This reverts commit 712fa67554.
Reason for revert: Infra side change was reverted. Please reland
after it stays in for a bot cycle...
Original change's description:
> [test] Add Liftoff variant
>
> Add a variant for testing the current state of the Liftoff
> implementation.
> This variant will only run on a subset of the bots, just like the
> --future variant.
>
> R=machenbach@chromium.org, hablich@chromium.org
>
> Bug: v8:7088, v8:6600
> Change-Id: If49fad3a8ed579356504b821a787326754f24e78
> Reviewed-on: https://chromium-review.googlesource.com/779420
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49504}
TBR=machenbach@chromium.org,hablich@chromium.org,clemensh@chromium.org
Change-Id: Ib6b2e79cea5d9f99f8933c72bbb9d9dddbd6ae07
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7088, v8:6600
Reviewed-on: https://chromium-review.googlesource.com/779719
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49507}
Add a variant for testing the current state of the Liftoff
implementation.
This variant will only run on a subset of the bots, just like the
--future variant.
R=machenbach@chromium.org, hablich@chromium.org
Bug: v8:7088, v8:6600
Change-Id: If49fad3a8ed579356504b821a787326754f24e78
Reviewed-on: https://chromium-review.googlesource.com/779420
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49504}
Test suite contract changes:
- support * only at the end of the rule.
- loading status file is mandatory before filtering by status file.
Bug: v8:6917
Change-Id: Ia345ebfa7827c50f13f20e5cb7489e62c53f3357
Reviewed-on: https://chromium-review.googlesource.com/779185
Commit-Queue: Michał Majewski <majeski@google.com>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49496}
This updates the V8 side MB fork with all upstream changes until:
https://chromium.googlesource.com/chromium/src/+/f4d92a15f/tools/mb/mb.py
This includes a required feature for mapping isolate targets to
runtime deps.
Bug: chromium:669910
Change-Id: I22244455b22737cfbfc45adef93581ef44cf4151
Reviewed-on: https://chromium-review.googlesource.com/778879
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49487}
The "array protector" now guards the Object.prototype, the
Array.prototype and the String.prototype, so the name was a
bit misleading nowadays. So the new name "no elements protector"
was chosen.
Bug: v8:6936, v8:7014, v8:7027
Change-Id: I9a9d7caa2caf0ac9e78cc6658de2f0506970dfa2
Reviewed-on: https://chromium-review.googlesource.com/778162
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49471}
Previously, in order to get immortal immovable objects onto
the first page, the serializer would iterate the root list
twice. The first time it would prioritize immortal immovables.
The second time it would serialize the rest.
This does not guarantee that immortal immovable objects
actually end up on the first page, and by now this is not
necessary anymore, since we mark all pages created during
heap init as immortal immovable pages.
R=mlippautz@chromium.org
Change-Id: Ie95fcd779377a75337621ba862bc1a745ed5cbaa
Reviewed-on: https://chromium-review.googlesource.com/768731
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49468}
Fixes instruction names to be all in one <td>, rather than being
split between two due to miscalculation of op_offset.
Change-Id: Ieef5d20c238c8e0a5b2316239324d375090006a1
Reviewed-on: https://chromium-review.googlesource.com/777761
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49463}
The layout descriptor helper computes the object header size using
map->instance_size() and map->GetInObjectProperties().
It races with finalization of slack tracking, which changes both
the instance size and the in-object properties count.
This patch replaces the in-object properties count byte in the map
with the byte that stores the start offset of in-object properties.
The new byte can be used in the layout descriptor to compute the
object header size and it is immutable.
This patch also renames InstanceSize to InstanceSizeInWords where
the instance size is represented in words.
Bug: chromium:786069, chromium:694255
Change-Id: I4b48c6944d3fe8a950bd7b0ba43d75216b177a78
Reviewed-on: https://chromium-review.googlesource.com/776720
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49461}
This CL also includes fixes for CF issues found while the previous
reland was active.
Bug: v8:5799, chromium:783902, chromium:783926, chromium:783822
Change-Id: I1f7d9b037d90838469c45f5d72771a77444c662e
Reviewed-on: https://chromium-review.googlesource.com/764067
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49457}
Adds a stress-background-compile mode which runs compilation on a background
thread at the same time as compiling on the main thread to flush out races.
This is added as one of the variants, removing stress_asm_validation since this
is no longer a useful variant.
BUG=v8:5203
Change-Id: I73dd9f21d9b6da4a4cb39c05061aa24116e6c5ad
Reviewed-on: https://chromium-review.googlesource.com/741746
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49376}
With this CL, {CreateDefaultPlatform} returns a unique_ptr to indicate
that the caller owns the returned memory. We had several memory leaks
where the memory of the DefaultPlatform did not get deallocated.
In addition, the {TracingController} of the {DefaultPlatform} also gets
received as a unique_ptr. Thereby we document that the {DefaultPlatform}
takes ownership of the {TracingController}. Note that the memory of the
{TracingController} was already owned by the {DefaultPlatform}, but it
was not documented in the interface, and it was used incorrectly in
tests.
This CL fixes the asan issues in
https://chromium-review.googlesource.com/c/v8/v8/+/753583
([platform] Implement TaskRunners in the DefaultPlatform)
R=rmcilroy@chromium.org
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I0d1a6d3b22bb8289dc050b1977e4f58381cec675
Reviewed-on: https://chromium-review.googlesource.com/755033
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49349}
Temporary fix for isolate archiver behaving weirdly when the command is
missing.
NOTRY=true
TBR=sergiyb@chromium.org
Bug: v8:7012
Change-Id: I1ccee6be16605426e74b6c4a0379fa502106e5a9
Reviewed-on: https://chromium-review.googlesource.com/768727
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49344}
We'll use one generic isolate for all number fuzzers. The previous
deopt isolate will be deleted, once the infra hooks have changed.
Bug: v8:6917
Change-Id: I809613548cd935a0208febb002572cc063697324
Reviewed-on: https://chromium-review.googlesource.com/763534
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49297}
Temporary implementation of GC fuzzer based on the deopt fuzzer.
It will be merged with the deopt fuzzer to create more general numfuzzer.
Webkit test suite updated to ignore trace_incremental_marking flag output.
Bug: v8:6917
Change-Id: I053ae32f3cd3f74ba8b71fc5bdfc7264f54dca11
Reviewed-on: https://chromium-review.googlesource.com/758437
Commit-Queue: Michał Majewski <majeski@google.com>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49296}
This is necessary in order to support class literals boilerplates which will
contain descriptor arrays not attached to maps.
This CL introduces Heap::descriptor_array_map() which will be used only for
descriptor arrays templates created as a part of class literal boilerplate.
We don't use the new map for all descriptors for now because in order to handle
chicken-egg problem in deserializer which can be solved in a clean and readable
way only if introduce a DESCRIPTOR_ARRAY_TYPE instance type which we can't
currently do because the InstanceType enum is already "full".
Bug: v8:5799
Change-Id: I732d236b0dda2c436ab3ce3ac5967f6c66162df3
Reviewed-on: https://chromium-review.googlesource.com/758360
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49271}
This adds test coverage for write-protected code pages by adding the
feature to the existing "stress_incremental_marking" variant. Since this
is considered a temporary state, the variant has not been renamed.
R=machenbach@chromium.org
BUG=v8:6792
Change-Id: I62fa5aa15bf5309b12fbc269fcf81069845755f9
Reviewed-on: https://chromium-review.googlesource.com/753388
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49267}
This change
- adds new maps for elements, global, and named dictionaries.
- adds support to embed these dictionaries in the startup snapshot.
- adds support to embed these dictionaries in the code cache.
- refactors the rehashing logic.
TBR=mstarzinger@chromium.org, ishell@chromium.org, jgruber@chromium.org
Bug: v8:6593
Change-Id: I2455fe2a9cc6e93247940de99de5f124c2ada137
Reviewed-on: https://chromium-review.googlesource.com/756693
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49167}
This reverts commit 3877bf6f4b.
Reason for revert: failed compilation on Win64/clang:
https://build.chromium.org/p/client.v8/builders/V8%20Win64%20-%20clang/builds/9015
Original change's description:
> Snapshot: support rehashing property and element dictionaries.
>
> This change
> - adds new maps for elements, global, and named dictionaries.
> - adds support to embed these dictionaries in the startup snapshot.
> - adds support to embed these dictionaries in the code cache.
> - refactors the rehashing logic.
>
> R=ishell@chromium.org, jgruber@chromium.org, mstarzinger@chromium.org
>
> Bug: v8:6593
> Change-Id: I8d9a7ba7145f1af4e6e15301a4d5611f07c77f33
> Reviewed-on: https://chromium-review.googlesource.com/753323
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Commit-Queue: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49155}
TBR=yangguo@chromium.org,mstarzinger@chromium.org,jgruber@chromium.org,ishell@chromium.org
Change-Id: I0b45d2d07da97b9a7953abf4ad24eec4ea944306
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6593
Reviewed-on: https://chromium-review.googlesource.com/755493
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49156}
This change
- adds new maps for elements, global, and named dictionaries.
- adds support to embed these dictionaries in the startup snapshot.
- adds support to embed these dictionaries in the code cache.
- refactors the rehashing logic.
R=ishell@chromium.org, jgruber@chromium.org, mstarzinger@chromium.org
Bug: v8:6593
Change-Id: I8d9a7ba7145f1af4e6e15301a4d5611f07c77f33
Reviewed-on: https://chromium-review.googlesource.com/753323
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49155}
This is a reland of 697b2c09a5
Original change's description:
> Setting up the environment for testrunner refactored
>
> Bug: v8:6917
> Change-Id: Ibc3c738ef807d37d8b76f440d9765c4d0405c021
> Reviewed-on: https://chromium-review.googlesource.com/735421
> Commit-Queue: Michał Majewski <majeski@google.com>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48923}
Bug: v8:6917
Change-Id: I07918814ee8277eca96bcb2d330e6b08f6a0505d
Reviewed-on: https://chromium-review.googlesource.com/741621
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michał Majewski <majeski@google.com>
Cr-Commit-Position: refs/heads/master@{#49078}
The status-file flags and the flags from the test case's source code
must always overwrite extra flags set by bots.
Bug: v8:6924
Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: I0e2aabb69da7cfb8ba6c1c79bd3851462071a6ac
Reviewed-on: https://chromium-review.googlesource.com/732656
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49001}
The current_cpu value was erroneously removed from the build config json.
In multi-arch builds, each toolchain subdirectory in the build-product
output emits its own build-config json, where current_cpu determines
the architecture type of the sub-build.
Correctness-fuzzer runs could wrongly determined x86 sub-builds as x64.
Bug: chromium:777285
Change-Id: I5104630cd8ebbd263d557fb29771a31a2a1d78c2
Reviewed-on: https://chromium-review.googlesource.com/737797
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48950}
This is a reland of eeaffa9f33
Original change's description:
> [objects] Introduce {CodeDataContainer} object type.
>
> This introduces the {CodeDataContainer} as a container for all mutable
> fields associated with a {Code} object. For now only the kind-specific
> flags are moved, but more fields can/will be moved gradually. The goal
> is to make all fields in the {Code} header be immutable eventually.
>
> R=jarin@chromium.org
> BUG=v8:6792
>
> Change-Id: I2eeba893afaba877fb6117e1f18371898c3a175e
> Reviewed-on: https://chromium-review.googlesource.com/732987
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48902}
Bug: v8:6792
Change-Id: I31a127df4bb8ee5fedb4d73755df4deae6e1d352
Reviewed-on: https://chromium-review.googlesource.com/738109
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48928}
This reverts commit e26cd87496.
Reason for revert: The issue has been fixed. See related bug for description and CLs.
Original change's description:
> [heap] Add TSAN suppression for lock-order inversion in Scavenger
>
> The Scavenger currently requires taking the lock for OLD->NEW processing
> and can also take another lock for sweeping a different page.
>
> Since order of pages during scavenge and sweep is unstable this may
> result in lock order inversion reports on TSAN when long-running
> programms are only executed on a single thread.
>
> The report is a false positve, hence flag it as suppression until we
> redesign this particular piece.
>
> No-try: true
> Bug: v8:6923
> Change-Id: I82355be1c8d83ea61cc21152aeb10b58b1dc4b86
> Reviewed-on: https://chromium-review.googlesource.com/716261
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48504}
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:6923
Change-Id: I7711466c6e2175dcab8d64d6a642e458e1cde3f5
Reviewed-on: https://chromium-review.googlesource.com/738110
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48913}
This reverts commit eeaffa9f33.
Reason for revert: Breaks msan compile (uninitialized value in snapshot):
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/builds/17824
Original change's description:
> [objects] Introduce {CodeDataContainer} object type.
>
> This introduces the {CodeDataContainer} as a container for all mutable
> fields associated with a {Code} object. For now only the kind-specific
> flags are moved, but more fields can/will be moved gradually. The goal
> is to make all fields in the {Code} header be immutable eventually.
>
> R=jarin@chromium.org
> BUG=v8:6792
>
> Change-Id: I2eeba893afaba877fb6117e1f18371898c3a175e
> Reviewed-on: https://chromium-review.googlesource.com/732987
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48902}
TBR=mstarzinger@chromium.org,jarin@chromium.org
Change-Id: I74fe833b074752d640cff4aa4680f250e1bd8780
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6792
Reviewed-on: https://chromium-review.googlesource.com/738029
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48904}
This introduces the {CodeDataContainer} as a container for all mutable
fields associated with a {Code} object. For now only the kind-specific
flags are moved, but more fields can/will be moved gradually. The goal
is to make all fields in the {Code} header be immutable eventually.
R=jarin@chromium.org
BUG=v8:6792
Change-Id: I2eeba893afaba877fb6117e1f18371898c3a175e
Reviewed-on: https://chromium-review.googlesource.com/732987
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48902}
The tests are generated randomly, using Python's arbitrary-precision
integers as the source of truth.
The generator script is landed as part of this CL. It also supports
a "stress test" mode for on-demand intensive test coverage.
Bug: v8:6791
Change-Id: Idc7a2e90fd8a0a8176283614b33ecd4c3597b1d1
Reviewed-on: https://chromium-review.googlesource.com/731464
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48844}
Now that gclient is much quieter about its output (see crbug.com/772741),
these always-emitted messages make it louder than necessary.
Change-Id: I864676c4ca57d4c060f7f58bc770d8d670695639
Reviewed-on: https://chromium-review.googlesource.com/731118
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48808}
Implicitly escape all output that is passed to Log::MessageBuilder.
We escape non-printable characters and the log field separator ','
using the \x00 and \u0000 escape sequences.
Example:
Before: event-foo,"space: ","comma: ,","double quotes: """
After: event-foo,space: ,comma: \x2C,double quotes: "
This might slightly impact human readability of the log files in
extreme cases. However, most strings do not contain any escaped
characters.
Bug:
Change-Id: Ic78f6d9932367d02f9f3c3f70b41b5c283bdf880
Reviewed-on: https://chromium-review.googlesource.com/728332
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48805}
And fix the last violations which were introduced since the cleanup CLs
landed.
R=mstarzinger@chromium.org, jgruber@chromium.org
Bug: v8:6837, v8:6921
Change-Id: I317cce06f1e5c2bcdd57283c9c1b75cbe6415cbb
Reviewed-on: https://chromium-review.googlesource.com/727885
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48756}
This ports the build_config json from GN to GYP to prepare deprecating
tedious flags passing to the test runner.
This also removes two unused GN flags that only hold temporary values.
Bug: v8:6917
Change-Id: I976185f1541277dc5c9bfbaa7578f35c19dd254c
Reviewed-on: https://chromium-review.googlesource.com/725706
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48715}
This reverts commit 4054cf278f.
Reason for revert: Just exposes existing issues.
Original change's description:
> Revert "[test] Fix win-asan symbolizer path"
>
> This reverts commit 135576ffb6.
>
> Reason for revert: V8 Win32 ASAN failures: https://build.chromium.org/p/client.v8/builders/V8%20Win32%20ASAN/builds/73
>
> It appears these failures were lurking there already, but were hidden because of the bug this CL fixed. Opened https://crbug.com/v8/6953 about these issues.
>
> Original change's description:
> > [test] Fix win-asan symbolizer path
> >
> > This makes the symbolizer path relative, as the absolute paths contain
> > a drive letter + colon on windows. The colon is confused by the
> > sanitizer as an option separator.
> >
> > The test driver changes the cwd to the V8 root dir in each
> > invocation.
> >
> > Bug: chromium:726584
> > Change-Id: Icf4e5a55bba5dec8e59a3dfe3eccdf7224e65c33
> > Reviewed-on: https://chromium-review.googlesource.com/721124
> > Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
> > Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#48652}
>
> TBR=glider@chromium.org,rnk@chromium.org,machenbach@chromium.org,sergiyb@chromium.org,etienneb@chromium.org
>
> Change-Id: Ic78527950f6a239a03658e042d7244c9781d05db
> No-Presubmit: true
> No-Tree-Checks: true
> No-Try: true
> Bug: chromium:726584
> Reviewed-on: https://chromium-review.googlesource.com/723825
> Reviewed-by: Eric Holk <eholk@chromium.org>
> Commit-Queue: Eric Holk <eholk@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48653}
TBR=glider@chromium.org,rnk@chromium.org,machenbach@chromium.org,eholk@chromium.org,sergiyb@chromium.org,etienneb@chromium.org
Change-Id: I8ea3b1d74ece09bed4758522f51cbee56a7792e1
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:726584
Reviewed-on: https://chromium-review.googlesource.com/725319
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48662}
This reverts commit 135576ffb6.
Reason for revert: V8 Win32 ASAN failures: https://build.chromium.org/p/client.v8/builders/V8%20Win32%20ASAN/builds/73
It appears these failures were lurking there already, but were hidden because of the bug this CL fixed. Opened https://crbug.com/v8/6953 about these issues.
Original change's description:
> [test] Fix win-asan symbolizer path
>
> This makes the symbolizer path relative, as the absolute paths contain
> a drive letter + colon on windows. The colon is confused by the
> sanitizer as an option separator.
>
> The test driver changes the cwd to the V8 root dir in each
> invocation.
>
> Bug: chromium:726584
> Change-Id: Icf4e5a55bba5dec8e59a3dfe3eccdf7224e65c33
> Reviewed-on: https://chromium-review.googlesource.com/721124
> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48652}
TBR=glider@chromium.org,rnk@chromium.org,machenbach@chromium.org,sergiyb@chromium.org,etienneb@chromium.org
Change-Id: Ic78527950f6a239a03658e042d7244c9781d05db
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:726584
Reviewed-on: https://chromium-review.googlesource.com/723825
Reviewed-by: Eric Holk <eholk@chromium.org>
Commit-Queue: Eric Holk <eholk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48653}
This makes the symbolizer path relative, as the absolute paths contain
a drive letter + colon on windows. The colon is confused by the
sanitizer as an option separator.
The test driver changes the cwd to the V8 root dir in each
invocation.
Bug: chromium:726584
Change-Id: Icf4e5a55bba5dec8e59a3dfe3eccdf7224e65c33
Reviewed-on: https://chromium-review.googlesource.com/721124
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48652}
Change-Id: I77b6eb5e949f8b37fa76d2a161d1ec2c1117ab04
Reviewed-on: https://chromium-review.googlesource.com/722078
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48616}
Also fix asan environment for testing on windows.
TBR=sergiyb@chromium.org
Bug: chromium:726584
Change-Id: Ic9e6afa714f4757ad1b0f2ebfa742e742e1c04b9
Reviewed-on: https://chromium-review.googlesource.com/720811
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48583}
Preparation for sharing more code between deopt fuzzer and normal test runner.
Bug: v8:6917
Change-Id: Id8022c7597544ffddf5d1b0a0d73bb4a9d163fc3
Reviewed-on: https://chromium-review.googlesource.com/715417
Commit-Queue: Michał Majewski <majeski@google.com>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48521}
The Scavenger currently requires taking the lock for OLD->NEW processing
and can also take another lock for sweeping a different page.
Since order of pages during scavenge and sweep is unstable this may
result in lock order inversion reports on TSAN when long-running
programms are only executed on a single thread.
The report is a false positve, hence flag it as suppression until we
redesign this particular piece.
No-try: true
Bug: v8:6923
Change-Id: I82355be1c8d83ea61cc21152aeb10b58b1dc4b86
Reviewed-on: https://chromium-review.googlesource.com/716261
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48504}
Currently it's hard to reason about the hung tests on worker processes.
This adds simple output when we're trying to kill a hung process.
Change-Id: Iae5e14dac70a8149c074043dd00cbf10e4d5f3de
Reviewed-on: https://chromium-review.googlesource.com/712455
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48460}
This flag was originally added as a staging mechanism to let us land and test
guard regions without the full trap handler feature landing. Additionally, we
thought we might enable guard regions without trap handlers on some systems.
Trap handlers are now supported, and there's not a real compelling reason for
why we need guard regions without trap handlers. Keeping the separate flag leads
to confusion, since some code treats guard regions and trap handlers the same,
while other code treats them as independent.
Removing this flag and its associated special cases makes everything more
uniform and predictable.
R=gdeepti@chromium.org
Change-Id: Icebab91d1f1e0c55e7a35c75b880085d37fa14ae
Reviewed-on: https://chromium-review.googlesource.com/706570
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Commit-Queue: Eric Holk <eholk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48411}
There are only very few custom compiled IC handlers left that go in there, and for each compiled handler we only have 1 cache hit on top25; maximally saving 60ms over 33s. Additionally we'll migrate the remaining handlers to data-driven handlers anyway. Let's try to remove this code.
Bug:
Change-Id: Ib874cc498015046a3ff67c83ea8b10b3c4eb7d0f
Reviewed-on: https://chromium-review.googlesource.com/668409
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48201}
BigInt is a new primitive type of arbitrary precision integers,
proposed in https://tc39.github.io/proposal-bigint.
This CL introduces a corresponding instance type, map, and C++
class to V8 and adds BigInt support to a few operations (see the
test file). Much more is to come. Also, the concrete representation
of BigInts is not yet fixed, currently a BigInt is simply a wrapped
Smi.
Bug: v8:6791
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Ia2901948efd7808f17cfc945f0d56e23e8ae0b45
Reviewed-on: https://chromium-review.googlesource.com/657022
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47956}
The help output prints the first line of the doc string.
Change-Id: I76817d5138b7bb7ba8034c6a5d803b5aaf1201f7
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/654603
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47871}
Only the error cases of overwriting readonly properties need the
language_mode to decide whether to throw or be silent. Reading it
from the feedback vector's metadata (just like the C++ code in
ic.cc does) removes the need to duplicate each stub for each
language_mode ("StoreIC" + "StoreICStrict" etc.).
Change-Id: Ic0c67f9d40ca36c65e41b4f162b2ab70d155e549
Reviewed-on: https://chromium-review.googlesource.com/647373
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47836}
And add the helpfully suggested flag to the GDB re-run of mksnapshot.
NOTRY=true
Change-Id: I52011aa580c8d3e557f869b8306b9b978c73b946
Reviewed-on: https://chromium-review.googlesource.com/647693
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47829}
The perf tests results are used by tools/perf-to-html.py to generate
html pages. Since the results are used as divisors to compute
percentages, when the one of them happens to be zero, the script
crashes. This CL prevent the crash and uses the text "NaN" instead of
the percentage.
R=machenbach@chromium.org
CC=ahaas@chromium.org,clemensh@chromium.org
Bug: chromium:761816
Change-Id: I482a85150c8323a7a837e6d589feee88279831cd
Reviewed-on: https://chromium-review.googlesource.com/649626
Commit-Queue: Enrico Bacis <enricobacis@google.com>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47806}
This is a reland of 6daf3c77f1
Original change's description:
> [presubmit] Include test/common and test/fuzzer in cpplint
>
> These directories probably just did not exist when the cpplint paths
> were defined.
>
> R=machenbach@chromium.org
> CC=mstarzinger@chromium.org
>
> Change-Id: Ia6b641b3c106d86ceafb0c70b44ca241b4c80642
> Reviewed-on: https://chromium-review.googlesource.com/647807
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47786}
Change-Id: I15cd1b508cd3c6f5cd58cd5c5129174d8ced40d0
Reviewed-on: https://chromium-review.googlesource.com/649006
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47796}
This reverts commit 6daf3c77f1.
Reason for revert: Need to fix violations in test/fuzzer first.
Original change's description:
> [presubmit] Include test/common and test/fuzzer in cpplint
>
> These directories probably just did not exist when the cpplint paths
> were defined.
>
> R=machenbach@chromium.org
> CC=mstarzinger@chromium.org
>
> Change-Id: Ia6b641b3c106d86ceafb0c70b44ca241b4c80642
> Reviewed-on: https://chromium-review.googlesource.com/647807
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47786}
TBR=machenbach@chromium.org,mstarzinger@chromium.org,clemensh@chromium.org
Change-Id: Ie20f0e9ef521c8da0c928bee241427fad694a440
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/647593
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47787}
These directories probably just did not exist when the cpplint paths
were defined.
R=machenbach@chromium.orgCC=mstarzinger@chromium.org
Change-Id: Ia6b641b3c106d86ceafb0c70b44ca241b4c80642
Reviewed-on: https://chromium-review.googlesource.com/647807
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47786}
This patch introduces a new container type ScriptOrModule which
provides the name and the host defined options of the script/module.
This patch also introduces a new PrimitivesArray that can hold
Primitive values, which the embedder can use to store metadata.
The HostDefinedOptions is passed to V8 through the ScriptOrigin, and
passed back to the embedder through HostImportModuleDynamically for
module loading.
Bug: v8:5785, v8:6658, v8:6683
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I56c26fc9a680b273ac0a6691e5ad75f15b8dc80a
Reviewed-on: https://chromium-review.googlesource.com/622158
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47724}
Introduce a proper empty_descriptor_array, which has the proper layout
(length is 2 and the two fields are set properly). Also add a special
EnumCache class and a matching empty_enum_cache. The contract now is
that we only need to check the EnumLength on the map to know whether we
are allowed to use the enum cache. This greatly simplifies the handling
of the enum cache (and also the descriptor arrays), especially for the
future work on optimizing keyed access via the enum cache indices.
Bug: v8:6702
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I5ef517a3041163cd65ef003f691139ea52233e83
Reviewed-on: https://chromium-review.googlesource.com/641030
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47697}
Also rename options key from "no_network" to "network" to avoid
too many levels of double-negatives.
Change-Id: I6d29edce8abde64199b27ef0f3453ab370a9937b
Reviewed-on: https://chromium-review.googlesource.com/642516
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47695}
There's no need to have the StringLengthProtector as a PropertyCell,
since it's only used to guard against deoptimization loops. This also
allows us to remove the use of the CompilationDependencies from the
JSTypedLowering.
R=jarin@chromium.org
Bug: v8:6759
Change-Id: I54a37be6b8064ca3475e3b321f928b6a9903f209
Tbr: mstarzinger@chromium.org
Reviewed-on: https://chromium-review.googlesource.com/637303
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47633}
* Only pass -t to adb if running with stdout as a tty (prevents weird
tty output processing, .e.g replacing '\n' with '\r\n')
* Allow passing a device directory for d8 (useful for testing multiple
builds against each other)
* Allow specifying additional allowed paths (useful for e.g. running
files from /tmp)
Change-Id: I90b8bba6f3c248105927c800b8b5b601692adf6c
Reviewed-on: https://chromium-review.googlesource.com/629079
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47576}
This reverts commit fe50e8178f.
Reason for revert: Too close to branch point
Original change's description:
> [parser] Tentative: turn on FLAG_preparser_scope_analysis.
>
> The main motivation is to get bug reports / crashes from Canary.
>
> This commit is expected to break all kinds of things! The most typical failure
> modes are crashes, CHECK failures and JavaScript executing incorrectly.
>
> BUG=v8:5516
>
> Change-Id: Ifa02b420ad4e8eda46002b334bed2665c8ceeeb2
> Reviewed-on: https://chromium-review.googlesource.com/623751
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Commit-Queue: Marja Hölttä <marja@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47502}
TBR=adamk@chromium.org,marja@chromium.org,cbruni@chromium.org
Change-Id: I98d2d186cbde6e185b05ef0d3460115a654b6b45
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:5516
Reviewed-on: https://chromium-review.googlesource.com/626796
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47519}
Reland of https://chromium-review.googlesource.com/c/v8/v8/+/623790
Add a --read-from-tcp flag to d8, which makes file reads (including
reading files from arguments, and the load and read builtins) read the
file contents off a TCP socket using a simple request/response protocol.
On top of this, add a script for transparently running d8 on an android
device using adb. The script loads d8 onto the device, starts a file
server providing the above protocol, and uses the above flag to run a d8
which loads javascript sources off the computer rather than off the
device.
Change-Id: I82a25be900c7608ed4c3a35828757a870ca2e115
Reviewed-on: https://chromium-review.googlesource.com/626396
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47513}
This reverts commit 29ad123568.
Reason for revert: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20shared/builds/19576
Original change's description:
> [d8] Allow reading files from a TCP socket
>
> Add a --read-from-tcp flag to d8, which makes file reads (including
> reading files from arguments, and the load and read builtins) read the
> file contents off a TCP socket using a simple request/response protocol.
>
> On top of this, add a script for transparently running d8 on an android
> device using adb. The script loads d8 onto the device, starts a file
> server providing the above protocol, and uses the above flag to run a d8
> which loads javascript sources off the computer rather than off the
> device.
>
> Change-Id: Icaa0577beb9bcd4f93476faa3ad8fb8b0a165e6e
> Reviewed-on: https://chromium-review.googlesource.com/623790
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47511}
TBR=rmcilroy@chromium.org,leszeks@chromium.org
Change-Id: I2de4a12aa8cb0d228df3e5793d997b9145f4da42
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/626017
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47512}
Add a --read-from-tcp flag to d8, which makes file reads (including
reading files from arguments, and the load and read builtins) read the
file contents off a TCP socket using a simple request/response protocol.
On top of this, add a script for transparently running d8 on an android
device using adb. The script loads d8 onto the device, starts a file
server providing the above protocol, and uses the above flag to run a d8
which loads javascript sources off the computer rather than off the
device.
Change-Id: Icaa0577beb9bcd4f93476faa3ad8fb8b0a165e6e
Reviewed-on: https://chromium-review.googlesource.com/623790
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47511}
The main motivation is to get bug reports / crashes from Canary.
This commit is expected to break all kinds of things! The most typical failure
modes are crashes, CHECK failures and JavaScript executing incorrectly.
BUG=v8:5516
Change-Id: Ifa02b420ad4e8eda46002b334bed2665c8ceeeb2
Reviewed-on: https://chromium-review.googlesource.com/623751
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47502}
Deletes the now unused Full-codegen compiler. Also removes some macro
assembler instructions which are no longer used.
Note: there is still additional cleanup work to do after this lands
(e.g., remove support for FCG frames support and FCG
debugger support, etc.), but this will be done in followup CLs to keep
this patch managable.
BUG=v8:6409
Change-Id: I8d828fe7a64d29f2c1252d5fda968a630a2e9ef2
Reviewed-on: https://chromium-review.googlesource.com/584773
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47307}
Rather than lumping in parsing, bytecode compilation and optimized
compilation all into the same VM "compile" state, seperate them out
into individual states. Additionally, add support for these states
to tickprocessor and profview.
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I5be943e23cae042e32e9ccb24415c67c18658b4b
Reviewed-on: https://chromium-review.googlesource.com/608973
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47283}
The run_test.py tool test selection only expands asterisks at the end of
the test name. This CL introduces glob expansion in test selection
(asterisks are expanded anywhere in the path).
This is useful when tests that belong to the same area have different
prefixes. For example wasm cctests have two different prefixes:
'cctest/test-run-wasm*' and 'cctest/test-wasm*'. With this CL it is
possible to specify the selector 'cctest/*wasm*' to run them all.
R=machenbach@chromium.org
Change-Id: I1c7cc5136b21e71f3eaf69fb98d5dfd77d336e2a
Reviewed-on: https://chromium-review.googlesource.com/609000
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Enrico Bacis <enricobacis@google.com>
Cr-Commit-Position: refs/heads/master@{#47274}
This also changes logging of code address to Code::instruction_start rather
than Code::address().
Bug: v8:6239
Change-Id: I4ef975630574e23409123468a3f7fb8fe6ad39e7
Reviewed-on: https://chromium-review.googlesource.com/605887
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47266}
Experimental run, just for getting data from RuntimeCallstats bots.
To be reverted soon - expected to break various things.
BUG=v8:5516
NOTREECHECKS=true
Change-Id: I6d235fddee36b0f0efe70065166d25ed40d6e163
Reviewed-on: https://chromium-review.googlesource.com/557863
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47248}
The interpreter was not able to call imported wasm functions (hitting
UNIMPLEMENTED). This CL fixes this by creating a "CWasmEntry", which is
signature-specific. It has JS linkage and receives the wasm code object
to call and a buffer containing all arguments (similar to the
interpreter entry). It loads all arguments from the buffer and calls the
given code object.
The c-wasm-entry code objects are cached per instance, such that we
only create them once per signature.
These wasm entry stubs will also allow us to call back to compiled code
from the interpreter, which we might want to do to reduce the slowdown
of executing wasm for debugging.
R=titzer@chromium.org
Bug: chromium:735792
Change-Id: I7fecec3a7bec62a9de40fff115b684759b12a28b
Reviewed-on: https://chromium-review.googlesource.com/600308
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47195}
Use some less-known grep flags to avoid the for loop in
check-unused-bailouts.sh, speeding it up considerably.
Before:
$ time tools/check-unused-bailouts.sh >/dev/null
real 0m14.717s
user 0m6.968s
sys 0m7.128s
After:
$ time tools/check-unused-bailouts.sh >/dev/null
real 0m0.514s
user 0m0.480s
sys 0m0.028s
Change-Id: I2178e2adaf60282865cf18272246a77bcff9d140
Reviewed-on: https://chromium-review.googlesource.com/597690
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47076}
This makes all the information that is present for GCTracer also
available to RCS.
Bug: chromium:748569
Change-Id: Ie7e8c3770b81ab1321cad08f6954492b72ef0514
Reviewed-on: https://chromium-review.googlesource.com/585427
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47043}
Now that the maximum string length varies between platforms, the
correctness fuzzer is unhappy. It will ignore crashes, so when we know
we have reached platform-dependant behavior just crash if
--abort_on_stack_overflow is enabled.
Also rename abort_on_stack_overflow to
abort_on_stack_or_string_length_overflow.
Bug: chromium:748137
Change-Id: Ie4e96709b90029b5ce3c8408064d928f841b3b9f
Reviewed-on: https://chromium-review.googlesource.com/589269
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47007}
We must ensure required root objects will be filled when such
objects will be deserialized.
Change-Id: I25136d31cb2e0c0a69a51c5635192f17bbe2a9ba
Reviewed-on: https://chromium-review.googlesource.com/579768
Commit-Queue: Vyacheslav Chigrin <vchigrin@yandex-team.ru>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46944}
Note that this also renames the existing "asm_wasm" variant to use the
more appropriate "stress_asm_wasm" name.
R=rmcilroy@chromium.org
BUG=v8:6409
Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: I1f9550cd03874c678f4583047a4e123a6f090250
Reviewed-on: https://chromium-review.googlesource.com/584879
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46937}
Instead of having feedback vector as a subtype of FixedArray with
reserved slots, make it a first-class variable-sized object with a
fixed-size header. This allows us to compress counters to ints in the
header, rather than forcing them to be Smis.
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Icc5f088ffbc2e2651b845bc71ea42060639e3e48
Reviewed-on: https://chromium-review.googlesource.com/585129
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46935}
This replaces the linked list of weak cells with a worklist.
TBR=yangguo@chromium.org
BUG=chromium:694255
Change-Id: Ia877e25010ebbec9c05fbbe48cff460a92d3a132
Reviewed-on: https://chromium-review.googlesource.com/587067
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46929}
os.system uses fork(), which is not supported by ASAN/LSAN. Some fuzz tests
consist of js code that randomly picks properties and functions and calls them.
Sometimes, this combination means ASAN will report false positives.
Bug: chromium:740361
Change-Id: Id8d517263251a1fe88abadd33b0225c664b00498
Reviewed-on: https://chromium-review.googlesource.com/580313
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46876}
This must throw for uninitialized properties.
R=adamk@chromium.org
Bug: v8:1569, v8:5487
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng;master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: I8beb8bf6a197870eb5c038102ab474dd12f6b6eb
Reviewed-on: https://chromium-review.googlesource.com/582013
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46870}
This adds a missing swarming config to the ubsan builders to fix
test isolation.
This also adds ubsan_vptr to the inferred options from build metadata.
For ubsan_vptr builds, the test runner makes sure to set up the
required options.
TBR=ishell@chromium.org
Bug: chromium:726584
Change-Id: I9667ba2b6d9d0f363f7cc94d23308e09da002d99
Reviewed-on: https://chromium-review.googlesource.com/577689
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46866}
This is so that we can distinguish hash tables by instance type. We can
then introduce maps for each kind of hash tables to further distinguish.
R=mstarzinger@chromium.org
Bug: v8:6593
Change-Id: Ice9e6bb7b85d825207ac489b6930ac9020d60db8
Reviewed-on: https://chromium-review.googlesource.com/582814
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46861}
This reverts commit 990dd947bc.
Reason for revert: <INSERT REASONING HERE>
Original change's description:
> Introduce HASH_TABLE_TYPE instance type.
>
> This is so that we can distinguish hash tables by instance type. We can
> then introduce maps for each kind of hash tables to further distinguish.
>
> R=mstarzinger@chromium.org
>
> Bug: v8:6593
> Change-Id: I1a532884758e571abdfe2e2743fc5ea611d12f7e
> Reviewed-on: https://chromium-review.googlesource.com/581009
> Commit-Queue: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#46828}
TBR=yangguo@chromium.org,mstarzinger@chromium.org
Change-Id: Ia47d408e5cf47983940227b4cc445a704d7f8d19
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6593
Reviewed-on: https://chromium-review.googlesource.com/581493
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46833}
This is so that we can distinguish hash tables by instance type. We can
then introduce maps for each kind of hash tables to further distinguish.
R=mstarzinger@chromium.org
Bug: v8:6593
Change-Id: I1a532884758e571abdfe2e2743fc5ea611d12f7e
Reviewed-on: https://chromium-review.googlesource.com/581009
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46828}
... between % and a function name.
Change-Id: I4d06e2623abb6fdd50af748649d0f8e9fae3897d
Reviewed-on: https://chromium-review.googlesource.com/575053
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46788}
This adds a copy of tools/ubsan/vptr_blacklist.txt to V8, which is
needed for ubsan compilation.
NOTRY=true
TBR=ishell@chromium.org
Bug: chromium:726584
Change-Id: Ie06a031ce501d7f83121d45b04ac34672eb1ca9e
Reviewed-on: https://chromium-review.googlesource.com/575977
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46760}
Added a flag, process_size, to collect the maximum memory size used by
a test run.
Bug:
Change-Id: I5d659ff03bfcf7ab4a868aafbda3303ffcb9fa78
Reviewed-on: https://chromium-review.googlesource.com/542415
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46713}
The new message lets us know which directory is involved and what we can
do to fix it.
Bug:
Change-Id: Icfcb92b35b1ef2644649789b1e8473cb6ae50336
Reviewed-on: https://chromium-review.googlesource.com/571702
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46659}
This also makes sure 6.0 and 6.1 have the same constants exposed
in v8.h.
Bug: v8:6592
R=bmeurer@chromium.org
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I3afc0e5e4495594c76229555aab148ac78388f80
Reviewed-on: https://chromium-review.googlesource.com/569618
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46642}
Removes the --ignition flag which is now on by default. Adds a
--stress-fullcodegen flag which enables running all functions supported
by fullcodegen to be compiled by fullcodegen.
This will enable moving parser internalization later when we are not
stressing fullcodegen or compiling asm.js functions.
BUG=v8:5203, v8:6409, v8:6589
Change-Id: I7fa68016d4e734755434ec0b4e749ef65ffa7f4e
Reviewed-on: https://chromium-review.googlesource.com/565569
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46635}
This is a reland of f720d024dc
Original change's description:
> [mjsunit] Improve mjsunit stracktrace readability
>
> Format the function name and file-position into proper columns to easily spot
> where the test code ends and the mjsunit framework code starts.
>
> BEFORE:
> Stack: Error
> at new MjsUnitAssertionError (test/mjsunit/mjsunit.js:36:18)
> at failWithMessage (test/mjsunit/mjsunit.js:310:11)
> at fail (test/mjsunit/mjsunit.js:327:12)
> at assertEquals (test/mjsunit/mjsunit.js:398:7)
> at closure (test/mjsunit/regress/regress-4121.js:20:7)
> at literals_sharing_test (test/mjsunit/regress/regress-4121.js:27:3)
> at test (test/mjsunit/regress/regress-4121.js:37:5)
> at eval (eval at <anonymous> (test/mjsunit/regress/regress-4121.js:49:6), <anonymous>:1:1)
> at test/mjsunit/regress/regress-4121.js:49:6
> at Array.forEach.call (test/mjsunit/regress/regress-4121.js:50:7)
> throw new MjsUnitAssertionError(message);
>
> AFTER:
> Stack: MjsUnitAssertionError
> at assertEquals test/mjsunit/mjsunit.js 398:7
> at closure test/mjsunit/regress/regress-4121.js 20:7
> at literals_sharing_test test/mjsunit/regress/regress-4121.js 27:3
> at test test/mjsunit/regress/regress-4121.js 37:5
> at eval eval at <anonymous> (test/mjsunit/regress/regress-4121.js:49:6)
> at test/mjsunit/regress/regress-4121.js 49:6
> at Array.forEach.call test/mjsunit/regress/regress-4121.js 50:7
> throw new MjsUnitAssertionError(message);
>
>
> Change-Id: Iad3460a648e26effb43c00426ab043743ee6a138
> Reviewed-on: https://chromium-review.googlesource.com/563627
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Commit-Queue: Camillo Bruni <cbruni@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#46589}
Change-Id: I44bf07f7be4114369315605542cafd17345b4397
Reviewed-on: https://chromium-review.googlesource.com/567063
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46602}
This patch changes the backing store of slow properties to be a
new instance type called PropertyArray.
Currently the only difference between this and a FixedArray is
the map. A future patch will change the length property to store
the hash code.
Bug: v8:5717, v8:6404
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Iaebc98f42e6d93c1392772e6f837787beb64afec
Reviewed-on: https://chromium-review.googlesource.com/539028
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46569}
This enforces that its enumeration values fit in a byte, as required
by Map's {instance_type} field (and probably other parts of the
system).
Clang helpfully emits this error message if an enum value goes out
of range:
enumerator value 256 is not representable in the underlying type 'uint8_t' (aka 'unsigned char')
Change-Id: I533cd5afc755e7163c2fd40f7b00d9adfd960895
Reviewed-on: https://chromium-review.googlesource.com/565892
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46544}
Pass --gerrit explicitly to be resiliant to possible rollbacks of the Gerrit
switch.
This'll also enforce using Gerrit on older release branches when using
the release tools for cherry-picking.
NOTRY=true
TBR=hablich@chromium.org
Bug: chromium:685318
Change-Id: If60784b4c804f38ca36649ac4b2e62209d7cf729
Reviewed-on: https://chromium-review.googlesource.com/565415
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46523}
This is the next step towards faster Map and Set iteration. It
introduces the appropriate instance types for Map and Set
iterators (following the pattern for Array iterators) and migrates
the following builtins to the CodeStubAssembler:
- Set.prototype.entries
- Set.prototype.values
- Map.prototype.entries
- Map.prototype.keys
- Map.prototype.values
- %SetIteratorPrototype%.next
- %MapIteratorPrototype%.next
This already provides a significant performance boost for regular
for-of iteration of Sets and Maps, by a factor of 5-10 depending
on the input. The final step will be to inline some fast-paths
into TurboFan.
Drive-by-fix: Remove obsolete %IsJSSetIterator and %IsJSMapIterator
intrinsics and runtime functions.
TBR=jgruber@chromium.org
Bug: v8:6344, v8:6571, chromium:740122
Change-Id: I3ab0ee49e2afe8d4295707a5ecbd51adda621918
Reviewed-on: https://chromium-review.googlesource.com/563626
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46497}
This reverts commit 3f22832be7.
Reason for revert: Layout tests:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/16849
Original change's description:
> [builtins] Port Map and Set iterators to CodeStubAssembler.
>
> This is the next step towards faster Map and Set iteration. It
> introduces the appropriate instance types for Map and Set
> iterators (following the pattern for Array iterators) and migrates
> the following builtins to the CodeStubAssembler:
>
> - Set.prototype.entries
> - Set.prototype.values
> - Map.prototype.entries
> - Map.prototype.keys
> - Map.prototype.values
> - %SetIteratorPrototype%.next
> - %MapIteratorPrototype%.next
>
> This already provides a significant performance boost for regular
> for-of iteration of Sets and Maps, by a factor of 5-10 depending
> on the input. The final step will be to inline some fast-paths
> into TurboFan.
>
> Drive-by-fix: Remove obsolete %IsJSSetIterator and %IsJSMapIterator
> intrinsics and runtime functions.
>
> Bug: v8:6571, chromium:740122
> Change-Id: Iad7a7dec643d8f8b5799327f89a351108ae856bf
> Reviewed-on: https://chromium-review.googlesource.com/563399
> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#46492}
TBR=jgruber@chromium.org,bmeurer@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:6571, chromium:740122
Change-Id: Iadb48d72e3b85ec8ad880e50ab7912c5502caf07
Reviewed-on: https://chromium-review.googlesource.com/564419
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46495}
This is the next step towards faster Map and Set iteration. It
introduces the appropriate instance types for Map and Set
iterators (following the pattern for Array iterators) and migrates
the following builtins to the CodeStubAssembler:
- Set.prototype.entries
- Set.prototype.values
- Map.prototype.entries
- Map.prototype.keys
- Map.prototype.values
- %SetIteratorPrototype%.next
- %MapIteratorPrototype%.next
This already provides a significant performance boost for regular
for-of iteration of Sets and Maps, by a factor of 5-10 depending
on the input. The final step will be to inline some fast-paths
into TurboFan.
Drive-by-fix: Remove obsolete %IsJSSetIterator and %IsJSMapIterator
intrinsics and runtime functions.
Bug: v8:6571, chromium:740122
Change-Id: Iad7a7dec643d8f8b5799327f89a351108ae856bf
Reviewed-on: https://chromium-review.googlesource.com/563399
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46492}
This CL refactors the internal representation of JavaScript-exposed
WebAssembly objects to be more like other such objects in V8. By introducing
a new instance type for each of the JS-exposed types, we get more robust
typechecking without using embedder fields (which were previously used
when these objects where instance type JS_API_OBJECT).
In addition to the new instance types, the subclasses X of JSObject
(WasmInstanceObject, WasmMemoryObject, WasmModuleObject, WasmTableObject)
now have appropriate Is##X() methods on Object and are now robust.
BUG=v8:6547
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_rel_ng
Review-Url: https://codereview.chromium.org/2964943002
Cr-Commit-Position: refs/heads/master@{#46475}
https://chromium-review.googlesource.com/561001 was not sufficient,
because we don't use the --gerrit flag in V8 anymore.
Now we explicitly pass an option for private upload.
TBR=hablich@chromium.org,tandrii@chromium.org
NOTRY=true
Bug: v8:6574
Change-Id: Ib8e2883795f26f22ac47e648b37c47f3a0a60a40
Reviewed-on: https://chromium-review.googlesource.com/561378
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46439}
jtt will now print the complete transition tree of a given Map in gdb.
Change-Id: I07031dd3d463bec0072e8ac696406279ff057489
Reviewed-on: https://chromium-review.googlesource.com/558257
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46437}
