Commit Graph

64399 Commits

Author SHA1 Message Date
Maya Lekova
d626121e70 [gcmole] Upload a new version supporting DisallowGarbageCollection
This is an attempt to fix a gcmole failure in
https://chromium-review.googlesource.com/c/v8/v8/+/2362960

Change-Id: Idff72ff3ae63863fb73f11231481469c700891c3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2410193
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69907}
2020-09-15 11:18:22 +00:00
Clemens Backes
6bcfa62079 [wasm] Use worker_count in job API
The signature of {GetMaxConcurrency} was recently extended to pass the
{worker_count}, i.e. the number of workers that are currently running.
This number allows us to return a more precise number for the current
maximum concurrency.
In the case of background function compilation, we were sometimes
returning a slightly too small number, resulting in too few workers to
be spawned, resulting in slightly longer compilation.
For wrapper compilation on the other hand, the returned number is
already correct, and this CL adds a comment explaining why.

R=thibaudm@chromium.org

Bug: chromium:1101340
Change-Id: I0e3122c8b99ba1cdf97616de922d4f07874b0aeb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2410383
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69906}
2020-09-15 10:35:02 +00:00
Santiago Aboy Solanes
29581b7f98 [compiler] Replace TemplateObjectDescription with direct reads
Bug: v8:7790
Change-Id: I5391c6688dfad81e37d260fbfef22c3dbdce0dce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2404769
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69905}
2020-09-15 09:17:42 +00:00
Santiago Aboy Solanes
b5f37051aa [compiler] Replace JSDataView with direct reads
Bug: v8:7790
Change-Id: Id01c2e4359aa4294816ffe14c08a586a9b9b10c2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2404768
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69904}
2020-09-15 09:09:37 +00:00
Georg Neis
c5a8758cf4 Disable --turbo-direct-heap-access by default
Bug: v8:10917, v8:7790
No-Try: true
Change-Id: I11dfd404e619dd547923421ff7aef3428c746243
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2410190
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69903}
2020-09-15 09:08:32 +00:00
Georg Neis
4e4b3f0580 [compiler] Create canonical persistent handles in more places
Bug: v8:7790
Change-Id: I27a13c213c33e742cd66ed85e9c10c71b78a9384
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2410182
Auto-Submit: Georg Neis <neis@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69902}
2020-09-15 08:55:12 +00:00
Alex Kodat
362b2c238b [cpu-profiler] Delete deopt_frames array if CodeMap entry not found
If code is deoptimized while CPU profiling, a deoptimization event
record is sent to the profiler. But if the profiler could not find
the associated CodeMap entry in CodeDeoptEventRecord::UpdateCodeMap
it would simply return without freeing the deopt_frames array.
This change frees the deopt_frames array no matter what in
CodeDeoptEventRecord::UpdateCodeMap, eliminating a storage leak.

Bug: v8:10861
Change-Id: I4e68566bb91dff13b38e255ddfed24b85b7a1d57
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2386332
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69901}
2020-09-15 07:46:22 +00:00
Maya Lekova
b76f5ed4a0 Revert "Roll test262"
This reverts commit effbbb8cfe.

Reason for revert: Breaks UBSan, see https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20UBSan/12858?

Original change's description:
> Roll test262
> 
> e8cdf92..6397602
> 
> Bug: v8:7834, v8:4628, v8:10903, v8:10905
> Change-Id: I65bf15d6308126a4955abe0a6b0647834f4ff066
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2405804
> Reviewed-by: Shu-yu Guo <syg@chromium.org>
> Commit-Queue: Frank Tang <ftang@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#69899}

TBR=ftang@chromium.org,syg@chromium.org

Change-Id: Ibe552e02cf7e7eb270d32bb6cb0650223259e304
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7834
Bug: v8:4628
Bug: v8:10903
Bug: v8:10905
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2410188
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69900}
2020-09-15 06:56:24 +00:00
Frank Tang
effbbb8cfe Roll test262
e8cdf92..6397602

Bug: v8:7834, v8:4628, v8:10903, v8:10905
Change-Id: I65bf15d6308126a4955abe0a6b0647834f4ff066
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2405804
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69899}
2020-09-15 03:56:32 +00:00
v8-ci-autoroll-builder
35db7c038e Update V8 DEPS.
Rolling v8/build: dc90e7d..62cb86f

Rolling v8/buildtools: a90362b..3ff4f50

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/e53ee0c..534924e

Rolling v8/third_party/depot_tools: a1e1549..b71187b

Rolling v8/tools/clang: bf815f1..e075ddd

Rolling v8/tools/swarming_client: 4c095d0..44c13d7

TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com

Change-Id: I8ce14af5aa4fee9f356fba79618c1cb0a88253ae
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2409935
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#69898}
2020-09-15 03:53:52 +00:00
Milad Fa
b54b011ec9 [wasm-simd][scalar-lowering] Fix lowering on kS128Const
kFloat32x4 needs to handle the endianness similar to kInt32x4.

Change-Id: Iaab2d6785d56c06fd00654bff174900550db9e47
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2411628
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#69897}
2020-09-15 03:26:21 +00:00
Milad Fa
0b36f190f4 [wasm-simd][scalar-lowering] Fix lowering on BE machines
As WASM is LE enforced, data is originally written to memory
in LE order regardless of the machine type, therefore we need
to read it back the same way.

Bug: v8:10507
Change-Id: I72896eeeed177a22ca87e8c380f99dca795ddc4a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2410475
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69896}
2020-09-14 22:54:26 +00:00
Milad Fa
b1281b3285 PPC/s390: [wasm-simd][liftoff][ia32][x64] Implement pmin pmax
Port 863c2cb4eb

Original Commit Message:

    Implement f32x4.pmin, f32x4.pmax, f64x2.pmin, and f64x2.pmax.

    Due to the way minps/maxps/minpd/maxpd works [0], we swap lhs and rhs.
    This is similar to the way TurboFan does this [1].

    [0] "If the values being compared are both 0.0s (of either sign), the
    value in the second operand (source operand) is returned." but pmin/pmax
    wants to return the lhs (which follows the definition of std::min<T> in
    C++ STL.)

    [1]
    https://source.chromium.org/search?q=instruction-selector-ia32.cc%20VisitPmin&ss=chromium%2Fchromium%2Fsrc:v8%2F

R=zhin@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I3c894d203dffedee579236e3aec681e6206a8e7a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2410474
Reviewed-by: Milad Farazmand <mfarazma@redhat.com>
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#69895}
2020-09-14 20:41:37 +00:00
Andrew Comminos
05af368100 [cpu-profiler] Remove support for context filtering
Since the web-exposed profiler will require COOP/COEP, it is no longer
necessary to perform isolation at the V8 level. Strip the unnecessary
complexity and unreliability of context filtering accordingly.

Bug: chromium:956688, v8:9881, v8:9860
Change-Id: I21a30d51f8daf7565ec95de8c265e9d3b9d10fad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2386144
Commit-Queue: Andrew Comminos <acomminos@fb.com>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69894}
2020-09-14 20:24:46 +00:00
Milad Fa
d24457fab7 PPC/s390: [wasm-simd] Implement pmin/pmax
Port 3ba4431124

Original Commit Message:

    F32x4 and F64x2 pmin and pmax were accepted into the proposal [0], this
    removes all the ifdefs and todo guarding the prototypes, and moves these
    instructions out of the post-mvp flag.

    [0] https://github.com/WebAssembly/simd/pull/122

R=zhin@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I8b2ae60240f769e1f4c0b00e98d53846519b305e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2410806
Reviewed-by: Junliang Yan <junyan@redhat.com>
Reviewed-by: Milad Farazmand <mfarazma@redhat.com>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#69893}
2020-09-14 19:40:06 +00:00
Ng Zhi An
0445e41bdc [wasm-simd][scalar-lowering] Fix lowering for unsigned average
Small int nodes are stored in sign-extended form, for unsigned average,
mask away the top bits before performing operation.

Bug: v8:10507
Change-Id: I04d3be5758e6ee3fd946adca0943b2874910b4cf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2405751
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69892}
2020-09-14 19:30:56 +00:00
Marja Hölttä
97c062bacb [Atomics.waitAsync] Ship Atomics.waitAsync
Bug: v8:10239
Change-Id: I3671d3bd5f4f6df1ca01237158b8f284b5e3d7ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2410186
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69891}
2020-09-14 18:40:26 +00:00
Ng Zhi An
05749d8742 [wasm-simd][scalar-lowering] Fix all_true lowering
all_true requires the input to be of the respective type, but the
final result is always a Int32x4 with a single node. So keep
the replacement type of all_true (and any_true) nodes to be Int32x4,
and use a helper method to decide what SimdType the input should
be replaced with.

Also split up any_true and all_true for readability.

Bug: v8:10507
Change-Id: I58ca50ffffcbca3ec77bbae1371ddd179925fc96
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2405803
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69890}
2020-09-14 18:27:56 +00:00
Ng Zhi An
863c2cb4eb [wasm-simd][liftoff][ia32][x64] Implement pmin pmax
Implement f32x4.pmin, f32x4.pmax, f64x2.pmin, and f64x2.pmax.

Due to the way minps/maxps/minpd/maxpd works [0], we swap lhs and rhs.
This is similar to the way TurboFan does this [1].

[0] "If the values being compared are both 0.0s (of either sign), the
value in the second operand (source operand) is returned." but pmin/pmax
wants to return the lhs (which follows the definition of std::min<T> in
C++ STL.)

[1]
https://source.chromium.org/search?q=instruction-selector-ia32.cc%20VisitPmin&ss=chromium%2Fchromium%2Fsrc:v8%2F

Bug: v8:10904
Change-Id: Ie58cae66cd48421c3ab40df33df979b0353b01ee
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2406593
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69889}
2020-09-14 17:01:36 +00:00
Thibaud Michaud
383c4a44cd [wasm][debug] Fix DebugInfo deadlock
Add a separate mutex for the {debug_side_tables_} field. This ensures
that we can use {GetDebugSideTableIfExists} even if {mutex_} is already
locked.

R=ahaas@chromium.org
CC=​​clemensb@chromium.org

Bug: v8:10889
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_isolates_rel_ng
Change-Id: Icb67c45aec0cf66814705b83532f4833f36738e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2402879
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69888}
2020-09-14 16:54:06 +00:00
Georg Neis
241c8fa48f [compiler] Unpark local heap in more places
Bug: chromium:1127405, v8:7790
Change-Id: Ibba029725b46c691b7848b0a092f0159259651c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2410381
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69887}
2020-09-14 16:09:26 +00:00
Daniel Clifford
c84ca9c480 Port some SloppyArgumentsElements CSA code to Torque
Specifically, all the EmitKeyedSloppyArgumentsXXX methods.

Change-Id: I5d98c0f031b858e1e5342020f5ad68526c57c42a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2235694
Commit-Queue: Daniel Clifford <danno@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69886}
2020-09-14 15:44:16 +00:00
Almothana Athamneh
71728016c0 Change Mac on ARM64 builders to only perform v8testing
Bug: chromium:1126457
Change-Id: I9c5bc4d8d3ee8384642a6d2f9a8f1f821113eb97
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2401418
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69885}
2020-09-14 15:22:06 +00:00
Thibaud Michaud
68db7aacb3 [wasm] Finalize wrappers sooner for sync compile
We currently wait until baseline compilation is finished to finalize
export wrappers, but this can happen concurrently.
This change triggers export wrapper finalization as soon as the last
export wrapper is compiled, while background threads start compiling
baseline units.

R=clemensb@chromium.org

Bug: v8:9916
Change-Id: I945a8de7a917f6bc79e8a50431d8da530a901956
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2400342
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69884}
2020-09-14 15:05:36 +00:00
Samuel Groß
d46723aefd Updated libreprl from Fuzzilli and improved Fuzzilli test
The test now verifies that JavaScript programs can be executed
over the REPRL interface, that runtime exceptions can be detected,
and that the engine's state is properly reset between executions.

Change-Id: Ic8032c07e222307cbb4d332e7eaec61936a10ccd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2396082
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Samuel Groß <saelo@google.com>
Cr-Commit-Position: refs/heads/master@{#69883}
2020-09-14 14:52:06 +00:00
Dominik Inführ
345518a026 [execution][heap] Make Isolate::is_profiling relaxed atomic
Concurrent allocation uses Isolate::is_profiling() to determine
whether logging is on. This races with the main thread when the
value in is_profiling is switched on/off by the cpu profiler.

Fix this by making is_profiling relaxed atomic. The profiler doesn't
turn off logging for correctness reasons, so it is fine when background
threads may read an old value and continue logging a bit longer. It is
also okay when background threads start logging again a bit longer when
profiling is stopped.

Bug: v8:10315
Change-Id: Id52d06f7a8239e10dfa63da38e761b2c00a2da4b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2404779
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69882}
2020-09-14 13:58:16 +00:00
Dominik Inführ
dfcd257910 [gcmole] Add support for DisallowGarbageCollection
Add support for DisallowGarbageCollection scope. This scope will be
introduced once this CL landed.

DisallowGarbageCollection works like DisallowHeapAllocation but also
disallows safepoints.

Bug: v8:10315
Change-Id: Ia7d777d4104b32810dd481ad9dbdf0edd075b6cf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2395561
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69881}
2020-09-14 13:52:46 +00:00
Manos Koukoutos
d5cecd11d1 [wasm-gc] Fix i31ref decoding and some error messages
Bug: v8:7748
Change-Id: I4d6aef3ab503ffc9b9624b6d65d74f36141d550d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2403258
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69880}
2020-09-14 13:04:47 +00:00
Camillo Bruni
d2ef872267 [log] Add Log::TearDownAndGetLogFile
CL in preparation of writing JavaScript-based log parsing tests.

- Return both temporary and normal log file in
  Log::TearDownAndGetLogFile
- Add file_name accessor to Logger and Log classes
- Use separate Log::WriteLogHeader method
- Remove unused logger_ instance variable from Log

Bug: v8:10668
Change-Id: Ie1f6f92cc6c55fd1dc664cac95f481bc29da7e18
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2407773
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69879}
2020-09-14 12:50:57 +00:00
Omer Katz
e5efa94066 cppgc, heap: Avoid static const intializer in SegmentBase
Turns out the initializer is banned in Chrome

Bug: v8:10912
Change-Id: I28308d79daec463b24d0754ed8d3e447a848b19b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2407775
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Auto-Submit: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69878}
2020-09-14 12:41:07 +00:00
Georg Neis
e371325bcb [compiler] Fix bug in SimplifiedLowering's overflow computation
It's unsound to ignore -0 inputs:
-0 - INT32_MIN is outside of INT32 range.

Bug: chromium:1126249
Change-Id: I3b92f16c1201705780acb0359975329aa2ca34d1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2404452
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69877}
2020-09-14 12:33:27 +00:00
Daniel Bevenius
7173685975 [heap] Add large_object_threshold to AllocateRaw
This commit adds a check in Heap::AllocateRaw when setting the
large_object variable, when the AllocationType is of type kCode, to
take into account the size of the CodeSpace's area size.

The motivation for this change is that without this check it is
possible that size_in_bytes is less than 128, and hence not considered
a large object, but it might be larger than the available space
in code_space->AreaSize(), which will cause the object to be created
in the CodeLargeObjectSpace. This will later cause a segmentation fault
when calling the following chain of functions:

   if (!large_object) {
      MemoryChunk::FromHeapObject(heap_object)
          ->GetCodeObjectRegistry()
          ->RegisterNewlyAllocatedCodeObject(heap_object.address());
   }

We (Red Hat) ran into this issue when running Node.js v12.16.1 in
combination with yarn on aarch64 (this was the only architecture that
this happed on).

Bug: v8:10808

Change-Id: I0c396b0eb64bc4cc91d9a3be521254f3130eac7b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2390665
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69876}
2020-09-14 12:12:40 +00:00
Michael Lippautz
a29b44e570 api: Fix Detachedness typo
kUnkown -> kUnknown

Bug: chromium:1110816
Change-Id: I8138df76ade7f2a78632e329682cca83c64edac8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2407776
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69875}
2020-09-14 12:11:34 +00:00
Georg Neis
219b28bfe2 [turbofan] Fix bug in inlining
JSInliningHeuristic::Finalize did not take into account that by the
time it gets called some of the candidate nodes may have changed to
non-call operators.

Bug: chromium:1127319
Change-Id: I180ed36de98455be6b55790ba7bdb4391ff5fd5c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2409273
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69874}
2020-09-14 12:01:55 +00:00
Camillo Bruni
12d8d12847 [license] Remove duplicated valgrind license file
LICENSE.valgrind is a stale copy of src/third_party/valgrind/LICENSE

Change-Id: I274ad8cbe4e347979a9152b3a31c4598d2525aa4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2398458
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69873}
2020-09-14 11:36:34 +00:00
Manos Koukoutos
50813c34da [wasm-gc] Typecheck function-typed imported globals
Changes:
- Add optional WasmModuleObject field to WasmGlobalObject
- Introduce DynamicTypeCheckRef. Use it to typecheck imported global
  objects.
- Correctly typecheck imported WasmGlobalObjects.
- Add some testing infrastructure and one test file

Bug: v8:7748
Change-Id: Icc62d378d17696c5808d580f1ec84186c9556ec1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2403248
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69872}
2020-09-14 11:25:05 +00:00
Camillo Bruni
ab4fe69f4f [cleanup] Rename LoadObjectMap to LoadObjectFunctionInitialMap
Bug: v8:10763
Change-Id: I8e8f7924928175516e7ba2500f4660dc160158b2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2409278
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69871}
2020-09-14 11:04:44 +00:00
Hidehiko Abe
8a41a70638 v8: Expand is_linux to is_linux || is_chromeos.
Currently is_linux GN variable is set to true on building Chrome OS
but it is planned to be set false. This CL is the preparation to
keep the compatibility.

Bug: chromium:1110266
Test: Built locally.
Change-Id: Ibb9a57269f5a147e372fd33a473d9514379e1c68
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2405847
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69870}
2020-09-14 10:11:24 +00:00
Michael Achenbach
949a81744c [test] Bump shards on slow builder
No-Try: true
Bug: v8:10911
Change-Id: I0cd19075f55494b7fefa5cbc7b2993ac1b6eefac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2409494
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69869}
2020-09-14 09:38:55 +00:00
Jakob Gruber
9dc89efa50 [snapshot] Fix clearing compiled code from JSFunction pt. 2
Optimized code that is marked for deoptimization is not considered
'attached' or 'available', but we still want to discard it prior to
serialization. Change JSFunction::CanDiscardCompiled to explicitly
check for this case.

Bug: v8:10881, v8:10869
Change-Id: Id573c21e331afdae28be4ab434d522249d1ac9be
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2409275
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69868}
2020-09-14 09:18:04 +00:00
Camillo Bruni
c9224589cf Reland "[d8] Add d8 global variable"
This is a reland of 6798619a69

Original change's description:
> [d8] Add d8 global variable
>
> - Add a a "d8" global variable where d8 can provide helpers.
>   This in in preparation of adding d8.log for testing our log parsers
>   written in JavaScript.
>
> - Separate d8 helper creation into individual functions.
>
> Bug: v8:10668
> Change-Id: I84e434452463afb93ae403f890d8841b20b00703
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2400990
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Camillo Bruni <cbruni@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#69801}


Tbr: verwaest@chromium.org
Bug: v8:10668
Change-Id: If3256ec4e11f01ef1dc5c2e61fa33ed6d7a6aee3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2409274
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69867}
2020-09-14 08:48:04 +00:00
Jakob Gruber
fa32bc0392 [d8] Disable incremental marking in stress-snapshot mode
The stress-snapshot mode clears bytecode arrays from shared function
infos which the MarkCompactCollector later tries to access. The
simplest fix here is to disable incremental marking in this
specialized testing mode.

Bug: v8:10882
Change-Id: Ie0b5fc4c6411f0768b4e76d21fbd225dc56aab6c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2409277
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69866}
2020-09-14 08:44:49 +00:00
Michael Achenbach
c5a70d3a55 [test] Skip some slow benchmarks
This skips the top outliers in debug mode and marks other tests as
slow that frequently flakily time out, see bug.

No=Try: true

Bug: v8:10909
Change-Id: I26b22cceba4a93496f340fe25af0685391fa762b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2407897
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69865}
2020-09-14 08:43:44 +00:00
Daniel Bevenius
8eb261d158 Suppress compiler warning from internal-index.h
This commit adds a static cast to CONSTEXPR_DCHECK in as_int().

The motivation for this is that currently this check generates the
following compiler warning:

/v8/src/objects/internal-index.h: In member function
‘constexpr int v8::internal::InternalIndex::as_int() const’:
/v8/src/objects/internal-index.h:44:29: warning:
comparison of integer expressions of different signedness:
‘const size_t’ {aka ‘const long unsigned int’} and ‘int’ [-Wsign-compare]
   44 |     CONSTEXPR_DCHECK(entry_ <= std::numeric_limits<int>::max());
      |                      ~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Change-Id: I6adda356dbbe522221731a29f205213f1ba23755
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2407892
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69864}
2020-09-14 08:40:54 +00:00
Almothana Athamneh
5476ee0553 [MB][test] Add configs for new mac-arm64 builders
NOTRY=true

Bug: chromium:1126457
Change-Id: I08df6070586cdc435595ddda74e1e8cfe2abf2b7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2401423
Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69863}
2020-09-14 07:53:27 +00:00
Camillo Bruni
dbe98c8090 [turbofan] Fix some tests
Stress configurations cause maps to be GC'ed too early.
We now keep them alive by storing the object in a global variable.

Bug: v8:10892
Change-Id: If03c42612d9907b3b6d0df8bb2de879857a89e0a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2404774
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69862}
2020-09-14 07:52:22 +00:00
v8-ci-autoroll-builder
4e92ed8d4c Update V8 DEPS.
Rolling v8/build: d01f3c3..dc90e7d

TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com

Change-Id: I7e0cfda5b01f6a35ab869965087ad26524474415
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2407137
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#69861}
2020-09-14 03:50:32 +00:00
v8-ci-autoroll-builder
b348af4090 Update V8 DEPS.
Rolling v8/build: db4df0f..d01f3c3

TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com

Change-Id: Iddb6c36450238243b29bf8e49f9695c6b333d620
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2408129
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#69860}
2020-09-13 16:24:51 +00:00
v8-ci-autoroll-builder
2939c5fa82 Update V8 DEPS.
Rolling v8/build: 349143e..db4df0f

TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com

Change-Id: Ie89554bf1e2f1955ab3dd989c9123dda8bbbd45d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2408294
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#69859}
2020-09-13 03:43:30 +00:00
v8-ci-autoroll-builder
bfdc3f0cd9 Update V8 DEPS.
Rolling v8/build: b3e63d3..349143e

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/13bf125..e53ee0c

Rolling v8/third_party/depot_tools: fb6d901..a1e1549

Rolling v8/tools/clang: 97d6ab3..bf815f1

TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com

Change-Id: I3a0ebbea978c6b54047998f5852ec3c1965b916c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2407492
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#69858}
2020-09-12 04:44:39 +00:00