Commit Graph

72132 Commits

Author SHA1 Message Date
Joyee Cheung
d28bfcd570 [class] refactor ClassFields benchmarks and copy them into JSTests3
This patch refactors the ClassFields benchmarks and makes the results
detection work properly. Previously the errors weren't caught since
the ClassFields benchmarks don't get run in the perf_integration
step in the CI.

- Instead of putting different configs (single/multiple fields, type
  of fields, etc.)in the JSON configuration, we now group the related
  benchmarks into the same script and run the different configurations
  in the scripts directly. Only the optimization status is now
  controlled in JSON. All the class fields definition benchmarks are
  merged into initialize-class.js.
- Update the number of local iterations of evaluate-class.js to 100
  (similar to most of other benchmarks) to keep the time spent on
  this benchmark similar to that of other benchmarks.

In addition, copy the configs to JSTests3 so that the benchmarks gets
run by the perf_integration step and we can see the graphs on
http://chromeperf.appspot.com/report. These can be removed
when the ClassFields benchmark results are generated there too.

Bug: v8:10793, v8:9888
Change-Id: I4e677bdc7b582650f39cf6e9ec02775c57fd04ab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3226550
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77640}
2021-11-02 08:44:43 +00:00
Manos Koukoutos
48b2b89176 [wasm] Simplify 'ref' field for API-defined functions
Design doc:  https://bit.ly/3jEVgzz

Summary:
We change the context for WasmJSFunction and WasmCapiFunction from a
tuple containing the instance to a triple WasmAPIFunctionRef =
{isolate root, context, callable}. This way we do not have to maintain
the correct instance at runtime. Also, a few places in the code get
simplified.

Changes:
- In WasmGraphBuilder, support having a WasmAPIFunctionRef at parameter
  0.
- Remove unpacking of (instance, callable) tuple from code generators.
- Remove the part in WasmGraphBuilder and LiftoffCompiler that used to
  set the instance field of the function reference.
- Modify code that handles the 'ref' field in wasm-objects.*, factory.*
  and c-api.cc.
- Fix the recorded safepoint address for arm when calling a C function
  from wasm.
- (Drive-by) Remove WasmAllocatePair.

Bug: v8:11510
Change-Id: I2a4ef3abaf9da36c4a2d85b434965a40a289b9ec
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3236719
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77639}
2021-11-02 07:55:43 +00:00
Andreas Haas
a3cbf9af1e [wasm] Disable dynamic tiering for debug code
R=jkummerow@chromium.org

Bug: v8:12281
Change-Id: If0ef4861d6466da211a799916e62234d458c2614
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253357
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77638}
2021-11-02 07:13:23 +00:00
v8-ci-autoroll-builder
5a86979234 Update V8 DEPS.
Rolling v8/build: d552bed..1eb779c

Rolling v8/buildtools/linux64: git_revision:f847b5744a81d23b96de3f2e56ce0398f550bd0e..git_revision:8926696a4186279489cc2b8d768533e61bba73d7

Rolling v8/third_party/aemu-linux-x64: oGlyr7Yd3bVAIOk9ix9USsqpL5HzLbxt5CyB54MmvJ4C..hys6gk1KOHMz9nURGWen255HiLIaVd3e4eZfa-w6l7oC

Rolling v8/third_party/android_ndk: https://chromium.googlesource.com/android_ndk/+log/401019b..9644104

Rolling v8/third_party/android_sdk/public: n7svc8KYah-i4s8zwkVa85SI3_H0WFOniP0mpwNdFO0C..Yw53980aNNn0n9l58lN7u0wSVmxlY0OM1zFnGDQeJs4C

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/f10f06d..2c76b34

Rolling v8/third_party/depot_tools: 0f5bd4f..aebf624

Rolling v8/tools/clang: 729a6d1..21baac0

Rolling v8/tools/luci-go: git_revision:d1c03082ecda0148d8096f1fd8bf5491eafc7323..git_revision:68355732afb00a422ae0c70eed95c6a45f9868b1

Rolling v8/tools/luci-go: git_revision:d1c03082ecda0148d8096f1fd8bf5491eafc7323..git_revision:68355732afb00a422ae0c70eed95c6a45f9868b1

Rolling v8/tools/luci-go: git_revision:d1c03082ecda0148d8096f1fd8bf5491eafc7323..git_revision:68355732afb00a422ae0c70eed95c6a45f9868b1

TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: If41da8684b30379acac77bba4b7a6ac0f8d8a213
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3256764
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77637}
2021-11-02 03:58:31 +00:00
Lu Yahan
23c768dce9 [riscv64][wasm] Execution budget based dynamic tiering
Port commit 7a93bd647c
Port commit afd1554963

Change-Id: I7b5d59d448d210d80ee656d81c8134c780586296
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3256981
Reviewed-by: ji qiu <qiuji@iscas.ac.cn>
Commit-Queue: ji qiu <qiuji@iscas.ac.cn>
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#77636}
2021-11-02 03:38:43 +00:00
Zhao Jiazhong
34cb1ccf09 [loong64][mips][wasm] Execution budget based dynamic tiering
Port commit 7a93bd647c

Change-Id: I3d1793154b1d69fcc0dcde7b7d731cbbb326f05d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3255208
Auto-Submit: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Reviewed-by: Liu yu <liuyu@loongson.cn>
Commit-Queue: Liu yu <liuyu@loongson.cn>
Cr-Commit-Position: refs/heads/main@{#77635}
2021-11-02 02:14:53 +00:00
Lu Yahan
21157d257c [riscv64] [turbofan] Handle class constructor
Port e127f58410

Change-Id: Id0eb9205c3e94cb504340110ff6a42bc94a80cc1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3251133
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Reviewed-by: ji qiu <qiuji@iscas.ac.cn>
Commit-Queue: Yahan Lu <yahan@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#77634}
2021-11-02 01:12:56 +00:00
Zhao Jiazhong
8f93d342d7 [loong64][mips] Introduce CagedPointer
Port commit afd1554963

Since V8 heap sandbox requires pointer compression, which is not
implemented on mips64 and loong64 ports, so I just fix the build
issue in this CL.

Change-Id: Ie8f9d070c6149d85c2c870e882199ede2ebfe317
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3255207
Auto-Submit: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Reviewed-by: Liu yu <liuyu@loongson.cn>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/main@{#77633}
2021-11-02 01:11:53 +00:00
Igor Sheludko
0ba885943a [ic] Make DefineOwnIC throw if the private symbol already exists
Drive-by:
* don't create proto handlers for DefineOwnIC and StoreOwnIC,
* make sure that none of the DefineOwnIC and StoreOwnIC handlers are
  leaked into StoreIC's megamorphic stub cache.

Bug: v8:9888, chromium:1259950
Change-Id: I9db538e6ed14bc578aa80df037ffebd9e8c3c649
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250641
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77632}
2021-11-01 21:07:43 +00:00
Shu-yu Guo
43253f7a3b Revert "[off-thread] Allow off-thread top-level IIFE finalization"
This reverts commit 35a6eeecfa.

Reason for revert: TSAN failures like https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN/39084/overview

Original change's description:
> [off-thread] Allow off-thread top-level IIFE finalization
>
> Allow off-thread finalization for parallel compile tasks (i.e. for top-
> level IIFEs).
>
> This allows us to merge the code paths in BackgroundCompileTask, and
> re-enable the compiler dispatcher tests under the off-thread
> finalization flag. Indeed, we can simplify further and get rid of that
> flag entirely (it has been on-by-default for several releases now).
>
> Change-Id: I54f361997d651667fa813ec09790a6aab4d26774
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3226780
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77615}

Change-Id: I6752470eebd594bad92c7cf4e58dbe5bac53598c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3255667
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Owners-Override: Shu-yu Guo <syg@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77631}
2021-11-01 20:47:50 +00:00
Milad Fa
9acf61bc28 PPC/S390: [masm] Create helpers to manipulate arguments on the stack.
Port: 89933af67f

Bug: v8:11112
Change-Id: I59d5cf363e427e7e5157be8c9eb033a11614fad1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3251587
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#77630}
2021-11-01 20:18:31 +00:00
Shu-yu Guo
6640495b2e Revert "[cleanup] Remove RecursivelyExecuteUnoptimizedCompilationJobs"
This reverts commit 4bdc9097a3.

Reason for revert: So that [1] can revert cleanly, for TSAN
failures like [2].

[1] https://chromium-review.googlesource.com/c/v8/v8/+/3226780
[2] https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN/39084/overview

Original change's description:
> [cleanup] Remove RecursivelyExecuteUnoptimizedCompilationJobs
>
> Change-Id: Ibc33de815e869462bd0946b13867cf2667bd1c3b
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253353
> Commit-Queue: Victor Gomes <victorgomes@chromium.org>
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Auto-Submit: Victor Gomes <victorgomes@chromium.org>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77622}

Change-Id: Ic3f0ba99b6227286b2799e9e7b61df8e30b140d3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3254180
Owners-Override: Shu-yu Guo <syg@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77629}
2021-11-01 19:44:03 +00:00
Milad Fa
41c297fc5f PPC/s390: [wasm] Execution budget based dynamic tiering
Port 7a93bd647c

Original Commit Message:

    Temporarily behind a new flag: --new-wasm-dynamic-tiering
    The plan is to merge this into the existing --wasm-dynamic-tiering
    flag once it's been confirmed to be generally beneficial.

R=jkummerow@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N

Change-Id: I1ba28b60e628dc2ded33b267be62debcf1b03099
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250936
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/main@{#77628}
2021-10-30 17:56:15 +00:00
v8-ci-autoroll-builder
e982374c5b Update google_benchmark
Rolling v8/third_party/google_benchmark/src: da01c5e..4f31803

Fix un-initted error in test and fix change the API previously proposed to use std::string instead of raw char* (#1266) (Vy Nguyen)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/4f31803

TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com,mlippautz@chromium.org

Change-Id: I6d993fd5df4c55fc75648776015f0f671bda41c7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253925
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77627}
2021-10-30 05:49:52 +00:00
v8-ci-autoroll-builder
44b86dd182 Update V8 DEPS.
Rolling v8/build: 40d725c..d552bed

Rolling v8/buildtools/linux64: git_revision:79c6c1b1a24c46df5a773cc61604bb5051ca6cf4..git_revision:f847b5744a81d23b96de3f2e56ce0398f550bd0e

Rolling v8/buildtools/third_party/libc++abi/trunk: 1876d99..4c6e099

Rolling v8/third_party/aemu-linux-x64: ed-NOx1j5-wX3SbRi_OHyHn-6tFz33VbLDCFga8JWFwC..oGlyr7Yd3bVAIOk9ix9USsqpL5HzLbxt5CyB54MmvJ4C

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/819f08f..f10f06d

Rolling v8/third_party/depot_tools: b3a1a79..0f5bd4f

Rolling v8/tools/clang: f827083..729a6d1

TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I741a993592d2c6d3d68ae201915f1398b1a77fd2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253923
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77626}
2021-10-30 03:57:52 +00:00
Ng Zhi An
96e7245966 [ia32][x64][wasm] Do not require dst == lhs for i64x2.mul
There is a bit of a contradictory register requirement in the
instruction selector for i64x2.mul. We want dst == lhs (when AVX not
supported), but we also want lhs and rhs to be unique (to ensure that
that they don't alias the temp).

We remove the requirement for dst == lhs, since the code gen can handle
both cases (dst == lhs, dst != lhs), at the expense of 1 movaps.

Bug: chromium:1264462
Change-Id: Ia48572412b1f6e0da3551880d8b68a03f42fe2a3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253661
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77625}
2021-10-29 20:59:47 +00:00
Milad Fa
8cf49c2dd9 PPC/s390: Introduce CagedPointer
Port afd1554963

Original Commit Message:

    A CagedPointer is guaranteed to point into the Virtual Memory Cage and
    will for example be used for ArrayBuffer backing stores when the heap
    sandbox is enabled. In the current implementation, CagedPointers are
    stored as offsets from the cage base, shifted to the left. Because the
    cage base address is usually available in a register, accessing a
    CagedPointer is very efficient, requiring only an additional shift and
    add operation.

R=saelo@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N

Change-Id: I6d5b9da23f35b60dffecb5fc5acb9c7fa362df14
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250935
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#77624}
2021-10-29 18:25:07 +00:00
Michael Lippautz
c019bbbfe2 cppgc-js: Fix TraitTrait for v8::TracedReference
Trait requires methods taking `const void*` as they are passed along
as regular TraceCallback.

Bug: v8:12165
Change-Id: Ic5cfb8dba070e5a2c0087069086c925c5318fb8b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253354
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77623}
2021-10-29 15:32:37 +00:00
Victor Gomes
4bdc9097a3 [cleanup] Remove RecursivelyExecuteUnoptimizedCompilationJobs
Change-Id: Ibc33de815e869462bd0946b13867cf2667bd1c3b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253353
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77622}
2021-10-29 15:24:37 +00:00
Junliang Yan
0ced852203 ppc/s390: [baseline] Add placeholder for sparkplug
Change-Id: I01cfc6ad6fc57ede0f1712f9b60200ee3e9b7f5e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253347
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/main@{#77621}
2021-10-29 15:16:27 +00:00
Jakob Kummerow
7a93bd647c [wasm] Execution budget based dynamic tiering
Temporarily behind a new flag: --new-wasm-dynamic-tiering
The plan is to merge this into the existing --wasm-dynamic-tiering
flag once it's been confirmed to be generally beneficial.

Bug: v8:12281
Change-Id: I191d03170f8d5360073a45fea170f432074f7534
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3247632
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77620}
2021-10-29 14:20:26 +00:00
Michael Lippautz
39d58fd909 cppgc-js: Fix TraceTrait for TracedReference
The trait is expected to return a nullptr for the base address. This
is required for ephemeron tracing to trigger eagerly tracing a value.

This will be required when Blink uses a type alias to TracedReference.

Bug: v8:12165
Change-Id: Ibe142eaff41616c9de6ae0db9878f8489a5e4142
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253345
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77619}
2021-10-29 14:12:36 +00:00
Leszek Swirski
15b1ce39a8 [compiler-dispatcher] Port to Jobs API
Port the CompilerDispatcher to use the Jobs API, instead of its own
hand-rolled worker management.

This required some re-thinking of how testing is handled, since the
tests want to be able to

  a) Defer calls to PostTask/Job, to actuall post the jobs later. This
     was easy enough with PostTask, since we could simply store the task
     in a list and no-op, but PostJob has to return a JobHandle. The
     tests now have a DelayedJobHandleWrapper, which defers all method
     calls on itself, and because of all the unique_ptrs, there's also
     now a SharedJobHandleWrapper.

  b) Wait until tasks/jobs complete. Returning from a Task meant that
     the task had completed, but this isn't necessarily the case with
     JobTasks; e.g. a job might be asked to yield. This patch hacks
     around this by Posting and Joining a non-owning copy of the
     requested JobTask, and then re-posting it once Join returns.

Change-Id: If867b4122af52758ffabcfb78a6701f0f95d896d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2563664
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77618}
2021-10-29 13:52:56 +00:00
Nikolaos Papaspyrou
7cd4345644 heap: Fix traced time for parallel scavengers
The time spent by the parallel scavengers running on the main thread
was being added twice to the SCAVENGER_SCAVENGE_PARALLEL scope.

Change-Id: I358b28cbf56f554d04e3da927182a7c1a7568dad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253341
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77617}
2021-10-29 13:48:56 +00:00
Maya Lekova
a817c2fac2 [fastcall] Fix error handling in non-fallback case
This CL fixes an error when generating code for a fast API function
that has no fallback case, but can still fallback to the slow call
due to e.g. argument mismatch in the overloads. It also adds cctest
for overloading between TypedArray and JSArray.

Bug: chromium:1052746
Change-Id: Iee09d942cba85bed84a764bc53e98c3e36312c8d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3244421
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77616}
2021-10-29 13:45:06 +00:00
Leszek Swirski
35a6eeecfa [off-thread] Allow off-thread top-level IIFE finalization
Allow off-thread finalization for parallel compile tasks (i.e. for top-
level IIFEs).

This allows us to merge the code paths in BackgroundCompileTask, and
re-enable the compiler dispatcher tests under the off-thread
finalization flag. Indeed, we can simplify further and get rid of that
flag entirely (it has been on-by-default for several releases now).

Change-Id: I54f361997d651667fa813ec09790a6aab4d26774
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3226780
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77615}
2021-10-29 13:39:16 +00:00
Samuel Groß
afd1554963 Introduce CagedPointer
A CagedPointer is guaranteed to point into the Virtual Memory Cage and
will for example be used for ArrayBuffer backing stores when the heap
sandbox is enabled. In the current implementation, CagedPointers are
stored as offsets from the cage base, shifted to the left. Because the
cage base address is usually available in a register, accessing a
CagedPointer is very efficient, requiring only an additional shift and
add operation.

Bug: chromium:1218005
Change-Id: Ifc8c088e3862400672051a8c52840514dee2911f
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3123417
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77614}
2021-10-29 13:36:07 +00:00
Thibaud Michaud
f4b4bfdcd3 [wasm] Update stack limits on stack switch
This is done in a separate runtime function call for now, so that we can
update the limit under the ExecutionAcess lock.

Also set the thread-in-wasm flag before calling the wasm function.

R=ahaas@chromium.org
CC=​fgm@chromium.org

Bug: v8:12191
Change-Id: I914856bc261fa0f75e93620bc6597bd28bec0695
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250902
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77613}
2021-10-29 13:21:59 +00:00
Liu Yu
c249bf6f16 [loong64][mips][masm] Improve Instance Type Checks in Builtins::Call/Construct
Port commit b9a6301ef5

Change-Id: Ibc45a348fc5cca937a0663f8950877ee54cf5eb3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3239380
Auto-Submit: Liu yu <liuyu@loongson.cn>
Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/main@{#77612}
2021-10-29 13:02:42 +00:00
Tobias Tebbi
37cda58d5a [runtime] use canonical NaN string to fit Turbofan types
Bug: chromium:1264013
Change-Id: If2e504e6713617fdc1d098da3b71ffc78a4f0eb0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3251177
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77611}
2021-10-29 12:05:56 +00:00
Victor Gomes
de4ebc1d76 [google3] Test regress-crbug-1052647 is now passing
No-Try: true
Change-Id: If5b38a16aad87ae4bb9e025d004f028d321ac088
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250717
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77610}
2021-10-29 11:47:06 +00:00
Camillo Bruni
8e36452246 [api] Add v8::Isolate::IsCurrent() method
Add a helper method for isolate == v8::Isolate::TryGetCurrent();

Bug: v8:12346
Change-Id: Ibbd1ce1865b0092c8dbcfad5a3bad99fb5858980
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3251173
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Auto-Submit: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77609}
2021-10-29 11:32:27 +00:00
Kim-Anh Tran
4d9379980e Reland "[heap-snapshot] Preventing overflow in progress counter"
This is a reland of 0e006a1527
Difference:
 * progress_total_ and progress_counter_ access are guarded by
   checking if control_ is set. If not, we do not report any progress
   and both are not set.

Original change's description:
> [heap-snapshot] Preventing overflow in progress counter
>
> This prevents an overflow to happen in the heap snapshot generator.
> Furthermore it changes the relation of progress_counter_ and
> progress_total_ to always adhere to:
> * progress_counter_ <= progress_total_,
> * if: progress_counter_ == progress_total_, then it is done.
>
> With this change, if progress_counter_ happens to be bigger
> than progress_total_ (latter is an estimate), it will continue
> to report the same progress (<100%) until it is done. Before,
> it would repeatedly report 100% until it is done.
>
> Fixed: chromium:1246860
> Change-Id: Iffd3f52355632f2b35abdbb3752912ba7b8bd821
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250310
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77589}

Bug: chromium:1246860
Change-Id: I7522c1fe011954dd18828bdef507abe3e0237d42
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3251170
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77608}
2021-10-29 11:22:26 +00:00
Victor Gomes
3feb8d68ff [bazel] Fix wrong path to config pkg
No-Try: true
Change-Id: Ia96e108342167de9248475cd5cee60ae35ef81cf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3253155
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77607}
2021-10-29 11:02:56 +00:00
Michael Lippautz
5cb6033a55 Check for __has_feature() macro to fix MSVC compile
Bug: v8:12165
Change-Id: I6852686d67fac46fab536e93f8a63843f0580d3b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3251172
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77606}
2021-10-29 09:02:34 +00:00
Michael Lippautz
34c0f0fced Disable UnifiedHeapTest.TracedReferenceRetainsFromStack on Fuchsia
Test still fails after the previous fix.

No-try: true
Bug: v8:11933
Change-Id: I55100631e6f168728075234bddc6f9fd558c1e89
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3251169
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77605}
2021-10-29 07:38:29 +00:00
Liu Yu
10aa4c5894 [mips32][liftoff] Fix a doubleword load operation
If dst.low_gp and src_op_upper.rm are the same register,
then the first Ulw destroys src_op_upper.rm and the second Ulw
reads the memory from bad address.

Change-Id: I5e385296c9a95707ad2416124a2595af29176a61
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3252869
Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Auto-Submit: Liu yu <liuyu@loongson.cn>
Cr-Commit-Position: refs/heads/main@{#77604}
2021-10-29 04:33:24 +00:00
v8-ci-autoroll-builder
67e863c81b Update V8 DEPS.
Rolling v8/build: b726d24..40d725c

Rolling v8/buildtools: 850fe71..80e4f83

Rolling v8/buildtools/third_party/libc++abi/trunk: 26b1018..1876d99

Rolling v8/buildtools/third_party/libunwind/trunk: 05a4a03..9901571

Rolling v8/third_party/aemu-linux-x64: b-T2kzVLYko3mxZ2RVSJ3g5BmJMV1y3_xKMFUOTVsaYC..ed-NOx1j5-wX3SbRi_OHyHn-6tFz33VbLDCFga8JWFwC

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/60bc327..819f08f

Rolling v8/third_party/depot_tools: 673e8ed..b3a1a79

Rolling v8/tools/clang: 1ffcd5a..f827083

TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I9baf7aa60523c6bc36dce52ce699e668003cbe76
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250979
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77603}
2021-10-29 03:50:34 +00:00
jiepan
ab03285599 [x64] Implement 256-bit assembler for SSSE3/SSE4/SSE42_AVX instructions
Bug: v8:12228
Change-Id: I32efb46cd71d494de4d40301224724b41ad035a9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250410
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Jie Pan <jie.pan@intel.com>
Cr-Commit-Position: refs/heads/main@{#77602}
2021-10-29 00:14:50 +00:00
Michael Lippautz
6f66a832c9 heap: Add safe stack support for stack containment checks
Stack containment checks for slots should consider safe stacks when
they are enabled.

Bug: v8:11933, v8:12165
Change-Id: I2e2c8539c3c0a2dd795f87781ecb2942e059accc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250642
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77601}
2021-10-28 20:37:20 +00:00
Michael Lippautz
88823c8c6c heap: Fix msvc compile due to unused return value
Bug: v8:12165
Change-Id: I54c7b429708a2d6a3c4db89911b9b69fa4a5a41a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250640
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77600}
2021-10-28 18:15:00 +00:00
Leszek Swirski
eaaaed9735 [cleanup] Remove compiler.h from js-function-inl.h
Change-Id: I17104eba48919c4608d6ab7e91cb09601a2f71d1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250636
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77599}
2021-10-28 17:20:30 +00:00
Ng Zhi An
d81888bc94 [relaxed-simd][wasm] Prototype relaxed int-float trunc
4 instructions, int32x4.trunc_f32x4_{s,u},
int32x4.trunc_f64x2_{s,u}_zero.

Drive-by cleanup to wasm-interpreter to use saturated_cast.

The machine ops are named <int>Trunc<float>, dropping the "sat" since
these don't do any saturation anymore.

Bug: v8:12284
Change-Id: I2d4d6a61b819b287fee69e3eea03dd3151cfa10d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3223166
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77598}
2021-10-28 17:03:30 +00:00
Victor Gomes
715d5a3a46 [bazel] Upstream BUILD and create config pkg
- Upstream changes made by BUILD and defs.bzl
- Creates a new config package, since configurations targets
  are different between bazel and blaze
- Runs buildifier in all files

No-Try: true
Change-Id: I65a1bc94a76b79eb26a348baf11eef4249be9552
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250637
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77597}
2021-10-28 15:14:40 +00:00
Tobias Tebbi
392078fb83 Reland "[turbofan] extend type asserts to cover all JS types"
This is a reland of 45227ffdb4
Differences:
- Handle one more flags conflict in variants.py.
- Disallow %VerifyType without --concurrent-recompilation.

Original change's description:
> [turbofan] extend type asserts to cover all JS types
>
> Extend type assertions to all types covering JavaScript values.
> This is achieved by allocating type representations on the heap using
> newly defined HeapObject subclasses. To allocate these in the compiler,
> we disable concurrent compilation for the --assert-types flag for now.
>
> Fix two type errors that came up with the existing tests:
> 1. JSCreateKeyValueArray has type Array (i.e., a JSArray) instead of
>    OtherObject.
> 2. OperationTyper::NumberToString(Type) can type the result as the
>    HeapConstant Factory::zero_string(). However, NumberToString does
>    not always produce this string. To avoid regressions, the CL keeps
>    the HeapConstant type and changes the runtime and builtin code to
>    always produce the canonical "0" string.
>
> A few tests were failing because they check for truncations to work
> and prevent deoptimization. However, AssertType nodes destroy all
> truncations (which is by design), so these tests are incompatible
> and now disabled for the assert_types variant.
>
> Drive-by fix: a few minor Torque issues that came up.
>
> Change-Id: If03b7851f7e6803a2f69edead4fa91231998f764
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3234717
> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
> Reviewed-by: Omer Katz <omerkatz@chromium.org>
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77565}

Change-Id: I5b3c6745c6ad349ff8c2b199d9afdf0a9b5a7392
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3247035
Auto-Submit: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77596}
2021-10-28 14:10:30 +00:00
Yujie Wang
4240985a1e [riscv64] Add tests for RVV VI VF instructions
Implement `LiftoffAssembler::emit_i16x8_sconvert_i32x4` for riscv.
Add tests for rvv integer and floating-point instructions.
Add simulator support for rvv instructions, e.g. `vfmadd`, `vnclip`.
Fixed order of operands for `vfdiv.vv`.

Bug: v8:11976
Change-Id: I0691ac66771468533c5994be1fc8a86b09d3c738
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3225319
Reviewed-by: Yahan Lu <yahan@iscas.ac.cn>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Yahan Lu <yahan@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#77595}
2021-10-28 13:57:31 +00:00
Thibaud Michaud
bddb7b02d3 [wasm] Temporarily disable stack-switching test
The stack-switching test is not expected to pass yet if a GC happens
in the runtime call or in the wasm call.

R=ahaas@chromium.org

Bug: v8:12191, v8:12344
Change-Id: Iba66be58c1abd2ffbb22bbd7d34f8df0246a2a92
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3250900
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77594}
2021-10-28 12:23:51 +00:00
Michael Lippautz
e5a509049e api: Provide write barrier in TracedReferenceBase
TracedReferenceBase use (traced) global handles to implement the
referencs. Provide a write barrier in the corresponding handle
methods. Doing so
- avoids bugs by having embedders taking care of write barrier
  management.
- speeds up the barrier as it is better integrated in the handle
  methods.

Drive-by: We don't need write barriers on initializating stores.

Bug: v8:12165
Change-Id: Ie49cc3783aeed576fd46c957c473c61362fefbf2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3247039
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77593}
2021-10-28 12:00:32 +00:00
Ray Wang
cced52a97e [date] Skip leading zeros when parsing date string
1. Skip leading zeros when parsing date string
2. Add necessary unittests

Bug: v8:12256
Change-Id: Ibc1f320382a2e33175f7f57542c8fe48afd05fa8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3223239
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77592}
2021-10-28 11:49:10 +00:00
Shu-yu Guo
e8c823763a [ic,baseline] Add KeyedDefineOwnIC_Slow and use StoreOwnICBaseline in baseline
A "store own" slow runtime was missing, and the slow handler on the
StoreOwnIC was using the non-own slow runtime function, incorrectly
causing setters to be called.

For baseline, [1] invalidates the invariant that StoreOwnIC is only used
for storing properties already in the literal boilerplate, since it's
also used when the new literal is cloned from an object spread.

[1] https://chromium-review.googlesource.com/c/v8/v8/+/3224666

Bug: chromium:1263389, v8:11429
Change-Id: I0284396f306f937d1b8ff96adda6cc133c19726a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3244308
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77591}
2021-10-28 11:34:23 +00:00