1. 03 May, 2022 24 commits
  2. 02 May, 2022 16 commits
    • Frank Tang's avatar
      Reland "[Temporal] Fix Calendar.prototype.fields CSA" · 4776aee6
      Frank Tang authored
      This is a reland of commit 89600314
      
      Changes since revert: None, reverted wrong suspect CL
      
      Original change's description:
      > [Temporal] Fix Calendar.prototype.fields CSA
      >
      > Use LoadAndUntagToWord32ObjectField instead of LoadObjectField<Uint32T>
      > to load the flag since it is defined as
      >  flags: SmiTagged<JSTemporalCalendarFlags>;
      >
      > Otherwise LoadObjectField<Uint32T> will load the zero part when
      > v8_enable_pointer_compression = false
      >
      > Add unit tests to intl (because the problem only show up on calendar
      > other than non iso8601.
      >
      > Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel
      >
      >
      > Bug: v8:12848
      > Change-Id: I44b685af99dc9820dfa228447e2b42ae0a82464c
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3617388
      > Reviewed-by: Leszek Swirski <leszeks@chromium.org>
      > Commit-Queue: Frank Tang <ftang@chromium.org>
      > Cr-Commit-Position: refs/heads/main@{#80314}
      
      Bug: v8:12848
      Change-Id: I423ea5f0a4a30fc73546df208d24aec84db76eb4
      Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620838
      Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Commit-Queue: Shu-yu Guo <syg@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80319}
      4776aee6
    • Shu-yu Guo's avatar
      Revert "cppgc: young-gen: Enable cppgc_enable_young_generation by default" · 61be01e9
      Shu-yu Guo authored
      This reverts commit 31009706.
      
      Reason for revert: UBSan failure: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/21069/overview
      
      Original change's description:
      > cppgc: young-gen: Enable cppgc_enable_young_generation by default
      >
      > Oilpan Young Generation is now controlled by the runtime flag
      > --cppgc-young-generation.
      >
      > Bug: chromium:1029379
      > Change-Id: I9ded9637f43a2f86993cff898cd7f272a051ae3c
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616728
      > Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
      > Commit-Queue: Anton Bikineev <bikineev@chromium.org>
      > Cr-Commit-Position: refs/heads/main@{#80312}
      
      Bug: chromium:1029379
      Change-Id: I18ac696380df5f77d0978072b8e5af2f2e305994
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620839
      Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Auto-Submit: Shu-yu Guo <syg@chromium.org>
      Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Cr-Commit-Position: refs/heads/main@{#80318}
      61be01e9
    • Shu-yu Guo's avatar
      Revert "[Temporal] Fix Calendar.prototype.fields CSA" · f478546b
      Shu-yu Guo authored
      This reverts commit 89600314.
      
      Reason for revert: UBSAN errors in GC tests
      https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/21069/overview
      
      Original change's description:
      > [Temporal] Fix Calendar.prototype.fields CSA
      >
      > Use LoadAndUntagToWord32ObjectField instead of LoadObjectField<Uint32T>
      > to load the flag since it is defined as
      >  flags: SmiTagged<JSTemporalCalendarFlags>;
      >
      > Otherwise LoadObjectField<Uint32T> will load the zero part when
      > v8_enable_pointer_compression = false
      >
      > Add unit tests to intl (because the problem only show up on calendar
      > other than non iso8601.
      >
      > Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel
      >
      >
      > Bug: v8:12848
      > Change-Id: I44b685af99dc9820dfa228447e2b42ae0a82464c
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3617388
      > Reviewed-by: Leszek Swirski <leszeks@chromium.org>
      > Commit-Queue: Frank Tang <ftang@chromium.org>
      > Cr-Commit-Position: refs/heads/main@{#80314}
      
      Bug: v8:12848
      Change-Id: I3a8af8acbbdfc5d0f5386f2a9d50d62b9f422fb8
      Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620837
      Auto-Submit: Shu-yu Guo <syg@chromium.org>
      Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Cr-Commit-Position: refs/heads/main@{#80317}
      f478546b
    • Michael Lippautz's avatar
      Reland "[heap] Fix bogus object size computation" · 10eac4eb
      Michael Lippautz authored
      This is a reland of commit 445190bf
      
      The fix addresses the issue where object size accounting went out of
      sync because of right-trimmed LO in new space that were migrated with
      a different size than they were accounted for.
      
      The fix now iterates only live objects for size computation which
      avoids accessing reclaimed maps and fixes up the objects accounting.
      
      Original change's description:
      > [heap] Fix bogus object size computation
      >
      > The map of an object may be gone by the time we try to compute its
      > size for accounting purposes.
      >
      > Bug: chromium:1319217
      > Change-Id: I93cca766a8cedebf4ed30a3a65fd6eff5bc72bcf
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605817
      > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
      > Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
      > Cr-Commit-Position: refs/heads/main@{#80271}
      
      Bug: chromium:1319217
      Change-Id: I8d032edf96a4bf4b0faa4bbd9b0be247051c49fb
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616507Reviewed-by: 's avatarDominik Inführ <dinfuehr@chromium.org>
      Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80316}
      10eac4eb
    • Milad Fa's avatar
      Reland "PPC/S390: Reland "[osr] Use the new OSR cache"" · 9a06f717
      Milad Fa authored
      This is a reland of commit c575e8ae
      
      Original change's description:
      > PPC/S390: Reland "[osr] Use the new OSR cache"
      >
      > Port 91453880
      >
      > Original Commit Message:
      >
      >   This is a reland of commit 91da3883
      >
      >   Original change's description:
      >   > Fixed: Use an X register for JumpIfCodeTIsMarkedForDeoptimization
      >   > on arm64.
      >   > Bug: v8:12161
      >
      > Change-Id: I6e63bd5995340bac32654ef12c52d25b496140e3
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607997
      > Reviewed-by: Junliang Yan <junyan@redhat.com>
      > Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
      > Cr-Commit-Position: refs/heads/main@{#80194}
      
      Change-Id: Id5e41c659a3c29a6d22c0393ad0003a24fa1ef5a
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3621273
      Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
      Reviewed-by: 's avatarJunliang Yan <junyan@redhat.com>
      Cr-Commit-Position: refs/heads/main@{#80315}
      9a06f717
    • Frank Tang's avatar
      [Temporal] Fix Calendar.prototype.fields CSA · 89600314
      Frank Tang authored
      Use LoadAndUntagToWord32ObjectField instead of LoadObjectField<Uint32T>
      to load the flag since it is defined as
       flags: SmiTagged<JSTemporalCalendarFlags>;
      
      Otherwise LoadObjectField<Uint32T> will load the zero part when
      v8_enable_pointer_compression = false
      
      Add unit tests to intl (because the problem only show up on calendar
      other than non iso8601.
      
      Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel
      
      
      Bug: v8:12848
      Change-Id: I44b685af99dc9820dfa228447e2b42ae0a82464c
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3617388Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
      Commit-Queue: Frank Tang <ftang@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80314}
      89600314
    • jameslahm's avatar
      [web snapshot] Add support for arrays w/holes · c4281cd9
      jameslahm authored
      This CL adds serialization and deserialization support
      for HOLEY_ELEMENTS and HOLEY_SMI_ELEMENTS kind arrays.
      
      Bug: v8:11525
      Change-Id: Ib6fdcd1916badd02e567571e1c0748dce85cd8a0
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620753Reviewed-by: 's avatarMarja Hölttä <marja@chromium.org>
      Commit-Queue: 王澳 <wangao.james@bytedance.com>
      Cr-Commit-Position: refs/heads/main@{#80313}
      c4281cd9
    • Anton Bikineev's avatar
      cppgc: young-gen: Enable cppgc_enable_young_generation by default · 31009706
      Anton Bikineev authored
      Oilpan Young Generation is now controlled by the runtime flag
      --cppgc-young-generation.
      
      Bug: chromium:1029379
      Change-Id: I9ded9637f43a2f86993cff898cd7f272a051ae3c
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616728Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
      Commit-Queue: Anton Bikineev <bikineev@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80312}
      31009706
    • Leszek Swirski's avatar
      Revert "Reland "[heap] Refactor atomic marking phase"" · 3d3d9c50
      Leszek Swirski authored
      This reverts commit 25e32252.
      
      Reason for revert: Suspect for roll failure: https://ci.chromium.org/ui/p/chromium/builders/try/android_optional_gpu_tests_rel/98554/overview
      
      Original change's description:
      > Reland "[heap] Refactor atomic marking phase"
      >
      > This is a reland of commit a3f66927
      >
      > The reland addresses a few CHECKs that were too agressive and also
      > properly adjusts Oilpan's marking configurations depending on V8's
      > flags.
      >
      > Original change's description:
      > > [heap] Refactor atomic marking phase
      > >
      > > The atomic marking phase was organized in many distinct smaller
      > > phases. In particular, before http://crrev.com/c/3584115 the marking
      > > phase split into two large separate phases.
      > >
      > > This CL reorganizes marking into two phases that perform regular V8
      > > heap marking, Oilpan, and ephemerons:
      > > - A parallel phase that likely drains all marking worklists;
      > > - A single-threaded final phase to catch any left overs;
      > >
      > > This avoids artificial splitting in phases and also avoids repeated
      > > starting and joining of jobs.
      > >
      > > Change-Id: I5cccfc5777837d9ece10d8f4925781bf2d07d9da
      > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602507
      > > Reviewed-by: Omer Katz <omerkatz@chromium.org>
      > > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
      > > Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
      > > Cr-Commit-Position: refs/heads/main@{#80265}
      >
      > Change-Id: I26648da361b92d787c173aa9d390100ce8958728
      > Bug: chromium:1320896
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616519
      > Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
      > Reviewed-by: Omer Katz <omerkatz@chromium.org>
      > Cr-Commit-Position: refs/heads/main@{#80301}
      
      Bug: chromium:1320896
      Change-Id: I01742f25d54de8e4e22fefe87ce61ba295950baa
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620286
      Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Owners-Override: Leszek Swirski <leszeks@chromium.org>
      Auto-Submit: Leszek Swirski <leszeks@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80311}
      3d3d9c50
    • Darshan Sen's avatar
      [diagnostics] Guard GetCategoryGroupName behind V8_USE_PERFETTO ifdef · 232f5c7e
      Darshan Sen authored
      I was trying to build chromium with Perfetto enabled and I ran into this
      compilation error:
      ```
      ../../v8/src/libplatform/tracing/recorder-win.cc(48,42): error: no member named 'GetCategoryGroupName' in 'v8::platform::tracing::TracingController'
                            TracingController::GetCategoryGroupName(
                            ~~~~~~~~~~~~~~~~~~~^
      1 error generated.
      ```
      This happens because the GetCategoryGroupName() function is added to
      the TracingController class only if Perfetto is disabled.
      Signed-off-by: 's avatarDarshan Sen <raisinten@gmail.com>
      Change-Id: If53dab5ea9b8c3e2f69e8e84c8d6ba06ee3c496e
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616427Reviewed-by: 's avatarCamillo Bruni <cbruni@chromium.org>
      Commit-Queue: Camillo Bruni <cbruni@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80310}
      232f5c7e
    • Patrick Thier's avatar
      [string] Fix string table lookup with SlicedStrings · ee247818
      Patrick Thier authored
      https://crrev.com/c/3571817 introduced a bug that string table lookups
      failed on SlicedStrings with a start offset of 0.
      This CL fixes the issue by re-using the already computed hash only
      if the length of the source string matches the length of the string to
      lookup.
      
      Bug: chromium:1320179, chromium:1321573
      Change-Id: Ic8755a0266a9ec67fe5eb9c96fdab1b55d5009f2
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616723
      Auto-Submit: Patrick Thier <pthier@chromium.org>
      Commit-Queue: Camillo Bruni <cbruni@chromium.org>
      Reviewed-by: 's avatarCamillo Bruni <cbruni@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80309}
      ee247818
    • jameslahm's avatar
      [sampler] Fix data race in Sampler::DoSample · 6e586b48
      jameslahm authored
      In Sampler::DoSample, we only guard SignalHandler::Installed before
      and Sampler::Stop may happen at the same time, which may cause SIGPROF
      signal handler was already restored before SIGPROF was emit and trigger
      profiling timer expired. This CL changes Sampler::DoSample to use
      SignalHandler::mutex() to guard the entire function and also change
      the mutex to recursive mutex.
      
      Bug: v8:12838
      Change-Id: I5195742ecdbade342986755233840d7be5d83c62
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616429Reviewed-by: 's avatarCamillo Bruni <cbruni@chromium.org>
      Commit-Queue: 王澳 <wangao.james@bytedance.com>
      Cr-Commit-Position: refs/heads/main@{#80308}
      6e586b48
    • Camillo Bruni's avatar
      [tools] Add variants support for run_perf.py · a42a2f41
      Camillo Bruni authored
      We usually run benchmarks in multiple variants: default, future, noopt
      This is currently only achieved by copying the run-perf json file and
      changing the flags at the top-level (or copy whole subsections).
      
      Using "variants" we can duplicate the tests at the current level with
      different values and easily create benchmarks that differ only in v8
      flags.
      
      Drive-by-fix:
      - Add Node.__iter__ and log the whole config graph in debug mode
      - Add GraphConfig.__str__ method for better debugging
      - Rename TraceConfig to LeafTraceConfig
      - Rename RunnableTraceConfig to RunnableLeafTraceConfig
      - Make --filter accept a regexp to better filter out variants
      
      Bug: v8:12821, v8:11113
      Change-Id: I56a2ba2dd24da15c7757406e9961746219cd8061
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596128Reviewed-by: 's avatarMichael Achenbach <machenbach@chromium.org>
      Reviewed-by: 's avatarTamer Tas <tmrts@chromium.org>
      Commit-Queue: Camillo Bruni <cbruni@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80307}
      a42a2f41
    • Jakob Linke's avatar
      Reland "Reland "[osr] Use the new OSR cache"" · 0e9a55d2
      Jakob Linke authored
      This is a reland of commit 91453880
      
      Fixed: properly reference the ClearedValue in CSA (i.e. without
      the cage_base upper 32 bits).
      
      Original change's description:
      > Reland "[osr] Use the new OSR cache"
      >
      > This is a reland of commit 91da3883
      >
      > Fixed: Use an X register for JumpIfCodeTIsMarkedForDeoptimization
      > on arm64.
      >
      > Original change's description:
      > > [osr] Use the new OSR cache
      > >
      > > This CL switches over our OSR system to be based on the feedback
      > > vector osr caches.
      > >
      > > - OSRing to Sparkplug is fully separated from OSR urgency. If
      > >   SP code exists, we simply jump to it, no need to maintain an
      > >   installation request.
      > > - Each JumpLoop checks its dedicated FeedbackVector cache slot.
      > >   If a valid target code object exists, we enter it *without*
      > >   calling into runtime to fetch the code object.
      > > - Finally, OSR urgency still remains as the heuristic for
      > >   requesting Turbofan OSR compile jobs. Note it no longer has a
      > >   double purpose of being a generic untargeted installation
      > >   request.
      > >
      > > With the new system in place, we can remove now-unnecessary
      > > hacks:
      > >
      > > - Early OSR tierup is replaced by the standard OSR system. Any
      > >   present OSR code is automatically entered.
      > > - The synchronous OSR compilation fallback is removed. With
      > >   precise installation (= per-JumpLoop-bytecode) we no longer
      > >   have the problem of 'getting unlucky' with JumpLoop/cache entry
      > >   mismatches. Execution has moved on while compiling? Simply spawn
      > >   a new concurrent compile job.
      > > - Remove the synchronous (non-OSR) Turbofan compile request now
      > >   that we always enter available OSR code as early as possible.
      > > - Tiering into Sparkplug no longer messes with OSR state.
      > >
      > > Bug: v8:12161
      > > Change-Id: I0a85e53d363504b7dac174dbaf69c03c35e66700
      > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596167
      > > Commit-Queue: Jakob Linke <jgruber@chromium.org>
      > > Auto-Submit: Jakob Linke <jgruber@chromium.org>
      > > Reviewed-by: Leszek Swirski <leszeks@chromium.org>
      > > Commit-Queue: Leszek Swirski <leszeks@chromium.org>
      > > Cr-Commit-Position: refs/heads/main@{#80147}
      >
      > Bug: v8:12161
      > Change-Id: Ib3597cf1d99cdb5d0f2c5ac18e311914f376231d
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3606232
      > Auto-Submit: Jakob Linke <jgruber@chromium.org>
      > Reviewed-by: Leszek Swirski <leszeks@chromium.org>
      > Commit-Queue: Leszek Swirski <leszeks@chromium.org>
      > Cr-Commit-Position: refs/heads/main@{#80167}
      
      Bug: v8:12161,chromium:1320189
      Change-Id: Ibd9a2ab61f51ebb32a3f5a66f7c602faead71c3e
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620273Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
      Commit-Queue: Jakob Linke <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80306}
      0e9a55d2
    • Milad Farazmand's avatar
      Revert "PPC/S390: Reland "[osr] Use the new OSR cache"" · 3b5ba5a8
      Milad Farazmand authored
      This reverts commit c575e8ae.
      
      Reason for revert: Original CL reverted https://crrev.com/c/3615219.
      
      Original change's description:
      > PPC/S390: Reland "[osr] Use the new OSR cache"
      >
      > Port 91453880
      >
      > Original Commit Message:
      >
      >   This is a reland of commit 91da3883
      >
      >   Original change's description:
      >   > Fixed: Use an X register for JumpIfCodeTIsMarkedForDeoptimization
      >   > on arm64.
      >   > Bug: v8:12161
      >
      > Change-Id: I6e63bd5995340bac32654ef12c52d25b496140e3
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607997
      > Reviewed-by: Junliang Yan <junyan@redhat.com>
      > Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
      > Cr-Commit-Position: refs/heads/main@{#80194}
      
      Change-Id: I977e59238e1f03c21307c1499cde8b567d1e3e2c
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620538
      Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Reviewed-by: 's avatarMilad Farazmand <mfarazma@redhat.com>
      Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
      Cr-Commit-Position: refs/heads/main@{#80305}
      3b5ba5a8
    • Anton Bikineev's avatar
      cppgc: young-gen: Fix compilation and tests with cppgc_enable_young_gen · 5c92b06e
      Anton Bikineev authored
      The CL prepares the sources and the tests for enabling
      cppgc_enable_young_generation by default. The static initializer
      in YoungGenerationEnabler (due to v8::base::Mutex) changed to be lazy.
      The tests are now checking the runtime flag.
      
      Bug: chromium:1029379
      Change-Id: I1497a3dd2b8d62c1acd48496821f07324b7944d5
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616726Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
      Auto-Submit: Anton Bikineev <bikineev@chromium.org>
      Commit-Queue: Anton Bikineev <bikineev@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80304}
      5c92b06e