Commit Graph

72111 Commits

Author SHA1 Message Date
Omer Katz
770746bc43 cppgc: Add DCHECK to CppHeap::AdvanceTracing
Bug: chromium:1056170
Change-Id: I14fc220f3184b3472f60d54e3a2d6e554869b945
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3247191
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77569}
2021-10-27 10:35:01 +00:00
Maya Lekova
dff140dd25 [fastcall] Expose CTypeInfoBuilder publicly
This CL exposes the helper class publicly to facilitate sequences
implementation, as discussed in
https://chromium-review.googlesource.com/c/chromium/src/+/3111815.

Bug: chromium:1052746
Change-Id: I3f3c24412c022014fc15b563201a63ee0691f6bc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3236549
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77568}
2021-10-27 10:12:23 +00:00
Camillo Bruni
1ca9a77095 [tools][system-analyzer] Add FeedbackVector support
Log FeedbackVectors for optimised code and show them in the code-panel.

Drive-by-fixes:
- Fix off-by-one in SourcePositionIteration, making sure we always show
  the last element
- Ensure we process all SourcePositions in SourcePositionIteration
- Fix first load error in script-panel
- Allow expanding all text with SHIFT-click

Bug: v8:10644
Change-Id: Ic40a36ea82f0dfa2386c3196f27ca6978cf23643
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3245931
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77567}
2021-10-27 09:40:41 +00:00
Maya Lekova
54f90462ec Revert "[turbofan] extend type asserts to cover all JS types"
This reverts commit 45227ffdb4.

Reason for revert: Breaks on gc_stress mode, see https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20gc%20stress/35988/overview

Original change's description:
> [turbofan] extend type asserts to cover all JS types
>
> Extend type assertions to all types covering JavaScript values.
> This is achieved by allocating type representations on the heap using
> newly defined HeapObject subclasses. To allocate these in the compiler,
> we disable concurrent compilation for the --assert-types flag for now.
>
> Fix two type errors that came up with the existing tests:
> 1. JSCreateKeyValueArray has type Array (i.e., a JSArray) instead of
>    OtherObject.
> 2. OperationTyper::NumberToString(Type) can type the result as the
>    HeapConstant Factory::zero_string(). However, NumberToString does
>    not always produce this string. To avoid regressions, the CL keeps
>    the HeapConstant type and changes the runtime and builtin code to
>    always produce the canonical "0" string.
>
> A few tests were failing because they check for truncations to work
> and prevent deoptimization. However, AssertType nodes destroy all
> truncations (which is by design), so these tests are incompatible
> and now disabled for the assert_types variant.
>
> Drive-by fix: a few minor Torque issues that came up.
>
> Change-Id: If03b7851f7e6803a2f69edead4fa91231998f764
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3234717
> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
> Reviewed-by: Omer Katz <omerkatz@chromium.org>
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77565}

Change-Id: Ia779a11fc811846194c7a8d1e40b372b265e7ea4
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3247034
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Owners-Override: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77566}
2021-10-27 09:38:32 +00:00
Tobias Tebbi
45227ffdb4 [turbofan] extend type asserts to cover all JS types
Extend type assertions to all types covering JavaScript values.
This is achieved by allocating type representations on the heap using
newly defined HeapObject subclasses. To allocate these in the compiler,
we disable concurrent compilation for the --assert-types flag for now.

Fix two type errors that came up with the existing tests:
1. JSCreateKeyValueArray has type Array (i.e., a JSArray) instead of
   OtherObject.
2. OperationTyper::NumberToString(Type) can type the result as the
   HeapConstant Factory::zero_string(). However, NumberToString does
   not always produce this string. To avoid regressions, the CL keeps
   the HeapConstant type and changes the runtime and builtin code to
   always produce the canonical "0" string.

A few tests were failing because they check for truncations to work
and prevent deoptimization. However, AssertType nodes destroy all
truncations (which is by design), so these tests are incompatible
and now disabled for the assert_types variant.

Drive-by fix: a few minor Torque issues that came up.

Change-Id: If03b7851f7e6803a2f69edead4fa91231998f764
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3234717
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77565}
2021-10-27 08:37:31 +00:00
Camillo Bruni
78387ca75d [api] Deprecate v8::ScriptCompiler::CompileFunctionInContext
- Introduce v8::ScriptCompiler::CompileFunction
- Deprecate v8::ScriptCompiler::CompileFunctionInContext
- Add v8::Function::GetUnboundScript
- Add v8::Script::GetResourceName

The ScriptOrModule out-parameter is only used by NodeJS since we don't
allow arbitrary objects has host-defined options and they need a way to
keep the options alive.

This CL deprecates the out-parameter and adds helper methods to
address the most common use-cases.

The final fix still requires more fundamental changes on how host-defined
options are handled.

Bug: chromium:1244145
Change-Id: Id29de53521ad626c41391b8300146ee37a1b8a51
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3245117
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77564}
2021-10-27 07:19:51 +00:00
Camillo Bruni
91475f958a [api] Add v8::Object::GetCreationContextChecked
Using v8::Object::GetCreationContext().ToLocalChecked() causes needless
binary size regression on android due to the additional call after
migrating to the non-deprecated GetCreationContext API.

Bug: chromium:1166077, v8:11451, v8:11165
Change-Id: Ic5e2aada4d47392c5d61b419c19b5bcdbf869f0b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3244411
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77563}
2021-10-27 07:18:13 +00:00
Nico Weber
f2c7d3a8b4 Run clang update script under python3 in v8
Bug: chromium:1261812
Change-Id: I9ccf7a75c8d8b1ba92ae17f785bd9daefc184347
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3246591
Auto-Submit: Nico Weber <thakis@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77562}
2021-10-27 06:51:33 +00:00
v8-ci-autoroll-builder
ad4f9dcd7a Update google_benchmark
Rolling v8/third_party/google_benchmark/src: 365670e..fca3482

Allow template arguments to be specified directly on the BENCHMARK macro (#1262) (Vy Nguyen)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/fca3482

TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com,mlippautz@chromium.org

Change-Id: I0d0214ba85748e56f6ffa6a3b011a0360191e50b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3246790
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77561}
2021-10-27 05:51:01 +00:00
v8-ci-autoroll-builder
d7a1760914 Update V8 DEPS.
Rolling v8/build: 0afcdef..7edf446

Rolling v8/buildtools/linux64: git_revision:693f9fb87e4febdd4299db9f73d8d2c958e63148..git_revision:79c6c1b1a24c46df5a773cc61604bb5051ca6cf4

Rolling v8/buildtools/third_party/libc++abi/trunk: 9b8228b..26b1018

Rolling v8/buildtools/third_party/libunwind/trunk: 21acd3f..bbd954d

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/e9a87dc..3a3fedc

Rolling v8/third_party/depot_tools: 7bd4c88..480c91d

Rolling v8/tools/clang: e193c0a..819fa96

TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I99e49eba9b632b9376e22ed52bd945a8f0381eae
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3246571
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77560}
2021-10-27 03:49:01 +00:00
Ng Zhi An
881a486ef6 [x64] Verify disassembly of more AVX instructions
This covers all the AVX instructions.

Bug: v8:12207
Change-Id: Idee66a55e1da5a2e88797002d25c6affb2d0c564
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3238149
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77559}
2021-10-27 00:05:51 +00:00
Victor Gomes
6661dcc190 [test] Upstream Google3 mjsunit variants
Change-Id: Ie419fe63a0d63574a155b48a040beb0b633989e9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3245930
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77558}
2021-10-26 17:05:10 +00:00
Toon Verwaest
be55c16e50 [runtime] Check if we have a pending exception before returning it
Bug: chromium:1263462
Change-Id: I8b367201f1141921a0b34d6fbf1453d72a6fae37
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3244420
Reviewed-by: Samuel Groß <saelo@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77557}
2021-10-26 16:52:31 +00:00
Thibaud Michaud
a4252db322 [wasm][liftoff] Fix spill offsets in merge regions
Recompute the spill offsets for values in the merge region, instead of
reusing the offsets of the source. This ensures that spill slots stay
contiguous (modulo alignment).
This also solves a correctness issue where the spill offsets in the
merge region could move up, thereby overwriting the source of another
move.
With this change, the spill offsets always move down (to fill the gap)
or stay the same, such that processing them from bottom to top
can only overwrite sources of already-processed moves.

Since we do not reuse the current state's offsets, this might generate
extra stack moves and regress generated code performance a bit.

Drive-by: print spill offsets in the Liftoff trace

R=clemensb@chromium.org

Bug: v8:12270
Change-Id: I8d20df8fc1e80dd36b6f651de457686e9935a628
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3245115
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77556}
2021-10-26 16:07:00 +00:00
Igor Sheludko
3996bd0257 [ext-code-space] Fix external code space on Windows
... and introduce CodeRange::GetWritableReservedAreaSize() as a
bottleneck for calculating a size of the writable area used for unwind
information.

Bug: v8:11880
Change-Id: Ifa2a3f74ce994cffb6bb8bef12ab17b69dabd706
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3244409
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77555}
2021-10-26 15:38:32 +00:00
Clemens Backes
4ea3051629 [asm] Disallow duplicate parameter names
According to the spec, the three parameters (stdlib, foreign, and heap)
must be mutually distinct. We did not check this yet, which led to
observable differences between asm validation and standard JavaScript
semantics.

R=thibaudm@chromium.org

Bug: chromium:1068355
Change-Id: I451f63d10ea50474aeb6e8a547918b5af769343b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3244408
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77554}
2021-10-26 15:21:06 +00:00
Maya Lekova
bf327cb487 Revert "[future] Use mid-tier regalloc for huge functions"
This reverts commit 40b062cefd.

Reason for revert: Failing Fuzz tests on arm - https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20arm%20-%20sim%20-%20debug/27306/overview

Original change's description:
> [future] Use mid-tier regalloc for huge functions
>
> Stage the --turbo-use-mid-tier-regalloc-for-huge-functions behind
> --future.
>
> R=​thibaudm@chromium.org
>
> Bug: v8:12287, v8:12320
> Change-Id: I7145ca1b022bfdcb0b61d6666daf855f14cbc4ce
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3236547
> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77549}

Bug: v8:12287, v8:12320
Change-Id: Id86e9c0d44e6a273abdeb384f722ff308c56e70f
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3245342
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77553}
2021-10-26 13:55:11 +00:00
Jakob Gruber
a6a113c6d5 [csa] Fix an old spec violation in Array.length writes
We used to apply an invalid optimization which skips `length` writes
if the JSArray is 'fast' and the old value equals the new value. This
optimization is not valid if e.g. `length` is non-writable.

Fixed: chromium:1262478
Change-Id: I49ef50de293dae5c3a62c64b303ec34b9c0f6cbc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3236720
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77552}
2021-10-26 13:30:04 +00:00
Kim-Anh Tran
8678fc629d [heap-snapshot] Declaring progress counter as uint32_t (instead of int)
A test was overflowing on the progress counter when using int as type.
This CL is fixing the progress counter to use uint32_t, and re-enables
the test.

Why uint32_t instead of size_t?
In the referenced bug, the progress_counter_ (but not the
progress_total_) triggered an overflow; and since these two counters
should be relatively similar (the total count is an estimate, and can
be less than the actual progress count), we do not expect the
count to increase much more than we can already encode with int.


Bug: chromium:1246860
Change-Id: I9769884ef60d352b3787c2223e528ddf33b0b23e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3245116
Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77551}
2021-10-26 13:26:21 +00:00
Camillo Bruni
1e0567fb60 [api] Advance deprecation for deprecated apis <= v9.5
As per output of ./tools/release/list_deprecated.py

Bug: v8:11165
Change-Id: Ib5ae6fd1ec7209cc89d436d337b97a4c82391da3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3245118
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77550}
2021-10-26 13:04:31 +00:00
Clemens Backes
40b062cefd [future] Use mid-tier regalloc for huge functions
Stage the --turbo-use-mid-tier-regalloc-for-huge-functions behind
--future.

R=thibaudm@chromium.org

Bug: v8:12287, v8:12320
Change-Id: I7145ca1b022bfdcb0b61d6666daf855f14cbc4ce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3236547
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77549}
2021-10-26 12:22:30 +00:00
Camillo Bruni
88ee5f5c84 [tools] Fix list_depreceated.py
- More compact output
- Fix off-by-one for deprecation messages

Bug: v8:11165
Change-Id: I35e89e9496b4306ed0c692bde321d33c4bc1cd97
No-Try: True
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3245119
Auto-Submit: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77548}
2021-10-26 12:07:01 +00:00
Victor Gomes
2c791ece5f [cctest] Deflake CPU profiler tests
Reduce sampling interval to increase test accuracy.
Flakes happen specially when compiling with Sparkplug.

Bug: v8:12054
Change-Id: Ic58bc97d0ad9861259fc8df4b121425b375669e2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3245336
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77547}
2021-10-26 12:05:33 +00:00
Victor Gomes
ce1ad779fe [heap] Support code space in PagedSpace::ExpandBackground
Bug: v8:12054
Change-Id: I7edcb864e2fefe105c4da9120fbe3891822c4f85
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3240787
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77546}
2021-10-26 11:55:20 +00:00
v8-ci-autoroll-builder
b824e88470 [tools] Update gcmole
R=mslekova@chromium.org

Change-Id: I47b9a286cc0f1b9dd64bf564423b4fb4af4a19ce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3244954
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77545}
2021-10-26 11:43:52 +00:00
Clemens Backes
64cca52646 Remove neis@ from owners file
R=hpayer@chromium.org
CC=​neis@chromium.org

Change-Id: Ic9fef5f964b548bc3dc7bd0f7abfe8e1a6c777e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3231338
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77544}
2021-10-26 11:15:20 +00:00
Clemens Backes
26eeacb7ca [compiler] Compute dominator tree for tests
The dominator tree is usually computed as part of scheduling (in
{Scheduler::ComputeSchedule}). For tests it was missing, leading to
DCHECK errors in the mid-tier register allocator, which uses the
dominator tree.

R=mslekova@chromium.org

Bug: v8:12330
Change-Id: I02bc8dee3aecb6a1613fa1d07d3aae85cd28de17
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3245114
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77543}
2021-10-26 11:11:31 +00:00
Thibaud Michaud
2404758e8c [wasm] Add initial returnPromiseOnSuspend builtin
R=ahaas@chromium.org
CC=fgm@chromium.org

Bug: v8:12191
Change-Id: Ied9ab5fa5009e5ab268d1c9893729d8210ae62ce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3220344
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77542}
2021-10-26 11:07:00 +00:00
Maria Tîmbur
c8976f6434 [fuzzer] Add support for immutable arrays
Add support for immutable arrays.

Bug: v8:11954
Change-Id: Ia343247d5fbc960e0e5b1f9b7cb75e734a747d0e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3240827
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Maria Tîmbur <mtimbur@google.com>
Cr-Commit-Position: refs/heads/main@{#77541}
2021-10-26 10:25:30 +00:00
Camillo Bruni
2b96af3ba7 [runtime] Add ScopeInfo::HasContextAllocatedFunctionName helper
- Check that we only store internalized strings for context-allocated
  function names
- Fix call to FunctionContextSlotIndex from V8HeapExplorer that could
  end up passing in a non-internalized string

Bug: chromium:1255105
Change-Id: Ie8bd5577bd0086241d47991fbe285f5d64ae3d4a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3245113
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77540}
2021-10-26 09:23:53 +00:00
Leszek Swirski
9af08ccb86 [gcmole] Make packaging more deterministic
Tar and Gzip would include timestamps for files in the gcmole package,
which meant that they weren't deterministic across multiple builds. Now
we strip out the timestamps (as well as owner/group information) to make
the packaging more deterministic.

Change-Id: Iec3195ede4150c1603927fec748455329a8da677
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3245112
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77539}
2021-10-26 09:12:35 +00:00
Samuel Groß
cfee5e889a Don't use page allocator hints in MemoryAllocator::AllocateBasicChunk
When pointer compression is enabled, the heap layout inside the pointer
compression region is expected to be predictable (see mkgrokdump) and so
random page allocator hints should not be used when allocating the
pages. This used to work before crrev.com/c/3220151 as the
BoundedPageAllocator would simply ignore any hints.

Bug: v8:12334
Change-Id: I6e10f1a60728fb88a7a99a2a435090b063a03f6a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3236546
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77538}
2021-10-26 08:43:50 +00:00
Leszek Swirski
38d59f9f5e [snapshot] Avoid second checksum after off-thread deserialize
Add a SerializedCodeData constructor which skips all sanity checks aside
from the source hash check, to be used after off-thread deserialization
(which does these other checks already). In particular, this skips doing
the checksum again, which would otherwise require a second walk over the
serialized data.

This requires saving the off-thread sanity check result (in the case of
a failure), since it is no longer recomputed.

Change-Id: I664c309c9cb8dca94a74b4293c84ceb353f37ed4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3240402
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77537}
2021-10-26 08:39:33 +00:00
Jakob Gruber
c1e32791a3 [regexp] Allow empty ranges in GetQuickCheckDetails
A follow-up to crrev.com/c/3240782.

Drive-by: extend JSRegExp printing.

Fixed: chromium:1263327
Bug: v8:11069
Change-Id: Iff64ded27ca93641f0f572df2ce0a9f846948f7f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3245110
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77536}
2021-10-26 08:14:40 +00:00
Omer Katz
e53e9c108f heap: Add default values to UMA metrics struct
Some fields didn't have default values, which made it impossible to
check whether or not all fields are initialized.

Bug: chromium:1056170
Change-Id: I8c6f89e64661420460bfc351473a47a623ef6399
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3243462
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77535}
2021-10-26 07:53:52 +00:00
Michael Lippautz
59fe961804 cppgc: Move interesting checks behind DEBUG
v8_enable_v8_checks has very little coverage outside of V8 itself.
Move pointer verification checks behind DEBUG so that they fire in
regular debug or dcheck_always_on builds.

Change-Id: Ib2803240dd996f4223e403d20e927aff2955afbc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3242006
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77534}
2021-10-26 07:37:11 +00:00
Camillo Bruni
447c3f3c2a [tests] Increase stack-size limit to make tests pass in debug mode
This fixes webkit/run-json-stringify broken by
https://crrev.com/c/3222765

Failure: https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket/8832393633085738145/+/u/Bisect_23af060d/Retry_-_default/run-json-stringify


Bug: chromium:1244145
Change-Id: I1235f6db8ab10356476cd1028b20300f86510119
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3242005
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Auto-Submit: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77533}
2021-10-26 07:05:19 +00:00
v8-ci-autoroll-builder
67a740e007 Update google_benchmark
Rolling v8/third_party/google_benchmark/src: 80d70dd..365670e

Added Doxygen support. (#1228) (Vitaly Zaitsev)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/365670e

TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com,mlippautz@chromium.org

Change-Id: I124d163fd57ea7702462ff8e8998e5aff56092d6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3244951
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77532}
2021-10-26 05:19:41 +00:00
v8-ci-autoroll-builder
f5ed42b389 Update V8 DEPS.
Rolling v8/build: acad0f2..0afcdef

Rolling v8/buildtools: f5750f5..850fe71

Rolling v8/third_party/aemu-linux-x64: 8buMrGFlldiiEGiS-u8rclQGhORwxrcN14vZGo5U8sgC..anmoXU7qoa185RNsOxsBoD0U-T6rHNnNeGfdCNx1LB0C

Rolling v8/third_party/depot_tools: 7a6ff98..7bd4c88

TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I15b45d42227221ebbd7c99efdf612ecc789ecfc8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3244930
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77531}
2021-10-26 03:50:09 +00:00
Omer Katz
571f2e4672 heap: Enable lazy commits for Fuchsia
Bug: v8:12050
Change-Id: I599338eba458e177327870699b6ea8a423e144c2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3211577
Commit-Queue: Wez <wez@chromium.org>
Auto-Submit: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Wez <wez@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77530}
2021-10-25 16:31:19 +00:00
Michael Lippautz
9568732a0f cppgc: Check for wrong sentinel values
Check for the most commonly used wrong sentinel value (-1). Users
should use cppgc::kSentinelPointer instead.

Bug: chromium:1263009
Change-Id: I200954bcd70c6a100ffec24aece3e1843e1438a0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3242002
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77529}
2021-10-25 16:27:59 +00:00
Vasili Skurydzin
dcbcb52c9c aix: Skip test in debug mode to avoid increasing stack-size
Bug: v8:12297
Change-Id: Ifbf6ac61e6b61e419b361d1fc14009d6d745193c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3231484
Reviewed-by: Milad Fa <mfarazma@redhat.com>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Commit-Queue: Vasili Skurydzin <vasili.skurydzin@ibm.com>
Cr-Commit-Position: refs/heads/main@{#77528}
2021-10-25 14:14:19 +00:00
Omer Katz
5fe0aa3bc7 cppgc: Make ObjectSizeTrait::GetSize atomic
ObjectSizeTrait::GetSize is used by Trace methods in Blink and may be
called while concurrent marking is active. The current version is
non-atmoic and therefore can race with marking on other threads.

Bug: chromium:1261860
Change-Id: Ia0b41ec496ac64ae3dd5a040b25f6972b21561c5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3240832
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77527}
2021-10-25 13:40:21 +00:00
Milad Fa
cf98260e46 S390: Fix compilation error on builtins
variable 'pushed_stack_space' set but not used.

Change-Id: I427f76448b9933f9c8f1169709e28eef4512241f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3241543
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#77526}
2021-10-25 13:32:29 +00:00
Thibaud Michaud
39cc69dc14 [wasm] Factorize wasm-js constructor setup
R=ahaas@chromium.org

Change-Id: I860cd7aebdf46f323c7f6ad0cd563246a061c4d1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3226338
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77525}
2021-10-25 13:18:43 +00:00
Camillo Bruni
23af060d6c [runtime] Introduce explicit Execute::CallScript
For the upcoming host_defined_options fixes we will have to explicitly
pass the host-defined options to Invoke so we will be able to install
it in the script context in the future.

Bug: chromium:1244145
Change-Id: I690cc774d6a17278db4381aba8c3408e979606c1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3222765
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77524}
2021-10-25 13:17:39 +00:00
Michael Lippautz
06021c1437 cppgc: Delegate Persistent node allocation failure to OOM handler
Persistent node slots are dynamically allocated and their allocation
may fail. Delegate to the proper OOM handler in this case.

Bug: chromium:1243257
Change-Id: I985f5b0c940f7ac4996f3f3243123a07119005b9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3240786
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77523}
2021-10-25 13:14:19 +00:00
v8-ci-autoroll-builder
293f2826e9 [tools] Update gcmole
R=clemensb@chromium.org

Change-Id: Ia804d29a61e9d716b5ee5acebce7cb9c273697d7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3241363
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77522}
2021-10-25 12:52:21 +00:00
Maya Lekova
e1f5e68ebb [fastcall] Fix MachineType for FP TypedArray arguments
This CL fixes an issue in EffectControlLinearizer, where the primitive
type of the argument of a fast C call was used to compute its
MachineType even when the argument was actually a TypedArray, which
should always be treated as a Tagged type. This resulted in Float32/64
typed arrays being passed in FP registers, leading to a crash in the
register allocator.

Drive-by fix: Fixed output from --trace-turbo-alloc so that all of its
sub-parts are printed with PrintF, avoiding interleaved log lines.

Bug: chromium:1260954
Change-Id: I249c8629daae3af437fb52f53f45211f3a214222
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3231341
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77521}
2021-10-25 12:32:31 +00:00
Victor Gomes
d909af0895 [baseline] Allow concurrent code allocation to fail
Drive-by: Use only LocalIsolate in AllocateConcurrentSP

Bug: v8:12054
Change-Id: Ibdd8b562548f249fc2be4dca723ce4fedc7c09ad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3240783
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77520}
2021-10-25 11:18:31 +00:00