Commit Graph

67097 Commits

Author SHA1 Message Date
Mythri A
52e507bef4 [turboprop] Use Turboprop for OSR compilations
OSR compilations happen on main thread and the functions that are called
from would have been already optimized. Also this code is only used for
this invocation. So to limit the amount of time spent on main thread
we could do a quick Turboprop compilation instead of a highly optimized
TurboFan compilaiton.

Change-Id: Ifcdcb5c855d8a9a56b13c1940b4ee0ed3bfb4d67
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2659257
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72505}
2021-02-03 16:46:29 +00:00
Michael Achenbach
ca18989601 [test] Update Mac testing from 10.13 to 10.15
Bug: chromium:1174040
Change-Id: I2ee539e5074707ac93f97a9a3a131e9c2745cdbe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2672180
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72504}
2021-02-03 16:26:57 +00:00
Michael Lippautz
e963b636a5 cppgc: Add testing API structure
Adds testing API that can only be used after enabling it on a heap.
The call that enables testing is only provided via v8_for_testing or
cppgc_for_testing build targets which protects against misusing from
production code.

Change-Id: I24a8f5543a2bb479481384e2c555d231383e5d12
Bug: chromium:1056170
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2667513
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72503}
2021-02-03 16:00:37 +00:00
Bill Budge
8798b3ef4e [compiler][ia32][arm] Fix pushing of arguments
- Fixes some incorrect assumptions about padding in the
  code generation. Slots may have apparent extra padding
  when allocation fragments go unused.
- Reworks 32 bit push code to simplify skipping slot gaps
  when 'push' instructions are used.
- Adds a ElementSizeInPointers function on machine
  representations.

Bug: chromium:1171759,v8:9198

Change-Id: I029e300fa9c306d7e35344576fd1c68857cf2bca
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2660379
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72502}
2021-02-03 15:46:32 +00:00
Thibaud Michaud
c781da6c8b [wasm][eh] Add use counter for exception handling
R=ahaas@chromium.org,ulan@chromium.org

Bug: v8:8091
Change-Id: Ia826e18bd06b5e6d401ff43b33b43b4e4c2a69db
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2672022
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72501}
2021-02-03 15:45:27 +00:00
Sathya Gunasekaran
91ea05911e [isolate] Don't create unnecessary handles
IsAnyInitialArrayPrototype doesn't need an handlified input argument
as it doesn't cause GC.

This improves performance of MapData::MapData as canonical handle scope
creation is expensive.

Change-Id: I2e1a46354276857b64867ea3e994356faef8950e
Bug: v8:9684
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2671659
Commit-Queue: Sathya Gunasekaran  <gsathya@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72500}
2021-02-03 15:44:23 +00:00
Seth Brenith
cffd8bc86a [torque] Add @relaxedRead annotation
When generating getters, Torque needs to decide whether to perform a
normal or relaxed load. Thus far, it has used the somewhat non-obvious
logic that any indexed field with tagged non-smi data gets relaxed
loads. This change adds a new annotation @relaxedRead to be consistent
with the existing @relaxedWrite annotation. I added @relaxedRead
annotations on any field that previously had this automatic behavior and
whose getter is called, except for those in ScopeInfo because I'm
relatively confident that it doesn't need relaxed access.

Bug: v8:7793
Change-Id: I9987eea13760b967f1b8a3189b69742e55140c30
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2600113
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72499}
2021-02-03 15:43:17 +00:00
Leszek Swirski
b84baffbe7 [tools] Fix whitespace
Fix some trailing whitespace issues in files in the tools directory.

Change-Id: If9e9b1dab1d6f521e20619a2a1d093749f0528d9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2671660
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72498}
2021-02-03 15:42:11 +00:00
Santiago Aboy Solanes
b5d4eb470e [compiler] Move GetPropertyKey to DescriptorArrayRef
Also access the DescriptorArray through GetPropertyKey concurrently if
the FLAG_turbo_direct_heap_access is on.

Bug: v8:7790
Change-Id: I29e5895fefc3653f954ba56aa85218121402e7ed
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2653232
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72497}
2021-02-03 14:56:11 +00:00
Milad Fa
f83601408c PPC/s390: Fix frame size to account for q registers
Port 45b99aaa58

Original Commit Message:

    In https://crrev.com/c/2645694 we push the full q registers before lazy
    compile, but we did not change the fixed frame size to account for the
    wider registers being pushed.

    This manifested in the frame having data like:

    (gdb) x/10xg start.ptr_
    0x7f5576ff3eb0: 0x0000000000000000      0x0000336b08202759
    0x7f5576ff3ec0: 0x7ff000007f801000      0x0000000000000000
    0x7f5576ff3ed0: 0x7ff000007f801001      0x0000000000000000
    0x7f5576ff3ee0: 0x7ff000007f801002      0x0000000000000000
    0x7f5576ff3ef0: 0x7ff000007f801003      0x0000000000000000

    The GC then walks part of this frame, thinking that 0x7ff000007f801003
    is a heap object, and then crashes.

    Add some static_asserts (similar to builtins-x64) to remind ourselves
    that the pushed registers have to match the size in frame constants.

R=zhin@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N

Change-Id: I994f1b7fecbb24ea97d846b1eed98201bc3b08ad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2669308
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#72496}
2021-02-02 23:05:42 +00:00
Ng Zhi An
dd90d107a9 [wasm-simd][ia32] Implement i8x16.popcnt
Code sequence from https://github.com/WebAssembly/simd/pull/379, and
exactly the same as x64, with minor tweaks for
ExternalReferenceAsOperand.

Bug: v8:11002
Change-Id: Icbfdac62b21c2734ad4886b3d48f34e29f7a8222
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2664860
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72495}
2021-02-02 23:02:49 +00:00
Milad Fa
809b6481cb PPC/s390: [wasm-simd] Add i64x2 ne and alltrue
Port 910d92e227

Original Commit Message:

    This is a partial revert of https://crrev.com/c/2457669 to add back
    i64x2.ne and i64x2.all_true, which were accepted into the proposal
    (https://github.com/WebAssembly/simd/issues/419).

    This only implements it for x64 and arm64 on TurboFan, other archs and
    Liftoff will come later.

R=zhin@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N

Change-Id: I9aedc94f665a7e02426e0abe44cea72176063942
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2668830
Reviewed-by: Junliang Yan <junyan@redhat.com>
Reviewed-by: Milad Fa <mfarazma@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#72494}
2021-02-02 20:51:36 +00:00
Ng Zhi An
3fca8f85c9 [wasm-simd][ia32] Consolidate some SSE/AVX i8x16 opcodes
Bug: v8:11217
Change-Id: I6e61b11babc0baecf7b1982ef779b941d3344182
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2667971
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72493}
2021-02-02 19:30:36 +00:00
Milad Fa
d913f0461d PPC: Push the full q register before lazy compile
V8 uses the same set of fp param registers as Simd param registers.
As these registers are two different sets on ppc we must make
sure to also save them when Simd is enabled.
Check the comments under crrev.com/c/2645694 for more details.

Port 3b302d5cfe

Original Commit Message:

    If a lazy compilation happens in between 2 Wasm calls, we need to save
    the full Q register, since we can have live v128 values.

R=zhin@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N

Change-Id: Icdd0a6d38225a866b61651ff406598c144c25ebf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2667952
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#72492}
2021-02-02 19:22:36 +00:00
Ng Zhi An
2e9b0e90c2 [wasm-simd] Fix I8x16UConvertI16x8 in interpreter
We were hitting an implementation defined behavior in this instruction:

- v is clamped to uint8_t::min and uint8_t::max
- then we static_cast<int8_t>(v)
- any values that don't fit in int8_t (> 127) hits and implementation
defined behavior

We reuse base::saturated_cast here instead to avoid this undefined
behavior.

Drive-by cleanup of test cases to make the signed/unsigned cases more
explicity.

Bug: v8:11372
Change-Id: I4e92cdfb685d74bd5436ba25f1c00db49a231221
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2659501
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72491}
2021-02-02 18:50:45 +00:00
Thibaud Michaud
ef3e9cb059 [wasm][eh] Add missing checks before using EH opcodes
R=clemensb@chromium.org

Bug: v8:8091
Change-Id: Id2f0b4635ee235c592a969a41d1f50ed677150f2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2667857
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72490}
2021-02-02 17:37:45 +00:00
Ng Zhi An
910d92e227 [wasm-simd][x64][arm64] Add i64x2 ne and alltrue
This is a partial revert of https://crrev.com/c/2457669 to add back
i64x2.ne and i64x2.all_true, which were accepted into the proposal
(https://github.com/WebAssembly/simd/issues/419).

This only implements it for x64 and arm64 on TurboFan, other archs and
Liftoff will come later.

Bug: v8:11347,v8:11348
Change-Id: I86934478760e3d501ecdb3ce6c9b702764cc0838
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2665005
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72489}
2021-02-02 17:29:47 +00:00
Junliang Yan
0df3de1849 s390x: [liftoff] implement caller frame load/store
Change-Id: I6b0aa0daab07728f5a524ecba289276c7fa33a08
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2668568
Reviewed-by: Milad Fa <mfarazma@redhat.com>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/master@{#72488}
2021-02-02 17:28:25 +00:00
Marja Hölttä
b5dae1e4e3 Reland [d8] Fix a crash when getting the worker's onmessage handler
Now with more fixes.

Bug: chromium:1162473, v8:11383
Change-Id: I54751cef03f6b2b1dc70324486441c9b0b011cc1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2667512
Auto-Submit: Marja Hölttä <marja@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72487}
2021-02-02 14:24:53 +00:00
Junliang Yan
3a159b87f4 s390x: [liftoff] only reverse when access mem
Change-Id: I34552a97244c5f4c343d16e5093676e3af5c210b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2667510
Reviewed-by: Milad Fa <mfarazma@redhat.com>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/master@{#72486}
2021-02-02 13:57:33 +00:00
Benedikt Meurer
ee58dde23b [wasm][debug] Add support for conditional breakpoints.
Previously the WebAssembly debugger support completely ignored the
condition on breakpoints. With this change, we check conditions
(snippets of JavaScript) properly, which enables not only conditional
breakpoints in the front-end, but also other features like 'Never pause
here' (which simply sets `false` as condition) and log points.

Fixed: chromium:1173007
Bug: chromium:1173006
Change-Id: I02c740d383378a1f4cc08134ad571bea08e9a905
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2666690
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72485}
2021-02-02 13:42:24 +00:00
Clemens Backes
0363eb4da0 [wasm][debug] Generate sidetables for stepping lazily
We are often stepping multiple times without inspecting the state
in-between. Hence, the generated debug side table is often not being
used. Instead of always generating it, we can generate it lazily on
demand, which can avoid the need to generate it at all.

R=thibaudm@chromium.org

TEST=inspector/debugger/wasm-stepping

Bug: chromium:1172299
Change-Id: I9b9ff4485d65d720d23585856b3d672925460667
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2664446
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72484}
2021-02-02 13:00:03 +00:00
Santiago Aboy Solanes
be3a6690bd [compiler] Perform FindFieldOwner concurrently through Refs
Also, enable concurrent GetBackPointer().

Bug: v8:7790
Change-Id: If92cb7cdd9e6f5eb9a636764ca8abe2fc2c05ab2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2650205
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72483}
2021-02-02 12:29:53 +00:00
Jakob Kummerow
26653f894c [wasm-gc] Fix ref.is_null in Liftoff
When constant-folding the test based on static types in the function
body decoder, we have to ensure Liftoff's value stack is properly
updated.

Fixed: chromium:1172912
Change-Id: I618992608882b850a8a4bce0b267ce456e4c2a40
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2664447
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72482}
2021-02-02 12:26:23 +00:00
Clemens Backes
3ee7b5c6c4 Revert "[d8] Fix a crash when getting the worker's onmessage handler"
This reverts commit a850668ccf.

Reason for revert: new test flaking on many bots, e.g. https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Win32/31068/overview

Original change's description:
> [d8] Fix a crash when getting the worker's onmessage handler
>
> Bug: chromium:1162473
> Change-Id: Ided2f52882aaf02e1dc9a8d0ba883fedf029464d
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2663004
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Commit-Queue: Marja Hölttä <marja@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#72473}

TBR=marja@chromium.org,cbruni@chromium.org

Change-Id: I5ec056185967974a94fd61baec8a75e855e1a272
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:1162473, v8:11383
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2666693
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72481}
2021-02-02 12:14:15 +00:00
Leszek Swirski
5a0b81b493 [arm64/sim] Add a simple backtrace debug command
Add a simple backtrace/bt command to the simulator debugger, which does
the frame-pointer stack walk and dumps pc/fp/sp for each frame.

This is strictly less powerful than the full JS stack dump, but can be
used to debug issues with corrupted frames that prevent the JS stack
dumper from working correctly.

Change-Id: I26cc962ab8d22c0a219d6a35548544602aa89418
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2666688
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72480}
2021-02-02 12:04:33 +00:00
Leszek Swirski
1f72df06b3 [arm64/sim] Add a 'sim' gdb command
Extract out the command processing from Simulator::Debug(), and expose
it to gdb as a new 'sim' command. Example usage:

    (gdb) sim p x15
    (gdb) sim stack

The sim command will execute that one command, and will return to gdb.

For a list of all commands, you can call

    (gdb) sim help

Note that sim won't resume simulator execution until gdb continues
execution; for example, `sim next` will set a breakpoint on the next
instruction, and will return to gdb. The user then has to continue
execution in gdb, at which point the simulator will break. The user can
then re-enter gdb with the gdb command. This will look like this:

    (gdb) sim next
    (gdb) continue
    ...
    sim> gdb
    (gdb) ...

Change-Id: I678e71e2642d8427950b5f7ed65890ceae69e18d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2664448
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72479}
2021-02-02 11:59:53 +00:00
Clemens Backes
1f85cb19df [wasm][debug] Add test for conditional breakpoints
Conditional breakpoints are not implemented yet; the condition is just
ignored for wasm. This CL adds a test for conditional breakpoints. The
output is expected to change once the implementation is finished.

R=bmeurer@chromium.org

Bug: chromium:1173007
Change-Id: I15e0053ec8b57e28b8eadc208f35bbf70437682e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2666692
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72478}
2021-02-02 11:40:03 +00:00
Manos Koukoutos
44fa34084a [wasm-gc] Fixes around rtts, especially functions
Changes:
- Rename ObjectReferenceKnowledgs::object_must_be_data_ref to
  reference_kind, introduce an enum to describe it.
- In both compilers, remove the dynamic check whether the object is an
  array/struct. This is known statically. Instead, if we are checking
  for a function, just check for rtt equality and exit.
- Remove is_data_ref_type(), replace it in the compilers with calls to
  has_signature().
- Restructure AllocateSubRtt() to handle function rtts properly.
- Add a couple execution tests.

Bug: v8:7748
Change-Id: I46fbbfe2f2a7d29b583de0d536d71c534b98322f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2661460
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72477}
2021-02-02 11:32:43 +00:00
Jakob Gruber
102304d17d [nci] Remove --turbo-nci-as-midtier and other flags
The removed flags are:

1. --turbo-nci-as-midtier
2. --turbo-nci-cache-ageing
3. --turbo-nci-delayed-codegen

Flag 1. was used by a testing mode that is no longer used. Flags 2. and
3. were used to experiment with codegen and cacheing heuristics, no
longer needed now that work is suspended.

Bug: v8:8888
Change-Id: Ib4a89f09340c2d94ee7688928c8235276c1f1032
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2661461
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72476}
2021-02-02 11:28:18 +00:00
Mythri A
df98901c19 [interpreter] Store accumulator to callee after optional chain checks
Optional chain checks check if the object is null or undefined and
if it is we don't perform the load but just load accumulator with
undefined. For calls the value of the accumulator needs to be stored
in the callee register. We were doing this only when the object
isn't null or undefined. This cl fixes it by storing it to callee
always.

Bug: chromium:1171954
Change-Id: I391af18e783486fed70be561027bd8aba97b93cc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2665466
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72475}
2021-02-02 11:27:13 +00:00
Georg Neis
98653d0277 [compiler] Drop a misleading type annotation
Boolean denotes the boolean JS values and doesn't make sense for the
result of a WordEqual.

Change-Id: Id504bbe1171c2603ed4070ed922fcafd94d846c1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2666689
Commit-Queue: Georg Neis <neis@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72474}
2021-02-02 10:54:13 +00:00
Marja Hölttä
a850668ccf [d8] Fix a crash when getting the worker's onmessage handler
Bug: chromium:1162473
Change-Id: Ided2f52882aaf02e1dc9a8d0ba883fedf029464d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2663004
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72473}
2021-02-02 10:43:03 +00:00
Camillo Bruni
1c6e7920b5 [cctest] Simplify DynamicImport test
Add comments and simpify code a bit for less chance of cargo culting.

Change-Id: Ica3fc60b0b7c11cc99a4c9ba9e3255662bbbb6bc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2642459
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72472}
2021-02-02 10:05:44 +00:00
Liu Yu
38fb148730 [mips64] Push the full MSA register before lazy compile
Port: 3b302d5cfe

Port: 45b99aaa58

Besides, removed redundant DCHECK.

Change-Id: Ifac825ae7670b075750603b2c61a3d60a85cc373
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2662581
Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Auto-Submit: Liu yu <liuyu@loongson.cn>
Cr-Commit-Position: refs/heads/master@{#72471}
2021-02-02 09:34:16 +00:00
LiuYu
bc70b6e475 [mips][wasm-simd] Merge all any_true to v128.any_true
Port: 6d3a53e7f2

Bug: v8:11331

Change-Id: I6aaba8e4d25e01121f0f7e01f67af3b5c7202ba6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2666712
Auto-Submit: Liu yu <liuyu@loongson.cn>
Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/master@{#72470}
2021-02-02 07:13:43 +00:00
v8-ci-autoroll-builder
fb0f95bcbf Update V8 DEPS.
Rolling v8/build: dce1147..dc9dc45

Rolling v8/buildtools: 9904915..fc5af1a

Rolling v8/third_party/aemu-linux-x64: Y_rckHsnBv6dqNUbG4QoVkl3njqEx7ewCNGmqOE_h1MC.._nJMIPzu-ykpL-XPjf14IZ3CAFT3iQRtsbzyiSm9u7QC

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/91735e2..4920147

Rolling v8/third_party/depot_tools: cb07c52..8c95595

Rolling v8/third_party/zlib: c876c8f..bf44340

Rolling v8/tools/clang: 9290907..ec98581

TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com

Change-Id: Ic364444072e5b2405dc05d3cce7133585cce84c9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2666713
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#72469}
2021-02-02 03:49:53 +00:00
Michael Lippautz
7e9aa1bd8f cppgc: Add Persistent capabilitites
- Allow downcasting construciton and assignment;
- Add WeakCrossThreadPersistent::Lock() that safely retrieves a strong
  handle for a weak reference;

Bug: chromium:1056170
Change-Id: I5f8d85a87c9955506dd87723ffb4c80d66770c04
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2663160
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72468}
2021-02-02 00:25:22 +00:00
Milad Fa
50fb3e0309 PPC/s390: Reland "[wasm-simd] Merge all any_true to v128.any_true"
Port 6d3a53e7f2

Original Commit Message:

    This is a reland of commit 9c09c227b0.

    The fix for gc stress failure is merged: https://crrev.com/c/2656857.

    Original change's description:

    > Bug: v8:11331
    > Change-Id: Ie394ec841a1a1c4030c4f589eac2cee8a6a2a1f9
    > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2639033
    > Reviewed-by: Georg Neis <neis@chromium.org>
    > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
    > Commit-Queue: Zhi An Ng <zhin@chromium.org>
    > Cr-Commit-Position: refs/heads/master@{#72304}

R=zhin@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N

Change-Id: I68991b81c18e06714d272f019dab7994419692bb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2665894
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#72467}
2021-02-01 23:29:42 +00:00
Junliang Yan
9fd2c27f17 PPC/s390: [builtins] Clear c_entry_fp when entering JS and at exception path
Port 07b03b8353

Original Commit Message:

    c_entry_fp is normally cleared in `LeaveExitFrame`, but we adjust
    the frame without it in the exception path.

    This can cause the SafeStackFrameIterator to assume we have an exit
    frame and iterate over frames incorrectly, which for arm64 can
    cause pointer authentication failures with CFI enabled. Even without
    the pointer authentication failure, we iterate over frames
incorrectly,
    so make this change for other architectures too.

    Also clear c_entry_fp in the beginning of JSEntry, after pushing it
    on the stack. Not doing this doesn't cause pointer authentication
    failures, but it will make the SafeStackFrameIterator assume we
    are executing C++ and miss the JS frames on top.

R=georgia.kouveli@arm.com, joransiu@ca.ibm.com, junyan@redhat.com,
midawson@redhat.com, mfarazma@redhat.com
BUG=
LOG=N

Change-Id: Id12286a0f18fce928f9e44825fc13cd0338bac46
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2665893
Reviewed-by: Milad Fa <mfarazma@redhat.com>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/master@{#72466}
2021-02-01 22:59:42 +00:00
Ng Zhi An
6d3a53e7f2 Reland "[wasm-simd] Merge all any_true to v128.any_true"
This is a reland of commit 9c09c227b0.

The fix for gc stress failure is merged: https://crrev.com/c/2656857.

Original change's description:

> Bug: v8:11331
> Change-Id: Ie394ec841a1a1c4030c4f589eac2cee8a6a2a1f9
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2639033
> Reviewed-by: Georg Neis <neis@chromium.org>
> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
> Commit-Queue: Zhi An Ng <zhin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#72304}

Bug: v8:11331
Change-Id: I82f57b3fe5f0c456472aa7ce404703f34b73d17e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2659511
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72465}
2021-02-01 19:54:18 +00:00
Ng Zhi An
3ba83f2d43 [wasm-simd][fuzzer] Add load/store lane instructions to fuzzer
Bug: v8:10975
Change-Id: Icfc5982c96132ef3eaa4d8b9dc2b8229d87ab15e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2659509
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72464}
2021-02-01 18:58:57 +00:00
Ng Zhi An
8665f09771 [cleanup] Fix invalid references to wasm-linkage.cc in comments
Change them to wasm-linkage.h.

Bug: v8:11074
Change-Id: Ic29cdd85b3d20cf384952aacc7ca82236e3bf276
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2659502
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72463}
2021-02-01 18:54:18 +00:00
Daniel Clark
4ae35a7e84 Loosen DHCECK to allow for no HostImportModuleDynamically callback to be set
The DCHECK is firing because the fuzzer doesn't set any
HostImportModuleDynamically callback.  Previously
RunHostImportModuleDynamicallyCallback would not assert for this and
would just return a rejected promise.  After
https://chromium-review.googlesource.com/c/v8/v8/+/2620578, this results
in a failed DCHECK.

This change restores the old behavior by loosening the DCHECK such that
it only fails if both the deprecated and the new callback are set.

Bug: chromium:1172121
Change-Id: Ifda28eb28572a40d3752928997edf25d607b61c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2659505
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Dan Clark <daniec@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#72462}
2021-02-01 18:38:24 +00:00
Georg Neis
e12ffa65fa [compiler] Simplify JSHeapBroker::TryGetOrCreateData uses
Make the crash_on_error parameter false by default, so that the typical
use is easier to read:
Use GetOrCreateData(obj) if you expect the object to be known already.
Use TryGetOrCreateData(obj) if you don't.

Bug: v8:7790
Change-Id: I5732ad13ec582c2a1112032f88be54c833906a6a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2658327
Auto-Submit: Georg Neis <neis@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72461}
2021-02-01 17:55:24 +00:00
Clemens Backes
0215b57261 [wasm][debug] Remove dead parameter
Minor cleanup before starting to refactor the debug side table.

R=thibaudm@chromium.org

Bug: chromium:1172299
Change-Id: I507cb297e66954488194a346aac31664a34a20f8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2659260
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72460}
2021-02-01 16:57:44 +00:00
Liviu Rau
e76dc8c923 Whitespace to trigger builders
Used for testing infra change https://crrev.com/c/2650208

NOTRY=true
NOPRESUBMIT=true
NOTREECHECKS=true

Bug: chromium:1144601
Change-Id: I93ea610c45d3cbc9557f9a13e2ccc74927720384
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2659256
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72459}
2021-02-01 13:38:16 +00:00
Georgia Kouveli
07b03b8353 [builtins] Clear c_entry_fp when entering JS and at exception path
c_entry_fp is normally cleared in `LeaveExitFrame`, but we adjust
the frame without it in the exception path.

This can cause the SafeStackFrameIterator to assume we have an exit
frame and iterate over frames incorrectly, which for arm64 can
cause pointer authentication failures with CFI enabled. Even without
the pointer authentication failure, we iterate over frames incorrectly,
so make this change for other architectures too.

Also clear c_entry_fp in the beginning of JSEntry, after pushing it
on the stack. Not doing this doesn't cause pointer authentication
failures, but it will make the SafeStackFrameIterator assume we
are executing C++ and miss the JS frames on top.

Bug: v8:10026
Change-Id: Ie94834920f51e9f1cc5c1c775596726b61fc0507
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2642256
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com>
Cr-Commit-Position: refs/heads/master@{#72458}
2021-02-01 11:42:55 +00:00
Ulan Degenbaev
6df1aec62c [heap, infra] Remove --local-heaps and --concurrent-allocation flags
The flags are enabled by default and have stable coverage.
This also removes the corresponding bots.

Bug: v8:10315
Change-Id: Icce01383050dff758b6554db8e0c3589d6e5459c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2658324
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72457}
2021-02-01 11:01:26 +00:00
Peter Wong
5a2c53f948 [torque] Port String.prototype.includes/indexOf and StringIndexOf
- Removed no longer used StringBuiltinAssembler methods (DispatchOnStringEncodings, PointerToStringDataAtIndex)
- Removed no longer used Runtime functions (StringIncludes, StringIndexOf, StringIndexOfUnchecked).
- Overall builtin code size is reduced (652 bytes on Mac x64.release build), builtin size breakdown:

BEFORE
======
TFS Builtin, StringIndexOf, 1092
TFJ Builtin, StringPrototypeIncludes, 1784
TFJ Builtin, StringPrototypeIndexOf, 1536
Total = 4412

AFTER
=====
TFC Builtin, StringIndexOf, 2036 (+944)
TFJ Builtin, StringPrototypeIncludes, 1072 (-712)
TFJ Builtin, StringPrototypeIndexOf, 652 (-884)
Total = 3760 (-652)


Bug: v8:8996
Change-Id: I9a88c095e2097f7d570e58e744d6692dc524ddf4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2660995
Commit-Queue: Peter Wong <peter.wm.wong@gmail.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72456}
2021-02-01 08:29:15 +00:00