Commit Graph

5537 Commits

Author SHA1 Message Date
Ross McIlroy
4ab70f6b21 [Compiler] Remove untrusted code mitigations.
These are no longer enabled, so remove the code mitigation logic from
the codebase.

BUG=chromium:1003890

Change-Id: I536bb1732e8463281c21da446bbba8f47ede8ebe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3045704
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76256}
2021-08-12 12:58:24 +00:00
Ross McIlroy
28bf491fde [Turboprop] Revert turboprop implication from --future.
Got the data we need for now, reverting to enable --concurrent-inlining
clean data on --future.

BUG=v8:9684

Change-Id: I80b5bac1e852cb9f0915434a75115f6a59be8943
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3089154
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76228}
2021-08-11 11:57:44 +00:00
Clemens Backes
9740901ae1 [testrunner] Fix test selection on Windows
This makes flako usable on Windows using standard test names.
A workaround to bisecting to failures before this CL is to replace the
test_name by something like "mjsunit/regress\regress-1138075", i.e.
using this on the command line to trigger flako:
-p 'test_name="mjsunit/regress\\regress-1138075"'

R=liviurau@chromium.org

Bug: v8:9218
Change-Id: I37596efcaeca780eeacb27c2841fe8302ddb1e49
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3081610
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76222}
2021-08-11 09:25:23 +00:00
Camillo Bruni
8e945ced4d [api] Advance deprecation
Marking V8_DEPRECATE_SOON from versions <= v9.1 as V8_DEPRECATED.

Drive-by-fix:
- list_deprecated.py handles non-committed deprecations

Bug: v8:11165
Change-Id: I432e401d9d8d131d423c6a58ff9694abce87cef7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3085275
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76213}
2021-08-10 21:54:32 +00:00
Camillo Bruni
1696814c19 [tools] Update deprecation listing script
- Show commit hash
- Show V8 version number
- Update to py3

Bug: v8:11165
Change-Id: I170000a77532dfb54b0261fc5de06a556f0de30c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3081612
Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76188}
2021-08-10 08:42:59 +00:00
Sathya Gunasekaran
7df6678c32 [api] Implement signature checks using instance types
Rather than depending on slow signature checks, receiver type checks are
performed using fast numeric instance type checks.

This CL adds a instance type range for embedders to assign values and
uses these to perform type checks.

Bug: v8:11476
Change-Id: Ie8236ae47ca0ba93ae76a7e690b81aa0a2b0f3e2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2883623
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Sathya Gunasekaran  <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76162}
2021-08-09 11:01:15 +00:00
Mythri A
ef7d657960 [sparkplug] Add support to flush only baseline code
Add support to flush only baseline code. FLAG_flush_baseline_code
controls if baseline code is flushed or not and FLAG_flush_bytecode
controls if bytecode is flushed or not. With this CL it is possible
to control if we want to flush only bytecode / only baseline code / both.
This also lets us have different heuristics for bytecode and baseline
code flushing.

Bug: v8:11947
Change-Id: Ibdfb9d8be7e7d54196db7890541fa0b5d84f037e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3060481
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76075}
2021-08-04 08:22:18 +00:00
Thibaud Michaud
27a517b892 [wasm][eh] Add WebAssembly.Exception.getArg()
Also introduce a separate error type for WebAssembly.Exception,
since the properties should not be added to RuntimeError.

R=jkummerow@chromium.org

Bug: v8:11992
Change-Id: I8f4ae0da9a95184366e07dc43e58a5a9ff4382ae
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3055304
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76061}
2021-08-03 14:25:50 +00:00
Mythri A
06697f7a82 Rename stress_flush_bytecode to stress_flush_code
stress_flush_bytecode controls stress flushing of both bytecode and
baseline code. So rename the flag to better reflect its functionality

Bug: v8:11947
Change-Id: Ie6c124a476c3a7c6eabd1d75de030ee15fe78e32
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3062567
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76043}
2021-08-02 19:02:57 +00:00
Michael Achenbach
bc560eaeb7 [release] Make auto-push process use the bot-commit label
This lands the CLs for creating V8 roll branches without TBR.

No-Try: true
Bug: chromium:1176141
Change-Id: I67defe7e0337f6beb3db2e198dc2cf87f1345ec1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3067320
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76038}
2021-08-02 13:34:26 +00:00
legendecas
d63ca69c22 [builtins] Implement Array#findFromLast and friends
This proposal reached Stage 3 at the July 2021 TC39.

https://github.com/tc39/proposal-array-find-from-last

Bug: v8:11990
Change-Id: I1364b46b7ed4bc56e4b3024d14bde799f9878b5a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3037160
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76007}
2021-07-29 19:37:15 +00:00
Thibaud Michaud
d66cc11c2f [wasm][eh] Rename exception to tag
The JS API constructor was renamed to "WebAssembly.Tag" to match the
spec:
https://github.com/WebAssembly/exception-handling/issues/159

Rename "exception" to "tag" throughout the codebase for consistency with
the JS API, and to match the spec terminology (e.g. "tag section").

R=clemensb@chromium.org,nicohartmann@chromium.org

Bug: v8:11992
Change-Id: I63f9f3101abfeefd49117461bd59c594ca5dab70
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3053583
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75994}
2021-07-29 12:09:02 +00:00
Michael Achenbach
fb0a2ea25e Revert "Reland "[build] Add V8-specific dcheck_always_on""
This reverts commit 67960ba110.

Reason for revert:
This has been properly fixed by https://crrev.com/c/3053740.
Now dcheck_always_on already defaults to false for subprojects
like V8 and no other switch is required. The switch didn't fully
work anyways due to https://crbug.com/1231890.

Original change's description:
> Reland "[build] Add V8-specific dcheck_always_on"
>
> This is a reland of cecc666f4d
>
> Depends on:
> https://crrev.com/c/3043611
>
> Original change's description:
> > [build] Add V8-specific dcheck_always_on
> >
> > This makes the V8 dcheck control independent of Chromium's and
> > prepares switching Chromium's default behavior without affecting V8
> > developers or builders.
> >
> > Preparation for: https://crrev.com/c/2893204
> >
> > Bug: chromium:1225701
> > Change-Id: I520b96019b04196f4420716ff3500ebd6c21666f
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3038528
> > Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> > Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#75827}
>
> Bug: chromium:1225701
> Change-Id: I56568b78592addba01793d2d14f768c9ee10103d
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041670
> Reviewed-by: Liviu Rau <liviurau@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75839}

Bug: chromium:1225701, chromium:1231890
Change-Id: I7e27f5774d8e162977f30f685da4b15dadcc1084
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3055294
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75935}
2021-07-27 11:14:57 +00:00
Andreas Haas
621686c14d [gm] Add 'dcheck_always_on = false' to release builds
Chrome started to enable dcheck by default in release builds that are
not official builds. Add 'dcheck_always_on = false' to release builds
in V8 to allow reasonable performance measurements.

NOTRY=true

R=jkummerow@chromium.org

Bug: v8:11879
Change-Id: I05f192fdcd5ebe5b1a82eb6f2d1648eaf6d4b527
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3048186
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75908}
2021-07-26 10:24:35 +00:00
Michael Achenbach
8b385ee8e9 [release] Remove obsolete account from CC lists
No-Try: true
Bug: v8:12020
Change-Id: I1b6659c7017b2843a513d81331e6ac67666ef04d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3053572
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Lutz Vahl <vahl@chromium.org>
Reviewed-by: Lutz Vahl <vahl@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75902}
2021-07-26 07:48:47 +00:00
Ross McIlroy
86e324bb57 [Test] stress-concurrent-inlining and turboprop are incompatible flags.
Adds incompatibility between future/turboprop variants and stress-concurrent-inlining
due to incompatibility from both configs weakly setting --interrupt-budget. Also ensures
we maintain this incompatibility if --future is passed as an extra flag as is done on
some bots.

BUG=v8:9684

Change-Id: I4855b92a64db00da15efc2384e241d4bf0c373c2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041677
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75853}
2021-07-22 08:56:25 +00:00
Seth Brenith
f30f481525 [torque] Invert the default for @generateCppClass
Since most Torque-defined extern classes use @generateCppClass, it makes
more sense to instead annotate the small number that don't. This is part
of the cleanup work that Nico recommended in [1].

Classes that still have to opt out:

- Those that can be converted by https://crrev.com/c/3015666
- HeapObject: sort of special since it's the root of the inheritance
  hierarchy. Generated code would include two declarations that don't
  compile until HeapObject is defined:
    bool IsHeapObject_NonInline(HeapObject o);
    explicit TorqueGeneratedHeapObject(
        Address ptr, HeapObject::AllowInlineSmiStorage allow_smi);
- SmallOrdered*: these classes use templates on the C++ side, which is
  not currently representable in Torque.
- SwissNameDictionary: according to a comment, the Torque generation for
  this class is incorrect. I haven't investigated further.

Drive-by fix: make the Torque formatter keep LF on Windows rather than
writing CRLF.

[1] https://docs.google.com/document/d/1q_gZLnXd4bGnCx3IUfbln46K3bSs9UHBGasy9McQtHI/edit#

Bug: v8:8952
Change-Id: I1fbb5290f0c645842b84c53816c09bb3398206a5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3028721
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#75841}
2021-07-21 15:21:00 +00:00
Michael Achenbach
67960ba110 Reland "[build] Add V8-specific dcheck_always_on"
This is a reland of cecc666f4d

Depends on:
https://crrev.com/c/3043611

Original change's description:
> [build] Add V8-specific dcheck_always_on
>
> This makes the V8 dcheck control independent of Chromium's and
> prepares switching Chromium's default behavior without affecting V8
> developers or builders.
>
> Preparation for: https://crrev.com/c/2893204
>
> Bug: chromium:1225701
> Change-Id: I520b96019b04196f4420716ff3500ebd6c21666f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3038528
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75827}

Bug: chromium:1225701
Change-Id: I56568b78592addba01793d2d14f768c9ee10103d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041670
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75839}
2021-07-21 14:25:24 +00:00
Zhi An Ng
a1472dc1cc Revert "[build] Add V8-specific dcheck_always_on"
This reverts commit cecc666f4d.

Reason for revert: Many crashes on clusterfuzz bots https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Clusterfuzz%20Win64%20ASAN%20-%20release%20builder/23404/overview

Original change's description:
> [build] Add V8-specific dcheck_always_on
>
> This makes the V8 dcheck control independent of Chromium's and
> prepares switching Chromium's default behavior without affecting V8
> developers or builders.
>
> Preparation for: https://crrev.com/c/2893204
>
> Bug: chromium:1225701
> Change-Id: I520b96019b04196f4420716ff3500ebd6c21666f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3038528
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75827}

Bug: chromium:1225701
Change-Id: I20329f77707caf8fba2405919aa13c67811a1469
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3042841
Auto-Submit: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75830}
2021-07-20 22:06:20 +00:00
Michael Achenbach
cecc666f4d [build] Add V8-specific dcheck_always_on
This makes the V8 dcheck control independent of Chromium's and
prepares switching Chromium's default behavior without affecting V8
developers or builders.

Preparation for: https://crrev.com/c/2893204

Bug: chromium:1225701
Change-Id: I520b96019b04196f4420716ff3500ebd6c21666f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3038528
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75827}
2021-07-20 17:56:20 +00:00
Ross McIlroy
cdbd66954e Reland: [Turboprop] Turboprop is the future.
Enable --turboprop in the --future config.

BUG=v8:9684

Change-Id: I1a419b64eaa59c1425b8327c9c3e2cfde9e099a7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3038530
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75825}
2021-07-20 17:53:49 +00:00
Clemens Backes
180a8ca840 Reland "[traphandler] Add simulator support"
This is a reland of 431fff66f5.
The fix is in BUILD.gn: We need to also include chromeos, which is a
linux target which is not covered by "is_linux" in gn.

R=ahaas@chromium.org

Original change's description:
> [traphandler] Add simulator support
>
> This prepares the trap handler to support being used from simulators.
> Modifications to the arm64 simulator will be done in a follow-up CL. For
> now, the trap handler will be registered but not used in Wasm (we emit
> explicit bounds checks instead, as before).
>
> The implementation uses inline assembly, so it is only available on x64
> POSIX systems for now. This is the main platform we use for testing and
> for fuzzing, so it should give us the test coverage we need. If needed,
> inline assembly for other platforms can be added later.
> The new code will be executed by the existing arm64 simulator bots, e.g.
> "V8 Linux - arm64 - sim".
>
> R=ahaas@chromium.org, mseaborn@chromium.org
>
> Bug: v8:11955
> Change-Id: Idc50291c704d9dea902ae0098e5309f19055816c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3011160
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75780}

Bug: v8:11955
Change-Id: I8af39dea5b2cd3fa5418170a458832b3d6075107
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3040844
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75809}
2021-07-20 10:20:40 +00:00
Marja Hölttä
607f1fdb06 Reland "[rab/gsab] Update to the new spec"
- Remove ResizableArrayBuffer / GrowableSharedArrayBuffer constructors,
use options bags
- Add AB.prototype.resizable and SAB.prototype.growable
- Update receiver checks in (S?)AB.prototype methods

Previous try: https://chromium-review.googlesource.com/c/v8/v8/+/3021174

Bug: v8:11111
Change-Id: Ib4e98aa987826fd01bfdcf7688310ec0665f33ca
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3035770
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75803}
2021-07-20 08:02:29 +00:00
Clemens Backes
0858134396 Revert "[traphandler] Add simulator support"
This reverts commit 431fff66f5.

Reason for revert: Causes link error in chrome: https://ci.chromium.org/ui/p/chromium/builders/ci/Linux%20ChromiumOS%20MSan%20Builder/24667/overview

Original change's description:
> [traphandler] Add simulator support
>
> This prepares the trap handler to support being used from simulators.
> Modifications to the arm64 simulator will be done in a follow-up CL. For
> now, the trap handler will be registered but not used in Wasm (we emit
> explicit bounds checks instead, as before).
>
> The implementation uses inline assembly, so it is only available on x64
> POSIX systems for now. This is the main platform we use for testing and
> for fuzzing, so it should give us the test coverage we need. If needed,
> inline assembly for other platforms can be added later.
> The new code will be executed by the existing arm64 simulator bots, e.g.
> "V8 Linux - arm64 - sim".
>
> R=​ahaas@chromium.org, mseaborn@chromium.org
>
> Bug: v8:11955
> Change-Id: Idc50291c704d9dea902ae0098e5309f19055816c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3011160
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75780}

Bug: v8:11955
Change-Id: I74d2e41864fc515bd9727898f12ec1498b97ee62
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3040839
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75798}
2021-07-20 06:02:14 +00:00
Seth Brenith
daa7abe3ea [cleanup] Make tq field names match C++ accessor names
I've noticed a few places where class fields as defined in Torque have
different names than the corresponding accessors in the C++ class. I
think they should match. Most of this change is just mechanically
updating the various places that use k##Field##Offset for those fields.

Change-Id: I8ba52aed7f6a1cd6b2d71158f71150b66c2c0da0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3027263
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75796}
2021-07-19 20:11:58 +00:00
Jakob Gruber
e677a9e33d [flags] Move --regexp-interpret-all implication to flag-definitions
The new flags implementation can handle these kinds of implications.

Change-Id: I97cb5adbe00e4c6d92d13b4378582b4035c36475
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3030707
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75784}
2021-07-19 11:21:24 +00:00
Clemens Backes
abf4525831 Revert "[Turboprop] Turboprop is the future."
This reverts commit 09b066578f.

Reason for revert: Failures in TSan future: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20no-concurrent-marking/4731/overview

Original change's description:
> [Turboprop] Turboprop is the future.
>
> Enable --turboprop in the --future config.
>
> BUG=v8:9684
>
> Change-Id: I405832c2ef0e1b80200a8b8090d7672461cd9e00
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3035762
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Mythri Alle <mythria@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75779}

Bug: v8:9684
Change-Id: I4ae2a51174565b3e773f4b5cb0f0cb652ca20111
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3035776
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75781}
2021-07-19 10:40:15 +00:00
Clemens Backes
431fff66f5 [traphandler] Add simulator support
This prepares the trap handler to support being used from simulators.
Modifications to the arm64 simulator will be done in a follow-up CL. For
now, the trap handler will be registered but not used in Wasm (we emit
explicit bounds checks instead, as before).

The implementation uses inline assembly, so it is only available on x64
POSIX systems for now. This is the main platform we use for testing and
for fuzzing, so it should give us the test coverage we need. If needed,
inline assembly for other platforms can be added later.
The new code will be executed by the existing arm64 simulator bots, e.g.
"V8 Linux - arm64 - sim".

R=ahaas@chromium.org, mseaborn@chromium.org

Bug: v8:11955
Change-Id: Idc50291c704d9dea902ae0098e5309f19055816c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3011160
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75780}
2021-07-19 09:45:04 +00:00
Ross McIlroy
09b066578f [Turboprop] Turboprop is the future.
Enable --turboprop in the --future config.

BUG=v8:9684

Change-Id: I405832c2ef0e1b80200a8b8090d7672461cd9e00
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3035762
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75779}
2021-07-19 09:44:25 +00:00
Marja Hölttä
00d556f026 Revert "[rab/gsab] Update to the new spec"
This reverts commit 6207d61ff8.

Reason for revert: Incorrect implementation of the flag-not-on case.

Original change's description:
> [rab/gsab] Update to the new spec
>
> - Remove ResizableArrayBuffer / GrowableSharedArrayBuffer constructors,
> use options bags
> - Add AB.prototype.resizable and SAB.prototype.growable
> - Update receiver checks in (S?)AB.prototype methods
>
> Bug: v8:11111
> Change-Id: I4f8cb71a4c8e07483a3ffad83d98129da162b839
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3021174
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Shu-yu Guo <syg@chromium.org>
> Commit-Queue: Marja Hölttä <marja@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75761}

Bug: v8:11111, chromium:1230129, chromium:1230408
No-Try: True
Tbr: mlippautz@chromium.org
Change-Id: I25aa10cb3dc20fdaeb45e6169fc01eec9a89f72c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3038061
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75778}
2021-07-19 08:12:24 +00:00
Ross McIlroy
2114287c47 [Turboprop] Improve tierup heuristics for Turboprop
Slightly lowers the interrupt budget for Turboprop and increases the
interrupt budget scaling factor for TurboFan. This gives the best
balance between benchmark performance and reducing optimization
overhead.

BUG=v8:9684

Change-Id: I6d555fb27d089bc8a6849612a4e02b2155020d85
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3026713
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75764}
2021-07-16 15:13:32 +00:00
Marja Hölttä
6207d61ff8 [rab/gsab] Update to the new spec
- Remove ResizableArrayBuffer / GrowableSharedArrayBuffer constructors,
use options bags
- Add AB.prototype.resizable and SAB.prototype.growable
- Update receiver checks in (S?)AB.prototype methods

Bug: v8:11111
Change-Id: I4f8cb71a4c8e07483a3ffad83d98129da162b839
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3021174
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75761}
2021-07-16 13:41:31 +00:00
Maya Lekova
7ce43b703e [fastcall] Fix the syntax of stress_snapshot entry
This CL fixes the syntax of an entry in variants.py for stress_snapshot
(which got introduced in
https://chromium-review.googlesource.com/c/v8/v8/+/3024147).

Change-Id: I8e25ce26d546a022dbf9c038719f3e7cfac1d250
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3031898
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75748}
2021-07-16 09:57:16 +00:00
Z Nguyen-Huu
f50e72a5ac [v8windbg] Fix jsstack command to skip unavailable fields
Change-Id: I5682c2b1ac80e0f8cbdff5f841e61f08a99ca6bc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3022316
Reviewed-by: Seth Brenith <seth.brenith@microsoft.com>
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#75713}
2021-07-14 00:01:52 +00:00
Maya Lekova
ab686080c5 [fastcall] Simplify test config with stress_snapshot
Mark --turbo-fast-api-calls flag as incompatible with stress_snapshot
variant to avoid listing all related tests in the status file.

Change-Id: If130780461e50e72ea6a43d750b2f7ad7764db2e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3024147
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75705}
2021-07-13 13:22:26 +00:00
Santiago Aboy Solanes
433ff6b946 [turbolizer] Solve off-by-one source position error for non-Wasm
Wasm has the attribute sourceLineToBytecodePosition and adds the source
lines via setSourceLineToBytecodePosition in which they are 0-based.
Non-Wasm doesn't have that attribute and uses insertSourcePositions
which is 1-based. In non-wasm we are being off by one.
As a note, the sourcePositionsInRange call in insertSourcePositions
doesn't return a list for Wasm since they rely on
setSourceLineToBytecodePosition and therefore do not have that
off-by-one error.

Drive-by: Several elements have the same source position so update
addHtmlElementToSourcePosition to handle more than one element.

Drive-by: Renames due to having the same name but different
capitalization, which was confusing.

Bug: v8:7327
Change-Id: Ie8a066ca629054a5f5a754deec0ed1917bed2b33
Notry: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008634
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75655}
2021-07-09 09:07:54 +00:00
Michael Achenbach
b195a94263 Whitespace change to trigger bots
No-Try: true
Bug: chromium:1226476
Change-Id: I844e634080a85377b1e4a72a7592b58cc81dfccd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3015569
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75651}
2021-07-09 08:17:54 +00:00
Ng Zhi An
bb78e62810 [tools] Default to printing $pc when jco is called without args
This makes jco on gdb behave the same as jco on lldb.

Bug: v8:11879
Change-Id: Id6a338878d518984986d2b719588966ee09de3c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3000956
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75620}
2021-07-07 17:24:01 +00:00
Victor Gomes
71cb8b331c [tools] Remove deprecated scripts for Node
These scripts are not used nor maintained anymore by V8.
We use https://chromium.googlesource.com/v8/node-ci/.

Node.js is now taking ownership of these scripts:
https://github.com/nodejs/node/pull/39222

Change-Id: I5600f3725d1ff9f78733952e5905faef0195a188
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3000966
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75596}
2021-07-07 09:46:26 +00:00
Santiago Aboy Solanes
a2b76fa7c3 [turbolizer] Solve bug where the node 0 was not being selected
In the schedule phase (and only in this phase!) the node 0 was not
being selected due to `!0` being true. We meant to be checking
against undefined rather than this.

Bug: v8:7327
Notry: true
Change-Id: Ie675979219868725b0e345065cec7a2a7091fda8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008215
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75585}
2021-07-06 13:03:57 +00:00
Santiago Aboy Solanes
f89ecbb1a7 [turbolizer] Connect the register allocation phase with the other panels
Now we can click any panel and connect to the others via highlight. Note
that we do not have a bijection between panels and (e.g. one node can be
several instructions in the generated code.

Bug: v8:7327, v8:11192
Notry: true
Change-Id: Idfabce98bfdfc1b6cd26d540e6f0bbac47754de1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3001175
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75576}
2021-07-06 08:44:40 +00:00
Santiago Aboy Solanes
4069580792 [turbolizer] Make the instructions in register allocator highlightable
Now, when we click an instruction in the register allocation phase we
will have highlighted both the middle panel and right panel.
Previously only the right panel was highlighted.

Note that the reverse is not yet true (i.e. clickin the right panel
does not highlight the middle panel).

Bug: v8:7327
Notry: true
Change-Id: Ia45d54a33587eac3706d5fbf56e01f19d6f94144
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3001170
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75575}
2021-07-06 08:38:01 +00:00
Santiago Aboy Solanes
d3e4498449 [turbolizer] Link the source text and disassembly code
If you now click a line number on the source panel (left panel) you will
get the nodes (middle panel) highlighted and the disassembly code (right
panel). As a bonus, you can click on the middle or right panels and get
the same result (i.e. you can click on a disassembly instruction and see
the highlighted source text and nodes).

Note that not all source text has a node or disassembly instruction
associated with it.

Bug: v8:7327, v8:11192
Notry: true
Change-Id: Ia20aff02407e0d9d118c26a0b5895ee521288565
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3000965
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75574}
2021-07-06 08:32:50 +00:00
Camillo Bruni
e4494edd6d [tools] Add README.md file and package.json for local development
Bug: v8:10644
Change-Id: Ic8fa0100a1e276f6c8f7c70b325718d5bdf9123e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3001349
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75569}
2021-07-05 16:43:28 +00:00
Liviu Rau
b844d0f4b7 Build clang for gcmole bootstrap
Bug: v8:11169
Change-Id: I32e9bb1f91c9583e900c96e158d66407d5560868
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3003466
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75555}
2021-07-05 12:39:37 +00:00
Camillo Bruni
212d6678e7 [tools][system-analyzer] Various improvements
- Change Group.prototype.size to .length
- Use window.requestAnimationFrame when streaming-loading files to show
  the loading animation
- Limit width of the timeline-track legend and add 'title' attribute
  to show the full text when cropped
- Add duration for selected timeline events in timeline-track legend
- Better error message when the local symbol server is not available

Bug: v8:10644
Change-Id: Icdf2042341c9355ecb55e2fd8e6a4fa0feb5968f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3003151
Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75549}
2021-07-05 09:12:57 +00:00
Ng Zhi An
4a13063eae [tools] Set up source map for lldb
With relative paths in the debug symbols, lldb cannot find the source
files, so set up a source map to direct "../.." to V8 root. This is
similar to what Chromium does in src/tools/lldb/lldbinit.py.

Bug: v8:11879
Change-Id: Ic6126aacafa7e3462c69da538a9528041c92ef00
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2998517
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75521}
2021-07-01 18:04:17 +00:00
Michaël Zasso
0e9c483c77 Fetch googletest for Node.js
The files that Node.js checks in source control are not enough
for BUILD.gn.

Change-Id: I84f4794b9354bf8a4006965cc84d8610ea3a1a7e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2991647
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75503}
2021-07-01 11:01:37 +00:00
Camillo Bruni
f2d079bc97 [tools][system-analyzer] Add local symbol server
Start a local symbol server using the local-web-sever node package:
   ws --stack system-analyzer/lws-middleware.js lws-static cors

The system-analyzer will then use it to symbolize profiles.

Note: The symbol server will execute `nm` and `objdump` locally.

Change-Id: Icff6e9f5af24f214f353c049f5cd13eedccf0f88
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979591
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75501}
2021-07-01 09:59:17 +00:00
Ng Zhi An
c83501448b [tools] Fix lldb_commands jco by casting call
Currently, running jco gives us an error message like so:

(lldb) jco $pc
Failed to evaluate command _v8_internal_Print_Code((void*)($pc)) :
error: <user expression 0>:1:1: '_v8_internal_Print_Code' has unknown
return type; cast the call to its declared return type
_v8_internal_Print_Code((void*)($pc))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The fix is to cast the call to (void). I've only used and found this
issue with jco, but I think the other commands have the same issue, so
fixing those together here.

FYI I am using lldb version 11.

Bug: v8:11879
Change-Id: Id9d8e8091fd011585e6fea863de5b4d7c9d47c5a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2994764
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75487}
2021-06-30 18:00:36 +00:00