Commit Graph

68078 Commits

Author SHA1 Message Date
Michael Lippautz
5204c32ad6 cppgc: Require object for cppgc::subtle::Resize()
Resize() is not similar to realloc() in that it allocates a new object
when passed a nullptr object.

Avoid corner cases around Resize(nullptr, size) where size may be
problematic if non-null by just requiring a valid object. The caller
can perform the necesary nullptr check.

Bug: chromium:1056170
Change-Id: Ic05972ae67c2968fc3eb002a6302b44e56b41ab4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2752147
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73336}
2021-03-11 10:15:15 +00:00
Maya Lekova
943eb9e433 [test] Skip CPU profiler test on stress_concurrent_inlining
Bug: v8:11524
Change-Id: I009e050baa1e08a520c00bb88b61cffd3f1c2acc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2742476
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73335}
2021-03-11 10:08:48 +00:00
Patrick Thier
f977ace251 Non-handlified BytecodeOffsetIterator
For use at locations where we know, that no GC can happen.
This avoids unnecessary handlifying of objects.

Bug: v8:11420
Change-Id: Ic549c56c4366060a6da3a3772dbd0aae23151eab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2735394
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73334}
2021-03-11 09:18:05 +00:00
Thibaud Michaud
7f542d2532 [regalloc] Ensure ranges are split at gap positions
Splitting a range at an instruction position can lead to incorrect code
generation. See the attached bug for a concrete example of that, in
particular comment 6.

The issue is when we add a gap move to connect the split ranges during
the ConnectLiveRanges phase. If the split position is a gap position,
the move coincides with the start of the range. But if the split
position is an instruction position, the move is inserted in the last
gap position, which is outside of the range. This violates assumptions
made during the main register allocation phase and can invalidate the
use of that register in a different range.

The fix proposed here works by moving the split position backwards to
the previous gap position. This ensures that the connecting gap move is
always at the start of the range that it defines.

R=sigurds@chromium.org

Bug: chromium:1182985
Change-Id: Ic4a9f56d5551f01cc91bece087d5ab3afd9b04fd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2735396
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73333}
2021-03-11 09:15:05 +00:00
Benedikt Meurer
81b9159158 [inspector] Properly filter by column number for inline scripts.
Previously `setBreakpointByUrl` and friends would only filter based on
line number to find matching scripts. But that didn't work when there
were multiple scripts in the same line (i.e. minified HTML), and we'd
end up setting multiple breakpoints in different inline scripts, looking
for the next possible break location in each of them individually.

Fixed: chromium:1183664
Also-By: pfaffe@chromium.org, kimanh@chromium.org
Change-Id: I957811d30aa71609a38da75f33a24c0f720116f6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2749155
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73332}
2021-03-11 08:52:25 +00:00
Igor Sheludko
1691b1f629 [cleanup] Make InstructionStream::TryLookupCode() return builtin ID
... instead of Code. This is useful because usually the callers are
interested in having just a builtin ID but not the Code object.

This CL also makes Builtins::kNoBuiltinId a part of the Builtins::Name
enum.

Bug: v8:11527
Change-Id: I501e3e52dccc73cc7800f271939e0bf9fd00a975
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2749635
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73331}
2021-03-11 08:45:25 +00:00
Georg Neis
3353a7d0b0 [deoptimizer] Fix bug in OptimizedFrame::Summarize
OptimizedFrame::Summarize is used by debugger features etc
to inspect the frame of an optimized function (and the virtual frames
of functions that got inlined). It could end up materializing a JSArray
with the same backing store as one that would later get left-trimmed,
resulting in a dangling elements pointer. This CL fixes that by creating
a fresh copy of the elements store instead.

Bug: chromium:1182647
Change-Id: Iaf329464520a927b0ba33166cad2524d3752c450
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2748593
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73330}
2021-03-11 08:39:55 +00:00
v8-ci-autoroll-builder
19d8302f02 Update V8 DEPS.
Rolling v8/build: 389d3f3..cb067b2

Rolling v8/third_party/aemu-linux-x64: oXIWsntGxFugYHN4Qb0Ve-IRPq4Rq1FxFYNiuEKnP0kC..ee1oRcPCyneRYNLsuBvxMYnBajvkvvdJY5BYvoaX0vUC

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/4f82770..7a3a736

Rolling v8/third_party/depot_tools: 57af8c3..c2c576e

Rolling v8/tools/clang: fc54e6b..e65f1a7

TBR=v8-waterfall-sheriff@grotations.appspotmail.com

Change-Id: I921f4b3aa14f88bae4a1a96a58c40db7796d1ae6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2751388
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#73329}
2021-03-11 03:47:04 +00:00
Junliang Yan
83e6c28155 s390x: [liftoff] implement De/AllocationStackSlot
Change-Id: Iaf00bdfba9d42d1e472e048bffee2cde628d164a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2749576
Reviewed-by: Milad Fa <mfarazma@redhat.com>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/master@{#73328}
2021-03-10 21:56:28 +00:00
Junliang Yan
4fb19d5608 s390x: [liftoff] implement Indirect/CallIndirect
Change-Id: I953d1f9e1789cb6f754b1206edcac752e4f22801
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2749575
Reviewed-by: Milad Fa <mfarazma@redhat.com>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/master@{#73327}
2021-03-10 21:00:08 +00:00
Milad Fa
50cb774ea5 PPC [simd]: Implement Add/Sub saturate on Sim
Change-Id: I86fbdc9ca2c1bf66092e52bc85a5b9dfbc696bfb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2749574
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#73326}
2021-03-10 19:15:57 +00:00
Leszek Swirski
668513d8ab [sparkplug] Add fuzzer support for CompileBaseline
Robustify %CompileBaseline against fuzzing, and allowlist it in the
fuzzer.

Bug: v8:11420
Change-Id: I44947014c8c9362d80ea98636dbbaa5d07d6a177
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2739643
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73325}
2021-03-10 17:49:18 +00:00
Clemens Backes
f80b29204c [liftoff][arm64] Make context register allocatable
This will make it easier to generate builtin calls that require the
context to be passed in that register, because this can be represented
as a {LiftoffRegister} then.

Drive-by: Fix a typo (x8 -> x28).

R=thibaudm@chromium.org

Bug: v8:11453
Change-Id: I7dcf7a0390dbde9713334d3da28ce6d79413a9f9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2748585
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73324}
2021-03-10 17:37:16 +00:00
Jakob Kummerow
e383d76c0c [build] Support Linux-arm64 builds hosts
Building arm64 binaries on arm64 hosts works as long as you set
the correct options in args.gn. This patch teaches gm.py to do
that.
Building 32-bit arm binaries on arm64 hosts requires an extra
definition in snapshot_toolchain.gni (as well as some system
setup to support running 32-bit binaries).

Change-Id: I66c1f8f51932e2f5425033ef09181c31ea5d633e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2743889
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73323}
2021-03-10 17:06:06 +00:00
Milad Fa
1bf2ef1ffc PPC [simd]: Implement vector pack and unpack on Sim
Change-Id: I66712edab0d1242516add2fc6fc183168ef1fa11
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2748994
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#73322}
2021-03-10 16:56:26 +00:00
Benedikt Meurer
a0b0928119 [inspector] Expose "stack" as proper scope property.
This is the V8 side change for https://crrev.com/c/2744048, which an
explicit "stack" property into the (renamed) "Expression" scope to align
the behavior and appearance of that scope with the other scopes.

Fixed: chromium:1159310
Bug: chromium:1071432, chromium:1159307
Change-Id: Ic070c50b674d8c1cff4a93538f708cc431c3f2cb
Screenshot: https://imgur.com/a/ryFiOGA.png
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2748591
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Philip Pfaffe <pfaffe@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Philip Pfaffe <pfaffe@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73321}
2021-03-10 16:40:57 +00:00
Thibaud Michaud
f86e6c15d0 [wasm][liftoff][eh] Fix FinishTryCatch
If the try block cannot throw, we don't expect an exception on the stack
when we exit the block.

R=clemensb@chromium.org

Bug: v8:11537
Change-Id: I5f2ea6df2d14205b3ad2cd61a5132bc0b3db6cc8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2748583
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73320}
2021-03-10 16:20:06 +00:00
Frank Emrich
8e49d8260f [dict-proto] Fix leaking handle in ExtractPropertyReferences
This fixes a handle leaking out of
V8HeapExplorer::ExtractPropertyReferences when enabling
v8_dict_mode_prototypes, which breaks the
test-heap-profiler/NoHandleLeaks cctest.

Bug: v8:11388
Change-Id: I911f60e3701277540ae5a63fa59f3ac2f52879ef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2748580
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Frank Emrich <emrich@google.com>
Cr-Commit-Position: refs/heads/master@{#73319}
2021-03-10 16:11:16 +00:00
Omer Katz
881364fd5a cppgc: Fix CppHeap::TraceEpilogue
Reporting marked bytes after atomic sweeping means we might be missing
allocations in case finalizers are allocating during sweeping.
Instead report marked bytes and marking time directly to
LocalEmbedderHeapTracer as soon as marking is done.

Bug: chromium:1056170
Change-Id: Ie770f077d2eec10dea182a503a7cd514d3b66baf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2748579
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73318}
2021-03-10 15:29:56 +00:00
Clemens Backes
6e45bf8952 [liftoff] Do not clear the cached instance on loops
Loops will always execute a stack check in the header, so having the
instance cached in a register is handy. Instead of clearing it before
entering a loop, ensure that backward jumps to the loop header move the
instance into the right register.

R=thibaudm@chromium.org

Bug: v8:11336
Change-Id: I16cb13457438b7a1603182d56a3d2ea99d670911
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2743892
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73317}
2021-03-10 13:50:33 +00:00
Santiago Aboy Solanes
3e421b1162 [objects] RELAXED_ACCESSORS macro to use relaxed accessors
Fix to make the macro actually use the relaxed accessors instead of the
atomic ones.

Bug: v8:7790, v8:11539
Change-Id: Ic74ee4084a76176feac138716e10b88a3a5e1a1d
Fixed: v8:11539
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2748088
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73316}
2021-03-10 12:55:23 +00:00
Clemens Backes
add24813ae [liftoff] Clean up definition of ValueKinds
Some ValueKinds were defined based on the size of a system pointer or
the size of a tagged value. In order to be able to reuse those
definitions in both LiftoffAssembler and LiftoffCompiler, define them as
public constants on LiftoffAssembler.
Also, avoid the "ValueType" suffix, since they are not ValueTypes, but
ValueKinds.

R=jkummerow@chromium.org

Change-Id: I38f9c9b6c4e6592d31ee58466b786bf24a55f19c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2743890
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73315}
2021-03-10 11:01:53 +00:00
Georg Neis
a021e4d384 [compiler] Read some JSBoundFunction fields on the background thread
Bug: v8:7790
Change-Id: I1e7448c6583a36b2311474e14f4611935e2aa79f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2748076
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73314}
2021-03-10 10:37:43 +00:00
Clemens Backes
3b21b6d31d [profiler] Allow empty source URL for asm modules
In contrast to wasm modules, asm.js modules have an empty source URL.
Thus loosen a DCHECK and handle the nullptr source_url correctly.
Also add regression tests that check that we don't crash. Those can
later be extended to check that the profile looks as expected; for now
they only check that we terminate.

R=bmeurer@chromium.org

Bug: chromium:1185919
Change-Id: I6b879f540a2c3647920ad2970efcf7c94712d8c7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2745895
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73313}
2021-03-10 09:49:02 +00:00
Michael Achenbach
cb2ec66dc5 Whitespace change to test CAS
Bug: chromium:1154223
Change-Id: Ie1786a499f87f86bc6f91a92a0dfb1a02889ef46
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2748083
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73312}
2021-03-10 09:07:30 +00:00
v8-ci-autoroll-builder
e2172c9cf6 Update V8 DEPS.
Rolling v8/build: 077f859..389d3f3

Rolling v8/buildtools: a5cc843..368c7dd

Rolling v8/third_party/aemu-linux-x64: dBlHF6-1NU-vr6DU068Y8_WQHCWdk_yovRmg225wIr0C..oXIWsntGxFugYHN4Qb0Ve-IRPq4Rq1FxFYNiuEKnP0kC

Rolling v8/third_party/depot_tools: 75c9832..57af8c3

Rolling v8/third_party/icu: e6379c8..d879aac

Rolling v8/tools/clang: 630ab8a..fc54e6b

TBR=v8-waterfall-sheriff@grotations.appspotmail.com

Change-Id: I23f92a7e958b90228f898df85e3efa87c9429a73
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2746751
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#73311}
2021-03-10 04:12:27 +00:00
Milad Fa
bbafc44f51 PPC [simd]: Implement FP conversion on Sim
Change-Id: If9380a99318618199ced8f079d13ddee28cde770
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2745896
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#73310}
2021-03-10 00:29:20 +00:00
Ng Zhi An
2b66ba5d6b [wasm-simd] Rename vXXXX.all_true to iXXXX.all_true
This is done with a script that does something like:

files=$(ag 'v\d\d?x\d\d?[._]?all_?true' -l)
sed -i 's/V\(8x16\|16x8\|32x4\|64x2\)\([._]\?\)\([aA]ll_\?[tT]rue\)/I\1\2\3/g' $(files)
sed -i 's/v\(8x16\|16x8\|32x4\|64x2\)\([._]\?\)\([aA]ll_\?[tT]rue\)/i\1\2\3/g' $(files)

And manual fixups in test-run-wasm-simd.cc and wasm-opcodes-inl.h.

Bug: v8:10946
Change-Id: Ib5dad388dd6dd9cd0fb575ad961dffc189a2e6ef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2740488
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73309}
2021-03-10 00:00:30 +00:00
Ng Zhi An
a9577d878e [wasm-interpreter] Fix immediate decoding for numeric instructions
They were using a fixed offset of pc+2, but since the instructions can
be multiple bytes long (leb128 encoded), it should be using *len.

Drive-by fix to add missing instructions to wasm-module-builder.js.

Bug: chromium:1185323,chromium:1185492
Change-Id: I12f396cc2969ecc284aba35b94b1bc5640f12277
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2745977
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73308}
2021-03-09 23:54:30 +00:00
Michael Lippautz
ce336fdbda cppgc: Fix {Weak}CrossThreadPersistent destruction
Bug: chromium:1056170
Change-Id: I89dd887a75a475f998d950e86f35c7fe2af5d67f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2743887
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73307}
2021-03-09 21:36:00 +00:00
Michael Lippautz
0defc528bc cppgc: Add test for handling objects conservatively
The test ensures that in-construction objects that have been found
through a write barrier are properly processed (marked + trace) when
finalizing the collection conservatively with a different stack.

This is a test for https://crrev.com/c/2744074

Bug: chromium:1056170
Change-Id: I8099bca1fb9025a315a8f0a3530aac822d1c45d2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2745334
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73306}
2021-03-09 21:19:10 +00:00
Dominik Inführ
e3072158f0 [heap] Make ExpandBackground more resilient against OOM
It could happen that a background thread expands the heap by one page,
but by the time the thread tries to allocate on it the space is already
used by other background threads. If this happens three times in a row,
V8 would crash with an OOM error. This CL prevents such situations by
always allocating the object immediately at area_start().

Bug: v8:10315
Change-Id: I6390c84e742bf4105e70e930c21557ff1f4d952d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2743881
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73305}
2021-03-09 20:04:30 +00:00
Frank Tang
a192820e4f [test262] Roll test262
https://chromium.googlesource.com/external/github.com/tc39/test262/+log/f6034ebe..311265

Bug: v8:7834
Change-Id: Ib5b92ff8a2b32a2f9c4140c5f70c514e52ab191c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2744442
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73304}
2021-03-09 18:27:20 +00:00
Clemens Backes
a2f3a09762 [liftoff] Prefer kWasmInstanceRegister for instance cache
The wasm instance will initially be in kWasmInstanceRegister, and for
each call we also need to put it in that register. Hence, when getting a
new register to cache the instance, prefer that register, if it is
available.

R=thibaudm@chromium.org

Bug: v8:11336
Change-Id: Ie7026c4c7c5e4b825b9ab310839f0273bd3ce7f1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2743885
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73303}
2021-03-09 18:10:00 +00:00
Thibaud Michaud
e0cbacc7e4 [wasm][liftoff] Emit landing pad after the safepoint
... and after creating the debug side table entry. The safepoint and the
debug side table entry should be generated right after the call, so that
they are associated with the return address of the previous call.

R=clemensb@chromium.org

Bug: v8:11453
Change-Id: I71395851c5a7f4e2c873907454245c9d04f972f1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2739629
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73302}
2021-03-09 17:38:33 +00:00
Seth Brenith
22e759d4f8 [torque] Don't include builtins headers in non-builtins files
The generated Torque files class-verifiers.cc and class-debug-readers.cc
currently include files which are part of v8_initializers, despite being
used in unrelated build targets. This change removes the unnecessary
inclusions. There is still a lot of code included via all-objects-inl.h,
but that's because these files require full class definitions for every
object type.

Bug: v8:11528
Change-Id: Ib26496f2a30ef576f1101636e0aca2cafbfd1f37
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2743087
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73301}
2021-03-09 17:09:31 +00:00
Maya Lekova
86c5ea9d64 [fastcall] Remove stack slot caching
This CL removes the caching of the stack slot used for the fallback mechanism
in V8, as the current implementation is incorrect and needs to be reworked.

Bug: chromium:1185753
Change-Id: I9f77bc42bfd649e0dbcd294b000b48c928cf99d0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2743886
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73300}
2021-03-09 17:08:27 +00:00
Sathya Gunasekaran
5bbcfd1859 [ic] Use slow handler for lazy native accessors
Lazy native accessors require special handling to rewrite
the accessor into a data property, so transition to a
slow handler for this case.

Bug: v8:11485
Change-Id: I01636c6e624562619a216fea5e836ae85c7da93f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2743882
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Sathya Gunasekaran  <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73299}
2021-03-09 17:05:57 +00:00
Clemens Backes
cd48a91276 [liftoff] Restore cached instance after stack check
This ensures that after the function-entry stack check, the instance
will still be available in a register. The cost is having to reload it
from the stack in the OOL code for the stack check, even though it is
not clear if that register will still be used.

This does not affect code size significantly (~0.25% reduction), but can
improve performance a little bit if there are memory accesses or other
instructions that require the instance right at the beginning of the
function.

R=thibaudm@chromium.org

Bug: v8:11336
Change-Id: Ib72db172813d55120f527b31014b69a734934ff3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2743878
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73298}
2021-03-09 16:36:57 +00:00
Michael Achenbach
7c6045fdc0 Whitespace change to test CAS migration
Bug: chromium:1154223
Change-Id: I9545db5ce76f973f8402cefe588d994d1519135b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2745137
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73297}
2021-03-09 15:35:56 +00:00
Santiago Aboy Solanes
b730b7fd0d [compiler] Perform MapRef::instance_descriptors concurrently
Reading the descriptor array from a map has been safe for a while.

Bug: v8:7790
Change-Id: Ib06e12727b7da26c09822db45530addc11e2cf00
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2739637
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73296}
2021-03-09 15:25:06 +00:00
Thibaud Michaud
6e81295599 [wasm][liftoff][eh] Implement rethrow
Push the caught exception on the value stack, so that we can access it
from an inner catch block and rethrow it.

R=clemensb@chromium.org

Bug: v8:11453
Change-Id: Ibc5e653a07c3e4436e252c001b53bc2d3402abc9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2739974
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73295}
2021-03-09 15:23:06 +00:00
Jakob Kummerow
4c3db4fd29 [wasm] Repair decoder perf regression
With the value stack refactoring in 1b5c7e15 / r73193, the
combination of helper functions called by PeekArgs() ended
up checking the stack height repeatedly. This CL avoids that
by introducing a ValidateArgType() helper that does not check
stack height.
Bonus: achieve a small speedup by special-casing two of the
most common opcodes in the decoder's main dispatcher.

Fixed: chromium:1185082
Change-Id: I6d51aca844ef9377d203147f74ff8137e12a23e7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2745341
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73294}
2021-03-09 14:10:26 +00:00
pthier
2966c8967a Reland "[sparkplug] Change bytecode offset mapping and introduce iterator."
This is a reland of a8b61ef521

The main reason for the revert was not related to this CL and was fixed
with https://crrev.com/c/2739646
In addition debug output in d8.test.verifySourcePositions was removed
due to TSAN complaints.

Original change's description:
> [sparkplug] Change bytecode offset mapping and introduce iterator.
>
> Previously, we recorded pairs of (bytecode offset, sparkplug pc) to
> create a mapping of bytecode offset <-> sparkplug pc.
> These pairs were only recorded after builtin/runtime calls.
> In preparation for deoptimizing to Sparkplug, we need a more precise
> mapping.
> With this CL, we record positions for every bytecode. Instead of storing
> a pair of (bytecode offset, sparkplug pc), we store only the pc,
> calculating the bytecode offset from the index in the mapping table.
> For easier use an iterator to access the mapping is introduced.
>
> Drive-by: Reduce sampling interval in cpu-profiler cctest to get rid of
flaky failures.
>
> Bug: v8:11420, v8:11429
> Change-Id: I36a9171f43a574eb67880cbca6cf9ff7ab291e60
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2720189
> Reviewed-by: Victor Gomes <victorgomes@chromium.org>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Auto-Submit: Patrick Thier <pthier@chromium.org>
> Commit-Queue: Patrick Thier <pthier@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#73186}
>
> Change-Id: I9ab4cb60da002ef130f8a21ad10ba69e2826a7b6

Change-Id: I9ab4cb60da002ef130f8a21ad10ba69e2826a7b6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2745335
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73293}
2021-03-09 13:43:05 +00:00
Leszek Swirski
6cf84e9ab8 [sparkplug] Allow --always-sparkplug to fail
Do --always-sparkplug compilations in a separate function, and
allow that function to return false if a sparkplug compilation
fails. Similarly, don't assert that --always-sparkplug requires
a function to have baseline code, in case a previous sparkplug
compilation failed.

Fixed: chromium:1185735, chromium:1185739
Change-Id: I363fcf271395afa2ec47228fff7a28a76c157f0f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2744735
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73292}
2021-03-09 13:14:38 +00:00
Dan Elphick
8378a1beb7 [torque] Reduce includes for debug-macros.h
Removes unneeded dependency on src/builtins/torque-csa-header-includes.h
from debug-macros.h and adds swiss-name-dictionary.h and
ordered-hash-table.h to debug-macros.cc.

Additionally adds a v8_libbase dep to torque_generated_definitions. As
a result, gn check errors are reduced by 2.

Bug: v8:7330
Change-Id: I0ff666eebd6814e4d52d776e455fd269db36b589
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2744040
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73291}
2021-03-09 12:59:46 +00:00
Ulan Degenbaev
217b4cd690 Check for the termination request in STACK_CHECK
Bug: v8:9877
Change-Id: I55cedfd2748f00f989172d804eec735aa6c19365
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2742618
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73290}
2021-03-09 12:33:25 +00:00
Liu Yu
16175b1592 [mips][no-wasm] Remove wasm-specific code from codegen
Port: 75d7d12720

Bug: v8:11238

Change-Id: I5369875fe66d2297cbd342db91b1ffd99a361616
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2738792
Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Auto-Submit: Liu yu <liuyu@loongson.cn>
Cr-Commit-Position: refs/heads/master@{#73289}
2021-03-09 11:41:55 +00:00
Clemens Backes
577f983b7a [no-wasm] Exclude more targets from build
This excludes more targets and tests that won't work without
webassembly:
- wee8
- multi_return_fuzzer
- wasm-js
- wasm-spec-tests
- wasm-api-tests
- several cctests

R=jkummerow@chromium.org

Bug: v8:11238
Change-Id: I6d6ac43869a2b4a91e5b0e7e3183a476a98bf0af
Cq-Include-Trybots: luci.v8.try:v8_linux64_no_wasm_compile_rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2742617
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73288}
2021-03-09 11:25:54 +00:00
Adam Barth
e2ce0eb4c1 [fuchsia] Migrate from protect2 to protect
These functions do the same thing, but Fuchsia will eventually remove
support for protect2.

Change-Id: I9f2b4153efa2f78238eb020e9f422f666ae5b7bb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2743635
Auto-Submit: Adam Barth <abarth@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73287}
2021-03-09 09:09:03 +00:00