Commit Graph

75905 Commits

Author SHA1 Message Date
v8-ci-autoroll-builder
ba3a28906f Update google_benchmark
Rolling v8/third_party/google_benchmark/src: 2365c4a..b7afda2

Revert "Add possibility to ask for libbenchmark version number () ()" () (Dominic Hamon)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/b7afda2

Clarify that the cpu frequency is not used for benchmark timings. () (Dominic Hamon)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/af7de86

Fix DoNotOptimize() GCC copy overhead () () (Alexander Popov)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/8545dfb

Add possibility to ask for libbenchmark version number () () (Matthias Donaubauer)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/efadf67

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com,mlippautz@chromium.org

Change-Id: I4bced8816a42abb8cd4d95761c93e51b2611b727
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714903
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81263}
2022-06-21 09:00:06 +00:00
Camillo
83f6035947 [snapshot] Turn alignment DCHECKS into CHECKS
This is a temporary change to get more detailed crash reports for
further investigations.

Bug: chromium:1330861
Change-Id: Ifdd8d61692577dffd54d07fadb65575a5c30dcd3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707592
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81262}
2022-06-21 08:59:03 +00:00
Milad Fa
69a77f6558 PPC/S390: Use ByteReverse from utils
This CL removes the the usage of custom byte reversing functions from
the simulator and uses the one provided by V8 utils under:
```
src/utils/utils.h
```

Change-Id: I9a334a10d659b8a3315c34563eb3e6f84644a9e8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714898
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Reviewed-by: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/main@{#81261}
2022-06-21 08:58:01 +00:00
Lu Yahan
308a7e2f58 [riscv64][liftoff] Fix implicit conversion to LiftoffRegList
Port commit b84c7dbd7f

Change-Id: I80ac3498e6cd21fffeb3988fa7341668e59593f0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3716150
Commit-Queue: ji qiu <qiuji@iscas.ac.cn>
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Commit-Queue: Yahan Lu <yahan@iscas.ac.cn>
Reviewed-by: ji qiu <qiuji@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#81260}
2022-06-21 08:56:58 +00:00
jameslahm
1dbe614853 [web snapshot] Implement WriteByte
Bug: v8:11525
Change-Id: I227f0bb852e56551ec0333db52061842664c47c9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3706963
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81259}
2022-06-21 08:55:55 +00:00
Maya Lekova
1de7e24902 [d8] Handle exceptions on async_hooks.createHook
Before we assumed that no exception can be thrown when specifying a
function to be used as an async hook, but that's not the case when e.g.
the object passed to createHook is a proxy trapping on property access
and the trap throws an exception.

Bug: chromium:1337629
Change-Id: I7bd7893cd274afb6e642ed18aacb9e203f7fdd96
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714233
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81258}
2022-06-21 08:54:53 +00:00
Lu Yahan
643d69f75b [riscv64] Optmize load float zero
Change-Id: Ia651b26af419a2187217b8b0f2941ff61a17d247
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3712913
Commit-Queue: Yahan Lu <yahan@iscas.ac.cn>
Reviewed-by: ji qiu <qiuji@iscas.ac.cn>
Commit-Queue: ji qiu <qiuji@iscas.ac.cn>
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#81257}
2022-06-21 08:53:50 +00:00
Nico Hartmann
c878117fa0 Revert "[sandbox] Also enable the sandbox outside of Chromium builds"
This reverts commit 5b9401dde4.

Reason for revert: A few memory tests flake on tsan (e.g. https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20isolates/20190/overview)

Original change's description:
> [sandbox] Also enable the sandbox outside of Chromium builds
>
> Drive-by: include the right header in sandboxed-pointer-inl.h and fix
> missing sandbox initialization in generate-bytecode-expectations.cc.
>
> Bug: v8:10391
> Change-Id: Ic39ba04b7c98eaa58ea3943189c23b297f581f5a
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3630082
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Commit-Queue: Samuel Groß <saelo@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81216}

Bug: v8:10391
Change-Id: I22560a6bdcffbf71651f655bdf7d183d5c832620
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714239
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81256}
2022-06-20 17:04:28 +00:00
Clemens Backes
4f70151d13 [liftoff] Fix PopToModifiableRegister
PopToModifiableRegister did not check the {pinned} list, so it could
return a register which was already used for another (temporary) value.
This CL fixes that, and adds a little optimization which gives more
freedom to the choice of spilling and has a chance to avoid a register
mode.

R=jkummerow@chromium.org

Bug: chromium:1337221
Change-Id: Ifc02321038713ff03e8f8e7db78dde33f70ec847
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707287
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81255}
2022-06-20 16:01:33 +00:00
Samuel Groß
f6e18e9ada [sandbox] Add ApiCheck in v8::ArrayBuffer::NewBackingStore
Previously, when embedders attempted to create ArrayBuffers backed by
memory outside the sandbox, V8 would simply crash with a failed CHECK
when converting the raw backing store pointer into a SandboxedPointer.
The new ApiCheck now provides a better error message in that case.

Bug: chromium:1218005
Change-Id: I7a1ad8cbf07fa346b1f09521850df9b18b428427
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3711882
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81254}
2022-06-20 15:31:53 +00:00
Andreas Haas
438dc0d3c5 Reland "[wasm] Use the API callback to resolve the wasm result promise"
The original CL used Object::Set to create the result object of
WebAssembly instantiation. However, Object::Set is potentially
observable from JavaScript, and therefore required a MicrotasksScope.
This CL replaces the use of Object::Set with Object::CreateDataProperty.

Original message:

This CL switches resolving and rejecting the wasm result promise from
the V8-internal API to the external API added in
https://chromium-review.googlesource.com/c/v8/v8/+/3695584.

This CL can land once Chrome provided an implementation of the callback.

R=jkummerow@chromium.org

Bug: v8:12953
Change-Id: If1f252736fd3a13024d4b38adebf468530c59c03
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714234
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81253}
2022-06-20 15:16:49 +00:00
Toon Verwaest
e16e8d8b98 [maglev] Various regalloc fixes
* Move fixed temporary allocation before arbitrary input allocation,
    so that fixed temporaries don't accidentally clobber the arbitrary
    input register. Now the input allocation will pick a different
    register.
  * For the above, make temporary allocation 'block' the register with a
    sentinel value, rather than marking it free, so that the subsequent
    input allocation knows not to use those registers (including
    spilling into them).
  * Similarly, move arbitrary input allocation after phi resolution when
    allocating control nodes, since phis may have fixed requirements.
  * Allow deopts to spill their inputs if they are not in registers and
    not yet loadable. This is done during the equivalent of input
    allocation for deopts.
  * Allow there to be multiple targets for a single source during gap
    move collection / cycle detection. There can still only be a single
    source per target, therefore there can only be one cycle for each
    connected component -- this is DCHECKed.
  * Make register validation more complete -- also walk the entire
    graph, and check whether value nodes' result register states match
    the current register allocator state.
  * Add much more printing to --trace-maglev-regalloc because these bugs
    ain't easy to debug.

Bug: v8:7700
Change-Id: Id98259c2920d772ce168bf27497162e78b136f9f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714235
Auto-Submit: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81252}
2022-06-20 15:15:47 +00:00
JianxiaoLuIntel
6697ae1829 [serializer]: Fix DisableGCStats
This bug may lead to gc_stats tracing doesn't stop after chrome://tracing stop as expected.

Change-Id: Ibc2ece4c0ad536a99c4aece039ef546d152df10a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3709242
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Jianxiao Lu <jianxiao.lu@intel.com>
Cr-Commit-Position: refs/heads/main@{#81251}
2022-06-20 15:14:44 +00:00
Clemens Backes
b84c7dbd7f [liftoff] Fix implicit conversion to LiftoffRegList
According to the style guide, the implicit conversion of any number of
registers to a LiftoffRegList should not be there. This CL removes it,
and fixes two subideal call sites to use SpillRegister (receiving a
single register) instead of SpillOneRegister (receiving a register list
to choose from).

Plus some semantics-preserving rewrites.

R=jkummerow@chromium.org

Bug: chromium:1337221
Change-Id: Id22043ac1c185bc794dbde7baa4b1d5ab7cce56e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707286
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81250}
2022-06-20 13:48:03 +00:00
Jakob Kummerow
15f372afaf [wasm] Fix tier-up budget tracking for recursive calls
In the previous implementation, functions overwrote any budget
decrements caused by recursive invocations of themselves, which
could cause tier-up decisions for certain unlucky functions to
get delayed unreasonably long.
This patch avoids this by working with the on-instance value
directly instead of caching it in a stack slot. That generates
the same amount of Liftoff code as the status quo, but handles
recursive functions properly.
The "barista3" benchmark's peak performance improves by almost 20%.

Bug: v8:12281
Change-Id: I8b487a88da99c2d22e132f2cc72bdf36aa5f6e63
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3693710
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81249}
2022-06-20 13:34:33 +00:00
Manos Koukoutos
3c34137ad2 Reland "[wasm-gc][cleanup] Remove wasm signature from CallDescriptor"
This is a reland of commit 538f2bc9ab

Changes compared to original: None. We think the problem that caused
the revert (https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20no-concurrent-marking/9377/overview) is unrelated.

Original change's description:
> [wasm-gc][cleanup] Remove wasm signature from CallDescriptor
>
> This field is no longer used, as the functionality it supported has been
> subsumed by wasm-gc typed-based optimizations.
>
> Bug: v8:7748
> Change-Id: I970514bb29e5f91bb5610cafde60ec3dbcfb07aa
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3705376
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Maya Lekova <mslekova@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81244}

Bug: v8:7748
Change-Id: I8eacff98d265751fae55f244d40c0df94e35e6fe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714231
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81248}
2022-06-20 13:26:03 +00:00
Patrick Thier
e71cdfd891 [string] Remove temporarily added CHECKs
CHECKs were added / DCHECKs turned into CHECKs in
https://crrev.com/c/3707103 to help investigate crash reports.
Revert this changes (besides 1 CEHCK that prevents potential OOB reads
when the hash value is corrupted).

Bug: chromium:1336516
Change-Id: I84dd699b53c2006a1be4059940017c1277efa7ff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3711757
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81247}
2022-06-20 13:21:43 +00:00
Michael Lippautz
39a2c91f5f [heap] Fix allocation timeout
Fix underflow in allocation timeout which is used by fuzzers to trigger
garabge collection.

Bug: chromium:1337646
Change-Id: Iffa70497c2945a26242e9e67820197bd5e61f04c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3711758
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81246}
2022-06-20 12:23:06 +00:00
Nico Hartmann
3cb521fedd Revert "[wasm-gc][cleanup] Remove wasm signature from CallDescriptor"
This reverts commit 538f2bc9ab.

Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20no-concurrent-marking/9377/overview

Original change's description:
> [wasm-gc][cleanup] Remove wasm signature from CallDescriptor
>
> This field is no longer used, as the functionality it supported has been
> subsumed by wasm-gc typed-based optimizations.
>
> Bug: v8:7748
> Change-Id: I970514bb29e5f91bb5610cafde60ec3dbcfb07aa
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3705376
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Maya Lekova <mslekova@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81244}

Bug: v8:7748
Change-Id: I110f6b7943ecbaaa6b2a73c3631ea194981cdf20
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714230
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
Owners-Override: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81245}
2022-06-20 12:22:03 +00:00
Manos Koukoutos
538f2bc9ab [wasm-gc][cleanup] Remove wasm signature from CallDescriptor
This field is no longer used, as the functionality it supported has been
subsumed by wasm-gc typed-based optimizations.

Bug: v8:7748
Change-Id: I970514bb29e5f91bb5610cafde60ec3dbcfb07aa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3705376
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81244}
2022-06-20 11:45:23 +00:00
Richard Wang
69aeefe2cb [infra] Remove use_rbe from mb config
use_rbe has been deprecated and logic formerly checking it now checks for use_remoteexec first

Bug: chromium:1247781
Change-Id: I665e76345d5c1a64c2f5253799cee818a4b39129
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707092
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Richard Wang <richardwa@google.com>
Cr-Commit-Position: refs/heads/main@{#81243}
2022-06-20 11:12:53 +00:00
Nikolaos Papaspyrou
ddd2bef2e7 cleanup: Fix some typos
Mostly in comments, again, not much to be said...

Bug: v8:12425
Change-Id: Id847447ade3100f13c5da8931fbb47d06ff1ce1f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3711883
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81242}
2022-06-20 09:52:16 +00:00
Marja Hölttä
bc7b89f7c7 [rab/gsab] Tests for Array.p methods, part 1
In this part: copyWithin, includes

Bug: v8:11111
Change-Id: I63eee835661310c21ad53992ae3b161cc3214dfc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3678206
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81241}
2022-06-20 09:51:10 +00:00
Nikolaos Papaspyrou
8f31a0463e cleanup: Fix some typos, mostly
Mostly in comments, again, not much to be said...
One case of UNREACHABLE with return.

Bug: v8:12425
Change-Id: I295db355c4794e4205b9b70ebbf51e019ec14060
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695265
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81240}
2022-06-20 09:37:35 +00:00
Alexander Schulze
096e6cf931 [infra] Push win64 version to Windows-10-19042
Chromium Win10 builders already run on 19042 [1]. This change bumps v8
as well.

[1] https://ci.chromium.org/ui/p/chromium/builders/ci/Win10%20Tests%20x64/68485/overview

Bug: chromium:1335886
Change-Id: I79f631c38b055aac430ec249beabae1f8f80605a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3711756
Auto-Submit: Alexander Schulze <alexschulze@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81239}
2022-06-20 09:30:56 +00:00
Marja Hölttä
38547ff9fe [rab/gsab] Disallow too large length-tracking TAs
Bug: v8:11111,chromium:1326928
Change-Id: Ib3993df33b7ea8c5dbe721c16f6e7ac6d5a41a09
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687693
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81238}
2022-06-20 09:29:53 +00:00
Igor Sheludko
8487e66d75 [runtime] Inline Foreign fields into AccessorInfo
... to avoid additional indirection on every access.

Drive-by: given that AccessorInfo class now has a custom body visitor
it's no longer necessary to encode flags field as Smi.

Bug: v8:12949
Change-Id: I30eabee3cbc5ded2bf3f050dfe22208713a764bf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3701590
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81237}
2022-06-20 09:25:03 +00:00
Michael Achenbach
9c5108c83e [foozzie] Disable --multi-mapped-mock-allocator for correctness fuzzing
No-Try: true
Bug: chromium:1337522
Change-Id: I086cec1209d6646441f128d9de9493987fc49490
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3711754
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81236}
2022-06-20 08:40:37 +00:00
Adam Klein
b82d352ab8 Fix gcc unused-variable warnings after https://crrev.com/c/3706625
Change-Id: I4c9f0315fd0f2cd2cc234007e05234e657ef7e39
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3712422
Auto-Submit: Adam Klein <adamk@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81235}
2022-06-20 08:19:43 +00:00
Michael Lippautz
a50caffd33 [heap] Remove incremental marking finalization step
Remove finalization step of incremental marking. The step was
historically used to process embedder/weak work on the main thread
before invoking the atomic pause. Remove the infrastructure as the
step is not needed anymore and actually required a safepoint.

Change-Id: I208767bbac3d9a06a0b3c67aa9779f8a5fa07328
Bug: v8:12775
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702801
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81234}
2022-06-20 07:58:03 +00:00
Michael Achenbach
ac398ffb69 [infra] Bump shards on slow bots
No-Try: true
Bug: chromium:1337252
Change-Id: I6c4f17a2ddea72996dc48411a8245380da979b2f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3711755
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Alexander Schulze <alexschulze@chromium.org>
Reviewed-by: Alexander Schulze <alexschulze@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81233}
2022-06-20 07:43:33 +00:00
Igor Sheludko
7bf6bf93e0 [ext-code-space][heap] Add Executability to the v8-oom-location message
... in order to distinguish OOMs caused by code range exhaustion from
other OOMs.

Bug: v8:11880
Change-Id: Ic27242bee7dd7b68673ea478d5972a055ec58943
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707289
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81232}
2022-06-20 07:23:34 +00:00
v8-ci-autoroll-builder
2ed243c321 Update V8 DEPS.
Rolling v8/build: 5ee7989..ced5024

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I2ff8742c2ab3cac679908bb0f8599d758c7505c8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3713323
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81231}
2022-06-20 03:56:05 +00:00
Lu Yahan
a986dcff73 [riscv64] Avoid using callee saved register in call func
f8(fs0) is callee saved so that we should not use it to hold return value in the float_min_max test case.


Change-Id: I7039918cc434462dd956339d4263811543e23a94
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3711284
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Reviewed-by: ji qiu <qiuji@iscas.ac.cn>
Commit-Queue: ji qiu <qiuji@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#81230}
2022-06-19 12:30:52 +00:00
v8-ci-autoroll-builder
167f9de3cf Update V8 DEPS.
Rolling v8/build: 7e8d64b..5ee7989

Rolling v8/buildtools: 8b16338..34f9ff8

Rolling v8/buildtools/third_party/libc++/trunk: 1a63708..b126981

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/0eef537..b83d69f

Rolling v8/third_party/depot_tools: c5c4853..9a3c4bc

Rolling v8/tools/clang: aab5788..f68dc6b

Rolling v8/tools/luci-go: git_revision:de014227dd270df7c61bfab740eb4ae4b52ac2a7..git_revision:df39938896c4603fb2a214a2430450a85d9cca81

Rolling v8/tools/luci-go: git_revision:de014227dd270df7c61bfab740eb4ae4b52ac2a7..git_revision:df39938896c4603fb2a214a2430450a85d9cca81

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I11e049b61608a0f43f04dfa4b88ca569dfc56d6e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3712646
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81229}
2022-06-19 04:00:13 +00:00
Frank Tang
cd7100e9aa [Temporal] Add add/subtract to PlainYearMonth
Also add AOs: AddDurationToOrSubtractDurationFromPlainYearMonth,
CreateNegatedDurationRecord

Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.plainyearmonth.prototype.add
https://tc39.es/proposal-temporal/#sec-temporal.plainyearmonth.prototype.subtract
https://tc39.es/proposal-temporal/#sec-temporal-adddurationtoorsubtractdurationfromplainyearmonth

Also see https://github.com/tc39/proposal-temporal/pull/2281

Bug: v8:11544
Change-Id: I5ca6acc82dad07a8dd202de02bca5a16e585e84c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3697180
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81228}
2022-06-18 00:35:02 +00:00
Frank Tang
08c18bfc2e [Temporal] Add compare and equals to ZonedDateTime
Also add AOs: TimeZoneEquals

Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.compare
https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.equals
https://tc39.es/proposal-temporal/#sec-temporal-timezoneequals

Bug: v8:11544
Change-Id: Ibcd1e42d72f86f16e0f5ddb1fd589bbe7ab2225c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3709217
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81227}
2022-06-18 00:02:01 +00:00
Milad Fa
dcf34383f6 PPC: fix fcfid on disassembler
This CL corrects the selection and print of fcfid variations
(singe and double precision).

Change-Id: I438a76793ec5fdb814ea6bc46bd0a2b0c9b2acd2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3712063
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#81226}
2022-06-17 23:33:41 +00:00
Shu-yu Guo
8b8e044fd2 [heap] Add Parking* variants of blocking primitives
Due to shared GCs it's easy to accidentally deadlock V8 by forgetting to
park a thread before blocking.

This CL does the following:

- Adds ParkingConditionVariable and ParkingSemaphore, which hide
the Wait[For] methods in favor of ParkedWait[For], which parks the
thread before blocking the thread.
- Migrate to the Parking* variants in JS shared memory tests.

Bug: v8:11708
Change-Id: I6d1b2b26a05e7df0a69a1614c03308f538a8782f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3708017
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81225}
2022-06-17 17:42:40 +00:00
Shu-yu Guo
35a6ac728b [shared-struct] Clear the waiter queue head external pointer on notify
Bug: v8:12547
Change-Id: I94697ebf41ce5c132ad4bfc6472b9fc925d1f176
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3709240
Reviewed-by: Samuel Groß <saelo@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81224}
2022-06-17 17:37:35 +00:00
Patrick Thier
ca29b0d3f6 Remove --always-use-string-forwarding-table from --future
Bug: chromium:1336516
Change-Id: I28a2b9d72e00a17792f80cf2a65312eeb47f165a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707290
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Auto-Submit: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81223}
2022-06-17 15:42:02 +00:00
Samuel Groß
d500b7b853 [sandbox] Treat nullptr dereferences as harmless in sandbox crash filter
Bug: v8:12878
Change-Id: I79ca182fcf59f520cdf8f25dd0daac9ced07881a
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707283
Commit-Queue: Samuel Groß <saelo@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81222}
2022-06-17 15:14:50 +00:00
Milad Fa
5f914d92f4 S390: Fix build with no web assembly
Fixing build with `v8_enable_webassembly = false`.

Change-Id: I911ea533a7a0a3111525066e6f9d57d27a351e5f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3708105
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#81221}
2022-06-17 14:56:30 +00:00
Tobias Tebbi
95a23cf444 Revert "Skip mjsunit/turboshaft/simple on numfuzz until flake is solved"
This reverts commit c56edd3eba.

Reason for revert: should be fixed now

Original change's description:
> Skip mjsunit/turboshaft/simple on numfuzz until flake is solved
>
> NOTRY=true
>
> Bug: v8:12826
> Change-Id: I08be2980f92c69504290bb6152e48595e6a6c9aa
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3629540
> Auto-Submit: Almothana Athamneh <almuthanna@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80369}

Bug: v8:12826
Change-Id: I615c682447df58bf9ae7acd9e4429b3a55697d8a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707593
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81220}
2022-06-17 14:45:20 +00:00
Igor Sheludko
62c6c6c772 [tests] Fix cctest/test-spaces/OldLargeObjectSpace
... which doesn't expect GCs caused by concurrent allocations.

Bug: v8:12779
Change-Id: I4ab13711ed4d98e7a46d759f0020b5983dec4ee0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707278
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81219}
2022-06-17 13:09:24 +00:00
Tobias Tebbi
3ccdbfe395 Revert "[flags] Enable freezing of flags"
This reverts commit 1ed7d0b8d1.

Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Blink%20Linux%20Future/13719/overview

Original change's description:
> [flags] Enable freezing of flags
>
> This enables the --freeze-flags-after-init flag globally. Note that
> tests, fuzzers, Node and other still explicitly disable the flag. The
> chrome renderer process and default d8 execution will have it enabled
> though.
>
> R=​cbruni@chromium.org
>
> Bug: v8:12887
> Change-Id: I9a15ef64227e5e6e04779d8d671a2c50d99c9097
> Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695264
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81214}

Bug: v8:12887
Change-Id: I63c45d4b026345d95a5de179600df960eae8ca0a
Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707280
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81218}
2022-06-17 12:41:32 +00:00
Tobias Tebbi
6048f75493 [compiler] make CanCover() transitive
In addition to checking that a node is owned, CanCover() also needs to
check if there are any side-effects in between the current node and
the merged node. When merging inputs of inputs, this check was done
with the wrong side-effect level of the in-between node.
We partially fixed this before with `CanCoverTransitively`.
This CL addresses the issue by always comparing to the side-effect
level of the node from which we started, making `CanCoverTransitively`
superfluous.

Bug: chromium:1336869
Change-Id: I78479b32461ede81138f8b5d48d60058cfb5fa0a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707277
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81217}
2022-06-17 11:02:02 +00:00
Samuel Groß
5b9401dde4 [sandbox] Also enable the sandbox outside of Chromium builds
Drive-by: include the right header in sandboxed-pointer-inl.h and fix
missing sandbox initialization in generate-bytecode-expectations.cc.

Bug: v8:10391
Change-Id: Ic39ba04b7c98eaa58ea3943189c23b297f581f5a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3630082
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81216}
2022-06-17 09:54:00 +00:00
JianxiaoLuIntel
7aeb32a3c2 heap: Remove redundant check for deserialization_complete
Change-Id: I9d135e2add4f6ae7b0b19b97081ec40096ff75b2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3708026
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Jianxiao Lu <jianxiao.lu@intel.com>
Cr-Commit-Position: refs/heads/main@{#81215}
2022-06-17 09:29:20 +00:00
Clemens Backes
1ed7d0b8d1 [flags] Enable freezing of flags
This enables the --freeze-flags-after-init flag globally. Note that
tests, fuzzers, Node and other still explicitly disable the flag. The
chrome renderer process and default d8 execution will have it enabled
though.

R=cbruni@chromium.org

Bug: v8:12887
Change-Id: I9a15ef64227e5e6e04779d8d671a2c50d99c9097
Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695264
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81214}
2022-06-17 08:55:30 +00:00