Commit Graph

75642 Commits

Author SHA1 Message Date
Clemens Backes
85cf4be909 [wasm][fuzzer] Refactor second instantiation
The fuzzer instantiates the module twice: Once for reference
interpretation / execution, and once for the actual execution of
Liftoff/TurboFan code.
For some reason, the two code paths for interpretation and Liftoff
reference execution used different patterns: Interpretation was using
the first instance, and then creating a second instance for actual
execution, whereas the Liftoff path used a second instance for the
reference execution and used the first one for the actual execution.

This CL refactors this to always create a "reference instance" first,
use that for either the interpreter or Liftoff, and then create a second
instance for the actual execution.

R=thibaudm@chromium.org

Bug: v8:12425
Change-Id: I19754264240d8570f00161abb7aecba1cc2b2ae0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683323
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80900}
2022-06-01 16:46:28 +00:00
Seth Brenith
4b1b7e29ba Change key format for script cache
This is a partial reland of https://crrev.com/c/3597106 including fixes
from https://crrev.com/c/3654413

Before this change, a script cache key is the same format as an eval
cache key, which is a FixedArray containing:
- The SharedFunctionInfo of the containing function
- The source text
- The language mode in which the code was parsed
- The position in the source where eval was called

After this change, a script cache key is a WeakFixedArray containing:
- A weak pointer to the Script
- The hash value of the source text

This sets up for a subsequent change which can cause these keys to
outlive their corresponding values (top-level SharedFunctionInfos)
without leaking any memory beyond the key itself.

Bug: v8:12808
Change-Id: Ibdfe5d10eafe5b7392e554c500af47975baf45c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3668304
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#80899}
2022-06-01 16:16:48 +00:00
Marja Hölttä
bfa18f9e57 [rab/gsab] Move OOB check to ValidateIntegerTypedArray
The OOB check belongs in ValidateIntegerTypedArray according to the
spec.

This also fixes the error types for OOB TypedArrays when doing Atomics:
OOB TypedArrays should get a TypeError, not RangeError.

Bug: v8:11111
Change-Id: Ice2e5695d69d84b2c20a4cf8f06880673d901a91
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3676859
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80898}
2022-06-01 16:12:16 +00:00
Maya Lekova
8721f45bc7 [fastcall] Don't generate a branch in no options case
This CL addresses a TODO left from implementing Wasm entry to fast C
calls in https://chromium-review.googlesource.com/c/v8/v8/+/3440694/
and avoids generating a branch in case it's not needed (either because
the embedder isn't providing an options object, which is the case
for Wasm, or because we're not generating overloads).

Bug: chromium:1052746
Change-Id: I7323f85801c034f0c47877ea15f677a53d3acea3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3650923
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80897}
2022-06-01 14:43:38 +00:00
Shu-yu Guo
dc4cbcb9ca Retain current code in EnsureBytecodeArrayAvailable if not compiled
IsCompiledScope retains code to protect against code flushing. The
current API is easily misused by forgetting to initialize
IsCompiledScope with a SFI's current state.

Change-Id: Ie8ab60acc4fb85c4b8b76c52040976e2e34f9d5e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3674117
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80896}
2022-06-01 14:31:58 +00:00
Leszek Swirski
c48f5fdfbd [parser] Keep track of whether parses are re-parses
Some parses are actually re-parses of an already parsed function; things
like source position collection, CallPrinter AST walks, debugger, etc.

These may want slightly different parse behaviour -- in particular, we
likely don't want to post parallel compile tasks for them. So, keep
track externally of which parses are reparses, and suppress parallel
compile tasks for them.

Change-Id: I8b38caad1a385e08231bd247774e9804a409de0e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3291317
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80895}
2022-06-01 14:08:48 +00:00
Omer Katz
33ca2bcbcd [heap] Use black color in MinorMC
MinorMC only used a single color (grey) while the full MC used 2 colors
(grey and black). Update MinorMC to use black as well. This aligns and
brings full MC and MinorMC closer, and allows to reuse more of the
existing sweeping infrastructure for the non-moving MinorMC.

Bug: v8:12612
Change-Id: Ifa740537c4587dc197196e41829ea74a312b79d0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683320
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80894}
2022-06-01 13:21:30 +00:00
Clemens Backes
3694eba74e [wasm][fuzzer] More output for failed instantiation
The fuzzers sometimes fail to instantiate a module that we already
instantiated before. This is nondetermistic and hard to reproduce (maybe
an out-of-memory situation).
Make the fuzzers print the error message so we learn more about those
failures.

R=ahaas@chromium.org

Bug: chromium:1330572
Change-Id: I0db103bdb113b1c1cedf662e02fb7a7f9d34ebd7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3680298
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80893}
2022-06-01 13:14:38 +00:00
Marja Hölttä
0df222ac71 Reland "[rab/gsab] Fix ObjectSerializer"
This time without stray changes.

Previous version: https://chromium-review.googlesource.com/c/v8/v8/+/3657431

Bug: v8:11111
Change-Id: I365224040c2d1b490a8d92513b9e73027bf8bb0d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683609
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80892}
2022-06-01 12:40:08 +00:00
Leszek Swirski
1acb5db0ea [test] Add perfetto initialisation to unittest runner
Bug: v8:12781
Change-Id: I1cf929e1d817ba81d25ba5095872b975c13f40d3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683319
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80891}
2022-06-01 12:32:17 +00:00
Clemens Backes
045a2b88ed [tools] Flush stdout before reading input
The last line of output (which is not terminated by a newline) was not
showing for me when running the merge script. We can either fix it by
specifying `flush=True` at the `print` statement, or flushing before
reading user input. The latter seems more future-proof.

R=machenbach@chromium.org

Change-Id: I61cb929d2f7cdd20b3e32b9beb1653fe2d5c5791
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3676857
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80890}
2022-06-01 11:26:38 +00:00
jameslahm
a9ca9f7dbc [test] Move cctest/test-flags to unittests/flags/
... flag-definitions-unittest.

Bug: v8:12781
Change-Id: I11cd6acc4d7c548773f013fcaf5a2de5b47d730b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3682879
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#80889}
2022-06-01 11:06:31 +00:00
Marja Hölttä
a11fac26c7 Revert "Reland "[rab/gsab] Temporarily stage --harmony-rab-gsab to enable fuzzing""
This reverts commit df73fd6031.

Reason for revert: Reverting before branch

Original change's description:
> Reland "[rab/gsab] Temporarily stage --harmony-rab-gsab to enable fuzzing"
>
> This reverts commit 24286b8e24.
>
> Reason for revert: Re-staging the experimental flag for fuzzing
>
> Original change's description:
> > Revert "[rab/gsab] Temporarily stage --harmony-rab-gsab to enable fuzzing"
> >
> > This reverts commit b8f88be06e.
> >
> > Reason: disabling an experimental feature in release branch
> >
> > Bug: v8:11111,v8:12870
> > Change-Id: I6fbd6bdb318c0d25e69c04db208a0d5f2b9ebbd7
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647357
> > Auto-Submit: Marja Hölttä <marja@chromium.org>
> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> > Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
> > Cr-Commit-Position: refs/heads/main@{#80520}
>
> Bug: v8:11111,v8:12870
> Change-Id: I0a45ed5ce53010196949dda23773d152aa605846
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647836
> Commit-Queue: Marja Hölttä <marja@chromium.org>
> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
> Cr-Commit-Position: refs/heads/main@{#80576}

Bug: v8:11111,v8:12870
Change-Id: Ib32c1ba464dde7a5c8cc16f32680bad144bb4304
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683358
Reviewed-by: Lutz Vahl <vahl@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80888}
2022-06-01 11:05:28 +00:00
Liviu Rau
0281df0421 [test] Refactor testrunner (1)
Bringing test closer together

Bug: v8:12785
Change-Id: I2eed79fd3b1bda210b1f58b341422fc0c6435bfd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3678210
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80887}
2022-06-01 10:37:21 +00:00
Pan, Tao
2c99b26d8f [compiler] Add condition use_ic to the removing the optimized OSR code logic
The removing the optimized OSR code logic depends on collecting
the reference of the optimized OSR code in ic.

Bug: chromium:1330405, chromium:1330452, chromium:1330454, chromium:1330486, chromium:1330545
Change-Id: I0981a6b2f41bd7f90b74a1866c91d6eb35c5c591
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3679846
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Tao Pan <tao.pan@intel.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80886}
2022-06-01 10:10:28 +00:00
Danil Somsikov
0944ea06c6 Disable command-line API for untrusted inspector clients.
Bug: chromium:1290236
Change-Id: Ie8cda6fd6260d30d3107d3b0288e01960b0e2d3e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3677293
Auto-Submit: Danil Somsikov <dsv@chromium.org>
Commit-Queue: Danil Somsikov <dsv@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80885}
2022-06-01 09:37:58 +00:00
Camillo Bruni
b29ed5a59a [tools] run-tests.py
List all variants for the --variant help text

Change-Id: I249d8140b19e13dc3eceedaade2b856b1fdb1567
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663088
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80884}
2022-06-01 09:17:58 +00:00
Liviu Rau
7aca2b8fd2 [test] Cleanup
Unused imports and some deprecation related updates.

Bug: v8:12785
Change-Id: Ia3998a75f0c3b83eef4134741c1bda5f3d49c6f4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3678840
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80883}
2022-06-01 09:09:18 +00:00
jameslahm
9d12255c1e [test] Move cctest/test-managed to unittests/objects/
... managed-unittest.

Bug: v8:12781
Change-Id: Ic9dea14ffd0f8ca944c39d791c2b66aa1f76bcfe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3682881
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#80882}
2022-06-01 08:05:31 +00:00
jameslahm
a9a44a3126 [test] Move cctest/test-threads to unittests/execution/
... threads-unittest.

Bug: v8:12781
Change-Id: I1294d0bf9f47c158532a489657bc1e5349afce79
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3682882
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#80881}
2022-06-01 08:01:51 +00:00
jameslahm
daee783c73 [test] Move cctest/test-hashmap to unittests/base/
... hashmap-unittest.

Bug: v8:12781
Change-Id: Id2d4c1d41540791e4c32919d4da4648565ac9faf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3682880
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#80880}
2022-06-01 08:00:48 +00:00
Leszek Swirski
507e5743bb [maglev] Fix Phi register state at end of blocks
When injecting locations for block-end gap moves into Phis, make sure to
maintain register frame state too, so that the subsequent
MergeRegisterValues call sees the result of these moves.

Bug: v8:7700
Change-Id: I4f68e386c5a6cc578d26904306cb9b0c2f7a90d6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3676861
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80879}
2022-06-01 07:29:10 +00:00
Leszek Swirski
c7aef55208 [maglev] Fix dead fallthrough merging
Add a method which optionally merges dead fallthrough paths, in case the
iteration in EmitUnconditionalDeopt reaches a merge point that is live
from another jump but dead on the fallthrough.

Bug: v8:7700
Change-Id: Ie505cd5356fcf70208f2f6d3e52b805956485f74
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663086
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80878}
2022-06-01 07:26:48 +00:00
Dominik Inführ
c6527293a5 [heap] Fix external bytes accounting when promoting large objects
Unlike other spaces we didn't update external bytes counters when
adding or removing pages from large spaces.

Bug: chromium:1329766
Change-Id: I5fbc8703964f9e4e846d986c32c5d57ed4f0c0c5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3681118
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80877}
2022-06-01 07:24:08 +00:00
v8-ci-autoroll-builder
6f1e3e6f4a Update V8 DEPS.
Rolling v8/build: b2f1ec8..fb6ee35

Rolling v8/buildtools: a5fa465..8b16338

Rolling v8/buildtools/linux64: git_revision:c547ca1497e3ff0dcbc0b2cb036b3d40380cbeeb..git_revision:37baefb026b199605affa7bcb24810d1724ce373

Rolling v8/buildtools/third_party/libc++/trunk: 79a2e92..b126981

Rolling v8/buildtools/third_party/libc++abi/trunk: 4ad92ec..c30c515

Rolling v8/buildtools/third_party/libunwind/trunk: d03f56b..5e737be

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/a1cf7a2..fba169d

Rolling v8/third_party/depot_tools: 4e6aa25..e1197f0

Rolling v8/third_party/fuchsia-sdk/sdk: version:8.20220522.3.1..version:8.20220531.3.1

Rolling v8/third_party/zlib: 80b28c9..64bbf98

Rolling v8/tools/clang: 6df1876..393c871

Rolling v8/tools/luci-go: git_revision:0ef9351a5b73943d547fb27d463d5f4a1572727f..git_revision:de014227dd270df7c61bfab740eb4ae4b52ac2a7

Rolling v8/tools/luci-go: git_revision:0ef9351a5b73943d547fb27d463d5f4a1572727f..git_revision:de014227dd270df7c61bfab740eb4ae4b52ac2a7

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I350575968cfc4adfe6d6785146735d83debfa0a6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3682481
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#80876}
2022-06-01 03:53:48 +00:00
Shu-yu Guo
7ff1857560 Reland "[shared-struct] Add Atomics.Mutex"
This is a reland of commit ea9a1f1cbe

Changes since revert:
- Make the state field uintptr-aligned since arm64 faults on
  atomic accesses to non-naturally aligned addresses.

Original change's description:
> [shared-struct] Add Atomics.Mutex
>
> This CL adds a moving GC-safe, JS-exposed mutex behind the
> --harmony-struct flag. It uses a ParkingLot-inspired algorithm and
> each mutex manages its own waiter queue.
>
> For more details, please see the design doc: https://docs.google.com/document/d/1QHkmiTF770GKxtoP-VQ1eKF42MpedLUeqiQPfCqus0Y/edit?usp=sharing
>
> Bug: v8:12547
> Change-Id: Ic58f8750d2e14ecd573173d17d5235a136bedef9
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3595460
> Commit-Queue: Shu-yu Guo <syg@chromium.org>
> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80789}

Bug: v8:12547
Change-Id: I776cbf6ea860dcc6cb0ac51694a9b584b53d255c
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3673354
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80875}
2022-06-01 01:12:07 +00:00
Shu-yu Guo
0f510c4ab1 [change-array-by-copy] Implement with
Bug: v8:12764
Change-Id: I67b9b0e4f3c7ca6a2719c234b7f7605f07f86b28
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3671760
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80874}
2022-06-01 00:47:32 +00:00
Milad Fa
5c445ebbea PPC/S390: [regalloc] Improve gap resolver algorithm
Port: a77dd89e4c

Bug: v8:5210, chromium:1269989, chromium:1313647
Change-Id: I91cb97d7d807c70939a8da4b80386d5aed5f3c8b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3677453
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/main@{#80873}
2022-05-31 20:55:47 +00:00
Andreas Haas
b1f896337d [wasm] Enter CallDepthScope after compilation to execute microtasks
When async compilation finishes for WebAssembly, the promise returned by
`WebAssembly.compile()` gets resolved. Resolving the promise creates a
microtask that should get executed automatically when the call stack
empties up when MicrotasksPolicy::kAuto is used. However, this policy
requires a CallDepthScope to work, but there is no CallDepthScope when
WebAssembly compilation finishes. This CL adds this CallDepthScope.

R=jkummerow@chromium.org

Bug: chromium:1297672
Change-Id: I1bd607dec9daf08b3dbb1294393a8af255d222ff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3679579
Auto-Submit: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80872}
2022-05-31 19:32:07 +00:00
Milad Fa
efcbd13355 S390: Add missing headers to disasm-s390-unittest
Modification is needed since after this CL:
https://crrev.com/c/3676642

Bug: v8:12781
Change-Id: Icb2644c9cd6f20e37c4b0ba0c4b861417c84b7f1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3679980
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#80871}
2022-05-31 17:51:08 +00:00
Joyee Cheung
4bdbccc392 Revert "[heap] pre-populate the single_character_string_cache"
This reverts commit 07e11a64e4.

Reason for revert: caused regressions and heap verification failures

Bug: chromium:1330410, chromium:1330408, chromium:1330413

Original change's description:
> [heap] pre-populate the single_character_string_cache
>
> This simplifies the code and removes the runtime overhead of
> spontaneously adding strings to the cache.
>
> Bug: v8:12718
> Change-Id: I2ed49bd82e3baf2563eeb8f463be72c0308c52c5
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616553
> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Joyee Cheung <joyee@igalia.com>
> Cr-Commit-Position: refs/heads/main@{#80803}

Bug: v8:12718
Change-Id: I569fea9e34effd57c9e7c65190cf5b4ec0b0623b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3679680
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Owners-Override: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80870}
2022-05-31 16:41:47 +00:00
Nikolaos Papaspyrou
4651df6bba heap: Fix and clean up object start bitmap
This CL introduces the following changes to the experimental
implementation of the object start bitmap, that is evaluated as
a mechanism for resolving inner pointers (behind the flag
v8_enable_conservative_stack_scanning):

- Manually iterate through page objects, instead of using the
  PagedSpaceObjectIterator, for performance (avoid calling
  MakeHeapIterable all the time) and to simplify the handling
  of filler objects.
- Clear bits when reusing evacuated pages of the new space.
- Use the cage base to iterate correctly through code objects.
- Introduce a method for verifying the validity of the object
  start bitmap.
- Minor fixes, additional checks and cleanup.

Bug: v8:12851
Change-Id: I245937ffe6f4b53c4c2dcf5126e8836aec4dc79e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3675099
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80869}
2022-05-31 16:37:08 +00:00
Leszek Swirski
a9bfe31a2b [print] Support weak maps in load feedback printing
Fixed: chromium:1330584
Change-Id: I8ae7942226350e52419e42fc46cb157bd480d102
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3680301
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80868}
2022-05-31 16:34:47 +00:00
Clemens Backes
ca7e0c669b [wasm] Remove sampling on top tier finished
Remove code size and compilation time sampling for the "top tier
finished" event. With dynamic tiering, this event will never be reached.

R=ahaas@chromium.org

Bug: v8:12899
Change-Id: I1b0d053e31fe8cd1f8ba3b23bfff4c5879569b45
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647691
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80867}
2022-05-31 16:20:58 +00:00
Leszek Swirski
f215daa819 Reland "Reland "[test] Move tracing cctest to unittests""
This is a reland of commit 3b251debfb

Annotates the perfetto proto include with nogncheck, because gn's header
checker doesn't understand preprocessor directives.

See
https://gn.googlesource.com/gn/+/main/docs/reference.md#advice-on-fixing-problems

Original change's description:
> Reland "[test] Move tracing cctest to unittests"
>
> This is a reland of a7d6bf9662
>
> Added perfetto to unittests include_rules.
>
> Bug: v8:12781
> Change-Id: Iabf0e62abb1de879de21ba06fbd38f5432ee4f76
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652295
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80847}

Bug: v8:12781
Change-Id: I886df9254d8fecd56f64110f04b1447937605b58
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3680299
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80866}
2022-05-31 16:16:57 +00:00
Clemens Backes
d5d3ecaeea [API] Avoid macro list for defining API methods
The macro list makes it difficult to impossible to deprecate individual
methods (like the one receiving a {WasmModuleTieredUp} struct).
Hence avoid the macro list and instead call the macro explicitly for
each definition.

R=cbruni@chromium.org

Bug: v8:12899
Change-Id: I4139de7721c4a1450920c5be312e91e7478e6fa7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3667076
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80865}
2022-05-31 16:12:37 +00:00
Danil Somsikov
851b529d00 Fix uniqueDebuggerId so that it returns debugger id, not the context id
Bug: chromium:1240663
Change-Id: I133e3de012b08666c767478b8ad6fd7bf7c0fa35
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3679098
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Auto-Submit: Danil Somsikov <dsv@chromium.org>
Commit-Queue: Danil Somsikov <dsv@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80864}
2022-05-31 15:45:58 +00:00
Clark DuVall
806748acc7 Allow BackgroundCompileTask to be created from a background thead
This will be useful for implementing crbug.com/1328448.

Bug: v8:12916
Change-Id: Id22ae96f6c1f9b72ab09508dd1f6dc2d70f8b5d4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3677654
Commit-Queue: Clark DuVall <cduvall@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80863}
2022-05-31 15:21:58 +00:00
Patrick Thier
f22c7eb65c [turbofan] Add Late Escape Analysis to JS pipeline
Add a new late escape analysis pass to JS late optimizations.
The new pass simply removes allocations that are not used (besides
initializing stores to the object).

Bug: v8:12200
Change-Id: I01fc6233cca2f369c77ff2116ed7c4da1a232d95
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3677298
Commit-Queue: Patrick Thier <pthier@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80862}
2022-05-31 14:45:07 +00:00
Junliang Yan
b77ff66b4c ppc64: [baseline] fix condition register
Change-Id: Ia6f542104887624d80eebd309f16b7da94159fc4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3679978
Reviewed-by: Milad Farazmand <mfarazma@redhat.com>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/main@{#80861}
2022-05-31 14:08:37 +00:00
Dominik Inführ
2bdd845a7c [heap] Turn AssertNoTypedSlotsInFreeMemory into DCHECK
After AssertNoTypedSlotsInFreeMemory being a CHECK for some time now to
get more test coverage, turn this into a DCHECK again.

This CL also renames the methods used by the sweeper to clear typed
slots in free memory. It was previously called "invalid slots" but
IMHO that could be a bit misleading, since this isn't about object slot
invalidation (where we also filter slots) but only really about slots in
free memory.

Bug: v8:12760
Change-Id: I8f414be06207460531fa54189b9ef1be85f4ecb6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3679578
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80860}
2022-05-31 13:50:57 +00:00
Clemens Backes
d829c65398 [wasm] Remove "WaitForTopTierFinished" method
The method is already misleading, as with dynamic tiering the "top tier"
is defined to be the same as the "baseline tier" (i.e. Liftoff). Hence
the method does not do what you would expect it to do.
Fixing it to wait for all functions to be compiled with TurboFan would
result in a deadlock, if we do not also trigger tier-up of all
functions.

Hence remove the method.

R=ahaas@chromium.org

Bug: v8:12899
Change-Id: I4ba76febd796f6a9ad1252e6d73a72e569fd648c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3657436
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80859}
2022-05-31 13:34:47 +00:00
jameslahm
16fa2f28b7 [web snapshot] Support properties in function
This CL adds the serialization and deserialization
for properties in function. And we only support fast
properties in property array now.

Bug: v8:11525
Change-Id: If0bb3fee400ca957009d046ed74b92d8192c2514
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3650675
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80858}
2022-05-31 13:14:17 +00:00
Leszek Swirski
cbdc545dcb Revert "Reland "[test] Move tracing cctest to unittests""
This reverts commit 3b251debfb.

Reason for revert: Chrome build is still unhappy

Original change's description:
> Reland "[test] Move tracing cctest to unittests"
>
> This is a reland of a7d6bf9662
>
> Added perfetto to unittests include_rules.
>
> Bug: v8:12781
> Change-Id: Iabf0e62abb1de879de21ba06fbd38f5432ee4f76
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652295
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80847}

Bug: v8:12781
Change-Id: I54d64a10e24bc913be9d2bd66c1908664665f484
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3679519
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#80857}
2022-05-31 12:48:18 +00:00
Andreas Haas
ed0afa96ed [cleanup] Put debug code behind #ifdef DEBUG
Bug: v8:12926
Change-Id: I16d4b7d3e2af638ceb4f635fb114762c2f352616
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3678209
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80856}
2022-05-31 12:44:47 +00:00
Leszek Swirski
3b25341953 [maglev] Add support for constant-from-prototype loads
Add support for LoadHandlers with the kConstantFromPrototype kind. With
some dependency checks, this becomes a map check and constant load.

Bug: v8:7700
Change-Id: I865eee7be4df9bd0ba56943814f601e3e950ed80
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3675101
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80855}
2022-05-31 12:38:37 +00:00
Manos Koukoutos
ac1c4c6d56 [wasm] Fix effect chain, enable its verification
This CL fixes all spots where wasm Turbofan code did not satisfy the
invariant that all nodes with effect outputs are connected to another
node. Also, it enables the related verification for wasm code.

Drive-by:
- Simplify how stack checks are removed during loop unrolling.
- Fix a test declaration in test-gc.cc.

Change-Id: Id32af8584ba0ec281f4bf7757bd2915e6d8bf443
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3676862
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80854}
2022-05-31 12:37:27 +00:00
Leszek Swirski
5d71a2c9dc [test] Add perfetto deps to unittests
Bug: v8:12781
Change-Id: Icf3233b48718e117cc39289c511f9fd4d99c874d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3679079
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80853}
2022-05-31 12:28:47 +00:00
Marja Hölttä
fa4a9a8a29 [web snap] Fix various error handling "fixes"
This makes the following use cases produce a visible error:
- deserializing invalid data w/ d8 [previously broken]
- error in the script embedded in the web snapshot
- d8 can't read web snapshot files

Bug: v8:11525,v8:12820
Change-Id: I40a993194f9992a40c877261ebf9882e018b669b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3672415
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80852}
2022-05-31 12:27:07 +00:00
Marja Hölttä
f24d327a02 [web snap] Fix Bazel build
Bug: v8:11525
NoTry: True
Change-Id: Idee38e400aec4aed1ebf9a25e0416002a05a7a2f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3679258
Reviewed-by: Darius Mercadier <dmercadier@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80851}
2022-05-31 12:22:17 +00:00