Commit Graph

63085 Commits

Author SHA1 Message Date
Simon Que
32b685fa66 infra: Set gcc builders not to use Goma
NOTRY=true
NOTREECHECKS=true

Bug: chromium:1100009
Change-Id: I67deb383d41e6609d5c3215e02422c8b1c16f8f4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2272738
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68593}
2020-06-29 19:54:17 +00:00
Ng Zhi An
afd74709d9 [wasm-simd][arm] Prototype f64x2.trunc
Prototype f64x2.trunc on ARM for both ARM v7 and ARM v8. ARM v8 has
support for vrintz, and for ARM v7 we fallback to runtime.

Since ARM v8 uses vrintz, which is the same instruction used for F64
trunc (scalar), wasm-compiler reuses the Float64RoundTruncate check.

Bug: v8:10553
Change-Id: I074d5b4172809915d4b37c59bd3b0dcbf9a45e1d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2268357
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68592}
2020-06-29 18:55:17 +00:00
v8-ci-autoroll-builder
88fa13b564 Update V8 DEPS.
Rolling v8/build: 2dc7c7a..d83f4a5

Rolling v8/third_party/aemu-linux-x64: UoYLOT0X6577j70eB9nPqYQs9Z3Nh5lA4I-pRtTchO0C..FN-ckx_oV2JTqPuW3iMG50qdN5FgGqm-4XP9AkoLwPUC

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/95c1f42..8353ff9

Rolling v8/third_party/depot_tools: 35c6274..6e6c67d

Rolling v8/third_party/zlib: 02daed1..8603eee

Rolling v8/tools/clang: 42b285f..2479626

TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com

Change-Id: I3bd5df9f3c05eee0f135b0ee49708024edddc812
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2269870
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#68591}
2020-06-29 17:55:30 +00:00
Will Harris
0c58583ba8 Add support for __declspec(nocf).
__declspec(nocf) syntax was added in https://reviews.llvm.org/D72167
and annotates that checks should not be added on indirect calls
within that function.

BUG=chromium:584575

Change-Id: Ib2e2d2a827186a9c1fd3de15356b2b04d6a69e49
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2270707
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Will Harris <wfh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68590}
2020-06-29 17:22:50 +00:00
Ng Zhi An
de066cc69b [wasm-simd][arm] Prototype f64x2.floor
Prototype f64x2.floor on ARM for both ARM v7 and ARM v8. ARM v8 has
support for vrintm, and for ARM v7 we fallback to runtime.

Since ARM v8 uses vrintm, which is the same instruction used for
Float64RoundDown (scalar), wasm-compiler reuses the Float64RoundDown check.

Bug: v8:10553
Change-Id: I6f3d5c378a811ed94859535667aed1fa2d1ee552
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2265234
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68589}
2020-06-29 17:18:50 +00:00
Ng Zhi An
4af3f7bed4 [Py3] Get python scripts in tools closer to Py3
This modernizes python code without breaking Py2 compat.

Ran with command:

futurize --stage1 -w predictable_wrapper.py
futurize --stage1 -w run-num-fuzzer.py
futurize --stage1 -w run-tests.py
futurize --stage1 -w v8_presubmit.py

This only adds the absolute import, which use these semantics. It
doesn't do anything differently in our case, these scripts are already
doing absolute imports. But with these changes, running `futurize
--stage2` will be less messy.

Bug: v8:9871
Change-Id: I28182ab73dac6cfcbd544c2046026f14e5157eb3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2252555
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68588}
2020-06-29 16:55:16 +00:00
Michael Lippautz
441cb86805 cppgc: Move LivenessBrokerFactory to corresponding file
Bug: chromium:1056170
Change-Id: I24442979954f63dc8a2f8fd0494cc5d537b733a6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2273131
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68587}
2020-06-29 16:48:36 +00:00
Michael Achenbach
ca674858e5 [foozzie] Align running main comparisons and smoke tests
This shares the code of running the comparisons on the fuzz test
and on the smoke tests. While this change retains behavior for running
the fuzz test, the smoke test has slight changes in favor of code
readability:

1. Smoke tests can now bail out on output suppressions (There are
none now. And if we'd ever add any we'd need to write them in a way,
such that they ignore the output of the smoke tests, which don't
have much output anyways).
2. Crashes in smoke tests are now a hard failure. This is a desired
feature anyways. It's unlikely that the smoke test crashes as then
nothing would work.

No-Try: true
Bug: chromium:1100114
Change-Id: Ice3c6d18b549727c486a70756a72038c8b2029ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2273125
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68586}
2020-06-29 16:38:36 +00:00
Nico Hartmann
da67c2ae36 [turbofan] Skip optimizations for huge 'arguments'
An 'arguments' array cannot be allocated in young space when its size
exceeds kMaxRegularHeapObjectSize. In this case the optimizations in
JSCreateLowering::ReduceJSCreateArguments are skipped.

Bug: chromium:1098565
Change-Id: I30fdc78a1eb6e51fcd293785a46c9fd78995da9a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2273121
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68585}
2020-06-29 16:13:29 +00:00
gengjiawen
4ece106785 cppgc: fix wrong header name
Change-Id: I9ad6402561f06b4c2069c08f452e52a4d6b533eb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2270402
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68584}
2020-06-29 16:04:36 +00:00
Michael Achenbach
79dafc832d [foozzie] Refactoring - add an abstraction for an execution
This adds a class representing all values needed for an execution.
It simplifies the parameters passed to formatting functions and
lifts the restriction of a first/second config pair in the options.

This will allow to run more than two configs in a follow up.

No-Try: true
Bug: chromium:1100114
Change-Id: I568253b8ca3220870b8f5af615108140587680a8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2270550
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68583}
2020-06-29 15:21:02 +00:00
Clemens Backes
73d56f3c1a Re-enable skipped test but mark it slow
The test was taking more than a minute before CL
https://crrev.com/c/2259933. Afterwards, it takes a lot longer, but I
could never reproduce a hang locally.
Let's re-enable and mark SLOW to increase the chance that it runs to
completion. We can then see how much slower it really got.

Also add some output that helps triaging in case it really hangs.

R=ahaas@chromium.org

Bug: v8:9506
Change-Id: I09a935ca0018517d45c6c008a099b8052bc45c47
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2273117
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68582}
2020-06-29 15:00:35 +00:00
Jakob Kummerow
abe8edaf7f Reland: [wasm-gc] Implement rtt.sub
Relanding without changes, revert reason was fixed by:
https://chromium-review.googlesource.com/c/v8/v8/+/2272564

Originally reviewed at:
https://chromium-review.googlesource.com/c/v8/v8/+/2260566

Original description:
RTTs are internally represented as Maps. To store supertype information,
this patch introduces a WasmTypeInfo object, which is installed on Wasm
objects' Maps and points at both the off-heap type information and the
parent RTT.
In this patch, rtt.sub always creates a fresh RTT. The canonicalization
that the proposal requires will be implemented later.

Bug: v8:7748
Change-Id: I7fd4986efa3153ac68037ec418ea617f3f7636e8
Tbr: ulan@chromium.org
Tbr: tebbi@chromium.org
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2273123
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68581}
2020-06-29 14:55:45 +00:00
Nico Hartmann
99b96e1a27 Add mac_xcode_version to gclient_gn_args
Bug: chromium:1100266
Change-Id: Iaa847a50e9a79261fe9d9050db5046fa99352eaa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2273122
Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68580}
2020-06-29 14:46:45 +00:00
Michael Achenbach
4146efbfe6 [foozzie] Refactoring - simplify suppressions
This makes output and test-case suppressions independent of the used
comparison configs and architecture. Such fine-grained suppressions
were only needed during the inception of differential fuzzing, but
by now, most remaining suppressions are implemented in d8 behind
a flag.

This prepares for running with more than two comparison configs in a
follow up.

No-Try: true
Bug: chromium:1100114
Change-Id: I072769adb3ef7c6e6c43459aa23ac906f461b307
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2270095
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68579}
2020-06-29 12:59:20 +00:00
Nico Hartmann
b33e2b6e94 Set mac_xcode_version in DEPS
Bug: chromium:1100266
Change-Id: I20df6d0d5bdd07aa69c4eecf68c1d2152ddc1bec
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2272567
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68578}
2020-06-29 12:58:15 +00:00
Michael Achenbach
0b01726bb7 [foozzie] Remove outdated suppressions
It is obsolete to filter out error-message differences since the
time we pass --correctness-fuzzer-suppressions to d8, which already
stubs all messages:
https://cs.chromium.org/chromium/src/v8/src/execution/messages.cc?l=1031

No-Try: true
Bug: chromium:1100114
Change-Id: Iac42a8e2a32f9bae4034f79eaff429bf3ee41724
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2270024
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68577}
2020-06-29 12:46:25 +00:00
Michael Achenbach
c220a05ca9 [foozzie] Refactoring - several code clean-ups
This simplifies the lengthy main method by extracting some code and
by replacing the scattered returns with exceptions.

We introduce two exceptions for early bail-out. This enables helper
methods on multiple layers. The early bail-out on time-out is
moved to the point where it is detected.

Previously on timeout and crash we also printed out the step number.
Clusterfuzz doesn't parse this, it was only for statistical purposes,
and the latest version of the experimental workbench only parses
crashes and timeouts, not the step in which they happened. Hence,
this CL removes those step numbers.

Except the change described in the last paragraph, this CL doesn't
intend to change behavior.

No-Try: true
Bug: chromium:1100114
Change-Id: Ie8c18f183e4fc538577f3eb49aaf6df1acd1e4e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2270547
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68576}
2020-06-29 12:29:39 +00:00
Camillo Bruni
6b9c3926da [test] Disable promise error handling for benchmark
This slows down promise benchmarks since we process all unhandled promises.

Bug: vu:1099632
Change-Id: I2188a2842ec0a69ca93e5d406f10371ceff60f9b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2270235
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68575}
2020-06-29 11:41:16 +00:00
Jakob Kummerow
dff914aeb2 [wasm-gc] Protect subtyping cache with a mutex
The per-module caches for subtype relations and type equivalences are
accessed from several background compile jobs, so these accesses must
be guarded by a lock.
This issue was found by our TSan bots and caused the following revert:
https://chromium-review.googlesource.com/c/v8/v8/+/2270734

Bug: v8:7748
Change-Id: I0322972f8f72ca8aff3538bf3f78d4329e5f3a44
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2272564
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68574}
2020-06-29 11:40:13 +00:00
Simon Que
f7f1cc14a9 infra: Set ios_use_goma_rbe=true for v8 iOS builders
This sets up a relative path symlink to the XCode sysroot.

Bug: chromium:1100006
Change-Id: I04bd8ff5158f6e00a91391e6a49530cf1a46f6eb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2269452
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68573}
2020-06-29 11:16:43 +00:00
Manos Koukoutos
fe00ecb8ba [wasm-gc] Introduce HeapType class
Drive-by: Fix ref.is_null calling is_reference_type to typecheck its
argument (which would also allow rtts).

Bug: v8:7748
Change-Id: I2ad01d0f70ac15d37ac4cc344bd0280a7ca08073
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2264094
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68572}
2020-06-29 10:00:44 +00:00
Nico Weber
238088da68 mac/arm64: use sys_icache_invalidate().
Does step 5 of the linked bug.

Bug: chromium:1098923
Change-Id: I590cbaddb803f6343a61f7b49f7b8a4cb9773220
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2270704
Auto-Submit: Nico Weber <thakis@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68571}
2020-06-29 09:52:53 +00:00
Camillo Bruni
81d37159e6 [tools] Add streaming test runner
This adds a simple test runner that prints a line for every test with
the appropriate status prefix: PASS, FAIL, CRASH or TIMEOUT

Change-Id: Ic1ba78667c38cd4392af027bb6cb671b274680b7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2264098
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68570}
2020-06-29 09:42:23 +00:00
Zhao Jiazhong
a5f902affc [mips][liftoff][mv] Remove multi-value overhead
Port 2332ebd86a
https://crrev.com/c/2264099

Original Commit Message:

  - Add a separate function to load return slots, instead of encoding this
  in the offset,
  - Add fast path for single return.

Change-Id: I065c35b95dbc6546387ea54d298bb5765bc342cd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2269456
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/master@{#68569}
2020-06-29 09:20:33 +00:00
Nico Weber
cf71540c68 mac/arm64: Port SignalHandler::FillRegisterState().
Bug: chromium:1098899
Change-Id: I3ff79c00063f7da36b141a3a7b0d2daa71c9801a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2270705
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Auto-Submit: Nico Weber <thakis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68568}
2020-06-29 08:27:23 +00:00
Shu-yu Guo
304565661b Revert "[wasm-gc] Implement rtt.sub"
This reverts commit 04ce88eae5.

Reason for revert: TSAN failure: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20TSAN/32135

Original change's description:
> [wasm-gc] Implement rtt.sub
> 
> RTTs are internally represented as Maps. To store supertype information,
> this patch introduces a WasmTypeInfo object, which is installed on Wasm
> objects' Maps and points at both the off-heap type information and the
> parent RTT.
> In this patch, rtt.sub always creates a fresh RTT. The canonicalization
> that the proposal requires will be implemented later.
> 
> Bug: v8:7748
> Change-Id: I8286dd11f520966155cd95c2bd844ec34fccd131
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2260566
> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#68564}

TBR=ulan@chromium.org,jkummerow@chromium.org,tebbi@chromium.org

Change-Id: I311732e1ced4de7a58b87d4a9b6056e0d62aa986
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7748
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2270734
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68567}
2020-06-26 18:16:37 +00:00
Milad Farazmand
ce9c43c307 S390: [wasm-simd] Prototype i32x4.dot_i16x8_s
Test and Instruction Selection changes are not included and must
be added when opcode is added to SIMD proposal.

Bug: v8:10583
Change-Id: I140d3477d4f3281b24974090c25807eb86af757f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2261162
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#68566}
2020-06-26 16:54:02 +00:00
Milad Farazmand
b663563770 PPC: [wasm-simd] Implement simd unary operations
Change-Id: I1f323ecb531880feb49cb70797b8f39ad863a75d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2269841
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#68565}
2020-06-26 16:36:42 +00:00
Jakob Kummerow
04ce88eae5 [wasm-gc] Implement rtt.sub
RTTs are internally represented as Maps. To store supertype information,
this patch introduces a WasmTypeInfo object, which is installed on Wasm
objects' Maps and points at both the off-heap type information and the
parent RTT.
In this patch, rtt.sub always creates a fresh RTT. The canonicalization
that the proposal requires will be implemented later.

Bug: v8:7748
Change-Id: I8286dd11f520966155cd95c2bd844ec34fccd131
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2260566
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68564}
2020-06-26 16:31:02 +00:00
Milad Farazmand
5c58419a4f AIX: ignore luci-go on the OS because it's missing
Change-Id: I663da3357f6e88848048ec42832fe7017d563ac4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2264952
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#68563}
2020-06-26 16:15:22 +00:00
Michael Achenbach
484357722b [test] Skip flaky test
TBR=mslekova@chromium.org

No-Try: true
Bug: v8:10647
Change-Id: I177abffb3286703df110f1875c70ac1120d07595
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2270541
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68562}
2020-06-26 15:11:42 +00:00
Michael Achenbach
f3abba13f6 [test] Work around Android linker warning in message tests
Bug: chromium:1099623
Change-Id: Icbb6b0ebcc10628fafbef57cc6d1af7861e408f4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2270170
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68561}
2020-06-26 15:05:32 +00:00
Benedikt Meurer
7842920a22 [inspector] Set limit for Wasm wire byte transfer via CDP.
The `Debugger.getScriptSource()` and `Debugger.getWasmBytecode()`
methods in the CDP return Wasm wire bytes as protocol::Binary, which is
send as Base64-encoded JSON string in the communication to the DevTools
front-end, and hence leads to either crashing the renderer that is being
debugged or the renderer that's running the front-end if we allow
arbitrarily huge Wasm byte sequences here. This CL introduces a limit,
based on the maximum allowed string length, to avoid the crash and
instead signal a proper error to the DevTools front-end.

Bug: chromium:1099680
Change-Id: I356d617301d17a4012f7f845773cf14e6ad1e4a7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2270174
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68560}
2020-06-26 14:36:32 +00:00
Manos Koukoutos
55ddbaa054 [wasm][refactor] Rework immediate-argument abstractions
Motivation:
The immediate-argument classes defined in function-body-decoder.h were
often adding an offset to the provided pc. This was inconsistent,
bug-prone, and counterintuitive. This CL imposes that all immediates
are passed as pc the start of the immediate argument they are parsing.
Some other smaller inconsistencies are fixed as well.

Changes:

src/wasm/:
- Enforce that all Immediates are passed the pc at the start of the
  argument they are parsing. Adapt all call sites.
- Remove unneeded offset arguments from two SIMD related immediates.
- Add a pc argument to all Validate functions for immediates instead
  of using the Decoder's current pc.
- Remove the (unused) pc argument from all Complete functions for
  immediates.
- Introduce Validate() for BranchOnExceptionImmediate.
- In WasmDecoder::Decode(), make sure len is updated before breaking out
  of the loop in case of a Validate() failure.
- Change the default prefix_len of DecodeLoadMem/DecodeStoreMem to 1.

wasm-interpreter.cc:
- Change the default prefix_len of ExecuteLoad/Store to 1.
- Adapt offsets in calls to Immediates.
- Remove redundant opcode_length argument from ExecuteSimdOp, use len
  in its place.

function-body-decoder-unittest.cc
- Adapt offsets in calls to Immediates.
- Introduce and use EXPECT_OK, as is done in other tests.

Change-Id: I534606c0e238af309804d4a7c8cec75b1e49c6ad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2267381
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68559}
2020-06-26 13:29:42 +00:00
Andreas Haas
1f80b36c4b [wasm][ia32][liftoff] Implement remaining 32-bit atomic binops
R=clemensb@chromium.org

Bug: v8:10108
Change-Id: I44c03a7c39cca8f35e4221c659f918e109d85353
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2270166
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68558}
2020-06-26 13:22:52 +00:00
Clemens Backes
a06b4603e1 [wasm] Speed up ValueType::element_size_bytes
It turns out that Liftoff often needs to know the size of a value in
bytes. Currently we are loading the size_log_2 from an array and then
performing a shift by that amount. We can slightly speed this up by just
loading the correct value directly.

Drive-by: Use {int8_t} for the internal array, since all values will
easily fit in that range.

R=thibaudm@chromium.org

Bug: v8:10576
Change-Id: I1b832ba404ff9913e2272d332f312b371b6ce3d4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2267302
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68557}
2020-06-26 12:00:44 +00:00
Michael Achenbach
07e710208b [test] Work around Android linker warning in test output
Bug: chromium:1099623
Change-Id: I88ab0cec0ba505dcfc77d2f5eb271321633ca3be
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2270165
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68556}
2020-06-26 11:52:12 +00:00
Santiago Aboy Solanes
f954b72d27 [compiler] Perform further synchronization on acquiring prototype's Map
We would like that to make sure every time we read map's prototype's map
we read the same one.

CL created after the discussion on
https://chromium-review.googlesource.com/c/v8/v8/+/2210233.

Bug: v8:7790
Change-Id: I4b6ffe733cf0b011b1bd1a3620ae8f1f35fa5c87
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2264101
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68555}
2020-06-26 09:59:12 +00:00
Clemens Backes
70547c81a0 [liftoff] Speed up local.get implementation
Each single branch in the switch was push a new value on the operand
stack, but the code for that was not shared.
This CL refactors this such that we only allocate once, and then modify
the new slot as needed.
This makes the generated code a lot smaller (771 bytes instead of 1052
bytes on x64), and hopefully also faster.

R=thibaudm@chromium.org

Bug: v8:10576
Change-Id: I65cd5b7d91f881b4c236414d39f1dfd54e200b97
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2266533
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68554}
2020-06-26 09:01:12 +00:00
Ng Zhi An
6b24d5d7c2 [wasm-simd][arm] Prototype f64x2.ceil
Prototype f64x2.ceil on ARM for both ARM v7 and ARM v8. ARM v8 has
support for vrintp, and for ARM v7 we fallback to runtime.

Since ARM v8 uses vrintp, which is the same instruction used for
Float64RoundUp (scalar), wasm-compiler reuses the Float64RoundUp check.

Bug: v8:10553
Change-Id: I5841c6a06f260debe8ae90d331bdcc2a0fa3278c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2258813
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68553}
2020-06-25 18:38:31 +00:00
Andreas Haas
1e4282db0d Reland "[wasm] Re-exported globals preserve their identity"
This is a reland of f7a1932ef9

There was a wpt test in Chrome that expected the incorrect behavior.
I disable the test in https://crrev.com/c/2264418 so that we can land
the fix here.

Original change's description:
> [wasm] Re-exported globals preserve their identity
>
> V8 fails a recently added spec test that when an imported global get
> re-exported, it should preserve its identity. This CL fixes the behavior
> in V8.
>
> Drive-by change: fix the object printer of globals: a global which
> stores a reference type only has a tagged buffer, a global which stores
> a value type only has an untagged buffer.
>
> R=clemensb@chromium.org
>
> Bug: v8:10556
> Change-Id: I949d147fe4395610cfec6cf60082e1faecb23036
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2235702
> Commit-Queue: Andreas Haas <ahaas@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#68513}

Bug: v8:10556
Change-Id: I8e1b08fc9f72dde166cba167e6e320e714796769
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2264097
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68552}
2020-06-25 18:12:41 +00:00
Thibaud Michaud
9c378dada2 [regalloc] Reuse existing method to find intersection
The current code for AssignRegisterOnReload starts the search at
the first interval instead of relying on the cached {current_interval_},
which seems to be a main cause for slow compile time in the linked
issue's test case. Moreover, it does not take into account live range
holes of the current range. This change uses FirstIntersection instead
which already handles both issues.
Since inactive ranges are sorted by their next start, we can also break
early from the loop.

R=sigurds@chromium.org

Bug: v8:10533
Change-Id: I454df95376011462ce22e850a1c143d523b68538
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2263152
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68551}
2020-06-25 17:46:05 +00:00
Ng Zhi An
91bf68ae70 [wasm-simd][arm] Prototype i32x4.dot_i16x8_s
This implements I32x4DotI16x8S for arm.

Bug: v8:10583
Change-Id: I4541f4f5bc7daba03c6ab2040589893c8ef571bc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2230787
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68550}
2020-06-25 17:03:25 +00:00
Ng Zhi An
1ae2636293 Enable wasm_simd_post_mvp flag in fuzzer
Bitmask requires wasm_simd_post_mvp because it was merged into SIMD
proposal after 84 cut, which Origin Trial starts.

For now, bitmask is the only instruction that requires this flag to be
set, and no other post mvp instructions are included in the fuzzer.

We should revert this change (and also move bitmask out of the flag)
after this OT is over.

Bug: chromium:1098666
Change-Id: I7d45c805aaa18bfc1a5180e70b912d5f17d4a31d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2264628
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68549}
2020-06-25 16:42:16 +00:00
Clemens Backes
7451f97bd5 [wasm] Skip test that times out on gc-stress
Similar tests are already skipped on tsan, using the same bug to also
skip this test. Note that it's a slightly different test, but based on
the same "worker-ping-test.js".

TBR=ahaas@chromium.org

Bug: v8:9506
Change-Id: Ie8d0aab5b1fd3ae6c77a65fa04ac4772b2836a1c
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2267301
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68548}
2020-06-25 16:11:45 +00:00
Clemens Backes
490971092c [wasm] Experimentally allow modules >1GB
Add an experimental flag to allow modules up to a size slightly below
2GB, to make sure that we don't run into integer overflows.
Modules this large are not tested at all currently, hence the explicit
"experimental" in the flag name.

Drive-by: Fix one comparison to use ">" instead of ">=".

R=ahaas@chromium.org
CC=​bmeurer@chromium.org

Bug: v8:10642
Change-Id: I91cfc290c262b9b81750e3c8af5358c1cd2572b1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2266535
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68547}
2020-06-25 16:05:56 +00:00
Milad Farazmand
33376bdf1d PPC/s390: [liftoff][mv] Remove multi-value overhead
Port 2332ebd86a

Original Commit Message:

    - Add a separate function to load return slots, instead of encoding this
    in the offset,
    - Add fast path for single return.

R=thibaudm@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: Ia302772478b58fd25ee53a18e6ee03ac4b2ea9f5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2267477
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#68546}
2020-06-25 15:59:56 +00:00
Ulan Degenbaev
4bbf78f9b2 Add a flag for flushing icache for embedded builtins
It will be used in a Finch experiment to evaluate if icache flushing
helps with crashes on certain CPUs.

Bug: chromium:889460
Change-Id: I1218ce93db001833e29fdeca8fde3e863e26dfdd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2267297
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68545}
2020-06-25 15:53:55 +00:00
Clemens Backes
15e54593de [wasm] Remove type from LocalIndexImmediate
The immediate itself is just the index, and the local type can easily be
looked up in every environment where the immediate is used. Hence remove
that field.

R=thibaudm@chromium.org

Bug: v8:10576
Change-Id: If3176fa4880a75bdc475ec61dea60e08001220f5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2266532
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68544}
2020-06-25 15:42:56 +00:00