Commit Graph

74880 Commits

Author SHA1 Message Date
Michael Lippautz
b0fbe1aff3 cppgc: Allow overriding heap object name at runtime
Before this CL, the heap object name of unnamed objects(those not
inheriting from NameProvider) would be solely determined by whether the
build-time configuration cppgc_enable_object_names is enabled.

This patch adds a way to override that value at runtime. This is
useful for preserving default behavior with custom builds but at the
same time allow them to still enable the feature.

Bug: chromium:1321620
Change-Id: I3aa06db15e58d9ba9773be6797572f17f007e9ee
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620279
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80338}
2022-05-03 12:19:57 +00:00
Camillo Bruni
46224e75f3 [api] Advance API deprecation for V8 version v10.2
Previously marked V8_DEPRECATED_SOON that are now V8_DEPRECATED:

File                                    Version  Date        Commit
include/v8-initialization.h:208            v9.9  2021-12-15  277fdd1d
include/v8-initialization.h:226            v9.9  2021-12-15  277fdd1d
include/v8-initialization.h:236            v9.9  2021-12-15  277fdd1d
include/v8-initialization.h:250            v9.9  2021-12-15  277fdd1d
include/v8-locker.h:130                   v10.0  2022-01-20  116ca00f
include/v8-message.h:90                    v9.8  2021-11-09  2b3df06b


Previously marked V8_DEPRECATED that are now removed:

File                                    Version  Date        Commit
include/v8-fast-api-calls.h:886            v9.8  2021-11-11  b295d0b0
include/v8-fast-api-calls.h:893            v9.8  2021-11-11  b295d0b0
include/v8-fast-api-calls.h:902            v9.8  2021-11-11  b295d0b0
include/v8-initialization.h:186           v10.0  2022-01-26  36707481
include/v8-isolate.h:639                  v10.0  2022-01-26  36707481
include/v8-locker.h:132                    v9.8  2021-11-11  b295d0b0
include/v8-object.h:597                    v9.9  2022-01-18  0a61fa51
include/v8-object.h:609                    v9.8  2021-11-11  b295d0b0
include/v8-script.h:50                    v10.0  2022-01-26  36707481
include/v8-script.h:653                   v10.0  2022-01-18  9cf4f131


Output generated by ./tools/release/list_deprecated.py

Bug: v8:11165, chromium:1166077
Change-Id: Ie0d435f7a10f362ed714bdc30ad899ee9c485cb4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3571804
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Auto-Submit: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80337}
2022-05-03 12:16:28 +00:00
Camillo Bruni
e3e8ea5d65 [flags] Rename --opt to --turbofan
To be consistent with the all the other tiers and avoid confusion, we
rename --opt to ---turbofan, and --always-opt to --always-turbofan.

Change-Id: Ie23dc8282b3fb4cf2fbf73b6c3d5264de5d09718
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3610431
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80336}
2022-05-03 12:10:30 +00:00
Anton Bikineev
1242b69e29 Reland "cppgc: young-gen: Enable cppgc_enable_young_generation by default"
The ubsan failures were fixed by 99e90c55f4.

Bug: chromium:1029379
Change-Id: Iec334388de7faf8a47e6d607501a2f1298a441a2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3623540
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80335}
2022-05-03 12:00:37 +00:00
Leszek Swirski
bac9a90a3c [maglev] Use --maglev-filter
Observe the beauty of nature, as a TODO blossoms into a DONE.

Bug: v8:7700
Change-Id: I6981a5530664aa9ba4d120000d688a682c923a23
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3622914
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80334}
2022-05-03 11:58:19 +00:00
Dominik Inführ
fe7d0a2aee [heap] Do not invalidate SharedFunctionInfo in ClearPreparseData
Slots don't need to be invalidated in the object. The object is trimmed
to its supertype, so all possibly recorded slots remain valid.

Bug: v8:12578, chromium:1316289
Change-Id: I859b3ec843a2c2c9863cdb3bbc1c3158364aaa5b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3622917
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80333}
2022-05-03 11:52:51 +00:00
Anton Bikineev
99e90c55f4 cppgc: young-gen: Fix ubsan failures in minor gc tests
This fixes:
runtime error: upcast of misaligned address 0x000000000001
for type 'cppgc::internal::(anonymous namespace)::SimpleGCed<64>', which
  requires 8 byte alignment

Bug: chromium:1029379
Change-Id: Id03ce022e72fc07a18c171d4cf5e42f50cb684f1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3622918
Auto-Submit: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80332}
2022-05-03 11:04:07 +00:00
Georgia Kouveli
739bdd1ce3 [builtins] Remove indirection for pointers to code and data blobs
Mark the labels to the code and data global, which removes the need
for having separate pointers to these labels in the .data section.

This means that `v8_Default_embedded_blob_code_` and
`v8_Default_embedded_blob_data_` can now actually be read-only when
RELRO is enabled.

The actual contents of `v8_Default_embedded_blob_code_` remain
potentially non-readable for platforms where code is marked as
execute-only, but these changes do not attempt to read them.

Bug: v8:12850

Change-Id: Ic1bc8e68fe44a9ce45380c83b0be5fa94e7da267
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616510
Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80331}
2022-05-03 10:41:48 +00:00
Al Muthanna Athamina
6fecf48a60 Remove stress-concurrent-inlining flag from fuzzer because it is causing too many failures
Bug: v8:12842
Change-Id: Ice4ef2f1e62773238a0d9b08b6af36e9bed48ddd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3622919
Auto-Submit: Almothana Athamneh <almuthanna@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80330}
2022-05-03 10:36:27 +00:00
jameslahm
f2ff0d5065 [api] Fix MaybeLocal::ToLocal documentation when it's empty
This CL changes MaybeLocal::ToLocal documentation to assign |out|
with nullptr when the MaybeLocal is empty to be consistent with
the behavior.

Bug: v8:12845
Change-Id: I8145d6604c51b79f137b686b3e9b4f328534e0a8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616432
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80329}
2022-05-03 10:03:24 +00:00
Marja Hölttä
1ac6b3a662 Reland: [web snap] Support Symbols
Fix: copy-paste error in raw ptr GC update function.

Bug: v8:11525
Change-Id: I915ae92191b2add60962395a2d0ad28f57e02fd4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3622915
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80328}
2022-05-03 09:03:39 +00:00
Jakob Kummerow
8062598f26 [wasm] Fix Int64Lowering for tagged stack-passed parameters
When lowering signatures, we must preserve the separation of parameters
into tagged and untagged sections.

Fixed: chromium:1320614
Change-Id: I8119ba23e35f499630c2d2494e99191ca793cb1a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620283
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80327}
2022-05-03 09:02:37 +00:00
Patrick Thier
f7895fc42b [heap] Mark internalized strings in forwarding table
For entries in the string forwarding table, mark the internalized string
if the original string is marked.

The logic is moved from the string forwarding table implementation to
the mark compact implementation, using RootVisitor.

Bug: v8:12007
Change-Id: I860de75077c864dd4e5f2c47ab647d2eafcc5ced
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3610625
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80326}
2022-05-03 08:54:47 +00:00
Camillo Bruni
35fc0c17c9 [snapshot][api] Expose the snapshot checksum as crash key
Due to the consistent overhead of snapshot checksum verification
we ideally want to avoid it all-together. However there are still enough
devices out there that suffer from corrupted snapshots that might
cause hard to debug heap corruptions.

This CL exposes the calculated (dummy value for now) and the expected
snapshot checksum as a crash key, so it can be easily consulted during
investigation.

Note: The calculated crash key contains 0x0 for now as a dummy value. We
will come up with a strategy later-on to limit the overhead of
calculating the checksum.

Bug: v8:12195
Change-Id: I6da6d74c035cb6f9b0edae212a36e6c41c048a5b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605813
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80325}
2022-05-03 08:30:07 +00:00
Samuel Groß
19fda9e792 [base] Use GetCurrentProcess() instead of nullptr
While nullptr also mostly seems to work, GetCurrentProcess() is the
correct way of specifying the current process for operations like
MapViewOfFile3 or VirtualAlloc2.

Bug: chromium:1218005
Change-Id: I988140374a708018dca089c29eb699e0536a5285
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620288
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80324}
2022-05-03 07:04:47 +00:00
Benedikt Meurer
3b1509389a [inspector] Consistently format value wrappers in console messages.
When formatting console messages (for consumption in Chromium/Blink), we
have special logic to unwrap value wrapper objects. But this logic was
not very consistent, and especially Number values and NumberObject
values were formatted differently.

This changes the V8ValueStringBuilder::append() logic to always unwrap
any value wrapper first and then use the regular dispatch for the
primitive value.

Fixed: chromium:1321833
Change-Id: I9996671e1f91da0841e5d5f1687cf647ab72a561
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3622913
Commit-Queue: Yang Guo <yangguo@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80323}
2022-05-03 06:41:38 +00:00
Frank Tang
d43080a7f7 [intl] Fix ResolvedOptions to output.
In v3 we allow both significant digits and fraction digits to be set in some conditions.
Also fix the case in v2 we didn't handle "precision-integer" with currency format.

Related spec text:
https://tc39.es/proposal-intl-numberformat-v3/out/numberformat/diff.html#sec-intl.numberformat.prototype.resolvedoptions
https://tc39.es/proposal-intl-numberformat-v3/out/numberformat/diff.html#sec-setnfdigitoptions

Bug: v8:11544
Change-Id: I89c147dcc7803eae7aad2a380e85d1d877e30370
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3615217
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80322}
2022-05-03 03:23:46 +00:00
Shu-yu Guo
7176808542 [ShadowRealm] Pass value when throwing "not callable" TypeError
Bug: v8:11989
Change-Id: Idd7ab73f923a7a0114c0fb7a40807b4b163d6bcf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3595106
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80321}
2022-05-03 02:19:16 +00:00
Rob Paveza
5e1f856d18 Add support for source hashing in stack traces.
This change adds support for computing SHA-256 hashes in the stack
output of errors by adding a function to the prototype of the
`CallSite` object, passed to `Error.prepareStackTrace`. Additionally,
it updates the `hash` property from `Debugger.scriptParsed` and
`Debugger.scriptFailedToParse` to be SHA-256 instead of the
proprietary hash it is today.

It is intended to be an advancement in indexing source maps to
support improved tooling, especially for post-hoc or in-production
diagnostics scenarios.

The explainer can be found here:
https://docs.google.com/document/d/13hNeeLC2Ve_FVieNndZUUUP15x2O4ltvjnGWwOsMlrU/edit?usp=sharing

Change-Id: Ifbbed4b22c8256e74e6d79974d2dd1e444143eda
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229957
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Auto-Submit: Robert Paveza <Rob.Paveza@microsoft.com>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80320}
2022-05-03 00:57:46 +00:00
Frank Tang
4776aee651 Reland "[Temporal] Fix Calendar.prototype.fields CSA"
This is a reland of commit 8960031432

Changes since revert: None, reverted wrong suspect CL

Original change's description:
> [Temporal] Fix Calendar.prototype.fields CSA
>
> Use LoadAndUntagToWord32ObjectField instead of LoadObjectField<Uint32T>
> to load the flag since it is defined as
>  flags: SmiTagged<JSTemporalCalendarFlags>;
>
> Otherwise LoadObjectField<Uint32T> will load the zero part when
> v8_enable_pointer_compression = false
>
> Add unit tests to intl (because the problem only show up on calendar
> other than non iso8601.
>
> Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel
>
>
> Bug: v8:12848
> Change-Id: I44b685af99dc9820dfa228447e2b42ae0a82464c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3617388
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Frank Tang <ftang@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80314}

Bug: v8:12848
Change-Id: I423ea5f0a4a30fc73546df208d24aec84db76eb4
Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620838
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80319}
2022-05-02 20:56:55 +00:00
Shu-yu Guo
61be01e9ce Revert "cppgc: young-gen: Enable cppgc_enable_young_generation by default"
This reverts commit 310097061d.

Reason for revert: UBSan failure: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/21069/overview

Original change's description:
> cppgc: young-gen: Enable cppgc_enable_young_generation by default
>
> Oilpan Young Generation is now controlled by the runtime flag
> --cppgc-young-generation.
>
> Bug: chromium:1029379
> Change-Id: I9ded9637f43a2f86993cff898cd7f272a051ae3c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616728
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Anton Bikineev <bikineev@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80312}

Bug: chromium:1029379
Change-Id: I18ac696380df5f77d0978072b8e5af2f2e305994
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620839
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#80318}
2022-05-02 20:06:16 +00:00
Shu-yu Guo
f478546b18 Revert "[Temporal] Fix Calendar.prototype.fields CSA"
This reverts commit 8960031432.

Reason for revert: UBSAN errors in GC tests
https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/21069/overview

Original change's description:
> [Temporal] Fix Calendar.prototype.fields CSA
>
> Use LoadAndUntagToWord32ObjectField instead of LoadObjectField<Uint32T>
> to load the flag since it is defined as
>  flags: SmiTagged<JSTemporalCalendarFlags>;
>
> Otherwise LoadObjectField<Uint32T> will load the zero part when
> v8_enable_pointer_compression = false
>
> Add unit tests to intl (because the problem only show up on calendar
> other than non iso8601.
>
> Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel
>
>
> Bug: v8:12848
> Change-Id: I44b685af99dc9820dfa228447e2b42ae0a82464c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3617388
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Frank Tang <ftang@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80314}

Bug: v8:12848
Change-Id: I3a8af8acbbdfc5d0f5386f2a9d50d62b9f422fb8
Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620837
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#80317}
2022-05-02 19:13:17 +00:00
Michael Lippautz
10eac4ebe9 Reland "[heap] Fix bogus object size computation"
This is a reland of commit 445190bf99

The fix addresses the issue where object size accounting went out of
sync because of right-trimmed LO in new space that were migrated with
a different size than they were accounted for.

The fix now iterates only live objects for size computation which
avoids accessing reclaimed maps and fixes up the objects accounting.

Original change's description:
> [heap] Fix bogus object size computation
>
> The map of an object may be gone by the time we try to compute its
> size for accounting purposes.
>
> Bug: chromium:1319217
> Change-Id: I93cca766a8cedebf4ed30a3a65fd6eff5bc72bcf
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605817
> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80271}

Bug: chromium:1319217
Change-Id: I8d032edf96a4bf4b0faa4bbd9b0be247051c49fb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616507
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80316}
2022-05-02 18:07:12 +00:00
Milad Fa
9a06f7175c Reland "PPC/S390: Reland "[osr] Use the new OSR cache""
This is a reland of commit c575e8ae97

Original change's description:
> PPC/S390: Reland "[osr] Use the new OSR cache"
>
> Port 9145388055
>
> Original Commit Message:
>
>   This is a reland of commit 91da38831d
>
>   Original change's description:
>   > Fixed: Use an X register for JumpIfCodeTIsMarkedForDeoptimization
>   > on arm64.
>   > Bug: v8:12161
>
> Change-Id: I6e63bd5995340bac32654ef12c52d25b496140e3
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607997
> Reviewed-by: Junliang Yan <junyan@redhat.com>
> Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
> Cr-Commit-Position: refs/heads/main@{#80194}

Change-Id: Id5e41c659a3c29a6d22c0393ad0003a24fa1ef5a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3621273
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Reviewed-by: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/main@{#80315}
2022-05-02 17:44:49 +00:00
Frank Tang
8960031432 [Temporal] Fix Calendar.prototype.fields CSA
Use LoadAndUntagToWord32ObjectField instead of LoadObjectField<Uint32T>
to load the flag since it is defined as
 flags: SmiTagged<JSTemporalCalendarFlags>;

Otherwise LoadObjectField<Uint32T> will load the zero part when
v8_enable_pointer_compression = false

Add unit tests to intl (because the problem only show up on calendar
other than non iso8601.

Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel


Bug: v8:12848
Change-Id: I44b685af99dc9820dfa228447e2b42ae0a82464c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3617388
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80314}
2022-05-02 17:43:46 +00:00
jameslahm
c4281cd933 [web snapshot] Add support for arrays w/holes
This CL adds serialization and deserialization support
for HOLEY_ELEMENTS and HOLEY_SMI_ELEMENTS kind arrays.

Bug: v8:11525
Change-Id: Ib6fdcd1916badd02e567571e1c0748dce85cd8a0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620753
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#80313}
2022-05-02 17:07:19 +00:00
Anton Bikineev
310097061d cppgc: young-gen: Enable cppgc_enable_young_generation by default
Oilpan Young Generation is now controlled by the runtime flag
--cppgc-young-generation.

Bug: chromium:1029379
Change-Id: I9ded9637f43a2f86993cff898cd7f272a051ae3c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616728
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80312}
2022-05-02 16:57:39 +00:00
Leszek Swirski
3d3d9c5028 Revert "Reland "[heap] Refactor atomic marking phase""
This reverts commit 25e3225286.

Reason for revert: Suspect for roll failure: https://ci.chromium.org/ui/p/chromium/builders/try/android_optional_gpu_tests_rel/98554/overview

Original change's description:
> Reland "[heap] Refactor atomic marking phase"
>
> This is a reland of commit a3f66927f9
>
> The reland addresses a few CHECKs that were too agressive and also
> properly adjusts Oilpan's marking configurations depending on V8's
> flags.
>
> Original change's description:
> > [heap] Refactor atomic marking phase
> >
> > The atomic marking phase was organized in many distinct smaller
> > phases. In particular, before http://crrev.com/c/3584115 the marking
> > phase split into two large separate phases.
> >
> > This CL reorganizes marking into two phases that perform regular V8
> > heap marking, Oilpan, and ephemerons:
> > - A parallel phase that likely drains all marking worklists;
> > - A single-threaded final phase to catch any left overs;
> >
> > This avoids artificial splitting in phases and also avoids repeated
> > starting and joining of jobs.
> >
> > Change-Id: I5cccfc5777837d9ece10d8f4925781bf2d07d9da
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602507
> > Reviewed-by: Omer Katz <omerkatz@chromium.org>
> > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> > Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
> > Cr-Commit-Position: refs/heads/main@{#80265}
>
> Change-Id: I26648da361b92d787c173aa9d390100ce8958728
> Bug: chromium:1320896
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616519
> Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Omer Katz <omerkatz@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80301}

Bug: chromium:1320896
Change-Id: I01742f25d54de8e4e22fefe87ce61ba295950baa
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620286
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80311}
2022-05-02 16:30:14 +00:00
Darshan Sen
232f5c7e48 [diagnostics] Guard GetCategoryGroupName behind V8_USE_PERFETTO ifdef
I was trying to build chromium with Perfetto enabled and I ran into this
compilation error:
```
../../v8/src/libplatform/tracing/recorder-win.cc(48,42): error: no member named 'GetCategoryGroupName' in 'v8::platform::tracing::TracingController'
                      TracingController::GetCategoryGroupName(
                      ~~~~~~~~~~~~~~~~~~~^
1 error generated.
```
This happens because the GetCategoryGroupName() function is added to
the TracingController class only if Perfetto is disabled.

Signed-off-by: Darshan Sen <raisinten@gmail.com>
Change-Id: If53dab5ea9b8c3e2f69e8e84c8d6ba06ee3c496e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616427
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80310}
2022-05-02 15:12:54 +00:00
Patrick Thier
ee247818e6 [string] Fix string table lookup with SlicedStrings
https://crrev.com/c/3571817 introduced a bug that string table lookups
failed on SlicedStrings with a start offset of 0.
This CL fixes the issue by re-using the already computed hash only
if the length of the source string matches the length of the string to
lookup.

Bug: chromium:1320179, chromium:1321573
Change-Id: Ic8755a0266a9ec67fe5eb9c96fdab1b55d5009f2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616723
Auto-Submit: Patrick Thier <pthier@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80309}
2022-05-02 14:47:44 +00:00
jameslahm
6e586b4890 [sampler] Fix data race in Sampler::DoSample
In Sampler::DoSample, we only guard SignalHandler::Installed before
and Sampler::Stop may happen at the same time, which may cause SIGPROF
signal handler was already restored before SIGPROF was emit and trigger
profiling timer expired. This CL changes Sampler::DoSample to use
SignalHandler::mutex() to guard the entire function and also change
the mutex to recursive mutex.

Bug: v8:12838
Change-Id: I5195742ecdbade342986755233840d7be5d83c62
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616429
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#80308}
2022-05-02 14:40:44 +00:00
Camillo Bruni
a42a2f4183 [tools] Add variants support for run_perf.py
We usually run benchmarks in multiple variants: default, future, noopt
This is currently only achieved by copying the run-perf json file and
changing the flags at the top-level (or copy whole subsections).

Using "variants" we can duplicate the tests at the current level with
different values and easily create benchmarks that differ only in v8
flags.

Drive-by-fix:
- Add Node.__iter__ and log the whole config graph in debug mode
- Add GraphConfig.__str__ method for better debugging
- Rename TraceConfig to LeafTraceConfig
- Rename RunnableTraceConfig to RunnableLeafTraceConfig
- Make --filter accept a regexp to better filter out variants

Bug: v8:12821, v8:11113
Change-Id: I56a2ba2dd24da15c7757406e9961746219cd8061
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596128
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80307}
2022-05-02 14:28:15 +00:00
Jakob Linke
0e9a55d24f Reland "Reland "[osr] Use the new OSR cache""
This is a reland of commit 9145388055

Fixed: properly reference the ClearedValue in CSA (i.e. without
the cage_base upper 32 bits).

Original change's description:
> Reland "[osr] Use the new OSR cache"
>
> This is a reland of commit 91da38831d
>
> Fixed: Use an X register for JumpIfCodeTIsMarkedForDeoptimization
> on arm64.
>
> Original change's description:
> > [osr] Use the new OSR cache
> >
> > This CL switches over our OSR system to be based on the feedback
> > vector osr caches.
> >
> > - OSRing to Sparkplug is fully separated from OSR urgency. If
> >   SP code exists, we simply jump to it, no need to maintain an
> >   installation request.
> > - Each JumpLoop checks its dedicated FeedbackVector cache slot.
> >   If a valid target code object exists, we enter it *without*
> >   calling into runtime to fetch the code object.
> > - Finally, OSR urgency still remains as the heuristic for
> >   requesting Turbofan OSR compile jobs. Note it no longer has a
> >   double purpose of being a generic untargeted installation
> >   request.
> >
> > With the new system in place, we can remove now-unnecessary
> > hacks:
> >
> > - Early OSR tierup is replaced by the standard OSR system. Any
> >   present OSR code is automatically entered.
> > - The synchronous OSR compilation fallback is removed. With
> >   precise installation (= per-JumpLoop-bytecode) we no longer
> >   have the problem of 'getting unlucky' with JumpLoop/cache entry
> >   mismatches. Execution has moved on while compiling? Simply spawn
> >   a new concurrent compile job.
> > - Remove the synchronous (non-OSR) Turbofan compile request now
> >   that we always enter available OSR code as early as possible.
> > - Tiering into Sparkplug no longer messes with OSR state.
> >
> > Bug: v8:12161
> > Change-Id: I0a85e53d363504b7dac174dbaf69c03c35e66700
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596167
> > Commit-Queue: Jakob Linke <jgruber@chromium.org>
> > Auto-Submit: Jakob Linke <jgruber@chromium.org>
> > Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> > Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> > Cr-Commit-Position: refs/heads/main@{#80147}
>
> Bug: v8:12161
> Change-Id: Ib3597cf1d99cdb5d0f2c5ac18e311914f376231d
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3606232
> Auto-Submit: Jakob Linke <jgruber@chromium.org>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80167}

Bug: v8:12161,chromium:1320189
Change-Id: Ibd9a2ab61f51ebb32a3f5a66f7c602faead71c3e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620273
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80306}
2022-05-02 14:26:14 +00:00
Milad Farazmand
3b5ba5a8ba Revert "PPC/S390: Reland "[osr] Use the new OSR cache""
This reverts commit c575e8ae97.

Reason for revert: Original CL reverted https://crrev.com/c/3615219.

Original change's description:
> PPC/S390: Reland "[osr] Use the new OSR cache"
>
> Port 9145388055
>
> Original Commit Message:
>
>   This is a reland of commit 91da38831d
>
>   Original change's description:
>   > Fixed: Use an X register for JumpIfCodeTIsMarkedForDeoptimization
>   > on arm64.
>   > Bug: v8:12161
>
> Change-Id: I6e63bd5995340bac32654ef12c52d25b496140e3
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607997
> Reviewed-by: Junliang Yan <junyan@redhat.com>
> Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
> Cr-Commit-Position: refs/heads/main@{#80194}

Change-Id: I977e59238e1f03c21307c1499cde8b567d1e3e2c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620538
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: Milad Farazmand <mfarazma@redhat.com>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#80305}
2022-05-02 13:36:44 +00:00
Anton Bikineev
5c92b06ead cppgc: young-gen: Fix compilation and tests with cppgc_enable_young_gen
The CL prepares the sources and the tests for enabling
cppgc_enable_young_generation by default. The static initializer
in YoungGenerationEnabler (due to v8::base::Mutex) changed to be lazy.
The tests are now checking the runtime flag.

Bug: chromium:1029379
Change-Id: I1497a3dd2b8d62c1acd48496821f07324b7944d5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616726
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Anton Bikineev <bikineev@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80304}
2022-05-02 13:34:04 +00:00
Dominik Inführ
d489e88cdf [heap, runtime] Do not invalidate all slots in DeleteObjectPropertyFast
When deleting a JSObject's last property, only that particular slot
in the old-to-new rememebered set needs to be deleted. The object's
slots don't need to be invalidated anymore since V8 doesn't use
unboxed doubles anymore. While the runtime could install another
property at this address, it will therefore always be a tagged pointer.

Bug: v8:12578, chromium:1316289
Change-Id: Ief072f58e53501c1c1f01c902e21467a37ccdc3c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620274
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80303}
2022-05-02 13:20:44 +00:00
Leszek Swirski
9b78282370 Revert "[web snap] Support Symbols"
This reverts commit 1267e51873.

Reason for revert: Turned out to not support them: https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket/8815278972589078465/+/u/Bisect_1267e518/Retry/web-snapshot-4

Original change's description:
> [web snap] Support Symbols
>
> Bug: v8:11525,v8:12820
> Change-Id: Ie8b1bbe209d8bb6f759623ea01223a05d11090aa
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616514
> Commit-Queue: Marja Hölttä <marja@chromium.org>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80299}

Bug: v8:11525,v8:12820
Change-Id: Ia0107dfec12e72dc976348985e5c35dac28c170a
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620278
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Owners-Override: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#80302}
2022-05-02 13:04:14 +00:00
Michael Lippautz
25e3225286 Reland "[heap] Refactor atomic marking phase"
This is a reland of commit a3f66927f9

The reland addresses a few CHECKs that were too agressive and also
properly adjusts Oilpan's marking configurations depending on V8's
flags.

Original change's description:
> [heap] Refactor atomic marking phase
>
> The atomic marking phase was organized in many distinct smaller
> phases. In particular, before http://crrev.com/c/3584115 the marking
> phase split into two large separate phases.
>
> This CL reorganizes marking into two phases that perform regular V8
> heap marking, Oilpan, and ephemerons:
> - A parallel phase that likely drains all marking worklists;
> - A single-threaded final phase to catch any left overs;
>
> This avoids artificial splitting in phases and also avoids repeated
> starting and joining of jobs.
>
> Change-Id: I5cccfc5777837d9ece10d8f4925781bf2d07d9da
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602507
> Reviewed-by: Omer Katz <omerkatz@chromium.org>
> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80265}

Change-Id: I26648da361b92d787c173aa9d390100ce8958728
Bug: chromium:1320896
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616519
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80301}
2022-05-02 12:14:44 +00:00
Marja Hölttä
2f434c47d0 [web snap] Bypass errors when encountering sealed / frozen arrays
Integrity levels are not handled yet (but there's a TODO now).

Bug: v8:11525, v8:12820
Change-Id: Id72e49b363615e51ec89a353101cc4cf76ccbab4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616515
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80300}
2022-05-02 11:19:09 +00:00
Marja Hölttä
1267e51873 [web snap] Support Symbols
Bug: v8:11525,v8:12820
Change-Id: Ie8b1bbe209d8bb6f759623ea01223a05d11090aa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616514
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80299}
2022-05-02 11:18:05 +00:00
jameslahm
1609f3b9f4 [runtime] Add TODO to check expected_parts
... not exceeding the maximum size of the backing store
before ReplacementStringBuilder in StringReplaceGlobalRegExpWithString.

Bug: v8:12843
Change-Id: I3ccf07a4e6de35a3a571ebfccc34e54eb27a0819
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616555
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#80298}
2022-05-02 11:05:25 +00:00
Victor Gomes
ac7d42c404 [maglev] Push/Pop Context bytecodes
Bug: v8:7700
Change-Id: I389574d93725fe68816eddbebeef7fbfd3e136fb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616724
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80297}
2022-05-02 10:08:04 +00:00
Maksim Sadym
c674a1f608 Follow-up after https://crrev.com/c/3472077
1. Use `StringBuffer` instead of `StringView` in `WebDriverValue`.
2. Add some `DCHECK`s.
3. Reserve vector size.
4. Respect properties with `undefined` values.
5. Minor clean-ups.

Change-Id: Ic109acb1e3adf2d950767173c17a9203e3c816dc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596173
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Auto-Submit: Maksim Sadym <sadym@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80296}
2022-05-02 09:54:03 +00:00
jameslahm
76751fc3aa [test] Update unittests.status for tests
... moved into unittests.

- test-compiler was moved under https://chromium-review.googlesource.com/c/v8/v8/+/3596442. And move
test-compiler/DeepEagerCompilationPeakMemory to
unittests.status. Remove test-compiler/DecideToPretenureDuringCompilation
because it has been removed in https://chromium-review.googlesource.com/c/v8/v8/+/2839550.
- test-code-pages was moved under https://chromium-review.googlesource.com/c/v8/v8/+/3599404.
- test-api/TEST(TryCatch...) was moved under https://chromium-review.googlesource.com/c/v8/v8/+/3586770. And added
''APIExceptionTest.*': [SKIP],' in unittests.status
according to here https://source.chromium.org/chromium/chromium/src/+/master:v8/test/cctest/cctest.status;l=549.


Bug: v8:12781
Change-Id: Ie5067c1312c9d69f75d3efb831e15bea2eb38fa1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3612665
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#80295}
2022-05-02 09:52:04 +00:00
Marja Hölttä
00c9fce3e9 [web snapshots] Fix: enable snapshotting w/ multiple source files
Bug: v8:11525
Change-Id: Ifec7ff76b5407d61f339d298a6f2eabbe77b7731
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3613398
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80294}
2022-05-02 08:43:34 +00:00
Marja Hölttä
095f56ab94 [rab/gsab, mips] Fix length checks on MIPS
Bug: v8:11111
Change-Id: I9bd8db01232d147e309711837e69177a84600787
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616501
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80293}
2022-05-02 07:10:33 +00:00
Benedikt Meurer
d821a6a373 [inspector] Fix mapping between location and offset.
We weren't really translating between location (line and column number)
and source position (character offset) consistently, especially when it
came to inline <script>s. There were also inconsistencies between what
Debugger.getPossibleBreakpoints and Debugger.setBreakpointByUrl would
do.

With this CL, we are now consistently operating under the following
assumptions:

(1) For inline <scripts>s with a //@ sourceURL annotation, we assume
    that the line and column number that comes in via the protocol is
    in terms of the source text of the script.
(2) For inline <script>s without said annotation, we assume that the
    line and column numbers are in terms of the surrounding document.

This is finally aligned with how the DevTools front-end operates.

Fixed: chromium:1319828
Change-Id: I98c4ef04b34a97caf060ff4f32690b135edb6ee6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3610622
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80292}
2022-05-02 06:33:54 +00:00
Igor Sheludko
1a80bfc1d5 Revert "Reland "[heap] Store size with invalidated object""
This reverts commit 23b2d571a7.

Reason for revert: Breaks the V8 roll https://ci.chromium.org/ui/p/chromium/builders/try/linux-rel/1000394/

Original change's description:
> Reland "[heap] Store size with invalidated object"
>
> This is a reland of commit 5d235def26
>
> The previous version of this CL got reverted because the cached
> size of an invalidated object wasn't up-to-date when performing a GC.
>
> Not all size changes go through NotifyObjectLayoutChange, so
> https://crrev.com/c/3607992 introduced NotifyObjectSizeChange as a
> bottleneck for object size changes/right-trimming. This method is
> now used to update the size of invalidated objects.
>
> Original change's description:
> > [heap] Store size with invalidated object
> >
> > When updating pointers during a full GC, a page might not be swept
> > already. In such cases there might be invalid objects and slots recorded
> > in free memory. Updating tagged slots in free memory is fine even though
> > it is superfluous work.
> >
> > However, the GC also needs to calculate the size of potentially dead
> > invalid objects in order to be able to check whether a slot is within
> > that object. But since that object is dead, its map might be dead as
> > well which makes size calculation impossible on such objects. The CL
> > changes this to cache the size of invalid objects. A follow-up CL will
> > also check the marking bit of invalid objects.
> >
> > Bug: v8:12578, chromium:1316289
> > Change-Id: Ie773d0862a565982957e0dc409630d76552d1a32
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599482
> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> > Reviewed-by: Jakob Linke <jgruber@chromium.org>
> > Reviewed-by: Patrick Thier <pthier@chromium.org>
> > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> > Cr-Commit-Position: refs/heads/main@{#80169}
>
> Bug: v8:12578, chromium:1316289
> Change-Id: I1f7c6070b8e7d116aeb1a8d03d4f87927ab40872
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3608632
> Reviewed-by: Jakob Linke <jgruber@chromium.org>
> Reviewed-by: Patrick Thier <pthier@chromium.org>
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80262}

Bug: v8:12578, chromium:1316289
Change-Id: I88b73ebe09bb923ba4ac57b0dbdceb08a1badd99
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616730
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Owners-Override: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80291}
2022-05-02 06:02:44 +00:00
v8-ci-autoroll-builder
b6ef3733dd Update google_benchmark
Rolling v8/third_party/google_benchmark/src: dc901ff..8d86026

Enable -Wconversion (#1390) (Dominic Hamon)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/8d86026

Add benchmark labels to the output of the comparison tool (#1388) (Dominic Hamon)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/b0d5adf

Filter out benchmarks that start with "DISABLED_" (#1387) (Dominic Hamon)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/a162a38

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com,mlippautz@chromium.org

Change-Id: Ie49d074a433a737113c2bfe53d677fc112756df6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3615246
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#80290}
2022-05-02 05:59:03 +00:00
v8-ci-autoroll-builder
4937db875a Update ICU
Rolling v8/third_party/icu: 5fb93cb..85814e1

CP PR 2070 fix int32 overflow (Frank Tang)
https://chromium.googlesource.com/chromium/deps/icu/+/85814e1

CP two ICU security patches (Frank Tang)
https://chromium.googlesource.com/chromium/deps/icu/+/a47bd43

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com,ftang@chromium.org

Change-Id: I2719b470184f94ad06b1920f0649628be3c93bf5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3615243
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#80289}
2022-05-01 06:02:20 +00:00