Commit Graph

63883 Commits

Author SHA1 Message Date
Almothana Athamneh
3927c9c481 Override _runner_flags for num_fuzzer.py
This CL ensures that we add the
'--fuzzing' flag to the num_fuzzer script.
Please note that NumFuzzer does not inherit the
StandardTestRunner class but it inherits
BaseTestRunner so we had to override _runner_flags.

Bug: v8:10755
Change-Id: Ifb779ba402106b8f2ce4d0e13090ef2db468a6ae
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335185
Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69241}
2020-08-05 11:05:32 +00:00
Maya Lekova
ce4a5f4c41 [turbofan] Add tests for int64 in fast API calls
Bug: chromium:1052746
Change-Id: I5c60625b25279866816a2f928e84d728b3f04d51
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2332157
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69240}
2020-08-05 10:51:12 +00:00
Clemens Backes
0c837e8342 [wasm] Switch compilation to Jobs API
Use the new jobs API for WebAssembly compilation. This avoids having to
schedule as many background tasks as there are worker threads. Instead
the one job specifies the maximum concurrency, which changes dynamically
as new compile jobs become available.
This also avoids the artificial deadline we used to ensure that other
tasks get some share of the CPU resources if needed.

Even though this CL moves actual wasm function completely over to the
Jobs API, other similar tasks (like wrapper compilation) are still using
the Task API and need to be ported in a follow-up CL.
Also, we are still using the same priority for baseline compilation and
tier up. We should split this in a follow-up CL to have two jobs with
different priorities. This will also allow us to only block on baseline
compilation where we currently block on both.

R=ahaas@chromium.org
CC=gab@chromium.org

Bug: chromium:1101340
Change-Id: I5656697753346e5fdb15d578425cdb949ac6e364
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_isolates_rel_ng
Cq-Include-Trybots: luci.chromium.try:linux-rel
Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2280100
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69239}
2020-08-05 08:30:11 +00:00
Zeynep Cankara
ebe332192b [tools][system-analyzer] Change theme after data load
This CL initialises the change theme button in
correct place and adds the functionality to change
theme after the data load.

Bug: v8:10644

Change-Id: I7397933ff9d12a2ac270d025df1b3327801d89be
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2336800
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Zeynep Cankara <zcankara@google.com>
Cr-Commit-Position: refs/heads/master@{#69238}
2020-08-05 07:37:57 +00:00
Martin Bidlingmaier
55891c3c3a [regexp] Add experimental regexp engine flags
R=jgruber@chromium.org

Bug: v8:10765
Change-Id: Iae389bd129784c08287dec7c4cb8ebeaa6a6120c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2336794
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69237}
2020-08-05 07:05:47 +00:00
v8-ci-autoroll-builder
6e1c7aa181 Update V8 DEPS.
Rolling v8/build: b2c431c..2e78142

Rolling v8/buildtools: 6139217..1ecfe3c

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/ce6a663..ac60992

Rolling v8/third_party/depot_tools: 6c7b829..486f181

Rolling v8/third_party/zlib: a21a4e8..7492de9

TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com

Change-Id: I20f8da749d85439c36f09fe1cc30254094601e9e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2337006
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#69236}
2020-08-05 03:45:26 +00:00
Tamer Tas
6ac90d5595 [test] don't filter out the fuzzer tests
fuzzer testsuite tests are not run due to a missing subclass method '_should_filter_by_name' in fuzzer/testcfg.py

This CL fixes the filtering for the 'fuzzer' testsuite

R=machenbach@chromium.org

Bug: v8:10770
Change-Id: I9a4b0e0c6c79f4b525ee284df343acccc965f732
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2336802
Auto-Submit: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69235}
2020-08-04 19:50:28 +00:00
Milad Farazmand
aea23ef04c PPC: [wasm-simd] Fix S128Not on PPC
As this is a unary operation src operands must be the same.

Change-Id: Id6e3b11fdb942596c05c38591379e6d9fd71f19e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2332865
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#69234}
2020-08-04 18:39:18 +00:00
Ng Zhi An
e3caf3f524 [wasm-simd] Add regression test for i64x2.shr_s bug
This test uses a i64x2.shr_s to shift a v128 with all bits set by 1,
resulting in v128 with all bits set (no change). This value is then
dropped, and param[2] (3), is returned.

Without the fix, -1 is returned, since i64x2.shr_s overwrites the
register for param[2] with 0xffffffff.

Bug: v8:10752
Bug: chromium:1111522
Change-Id: I0310bf6039be780a6738689069cdbcfa3a24bbdb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335779
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69233}
2020-08-04 17:51:45 +00:00
Milad Farazmand
b0193f2dc9 PPC: [wasm-simd] optimize usage of lvx and stvx.
We can use r0 itself without the need of loading it with "0",
if it is used as the first input of MemOperand.

Change-Id: I71aafea8bba098f925c55eb9127c6b37ac37cb7b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2332864
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#69232}
2020-08-04 17:27:05 +00:00
Ng Zhi An
732dba60fb [wasm-simd][liftoff][x64] Optimize shuffles (swizzles)
Swizzles are shuffles that only use values from 1 operand, e.g.
v8x16.shuffle 0 1 2 3 0 0 0 0 4 5 6 7 0 0 0 0 (all the values are < 16).

Match such patterns and emit an optimized codegen that uses less
registers and instructions. Only implemented for x64 for now, the other
backends will come in follow-up patches.

Bug: v8:10696
Change-Id: Iffa694b04c97313eab7d138e4bdad7c0c85cda89
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335419
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69231}
2020-08-04 17:03:05 +00:00
Shu-yu Guo
4779459493 [optional-chaining] Check optionality last when checking for direct eval
Bug: chromium:1112221
Change-Id: I402df2071eed82f44669910cf8e234f727e09581
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335549
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69230}
2020-08-04 16:05:34 +00:00
Mythri A
1a033ae82f [test] Reduce iteration count in elements-kind test
Change-Id: I0117b0c2b646cb1005b63e9648d604b26581d977
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335187
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69229}
2020-08-04 15:58:04 +00:00
Dominik Inführ
1742d2561f [heap] Add safepoints in Heap GC methods
Add safepoints to GC methods in Heap. There is still stuff in
Heap::CollectGarbage which might work better or more precise in a global
safepoint. Be conservative here and move everything into the safepoint,
eventually we can start to move code out that is fine to run outside
the safepoint.

Bug: v8:10315
Change-Id: I656dfd72f032eff6f386cec63a02777506650aa7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335192
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69228}
2020-08-04 15:38:44 +00:00
Milad Farazmand
64c52438ed PPC: [wasm-simd] Add support for Simd128 moves and swaps
Change-Id: Ie2668026c5b55af8813f159277bdbc83116c1a00
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2336776
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#69227}
2020-08-04 14:57:54 +00:00
Ross McIlroy
b4eef0890a [TurboProp] Move MidTierRegisterAllocator out of header.
Only expose top-level functions for DefineOutputs and AllocateRegisters in
the mid-tier register allocator, rather than exposing the MidTierRegisterAllocator
object, to be in-line with AllocateSpillSlots and PopulateReferenceMaps.

BUG=v8:9684

Change-Id: I93dcff77f5e50dab9b373b4415029361078d58e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2323361
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69226}
2020-08-04 14:30:34 +00:00
Dominik Inführ
c16a3baafd [heap] Reduce size of large object in StressConcurrentAllocatorTask
This ensures that large object has exactly the size of a regular page.
Avoids wasting memory due to alignment.

Bug: v8:10315
Change-Id: Ife8051313f1ea8c1fc0ba0afcc4e5db11f27adca
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335191
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69225}
2020-08-04 14:16:44 +00:00
Dominik Inführ
14a5a6ad30 [heap] LocalAllocationBuffer needs to use CreateFillerObjectAtBackground
LocalAllocationBuffer is used on the background thread so it needs
to use CreateFillerObjectAtBackground for creating filler objects.

Bug: v8:10315
Change-Id: Ifc22d87e1e835cfdd65d82fc79b20ee74b2c87b1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2336795
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69224}
2020-08-04 14:12:44 +00:00
Kim-Anh Tran
5c8492903b [debug] Add CDP method to support skipLists
This adds CDP methods to support skipping locations
on stepOver and stepInto.

Bug: chromium:1105765
Change-Id: I8b902009883807082cf5fda0411b992e90dee81d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335181
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69223}
2020-08-04 12:01:44 +00:00
Zeynep Cankara
ca3f16d047 [tools][system-analyzer] Timeline track dblclick for selecting entries
Add functionality to emit an event upon double
clicking on an event type on the timeline track
selected entries panel.

Bug: v8:10644

Change-Id: I54d4397abfeab471f01c2b24bae4eb1ff705afcd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2328787
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Zeynep Cankara <zcankara@google.com>
Cr-Commit-Position: refs/heads/master@{#69222}
2020-08-04 11:21:34 +00:00
Dan Elphick
967773dca4 [heap] Reenable UnmapOnTeardown test
Test now passes even if RO_SPACE sharing is enabled.

Bug: v8:10454
Change-Id: Ic7377c3367199383bb6a96a9beedcc52bbc3362f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335184
Commit-Queue: Dan Elphick <delphick@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Auto-Submit: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69221}
2020-08-04 10:38:34 +00:00
Manos Koukoutos
65530e72e1 [wasm-gc] Test improvements/additions.
Changes:
- Fix error message typo in function-body-decoder.
- Generalize wasm test macros related to reference types.
- Change wasm-gc test API to return bytes.
- Add unittests for ref.test/cast.

Bug: v8:7748
Change-Id: I361987e0b6ac90c4e89a49a8abc125757a5fc8d0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2317319
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69220}
2020-08-04 09:51:24 +00:00
Georg Neis
09fcc0628a [turbofan] Fix position of ObjectBoilerplateDescription in *Ref list
This was wrong because ObjectBoilerplateDescription is a subclass of
FixedArray. The wrong order didn't cause problems because we explicitly
call the ObjectBoilerplateDescription constructor in the places that
matter.

Bug: v8:7790
Change-Id: I63b6b8741472862d2b1b9b843d7aa2490c620f87
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335180
Commit-Queue: Georg Neis <neis@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69219}
2020-08-04 09:41:06 +00:00
Zeynep Cankara
71e0331137 [tools][system-analyzer] Convert App to MVC Pattern
This CL aims to clean the code in App Class to
handle State, View according to the Model-View-Controller
design pattern.

Bug: v8:10644, v8:10735

Link: https://docs.google.com/presentation/d/1ssCIWKS5TIp_PHZRUx2BfElEz6JFrYzz_Ce1h1g8ZBg/edit?usp=sharing

Change-Id: Ie36d437df0df574f505a4396b26526a82215f237
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2324247
Commit-Queue: Zeynep Cankara <zcankara@google.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69218}
2020-08-04 09:30:02 +00:00
Dominik Inführ
6fff575847 [heap] Let --stress-concurrent-allocation allocate large objects
Let StressConcurrentAllocatorTask allocate small, medium and large
objects to test different code paths.

Bug: v8:10315
Change-Id: Ifff7e91bc95f0d926a58321b481183e9acf8bd32
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335182
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69217}
2020-08-04 09:22:22 +00:00
Dominik Inführ
9fff9a73bb Reland "[heap] Refactor allocation observer in AllocationCounter"
This is a reland of b354e344fd

This CL adds 3 fixes:

* Unprotect code object before creating filler
* Allows AllocationObserver::Step to add more AllocationObservers
* Update limit in NewSpace::UpdateLinearAllocationArea

Original change's description:
> [heap] Refactor allocation observer in AllocationCounter
>
> Moves accounting of allocation observers into the AllocationCounter
> class. This CL removes top_on_previous_step_ for counters that are
> increased regularly in the slow path of the allocation functions.
>
> AdvanceAllocationObservers() informs the AllocationCounter about
> allocated bytes, InvokeAllocationObservers() needs to be invoked when
> an allocation step is reached. NextBytes() returns the number of bytes
> until the next AllocationObserver::Step needs to run.
>
> Bug: v8:10315
> Change-Id: I8b6eb8719ab032d44ee0614d2a0f2645bfce9df6
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2320650
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#69170}

Bug: v8:10315
Change-Id: I89ab4d5069a234a293471f613dab16b47d8fff89
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2332805
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69216}
2020-08-04 09:20:02 +00:00
Clemens Backes
dfd3c628d6 [wasm] Clean up callback triggering
A minor refactoring to the logic for triggering callbacks:
1. If compilation failed, do only trigger the kFailedCompilation event.
2. Use the TriggerCallbacks method also for triggering the
  kFailedCompilation event.

R=thibaudm@chromium.org

Bug: chromium:1101340
Change-Id: I3446d708d28068448e6eca3e637c9af673f5311d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2332171
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69215}
2020-08-04 09:10:22 +00:00
evih
bb5d535202 [wasm] Use generic wrapper only for not imported functions
Bug: v8:10701
Change-Id: I6e6d0c67889f29647ea225163cf051d3432da338
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335058
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Eva Herencsárová <evih@google.com>
Cr-Commit-Position: refs/heads/master@{#69214}
2020-08-04 08:45:32 +00:00
Jakob Gruber
3e3abae11e Minor cleanups in Code::Kind
In preparation for adding new NCI (and TP) code kinds.

- Free the unused bit in Code::flags.
- Be more precise about the flag field sizes (int32 instead of int).
- Add and refactor related static asserts.

Bug: v8:8888
Change-Id: Ice0d4df9de528de77dfb5c04279cfdc4b030efc9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2328788
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69213}
2020-08-04 07:32:41 +00:00
Benedikt Meurer
4b9f2535c8 [debug] Turn on --wasm-expose-debug-eval by default.
The DevTools front-end uses so-called Wasm evaluator modules to get to
the values of variables in scope when the wasmDWARFDebugging experiment
is turned on. We rely on the `Debugger.executeWasmEvaluator()` method in
the Chrome DevTools Protocol (CDP) to accomplish this, which in turn is
controlled by this global flag.

Since we intend to gather more feedback from selected internal /
external teams on the DWARF debugging experience, we need to ship this
flag by default to make it easier to test the new experiment without
having to fiddle with additional flags to pass to Chrome on the command
line (and asking folks whether they really started Chrome correctly).

Bug: chromium:1041362
Change-Id: I1e170383fa7a34c41eec8c4867c38b7d8e871e8b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335072
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Michael Hablich <hablich@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69212}
2020-08-04 07:02:11 +00:00
v8-ci-autoroll-builder
027fe5e1f1 Update V8 DEPS.
Rolling v8/build: edf75c7..b2c431c

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/f80ffe3..ce6a663

Rolling v8/third_party/depot_tools: 98b332f..6c7b829

TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com

Change-Id: If97b9c9eb4d56364f94f9e0453ba67b462643505
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335955
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#69211}
2020-08-04 03:31:11 +00:00
Dirk Pranke
f94e772441 Fix a Python3 compatibility issue in asm_to_inline_asm.py.
I tripped over this str/bytes issue as part of bringing up the
Chromium build under Python3.

Bug: chromium:1112471
Change-Id: I723c7d9df8bcac24c160c549a03dcbd34c1d92f6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2334222
Commit-Queue: Dirk Pranke <dpranke@google.com>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69210}
2020-08-03 22:21:55 +00:00
Michael Achenbach
9d5a1fff27 [test] Skip slow tests
No-Try: true
Change-Id: If5ed824ad3ea1a2815a0a48ed2668281733ac533
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2332603
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69209}
2020-08-03 19:57:54 +00:00
Ng Zhi An
d5c58d9d29 [wasm-simd][liftoff] Fix i64x2.shr_s overwriting scratch
x64's implementation of i64x2.shr_s was overwriting the scratch
register. kScratchRegister is used to hold the extracted lane of the
SIMD register, but in certain cases [0], is also used to back up the
value of rcx. When this happens, the supposed backed-up rcx was
overwritten (definitely) by each extract lane, so we end up restoring
an incorrect value of rcx, leading to an eventual crash in certain
benchmarks, when this extracted lane was used as a memory operand (see
linked bugs).

[0] when register holding the shift value is not rcx, which sarq_cl
relies on

Bug: v8:10752
Bug: chromium:1111522
Change-Id: Iaf3264e16f94e78bad4290783757f0b722d40411
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2334354
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69208}
2020-08-03 19:47:14 +00:00
Jakob Kummerow
799421d55b [wasm-gc] Temporary exposure of Wasm objects to JS
This is a stop-gap solution (while we wait for a proper spec)
that lets managed WasmGC objects perform round-trips through
JavaScript. On the JavaScript side, they appear as empty/opaque.

Bug: v8:7748
Change-Id: I0dd368bc14d622f3ef41871484228267359e9b5b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2316306
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69207}
2020-08-03 19:21:24 +00:00
Shu-yu Guo
c19e57ee82 Disallow \8 and \9 in strict mode and template literals
This reached consensus in the July 2020 TC39:
https://github.com/tc39/ecma262/pull/2054

Bug: v8:10769
Change-Id: Iecea1d9d9c9be5c2fbfb820aed2285719c4e6382
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2333350
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69206}
2020-08-03 18:05:14 +00:00
v8-ci-autoroll-builder
ccb6a3cf66 Update V8 DEPS.
Rolling v8/build: 7c2575f..edf75c7

Rolling v8/buildtools: 42e9461..6139217

TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com

Change-Id: I80cf25941086ec9e94f0f5806c8c550ea0210280
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2334660
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#69205}
2020-08-03 17:12:52 +00:00
Clemens Backes
c049a3bcc5 [wasm] Check that all initial reservations succeed
After allocating a new code space, we do some initial allocations in the
new space (e.g. for the jump table). These allocations are not allowed
to fail.
If this in indeed what's happening in the linked bug, this CHECK will
give fuzzers a chance to find us a reproducer.

Drive-by: Introduce {WasmCodeAllocator::kUnrestrictedRegion} to remove
magic constants.

R=ahaas@chromium.org

Bug: v8:1111266
Change-Id: Ia76721653226bd4aa346b89ffab0c80f67892794
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2333250
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69204}
2020-08-03 16:11:33 +00:00
Marja Hölttä
a2ff59bfac [Atomics.waitAsync] Simplify timeout task cancelling
If we cancel the task in the thread where it's supposed to run,
task cancelling will always succeed.

This simplifies the logic.

Bug: v8:10239
Change-Id: I3fb5c93a49c52d958aa947d693700161bc18eee5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2332807
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69203}
2020-08-03 15:37:13 +00:00
Marja Hölttä
0a8ca7ebee [OWNERS] futex-emulation owners += marja
The majority of the content is the Atomics.waitAsync implementation
which I wrote.

"git blame" shows I've touched 123 / 274 lines in futex-emulation.h and
551 / 875 lines in futex-emulation.cc.

(Status before https://chromium-review.googlesource.com/c/v8/v8/+/2319989 which was moving
code around.)

No-Try: True
Change-Id: Ib31dc0bb778aed90d5c4c56ccb0e556655ce6946
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2332813
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69202}
2020-08-03 15:30:53 +00:00
Liviu Rau
56bf834a2b Use relative paths in V8 DEPS
Bug: chromium:1112260
Change-Id: I8c225594b48c4c2c69b6fde21ba65f8693e078c8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335065
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69201}
2020-08-03 15:27:03 +00:00
Georg Neis
e59e41512d [ic] Stay on the fast path for JSArray::kMaxArrayIndex
... since it's still a valid index.

Change-Id: I498ff27898cefa5df752ac0ad73408ce76ac06c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2327911
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69200}
2020-08-03 15:22:23 +00:00
Tobias Tebbi
02b0fc0beb [turbofan] make constant fold comments more readable
Change-Id: I5e31bbce2bfbf0effa2c660a67ec88bcd49d06a8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335054
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69199}
2020-08-03 14:41:23 +00:00
Ross McIlroy
809e2f613b [TurboProp] Support non-simple fp aliasing in fast reg alloc.
Adds support for non-simple fp aliasing (e.g., Arm) for the fast
register allocator.

BUG=v8:9684

Change-Id: I6717ef1c6cb4e585fa4b6ea8cea7087e68f441e9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2300483
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69198}
2020-08-03 13:45:24 +00:00
Jakob Gruber
64504e7343 [parser] Ensure the isolate is not null in UpdateStatistics
A stricter V8-side check to flush out the linked bug.

Bug: v8:10460
Change-Id: I20a0026e35719632e90f0a00bc49eb27d81b273b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335061
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69197}
2020-08-03 13:40:12 +00:00
Tobias Tebbi
efa3793290 [turbofan] enable constant folding for 64bit comparisons
Change-Id: Id545ca00106fb54ee08078177ad7f24842752afe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2332799
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69196}
2020-08-03 12:17:02 +00:00
Dominik Inführ
a731b86ec9 [heap] Enable concurrent allocation of old space large objects
Allow the allocation of large old space objects through
LocalHeap::AllocateRaw. OldLargeObjectSpace::AllocateRawBackground will
allocate a large object on the background thread.

Bug: v8:10315
Change-Id: I9212f0c6770855dbe33490516aae7056987e192d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2332804
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69195}
2020-08-03 11:38:42 +00:00
Omer Katz
75d4b18a77 heap: Fix TracedReference::IsEmptyThreadSafe again
reinterpret_cast to std::atomic was missing const.

Bug: chromium:1108537
Change-Id: Ib737418bddbef6774deafa9714b0efcf2e3fd07c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2332797
Auto-Submit: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69194}
2020-08-03 09:37:02 +00:00
Dominik Inführ
3cb519617d [heap] Introduce LocalHeap::AllocateRaw method
LocalHeap::AllocateRaw will be similar to Heap::AllocateRaw and
handle all allocations. LocalHeap::AllocateRawOrFail will perform a GC
and afterwards retry the allocation in a loop.

Bug: v8:10315
Change-Id: I68468962cf9102697aa547b2aa05c7ec6bafd19e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2332801
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69193}
2020-08-03 09:12:42 +00:00
Dominik Inführ
d8528e1d7e [heap] Incorporate code_lo_space_ in OldGenerationSizeOfObjects()
Bug: v8:10315
Change-Id: Ic0ccaa608c9b11258e6923919d3e72d23cedc5c2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2333249
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69192}
2020-08-03 09:10:53 +00:00