This is a follow-up fix for https://crrev.com/c/v8/v8/+/1491608
Bug: chromium:1051186
Change-Id: Ia76ad0e7665fe17013b45816350238c35e7199f6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2049899
Reviewed-by: Frank Tang <ftang@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Auto-Submit: Yury Semikhatsky <yurys@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67184}
- Adds kFPReturnRegister0 for all platforms.
- Reworks linkage.cc to assign return registers to the proper
register type, using the new FP return register.
Bug: v8:10070
Change-Id: I5c876d248de9b825a1c80847ab134881dcda6f04
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2107510
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67183}
These tests were skipped three years ago because of flakes. I cannot
reproduce the flakes any more, so reenabling the tests.
R=petermarshall@chromium.org
Bug: chromium:772010
Change-Id: I4dc2d890b20e642f8d9351676aecab965d2b4b63
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2151357
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67182}
When we create a new elements array we should initialize it with holes.
The capacity of the newly created elements array could be greater than
the actual length of the array and we expect the unused slots to be
filled with holes.
Bug: chromium:1070560
Change-Id: Ia365eed59859e36a9c8b9e27be34f93ab88942bb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2150599
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67180}
This CL relands the implementation of the __getLocal and __sbrk APIs of
the evaluator interface reverted in efea740. Update the original
commit to account for a changes to the import function name tracking and
defaulting to debugging with liftoff.
Change-Id: I9674aad419fb1dab0a9ecbb5d3fd4c33186b127a
Bug: chromium:1020120
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2151353
Commit-Queue: Philip Pfaffe <pfaffe@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67178}
Adds an pure (not inline) assembly version of
PushAllRegistersAndIterateStack for the Microsoft Arm Assembler, which
uses slightly different syntax.
Bug: v8:10407
Change-Id: I539e2021bd86e17a2d023c061c9753b4bd96ce2c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2150600
Commit-Queue: Richard Townsend <richard.townsend@arm.com>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67177}
The failure was probably the same as in https://crbug.com/v8/10410. Thus
reenable the test also in the stress_incremental_marking variant on
windows.
R=thibaudm@chromium.org
Bug: chromium:772010, v8:10410
Change-Id: Iad0b9b60408e08c5f2202462f6eeba3067525ae5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2151356
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67176}
This cleans up several parts of the tiering logic.
1) Instead of using the {ExecutionTier} to specify whether we do tier up
or down, we introduce a new {TieringState} enum and use that
consistently (also where a {bool} was used before).
2) When tiering up or tiering down, always recompile all functions. It's
very unlikely that we can reuse previous code anyway (tiering down is
cheap enough to just always do it, and when tiering up we need to
recompile everything anyway).
3) Remove the {WasmEngine::RecompileAllFunctions} method and inline the
implementation into callers.
4) Drive-by: Remove some obsolete comments and fix or extend others.
R=thibaudm@chromium.org
Bug: v8:10410
Change-Id: Ic765c6760dd97473ccfd469f22a2514695075587
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2151355
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67175}
On-heap TypedArrays have empty ArrayBuffers that are not supposed to be
accessed directly. Such ArrayBuffers materialize properly when accessed
via their TypedArrays.
The queryObjects() sidesteps the bottleneck and finds empty ArrayBuffers
by iterating the heap. When preview TypedArrays are constructed for the
found ArrayBuffers, they get nullptr data pointers.
This CL converts all on-heap TypedArrays into off-heap TypedArrays in
queryObjects to make sure that all found ArrayBuffers are valid.
Bug: chromium:992442
Change-Id: Ie77d1e75aa2007b4a976c72206b9a4e215c9ef53
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2150601
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67174}
The existing interface assumed that for atomic binop instructions, the
value register and the result register are the same. However, for x64,
this assumption is not always useful, and for platforms like arm, this
assumption is even negative.
The existing interface was originally introduced because ia32 lacks
registers, and we wanted to avoid platform-specific code in
liftoff-compiler.cc. However, by now the lack of registers on ia32
required us to use platform-specific code also in other places, so
we can also use it for atomic binops and thereby enable a better code
generation.
R=clemensb@chromium.org
Bug: v8:10108
Change-Id: If39cc5f49934422b632bb2a5793c7f5d5d2b65c0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2150585
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67173}
Change-Id: Ic5dbf4c3330c71cbae73aa07b2adb1c8ac087182
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2151348
Auto-Submit: Georg Neis <neis@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67172}
This reverts commit 5241205835.
Reason for revert: Use counters are not the right approach, we
need histograms instead.
Original change's description:
> [protectors] Add use counters to track invalidations
>
> ... to make real world protector invalidations measurable.
>
> Chromium CL: https://crrev.com/c/2149324
>
> Drive-by: Add missing newline in protector tracing.
> Drive-by: Consistent naming for the regexp species protector.
>
> Bug: v8:9496
> Change-Id: I3c7238aa8024e03ea9e89daf83345b8ec4f0d768
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2149428
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67149}
TBR=ulan@chromium.org,jgruber@chromium.org
Change-Id: Ia36b598844fbad2166772298c2e2ec8f6b4f92b1
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9496
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2151358
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67170}
Trying to write an empty byte array currently invokes undefined behavior
if the byte array is null. That's the case when trying to write an empty
vector for example. Copying zero bytes from nullptr is defined as UB for
memcpy.
Change-Id: I6f7e920c1e19e8b2e3779bbc1c0ad79fc8bd6e98
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2148789
Commit-Queue: Philip Pfaffe <pfaffe@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67168}
This adds support for custom weak callbacks through static callbacks and
instance methods.
Bug: chromium:1056170
Change-Id: Ie4bd32539e0d933b192f07edb2d45e0070c2128d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2148784
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67167}
They were installed as builtins for historical reasons (see
https://codereview.chromium.org/2222893002 ).
But they're pretty much unnecessary, as they were mostly dead code,
except MakeTypeError - but that work can be delegated to Runtime_NewTypeError.
Change-Id: I0c3b361accf9a96da5cd00cc62b7f018186dad17
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2150597
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67164}
To avoid shrinking the unregister token map on each pop of the cleared
cell list, the Torque implementation of the cleanup loop avoids
shrinking the map until the end of the loop.
To support that, PopClearedCellHoldings is refactored to the Torque
PopClearedCell which calls the
JSFinalization::RemoveCellFromUnregisterTokenMap and the runtime
ShrinkFinalizationRegistryUnregisterTokenMap. The former cannot GC is
and is implemented in CSA as a fast C call. The latter can GC and is a
runtime call.
This also incidentally makes uses of FinalizationRegistry without
unregister token a fast path that doesn't have to leave Torque.
Bug: v8:8179
Change-Id: Ia0c3c5800d26e31319a818f164f6bd3267355aa6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2137950
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67161}
This debug::WasmValue is a wrapper around internal::WasmValue. It is exposed
to the inspector, and contains helper methods to get the type and underlying
bytes of the Wasm value. This will later be used by the inspector, in
value-mirror, to expose the WasmValue to DevTools via CDP.
Bug: v8:10347
Change-Id: I1ee20c0be3a20dad2cfe3994a166e9a284af5d4f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2137864
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67160}
Sometimes we were triggering a wasm code GC at a time where all native
modules just died. Thus, no isolates took part in that GC, and it never
finished (because no isolate would ever call {ReportLiveCodeForGC}).
This never-ending GC would then block all other GCs for the rest of the
life of this wasm engine.
This CL fixes this by just finishing the GC immediately if no isolates
are outstanding.
R=ahaas@chromium.org
Change-Id: I4c25dd6ba4132cf9f72de39c30da5d5cba0526ad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2150588
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67154}
Soft-deopt for mono/polymorphic property accesses that don't have any
maps, and only allow zero-map feedback to be monomorphic. This makes
sure we only emit a megamorphic LoadIC builtin call if the IC was
actually megamorphic.
JSGenericLowering assumed that zero maps meant that a load site is
megamorphic. However, it can be the case that the call-site is
monomorphic or polymorphic, and the maps had died. In this case we don't
want to call the megamorphic IC builtin, as on a stub cache miss we
fallback to a normal LoadIC miss, which can record mono/polymorphic
feedback in the IC. After this, we'll enter a miss loop in the
megamorphic load builtin, and worse the LoadIC assumes that there's
something "wrong" with the feedback, so it'll keep trying to reconfigure
the handler (possibly allocating new load handlers if this is a
prototype field access).
As a drive-by, rewrite GetRelevantReceiverMaps to be an in-place
filtering of the maps rather than copying them.
Change-Id: I0c25bfa606367fa81c43223bbd56cdadb5e789ef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2150586
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67152}
In strict mode stores to non-existent properties throw. We should not
install a handler with the property cell for such stores. These handlers
would expect that the value exists when they see a property cell. If
this property cell gets invalidated later, it appears as if it is a
valid property cell with undefined value. This leads to an incorrect
behaviour. This cl checks if we are in strict mode and uses a slow
stub in such cases.
Bug: chromium:1067757
Change-Id: I543c6a6931530bfb13cc9a33d1dabaa756489fd1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2142255
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67151}
Add ConcurrentAllocator which can be used for concurrent allocation from a background thread in the old space. ConcurrentAllocator doesn't request a GC yet when an allocation fails. This will be implemented in later CLs.
Bug: v8:10315
Change-Id: I81260ebbd8863c143e93aedb93c66d0e7c28bddb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2144066
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67150}
... to make real world protector invalidations measurable.
Chromium CL: https://crrev.com/c/2149324
Drive-by: Add missing newline in protector tracing.
Drive-by: Consistent naming for the regexp species protector.
Bug: v8:9496
Change-Id: I3c7238aa8024e03ea9e89daf83345b8ec4f0d768
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2149428
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67149}
This commit removes the explicit namespace in FunctionCallbackArguments
constructor. They are not needed and this change seems to be consistent
with other CustomArguments classes like PropertyCallbackArguments.
Change-Id: If18371fbb2e6a7161ea4a1633f4219f3498cdc8c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2141740
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67148}
Bug: chromium:1070890
Change-Id: I62ad81b8d5bcb9934c7eda4eae595d41339adfdf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2149425
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67147}
The underlying issue was fixed in https://crrev.com/c/2144116 and
https://crrev.com/c/2142259. This reenabled the test generally. Note
that it's still skipped in special configurations. I will reevaluate
which of those can also be unskipped via separate CLs.
Drive-by: Fix the order of "expected" and "actual" values.
R=thibaudm@chromium.org
Bug: v8:10410
Change-Id: Idbdcc73d641661e96e12110dcf10b060e0cf47a1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2144070
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67145}
cc958279ff..99e00d6563
$ git log cc958279f..99e00d656 --date=short --no-merges --format='%ad %ae %s'
2020-04-15 tikuta client: update isolated client
2020-04-15 tikuta swarming/client: set client and version in User-Agent
2020-04-15 tikuta net: add set_user_agent
2020-04-14 yekuang [swarming] Add user-agent header to the client requests
2020-04-14 tikuta Revert "client: add filename and line in logging"
2020-04-10 yekuang run_isolated.py: Propagate the exceptions from upload_items() to the main thread
2020-04-09 qyearsley Run spellchecker on luci-py.
2020-04-09 tikuta client: add verify_push flag to archive_files_to_storage
2020-04-09 jwata [swarming-client] evict corrupted files in local cache
2020-04-09 yekuang Send SIGTERM to the isolated download process when it times out
2020-04-08 tikuta client: update isolated client
2020-04-08 tikuta client: include relevant logs only in update_isolated.sh
2020-04-01 tikuta client: update isolated client
2020-04-01 tikuta client: update isolated client
2020-04-01 tikuta client: add script to update isolated in run_isolated.py
2020-03-31 tikuta client: check hash of uploaded file
2020-03-30 tikuta client: add filename and line in logging
2020-03-30 yekuang client: update isolated client
2020-03-27 tikuta client: update isolated client
2020-03-27 leilei Update luci_context.py, otherwise it is failed to get LUCI context in Python3.
2020-03-23 leilei Reland "Update Swarming client code to make it work with Python3."
2020-03-23 tikuta Reland "client: remove --extra-variable flag from isolate.py"
2020-03-19 tikuta client: show exception when failed to run command
2020-03-19 mattkot Re-cache free disk space when _load fails
2020-03-18 tikuta Revert "client: remove --extra-variable flag from isolate.py"
2020-03-17 tikuta Revert "Update Swarming client code to make it work with Python3."
2020-03-17 leilei Update Swarming client code to make it work with Python3.
2020-03-12 tikuta swarming: show account id when failed to get oauth_token
Created with:
roll-dep v8/tools/swarming_client
Bug: chromium:1070487
Change-Id: Ib8bc82a02d799d2756268243ba6d53b3508762ce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2147591
Auto-Submit: Ye Kuang <yekuang@google.com>
Commit-Queue: Ye Kuang <yekuang@google.com>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67141}
--incremental-marking-soft-trigger is a percentage of (limit - size)
at which incremental marking starts via a task.
--incremental-marking-hard-trigger is a percentage of (limit - size)
at which incremental marking starts immediately.
E.g. --incremental-marking-soft-trigger=50 and
--incremental-marking-soft-trigger=100 will start a task half-way to
the limit and start incremental marking at the limit.
Change-Id: I14be992c8552dc47de401b376b815f693564cb74
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2144069
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67140}
Location information doesn't reveal interesting bugs, but leads to
tedious duplicates when the location information deviates.
Bug: chromium:1068003
Change-Id: I0b6d0ee28e1a3f370d19e5593484ee250fd6928f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2148781
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67139}
Port 4558c1dfc5https://crrev.com/c/2141654
Original Commit Message:
As a drive-by, the order of rounding_average_u is adjusted according to
src/wasm/wasm-opcodes.h.
Change-Id: Ia2d39753f618f10e0795f83daa7e5a63f49f554a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2147578
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/master@{#67136}
