Commit Graph

76158 Commits

Author SHA1 Message Date
Andy Wingo
e8610ab883 [stringrefs] Implement stringview_wtf8.encode
Bug: v8:12868
Change-Id: I714fffec248114a7ff61479f122a7df538e8e8d5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3755140
Commit-Queue: Andy Wingo <wingo@igalia.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81666}
2022-07-12 15:07:58 +00:00
Shu-yu Guo
902759b8d7 [change-array-by-copy] Initialize elements in Array.prototype.toSpliced
The fast path of Array#toSpliced currently does not correctly initialize
the elements range in the copy's FixedArray elements that will hold the
inserted items. A GC can occur between the initial allocation of the
elements before the inserted items are copied into it, which will fail
heap verification.

This CL also refactors CSA's FillFixedArrayWithSmiZero method to support
only zeroing a portion of a FixedArray instead of the entire thing.

Bug: v8:13035
Change-Id: I1bdb77d3b27f682620b45caa5a9c10ea0072a6ad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3750321
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81665}
2022-07-12 14:39:18 +00:00
Leszek Swirski
f1eb47dc54 [maglev] Add CreateFunctionContext support
Add a CreateFunctionContext implementation (which calls the same builtin
used by Sparkplug), and fix our deopt checkpoints to include the context
as a pseudo-register, so that Push/PopContext work with deopts.

Bug: v8:7700
Change-Id: Ia3efd105683f6922181b9f4c7db0bac6a3a5fcec
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3757683
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81664}
2022-07-12 12:52:57 +00:00
Andreas Haas
ff27a7969c [wasm] Push the instance only twice in the lazy-compile builtin
The wasm instance got pushed three times in the lazy-compile builtin:
1) as part of the parameters;
2) as a parameter for the runtime function;
3) to load the jump table address after the runtime function;

The third push can be avoided by loading the jump table address after
all parameters get loaded from the stack again.

R=clemensb@chromium.org

Bug: v8:13049, v8:12926
Change-Id: I6117cfbbabc6250bf40732b6921c0e629fd85fa6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3755138
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81663}
2022-07-12 10:35:07 +00:00
Clemens Backes
efd5442b62 [wasm] Exit early on section ordering problems
If we detect out-of-order sections, we should not enter the individual
decoding functions, because they might make assumptions that are not
true in the error case.
In this case, a DCHECK was firing if we call {DecodeFunctionSection}
twice.

R=ahaas@chromium.org

Bug: chromium:1342274
Change-Id: I3d9d8c8c604aeeb92b9766f07d4b5464f4c8d72c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3755112
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81662}
2022-07-12 09:15:17 +00:00
Danylo Boiko
df98f6f4e1 [turboshaft][turbolizer] Changed type of blocks Ids in JSON output
Bug: v8:12783
Change-Id: I718ba43c63d8010f9a512e6bd47ea58fbb4970ce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3756142
Commit-Queue: Danylo Boiko <danielboyko02@gmail.com>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81661}
2022-07-12 09:07:59 +00:00
Patrick Thier
1895e44d83 [string] Ensure ThinString's don't have a forwarding index
With the flag --always-use-forwarding-table we could end up turning a
String into a ThinString that had a forwarding index set.
This could happen when a String with a forwarding index is externalized.

Bug: chromium:1337469
Change-Id: Iea05586f61e2b78d83d04d5d2e94c4dca2892c1f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3735164
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81660}
2022-07-12 08:57:31 +00:00
ishell@chromium.org
7671274dc1 [baseline] Temporarily disable concurrent sparkplug
... in order to prepare for smoother rollout via the finch flag.

Bug: v8:12054, chromium:1343515
Change-Id: I24f51b73daa35c8de6967e8eb088dd3bee95fc4f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3755120
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81659}
2022-07-12 08:34:21 +00:00
Marja Hölttä
7f11bf4e90 [error messages] Enhance the "unexpected identifier" error message
Bug: chromium:1338838
Change-Id: I1b8c54b460d272b19a4faa180a491e725bee4b79
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3726147
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81658}
2022-07-12 06:44:27 +00:00
Marja Hölttä
d385d4116b [rab/gsab] Tests for Array.p methods, part 9
In this part: splice, flat, flatMap

Bug: v8:11111
Change-Id: Ide06c1137c6b4def70d09d479cfbedfb2d7c8450
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3755106
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81657}
2022-07-12 06:40:19 +00:00
Richard Wang
1e1cdca1f4 Update reclient version, allow mac to checkout reclient, add mac builder
Mac builder added per https://chromium-review.googlesource.com/c/v8/v8/+/3755921/comments/dc378d70_002b4107

Bump the re-client version to match the same one chromium is currently using: https://source.chromium.org/chromium/chromium/src/+/main:DEPS;l=265;drc=11428e8ebaf6a78020d442da479b5b0daa0dffb5

The older version of re-client 0.40.0.40ff5a5 will not work when attempting to use it in a recipe targeting mac

The version bump has been tested successfully with V8 Official Linux64 (reclient) dd361303d1/+/build.proto and V8 Linux64 - builder (reclient) 758cd57ad9/+/build.proto

Bug: b:238283947
Change-Id: I88e306f930c030173813b591e63a363da2d47cf1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3752430
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Richard Wang <richardwa@google.com>
Cr-Commit-Position: refs/heads/main@{#81656}
2022-07-12 06:03:53 +00:00
v8-ci-autoroll-builder
c3e0ad47b1 Update V8 DEPS (trusted-origins)
Rolling v8/build: 0b8f9f6..ad70f68

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I962a4a1199600207f3fbb6c7403acda9f0a8f340
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3755216
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81655}
2022-07-12 04:47:30 +00:00
v8-ci-autoroll-builder
59b05cb50a Update V8 DEPS (trusted-versions)
Rolling v8/buildtools/linux64: git_revision:03ce92df5f9875bd9929b564be4b612713569aa9..git_revision:9ef321772ecc161937db69acb346397e0ccc484d

Rolling v8/third_party/depot_tools: 1601b3e..d22bf60

Rolling v8/third_party/fuchsia-sdk/sdk: version:8.20220710.3.1..version:8.20220711.1.1

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I0c21f66a912363189a438b6f764c46c4b306cb14
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3755215
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81654}
2022-07-12 03:45:23 +00:00
Luis Fernando Pardo Sixtos
6217722303 Remove CreateSharedArray declaration
Removing dead code.

Change-Id: Ib477003cddb02441304efcb0400d511d235d07e4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3756381
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Luis Fernando Pardo Sixtos <lpardosixtos@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#81653}
2022-07-12 01:39:23 +00:00
Frank Tang
3c2925edd1 Reland "[Temporal] Add add/subtract to Duration"
This is a reland of commit a10194cf82

Original change's description:
> [Temporal] Add add/subtract to Duration
>
> Also implement AOs: ToRelativeTemporalObject, AddDuration, AddDurationToOrSubtractDurationFromDuration,
>  ParseTemporalRelativeToString, DefaultTemporalLargestUnit,
> DifferenceZonedDateTime
>
> Spec Text:
> https://tc39.es/proposal-temporal/#sec-temporal.duration.prototype.add
> https://tc39.es/proposal-temporal/#sec-temporal.duration.prototype.subtract
> https://tc39.es/proposal-temporal/#sec-temporal-adddurationtoorsubtractdurationfromduration
> https://tc39.es/proposal-temporal/#sec-temporal-addduration
> https://tc39.es/proposal-temporal/#sec-temporal-torelativetemporalobject
> https://tc39.es/proposal-temporal/#sec-temporal-parsetemporalrelativetostring
> https://tc39.es/proposal-temporal/#sec-temporal-defaulttemporallargestunit
> https://tc39.es/proposal-temporal/#sec-temporal-differencezoneddatetime
>
> Bug: v8:11544
> Change-Id: Id2eff50d7f810042e1b7c53c49a09f9e489d5460
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3699301
> Commit-Queue: Frank Tang <ftang@chromium.org>
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81650}

Bug: v8:11544
Change-Id: I4bf8055bc328e28cd40a4eaa282d125d69c47e96
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3756745
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81652}
2022-07-12 00:43:39 +00:00
Frank Tang
cfbe175eda Revert "[Temporal] Add add/subtract to Duration"
This reverts commit a10194cf82.

Reason for revert: Merge conflict break build

Original change's description:
> [Temporal] Add add/subtract to Duration
>
> Also implement AOs: ToRelativeTemporalObject, AddDuration, AddDurationToOrSubtractDurationFromDuration,
>  ParseTemporalRelativeToString, DefaultTemporalLargestUnit,
> DifferenceZonedDateTime
>
> Spec Text:
> https://tc39.es/proposal-temporal/#sec-temporal.duration.prototype.add
> https://tc39.es/proposal-temporal/#sec-temporal.duration.prototype.subtract
> https://tc39.es/proposal-temporal/#sec-temporal-adddurationtoorsubtractdurationfromduration
> https://tc39.es/proposal-temporal/#sec-temporal-addduration
> https://tc39.es/proposal-temporal/#sec-temporal-torelativetemporalobject
> https://tc39.es/proposal-temporal/#sec-temporal-parsetemporalrelativetostring
> https://tc39.es/proposal-temporal/#sec-temporal-defaulttemporallargestunit
> https://tc39.es/proposal-temporal/#sec-temporal-differencezoneddatetime
>
> Bug: v8:11544
> Change-Id: Id2eff50d7f810042e1b7c53c49a09f9e489d5460
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3699301
> Commit-Queue: Frank Tang <ftang@chromium.org>
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81650}

Bug: v8:11544
Change-Id: Ia40c6f47d7cf6255b0ad6f2f70571b79c7e2d7af
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3756742
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81651}
2022-07-11 23:52:43 +00:00
Frank Tang
a10194cf82 [Temporal] Add add/subtract to Duration
Also implement AOs: ToRelativeTemporalObject, AddDuration, AddDurationToOrSubtractDurationFromDuration,
 ParseTemporalRelativeToString, DefaultTemporalLargestUnit,
DifferenceZonedDateTime

Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.duration.prototype.add
https://tc39.es/proposal-temporal/#sec-temporal.duration.prototype.subtract
https://tc39.es/proposal-temporal/#sec-temporal-adddurationtoorsubtractdurationfromduration
https://tc39.es/proposal-temporal/#sec-temporal-addduration
https://tc39.es/proposal-temporal/#sec-temporal-torelativetemporalobject
https://tc39.es/proposal-temporal/#sec-temporal-parsetemporalrelativetostring
https://tc39.es/proposal-temporal/#sec-temporal-defaulttemporallargestunit
https://tc39.es/proposal-temporal/#sec-temporal-differencezoneddatetime

Bug: v8:11544
Change-Id: Id2eff50d7f810042e1b7c53c49a09f9e489d5460
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3699301
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81650}
2022-07-11 23:01:43 +00:00
Frank Tang
320844e059 [Temporal] Add round to PlainDateTime and ZoneDateTime
Also change InterpretISODateTimeOffset parameter type.
Add AOs: ToTemporalDateTimeRoundingIncrement
Spec Text:
https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.round
https://tc39.es/proposal-temporal/#sec-temporal.plaindatetime.prototype.round
https://tc39.es/proposal-temporal/#sec-temporal-totemporaldatetimeroundingincrement

Bug: v8:11544
Change-Id: I1a74ed165b3643467d8d894fd16fd59217ba8063
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3749374
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81649}
2022-07-11 22:58:24 +00:00
Anton Bikineev
4b25eaef5f cppgc: Force inline Member
With pointer compression enabled the compiler may not inline some Member
functions on some platforms, because Member stores and loads become
slightly more expensive. Inlining is however important with pointer
compression - it allows to further optimize the code by eliminating
the global load.

Bug: chromium:1325007
Change-Id: Ia37d223e78853a8218e0b2732a3f08aa58929000
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3756141
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81648}
2022-07-11 20:23:43 +00:00
Maksim Sadym
126d477925 Fix Date BiDi format
1. Add `toISOString` to `v8::Date`.
2. Switch serialization to `ISOString`.

Bug: v8:13043
Change-Id: I8a852f4a4a46bb3b8e5d52ef3cdffde7a408b403
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3749203
Auto-Submit: Maksim Sadym <sadym@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81647}
2022-07-11 17:19:43 +00:00
Leon Bettscheider
110fa66e13 [heap] Use MarkingWorklists in MinorMC
This CL is part of an effort to enable concurrent marking in MinorMC.

For this purpose we plan to reuse the IncrementalMarking class which
already implements a part of the concurrent marking code for MajorMC.
IncrementalMarking internally uses the MarkingWorklists class.

This CL adapts the stop-the-world marking implementation of
MinorMC to use the MarkingWorklists class.

Bug: v8:13012
Change-Id: I3c4eb33142f2630e89aa3771b6065b9f82dc0847
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3747862
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Leon Bettscheider <bettscheider@google.com>
Cr-Commit-Position: refs/heads/main@{#81646}
2022-07-11 16:39:24 +00:00
Leszek Swirski
8ab9821b9d [sparkplug] Remove slow path for VisitCreateFunctionContext
Bytecode generation already emits a manual runtime call for
CreateFunctionContext in the case where the slot count exceeds the
maximum, so we don't need to check for this case in Sparkplug.

Change-Id: I228bc710c5093f7c752dc7bda7912e3af1547371
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3755118
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81645}
2022-07-11 16:24:53 +00:00
Joyee Cheung
f3cad8cec6 [serializer] allow SnapshotCreator to destruct without a blob
Previously SnapshotCreator demanded a blob to be created before
it can be destructed in debug build, this patch removes the
DCHECK so that the embedder can choose not to create the blob
when e.g. the snapshot building isn't successful due to errors.

Change-Id: I72939be1e0d79b257b9761f48a72e45325a1f6d8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3716682
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Cr-Commit-Position: refs/heads/main@{#81644}
2022-07-11 16:14:33 +00:00
Samuel Groß
7683b9cd86 [sandbox] Fix --stress-snapshot after recent sandbox changes
There seem to be some issues with sandboxed external references in the
serializer which cause the --stress-snapshot mode to fail. This CL
changes the serializer to serialize external pointers that are
unsandboxed (currently all of them) as "regular" external references,
not "sandboxed" ones. This should fix the issues on the bots.

Bug: v8:10391
Change-Id: I2f889e1d0aa9c5958d4f4337e114423b650c1bb2
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3755148
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81643}
2022-07-11 15:36:23 +00:00
Leszek Swirski
dadb5c0a0a [maglev] Support write-barrier-free field stores
For Smi values.

Bug: v8:7700
Change-Id: I903ef8aae818d64c3800206022c421c97e21a6f8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3755143
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81642}
2022-07-11 15:16:33 +00:00
Camillo
45867618b2 [tools] Fully implement linux-perf tools --timeout
Change-Id: I462af434a695a09c9b65b11759e01aace463b414
No-Try: True
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3755147
Auto-Submit: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81641}
2022-07-11 15:15:23 +00:00
Leszek Swirski
db1a66b53d [maglev] Support property array stores
Change StoreField to StoreTaggedField, which, similar to the move of
LoadField to LoadTaggedField, operates on an offset and not a full Smi
handler. Then, add support for stores to a property array by emitting a
LoadTaggedField of the property array.

As a drive-by, fix support for const fields and HeapObject fields with
a class field type.

Bug: v8:7700
Change-Id: Iff1fec35b82d3999ff273b069e9935166f43b98f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3752802
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81640}
2022-07-11 15:08:18 +00:00
Thibaud Michaud
ff44012623 [wasm] Move Suspender functions to WebAssembly
Suspender.{returnPromiseOnSuspend,suspendOnReturnedPromise}
are not tied to a specific suspender anymore, so move them to
WebAssembly.{returnPRomiseOnSuspend,suspendOnReturnedPromise}.

With this change, the suspender property is not needed anymore on the
function data. Convert it to a boolean flag that just indicates whether
a function uses the JS Promise Integration API.

R=ahaas@chromium.org

Bug: v8:12191
Change-Id: I1b6d8e3190ebf5049dbc7eedee448999cf077509
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3748660
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81639}
2022-07-11 14:52:43 +00:00
Leszek Swirski
fc0c362623 [maglev] Fix regalloc DCHECK
The comment was right but the actual condition wasn't. We should check
whether the value is _not_ loadable.

Bug: v8:7700
Change-Id: I1c721a56da5860c73c8179406abb1d3a8b9d08f6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3755111
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81638}
2022-07-11 14:08:23 +00:00
Marja Hölttä
218d17d3ff [rab/gsab] Temporarily stage --harmony-rab-gsab for fuzzing
Bug: v8:11111
Change-Id: I4e96e5440b7cfc61758a595dfdcf534c00a24358
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3755109
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81637}
2022-07-11 13:39:33 +00:00
Samuel Groß
8a59678b83 [sandbox] Prepare ExternalPointerTable rollout
This CL does the following:
- It enables (i.e. allocates and initializes) the per-Isolate
  ExternalPointerTable when the sandbox is enabled.
- It refactors the list of external pointer tags to mark them as
  "sandboxed" or "unsandboxed". An unsandboxed external pointer has a
  null tag.
- It changes V8_SANDBOXED_EXTERNAL_POINTERS to now essentially just
  enable sandboxing for all available tags.
- It modifies all low-level external pointer accessors to perform the
  ExternalPointerLookup only if the tag is non-zero and otherwise treat
  the slot as containing a raw pointer.

This now allows rolling out external pointer sandboxing incrementally
(separately for each external pointer type), which will in turn allow
for more precise performance measurements of the impact of the sandbox.

Note: when an external pointer tag is now marked as sandboxed (and
V8_SANDBOXED_EXTERNAL_POINTERS is not enabled), the underlying slots are
still 64-bits in size. This simplifies the implementation as we would
otherwise need to deal with variably-sized external pointer slots. Local
benchmarking suggests that the benefits from 32-bit external pointer
slots are insignificant on typical benchmarks, so this should be ok.

Drive-by: rename kExternalPointerSize to kExternalPointerSlotSize to
make it more clear what it refers to (the on-heap storage size). Also
delete CodeStubAssembler::InitializeExternalPointerField as it is not
currently used and the implementation is fairly inefficient.

Bug: v8:10391
Change-Id: I7c38729c7e9048d737a1a8ced84749f5b1f7feab
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3736447
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81636}
2022-07-11 13:34:54 +00:00
Leszek Swirski
798fdac761 [maglev] Add to Linux64 bots
Run Maglev on the Linux64 bots -- eventually we'll want to move it to
the extra variant, but for now the flag is x64-only.

Bug: v8:7700, v8:12727
Change-Id: I8b8329720ac96ab1655aef9e210a52092f81cc91
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3752979
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81635}
2022-07-11 12:53:03 +00:00
Pedro Falcato
0573a07901 Flush stdout after printing the d8 prompt
Previously, the d8 prompt was printed without flushing stdout. This
relies on the platform's libc to flush stdout when reading from stdin.
This behavior is not portable and breaks the prompt on some platforms.

Change-Id: Ieddf7ec5a6eab15796e69742bb4c9546ceb54c37
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3752006
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81634}
2022-07-11 11:35:13 +00:00
Thibaud Michaud
00282d7d10 [wasm] Take suspender as parameter for stack-switching
This CL is the first step towards the 'static API':
https://github.com/WebAssembly/js-promise-integration/pull/1/files

The limitation of the previous API is that the stack-switching wrappers
are tied to a particular suspender. Since a suspender cannot be
re-entered until the corresponding computation has completed, this
prevents creating multiple concurrent instances of the same export.

Multiple APIs have been proposed and are still under discussion to
solve that, but the core idea is the same: the suspender should become a
runtime argument of the export and the import. This CL implements that.

For now, the suspender is still explicit everywhere: it is created in JS
and passed to the export, and forwarded to the JS import. Eventually,
the suspender may be completely hidden from JS: it would be materialized
by the export wrapper, and "swallowed" by the import wrapper, as
proposed in the PR above.

R=ahaas@chromium.org

Bug: v8:12191
Change-Id: Ic425a3fd920c7ad03874c636cd835d31c0e04994
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3748655
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81633}
2022-07-11 11:11:32 +00:00
Leszek Swirski
1606efaedf [gcc] Fix warning in Turboprop
Change-Id: I87d9d9a86edfed6112cdc5c7576e85bd5ae5f047
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3755141
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81632}
2022-07-11 09:40:44 +00:00
legendecas
4f9dfe41a2 [diagnostics] Print more Script fields
Print script's host_defined_options and source_mapping_url
in DebugPrint.

Change-Id: Ibd0b50e23f4d6f40eb4efbc6c4f384de24c401c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3751943
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Chengzhong Wu <legendecas@gmail.com>
Cr-Commit-Position: refs/heads/main@{#81631}
2022-07-11 08:31:03 +00:00
Omer Katz
6b2304fa05 [heap] Use memory fence for main thread reads
SynchronizePageAccess is used to synchronize between page initialization
and reads from that page. It was not used for main thread reads because
it was assumed that all pages are initialized on the main thread. With
concurrent allocations, pages may be concurrently initialized, thus
requiring a fence for main threads reads as well.

Bug: v8:13041
Change-Id: I93e5162243ef5458579f239b131094d7171e8615
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3752804
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81630}
2022-07-11 08:21:03 +00:00
Marja Hölttä
70625046b9 [rab/gsab] Tests for Array.p methods, part 8
In this part: slice

Bug: v8:11111
Change-Id: I66236039454ba50899a7c600b9a3df5fb5f7fc6f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3749582
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81629}
2022-07-11 08:19:53 +00:00
Michael Achenbach
f8e4c4aadb [build] Fix bazel build
No-Try: true
Bug: v8:7700
Change-Id: I66288693034bd501fece756916d0ef9a31e45e07
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3752798
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81628}
2022-07-11 07:52:06 +00:00
v8-ci-autoroll-builder
6fa6a36530 Update V8 DEPS (trusted-origins)
Rolling v8/build: b8e09c1..0b8f9f6

Rolling v8/tools/clang: 8bd72d6..0ca99b7

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: Ie77aaa20bbe44ba38a2a9b4e30e19363e3f6a02d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3754186
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81627}
2022-07-11 04:55:53 +00:00
v8-ci-autoroll-builder
ae1edbfd29 Update V8 DEPS (trusted-versions)
Rolling v8/third_party/fuchsia-sdk/sdk: version:8.20220709.2.1..version:8.20220710.3.1

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I1bea8266d8505addc527c37d6228e11b908ea321
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3754185
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81626}
2022-07-11 03:53:53 +00:00
Lu Yahan
1807aa5c70 [riscv64] Fix build error
Change-Id: I9cc2df6108b08aacf0b017f85128a9475022cedf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3754286
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Commit-Queue: ji qiu <qiuji@iscas.ac.cn>
Reviewed-by: ji qiu <qiuji@iscas.ac.cn>
Commit-Queue: Yahan Lu <yahan@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#81625}
2022-07-11 03:42:12 +00:00
Liu Yu
5c19b19cc8 [loong64][mips64] Remove some unused includes (4)
Port commit 0ed101e015

Bug: v8:13006
Change-Id: I4e0cba2e9a6cbef6ce01fbc81ce1b1ee71303474
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3754284
Auto-Submit: Liu Yu <liuyu@loongson.cn>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/main@{#81624}
2022-07-11 03:20:43 +00:00
v8-ci-autoroll-builder
a66cd71e13 Update V8 DEPS (trusted-origins)
Rolling v8/build: e822edc..b8e09c1

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I8e8106ef0ef093a5b25e927f7554e527cd27cca2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3754183
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81623}
2022-07-10 04:41:42 +00:00
v8-ci-autoroll-builder
2f57e2b566 Update V8 DEPS (trusted-versions)
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/7542172..1dee059

Rolling v8/third_party/fuchsia-sdk/sdk: version:8.20220708.2.1..version:8.20220709.2.1

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I4c552eb934374467f7c125a1cf38006b3b401bfc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3754182
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81622}
2022-07-10 03:51:32 +00:00
Leszek Swirski
666d559efb Revert "Reland "[flags] Enable freezing of flags""
This reverts commit d34170f294.

Reason for revert: "The (hopefully) last issue in chromium is fixed"
  Narrator: It wasn't -- https://ci.chromium.org/ui/p/chromium/builders/try/cast_shell_linux/1260757/overview

Original change's description:
> Reland "[flags] Enable freezing of flags"
>
> This is a reland of commit 1ed7d0b8d1.
> The (hopefully) last issue in chromium is fixed in https://crrev.com/c/3745533.
>
> Original change's description:
> > [flags] Enable freezing of flags
> >
> > This enables the --freeze-flags-after-init flag globally. Note that
> > tests, fuzzers, Node and other still explicitly disable the flag. The
> > chrome renderer process and default d8 execution will have it enabled
> > though.
> >
> > R=cbruni@chromium.org
> >
> > Bug: v8:12887
> > Change-Id: I9a15ef64227e5e6e04779d8d671a2c50d99c9097
> > Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695264
> > Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> > Commit-Queue: Clemens Backes <clemensb@chromium.org>
> > Cr-Commit-Position: refs/heads/main@{#81214}
>
> Bug: v8:12887
> Change-Id: I6445c04abc55242d6e2f204d45ec9ce22c6ece34
> Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707284
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81603}

No-try: true
Bug: v8:12887
Change-Id: I73e0a52974a2730386e805b7de98de8d87e2d208
Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3749584
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81621}
2022-07-09 16:14:11 +00:00
v8-ci-autoroll-builder
c5dafb76e6 Update V8 DEPS (trusted-origins)
Rolling v8/build: 85604a1..e822edc

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: I10795518d8ee4aa479cbe438e6f45435efa06e75
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3752927
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81620}
2022-07-09 04:42:41 +00:00
v8-ci-autoroll-builder
8c03ec3fc6 Update V8 DEPS (trusted-versions)
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/d7cbf23..7542172

Rolling v8/third_party/depot_tools: bb07d9e..1601b3e

Rolling v8/third_party/fuchsia-sdk/sdk: version:8.20220707.3.1..version:8.20220708.2.1

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: Icd70e3227156255a46109d7c6a855e42c172880c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3752926
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81619}
2022-07-09 03:56:21 +00:00
Frank Tang
51e70bd82c [test262] Roll test262
b458b9f0..3ddfa0cd

Bug: v8:7834
Change-Id: Ic60850ed5d5a2126b76c09747a969002781f17f8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3752614
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81618}
2022-07-08 20:28:50 +00:00
v8-ci-autoroll-builder
83b7d923ee Update google_benchmark
Rolling v8/third_party/google_benchmark/src: ac8a6d3..1531ee0

Correct typo in Passing Arguments section (Dominic Hamon)
https://chromium.googlesource.com/external/github.com/google/benchmark/+/1531ee0

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com,mlippautz@chromium.org

Change-Id: I555facbfc372fe7736042efb4234a4d35aec2ff0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3752346
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81617}
2022-07-08 20:19:20 +00:00