Commit Graph

11519 Commits

Author SHA1 Message Date
Leszek Swirski
b223262da5 Revert "Mark json-parser-recursive as slow"
This reverts commit 71e27849bb.

Reason for revert: As of https://crrev.com/c/3059685 it's fast.

Original change's description:
> Mark json-parser-recursive as slow
>
> Bug: v8:12029
> Change-Id: I0d25f8c844c9826e10ca2ccc6beb385439e97dde
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3058451
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Commit-Queue: Zhi An Ng <zhin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75968}

Bug: v8:12029
Change-Id: I9536adbe4d8434e44d3e113104694baa3b3cea47
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3059687
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75977}
2021-07-29 08:08:50 +00:00
Leszek Swirski
89cf666e14 [test] Lower the stack size & iterations on JSON test
The test makes sure that JSON parsing doesn't stack overflow if given a
deeply nested JSON object. This deep nesting makes the test slow, so we
can test ~the same thing by lowering both the nesting and the stack
size.

Bug: v8:12029
Change-Id: I689ffc1b9db167a1cf1de93beeb09c89e03264a4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3059685
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75976}
2021-07-29 08:07:48 +00:00
Ng Zhi An
71e27849bb Mark json-parser-recursive as slow
Bug: v8:12029
Change-Id: I0d25f8c844c9826e10ca2ccc6beb385439e97dde
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3058451
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75968}
2021-07-28 18:09:06 +00:00
Jakob Gruber
e8fd93689e [compiler] Thread-safe Map::ComputeMinObjectSlack
ComputeMinObjectSlack is called concurrently from background threads
(when --concurrent-inlining) and must therefore be thread-safe.

This CL adds a compiler-specific thread-safe variant
of ComputeMinObjectSlack in addition to the plain old non-thread-safe
one. Thread-safety is achieved through locking: on the bg thread, a
shared lock when traversing transitions, and on the main thread, an
additional exclusive critical section when overwriting prototype
transitions.

Tbr: leszeks@chromium.org
Bug: v8:7790,v8:12010,chromium:1231901
Change-Id: If5af83df1ab896b22477921449fb5ba4c8d3e8a3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3045342
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75949}
2021-07-28 06:05:36 +00:00
Marja Hölttä
8c9fc13a4a [rab/gsab] TypedArray.prototype.fill: Support rab / gsab
Bug: v8:11111
Change-Id: I09e918a3f8c50e10691c8ab4718b7c4ae9184000
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3055303
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75946}
2021-07-27 17:07:04 +00:00
Jakob Kummerow
8c057f1736 [bigint] Define V8_ADVANCED_BIGINT_ALGORITHMS everywhere
It was previously only passed to compilation units in src/bigint/,
but inconsistencies arise when it's not passed to other compilation
units that #include src/bigint/bigint.h.

Fixed: chromium:1233397
Change-Id: Idb310d8c13bad12766699086574aa2c3869eb56c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3056452
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75941}
2021-07-27 15:17:34 +00:00
Thibaud Michaud
b86db1396a [wasm][eh] Encode values in WebAssembly.Exception
R=jkummerow@chromium.org

Bug: v8:11992
Change-Id: If62f2cdc080364dec796a836321110bf571769ef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3049075
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75937}
2021-07-27 13:23:07 +00:00
Michael Achenbach
fb0a2ea25e Revert "Reland "[build] Add V8-specific dcheck_always_on""
This reverts commit 67960ba110.

Reason for revert:
This has been properly fixed by https://crrev.com/c/3053740.
Now dcheck_always_on already defaults to false for subprojects
like V8 and no other switch is required. The switch didn't fully
work anyways due to https://crbug.com/1231890.

Original change's description:
> Reland "[build] Add V8-specific dcheck_always_on"
>
> This is a reland of cecc666f4d
>
> Depends on:
> https://crrev.com/c/3043611
>
> Original change's description:
> > [build] Add V8-specific dcheck_always_on
> >
> > This makes the V8 dcheck control independent of Chromium's and
> > prepares switching Chromium's default behavior without affecting V8
> > developers or builders.
> >
> > Preparation for: https://crrev.com/c/2893204
> >
> > Bug: chromium:1225701
> > Change-Id: I520b96019b04196f4420716ff3500ebd6c21666f
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3038528
> > Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> > Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#75827}
>
> Bug: chromium:1225701
> Change-Id: I56568b78592addba01793d2d14f768c9ee10103d
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041670
> Reviewed-by: Liviu Rau <liviurau@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75839}

Bug: chromium:1225701, chromium:1231890
Change-Id: I7e27f5774d8e162977f30f685da4b15dadcc1084
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3055294
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75935}
2021-07-27 11:14:57 +00:00
Jakob Gruber
7e97b2cffb [regexp] Remove experimental mode modifiers feature
The implementation came in with
https://chromium-review.googlesource.com/758999.

This feature was never enabled by default, is not used anywhere, and
is not on any standardization path.

Bug: v8:10953
Change-Id: Ia2b0a556c1fb504a4cd05bdfa9f0a9c5be608d26
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3053589
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75934}
2021-07-27 08:43:03 +00:00
Jakob Kummerow
a8ef7683f2 [bigint] Fix length of '0' sequences in fast .toString()
Bug: v8:11515
Change-Id: I1353726c9e81c3601258202fe56c05ffd16a4a25
Fixed: chromium:1232733
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3054112
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75927}
2021-07-26 16:46:13 +00:00
Marja Hölttä
c1f438f8d4 [rab/gsab] Fix length-tracking TAs with offsets
Bug: v8:11111
Change-Id: I7ff82d1699701dfa38af1da447f0b40a2a2c97b5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3053586
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75914}
2021-07-26 12:54:36 +00:00
Mythri A
43ad23f6be [turboprop] Fix inlined-call-polymorphic to work with turboprop
In inlined-call-polymorphic we need value numbering phase to
deduce that TurbofanStaticAssert is always true. Turboprop doesn't
enable this phase. So use %OptimizeFunctionTopTier so this function
always tiers up to TurboFan.

Bug: v8:12013
Change-Id: I803bddaca8cb0ba0ad56cbd9874d90b118698e3f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3053579
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75913}
2021-07-26 12:24:16 +00:00
Thibaud Michaud
20ac07eae6 [wasm][eh] Add Exception constructor
The WebAssembly.Exception constructor creates a WasmExceptionPackage,
which represents an exception thrown from wasm. The first argument is a
WebAssembly.Tag, and the rest are the values to encode in the exception.

R=jkummerow@chromium.org

Bug: v8:11992
Change-Id: I1327b2e4545159397ffe73a061aa577608167b74
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3049074
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75912}
2021-07-26 11:53:37 +00:00
Clemens Backes
5e90a612f5 Reland "[liftoff][arm64] Zero-extend offsets also for SIMD"
This is a reland of b99fe75c6d.
The test is now skipped on non-SIMD hardware.

Original change's description:
> [liftoff][arm64] Zero-extend offsets also for SIMD
>
> This extends https://crrev.com/c/2917612 also for SIMD, which
> (sometimes) uses the special {GetMemOpWithImmOffsetZero} method.
> As part of this CL, that method is renamed to {GetEffectiveAddress}
> which IMO is a better name. Also, it just returns a register to make the
> semantic of that function obvious in the signature.
>
> Drive-by: When sign extending to 32 bit, only write to the W portion of
>           the register. This is a bit cleaner, and I first thought that
>           this would be the bug.
>
> R=jkummerow@chromium.org
> CC=​thibaudm@chromium.org
>
> Bug: chromium:1231950, v8:12018
> Change-Id: Ifaefe1f18e3a00534a30c99e3c37ed09d9508f6e
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3049073
> Reviewed-by: Zhi An Ng <zhin@chromium.org>
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75898}

TBR=zhin@chromium.org
CC=jkummerow@chromium.org, thibaudm@chromium.org

Bug: chromium:1231950, v8:12018
Change-Id: I662b62fafe99389be7a6c23b970fdf3768f866cf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3051610
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75901}
2021-07-24 07:43:41 +00:00
Michael Achenbach
7b455bf2b9 Revert "[liftoff][arm64] Zero-extend offsets also for SIMD"
This reverts commit b99fe75c6d.

Reason for revert:
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux/43105

Original change's description:
> [liftoff][arm64] Zero-extend offsets also for SIMD
>
> This extends https://crrev.com/c/2917612 also for SIMD, which
> (sometimes) uses the special {GetMemOpWithImmOffsetZero} method.
> As part of this CL, that method is renamed to {GetEffectiveAddress}
> which IMO is a better name. Also, it just returns a register to make the
> semantic of that function obvious in the signature.
>
> Drive-by: When sign extending to 32 bit, only write to the W portion of
>           the register. This is a bit cleaner, and I first thought that
>           this would be the bug.
>
> R=​jkummerow@chromium.org
> CC=​​thibaudm@chromium.org
>
> Bug: chromium:1231950, v8:12018
> Change-Id: Ifaefe1f18e3a00534a30c99e3c37ed09d9508f6e
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3049073
> Reviewed-by: Zhi An Ng <zhin@chromium.org>
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75898}

Bug: chromium:1231950, v8:12018
Change-Id: I4e7a9d6fa6809b7c4d9be919cd5698737d784849
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3049085
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75900}
2021-07-23 20:23:21 +00:00
Clemens Backes
b99fe75c6d [liftoff][arm64] Zero-extend offsets also for SIMD
This extends https://crrev.com/c/2917612 also for SIMD, which
(sometimes) uses the special {GetMemOpWithImmOffsetZero} method.
As part of this CL, that method is renamed to {GetEffectiveAddress}
which IMO is a better name. Also, it just returns a register to make the
semantic of that function obvious in the signature.

Drive-by: When sign extending to 32 bit, only write to the W portion of
          the register. This is a bit cleaner, and I first thought that
          this would be the bug.

R=jkummerow@chromium.org
CC=​thibaudm@chromium.org

Bug: chromium:1231950, v8:12018
Change-Id: Ifaefe1f18e3a00534a30c99e3c37ed09d9508f6e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3049073
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75898}
2021-07-23 19:17:31 +00:00
Vicky Kontoura
8439314db5 [web snapshot] Support classes
This CL adds support for classes with methods.

More specifically:
- A new ValueSerializer is added and classes are serialized separetely
from functions, although the common parts are handled in the same way
and abstracted away.
- The function prototype is serialized as an object and any missing
information is set up again during deserialization.
- FunctionFlagsToFunctionKinds() is updated to allow for more function
kinds.
- Context serialization is updated to support serializing BlockContexts
and creating ScopeInfos of type CLASS_SCOPE.
- Map serialization is updated to support properties with custom
attributes.

Bug: v8:11525, v8:11706
Change-Id: I16ca7cbc17b1811721081cda05124ce36073f9be
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3006416
Commit-Queue: Vicky Kontoura <vkont@google.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75893}
2021-07-23 17:30:24 +00:00
Maya Lekova
f287e90103 [test] Disable test incompatible with single_generation
Bug: chromium:1052746
Change-Id: I169c4f7d9f17644ac12c234f8bde72c77e940128
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3048187
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75887}
2021-07-23 13:43:23 +00:00
Paolo Severini
6a5568b48e [compiler] Wrong receiver in API calls with --turbo-optimize-apply
Enabling --turbo-optimize-apply breaks tests because we are
passing the wrong receiver;
in JSCallReducer::ReduceCallOrConstructWithArrayLikeOrSpread
we create a Call node with the wrong ConvertReceiverMode, we
pass kNullOrUndefined while it should be kAny. This may break
calls to API or in general calls to functions that use the
receiver.

Bug: chromium:1231108, v8:9974
Change-Id: Ib35a1bf8746ad254b6d63274f3ae11b12aa83de8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3043690
Commit-Queue: Paolo Severini <paolosev@microsoft.com>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75886}
2021-07-23 13:29:54 +00:00
Maya Lekova
74e984a7b4 [test] Skip incompatible test on stress_snapshot
Bug: chromium:1052746
Change-Id: Ibd93c5651384e489d3c41800dfc3b1bdd397c637
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3048182
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75882}
2021-07-23 13:05:44 +00:00
Marja Hölttä
1e7effd113 [rab/gsab] Fix gsab maxByteLength after transferring to worker
Bug: v8:11111
Change-Id: I41a318d3858e48035ae67e937420e2963a13d871
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3035091
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75878}
2021-07-23 09:30:33 +00:00
Maya Lekova
66856bacdc Reland "[fastcall] Implement support for TypedArray arguments"
This is a reland of 84d5b027a7

It removes support for 8-byte types which were causing
unaligned reads.

Original change's description:
> [fastcall] Implement support for TypedArray arguments
>
> This CL adds TypedArrays as supported arguments for fast API calls.
> It implements "exact type" matching, i.e. if Float32Array is expected
> and e.g. Int32Array is passed instead, the generated code bails to the
> slow callback.
>
> Bug: chromium:1052746, chromium:1018624
> Change-Id: I01d4e681d2b367cbb57b06effcb591c090a23295
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2999094
> Commit-Queue: Maya Lekova <mslekova@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75756}

Bug: chromium:1052746, chromium:1018624
Change-Id: I872716d95bde8c340cf04990a3e4ae8ec8cd74a2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3035090
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75877}
2021-07-23 09:19:04 +00:00
legendecas
606e9087b1 [init] Error cause should not present on Error.prototype
According to the spec https://tc39.github.io/proposal-error-cause,
the property 'cause' should not present on Error.prototype.

Bug: v8:12006
Change-Id: Ib1601769793b808c5f5a7065effcc77d1def4cbb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3037911
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75872}
2021-07-23 06:38:46 +00:00
Andreas Haas
5a2ef2b935 [wasm] Disable mjsunit/wasm/atomics on arm bots
The test is flaky on that hardware but seems to work just fine on other
arm hardware.

R=machenbach@chromium.org

Bug: v8:10948
Change-Id: Ic60cc23c1b4825623a91e3defcd21eada74554a4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3043954
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75867}
2021-07-22 16:46:49 +00:00
Ross McIlroy
2990658ea2 [Tests] Add %OptimizeFunctionForTopTier test function
And use it to remove the set of TurboProp test skips.

BUG=v8:9684,v8:12013

Change-Id: I878e2b9c595449c954735290959d3b38eead5a5b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3043963
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75865}
2021-07-22 16:05:36 +00:00
Jakob Kummerow
4fafd076ae [wasm-gc] Fix lifetime of off-heap type information...
...while on-heap objects are referring to it. This is accomplished
by storing a reference to its associated WasmInstanceObject on every
WasmTypeInfo object.
Details: https://bit.ly/2UxD4hW

Fixed: v8:11953
Change-Id: Ifb6f976142356021393d41c50717d210d525d521
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3043959
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75863}
2021-07-22 14:49:37 +00:00
Ross McIlroy
9a12f2736b [Test] Cleanup Turboprop test skips.
Some skips are no longer required.

BUG=v8:9684

Change-Id: I921f2032ea5c19429c735120ba80a09b8f1e352e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3043961
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75854}
2021-07-22 09:45:45 +00:00
Ross McIlroy
86e324bb57 [Test] stress-concurrent-inlining and turboprop are incompatible flags.
Adds incompatibility between future/turboprop variants and stress-concurrent-inlining
due to incompatibility from both configs weakly setting --interrupt-budget. Also ensures
we maintain this incompatibility if --future is passed as an extra flag as is done on
some bots.

BUG=v8:9684

Change-Id: I4855b92a64db00da15efc2384e241d4bf0c373c2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041677
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75853}
2021-07-22 08:56:25 +00:00
Shu-yu Guo
ddd6996715 [regexp] Remove --harmony-regexp-match-indices
RegExp match indices have shipped since M90

Bug: v8:9548
Change-Id: I8bf54ce1a50b5079aad71140f75c979a09aae5bb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3042842
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75848}
2021-07-22 02:28:42 +00:00
Thibaud Michaud
ee445477fb Reland "[wasm][eh] Add WebAssembly.Tag.type"
This is a reland of 4cc547c759

Change: prevent a memcpy to nullptr by skipping the call to copy_out()
when the length is zero.

Original change's description:
> [wasm][eh] Add WebAssembly.Tag.type
>
> R=ahaas@chromium.org
>
> Bug: v8:8091
> Change-Id: Id069ffbf76bf836b613287788b1b1fccbb577475
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3021173
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75815}

Bug: v8:8091
Change-Id: I22f400b6e36d1322a4eabd20a68b4bdd70d61377
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041436
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75847}
2021-07-21 21:25:52 +00:00
Michael Achenbach
67960ba110 Reland "[build] Add V8-specific dcheck_always_on"
This is a reland of cecc666f4d

Depends on:
https://crrev.com/c/3043611

Original change's description:
> [build] Add V8-specific dcheck_always_on
>
> This makes the V8 dcheck control independent of Chromium's and
> prepares switching Chromium's default behavior without affecting V8
> developers or builders.
>
> Preparation for: https://crrev.com/c/2893204
>
> Bug: chromium:1225701
> Change-Id: I520b96019b04196f4420716ff3500ebd6c21666f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3038528
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75827}

Bug: chromium:1225701
Change-Id: I56568b78592addba01793d2d14f768c9ee10103d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041670
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75839}
2021-07-21 14:25:24 +00:00
Ross McIlroy
2a8e37b145 [Test] skip test on deopt fuzzer that require tierup to TurboFan.
Currently deopt fuzzer passes --future and so should skip the same tests
as the future variant.

BUG=v8:9684

Change-Id: I3d10dae7ba7cffc36bd4777941ac053c42c80cef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041668
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75835}
2021-07-21 12:55:10 +00:00
Zhi An Ng
a1472dc1cc Revert "[build] Add V8-specific dcheck_always_on"
This reverts commit cecc666f4d.

Reason for revert: Many crashes on clusterfuzz bots https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Clusterfuzz%20Win64%20ASAN%20-%20release%20builder/23404/overview

Original change's description:
> [build] Add V8-specific dcheck_always_on
>
> This makes the V8 dcheck control independent of Chromium's and
> prepares switching Chromium's default behavior without affecting V8
> developers or builders.
>
> Preparation for: https://crrev.com/c/2893204
>
> Bug: chromium:1225701
> Change-Id: I520b96019b04196f4420716ff3500ebd6c21666f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3038528
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75827}

Bug: chromium:1225701
Change-Id: I20329f77707caf8fba2405919aa13c67811a1469
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3042841
Auto-Submit: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75830}
2021-07-20 22:06:20 +00:00
Mythri A
27d01ae032 [mjsunit] Fix flush-baseline-code test
With lazy feedback allocation we don't tier up to baseline early. This
test requires us to tier up to baseline. So add
--lazy_feedback_allocation as a required flag.

Bug: v8:12009
Change-Id: Ibbc1d1cc74ae368ef414f513a0cd46e9bf068186
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3042718
Commit-Queue: Mythri Alle <mythria@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Auto-Submit: Mythri Alle <mythria@chromium.org>
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75829}
2021-07-20 20:16:09 +00:00
Michael Achenbach
cecc666f4d [build] Add V8-specific dcheck_always_on
This makes the V8 dcheck control independent of Chromium's and
prepares switching Chromium's default behavior without affecting V8
developers or builders.

Preparation for: https://crrev.com/c/2893204

Bug: chromium:1225701
Change-Id: I520b96019b04196f4420716ff3500ebd6c21666f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3038528
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75827}
2021-07-20 17:56:20 +00:00
Ross McIlroy
cdbd66954e Reland: [Turboprop] Turboprop is the future.
Enable --turboprop in the --future config.

BUG=v8:9684

Change-Id: I1a419b64eaa59c1425b8327c9c3e2cfde9e099a7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3038530
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75825}
2021-07-20 17:53:49 +00:00
Paolo Severini
070659f685 [fastcall] DCHECK failure in IsNumber() in objects-inl.h
Function CopyAndConvertArrayToCppBuffer doesn't work correctly with
holey arrays.

Bug: chromium:1230431, v8:11739
Change-Id: If24f645ebf4947f9efdccd1470ddf9e68c0b6780
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3037989
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Paolo Severini <paolosev@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#75823}
2021-07-20 15:51:59 +00:00
Nico Hartmann
e3242a4858 Revert "[wasm][eh] Add WebAssembly.Tag.type"
This reverts commit 4cc547c759.

Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/17396/overview

Original change's description:
> [wasm][eh] Add WebAssembly.Tag.type
>
> R=​ahaas@chromium.org
>
> Bug: v8:8091
> Change-Id: Id069ffbf76bf836b613287788b1b1fccbb577475
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3021173
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75815}

Bug: v8:8091
Change-Id: I2581f82e6bc8a622a833b79037b4e58f587918cc
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3041432
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75821}
2021-07-20 15:02:50 +00:00
Maya Lekova
e9acaed6b8 [turbofan] Fix correctness issue in startsWith
This CL fixes a previous change in String.prototype.startsWith which
didn't throw an exception (in the optimized version) when `undefined`
was passed as a receiver and the search string was the empty string.

Bug: chromium:1230260
Change-Id: I835bd409b09b78bf7235c77596f62b588c95611d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3040841
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75818}
2021-07-20 14:23:09 +00:00
Thibaud Michaud
4cc547c759 [wasm][eh] Add WebAssembly.Tag.type
R=ahaas@chromium.org

Bug: v8:8091
Change-Id: Id069ffbf76bf836b613287788b1b1fccbb577475
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3021173
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75815}
2021-07-20 13:15:49 +00:00
Mythri A
3ae733f981 Reland "[sparkplug] Support bytecode / baseline code flushing with sparkplug"
This is a reland of ea55438a53. Relanding
after a fix lands here:
https://chromium-review.googlesource.com/c/v8/v8/+/3030711. The failures
were caused because baseline code could be flushed during the process
of deoptimization after we choose which entry (InterpreterEnterAt* /
BaselineEnterAt* ) builtin to use. BaselineEnterAt* builtins expect
baseline code but it could be flushed before we execute the builtin. The
fix is to defer the decision.

Original change's description:
> [sparkplug] Support bytecode / baseline code flushing with sparkplug
>
> Currently with sparkplug we don't flush bytecode / baseline code of
> functions that were tiered up to sparkplug. This CL adds the support to
> flush baseline code / bytecode of functions that have baseline code too.
> This CL:
> 1. Updates the BodyDescriptor of JSFunction to treat the Code field of
> JSFunction as a custom weak pointer where the code is treated as weak if
> the bytecode corresponding to this function is old.
> 2. Updates GC to handle the functions that had a weak code object during
> the atomic phase of GC.
> 3. Updates the check for old bytecode to also consider when there is
> baseline code on the function.
>
> This CL doesn't change any heuristics for flushing. The baseline code
> will be flushed at the same time as bytecode.
>
> Change-Id: I6b51e06ebadb917b9f4b0f43f2afebd7f64cd26a
> Bug: v8:11947
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2992715
> Commit-Queue: Mythri Alle <mythria@chromium.org>
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75674}

Bug: v8:11947
Change-Id: I63dce4cd9f6271c54049cc09f95d12e2795f15d1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3035774
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75810}
2021-07-20 11:30:59 +00:00
Marja Hölttä
607f1fdb06 Reland "[rab/gsab] Update to the new spec"
- Remove ResizableArrayBuffer / GrowableSharedArrayBuffer constructors,
use options bags
- Add AB.prototype.resizable and SAB.prototype.growable
- Update receiver checks in (S?)AB.prototype methods

Previous try: https://chromium-review.googlesource.com/c/v8/v8/+/3021174

Bug: v8:11111
Change-Id: Ib4e98aa987826fd01bfdcf7688310ec0665f33ca
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3035770
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75803}
2021-07-20 08:02:29 +00:00
Jakob Gruber
bbefaeb5cc [compiler] Tolerate failing ConsistentJSFunctionViewDep post-GC
GC may change heap state and make this dependency fail. That's okay -
it passed once before, meaning that compilation saw a self-consistent
JSFunctionRef state.

Bug: chromium:1230930
Change-Id: I367b10e4aa88101f1ca83a46f596c5f289f6cab2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3040838
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75802}
2021-07-20 07:29:49 +00:00
Jakob Gruber
0dba97f8dc [compiler] Make JSFunction bg-serialized
This wraps up the transition away from kSerialized ref kinds.

Since JSFunctionRef is a complex type, we don't attempt full
consistency on the background thread. Instead, we serialize functions
on the background in a partially-racy manner, in which consistency
between different JSFunction fields is *not* guaranteed. Consistency
is later verified through a new compilation dependency kind during
finalization.

Bug: v8:7790, v8:12004
Change-Id: Ic2b78af9c9fe183c8769d323132bb304b151dc75
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2968404
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75789}
2021-07-19 13:47:16 +00:00
Thibaud Michaud
15d3bcbd7f Reland "[wasm][eh] Rename Exception to Tag in the JS API"
This is a reland of 0b091e9bd3

Some blink web tests have been temporarily disabled to allow landing
changes to the JS API in V8.

Original change's description:
> [wasm][eh] Rename Exception to Tag in the JS API
>
> See:
> https://github.com/WebAssembly/exception-handling/issues/159
>
> This change only does the rename where it's observable. This should also
> be renamed throughout the codebase for consistency and will be done
> separately.
>
> R=ahaas@chromium.org
>
> Bug: v8:8091
> Change-Id: Iec1118194981dfd33be6e30256b6e72d12143e1f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3021172
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75718}

Bug: v8:8091
Change-Id: Id5375b5287fff81b8e0096377a55ef63e6d9b985
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3035083
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75785}
2021-07-19 12:22:16 +00:00
Clemens Backes
abf4525831 Revert "[Turboprop] Turboprop is the future."
This reverts commit 09b066578f.

Reason for revert: Failures in TSan future: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20no-concurrent-marking/4731/overview

Original change's description:
> [Turboprop] Turboprop is the future.
>
> Enable --turboprop in the --future config.
>
> BUG=v8:9684
>
> Change-Id: I405832c2ef0e1b80200a8b8090d7672461cd9e00
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3035762
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Mythri Alle <mythria@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75779}

Bug: v8:9684
Change-Id: I4ae2a51174565b3e773f4b5cb0f0cb652ca20111
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3035776
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75781}
2021-07-19 10:40:15 +00:00
Ross McIlroy
09b066578f [Turboprop] Turboprop is the future.
Enable --turboprop in the --future config.

BUG=v8:9684

Change-Id: I405832c2ef0e1b80200a8b8090d7672461cd9e00
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3035762
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75779}
2021-07-19 09:44:25 +00:00
Marja Hölttä
00d556f026 Revert "[rab/gsab] Update to the new spec"
This reverts commit 6207d61ff8.

Reason for revert: Incorrect implementation of the flag-not-on case.

Original change's description:
> [rab/gsab] Update to the new spec
>
> - Remove ResizableArrayBuffer / GrowableSharedArrayBuffer constructors,
> use options bags
> - Add AB.prototype.resizable and SAB.prototype.growable
> - Update receiver checks in (S?)AB.prototype methods
>
> Bug: v8:11111
> Change-Id: I4f8cb71a4c8e07483a3ffad83d98129da162b839
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3021174
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Shu-yu Guo <syg@chromium.org>
> Commit-Queue: Marja Hölttä <marja@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75761}

Bug: v8:11111, chromium:1230129, chromium:1230408
No-Try: True
Tbr: mlippautz@chromium.org
Change-Id: I25aa10cb3dc20fdaeb45e6169fc01eec9a89f72c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3038061
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75778}
2021-07-19 08:12:24 +00:00
Lu Yahan
d3390124d8 [riscv64] Skip test case due to timeout in buildbot
- msjunit/compiler/regress-1226988

Bug: v8:12002
Change-Id: I413bb54d64caf33db5493c69dff83a7ba09810ea
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3035263
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Cr-Commit-Position: refs/heads/master@{#75773}
2021-07-19 05:56:54 +00:00
Ross McIlroy
2114287c47 [Turboprop] Improve tierup heuristics for Turboprop
Slightly lowers the interrupt budget for Turboprop and increases the
interrupt budget scaling factor for TurboFan. This gives the best
balance between benchmark performance and reducing optimization
overhead.

BUG=v8:9684

Change-Id: I6d555fb27d089bc8a6849612a4e02b2155020d85
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3026713
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75764}
2021-07-16 15:13:32 +00:00