Commit Graph

30621 Commits

Author SHA1 Message Date
Marja Hölttä
2b2ce1d8be [rab/gsab] Tests for Array.p methods, part 7
In this part: sort

Bug: v8:11111
Change-Id: Idd1e7552b4cdda0cdec610189391dbb729c94cdf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3742703
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81599}
2022-07-08 07:32:50 +00:00
Marja Hölttä
3483b970eb [rab/gsab] Fix flag mismatch in serialized data
Bug: v8:11111,chromium:1339648
Change-Id: I3b472f74f37a4e1514ce20635b16970e95a36e15
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3735162
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81598}
2022-07-08 07:08:10 +00:00
Andy Wingo
3f7c53b017 [stringrefs] Implement string.encode_wtf8_array
Bug: v8:12868
Change-Id: Ide772c6e480783931942f6c02eb3e57dd3adf508
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3751201
Commit-Queue: Andy Wingo <wingo@igalia.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81597}
2022-07-08 06:50:40 +00:00
Marja Hölttä
0a8bd76651 [rab/gsab] Tests for Array.p methods, part 6
In this part: shift, unshift, reverse

Bug: v8:11111
Change-Id: I13c156dc401b6a90b3bcccd9261b7240d8dc7498
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3740720
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81596}
2022-07-08 06:40:00 +00:00
Michael Achenbach
f7b98adffd [test] Mark slow test
The test mjsunit/wasm/shared-memory-worker-gc is too slow on the gcov
bot.

No-Try: true
Bug: v8:13005
Change-Id: Idac2a6df836c981195d61f9c2737c06d548edb28
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3751204
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81587}
2022-07-07 14:39:01 +00:00
Andy Wingo
43cef7a627 [stringrefs] Encoding instructions return code units written
See https://github.com/WebAssembly/stringref/issues/24.

Bug: v8:12868
Change-Id: Ib3854625aa18ae0e59f8d62d04e7132ca7381f60
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3749179
Commit-Queue: Andy Wingo <wingo@igalia.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81582}
2022-07-07 11:39:41 +00:00
Samuel Groß
818a36bb9d [sandbox] Sandboxify WasmInstanceObject::globals_start
This field points to the start of an ArrayBuffer backing store, which
is guaranteed to be located inside the sandbox if it is enabled. As
such, this simply turns the field into a sandboxed pointer field.

Bug: chromium:1342548
Change-Id: I5a76e23cfc83b2a04cd461def1cd04337ccf5cf7
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3749190
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81579}
2022-07-07 10:57:29 +00:00
Samuel Groß
6ec763657a Delete PartiallyReservedSandboxPageAllocation test
Page allocation in a partially-reserved sandbox is generally best-effort
once the reserved part is fully allocated, which happens in this test.
As such, there is no guarantee that this test succeeds, and it does seem
to fail in practice on some bots with memory sanitizers enabled. The
same logic is essentially tested by the
VirtualAddressSpaceTest.TestEmulatedSubspace test so simply deleting
this test should be fine.

Bug: v8:13040
Change-Id: I1469bd9d2e330a6e834bb565ce4e7f5985be28a9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3749180
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Auto-Submit: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81578}
2022-07-07 10:43:52 +00:00
Andy Wingo
8aa97d5a5a [stringrefs] Expand domain of string.eq to include null values
See https://github.com/WebAssembly/stringref/pull/32.

Bug: v8:12868
Change-Id: Ia804809b01eb06163c4477b3f06ac09e016b6277
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3747875
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andy Wingo <wingo@igalia.com>
Cr-Commit-Position: refs/heads/main@{#81572}
2022-07-07 07:41:37 +00:00
Andy Wingo
d29e9e005e [stringrefs] stringview_wtf16.slice end position is exclusive
See https://github.com/WebAssembly/stringref/pull/31.

Bug: v8:12868
Change-Id: Iefe6b8e6c1b6f2eed8a2aca1818d5edbf6ab48ae
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3747874
Commit-Queue: Andy Wingo <wingo@igalia.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81571}
2022-07-07 07:33:17 +00:00
Andy Wingo
cd33c3780e [stringrefs] Rename stringview_iter.cur to stringview_iter.next
See https://github.com/WebAssembly/stringref/pull/29.

Bug: v8:12868
Change-Id: I5a1e3662a7c3457c6835d7dfccf3a1583ef49f2a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3747873
Commit-Queue: Andy Wingo <wingo@igalia.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81570}
2022-07-07 06:27:47 +00:00
Matthias Liedtke
a4fdd9f5de [wasm][test] test-gc.cc: Replace struct.new_with_rtt
with struct.new

Bug: v8:7748
Change-Id: Icc4868910832556f4c31081fb4af336f492db28e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3747868
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Auto-Submit: Matthias Liedtke <mliedtke@google.com>
Commit-Queue: Matthias Liedtke <mliedtke@google.com>
Cr-Commit-Position: refs/heads/main@{#81565}
2022-07-06 17:40:07 +00:00
Andy Wingo
6db9f2ba0e [stringrefs] Implement string.new_wtf16_array
See https://github.com/WebAssembly/stringref/issues/1.

Bug: v8:12868
Change-Id: Icd197b4872a72ae84878b2ac48a66f7026ab90cd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3745369
Commit-Queue: Andy Wingo <wingo@igalia.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81558}
2022-07-06 14:32:26 +00:00
Joyee Cheung
81c14eb85d [runtime] return when failed access callback doesn't throw
When the failed access callback is configured but it doesn't throw,
we should return instead of expecting an exception, otherwise
it would crash because there isn't one.

This patch also adds --throw-on-failed-access-check and
--noop-on-failed-access-check in d8 to mimic the behavior
of the failed access check callback in chromium.

Bug: chromium:1339722
Change-Id: Ie1db9d2fb364c6f8259eb9b8d81a21071c280a80
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3737305
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81557}
2022-07-06 14:01:36 +00:00
Thibaud Michaud
d0b75e25da [wasm][stack-switching] Fix nested suspenders
Fix some issues with nested suspenders:
- Fix scratch register conflict when returning from an inner suspender
- The outer suspender should stay in 'Active' state
- Suspenders should become 'Inactive' when they return

CC=ahaas@chromium.org

Bug: v8:12191
Change-Id: Ic6c6108c4f8df3d32417d7813eb04e0e2a46d27a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3743386
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81555}
2022-07-06 13:48:06 +00:00
Clemens Backes
e4f07c0997 [wasm][streaming] Check section order of code section
The streaming decoder did not properly check the ordering of sections
relative to the code section.
This CL fixes that for both empty and non-empty code sections.
The special path for empty code sections is not actually needed, so
remove it to simplify code paths.

Drive-by:
1. Refactor the existing code for checking section ordering to make it
   more structured and readable.
2. Ensure that we either call {DecodeCodeSection} or {StartCodeSection},
   but not both.
3. Remove {set_code_section}, merge it into {StartCodeSection}.
4. Simplify calls to {CalculateGlobalOffsets} (make them unconditional
   and remove one redundant one).

R=ahaas@chromium.org

Bug: chromium:1336380
Change-Id: Ia2c5c115d43d2b5315e3b3c9e4a21175a36aa326
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3747860
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81554}
2022-07-06 13:43:17 +00:00
Liu Yu
2ac469ae5d [loong64][mips64][fastcall] Support EnforceRange annotation
Port commit 8559a04f4c

Change-Id: I74bbbaddb196bba0945cc857e708534e4eb3f9b3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3747466
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Auto-Submit: Liu Yu <liuyu@loongson.cn>
Cr-Commit-Position: refs/heads/main@{#81551}
2022-07-06 12:28:25 +00:00
Michael Achenbach
a2d293b84a [build] Disable gcc warnings for unittests
This is a workaround to silence gcc failures stemming from googletest
headers.

Bug: chromium:1307180
Change-Id: Ia6eb08f170f65c2fde6e4c287f9781d9df559b35
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3738220
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81548}
2022-07-06 09:32:55 +00:00
ishell@chromium.org
cb762adc4f [tests] Skip tests that fail in --stress-snapshot mode
Bug: v8:13038
Change-Id: I98832b00523535b57cde67d4d389aa361bc19a46
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3745405
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81542}
2022-07-05 18:01:53 +00:00
Michael Lippautz
16b5842425 [cppgc] Use global OOM handler for GCInfoTable
GCInfoTable is a process-global table storing Oilpan type information.
Table operations may fail in OOM scenarios which were previously just
caught in regular CHECKs. Change to use a global OOM handler that is set
up to use V8's handler.

Bug: chromium:1283199
Change-Id: Id33263ef7cd4028d60a071f5ab3b165e59ac9593
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3745368
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81540}
2022-07-05 17:11:15 +00:00
Manos Koukoutos
32e6b48fca Reland "Remove some unused includes"
This is a reland of commit 2d74bfa4a0

Difference compared to original: Restore one needed include.

Original change's description:
> Remove some unused includes
>
> Mostly src/api, src/asmjs. src/ast, src/base, src/wasm.
>
> Bug: v8:13006
> Change-Id: If4e85afe003fda9f8a681077827c3502e939fe57
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3742702
> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81523}

Bug: v8:13006
Change-Id: I88c45059572fa25af4e0999f479ba5c28572db7f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3746077
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81539}
2022-07-05 16:44:13 +00:00
snek
d89d185fad [fastcall] expose wasm memory to cfunction
Load current Memory start/size off of the wasm instance when entering
fast calls, so they can use that info for whatever they need to do.
Fast calls from JS set the memory to null, and the memory does not
need to be piped from wasm to slow callbacks as wasm always calls
the fast function.

Change-Id: Ibfa33cdd7dba85300f95cbdacc9a56b3f7181663
Bug: chromium:1052746
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3719005
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: snek <snek@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81538}
2022-07-05 16:24:01 +00:00
Luis Fernando Pardo Sixtos
6151ae0127 [shared-struct] Support shared arrays in Atomics.{load,store,exchange}
Atomics.load, Atomics.store, and Atomics.exchange now accept shared
array objects as their 1st argument.

Currently these are implemented in C++ and not yet in CSA.

Bug: v8:12547
Change-Id: I54ed8816a696a4f45dda964739b1cfd917d39dc0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3723974
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Luis Fernando Pardo Sixtos <lpardosixtos@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#81537}
2022-07-05 15:49:01 +00:00
jameslahm
ce16c04dc3 [test] Move cctest/test-intl to unittests/
... objects/intl-unittest.

Bug: v8:12781
Change-Id: I225054f5d0071f28d5b4d1efe8698ce5d0276c0c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3725448
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#81534}
2022-07-05 14:51:00 +00:00
jameslahm
4c3f710833 [test] Move cctest/test-identity-map to unittests/
... utils/identity-map-unittest.

Bug: v8:12781
Change-Id: I875de2b1e589ec72d724a6d0745a5d615344b510
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3724792
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#81531}
2022-07-05 14:41:01 +00:00
Marja Hölttä
f3f47a9fef [super IC] Add tests for a security bug
Bug: chromium:1309467,chromium:1308360,v8:9237
Change-Id: I77b004e263a9bed98a0dfe5936bdad055bde36a6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3745365
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81530}
2022-07-05 14:17:18 +00:00
Maya Lekova
8559a04f4c Reland "[fastcall] Support EnforceRange annotation"
This is a reland of commit 84e078c6cf. It fixes an undefined behaviour and guards against NaNs in d8-test.cc.

Original change's description:
> [fastcall] Support EnforceRange annotation
>
> This CL implements checks in case EnforceRange is requested for a
> given parameter by using TryTruncate* operators. It implements 2 such
> truncations on x64 and arm64 - TryTruncateFloat64ToInt32 and
> TryTruncateFloat64ToUint32.
>
> Bug: chromium:1052746
> Change-Id: I32f34d9dc1265af568cc576663620a8f7f8245f6
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3721618
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Maya Lekova <mslekova@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81512}

Bug: chromium:1052746, chromium:1341851, chromium:1341891
Change-Id: I21e0e452c92cc93f8b06985a335f409855be0546
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3743518
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81529}
2022-07-05 14:09:21 +00:00
Jakob Kummerow
9a30c98120 [wasm] Fix max index in function names section
Fixed: chromium:1341180
Change-Id: Ib475310b18c31e5e3e0fc5e52dab736ebb6ac55a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3738745
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81527}
2022-07-05 12:32:01 +00:00
Manos Koukoutos
69c77a4ea0 Revert "Remove some unused includes"
This reverts commit 2d74bfa4a0.

Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Mac%20-%20arm64%20-%20debug%20builder/7403/overview

Original change's description:
> Remove some unused includes
>
> Mostly src/api, src/asmjs. src/ast, src/base, src/wasm.
>
> Bug: v8:13006
> Change-Id: If4e85afe003fda9f8a681077827c3502e939fe57
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3742702
> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81523}

Bug: v8:13006
Change-Id: I7579dc3805ed4cbcd56488c31450c7941b430b1a
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3746076
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81526}
2022-07-05 11:57:40 +00:00
Manos Koukoutos
2d74bfa4a0 Remove some unused includes
Mostly src/api, src/asmjs. src/ast, src/base, src/wasm.

Bug: v8:13006
Change-Id: If4e85afe003fda9f8a681077827c3502e939fe57
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3742702
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81523}
2022-07-05 11:39:01 +00:00
Manos Koukoutos
5e2174fbbc [wasm-gc] Allow array.new(_default) as constant expressions
Additional change: Allow regular expressions in assertTraps.

Bug: v8:7748
Change-Id: I3bf99faec3d4f25fcf3caa4ed310f02f03196d4d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3743483
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81518}
2022-07-05 06:20:51 +00:00
Manos Koukoutos
d9b62c1686 Revert "[fastcall] Support EnforceRange annotation"
This reverts commit 84e078c6cf.

Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/22000/overview

Original change's description:
> [fastcall] Support EnforceRange annotation
>
> This CL implements checks in case EnforceRange is requested for a
> given parameter by using TryTruncate* operators. It implements 2 such
> truncations on x64 and arm64 - TryTruncateFloat64ToInt32 and
> TryTruncateFloat64ToUint32.
>
> Bug: chromium:1052746
> Change-Id: I32f34d9dc1265af568cc576663620a8f7f8245f6
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3721618
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Maya Lekova <mslekova@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81512}

Bug: chromium:1052746
Change-Id: I2218681c7cb5d05dea6d8ac5347b19bc0070c1a6
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3743514
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Owners-Override: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81513}
2022-07-05 04:43:23 +00:00
Maya Lekova
84e078c6cf [fastcall] Support EnforceRange annotation
This CL implements checks in case EnforceRange is requested for a
given parameter by using TryTruncate* operators. It implements 2 such
truncations on x64 and arm64 - TryTruncateFloat64ToInt32 and
TryTruncateFloat64ToUint32.

Bug: chromium:1052746
Change-Id: I32f34d9dc1265af568cc576663620a8f7f8245f6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3721618
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81512}
2022-07-04 14:34:10 +00:00
Benedikt Meurer
7f20cf56e6 [debug] Report optimized out and certain TDZ values as unavailable.
This adds a new --experimental-value-unavailable flag, which is disabled
for now. When enabled the debugger reports values that are optimized out
by TurboFan and values of certain variables in Temporal Dead Zones (TDZ)
as unavailable. Internally we use a special `value_unavailable` accessor
info to represent these values, and on the debugger boundary we report
these properties with `value`, `get`, or `set`.

Doc: https://goo.gle/devtools-value-unavailable
Bug: chromium:1328681
Demo: devtools-dbg-stories.netlify.app/crbug-1328681-value-unavailable
Change-Id: Idb09a4a148335a950deae60f7c07caecc48826ba
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3627510
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81509}
2022-07-04 09:25:44 +00:00
Frank Tang
a72b10aaab [Temporal] Mark passed test to fix build.
Bug: v8:11544
No-Tree-Checks: true
Change-Id: I12b093da9f9f4f63bc67b1efaeefb735b8a6c5e4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3741001
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Auto-Submit: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81508}
2022-07-04 07:04:59 +00:00
Frank Tang
7a4a6cc6a8 [Temporal] Add toJSON, toString and non-intl version of toLocaleString to ZonedDateTime
Also add AOs: FormatISOTimeZoneOffsetString, TemporalZonedDateTimeToString, ToShowTimeZoneNameOption, ToShowOffsetOption,

Update FormatTimeZoneOffsetString to use ToZeroPaddedDecimalString

Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.tojson
https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.tolocalestring
https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.tostring
https://tc39.es/proposal-temporal/#sec-temporal-formatisotimezoneoffsetstring
https://tc39.es/proposal-temporal/#sec-temporal-temporalzoneddatetimetostring
https://tc39.es/proposal-temporal/#sec-temporal-toshowtimezonenameoption
https://tc39.es/proposal-temporal/#sec-temporal-toshowoffsetoption

The intl version of toLocaleString is not implemented in this CL yet


Bug: v8:11544
Change-Id: Id7e4f72b63864857b0b3fa8dc8dfcba0b5949faa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3688848
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81507}
2022-07-02 06:46:27 +00:00
Frank Tang
adb111b776 [Temporal] Fix PlainTime/PlainDateTime toString bugs
Bug: v8:11544
Change-Id: Iaf3d673c9746badadae082121402e723d3704189
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3719087
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81506}
2022-07-02 06:40:07 +00:00
Frank Tang
e61e019481 [Temporal] Add since/until to Instant
Also add AOs: GetTemporalUnit, NegateTemporalRoundingMode,
MaximumTemporalDurationRoundingIncrement, GetDifferenceSettings,
DifferenceInstant, DifferenceTemporalInstant

Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.instant.prototype.since
https://tc39.es/proposal-temporal/#sec-temporal.instant.prototype.until
https://tc39.es/proposal-temporal/#sec-temporal-gettemporalunit
https://tc39.es/proposal-temporal/#sec-temporal-negatetemporalroundingmode
https://tc39.es/proposal-temporal/#sec-temporal-maximumtemporaldurationroundingincrement
https://tc39.es/proposal-temporal/#sec-temporal-getdifferencesettings
https://tc39.es/proposal-temporal/#sec-temporal-differenceinstant
https://tc39.es/proposal-temporal/#sec-temporal-differencetemporalinstant

Bug: v8:11544
Change-Id: Iabcc452304366132b03bb82529159c7553c610b3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3722456
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81502}
2022-07-02 02:13:02 +00:00
Frank Tang
a63e2ddfb4 [Temporal] Add toString to Duration
Add AOs: MoveRelativeZonedDateTime,  DaysUntil, MoveRelativeDate,
RoundDuration,

Also fix bugs in CalendarDateAdd, TemporalDurationToString, IsValidDuration

Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.duration.prototype.tostring
https://tc39.es/proposal-temporal/#sec-temporal-moverelativezoneddatetime
https://tc39.es/proposal-temporal/#sec-temporal-daysuntil
https://tc39.es/proposal-temporal/#sec-temporal-moverelativedate
https://tc39.es/proposal-temporal/#sec-temporal-roundduration

Bug: v8:11544
Change-Id: I351cdb88a930f3f7b48f351549d390e5bd02d91e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3715381
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81501}
2022-07-02 01:47:22 +00:00
Ilya Rezvov
fb8cd26f27 [wasm-atomics] Use traps for rest of atomic operations OOB handling
Bug: v8:12946
Change-Id: I2c17c3258123417d616e7fc8a1521e006b758e08
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3731149
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Ilya Rezvov <irezvov@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81500}
2022-07-01 19:51:50 +00:00
Manos Koukoutos
ccc74bc64e [wasm-gc] Remove 'let' opcode
This opcode is being removed in favor of pre-declared non-defaultable
locals (details are still TBD).

Bug: v8:9495
Change-Id: I96ac053a1b5a852310c5dc0bbaeab0cbf5384663
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3738743
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81496}
2022-07-01 14:35:09 +00:00
Manos Koukoutos
bcd8bf90ff [wasm-gc] Introduce separate constructors for ref and (ref null)
Most often, the {ValueType::Ref} constructor was called with a
constant nullability. To make things more convenient, this CL renames
{Ref} to {RefMaybeNull}, and introduces {Ref} and {RefNull}
constructors with fixed nullability.

Bug: v8:7748
Change-Id: I664ff184ca936cc752e152c3c67546d79aa24390
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3732936
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81494}
2022-07-01 13:43:58 +00:00
Manos Koukoutos
a0a786656f [wasm-gc][refactor] Rename optRef -> refNull
This makes the internal V8 name consistent with the text-format name.

Bug: v8:7748
Change-Id: I44f7ac1eb5e634b4f829e596bf1f14caeb748d54
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3726291
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81491}
2022-07-01 12:33:23 +00:00
Samuel Groß
df723c28e3 Disable wasm/multiple-code-spaces test when TSAN is enabled
TSAN may cause the sandbox to fail to obtain enough virtual address
space during initialization, thereby causing it to fall back to a
smaller backing reservation. This combined with the very inefficient
ArrayBufferAllocator that is used in standalone v8 builds when the
sandbox is enabled may cause some tests to run out-of-memory earlier
than they otherwise would. For now we just disable these tests on TSAN
builds, but should be able to re-enable them once we have a better
ArrayBufferAllocator on standalone v8 builds.

Bug: v8:13009, chromium:1340224
Change-Id: I93e46e05d47a8850788504c10a6498067400128a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3738740
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81490}
2022-07-01 11:50:12 +00:00
Marja Hölttä
70bcf02494 [rab/gsab] Tests for Array.p methods, part 5
In this part: push, pop

Bug: v8:11111
Change-Id: I62ddc418acaec778270d69c9839e2236d3c8f1e4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3738259
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81483}
2022-07-01 07:55:24 +00:00
Ilya Rezvov
40daf5b14b [wasm-atomics] Prevent atomic load operation to be optimized out
Bug: chromium:1339276
Change-Id: Ice60167660fa52e84c78bb0bd9d2a2c85e0c377a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3733027
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Ilya Rezvov <irezvov@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81478}
2022-07-01 03:21:45 +00:00
Shu-yu Guo
0d6e95b43e [change-array-by-copy] Implement TypedArray.prototype.toSpliced
Bug: v8:12764
Change-Id: I5f915d1c4dad22f1ce12423f6149a85ad32d6725
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3733043
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81477}
2022-06-30 21:47:38 +00:00
Deepti Gandluri
45c29ba6a0 Disable regression test when hardware doesn't support SIMD
Bug: chromium:1338980
Change-Id: Iae76931fb375ab792659c937d673dfe65e364360
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3739339
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81476}
2022-06-30 21:29:54 +00:00
Jakob Kummerow
711b65f723 [wasm][simd][liftoff][arm] Fix f64x2.pmin/pmax
The previous combination of a conditional and an unconditional move
produced an incorrect value when dst == rhs and lhs contained the
expected result.

Fixed: chromium:1338980
Change-Id: If3f722999ed9c0ffd687736280d048d232d75736
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3738219
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81475}
2022-06-30 18:25:08 +00:00
Seth Brenith
1f97a2dfcb Reuse existing Scripts during synchronous parsing
This is a partial reland of https://crrev.com/c/3597106

With this change, an existing Script from the compilation cache can be
reused after its top-level SharedFunctionInfo was discarded, but only if
the new script is parsed on the main thread (not deserialized from code
cache data, and not parsed on a background thread).

Bug: v8:12808
Change-Id: I1edaee2095306a89e2c3b91f2fd01ac053f3c770
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3689348
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#81472}
2022-06-30 15:41:07 +00:00
Omer Katz
7626202118 [heap] Merge marking states
MinorMC maintained a separate marking state to support interleaved GCs.
Since MinorMC now assumes that interleaving is not possible, MinorMC can
use the same marking state as the full GC.

Bug: v8:12612
Change-Id: Ibeb7df2eb24e448f811b497c9d16b3b132f87ec2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3735163
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81468}
2022-06-30 14:16:48 +00:00
Jakob Kummerow
6e429dcc9b [test] Make regress-12945 pass with --predictable
Waiting for a background thread to finish a task isn't going to
work when there are no background threads. Luckily, we can sidestep
the problem by compiling with Turbofan immediately, instead of
triggering dynamic tier-up through repeated execution. As a nice bonus,
this makes the test faster in non-predictable modes too.

Fixed: v8:13020
Change-Id: I2d47bc07bbde48a210c6ea59551ae16e63bdae05
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3736443
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81459}
2022-06-30 07:38:23 +00:00
Jakob Kummerow
c63092b7ae [wasm][arm][liftoff] Fix another GetUnusedRegister
Fixed: chromium:1340488
Change-Id: Id3da10dd13256dfc15a6fef4dc412b5d30ccc8cc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3735126
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81455}
2022-06-30 03:48:27 +00:00
Frank Tang
8a14d953e2 [Temporal] Sync to PR1953 and PR1917 to fix bugs.
https://github.com/tc39/proposal-temporal/pull/1917
https://github.com/tc39/proposal-temporal/pull/1953

Bug: v8:11544
Change-Id: I667980e312248ccbaf826d4e3104fb1ddabef890
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3721464
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81453}
2022-06-30 02:36:57 +00:00
Shu-yu Guo
c00444b927 [rab/gsab] Fix toStringTag for RAB/GSAB-backed TypedArrays
Bug: v8:11111
Change-Id: I4846910d05bb5d83c964b2279efdb7cf2a4545b1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3733028
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81451}
2022-06-29 19:33:57 +00:00
Deepti Gandluri
aac1c2b533 Revert "[stringrefs] Implement string.new_wtf16_array"
This reverts commit b9821eff10.

Reason for revert: Tests fail on gc-stress: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20gc%20stress/39147/overview

Original change's description:
> [stringrefs] Implement string.new_wtf16_array
>
> See https://github.com/WebAssembly/stringref/issues/1.
>
> Bug: v8:12868
> Change-Id: Iea3940c48d5f47609ff7d32e366d2f41d2161372
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3734808
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Andy Wingo <wingo@igalia.com>
> Cr-Commit-Position: refs/heads/main@{#81448}

Bug: v8:12868
Change-Id: I7abf8817c51057d9b984175ce162364acbb41ac4
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3735894
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Auto-Submit: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81449}
2022-06-29 18:20:47 +00:00
Andy Wingo
b9821eff10 [stringrefs] Implement string.new_wtf16_array
See https://github.com/WebAssembly/stringref/issues/1.

Bug: v8:12868
Change-Id: Iea3940c48d5f47609ff7d32e366d2f41d2161372
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3734808
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andy Wingo <wingo@igalia.com>
Cr-Commit-Position: refs/heads/main@{#81448}
2022-06-29 16:32:26 +00:00
Andy Wingo
bd149e9fab [stringrefs] Implement string.new_wtf8_array
See https://github.com/WebAssembly/stringref/issues/1.

Bug: v8:12868
Change-Id: Ic1c9b55b1ec35c32c79d9b2cb0be243b96fc4453
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3734807
Commit-Queue: Andy Wingo <wingo@igalia.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81444}
2022-06-29 15:58:01 +00:00
Andy Wingo
7a158c3195 [stringrefs] Parse GC opcodes
Add parser support for wasm instructions that create stringrefs from GC
arrays, and which encode strings to GC arrays.

Bug: v8:12868
Change-Id: I38446855b7a55366f8107970811aec935defcdb4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3732935
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andy Wingo <wingo@igalia.com>
Cr-Commit-Position: refs/heads/main@{#81440}
2022-06-29 13:48:08 +00:00
Marja Hölttä
46bd4afee8 [rab/gsab] Tests for Array.p methods, part 4
In this part: indexOf, lastIndexOf

Bug: v8:11111
Change-Id: I51481ccf44ad6c3ebc9216c1b6cc870fda73566e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3726209
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81439}
2022-06-29 13:29:07 +00:00
Toon Verwaest
e5dd7a400e [code-cache] Add a flag to control bytecode aging limits
Change-Id: Ia09e8c4528e59116be39be12d688f5b99a34c8e7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3732938
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Auto-Submit: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81437}
2022-06-29 13:00:17 +00:00
Leszek Swirski
a1b1b75929 [gcc] More gcc build fixes
Fix some final gcc warnings:

  * Manually roll googletest to get the fix in:
    https://crrev.com/d5ad28dbe14fca51038fb8c7610f11602b98f682
  * Remove some anonymous namespaces in tests because the types in those
    anonymous namespaces ended up being visible in non-anonymous
    classes.
  * Fix a RVO breaking std::move.
  * Change some known-too-short strncpys into memcpys

Bug: chromium:1307180
Change-Id: I0f64512f77655f3740fc297bbb2087e6c039f7f3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3735122
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81436}
2022-06-29 12:27:47 +00:00
Leszek Swirski
50d2276347 [msvc] Fix build by guarding gcc pragmas
Bug: chromium:1307180
Change-Id: I45e01e172c04f5c0aac40cd84605ce52cb335cdc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3732934
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81432}
2022-06-29 09:56:07 +00:00
Frank Tang
1a5cfc20e1 [Temporal] Add toJSON, toString, and non-intl toLocaleString to Instant
Also add AOs: FormatISOTimeZoneOffsetString, TemporalInstantToString,
GetUnsignedRoundingMode, ApplyUnsignedRoundingMode, RoundTemporalInstant

Also update the RoundNumberToIncrement implementation and a BigInt version.

Fix the test setup in test/mjsunit/temporal/instant-to-json.js since fromEpochSeconds and fromEpochMilliseconds do not take BigInt

Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.instant.prototype.tojson
https://tc39.es/proposal-temporal/#sec-temporal.instant.prototype.tolocalestring
https://tc39.es/proposal-temporal/#sec-temporal.instant.prototype.tostring
https://tc39.es/proposal-temporal/#sec-temporal-temporalinstanttostring
https://tc39.es/proposal-temporal/#sec-temporal-formatisotimezoneoffsetstring
https://tc39.es/proposal-temporal/#sec-temporal-getunsignedroundingmode
https://tc39.es/proposal-temporal/#sec-temporal-applyunsignedroundingmode
https://tc39.es/proposal-temporal/#sec-temporal-roundtemporalinstant
https://tc39.es/proposal-temporal/#sec-temporal-roundnumbertoincrement

This does NOT implement the intl version of toLocaleString
specified in (notice the "sup" not "sec" after #) yet.
https://tc39.es/proposal-temporal/#sup-temporal.instant.prototype.tolocalestring

Bug: v8:11544
Change-Id: I807afd5bf550d2a65a4732a8e536056eea79cf8f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3696483
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81428}
2022-06-29 08:31:17 +00:00
Frank Tang
9262713316 [Temporal] Add round to PlainTime
Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.plaintime.prototype.round

Bug: v8:11544
Change-Id: I564cec6fdc030e3d39a9798c047534228f670dc6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3692428
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81427}
2022-06-29 08:29:07 +00:00
Thibaud Michaud
5ef3bb9b58 [wasm] Update suspender's parent on resume
Only the parent of the continuation itself was updated. Also update the
parent of the suspender

R=ahaas@chromium.org

Bug: v8:12191
Change-Id: I06684548abe70f4bbda48c12e9e8adda84e1ec27
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3726293
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81419}
2022-06-28 17:01:20 +00:00
Leszek Swirski
b0ccc6ad4f [perfetto] Skip metadata in JsonIntegrationTest
Fixes the test after a perfetto roll

Change-Id: Ib861edd1f87435b6bbc5e8b7599f118c72cc0776
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3732108
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81417}
2022-06-28 15:08:28 +00:00
Leszek Swirski
c68c724810 [gcc] Suppress array bounds warning
Suppress a gcc array bounds warning in ComputeStackLimit, where we are
very intentionally accessing a location out of bounds.

Bug: chromium:1307180
Change-Id: If4b7ce182472a761f9f619824676e5e660b0277a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3732109
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81416}
2022-06-28 14:59:36 +00:00
Manos Koukoutos
44cd69a77d [wasm][fuzzer] Adapt --wasm-fuzzer-gen-test to new format
In crrev.com/c/3714237, we changed the representation of constant
expressions in mjsunit wasm tests to byte arrays. This CL complements
this change by updating the output of --wasm-fuzzer-gen-test to the
new format.

Change-Id: I6a9d861b5abe13621ffd2ceb3a54863b0188b40c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3726294
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81414}
2022-06-28 14:19:06 +00:00
Jakob Kummerow
b9c4a84955 [wasm] Fix and harden all conditional tier-up checks
This remodels the tier-up checks on loop back edges to avoid
modifying the cache state by taking temp registers passed in
from the caller, and not causing the instance to get cached.

Additionally, this introduces FreezeCacheState scopes, which
allow us to enforce that certain ranges don't cause any cache
modifications. Conditional jumps require such a scope to be
around, which should help ensure that we don't forget to add
them to any future code we write.

Drive-by cleanup: drop {pinned} lists from a few Load helper
functions. They don't allocate registers (and shouldn't), so
they don't need to know about pinned registers.

Fixed: chromium:1339321
Change-Id: I1c7660418a85259e96c5e0dcfeaf12dab2114e8c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3724787
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81411}
2022-06-28 13:38:19 +00:00
Manos Koukoutos
fd8309e806 [wasm] Rename "initializer" expression to "constant"
Change-Id: I6f2e5fa04eba1b3c97212be945b776ebc2be5915
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3726210
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81399}
2022-06-27 12:56:41 +00:00
jameslahm
9f783f229b [test] Move cctest/test-dictionary to unittests/
... objects/dictionary-unittest.

Bug: v8:12781
Change-Id: I7faeb9fedf7857b25a85bf32f14323ba3da207c0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3706968
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#81395}
2022-06-27 12:06:50 +00:00
jameslahm
471e739b93 [test] Move cctest/test-atomicops to unittests/
... base/atomicops-unittest.

Bug: v8:12781
Change-Id: Iac23576cca9c50c2281a2d7e781dde4750e54c03
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3711344
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#81394}
2022-06-27 12:03:15 +00:00
Manos Koukoutos
114a03ac82 [wasm-gc] Rename array opcodes
Rename:
- array.init(_static) -> array.new_fixed(_static)
- array.init_from_data(_static) -> array.new_data(_static)
- array.init_from_elem_static -> array.new_elem_static
- (Wasm)ArrayInitFromSegment -> (Wasm)ArrayNewSegment

Bug: v8:7748
Change-Id: I5ea314d653dd0e9f7f1f556469794d880934e01b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3726207
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81393}
2022-06-27 11:32:39 +00:00
jameslahm
5c0a114a4f [test] Move cctest/test-access-check to unittests/
... api/access-check-unittest.

Bug: v8:12781
Change-Id: I25025af204cdeaba1ba2b690cbaf5ba93e59441f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3725447
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81392}
2022-06-27 11:31:37 +00:00
jameslahm
7a2686016d [test] Move cctest/test-persistent-handles to
... unittests/heap/persistent-handles-unittest.

Bug: v8:12781
Change-Id: I8d7abff3a34e11c920053c71a1a2c4b9c84235d9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3724791
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81391}
2022-06-27 11:30:34 +00:00
jameslahm
8dbeee0d79 [test] Move cctest/test-global-object to unittests/
... objects/global-object-unittest.

Bug: v8:12781
Change-Id: I40a8d00301531e7d1a6dce90e1226c4568c8d72c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3713521
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81390}
2022-06-27 11:29:32 +00:00
jameslahm
fda71f4cf7 [test] Move cctest/test-pointer-auth-arm64 to unittests
... /codegen/pointer-auth-arm64-unittest.

Bug: v8:12781
Change-Id: Ibce77b62650c7a5f84b62282861297b9d4b2e591
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3724790
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#81389}
2022-06-27 11:28:30 +00:00
Jakob Kummerow
917f793da2 [wasm] Add missing opcodes to OpcodeLength function
And add a test to ensure we've caught them all and won't
forget any others in the future.

Change-Id: I9bed83ada1c8991eaf08af4b34d4ccda7dc0e600
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3724788
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81388}
2022-06-27 11:22:20 +00:00
Manos Koukoutos
c0956fbd1d [wasm] Fix bugs in inlining on 32-bit platforms
- Use the lowered 32-bit signature when linking the inlined and caller
  graphs.
- Tolerate non-projection uses of Call nodes when linking the graphs.
  These can be left over by Int64Lowering.
- Drive-by: Inline really small functions even if their call count is
  low.

Bug: v8:12166
Change-Id: I5b472d3f617f2f23820a5d142102c0a6c5c769dc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3720715
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81386}
2022-06-27 10:44:49 +00:00
Michael Achenbach
accf013cb4 [test] Skip very slow test
No-Try: true
Bug: v8:12999
Change-Id: I82b1d8d3dc9ab62341f581440665964652603b92
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3720718
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81383}
2022-06-27 09:24:08 +00:00
Marja Hölttä
29e4a09ab5 [rab/gsab] Tests for Array.p methods, part 3
In this part: entries, keys, values

Bug: v8:11111
Change-Id: I2a87be21348626e34f887c71026dba1120adb7d6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3723504
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81381}
2022-06-27 09:05:17 +00:00
Andy Wingo
0257b0a3d4 [stringrefs] Fix WTF-8 rejection of surrogate pairs
Quite embarassingly, the test that the WTF-8 decoder rejects surrogate
pairs was broken: the trailing surrogate was invalid.  (The range of the
second byte for leading surrogates is [A0,AF], and for trailing is
[B0,BF]).  Of course the actual functionality was broken, because the
code that detected surrogate pairs called IsSurrogatePair with swapped
arguments.

Bug: v8:12868
Change-Id: Icab5e2e4e200afb3d34f478ab4f98b739ada5645
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3723497
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andy Wingo <wingo@igalia.com>
Cr-Commit-Position: refs/heads/main@{#81376}
2022-06-27 06:57:57 +00:00
Manos Koukoutos
1186b5c061 [wasm-gc] Path-based type tracking for wasm-gc nodes
This CL adds control-path type-tracking for wasm-gc nodes in the
WasmGCOperatorReducer. Nodes now use the types assigned to their
argument nodes, as well as the additional information tracked along
control paths.

Drive-by: Add support for multiple instances of the same node to
appear in control-path-state.

Bug: v8:7748
Change-Id: I73e8f84595609b3a5fb61a2bffeb973182d17676
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717994
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81373}
2022-06-26 12:51:47 +00:00
Frank Tang
7fa468c3c4 [test262] Roll test262
b1f49b5c46..b458b9f0c2

Bug: v8:7834
Change-Id: I6191d4533ae2046b3b132b62397bcefa597320f6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3724328
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81367}
2022-06-24 23:51:49 +00:00
Marja Hölttä
d86959d0ca [rab/gsab] Tests for Array.p methods, part 2
In this part: find, findIndex, findLast, findLastIndex

Drive-by: add missing tests for A.p.fill + detaching.

Bug: v8:11111
Change-Id: I7583ccce16bf294cc5ab6adbb7ce1f019a11ad18
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3721315
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Auto-Submit: Marja Hölttä <marja@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81366}
2022-06-24 23:50:39 +00:00
Shu-yu Guo
3c4c25dbd4 [change-array-by-copy] Implement Array.prototype.toSpliced
Drive-by: add unscopable test for Array.prototype.toReversed.

Bug: v8:12764
Change-Id: I9d7dd8d4eae6d23811382b6795c2c6ff7f76be72
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717552
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81364}
2022-06-24 22:05:39 +00:00
Shu-yu Guo
902b23272a Revert "[maglev] Add internalized string compare fast-path"
This reverts commit c4301c0489.

Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/42568/overview

Original change's description:
> [maglev] Add internalized string compare fast-path
>
> - Rename TryBuildCompareOperationBranch to TryBuildCompareOperation
> - Add CheckedInternalizedString conversion Node that checks for string
>   inputs and extracts internalised Strings from ThinStrings
> - Add BranchIfReferenceCompare Node
> - Add runtime functions to create internalised and thin Strings
> - Add deopt check to test/mjsunit/maglev/int32-branch.js
>
> Bug: v8:7700
> Change-Id: I0073c24fad9e3231c985153cd27b0b8fe6ee56f0
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3664498
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Camillo Bruni <cbruni@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81361}

Bug: v8:7700
Change-Id: Id4e18f42a5b1f0d6909b0a017ae8e289ae8c8614
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3723520
Owners-Override: Shu-yu Guo <syg@chromium.org>
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81363}
2022-06-24 19:53:09 +00:00
Camillo
c4301c0489 [maglev] Add internalized string compare fast-path
- Rename TryBuildCompareOperationBranch to TryBuildCompareOperation
- Add CheckedInternalizedString conversion Node that checks for string
  inputs and extracts internalised Strings from ThinStrings
- Add BranchIfReferenceCompare Node
- Add runtime functions to create internalised and thin Strings
- Add deopt check to test/mjsunit/maglev/int32-branch.js

Bug: v8:7700
Change-Id: I0073c24fad9e3231c985153cd27b0b8fe6ee56f0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3664498
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81361}
2022-06-24 16:38:16 +00:00
Camillo
14af9c22db [heap][deserializer] Better HeapObject alignment checks
Unaglined allocations are not fully supported in V8.

- Set USE_ALLOCATION_ALIGNMENT_BOOL to false for documentation
- Verify HeapObject address alignment requirements with --verify-heap
- Move address alignment to right after allocation in the deserializer
- Use object_size in the CheckAlignment helper to get a chance to
  figure out which allocation path we took

Bug: chromium:1330861, v8:8875
Change-Id: Iffd02d869923ccec133618250dfefb0480b02741
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717995
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81358}
2022-06-24 16:19:49 +00:00
Manos Koukoutos
930f3ffb73 [wasm][turbofan] Remove niche optimization
The optimization of a trap inside a branch is being removed. Since it
does not speed-up non-trapping programs, and it is quite narrow, it is
not worth the maintenance cost.

Bug: chromium:1338947, chromium:1338950, chromium:1339153
Change-Id: I5b3f52e2b11d4c5113dd44fe23c14d74124a15f6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3721617
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81357}
2022-06-24 15:52:49 +00:00
Manos Koukoutos
b20cd0e2a6 [wasm-gc][turbofan] Fix node typing in ref.cast optimized path
Bug: v8:7748
Change-Id: Id886fa4c734bbd826770239ea145630570915749
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3723505
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81355}
2022-06-24 13:42:49 +00:00
Manos Koukoutos
49e6633eb5 [wasm-gc] Fix bugs and improve tests for br_on_cast(_fail)
There were multiple bugs and no test coverage for br_on_cast and br_on_cast_fail, specifically for the paths in the decoder where those
checks get optimized away.

Bug: v8:7748
Change-Id: I6e5d6449152df0456b43938174f57055a4c63fdd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3723503
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81349}
2022-06-24 11:39:59 +00:00
Shu-yu Guo
258b146b1b [shared-struct] Do not depend on shared objects for optimized code
It is an invariant that objects in the shared heap never point into
per-Isolate heaps. This is currently broken by DependentCode. At the
same time, shared maps and other holders of DependentCode are designed
to never invalidate optimized code. E.g., shared maps are effectively
immutable.

This CL does two things:

1. Prevent shared objects from being depended upon
2. DCHECK that shared objects never cause deoptimization

Bug: v8:12547, v8:12761
Change-Id: I0fedae9134a8f786a9200e70f99dba7b38cd2d80
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3704809
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81340}
2022-06-23 21:22:58 +00:00
Andy Wingo
cf8fc47445 [stringrefs] Add wtf8_policy immediate to string.new_wtf8
Following change in https://github.com/WebAssembly/stringref/pull/22.
This adds two new parsing modes: a strict UTF-8 parsing mode, and a
sloppy mode that should replace invalid subsequences with U+FFFD.

Bug: v8:12868
Change-Id: I03bd8d2a3408c399ce68f7b150d7650908804113
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3719919
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andy Wingo <wingo@igalia.com>
Cr-Commit-Position: refs/heads/main@{#81337}
2022-06-23 18:45:02 +00:00
Ilya Rezvov
118dff9dcd [wasm-atomics] Use traps for atomic Load and Store OOB handling
Bug: v8:12946
Change-Id: I3d9037a6dd940fe25f737efca49835b098d55081
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3691129
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Ilya Rezvov <irezvov@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81336}
2022-06-23 18:43:56 +00:00
Shu-yu Guo
54c69fc584 [heap] Verify the shared heap before tearing down a client heap
In the case of bugs creating shared->local edges, this lets us catch
dangling pointers via CHECKs before they happen.

Also removed some redundant checks in the shared struct verifier.
Existing heap verification already checks that all of a Heap's pointers
are contained within it.

Bug: v8:12547
Change-Id: Ic7a007b3b6559e3dfd0286fbf869586023c6f801
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3704911
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81335}
2022-06-23 14:56:23 +00:00
Nico Hartmann
da12b9ac0b Revert "cppgc: Minor fix in cppgc efficiency calculation"
This reverts commit 543acf345a.

Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Mac%20-%20arm64%20-%20release/10365/overview

Original change's description:
> cppgc: Minor fix in cppgc efficiency calculation
>
> Efficiency calculation (freed bytes over GC duration) assumes that the
> duration of the GC is non zero. However, if the clock resolution is
> not small enough and the entire GC is very short, the timed value
> appears to be zero. This leads to NaN values showing in metrics and
> CHECKs failing. This CL fixes the issue.
>
> Bug: chromium:1338256
> Change-Id: I1dbc52072fcde3411aa38fa0c11da25afd107ca8
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714356
> Reviewed-by: Omer Katz <omerkatz@chromium.org>
> Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81329}

Bug: chromium:1338256
Change-Id: Ie9a23651494fc28a11bb59485a9812ee1a7cff48
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3721697
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Owners-Override: Nico Hartmann <nicohartmann@chromium.org>
Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81331}
2022-06-23 14:27:49 +00:00
snek
4c81827c8d optimize Set#has
Code for map methods was added a really long time ago but no one ever
brought that to set. Adds new common lowering for both collections and
updates the SetPrototypeHas builtin. My initial testing shows this to
be as much as 50x faster in some cases.

Change-Id: Ifea5be01c9e51013d57ac00bd817759ceace6669
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3709246
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: snek <snek@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81330}
2022-06-23 13:42:17 +00:00
Nikolaos Papaspyrou
543acf345a cppgc: Minor fix in cppgc efficiency calculation
Efficiency calculation (freed bytes over GC duration) assumes that the
duration of the GC is non zero. However, if the clock resolution is
not small enough and the entire GC is very short, the timed value
appears to be zero. This leads to NaN values showing in metrics and
CHECKs failing. This CL fixes the issue.

Bug: chromium:1338256
Change-Id: I1dbc52072fcde3411aa38fa0c11da25afd107ca8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714356
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81329}
2022-06-23 13:40:20 +00:00
Thibaud Michaud
2071ce3b6b [wasm][stack-switching] Throw on re-entrant suspender
Throw a wasm trap when trying to re-enter a suspender that is active or
suspended.

R=ahaas@chromium.org

Bug: v8:12191
Change-Id: Ic448a15db29de14fb8d6bb8408af8fbaae82a2b4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3716481
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81326}
2022-06-23 12:52:19 +00:00
Thibaud Michaud
e35039e773 [wasm][stack-switching] Support rejected promises
If the returned promise rejects, we switch to the suspender's stack and
throw the value.
Re-purpose the WasmOnFulfilled data to also represent the rejecting
case and rename it to WasmResumeData.

R=ahaas@chromium.org
CC=fgm@chromium.org

Bug: v8:12191
Change-Id: I91a301c3c6d9d243efbfabe7263555e11f0d9277
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3706606
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81325}
2022-06-23 11:56:30 +00:00
Marja Hölttä
bcf8529626 [rab/gsab] A.p.fill: Support RAB / GSAB
Bug: v8:11111
Change-Id: I2984b3ed6ac6b769f9b4ce758fdf4bfc3b6f6d49
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714661
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81322}
2022-06-23 10:18:49 +00:00
snek
d7bd292628 [fastcall] combine wasm and js fast call builder
A lot of logic is missing from the Wasm entry for fast api calls.
The majority of the lowering is shared between wasm and js, and uses
the same graph operators, so this adds a common fast api call builder
which can be called from the wasm compiler and the js compiler.

Bug: chromium:1052746
Change-Id: I9dbd82548951b2b155a7b2459714239d0b251d71
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3708842
Commit-Queue: snek <snek@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81315}
2022-06-22 18:58:23 +00:00
Andreas Haas
f8362a9515 [wasm] Resolve promise in separate task
With recent changes, we resolve the promise of e.g. WebAssembly.compile
with the external API, and not the V8-internal API. The external API,
however, also handles microtasks, and depending on the MicrotasksPolicy,
may also execute microtasks immediately. This means the then-handler of
WebAssembly.compile may get executed within all the scopes that were
open when the external API was called. One of the open scopes is the
CancelableTask that finishes WebAssembly compilation.

The deadlock seen in the issue arises now when {quit()} gets called in
the then-handler of WebAssembly compilation.  The reason is that
{quit()} terminates the isolate, and during isolate termination, we wait
for all running CancelableTasks to finish. This, however, means a
deadlock, because the task that terminates the isolate is waiting for
itself to finish.

R=jkummerow@chrommium.org

Bug: chromium:1338150
Change-Id: I89243daffc76a456293519e24bfaad88277bb99a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717990
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81311}
2022-06-22 18:11:20 +00:00
Andy Wingo
c3f60e8c26 [stringrefs] Add wtf8_policy immediate to string.measure_wtf8
Following change in https://github.com/WebAssembly/stringref/pull/22.

Bug: v8:12868
Change-Id: Ic7728bff5d03ab547cb26ff41d6966f95bfb6b62
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717986
Commit-Queue: Andy Wingo <wingo@igalia.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81308}
2022-06-22 16:21:58 +00:00
legendecas
22698d2676 [module] Fix aborts in terminated async module evaluation
SourceTextModule::ExecuteAsyncModule asserts the execution of
the module's async function to succeed without exception. However,
the problem is that TerminateExecution initiated by embedders is
breaking that assumption. The execution can be terminated with an
exception and the exception is not catchable by JavaScript.

The uncatchable exceptions during the async module evaluation need
to be raised to the embedder and not crash the process if possible.

Refs: https://github.com/nodejs/node/issues/43182

Change-Id: Ifc152428b95945b6b49a2f70ba35018cfc0ce40b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3696493
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Chengzhong Wu <legendecas@gmail.com>
Cr-Commit-Position: refs/heads/main@{#81307}
2022-06-22 16:20:28 +00:00
Patrick Thier
b4bb6cbce4 [string] Add checks for correct hash values in heap verification
- Check that internalized strings always have a computed hash value.
- Check that ThinStrings never have a forwarding index.
- Add a simple test of various property access with
  --always-use-string-forwarding-table to make the CF aware of the flag.

Change-Id: Ie047c9f635d5e0ed999208ec3379ef09c395b3f5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717988
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81303}
2022-06-22 13:39:48 +00:00
Marja Hölttä
668a3e0eb5 [rab/gsab] Undo test splitting and make tests faster
Part 1:
Revert "PPC: skip slow tests on the ppc simulator"

This reverts commit 9dfac00a1d.

Part 2:
Make the slow test faster.

Bug: v8:11111
Change-Id: I8f0291098d29917fa65c4b5b28bf03cbdbe7ebc6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714229
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81301}
2022-06-22 12:53:18 +00:00
jameslahm
0fe567e700 [web snapshot] Support DataView
Bug: v8:11525
Change-Id: I5a29542032692c106bba14d010605e90954097b8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3706964
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81299}
2022-06-22 12:01:48 +00:00
Andy Wingo
69bb334fda [stringrefs] Renumber stringref types
0x65 is unavailable after
https://github.com/WebAssembly/gc/pull/295/files.

Bug: v8:12868
Change-Id: I8bdffb279c7e7cf72242c1565cf3401e5fa3f4d5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717984
Commit-Queue: Andy Wingo <wingo@igalia.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81296}
2022-06-22 10:27:47 +00:00
Nikolaos Papaspyrou
852baabc17 heap: Add flag v8_enable_inner_pointer_resolution_osb
This CL introduces a compile flag v8_enable_inner_pointer_resolution_osb
behind which lies the experimental implementation of the object start
bitmap. It disassociates the object start bitmap from the compile flag
v8_enable_conservative_stack_scanning. At the moment the former flag is
a prerequisite for the latter, as conservative stack scanning requires
some mechanism for inner pointer resolution and the object start bitmap
provides one such mechanism.

Bug: v8:12851
Change-Id: I24c6b389453fbaefc79ae50c34c5ec7a1bf23347
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717322
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81295}
2022-06-22 10:12:38 +00:00
Michael Lippautz
94ebff7b94 Reland "[heap] Sweep code pages on the background thread"
This reverts commit 6ddf042f68.

Revert did not fix the crasher.

Bug: v8:12967, chromium:1336850
Change-Id: I6d474644e3d94c14df17af6efa70747bae6ad652
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3716487
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81290}
2022-06-22 07:59:18 +00:00
Frank Tang
ba6db33e06 Fix unreachable code under --harmony-intl-number-format-v3
ICU 71 added new enum value UNUM_APPROXIMATELY_SIGN_FIELD
need to map to "approximatelySign"

We also discover a spec bug in
https://github.com/tc39/proposal-intl-numberformat-v3/issues/99

All the parts of formatRangeToParts should have a source "shared" for
the case that start and end are the same or very close.

Bug: chromium:1336865
Change-Id: I89142479989d3d2017d8cb89194db737710c38ed
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717278
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81286}
2022-06-22 02:57:57 +00:00
Luis Fernando Pardo Sixtos
afb26623df [shared-struct] Shared Array Initial prototype
Initial implementation for concurrent shared arrays. Current implementation exposes a `SharedArray` constructor, but its syntax might
change in the future.

Shared arrays can be shared across Isolates, have a fixed size, have no
prototype, have no constructor, and can only store primitives, shared structs and other shared arrays. With this CL shared structs are also allowed to store shared arrays.

The Backing storage for the SharedArrays is a `FixedArrayBase`. This CL introdces a new ElementKind: `SHARED_ARRAY_ELEMENTS`. The new kind should match the overall functionality of the `PACKED_SEALED_ELEMENTS` kind, but having it as standalone kind allows for easier branching in CSA and turbofan code.

Bug: v8:12547
Change-Id: I054a04624d4cf1f37bc26ae4b92b6fe33408538a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3585353
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Luis Fernando Pardo Sixtos <lpardosixtos@microsoft.com>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81285}
2022-06-22 02:24:46 +00:00
Frank Tang
0c11a2cfe2 Update ICU
Rolling v8/third_party/icu: 1658259..1da9170

Add "delimiters" resources needed by ulocdata_getDelimiter (Frank Tang)
https://chromium.googlesource.com/chromium/deps/icu/+/1da9170

Cherry-Pick PR2085 to fix numbering system resolution in NumberRangeFormatter (Frank Tang)
https://chromium.googlesource.com/chromium/deps/icu/+/6fff4cf

Cherry-Pick PR2096 to fix TimeZone name (Frank Tang)
https://chromium.googlesource.com/chromium/deps/icu/+/12de966

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com,ftang@chromium.org

Change-Id: Iaf6a2c2f1557331efbd17127a75925ebee829ca5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714902
Reviewed-by: Frank Tang <ftang@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81284}
2022-06-21 21:19:58 +00:00
Etienne Pierre-doray
4f9aba5c8f [gc] Delay start of memory reducer.
Creates a feature (flag): transition from Done -> Wait
schedules a timer after 30s instead of 8s.
In local benchmark, this reduces by 50% cpu time spent doing
incremental marking and sweeping.

Bug: chromium:1330940
Change-Id: Iff9121243b88d0ed87d0b921e285ece52a83eaa9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3696168
Commit-Queue: Etienne Pierre-Doray <etiennep@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81283}
2022-06-21 18:59:27 +00:00
Jakob Kummerow
d39d75b5e9 [wasm][cleanup] Merge opcode names into main macros
This merges the separate opcode name definitions from wasm-opcodes-inl.h
into the main opcode-defining macros in wasm-opcodes.h. This is simpler
(avoids a bunch of fairly complex macros) and easier to update when we
add new opcodes in the future.
The tests become obsolete because they would simply repeat the implementation.

Change-Id: Ib6421da5670079e7725659c1f4008251f8ff7aed
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714244
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81280}
2022-06-21 14:47:30 +00:00
Jakob Kummerow
d750358a31 [wasm] Fix instance caching after br_table
The tier-up check in any backwards jumps in a br_table list cause the
instance to get cached if it wasn't cached before. When the branch is
not taken, we must not rely on this caching to have happened.
This is a variant of crbug.com/1314184.

Fixed: chromium:1338075
Change-Id: Id511e98f29ec13f0a38b5595ceb4a607c58b92a4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3716478
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81279}
2022-06-21 14:23:15 +00:00
Samuel Groß
a4d17470ab Reland "[sandbox] Also enable the sandbox outside of Chromium builds"
This is a reland of commit 5b9401dde4

Now also skip tests that require large amounts of virtual address space
if tsan is enabled as tsan may cause V8 to create a smaller sandbox
which is then unable to allocate the required amount of memory.

Original change's description:
> [sandbox] Also enable the sandbox outside of Chromium builds
>
> Drive-by: include the right header in sandboxed-pointer-inl.h and fix
> missing sandbox initialization in generate-bytecode-expectations.cc.
>
> Bug: v8:10391
> Change-Id: Ic39ba04b7c98eaa58ea3943189c23b297f581f5a
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3630082
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Commit-Queue: Samuel Groß <saelo@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81216}

Bug: v8:10391
Change-Id: I141080fdf61a77ef48b22e353e3cfbc1ff816e5a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3716474
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81277}
2022-06-21 13:32:26 +00:00
Jakob Kummerow
bdb6322cc2 [wasm][simd] Align printed instructions/types with spec
The spec uses "v128" (not "s128") as the vector type name.
Some conversion instructions have more specific names that we used to
print, e.g. "i32x4.trunc_sat_f32x4_s" instead of "...convert...".

Bug: v8:8460
Change-Id: I4e06f452de6ce8b06670a8c5e53142c36d5e6010
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3704497
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81274}
2022-06-21 12:21:57 +00:00
Manos Koukoutos
7c74a9caea [wasm][test] Represent constant expressions with bytes
Maintaining an AST class just for testing constant exressions does not
seem justified. This CL changes constant expressions in mjsunit tests
to be represented with bytes, like regular expressions.

Change-Id: If5ec5f4d863176952442b1a7e2fec8a61e385971
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714237
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81266}
2022-06-21 09:03:18 +00:00
Maya Lekova
1de7e24902 [d8] Handle exceptions on async_hooks.createHook
Before we assumed that no exception can be thrown when specifying a
function to be used as an async hook, but that's not the case when e.g.
the object passed to createHook is a proxy trapping on property access
and the trap throws an exception.

Bug: chromium:1337629
Change-Id: I7bd7893cd274afb6e642ed18aacb9e203f7fdd96
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714233
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81258}
2022-06-21 08:54:53 +00:00
Nico Hartmann
c878117fa0 Revert "[sandbox] Also enable the sandbox outside of Chromium builds"
This reverts commit 5b9401dde4.

Reason for revert: A few memory tests flake on tsan (e.g. https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20isolates/20190/overview)

Original change's description:
> [sandbox] Also enable the sandbox outside of Chromium builds
>
> Drive-by: include the right header in sandboxed-pointer-inl.h and fix
> missing sandbox initialization in generate-bytecode-expectations.cc.
>
> Bug: v8:10391
> Change-Id: Ic39ba04b7c98eaa58ea3943189c23b297f581f5a
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3630082
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Commit-Queue: Samuel Groß <saelo@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81216}

Bug: v8:10391
Change-Id: I22560a6bdcffbf71651f655bdf7d183d5c832620
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714239
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81256}
2022-06-20 17:04:28 +00:00
Manos Koukoutos
3c34137ad2 Reland "[wasm-gc][cleanup] Remove wasm signature from CallDescriptor"
This is a reland of commit 538f2bc9ab

Changes compared to original: None. We think the problem that caused
the revert (https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20no-concurrent-marking/9377/overview) is unrelated.

Original change's description:
> [wasm-gc][cleanup] Remove wasm signature from CallDescriptor
>
> This field is no longer used, as the functionality it supported has been
> subsumed by wasm-gc typed-based optimizations.
>
> Bug: v8:7748
> Change-Id: I970514bb29e5f91bb5610cafde60ec3dbcfb07aa
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3705376
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Maya Lekova <mslekova@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81244}

Bug: v8:7748
Change-Id: I8eacff98d265751fae55f244d40c0df94e35e6fe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714231
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81248}
2022-06-20 13:26:03 +00:00
Nico Hartmann
3cb521fedd Revert "[wasm-gc][cleanup] Remove wasm signature from CallDescriptor"
This reverts commit 538f2bc9ab.

Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20no-concurrent-marking/9377/overview

Original change's description:
> [wasm-gc][cleanup] Remove wasm signature from CallDescriptor
>
> This field is no longer used, as the functionality it supported has been
> subsumed by wasm-gc typed-based optimizations.
>
> Bug: v8:7748
> Change-Id: I970514bb29e5f91bb5610cafde60ec3dbcfb07aa
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3705376
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Maya Lekova <mslekova@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81244}

Bug: v8:7748
Change-Id: I110f6b7943ecbaaa6b2a73c3631ea194981cdf20
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714230
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
Owners-Override: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81245}
2022-06-20 12:22:03 +00:00
Manos Koukoutos
538f2bc9ab [wasm-gc][cleanup] Remove wasm signature from CallDescriptor
This field is no longer used, as the functionality it supported has been
subsumed by wasm-gc typed-based optimizations.

Bug: v8:7748
Change-Id: I970514bb29e5f91bb5610cafde60ec3dbcfb07aa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3705376
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81244}
2022-06-20 11:45:23 +00:00
Marja Hölttä
bc7b89f7c7 [rab/gsab] Tests for Array.p methods, part 1
In this part: copyWithin, includes

Bug: v8:11111
Change-Id: I63eee835661310c21ad53992ae3b161cc3214dfc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3678206
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81241}
2022-06-20 09:51:10 +00:00
Igor Sheludko
8487e66d75 [runtime] Inline Foreign fields into AccessorInfo
... to avoid additional indirection on every access.

Drive-by: given that AccessorInfo class now has a custom body visitor
it's no longer necessary to encode flags field as Smi.

Bug: v8:12949
Change-Id: I30eabee3cbc5ded2bf3f050dfe22208713a764bf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3701590
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81237}
2022-06-20 09:25:03 +00:00
Michael Lippautz
a50caffd33 [heap] Remove incremental marking finalization step
Remove finalization step of incremental marking. The step was
historically used to process embedder/weak work on the main thread
before invoking the atomic pause. Remove the infrastructure as the
step is not needed anymore and actually required a safepoint.

Change-Id: I208767bbac3d9a06a0b3c67aa9779f8a5fa07328
Bug: v8:12775
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702801
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81234}
2022-06-20 07:58:03 +00:00
Lu Yahan
a986dcff73 [riscv64] Avoid using callee saved register in call func
f8(fs0) is callee saved so that we should not use it to hold return value in the float_min_max test case.


Change-Id: I7039918cc434462dd956339d4263811543e23a94
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3711284
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Reviewed-by: ji qiu <qiuji@iscas.ac.cn>
Commit-Queue: ji qiu <qiuji@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#81230}
2022-06-19 12:30:52 +00:00
Frank Tang
cd7100e9aa [Temporal] Add add/subtract to PlainYearMonth
Also add AOs: AddDurationToOrSubtractDurationFromPlainYearMonth,
CreateNegatedDurationRecord

Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.plainyearmonth.prototype.add
https://tc39.es/proposal-temporal/#sec-temporal.plainyearmonth.prototype.subtract
https://tc39.es/proposal-temporal/#sec-temporal-adddurationtoorsubtractdurationfromplainyearmonth

Also see https://github.com/tc39/proposal-temporal/pull/2281

Bug: v8:11544
Change-Id: I5ca6acc82dad07a8dd202de02bca5a16e585e84c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3697180
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81228}
2022-06-18 00:35:02 +00:00
Frank Tang
08c18bfc2e [Temporal] Add compare and equals to ZonedDateTime
Also add AOs: TimeZoneEquals

Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.compare
https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.equals
https://tc39.es/proposal-temporal/#sec-temporal-timezoneequals

Bug: v8:11544
Change-Id: Ibcd1e42d72f86f16e0f5ddb1fd589bbe7ab2225c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3709217
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81227}
2022-06-18 00:02:01 +00:00
Shu-yu Guo
8b8e044fd2 [heap] Add Parking* variants of blocking primitives
Due to shared GCs it's easy to accidentally deadlock V8 by forgetting to
park a thread before blocking.

This CL does the following:

- Adds ParkingConditionVariable and ParkingSemaphore, which hide
the Wait[For] methods in favor of ParkedWait[For], which parks the
thread before blocking the thread.
- Migrate to the Parking* variants in JS shared memory tests.

Bug: v8:11708
Change-Id: I6d1b2b26a05e7df0a69a1614c03308f538a8782f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3708017
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81225}
2022-06-17 17:42:40 +00:00
Tobias Tebbi
95a23cf444 Revert "Skip mjsunit/turboshaft/simple on numfuzz until flake is solved"
This reverts commit c56edd3eba.

Reason for revert: should be fixed now

Original change's description:
> Skip mjsunit/turboshaft/simple on numfuzz until flake is solved
>
> NOTRY=true
>
> Bug: v8:12826
> Change-Id: I08be2980f92c69504290bb6152e48595e6a6c9aa
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3629540
> Auto-Submit: Almothana Athamneh <almuthanna@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80369}

Bug: v8:12826
Change-Id: I615c682447df58bf9ae7acd9e4429b3a55697d8a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707593
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81220}
2022-06-17 14:45:20 +00:00
Igor Sheludko
62c6c6c772 [tests] Fix cctest/test-spaces/OldLargeObjectSpace
... which doesn't expect GCs caused by concurrent allocations.

Bug: v8:12779
Change-Id: I4ab13711ed4d98e7a46d759f0020b5983dec4ee0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707278
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81219}
2022-06-17 13:09:24 +00:00
Samuel Groß
5b9401dde4 [sandbox] Also enable the sandbox outside of Chromium builds
Drive-by: include the right header in sandboxed-pointer-inl.h and fix
missing sandbox initialization in generate-bytecode-expectations.cc.

Bug: v8:10391
Change-Id: Ic39ba04b7c98eaa58ea3943189c23b297f581f5a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3630082
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81216}
2022-06-17 09:54:00 +00:00
Michael Lippautz
6ddf042f68 Revert "[heap] Sweep code pages on the background thread"
This reverts commit 8325f86df3.

Reason for revert: Speculative revert for chromium:1336850.

Original change's description:
> [heap] Sweep code pages on the background thread
>
> We already make code pages writable & executable for concurrent
> Sparkplug. We can use the same mechanism for sweeping of code pages on
> the background thread, instead of scheduling incremental tasks on the
> main thread. This allows us to remove almost all special
> handling for code pages in the sweeper and allows us to off-load more
> work from the main thread.
>
> Bug: v8:12967
> Change-Id: Idb8e9f8e2eadbec26a386f2de683a80087f671f3
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695557
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81139}

Bug: v8:12967, chromium:1336850
Change-Id: I1fb775892c2679984221efa7ceb682800c88cb2f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707274
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81213}
2022-06-17 07:36:00 +00:00
Frank Tang
bb70895e49 [Temporal] Add Instant.prototype.round
Also add AOs: ToTemporalRoundingMode, ToSmallestTemporalUnit,
ToTemporalRoundingIncrement, RoundHalfAwayFromZero,
RoundNumberToIncrement, RoundTemporalInstant

Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.instant.prototype.round
https://tc39.es/proposal-temporal/#sec-temporal-totemporalroundingmode
https://tc39.es/proposal-temporal/#sec-temporal-tosmallesttemporalunit
https://tc39.es/proposal-temporal/#sec-temporal-totemporalroundingincrement
https://tc39.es/proposal-temporal/#sec-temporal-roundhalfawayfromzero
https://tc39.es/proposal-temporal/#sec-temporal-roundnumbertoincrement
https://tc39.es/proposal-temporal/#sec-temporal-roundtemporalinstant

Bug: v8:11544
Change-Id: I37750f166e6b5597db16574d2ce4d5f92065a7b0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3566671
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81212}
2022-06-17 01:55:52 +00:00
Thibaud Michaud
7da19e25d2 [wasm][stack-switching] Propagate exceptions across stack segments
Exceptions should propagate inside the logical stack, which can consist
of multiple wasm stack segments. When the outermost frame of the current
segment is reached, pick up the parent stack and continue the search
from there, and update the state to reflect the implicit stack switch.

Drive-by: cleanups.

R=ahaas@chromium.org
CC=​fgm@chromium.org

Bug: v8:12191, v8:12960
Change-Id: Ia5cb39a6ae197fb68e635f986952419dc43c7b98
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695376
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81208}
2022-06-16 13:30:46 +00:00
Manos Koukoutos
97eff73b71 [wams-gc] Enable i31.new as constant expression
Bug: v8:7748
Change-Id: Ib3b1d99107ad2a9c703e9dc546b522e208204d1c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702443
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81205}
2022-06-16 07:04:53 +00:00
Manos Koukoutos
e4a7ef2b3b [wasm][refactor] Clean up constant expressions
Changes:
- Rename InitExpression -> ConstantExpression in places which reference
  the ConstantExpression type.
- Move ConstantExpression to its own file, along with ValueOrError and
  EvaluateConstantExpression.

Change-Id: Ife572d783531216b6ea3d2626e4fbf4048463253
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702798
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81204}
2022-06-16 06:11:03 +00:00
Adam Klein
a79aebfac5 Mark benchmarks/kraken/audio-dft as slow under slow variants
Bug: v8:12912
Change-Id: Ibfd8d29660ee55fa1d4cd0cac76942826ea541fc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3708852
Auto-Submit: Adam Klein <adamk@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81202}
2022-06-15 23:10:02 +00:00
Frank Tang
2506d6ca1c [Temporal] Add from to ZonedDateTime
Also implement AOs: ParseTemporalZonedDateTimeString, ToTemporalZonedDateTime

Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.from
https://tc39.es/proposal-temporal/#sec-temporal-parsetemporalzoneddatetimestring
https://tc39.es/proposal-temporal/#sec-temporal-totemporalzoneddatetime

Sync ToTemporalOffset and ToTemporalDisambiguation to latest spec to take undefined.
https://tc39.es/proposal-temporal/#sec-temporal-totemporaloffset
https://tc39.es/proposal-temporal/#sec-temporal-totemporaldisambiguation

Bug: v8:11544
Change-Id: I4137725155201b025066538ce337f6ae4749dc5e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3699684
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81200}
2022-06-15 22:28:52 +00:00
Frank Tang
7ad9ae1a8c Correct test to sync to PR85 and add test to show problem in v8:12977
https://github.com/tc39/proposal-intl-numberformat-v3/pull/85

Also add test to show the problem while using numberingSystem with formatRange


Bug: v8:12977, v8:10776
Change-Id: I09845b6f04994dc84b9a21e272d39d785db3317a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3708020
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81199}
2022-06-15 21:54:42 +00:00
Frank Tang
39296d3cab [Intl] Stage Intl Number Format v3 API
Stage 3 proposal

flag --harmony-intl-number-format-v3

Spec: https://github.com/tc39/proposal-intl-numberformat-v3
R2T: https://groups.google.com/a/chromium.org/g/blink-dev/c/vy6rCuh3r_0/m/1Q2FHx9hBAAJ
Design Doc: https://docs.google.com/document/d/19jAogPBb6W4Samt8NWGZKu47iv0_KoQhBvLgQH3xvr8/edit
https://docs.google.com/document/d/14zxGub6Os6nARzH6XstOZX05w2537sZo_ZSSlGjGpBM/edit#heading=h.86ckkob9p59r
https://chromestatus.com/feature/5707621009981440

Bug: v8:10776
Change-Id: I81d0385b09c283628c7c36096d26e07a817888a1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3703471
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81198}
2022-06-15 21:33:12 +00:00
Manos Koukoutos
7ba853bb98 Reland "[wasm-gc] Implement array.init_from_elem"
This is a reland of commit 76a07814b2

Changes compared to original:
- Add WasmArray::SetTaggedElement, which uses write barriers.
- In Factory::NewWasmArrayFromElementSegment, the new array may have
  moved to OldSpace until it is initialized. Therefore, it needs write
  barriers; use the new method for that.
- Small readability improvements.

Original change's description:
> [wasm-gc] Implement array.init_from_elem
>
> Bug: v8:7748
> Change-Id: I65dbb496302045820063bd0f4f9ea054e6a645bd
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695580
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81128}

Bug: v8:7748
Change-Id: Ic5def1886f662bddce72b8eaea274eb5e8ec0c68
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3704513
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81196}
2022-06-15 19:01:42 +00:00
Seth Brenith
c5efd19b0e Return both toplevel SFI and Script from compilation cache
This is a partial reland of https://crrev.com/c/3597106 , except for the
changes in compiler.cc, which are just the minimal possible changes to
make the code compile.

With this change, it is possible that a call to
CompilationCache::LookupScript returns any of:
1. A Script and a toplevel SharedFunctionInfo (cache hit)
2. A Script but no toplevel SharedFunctionInfo (partial cache hit)
3. Nothing (cache miss)

Bug: v8:12808
Change-Id: Id33a4cd0cb28562d6b862fbb113ea9d03f255b2b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687425
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#81193}
2022-06-15 16:15:12 +00:00
jameslahm
cc709727e7 [web snapshot] Support resizable ArrayBuffer, detached
... ArrayBuffer and shared ArrayBuffer.

Bug: v8:11525
Change-Id: I6b3f78d5cf6528123b40c49f2767ade2b6bfbed1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3706279
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81189}
2022-06-15 15:41:33 +00:00
Andy Wingo
70289dd72a [stringrefs] Implement string.is_usv_sequence
Bug: v8:12868
Change-Id: I2f12858db1956a3b14b95341f1459df8abc03db0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702797
Commit-Queue: Andy Wingo <wingo@igalia.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81188}
2022-06-15 15:06:52 +00:00
Vasili Skurydzin
afa4ad0ae9 Aix: Unskip LogTests after issue is resolved
Related: https://chromium-review.googlesource.com/c/v8/v8/+/3696481
Change-Id: I5cfe4fc7dc6ece68aacf8afe5b069928243b0919
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3704900
Reviewed-by: Milad Farazmand <mfarazma@redhat.com>
Commit-Queue: Vasili Skurydzin <vasili.skurydzin@ibm.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81184}
2022-06-15 13:57:42 +00:00
jameslahm
dc5972784b [test] Move cctest/test-deoptimization to unittests/
... deoptimizer/deoptimization-unittest.

Bug: v8:12781
Change-Id: I453d02f6ead59ee274af600197dedc01cb144a4e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3705237
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81181}
2022-06-15 12:37:25 +00:00
Anton Bikineev
c6cec7c995 cppgc: young-gen: Avoid eager commits of the age-table
The CL fixes PMF regressions that happend after increasing
the AgeTable size.

Bug: chromium:1336529
Change-Id: If1f099b43bfcb3a8c7dd4a1c229fcb08735eb744
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707098
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81180}
2022-06-15 12:14:52 +00:00
Clemens Backes
46e95920e4 [flags] Disable flags freezing in tests, fuzzers, and others
This CL explicitly disables the --freeze-flags-after-init flag for cases
where we modify flags after initialization. This is only tests, fuzzers,
and special options to d8, thus not security relevant.

These should be the last blockers for enabling the flag globally.

R=cbruni@chromium.org

Bug: v8:12887
Change-Id: I1d8a03dcc20e524d30c967f6fe15f6401de77612
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3706619
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81179}
2022-06-15 11:52:46 +00:00
Andreas Haas
12d9815342 [wasm] Update spec tests
Bug: v8:12864
Change-Id: Ieea0706f64517355ba0533dd8b37a2320d1b5300
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707099
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81177}
2022-06-15 11:38:32 +00:00
Simon Zünd
21fe5e0fef Reland "[inspector] Allow Debugger.setScriptSource to edit top-most function"
This is a reland of commit dac6155649

This is a straight-up reland with no changes, because:
  1) The failure doesn't reproduce locally
  2) The failing flaky test that triggered the revert is not related
     to the code modified by this CL and should (in theory) not be
     impacted.

Original change's description:
> [inspector] Allow Debugger.setScriptSource to edit top-most function
>
> This CL adds a new boolean flag on the Debugger.setScriptSource CDP
> method that gets piped all the way through to the live-edit mechanism.
> The new flag enables live-editing of the top-most function while
> paused.
>
> The CL adds a couple of tests that cover the new core use cases for
> this flag.
>
> R=jarin@chromium.org
>
> Bug: chromium:1334484
> Change-Id: I12fec591b2b6550d89748714620e629548e1b9c1
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695354
> Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Commit-Queue: Simon Zünd <szuend@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81127}

Bug: chromium:1334484
Change-Id: I9a9bf7e03d81c86adb4819b9756dd9afcf6fa021
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3706398
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81171}
2022-06-15 07:48:30 +00:00
Frank Tang
fe53fc04d2 [intl] Implement NumberFormat v8 string input handling
Design Document:
https://docs.google.com/document/d/14zxGub6Os6nARzH6XstOZX05w2537sZo_ZSSlGjGpBM/edit#


Bug: v8:10776
Change-Id: I506eadcf70f6855a79601a7cb1ce47849cfc066a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3594118
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81168}
2022-06-15 04:23:14 +00:00
Frank Tang
b66d08241d [Temporal] Add non-intl toLocaleString to Duration
Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.duration.prototype.tolocalestring

This does NOT implement the intl version of toLocale in (noteice 'sup'
vs 'sec' after #)
https://tc39.es/proposal-temporal/#sup-temporal.duration.prototype.tolocalestring
since the details is not specified yet.

Bug: v8:11544
Change-Id: I7f5a2e9766005d1a7f6409d428ca53b5a38a3960
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3696482
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81167}
2022-06-15 04:01:43 +00:00
Etienne Pierre-doray
1e0d18dc0b [task] Expose CreateJob in v8::Platform
CreateJob() is similar to PostJob() but doesn't schedule anything
until Join() or Notify*() is called.
This allows
- CreateJob().Join() without too many worker.
- Early 'empty' CreateJob() for initialization
  without causing spurious calls to GetMaxConcurrency()

Bug: chromium:1287665
Change-Id: I8fd8b139392ad30218f0cf8f580b2d76f1078777
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3668842
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Etienne Pierre-Doray <etiennep@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81166}
2022-06-15 00:13:31 +00:00
Frank Tang
8bd3a441ae [test262] Roll test262
8f5c7aed0..b1f49b5c

Bug: v8:7834
Change-Id: Icb4ab0c9b26962ed60ba30419f3976ddf05e91e4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3704910
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81165}
2022-06-14 23:40:12 +00:00
Darius M
00fe5f5e65 Fix bug with SIMD fast path of array.IndexOf/Includes and negative 0
For FixedDoubleArrays that are not aligned on 8 bytes, the SIMD fast
path of array.IndexOf actually falls back on a scalar loop. Because of
how this loop was written, it was failing to see that 0.0 == -0.0.


Bug: chromium:1335445
Change-Id: Idf70fd3ed9950e5b2b7cc72bb2ebca6879b3a04e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702803
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Darius Mercadier <dmercadier@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81163}
2022-06-14 18:50:01 +00:00
Camillo
ed6be49813 [logging] Use short "JS:" prefix for function log events
"Function:" and "LazyCompile:" are confusing by now and use up too
much space.# Enter a description of the change.

This also changes the function names visible when using linux-perf

Change-Id: Ib2d4b7df39068c27b5b06db578fc550d2973ebb4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3693705
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81161}
2022-06-14 16:11:21 +00:00
Michael Lippautz
c26dd2e32b [heap] Simplify incremental marking
In preparation for removing the finalization step, simplify
incremental marking logic.

Change-Id: I929034e389edb0c9da78cd39fd497d5783aff7c4
Bug: v8:12775
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3704509
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81155}
2022-06-14 14:51:21 +00:00
Andy Wingo
310fe8e61c [stringrefs] Implement string.eq
Bug: v8:12868
Change-Id: I56ccab1a0cfacfae236c4f87c31a84d3afecafc8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702437
Commit-Queue: Andy Wingo <wingo@igalia.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81153}
2022-06-14 14:17:42 +00:00
Andy Wingo
163ed720c7 [stringrefs] Implement string.concat
Bug: v8:12868
Change-Id: I7f5487dc01b006caef582f792e007d3a3cabb324
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702435
Commit-Queue: Andy Wingo <wingo@igalia.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81151}
2022-06-14 14:08:38 +00:00
Andy Wingo
9efa9e3c92 [stringrefs] Implement stringview_wtf16.encode
Bug: v8:12868
Change-Id: I9b7cbd3851b3819bcc2c32e273ddae16b9d812ca
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702266
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andy Wingo <wingo@igalia.com>
Cr-Commit-Position: refs/heads/main@{#81144}
2022-06-14 12:45:36 +00:00
Leszek Swirski
a6b7f1f3f4 Revert "[wasm-gc] Implement array.init_from_elem"
This reverts commit 76a07814b2.

Reason for revert: Failing on GC stress: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Mac64%20GC%20Stress/23140/overview

Original change's description:
> [wasm-gc] Implement array.init_from_elem
>
> Bug: v8:7748
> Change-Id: I65dbb496302045820063bd0f4f9ea054e6a645bd
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695580
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81128}

Bug: v8:7748
Change-Id: Ia72cc121c50af7906e54a1742529bf081c511a8a
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3704506
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81143}
2022-06-14 12:44:33 +00:00
Jakob Kummerow
481ad16db6 [wasm] Align OpcodeName() with spec for Atomics opcodes
The names we returned in WasmOpcodes::OpcodeName(...) for Atomics opcodes
did not match the spec. This patch fixes that.
This matters in particular when we want to provide disassembly of
modules.

Bug: v8:6532
Change-Id: Ia8791feee617b75d598ad373bafba7da5687f523
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3704496
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81142}
2022-06-14 11:52:32 +00:00
Dominik Inführ
8325f86df3 [heap] Sweep code pages on the background thread
We already make code pages writable & executable for concurrent
Sparkplug. We can use the same mechanism for sweeping of code pages on
the background thread, instead of scheduling incremental tasks on the
main thread. This allows us to remove almost all special
handling for code pages in the sweeper and allows us to off-load more
work from the main thread.

Bug: v8:12967
Change-Id: Idb8e9f8e2eadbec26a386f2de683a80087f671f3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695557
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81139}
2022-06-14 11:29:48 +00:00
jameslahm
293654ec6b [web snapshot] Support TypedArray
This CL adds serialization and deserialization
support for ArrayBuffer and TypedArray.

TODOs:
- Support resizable ArrayBuffer.
- Support detached ArrayBuffer.
- Support shared ArrayBuffer.

Bug: v8:11525
Change-Id: Ic9267a78e427ee20d55f2f0483b677eeee5c214b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3688896
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81136}
2022-06-14 11:04:51 +00:00
Andreas Haas
efb80afe2a [wasm] Add flag to disable the wasm native module cache
The native module cache makes it difficult to test deserialization,
because the native module just gets loaded from the cache instead of
deserializing the serialized module. This CL adds a new flag,
--wasm-native-module-cache-enabled, to control whether the native module
cache is enabled or not. The cache gets disabled by handling all modules
like asm.js modules when the cache gets disabled, as the cache is not
used for asm.js.

The name of the flag is positive (i.e.
`enabled` instead of `disabled`) to avoid double negation. The flag is
true by default, and set to false in tests.

R=thibaudm@chromium.org
CC=clemensb@chromium.org

Bug: v8:12964
Change-Id: If2b96a95ccf37f2eb8a868ad1661c3325c1048f6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3703836
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81132}
2022-06-14 10:17:38 +00:00
Tobias Tebbi
ec009ba29c Revert "[inspector] Allow Debugger.setScriptSource to edit top-most function"
This reverts commit dac6155649.

Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20no-concurrent-marking/9288/overview

Original change's description:
> [inspector] Allow Debugger.setScriptSource to edit top-most function
>
> This CL adds a new boolean flag on the Debugger.setScriptSource CDP
> method that gets piped all the way through to the live-edit mechanism.
> The new flag enables live-editing of the top-most function while
> paused.
>
> The CL adds a couple of tests that cover the new core use cases for
> this flag.
>
> R=​jarin@chromium.org
>
> Bug: chromium:1334484
> Change-Id: I12fec591b2b6550d89748714620e629548e1b9c1
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695354
> Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Commit-Queue: Simon Zünd <szuend@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81127}

Bug: chromium:1334484
Change-Id: I165269d6c1b001b516f10ae3716ffb57b675ab39
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3705378
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Owners-Override: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81130}
2022-06-14 10:07:31 +00:00
Manos Koukoutos
76a07814b2 [wasm-gc] Implement array.init_from_elem
Bug: v8:7748
Change-Id: I65dbb496302045820063bd0f4f9ea054e6a645bd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695580
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81128}
2022-06-14 09:30:51 +00:00
Simon Zünd
dac6155649 [inspector] Allow Debugger.setScriptSource to edit top-most function
This CL adds a new boolean flag on the Debugger.setScriptSource CDP
method that gets piped all the way through to the live-edit mechanism.
The new flag enables live-editing of the top-most function while
paused.

The CL adds a couple of tests that cover the new core use cases for
this flag.

R=jarin@chromium.org

Bug: chromium:1334484
Change-Id: I12fec591b2b6550d89748714620e629548e1b9c1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695354
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81127}
2022-06-14 09:29:31 +00:00
Yolanda Chen
5ea696791f [interpreter] Remove unused temp for class prototype
Bug: v8:12940
Change-Id: I2e12ba483f641a27fab623ae4d4f652aa8cdedff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3699226
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Yolanda Chen <yolanda.chen@intel.com>
Cr-Commit-Position: refs/heads/main@{#81121}
2022-06-14 03:48:51 +00:00
Andy Wingo
a66f078712 [stringrefs] Implement string.encode_wtf16
Bug: v8:12868
Change-Id: Icdf4a04d55c59613e305ec8258485fd69b57e90a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702258
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andy Wingo <wingo@igalia.com>
Cr-Commit-Position: refs/heads/main@{#81119}
2022-06-13 19:45:20 +00:00
Andy Wingo
a541dbcbb4 [stringrefs] Implement string.encode_wtf8
Bug: v8:12868
Change-Id: I81f175057ec0d40dbd1e9fd329a0e37ef3ade814
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702332
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andy Wingo <wingo@igalia.com>
Cr-Commit-Position: refs/heads/main@{#81118}
2022-06-13 19:42:21 +00:00
Seth Brenith
1ce039e109 Reland "Build cctest while building V8"
This is a reland of commit 7787ed2007

Updates since original: specified that cctest sources depend on
generated files from the inspector.

Original change's description:
> Build cctest while building V8
>
> I noticed in a recent build that C++ files from cctest didn't start
> compiling until after several slow non-parallel tasks such as running
> mksnapshot and linking v8_for_testing. I don't see any reason that
> cctest sources should wait for those tasks, so in this change I propose
> adjusting the build dependencies for more parallelism.
>
> Change-Id: I2472117c8555ac397fa1232954c8b699d6429d38
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3690170
> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
> Cr-Commit-Position: refs/heads/main@{#80976}

Change-Id: I9f507c3c07bda1638b81de4b1ac82afda1168999
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3699405
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81112}
2022-06-13 16:05:50 +00:00
Pan, Tao
c2d239ddb3 Reland "[compiler] Remove the optimized OSR code if deoptimizing at inside of loop"
This is a reland of commit c8c176190a

This CL includes:

- crrev.com/c/3679846 Add condition use_ic to the removing the optimized OSR code logic
- crrev.com/c/3686589 Add out of bytecode array to break condition of removing OSR code cache logic
- Add JumpLoop nesting level 0 to break condition of removing OSR code cache logic
- Change to use Deoptimizer::DeoptimizeFunction() to deoptimize OSR code

Original change's description:
> [compiler] Remove the optimized OSR code if deoptimizing at inside of loop
>
> If the optimized code is deoptimized and the deoptimized exit offset is
> inside of the optimized OSR code related loop, the optimized OSR code is
> also out of date, remove the optimized OSR code, it will avoid hit the
> optimized OSR code and soon later deoptimization of the optimized OSR
> code.
> This CL will reduce deoptimization. E.g. Deoptimization of JetStream2
> case navier-stokes function addFields is reduced from twice to once.
>
> Change-Id: I5bbf3039e916c3736b5b967d1f36b6ea90cfd40b
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3648219
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Tao Pan <tao.pan@intel.com>
> Cr-Commit-Position: refs/heads/main@{#80826}

Bug: chromium:1330444
Change-Id: I97a466ddfa764438b45f33c6ae33cb921d57278d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3690451
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Tao Pan <tao.pan@intel.com>
Cr-Commit-Position: refs/heads/main@{#81110}
2022-06-13 15:29:41 +00:00
Igor Sheludko
09fa6a72da [tests] Disable concurrent Sparkplug for some tests
... setting too low --max-old-space-size value.

Fixes: v8:12725
Change-Id: I5b1b533992d6b1024e81263525ed90914582e27a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695594
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81107}
2022-06-13 13:23:00 +00:00
Anton Bikineev
e786faaf10 cppgc: Reset age table only for pages containing young objects
We don't need to reset the entire age table, but merely the pages that
are known to contain young objects. This must improve memory use with
generational GC enabled.

The CL is a prerequisite for another CL that'll increase the size of
the age-table.

Bug: chromium:1029379
Change-Id: Ibb5b607af20380c3936b7396b3d9767f6f17c44b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695268
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81106}
2022-06-13 13:14:00 +00:00
jameslahm
dfe65b9078 [test] Move cctest/test-factory to unittests/codegen/
... factory-unittest.

Bug: v8:12781
Change-Id: I862ab02526c21820ef3f12f663a598793bbc6bbd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3699499
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#81104}
2022-06-13 12:41:12 +00:00
jameslahm
c5005009dc [test] Move cctest/test-hashcode to unittests/objects/
... hashcode-unittest.

Bug: v8:12781
Change-Id: I118ec1f2963abfaf6fbf738b97a984c9449d105d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3699498
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#81103}
2022-06-13 11:35:20 +00:00
Clemens Backes
dc748570c8 [wasm] Add flag to limit module size
Add a new --wasm-max-module-size flag to replace the unused and more
specific --experimental-wasm-allow-huge-modules flag.
The new flag can be used in fuzzers to reduce the maximum allowed module
size, avoiding OOM on some systems (like 32-bit ASan builds).

R=ahaas@chromium.org

Bug: chromium:1334577
Change-Id: I2830d407c5b01be21a47b21392c1210061c40b20
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695267
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81102}
2022-06-13 11:06:50 +00:00
Simon Zünd
79db56f1e4 [debug] Allow live-editing of top-most frame
This CL extends the live edit mechanism to allow editing the function
that is currently on top of the stack, as long as that call frame is
the only activation of that  function.

The CL changes how we look for functions on the current JS stack:
Instead of starting at thread_local_top we start at the frame we
are currently paused in. This is possible since there can not be any
JavaScript frames above the current "break frame", only C++ frames
which are not relevant for live edit.

If the edited script modifes the top-most function, the inspector
will trigger a restart of that call frame. That is why we check
if we can actually restart the function and only allow the live
edit to go through if that is the case.

Note that this CL also adds a kill switch in the form of a runtime
flag for this feature, in case we need to pull the plug and disable
this feature again via back-merge.

R=jarin@chromium.org

Bug: chromium:1334484
Change-Id: I711913df96c8acc786ad4de28de804d2f90e1847
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695353
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81097}
2022-06-13 10:29:30 +00:00
Igor Sheludko
3fa8fb0d59 [ext-code-space] Fix Code with non-Code object comparisons
... which might fail because usual operator== for tagged values compares
only lower 32 bits of the pointer.

Bug: v8:11880, v8:12958
Change-Id: I0978d6c510424aecfee2f044c40ea424b6cb3ab9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695593
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81096}
2022-06-13 09:46:39 +00:00
Clemens Backes
61a6fd84e1 [wasm] Rename "OnModuleCompiled" and related callbacks
Already after enabling Liftoff, the name did not match the semantics any
more. The callback was called after top-tier finished, not after initial
compilation of the module finished.
With dynamic tiering, the name is even less fitting.

This CL renames the "OnModuleCompiled" callback in the API to
"MoreFunctionsCanBeSerialized", which makes it more obvious what the
API should be used for. It also internally renames all related typedefs
and methods accordingly.

One call of the callback in the streaming decoder was already wrong
before this CL and is being removed.

R=jkummerow@chromium.org, cbruni@chromium.org

Bug: v8:12899
Change-Id: I95c0fc9e32442383e47e4370e31277cc065bf0fe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687689
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81093}
2022-06-13 08:13:00 +00:00
Andy Wingo
f03814f83e [stringrefs] Implement stringview_wtf16.slice
Bug: v8:12868
Change-Id: Ib92cbf7eae8e4b7bc76bc918011be747254d931f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3700075
Commit-Queue: Andy Wingo <wingo@igalia.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81087}
2022-06-11 11:46:33 +00:00
jameslahm
bc7d49e72d [test] Fix get resources for interpreter expectation files
... in unittests/testcfg.py on android.

Bug: v8:12781
Change-Id: I7a7f4edbae4f4fe646063d048f5132c401422be4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3697864
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#81085}
2022-06-11 02:02:28 +00:00
Andy Wingo
ea6bedaeb1 [stringrefs] Implement stringview_wtf16.get_codeunit
Bug: v8:12868
Change-Id: I5fb5dccb5ff6b691348a519253de338fa91e8be1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695269
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andy Wingo <wingo@igalia.com>
Cr-Commit-Position: refs/heads/main@{#81082}
2022-06-10 18:00:48 +00:00
Joyee Cheung
dd6d96c8cd [api] add v8::Module::GetStalledTopLevelAwaitMessage()
Adds Module::GetStalledTopLevelAwaitMessage() API which searches for
modules that have no pending async dependencies but have not yet
resolved. An embedder may call this API when they are about to exit
to check if TLA evaluation has stalled and provide a better error
message.

Change-Id: I3b88802f70cc84c973551f13d73ef3e3d06f4027
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2341765
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81080}
2022-06-10 16:46:57 +00:00
Tobias Tebbi
77ba98ef32 [turboshaft] add support for all JS machine-level operators
In particular, this CL adds support for:
- exception handling
- source positions
- OSR
- various numeric operations and conversions

Since the test suite now passes with `--turboshaft`, this also adds a
new variant for Turboshaft and enables it on some bots.

Bug: v8:12783
Change-Id: Ia2dd2e16f56fc955d49e51f86d050218e70cb575
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3669251
Reviewed-by: Darius Mercadier <dmercadier@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81074}
2022-06-10 15:17:20 +00:00
Clemens Backes
436f088944 [wasm][streaming] Check for illegal section code
Add a missing check to reject illegal sections.

The test is added in three forms, to give fuzzers more food: A fuzzer
regression test for the streaming fuzzer, a unit test for the streaming
decoder, and an mjsunit test for streaming compilation.

Drive-by: Remove a redundant line in the synchronous decoder (this is
already handled by the following statement.

R=ahaas@chromium.org

Bug: chromium:1335023
Change-Id: Ic8c3b301f1b58981c7d68eafcffc89531ed2c64c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3698549
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81071}
2022-06-10 14:23:07 +00:00
jameslahm
eab795f377 [test] Fix FlagsJitlessImplications test in
... flag-definitions-unittest.

We should setup the isolate to get the correct Flag_*.
This CL fixes the breakage in https://ci.chromium.org/p/v8/g/ports/console including https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm%20-%20sim%20-%20lite and https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm%20-%20sim%20-%20lite%20-%20debug etc.

Bug: v8:12781
Change-Id: Ifca84c02f8458f0a906948f4a7e0f999af429abf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3697865
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#81069}
2022-06-10 13:52:11 +00:00
jameslahm
1a06c0077d [test] Move test/cctest/test-platform to test/unittests/
... base/platform/platform-unittest.

Bug: v8:12781
Change-Id: I05902bfa5ad6f391f7b7ffa8b22b46627c244fef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3688893
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81068}
2022-06-10 13:14:00 +00:00
Anton Bikineev
64936c8859 cppgc: Fix the age-table unittest
Bug: chromium:1325007
Change-Id: I6adb06c4b15e5656f2b2c47b49d6a225750a6b2a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695572
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81067}
2022-06-10 13:11:19 +00:00
jameslahm
1f2fc0851e [test] Move cctest/test-thread-termination to unittests/
... execution/thread-termination-unittest.

Bug: v8:12781
Change-Id: I772ad8550e242eae66f76c5785aeb7f1e4425fae
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3688894
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81066}
2022-06-10 12:38:01 +00:00
Milad Fa
9dfac00a1d PPC: skip slow tests on the ppc simulator
This CL splits two mjsunit files and skips the ones
which take the longest on the simulator and cause a timeout.

Change-Id: I89be764dc2d7684b401690a23bf53a3ef6384d16
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3693667
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81065}
2022-06-10 12:03:17 +00:00
Thibaud Michaud
b5e9eab6d0 [wasm] Fix module prefix hash for streaming decoder
The module's "prefix hash" is based on a prefix of the module bytes that
starts at the beginning of the module and stops at the code section.

In the case of the streaming decoder, if the code section is empty,
`AsyncStreamingProcessor::ProcessCodeSectionHeader()` is never called,
and we keep accumulating bytes in the hash after the code section. Fix
this by always calling into the streaming processor even if the code
section is empty.

R=ahaas@chromium.org
CC=clemensb@chromium.org

Bug: chromium:1334651
Change-Id: Id2a03468b355867868e589523c994c268c7b4eaf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695564
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81060}
2022-06-10 09:52:18 +00:00
Anton Bikineev
ae41f7dfd9 cppgc: Fix caged-heap reservation when pointer compression is enabled
Currently, PageAllocator assumes that FreePages(start, size) will always
be called on the same region that was passed to AllocatePages(start,
size). This assumption is made in:
1) leak-sanitizer (LsanPageAllocator) that checks it explicitly,
2) on Windows, FreePages() calls VirtualFree() with zero-size and
   MEM_RELEASE, which causes the entire reservation to be freed.

The CL temporarily fixes the bot failures just by holding the unneeded
half and adds a TODO to return the unneded part back to the OS.

Bug: chromium:1325007
Change-Id: I2bd878876d43d693cf2138020f410ffe1615b4e9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695363
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81059}
2022-06-10 09:11:37 +00:00
jameslahm
b61ee5f34a [web snapshot] Support static methods, static async methods,
... static generator methods and static async generator methods
for Class.

Bug: v8:11525
Change-Id: I58e8059c95e8a24e1a09d84aea84b82d35f5e2d7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3688891
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81058}
2022-06-10 09:05:12 +00:00
jameslahm
b3d004aaf9 [test] Move cctest/interpreter to unittests
... /interpreter.

This CL moves cctest/interpreter/{bytecode-expectations-printer,
test-bytecode-generator, test-interpreter-intrinsics,
interpreter-tester, test-interpreter, test-source-positions,
source-position-matcher} to unittests/interpreter/{
bytecode-expectations-printer, bytecode-generator-unittest,
interpreter-intrinsics-unittest, interpreter-tester,
interpreter-unittest, source-positions-unittest, source-position-matcher}.

Bug: v8:12781
Change-Id: I187583bd34f709dd0d7dfc0f92e18f191da0e30f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3609752
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81057}
2022-06-10 08:37:10 +00:00
Anton Bikineev
04c1cbb8c9 cppgc: Support compaction only for uncompressed pointers
Compaction currently considers only backing store pointers as slots and
those are uncompressed. The CL fixes the tests to use raw pointers
instead of Members.

Bug: chromium:1325007
Change-Id: I2ddfffeeab396552bb7cf31b2bd8502ebc2921fb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695590
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81056}
2022-06-10 07:55:37 +00:00
Frank Tang
25c264f894 [Temporal] Add with to ZonedDateTime
Add AOs: ToTemporalOffset and InterpretISODateTimeOffset

Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.with
https://tc39.es/proposal-temporal/#sec-temporal-totemporaloffset
https://tc39.es/proposal-temporal/#sec-temporal-interpretisodatetimeoffset

Bug: v8:11544
Change-Id: I8b757386596d0d73a73e8e9aa2d52cd72b90a95a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3692939
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81053}
2022-06-09 20:21:53 +00:00
Hisham Muhammad
0f748aac3e [wasm][c-api] Add handle scope to fix wasm_module_validate
This adds a handle scope to Module::validate in C API
so that the wasm_module_validate can be usable from C.

Without the added handle scope, attempting to call
wasm_module_validate function from C code fails with:

    #
    # Fatal error in v8::HandleScope::CreateHandle()
    # Cannot create a handle without a HandleScope
    #

Bug: v8:12941
Change-Id: I2b4d5dccdaed9501f31447158ebf8e7906a1f8f0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3692020
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81048}
2022-06-09 16:46:23 +00:00
Dominik Inführ
a537be463f [heap] Track unprotected chunks in LocalHeap
CodePageCollectionMemoryModificationScope now increases a per-thread
counter and inserts unprotected code chunks into a thread-local set
of chunks. This information is moved from Heap into LocalHeap.

We can't use kMaxWriteUnprotectCounter on the unprotect counter on the
MemoryChunk anymore, since e.g. for concurrent Sparkplug N threads might
now allocate a code object on the same page and since
CodePageCollectionMemoryModificationScope doesn't know about the
other threads anymore, each thread has to increase that counter by 1.
We DCHECK that nesting depth now in the scope's constructor instead.

We still need to remove chunks from `unprotected_memory_chunks_` when
freeing an executable MemoryChunk during GC. Fortunately we can still do
this, since all threads are in a safepoint during GC and we can remove
the chunk from each thread-local set without any synchronization.

Bug: chromium:1330887
Change-Id: Icefc61b8d8de113d8dcfb1cf64122d12dd9798c4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3688516
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81047}
2022-06-09 16:35:23 +00:00
Andy Wingo
03dcbc88e0 [stringrefs] Implement string.as_wtf16, stringview_wtf16.length
Bug: v8:12868
Change-Id: I19190dc8163de42964fb3911f82e8aeabaf48524
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695585
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andy Wingo <wingo@igalia.com>
Cr-Commit-Position: refs/heads/main@{#81046}
2022-06-09 16:03:15 +00:00
Manos Koukoutos
ccc8389f14 [wasm][refactor] Use MessageTemplate to describe errors
- Functions related to table initialization now return an optional
  {MessageTemplate} if they fail. This is used to emit the correct error
  message in one test.
- InitExprInterface now uses {MessageTemplate} to describe errors.

Change-Id: I2428f7823859b95d14b6e81c8200f78da4510ceb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695579
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81045}
2022-06-09 16:01:54 +00:00
Michael Lippautz
4cf204da0a [api] Remove deprecated global handle APIs
Bug: v8:12819
Change-Id: I9150a8a8ffa38b0628eee0f399d403af6363c04d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695587
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81042}
2022-06-09 15:39:03 +00:00
Thibaud Michaud
cfea0eb0e8 [wasm][eh] Add WebAssembly.Exception traceStack parameter
Context: https://github.com/WebAssembly/exception-handling/pull/197

This change adds the optional {traceStack: <bool>} parameter to the
WebAssembly.Exception constructor. When set to true, this captures the
stack and sets the `stack` accessor on the exception object.

R=jkummerow@chromium.org

Bug: v8:8091
Change-Id: I4430b6317b27ec62f11e951fbe95ee480ac72d37
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3688402
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81041}
2022-06-09 15:37:18 +00:00
Andy Wingo
0c2bb397a0 [stringrefs] Implement string.measure_wtf16
Bug: v8:12868
Change-Id: I717326b27ce783710ffd141370648dde7e0d74a1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695561
Commit-Queue: Andy Wingo <wingo@igalia.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81035}
2022-06-09 12:57:16 +00:00
Andy Wingo
18393c8c6e [stringrefs] Implement string.measure_utf8, string.measure_wtf8
Bug: v8:12868
Change-Id: I13b32086e736490c54b583a514ac3592179adf7f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695381
Commit-Queue: Andy Wingo <wingo@igalia.com>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81033}
2022-06-09 12:45:53 +00:00
Simon Zünd
31850be1c2 [inspector] Introduce status result for Debugger.setScriptSource
This CL introduces a new `status` enum returned by setScriptSource.
We'll use the information in the DevTools frontend to show more
meaningful error messages as well as disambiguate compilation errors
from failed live edits.

Drive-by: Deprecate the sync and async stack traces in the result.
Currently `setScriptSource` is guaranteed to stay paused so there
is no need to send along the same information from the
preceeding `Debugger.paused` event.
In the future we will restart the top-most frame once we allow
the top-most frame to be edited. In that case the inspector
fires Debugger.resumed + Debugger.paused events following the
live edit also making the info returned here superfluous.

R=jarin@chromium.org

Bug: chromium:1334484
Change-Id: I4226491caed72013a00927273c523213d797a766
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3691850
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81031}
2022-06-09 12:18:32 +00:00
Clemens Backes
50c4365b96 [flags] Remove method to reset flags to default
After flags are frozen, this will not work any more. It's also not
required, as flags cannot be accessed after teardown anyway.
This CL changes that to only release the memory of dynamically allocated
string flags, which is something we still need to do after
write-protecting the flags anyway.

R=tebbi@chromium.org

Bug: v8:12887
Change-Id: Iff0e3845cbd91fb59878b2ed36a44d6df00572f4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695379
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81030}
2022-06-09 11:59:32 +00:00
Anton Bikineev
897c5618aa cppgc: shared-cage: Introduce shared cage for all heaps
The CL does the following:
1) Globalizes CagedHeap for all HeapBases;
2) Adds the global variable representing the cage base;
3) Changes all write-barriers to use this global variable for value/slot
   checks;
4) Removes no longer needed functionality introduced in previous CLs.

Bug: v8:12231
Change-Id: I281a7b0bf67e349c988486fc2d43ec6d703fd292
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3688050
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81027}
2022-06-09 10:42:32 +00:00
Leszek Swirski
75a4ddc953 Revert "Build cctest while building V8"
This reverts commit 7787ed2007.

Reason for revert: Seems to break the archive bot (https://ci.chromium.org/ui/p/chromium/builders/ci/linux-archive-dbg/b8811978830853167601/overview)

Original change's description:
> Build cctest while building V8
>
> I noticed in a recent build that C++ files from cctest didn't start
> compiling until after several slow non-parallel tasks such as running
> mksnapshot and linking v8_for_testing. I don't see any reason that
> cctest sources should wait for those tasks, so in this change I propose
> adjusting the build dependencies for more parallelism.
>
> Change-Id: I2472117c8555ac397fa1232954c8b699d6429d38
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3690170
> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
> Cr-Commit-Position: refs/heads/main@{#80976}

Change-Id: I1d22362080962b424c21232f63e8896a2cbe2bb4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695357
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81025}
2022-06-09 09:23:02 +00:00
Clemens Backes
e831949f5e [test] Fix setting flags in SingleThreadedDefaultPlatformTest
We will not be able to modify flags after initializing V8 (soon).
The {SingleThreadedDefaultPlatformTest} was resetting flags during
teardown for no reason, as we do not support running multiple tests in a
row anyway. Thus remove that use of {SaveFlags} and just set the
--single-threaded flag before initializing V8.

R=ahaas@chromium.org

Bug: v8:12887
Change-Id: Ia89d442cf4b2fe2e12e258da5c0c9f1f871ded12
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695378
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81024}
2022-06-09 08:48:21 +00:00
Michael Lippautz
50683aa68d [api] Deprecate PersistentValueVector
Users can just use std::vector<Global<T>>.

Bug: v8:12915
Change-Id: I59fc8458e336df0dfaa3524f1197d4423482530e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695578
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81023}
2022-06-09 08:44:13 +00:00
Al Muthanna Athamina
ea28ceee12 Skip benchmarks/octane/gbemu-part1 test on NumFuzz
Bug: v8:12901
Change-Id: I14c326981a7cbdf664c8c9ce2fac5486b846b98c
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695556
Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
Auto-Submit: Almothana Athamneh <almuthanna@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81022}
2022-06-09 08:28:53 +00:00
Yolanda Chen
b63dfdb2fd [interpreter] Release temp register earlier to reduce frame size
Some temp register slots are only used in a short range at the begining
of a statement or expression. They can be released earlier to save a
slot for later use. After the change, we can see frame size reduced in
the switch, class literal and ForOf tests.

Bug: v8:12940
Change-Id: I17b412d89353206fc01248cb3eefd2c678bc4ebb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3688565
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Yolanda Chen <yolanda.chen@intel.com>
Cr-Commit-Position: refs/heads/main@{#81021}
2022-06-09 08:13:43 +00:00
Clemens Backes
1bc0208b22 [wasm] Fix error printing in streaming fuzzer
The error message held in {CompilationResult} was not null-terminated,
leading to ASan complaints. Just store it in a {std::string} and use
{c_str()} to get a properly null-terminated C-string.

Drive-by: Enable execution of the fuzzer tests.

R=ahaas@chromium.org

Bug: chromium:1334548, v8:12922
Change-Id: Iafcfd5ce77e49e2aa1ff0910d8718bcd51f83662
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695356
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81020}
2022-06-09 07:34:05 +00:00
Hao Xu
d885243c02 [wasm][revec] Introduce LinearScheduler
Add a simple, linear-time scheduler to check whether two nodes can be
scheduled to a same basic block without actually building basic blocks.

Bug: v8:12716
Change-Id: I20506f28a9126f881b7e4748f54b12551967ba76
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3388910
Reviewed-by: Almothana Athamneh <almuthanna@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Hao A Xu <hao.a.xu@intel.com>
Cr-Commit-Position: refs/heads/main@{#81015}
2022-06-09 02:05:22 +00:00
Shu-yu Guo
c8edf5a189 Unskip JSAtomicsMutexTest.Contention test
The test should now be self-skipping without extra work

Bug: v8:12547
Change-Id: I0adf5d8745e19b17d2644587e416eb16063b210d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3694455
Reviewed-by: Milad Farazmand <mfarazma@redhat.com>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81013}
2022-06-09 00:28:25 +00:00
Manos Koukoutos
31ece3e9e4 [wasm-gc] Clean up workarounds in optimizations
Earlier, we had to introduce some temporary workarounds in Turbofan to
enable optimizations for common wasm-gc patterns. These are now not
required, since these optimizations are applied in WasmTyper and WasmGCOperatorReducer.

Bug: v8:7748
Change-Id: I3a7bc4bd2a8023a438ee4620934ff3fcb8bcfc6a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3693999
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81011}
2022-06-08 21:20:05 +00:00
legendecas
a438bc4166 [builtins] Rename array grouping to group and groupToMap
Rename array grouping methods according to the consensus on TC39 June
meeting.

Bug: v8:12499
Change-Id: I89cb3a49b0de45b74131877bb70d38b49233f275
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3692436
Commit-Queue: Chengzhong Wu <legendecas@gmail.com>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81009}
2022-06-08 18:12:52 +00:00
Clemens Backes
7d34f8819f Reland "[heap] Avoid dynamic updates of FLAG_gc_interval"
This is a reland of commit abcb6bb8b4.
The data race is fixed by using atomic operations.

Original change's description:
> [heap] Avoid dynamic updates of FLAG_gc_interval
>
> Flags will be protected from updates after V8 initialization (in the
> future). This CL avoids any updates of the --gc-interval flag during
> runtime, and instead updates a static field on the HeapAllocator
> directly.
>
> R=mlippautz@chromium.org
>
> Bug: v8:12887
> Change-Id: I17a495cae50a46d59a8159c6ece1558d4d61b949
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687691
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80998}

Bug: v8:12887
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng
Change-Id: Ib5b537500413a627d9b2509354d20906e0474d8e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695380
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81008}
2022-06-08 17:21:53 +00:00
Seth Brenith
8742d2a273 Reland "Allow lookup of matching scripts in Isolate compilation cache"
This is a reland of commit c443858fa9

The original version included an operation which could left-shift
signed values, which is undefined behavior; the updated version masks
the value first to avoid the problem.

Original change's description:
> Allow lookup of matching scripts in Isolate compilation cache
>
> Currently, if the same script text is compiled multiple times with
> differing details (such as name, line number, or host-defined options),
> then multiple copies of that script are added to the Isolate's
> compilation cache. However, any attempt to look up those scripts can
> find only the first instance. This change makes the script compilation
> cache behave more consistently by checking the details while searching
> the hash table for a match, rather than after a potential match has been
> found.
>
> Bug: v8:12808
> Change-Id: Ic9da0bf74f359d4f1c88af89d585404f173056ee
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3671615
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
> Cr-Commit-Position: refs/heads/main@{#80919}

Bug: v8:12808
Change-Id: I494c3c9cc520b79f34247aab6618c40c854b9edc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687070
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#81007}
2022-06-08 17:05:22 +00:00
Andy Wingo
c842874cb5 [stringrefs] Implement string.const
Current implementation doesn't cache the result, however.

Bug: v8:12868
Change-Id: Idd5eb7bbb49d018fec82a80bffb5288c0b6ee0f8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695377
Commit-Queue: Andy Wingo <wingo@igalia.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81006}
2022-06-08 16:49:14 +00:00
Manos Koukoutos
cc13b6c0bc Revert "[heap] Avoid dynamic updates of FLAG_gc_interval"
This reverts commit abcb6bb8b4.

Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20isolates/20029/overview

Original change's description:
> [heap] Avoid dynamic updates of FLAG_gc_interval
>
> Flags will be protected from updates after V8 initialization (in the
> future). This CL avoids any updates of the --gc-interval flag during
> runtime, and instead updates a static field on the HeapAllocator
> directly.
>
> R=​mlippautz@chromium.org
>
> Bug: v8:12887
> Change-Id: I17a495cae50a46d59a8159c6ece1558d4d61b949
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687691
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80998}

Bug: v8:12887
Change-Id: I18310a3f515506d617f42be7a208013957625eaf
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695559
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Owners-Override: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81002}
2022-06-08 15:26:04 +00:00
Leszek Swirski
c51a81e705 [api] Deprecate CopyablePersistentTraits
Anyone using CopyablePersistentTraits should be using v8::Global, so
deprecate it and fix the uses in V8.

Bug: v8:12915
Change-Id: I25e6f2a03e070db9e9af9bbd9ea8cbc0f838c5ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3669254
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81001}
2022-06-08 14:15:12 +00:00
Al Muthanna Athamina
4e83492762 Skip mjsunit/compiler/regress-crbug-1211215 test on NumFuzz
NOTRY=true

Bug: v8:12358
Change-Id: I89a880b9e187b8b149b670d38320aa46be0424dc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695374
Auto-Submit: Almothana Athamneh <almuthanna@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81000}
2022-06-08 14:01:18 +00:00
Clemens Backes
abcb6bb8b4 [heap] Avoid dynamic updates of FLAG_gc_interval
Flags will be protected from updates after V8 initialization (in the
future). This CL avoids any updates of the --gc-interval flag during
runtime, and instead updates a static field on the HeapAllocator
directly.

R=mlippautz@chromium.org

Bug: v8:12887
Change-Id: I17a495cae50a46d59a8159c6ece1558d4d61b949
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687691
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80998}
2022-06-08 13:30:42 +00:00
Thibaud Michaud
a28947f7bb [wasm][eh] Wasm exceptions are not JS errors
Context: https://github.com/WebAssembly/exception-handling/pull/197

This change removes the wasm exception -> JS Error inheritance.

R=jkummerow@chromium.org

Bug: v8:8091
Change-Id: I479f16fe03d4d77d2ecd8409e96f9a3c063912b5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3688401
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80997}
2022-06-08 12:56:36 +00:00
Al Muthanna Athamina
d1510ff43d Skip mjsunit/ignition/regress-672027 test on NumFuzz
NOTRY=true

Bug: v8:12725
Change-Id: I3650d920bfe7ec432e84fc294d38baf13b2ef53a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695375
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Almothana Athamneh <almuthanna@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80994}
2022-06-08 11:57:54 +00:00
Al Muthanna Athamina
7680e5d586 Re-enable concurrent inlining tests
Bug: v8:12013
Change-Id: Idb0ae37176b81623f6faaf5904352e95066684dc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695373
Auto-Submit: Almothana Athamneh <almuthanna@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80993}
2022-06-08 10:46:03 +00:00
Manos Koukoutos
15821ebb60 [wasm][refactor] Rename some symbols
- Rename WasmTrapElemSegmentDropped -> WasmTrapElemSegmentOutOfBounds.
- Rename WasmArrayInitFromData -> WasmArrayInitFromSegment, in
  anticipation of array.init_from_elem.
- Rename InitExprInterface::result_ -> computed_value_, to
  distinguish it from the {result} values. Also, rename
  generate_result() -> generate_value().
- Drive-by: Restructure Runtime_WasmArrayInitFromSegment.

Change-Id: Ic372db909847c7a169f3d6732e64e8665f4200fb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3693702
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80991}
2022-06-08 08:23:52 +00:00
Jakob Kummerow
4dd8d76b17 [wasm] Fix typing for unreachable AssertNonNull
Performing the "swap with TypeCast" input optimization causes inconsistent
types for unreachable AssertNonNull instructions (that should inherit that
TypeCast's <bot> type).

Fixed: v8:12945
Change-Id: Ie51cd6531267a2828c6aac92948edda5c2a5db37
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3693708
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80989}
2022-06-08 08:18:42 +00:00
Frank Tang
cddfa0c5ce [Temporal] Add compare/equals to YearMonth and MonthDay
Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.plainyearmonth.compare
https://tc39.es/proposal-temporal/#sec-temporal.plainmonthday.compare
https://tc39.es/proposal-temporal/#sec-temporal.plainmonthday.prototype.equals

Bug: v8:11544
Change-Id: Ia03946e0e183ec9b0a8130515607c29a32a8b265
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3673418
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80986}
2022-06-07 23:53:27 +00:00
Frank Tang
dc88fb92ed [Temporal] Add toString to PlainDateTime
Implement AOs: RoundISODateTime
Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.plaindatetime.prototype.tostring
https://tc39.es/proposal-temporal/#sec-temporal-roundisodatetime

Bug: v8:11544
Change-Id: Ib0318be8047bb01e593a43cef4405caa5979d1af
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687568
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80985}
2022-06-07 23:52:23 +00:00
Frank Tang
e781520367 [Temporal] Add withPlainDate to ZonedDateTime
Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.withplaindate

Bug: v8:11544
Change-Id: I8d7099906c04eae0e29ff0dabd48b736a07305d6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3692432
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80984}
2022-06-07 23:51:21 +00:00
Frank Tang
fdde51c674 [Temporal] Add Instant.prototype.(add|subtract)
Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.instant.prototype.add
https://tc39.es/proposal-temporal/#sec-temporal.instant.prototype.subtract

Also fix bug in IsValidEpochNanoseconds

Bug: v8:11544
Change-Id: Ied605c9de4ee38a18e2356a89e3a69d534a004d1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3617394
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80983}
2022-06-07 23:44:12 +00:00
Deepti Gandluri
2c2b094f59 [wasm-relaxed-simd] Liftoff prototypes for Arm Trunc/Sat operations
Bug: v8:12284
Change-Id: I9d4a5d7420c6650039f84b3c8fc7974e9e617ce3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687566
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80981}
2022-06-07 18:00:25 +00:00
Seth Brenith
7787ed2007 Build cctest while building V8
I noticed in a recent build that C++ files from cctest didn't start
compiling until after several slow non-parallel tasks such as running
mksnapshot and linking v8_for_testing. I don't see any reason that
cctest sources should wait for those tasks, so in this change I propose
adjusting the build dependencies for more parallelism.

Change-Id: I2472117c8555ac397fa1232954c8b699d6429d38
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3690170
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#80976}
2022-06-07 14:05:05 +00:00
Manos Koukoutos
72c2068731 [wasm] Various small cleanups
Most notable:
- Suggest '--experimental-wasm-gc' for wasm-gc type definitions.
- Remove unused/useless fields from WasmTypeInfo.
- Put more wasm Turbofan optimizations behind '--wasm-opt'.

Change-Id: Ia298a58c2cf03964472a1445460d12ae72a5b04d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3688404
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80973}
2022-06-07 13:13:45 +00:00
Patrick Thier
886838b9cd Allow in-place internalizable strings in non-shared old space
It is now considered best effort, that in-place internalizable strings
are promoted into the shared old space instead of non-shared old space.
This was previously an invariant, but it doesn't hold if the whole page
containing the shared string is promoted instead of individual objects.
In addition with conservative stack scanning individual objects won't be
moved.

Bug: v8:12007
Change-Id: I7474738b02b0c18080cb2e82268a02bf9b480c40
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3688512
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80969}
2022-06-07 11:20:05 +00:00
Nico Hartmann
46ed47e66a [turbofan] Fix inconsistent typing of NumberFloor(NumberDivide(...))
In typed-optimization, Turbofan optimized NumberFloor(NumberDivide(...))
patterns where both inputs are known to be of Unsigned32 type, but the
replacement couldn't be typed consistently. This CL introduces a new
operator Unsigned32Divide, which has the same semantics, but can be
typed consistently and thus allows the simplified lowering verifier to
validate the graph correctly.

Bug: v8:12619
Change-Id: Iad77154d3d840c94edfd3ab91ffa37c840da0bc9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644790
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80967}
2022-06-07 10:11:49 +00:00
Shu-yu Guo
8ae1188644 Correctly skip unittests
Not all V8 build configs support JS shared memory features. Trying to
create a new shared Isolate on such a config DCHECKs at runtime. Make
the shared Isolate test fixture conditionally initialize the shared
Isolate. Users must explicitly check for support.

Bug: v8:12547
Change-Id: I3df1ce7eb5ae9a3c136f88ea8f44c650cc0408ab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687565
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80961}
2022-06-06 23:29:54 +00:00
Frank Tang
5828eb4254 [Temporal] Add ZonedDateTime.prototype.(add|subtract)
Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.add
https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.subtract

Bug: v8:11544
Change-Id: If4e1f71a05a0d1e88829bf219d4f90bd7a343877
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3617392
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80960}
2022-06-06 21:15:55 +00:00
Frank Tang
6d33cb89a4 [Temporal] Add Instant.(compare|prototype.equals)
Also implement AO: CompareEpochNanoseconds
Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.instant.compare
https://tc39.es/proposal-temporal/#sec-temporal.instant.prototype.equals

Bug: v8:11544
Change-Id: I953a890250ff0bf29cd24e4638bf17ceb5f9bb2f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3382057
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80959}
2022-06-06 17:44:42 +00:00
Frank Tang
8436df4b68 [Temporal] Add ZonedDateTime.prototype.hoursInDay
Also add AOs: AddISODate, RegulateISODate

Change the return type of GetISO8601Calendar from MaybeHandle to Handle since it will never throw exception.

Spec Text:
https://tc39.es/proposal-temporal/#sec-get-temporal.zoneddatetime.prototype.hoursinday
https://tc39.es/proposal-temporal/#sec-temporal-addisodate
https://tc39.es/proposal-temporal/#sec-temporal-regulateisodate

Bug: v8:11544
Change-Id: Id0b59e2818a095ee9390de2302501888fd93ca2b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3564937
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80958}
2022-06-06 15:57:56 +00:00
Frank Tang
7627b400c9 [Temporal] Add PlainTime.prototype.(add|subtract)
Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.plaintime.prototype.add
https://tc39.es/proposal-temporal/#sec-temporal.plaintime.prototype.subtract

Bug: v8:11544
Change-Id: I0d684eec9eebfd26eceb6bb4c360025a33bd4c3c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3617390
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80957}
2022-06-06 15:56:54 +00:00
Frank Tang
9b4b64c282 [Temporal] Add PlainDateTime.prototype.(add|subtract)
Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.plaindatetime.prototype.add
https://tc39.es/proposal-temporal/#sec-temporal.plaindatetime.prototype.subtract

Bug: v8:11544
Change-Id: Ib76b090a62a932931ab48cb5814ce1f1050fae10
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3617391
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80956}
2022-06-06 15:55:44 +00:00
Frank Tang
88b644717f [Temporal] Add PlainDate.prototype.(add|subtract)
Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.plaindate.prototype.add
https://tc39.es/proposal-temporal/#sec-temporal.plaindate.prototype.subtract

Bug: v8:11544
Change-Id: Iacb4b9ba7d481005d14e2e4d42e2422133f5ab42
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3617389
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80955}
2022-06-06 15:49:55 +00:00
Fanchen Kong
e344bf94a4 [x64][wasm-simd] Pattern match on packed byte to dword zero extend like shuffle
When a 8x16 shuffle matches a packed byte to dword zero extension,
1. input1 is S128Zero after canonicalization,
2. the indices {0,4,8,16} are consecutive value in the range [0-15] and
other indices are in the range [16-31],
the shuffle can be matched to packed byte to dword zero extend. These
shuffles are commonly used in image processing.

Change-Id: I14d1e35401dbc5ecd91f67c46ea9762628835d01
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3547667
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Fanchen Kong <fanchen.kong@intel.com>
Cr-Commit-Position: refs/heads/main@{#80953}
2022-06-06 03:15:12 +00:00
Anton Bikineev
d8da11ae05 cppgc: shared-cage: Use dedicated reservations for normal/large pages
The CL splits the Oilpan giga-cage in two 2GB reservations: one for
normal pages and the other for large ones. The split enables fast
page-header lookup (assuming most objects reside on normal pages), which
is needed for:
1) the young generation project, where the remembered set will move to
   pages;
2) the shared-cage project, to find HeapBase* from page-headers.

Bug: v8:12231, chromium:1029379
Change-Id: I4ae9e8a75a307ed0dff9a2ec4f1247b80e17ebd9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3688519
Auto-Submit: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80950}
2022-06-05 14:32:01 +00:00
Igor Sheludko
ff64360d0a [rab/gsab] Skip slow tests on debug sim builds
Bug: v8:11111
Change-Id: I52caef43e7f2b3921ef34eeb50e41f1dedf90e32
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3689570
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80949}
2022-06-04 12:59:20 +00:00
Jakob Kummerow
11a1ac4bc2 Faster TypedArray.fill(0) and .fill(-1)
Calling memset directly is faster than std::fill for multi-byte element
types.

Change-Id: I83b997740146688f87b86901825e31d6644bc25b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687700
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80945}
2022-06-03 14:01:49 +00:00
Milad Fa
e51b03a08a [wasm-gc] Fix LOAD_VERIFY/STORE_VERIFY on big endian
Applying the set of unittest changes from
https://crrev.com/c/3678208 to BE.

Change-Id: I02d0f2f388720e3acc35660042d5c2c76fa589e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687474
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#80942}
2022-06-03 12:03:20 +00:00
Jakob Kummerow
bfd0ccf2dd [wasm] EquivalentTypes() should be symmetric
Fixed: v8:12935
Change-Id: Ib4dfdc276e6a9f465666b068bdbe31776429f359
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687699
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80941}
2022-06-03 11:16:59 +00:00
Clemens Backes
2d5c7a1517 [wasm][c-api] Avoid flag updates after initialization
There are two flag updates from the Wasm C-API. Both are unnecessary:
FLAG_expose_gc is not needed because we call the internal API for
garbage collection; this is always allowed.
FLAG_experimental_wasm_eh is enabled by default, so does not need to be
set to true in that test.

R=jkummerow@chromium.org

Bug: v8:12887
Change-Id: If56506228cd89d5452e71376e4c2f6a4ec636979
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687690
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80939}
2022-06-03 10:25:45 +00:00
Clemens Backes
f149912f33 [flags] Protect individual flag updates
Extend the effect of --freeze-flags-after-init to also protect updates
of individual flags instead of only the API.
For this, we wrap each flag in a {FlagValue} class which implicitly
converts to the value of the flag. Some cases still require the explicit
{value()} accessor though. That accessor is {constexpr}, in contrast to
the implicit conversion, because otherwise clang emits a lot of warnings
about dead code within "if (FLAG...)" scopes.

R=cbruni@chromium.org

Bug: v8:12887
Change-Id: I87d3457e49ceb317d34d6a21cf09c520d4171eb5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683321
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80938}
2022-06-03 10:24:40 +00:00
Igor Sheludko
7b4721f8b8 [ext-code-space] Introduce CodeLookupResult
... as a pair of Code and CodeDataContainer.

In order to stop creating and using trampoline Code objects for
builtins we need a different way to represent an "embedded builtin"
code lookup result of builtin trampoline Code objects.
We can't switch to CodeT for this purpose because GC still needs to
be able to locate not yet evacuated Code objects in order to update
old code pointers on the stack once Code objects are moved.

Bug: v8:11880
Change-Id: I296636a6728a11c8e3220b3fee43fd12ff633c1b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3684813
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80937}
2022-06-03 10:04:50 +00:00
Marja Hölttä
efadd2d0a2 [rab/gsab] RAB/GSAB support for A.p.concat
It mostly worked out of the box. Only the dictionary mode prototype
chain walk code paths had to be updated.

Bug: v8:11111
Change-Id: Ia8336964d29304916a34e305f32bb33bb06e211a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683340
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80935}
2022-06-03 09:40:09 +00:00
Clemens Backes
13567f5f3a [wasm] Remove kFinishedTopTierCompilation event
This fully removes the kFinishedTopTierCompilation event, and any
handling of it. In a dynamic tiering world, that event has no meaning
any more.

R=ahaas@chromium.org

Bug: v8:12899
Change-Id: I36484e36f7c36f2ac4fcb111e67a14509c2eefef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3667081
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80930}
2022-06-03 07:49:39 +00:00
jameslahm
b425a0e94f [web snapshot] Support properties in Class.
This CL adds the serialization and deserialization for
properties in class.

TODO: we could use serialized start_position and length
in function to add ClassPositions property to class.

Bug: v8:11525
Change-Id: I065039932b3c10c6b757b331aba0ced36eba84e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3682878
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#80927}
2022-06-03 02:43:29 +00:00
Milad Fa
1dae3f2ba4 PPC/S390: skip JSAtomicsMutexTest.Contention test
This test requires shared cage implemented. More details
under https://crrev.com/c/3673354 .

Change-Id: Ib1d39dcc2fd6c8abb4f79bf6b845132c34d2ec8a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687475
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#80926}
2022-06-02 20:44:28 +00:00
Ilya Rezvov
a52b44f093 [wasm-simd] Prototype relaxed integer Dot product instructions
Prototype the instruction on the interpreter, and Arm64. Details of
instruction lowerings on all relevant architectures can be found at:
https://github.com/WebAssembly/relaxed-simd/issues/52

Bug: v8:12908
Change-Id: If8ffb82c38042191c67c9b5c23a231877d4f2159
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3679848
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Ilya Rezvov <irezvov@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80924}
2022-06-02 18:30:58 +00:00
Deepti Gandluri
a13598ae0c Revert "Allow lookup of matching scripts in Isolate compilation cache"
This reverts commit c443858fa9.

Reason for revert: Several UBSan failures: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/21547/overview

Original change's description:
> Allow lookup of matching scripts in Isolate compilation cache
>
> Currently, if the same script text is compiled multiple times with
> differing details (such as name, line number, or host-defined options),
> then multiple copies of that script are added to the Isolate's
> compilation cache. However, any attempt to look up those scripts can
> find only the first instance. This change makes the script compilation
> cache behave more consistently by checking the details while searching
> the hash table for a match, rather than after a potential match has been
> found.
>
> Bug: v8:12808
> Change-Id: Ic9da0bf74f359d4f1c88af89d585404f173056ee
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3671615
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
> Cr-Commit-Position: refs/heads/main@{#80919}

Bug: v8:12808
Change-Id: I6d007374fb607a2670ca260c6bd0d6774d7f51d7
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687311
Auto-Submit: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#80922}
2022-06-02 17:32:33 +00:00
Seth Brenith
c443858fa9 Allow lookup of matching scripts in Isolate compilation cache
Currently, if the same script text is compiled multiple times with
differing details (such as name, line number, or host-defined options),
then multiple copies of that script are added to the Isolate's
compilation cache. However, any attempt to look up those scripts can
find only the first instance. This change makes the script compilation
cache behave more consistently by checking the details while searching
the hash table for a match, rather than after a potential match has been
found.

Bug: v8:12808
Change-Id: Ic9da0bf74f359d4f1c88af89d585404f173056ee
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3671615
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#80919}
2022-06-02 16:39:39 +00:00
Liu Yu
56dd286445 [test][loong64] Fix error when moving test-disasm-loong64
commit ce9d6d49bd

Bug: v8:12781
Change-Id: I2010281c04a26cd93fefabae98cf9a6585210013
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687069
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Liu Yu <liuyu@loongson.cn>
Cr-Commit-Position: refs/heads/main@{#80916}
2022-06-02 13:22:43 +00:00
Clemens Backes
22b4ab86ef [flags] Refactor MaybeBoolFlag to use base::Optional
Use the existing {base::Optional} instead of the extra {MaybeBoolFlag}
struct. This makes writing to a maybe-flag simpler because you just
write a boolean value and that automatically initializes the optional.

R=cbruni@chromium.org

Bug: v8:12887
Change-Id: I940d20286d65ba4355dc04b4b6068a306706f295
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3686412
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80915}
2022-06-02 12:55:38 +00:00
Manos Koukoutos
aee0ec979a [wasm-gc][turbofan] Implement typing phase
We introduce a typing phase into the Turbofan compilation pipeline for
wasm-gc. It has two functionalities: (1) to type nodes that were not
typed during code generation (mainly phi nodes) and (2) to narrow types
as much as possible.
The following nodes are handled, which should be enough for our
purposes: TypeGuard, WasmTypeCast, AssertNotNull, Phi, LoadFromObject,
and LoadImmutableFromObject.
Loop phi types are computed by first assigning the type of the
non-recursive input, and updating once we have the type of the recursive
inputs, and repeating this process to a fixed point.

Drive-by: Remove the narrowing of function signatures during wasm
inlining, as it created some issues and should not be needed after this
series of changes.

Bug: v8:7748
Change-Id: I8a72488d5c221c4ae8257fc5abf6f0368cf10e96
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3678208
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80912}
2022-06-02 11:08:21 +00:00
Marja Hölttä
084356297d [rab/gsab] Add missing tests for TA.p.copyWithin
Bug: v8:11111
Change-Id: I8190bc8cfd1e8e5b9d498e29bc2d0a25eae2e03a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683363
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80906}
2022-06-02 07:31:49 +00:00
Milad Fa
c553b02cec Fix compilation with gcc
Currently getting the following error with gcc 8.4,
including on x64 linux:
```
error: ':InterpreterState::scratch_' is used uninitialized in this function
```

Change-Id: I95ae848bf2503f6a0dac30254b19b08047b73cce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683104
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#80901}
2022-06-01 18:17:22 +00:00
Clemens Backes
85cf4be909 [wasm][fuzzer] Refactor second instantiation
The fuzzer instantiates the module twice: Once for reference
interpretation / execution, and once for the actual execution of
Liftoff/TurboFan code.
For some reason, the two code paths for interpretation and Liftoff
reference execution used different patterns: Interpretation was using
the first instance, and then creating a second instance for actual
execution, whereas the Liftoff path used a second instance for the
reference execution and used the first one for the actual execution.

This CL refactors this to always create a "reference instance" first,
use that for either the interpreter or Liftoff, and then create a second
instance for the actual execution.

R=thibaudm@chromium.org

Bug: v8:12425
Change-Id: I19754264240d8570f00161abb7aecba1cc2b2ae0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683323
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80900}
2022-06-01 16:46:28 +00:00
Marja Hölttä
bfa18f9e57 [rab/gsab] Move OOB check to ValidateIntegerTypedArray
The OOB check belongs in ValidateIntegerTypedArray according to the
spec.

This also fixes the error types for OOB TypedArrays when doing Atomics:
OOB TypedArrays should get a TypeError, not RangeError.

Bug: v8:11111
Change-Id: Ice2e5695d69d84b2c20a4cf8f06880673d901a91
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3676859
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80898}
2022-06-01 16:12:16 +00:00
Clemens Backes
3694eba74e [wasm][fuzzer] More output for failed instantiation
The fuzzers sometimes fail to instantiate a module that we already
instantiated before. This is nondetermistic and hard to reproduce (maybe
an out-of-memory situation).
Make the fuzzers print the error message so we learn more about those
failures.

R=ahaas@chromium.org

Bug: chromium:1330572
Change-Id: I0db103bdb113b1c1cedf662e02fb7a7f9d34ebd7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3680298
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80893}
2022-06-01 13:14:38 +00:00
Leszek Swirski
1acb5db0ea [test] Add perfetto initialisation to unittest runner
Bug: v8:12781
Change-Id: I1cf929e1d817ba81d25ba5095872b975c13f40d3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3683319
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80891}
2022-06-01 12:32:17 +00:00
jameslahm
a9ca9f7dbc [test] Move cctest/test-flags to unittests/flags/
... flag-definitions-unittest.

Bug: v8:12781
Change-Id: I11cd6acc4d7c548773f013fcaf5a2de5b47d730b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3682879
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#80889}
2022-06-01 11:06:31 +00:00
Danil Somsikov
0944ea06c6 Disable command-line API for untrusted inspector clients.
Bug: chromium:1290236
Change-Id: Ie8cda6fd6260d30d3107d3b0288e01960b0e2d3e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3677293
Auto-Submit: Danil Somsikov <dsv@chromium.org>
Commit-Queue: Danil Somsikov <dsv@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80885}
2022-06-01 09:37:58 +00:00
jameslahm
9d12255c1e [test] Move cctest/test-managed to unittests/objects/
... managed-unittest.

Bug: v8:12781
Change-Id: Ic9dea14ffd0f8ca944c39d791c2b66aa1f76bcfe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3682881
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#80882}
2022-06-01 08:05:31 +00:00
jameslahm
a9a44a3126 [test] Move cctest/test-threads to unittests/execution/
... threads-unittest.

Bug: v8:12781
Change-Id: I1294d0bf9f47c158532a489657bc1e5349afce79
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3682882
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#80881}
2022-06-01 08:01:51 +00:00
jameslahm
daee783c73 [test] Move cctest/test-hashmap to unittests/base/
... hashmap-unittest.

Bug: v8:12781
Change-Id: Id2d4c1d41540791e4c32919d4da4648565ac9faf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3682880
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#80880}
2022-06-01 08:00:48 +00:00
Dominik Inführ
c6527293a5 [heap] Fix external bytes accounting when promoting large objects
Unlike other spaces we didn't update external bytes counters when
adding or removing pages from large spaces.

Bug: chromium:1329766
Change-Id: I5fbc8703964f9e4e846d986c32c5d57ed4f0c0c5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3681118
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80877}
2022-06-01 07:24:08 +00:00
Shu-yu Guo
7ff1857560 Reland "[shared-struct] Add Atomics.Mutex"
This is a reland of commit ea9a1f1cbe

Changes since revert:
- Make the state field uintptr-aligned since arm64 faults on
  atomic accesses to non-naturally aligned addresses.

Original change's description:
> [shared-struct] Add Atomics.Mutex
>
> This CL adds a moving GC-safe, JS-exposed mutex behind the
> --harmony-struct flag. It uses a ParkingLot-inspired algorithm and
> each mutex manages its own waiter queue.
>
> For more details, please see the design doc: https://docs.google.com/document/d/1QHkmiTF770GKxtoP-VQ1eKF42MpedLUeqiQPfCqus0Y/edit?usp=sharing
>
> Bug: v8:12547
> Change-Id: Ic58f8750d2e14ecd573173d17d5235a136bedef9
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3595460
> Commit-Queue: Shu-yu Guo <syg@chromium.org>
> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80789}

Bug: v8:12547
Change-Id: I776cbf6ea860dcc6cb0ac51694a9b584b53d255c
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3673354
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80875}
2022-06-01 01:12:07 +00:00
Shu-yu Guo
0f510c4ab1 [change-array-by-copy] Implement with
Bug: v8:12764
Change-Id: I67b9b0e4f3c7ca6a2719c234b7f7605f07f86b28
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3671760
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80874}
2022-06-01 00:47:32 +00:00
Milad Fa
efcbd13355 S390: Add missing headers to disasm-s390-unittest
Modification is needed since after this CL:
https://crrev.com/c/3676642

Bug: v8:12781
Change-Id: Icb2644c9cd6f20e37c4b0ba0c4b861417c84b7f1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3679980
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#80871}
2022-05-31 17:51:08 +00:00
Joyee Cheung
4bdbccc392 Revert "[heap] pre-populate the single_character_string_cache"
This reverts commit 07e11a64e4.

Reason for revert: caused regressions and heap verification failures

Bug: chromium:1330410, chromium:1330408, chromium:1330413

Original change's description:
> [heap] pre-populate the single_character_string_cache
>
> This simplifies the code and removes the runtime overhead of
> spontaneously adding strings to the cache.
>
> Bug: v8:12718
> Change-Id: I2ed49bd82e3baf2563eeb8f463be72c0308c52c5
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616553
> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Joyee Cheung <joyee@igalia.com>
> Cr-Commit-Position: refs/heads/main@{#80803}

Bug: v8:12718
Change-Id: I569fea9e34effd57c9e7c65190cf5b4ec0b0623b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3679680
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Owners-Override: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80870}
2022-05-31 16:41:47 +00:00
Nikolaos Papaspyrou
4651df6bba heap: Fix and clean up object start bitmap
This CL introduces the following changes to the experimental
implementation of the object start bitmap, that is evaluated as
a mechanism for resolving inner pointers (behind the flag
v8_enable_conservative_stack_scanning):

- Manually iterate through page objects, instead of using the
  PagedSpaceObjectIterator, for performance (avoid calling
  MakeHeapIterable all the time) and to simplify the handling
  of filler objects.
- Clear bits when reusing evacuated pages of the new space.
- Use the cage base to iterate correctly through code objects.
- Introduce a method for verifying the validity of the object
  start bitmap.
- Minor fixes, additional checks and cleanup.

Bug: v8:12851
Change-Id: I245937ffe6f4b53c4c2dcf5126e8836aec4dc79e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3675099
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80869}
2022-05-31 16:37:08 +00:00
Clemens Backes
ca7e0c669b [wasm] Remove sampling on top tier finished
Remove code size and compilation time sampling for the "top tier
finished" event. With dynamic tiering, this event will never be reached.

R=ahaas@chromium.org

Bug: v8:12899
Change-Id: I1b0d053e31fe8cd1f8ba3b23bfff4c5879569b45
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647691
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80867}
2022-05-31 16:20:58 +00:00
Leszek Swirski
f215daa819 Reland "Reland "[test] Move tracing cctest to unittests""
This is a reland of commit 3b251debfb

Annotates the perfetto proto include with nogncheck, because gn's header
checker doesn't understand preprocessor directives.

See
https://gn.googlesource.com/gn/+/main/docs/reference.md#advice-on-fixing-problems

Original change's description:
> Reland "[test] Move tracing cctest to unittests"
>
> This is a reland of a7d6bf9662
>
> Added perfetto to unittests include_rules.
>
> Bug: v8:12781
> Change-Id: Iabf0e62abb1de879de21ba06fbd38f5432ee4f76
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652295
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80847}

Bug: v8:12781
Change-Id: I886df9254d8fecd56f64110f04b1447937605b58
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3680299
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80866}
2022-05-31 16:16:57 +00:00
jameslahm
16fa2f28b7 [web snapshot] Support properties in function
This CL adds the serialization and deserialization
for properties in function. And we only support fast
properties in property array now.

Bug: v8:11525
Change-Id: If0bb3fee400ca957009d046ed74b92d8192c2514
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3650675
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80858}
2022-05-31 13:14:17 +00:00
Leszek Swirski
cbdc545dcb Revert "Reland "[test] Move tracing cctest to unittests""
This reverts commit 3b251debfb.

Reason for revert: Chrome build is still unhappy

Original change's description:
> Reland "[test] Move tracing cctest to unittests"
>
> This is a reland of a7d6bf9662
>
> Added perfetto to unittests include_rules.
>
> Bug: v8:12781
> Change-Id: Iabf0e62abb1de879de21ba06fbd38f5432ee4f76
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652295
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80847}

Bug: v8:12781
Change-Id: I54d64a10e24bc913be9d2bd66c1908664665f484
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3679519
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#80857}
2022-05-31 12:48:18 +00:00
Manos Koukoutos
ac1c4c6d56 [wasm] Fix effect chain, enable its verification
This CL fixes all spots where wasm Turbofan code did not satisfy the
invariant that all nodes with effect outputs are connected to another
node. Also, it enables the related verification for wasm code.

Drive-by:
- Simplify how stack checks are removed during loop unrolling.
- Fix a test declaration in test-gc.cc.

Change-Id: Id32af8584ba0ec281f4bf7757bd2915e6d8bf443
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3676862
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80854}
2022-05-31 12:37:27 +00:00
Leszek Swirski
5d71a2c9dc [test] Add perfetto deps to unittests
Bug: v8:12781
Change-Id: Icf3233b48718e117cc39289c511f9fd4d99c874d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3679079
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80853}
2022-05-31 12:28:47 +00:00
Maya Lekova
11a304ffeb [megadom] Fix crash in d8 when realm is entered
Bug: chromium:1329234
Change-Id: I59f171d3e2ab0c07f79f631971b1695b9f706600
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3677294
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80850}
2022-05-31 12:09:38 +00:00
Clemens Backes
a1c96c7b8a [wasm] Enable dynamic tiering in serialization tests
Some tests disabled dynamic tiering in order to actually serialize
TurboFan code. This makes the tests a bit simpler, but does not reflect
real-world usage.
This CL enables dynamic tiering in those tests and when needed executes
the code until tier-up was observed.

R=ahaas@chromium.org

Bug: v8:12899
Change-Id: I34cb8cedbc5908d9e6ca09d56c51609d0c8b2d6a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3660262
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80849}
2022-05-31 11:11:17 +00:00
Leszek Swirski
3b251debfb Reland "[test] Move tracing cctest to unittests"
This is a reland of a7d6bf9662

Added perfetto to unittests include_rules.

Bug: v8:12781
Change-Id: Iabf0e62abb1de879de21ba06fbd38f5432ee4f76
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3652295
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80847}
2022-05-31 10:45:17 +00:00
Omer Katz
5411e8508b [heap] Abstract away remaining SemiSpaceNewSpace methods
The abstractions in this CL include:
1) Using EvacuatePrologue to handle age mark updating in
SemiSpaceNewSpace.
2) Using IsPromotionCandidate to check if a page contains
the current age mark.
3) EnsureCurrentCapacity instead of Rebalance.
4) Delegate page promotions in mark-compact.cc to the
NewSpace implementation.

Bug: v8:12612
Change-Id: Ied83261d661a8e61a11bf33b1d7a2103ac99a853
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3644966
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80846}
2022-05-31 10:37:57 +00:00
Igor Sheludko
b5283a2e5b [cleanup] Make the CaptureStackTrace test threaded
Fixes b/3074796.

Change-Id: Ib8343702a7f9f8c912bcb5660ff9d0378b90d1f4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3676856
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80843}
2022-05-31 09:52:38 +00:00