Commit Graph

76128 Commits

Author SHA1 Message Date
Samuel Groß
8a59678b83 [sandbox] Prepare ExternalPointerTable rollout
This CL does the following:
- It enables (i.e. allocates and initializes) the per-Isolate
  ExternalPointerTable when the sandbox is enabled.
- It refactors the list of external pointer tags to mark them as
  "sandboxed" or "unsandboxed". An unsandboxed external pointer has a
  null tag.
- It changes V8_SANDBOXED_EXTERNAL_POINTERS to now essentially just
  enable sandboxing for all available tags.
- It modifies all low-level external pointer accessors to perform the
  ExternalPointerLookup only if the tag is non-zero and otherwise treat
  the slot as containing a raw pointer.

This now allows rolling out external pointer sandboxing incrementally
(separately for each external pointer type), which will in turn allow
for more precise performance measurements of the impact of the sandbox.

Note: when an external pointer tag is now marked as sandboxed (and
V8_SANDBOXED_EXTERNAL_POINTERS is not enabled), the underlying slots are
still 64-bits in size. This simplifies the implementation as we would
otherwise need to deal with variably-sized external pointer slots. Local
benchmarking suggests that the benefits from 32-bit external pointer
slots are insignificant on typical benchmarks, so this should be ok.

Drive-by: rename kExternalPointerSize to kExternalPointerSlotSize to
make it more clear what it refers to (the on-heap storage size). Also
delete CodeStubAssembler::InitializeExternalPointerField as it is not
currently used and the implementation is fairly inefficient.

Bug: v8:10391
Change-Id: I7c38729c7e9048d737a1a8ced84749f5b1f7feab
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3736447
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81636}
2022-07-11 13:34:54 +00:00
Leszek Swirski
798fdac761 [maglev] Add to Linux64 bots
Run Maglev on the Linux64 bots -- eventually we'll want to move it to
the extra variant, but for now the flag is x64-only.

Bug: v8:7700, v8:12727
Change-Id: I8b8329720ac96ab1655aef9e210a52092f81cc91
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3752979
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81635}
2022-07-11 12:53:03 +00:00
Pedro Falcato
0573a07901 Flush stdout after printing the d8 prompt
Previously, the d8 prompt was printed without flushing stdout. This
relies on the platform's libc to flush stdout when reading from stdin.
This behavior is not portable and breaks the prompt on some platforms.

Change-Id: Ieddf7ec5a6eab15796e69742bb4c9546ceb54c37
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3752006
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81634}
2022-07-11 11:35:13 +00:00
Thibaud Michaud
00282d7d10 [wasm] Take suspender as parameter for stack-switching
This CL is the first step towards the 'static API':
https://github.com/WebAssembly/js-promise-integration/pull/1/files

The limitation of the previous API is that the stack-switching wrappers
are tied to a particular suspender. Since a suspender cannot be
re-entered until the corresponding computation has completed, this
prevents creating multiple concurrent instances of the same export.

Multiple APIs have been proposed and are still under discussion to
solve that, but the core idea is the same: the suspender should become a
runtime argument of the export and the import. This CL implements that.

For now, the suspender is still explicit everywhere: it is created in JS
and passed to the export, and forwarded to the JS import. Eventually,
the suspender may be completely hidden from JS: it would be materialized
by the export wrapper, and "swallowed" by the import wrapper, as
proposed in the PR above.

R=ahaas@chromium.org

Bug: v8:12191
Change-Id: Ic425a3fd920c7ad03874c636cd835d31c0e04994
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3748655
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81633}
2022-07-11 11:11:32 +00:00
Leszek Swirski
1606efaedf [gcc] Fix warning in Turboprop
Change-Id: I87d9d9a86edfed6112cdc5c7576e85bd5ae5f047
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3755141
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81632}
2022-07-11 09:40:44 +00:00
legendecas
4f9dfe41a2 [diagnostics] Print more Script fields
Print script's host_defined_options and source_mapping_url
in DebugPrint.

Change-Id: Ibd0b50e23f4d6f40eb4efbc6c4f384de24c401c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3751943
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Chengzhong Wu <legendecas@gmail.com>
Cr-Commit-Position: refs/heads/main@{#81631}
2022-07-11 08:31:03 +00:00
Omer Katz
6b2304fa05 [heap] Use memory fence for main thread reads
SynchronizePageAccess is used to synchronize between page initialization
and reads from that page. It was not used for main thread reads because
it was assumed that all pages are initialized on the main thread. With
concurrent allocations, pages may be concurrently initialized, thus
requiring a fence for main threads reads as well.

Bug: v8:13041
Change-Id: I93e5162243ef5458579f239b131094d7171e8615
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3752804
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81630}
2022-07-11 08:21:03 +00:00
Marja Hölttä
70625046b9 [rab/gsab] Tests for Array.p methods, part 8
In this part: slice

Bug: v8:11111
Change-Id: I66236039454ba50899a7c600b9a3df5fb5f7fc6f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3749582
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81629}
2022-07-11 08:19:53 +00:00
Michael Achenbach
f8e4c4aadb [build] Fix bazel build
No-Try: true
Bug: v8:7700
Change-Id: I66288693034bd501fece756916d0ef9a31e45e07
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3752798
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81628}
2022-07-11 07:52:06 +00:00
v8-ci-autoroll-builder
6fa6a36530 Update V8 DEPS (trusted-origins)
Rolling v8/build: b8e09c1..0b8f9f6

Rolling v8/tools/clang: 8bd72d6..0ca99b7

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: Ie77aaa20bbe44ba38a2a9b4e30e19363e3f6a02d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3754186
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81627}
2022-07-11 04:55:53 +00:00
v8-ci-autoroll-builder
ae1edbfd29 Update V8 DEPS (trusted-versions)
Rolling v8/third_party/fuchsia-sdk/sdk: version:8.20220709.2.1..version:8.20220710.3.1

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I1bea8266d8505addc527c37d6228e11b908ea321
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3754185
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81626}
2022-07-11 03:53:53 +00:00
Lu Yahan
1807aa5c70 [riscv64] Fix build error
Change-Id: I9cc2df6108b08aacf0b017f85128a9475022cedf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3754286
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Commit-Queue: ji qiu <qiuji@iscas.ac.cn>
Reviewed-by: ji qiu <qiuji@iscas.ac.cn>
Commit-Queue: Yahan Lu <yahan@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#81625}
2022-07-11 03:42:12 +00:00
Liu Yu
5c19b19cc8 [loong64][mips64] Remove some unused includes (4)
Port commit 0ed101e015

Bug: v8:13006
Change-Id: I4e0cba2e9a6cbef6ce01fbc81ce1b1ee71303474
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3754284
Auto-Submit: Liu Yu <liuyu@loongson.cn>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/main@{#81624}
2022-07-11 03:20:43 +00:00
v8-ci-autoroll-builder
a66cd71e13 Update V8 DEPS (trusted-origins)
Rolling v8/build: e822edc..b8e09c1

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I8e8106ef0ef093a5b25e927f7554e527cd27cca2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3754183
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81623}
2022-07-10 04:41:42 +00:00
v8-ci-autoroll-builder
2f57e2b566 Update V8 DEPS (trusted-versions)
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/7542172..1dee059

Rolling v8/third_party/fuchsia-sdk/sdk: version:8.20220708.2.1..version:8.20220709.2.1

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I4c552eb934374467f7c125a1cf38006b3b401bfc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3754182
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81622}
2022-07-10 03:51:32 +00:00
Leszek Swirski
666d559efb Revert "Reland "[flags] Enable freezing of flags""
This reverts commit d34170f294.

Reason for revert: "The (hopefully) last issue in chromium is fixed"
  Narrator: It wasn't -- https://ci.chromium.org/ui/p/chromium/builders/try/cast_shell_linux/1260757/overview

Original change's description:
> Reland "[flags] Enable freezing of flags"
>
> This is a reland of commit 1ed7d0b8d1.
> The (hopefully) last issue in chromium is fixed in https://crrev.com/c/3745533.
>
> Original change's description:
> > [flags] Enable freezing of flags
> >
> > This enables the --freeze-flags-after-init flag globally. Note that
> > tests, fuzzers, Node and other still explicitly disable the flag. The
> > chrome renderer process and default d8 execution will have it enabled
> > though.
> >
> > R=cbruni@chromium.org
> >
> > Bug: v8:12887
> > Change-Id: I9a15ef64227e5e6e04779d8d671a2c50d99c9097
> > Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695264
> > Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> > Commit-Queue: Clemens Backes <clemensb@chromium.org>
> > Cr-Commit-Position: refs/heads/main@{#81214}
>
> Bug: v8:12887
> Change-Id: I6445c04abc55242d6e2f204d45ec9ce22c6ece34
> Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707284
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81603}

No-try: true
Bug: v8:12887
Change-Id: I73e0a52974a2730386e805b7de98de8d87e2d208
Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3749584
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81621}
2022-07-09 16:14:11 +00:00
v8-ci-autoroll-builder
c5dafb76e6 Update V8 DEPS (trusted-origins)
Rolling v8/build: 85604a1..e822edc

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I10795518d8ee4aa479cbe438e6f45435efa06e75
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3752927
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81620}
2022-07-09 04:42:41 +00:00
v8-ci-autoroll-builder
8c03ec3fc6 Update V8 DEPS (trusted-versions)
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/d7cbf23..7542172

Rolling v8/third_party/depot_tools: bb07d9e..1601b3e

Rolling v8/third_party/fuchsia-sdk/sdk: version:8.20220707.3.1..version:8.20220708.2.1

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: Icd70e3227156255a46109d7c6a855e42c172880c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3752926
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81619}
2022-07-09 03:56:21 +00:00
Frank Tang
51e70bd82c [test262] Roll test262
b458b9f0..3ddfa0cd

Bug: v8:7834
Change-Id: Ic60850ed5d5a2126b76c09747a969002781f17f8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3752614
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81618}
2022-07-08 20:28:50 +00:00
v8-ci-autoroll-builder
83b7d923ee Update google_benchmark
Rolling v8/third_party/google_benchmark/src: ac8a6d3..1531ee0

Correct typo in Passing Arguments section (Dominic Hamon)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/1531ee0

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com,mlippautz@chromium.org

Change-Id: I555facbfc372fe7736042efb4234a4d35aec2ff0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3752346
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81617}
2022-07-08 20:19:20 +00:00
Jakob Kummerow
65fb973af1 [tools][wasm] wami: per-function annotated hexdump
This adds "annotated hexdump" as a disassembly output format, as a
first step only for individual functions:

$ out/x64.release/wami my_module.wasm --single-hexdump 17

"Annotated hexdump" format is useful for debugging/inspecting module
wire bytes, and for creating array literals for regression tests.

Change-Id: Iabfb4f9c6f68f3328910c1225a23b424e9315d4f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3748652
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81616}
2022-07-08 20:13:30 +00:00
Tobias Tebbi
9d45d274b1 [turboshaft] port decompression optimization
Bug: v8:12783
Change-Id: Ib23aa682054bfcf35efe1adef64fc97afe8f9619
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3743642
Reviewed-by: Darius Mercadier <dmercadier@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81615}
2022-07-08 16:34:30 +00:00
Leszek Swirski
8103fe573a [maglev] Add safepoints for deferred calls
Add a concept of "register snapshots" which snapshot the end-state
of the register allocation for a node (i.e. the state of the register
allocation when the node's code completes). These can be requested by
nodes, so that they know which registers need to be kept alive by the
node, and which of those are tagged.

Nodes can then use this information to temporarily spill registers
across a deferred call, without requiring the register allocator to
spill them unconditionally on the non-deferred path. The maglev
safepoint table has support for these additional spilled registers.

Bug: v8:7700
Change-Id: Id0052b5da86dd263f9019b1433fe5994a472a5b1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3751203
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81614}
2022-07-08 15:57:00 +00:00
Manos Koukoutos
0ed101e015 Remove some unused includes (4)
Mostly src/codegen, src/compiler, src/interpreter, src/libplatform.

Drive-by: Remove some unreachable code.

Bug: v8:13006
Change-Id: I1a9467f7e42531c545f660d35416c388e8ef9d3c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3749193
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81613}
2022-07-08 15:26:40 +00:00
Leszek Swirski
9a54561183 [maglev] Put stack slot reuse behind a flag
It is currently incorrect and causing issues, put it behind a flag so
that we can fix these issues while working on the rest of maglev in
parallel.

Bug: v8:7700
Change-Id: Idab7056db1236366410c30c06473016842aee5ab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3748659
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81612}
2022-07-08 15:11:20 +00:00
Leszek Swirski
871ed8cf08 [maglev] Fix DCHECK in RegisterMerge with constants
Merging register values can encounter constants, which are loadable but
don't have spill slots. Add support for these (in practice this is the
same behaviour, we're just fixing a DCHECK).

Bug: v8:7700
Change-Id: I9ab8ba1fc3a3a64fe16668bb317ad02f878f5849
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3749579
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81611}
2022-07-08 14:31:19 +00:00
Maya Lekova
307dffed3c [fastcall] Fix a 32-bit compare on x64
Bug: chromium:1342020
Change-Id: Ie8e68d06509cb64088c3e88140f5ab0c6494c915
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3747865
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81610}
2022-07-08 13:30:41 +00:00
Maksim Sadym
cb57d69404 Fix BigInt BiDi format
1. Added method `debug::GetBigIntStringValue`.
2. Used the method in BigInt BiDi serialization.

Bug: v8:13043
Change-Id: I6047d2ea7657e8bb891f5099971deed49bd3e31b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3749185
Auto-Submit: Maksim Sadym <sadym@chromium.org>
Commit-Queue: Maksim Sadym <sadym@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81609}
2022-07-08 13:28:30 +00:00
Jakob Kummerow
348be8052b [wasm] Name section: skip duplicate subsections
Duplicate subsections in the name section are disallowed by the spec.
Since the whole name section is optional, we shouldn't fail validation
because of it, but we'll ignore duplicate subsections.

Drive-by cleanup: reduce code duplication by reusing DecodeNameMap from
DecodeIndirectNameMap.

Fixed: chromium:1342338
Change-Id: Icae14c27a0255c6107517354f07ec8eb78d2a7b1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3751211
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81608}
2022-07-08 12:29:51 +00:00
Andy Wingo
8a30ee7e98 [stringrefs] Implement string.as_wtf8, stringview_wtf8.advance
We represent WTF-8 views as ByteArray instances.

Bug: v8:12868
Change-Id: I642ee2ef3d6fd7ea0f383073b282549c31233c7b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3750931
Commit-Queue: Andy Wingo <wingo@igalia.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81607}
2022-07-08 12:15:00 +00:00
Leszek Swirski
c96aa211c7 [bazel] Fix bazel build to include safepoint-table-base.h
Bug: v8:7700
Change-Id: I78d22fe079313312274a1ee9ac285d5dc4e9c38f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3751208
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81606}
2022-07-08 11:26:54 +00:00
Thibaud Michaud
d9e44b2d9b [wasm] Suspend on other JS import kinds
The stack-switching variant of the wasm-to-js wrapper was only generated
for js functions with matching arity. Also suspend for js functions with
mismatching arity and unknown callables.

R=ahaas@chromium.org

Bug: v8:12191
Change-Id: Iab3e2d85210c86a814ae1defab9cd57bf74d80d2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3749578
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81605}
2022-07-08 10:53:10 +00:00
Leszek Swirski
7ea0412e55 [maglev] Split interrupt budget updates to separate nodes
Having interrupt budget updates be part of register allocation caused
various difficulties around gap moves for temporaries vs. gap moves for
phis. This patch splits them off into a separate node which is
separately allocated, and adds invariant checks that phi-updating nodes
don't do any other tricky register allocation.

Bug: v8:7700
Change-Id: I5a454fe4c5a5adff08d5a327ee34fbb43cda97ce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3751196
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81604}
2022-07-08 10:33:50 +00:00
Clemens Backes
d34170f294 Reland "[flags] Enable freezing of flags"
This is a reland of commit 1ed7d0b8d1.
The (hopefully) last issue in chromium is fixed in https://crrev.com/c/3745533.

Original change's description:
> [flags] Enable freezing of flags
>
> This enables the --freeze-flags-after-init flag globally. Note that
> tests, fuzzers, Node and other still explicitly disable the flag. The
> chrome renderer process and default d8 execution will have it enabled
> though.
>
> R=cbruni@chromium.org
>
> Bug: v8:12887
> Change-Id: I9a15ef64227e5e6e04779d8d671a2c50d99c9097
> Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695264
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81214}

Bug: v8:12887
Change-Id: I6445c04abc55242d6e2f204d45ec9ce22c6ece34
Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707284
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81603}
2022-07-08 10:28:32 +00:00
Clemens Backes
5078eea1ce [wasm] Limit module size in streaming decoder
Limit the allowed module size in the streaming decoder to 256kiB to
avoid OOMs on systems that are very memory constained (32-bit ASan
builds).

Drive-by: Skip linting wasm fuzzer input files, as those are binary
files.

R=ahaas@chromium.org

Bug: chromium:1334577, chromium:1337558
Change-Id: Ie5599088fd25c0bc7c8f9f1a953d31fe61a21844
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3700073
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81602}
2022-07-08 09:43:41 +00:00
Matthias Liedtke
562e21866c [wasm][test] Replace struct.new_with_rtt with struct.new
in unit tests:
- function-body-decoder-unittest.cc
- module-decoder-unittest.cc

    Bug: v8:7748

Change-Id: I1f782bb7292ecd1206a921daccde23b1d314d325
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3751198
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Matthias Liedtke <mliedtke@google.com>
Auto-Submit: Matthias Liedtke <mliedtke@google.com>
Cr-Commit-Position: refs/heads/main@{#81601}
2022-07-08 09:24:40 +00:00
Andy Wingo
9662376ad9 [stringrefs] Implement string.encode_wtf16_array
Bug: v8:12868
Change-Id: I4229cefc4dfdb29214712aeef18841092cdf9e87
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3748653
Commit-Queue: Andy Wingo <wingo@igalia.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81600}
2022-07-08 09:01:00 +00:00
Marja Hölttä
2b2ce1d8be [rab/gsab] Tests for Array.p methods, part 7
In this part: sort

Bug: v8:11111
Change-Id: Idd1e7552b4cdda0cdec610189391dbb729c94cdf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3742703
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81599}
2022-07-08 07:32:50 +00:00
Marja Hölttä
3483b970eb [rab/gsab] Fix flag mismatch in serialized data
Bug: v8:11111,chromium:1339648
Change-Id: I3b472f74f37a4e1514ce20635b16970e95a36e15
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3735162
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81598}
2022-07-08 07:08:10 +00:00
Andy Wingo
3f7c53b017 [stringrefs] Implement string.encode_wtf8_array
Bug: v8:12868
Change-Id: Ide772c6e480783931942f6c02eb3e57dd3adf508
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3751201
Commit-Queue: Andy Wingo <wingo@igalia.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81597}
2022-07-08 06:50:40 +00:00
Marja Hölttä
0a8bd76651 [rab/gsab] Tests for Array.p methods, part 6
In this part: shift, unshift, reverse

Bug: v8:11111
Change-Id: I13c156dc401b6a90b3bcccd9261b7240d8dc7498
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3740720
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81596}
2022-07-08 06:40:00 +00:00
v8-ci-autoroll-builder
b9e2e640ca Update V8 DEPS (trusted-origins)
Rolling v8/build: ea8947a..85604a1

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: Idd514783b20c79ebd5db5a1f8a411580c1e21013
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3751763
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81595}
2022-07-08 04:47:29 +00:00
v8-ci-autoroll-builder
b3ea67ee11 Update V8 DEPS (trusted-versions)
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/6f2de7b..d7cbf23

Rolling v8/third_party/depot_tools: 78c53d1..bb07d9e

Rolling v8/third_party/fuchsia-sdk/sdk: version:8.20220706.2.1..version:8.20220707.3.1

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I939a41ce43ce12a41da87970bc550c0ee03797ba
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3751761
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81594}
2022-07-08 03:51:50 +00:00
Michael Lippautz
0c307e6698 cppgc: Extract not fully constructed objects atomically
Parallel marking is running at the beginning of the atomic pause, so the
extraction of these objects must happen atomically.

Bug: v8:13045
Change-Id: I90d489597847e76ade7185cd7120816eddcdc9fe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3749204
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81593}
2022-07-07 18:13:23 +00:00
Toon Verwaest
0e6ba9661e [maglev] Drop the explicit AllocationStage
Now that we have block-lists this isn't strictly necessary anymore.
As a side-effect, AllocateRegister for results now can't use registers
used as inputs anymore either. We could explicitly use
FreeSomeRegister without blocklist in that case, but this CL doesn't
do that yet.

Bug: v8:7700
Change-Id: If4aef1face138e528dc4f8da674326805e4af67c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3749194
Auto-Submit: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81592}
2022-07-07 16:21:03 +00:00
Jakob Kummerow
0a8f45e8e2 [tools][wasm] wami: Disassemble to .wat format
Either the whole module or a single function:

$ out/x64.release/wami my_module.wasm --single-wat 42
$ out/x64.release/wami my_module.wasm --full-wat

Change-Id: Ifa1088a78bb6f86427074806b05226c4bf583b9a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3747677
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81591}
2022-07-07 16:03:13 +00:00
Michael Lippautz
3f88183cb4 [heap] Fix merging typed slots on M1
Merging typed slots in the marking barrier may require allocating a
new typed slots set. We need a CodePageHeaderModificationScope since
that slot set is actually written into the code page.

Bug: chromium:1336850, v8:12797
Change-Id: If3f7d2bb179c2554ea2888c5ad92f098bd29b1c5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3751210
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81590}
2022-07-07 15:30:42 +00:00
Michael Achenbach
01e00334ff [build] Create a group for light gcc targets.
Bug: v8:13005
Change-Id: I25f44231d936d7b3688898e6941d3877f31fafd3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3751205
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81589}
2022-07-07 15:10:32 +00:00
Michael Achenbach
f7d44c11b8 [infra] Add light gcc bots
No-Try: true
Bug: v8:13005
Change-Id: I940d78696885f94afee8b6222b439227b22a3ea5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3751209
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81588}
2022-07-07 14:58:52 +00:00
Michael Achenbach
f7b98adffd [test] Mark slow test
The test mjsunit/wasm/shared-memory-worker-gc is too slow on the gcov
bot.

No-Try: true
Bug: v8:13005
Change-Id: Idac2a6df836c981195d61f9c2737c06d548edb28
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3751204
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81587}
2022-07-07 14:39:01 +00:00