d527c963170af54c57f6abc51cb08808 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3576127 Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#79883}	2022-04-08 12:43:55 +00:00
Benedikt Meurer	088de5d391	[inspector] Speed up inspection of large BigInts. For large BigInts, computing the decimal representation can take a very long time, so send them as hexadecimal strings instead. Also make sure to abbreviate the RemoteObject description for bigints appropriately always. Also-By: jarin@chromium.org Fixed: chromium:1068663 Change-Id: I2f7e4e1cbd2f66ce45be307fb787e101d9a8e2a7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3578653 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/main@{#79872}	2022-04-08 09:30:55 +00:00
Manos Koukoutos	b09d550605	[wasm-gc] Enable runtime subtyping checks for functions Bug: v8:7748 Change-Id: Ic65c09726994fddf73979b5f25b98f7ce4c5d6ef Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3574556 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#79870}	2022-04-08 08:19:16 +00:00
Jakob Gruber	6879c515d0	[osr] Enable concurrent OSR Fixed: v8:12161 Change-Id: Ie6e83dd4f261fff2d1fa8613116e83ef6b61561f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3576116 Auto-Submit: Jakob Linke <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79857}	2022-04-07 13:24:24 +00:00
Clemens Backes	08e514a894	[codegen][x64] Improve code for float to int64 This improves the code generated for float to int64 conversions on x64. Instead of explicitly checking the input for specific values and executing conditional jumps, just convert the integer back to a float and check if this results in the rounded input. The "success value" is then materialized via vmov + and instead of via branches. old: 7 c4e1fb2cd9 vcvttsd2siq rbx,xmm1 c ba01000000 movl rdx,0x1 11 49ba000000000000e0c3 REX.W movq r10,0xc3e0000000000000 1b c441f96efa vmovq xmm15,r10 20 c5792ef9 vucomisd xmm15,xmm1 24 7a08 jpe 0x3599421714ee <+0x2e> 26 7408 jz 0x3599421714f0 <+0x30> 28 4883fb01 REX.W cmpq rbx,0x1 2c 7102 jno 0x3599421714f0 <+0x30> 2e 33d2 xorl rdx,rdx new: 7 c463010bf90b vroundsd xmm15,xmm15,xmm1,0xb d c4e1fb2cd9 vcvttsd2siq rbx,xmm1 12 c4e1832ac3 vcvtqsi2sd xmm0,xmm15,rbx 17 c4c17bc2c700 vcmpss xmm0,xmm0,xmm15, (eq) 1d c4e1f97ec2 vmovq rdx,xmm0 22 83e201 andl rdx,0x1 A follow-up step would be to replace the explicitly materialized success value by a direct jump to the code handling the error case, but that requires more rewrite in TurboFan. R=tebbi@chromium.org Bug: v8:10005 Change-Id: Iaedc3f395fb3a8c11c936faa8c6e55c2dfe86cd9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3560434 Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#79854}	2022-04-07 12:38:44 +00:00
Benedikt Meurer	a90f1748d2	[inspector] De-flake inspector/debugger/get-possible-breakpoints.js. Since the inspector does not longer hold on strongly to Script objects after they were collected by V8, this test was relying on the GC to not collect the scripts too eagerly in case where nothing else holds on to the script. So explicitly adding a global object property assignment here in those cases to ensure that the Script is kept alive. Fixed: chromium:1314212, v8:12699 Bug: chromium:1246884, chromium:1295659 Change-Id: Ia16fcf841aeb29bf131fc6fa066f120d342f94b2 Doc: https://bit.ly/v8-inspector-script-caching Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3576117 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/main@{#79852}	2022-04-07 12:13:34 +00:00
Leszek Swirski	63af265fd9	[test] Fix missing GC in SingleThreadedDefaultPlatformTest Bug: v8:12781 Change-Id: I7dfddd886571a16a180bffb8f9fc7a946d5667bc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3576113 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79851}	2022-04-07 12:03:25 +00:00
jameslahm	8306599e9b	[d8] Add unicode filename support on windows This is a follow up CL for https://crrev.com/c/3538284. Tests credited to https://crrev.com/c/3468352. - Add unicode filename path test. - Convert ansi encoded filename argv to utf8 encoded on windows. Because the ansi encoded filename argv may lose some information for unicode filename, and we need to use GetCommandLineW to get the actual unicode filename argument. And we convert it to utf8 encoded to be consistent with subsequent processing. - Use REPLACEMENT CHARACTER to replace the characters which cannot be encoded with sys.stdout.encoding in progress.py. This CL should be reverted if new unicode filenames cause problems. Bug: v8:12541 Change-Id: Ic5c5ae342b3a5b11c3119452af03c9165d429ed7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3568926 Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#79850}	2022-04-07 11:40:34 +00:00
Leszek Swirski	3509f2da24	[sandbox] Fix sandbox initialisation in cppgc unittests Bug: v8:12781 Change-Id: I0df1c8a17482f13d210f7d2424a15e15c71108c0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3576115 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Samuel Groß <saelo@chromium.org> Commit-Queue: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#79849}	2022-04-07 11:16:04 +00:00
Clemens Backes	0a1bf43d19	[test] Remove flag that causes contradictions Some test variants and fuzzers set their own GC interval, so the flag specified in the regression test causes flag contradictions. The test failure was flaky anyway, so this change is only a slight reduction in reproducability, and the test will still be used as seed for the fuzzers. R=machenbach@chromium.org Bug: chromium:1313475 Change-Id: I7c7084ab34fe46d691b841921d42a487cc8a1cad Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3576114 Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#79845}	2022-04-07 10:30:04 +00:00
Clemens Backes	9f128f4e9f	[base] Remove base::fold and base::all They can be replaced by std::conjunction and c++17 folding expressions. R=tebbi@chromium.org Bug: v8:12425 Change-Id: I109ac904245aab431f11752eff5129fd4361de8a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3570428 Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#79843}	2022-04-07 09:13:49 +00:00
Georgia Kouveli	16b5fc3c57	[arm64] Remove template argument of PushCPURegList and friends Callee saved registers do not include the LR anymore, so we can now remove the last place where we pass a non-default template argument to PushCPURegList/PopCPURegList (in the code generator). This makes the template argument redundant, so we can remove the template altogether. Change-Id: I07f0c0a10840817df8a5afc1dc74330e290ce5bf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3571816 Reviewed-by: Jakob Linke <jgruber@chromium.org> Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com> Cr-Commit-Position: refs/heads/main@{#79842}	2022-04-07 09:12:45 +00:00
Marja Hölttä	a1ff91207e	[RAB/GSAB] Object.freeze: Support RAB / GSAB Bug: v8:11111 Change-Id: I722702faa062e6083496d55cd96ee33d3952998b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3571809 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#79840}	2022-04-07 06:00:44 +00:00
jiepan	9ba6aff285	[x64] Implement 256-bit assembler for cmp ops Bug: v8:12228 Change-Id: Iab09881d9c8bcd851fd89bf5d6bbd3f2cfb0f3d0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3303808 Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Jie Pan <jie.pan@intel.com> Cr-Commit-Position: refs/heads/main@{#79838}	2022-04-07 04:05:23 +00:00
Corentin Pescheloche	ca51ae3ac8	[api][profiler] Get StartProfiling, StopProfiling to accept integer ID rather than string This CL adds support for interacting with CpuProfile with their integer id. A String ID is problematic because it forces an allocation when stopping or cancelling a Profiler which can happen during a GC when this is not allowed. Change-Id: I9a8e754bd67214be0bbc5ca051bcadf52bf71a68 Bug: chromium:1297283 Co-Authored-By: Nicolas Dubus <nicodubus@fb.com> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3522896 Reviewed-by: Camillo Bruni <cbruni@chromium.org> Auto-Submit: Corentin Pescheloche <cpescheloche@fb.com> Commit-Queue: Corentin Pescheloche <cpescheloche@fb.com> Cr-Commit-Position: refs/heads/main@{#79835}	2022-04-06 19:29:14 +00:00
David Benjamin	6cf7330a61	Polyfill GroupSse2Impl on non-x86 platforms Bug: v8:12518 Change-Id: Ie22303416749affc0629d60fbed6f9dc4288b09d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494443 Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: David Benjamin <davidben@chromium.org> Cr-Commit-Position: refs/heads/main@{#79834}	2022-04-06 19:19:03 +00:00
Shu-yu Guo	1ac9280d50	Do not consult Symbol.species when constructing TypedArray from TypedArrays Bug: v8:12744 Change-Id: I3e356c16554e8bc19afc06b18f4afd7fed2f228e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3563540 Commit-Queue: Shu-yu Guo <syg@chromium.org> Auto-Submit: Shu-yu Guo <syg@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#79833}	2022-04-06 18:57:18 +00:00
Jakob Gruber	e36e6a8844	Simplify DeoptimizeKind usage in compiler/ With kLazy deopts gone, we can remove the stored DeoptimizeKind from Deoptimize nodes and all related spots - all Deoptimize nodes are eager deopts. Bug: v8:12765 Change-Id: I8e727e046c498198e50d9b7dba25442fb54f5da9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3568456 Auto-Submit: Jakob Linke <jgruber@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#79830}	2022-04-06 16:54:03 +00:00
Leszek Swirski	b24896c6d7	[test] Move single-threaded platform cctest to unittests Also add a mixin for using the single-threaded default platform instead of swapping it in with SetPlatformForTesting. Bug: v8:12781 Change-Id: I304303e58ed713e5558d108cd7eb826c17abb40f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3574553 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#79829}	2022-04-06 16:45:46 +00:00
Seth Brenith	4e45eed954	Categorize more objects as kCode in heap snapshots Currently, the category named “(compiled code)” contains Code, SharedFunctionInfo, and Script objects. However, there are various other object types that are allocated per script function, such as BytecodeArray and FeedbackVector. There are also plain FixedArrays which are used for function-specific data such as polymorphic feedback and code deoptimization data. I propose we move all of this to the “(compiled code)” category, because this memory usage is related to the number of functions in the script, the size of those functions, and/or the number of times those functions have been called. Bug: v8:12769 Change-Id: Ib5e0265a9ef88063596c17419f5b65f683156c52 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3569876 Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/main@{#79827}	2022-04-06 16:07:29 +00:00
Clemens Backes	65a8d2dea1	[d8] Fix termination while creating realm A worker might be terminated while creating a new Realm. While this was handled mostly correctly already, a DCHECK was places slightly too early, which is fixed by this CL. Also, we avoid printing an error message if we fail to install an extension due to isolate termination. As this is externally triggered, it's not really an error condition. R=jkummerow@chromium.org Bug: chromium:1313475 Change-Id: I67b7fd27002d9b9a33439378d8336fefb2a2371a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3571811 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#79825}	2022-04-06 14:06:03 +00:00
Dominik Inführ	f3e0ee23cc	[heap] Simplify Sweeper::CleanupInvalidTypedSlotsOfFreeRanges This CL only refactors code in the sweeper without changing behavior. This method can be simplified by moving duplicate code into new methods. Also move definition of FreeRangesMap into TypedSlotSet and replace all usages of that raw map type with that type-alias. Since we are already here, remove the unused argument in Sweeper::FreeAndProcessFreedMemory. Bug: v8:12760 Change-Id: Ifa1848b456aef7955eccbaafc00df55fbcbc385c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3574542 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#79822}	2022-04-06 13:22:03 +00:00
Benedikt Meurer	25c69ecbc1	[inspector] Side-effect free DateMirror descriptions. Similar to what we did for FunctionMirror before in https://crrev.com/c/2887508, we also need to avoid running user JavaScript for DateMirrors. This also refactors the ToDateString logic a bit. Fixed: chromium:1311613 Change-Id: I793b86106765550a9aa449f85f0766840081cc58 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3571896 Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/main@{#79821}	2022-04-06 13:19:33 +00:00
Leszek Swirski	0ff8205261	[test] Add a unittest platform setup mixin Change the unittest runner to no longer uncondtionally set up a default platform in the "environment", but to instead make platform set-up part of the "mixin" framework for test fixtures. Requires modifying some tests that expect the platform to be available, and all flag implications resolved, before the mixin constructors run. We still keep the environment for setting up the process for cppgc. This process setup can only be done once per process, so it can no longer use the platform -- that's ok though, the page allocator used by cppgc's process initialisation doesn't have to be the same as the platform's so we can just pass in a separate new one. Change-Id: Ic8ccf39722e8212962c5bba87350c4b304388a7c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3571886 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79820}	2022-04-06 13:07:43 +00:00
Omer Katz	38facbaae8	heap: Remove NewSpace::TearDown TearDown was actually redundant and can be replaced with the dtor. Bug: v8:12612 Change-Id: Idc4a77c3f20372a53b0003cda6fb00ae7ec0035c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3571806 Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/main@{#79819}	2022-04-06 12:54:34 +00:00
Clemens Backes	489f43b485	Reland "[wasm] --liftoff-only should disable --wasm-dynamic-tiering" This is a reland of commit `54e360d141`. The two WasmGC cctests which require SSE4.1 support in Liftoff are now skipped, so we can keep disallowing any bailout (even for missing CPU features) in --liftoff-only. Original change's description: > [wasm] --liftoff-only should disable --wasm-dynamic-tiering > > A Liftoff only configuration should never tier up to TurboFan, hence add > a proper implication to disable dynamic tiering if --liftoff-only is > set. > Also, add a DCHECK to ensure we never accidentally compile with TurboFan > if --liftoff-only is set. > > R=jkummerow@chromium.org > > Bug: v8:12281 > Change-Id: Ia9b81add503cc939f59fde3f4d3bb67252facf2c > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3569741 > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Commit-Queue: Clemens Backes <clemensb@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79779} Bug: v8:12281 Change-Id: I334bd81f75c3ef6d31b6117da5ef59a33fb46ae2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3572043 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#79813}	2022-04-06 09:50:13 +00:00
Clemens Backes	6806378ce4	[cppgc] Remove custom void_t, use std Remove the pre-C++17 implementation of void_t, just use std::void_t now. R=omerkatz@chromium.org Bug: v8:12425 Change-Id: Iabf72f1540ddb4db666e5a74f169f73546241c1f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3571888 Reviewed-by: Omer Katz <omerkatz@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#79812}	2022-04-06 09:48:21 +00:00
Leszek Swirski	c35ca2b712	Revert "[string] Non-transitioning shared strings" This reverts commit `8ba60b7a8e`. Reason for revert: code_serializer failures: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20debug/38940/overview Original change's description: > [string] Non-transitioning shared strings > > Instead of transitioning shared strings to ThinString on > internalization, use a forwarding table to the internalized string and > store the index into the forwarding table in the string's hash field. > > This way we don't need to handle concurrent string transitions that > modify the underlying string data. > > During stop-the-world GC, live strings in the forwarding table are > migrated to regular ThinStrings. > > Bug: v8:12007 > Change-Id: I6c6f3d41c6f644e0aaeafbf25ecec5ce0aa0d2d8 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3536647 > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> > Reviewed-by: Jakob Linke <jgruber@chromium.org> > Reviewed-by: Shu-yu Guo <syg@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Commit-Queue: Patrick Thier <pthier@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79801} Bug: v8:12007 Change-Id: I740904f3edfc395331f06c7218e89476b06b0563 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3574543 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Owners-Override: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#79810}	2022-04-06 09:35:46 +00:00
Leszek Swirski	1026cd68cf	[test] Make RCS test time atomic to fix TSAN Change-Id: Ibc256e202a75f7dbcba27dad2b591cf45738b005 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3571900 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#79809}	2022-04-06 09:26:33 +00:00
Leszek Swirski	3bb9ab5646	[test] Fix unused variable in cctest loop Change-Id: Ia574baaa796f1b2d6feea3e76364c9c417fb8ceb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3571899 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#79808}	2022-04-06 09:15:26 +00:00
yangwenming	d961501d4f	[wasm] Place spilled params as WasmCallDescriptor expects. With this CL, spilled parameters with ref type in a call to wasm function, will be placed at a consecutive area in the generic JSToWasmWrapper frame as WasmCallDescriptor expected. Bug: v8:12722 Change-Id: I8b82f35b712a32b87abf5100ec46ee499a8178bc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3563445 Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#79805}	2022-04-06 08:59:53 +00:00
Jakob Gruber	30ba798cdc	[osr] Remove the --function-context-specialization flag This flag was a leftover from very early Turbofan days and serves no purpose. Non-OSR TF code automatically uses function context specialization (FCS) when appropriate without looking at the flag value. OSR TF code should never use FCS since it is cached by the SharedFunctionInfo (not by the JSFunction). Bug: v8:12161 Change-Id: Ifb5a10918dbdf34a7164f7e665a230698b793e9e Fixed: chromium:1313419 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3571895 Auto-Submit: Jakob Linke <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79802}	2022-04-06 08:14:53 +00:00
Patrick Thier	8ba60b7a8e	[string] Non-transitioning shared strings Instead of transitioning shared strings to ThinString on internalization, use a forwarding table to the internalized string and store the index into the forwarding table in the string's hash field. This way we don't need to handle concurrent string transitions that modify the underlying string data. During stop-the-world GC, live strings in the forwarding table are migrated to regular ThinStrings. Bug: v8:12007 Change-Id: I6c6f3d41c6f644e0aaeafbf25ecec5ce0aa0d2d8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3536647 Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Jakob Linke <jgruber@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/main@{#79801}	2022-04-06 07:59:33 +00:00
Hannes Payer	e220866e61	[heap] Separate GC phases flag. This CL introduces the --separate-gc-phases flag, which prevents that young and old generation GCs can happen at the same time. When incremental marking is in progress and a young generation GC triggers, marking is forced to finish and the full collection takes care of the young generation. Bug: v8:12503 Change-Id: Ia3e4814f46bff0fdc404b0ac618dfd48fe7cf20c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3351973 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/main@{#79799}	2022-04-06 07:23:39 +00:00
Bryant Chandler	badd055aa3	Revert "[fuchsia] Use SDK provided gn templates for v8_unittests" This reverts commit `8d51d561d5`. Reason for revert: This has runtime failures because including cmx fragments isn't working ocrrectly. Still investigating why this wasn't discovered by CQ. Original change's description: > [fuchsia] Use SDK provided gn templates for v8_unittests > > cr_fuchsia_package is deprecated in favor of using the Fuchsia > SDK provided rules directly. > > Bug: chromium:1092804 > Change-Id: I86a59b6a717cb0aa8c3473e8410bdd98f0ffd042 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3537883 > Reviewed-by: Victor Gomes <victorgomes@chromium.org> > Reviewed-by: Wez <wez@chromium.org> > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Commit-Queue: Bryant Chandler <bryantchandler@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79763} Bug: chromium:1092804 Change-Id: I33e8a6f07c99d7040cffa579a95508e79904889e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3572005 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#79796}	2022-04-06 06:13:13 +00:00
Frank Tang	519267b325	[Temporal] Add Calendar.prototype.mergeFields Add AO: DefaultMergeFields Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.mergefields https://tc39.es/proposal-temporal/#sec-temporal-defaultmergefields Bug: v8:11544 Change-Id: I270f8bffb79e57ef50736ae7ce87cfa53f9cafb1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3388428 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#79795}	2022-04-06 05:30:23 +00:00
Frank Tang	dda56765dc	[Temporal] Add Calendar.prototype.dateFromFields Also add AO: RegulateISODate, ResolveISOMonth, ISODateFromFields Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.datefromfields https://tc39.es/proposal-temporal/#sec-temporal-regulateisodate https://tc39.es/proposal-temporal/#sec-temporal-resolveisomonth https://tc39.es/proposal-temporal/#sec-temporal-isodatefromfields Note: This is only the non-intl version. The intl version in https://tc39.es/proposal-temporal/#sup-temporal.calendar.prototype.datefromfields will be implemented in later cl. Bug: v8:11544 Change-Id: I493dc60694421e9908eb5d785fdb8b07fc968699 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3408462 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#79793}	2022-04-06 02:59:03 +00:00
Shu-yu Guo	908e7ac767	[typedarray] Remove per-iteration detach check in TypedArray.prototype.set Bug: v8:12750, v8:11111 Change-Id: I3e9947ec8e2883364178b497a49299a3a96332e4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3569879 Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#79792}	2022-04-06 02:28:33 +00:00
Shu-yu Guo	f3dfbe59ed	[typedarray] Remove per-comparator call detach check in TypedArray.prototype.sort For the normative change, see https://github.com/tc39/ecma262/pull/2723 Bug: v8:12750, v8:11111 Change-Id: I8e8a2e9b443622b20bb5a4c2d453f782dfbd2ed6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3570865 Commit-Queue: Shu-yu Guo <syg@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#79789}	2022-04-06 00:56:03 +00:00
Shu-yu Guo	a464158091	Roll Test262 `4c7c24646a..d7c0a2076c` Bug: v8:7834, v8:10776, v8:11544, v8:12744, v8:12750 Change-Id: I782a347833af3418ff5c15562ae24f213375b539 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3573067 Commit-Queue: Shu-yu Guo <syg@chromium.org> Auto-Submit: Shu-yu Guo <syg@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#79788}	2022-04-05 23:12:03 +00:00
Shu-yu Guo	9f7277413f	[builtins] Fix Array#groupBy fast path assumptions The FastArray path for Array#groupBy and Array#groupByToMap does not recheck the input array's length each iteration. This is incorrect since the grouping callback can truncate the length, and we should deopt to the generic path when this happens. Bug: chromium:1312838, v8:12499 Change-Id: Id3a4973e9960500a2f29ed63281ea721777d4dd3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3570342 Reviewed-by: Marja Hölttä <marja@chromium.org> Auto-Submit: Shu-yu Guo <syg@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#79787}	2022-04-05 19:46:42 +00:00
Michael Lippautz	fd7c100a9c	[heap] Avoid re-scanning roots during incremental finalization step Incremental finalization previously used to rescan roots to avoid any new work showing up in the atomic pause. With concurrent marking we should be way faster in finalizing, so that we can save ourselves this work. In particular, if we finalize in the same JS execution we would be doubling work as the atomic pause anyways needs to rescan all roots. Bug: v8:12775 Change-Id: I58a5a931da72c8d5c8aee4cd5dad4512954668b4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3570427 Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#79784}	2022-04-05 17:41:42 +00:00
Dominik Inführ	1b17e087a8	[heap] Fix disabling of map space with --no-use-map-space flag HeapAllocator didn't fall back to old space allocation when the heap had no map space. Bug: v8:12578, chromium:1313119 Change-Id: Ic02334f42f9fb80a8a9dcf99a94a7ac16da24053 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3570423 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#79776}	2022-04-05 13:14:53 +00:00
Victor Gomes	3eeea13cf7	[maglev] Addition Smi nodes If we have a smi operation in the feedback vector, we emit SmiTag Int32AddWithOverflow and SmiUntag nodes, instead of a generic operation binary node. Change-Id: Idb9ce2b60289fbe492bf269793660b32de23e2b3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3560641 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#79775}	2022-04-05 12:34:42 +00:00
Clemens Backes	43232bf024	[wasm] Fix interrupt of empty loop This includes two fixes: 1. For dynamic tiering, the budget must always be reduced when jumping backwards, otherwise we might never trigger tier up, which makes the loop non-interruptible (because the tier-up check replaces the stack check). 2. The d8 worker implementation also needs to terminate the isolate via an interrupt, in addition to scheduling a task, because the worker might never return to the event queue. This CL also fixes one of the failure modes of the inspector fuzzer (see https://crbug.com/1180018). R=jkummerow@chromium.org, marja@chromium.org Bug: v8:12767, chromium:1180018 Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng Change-Id: Ia01d1725fc14931d2ea54c4769c4ee93f866ed63 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3568470 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#79773}	2022-04-05 10:55:04 +00:00
Leszek Swirski	49c507dc99	[test] Make cctest run one test, with maybe custom platform Remove cctest's ability to run multiple tests (which has long been deprecated and mostly broken). We can then make platform & V8 initialisation be part of running the test's Run method. In particular, this allows us to inject custom logic into the platform initialisation, like setting up a platform wrapper. Add a TEST_WITH_PLATFORM which exercises this by registering a platform factory on the test, and wrapping the default platform using this factory. This allows these tests to guarantee that the lifetime of the platform is longer than the lifetime of the isolate. As a result of this, we can also remove the complexity around draining platform state in the TestPlatform (since it will now have a longer lifetime than the Isolate using it), and as a drive-by clean up the TestPlaform to use a CcTest-global "default platform" instead of trying to scope over the "current" platform. As another drive-by, change the linked-list of CcTests and the linear search through it into an std::map of tests. Change-Id: I610f6312fe042f29f45cc4dfba311e4184bc7759 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3569223 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79772}	2022-04-05 09:39:18 +00:00
Anton Bikineev	7dd391cb6c	cppgc: young-gen: Extract and report metrics for young GC cycles The CL makes sure to extract and copy Oilpan young GC metrics to v8::metrics::GarbageCollectionYoungCycle. In addition, it makes sure that metrics are not reported twice by bailing out from GCTracer::NotifyCppGCCompleted() for young GC cycles (the metrics are reported later in Heap::CollectGarbage() by calling GCTracer::StopCycle()). Bug: chromium:1029379 Change-Id: I07bf51e85a76a7cdbeeb8d87c9072edf2634158b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3545168 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#79766}	2022-04-04 18:33:08 +00:00
Bryant Chandler	8d51d561d5	[fuchsia] Use SDK provided gn templates for v8_unittests cr_fuchsia_package is deprecated in favor of using the Fuchsia SDK provided rules directly. Bug: chromium:1092804 Change-Id: I86a59b6a717cb0aa8c3473e8410bdd98f0ffd042 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3537883 Reviewed-by: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Wez <wez@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Bryant Chandler <bryantchandler@chromium.org> Cr-Commit-Position: refs/heads/main@{#79763}	2022-04-04 16:29:58 +00:00
Jakob Gruber	e35d7e6167	Reland "Refactor OSROptimizedCodeCache" Tweak a few names, remove a few GetIsolate calls, other minor usability refactors. It may be worth taking a closer look at the impl in the future, currently the design choices don't seem ideal (see the added TODO on top of the class). The reland is unchanged from the original CL. Bug: v8:12161 Change-Id: I9971f7f2fb08b7a1ec2d57b2a0e4accdc11191ca Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3568444 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79759}	2022-04-04 15:21:47 +00:00
Jakob Gruber	66f8f20a2a	Reland "Address comments from `[osr] Basic support for concurrent OSR`" - Unhandlify OSROptimizedCodeCache::GetOptimizedCode. - Unstatic-fy FeedbackVector::SetOptimizedCode. - Remove frame-walking logic during the OSR tierup decision. The reland is unchanged from the original CL. Bug: v8:12161 Change-Id: Ibf03a9dd9a6fcd38c0664e5d5014a26d0240e035 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3568463 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79752}	2022-04-04 14:38:57 +00:00
Benedikt Meurer	ad21d212fc	Preserve "proper method names" as-is in error.stack. This changes the logic for generating method names in `error.stack` to prepend an inferred type name only when the function name is a valid ECMAScript identifiers and does not equal the inferred type name, to (1) give developers more control over the exact name shown in `error.stack`, as well as (2) avoid confusion in the presence of renaming of local variables. Previously we'd leave the function name as-is if it was prefixed by the inferred type name, but that condition is unnecessarily strict, and led to a bunch of inconsistencies around special names like `<instance_member_initializer>` where this dynamic approached often prefixed it with the correct type name, but also sometimes got it wrong and prepended `Object.`, which is very unfortunate and misleading. Specifically for these special names, we'll add logic later in the parser to infer a useful (complete) name. The design doc (https://bit.ly/devtools-method-names-in-stack-traces) contains more background and examples of why we do this change. Doc: https://bit.ly/devtools-method-names-in-stack-traces Fixed: chromium:1294619 Bug: chromium:1283435 Change-Id: Ib8b528ba25255dcd07e9d11044c562c11d699bcb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3565724 Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/main@{#79748}	2022-04-04 14:08:56 +00:00
Jakob Gruber	d187c6c291	Reland "[osr] Basic support for concurrent OSR" This is a reland of commit `3ce690eef2` Changed for the reland: - Remove the currently-unused BytecodeArray member to avoid MSAN failures. - s/return/continue/ in optimizing-compile-dispatcher. Original change's description: > [osr] Basic support for concurrent OSR > > This CL adds basic support behind --concurrent-osr, > disabled by default. > > When enabled: > 1) the first OSR request starts a concurrent OSR compile job. > 2) on completion, the code object is inserted into the OSR cache. > 3) the next OSR request picks up the cached code (assuming the request > came from the same JumpLoop bytecode). > > We add a new osr optimization marker on the feedback vector to > track whether an OSR compile is currently in progress. > > One fundamental issue remains: step 3) above is not guaranteed to > hit the same JumpLoop, and a mismatch means the OSR'd code cannot > be installed. This will be addressed in a followup by targeting > specific bytecode offsets for the install request. > > This change is based on fanchen.kong@intel.com's earlier > change crrev.com/c/3369361, thank you! > > Bug: v8:12161 > Change-Id: Ib162906dd4b6ba056f62870aea2990f1369df235 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3548820 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Jakob Linke <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79685} Bug: v8:12161 Change-Id: I48b100e5980c909ec5e79d190aaea730c83e9386 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3565720 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Auto-Submit: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79746}	2022-04-04 13:48:26 +00:00
Alexander Schulze	2139853732	[py3] Bump v8heapconstants.py and related files Bug: v8:12581 Change-Id: I4d98e48801ffcfbe507c61ba296da67359e3f5cb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3568464 Auto-Submit: Alexander Schulze <alexschulze@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Liviu Rau <liviurau@chromium.org> Commit-Queue: Alexander Schulze <alexschulze@chromium.org> Cr-Commit-Position: refs/heads/main@{#79743}	2022-04-04 13:27:13 +00:00
Jakob Gruber	1ff685d8b1	[deoptimizer] Remove soft deopts .. since they are the same as eager deopts (% an unused counter). Fixed: v8:12765 Change-Id: I2be6210e476ead4ac6629a49259f28321e965867 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3565717 Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79729}	2022-04-04 10:26:36 +00:00
Nikolaos Papaspyrou	173885cda8	test: Remove two obsolete regression tests This CL removes two obsolete regression tests that were taking too long on debug engine builds. Bug: v8:12753 Bug: v8:12754 Change-Id: I818101725caa22fb4b2ed22381f01a2dd9436fe4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3563563 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org> Cr-Commit-Position: refs/heads/main@{#79727}	2022-04-04 08:36:06 +00:00
jameslahm	6693641e70	[runtime] Check AvailableOptimizedCode in DisassembleFunction In DisassembleFunction runtime, function may have available optimized code and we could directly set the optimized code for the function like in CompileLazy if it's not compiled, which avoids calling Compiler::Compile and failed in DCHECK(!function->HasAvailableOptimizedCode()). Bug: v8:12762 Change-Id: I00001fc598f3fc96dfe86b2367e8ba88f0085fd3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3563448 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79722}	2022-04-04 06:46:06 +00:00
Frank Tang	b214cb7d72	[Temporal] Add Calendar.prototype.daysInWeek Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.daysinweek Note- this is only the non-intl version. intl version in https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.daysinweek will be implemented in later cl. Bug: v8:11544 Change-Id: If54733ae7c902b4d189fc22b0800942f8748981c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3439186 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#79721}	2022-04-02 01:50:20 +00:00
Frank Tang	63f9f0fab5	[Temporal] Add Calendar.prototype.daysInMonth Spect Text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.daysinmonth Note- this is only the non-intl version. intl version in https://tc39.es/proposal-temporal/#sup-temporal.calendar.prototype.daysinmonth will be implemented in later cl. Bug: v8:11544 Change-Id: Id5d426d9c5fe1db94c15433afbad443c7056abe3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3441703 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#79720}	2022-04-01 22:22:30 +00:00
Frank Tang	4bbe174c88	[Temporal] Add ZonedDateTime.prototype.toPlain(MonthDay\|YearMonth) Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.toplainyearmonth https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.toplainmonthday Bug: v8:11544 Change-Id: I5b109282187055df767239ff240822591f95c9a7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3565009 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#79717}	2022-04-01 19:04:40 +00:00
Benoit Lize	da1a2d127d	[builtins] Remap embedded builtins into the heap on ARM64 macOS For short builtin calls, the builtins are copied on the heap when they cannot be put close enough to be in range of relative calls. This costs memory, as the embedded builtins are part of the binary, and mapped from the binary, and as a consequence shared with all running processes. Rather than copying the memory, we can remap it at a different address, avoiding the memory cost. This CL does that, on ARM64 macOS only for now. This saves at least ~1.4MiB of memory per V8 process. See below the output of vmmap <PID>: [...] Memory Tag 255 7408308000-740833c000 [ 208K 144K 144K 0K] r-x/rwx SM=ZER Memory Tag 255 740833c000-7408340000 [ 16K 0K 0K 0K] ---/rwx SM=ZER Memory Tag 255 7408344000-7408348000 [ 16K 0K 0K 0K] ---/rwx SM=ZER Memory Tag 255 7408348000-740837c000 [ 208K 144K 144K 0K] r-x/rwx SM=ZER Memory Tag 255 740837c000-740fe80000 [123.0M 0K 0K 0K] ---/rwx SM=ZER mapped file 740fe80000-740ffe4000 [ 1424K 1328K 0K 0K] r-x/rwx SM=COW ...pp/Contents/Frameworks/Chromium Framework.framework/Versions/102.0.4958.0/Chromium Framework Memory Tag 255 740ffe4000-7410000000 [ 112K 0K 0K 0K] ---/rwx SM=ZER The "208K" regions are 256kiB code pages, minus the header and guard pages, meaning that they are code chunks. The mapped file are the remapped builtins, showing that they aren't copied, but remapped from the binary. Bug: chromium:1298417 Change-Id: Ia30a43e671726d01450a7db0ecb7777b34763053 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3553006 Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Benoit Lize <lizeb@chromium.org> Cr-Commit-Position: refs/heads/main@{#79716}	2022-04-01 17:55:21 +00:00
Dominik Inführ	5bc471f47f	[heap] Support safepoint->AssertActive() for shared isolates Lock mutex for shared isolate in global safepoints, such that e.g. the StringTable can use isolate->heap()->safepoint()->AssertActive() even for shared isolates. Bug: v8:11708, v8:12749 Change-Id: I8d99203581dfa2d7225846e19fa981300f88589e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3563138 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#79715}	2022-04-01 17:05:41 +00:00
jameslahm	182a82832c	Reland "[serialize] Fix serializing wasm backed ArrayBuffer" Skipped test: https://crrev.com/c/3561199. This is a reland of commit `6e2c9bb265` Original change's description: > [serialize] copy bytes for non detachable array_buffer > in WriteJSArrayBuffer when array_buffer is not in > array_buffer_transfer_map_ > > According to https://html.spec.whatwg.org/multipage/structured-data.html#structuredserializeinternal > steps 13.3.2-4, should normally serialize array buffer which > is not detachable. > > Bug: v8:12703 > Change-Id: I4554c5d07ae85e1a96a728ebba04c6a071575f6f > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3518910 > Reviewed-by: Marja Hölttä <marja@chromium.org> > Commit-Queue: Marja Hölttä <marja@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79466} Bug: v8:12703 Change-Id: I1ad1b8159ac7b13011831a4590e8577e954db946 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3557689 Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#79714}	2022-04-01 14:59:50 +00:00
Manos Koukoutos	c3ed607d63	[wasm-gc] Implement runtime-type canonicalization Add an array of canonical rtts on the isolate. Each wasm instance copies its rtts from there, based on the type index -> canonical index mapping in the module. Bug: v8:7748 Change-Id: I0958686c51ecab15a3215a0da3bee1ad6d543cb3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3548821 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#79712}	2022-04-01 13:49:01 +00:00
Thibaud Michaud	d36f596e8a	[sim] Increase the simulator's stack limit margin The current safety margin between the JS stack limit and the actual boundary of the stack space reserved by the simulator can be overrun by a large frame. Raise this margin to 4KiB, corresponding to the "large frame" threshold. This ensures that the stack check is executed before the frame is allocated if the frame is larger than this margin. R=clemensb@chromium.org Bug: chromium:1308333 Change-Id: I3e1a51bb36c630c7e37e58679971392dada2a83e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3560435 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#79711}	2022-04-01 12:01:14 +00:00
Igor Sheludko	c4e66b89b4	[runtime] Fix handling of interceptors, pt.3 ... in JSObject::DefineOwnPropertyIgnoreAttributes(). Don't execute interceptor again if it declined to handle the operation. Bug: chromium:1311641 Change-Id: If61ed40665ff7d81e96fa6bf29bbb5dfbeadfcc1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3562979 Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#79707}	2022-04-01 10:36:01 +00:00
Marja Hölttä	3fd463c6f9	[rab / gsab] Fix .maxByteLength for wasm memory buffers Bug: v8:11111,v8:12746,chromium:1307480 Change-Id: I7775776ae98c3727b435aca4f269400ff8e31c53 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3560440 Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#79705}	2022-04-01 08:12:41 +00:00
Frank Tang	b295ec2dc5	[test262] Roll test262 `f7fb969..4c7c246` Bug: v8:7834 Change-Id: Ic1ea873e635a761dd4cd36a9dde20d481055425e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3561904 Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#79703}	2022-04-01 01:20:59 +00:00
Adam Klein	32f285533e	Revert "[osr] Basic support for concurrent OSR" This reverts commit `3ce690eef2`. Reason for revert: failures on CrOS MSan build: https://crbug.com/1312188 Original change's description: > [osr] Basic support for concurrent OSR > > This CL adds basic support behind --concurrent-osr, > disabled by default. > > When enabled: > 1) the first OSR request starts a concurrent OSR compile job. > 2) on completion, the code object is inserted into the OSR cache. > 3) the next OSR request picks up the cached code (assuming the request > came from the same JumpLoop bytecode). > > We add a new osr optimization marker on the feedback vector to > track whether an OSR compile is currently in progress. > > One fundamental issue remains: step 3) above is not guaranteed to > hit the same JumpLoop, and a mismatch means the OSR'd code cannot > be installed. This will be addressed in a followup by targeting > specific bytecode offsets for the install request. > > This change is based on fanchen.kong@intel.com's earlier > change crrev.com/c/3369361, thank you! > > Bug: v8:12161 > Change-Id: Ib162906dd4b6ba056f62870aea2990f1369df235 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3548820 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Jakob Linke <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79685} Bug: v8:12161, chromium:1312188 Change-Id: Iac1e3fd67ecc658a1cdee8f4d13354c097ed6697 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3564983 Auto-Submit: Adam Klein <adamk@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#79702}	2022-04-01 00:13:40 +00:00
Adam Klein	ef83c9e85d	Revert "Address comments from `[osr] Basic support for concurrent OSR`" This reverts commit `dc9b48e406`. Reason for revert: https://crbug.com/1312188 Original change's description: > Address comments from `[osr] Basic support for concurrent OSR` > > - Unhandlify OSROptimizedCodeCache::GetOptimizedCode. > - Unstatic-fy FeedbackVector::SetOptimizedCode. > - Remove frame-walking logic during the OSR tierup decision. > > Bug: v8:12161 > Change-Id: I4fa8c972cb50d369b17898ba57e1909c86e933df > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3560478 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Jakob Linke <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79686} Bug: v8:12161, chromium:1312188 Change-Id: Ia64c4204f9f65f19aa858c61f32658cee310033e No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3564990 Auto-Submit: Adam Klein <adamk@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#79701}	2022-04-01 00:11:19 +00:00
Adam Klein	b591fccb2a	Revert "Refactor OSROptimizedCodeCache" This reverts commit `d368dcf4ae`. Reason for revert: https://crbug.com/1312188 Original change's description: > Refactor OSROptimizedCodeCache > > Tweak a few names, remove a few GetIsolate calls, other minor > usability refactors. > > It may be worth taking a closer look at the impl in the future, > currently the design choices don't seem ideal (see the added TODO > on top of the class). > > Bug: v8:12161 > Change-Id: Ib34e372aa58a30c68c9c5cdd0d1da0ec3e86717c > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3560447 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Jakob Linke <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79687} Bug: v8:12161, chromium:1312188 Change-Id: Ieb3a91682845a23536fdfdf3208af74b3c6585f8 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3564989 Auto-Submit: Adam Klein <adamk@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#79700}	2022-04-01 00:09:10 +00:00
Frank Tang	05a58f2687	[Temporal] Add Calendar.prototype.inLeapYear Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.inleapyear Note- this is only the non-intl version. intl version in https://tc39.es/proposal-temporal/#sup-temporal.calendar.prototype.inleapyear will be implemented in later cl. Bug: v8:11544 Change-Id: I0f30d45ed6d742acaeaa2f7ddf5b393ef7fa5437 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3531561 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#79699}	2022-03-31 23:57:53 +00:00
Frank Tang	3f3a427f48	[Temporal] Add Calendar.prototype.dayOfWeek Also add AO: ToISODayOfWeek Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.dayofweek https://tc39.es/proposal-temporal/#sec-temporal-toisodayofweek Note- this is only the non-intl version. intl version in https://tc39.es/proposal-temporal/#sup-temporal.calendar.prototype.dayofweek will be implemented in later cl. Bug: v8:11544 Change-Id: I0b3448209741e4aa56cd8170a331d837853bff17 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3531564 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#79698}	2022-03-31 23:56:49 +00:00
Shu-yu Guo	db44515379	Only run Set/Map grow failure tests on x64 release bots These tests are too slow to be generally run. Bug: v8:12741 Change-Id: I142a81a90558942a61b8582756b9227e6d8d634e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3558558 Auto-Submit: Shu-yu Guo <syg@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#79697}	2022-03-31 18:35:59 +00:00
Manos Koukoutos	cfa8d0b35a	Reland "[wasm-gc] Implement isorecursive canonicalization" This is a reland of commit `e76ad5c6d9` Changes compared to original: - Move invocation of LAZY_INSTANCE_INITIALIZER to a static global variable, as some builds were failing with a function-level static. - Drive-by: Improve documentation a bit. Original change's description: > [wasm-gc] Implement isorecursive canonicalization > > This implements isorecursive canonicalization for static types. > > Not implemented in this CL: > - Runtime type canonicalization. > - Cross-module signature canonicalization for purposes of call_indirect. > > Bug: v8:7748 > Change-Id: I6214f947444eea8d7b15a29b35c94c3d07ddb525 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3541925 > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79665} Bug: v8:7748 Change-Id: I493fba1906491762f7d8bae50108e3e4a743391d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3560480 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#79692}	2022-03-31 15:45:49 +00:00
Stephen Roettger	a8beac553b	Deprecate some signature checks Deprecate signature checks in * Template::SetNativeDataProperty * ObjectTemplate::SetAccessor These are not used in Chrome and require some complicated check in the IC code, which we want to remove. Change-Id: I413fafc8658e922fd590e7fe200600a624f019a6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3557253 Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Stephen Röttger <sroettger@google.com> Cr-Commit-Position: refs/heads/main@{#79689}	2022-03-31 12:11:21 +00:00
Leszek Swirski	0df9606dca	[maglev] Add lazy deopts Nodes can now hold a LazyDeoptSafepoint which stores the frame state in case they trigger a lazy deopt. OpProperties have a new CanLazyDeopt bit, and codegen emits a safepoint table entry + lazy deopt for all nodes with this bit. Also, we now check the deoptimized code bit on entry into the maglev compiled function. An example use of these lazy deopts is added as a PropertyCell fast path for LdaGlobal, which adds a code dependency on the property cell. Bug: v8:7700 Change-Id: I663db38dfa7325d38fc6d5f079d263a958074e36 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3557251 Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Jakob Linke <jgruber@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79688}	2022-03-31 11:48:40 +00:00
Jakob Gruber	d368dcf4ae	Refactor OSROptimizedCodeCache Tweak a few names, remove a few GetIsolate calls, other minor usability refactors. It may be worth taking a closer look at the impl in the future, currently the design choices don't seem ideal (see the added TODO on top of the class). Bug: v8:12161 Change-Id: Ib34e372aa58a30c68c9c5cdd0d1da0ec3e86717c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3560447 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79687}	2022-03-31 10:11:00 +00:00
Jakob Gruber	dc9b48e406	Address comments from `[osr] Basic support for concurrent OSR` - Unhandlify OSROptimizedCodeCache::GetOptimizedCode. - Unstatic-fy FeedbackVector::SetOptimizedCode. - Remove frame-walking logic during the OSR tierup decision. Bug: v8:12161 Change-Id: I4fa8c972cb50d369b17898ba57e1909c86e933df Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3560478 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79686}	2022-03-31 10:01:50 +00:00
Jakob Gruber	3ce690eef2	[osr] Basic support for concurrent OSR This CL adds basic support behind --concurrent-osr, disabled by default. When enabled: 1) the first OSR request starts a concurrent OSR compile job. 2) on completion, the code object is inserted into the OSR cache. 3) the next OSR request picks up the cached code (assuming the request came from the same JumpLoop bytecode). We add a new osr optimization marker on the feedback vector to track whether an OSR compile is currently in progress. One fundamental issue remains: step 3) above is not guaranteed to hit the same JumpLoop, and a mismatch means the OSR'd code cannot be installed. This will be addressed in a followup by targeting specific bytecode offsets for the install request. This change is based on fanchen.kong@intel.com's earlier change crrev.com/c/3369361, thank you! Bug: v8:12161 Change-Id: Ib162906dd4b6ba056f62870aea2990f1369df235 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3548820 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79685}	2022-03-31 09:58:40 +00:00
Frank Tang	803d1d3961	[Temporal] Add Calendar.prototype.monthsInYear Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.monthsinyear Note- this is only the non-intl version. intl version in https://tc39.es/proposal-temporal/#sup-temporal.calendar.prototype.monthsinyear will be implemented in later cl. Bug: v8:11544 Change-Id: Ibf7a9f1e64ce638f745df2649ee3a69dc9e08139 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3531559 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#79682}	2022-03-31 00:18:23 +00:00
Frank Tang	eb9a19a0a1	[Temporal] Add Calendar.prototype.dayOfYear Also add AO: ToISODayOfYear Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.dayofyear https://tc39.es/proposal-temporal/#sec-temporal-toisodayofyear Note- this is only the non-intl version. intl version in https://tc39.es/proposal-temporal/#sup-temporal.calendar.prototype.dayofyear will be implemented in later cl. Bug: v8:11544 Change-Id: I5e5f9ea93cc0577df8d9b228efe5c3a97d118b88 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3531566 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#79681}	2022-03-30 22:16:50 +00:00
Adam Klein	ac4c2afc7f	Skip mjsunit/shared-memory/shared-struct-atomics-workers under stress_snapshot Bug: v8:12749 Change-Id: I33d0313625c38f9634ffba5ed358c1782811ddde Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3561184 Commit-Queue: Adam Klein <adamk@chromium.org> Auto-Submit: Adam Klein <adamk@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#79680}	2022-03-30 17:35:20 +00:00
Marja Hölttä	185d6116ae	[super IC] Fix API getter related bugs and re-enable super IC Bug: chromium:1308360,chromium:1309467,v8:9237 Change-Id: I2923e3ee60b4b30c4e2b57b9c8569a030fc7bfbd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3550588 Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#79676}	2022-03-30 13:09:20 +00:00
Dominik Inführ	3eb8671edb	[heap] Fix global safepoint when waiting in event loop When starting a global safepoint, it could happen that one isolate is waiting/blocking in the event loop, which prevents this isolate from reaching a safepoint. As a consequence we therefore deadlock when performing the safepoint. We can solve this by simply posting a task for each isolate that when run performs a safepoint check. This CL also renames IncludeMainThreadUnlessInitiator to ShouldIncludeMainThread. Bug: v8:11708, v8:12645 Change-Id: Ide956b3c39b350c2bb0279a7dd94ff79cb9d771b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3555771 Reviewed-by: Anton Bikineev <bikineev@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#79675}	2022-03-30 12:59:31 +00:00
Jakob Gruber	57d985a584	Refactor OptimizationMarker and ConcurrencyMode enums .. with readability and simplicity in mind. - Rename OptimizationMarker to the (shorter) TieringState. 'Tiering' also matches 'TieringManager' terminology. - Rename the values: kNone -> kNone kInOptimizationQueue -> kInProgress kCompileFoo_NotConcurrent -> kRequestFoo_Synchronous kCompileFoo_Concurrent -> kRequestFoo_Concurrent - Likewise rename ConcurrencyMode::kNotConcurrent to kSynchronous. - Add predicates to test enum values. - Consistent lower case names for accessors on JSFunction and FeedbackVector. - Instead of having to call HasOptimizationMarker() before using any other accessor, simply have optimization_marker() return kNone if no feedback vector exists. - Drive-by: Enable the Unreachable() in MaybeOptimizeCode() unconditionally - this should never happen, there's no reason not to protect against this in release builds as well. Bug: v8:12161 Change-Id: I67c03e2b7bd0a6b86d0c64f504ad8cb47e9e26ae Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3555774 Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Auto-Submit: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79669}	2022-03-30 08:37:42 +00:00
jameslahm	55e526c4c2	[compiler] Optimize kWord64And x64 instruction selector - For y = x & 0xFF, we could use movzxbq y, x. - For y = x & 0xFFFF, we could use movzxwq y, x. - For y = x & 0xFFFFFFFF, we could use movl y, x. - For y = x & immediate and immediate fits into uint32, we could use andl x, immediate. Bug: v8:12337 Change-Id: I31f04fa9058c6acabb210f0fce61ac713ed1a382 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3518913 Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#79668}	2022-03-30 08:12:30 +00:00
Nico Hartmann	98db200c3d	Revert "[wasm-gc] Implement isorecursive canonicalization" This reverts commit `e76ad5c6d9`. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20-%20shared/19438/overview Original change's description: > [wasm-gc] Implement isorecursive canonicalization > > This implements isorecursive canonicalization for static types. > > Not implemented in this CL: > - Runtime type canonicalization. > - Cross-module signature canonicalization for purposes of call_indirect. > > Bug: v8:7748 > Change-Id: I6214f947444eea8d7b15a29b35c94c3d07ddb525 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3541925 > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79665} Bug: v8:7748 Change-Id: I9e26696a7113b1bacafa800c8d6ef24df38c41fd No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3557233 Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Owners-Override: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#79667}	2022-03-30 07:47:00 +00:00
Manos Koukoutos	e76ad5c6d9	[wasm-gc] Implement isorecursive canonicalization This implements isorecursive canonicalization for static types. Not implemented in this CL: - Runtime type canonicalization. - Cross-module signature canonicalization for purposes of call_indirect. Bug: v8:7748 Change-Id: I6214f947444eea8d7b15a29b35c94c3d07ddb525 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3541925 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#79665}	2022-03-30 06:23:30 +00:00
Shu-yu Guo	21cfbf047e	[rab/gsab] Support RAB/GSABs in context snapshot Bug: v8:11111, v8:12731, v8:12742 Change-Id: I2679c0e64faca25a2c16e15fd3a5c727eb941c92 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3551894 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#79662}	2022-03-29 22:37:49 +00:00
Adam Klein	7cc6e6a4e0	Skip failing mjsunit/regress/regress-crbug-1307310 in stress_snapshot Bug: v8:12742 Change-Id: If96908f8585a5789c09d98bb8ca06f9a9fb6fc7e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3558310 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#79659}	2022-03-29 17:21:30 +00:00
Toon Verwaest	ecc3c6367f	[maglev] CompactInterpreterFrameState fixes Bug: v8:7700 Change-Id: I1efa298a25bf15c104a57db3ec7cc4d7e36861eb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3553102 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Auto-Submit: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#79655}	2022-03-29 13:59:48 +00:00
Leszek Swirski	0a110021d2	[deoptimizer] Remove non-fixed-size deopts All architectures have kSupportsFixedDeoptExitSizes = true, so we can remove kSupportsFixedDeoptExitSizes entirely and always have fixed-size deopts. Change-Id: Ib696f6d2431f60677cc7fa2193ee27b9b0f80bc8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3550268 Reviewed-by: Jakob Gruber <jgruber@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79654}	2022-03-29 12:54:58 +00:00
Leszek Swirski	4fd61de7c1	[maglev] Fix over application return stack cleanup Under over-application (passing more arguments into a function than its formal parameter count), we need to use the passed argc to clean up the stack, rather than the formal parameter count. Fix Maglev's Return node code to do the appropriate check and dynamic sized return. Bug: v8:7700 Change-Id: I36037d29e14323b336974d4b75b75f5702ce8a28 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3555767 Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79649}	2022-03-29 10:39:28 +00:00
jameslahm	9641ce6438	[compiler] Optimize String#includes This CL adds the reduction for String#includes and merges the reduction of String#indexOf and String#includes in JSCallReducer. This CL does two things: - Add StringIndexOfIncludesVariant to distinguish String#indexOf and String#includes. - Add ReduceStringPrototypeIndexOfIncludes to reduce for String#indexOf and String#includes. Bug: v8:12732 Change-Id: Ied75485cf1511956e97ef986fc34a711aae3d1ce Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3552279 Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#79648}	2022-03-29 10:24:08 +00:00
Marja Hölttä	8c94b7ec7b	[rab/gsab] Fix the rab gsab TA initial map Bug: v8:11111,chromium:1307310 Change-Id: I41175d759e71d2016880eae1cd42e420ee9cc229 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3540262 Reviewed-by: Shu-yu Guo <syg@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#79646}	2022-03-29 07:31:41 +00:00
Dominik Inführ	a847182056	[heap] Initialize pages with placement-new Define ctors for BasicMemoryChunk, ReadOnlyPage, MemoryChunk, Page and LargePage. We can use those with placement-new to initialize pages. We now initialize chunks at once either for ReadOnlyPage, Page or LargePage. Previously initialization happened in multiple locations starting with BasicMemoryChunk::Initialize. Adding ctors to these classes should improve debugging, since debug info for classes without ctors was removed with the compiler flag `-fuse-ctor-homing`. Change-Id: Ib842bb9b1e93a6576cad8299b7c5dbfe299baa33 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3545092 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#79638}	2022-03-28 09:18:55 +00:00
jameslahm	bd7f4823c1	[error] Improve GetExport error message According to https://tc39.es/ecma262/#sec-InnerModuleLinking step 10 and https://tc39.es/ecma262/#sec-source-text-module-record-initialize-environment step 8-25, variables must be declared in Link. And according to https://tc39.es/ecma262/#sec-module-namespace-exotic-objects-get-p-receiver, accessing the exported variable with the hole value should throw uninitialized error. Bug: v8:12729 Change-Id: I6fd2fcc580f7bafca986448b37adb8ba8f077929 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3552281 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79637}	2022-03-28 09:03:45 +00:00
Frank Tang	8b663818fc	[Temporal] Add Temporal.Calendar.prototype.year Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.year Note- this is only the non-intl version. intl version in https://tc39.es/proposal-temporal/#sup-temporal.calendar.prototype.year will be implemented in later cl. Bug: v8:11544 Change-Id: Ifadcdb4efe00a9954d5ac4c1154420c4903f28d5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3531553 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#79635}	2022-03-26 23:18:06 +00:00
Frank Tang	cdafded496	[Temporal] Add Calendar.prototype.daysInYear Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.daysinyear Note- this is only the non-intl version. intl version in https://tc39.es/proposal-temporal/#sup-temporal.calendar.prototype.daysinyear will be implemented in later cl. Bug: v8:11544 Change-Id: I627fcf82641659c4697395057ee664a37f237228 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3531557 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#79634}	2022-03-26 22:16:54 +00:00
Frank Tang	c232d789c7	[Temporal] Add Duration.prototype.(abs\|negated) Also add AO: CreateNegatedTemporalDuration Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.duration.prototype.abs https://tc39.es/proposal-temporal/#sec-temporal.duration.prototype.negated https://tc39.es/proposal-temporal/#sec-temporal-createnegatedtemporalduration Bug: v8:11544 Change-Id: Ie522a7446f40c946c30f2e90c5f6c7fbc96c41eb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3380101 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#79633}	2022-03-26 22:15:14 +00:00
jameslahm	89ed081c17	[runtime] Add async-stack-trace support for Promise.allSettled ... with zero cost. Bug: v8:9357 Change-Id: I66985c3fd3e7b4efa354eb564c641562cf55ab49 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3518909 Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#79632}	2022-03-26 12:04:24 +00:00
Tobias Tebbi	e71ce3093d	Revert "[heap] Only start incremental marking when V8 is not in GC VM state." This reverts commit `f124b28d46`. Reason for revert: https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket/8818719400214419665/+/u/Check_-_stress_concurrent_allocation__flakes_/flush-baseline-code Original change's description: > [heap] Only start incremental marking when V8 is not in GC VM state. > > Bug: v8:12503 > Change-Id: Icda291d9770c46c7fee3c70dd4df97f320b1956a > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3398113 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Commit-Queue: Hannes Payer <hpayer@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79623} Bug: v8:12503 Change-Id: I067b308cfc4511d89144d2bb65a1dba24db62179 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3553104 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Owners-Override: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#79629}	2022-03-25 16:07:53 +00:00
legendecas	0a0ad98a5a	[ShadowRealm] WrappedFunction properties Implement WrappedFunction properties name/length. Bug: v8:11989 Change-Id: I050af5814537552ef6c2077802ffc726f2e08fa3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3507201 Reviewed-by: Shu-yu Guo <syg@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Chengzhong Wu <legendecas@gmail.com> Cr-Commit-Position: refs/heads/main@{#79628}	2022-03-25 16:00:33 +00:00
Hannes Payer	f124b28d46	[heap] Only start incremental marking when V8 is not in GC VM state. Bug: v8:12503 Change-Id: Icda291d9770c46c7fee3c70dd4df97f320b1956a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3398113 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/main@{#79623}	2022-03-25 11:53:23 +00:00
Marja Hölttä	c6b68cbfbd	[super IC] Turn off super ICs They make assumptions which don't hold for API handlers. Bug: v8:9237,chromium:1308360 Change-Id: I9f122c4e75a24d83ef3653cbf7a223ed522e4d13 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3548899 Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#79614}	2022-03-24 17:59:52 +00:00
Igor Sheludko	0981e91a4f	[runtime] Fix handling of interceptors Bug: chromium:1309225 Change-Id: Ifd62639a2aa18b633e7cf36632677ee16c977afd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3548458 Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#79613}	2022-03-24 17:50:12 +00:00
Shu-yu Guo	bcf43eb780	[string] Add additional ThinString test Add a test for the case where SlicedStrings of ThinStrings are looked up in the string table, testing the path that the original string's length differs from the actual string's length. Bug: chromium:1309767 Change-Id: I909c64397bf28ec33c3324d94882fbfe81ac4109 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3549837 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Auto-Submit: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#79610}	2022-03-24 16:46:12 +00:00
Nico Hartmann	fa374fc934	[turbofan] Fix a rare false positive in SLVerifier Bug: chromium:1309769, v8:12619 Change-Id: I880c7326f2ec91f1aa985d6b7ed67f8f5afc074b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3548897 Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/main@{#79608}	2022-03-24 15:04:23 +00:00
Marja Hölttä	0129218b08	[rab/gsab] Disable a test in stress-snapshot mode It's hitting unimplemented code paths. Bug: v8:11111, v8:12731 Change-Id: Icbffced6cbe207426363daa5f3b9ff5677b58b6c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3548816 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#79605}	2022-03-24 13:35:42 +00:00
Joyee Cheung	4ee68d81b9	[ic] fix handling of existing properties in Define{Keyed\|Named}OwnIC - When the property being defined with DefineKeyedOwnIC or DefineNamedOwnIC already exists, we should use the slow path to check if the operation is allowed in case the property is non-configurable or Object.preventExtensions() has been called on the property. - Since KeyedStoreIC:Store() reuses StoreIC::Store() when the key is a name, we should use Runtime::DefineObjectOwnProperty() for DefineKeyedOwnIC too. - When dealing with public fields, Runtime::DefineObjectOwnProperty() should use JSReceiver::CreateDataProperty() instead of Object::SetProperty() for the specified semantics. This patch also adds JSReceiver::AddPrivateField() for it and StoreIC::Store to define private fields without triggering traps or checking extensibility. - To emit a more specific error message when redefining properties on non-extensible objects, Object::AddDataProperty() now also takes a EnforceDefineSemantics enum to distinguish between set and define. - Drive-by: fix JSReceiver::CheckIfCanDefine() which should check for extensibility even if the configurability check passes. Bug: chromium:1259950, v8:9888 Change-Id: Ib1bc851ffd4b9c3a0e98cac96dafe743c08ee37e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3517934 Reviewed-by: Shu-yu Guo <syg@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Joyee Cheung <joyee@igalia.com> Cr-Commit-Position: refs/heads/main@{#79603}	2022-03-24 12:36:42 +00:00
Thibaud Michaud	672bf4ee6a	Reland "[wasm][liftoff] Spill regs for multi-value merges" This is a reland of commit `d9e1f2aee5` Change: disable regression test on non-SIMD hardware Original change's description: > [wasm][liftoff] Spill regs for multi-value merges > > If there is more than one value in the merge region, a stack-to-stack > move can overwrite the source of a stack-to-register move. To avoid > this, spill all registers. > > R=clemensb@chromium.org > > Bug: chromium:1299183 > Change-Id: I10495434d0a18c9072ee3882e00a687edd8c592a > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3523044 > Reviewed-by: Clemens Backes <clemensb@chromium.org> > Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79584} Bug: chromium:1299183 Change-Id: I6f2af786ab91194a93945f5030575d1b8abee7fd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3548716 Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#79601}	2022-03-24 12:15:43 +00:00
Benedikt Meurer	3eb6b7aca6	[debug] Hold on to promises weakly from the debugger's promise stack. The debugger maintains a stack of promises used for catch prediction with promise builtins and async functions. Previously this stack would hold on to the individual promises strongly, and subtle bugs that lead to not properly cleaning up the stack in some corner cases would often lead to significant memory issues (e.g. leaking whole iframes). This refactors the PromiseOnStack to be (a) on the V8 heap, rather than allocating C++ structs with global handles pointing to the promises, and (b) hold on to the promises only weakly. While this will not guarantee proper promise stack management, it will at least ensure that edge cases don't lead to catastrophic (debugger only) leaks. Bug: chromium:1292063 Change-Id: I9c293ca2032de3a59e1e9624f132d37187805567 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3545176 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/main@{#79594}	2022-03-24 08:16:32 +00:00
Clemens Backes	a18b1606d2	[wasm] Add validation of compilation hints Before productionizing this, we probably want to just ignore the whole section if it contains invalid data, but for now failing with a decode error is more consistent with existing checks. R=ecmziegler@chromium.org Bug: v8:12537 Change-Id: I7fc5933573a4d6eddd039bf51361c5bee5c5170d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3545177 Reviewed-by: Emanuel Ziegler <ecmziegler@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#79593}	2022-03-24 07:12:53 +00:00
Tobias Tebbi	89c213bb0f	Reland "cppgc: Add DCHECK that object start bitmap is safe to use" This reverts commit `ad09811a18`. Reason for revert: reverted by accident Original change's description: > Revert "cppgc: Add DCHECK that object start bitmap is safe to use" > > This reverts commit `9e1db51817`. > > Reason for revert: https://chromium-review.googlesource.com/c/v8/v8/+/3535782 causes roll failures, this needs to be reverted too because it's based on it > > Original change's description: > > cppgc: Add DCHECK that object start bitmap is safe to use > > > > During sweeeping/compaction the bitmap is being reconstructed and > > should not be relied on for finding object start. > > Add a DCHECK that the bitmap is fully populated. > > > > Bug: chromium:1307471 > > Change-Id: I4aa414722262bb6fb169123a49fce1510a60d3ef > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3540680 > > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > > Commit-Queue: Omer Katz <omerkatz@chromium.org> > > Cr-Commit-Position: refs/heads/main@{#79575} > > Bug: chromium:1307471 > Change-Id: I377b8737609fff33199776dce3d997f31074c59b > No-Presubmit: true > No-Tree-Checks: true > No-Try: true > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3545316 > Auto-Submit: Tobias Tebbi <tebbi@google.com> > Owners-Override: Tobias Tebbi <tebbi@google.com> > Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> > Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> > Cr-Commit-Position: refs/heads/main@{#79586} Bug: chromium:1307471 Change-Id: I04357072c6974e045c1e2bdea93d4059a1e987b2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3545319 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Owners-Override: Tobias Tebbi <tebbi@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Reviewed-by: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/main@{#79592}	2022-03-23 22:58:42 +00:00
Tobias Tebbi	19633c4e2c	Revert "cppgc: Add regression test and check for object start bitmap" This reverts commit `164a040a2a`. Reason for revert: roll failure: https://ci.chromium.org/ui/p/chromium/builders/try/cast_shell_linux/1164753/overview Original change's description: > cppgc: Add regression test and check for object start bitmap > > Access to the object start bitmap is only safe during marking until > sweeping is started as the concurrent sweeper may clear and rebuild > the bitmap at any time during sweeping. > > Adds a DCHECK and an additional test for a previously broken > pre-finalizer scenario. > > Bug: chromium:1307471 > Change-Id: If67ade43f7cdad6de4720c0efeac11bfe8c22b3c > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3535782 > Reviewed-by: Nikolaos Papaspyrou <nikolaos@chromium.org> > Reviewed-by: Omer Katz <omerkatz@chromium.org> > Commit-Queue: Michael Lippautz <mlippautz@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79550} Bug: chromium:1307471 Change-Id: I181e63a34eae9369184fb86112bc64e53b8bfad5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3545317 Owners-Override: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#79590}	2022-03-23 21:07:16 +00:00
Michael Lippautz	f6386018d4	[api] Remove TracedGlobal<> Remove deprecated TracedGlobal<>, greatly simplifying handling of traced references in general. Also saves a word per v8::TracedReference as there's no need to keep a possible callback around. Bug: v8:12603 Change-Id: Ice35d7906775b912d02e97a27a722b3e1cec28d9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3532251 Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#79589}	2022-03-23 21:04:51 +00:00
Michael Lippautz	542a78458f	MockTracingPlatform: Fix uaf with stack-scoped platform This fixes a general race with stack-scoped `TestPlatform` which may go out of scope while tasks on workers are still running. Add a barrier for workers, implemented through tasks, to synchronize destruction of `TestPlatform`. While this fixes general races, such short-lived platforms still break if tasks cache the global platform pointer. Bug: v8:12635 Change-Id: Ifc6ecc29f0e2b7297ca52051eae9bd81013b60ce Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3536651 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#79587}	2022-03-23 20:22:42 +00:00
Tobias Tebbi	ad09811a18	Revert "cppgc: Add DCHECK that object start bitmap is safe to use" This reverts commit `9e1db51817`. Reason for revert: https://chromium-review.googlesource.com/c/v8/v8/+/3535782 causes roll failures, this needs to be reverted too because it's based on it Original change's description: > cppgc: Add DCHECK that object start bitmap is safe to use > > During sweeeping/compaction the bitmap is being reconstructed and > should not be relied on for finding object start. > Add a DCHECK that the bitmap is fully populated. > > Bug: chromium:1307471 > Change-Id: I4aa414722262bb6fb169123a49fce1510a60d3ef > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3540680 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Commit-Queue: Omer Katz <omerkatz@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79575} Bug: chromium:1307471 Change-Id: I377b8737609fff33199776dce3d997f31074c59b No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3545316 Auto-Submit: Tobias Tebbi <tebbi@google.com> Owners-Override: Tobias Tebbi <tebbi@google.com> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#79586}	2022-03-23 20:05:12 +00:00
Shu-yu Guo	7566979213	Revert "[wasm][liftoff] Spill regs for multi-value merges" This reverts commit `d9e1f2aee5`. Reason for revert: Linux test failures: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux/45960/overview Original change's description: > [wasm][liftoff] Spill regs for multi-value merges > > If there is more than one value in the merge region, a stack-to-stack > move can overwrite the source of a stack-to-register move. To avoid > this, spill all registers. > > R=clemensb@chromium.org > > Bug: chromium:1299183 > Change-Id: I10495434d0a18c9072ee3882e00a687edd8c592a > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3523044 > Reviewed-by: Clemens Backes <clemensb@chromium.org> > Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79584} Bug: chromium:1299183 Change-Id: I465129695cfc1c5678923f7eefe5b91e31383798 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3546745 Auto-Submit: Shu-yu Guo <syg@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Shu-yu Guo <syg@chromium.org> Owners-Override: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#79585}	2022-03-23 19:35:32 +00:00
Thibaud Michaud	d9e1f2aee5	[wasm][liftoff] Spill regs for multi-value merges If there is more than one value in the merge region, a stack-to-stack move can overwrite the source of a stack-to-register move. To avoid this, spill all registers. R=clemensb@chromium.org Bug: chromium:1299183 Change-Id: I10495434d0a18c9072ee3882e00a687edd8c592a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3523044 Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#79584}	2022-03-23 18:08:31 +00:00
Joyee Cheung	639c09a341	[class] fix read-only private references in logical assignments Since assignments to read-only private references can be skipped due to short-circuiting in logical assignments, we should not eagerly emit the error of invalid writes, and should instead load the values as usual, only emitting an error when the assignment happens, which can be handled by BytecodeGenerator::BuildAssignment(). Bug: v8:12680, v8:8330, v8:10372 Change-Id: Ia5fea9090bc48b0af8a9c8d6f95174f7aa2d86f8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3509298 Reviewed-by: Shu-yu Guo <syg@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Joyee Cheung <joyee@igalia.com> Cr-Commit-Position: refs/heads/main@{#79583}	2022-03-23 16:16:32 +00:00
Marja Hölttä	b35964839c	[rab/gsab] RAB/GSAB support for Object.DefinePropert(y\|ies) Bug: v8:11111,chromium:1306929 Change-Id: I26e4c5d7e87f75844e60952f30e8fe20189910c4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3535783 Reviewed-by: Shu-yu Guo <syg@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#79577}	2022-03-23 14:17:17 +00:00
Omer Katz	9e1db51817	cppgc: Add DCHECK that object start bitmap is safe to use During sweeeping/compaction the bitmap is being reconstructed and should not be relied on for finding object start. Add a DCHECK that the bitmap is fully populated. Bug: chromium:1307471 Change-Id: I4aa414722262bb6fb169123a49fce1510a60d3ef Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3540680 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/main@{#79575}	2022-03-23 13:39:32 +00:00
David Sanders	cabf441d12	Fix typos, intial* -> initial* Change-Id: Ia5066069304ae2eee442cd3e224c0c0c0816fd75 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3543179 Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#79574}	2022-03-23 13:20:33 +00:00
Michael Lippautz	aca727f69f	heap: Remove OneShotBarrier The code is dead since migrating to jobs API. Change-Id: Icdcc3523ffe5830ef5851cf4ea86e579841f543c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3540103 Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#79573}	2022-03-23 13:02:21 +00:00

... 8 9 10 11 12 ...

30492 Commits