Commit Graph

10685 Commits

Author SHA1 Message Date
Marja Hölttä
28ead05405 [Atomics.waitAsync] Fix removing multiple nodes when Isolate deinits
RemoveNode already nullifies the next_ pointer of FutexWaitListNode,
and DeleteAsyncNode was trying to retrieve it.

Bug: v8:10239
Change-Id: I595885de87f433d263eeacfc825a689efd467f5e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2332812
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69259}
2020-08-06 09:24:47 +00:00
Jakob Gruber
82fc74c91b [nci] Check the isolate cache from within compiler.cc
Just like the optimized code cache, the compiler should check the
isolate cache for NCI code objects and return them if they exist.

Drive-by: Skip additional tests to fix the nci_as_highest_tier test
variant. These are related to interactions with deoptimization, which
NCI code doesn't fully support yet.

Bug: v8:8888
Change-Id: I6253811f96993796cfc38fff0da7ffb4f1a5eb24
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2339095
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69251}
2020-08-05 15:12:36 +00:00
Ng Zhi An
e3caf3f524 [wasm-simd] Add regression test for i64x2.shr_s bug
This test uses a i64x2.shr_s to shift a v128 with all bits set by 1,
resulting in v128 with all bits set (no change). This value is then
dropped, and param[2] (3), is returned.

Without the fix, -1 is returned, since i64x2.shr_s overwrites the
register for param[2] with 0xffffffff.

Bug: v8:10752
Bug: chromium:1111522
Change-Id: I0310bf6039be780a6738689069cdbcfa3a24bbdb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335779
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69233}
2020-08-04 17:51:45 +00:00
Mythri A
1a033ae82f [test] Reduce iteration count in elements-kind test
Change-Id: I0117b0c2b646cb1005b63e9648d604b26581d977
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335187
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69229}
2020-08-04 15:58:04 +00:00
Michael Achenbach
9d5a1fff27 [test] Skip slow tests
No-Try: true
Change-Id: If5ed824ad3ea1a2815a0a48ed2668281733ac533
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2332603
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69209}
2020-08-03 19:57:54 +00:00
Shu-yu Guo
c19e57ee82 Disallow \8 and \9 in strict mode and template literals
This reached consensus in the July 2020 TC39:
https://github.com/tc39/ecma262/pull/2054

Bug: v8:10769
Change-Id: Iecea1d9d9c9be5c2fbfb820aed2285719c4e6382
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2333350
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69206}
2020-08-03 18:05:14 +00:00
Mythri A
9b9ba19e3c [turboprop] Migrate deprecated maps in dynamic map check operator
If incoming map is deprecated, generate code to migrate the map. Since
this involves generating additional code and a call to runtime, we only
do this if one of the receiver maps was a migration target when
optimizing this function. If not, we deoptimize and discard the
optimized code if we see a deprecated map. This is to avoid bailout
loops when we see deprecated maps.

This change does the following:
// We generated code to migrate deprecated maps only if one of the maps
// in feedback vector is a migration target.
if ( there are migration targets in feedback)
{
  if (checkMaps fails) {
     if (incoming map is deprecated) {
        migrate the map
        checkMaps with the new map
     } else {
       bailout
     }
  }
} else {
  if (checkMaps fails)
    bailout;
}

Bug: v8:10582, v8:9684
Change-Id: I8a04c77ed209dd2fb0300a783d844f2335a678c8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2292231
Reviewed-by: Sathya Gunasekaran  <gsathya@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69179}
2020-07-31 16:06:10 +00:00
Clemens Backes
9555464fb2 [d8] Fix worker creation near stack limit
If we are near the stack limit, calling the proxy method might not work
any more. Instead of crashing because of an empty MaybeLocal, handle
this gracefully.

Drive-by: Minor refactoring in TryGetValue.

R=tebbi@chromium.org

Bug: chromium:1110001
Change-Id: I07e7773768166b3dbea2e6b75a3ab8b24bfeee53
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2332156
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69161}
2020-07-31 09:37:59 +00:00
Georg Neis
49749bb976 [turbofan] Fix a lazy deopt bug in Array.prototype.map
The bug was that the allocation of the result array (before the loop)
was using the outer frame state, thus returning the allocation's result
(an array full of holes) as the return value of the map operation in
case the allocation triggers a lazy deopt.

Bug: chromium:1104514
Change-Id: I9a6db8a5860472e1b438b6b54414938d61e166c1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2324249
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69129}
2020-07-29 14:39:23 +00:00
Mythri A
989a90400d [turboprop] Enable DynamicMapChecks for TurboProp
Bug: v8:10582, v8:9684
Change-Id: Ib29e9b56d4c722cb572e86def7eeb3f588dc9c2d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2316079
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69128}
2020-07-29 13:36:53 +00:00
Mythri A
c7643fe485 [Turboprop] Add tests for dynamic check maps operator
This cl also
1. Fixes a bug in effect-control-linearizer where we should have
converted fixed array length from Smi to integer
2. Also prints deopt location for the new "bailout" deopt type on
--trace-deopt.

Bug: v8:10582, v8:9684
Change-Id: Iafc5e8abbca5252a8783a5a1184a1667a7f708a4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2297460
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Sathya Gunasekaran  <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69115}
2020-07-28 17:28:32 +00:00
Georg Neis
6ef0ec94a2 [turbofan] Do more checks for dead nodes in BranchElimination
Bug: chromium:1109174
Change-Id: I25924afe9ad9c147e7f89299983032c82f74626d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2320668
Auto-Submit: Georg Neis <neis@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69106}
2020-07-28 14:27:31 +00:00
evih
1250fd59aa [wasm] Add a generic js-to-wasm wrapper
This generic wrapper builtin is currently used only when the wasm
function has no parameters and no return value.

Added a new V8 flag to use this generic wrapper.

Also added a JS test function for this generic wrapper.

Bug: v8:10701
Change-Id: Id8cd1771f26922927363b715d8a6ffd384a143ce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2307240
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Eva Herencsárová <evih@google.com>
Cr-Commit-Position: refs/heads/master@{#69097}
2020-07-28 10:20:31 +00:00
Marja Hölttä
a7bb323bc5 [Atomics.waitAsync] Rewrite a test
This test should've been rewritten in the last
batch rewrite but wasn't.

Bug: v8:10239
Change-Id: Ic2949e6282f72975898ab7e9aefe3210bba71fbf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2319988
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69072}
2020-07-27 13:28:25 +00:00
Ng Zhi An
3cbe36a753 [wasm-simd] Fix init of SIMD global
Using uint8_t[] causes decay to pointer issue, which manifests in
copying garbage values in the call to WriteLittleEndianValue. Change it
to use a std::array, which doesn't have the decaying behavior.

Also add a regression test from comment#6 of the linked bug.

Bug: v8:10731
Change-Id: I4a1ca69fe99806642e9931625ca7aeab6663f955
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2316465
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69052}
2020-07-24 16:44:22 +00:00
Maya Lekova
c63c7f6b80 [test] Disable mjsunit wasm test on all platforms
Bug: v8:9506
Change-Id: Ie343a4d49e769293d8a10d26bcfc3847b9d433ad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2316109
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69049}
2020-07-24 15:31:52 +00:00
Maya Lekova
a269ce201d Revert "Reland "[flags] warn about contradictory flags""
This reverts commit d8f8a7e210.

Reason for revert: Breaks code_serializer variant - https://cr-buildbucket.appspot.com/build/8874070652992164976

Original change's description:
> Reland "[flags] warn about contradictory flags"
> 
> This is a reland of b8f9166664
> Difference to previous CL: Additional functionality to specify
> incompatible flags based on GN variables and extra-flags, used
> to fix the issues that came up on the waterfall.
> 
> This also changes the rules regarding repeated flags: While
> explicitly repeated flags are allowed for boolean values as long
> as they are identical, repeated flags or explicit flags in the
> presence of an active implication are disallowed for non-boolean
> flags. The latter simplifies specifying conflict rules in
> variants.py. Otherwise a rule like
> 
> INCOMPATIBLE_FLAGS_PER_EXTRA_FLAG = {
>   "--gc-interval=*": ["--gc-interval=*"],
> }
> 
> wouldn't work because specifying the same GC interval twice
> wouldn't actually count as a conflict. This was an issue with
> test/mjsunit/wasm/gc-buffer.js, which specifies
> --gc-interval=500 exactly like the extra flag by the stress bot.
> 
> Also, this now expands contradictory flags checking to d8 flags
> for consistency.
> 
> Original change's description:
> > [flags] warn about contradictory flags
> >
> > Design Doc: https://docs.google.com/document/d/1lkvu8crkK7Ei39qjkPCFijpNyxWXsOktG9GB-7K34jM/
> >
> > Bug: v8:10577
> > Change-Id: Ib9cfdffa401c48c895bf31caed5ee03545beddab
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2154792
> > Reviewed-by: Clemens Backes <clemensb@chromium.org>
> > Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> > Reviewed-by: Georg Neis <neis@chromium.org>
> > Reviewed-by: Tamer Tas <tmrts@chromium.org>
> > Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#68168}
> 
> Bug: v8:10577
> Change-Id: I268e590ee18a535b13dee14eeb15ddd0a9ee8341
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2235115
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#68989}

TBR=machenbach@chromium.org,neis@chromium.org,clemensb@chromium.org,tebbi@chromium.org,tmrts@chromium.org

Change-Id: I7969065b0edbc463a94e530485bc2ab623d77b62
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10577
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2312782
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68992}
2020-07-22 13:48:32 +00:00
Tobias Tebbi
d8f8a7e210 Reland "[flags] warn about contradictory flags"
This is a reland of b8f9166664
Difference to previous CL: Additional functionality to specify
incompatible flags based on GN variables and extra-flags, used
to fix the issues that came up on the waterfall.

This also changes the rules regarding repeated flags: While
explicitly repeated flags are allowed for boolean values as long
as they are identical, repeated flags or explicit flags in the
presence of an active implication are disallowed for non-boolean
flags. The latter simplifies specifying conflict rules in
variants.py. Otherwise a rule like

INCOMPATIBLE_FLAGS_PER_EXTRA_FLAG = {
  "--gc-interval=*": ["--gc-interval=*"],
}

wouldn't work because specifying the same GC interval twice
wouldn't actually count as a conflict. This was an issue with
test/mjsunit/wasm/gc-buffer.js, which specifies
--gc-interval=500 exactly like the extra flag by the stress bot.

Also, this now expands contradictory flags checking to d8 flags
for consistency.

Original change's description:
> [flags] warn about contradictory flags
>
> Design Doc: https://docs.google.com/document/d/1lkvu8crkK7Ei39qjkPCFijpNyxWXsOktG9GB-7K34jM/
>
> Bug: v8:10577
> Change-Id: Ib9cfdffa401c48c895bf31caed5ee03545beddab
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2154792
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#68168}

Bug: v8:10577
Change-Id: I268e590ee18a535b13dee14eeb15ddd0a9ee8341
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2235115
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68989}
2020-07-22 12:22:03 +00:00
Milad Farazmand
15ca7b94da PPC/s390: skip wasm-dynamic-tiering on unsupported platforms
Change-Id: I818534bc2fedd127689bf82f2cdd3a4f2f8c31e8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2310574
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#68977}
2020-07-21 18:37:52 +00:00
Arnaud Robin
f181dff3f5 [wasm] Implement dynamic tiering in wasm
On desktop systems, we use a very basic tiering strategy: Everything is
initially compiled with Liftoff, and once that is done, the module can
start being used. Concurrently to the execution, we re-compile all code
with TurboFan, and hot-swap each function once TurboFan finishes.

We should start using a more dynamic strategy where each function is
tiered-up when judged necessary. This change will then tier-up each
liftoff function once it has been called 5 times.

I then added a counter in the native module, that is updated directly
from Liftoff code, and a runtime call is then made when the counter
reaches the goal.

R=clemensb@chromium.org
CC=​thibaudm@chromium.org

Bug: v8:10728
Change-Id: I8dc2b02fdff8d97781bb1cf496886594b3d7f644
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2306803
Commit-Queue: Arnaud Robin <arobin@google.com>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68971}
2020-07-21 16:07:01 +00:00
Jakob Gruber
d1fb6b5a7c [infra] Add and enable nci_as_highest_tier variant
With work on NCI proceeding, it makes sense to test multiple
pipeline configurations.

The nci variant (passes --turbo-nci) now spawns dedicated NCI
compilation jobs and inserts generated code into the code cache.

The nci_as_highest_tier variant (passes --turbo-nci-as-highest-tier)
simply replaces TF with NCI code (no extra jobs, no extra caching).
This mode stresses NCI generated code more than the nci variant, in
which NCI code only runs on cache hits.

Bug: v8:8888
Change-Id: I4c2a43cce5271a6c288e7aba195dcc9daed6af9d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2299361
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68964}
2020-07-21 10:53:31 +00:00
Marja Hölttä
96c5916dd4 Reland2: [Atomics.waitAsync] Implement Atomics.waitAsync
Original design doc:
https://docs.google.com/document/d/1dthXsVHMc1Sd_oYf9a-KZSFOd_a8dUgnt4REAG8YIXA

Design changes:
https://docs.google.com/document/d/1aeEGDm1XSqoJkQQKz9F75WqnuAa2caktxGy_O_KpO9Y

Reland:
- rewrote timing dependent tests to be more robust
- removed 1 flaky test
- disabled tests for DelayedTasksPlatform

Original:  https://chromium-review.googlesource.com/c/v8/v8/+/2202981

TBR=ishell@chromium.org, ulan@chromium.org

Bug: v8:10239
Change-Id: I2a042e419462f4c9f54ec549bfe16ec6684560b7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2307211
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68954}
2020-07-21 06:43:48 +00:00
Michael Achenbach
448c25f233 [test] Make mjsunit harness more robust to fuzzers
Some fuzzers replaced strigify and then caused uncaught errors
from harness methods using prettyPrinted.

Bug: chromium:1102897
Change-Id: I7ae6a90040ba0aa5ec1efa4a8b73e053ec75dd79
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2304814
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68947}
2020-07-20 15:07:59 +00:00
Maya Lekova
80c3192728 Revert "[Atomics.waitAsync] Disable flaky test"
This reverts commit b995a8a46f.

Reason for revert: Test addition got reverted.

Original change's description:
> [Atomics.waitAsync] Disable flaky test
> 
> TBR=mslekova@chromium.org
> 
> No-Try: true
> Bug: v8:10725, v8:10239
> Change-Id: Ia2f721f8a26a90dda658664315f0170841c3303e
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2306798
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Reviewed-by: Maya Lekova <mslekova@chromium.org>
> Commit-Queue: Marja Hölttä <marja@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#68931}

TBR=marja@chromium.org,mslekova@chromium.org

Change-Id: I0c5565222f509676fe60af5378ad04f806930da3
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10725
Bug: v8:10239
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2306800
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68937}
2020-07-20 10:10:31 +00:00
Marja Hölttä
f088491b9e Revert "Reland [Atomics.waitAsync] Implement Atomics.waitAsync"
This reverts commit c5845b47bd.

Reason for revert: Too many tests are flaky

Original change's description:
> Reland [Atomics.waitAsync] Implement Atomics.waitAsync
> 
> Original design doc:
> https://docs.google.com/document/d/1dthXsVHMc1Sd_oYf9a-KZSFOd_a8dUgnt4REAG8YIXA
> 
> Design changes:
> https://docs.google.com/document/d/1aeEGDm1XSqoJkQQKz9F75WqnuAa2caktxGy_O_KpO9Y
> 
> Previous (reverted) version:  https://chromium-review.googlesource.com/c/v8/v8/+/2202981
> 
> Relanding with fix: tests need --noincremental-marking
> 
> TBR=ishell@chromium.org, ulan@chromium.org, syg@chromium.org, ahaas@chromium.org
> 
> Bug: v8:10239
> Change-Id: Id122225d5d2ed67cbeb3269df115c7208a33a281
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2306791
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Commit-Queue: Marja Hölttä <marja@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#68929}

TBR=ulan@chromium.org,marja@chromium.org,ahaas@chromium.org,ishell@chromium.org,syg@chromium.org

Change-Id: If06da737749806982d1fb95811f540d6667543d5
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10239
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2306799
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68935}
2020-07-20 09:50:59 +00:00
Thibaud Michaud
69553feaab [wasm][tail-call] Fix CanTailCall check
The CanTailCall check only passes if the return locations are the
same in the caller and the callee. However, stack returns are expected
to be at a different offset depending on the stack space reserved for
parameters.

R=clemensb@chromium.org

Bug: v8:7431
Change-Id: Iaac15fce889d6cd7d1ac88f320a872202281fb5a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2289789
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68933}
2020-07-20 09:07:29 +00:00
Marja Hölttä
9df54e0767 [tests] Disable slow tests for gc-stress (they time out)
Bug: v8:9506
Change-Id: If570b71d95030dd5fbe31d86d307ab0b45827308
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2306796
Reviewed-by: Sathya Gunasekaran  <gsathya@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68932}
2020-07-20 08:59:39 +00:00
Marja Hölttä
b995a8a46f [Atomics.waitAsync] Disable flaky test
TBR=mslekova@chromium.org

No-Try: true
Bug: v8:10725, v8:10239
Change-Id: Ia2f721f8a26a90dda658664315f0170841c3303e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2306798
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68931}
2020-07-20 08:57:29 +00:00
Marja Hölttä
c5845b47bd Reland [Atomics.waitAsync] Implement Atomics.waitAsync
Original design doc:
https://docs.google.com/document/d/1dthXsVHMc1Sd_oYf9a-KZSFOd_a8dUgnt4REAG8YIXA

Design changes:
https://docs.google.com/document/d/1aeEGDm1XSqoJkQQKz9F75WqnuAa2caktxGy_O_KpO9Y

Previous (reverted) version:  https://chromium-review.googlesource.com/c/v8/v8/+/2202981

Relanding with fix: tests need --noincremental-marking

TBR=ishell@chromium.org, ulan@chromium.org, syg@chromium.org, ahaas@chromium.org

Bug: v8:10239
Change-Id: Id122225d5d2ed67cbeb3269df115c7208a33a281
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2306791
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68929}
2020-07-20 08:08:59 +00:00
Clemens Backes
42b4f15a1e [liftoff] Fix missing stack move
The {operator==} on {VarState} did not check the spill offset, so when
merging stack states, we forgot to move stack values if both source and
destination were stack slots, but at different offsets.
This CL fixes this by removing the {operator==}, because the semantics
(and use) are not clear, and it's only used in one place anyway.
The equality check was mostly redundant, so inlining it also makes the
code smaller and faster.

R=ahaas@chromium.org

Bug: v8:10702
Change-Id: I6c8b2cfd1002274175c9a17d305692e4631fd7dc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2304574
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68916}
2020-07-17 13:52:28 +00:00
Mythri A
2ba80497a7 [turbofan] Skip optimizations for large unmapped 'arguments'
We cannot allocate large arrays exceeding the size of
kMaxRegularHeapObjectSize in young space. Bailout of optimization in
such cases.

Bug: chromium:1105746
Change-Id: I4f7357c2dd7b3e70d747f9067660725ecf6ae768
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2300481
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68889}
2020-07-16 12:15:55 +00:00
Georg Neis
cd718536ec [turbofan] Optimize import.meta
Make JSContextSpecialization constant-fold import.meta loads if the
meta object has already been created.

Most of this CL was contributed by Gus Caplan.

This is a verbatim copy of CL
https://chromium-review.googlesource.com/c/v8/v8/+/2170982
which could not be landed due to the wrong email address
being used.

TBR=verwaest@chromium.org
TBR=gsathya@chromium.org

Bug: v8:7044
Change-Id: Ief45f3082dc756265904ff500305d32717071e81
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2299375
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68875}
2020-07-15 15:41:11 +00:00
Jakob Kummerow
e72702454a [test] Skip huge-TypedArray test in stress_snapshot mode
The snapshot code assumes that the entire snapshot's length fits into
an int, which implies that it doesn't support individual objects that
are bigger than that. That's okay, because it isn't reachable from
user code, and embedders would notice at compile time when they run
into this limit. So we can just continue to skip the few regression
tests we have for huge TypedArrays in the stress_snapshot variant.

Change-Id: Ib37c0582763d549a3d5c5ccc3a78d200b176f3b4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2299373
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68874}
2020-07-15 15:15:21 +00:00
Zhao Jiazhong
40e10b3454 [Test] Set proper simulator stack size in regress-896326 test
mjsunit/regress/regress-896326.js failed on mips simulator, because mips
simulator has larger stack size and won't throw the expected RangeError
exception.

This CL set sim-stack-size to 100K in regress-896326 just like setting
the native machine's stack-size.

Change-Id: I51328b10a7b54addab2adb90401680c0581d7ee2
Bug: v8:10709
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2299880
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68865}
2020-07-15 12:03:11 +00:00
Igor Sheludko
f73c57ba7a [hashtable] Don't add PropertyCell to GlobalDictionary too early
This is a follow-up fix for
  https://chromium-review.googlesource.com/c/v8/v8/+/2292230

In this CL fixes the case when the property cell is added to the
dictionary but the value is not actually stored which leaves
PropertyCell with the hole in the dictionary.

Now the logic for GlobalDictionary matches the logic for
NameDictionary - the property cell is added to the dictionary in
LookupIterator::ApplyTransitionToDataProperty().

Bug: chromium:1104711, chromium:1105383
Change-Id: I56da16d85d13288fbc41fd60dbce556fec5e7d18
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2297472
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68860}
2020-07-15 08:21:45 +00:00
Maya Lekova
a21c84cb88 Revert "[Atomics.waitAsync] Implement Atomics.waitAsync"
This reverts commit 2a1abac52c.

Reason for revert: Breaking Arm CFI bot - https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20CFI/1354?

Original change's description:
> [Atomics.waitAsync] Implement Atomics.waitAsync
> 
> Original design doc:
> https://docs.google.com/document/d/1dthXsVHMc1Sd_oYf9a-KZSFOd_a8dUgnt4REAG8YIXA
> 
> Design changes:
> https://docs.google.com/document/d/1aeEGDm1XSqoJkQQKz9F75WqnuAa2caktxGy_O_KpO9Y
> 
> 
> Bug: v8:10239
> Change-Id: Iab94ccab85d7b4ff23cff1955774b42edf5be541
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2202981
> Commit-Queue: Marja Hölttä <marja@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Shu-yu Guo <syg@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#68844}

TBR=ulan@chromium.org,marja@chromium.org,ahaas@chromium.org,ishell@chromium.org,syg@chromium.org

Change-Id: I1a1164ab29112bd0113b8b1823c78a3895cfd6cc
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10239
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2297469
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68846}
2020-07-14 14:00:20 +00:00
Marja Hölttä
2a1abac52c [Atomics.waitAsync] Implement Atomics.waitAsync
Original design doc:
https://docs.google.com/document/d/1dthXsVHMc1Sd_oYf9a-KZSFOd_a8dUgnt4REAG8YIXA

Design changes:
https://docs.google.com/document/d/1aeEGDm1XSqoJkQQKz9F75WqnuAa2caktxGy_O_KpO9Y


Bug: v8:10239
Change-Id: Iab94ccab85d7b4ff23cff1955774b42edf5be541
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2202981
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68844}
2020-07-14 13:19:04 +00:00
Jakob Kummerow
c90353e3c7 Fix "named" loads for large TypedArray indices
The named LoadIC code was missing a check for "names" that
convert to TypedArray indices. This was flushed out by the
recent bump of the max TypedArray size from 2^32-1 to 2^32.
Named StoreICs had the same bug; fixed here as well.

Bug: v8:4153
Fixed: chromium:1104608
Change-Id: I6bd2552d6ccc238104f92e7b95d19970d4a75dae
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2295606
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68840}
2020-07-14 12:09:04 +00:00
Adam Klein
b212db2d9d [respect] Stop using "blacklist" in several python tools
Bug: v8:10619
Change-Id: I644c3421085b029aaf9b4de3b262ca8a4734539e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2292916
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68812}
2020-07-10 19:11:36 +00:00
Clemens Backes
b429b8f924 [liftoff] Handle unordered register pairs
For 64-bit binary operations, Liftoff on arm made the assumption that
register pairs are always ordered, i.e. the register code for the low
word is lower than the register code for the high word.
Ensuring this was only implemented in {GetUnusedRegister} in
https://crrev.com/c/2168875. Other cases were missing though, e.g.
return values, but also different places were we
construct register pairs internally.

Thus, this CL removes this constraint again and instead handles
unordered register pairs in 64-bit binary operations on arm.

R=thibaudm@chromium.org

Bug: chromium:1101304
Change-Id: I4cd9fb1577f82ab06d34c9dde6533cf04a2cade7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2287870
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68752}
2020-07-09 11:05:08 +00:00
Georg Neis
c681125cf9 [turbofan] Remove an incorrect DCHECK
Due to an optimization in how resumable functions are compiled, we can
actually see another Oddball type as StrictEquality inputs. I'm giving
up on getting the DCHECK right and removing it entirely.

Bug: chromium:1102683
Change-Id: Ia210777c66641e898e96900713710a51ebed311d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2287494
Auto-Submit: Georg Neis <neis@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68735}
2020-07-08 12:38:10 +00:00
Shu-yu Guo
6023de85da [weakrefs] Add missing extension to test file
Change-Id: I1a7afc332dc2f1c4d4087650f116484437f7a09a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2285851
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68731}
2020-07-08 07:51:40 +00:00
Jakob Gruber
e33e84815d [nci] Don't expose feedback to compiler phases in NCI mode
Native context independent code generation should, at the moment, not
use any collected feedback.

We implement this by returning InsufficientFeedback from the heap
broker's ReadFeedbackForX methods if currently compiling nci code.
Thus all feedback.IsInsufficient() calls inside the compiler will
return true (disabling feedback-based optimizations).
FeedbackSource::IsValid() (used in generic lowering) can still return
true.

Bug: v8:8888
Change-Id: I198b6457276073e7376c777b206c50726f1b3645
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2284494
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68726}
2020-07-07 20:19:12 +00:00
bcoe
2d5017a0fc [coverage] remove the last continuation range before synthetic return
Rather than only removing the continuation range for the last return
statement prior to a synthetic return statement, remove the
continuation tracking for whatever statement occurs prior to the
synthetic return.

Bug: v8:10628
Change-Id: Ieb8e393479c9811cf1b9756840bbfdbe7f44a1b8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2280585
Commit-Queue: Benjamin Coe <bencoe@google.com>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68719}
2020-07-07 15:53:21 +00:00
Georg Neis
8c0b68e3d0 [turbofan] Fix CHECK failure in graph verifier
ForInNext can get lowered to a low-level call to the ForInFilter
builtin. We currently type low-level Call nodes simply as Any, leading
to a CHECK failure when the verifier expects a primitive.

This CL fixes the issue simply by manually setting the type as part of
the lowering. An alternative would be to have the Call typing inspect
its input similar to what the JSCall typing does. We can consider this
if we hit the same issue in other cases.

Bug: chromium:1102053
Change-Id: I6682d8cf95c6a3ebaff9c8de677aa20ca676573f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2282523
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68688}
2020-07-06 13:07:50 +00:00
Ross McIlroy
268490c23b [Test] Lower arg count to avoid going over stack limit on Arm64.
After r68405 reduced the default stack size on Arm64 a couple of tests
hit stack limits on the Arm64 android bots. Reduce the argument count
on these tests to avoid this issue.

BUG=chromium:1099623

Change-Id: I8957043b74bd416bb78223599b1a661a4887f54a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2280095
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68670}
2020-07-03 11:16:40 +00:00
Clemens Backes
f9d3d78b8d [wasm] Fix flake in cmpxchg stress test
It seems that the mix of atomic and non-atomic updates to the same
memory location is not working correctly. One fix is changing all memory
updates to be atomic. Another fix is removing the non-atomic access that
happens while the workers are already running (using atomic accesses).
This CL implements the latter.

R=ahaas@chromium.org

Bug: v8:10647, v8:10650
Change-Id: I84b4f3f442b6be3c4ea6e51962a523f443f5e43b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2273133
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68603}
2020-06-30 08:24:46 +00:00
Nico Hartmann
da67c2ae36 [turbofan] Skip optimizations for huge 'arguments'
An 'arguments' array cannot be allocated in young space when its size
exceeds kMaxRegularHeapObjectSize. In this case the optimizations in
JSCreateLowering::ReduceJSCreateArguments are skipped.

Bug: chromium:1098565
Change-Id: I30fdc78a1eb6e51fcd293785a46c9fd78995da9a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2273121
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68585}
2020-06-29 16:13:29 +00:00
Clemens Backes
73d56f3c1a Re-enable skipped test but mark it slow
The test was taking more than a minute before CL
https://crrev.com/c/2259933. Afterwards, it takes a lot longer, but I
could never reproduce a hang locally.
Let's re-enable and mark SLOW to increase the chance that it runs to
completion. We can then see how much slower it really got.

Also add some output that helps triaging in case it really hangs.

R=ahaas@chromium.org

Bug: v8:9506
Change-Id: I09a935ca0018517d45c6c008a099b8052bc45c47
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2273117
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68582}
2020-06-29 15:00:35 +00:00
Michael Achenbach
484357722b [test] Skip flaky test
TBR=mslekova@chromium.org

No-Try: true
Bug: v8:10647
Change-Id: I177abffb3286703df110f1875c70ac1120d07595
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2270541
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68562}
2020-06-26 15:11:42 +00:00