Bug: v8:12749
Change-Id: I33d0313625c38f9634ffba5ed358c1782811ddde
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3561184
Commit-Queue: Adam Klein <adamk@chromium.org>
Auto-Submit: Adam Klein <adamk@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#79680}

Bug: v8:7700
Change-Id: I43ef07414326ee656b36e17aa739ae0015c88d57
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3560640Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79679}

Bug: v8:12748
Change-Id: I7c4db798728a6ed243ac7aace3af45bf32367dc5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3560479Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79678}

R=clemensb@chromium.org

Bug: chromium:1307603
Change-Id: I1924aeb43dcca3eaee5b54b1e105c78b28f66c07
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3560438Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79677}

Bug: chromium:1308360,chromium:1309467,v8:9237
Change-Id: I2923e3ee60b4b30c4e2b57b9c8569a030fc7bfbd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3550588Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79676}

When starting a global safepoint, it could happen that one isolate is
waiting/blocking in the event loop, which prevents this isolate from
reaching a safepoint. As a consequence we therefore deadlock when
performing the safepoint. We can solve this by simply posting a task
for each isolate that when run performs a safepoint check.

This CL also renames IncludeMainThreadUnlessInitiator to
ShouldIncludeMainThread.

Bug: v8:11708, v8:12645
Change-Id: Ide956b3c39b350c2bb0279a7dd94ff79cb9d771b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3555771Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79675}

This allows us to store per-eager-deopt site information.

Bug: v8:7700
Change-Id: I86c29aec28220fb96fcf09984e6665f650f22708
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3550275Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79674}

This introduces a `V8InspectorClient::dispatchError()` callback that
embedders can use to dispatch errors from scripts injected by DevTools
(via debug evaluate). The idea here being that while these errors are
technically caught by the inspector logic, the DevTools UX presents them
just like other uncaught errors, with the exception that they don't
trigger error handlers installed by the page. The latter can be quite
confusing to developers, and surprising when for example testing these
error handlers from DevTools. So this adds the foundations on the V8
side to enable triggering error handlers for these technically caught,
but morally uncaught, exceptions.

On the Chromium side https://crrev.com/c/3560458 will implement and
use the hook. And that CL also adds a web tests to check the behavior.

Bug: chromium:1295750
Change-Id: I945c8a9e9b4ec5705fc7f1891dcda185b04c8310
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3557234
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79673}

Take 1:
https://chromium-review.googlesource.com/c/v8/v8/+/3557331

Undefined node needs to be constructed before Call in
BuildCallFromRegisterList as well.

Bug: v8:7700
Change-Id: I58bc647a3b34437a0a143e1f252c2fa2a01df3d0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3557235
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79672}

Bug: v8:7700
Change-Id: I11e2a5eaf607b7501b19b9cb04de086cd4ee0a4c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3553113Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79671}

Port commit 0a110021

Change-Id: I065d5e79c3432ef9f306e70635a86de89eb531dc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3559771Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Auto-Submit: Yu Liu <liuyu@loongson.cn>
Commit-Queue: Yu Liu <liuyu@loongson.cn>
Cr-Commit-Position: refs/heads/main@{#79670}

.. with readability and simplicity in mind.

- Rename OptimizationMarker to the (shorter) TieringState. 'Tiering'
  also matches 'TieringManager' terminology.
- Rename the values:
  kNone -> kNone
  kInOptimizationQueue -> kInProgress
  kCompileFoo_NotConcurrent -> kRequestFoo_Synchronous
  kCompileFoo_Concurrent -> kRequestFoo_Concurrent
- Likewise rename ConcurrencyMode::kNotConcurrent to kSynchronous.
- Add predicates to test enum values.
- Consistent lower case names for accessors on JSFunction and
  FeedbackVector.
- Instead of having to call HasOptimizationMarker() before using any
  other accessor, simply have optimization_marker() return kNone if
  no feedback vector exists.
- Drive-by: Enable the Unreachable() in MaybeOptimizeCode()
  unconditionally - this should never happen, there's no reason not
  to protect against this in release builds as well.

Bug: v8:12161
Change-Id: I67c03e2b7bd0a6b86d0c64f504ad8cb47e9e26ae
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3555774Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Auto-Submit: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79669}

- For y = x & 0xFF, we could use movzxbq y, x.
- For y = x & 0xFFFF, we could use movzxwq y, x.
- For y = x & 0xFFFFFFFF, we could use movl y, x.
- For y = x & immediate and immediate fits into uint32,
we could use andl x, immediate.


Bug: v8:12337
Change-Id: I31f04fa9058c6acabb210f0fce61ac713ed1a382
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3518913Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79668}

This reverts commit e76ad5c6.

Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20-%20shared/19438/overview

Original change's description:
> [wasm-gc] Implement isorecursive canonicalization
>
> This implements isorecursive canonicalization for static types.
>
> Not implemented in this CL:
> - Runtime type canonicalization.
> - Cross-module signature canonicalization for purposes of call_indirect.
>
> Bug: v8:7748
> Change-Id: I6214f947444eea8d7b15a29b35c94c3d07ddb525
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3541925
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#79665}

Bug: v8:7748
Change-Id: I9e26696a7113b1bacafa800c8d6ef24df38c41fd
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3557233
Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79667}

Port 0a110021

Change-Id: I922cde72d100b8d1ef006a7752400c568b675532
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3559629
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Reviewed-by: ji qiu <qiuji@iscas.ac.cn>
Commit-Queue: ji qiu <qiuji@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#79666}

This implements isorecursive canonicalization for static types.

Not implemented in this CL:
- Runtime type canonicalization.
- Cross-module signature canonicalization for purposes of call_indirect.

Bug: v8:7748
Change-Id: I6214f947444eea8d7b15a29b35c94c3d07ddb525
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3541925Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79665}

Change-Id: Ib68766bf88624bfdad272680ce9e1180d241adf0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3556927Reviewed-by: ji qiu <qiuji@iscas.ac.cn>
Commit-Queue: Yahan Lu <yahan@iscas.ac.cn>
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#79664}

There are two kinds of method to get native context of JSFunction
object, directly calling to native_context() and calling
context().native_context(). Replace all context().native_context()
with native_context().

Change-Id: Ia7a7e64648446002717d38fafecd2420f622325e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3541468Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Tao Pan <tao.pan@intel.com>
Cr-Commit-Position: refs/heads/main@{#79663}

Bug: v8:11111, v8:12731, v8:12742
Change-Id: I2679c0e64faca25a2c16e15fd3a5c727eb941c92
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3551894Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79662}

Bug: v8:12743
Change-Id: I4a36c0b794759d47eb9436714dfd2417fc45dcd2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3558327Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79661}

No-Try: true
Bug: v8:11428
Change-Id: Ib5ccee00f1e010f94a9d504478553dd47a2998a0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3557252Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79660}

Bug: v8:12742
Change-Id: If96908f8585a5789c09d98bb8ca06f9a9fb6fc7e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3558310Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79659}

The "undefined" node has to be in the CFG graph before the "Call" node.

Bug: v8:7700
Change-Id: I137cde1d884e87e72fd4d6a22d5105168c8fb6cb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3557331
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79658}

Port 0a110021

Original Commit Message:

    All architectures have kSupportsFixedDeoptExitSizes = true, so we can
    remove kSupportsFixedDeoptExitSizes entirely and always have fixed-size
    deopts.

R=leszeks@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N

Change-Id: If33d936ea59e6add15b835793637fc50f28d07fd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3557254Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#79657}

Change the NodeBase bitfield to be initialised by NodeBase::Allocate,
and threaded through Node constructors as a complete bitfield instead of
the input_count.

This means that we can centralise changes to the bitfield, as well as
the setting of the opcode.

Bug: v8:7700
Change-Id: I848369339f3e43ba85d435c14d525d63907181e8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3555773
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79656}

Bug: v8:7700
Change-Id: I1efa298a25bf15c104a57db3ec7cc4d7e36861eb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3553102Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Auto-Submit: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79655}

All architectures have kSupportsFixedDeoptExitSizes = true, so we can
remove kSupportsFixedDeoptExitSizes entirely and always have fixed-size
deopts.

Change-Id: Ib696f6d2431f60677cc7fa2193ee27b9b0f80bc8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3550268Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79654}

Bug: v8:7700
Change-Id: I60b47808360430ecfde528cf6429fcc24e84fc31
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3555766Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79653}

- Always show the navigation buttons
- Format code with fixed-width font
- Limit the property-table height for more compact tooltips

Bug: v8:10644
Change-Id: I0a0f30056455371bad12b2c679d184948c5b52de
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3555772Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79652}

Search for all files with testing naming convention and run that on v8_presubmit.
Also modify all PRESUBMIT files in the tools directory to include any test file
with the appropriate naming convention.

Bug: chromium:1306474
Change-Id: I61c1b7c71badbbc3b99705289588aa8280824d66
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3532266Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79651}

The signature of FatalProcessOutOfMemory is used extracting V8 specific
crash information from chrome minidumps.

Change-Id: I625a9ca1f1628c6ddd34cf794cc4205b012ef23e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3532267Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79650}

Under over-application (passing more arguments into a function than its
formal parameter count), we need to use the passed argc to clean up the
stack, rather than the formal parameter count. Fix Maglev's Return node
code to do the appropriate check and dynamic sized return.

Bug: v8:7700
Change-Id: I36037d29e14323b336974d4b75b75f5702ce8a28
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3555767Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79649}

This CL adds the reduction for String#includes
and merges the reduction of String#indexOf and
String#includes in JSCallReducer.

This CL does two things:
- Add StringIndexOfIncludesVariant to distinguish
String#indexOf and String#includes.
- Add ReduceStringPrototypeIndexOfIncludes to reduce
for String#indexOf and String#includes.

Bug: v8:12732
Change-Id: Ied75485cf1511956e97ef986fc34a711aae3d1ce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3552279Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79648}

R=jkummerow@chromium.org

Bug: chromium:1307946
Change-Id: I5827f6ce3e854b440c027f8f4862f5a43b088e01
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3553111Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79647}

Bug: v8:11111,chromium:1307310
Change-Id: I41175d759e71d2016880eae1cd42e420ee9cc229
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3540262Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79646}

Recent Clang versions have enhanced -Wunused-but-set-variable which now
warns about these.

Bug: chromium:1309955
Change-Id: Id99e3eee60bf2c789e15251f65a192a6bf51f252
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3554603Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79645}

This reverts commit c482a66b.

Reason for revert: causes crashes in ChromeOS/MSAN builds:
https://crbug.com/1310642

Original change's description:
> Enable PAC and BTI for runtime generated code.
>
> This patch enables PAC and BTI for runtime generated code when PAC
> is enabled. Additional BTI landing pads will resolve to NOOP when
> running on non BTI device and will not cause functional problems.
>
> Change-Id: I3993481df2c3c47e3e81bfb76a8c355f642cd572
> Bug: chromium:919548, v8:10026
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3548457
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Andre Kempe <andre.kempe@arm.com>
> Cr-Commit-Position: refs/heads/main@{#79630}

Bug: chromium:919548, v8:10026, chromium:1310642
Change-Id: I564efa5327ae038a7b5fb69b416300afebe2cd74
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3556706
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79644}

Fix GCC compilation complaints.

Bug: v8:11989
Change-Id: I547e61342be090cc31825d8fe49463a79a39495f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3553789Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79643}

Change-Id: Idd2c979db120be1e35260786a3f9534d950294b4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3555538Reviewed-by: Milad Farazmand <mfarazma@redhat.com>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/main@{#79642}

Change-Id: Ife52b4279aa17e73316a77c5b4ef6f03bef763b7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3555886Reviewed-by: Milad Farazmand <mfarazma@redhat.com>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/main@{#79641}