This adds PostConstructionCallbackTrait which can be used to get a
callback that is executed right after an object instance is created.
This can be useful for hooks that require to be able to call into
virtual methods.
Bug: chromium:1074061
Change-Id: Idd5ef677fed291bcba81b9a47f2932c9bb5832b4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2179385
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67557}
The existing implementation needed uses of the outputs of an
AtomicExchange to allocate registers for the result value. However,
these uses are not guaranteed to exist. With this CL temp registers
get allocated if the uses don't exist.
R=gdeepti@chromium.org
Bug: chromium:1077130
Change-Id: I058ee53b87c6e995c9f490f3aebbfdba69934f3c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2179503
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67556}
%GetUndetectable() is used for testing document.all's wacky "emulates
undefined" behavior both in mjsunit tests and in test262. mjsunit
doesn't rely its [[Call]] behavior, while test262 relies on its [[Call]]
returning null [1]. So, make it return null.
[1] https://github.com/tc39/test262/blob/master/INTERPRETING.md search
for IsHTMLDDA
Bug: v8:7184
Change-Id: I93d15715303deb0a932545d919bc281f5f4d5829
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2181475
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67555}
There is already a %GetUndetectable runtime test function, so use that.
Bug: v8:7184
Change-Id: I04af03d95c4245ab9c7061cb00d5890972b82f46
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2181195
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67553}
Also makes memory-chunk.h accessible from outside heap which allows
removal of some heap-inl.h includes.
Bug: v8:10473, v8:10496
Change-Id: Iec4fc5ce8ad201f6ee5fd924cc3cd935324429fc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2172088
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Dan Elphick <delphick@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67551}
This reverts commit 3c40082543.
Reason for revert: Re-enable interpreter tests
Original change's description:
> [wasm-simd] Remove interpreter tier of SIMD tests
>
> As per the all-hands a couple of weeks ago, the interpreter will
> be removed soon. Remove running tests on this tier, so we no longer
> put effort into maintaining tests for this tier.
>
> Change-Id: I9fce0f3a7cd869d6ccecf1c1f820b794e89858e1
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2175021
> Reviewed-by: Zhi An Ng <zhin@chromium.org>
> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67520}
TBR=gdeepti@chromium.org,zhin@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Change-Id: Iac0f21311769157c5ae303e8078c25d96fbc7c93
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2180343
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67546}
This allows us to preserve the script URL when importing a module in a
worker.
R=ahaas@chromium.org,clemensb@chromium.org
CC=kimanh@chromium.org
Bug: chromium:1064548
Change-Id: Id5e48c840e2dba8eadb5c854fcb389787ce11215
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2167866
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67543}
Summary of changes:
- GC visitors no longer rely on superclass visitors, but instead visit
everything themselves. This enables generating better code.
- Try to match simple body descriptors to reduce the amount of generated
code.
- Turn SizeFor(instance) into an AllocatedSize() method.
- Remove the special handling of resizable object sizes from Torque
and instead overwrite AllocatedSize in classes that need special
handling in C++.
- Split the visitor id lists depending on whether the class has pointer
fields.
- Turn Torque-generated body descriptors into an .inc file to
simplify includes.
- Fix generated size functions to properly align the size.
- Generate GC visitors (and C++ class definitions) for all string
classes and FixedArray, WeakFixedArray, and WeakArrayList.
- Store generated instance types in Torque class types. This is only
used to determine if a type has a single instance type in this CL.
Bug: v8:7793
Change-Id: I4d362e96b047c305bd6d065247734957b8958c42
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2110014
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67542}
... to be in sync with KeyedLoadIC_SloppyArguments in handling OOB
accesses which may involve prototype chain walk.
Bug: chromium:1063796
Change-Id: I8421c19085dfd2f3b6360c64fd04f53b1351576c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2174504
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67541}
This variant passes the --stress-snapshot d8 flag. There's a large
initial list of skips, these should be removed as issues are fixed
over time. The variant is currently not enabled on any bots.
Bug: v8:10416
Change-Id: I80aea80600c51b2f5d28b8ec8a09ff0ba2ebaa7a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2179002
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67536}
... and weak context code lists. These are non-empty when an isolate
is running and the serializer cannot handle them.
Bug: v8:10416
Change-Id: I11a3d25dfd1980bcddae8b65c429df3c2cf16b19
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2172423
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67535}
Moves ReadOnlyPage, ReadOnlyArtifacts, ReadOnlySpace and
SharedReadOnlySpace out of spaces.h and into read-only-spaces.h, as well
as creating a corresponding .cc file.
Bug: v8:10473
Change-Id: I9d8b49d61ed643fd6e16919d571a909ab6fce407
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2171197
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67531}
As per the all-hands a couple of weeks ago, the interpreter will
be removed soon. Remove running tests on this tier, so we no longer
put effort into maintaining tests for this tier.
Change-Id: I9fce0f3a7cd869d6ccecf1c1f820b794e89858e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2175021
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67520}
Any function with heap-allocated variables starts by creating and
pushing a new context for its execution. When entering the debugger due
to the stack check in the beginning of InterpreterEntryTrampoline, the
function has not yet had a chance to push that new context. The code in
ScopeIterator currently assumes that any function which needs a context
already has one by the time the debugger attempts to iterate scopes, but
in this case that assumption is invalid, which can cause a null deref.
This change introduces a new function ScopeIterator::NeedsAndHasContext
to replace previous calls to current_scope_->NeedsContext(). This new
function checks for the case where the current scope matches the closure
scope but the context matches the containing context for the function,
which implies that the function has not yet pushed its own context.
Bug: v8:10319, chromium:1038747
Change-Id: I29636f269c44d35b68d8446769d17170eed50e89
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2168021
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67519}
ROL will be optional operator as arm, arm64 only have ROR.
The reason for this CL is inefficient Wasm codegen for 64-bit
left-rotation.
Bug: v8:10216
Change-Id: I0cd13e4b6de5276a0d0b80eac5ed9c2e52ba1f96
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2157648
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67518}
- Update opcode numbers, tests
- As the wasm-module-builder currently assumes opcode bytes, skip
the test that needs a multi-byte leb128 opcode
- Renumber post-MVP opcodes
Change-Id: I6531e954e63986dc6f7a3144ec054d16e6dc1b05
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2173952
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67517}
Torque desugars try-catch/label constructs with several handlers
into nested try structures, with the first handler ending-up
innermost. So currently, if you write
try {
...
} label Foo {
Throw(...);
} catch (e) {
}
The catch will catch the preceding Throw in another handler.
This is different from how multiple try-catch handlers are done in
languages like Java, where throwing from a preceding catch handler
is not caught by a later one. To avoid this possible ambiguity, this
CL prohibits this pattern, enforcing that a catch handler comes first,
before any other label-handler attached to the same try.
This way, a catch handler never catches from any other handler on the
same try, since they have to come later.
Bug: v8:7793
Change-Id: I943f14b2393d307c4254a3fc3a78f236dbcf86df
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2169098
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67516}
31dabb56..6a18c27c
6a18c27 Generate test files from templates by Alexey Shvayka · 10 hours ago master
10a8c04 Test throw() called w/o arguments by Alexey Shvayka · 10 hours ago
75a0c1b Test return() called w/o arguments by Alexey Shvayka · 10 hours ago
4d9dccf Remove invalid feature, fix lint by Gus Caplan · 10 hours ago
850c653 Revert "Correct the expectation of zh-Hant" by Frank Yung-Fong Tang · 11 hours ago
fd90d58 Change `alphanum` to character class by Alexey Shvayka · 11 hours ago
d3b3e5e Make `alphanum` a non-capturing group by Alexey Shvayka · 11 hours ago
4371e3a Remove unnecessary capture group by Alexey Shvayka · 11 hours ago
af05e8e Revert "Simplify alphanum regex in testIntl.js" by Alexey Shvayka · 11 hours ago
a3c7d30 Add AsyncGeneratorFunction test by Alexey Shvayka · 3 days ago
69de665 Add GeneratorFunction test by Alexey Shvayka · 3 days ago
43bc9f1 Add Function test by Alexey Shvayka · 3 days ago
e8dfe54 Correct the expectation of zh-Hant by Frank Yung-Fong Tang · 4 days ago
76b3891 Correctly tag AggregateError proto-from-ctor-realm test by Shu-yu Guo · 4 days ago
c3e980a correct style-short.js by Frank Yung-Fong Tang · 4 days ago
df861e4 correct style-narrow.js by Frank Yung-Fong Tang · 4 days ago
d6c1b36 style-long.js by Frank Yung-Fong Tang · 4 days ago
17fe569 correct style-short.js by Frank Yung-Fong Tang · 4 days ago
81de828 correct style-narrow.js by Frank Yung-Fong Tang · 4 days ago
79c1818 Correct pl-pl*.js test for minimumGroupingDigits by Frank Yung-Fong Tang · 4 days ago
39ed5d9 Add object rest destructuring test by Alexey Shvayka · 4 days ago
b08380c Add object spread test by Alexey Shvayka · 4 days ago
c9ce3be Add Object.seal test by Alexey Shvayka · 4 days ago
feaa555 Add Object.isSealed test by Alexey Shvayka · 4 days ago
a65d0bf Add Object.isFrozen test by Alexey Shvayka · 4 days ago
521446b Add Object.freeze test by Alexey Shvayka · 4 days ago
07ff2ff Add Object.defineProperties test by Alexey Shvayka · 4 days ago
56cbc61 Add Object.getOwnPropertyDescriptors test by Alexey Shvayka · 4 days ago
2183fa7 Add Object.assign test by Alexey Shvayka · 4 days ago
0942fe1 correct comments by Frank Yung-Fong Tang · 4 days ago
9b54c22 correct comments by Frank Yung-Fong Tang · 4 days ago
aabf688 correct comment by Frank Yung-Fong Tang · 4 days ago
e72a965 Change the compareArray to allow new property by Frank Yung-Fong Tang · 4 days ago
21440c7 Change compareArray to allow new property by Frank Yung-Fong Tang · 4 days ago
fc55e45 Change the compareArray to allow new property by Frank Yung-Fong Tang · 4 days ago
8ad1225 Change compareArray to allow new property by Frank Yung-Fong Tang · 4 days ago
4fb0e70 add "fractionalSecondDigits" by Frank Yung-Fong Tang · 4 days ago
9c6ab18 Add fractionalSecondDigits by Frank Yung-Fong Tang · 4 days ago
Bug: v8:7834
Change-Id: If455a1d5b3629aba45060f97672ff829ce112fa8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2174068
Auto-Submit: Frank Tang <ftang@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67504}
Forced GCs can either be invoked internally or communicate the fact that
they are forced externally via API. Before this CL, all uses were
passing kGCCallbackFlagForced to indicate that the GC was forced.
This flag is used by embedders though to trigger followup actions. E.g.,
it can be used to trigger a follow up call to
GarbageCollectionForTesting() call which requires --expose-gc.
This patch changes the semantics as follows:
- Internal forced GCs use a Heap GC flag (kForcedGC)
- External forced GCs and GC extension use kGCCallbackFlagForced
Bug: chromium:1074061
Change-Id: Ide7ea0ccdf88b8c8cac002289aef5b7eb0f9748c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2172747
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67498}
When a background thread fails to allocate, it requests a GC and
retries the allocation afterwards. Make second allocation more likely
to succeed by allowing those allocations to expand the old space.
TLABs of LocalHeaps also need to be invalidated before the GC.
Bug: v8:10315
Change-Id: Idaea2c4ee25642d508c72ae274b06d60c6e225e0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2154193
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67496}
Spilling a register in Liftoff require a scratch register when the
offset of the stack slot from fp is greater than 2^12. This CL adds
a check to LiftoffAssembler::Spill on arm to check that a scratch
register is available. It also fixes one case where the scratch register
was not available.
R=clemensb@chromium.orgCC=zhin@chromium.org
Bug: chromium:1075953
Change-Id: Idb2bc7e26e3d4fbd6bb0eb6c9a9b8cfd8b3c569e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2172424
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67494}
Rolling to chrome/src is in
https://chromium-review.googlesource.com/c/chromium/src/+/2155530
Since auto rolling stop after 3/24/2020 and the rolling will cause
change of test status, I get this cl ready (but not running trybot due
to 1074260) and plan to hand roll after the submission of 2155530.
Bug: chromium:1064326, v8:9515, v8:10379, v8:10380, v8:10437
Change-Id: I19554f68cfdc5b717dfc7fc4b1222e9dc25b8d69
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2158486
Auto-Submit: Frank Tang <ftang@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67493}
The interpreter will be un-shipped soon, hence we cannot have a
compilation hint for interpreted execution.
This CL removes the respective enum value, removes a test which
specifically tested this one option, and adapts other code to use one of
the remaining hints.
R=ahaas@chromium.org
Bug: v8:10389
Change-Id: Ia754f7de95be271000a9e4e10ef2a3ee171da627
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2172748
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67491}
Supporting WebAssembly evaluator modules requires support for passing
binary data as a parameter to CDP methods. Currently, the required base64
conversions are not implemented.
Bug: chromium:1020120
Change-Id: Ie74f93ee5accfa369aac428e5c5b5f882c921c52
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2152645
Commit-Queue: Philip Pfaffe <pfaffe@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67490}
The UnicodePropertyEscapeCodeSize test set the max code size as 150KB,
which is too strict for mips64. This CL loosen the limit to 200KB.
Bug: v8:10441
Change-Id: I8532d4d51eedd7713075d86e84c52a58d2412861
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2172927
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/master@{#67489}
Add a test to stop at a trap, inspect values, and step from there.
For inspection, we need to spill all registers, which we usually don't
do because the trap never returns, so the values won't be used
afterwards.
R=thibaudm@chromium.org
Bug: v8:10235
Change-Id: Ia1c21aa0faa3ca656e40aae626e8e912eaf2c233
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2169890
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67477}
The output generated by --wasm-fuzzer-gen-test did not pass the
presubmit check:
* There was a trailing whitespace after "body";
* There was a trailing newline at the end;
Additionally the signature of addElementSegment changed at some point
and now also takes a table-index parameter.
R=thibaudm@chromium.org
Bug: v8:10155
Change-Id: I77481b0ac810a0e3ff06df24afa3ae22beaebb77
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2172744
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67476}
With this CL the registers in a register pair get ordered such that the
low word register always has a lower register code than the high word
register. This should allow easier reasoning about the register
allocation, and prevent some register allocation bugs.
Background: for many operations in Liftoff, input registers are reused
as output registers. With register pairs, input register pairs are
reused as output register pairs. Additional reasoning, and sometimes
even additional code is needed when the registers of the output register
pair are swapped, i.e. when the high word register of the input becomes
the low word register of the output. With this CL the additional
reasoning is not necessary anymore, as the high word and low word
registers would get swapped during register allocation.
Additionally this CL fixes the logic of the last_spilled_regs list. This
list stored the last spilled registers, but recorded only one of the two
registers of a register pair. With this CL, both registers get recorded.
This CL does not have a regression test. The regression test was more
than 9000 lines long, and quite slow. I was not able to minimize it
substantially. The test would be fragile by nature, as it has to create
a special register configuration or otherwise does not test anything
meaningful. All in all I think it's better not to add the test.
R=clemensb@chromium.org
Bug: chromium:1074586
Change-Id: I4b2475b0c6537c7ce2e51fee281388cdd85f2953
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2168875
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67473}
The original motivation of the test case is long outdated, and it
has been repurposed. Making some cosmetic changes to clarify.
R=szuend@chromium.org
Fixed: v8:10455
Change-Id: I02c2e6f83d3475478efd37dbe834fca5d415b829
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2172419
Commit-Queue: Yang Guo <yangguo@chromium.org>
Auto-Submit: Yang Guo <yangguo@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67470}
To reduce the number of deoptimizations in TurboProp use call feedback
only when we know the call target is a builtin. Given that we don't
inline in TurboProp, call feedback isn't really useful and using Generic
lowering doesn't impact performance much. TurboProp still inlines
builtins, so it is important to use this feedback for generating better
optimized code.
BUG: v8:10431
Change-Id: I24d51e43728f9aea3099767deb7800119fea40e2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2116033
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67468}
This is a reland of 43b885a842
This fixes another signed overflow in the unit test.
Original change's description:
> Reland "[turbofan][csa] optimize Smi untagging better"
>
> This is a reland of ff22ae80e2
>
> Original change's description:
> > [turbofan][csa] optimize Smi untagging better
> >
> > - Introduce new operator variants for signed right-shifts with the
> > additional information that they always shift out zeros.
> > - Use these new operators for Smi untagging.
> > - Merge left-shifts with a preceding Smi-untagging shift.
> > - Optimize comparisons of Smi-untagging shifts to operate on the
> > unshifted word.
> > - Optimize 64bit comparisons of values expanded from 32bit to use
> > a 32bit comparison instead.
> > - Change CodeStubAssembler::UntagSmi to first sign-extend and then
> > right-shift to enable better address computations for Smi indices.
> >
> > Bug: v8:9962
> > Change-Id: If91300f365e8f01457aebf0bd43bdf88b305c460
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135734
> > Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> > Reviewed-by: Georg Neis <neis@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#67378}
>
> Bug: v8:9962
> Change-Id: Ieab0755806c95fb50022eb17596fb0c95f36004c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2170001
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Georg Neis <neis@chromium.org>
> Auto-Submit: Tobias Tebbi <tebbi@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67430}
Bug: v8:9962
TBR: neis@chromium.org
Change-Id: I79883db546bf37873b3727b8023ef688507091d9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2169103
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67464}
This is a reland of 6a0e7224f3
Original change's description:
> [regexp] Limit the size of inlined choice nodes
>
> Codegen for unicode property escapes (e.g.: /\p{L}/u) can produce huge
> code objects. This effect can be further magnified through inlining,
> leading to exponential code growth in the size of the pattern.
>
> This CL is a (fairly hacky) way to avoid exponential growth. We
> recognize choice nodes with 'many' choices and disable inlining for
> them. In the future we should fix this properly, either by using the
> code size budget correctly, or by improving codegen for property
> escapes.
>
> Bug: v8:10441
> Change-Id: I817f145251ec8b1b9906cc735c9e9bdb004c98ed
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2170229
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67433}
Tbr: yangguo@chromium.org
Bug: v8:10441
Change-Id: I9a16cc9e8248cb46d3d16a4e2d250968cc1b7b39
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2172679
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67462}
The worklist in this CL is a merge of the worklists of Oilpan and V8. This implementation supports both use cases and should serve as the shared worklist once we start merging the codebase.
Bug: chromium:1056170
Change-Id: I4ecdb475f3900c33eced9249efa112a69c1b2707
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2170828
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67459}
HeapVisitor is a simple visitor implementing both visitation and accept
interfaces. HeapVisitor is aimed to replace functions that traverse the
heap in Blink: PrepareForSweep, Sweep, FinalizeSweep, MakeConsistentForGC,
ObjectPayloadSize, VerifyObjectStartBitmap, CollectStatistics, etc.
This CL also introduces a Heap::ObjectPayloadSize function.
Bug: chromium:1056170
Change-Id: I85a2b8b572486bea29704fc436b002d8f7405201
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2165733
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67458}
Creates a new large-spaces.h and large-spaces.cc to contain
LargeObjectSpace and subclasses.
Bug: v8:10473
Change-Id: Ifdb4eac9df5c8213f992d549e04b612b62f6df0b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2170826
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67456}
Since ES6, optional arguments are treated the same as undefined. This
was recently cleaned up in https://github.com/tc39/ecma262/pull/1411.
The current Torque implementation of %TypedArray%.from incorrectly
interpreted the old (and confusing) language of a parameter being "not
present" as testing using arguments.length instead of testing directly
for undefined.
Bug: v8:10458
Change-Id: I055f1fa3be570a31a4f7369ba5b51b7d6b022f0a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2168674
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67454}
When creating a filler, we pass through whether we need to clear slots
in the old to new remembered set.
This patch adds a verification check that, when we claim we don't need
to clear slots, checks that no slots are set in the remembered set for
the range of the filler. Effectively, this is a range counterpart to
VerifyClearedSlot.
Change-Id: Id994c56d941988cc282463304bc7307a51943e99
Bug: chromium:1075999
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2139572
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67453}
Having no value argument in DataView setters (e.g. setFloat64) caused
wrong behavior in compiled code.
Bug: chromium:1071190
Change-Id: I37ddba8555dafad321f8d4c1352da8a501a98453
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2170091
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67451}
base::List is only used inside of heap and has some pretty strange
semantics that don't lend themselves to it being a general purpose data
structure so this moves it to heap where it can be safe isolated.
Bug: v8:10454
Change-Id: I7921c22286276432956005c72143b22b0364fc93
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2170029
Auto-Submit: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67448}
In AtomicOp64 ClearRegister is called twice to clear the registers r8
and r9. Thereby new registers may get allocated. We forgot to add the
newly allocated registers to pinned after the first call to
ClearRegister, which caused the same registers to be allocated again in
the second ClearRegister, and thereby caused the bug.
R=clemensb@chromium.org
Change-Id: I0d069aea4c9438fe30c30c22406b4075ddf3e95c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2170088
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67445}
When RO_SPACE is to be shared, this constructs SharedReadOnlySpace
object (via ReadOnlySpace::DetachPagesAndAddToArtifacts) that contains
the shared artifacts and the original ReadOnlySpace is destroyed. This
is mostly a conceptual change and SharedReadOnlySpace behaves
identically to ReadOnlySpace (and subclasses it).
Also adds ReadOnlyArtifacts that contains the shared artifacts and which
is stored as a std::weak_ptr in a global so it can be destroyed when all
std::shared_ptrs to it are destroyed. Since this allows the ReadOnlyHeap
to be reconstructed when all Isolates are destroyed,
ReadOnlyHeap::ClearSharedHeapForTest is removed along with all uses
since that is now done automatically.
The ReadOnlyArtifacts class now owns all the shared artifacts and is
responsible for deleting them on exit (mostly via unique_ptr).
Bug: v8:10454
Change-Id: I2fe7110a4ab9cf8719dd198bafc1d083bee641b1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2154204
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67440}
... by making sure we deopt when the buffer is detached.
Bug: chromium:1074736
Change-Id: I86e4e63014767766d7c079c3a3e38d947c76ef10
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2168874
Commit-Queue: Georg Neis <neis@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67437}
This reverts commit 6a0e7224f3.
Reason for revert: Fails noi18n: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20noi18n%20-%20debug/31513
Original change's description:
> [regexp] Limit the size of inlined choice nodes
>
> Codegen for unicode property escapes (e.g.: /\p{L}/u) can produce huge
> code objects. This effect can be further magnified through inlining,
> leading to exponential code growth in the size of the pattern.
>
> This CL is a (fairly hacky) way to avoid exponential growth. We
> recognize choice nodes with 'many' choices and disable inlining for
> them. In the future we should fix this properly, either by using the
> code size budget correctly, or by improving codegen for property
> escapes.
>
> Bug: v8:10441
> Change-Id: I817f145251ec8b1b9906cc735c9e9bdb004c98ed
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2170229
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67433}
TBR=yangguo@chromium.org,jgruber@chromium.org
Change-Id: I503b8b2be539468d86e4ec1ac13074cd1c06a5cb
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10441
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2169101
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67436}
Codegen for unicode property escapes (e.g.: /\p{L}/u) can produce huge
code objects. This effect can be further magnified through inlining,
leading to exponential code growth in the size of the pattern.
This CL is a (fairly hacky) way to avoid exponential growth. We
recognize choice nodes with 'many' choices and disable inlining for
them. In the future we should fix this properly, either by using the
code size budget correctly, or by improving codegen for property
escapes.
Bug: v8:10441
Change-Id: I817f145251ec8b1b9906cc735c9e9bdb004c98ed
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2170229
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67433}
This reverts commit 43b885a842.
Reason for revert: Still fails on UBSan: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20UBSan/10873
Original change's description:
> Reland "[turbofan][csa] optimize Smi untagging better"
>
> This is a reland of ff22ae80e2
>
> Original change's description:
> > [turbofan][csa] optimize Smi untagging better
> >
> > - Introduce new operator variants for signed right-shifts with the
> > additional information that they always shift out zeros.
> > - Use these new operators for Smi untagging.
> > - Merge left-shifts with a preceding Smi-untagging shift.
> > - Optimize comparisons of Smi-untagging shifts to operate on the
> > unshifted word.
> > - Optimize 64bit comparisons of values expanded from 32bit to use
> > a 32bit comparison instead.
> > - Change CodeStubAssembler::UntagSmi to first sign-extend and then
> > right-shift to enable better address computations for Smi indices.
> >
> > Bug: v8:9962
> > Change-Id: If91300f365e8f01457aebf0bd43bdf88b305c460
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135734
> > Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> > Reviewed-by: Georg Neis <neis@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#67378}
>
> Bug: v8:9962
> Change-Id: Ieab0755806c95fb50022eb17596fb0c95f36004c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2170001
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Georg Neis <neis@chromium.org>
> Auto-Submit: Tobias Tebbi <tebbi@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67430}
TBR=neis@chromium.org,tebbi@chromium.org
Change-Id: I49e19811ebcecb846f61291bc0c4a0d8b0bc4cff
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9962
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2168876
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67431}
This is a reland of ff22ae80e2
Original change's description:
> [turbofan][csa] optimize Smi untagging better
>
> - Introduce new operator variants for signed right-shifts with the
> additional information that they always shift out zeros.
> - Use these new operators for Smi untagging.
> - Merge left-shifts with a preceding Smi-untagging shift.
> - Optimize comparisons of Smi-untagging shifts to operate on the
> unshifted word.
> - Optimize 64bit comparisons of values expanded from 32bit to use
> a 32bit comparison instead.
> - Change CodeStubAssembler::UntagSmi to first sign-extend and then
> right-shift to enable better address computations for Smi indices.
>
> Bug: v8:9962
> Change-Id: If91300f365e8f01457aebf0bd43bdf88b305c460
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135734
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67378}
Bug: v8:9962
Change-Id: Ieab0755806c95fb50022eb17596fb0c95f36004c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2170001
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67430}
This removes the {RedirectToWasmInterpreter} runtime function and the
respective method from {WasmDebugInfo}.
Some tests test specifically the interaction between compiled code and
the interpreter. They are irrelevant now and are deleted.
R=thibaudm@chromium.org
Bug: v8:10389
Change-Id: I38330fcb523f7c65968fdf03abc60af3392bdcc8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2164793
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67427}
This is a reland of ad5b005e38
Original change's description:
> [snapshot] Expose the serializer through %SerializeDeserializeNow
>
> ... in order to exercise the snapshot/ component from mjsunit tests
> and fuzzers.
>
> * Since the serializer and deserializer can now be called at any time
> instead of only in a tightly controlled environment, several
> assumptions (such as an empty execution stack, no microtasks, no
> handles) no longer hold and had to be made configurable through
> SerializerFlags.
>
> * Root iteration now skips more root categories which were previously
> guaranteed to be empty (e.g. the stack, microtask queue, handles).
>
> * The %SerializeDeserializeNow runtime function triggers
> serialization, deserialization, and heap verification on the current
> isolate and native context.
>
> Support is not yet complete and will be extended in future work. Once
> all mjsunit tests successfully run, we can add a new test mode to
> stress serialization.
>
> Bug: v8:10416
> Change-Id: Ie7ff441a761257dd7f256d0a33e73227850074ac
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2159495
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67423}
Tbr: delphick@chromium.org,ulan@chromium.org
Bug: v8:10416
Change-Id: Ibed04c0f0b72fabcf811d8b18a1479391a11568b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2170090
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67426}
This adds the following:
1) Heap object structure classes: RawHeap, BaseArena and BasePage.
- freelist
- linear allocation block
2) ObjectAllocator, a class responsible for object (and page) allocation.
The design doc with UML design: https://bit.ly/2VVTcqc
User defined arenas are followup.
Bug: chromium:1056170
Change-Id: I69a82974bd08e3cf3da90041b1628297cc890891
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2167392
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67425}
This reverts commit ad5b005e38.
Reason for revert: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20shared/36070?
Original change's description:
> [snapshot] Expose the serializer through %SerializeDeserializeNow
>
> ... in order to exercise the snapshot/ component from mjsunit tests
> and fuzzers.
>
> * Since the serializer and deserializer can now be called at any time
> instead of only in a tightly controlled environment, several
> assumptions (such as an empty execution stack, no microtasks, no
> handles) no longer hold and had to be made configurable through
> SerializerFlags.
>
> * Root iteration now skips more root categories which were previously
> guaranteed to be empty (e.g. the stack, microtask queue, handles).
>
> * The %SerializeDeserializeNow runtime function triggers
> serialization, deserialization, and heap verification on the current
> isolate and native context.
>
> Support is not yet complete and will be extended in future work. Once
> all mjsunit tests successfully run, we can add a new test mode to
> stress serialization.
>
> Bug: v8:10416
> Change-Id: Ie7ff441a761257dd7f256d0a33e73227850074ac
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2159495
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67423}
TBR=ulan@chromium.org,jgruber@chromium.org,delphick@chromium.org
Change-Id: Ie30b94c9ec6e4463bed6cc87dd6525f469fdf84a
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10416
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2170089
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67424}
... in order to exercise the snapshot/ component from mjsunit tests
and fuzzers.
* Since the serializer and deserializer can now be called at any time
instead of only in a tightly controlled environment, several
assumptions (such as an empty execution stack, no microtasks, no
handles) no longer hold and had to be made configurable through
SerializerFlags.
* Root iteration now skips more root categories which were previously
guaranteed to be empty (e.g. the stack, microtask queue, handles).
* The %SerializeDeserializeNow runtime function triggers
serialization, deserialization, and heap verification on the current
isolate and native context.
Support is not yet complete and will be extended in future work. Once
all mjsunit tests successfully run, we can add a new test mode to
stress serialization.
Bug: v8:10416
Change-Id: Ie7ff441a761257dd7f256d0a33e73227850074ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2159495
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67423}
For a zero-length BackingStore allocation, it is valid for the
underlying memory to be a null pointer. However, some cleanup
is still necessary, since the BackingStore may hold a reference
to the allocator itself, which needs to be released when destroying
the `BackingStore` instance.
Change-Id: I1f168079d39e4592d2fde31fbe5f705586690e85
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2169646
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67420}
The interpreter will be moved to be test-only, hence
--wasm-interpret-all also needs to be removed.
Since we don't have any non-compiling tier any more, we also remove the
implication from --jitless to --wasm-lazy-compilation. Instead, we add
another CHECK that we can't be in jitless mode if we trigger any wasm
compilation.
All tests that just ran other tests and additionally passed
--wasm-interpret-all become redundant and are deleted. Also all
regression tests that explicitly specify --wasm-interpret-all are not
needed any more.
R=thibaudm@chromium.org
Bug: v8:10389
Change-Id: I5ddf20a842117a6c05e277a5308f5cfe42e6bfa5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2164792
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67419}
PerformPromiseAll doesn't set iteratorRecord.[[Done]] to true if
Promise.resolve is not callable. This makes Promise.all call
IteratorClose.
BUG=v8:10452
Change-Id: Icbe17416a733f68ef09f1c610d715f544c2a3b8a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2164789
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67416}
This reverts the changes made in
https://chromium-review.googlesource.com/c/v8/v8/+/1695465https://chromium-review.googlesource.com/c/v8/v8/+/1776078
We originally moved this protector to the native context to avoid
cross-native-context pollution of protector state. Ideally,
invalidating a protector in one NC should not affect any other NC.
But as it turns out, having the protector on the NC causes more
problems than it solves since all affected callers now need to find
the correct native context to check. Sometimes (e.g. in CSA regexp
builtins) it is possible to blindly check the current NC, but the
reasoning behind this optimization is tricky to understand.
Sometimes, fetching the correct NC is not possible due to access
restrictions. These implementation complexities outweigh the (unknown)
potential performance benefits.
In the future we should attempt to move away from the protector
concept for these kinds of checks.
Bug: chromium:1069964,v8:9463
Change-Id: I2cbb2ec7266282165dae5e4a6c8bdbda520c50a9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2157382
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67415}
Due to lack of testing environment before, there are some bugs in the
implementations of wasm-simd on mips64 platform, this CL fix them
according to the test on Loongson 3A4000.
Change-Id: I59ab6315987fc94a06cf0bf23754f5c593879532
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2162416
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67413}
This changelist makes the GDB-stub actually execute GDB-remote commands, by
accessing the Wasm engine state. More precisely:
- class GdbServer registers DebugDelegates that receive debug notifications when
a new Wasm module is loaded, when execution suspends at a breakpoint or for an
unhandled exception.
- Since the GDB-remote commands arrive on a separate thread, all
queries from the debugger are transformed into Task objects, that are posted
into a TaskRunner that runs in the Isolate thread.
- class WasmModuleDebug contains the logic to retrieve the value of globals, locals, memory ranges from the
Wasm engine and to add/remove breakpoints.
Build with: v8_enable_wasm_gdb_remote_debugging = true
Run with: --wasm-gdb-remote
Test with: python tools\run-tests.py --outdir=out\debug_x64 debugging -j 1
Bug: chromium:1010467
Change-Id: I9703894620a027d3c920926db92e2ff809d84ab8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1941139
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Paolo Severini <paolosev@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#67412}
Extend the flag parameter with a bit that decides if the input should
be converted (-0 to 0, and a string to the array index it represents).
Instruct redundancy elimination to never replace x with CheckBounds(x)
when this CheckBounds is of the converting kind.
Bug: chromium:1070892, chromium:1071743
Change-Id: I3125a6e267d56dae6bf6cb2f5f52d27ef65d7c79
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2157365
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67408}
This relands commit 1a38573f9d.
The original change used a sequence of instruction in the test that
could not be scalar lowered properly.
Original change's description:
> [arm] Change fp_fixed registers to be allocatable registers
>
> fp_fixed1 and fp_fixed2 are used by the S8x16Shuffle operation. They
> need to be allocatable, so that they can be correctly marked as fixed
> and spilled as required. The previous value of fp_fixed2, d29, is not in
> the list of allocatable double registers, and not marked as fixed
> appropriately.
>
> One fix could be to extend the list of allocatable double registers, but
> there is a comment there saying that the list is kept even-length to
> make stack alignment easier. So rather than messing with that, we
> instead change what fp_fixed1 and fp_fixed2 is, since S8x16Shuffle is
> the only user, this is a simpler change.
>
> Bug: chromium:1070078
> Change-Id: Id7de9b256bad2cfb11b0f06b66eb80a48ff7827c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2161565
> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
> Commit-Queue: Zhi An Ng <zhin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67372}
Bug: chromium:1070078
Change-Id: I02bb4b3ad03817318cbd0ee706c5ef4f20c845ba
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2165867
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67406}
This patch has the following improvement on v8.browsing_mobile:
- total-main-thread:duration improved by 1.7%
- js:duration improved by 1.3%
Change-Id: I1cdf2c181bfd991b67f31c5c2f32e3c2f909c67e
Bug: v8:9684, v8:10431
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2149433
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67405}
This adds a test which I suspected would fail, but luckily it doesn't.
The idea is to catch a proper wasm exception in JS, then construct a new
exception, but set the catched exception as the prototype. My suspicion
was that we would still handle that new exception like a wasm exception,
since the `WasmExceptionGetTag` and `WasmExceptionGetValues` runtime
functions to a standard property lookup, which includes a prototype
walk.
Interestingly, the prototype walk is already skipped automatically when
loading private symbols, so the implementation already supports this
case correctly.
Let's still add this test to have coverage for this case.
R=jkummerow@chromium.orgCC=aheejin@chromium.org
Bug: v8:8091
Change-Id: Idf9944cf47f96cca38e9678e9200bf03a39ea126
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2167438
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67391}
- Add template specialization for DataRange::get<bool> to avoid undefined behavior of the template DataRange::get<T> which uses memcpy to assign the result variable
Change-Id: I129773251c063ea6863c4b2318dbc18574588d99
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2165728
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67387}
Intl.DisplayNames was shipped in m81 and we now can remove the flag.
https://www.chromestatus.com/features/4965112605573120
Bug: v8:8703
Change-Id: Ib65d787c1871aa1da38a22fdb9e369c680c7d2c9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163820
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67382}
This reverts commit ff22ae80e2.
Reason for revert: new test fails on UBSAN
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20UBSan/10831
Original change's description:
> [turbofan][csa] optimize Smi untagging better
>
> - Introduce new operator variants for signed right-shifts with the
> additional information that they always shift out zeros.
> - Use these new operators for Smi untagging.
> - Merge left-shifts with a preceding Smi-untagging shift.
> - Optimize comparisons of Smi-untagging shifts to operate on the
> unshifted word.
> - Optimize 64bit comparisons of values expanded from 32bit to use
> a 32bit comparison instead.
> - Change CodeStubAssembler::UntagSmi to first sign-extend and then
> right-shift to enable better address computations for Smi indices.
>
> Bug: v8:9962
> Change-Id: If91300f365e8f01457aebf0bd43bdf88b305c460
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135734
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67378}
TBR=neis@chromium.org,tebbi@chromium.org
Change-Id: I2617d7a44e5ae33fd79322d37c8b722c00162d22
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9962
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2165873
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67380}
- Introduce new operator variants for signed right-shifts with the
additional information that they always shift out zeros.
- Use these new operators for Smi untagging.
- Merge left-shifts with a preceding Smi-untagging shift.
- Optimize comparisons of Smi-untagging shifts to operate on the
unshifted word.
- Optimize 64bit comparisons of values expanded from 32bit to use
a 32bit comparison instead.
- Change CodeStubAssembler::UntagSmi to first sign-extend and then
right-shift to enable better address computations for Smi indices.
Bug: v8:9962
Change-Id: If91300f365e8f01457aebf0bd43bdf88b305c460
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135734
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67378}
This reverts commit 390ed4b934.
Reason for revert: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux/36714?
Original change's description:
> [arm] Change fp_fixed registers to be allocatable registers
>
> fp_fixed1 and fp_fixed2 are used by the S8x16Shuffle operation. They
> need to be allocatable, so that they can be correctly marked as fixed
> and spilled as required. The previous value of fp_fixed2, d29, is not in
> the list of allocatable double registers, and not marked as fixed
> appropriately.
>
> One fix could be to extend the list of allocatable double registers, but
> there is a comment there saying that the list is kept even-length to
> make stack alignment easier. So rather than messing with that, we
> instead change what fp_fixed1 and fp_fixed2 is, since S8x16Shuffle is
> the only user, this is a simpler change.
>
> Bug: chromium:1070078
> Change-Id: Id7de9b256bad2cfb11b0f06b66eb80a48ff7827c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2161565
> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
> Commit-Queue: Zhi An Ng <zhin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67372}
TBR=gdeepti@chromium.org,zhin@chromium.org,thibaudm@chromium.org
Change-Id: I00b4b34771b5832cc3d5fe6eac7aac506ec82d50
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:1070078
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2165865
Reviewed-by: Francis McCabe <fgm@chromium.org>
Commit-Queue: Francis McCabe <fgm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67375}
fp_fixed1 and fp_fixed2 are used by the S8x16Shuffle operation. They
need to be allocatable, so that they can be correctly marked as fixed
and spilled as required. The previous value of fp_fixed2, d29, is not in
the list of allocatable double registers, and not marked as fixed
appropriately.
One fix could be to extend the list of allocatable double registers, but
there is a comment there saying that the list is kept even-length to
make stack alignment easier. So rather than messing with that, we
instead change what fp_fixed1 and fp_fixed2 is, since S8x16Shuffle is
the only user, this is a simpler change.
Bug: chromium:1070078
Change-Id: Id7de9b256bad2cfb11b0f06b66eb80a48ff7827c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2161565
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67372}
If module bytes end in a prefix like 0xfc (numeric prefix), we read out
of bounds (pc + 1). So, if validate flag is set, check the length.
Bug: chromium:1073553
Change-Id: Ia9771419d01f2315723d19dd96630172b5a7a1f5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2161404
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67370}
The impl works by posting up to NumberOfWorkerThreads() tasks
with CallOnWorkerThread().
Change-Id: I188ac57c9e5d6e3befdcc6f945fbf337dabe1d1d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2130886
Commit-Queue: Etienne Pierre-Doray <etiennep@chromium.org>
Reviewed-by: Gabriel Charette <gab@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67368}
This is the last cctest that uses the interpreter for debugging.
This CL moves it over to Liftoff.
R=jkummerow@chromium.org
Bug: v8:10389
Change-Id: I1791f0c762c9aab38eee5f5fb96772f4d01c212f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2164790
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67367}
Moves the Script line-end initialization for profiling out of
CreateScript and into FinalizeScriptCompilation. This ensures that
scripts created off-thread still get line-ends when necessary.
Bug: chormium:1011762
Change-Id: If16ad17b2b3ec96908420107bd5f9161eab9492f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2122020
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67363}
This is a reland of 29c1eab92e
Original change's description:
> [builtins] Clean up the use of class_name / ES5 [[Class]]
>
> Before ES2015, the ES spec had a [[Class]] internal slot for all
> objects, which Object.prototype.toString() would use to figure the
> returned string. Post-ES2015, the [[Class]] slot was removed in spec for
> all objects, with the @@toStringTag well-known symbol the proper way to
> change Object.prototype.toString() output.
>
> At the time, spec-identical handling without the use of [[Class]] was
> implemented in V8 for all objects other than API objects, where issues
> with the Web IDL spec [1] prevented Blink, and hence V8, to totally
> migrate to @@toStringTag. However, since 2016 [2] Blink has been setting
> @@toStringTag on API class prototypes to manage the
> Object.prototype.toString() output, so the legacy [[Class]] handling in
> V8 has not been necessary for the past couple of years.
>
> This CL removes the remaining legacy [[Class]] handling in
> Object.prototype.toString(), JSReceiver::class_name(), and
> GetConstructorName(). However, it does not remove the class_name field
> in FunctionTemplateInfo, as it is still used for the `name` property of
> created functions.
>
> This CL also cleans up other places in the codebase that still reference
> [[Class]].
>
> This change should have minimal impact on web-compatibility. For the
> change to be observable, a script must do one of the following:
>
> 1. delete APIConstructor.prototype[Symbol.toStringTag];
> 2. Object.setPrototypeOf(apiObject, somethingElse);
>
> Before this CL, these changes will not change the apiObject.toString()
> output. But after this CL, they will make apiObject.toString() show
> "[object Object]" (in the first case) or the @@toStringTag of the other
> prototype (in the latter case).
>
> However, both are deemed unlikely. @@toStringTag is not well-known
> feature of JavaScript, nor does it get tampered much on API
> constructors. In the second case, setting the prototype of an API object
> would effectly render the object useless, as all its methods (including
> property getters/setters) would no longer be accessible.
>
> Currently, @@toStringTag-based API object branding is not yet
> implemented by other browsers. This V8 bug in particular has been an
> impediment to standardizing toString behavior. Fixing this bug will
> unblock [3] and lead to a better Web IDL spec, and better toString()
> compatibility for all.
>
> [1]: https://www.w3.org/Bugs/Public/show_bug.cgi?id=28244
> [2]: https://crrev.com/909c0d7d5a53c8526ded351683c65ea7d17531d4
> [3]: https://github.com/heycam/webidl/pull/357
>
> Bug: chromium:793406
> Cq-Include-Trybots: luci.chromium.try:linux-rel
> Change-Id: Iceded24e37afa2646ec385d5018909f55b177f93
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2146996
> Commit-Queue: Timothy Gu <timothygu@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67327}
Bug: chromium:793406
Change-Id: Ia5d97bd4e1c44cadc6f18a17ffc9d06b038cf8f1
Cq-Include-Trybots: luci.chromium.try:linux-rel
Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163881
Auto-Submit: Timothy Gu <timothygu@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67361}
The cctests for breakpoints were still executing in the interpreter.
This CL moves them over to Liftoff.
Note that the additional methods on {DebugInfo} will be reused for other
purposes, see https://crrev.com/c/1941139.
R=jkummerow@chromium.org
Bug: v8:10389
Change-Id: Ia88150612377d6e7db0514af1efe091124b3ddce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2162852
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67360}
This is a reland of a441cbfb57
Disabling cctest/test-compiler/DeepEagerCompilationPeakMemory in stress
mode since allocation is no longer deterministic.
Original change's description:
> [offthread] Move stress-background-compile to compiler.cc
>
> Make --stress-background-compile a V8 flag rather than a d8 flag, so
> that it also tests unittests/cctests.
>
> Now, with this flag, every top-level script compile (that fulfills a
> couple of restrictions) will be both main-thread and background-thread
> compiled, taking the result of the background compile. In the future,
> we'll probably want to verify that the two results are equivalent.
>
> One of the necessary changes to allow tests to pass was to introduce a
> concept of a "temporary" script (with a temporary script id), which
> doesn't get added to the script list. This is to avoid the main-thread
> compile part of the stress-test having a debugger-visible side-effect,
> e.g. in tests that enumerate scripts. We can't just create new ids for
> such scripts, as then script-id expectation files no longer match.
>
> Bug: chromium:1011762
> Change-Id: I500bbf2cabea762e69aca3dbae247daae71192cb
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2120541
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67332}
TBR=rmcilroy@chromium.org
Bug: chromium:1011762
Change-Id: I5f9f0eb71caa4829e72b4a6d2824cbebd3698bd5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2162876
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67356}
This patch will allow turboprop to selectively turn off const based
optimizations.
Change-Id: Icd0ec29968287a428cbf38857191900dbf3fda36
Bug: v8:9684, v8:10431
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2149429
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67355}
62b8fce3..31dabb56
31dabb5 Add a test for Unicode key-type pairs being canonicalized by Intl.Locale regardless whether they're passed in the input tag, or through the options object. by Jeff Walden · 9 hours ago master
7a4b88e Add `null` named capture coercion test case by Alexey Shvayka · 9 hours ago
6de6484 Add functional replacement test by Alexey Shvayka · 9 hours ago
a6f3449 Add string replacement test by Alexey Shvayka · 9 hours ago
eca34ed Drop "the" and align license headers by Alexey Shvayka · 9 hours ago
34b2ab3 Use non ID_Continue characters in negative tests by Alexey Shvayka · 9 hours ago
89bb1b7 Remove negative parse tests that are now valid by Alexey Shvayka · 9 hours ago
3b5845a Add invalid non-Unicode test by Alexey Shvayka · 9 hours ago
b0995ea Add invalid Unicode test by Alexey Shvayka · 9 hours ago
fd18971 Add valid non-Unicode test by Alexey Shvayka · 9 hours ago
1991c24 Add valid Unicode test by Alexey Shvayka · 9 hours ago
d57bd9d Simplify alphanum regex in testIntl.js by Ross Kirsling · 9 hours ago
064d3c2 correct exceptions for exceptZero by Frank Yung-Fong Tang · 9 hours ago
18f5551 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
7bb81a4 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
52ec585 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
6b3b5c1 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
7aa1291 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
fb00de4 correct expectation of exceptZero by Frank Yung-Fong Tang · 9 hours ago
11cc0c0 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
9119877 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
2022f97 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
0fc6784 correct exceptZero expectation by Frank Yung-Fong Tang · 9 hours ago
988bf55 correct exceptZero expectation by Frank Yung-Fong Tang · 9 hours ago
e5d4129 correct for exceptZero by Frank Yung-Fong Tang · 9 hours ago
8293c96 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
0279d96 correct cases for exceptZero by Frank Yung-Fong Tang · 9 hours ago
d401735 correction for exceptZero by Frank Yung-Fong Tang · 9 hours ago
f07fe8c correct by Frank Yung-Fong Tang · 9 hours ago
c1a1111 correct by Frank Yung-Fong Tang · 9 hours ago
832ecd2 correct by Frank Yung-Fong Tang · 9 hours ago
940be66 correct expectation for signDisplay: "exceptZero" by Frank Yung-Fong Tang · 9 hours ago
df0207c Test revoked [[ProxyHandler]] by Alexey Shvayka · 9 hours ago
d6834ac Test revoked callable [[ProxyTarget]] by Alexey Shvayka · 9 hours ago
449f3ed Test revoked [[ProxyTarget]] by Alexey Shvayka · 9 hours ago
c2f0a3c Bring back accidentally removed __proto__ test by Alexey Shvayka · 9 hours ago
0c06bbc Add "proto-from-ctor-realm" test for AggregateError by Alexey Shvayka · 9 hours ago
a240781 Use isConstructor harness in revocation function test by Alexey Shvayka · 9 hours ago
c31133b Add Proxy.revocable built-in test by Alexey Shvayka · 9 hours ago
fadb907 Atomics.waitAsync: fix lint trash by Rick Waldron · 10 hours ago
d7e4de1 Atomics.waitAsync: validate array type; waiter list position, notify before timeout by Rick Waldron · 10 hours ago
161ce48 Atomics.waitAsync: misused symbol args. by Rick Waldron · 10 hours ago
127fa27 Atomics: remove erroneous argument from getReport() in harness/atomicsHelper.js by Rick Waldron · 10 hours ago
bd5b37e Atomics.waitAsync: symbol for timeout throws by Rick Waldron · 10 hours ago
eeb75f6 Atomics.waitAsync: poisoned object throws by Rick Waldron · 10 hours ago
db9c0ef Atomics.waitAsync: out of range index by Rick Waldron · 10 hours ago
0923420 Atomics.waitAsync: fix lint issues by Rick Waldron · 10 hours ago
c3efb56 Atomics.waitAsync: make all agent timeouts async by Rick Waldron · 10 hours ago
f03c0c2 fixup! Atomics.waitAsync: no spurious wakeup on [operation] by Rick Waldron · 10 hours ago
e9ee3dc Atomics: add setTimeout, getReportAsync & safeBroadcastAsync to harness/atomicsHelper .js by Rick Waldron · 10 hours ago
a46bbfd Atomics: drop unused id argument to agent receiveBroadcast handler by Rick Waldron · 10 hours ago
974a4ff Atomics.waitAsync: no spurious wakeup on [operation] by Rick Waldron · 10 hours ago
6d4b4eb Atomics.waitAsync: false, nan, negative, null, object zero timeouts by Rick Waldron · 10 hours ago
4c2ca05 Atomics.waitAsync: negative index throws by Rick Waldron · 10 hours ago
a196c93 Atomics.waitAsync: negative timeout by Rick Waldron · 10 hours ago
677fb82 Atomics.waitAsync: false for timeouts, revised. by Rick Waldron · 10 hours ago
9519cd8 Atomics.waitAsync: Return Value by Rick Waldron · 10 hours ago
dabcc05 Atomics.waitAsync: false, nan for timeouts by Rick Waldron · 10 hours ago
c0f0adf Atomics.waitAsync: ValidateSharedIntegerTypedArray, ValidateAtomicAccess & Return promiseCapability.[[Promise]] by Rick Waldron · 10 hours ago
4e48a56 Atomics.wait: fix esid by Rick Waldron · 10 hours ago
bb37b88 Atomics.waitAsync: add descriptor, length, name tests by Rick Waldron · 10 hours ago
f32b35e Atomics.waitAsync: add feature to features.txt by Rick Waldron · 10 hours ago
1394a4f Fix Proxy tests by Alexey Shvayka · 10 hours ago
fe0d4dc Fix bound function tests by Alexey Shvayka · 10 hours ago
57fa74b Add yield* throw() method test by Alexey Shvayka · 5 days ago
5628e99 Add default parameters test by Alexey Shvayka · 5 days ago
1c06724 Add ObjectBindingPattern destructuring tests by Alexey Shvayka · 5 days ago
4d9944e Add ArrayBindingPattern destructuring tests by Alexey Shvayka · 5 days ago
1d513c3 Update indices-groups-object.js by Gus Caplan · 5 days ago
30542f3 Update groups-object.js by Gus Caplan · 5 days ago
97bd6fd Update indices-groups-object.js by Gus Caplan · 5 days ago
a799a4a Sort out __proto__ occurances outside of annexB by Gus Caplan · 5 days ago
e1fb459 Use slice in RegExp lookBehind test by Michaël Zasso · 5 days ago
68205eb Fixed wrong `esid` and `features` in a Promise.all test by jhnaldo · 5 days ago
048b6b5 Assert that Symbol is a constructor by Alexey Shvayka · 9 days ago
4a8e49b Add test for \0 in Unicode patterns (#2569) by Alexey Shvayka · 13 days ago
156d1b6 Fix async iterator methods not passing absent values tests (#2571) by Alexey Shvayka · 13 days ago
13d057d fix namespace set test (#2574) by Gus Caplan · 13 days ago
27a41b6 Improve malformed RegExp named groups coverage (#2568) by Alexey Shvayka · 13 days ago
6fb6ff6 Add String.prototype.split test by Alexey Shvayka · 2 weeks ago
0c0bcef Add String.prototype.search test by Alexey Shvayka · 2 weeks ago
2597829 Add String.prototype.replaceAll test by Alexey Shvayka · 2 weeks ago
f21c828 Add String.prototype.replace test by Alexey Shvayka · 2 weeks ago
d8a6a06 Add String.prototype.match test by Alexey Shvayka · 2 weeks ago
c1a7ffa Rename searchValue-replace-method-abrupt.js by Alexey Shvayka · 2 weeks ago
18bb955 Upstream additional language tag canonicalisation and Intl.Locale tests from SpiderMonkey by André Bargull · 2 weeks ago
5d8e6c8 Restore grandfathered tests removed in #2054 by André Bargull · 2 weeks ago
de02cf4 Re-enable variant subtag canonicalisation in tests by André Bargull · 2 weeks ago
a525174 Add Unicode and Transformed extension canonicalisation by André Bargull · 2 weeks ago
1c93566 Update language tag mappings to CLDR 36.1 by André Bargull · 2 weeks ago
033f31a Add the language tag mappings python script by André Bargull · 2 weeks ago
756ee6a Update list of numbering systems by André Bargull · 2 weeks ago
7556d59 Update list of Intl service constructors by André Bargull · 2 weeks ago
Bug: v8:7834
Change-Id: I533f42e2460ba355091e46dec29a4920255a134f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163877
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67352}
This reverts commit 29c1eab92e.
Reason for revert: Causes Blink test failures:
https://ci.chromium.org/p/v8/builders/ci/V8%20Blink%20Linux/4222
Original change's description:
> [builtins] Clean up the use of class_name / ES5 [[Class]]
>
> Before ES2015, the ES spec had a [[Class]] internal slot for all
> objects, which Object.prototype.toString() would use to figure the
> returned string. Post-ES2015, the [[Class]] slot was removed in spec for
> all objects, with the @@toStringTag well-known symbol the proper way to
> change Object.prototype.toString() output.
>
> At the time, spec-identical handling without the use of [[Class]] was
> implemented in V8 for all objects other than API objects, where issues
> with the Web IDL spec [1] prevented Blink, and hence V8, to totally
> migrate to @@toStringTag. However, since 2016 [2] Blink has been setting
> @@toStringTag on API class prototypes to manage the
> Object.prototype.toString() output, so the legacy [[Class]] handling in
> V8 has not been necessary for the past couple of years.
>
> This CL removes the remaining legacy [[Class]] handling in
> Object.prototype.toString(), JSReceiver::class_name(), and
> GetConstructorName(). However, it does not remove the class_name field
> in FunctionTemplateInfo, as it is still used for the `name` property of
> created functions.
>
> This CL also cleans up other places in the codebase that still reference
> [[Class]].
>
> This change should have minimal impact on web-compatibility. For the
> change to be observable, a script must do one of the following:
>
> 1. delete APIConstructor.prototype[Symbol.toStringTag];
> 2. Object.setPrototypeOf(apiObject, somethingElse);
>
> Before this CL, these changes will not change the apiObject.toString()
> output. But after this CL, they will make apiObject.toString() show
> "[object Object]" (in the first case) or the @@toStringTag of the other
> prototype (in the latter case).
>
> However, both are deemed unlikely. @@toStringTag is not well-known
> feature of JavaScript, nor does it get tampered much on API
> constructors. In the second case, setting the prototype of an API object
> would effectly render the object useless, as all its methods (including
> property getters/setters) would no longer be accessible.
>
> Currently, @@toStringTag-based API object branding is not yet
> implemented by other browsers. This V8 bug in particular has been an
> impediment to standardizing toString behavior. Fixing this bug will
> unblock [3] and lead to a better Web IDL spec, and better toString()
> compatibility for all.
>
> [1]: https://www.w3.org/Bugs/Public/show_bug.cgi?id=28244
> [2]: https://crrev.com/909c0d7d5a53c8526ded351683c65ea7d17531d4
> [3]: https://github.com/heycam/webidl/pull/357
>
> Bug: chromium:793406
> Cq-Include-Trybots: luci.chromium.try:linux-rel
> Change-Id: Iceded24e37afa2646ec385d5018909f55b177f93
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2146996
> Commit-Queue: Timothy Gu <timothygu@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67327}
TBR=verwaest@chromium.org,timothygu@chromium.org
Change-Id: I678d2ffc1064b1d1ddb62024cc23c6c41b216ef4
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:793406
Cq-Include-Trybots: luci.chromium.try:linux-rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163956
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67349}
This reverts commit a441cbfb57.
Reason for revert: causes DeepEagerCompilationPeakMemory to fail.
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux/36681
Original change's description:
> [offthread] Move stress-background-compile to compiler.cc
>
> Make --stress-background-compile a V8 flag rather than a d8 flag, so
> that it also tests unittests/cctests.
>
> Now, with this flag, every top-level script compile (that fulfills a
> couple of restrictions) will be both main-thread and background-thread
> compiled, taking the result of the background compile. In the future,
> we'll probably want to verify that the two results are equivalent.
>
> One of the necessary changes to allow tests to pass was to introduce a
> concept of a "temporary" script (with a temporary script id), which
> doesn't get added to the script list. This is to avoid the main-thread
> compile part of the stress-test having a debugger-visible side-effect,
> e.g. in tests that enumerate scripts. We can't just create new ids for
> such scripts, as then script-id expectation files no longer match.
>
> Bug: chromium:1011762
> Change-Id: I500bbf2cabea762e69aca3dbae247daae71192cb
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2120541
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67332}
TBR=rmcilroy@chromium.org,leszeks@chromium.org
Change-Id: I8716b332b07fe4f394b5a32c986bbe652325582d
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:1011762
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163143
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67347}
Pick handful of failure cases from
https://bugs.chromium.org/p/v8/issues/detail?id=10437
Mark the test fail
The bug should be fixed by ICU67.1 and will be landed soon.
Bug: v8:10437
Change-Id: Iac309dd48b2220da777c006c7a35fac24e454430
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2161510
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67345}
1. read and output into option after timeZoneName
2. Not output into resolvedOptions if dateStyle or timeStyle is presented.
3. Add unit test
Spec: https://github.com/tc39/ecma402/pull/347
Bug: v8:10438
Change-Id: Ie7fecdb5b6dc83dc9a6dfd8ced26679a4051c833
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2161509
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67344}
