Commit Graph

72412 Commits

Author SHA1 Message Date
Dominik Inführ
f8117f3589 [heap] Make heap iterable in CollectCodeStatistics()
With LocalHeaps multiple threads may now access the heap. We now need
to bring background threads to a safepoint and make all LABs iterable
in order to be able to safely iterate the heap.

Bug: v8:12338
Change-Id: Ia39f3bf7ac13ba405c86ee2f0048c600ce36c2d8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3256690
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77670}
2021-11-03 07:37:31 +00:00
Zhao Jiazhong
4eca28b35e [loong64][mips] Increase the number of args supported by the simulator to 20
Port commit 4de20cb1de

Change-Id: I753c9e02b517d73caf12e12104196f1a5b82847c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3258452
Auto-Submit: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Reviewed-by: Liu yu <liuyu@loongson.cn>
Commit-Queue: Liu yu <liuyu@loongson.cn>
Cr-Commit-Position: refs/heads/main@{#77669}
2021-11-03 04:03:18 +00:00
v8-ci-autoroll-builder
4c998e0098 Update V8 DEPS.
Rolling v8/build: 1eb779c..cf32591

Rolling v8/third_party/android_ndk: https://chromium.googlesource.com/android_ndk/+log/9644104..401019b

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/2c76b34..75c4ea8

Rolling v8/third_party/depot_tools: aebf624..57c928c

TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: Ib09b9883a06199b1e00e4fb6fa3a03f23a2f55a0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3257209
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77668}
2021-11-03 03:48:26 +00:00
Lu Yahan
3673171a73 [riscv64]Increase the number of args supported by the simulator to 20
Port 4de20cb1de

Change-Id: I8801bbcf9647c1abcb9cc5fb41720009e002d153
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3257964
Commit-Queue: Yahan Lu <yahan@iscas.ac.cn>
Commit-Queue: ji qiu <qiuji@iscas.ac.cn>
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Reviewed-by: ji qiu <qiuji@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#77667}
2021-11-03 02:50:29 +00:00
Milad Fa
059cd3cddd PPC: Fix offset calculation when returning from C Function
This CL makes sure the offset is calculated correctly to be
the return address from a C Function. Checking the size
of generated code is also fixed to take into account the extra
instruction we have from LoadPC.

Change-Id: I585c11efbe4342bc5a0d3068683b54cb563a3bc5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3257206
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#77666}
2021-11-02 23:05:18 +00:00
Michael Lippautz
36cff05fea TracedReference: Fix MSVC compile errors
- Fix definition and declaration of noexcept methods not matching
- Disable test using deprecated APIs. Only having clang coverage is
  okay here.

Change-Id: I412d0b0087b2858fb72b0365b94b82ebc13462de
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3256693
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77665}
2021-11-02 22:11:29 +00:00
Joyee Cheung
7083b10bb1 [class] use KeyedDefineOwnIC in private brand initialization
This improves the performance of initializing instances with
private methods by 5-6x and makes it on par with initializing
instances with only public methods.

Drive-by: remove the obsolete AddPrivateField runtime function
along with the AddPrivateBrand function.

Bug: v8:10793, v8:12355
Change-Id: Ic0896adb2102db7790f955fecbdd22f61ab2e7ad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3256999
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77664}
2021-11-02 17:38:38 +00:00
Ng Zhi An
91765804e3 [cleanup][disasm][x64] Fix some -Wshadow warnings
Bug: v8:12244,v8:12245
Change-Id: Iee80a34255a9c8ee5000719340a475331ab82942
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3254004
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77663}
2021-11-02 17:19:18 +00:00
Ng Zhi An
5ed3770b9f [cleanup] Fix some -Wshadow warnings
Bug: v8:12244,v8:12245
Change-Id: I5890c4a95da6ea8098a0f7d8a90f503a89704d45
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3254003
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77662}
2021-11-02 17:11:48 +00:00
Scott Violet
1250f6ad36 Adds counter for snapshot decompression time
I'm in the process of evaluating impact of v8 snapshot and
would like to understand the amount of time spend decompressing.

BUG=chromium:1257321
TEST=none

Change-Id: I122a2151e48f61db3352da56763e3e66f7415efe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3256006
Commit-Queue: Scott Violet <sky@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77661}
2021-11-02 16:54:18 +00:00
Leszek Swirski
5151cee972 Revert "Skip code flushing tests failing on NumFuzz bots"
This reverts commit 12e0978d2d.

Reason for revert: Issues should be fixed by https://crrev.com/c/3123420

Original change's description:
> Skip code flushing tests failing on NumFuzz bots
>
> Bug: v8:12088
> Change-Id: Ibc4db95125d44eca110829f1c043e769de5bd349
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3123416
> Commit-Queue: Mythri Alle <mythria@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Auto-Submit: Mythri Alle <mythria@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#76527}

Bug: v8:12088
Change-Id: I5fcf0f149028d34ade3aa5aabc2e8de73631cac2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3256551
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77660}
2021-11-02 15:58:28 +00:00
Maria Tîmbur
78d4377ad2 [fuzzer] Add support for non-nullable reference types
Add support for non-nullable reference types.
Refactor the GetValueType function. Emit a meaningful
initializer for every ref type in globals instead of an
empty one. Avoid the non-nullable recursive type by only
allowing indices that are strictly less than the current index.

Bug: v8:11954
Change-Id: Id1a405525080de7eb9dbbd4f2b8aea5f05684665
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3251171
Commit-Queue: Maria Tîmbur <mtimbur@google.com>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77659}
2021-11-02 15:29:57 +00:00
Tobias Tebbi
2cc9fa0af4 [torque] improve enum generation for bitsets
Explicitly specify the enum base type for Flags enums generated
from Torque bitfield structs. Before, this was implicitly a signed
integer type. This caused a recent gcc compile issue with signed
and unsigned comparisons triggered by
https://chromium-review.googlesource.com/c/v8/v8/+/3251177

Bug: v8:7793
Change-Id: Iceb3c8632cfc95766b5e6ce7fae47cf5d002b9f7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253358
Auto-Submit: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77658}
2021-11-02 15:06:48 +00:00
Thibaud Michaud
cef8c1f32d [wasm][fuzzer] Avoid huge arrays in the fuzzer
Apply a "modulo" (i32.rem_s) operator to the array size before
allocating the array. The unbounded array allocations frequently lead to
out-of-memory crashes in the fuzzer.

R=manoskouk@chromium.org

Bug: chromium:1238063, chromium:1258319
Change-Id: Ie344f783323294c711d75b6e004ff2dca4da5923
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3256548
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77657}
2021-11-02 14:59:49 +00:00
Tim van der Lippe
2edcfbd792 Fix update-compile-commands.py
The upgrade to Clang pulled in a change that renamed `ProcessCompileDatabaseIfNeeded`
(https://chromium-review.googlesource.com/c/chromium/src/+/3237169).
In a similar fashion to
https://chromium-review.googlesource.com/c/chromium/src/+/3253247 we
should use an empty array as well.

R=jkummerow@chromium.org

Bug: none
Change-Id: I056af8fc7969b7c5a31631a65c18743c48ff84be
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3256550
Commit-Queue: Tim van der Lippe <tvanderlippe@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Auto-Submit: Tim van der Lippe <tvanderlippe@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77656}
2021-11-02 14:29:14 +00:00
Michael Lippautz
6fbb9eb495 api: Mark TracedReference move ops as noexcept
Bug: v8:12165
Change-Id: If1e30400363229048a47ea91d6ec86d2df35d8aa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3257545
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77655}
2021-11-02 14:16:02 +00:00
Victor Gomes
aee050bd40 [heap] Fix data race in large code space
Data race access to chunk_map_. The main thread can read the map
while the background thread (concurrent SP compiler) adds a new page
to the map.

Bug: v8:12054
Change-Id: Ie7c596f3d3aeb4dca9cc6f41ed16f39dcafc7871
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3256547
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77654}
2021-11-02 14:07:52 +00:00
acho01
a6998cb124 Add arm64 support for running samples
Currently it is not possible to run samples on arm architecture
I faced the issue on Macbook Pro M1
Running sample codes is crucial for getting started with the project

R=tandrii@chromium.org

Bug: None
Change-Id: Ie3ed52e68d1f7193217110d43545971c714202c9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3251026
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77653}
2021-11-02 13:53:52 +00:00
Jakob Kummerow
2c68ffdf30 Fix the Context used for Promise-Reject exceptions
When a Promise-Reject handler throws an unhandled exception, we should
use that promise's context for reporting the exception to the runtime.
This avoids a null-pointer deref.

Fixed: chromium:1263994
Change-Id: I3792a1884af4a83991249d612caf15588ea77dad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250912
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77652}
2021-11-02 13:38:40 +00:00
Maya Lekova
4de20cb1de [arm] Increase the number of args supported by the simulator to 20
This CL adds a minor change to the arm/arm64 simulators to support up to
20 arguments in a C function call. This change is necessary for an
upcoming CL which adds float support to the simulator and tests with
more than 20 arguments, see
https://chromium-review.googlesource.com/c/v8/v8/+/3060486

Bug: chromium:1052746
Change-Id: I60ae603c96554525d28f1cd248d7766f86c9cc3e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3256785
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77651}
2021-11-02 13:26:42 +00:00
Marja Hölttä
2179ac84ab [rab/gsab] Add RAB / GSAB support for TA.p.includes
Bug: v8:11111
Change-Id: Icefaa3f1090f9b41dc7837e3a95bbfd633703757
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3251179
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77650}
2021-11-02 13:19:51 +00:00
Yang Guo
5395045f5a Allow name collision when materializing scope object
When materializing a scope object, we previously assumed that we will
not have any name collisions. This is not correct e.g. when eval
introduces an aliased local variable.

This CL resolves this wrong assumption. The test case should not crash.
It however fails as there is a bug in how debug-evaluate should resolve
variables defined in eval.

R=verwaest@chromium.org

Fixed: chromium:1240962
Bug: chromium:1264852
Change-Id: I0e41e7905589735e25eff221376d09997ea99117
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250911
Auto-Submit: Yang Guo <yangguo@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77649}
2021-11-02 13:06:43 +00:00
Michael Achenbach
04574f8aeb Revert "Whitespace change to test alerts"
This reverts commit ca753bcaa3.

Reason for revert: Need another whitespace change.

Original change's description:
> Whitespace change to test alerts
>
> No-Try: true
> Change-Id: I0f6211c6fc3990051ea6c50c815cc1fcc9f4643e
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3256787
> Auto-Submit: Michael Achenbach <machenbach@chromium.org>
> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
> Cr-Commit-Position: refs/heads/main@{#77643}

Change-Id: I81399910d7fa4d61e9459f85001e1563acba2a4c
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3256546
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77648}
2021-11-02 12:51:13 +00:00
Milad Fa
fb9ee98a22 Fix compilation error with gcc
After https://crrev.com/c/3247035 compilation with gcc may fail
with the following error:
```
error: comparison between 'enum v8::internal::
compiler::BitsetType::<unnamed>' and 'enum v8::internal::
TurbofanTypeBits::Flag'
```

Change-Id: I5edf28e335483be66ae46e4359e0a4dc83341adf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3255303
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#77647}
2021-11-02 12:37:41 +00:00
Jakob Gruber
30cab7b132 [regexp] Release regexp zone memory during JS parsing
Since early regexp errors were implemented in
crrev.com/a56874d3eb5cff9f8f04f899ac45d0d2ef88ab4d, the JS parser
calls into the regexp parser to validate the regexp literal syntax.

For these calls, the JS parser passes its Zone to the regexp parser.
This means that scripts with multiple regexp literals are all parsed
using the same Zone memory. Very large scripts with many (think
hundreds of thousands) regexp literals may thus run out of memory
whereas previously they would parse and run successfully.

This CL fixes the OOMs by resetting the state of the JS parser Zone
around regexp parser calls. We introduce a new ZoneScope class,
similar to HandleScope, which controls the lifetime of zone objects
allocated within its scope. In other words:

 {
   ZoneScope zone_scope(zone);  // Store zone state S.
   // ... Allocate objects O in zone.
   // zone is now in state S'.
 }
 // zone_scope goes out of scope, reset zone to state S. Objects O
 // are freed and no longer usable.

Fixed: chromium:1264014
Bug: v8:896
Change-Id: I3e7ac36f25a9d6c4eda2460bd1bea9814685e89b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3256783
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77646}
2021-11-02 11:56:11 +00:00
Joyee Cheung
7cdf4c69b0 Fix flakes in store-data-property-in-literal-private.js
In stress runs a GC may kick in before assertOptimized() is called
on the optimized function, causing it to deoptimize and the test
would fail even if the function is optimized as expected.
Adding --no-stress-flush-code --no-flush-bytecode fixes the timing
issue.

Bug: v8:12332
Change-Id: If43c2a06e84c0e3b5e21f7bde160340a0fc742f4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3237326
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Cr-Commit-Position: refs/heads/main@{#77645}
2021-11-02 11:44:01 +00:00
Victor Gomes
247c0ab720 [bazel] Remove d8 alias
Fixes `buildifier` warning, since the alias has the same name
as the icu/noicu/d8 targets.
The alias was used in the CI bot, but this is no longer the case.

No-Try: true
Change-Id: Ie8e9b6b2d8510c78982ed4c6845b51a4d4378106
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253356
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77644}
2021-11-02 11:24:41 +00:00
Michael Achenbach
ca753bcaa3 Whitespace change to test alerts
No-Try: true
Change-Id: I0f6211c6fc3990051ea6c50c815cc1fcc9f4643e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3256787
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77643}
2021-11-02 11:21:51 +00:00
Michael Lippautz
d4bd7f96c8 cppgc-js: Deprecate explicit write barrier API
Write barriers are automatically emitted by v8::TracedReference.

Bug: v8:12165
Change-Id: I6ee9b95e9d25fe9606ce1b11b21b3905d47ee8cb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253343
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77642}
2021-11-02 10:34:22 +00:00
Shu-yu Guo
39cf100d5f [test] Don't flush code for another flaky optimization test
Bug: v8:12350
Change-Id: Ic4c8f11df4f0916d3fcb4b9d60b6e06bab4f3df8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3252820
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77641}
2021-11-02 09:35:21 +00:00
Joyee Cheung
d28bfcd570 [class] refactor ClassFields benchmarks and copy them into JSTests3
This patch refactors the ClassFields benchmarks and makes the results
detection work properly. Previously the errors weren't caught since
the ClassFields benchmarks don't get run in the perf_integration
step in the CI.

- Instead of putting different configs (single/multiple fields, type
  of fields, etc.)in the JSON configuration, we now group the related
  benchmarks into the same script and run the different configurations
  in the scripts directly. Only the optimization status is now
  controlled in JSON. All the class fields definition benchmarks are
  merged into initialize-class.js.
- Update the number of local iterations of evaluate-class.js to 100
  (similar to most of other benchmarks) to keep the time spent on
  this benchmark similar to that of other benchmarks.

In addition, copy the configs to JSTests3 so that the benchmarks gets
run by the perf_integration step and we can see the graphs on
http://chromeperf.appspot.com/report. These can be removed
when the ClassFields benchmark results are generated there too.

Bug: v8:10793, v8:9888
Change-Id: I4e677bdc7b582650f39cf6e9ec02775c57fd04ab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3226550
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77640}
2021-11-02 08:44:43 +00:00
Manos Koukoutos
48b2b89176 [wasm] Simplify 'ref' field for API-defined functions
Design doc:  https://bit.ly/3jEVgzz

Summary:
We change the context for WasmJSFunction and WasmCapiFunction from a
tuple containing the instance to a triple WasmAPIFunctionRef =
{isolate root, context, callable}. This way we do not have to maintain
the correct instance at runtime. Also, a few places in the code get
simplified.

Changes:
- In WasmGraphBuilder, support having a WasmAPIFunctionRef at parameter
  0.
- Remove unpacking of (instance, callable) tuple from code generators.
- Remove the part in WasmGraphBuilder and LiftoffCompiler that used to
  set the instance field of the function reference.
- Modify code that handles the 'ref' field in wasm-objects.*, factory.*
  and c-api.cc.
- Fix the recorded safepoint address for arm when calling a C function
  from wasm.
- (Drive-by) Remove WasmAllocatePair.

Bug: v8:11510
Change-Id: I2a4ef3abaf9da36c4a2d85b434965a40a289b9ec
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3236719
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77639}
2021-11-02 07:55:43 +00:00
Andreas Haas
a3cbf9af1e [wasm] Disable dynamic tiering for debug code
R=jkummerow@chromium.org

Bug: v8:12281
Change-Id: If0ef4861d6466da211a799916e62234d458c2614
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253357
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77638}
2021-11-02 07:13:23 +00:00
v8-ci-autoroll-builder
5a86979234 Update V8 DEPS.
Rolling v8/build: d552bed..1eb779c

Rolling v8/buildtools/linux64: git_revision:f847b5744a81d23b96de3f2e56ce0398f550bd0e..git_revision:8926696a4186279489cc2b8d768533e61bba73d7

Rolling v8/third_party/aemu-linux-x64: oGlyr7Yd3bVAIOk9ix9USsqpL5HzLbxt5CyB54MmvJ4C..hys6gk1KOHMz9nURGWen255HiLIaVd3e4eZfa-w6l7oC

Rolling v8/third_party/android_ndk: https://chromium.googlesource.com/android_ndk/+log/401019b..9644104

Rolling v8/third_party/android_sdk/public: n7svc8KYah-i4s8zwkVa85SI3_H0WFOniP0mpwNdFO0C..Yw53980aNNn0n9l58lN7u0wSVmxlY0OM1zFnGDQeJs4C

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/f10f06d..2c76b34

Rolling v8/third_party/depot_tools: 0f5bd4f..aebf624

Rolling v8/tools/clang: 729a6d1..21baac0

Rolling v8/tools/luci-go: git_revision:d1c03082ecda0148d8096f1fd8bf5491eafc7323..git_revision:68355732afb00a422ae0c70eed95c6a45f9868b1

Rolling v8/tools/luci-go: git_revision:d1c03082ecda0148d8096f1fd8bf5491eafc7323..git_revision:68355732afb00a422ae0c70eed95c6a45f9868b1

Rolling v8/tools/luci-go: git_revision:d1c03082ecda0148d8096f1fd8bf5491eafc7323..git_revision:68355732afb00a422ae0c70eed95c6a45f9868b1

TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: If41da8684b30379acac77bba4b7a6ac0f8d8a213
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3256764
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77637}
2021-11-02 03:58:31 +00:00
Lu Yahan
23c768dce9 [riscv64][wasm] Execution budget based dynamic tiering
Port commit 7a93bd647c
Port commit afd1554963

Change-Id: I7b5d59d448d210d80ee656d81c8134c780586296
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3256981
Reviewed-by: ji qiu <qiuji@iscas.ac.cn>
Commit-Queue: ji qiu <qiuji@iscas.ac.cn>
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#77636}
2021-11-02 03:38:43 +00:00
Zhao Jiazhong
34cb1ccf09 [loong64][mips][wasm] Execution budget based dynamic tiering
Port commit 7a93bd647c

Change-Id: I3d1793154b1d69fcc0dcde7b7d731cbbb326f05d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3255208
Auto-Submit: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Reviewed-by: Liu yu <liuyu@loongson.cn>
Commit-Queue: Liu yu <liuyu@loongson.cn>
Cr-Commit-Position: refs/heads/main@{#77635}
2021-11-02 02:14:53 +00:00
Lu Yahan
21157d257c [riscv64] [turbofan] Handle class constructor
Port e127f58410

Change-Id: Id0eb9205c3e94cb504340110ff6a42bc94a80cc1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3251133
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Reviewed-by: ji qiu <qiuji@iscas.ac.cn>
Commit-Queue: Yahan Lu <yahan@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#77634}
2021-11-02 01:12:56 +00:00
Zhao Jiazhong
8f93d342d7 [loong64][mips] Introduce CagedPointer
Port commit afd1554963

Since V8 heap sandbox requires pointer compression, which is not
implemented on mips64 and loong64 ports, so I just fix the build
issue in this CL.

Change-Id: Ie8f9d070c6149d85c2c870e882199ede2ebfe317
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3255207
Auto-Submit: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Reviewed-by: Liu yu <liuyu@loongson.cn>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/main@{#77633}
2021-11-02 01:11:53 +00:00
Igor Sheludko
0ba885943a [ic] Make DefineOwnIC throw if the private symbol already exists
Drive-by:
* don't create proto handlers for DefineOwnIC and StoreOwnIC,
* make sure that none of the DefineOwnIC and StoreOwnIC handlers are
  leaked into StoreIC's megamorphic stub cache.

Bug: v8:9888, chromium:1259950
Change-Id: I9db538e6ed14bc578aa80df037ffebd9e8c3c649
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250641
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77632}
2021-11-01 21:07:43 +00:00
Shu-yu Guo
43253f7a3b Revert "[off-thread] Allow off-thread top-level IIFE finalization"
This reverts commit 35a6eeecfa.

Reason for revert: TSAN failures like https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN/39084/overview

Original change's description:
> [off-thread] Allow off-thread top-level IIFE finalization
>
> Allow off-thread finalization for parallel compile tasks (i.e. for top-
> level IIFEs).
>
> This allows us to merge the code paths in BackgroundCompileTask, and
> re-enable the compiler dispatcher tests under the off-thread
> finalization flag. Indeed, we can simplify further and get rid of that
> flag entirely (it has been on-by-default for several releases now).
>
> Change-Id: I54f361997d651667fa813ec09790a6aab4d26774
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3226780
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77615}

Change-Id: I6752470eebd594bad92c7cf4e58dbe5bac53598c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3255667
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Owners-Override: Shu-yu Guo <syg@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77631}
2021-11-01 20:47:50 +00:00
Milad Fa
9acf61bc28 PPC/S390: [masm] Create helpers to manipulate arguments on the stack.
Port: 89933af67f

Bug: v8:11112
Change-Id: I59d5cf363e427e7e5157be8c9eb033a11614fad1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3251587
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#77630}
2021-11-01 20:18:31 +00:00
Shu-yu Guo
6640495b2e Revert "[cleanup] Remove RecursivelyExecuteUnoptimizedCompilationJobs"
This reverts commit 4bdc9097a3.

Reason for revert: So that [1] can revert cleanly, for TSAN
failures like [2].

[1] https://chromium-review.googlesource.com/c/v8/v8/+/3226780
[2] https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN/39084/overview

Original change's description:
> [cleanup] Remove RecursivelyExecuteUnoptimizedCompilationJobs
>
> Change-Id: Ibc33de815e869462bd0946b13867cf2667bd1c3b
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253353
> Commit-Queue: Victor Gomes <victorgomes@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Auto-Submit: Victor Gomes <victorgomes@chromium.org>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77622}

Change-Id: Ic3f0ba99b6227286b2799e9e7b61df8e30b140d3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3254180
Owners-Override: Shu-yu Guo <syg@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77629}
2021-11-01 19:44:03 +00:00
Milad Fa
41c297fc5f PPC/s390: [wasm] Execution budget based dynamic tiering
Port 7a93bd647c

Original Commit Message:

    Temporarily behind a new flag: --new-wasm-dynamic-tiering
    The plan is to merge this into the existing --wasm-dynamic-tiering
    flag once it's been confirmed to be generally beneficial.

R=jkummerow@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N

Change-Id: I1ba28b60e628dc2ded33b267be62debcf1b03099
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250936
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/main@{#77628}
2021-10-30 17:56:15 +00:00
v8-ci-autoroll-builder
e982374c5b Update google_benchmark
Rolling v8/third_party/google_benchmark/src: da01c5e..4f31803

Fix un-initted error in test and fix change the API previously proposed to use std::string instead of raw char* (#1266) (Vy Nguyen)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/4f31803

TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com,mlippautz@chromium.org

Change-Id: I6d993fd5df4c55fc75648776015f0f671bda41c7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253925
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77627}
2021-10-30 05:49:52 +00:00
v8-ci-autoroll-builder
44b86dd182 Update V8 DEPS.
Rolling v8/build: 40d725c..d552bed

Rolling v8/buildtools/linux64: git_revision:79c6c1b1a24c46df5a773cc61604bb5051ca6cf4..git_revision:f847b5744a81d23b96de3f2e56ce0398f550bd0e

Rolling v8/buildtools/third_party/libc++abi/trunk: 1876d99..4c6e099

Rolling v8/third_party/aemu-linux-x64: ed-NOx1j5-wX3SbRi_OHyHn-6tFz33VbLDCFga8JWFwC..oGlyr7Yd3bVAIOk9ix9USsqpL5HzLbxt5CyB54MmvJ4C

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/819f08f..f10f06d

Rolling v8/third_party/depot_tools: b3a1a79..0f5bd4f

Rolling v8/tools/clang: f827083..729a6d1

TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I741a993592d2c6d3d68ae201915f1398b1a77fd2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253923
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77626}
2021-10-30 03:57:52 +00:00
Ng Zhi An
96e7245966 [ia32][x64][wasm] Do not require dst == lhs for i64x2.mul
There is a bit of a contradictory register requirement in the
instruction selector for i64x2.mul. We want dst == lhs (when AVX not
supported), but we also want lhs and rhs to be unique (to ensure that
that they don't alias the temp).

We remove the requirement for dst == lhs, since the code gen can handle
both cases (dst == lhs, dst != lhs), at the expense of 1 movaps.

Bug: chromium:1264462
Change-Id: Ia48572412b1f6e0da3551880d8b68a03f42fe2a3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253661
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77625}
2021-10-29 20:59:47 +00:00
Milad Fa
8cf49c2dd9 PPC/s390: Introduce CagedPointer
Port afd1554963

Original Commit Message:

    A CagedPointer is guaranteed to point into the Virtual Memory Cage and
    will for example be used for ArrayBuffer backing stores when the heap
    sandbox is enabled. In the current implementation, CagedPointers are
    stored as offsets from the cage base, shifted to the left. Because the
    cage base address is usually available in a register, accessing a
    CagedPointer is very efficient, requiring only an additional shift and
    add operation.

R=saelo@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N

Change-Id: I6d5b9da23f35b60dffecb5fc5acb9c7fa362df14
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250935
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#77624}
2021-10-29 18:25:07 +00:00
Michael Lippautz
c019bbbfe2 cppgc-js: Fix TraitTrait for v8::TracedReference
Trait requires methods taking `const void*` as they are passed along
as regular TraceCallback.

Bug: v8:12165
Change-Id: Ic5cfb8dba070e5a2c0087069086c925c5318fb8b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253354
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77623}
2021-10-29 15:32:37 +00:00
Victor Gomes
4bdc9097a3 [cleanup] Remove RecursivelyExecuteUnoptimizedCompilationJobs
Change-Id: Ibc33de815e869462bd0946b13867cf2667bd1c3b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253353
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77622}
2021-10-29 15:24:37 +00:00
Junliang Yan
0ced852203 ppc/s390: [baseline] Add placeholder for sparkplug
Change-Id: I01cfc6ad6fc57ede0f1712f9b60200ee3e9b7f5e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253347
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/main@{#77621}
2021-10-29 15:16:27 +00:00