AuroraMiddleware/v8 - v8 - Gitea: Git with a cup of tea

Author	SHA1	Message	Date
Tobias Tebbi	c2430b4ff2	Revert "[heap] Disable map space with --future" This reverts commit `74c68e2a04`. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/21353/overview Original change's description: > [heap] Disable map space with --future > > Original CL got reverted, this time the failing test should be fixed. > > Bug: v8:12578 > Change-Id: Id2d8801f07742e8b00884fefec8200e4270f4250 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3657434 > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80668} Bug: v8:12578 Change-Id: I2ee20c79ec09ff4f7bece6ddcc1c3a5cd9351223 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647692 Owners-Override: Tobias Tebbi <tebbi@chromium.org> Auto-Submit: Tobias Tebbi <tebbi@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80669}	2022-05-20 14:47:24 +00:00
Dominik Inführ	74c68e2a04	[heap] Disable map space with --future Original CL got reverted, this time the failing test should be fixed. Bug: v8:12578 Change-Id: Id2d8801f07742e8b00884fefec8200e4270f4250 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3657434 Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80668}	2022-05-20 13:22:44 +00:00
Michael Lippautz	6fe9ea3a02	[cppgc-js] Delay reading flags until first GC Unfortunately heap setup happens before setting up flags in practice. This means that flags such as `--single-threaded-gc` were not respected properly for Oilpan. Delay the setup until the GC is actually triggered. Bug: chromium:1326723 Change-Id: Icabe7ecf27e879bd44bba5e09ca176beb012c58a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3657430 Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80667}	2022-05-20 13:08:27 +00:00
Marja Hölttä	0d57c9a863	[web snap] Fix context tree serialization Enforce the parent context has a smaller id, this time more forcefully. Bug: v8:11525,v8:12820 Change-Id: I05bf675545b81b818eebfcaa40ee6bb93f5bcf9e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652792 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80666}	2022-05-20 12:21:50 +00:00
Samuel Groß	67aff19c27	[sandbox] Expose Memory Corruption API on sandbox bots These bots should run sandbox tests in the future, for which the memory corruption API will be required. Bug: v8:12878 Change-Id: Ib64bfb0ae080016db6d1629f375d2a71a20d70b4 Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3657427 Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Samuel Groß <saelo@chromium.org> Auto-Submit: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#80665}	2022-05-20 12:20:48 +00:00
Tobias Tebbi	a0fbb0b2cb	Revert "[heap] Disable map space with --future" This reverts commit `4ba3b51542`. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20no-concurrent-marking/8900/overview Original change's description: > [heap] Disable map space with --future > > Bug: v8:12578 > Change-Id: If0253a2feb383d6ef313729bf99b489eb9436303 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652794 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80660} Bug: v8:12578 Change-Id: I9ccfc2641b29539a29258a6517824cdd5a5709d5 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3657432 Owners-Override: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80664}	2022-05-20 12:12:24 +00:00
Andy Wingo	838d32152a	[wasm] Simplify table.get, table.set in liftoff compiler A fixup to https://chromium-review.googlesource.com/c/v8/v8/+/3644961 that I had neglected to address then. Whoops! Change-Id: Id0f2721e6cdfb3493b5d11043f6a6a3273e1fc09 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652790 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#80663}	2022-05-20 11:57:45 +00:00
Igor Sheludko	e23c5aea00	Reland^2 "[rwx][mac] Enable fast W^X on Apple Silicon (M1)" This is a reland of commit `e8cac3776e` The proxy resolver issue is fixed in a separate CL. Original change's description: > [rwx][mac] Enable fast W^X on Apple Silicon (M1) > > Bug: v8:12797 > Change-Id: I53bb803dd77db5bdd42b1a1b4b568e63857adf31 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3598861 > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Commit-Queue: Igor Sheludko <ishell@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80396} Bug: v8:12797 Change-Id: Icd897d3f3ff1f1bcfdb9e874e13f6a654c985fc8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3650925 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#80662}	2022-05-20 11:22:17 +00:00
Jakob Kummerow	86be87df9c	[bigint] Fix object literal property keys like `0x0n` Fixed: chromium:1327321 Change-Id: I4868e0127b9dd14a0812cafca1681280534faa46 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652788 Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Auto-Submit: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#80661}	2022-05-20 11:21:15 +00:00
Dominik Inführ	4ba3b51542	[heap] Disable map space with --future Bug: v8:12578 Change-Id: If0253a2feb383d6ef313729bf99b489eb9436303 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652794 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#80660}	2022-05-20 11:10:28 +00:00
Samuel Groß	4a12cb1022	[sandbox] Add new Memory Corruption API When enabled, this API exposes a new global 'Sandbox' object which contains a number of functions and objects that in effect emulate typical memory corruption primitives constructed by exploits. In particular, the 'MemoryView' constructor can construct ArrayBuffers instances that can corrupt arbitrary memory inside the sandbox. Further, the getAddressOf(obj) and getSizeInBytesOf(obj) functions can be used respectively to obtain the address (relative to the base of the sandbox) and size of any HeapObject that can be accessed from JavaScript. This API is useful for testing the sandbox, for example to facilitate developing PoC sandbox escapes or writing regression tests. In the future, it may also be used by custom V8 sandbox fuzzers. Bug: v8:12878 Change-Id: I4e420b2ff28bd834b0693f1546942e51c71bfdda Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3650718 Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#80659}	2022-05-20 11:09:25 +00:00
Leszek Swirski	58d19ed76a	[compiler-dispatcher] Fix double ShouldYield call Fixed: v8:12886 Change-Id: I729f6f11be3befa573ac6a201dc91e3d5f2eebc1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652791 Commit-Queue: Clemens Backes <clemensb@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#80658}	2022-05-20 10:14:58 +00:00
Liu Yu	207f489fc5	[mips][liftoff] Fix atomic ops implementation error LLd and Scd should be used for StoreType::kI64Store* types. Change-Id: Ic645c9149c7ade95e0a36acadb48d246ee817469 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3655179 Auto-Submit: Yu Liu <liuyu@loongson.cn> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Cr-Commit-Position: refs/heads/main@{#80657}	2022-05-20 09:33:54 +00:00
Dominik Inführ	407218d60a	[heap] Combine write barrier flag checks Adding the shared heap write barrier caused regressions on some benchmarks. Presumably this is because the compiler can't merge the fast paths of the generational and shared heap write barrier. This CL therefore introduces a CombinedHeapBarrier that manually unifies the fast path for the marking, generational and shared heap write barrier. This should make the barrier easier to optimize for the compiler. In particular it should help to ensure that page flags don't need to be loaded multiple times in a single full write barrier. Bug: chromium:1326446, v8:11708 Change-Id: Iacd487f1263491cf4c05f25e004233a52b7c45a6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644964 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#80656}	2022-05-20 08:54:34 +00:00
Jakob Kummerow	ac3c8f8ff2	[wasm-gc] Bump array.init limit to 10,000 By popular demand. Bug: v8:7748 Change-Id: I6892d5cb92066ecc56574b5f27a09088c692e071 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3650927 Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> Auto-Submit: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#80655}	2022-05-20 08:51:47 +00:00
Andy Wingo	b48262d719	[stringrefs] Add generalized UTF-8 decoder / validator Bug: v8:12868 A slight modification to the existing DFA-based UTF-8 allocator to allow decoding surrogates, for use in decoding WTF-8. We'll need to additionally constrain the decoder to disallow surrogate pairs. Change-Id: Ifddbf08d4eeeff8f270df52a68f01769ea790eec Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652787 Commit-Queue: Andy Wingo <wingo@igalia.com> Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#80654}	2022-05-20 08:05:04 +00:00
Samuel Groß	0440123e30	[sandbox] Enable sandboxed pointers on sanitizer builds With crrev.com/c/3641564, Chromium now uses PartitionAlloc for ArrayBuffer allocations even if one of the sanizier tools (e.g. ASan) is enabled. As such, sanitizer builds are now compatible with the sandbox. Bug: chromium:1218005 Change-Id: I100bf3ef442c556652fb00dd6c09d06b167e6577 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652785 Commit-Queue: Samuel Groß <saelo@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80653}	2022-05-20 06:18:23 +00:00
v8-ci-autoroll-builder	a0bbd00112	Update ICU Rolling v8/third_party/icu: `585942f..1c67b4e` CP PR2090 to remove ATOMIC_VAR_INIT (Frank Tang) https://chromium.googlesource.com/chromium/deps/icu/+/1c67b4e Disable -Wambiguous-reversed-operator in ICU. (Peter Kasting) https://chromium.googlesource.com/chromium/deps/icu/+/3272ffe R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com,ftang@chromium.org Change-Id: I1a35eadab7a580b6f447af17fc75981723e89d22 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3656643 Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80652}	2022-05-20 05:55:26 +00:00
Pan, Tao	54191d0887	[cleanup] Remove abandoned osr_code_cache_state from SFI All user of osr_code_cache_state had been removed. Change-Id: I08a4783e47c900617b53ba789d267fb9a0bd1e92 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652276 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Tao Pan <tao.pan@intel.com> Cr-Commit-Position: refs/heads/main@{#80651}	2022-05-20 03:54:06 +00:00
v8-ci-autoroll-builder	599b415bd3	Update V8 DEPS. Rolling v8/build: `62419bc..399520d` Rolling v8/buildtools: `7208edd..a5fa465` Rolling v8/buildtools/third_party/libc++abi/trunk: `75a3853..3e4d383` Rolling v8/buildtools/third_party/libunwind/trunk: `837a94e..c9b2288` Rolling v8/third_party/depot_tools: `ab4d2e3..bd80a1b` Rolling v8/third_party/fuchsia-sdk/sdk: version:8.20220518.3.1..version:8.20220519.0.1 Rolling v8/tools/clang: `6e492e7..bec960d` Rolling v8/tools/luci-go: git_revision:d3db74920e35147955be43f62b5f4ed0cf84c614..git_revision:0ef9351a5b73943d547fb27d463d5f4a1572727f Rolling v8/tools/luci-go: git_revision:d3db74920e35147955be43f62b5f4ed0cf84c614..git_revision:0ef9351a5b73943d547fb27d463d5f4a1572727f R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I0eb24c3dcae59d3d9f7a1049fd42c984f8d0440c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3654637 Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80650}	2022-05-20 03:53:04 +00:00
Shu-yu Guo	658286989f	[Error.cause] Remove --harmony-error-cause Error.cause has shipped since M93. Bug: chromium:1192162 Change-Id: Ib6019f5796cc41447af70c325c90136bcbd774ab Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3624981 Commit-Queue: Shu-yu Guo <syg@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80649}	2022-05-20 00:21:19 +00:00
Andy Wingo	e43a2540ab	[wasm] table.get, set only calls out to C++ for function tables Avoid a run-time dispatch for tables that don't contain subtypes of funcref. Change-Id: I27a55c378b0a4fcd98e77f8ff45ae9972c9d095a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644961 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Andy Wingo <wingo@igalia.com> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#80648}	2022-05-19 19:40:14 +00:00
Milad Fa	59cd199d51	PPC/s390: [wasm-relaxed-simd] Add liftoff min/max operations on Arm and Arm64 Port `0236d7b5b4` Original Commit Message: Instruction lowering on ARM uses pmin/pmax as there is no hardware support. More details here: https://github.com/WebAssembly/relaxed-simd/issues/33 R=gdeepti@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: Ifbee1c0485ae47939fc070121ed6e0abd01c3547 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3654562 Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#80647}	2022-05-19 17:09:24 +00:00
Igor Sheludko	86656444a2	[rwx][mac] Fix jitless mode, pt.2 ... when com.apple.security.cs.allow-jit entitlement is not enabled. Bug: v8:12797, chromium:1324829 Change-Id: I660008e1f8abbac3436dd78ea90937971599b5d0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644960 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80646}	2022-05-19 17:05:14 +00:00
Seth Brenith	16a7150bae	Reland "Disable recompilation of existing Scripts from Isolate compilation cache" This is a reland of commit `a76072217a` The bug exposed by landing this change the first time has been fixed separately in https://crrev.com/c/3654413 . Original change's description: > Disable recompilation of existing Scripts from Isolate compilation cache > > My previous change https://crrev.com/c/3597106 led to some performance > regressions in time spent on parsing and compilation. This change > disables the ability to recompile an existing uncompiled Script, as an > attempt to both fix the regressions and isolate which part of the > previous change was the cause of those problems. > > Bug: v8:12808, chromium:1325566, chromium:1325567, chromium:1325601 > Change-Id: Ifa086bf27070da8f4b3c0e4415af5ca7b6706b0a > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652252 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> > Cr-Commit-Position: refs/heads/main@{#80616} Bug: v8:12808, chromium:1325566, chromium:1325567, chromium:1325601 Change-Id: Ib31864bef90ff3340d1dfd4e25e21bef121f2d49 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3655011 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/main@{#80645}	2022-05-19 16:50:14 +00:00
Clemens Backes	4a6e65bf56	[wasm] Avoid HandleScope when triggering tier-up Triggering tier-up can happen very often, so the runtime function should be as slim as possible. This CL adds two DisallowGarbageCollection scopes and removes a HandleScope which was unnecessarily created. R=jkummerow@chromium.org Bug: v8:12281 Change-Id: I43e7f2b449630856ac8dfb36d294fbd29191d0eb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652300 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#80644}	2022-05-19 16:43:05 +00:00
Toon Verwaest	6e79970f17	[maglev] Convert smi->int32 constant Bug: v8:7700 Change-Id: I4a772e0b2b821376ba75afd587694e130f059089 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647831 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80643}	2022-05-19 15:09:14 +00:00
Issack John	a679edbb6e	JSON.parse errors made user-friendly part 2 Part of the improve error messages initiative. Based on a resource of JSON.parse() errors found at https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Errors/JSON_bad_parse added support for: - 'Bad control character in string literal' - 'Bad Unicode escape' Previously JSON.parse('"a\bz"') would output: SyntaxError: Unexpected token in JSON at position 2 Now the output is: SyntaxError: Bad control character in string literal in JSON at position 2 Previously JSON.parse("[\"\\t\\u") would output: SyntaxError: Unexpected end of JSON input Now the output is: SyntaxError: Bad Unicode escape in JSON at position 6 Bug: v8:6551 Change-Id: I3ba5450c41b8a388643a15bc58e4e3fc75855d13 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652254 Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Issack John <issackjohn@microsoft.com> Cr-Commit-Position: refs/heads/main@{#80642}	2022-05-19 15:07:03 +00:00
Stephen Roettger	1da4b373a7	Replace more args.set_at usages with ChangeValueScope args.set_at lead to a vulnerability in the past where the caller (ignition) didn't expect the callee to overwrite the arguments. The current usage doesn't look like an issue, but let's preemptively remove these usages so that they don't lead to issues in the future. Change-Id: I64e1f84ad1833b2b2f96cd7503bdde00f344404c Bug: chromium:1268738 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644965 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Stephen Röttger <sroettger@google.com> Cr-Commit-Position: refs/heads/main@{#80641}	2022-05-19 14:59:44 +00:00
Liu Yu	44e1d129e2	[loong64][mips] Remove a useless declaration of Operand Change-Id: Ib4039ede294fe3c108cd49c45a7a5e36a6f51780 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3653714 Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Auto-Submit: Yu Liu <liuyu@loongson.cn> Cr-Commit-Position: refs/heads/main@{#80640}	2022-05-19 14:20:44 +00:00
Stephen Roettger	4d6ddf1b5f	Remove deprecated AccessorSignatures Bug: chromium:1310790 Change-Id: I739161f47fc1fc32d832f106d5ef6b7df4aed213 Fixed: chromium:1310790 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3654096 Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Stephen Röttger <sroettger@google.com> Cr-Commit-Position: refs/heads/main@{#80639}	2022-05-19 14:15:54 +00:00
Manos Koukoutos	3904606c1a	[wasm] Move and add functionality to WasmGraphAssembler Specifically, move numeric conversions from WasmGraphBuilder, and add functionality for traps. These will be used in wasm-gc lowering phases. Change-Id: I73f0dab28d87db8f1c4c339ea3d871f262e270ab Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3654101 Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80638}	2022-05-19 14:13:23 +00:00
Seth Brenith	2df4d58a9e	Fix rehashing of script compilation cache The script compilation cache contains weak pointers to Script objects as its keys. When doing a rehashing operation, any hash table needs the ability to get the hash code for every entry in the table. However, if the weak pointer was cleared from a key, there is no longer any way to get the hash code for that entry. In https://crrev.com/c/3597106 , I attempted to solve this problem by deleting all entries whose keys contain cleared weak pointers prior to rehashing, but the implementation has a bug: when resizing, the new table is allocated after deleting the entries with cleared keys, so if that allocation triggers a GC, the table can once again have entries with cleared keys. This could be solved in a variety of ways, such as: 1. Iterate the entries again and delete those with cleared keys, after allocating the new table but before calling Rehash() to copy data into that new table. This means we can't directly use HashTable::EnsureCapacity, which normally does both the allocation and the rehashing. 2. Return a bogus hash code for entries whose keys contain cleared weak pointers. This is simple but risks poor distribution of data after rehashing. 3. Implement custom rehashing which can avoid copying entries with cleared keys, rather than reusing the rehashing implementation from HashTable. 4. Include the hash value in every key, so a consistent hash value is available even after the weak Script pointer has been cleared. The fourth option sounds like the lowest risk to me, so this change implements that option. Bug: v8:12808 Change-Id: I6b19b9c8af67dcfc31b74842ba581dd141e18845 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3654413 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/main@{#80637}	2022-05-19 12:58:54 +00:00
Samuel Groß	d812c9a977	[sandbox] Shrink sandbox on Android to 128GB The majority of 64-bit Android devices appear to be using a 40-bit address space, i.e. 512GB for userspace. Allocating a 256GB sandbox (plus 2x 32GB guard regions) may take too much of the address space and cause the creation of other address space reservations (e.g. the cppgc caged heap), which are created per worker, to fail later on. In general, we should try to limit the sandbox size to less than 1/4 of the address space, so this CL shinks the sandbox on Android to 128GB. Bug: chromium:1327131 Change-Id: Ib48b45506ad6a7a5e15b95115c7642bf62a68fa1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652783 Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#80636}	2022-05-19 11:35:23 +00:00
Clemens Backes	16fb5ccfa5	[wasm] Add comment about WasmOpcode encoding As a follow-up to https://crrev.com/c/3625835, document how we internally encode Wasm opcodes in the WasmOpcode enum. In particular, it's important for the mapping to be bijective. R=thibaudm@chromium.org CC=gdeepti@chromium.org Bug: v8:12284 Change-Id: Ic4bcd70211e83b1eabb45204bdcce3209a4432b3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647360 Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/main@{#80635}	2022-05-19 10:40:05 +00:00
Clemens Backes	63f42852cc	[wasm] Minor fixes to priority compilation units This fixes a few minor issues in the handling of priority top-tier compilation units, and adds some comment. 1) We document the current design around priority top-tier units. 2) We simplify the code to increase the priority a bit, and make sure to avoid integer overflows. 3) We reorder two statements to first increase the outstanding_top_tier_functions_ counter before adding a new unit, in order to avoid starting to execute a top-tier unit when the counter is 0, which would be an inconsistent state. R=ahaas@chromium.org Bug: v8:12880 Change-Id: I67bd71135f34b793ea5cf064108668fb72c7e345 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3654097 Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#80634}	2022-05-19 10:34:43 +00:00
Clemens Backes	6a977bd1fd	[wasm] Deprecate "dynamic tiering enabled" callback Dynamic tiering is now enabled by default, and the origin trial is expired, so the callback can be removed. The callback was already never called, because the flag value is always checked first. R=ahaas@chromium.org, mlippautz@chromium.org Bug: v8:12281 Change-Id: I58eaa210c86024128328a13ba07bb8fc1b437841 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644951 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#80633}	2022-05-19 09:59:43 +00:00
Manos Koukoutos	15d83bff30	[wasm-gc] Enable decompression optimization This gives a small speedup for wasm-gc programs. Bug: v8:7748 Change-Id: I4a172251ab85e2a5e030ee5cae97db9e3655f5cd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3654095 Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80632}	2022-05-19 09:05:13 +00:00
Peter Kasting	e80779d299	Fixes for C++20 mode. * "volatile" on by-value params is deprecated. Remove. * ICU has decided not to fix a warning about rewritten comparison operators. Work around. This is ugly, but the alternative is disabling the warning entirely for this file or all of v8, which seem worse. Bug: chromium:1284275 Change-Id: Ia90ae439fc56c3970da539d4ae3a64927ec4357b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652575 Auto-Submit: Peter Kasting <pkasting@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#80631}	2022-05-19 08:53:03 +00:00
Marja Hölttä	8dcc6f8135	[web snap] More consistently allow frozen / sealed elements The frozenness / sealednes is not yet serialized & deserialized, but this allows prototyping web snap in contexts where frozen / sealed elements occur. Bug: v8:11525, v8:12820 Change-Id: I8fb788bd3d1a1ec3e6b47610c69230cc900033b2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652779 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80630}	2022-05-19 08:41:53 +00:00
Tobias Tebbi	bc00836ef0	[turbofan] fold repeated essentially-pure operations This improves a pattern that appears in the SunSpider base64 benchmark. Change-Id: I1b5f4535d24d8a39cc480508d1e11c8e92e0135c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3654098 Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Auto-Submit: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#80629}	2022-05-19 08:16:03 +00:00
Liu Yu	b5d6997af4	[loong64][mips][wasm-relaxed-simd] Add liftoff min/max operations on Arm and Arm64 Port commit `0236d7b5b4` Bug: v8:12284 Change-Id: I8ce66d3e4d61e8cc446364fbc1b1ba7d6036fca7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3653715 Auto-Submit: Yu Liu <liuyu@loongson.cn> Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Cr-Commit-Position: refs/heads/main@{#80628}	2022-05-19 06:42:25 +00:00
Frank Tang	5354d8a1c6	[Temporal] Add PlainYearMonth.prototype.toJSON Also add AOs: TemporalYearMonthToString Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plainyearmonth.prototype.tojson https://tc39.es/proposal-temporal/#sec-temporal-temporalyearmonthtostring Bug: v8:11544 Change-Id: Ibe8bd20ae5eb5b7721e50cf5386c20d8d23e18e6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3437894 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80627}	2022-05-19 05:06:23 +00:00
v8-ci-autoroll-builder	04359996f4	Update V8 DEPS. Rolling v8/build: `5b615fa..62419bc` Rolling v8/buildtools/linux64: git_revision:bf4e17dc67b2a2007475415e3f9e1d1cf32f6e35..git_revision:c547ca1497e3ff0dcbc0b2cb036b3d40380cbeeb Rolling v8/buildtools/third_party/libc++abi/trunk: `b682786..75a3853` Rolling v8/buildtools/third_party/libunwind/trunk: `44c86bb..837a94e` Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/ecd2da3..8111049 Rolling v8/third_party/depot_tools: `8fb649c..ab4d2e3` Rolling v8/third_party/fuchsia-sdk/sdk: version:8.20220516.3.1..version:8.20220518.3.1 Rolling v8/third_party/zlib: `7085d03..2fe249a` Rolling v8/tools/clang: `56af55b..6e492e7` R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: Ie312502b162d4244148f4345649c3a7f1d0a7f65 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3654580 Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80626}	2022-05-19 03:54:43 +00:00
Lu Yahan	e868f793e1	[riscv64][wasm-relaxed-simd] Add liftoff min/max operations on RISCV64 Port commit `0236d7b5b4` Bug: v8:12284 Change-Id: I5a1c7b7a50c45e0d768ee3e200a2c25dbfcc8b36 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3654978 Reviewed-by: ji qiu <qiuji@iscas.ac.cn> Auto-Submit: Yahan Lu <yahan@iscas.ac.cn> Commit-Queue: Yahan Lu <yahan@iscas.ac.cn> Commit-Queue: ji qiu <qiuji@iscas.ac.cn> Cr-Commit-Position: refs/heads/main@{#80625}	2022-05-19 03:10:13 +00:00
Frank Tang	0b44a86009	[Temporal] Add PlainMonthDay.prototype.toJSON Also add AO: TemporalMonthDayToString Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plainmonthday.prototype.tojson https://tc39.es/proposal-temporal/#sec-temporal-temporalmonthdaytostring Bug: v8:11544 Change-Id: Ibbc5b28a9c73474f7edc1b67c9beabf5bca54dbc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3437891 Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80624}	2022-05-19 02:44:13 +00:00
jiepan	852e075639	[wasm-simd][x64] Optimize I8x16Shuffle if one input is S128Zero If b is S128Zero, Shuffle(a,b,s) can be optimized to Swizzle(a,s). By setting s[i] to 0x80, we can avoid access b. If a is S128Zero, we can swap a and b first. If one input of I8x16Shuffle is S128Zero, this patch can save ~60% instructions(7 of 12), and more than 30% improvement is observed in local microbenchmarks. Change-Id: I5953fa9064e01203cd4cf423c55dd5ed33cad57e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3544992 Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Jie Pan <jie.pan@intel.com> Cr-Commit-Position: refs/heads/main@{#80623}	2022-05-19 01:26:03 +00:00
Frank Tang	a5697616eb	[Temporal] Add PlainDate.prototype.toJSON Also add AOs: PadISOYear, FormatCalendarAnnotation, TemporalDateToString Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaindate.prototype.tojson https://tc39.es/proposal-temporal/#sec-temporal-padisoyear https://tc39.es/proposal-temporal/#sec-temporal-formatcalendarannotation https://tc39.es/proposal-temporal/#sec-temporal-temporaldatetostring Change the ISODateTimeWithinLimits from -8.64 × 10^21 - 8.64 × 10^16, 8.64 × 10^21 + 8.64 × 10^16 to -8.64 × 10^21 - 8.64 × 10^13, 8.64 × 10^21 + 8.64 × 10^13 per https://github.com/tc39/proposal-temporal/pull/1723 Change to use AppendCStringLiteral instead of AppendCharacter when appropriate. Bug: v8:11544 Change-Id: I01f22657b2c3e5aacbea790593d7e9f60076ec74 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3438379 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80622}	2022-05-19 01:22:23 +00:00
Deepti Gandluri	0236d7b5b4	[wasm-relaxed-simd] Add liftoff min/max operations on Arm and Arm64 Instruction lowering on ARM uses pmin/pmax as there is no hardware support. More details here: https://github.com/WebAssembly/relaxed-simd/issues/33 Bug: v8:12284 Change-Id: I075d4a6660afc4418fcc91c5d48e8e9096536dc9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3646075 Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#80621}	2022-05-18 23:22:03 +00:00
Milad Fa	e49f00d4bd	Fix compilation error with gcc Fix for the following minor issue: ``` error: variable 'first_output_index' set but not used ``` Change-Id: Iccc5e15db62a5768ba6f3742f3c4d7123f493c65 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652093 Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#80620}	2022-05-18 20:29:10 +00:00

1 2 3 4 5 ...

75261 Commits