Commit Graph

66177 Commits

Author SHA1 Message Date
Leszek Swirski
52cfffde97 [utils] Add CompareCharsEqual
Add a CompareCharsEqual to complement CompareChars, where we only care
about equality and not ordering. For such cases, we can memcmp for two-
byte as well as one-byte strings (we can't for CompareChars because the
ordering would be incorrect on little-endian systems).

Replace uses of CompareChars that only compare the result against zero,
with CompareCharsEqual. Additionally, use some template magic to
simplify the "make unsigned" operation in these methods.

Change-Id: I0d65bee81b98d3938d15daa4af331c90558ea84f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557980
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71385}
2020-11-24 20:10:32 +00:00
Camillo Bruni
546939fe77 [api] Simplify ScriptOrigin
- Use C++ primitives (int, bool) for the ScriptOrigin constructor.
- Deprecate the old accessors and constructor

Bug: v8:11195
Change-Id: I739edd6b4c58e19a8a16ddce863eea14ec933697
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2555005
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71384}
2020-11-24 19:51:42 +00:00
Bill Budge
52892c1aef Revert "[wasm][memory64] Decode memory offset as 64-bit LEB"
This reverts commit 44efa00b04.

Reason for revert: Breaks MSVC with warning as error:
https://ci.chromium.org/p/v8/builders/ci/V8%20Win64%20-%20msvc/15903

Original change's description:
> [wasm][memory64] Decode memory offset as 64-bit LEB
>
> After preparing Liftoff, TurboFan, and the interpreter for this change,
> we now store the memory offset as uint64_t. {LoadLane} and {StoreLane}
> were added after the TurboFan refactoring, so those two are adapted
> similar to the other memory operations.
>
> R=​manoskouk@chromium.org
>
> Bug: v8:10949
> Change-Id: Iba66ce448904e23b152fcb8612d171124e615473
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2555006
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71382}

TBR=clemensb@chromium.org,manoskouk@chromium.org

Change-Id: Ia0f46a0b6fd2102a61c7664d7cdd86a2cf8ddb24
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10949
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2558752
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71383}
2020-11-24 19:10:14 +00:00
Clemens Backes
44efa00b04 [wasm][memory64] Decode memory offset as 64-bit LEB
After preparing Liftoff, TurboFan, and the interpreter for this change,
we now store the memory offset as uint64_t. {LoadLane} and {StoreLane}
were added after the TurboFan refactoring, so those two are adapted
similar to the other memory operations.

R=manoskouk@chromium.org

Bug: v8:10949
Change-Id: Iba66ce448904e23b152fcb8612d171124e615473
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2555006
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71382}
2020-11-24 18:00:41 +00:00
Michael Lippautz
3b82f4c686 cppgc: Expose write barriers
Exposes an opaque handle for uniformly (cppgc and V8) referring to an
instance of a heap.

Exposes a set of raw write barriers for advances embedders through
subtle::HeapConsistency which is a mirror into write barrier internals.
The following barriers are exposed:
- DijkstraWriteBarrier: Regular Dijkstra-style write barrier (add to
  wavefront);
- DijkstraWriteBarrierRange: Same as DijkstraWriteBarrier but
  operating on a range of slots that are composite (inlined) objects;
- SteeleWriteBarrier: Regular Steele-style write barrier (retreating
  wavefront);

Change-Id: Ib5ac280204686bf887690f72df1cdb506ea6ef70
Bug: chromium:1056170
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2554601
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71381}
2020-11-24 17:41:11 +00:00
Georg Neis
3836aeb039 [cleanup] Replace all remaining Min/Max uses with std::min/max
Apart from removing Min and Max (utils.h), this is mostly a renaming.

In a few cases I had to add a cast. In a bunch of cases I had to use
initializer lists to force call-by-value for static member constants
because call-by-reference wouldn't compile (like in the previous CL).
In a few places I used initializer lists in place of nested min/max
operations.

Bug: v8:11074
Change-Id: I53a5411be6334ff41e7a8517e6b87fb46f14d086
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2545523
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71380}
2020-11-24 17:32:01 +00:00
Milad Fa
957516489f PPC/s390: [wasm][liftoff] Don't reserve space for the stack marker twice
Port 2180e20f49

Original Commit Message:

    The total frame size returned by GetTotalFrameSize includes the frame
    marker. However, the frame marker is pushed on the stack with a push
    instruction. Therefore it is not needed to allocate memory for it again
    on the stack. This CL therefore reduces the memory allocated on the
    stack by the size of the frame marker.

R=ahaas@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N

Change-Id: I76e259d54703265fcf1a84857365997af008e16a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2558257
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#71379}
2020-11-24 16:36:31 +00:00
Leszek Swirski
0df6a20899 [string] Unify String::IsEqualTo
Make String::IsEqualTo use a direct string shape dispatch and a direct
call to CompareChars, rather than splitting the behaviour over
IsOneByte/IsTwoByte/HasOneBytePrefix. Avoiding GetFlatContent will make
this method easier to make efficient while staying string-access-lock
safe.

Also, redefines the sequential string table key's matcher in terms of
this IsEqualTo method.

Change-Id: Iab71246e12044ebaeff06f0dbc14d28b3482dcbe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557979
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71378}
2020-11-24 16:16:01 +00:00
Gus Caplan
20b417503a Add 'at' to Array.prototype[@@unscopables]
Bug: v8:10961
Change-Id: I3746dca570de005d203a2648dcffedd81122f215
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2553157
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Gus Caplan <snek@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71377}
2020-11-24 15:41:11 +00:00
Clemens Backes
c229abea6d [wasm][memory64] Prepare interpreter for memory64
This CL prepares the interpreter for 64-bit addresses. The offset (in
the memory immediate) can now be 64-bit, and also the index (from the
stack) will be 64-bit if memory64 is enabled.
memory.size will return a 64-bit constant under memory64.
memory.grow is a bit more involved and requires more refactorings in the
called functions. I left a TODO in the interpreter for now.

R=manoskouk@chromium.org

Bug: v8:10949
Change-Id: I47ab7e38a7356239c827619325f4583069e46669
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2555000
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71376}
2020-11-24 15:25:31 +00:00
Vicky Kontoura
fa9ee22ec1 Revert "[wasm] Enable --wasm-generic-wrapper"
This reverts commit f2034bf507.

Reason for revert: Issue on the generic wrapper

Original change's description:
> [wasm] Enable --wasm-generic-wrapper
>
> This CL enables the --wasm-generic-wrapper flag by default.
>
> Bug: v8:10982
> Change-Id: Iada906ce49810806c500ee3ca26e09e847b69a27
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2539915
> Commit-Queue: Vicky Kontoura <vkont@google.com>
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71374}

TBR=jkummerow@chromium.org,ahaas@chromium.org,vkont@google.com

Change-Id: I809de71155a76fce503ecd75c7c4854d507c3695
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10982
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557990
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71375}
2020-11-24 15:17:22 +00:00
Vicky Kontoura
f2034bf507 [wasm] Enable --wasm-generic-wrapper
This CL enables the --wasm-generic-wrapper flag by default.

Bug: v8:10982
Change-Id: Iada906ce49810806c500ee3ca26e09e847b69a27
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2539915
Commit-Queue: Vicky Kontoura <vkont@google.com>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71374}
2020-11-24 15:03:51 +00:00
Andreas Haas
2180e20f49 [wasm][liftoff] Don't reserve space for the stack marker twice
The total frame size returned by GetTotalFrameSize includes the frame
marker. However, the frame marker is pushed on the stack with a push
instruction. Therefore it is not needed to allocate memory for it again
on the stack. This CL therefore reduces the memory allocated on the
stack by the size of the frame marker.

R=clemensb@chromium.org

Bug: v8:11074
Change-Id: Ie04508a57a2c641a2ee5d89d72dd22ec0572b5e5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557510
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71373}
2020-11-24 14:41:50 +00:00
Andreas Haas
7b6b216ffd [wasm][liftoff] Add comment to reserving stack space
R=clemensb@chromium.org

Bug: v8:11074
Change-Id: I43036a826008027cf44179f1236f4feb9ef4c83b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2554608
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71372}
2020-11-24 14:40:31 +00:00
Tobias Tebbi
32e92f805a [torque] port SharedFunctionInfo class
Drive-by Torque changes:
  - kSize can be non-aligned, use SizeFor() instead for map allocation.
  - Factory functions use Torque-generated setters directly to work even
    if they are shadowed.
  - Allow class generation in the presence of custom weak fields, this
    was supported already.


Bug: v8:7793
Change-Id: I7e2df45d550ff70973e5167459050fd84db03114
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2547285
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71371}
2020-11-24 13:56:50 +00:00
Vicky Kontoura
f2821cfbee [wasm] Disable use of the generic js-to-wasm wrapper for asm.js modules
This CL temporarily disables use of the generic js-to-wasm wrapper for
asm.js modules, since the generic js-to-wasm wrapper does not fully
support them yet.

Bug: v8:10982
Change-Id: I79a489075c689549b07bf1436c6115edb147cbe5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2554602
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Vicky Kontoura <vkont@google.com>
Cr-Commit-Position: refs/heads/master@{#71370}
2020-11-24 13:42:30 +00:00
Clemens Backes
95052803d6 [wasm][interpreter][cleanup] Remove redundant inline annotations
The top-level functions are already in an anonymous namespace, hence
'inline' is redundant.
Similar for the methods defined within the class declaration.

R=manoskouk@chromium.org

Bug: v8:11074
Change-Id: I84f790aa2826e4f9e9efcea7cabe75d6ea05f070
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2554605
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71369}
2020-11-24 12:52:10 +00:00
Manos Koukoutos
a5f00fd1dd [wasm] OpcodeLength should detect invalid opcodes
OpcodeLength in function-body-decoder was implemented in a way that did
not detect invalid non-prefixed opcodes, even when {validate} was on.
This CL brings its behavior in line with prefixed opcodes and validation
requirements.

Change-Id: I53fec32f13bd18a2ed0c7a7666d69fc09603db56
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2552516
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71368}
2020-11-24 12:38:40 +00:00
Clemens Backes
0b3fe3adf0 [liftoff] Avoid addition with 0
A simple fix to avoid an unneeded instruction.

R=ahaas@chromium.org

Bug: chromium:1152363
Change-Id: I7188156816ab24ed88fb1cd79859aa9f0b6c948b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557513
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71367}
2020-11-24 12:29:20 +00:00
Manos Koukoutos
1449f0b18b Reland "[wasm] Small changes in opcode organization"
This is a reland of 21f001e81a

Original change's description:
> [wasm] Small changes in opcode organization
>
> Changes:
> - Move call_ref and return_call_ref to misc opcodes.
> - Create macro which groups all simd opcodes.
>
> Change-Id: I7742c8a27fe8859d1bbe129d8056420aaffe0931
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2549948
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71355}

Change-Id: Ie8a509520b4e9105fb1b6606458c80c2b6337faf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557511
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71366}
2020-11-24 11:14:55 +00:00
Georg Neis
5a8f1efe7f Remove obsolete {Binary,Number}OperationHint::kSigned32
Change-Id: Ib1855adbf0292381f2b279d5b44fbddff551a4d5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557499
Auto-Submit: Georg Neis <neis@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71365}
2020-11-24 11:12:10 +00:00
Georg Neis
ba1b2cc09a [compiler] Fix a bug in SimplifiedLowering
SL's VisitSpeculativeIntegerAdditiveOp was setting Signed32 as
restriction type even when relying on a Word32 truncation in order to
skip the overflow check. This is not sound.

Bug: chromium:1150649
Change-Id: I3113a2102c62d6ecef342c98d25daf31431c01ed
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557498
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71364}
2020-11-24 11:09:40 +00:00
Clemens Backes
1a37d561b2 [inspector][fuzzer] Be more compatible with inspector-test
Make compileAndRunWithOrigin accept the same six arguments as
inspector-test. This makes inspector tests more useful as seed for the
inspector fuzzer, and allows to run more inspector fuzzer outputs
directly in the inspector-test binary.

R=szuend@chromium.org

Bug: chromium:1142437
Change-Id: Ib9e9768c834204ff17a641e9d462400a139bf6b0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557507
Reviewed-by: Simon Zünd <szuend@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71363}
2020-11-24 11:05:35 +00:00
Maya Lekova
f3b77a2ac9 Revert "[int] Fix security bug in Intl.ListFormat"
This reverts commit 1341dbd209.

Reason for revert: The new test is failing on arm64 simulator MSAN - https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/35559

Original change's description:
> [int] Fix security bug in Intl.ListFormat
>
> Also add test to ensure it won't crash. The crash is caused by int32_t overflow inside ICU68-1
>
> Real fix in 3bf08c6a50
>
> Bug: chromium:1150371
> Change-Id: I71c7bb3c50453fe3fa40226cab83bee0d865b0f0
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2551212
> Reviewed-by: Shu-yu Guo <syg@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Commit-Queue: Frank Tang <ftang@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71357}

TBR=jkummerow@chromium.org,machenbach@chromium.org,ftang@chromium.org,syg@chromium.org

Change-Id: I10862ad1fb308d1610b8f7a80cca43c010475397
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:1150371
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557512
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71362}
2020-11-24 11:04:31 +00:00
Frank Tang
c343c06d5a Fix IntlLegacyConstructedSymbol
Bug: v8:11174
Change-Id: If84c9056d0147720dabce52154648b4086146d0c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2556258
Reviewed-by: Frank Tang <ftang@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71361}
2020-11-24 10:28:30 +00:00
Dominik Inführ
afd09a05bc [heap] Fix race in scavenger
For pages that are already swept, it can happen that one thread
iterates old-to-new-slots while another thread promotes an object onto
the same page.

Accessing the slot_set in Scavenger::ScavengePage therefore needs to be
atomic.

Bug: v8:11077
Change-Id: I086db612ed4e861aa9bd1c18fdf5c0e17c519a4b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2555009
Auto-Submit: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71360}
2020-11-24 10:14:00 +00:00
Manos Koukoutos
39b2b0de91 Revert "[wasm] Small changes in opcode organization"
This reverts commit 21f001e81a.

Reason for revert: Changes in SIMD created merge errors.

Original change's description:
> [wasm] Small changes in opcode organization
>
> Changes:
> - Move call_ref and return_call_ref to misc opcodes.
> - Create macro which groups all simd opcodes.
>
> Change-Id: I7742c8a27fe8859d1bbe129d8056420aaffe0931
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2549948
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71355}

TBR=ahaas@chromium.org,manoskouk@chromium.org

Change-Id: I31a9a0a62e1e40a09f29f944bccb18694236c62b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557509
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71359}
2020-11-24 10:11:22 +00:00
Jakob Gruber
ad52295149 [compiler] Ensure the function is compiled after CompileOptimized
The Code object returned by CompileOptimized runtime functions is
tail-called to continue execution. This Code object should not be the
CompileLazy builtin.

We ran into this case when the requested code kind was available, but
not attached - here we returned early from Compiler::CompileOptimized
without doing anything.

To satisfy the postcondition, this CL removes the early exit and lets
GetOptimizedCode handle the cached cases (both the FeedbackVector's
optimized code cache, and the isolate cache).

Bug: v8:8888
Change-Id: Ie60e6cf27b697ea6685441184b65f28f3583f75a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2557500
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71358}
2020-11-24 09:51:20 +00:00
Frank Tang
1341dbd209 [int] Fix security bug in Intl.ListFormat
Also add test to ensure it won't crash. The crash is caused by int32_t overflow inside ICU68-1

Real fix in 3bf08c6a50

Bug: chromium:1150371
Change-Id: I71c7bb3c50453fe3fa40226cab83bee0d865b0f0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2551212
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71357}
2020-11-24 09:37:50 +00:00
Omer Katz
0e0d1b0d7c cppgc: Fix cppgc build
The CPPGC_BUILD_IN_V8 define (used for tracing) isn't propagated from
v8_base_without_compiler to cppgc_base, which breaks build with
perfetto. Instead use a gn args to specify standalone builds (defaulted
to false) and use that to choose the right tracing implementation.

Bug: chromium:1056170
Change-Id: I70bce819d45fb133b6f932a50a5d027e39f3e5b9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2555007
Auto-Submit: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71356}
2020-11-24 09:35:50 +00:00
Manos Koukoutos
21f001e81a [wasm] Small changes in opcode organization
Changes:
- Move call_ref and return_call_ref to misc opcodes.
- Create macro which groups all simd opcodes.

Change-Id: I7742c8a27fe8859d1bbe129d8056420aaffe0931
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2549948
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71355}
2020-11-24 09:32:20 +00:00
v8-ci-autoroll-builder
32a94886b5 Update V8 DEPS.
Rolling v8/build: 49ce9a3..356ef25

Rolling v8/third_party/aemu-linux-x64: nv6wFuL5e4oM14o83fKYTaYGvYpeIY0g-cCj2yzejZwC..qDJOg4W2RuPZ92H6d33I9kLLWjqfYuMr_gFsPRodSQAC

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/91c1a7c..a629d81

Rolling v8/third_party/depot_tools: 9c0dc30..260eb0f

Rolling v8/third_party/icu: 7db579a..6a33b64

TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com

Change-Id: I3a55a0b4ff6111cfa3fa79a22d842530b10087f2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2556499
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#71354}
2020-11-24 03:50:59 +00:00
Zhi An Ng
7f770766d8 [wasm-simd][arm64] Prototype prefetch arm64
Prototype 2 prefetch instructions (temporal and non-temporal) on arm64
and interpreter.

Add prfm to assembler, and use MiscField to encode the two versions.
Small tweak to simulator to handle these new instructions (no-op).

The implementation in the interpreter just pops the memory index and
does nothing.

Simple test cases added for these 2 new instructions, as well as a
prefetch with OOB index, which should not trap.

Bug: v8:11168
Change-Id: Ieced8081615d07f950d6d4c1128d1bc6a75839fd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2543167
Reviewed-by: Bill Budge <bbudge@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71353}
2020-11-24 02:44:09 +00:00
Zhao Jiazhong
8f71a2675e [mips][cleanup] Remove unused function and opcode
Now the ModS opcode and MacroAssembler::EmitFPUTruncate function
are useless, and should be removed.

Change-Id: I5ba7c2cd01084b322046c8267b7581ab9d1755c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2554382
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/master@{#71352}
2020-11-24 01:42:09 +00:00
Zhi An Ng
9d9e8b41dc [wasm-simd][arm64] Prototype i64x2.bitmask
Drive-by cleanup for other bitmask instructions to
UseScratchRegisterScope instead of using temporary registers in
instruction-selector.

Bug: v8:10997
Change-Id: Id46d249fd20ceaeab8e867babec8b34d7995c17f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2548081
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71351}
2020-11-24 01:20:09 +00:00
Zhi An Ng
11910df32c [arm] Add disasm for other encodings of vld1/vst1
Currently we only correctly disassemble encoding A4, with a list of 4
regs.

Also added tests for these encodings.

Change-Id: I38066186d19deb8c180129d7a92b49bc589315cd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2554258
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71350}
2020-11-24 01:16:29 +00:00
Zhi An Ng
8158c8c078 [wasm-simd][ia32] Remove some SSE<->AVX transitions
In our codegen, we are mixing SSE and AVX. This can potentially cause
transition delays. Ideally we should stick to one. We add some new AVX
versions of movss and movsd, then use the macro-assembler methods to
generate AVX instructions if supported.

Bug: v8:11190
Change-Id: Iff7c0fb892cea85731f880ac2895480621b3092f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2554257
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71349}
2020-11-24 01:02:23 +00:00
Bill Budge
86991d0587 Reland "stack-trace-api: implement getEnclosingLine/Column"
This reverts commit 5557a63beb.

Reason for revert: Sheriff's mistake, failing test was previously flaking.

Original change's description:
> Revert "stack-trace-api: implement getEnclosingLine/Column"
>
> This reverts commit c48ae2d96c.
>
> Reason for revert: Breaks a profiling test:
> https://ci.chromium.org/p/v8/builders/ci/V8%20Win32/30010
>
> Original change's description:
> > stack-trace-api: implement getEnclosingLine/Column
> >
> > Introduces getEnclosingColumn and getEnclosingLine on CallSite
> > so that the position can be used to lookup the original symbol
> > for function when source maps are used.
> >
> > BUG=v8:11157
> >
> > Change-Id: I06c4c374d172d206579abb170c7b7a2bd3bb159f
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2547218
> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> > Commit-Queue: Benjamin Coe <bencoe@google.com>
> > Cr-Commit-Position: refs/heads/master@{#71343}
>
> TBR=jkummerow@chromium.org,yangguo@chromium.org,bencoe@google.com
>
> Change-Id: Iab5c250c1c4fbdab86971f4a7e40abc8f87cf79c
> No-Presubmit: true
> No-Tree-Checks: true
> No-Try: true
> Bug: v8:11157
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2555384
> Reviewed-by: Bill Budge <bbudge@chromium.org>
> Commit-Queue: Bill Budge <bbudge@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71345}

TBR=bbudge@chromium.org,jkummerow@chromium.org,yangguo@chromium.org,bencoe@google.com

# Not skipping CQ checks because this is a reland.

Bug: v8:11157
Change-Id: I8dba19ceb29a24594469d2cf79626f741dc4cad3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2555499
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71348}
2020-11-23 20:05:02 +00:00
Etienne Pierre-doray
873e5aa32a Reland "Reland "[Heap]: Convert Sweep to Job""
This is a reland of b16c7e5b1c

Issue: ShouldYield is called multiple time.
Fix: ConcurrentSweepSpace returns false if not done (yielding), to avoid
calling it again.

Issue: failing test-streaming-compilation
Safe to reland after
https://chromium-review.googlesource.com/c/v8/v8/+/2507379

Original change's description:
> Reland "[Heap]: Convert Sweep to Job"
>
> This is a reland of 795c0b1c7b
> Reason for revert:
> TSAN failures https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20TSAN/33884
> Safe to reland as-is with fix to EagerUnmappingInCollectAllAvailableGarbage
> https://chromium-review.googlesource.com/c/v8/v8/+/2502809
>
> Original change's description:
> > [Heap]: Convert Sweep to Job
> >
> > max concurrency is inferred from queue size for OLD_SPACE & MAP_SPACE.
> > Extra Sweeper::TearDown() in MarkCompactCollector::TearDown() is needed
> > to cancel job.
> >
> > Change-Id: Iafba7d7d24e8f6e5c5a1d5c0348dea731f0ac224
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2480783
> > Commit-Queue: Etienne Pierre-Doray <etiennep@chromium.org>
> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#70767}
>
> Change-Id: Id9a5baceed4664f53da39597af56a2067e4f3c6f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2502808
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Etienne Pierre-Doray <etiennep@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#70845}

Change-Id: I32de9faebdbd2f7f6d7f9a9525871fc691fb3f2c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2507378
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Etienne Pierre-Doray <etiennep@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71347}
2020-11-23 20:01:32 +00:00
Etienne Pierre-doray
686e48b2f8 [test]: Fix streaming-compilation MockTaskRunner synchronisation.
MockTaskRunner is missing a lock to protect tasks queue, causing flaky
tsan. This is similar to:
https://source.chromium.org/chromium/chromium/src/+/master:v8/test/cctest/wasm/test-wasm-metrics.cc;l=94?q=test%2Fcctest%2Fwasm%2Ftest-wasm-metrics.cc&ss=chromium

Previous CL https://chromium-review.googlesource.com/c/v8/v8/+/2507379
probably revealed the issue to TSAN by bringing more tasks.

Bug: v8:11194
Change-Id: Ib45c4afb4e7a86c9b4a54518876e311598747919
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2555383
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Etienne Pierre-Doray <etiennep@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71346}
2020-11-23 19:23:01 +00:00
Bill Budge
5557a63beb Revert "stack-trace-api: implement getEnclosingLine/Column"
This reverts commit c48ae2d96c.

Reason for revert: Breaks a profiling test:
https://ci.chromium.org/p/v8/builders/ci/V8%20Win32/30010

Original change's description:
> stack-trace-api: implement getEnclosingLine/Column
>
> Introduces getEnclosingColumn and getEnclosingLine on CallSite
> so that the position can be used to lookup the original symbol
> for function when source maps are used.
>
> BUG=v8:11157
>
> Change-Id: I06c4c374d172d206579abb170c7b7a2bd3bb159f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2547218
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Benjamin Coe <bencoe@google.com>
> Cr-Commit-Position: refs/heads/master@{#71343}

TBR=jkummerow@chromium.org,yangguo@chromium.org,bencoe@google.com

Change-Id: Iab5c250c1c4fbdab86971f4a7e40abc8f87cf79c
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:11157
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2555384
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71345}
2020-11-23 19:19:04 +00:00
Milad Fa
9820f02d5c PPC: [wasm-simd] Implement S128Const and S128AllOnes
Change-Id: I8f8b0b525541cec1a814b7df6ffe0baf00514929
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2554526
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#71344}
2020-11-23 18:17:32 +00:00
bcoe
c48ae2d96c stack-trace-api: implement getEnclosingLine/Column
Introduces getEnclosingColumn and getEnclosingLine on CallSite
so that the position can be used to lookup the original symbol
for function when source maps are used.

BUG=v8:11157

Change-Id: I06c4c374d172d206579abb170c7b7a2bd3bb159f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2547218
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Benjamin Coe <bencoe@google.com>
Cr-Commit-Position: refs/heads/master@{#71343}
2020-11-23 15:44:41 +00:00
Camillo Bruni
a48fcd6d3b [api] Add module streaming support
- Add support for module streaming compilation
- Enable module streaming testing d8
- Update API tests to include basic module streaming

Bug: chromium:1061857
Change-Id: I3ac95f7d672c382406182fb6900b1095f15c63b3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2536457
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71342}
2020-11-23 15:18:21 +00:00
Victor Gomes
1df2f22fb6 [nci] Fix arguments order in call of ConstructWithSpread_WithFeedback
ConstructWithSpread_WithFeedback uses the same argument order as JS linkage, therefore arguments should be inserted in reversed order.
See https://source.chromium.org/chromium/chromium/src/+/master:v8/src/codegen/interface-descriptors.h;drc=c7cb9beca18d98ba83c3b75860b912219d425d0e;l=507

Change-Id: I4d3ded048a08ba9a2a4d30da4c41044d9669becc
Bug: chromium:1145990
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2549952
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71341}
2020-11-23 15:13:01 +00:00
Santiago Aboy Solanes
4e34d7af84 [compiler] Add (Local)?Isolate parameter to String::Get
If we have a regular isolate (or none at all), we can skip acquiring
the lock check and DCHECK that we are calling from the main thread.
If we have a LocalIsolate, we acquire the string lock if needed.

Bug: v8:7790
Change-Id: Ie3562e8172a3e3eca8d194e8652cb881f765cdb8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2551102
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71340}
2020-11-23 15:07:42 +00:00
Manos Koukoutos
051a29cceb [wasm-gc] Implement JS roundtrip for anyref
We use the same temporary mechanism as with eqref, in anticipation of
standardization of the wasm-gc JS API.

Bug: v8:7748
Change-Id: I224a043e5450ce489fc7f3b2f07f277a0444b8e0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2546695
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71339}
2020-11-23 14:18:31 +00:00
Dominik Inführ
c875ab35b2 [heap] Remove unused method in ArrayBufferSweeper
Change-Id: I51f2152d8a26fb0b266a41f7d284ced7908eb475
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2554603
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Auto-Submit: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71338}
2020-11-23 14:02:03 +00:00
Clemens Backes
b61e85a3c0 [wasm] Revisit maximum jump table distance
This changes a '<' to a '<=' and adds a comment to explain why it is
safe to use a jump table where the maximum distance is exactly
{kMaxCodeSpaceSize}.

R=jkummerow@chromium.org

Bug: chromium:1151364
Change-Id: Id4971a2e9095fa99df48367ab09af4adbfadffaf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2552906
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71337}
2020-11-23 13:40:41 +00:00
Liu Yu
6ded810bb2 [mips][builtins] Avoid reloading undefined value in InterpreterEntryTrampoline
Port: 40c0f84a38

Bug: v8:9771
Change-Id: Icbe4e3450bb6ef7242804ca9d7f46cb6f1aed40c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2539538
Auto-Submit: Liu yu <liuyu@loongson.cn>
Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/master@{#71336}
2020-11-23 11:22:50 +00:00