The change broke msvc build. This CL fixes it.
Original change description:
> This reverts commit 97b4ed7438.
>
> Microsoft x86_64 ABI considers XMM6-XMM15 as non-volatile
> (callee-saved), which means that the compiler can store pointers in them.
> We need to make sure they are pushed onto the stack inside the stack
> scanning trampolines.
> Bug: v8:11710
> Change-Id: Ida804fe49d3d3b6f179ec276903a42ec8d3d86be
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2865745
> Commit-Queue: Anton Bikineev <bikineev@chromium.org>
> Auto-Submit: Anton Bikineev <bikineev@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74376}
Bug: v8:11710
Change-Id: I5357ceffe4dce5c570a15d8be86d6db11926e88c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2876846
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74416}
When a function is invoked by prototype.apply, it may undergo following transformation in the JSCallReducer:
receiver.apply(this, args) ->
this.receiver(...args) Since the new target (also the receiver of apply()) is not collected to the feedback slot, further speculative optimization on the new target is not available if the new target
is not a heapconstant.
With this CL, the receiver will be collected to the feedback instead of the target if the target is a prototype.apply. It may improve the performance of the following usecase by ~80%.
function reduceArray(func, arr, r) {
for (var i = 0, len = arr.length; i < len; i++) {
r = func.apply(null, r, arr[i]);
}
return r;
}
var a = 0; for (var i = 0; i < 10000000; i++) {
a += reduceArray(Math.imul, [5,6,2,3,7,6,8,3,7,9,2,5,], 1);
}
console.log(a);
This CL also improves the runTime score of JetStream2/richards-wasm by ~45% in default, ~60% with --turbo-inline-js-wasm-calls.
Change-Id: I542eb8d3fcb592f4e0993af93ba1af70e89c3982
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2639813
Commit-Queue: Fanchen Kong <fanchen.kong@intel.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74413}
This also propagates the exception through all the users of
ConvertElementsWithCapacity.
Bug: chromium:1201626
Change-Id: Ie44ba4327a4c3a20f1376477f45d3cd95d0da3b3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2857961
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74412}
The test takes several minutes on slower bots, so speed it up a bit
without removing the ability to hit the data race.
R=ulan@chromium.org
Bug: chromium:1205290, v8:11741
Change-Id: I57e411bfa2ff2a22bef1a916b74f7684b2f0be17
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2876855
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74408}
This reverts commit bc1eb7b478.
Reason for revert: https://ci.chromium.org/ui/p/chromium/builders/try/android-pie-arm64-rel/369203/overview
Original change's description:
> [api] Add API callback setter for the SAB origin trial
>
> This change makes it possible to enable SharedArrayBuffer per Context,
> controlling whether it should be enabled or not with a callback. The
> previous implementation of the reverse origin trial for
> SharedArrayBuffer was broken, since the feature could only be enabled
> globally per process, and only if the feature flag is set early enough
> in the v8 initialization. This does not play well with how origin
> trials work.
>
> The implementation is similar to the callbacks that already exist for
> the origin trials for WebAssembly simd and exceptions.
>
> SharedArrayBuffer is still controlled by the flag
> harmony_sharedarraybuffer. If that flag is disabled, then
> SharedArrayBuffer is disabled unconditionally. On top of that, this CL
> introduces a new flag for enabling SharedArrayBuffer per context. If
> that flag is set, a callback is used to determine whether
> SharedArrayBuffer should be enabled.
>
>
> Note that this only controls whether the SharedArrayBuffer constructor
> should be exposed on the global object or not. It is always possible
> to construct a SharedArrayBuffer using
>
> new WebAssembly.Memory({
> shared:true, initial:0, maximum:0 }).buffer.constructor;
>
>
> There are few things which I do not like of this approach, but I did
> not have better ideas:
>
> 1. The complex logic of dobule flag + callback. However, this seemed
> the best way to me to not break embedders which rely on that flag
> being enabled by default.
>
> 2. The fact that what actually matters is just whether the callback
> returns `true` once. It would be good to check that the callback gives
> a consistent return value, or to provide a better API that cannot be
> missunderstood.
>
>
> Bug: chromium:923807,chromium:1071424,chromium:1138860
> Change-Id: Ibe3776fad4d3bff5dda9066967e4b20328014266
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2867473
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Antonio Sartori <antoniosartori@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74378}
Bug: chromium:923807
Bug: chromium:1071424
Bug: chromium:1138860
Change-Id: Iec678dee130db891c2096e47bc072a5d77ae9476
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874403
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Lutz Vahl <vahl@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74404}
For copying the SharedArrayBuffer content, we cannot use a simple
{memcpy} because that produces data races with thread concurrently
modifying the content. Instead, use a custom {Relaxed_Memcpy} that uses
proper relaxed atomics. The implementation is slightly optimized to do
word-sized loads and stores where possible. If we still get performance
regressions, we can optimize it further in follow-up CLs.
R=ulan@chromium.orgCC=mlippautz@chromium.org
Bug: v8:11704, chromium:1205290
Change-Id: Ie34afc5c22ec5496c0fe822d55d4788031f06c54
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874652
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74403}
Order the bytecodes to enable range-based checks for
IsWithoutExternalSideEffects. Also remove the now unecessary
macro definitions for Jump bytecodes.
BUG=v8:9684
Change-Id: Id2d7e2e0141b57864c65a752bc233f004f86f760
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2875208
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74397}
Change-Id: I0f732a3e7e970c02925c0ba4e93273a27605dec3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2875206
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74390}
- Take HeapHandle& parameter to allow a use case of free() on an already
dead object during sweeping.
- Change free() from T* to T& which forces an object and allows the
caller to place the nullptr check before retrieving a heap handle.
Bug: chromium:1056170
Change-Id: I80689d27d3abe410d177cd8c86b31ff2fe579a77
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874461
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74387}
As per WebAssembly Web API[1], the engine should only consider names
from the name section to synthesize function names in the context of
call stacks. We previously also added support to harvest the exports
table here in an attempt to improve the DevTools debugging experience,
but that needs a separate fix specifically for the inspector (which
should also take into account the imports to harvest names).
[1]: https://webassembly.github.io/spec/web-api/index.html#conventions
Fixed: chromium:1164305
Change-Id: I4bde5c8398a5164f1d8ac9060ad3743ed494c41e
Bug: chromium:1159307, chromium:1164241, chromium:1071432
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874464
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74382}
This reverts commit 305aa12f8c.
Reason for revert: Breaks MSVC compilation: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Win64%20-%20msvc/17718/overview
Original change's description:
> cppgc: Save xmm registers on the stack
>
> Microsoft x86_64 ABI considers XMM6-XMM15 as non-volatile
> (callee-saved), which means that the compiler can store pointers in them.
> We need to make sure they are pushed onto the stack inside the stack
> scanning trampolines.
>
> Bug: v8:11710
> Change-Id: Ida804fe49d3d3b6f179ec276903a42ec8d3d86be
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2865745
> Commit-Queue: Anton Bikineev <bikineev@chromium.org>
> Auto-Submit: Anton Bikineev <bikineev@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74376}
Bug: v8:11710
Change-Id: I9593e55b5c935619a6707f3c00f9ac295475b30d
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874462
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#74379}
This change makes it possible to enable SharedArrayBuffer per Context,
controlling whether it should be enabled or not with a callback. The
previous implementation of the reverse origin trial for
SharedArrayBuffer was broken, since the feature could only be enabled
globally per process, and only if the feature flag is set early enough
in the v8 initialization. This does not play well with how origin
trials work.
The implementation is similar to the callbacks that already exist for
the origin trials for WebAssembly simd and exceptions.
SharedArrayBuffer is still controlled by the flag
harmony_sharedarraybuffer. If that flag is disabled, then
SharedArrayBuffer is disabled unconditionally. On top of that, this CL
introduces a new flag for enabling SharedArrayBuffer per context. If
that flag is set, a callback is used to determine whether
SharedArrayBuffer should be enabled.
Note that this only controls whether the SharedArrayBuffer constructor
should be exposed on the global object or not. It is always possible
to construct a SharedArrayBuffer using
new WebAssembly.Memory({
shared:true, initial:0, maximum:0 }).buffer.constructor;
There are few things which I do not like of this approach, but I did
not have better ideas:
1. The complex logic of dobule flag + callback. However, this seemed
the best way to me to not break embedders which rely on that flag
being enabled by default.
2. The fact that what actually matters is just whether the callback
returns `true` once. It would be good to check that the callback gives
a consistent return value, or to provide a better API that cannot be
missunderstood.
Bug: chromium:923807,chromium:1071424,chromium:1138860
Change-Id: Ibe3776fad4d3bff5dda9066967e4b20328014266
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2867473
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Antonio Sartori <antoniosartori@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74378}
This CL adds a new %VerifyType compiler intrinsic that can be used
by tests and fuzzers to generate a runtime type check of the given
input value. Internally, %VerifyType is lowered to %AssertType
which is why checks are currently limited to range types.
tests to be const-correct.
Drive-by: Add a few consts to NodeProperties accessors to allow
Bug: v8:11724
Change-Id: I06842062d0e8278a5ba011d5a09947fe05b6e85e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2859959
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74377}
Microsoft x86_64 ABI considers XMM6-XMM15 as non-volatile
(callee-saved), which means that the compiler can store pointers in them.
We need to make sure they are pushed onto the stack inside the stack
scanning trampolines.
Bug: v8:11710
Change-Id: Ida804fe49d3d3b6f179ec276903a42ec8d3d86be
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2865745
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Auto-Submit: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74376}
We potentially emitted the same gap move multiple times to satisfy slot
constraint of live ranges defined by a constant. Avoid this by keeping
track of already spilled ranges for a given instruction.
This is not expected to cause any regression because this case is rare.
If it does, a better approach to save allocations would be to re-use the
same vector by storing it somewhere that survives the function calls,
e.g. in the ConstraintBuilder.
Drive-by: Remove unused functions.
R=sigurds@chromium.orgCC=nicohartmann@chromium.org
Bug: chromium:1204748
Change-Id: I75a838a8b27775ecdeddb4c60cf72c56d5f1c2a4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2871462
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74375}
Main changes:
- Allow global.get in elements segments with expressions-as-elements.
- Allow element segments with types other than funcref.
Detailed changes:
- Move WasmInitExpr to its own file. Add stream opearator << support.
- Simplify type of PrintCollection.
- Make WasmElemSegment use an array of WasmInitExpr's over the previous
ad-hoc implementation. Move null_index to WasmModuleBuilder.
- Refactor consume_element_segment_header. Make it return a
WasmElemSegment.
- Refactor consume_element_expr. Make it return a WasmInitExpr.
- Refactor DecodeElementSection. Make it invoke
consume_element_segment_header, then populate its element array.
- Update module-instantiate.cc to handle global.get elements.
- Fix bug in wasm-objects.cc where the wrong type index was passed into
module()->has_signature()
- Adapt and add tests.
Change-Id: I5abfbe424dbb750ee2dca59f91c451ffcb79f95f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2857959
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74374}
This is part of a CL series that establishes MakeRef/TryMakeRef as
the bottleneck for Ref construction. We do this by converting direct
constructor uses to (Try)MakeRef calls, and then marking the ctor
as protected.
Bug: v8:7790
Change-Id: I26faa6bc1934662c81ae127dee64bddffa428de9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874165
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74371}
WasmModules were not removed from the global type judgement cache when
they were deleted. This created problems if another module got allocated
in the same location as a previously deleted module, by creating false
positive cache hits. This CL fixes this issue by removing WasmModule
from the cache as part of its destructor.
Bug: v8:11700
Change-Id: I4948e361dd681040807f35d759b647d1bce585dc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2859863
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74370}
Element segments and tables in tests used an ad-hoc mechanism to
describe the different types of initializer expressions, e.g. an number
which could denote either the value of a constant or the index of a
global. This CL tidies up and generalizes the test infrastructure by
directly using WasmInitExpr in those cases.
Additional changes:
- Introduce WasmElemSegment class.
- Remove obsolete --experimental-wasm-bulk-memory flag from tests.
- Rename WasmInitExpr.type -> kind.
- Remove dependency of wasm-module-builder from mjsunit.js (except in
assertTraps).
Change-Id: I716254a04ceea9ceb8ac6b848e12e1637f618f0d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2857638
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74368}
This is part of a CL series that establishes MakeRef/TryMakeRef as
the bottleneck for Ref construction. We do this by converting direct
constructor uses to (Try)MakeRef calls, and then marking the ctor
as protected.
Bug: v8:7790
Change-Id: I36c07f69378f3a630462c216ef5da284cfd3972f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2871449
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74367}
Maps set on the JSFunction were done so in a non-atomic way, which meant
that we were failing to have a synchronization point and the read/writes
could be reordered.
This started happening after a previous CL[1] moved some methods from
relaxed to non-atomic, which triggered TSAN (see v8:11696).
[1]: https://chromium-review.googlesource.com/c/v8/v8/+/2843359
Bug: v8:7790, v8:11696
Change-Id: I8472ff8b63d391376ee2f1dcf0a8b4fd7cecfcd1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2851893
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74357}
Both NewSpace and NewLargeObjectSpace aren't used with
FLAG_single_generation enabled. So far both spaces still existed but
weren't used in this mode. This CL makes both spaces optional, which
ensure that we do not inadvertently create objects in them or use them
in any other way.
Bug: v8:11644
Change-Id: I52a449c62e9d3df126c95419433d2abbd75539a5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2862768
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74345}
AtomicCtorTag is needed by Blink to force atomic initialization of
members. This is used when reinitializing a member in a backing store.
Bug: chromium:1056170
Change-Id: I410766a9c9133a1f1c2ea2e1153cb1c61363459f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2859944
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74341}
Additionally a bug in the wasm-to-C wrapper got fixed, which caused
problems with the thread-in-wasm flag: An invalid effect-chain got
constructed. With the write of the thread-in-wasm flag not being
properly placed in the effect chain, the write got scheduled too late.
R=jkummerow@chromium.org
Bug: v8:11713
Change-Id: I351bf622081850b7b0c7aebfd798d1e73ae34a4a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2867468
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74340}
Fix crash on Mac64 Debug build. The reason of the failure: misaligned
stack. Fix: apply attribute to force the stack be realigned.
Original description:
> The previous attempt has broken the tsan bot. The only reliable way to
> make sure that registers are not clobbered is by doing direct call from
> inline assembly, which is what this CL does.
> Change-Id: I6adbd5e735949a7cc4cc7fc686ee8c428863ffb9
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2859947
> Commit-Queue: Anton Bikineev <bikineev@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74313}
Change-Id: I842d6876c2cf287cfe74e53e7cb45028dff61a56
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2865748
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74336}
When fast deleting properties generalize all outgoing transitions
to mutable instead of generalizing when property is reconfigured.
Bug: chromium:1201938
Change-Id: I080f2f43de1691a742be2a2bec5cd20d02d78dbc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2859960
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74334}
Some cctests set the FLAG_stack_size in the TEST() macro which is run
after the cctest runner initializes the main isolate. The flag is only
used during isolate initialization, so this did not have any effect.
This fixes it by using the UNINITIALIZED_TEST() macro, creating the
isolate after setting the flag and passing it through to the WasmRunner.
See also https://crrev.com/c/2862778 which fixes JS cctests.
R=jkummerow@chromium.org
Change-Id: I46df22b80a283d93c48c1dbd250eb3e4ea5ad4a0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2865749
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74331}
We have to take the slow path in Promise.all if context promise hooks
are set. The fast-path doesn't create intermediate promises by default.
Bug: chromium:1204132, v8:11025
Change-Id: Ide92de00a4f6df05e0ddbc8814f6673bd667f426
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2866771
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74326}
In the 'extra' variant, replace turboprop_as_toptier (which is mostly
covered by turboprop) with always_sparkplug, to increase Sparkplug's
coverage on tests.
Bug: v8:11420
Change-Id: I43b7009d184a03cb163d78f1f8bd05233ef7c34e
Fixed: v8:11686
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2862769
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74324}
The marking verifier used to run on a different stack than the marker
which could lead to it finding more objects than the marker. Fix this
by recording a stack end from which the verification starts. This
ensures that the verifier only finds a subset of the objects that the
actual stack scan finds.
Bug: v8:11709
Change-Id: I44fe7b247e56e75deded45b64c25379f1ad9e381
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2859848
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74320}
This reverts commit c4cb14c754.
Reason for revert:
https://ci.chromium.org/p/v8/builders/ci/V8%20Mac64%20-%20debug/33969
Original change's description:
> cppgc: Try to fix test IteratePointersFindsCalleeSavedRegisters, vol.2
>
> The previous attempt has broken the tsan bot. The only reliable way to
> make sure that registers are not clobbered is by doing direct call from
> inline assembly, which is what this CL does.
>
> Change-Id: I6adbd5e735949a7cc4cc7fc686ee8c428863ffb9
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2859947
> Commit-Queue: Anton Bikineev <bikineev@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74313}
Change-Id: I00260aeacdac8704475b37fd99d4ef552c523249
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2865746
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#74314}
The previous attempt has broken the tsan bot. The only reliable way to
make sure that registers are not clobbered is by doing direct call from
inline assembly, which is what this CL does.
Change-Id: I6adbd5e735949a7cc4cc7fc686ee8c428863ffb9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2859947
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74313}
This fixes a compiler warning on gcc 7.4.
R=ahaas@chromium.orgCC=machenbach@chromium.org
Bug: v8:11716
Change-Id: I385765f1ac3de17eea1bb56109869636f8ae9d95
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2862779
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74310}
Using the default cctest TEST(...) macro causes later writes to
FLAG_stack_size to have no effect, because the StackGuard reads
that flag's value during Isolate initialization, which is done
before the test body is executed. This patch changes the two
existing tests that accidentally did this to UNINITIALIZED_TEST,
putting them in charge of Isolate creation, thereby ensuring that
the intended stack size is configured correctly.
Change-Id: Ib030795ef46f23d576f6dbbd26b347ac804b5085
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2862778
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74309}
Tracking the context is not enough, as we might clear the context to
avoid repeatedly reentering the same context.
Also fix unittests that relied on the default microtask queue getting
automatically processed instead of the one of the current context.
Bug: chromium:728583
Change-Id: Ia9a51c513fc7363a518af86cc54c5bda26b5fbe8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2859850
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74303}
Previously we'd attach source positions to implicit returns that are
generated when leaving an async function with a promise rejection. This
was due to the use of `kNoSourcePosition` on the `end_position` in the
`ReturnStatement` nodes as indicator to pick the return position from
the function literal, instead of really not putting a source position on
that specific `Return` bytecode.
This CL adds a dedicated marker to `ReturnStatement` to express that the
`BytecodeGenerator` should put the return position from the function
literal there instead of overloading the meaning of `kNoSourcePosition`.
Bug: chromium:901819, chromium:782461
Fixed: chromium:1199919, chromium:1201706
Change-Id: I3647e0c3d711e9c3d6ae44606b70ec92ad82e1cf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2859945
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74301}
cpplint rules change over time, and we change the exact rules we enable
for v8. This CL removes NOLINT annotations which are not needed
according to the currently enabled rules.
R=ahaas@chromium.org
Bug: v8:11717
Change-Id: Ica92f4ddc9c351c1c63147cbcf050086ca26cc07
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2859854
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74297}
