1. 24 Apr, 2020 32 commits
    • Bill Budge's avatar
      Revert "[turbofan][csa] optimize Smi untagging better" · cdea7999
      Bill Budge authored
      This reverts commit ff22ae80.
      
      Reason for revert: new test fails on UBSAN
      https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20UBSan/10831
      
      Original change's description:
      > [turbofan][csa] optimize Smi untagging better
      > 
      > - Introduce new operator variants for signed right-shifts with the
      >   additional information that they always shift out zeros.
      > - Use these new operators for Smi untagging.
      > - Merge left-shifts with a preceding Smi-untagging shift.
      > - Optimize comparisons of Smi-untagging shifts to operate on the
      >   unshifted word.
      > - Optimize 64bit comparisons of values expanded from 32bit to use
      >   a 32bit comparison instead.
      > - Change CodeStubAssembler::UntagSmi to first sign-extend and then
      >   right-shift to enable better address computations for Smi indices.
      > 
      > Bug: v8:9962
      > Change-Id: If91300f365e8f01457aebf0bd43bdf88b305c460
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135734
      > Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
      > Reviewed-by: Georg Neis <neis@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#67378}
      
      TBR=neis@chromium.org,tebbi@chromium.org
      
      Change-Id: I2617d7a44e5ae33fd79322d37c8b722c00162d22
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: v8:9962
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2165873Reviewed-by: 's avatarBill Budge <bbudge@chromium.org>
      Commit-Queue: Bill Budge <bbudge@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67380}
      cdea7999
    • Frank Tang's avatar
      add ftang as owner · f753ca5f
      Frank Tang authored
      Change-Id: Ibbf0b2fd183d40445930c4197b92fd3b5bb2c40b
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2158487Reviewed-by: 's avatarNebojša Ćirić <cira@chromium.org>
      Reviewed-by: 's avatarShu-yu Guo <syg@chromium.org>
      Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Reviewed-by: 's avatarAdam Klein <adamk@chromium.org>
      Commit-Queue: Frank Tang <ftang@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67379}
      f753ca5f
    • Tobias Tebbi's avatar
      [turbofan][csa] optimize Smi untagging better · ff22ae80
      Tobias Tebbi authored
      - Introduce new operator variants for signed right-shifts with the
        additional information that they always shift out zeros.
      - Use these new operators for Smi untagging.
      - Merge left-shifts with a preceding Smi-untagging shift.
      - Optimize comparisons of Smi-untagging shifts to operate on the
        unshifted word.
      - Optimize 64bit comparisons of values expanded from 32bit to use
        a 32bit comparison instead.
      - Change CodeStubAssembler::UntagSmi to first sign-extend and then
        right-shift to enable better address computations for Smi indices.
      
      Bug: v8:9962
      Change-Id: If91300f365e8f01457aebf0bd43bdf88b305c460
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2135734
      Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
      Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67378}
      ff22ae80
    • Frank Tang's avatar
      [intl] Remove two flags ship in m80 · 961e99d3
      Frank Tang authored
      Remove harmony-intl-{other-calendars,add-calendar-numbering-system}
      https://www.chromestatus.com/features/5440249461211136
      
      Bug: v8:9154
      Change-Id: I8331d3cbd55e19ab1b1f983fef2e772fa7dc856c
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163816Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Reviewed-by: 's avatarShu-yu Guo <syg@chromium.org>
      Commit-Queue: Frank Tang <ftang@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67377}
      961e99d3
    • Shu-yu Guo's avatar
      Allow Proxy constructor to take revoked Proxies as targets and handlers · ce43feb5
      Shu-yu Guo authored
      Normative spec change: https://github.com/tc39/ecma262/pull/1814
      
      Bug: v8:10382
      Change-Id: Ib17ece9f0c8f75702c828b5336e75cab5d173e5e
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163876
      Commit-Queue: Shu-yu Guo <syg@chromium.org>
      Reviewed-by: 's avatarMarja Hölttä <marja@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67376}
      ce43feb5
    • Francis McCabe's avatar
      Revert "[arm] Change fp_fixed registers to be allocatable registers" · 1a38573f
      Francis McCabe authored
      This reverts commit 390ed4b9.
      
      Reason for revert: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux/36714?
      
      
      Original change's description:
      > [arm] Change fp_fixed registers to be allocatable registers
      > 
      > fp_fixed1 and fp_fixed2 are used by the S8x16Shuffle operation. They
      > need to be allocatable, so that they can be correctly marked as fixed
      > and spilled as required. The previous value of fp_fixed2, d29, is not in
      > the list of allocatable double registers, and not marked as fixed
      > appropriately.
      > 
      > One fix could be to extend the list of allocatable double registers, but
      > there is a comment there saying that the list is kept even-length to
      > make stack alignment easier. So rather than messing with that, we
      > instead change what fp_fixed1 and fp_fixed2 is, since S8x16Shuffle is
      > the only user, this is a simpler change.
      > 
      > Bug: chromium:1070078
      > Change-Id: Id7de9b256bad2cfb11b0f06b66eb80a48ff7827c
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2161565
      > Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
      > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
      > Commit-Queue: Zhi An Ng <zhin@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#67372}
      
      TBR=gdeepti@chromium.org,zhin@chromium.org,thibaudm@chromium.org
      
      Change-Id: I00b4b34771b5832cc3d5fe6eac7aac506ec82d50
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: chromium:1070078
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2165865Reviewed-by: 's avatarFrancis McCabe <fgm@chromium.org>
      Commit-Queue: Francis McCabe <fgm@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67375}
      1a38573f
    • Michael Achenbach's avatar
      [foozzie] Make mock for random more expressive · bb0ea1c4
      Michael Achenbach authored
      Bug: chromium:1044942
      Change-Id: If7caf955f5aab954a57c46aab7830830b1a64d04
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2162872Reviewed-by: 's avatarMaya Lekova <mslekova@chromium.org>
      Commit-Queue: Michael Achenbach <machenbach@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67374}
      bb0ea1c4
    • Ng Zhi An's avatar
      [cleanup] Use brace initialization instead of a static cast · 9f856f63
      Ng Zhi An authored
      We change a bunch of static_cast to a cleaner and shorter brace
      initialization. I did not change every use of static_cast in the files,
      just those that relate to SIMD, so as to not cause churn in the
      diff/blame.
      
      Change-Id: I7e90c1b81f09a1e7a3ae7c9825db4fdbd21db919
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2159737Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
      Reviewed-by: 's avatarDeepti Gandluri <gdeepti@chromium.org>
      Commit-Queue: Zhi An Ng <zhin@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67373}
      9f856f63
    • Ng Zhi An's avatar
      [arm] Change fp_fixed registers to be allocatable registers · 390ed4b9
      Ng Zhi An authored
      fp_fixed1 and fp_fixed2 are used by the S8x16Shuffle operation. They
      need to be allocatable, so that they can be correctly marked as fixed
      and spilled as required. The previous value of fp_fixed2, d29, is not in
      the list of allocatable double registers, and not marked as fixed
      appropriately.
      
      One fix could be to extend the list of allocatable double registers, but
      there is a comment there saying that the list is kept even-length to
      make stack alignment easier. So rather than messing with that, we
      instead change what fp_fixed1 and fp_fixed2 is, since S8x16Shuffle is
      the only user, this is a simpler change.
      
      Bug: chromium:1070078
      Change-Id: Id7de9b256bad2cfb11b0f06b66eb80a48ff7827c
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2161565Reviewed-by: 's avatarThibaud Michaud <thibaudm@chromium.org>
      Reviewed-by: 's avatarDeepti Gandluri <gdeepti@chromium.org>
      Commit-Queue: Zhi An Ng <zhin@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67372}
      390ed4b9
    • Amy Huang's avatar
      Remove use of register r7 because llvm now issues an · 00604cd2
      Amy Huang authored
      error when "r7" is used (starting in commit d85b3877)
      
      Bug: chromium:1073270
      Change-Id: I7ec8112f170b98d2edaf92bc9341e738f8de07a3
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163435Reviewed-by: 's avatarNico Weber <thakis@chromium.org>
      Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
      Commit-Queue: Nico Weber <thakis@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67371}
      00604cd2
    • Ng Zhi An's avatar
      Validate reading prefixed opcodes · 46813711
      Ng Zhi An authored
      If module bytes end in a prefix like 0xfc (numeric prefix), we read out
      of bounds (pc + 1). So, if validate flag is set, check the length.
      
      Bug: chromium:1073553
      Change-Id: Ia9771419d01f2315723d19dd96630172b5a7a1f5
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2161404Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
      Commit-Queue: Zhi An Ng <zhin@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67370}
      46813711
    • Milad Farazmand's avatar
      PPC/s390: [wasm-simd][liftoff] Implement lt, le, gt, ge of f32x4 and f64x2 on x64 and ia32 · a7a88149
      Milad Farazmand authored
      Port c47d1631
      
      R=zhiguo.zhou@intel.com, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
      BUG=
      LOG=N
      
      Change-Id: I126b610d69234c0eaa5599978a5fd25223b657c5
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2164945Reviewed-by: 's avatarJunliang Yan <jyan@ca.ibm.com>
      Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
      Cr-Commit-Position: refs/heads/master@{#67369}
      a7a88149
    • Etienne Pierre-doray's avatar
      [Jobs]: Add job impl to default platform. · 05b62681
      Etienne Pierre-doray authored
      The impl works by posting up to NumberOfWorkerThreads() tasks
      with CallOnWorkerThread().
      
      Change-Id: I188ac57c9e5d6e3befdcc6f945fbf337dabe1d1d
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2130886
      Commit-Queue: Etienne Pierre-Doray <etiennep@chromium.org>
      Reviewed-by: 's avatarGabriel Charette <gab@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67368}
      05b62681
    • Clemens Backes's avatar
      [wasm][debug] Move debug-evaluate cctest to Liftoff · 30350b65
      Clemens Backes authored
      This is the last cctest that uses the interpreter for debugging.
      This CL moves it over to Liftoff.
      
      R=jkummerow@chromium.org
      
      Bug: v8:10389
      Change-Id: I1791f0c762c9aab38eee5f5fb96772f4d01c212f
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2164790Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Commit-Queue: Clemens Backes <clemensb@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67367}
      30350b65
    • Mythri A's avatar
      [log] Update LogAllMaps to also log maps from readonly space · 886d676d
      Mythri A authored
      With --trace-maps, we log all maps in the heap at the end of
      bootstrapping. LogAllMaps scans through the heap and logs a map-create
      even for all the maps in the heap. This cl updates this function to also
      look for maps in the read only space.
      
      Change-Id: I50025a909691be8dca3455c0583a0392b4756aef
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2162725Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
      Commit-Queue: Mythri Alle <mythria@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67366}
      886d676d
    • Camillo Bruni's avatar
      [runtime] Fix source location for CallWithSpread with errors · 1d00b785
      Camillo Bruni authored
      Unify error handling for errors in CallWithSpread Bytecode and thus
      fix source location mismatches.
      
      Bug: v8:10378
      Change-Id: If224cd34f1306492059dbedd8d2ca5c0feee5658
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2162856Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
      Commit-Queue: Camillo Bruni <cbruni@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67365}
      1d00b785
    • Leszek Swirski's avatar
      [offthread] Fall-back to main-thread finalization for asm.js · e0df158b
      Leszek Swirski authored
      asm-to-wasm doesn't support off-thread finalization, so disable it if an
      asm compilation job is successfully executed. Note that in the future,
      we could instead have a hybrid off-thread and main-thread finalization
      for mixed JS and asm.js scripts, but for now that's probably
      unncecessary.
      
      Bug: chromium:1011762
      Change-Id: I52c8f31fa13790e03ccf3196dbef471bca387bc5
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2110017
      Commit-Queue: Leszek Swirski <leszeks@chromium.org>
      Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
      Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67364}
      e0df158b
    • Leszek Swirski's avatar
      [offthread] Move line-end init to FinalizeScriptCompilation · 9f43850f
      Leszek Swirski authored
      Moves the Script line-end initialization for profiling out of
      CreateScript and into FinalizeScriptCompilation. This ensures that
      scripts created off-thread still get line-ends when necessary.
      
      Bug: chormium:1011762
      Change-Id: If16ad17b2b3ec96908420107bd5f9161eab9492f
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2122020
      Commit-Queue: Leszek Swirski <leszeks@chromium.org>
      Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67363}
      9f43850f
    • Leszek Swirski's avatar
      [offthread] Resolve parallel tasks in off-thread merge · 2b8cc34b
      Leszek Swirski authored
      Parallel tasks have to be resolved to their SharedFunctionInfos on the
      main thread, so do so for off-thread finalizations.
      
      Bug: chromium:1011762
      Change-Id: I1f0c510630b820cad191db614960ed734218bf0e
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2110018
      Commit-Queue: Leszek Swirski <leszeks@chromium.org>
      Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67362}
      2b8cc34b
    • Timothy Gu's avatar
      Reland "[builtins] Clean up the use of class_name / ES5 [[Class]]" · 1aa51b49
      Timothy Gu authored
      This is a reland of 29c1eab9
      
      Original change's description:
      > [builtins] Clean up the use of class_name / ES5 [[Class]]
      >
      > Before ES2015, the ES spec had a [[Class]] internal slot for all
      > objects, which Object.prototype.toString() would use to figure the
      > returned string. Post-ES2015, the [[Class]] slot was removed in spec for
      > all objects, with the @@toStringTag well-known symbol the proper way to
      > change Object.prototype.toString() output.
      >
      > At the time, spec-identical handling without the use of [[Class]] was
      > implemented in V8 for all objects other than API objects, where issues
      > with the Web IDL spec [1] prevented Blink, and hence V8, to totally
      > migrate to @@toStringTag. However, since 2016 [2] Blink has been setting
      > @@toStringTag on API class prototypes to manage the
      > Object.prototype.toString() output, so the legacy [[Class]] handling in
      > V8 has not been necessary for the past couple of years.
      >
      > This CL removes the remaining legacy [[Class]] handling in
      > Object.prototype.toString(), JSReceiver::class_name(), and
      > GetConstructorName(). However, it does not remove the class_name field
      > in FunctionTemplateInfo, as it is still used for the `name` property of
      > created functions.
      >
      > This CL also cleans up other places in the codebase that still reference
      > [[Class]].
      >
      > This change should have minimal impact on web-compatibility. For the
      > change to be observable, a script must do one of the following:
      >
      > 1. delete APIConstructor.prototype[Symbol.toStringTag];
      > 2. Object.setPrototypeOf(apiObject, somethingElse);
      >
      > Before this CL, these changes will not change the apiObject.toString()
      > output. But after this CL, they will make apiObject.toString() show
      > "[object Object]" (in the first case) or the @@toStringTag of the other
      > prototype (in the latter case).
      >
      > However, both are deemed unlikely. @@toStringTag is not well-known
      > feature of JavaScript, nor does it get tampered much on API
      > constructors. In the second case, setting the prototype of an API object
      > would effectly render the object useless, as all its methods (including
      > property getters/setters) would no longer be accessible.
      >
      > Currently, @@toStringTag-based API object branding is not yet
      > implemented by other browsers. This V8 bug in particular has been an
      > impediment to standardizing toString behavior. Fixing this bug will
      > unblock [3] and lead to a better Web IDL spec, and better toString()
      > compatibility for all.
      >
      > [1]: https://www.w3.org/Bugs/Public/show_bug.cgi?id=28244
      > [2]: https://crrev.com/909c0d7d5a53c8526ded351683c65ea7d17531d4
      > [3]: https://github.com/heycam/webidl/pull/357
      >
      > Bug: chromium:793406
      > Cq-Include-Trybots: luci.chromium.try:linux-rel
      > Change-Id: Iceded24e37afa2646ec385d5018909f55b177f93
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2146996
      > Commit-Queue: Timothy Gu <timothygu@chromium.org>
      > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#67327}
      
      Bug: chromium:793406
      Change-Id: Ia5d97bd4e1c44cadc6f18a17ffc9d06b038cf8f1
      Cq-Include-Trybots: luci.chromium.try:linux-rel
      Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163881
      Auto-Submit: Timothy Gu <timothygu@chromium.org>
      Commit-Queue: Toon Verwaest <verwaest@chromium.org>
      Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67361}
      1aa51b49
    • Clemens Backes's avatar
      [wasm][debug] Move breakpoint cctests to Liftoff · 780746d6
      Clemens Backes authored
      The cctests for breakpoints were still executing in the interpreter.
      This CL moves them over to Liftoff.
      
      Note that the additional methods on {DebugInfo} will be reused for other
      purposes, see https://crrev.com/c/1941139.
      
      R=jkummerow@chromium.org
      
      Bug: v8:10389
      Change-Id: Ia88150612377d6e7db0514af1efe091124b3ddce
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2162852Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Commit-Queue: Clemens Backes <clemensb@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67360}
      780746d6
    • Zhao Jiazhong's avatar
      [mips][wasm-simd][liftoff] Implement lt, le, gt, ge of f32x4 and f64x2 · 460ed1f0
      Zhao Jiazhong authored
      Port c47d1631
      https://crrev.com/c/2158925
      
      Change-Id: Ib1c494c93acfb5d19890427e6ea73202915675df
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2162415Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
      Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
      Cr-Commit-Position: refs/heads/master@{#67359}
      460ed1f0
    • Frank Tang's avatar
      Fix no_i18n failure missed in test262 roll 2163877 · 20f5379e
      Frank Tang authored
      Bug: v8:7834
      Change-Id: I9fbcca612db3df6698ebb63bae90b7943e38d48d
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163819Reviewed-by: 's avatarMaya Lekova <mslekova@chromium.org>
      Auto-Submit: Frank Tang <ftang@chromium.org>
      Commit-Queue: Frank Tang <ftang@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67358}
      20f5379e
    • Leszek Swirski's avatar
      [offthread] Check memory pressure after merging · 5b878283
      Leszek Swirski authored
      Currently, there is no indication of memory pressure after merging pages
      from off-thread space into the heap. This can mean that with lots of
      off-thread compilations, we eventually run out of pages in the memory
      allocator.
      
      Now, trigger a critical memory pressure notification after merging if
      the old generation is close to being unexpandable. We may want to add
      other heuristics here (e.g. moderate memory pressure if the heap is
      highly fragmented), or possibly add similar checks when the off-thread
      space is initialized, but this works for now.
      
      As a drive-by, inline the NotifyOffThreadSpaceMerged call into the
      off-thread factory merge -- we already do a bunch of special merging
      stuff in there, and nowhere else, so we may as well be explicit in what
      we're actually doing. This also allows us to do a pre-check on old-space
      size and hard limits just before the merge.
      
      Bug: chromium:1011762
      Change-Id: Ic2b46057cf751bd7eaf787f46beaaf4df36e78fe
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2131915
      Commit-Queue: Leszek Swirski <leszeks@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67357}
      5b878283
    • Leszek Swirski's avatar
      Reland "[offthread] Move stress-background-compile to compiler.cc" · 471b2001
      Leszek Swirski authored
      This is a reland of a441cbfb
      
      Disabling cctest/test-compiler/DeepEagerCompilationPeakMemory in stress
      mode since allocation is no longer deterministic.
      
      Original change's description:
      > [offthread] Move stress-background-compile to compiler.cc
      >
      > Make --stress-background-compile a V8 flag rather than a d8 flag, so
      > that it also tests unittests/cctests.
      >
      > Now, with this flag, every top-level script compile (that fulfills a
      > couple of restrictions) will be both main-thread and background-thread
      > compiled, taking the result of the background compile. In the future,
      > we'll probably want to verify that the two results are equivalent.
      >
      > One of the necessary changes to allow tests to pass was to introduce a
      > concept of a "temporary" script (with a temporary script id), which
      > doesn't get added to the script list. This is to avoid the main-thread
      > compile part of the stress-test having a debugger-visible side-effect,
      > e.g. in tests that enumerate scripts. We can't just create new ids for
      > such scripts, as then script-id expectation files no longer match.
      >
      > Bug: chromium:1011762
      > Change-Id: I500bbf2cabea762e69aca3dbae247daae71192cb
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2120541
      > Commit-Queue: Leszek Swirski <leszeks@chromium.org>
      > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#67332}
      
      TBR=rmcilroy@chromium.org
      
      Bug: chromium:1011762
      Change-Id: I5f9f0eb71caa4829e72b4a6d2824cbebd3698bd5
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2162876Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
      Commit-Queue: Leszek Swirski <leszeks@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67356}
      471b2001
    • Sathya Gunasekaran's avatar
      [turbofan] Split DependentCode::kFieldOwner group · 6acbbfbe
      Sathya Gunasekaran authored
      This patch will allow turboprop to selectively turn off const based
      optimizations.
      
      Change-Id: Icd0ec29968287a428cbf38857191900dbf3fda36
      Bug: v8:9684, v8:10431
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2149429
      Commit-Queue: Sathya Gunasekaran  <gsathya@chromium.org>
      Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
      Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67355}
      6acbbfbe
    • Leszek Swirski's avatar
      [offthread] Disable off-thread compiles for block coverage · 7712da4d
      Leszek Swirski authored
      Off-thread compilation currently doesn't support adding DebugInfo to a
      SharedFunctionInfo, so it also doesn't support adding coverage info.
      
      For now, disable off-thread finalization entirely when block coverage
      is enabled. In the future we most likely want to add support for this.
      
      Bug: chromium:1011762
      Change-Id: I7fdcee48f427d0f7061e90602d9d7557a98e54bb
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2126911
      Commit-Queue: Leszek Swirski <leszeks@chromium.org>
      Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67354}
      7712da4d
    • Leszek Swirski's avatar
      [offthread] Allow errors in off-thread compile · d1d35f9b
      Leszek Swirski authored
      Use the PendingCompilationErrorHandler in the UnoptimizedCompileState
      class to prepare compilation errors off-thread, and report them during
      the merge into the main thread.
      
      Bug: chromium:1011762
      Change-Id: I3ad5078e25c176aa30743500714b2fad838d3ce8
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2105354
      Commit-Queue: Leszek Swirski <leszeks@chromium.org>
      Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67353}
      d1d35f9b
    • Frank Tang's avatar
      Roll test262 · 3fe19f31
      Frank Tang authored
      https://chromium.googlesource.com/external/github.com/tc39/test262/+log/62b8fce3..31dabb56
      
      31dabb5 Add a test for Unicode key-type pairs being canonicalized by Intl.Locale regardless whether they're passed in the input tag, or through the options object. by Jeff Walden · 9 hours ago master
      7a4b88e Add `null` named capture coercion test case by Alexey Shvayka · 9 hours ago
      6de6484 Add functional replacement test by Alexey Shvayka · 9 hours ago
      a6f3449 Add string replacement test by Alexey Shvayka · 9 hours ago
      eca34ed Drop "the" and align license headers by Alexey Shvayka · 9 hours ago
      34b2ab3 Use non ID_Continue characters in negative tests by Alexey Shvayka · 9 hours ago
      89bb1b7 Remove negative parse tests that are now valid by Alexey Shvayka · 9 hours ago
      3b5845a Add invalid non-Unicode test by Alexey Shvayka · 9 hours ago
      b0995ea Add invalid Unicode test by Alexey Shvayka · 9 hours ago
      fd18971 Add valid non-Unicode test by Alexey Shvayka · 9 hours ago
      1991c24 Add valid Unicode test by Alexey Shvayka · 9 hours ago
      d57bd9d Simplify alphanum regex in testIntl.js by Ross Kirsling · 9 hours ago
      064d3c2 correct exceptions for exceptZero by Frank Yung-Fong Tang · 9 hours ago
      18f5551 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
      7bb81a4 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
      52ec585 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
      6b3b5c1 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
      7aa1291 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
      fb00de4 correct expectation of exceptZero by Frank Yung-Fong Tang · 9 hours ago
      11cc0c0 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
      9119877 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
      2022f97 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
      0fc6784 correct exceptZero expectation by Frank Yung-Fong Tang · 9 hours ago
      988bf55 correct exceptZero expectation by Frank Yung-Fong Tang · 9 hours ago
      e5d4129 correct for exceptZero by Frank Yung-Fong Tang · 9 hours ago
      8293c96 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
      0279d96 correct cases for exceptZero by Frank Yung-Fong Tang · 9 hours ago
      d401735 correction for exceptZero by Frank Yung-Fong Tang · 9 hours ago
      f07fe8c correct by Frank Yung-Fong Tang · 9 hours ago
      c1a1111 correct by Frank Yung-Fong Tang · 9 hours ago
      832ecd2 correct by Frank Yung-Fong Tang · 9 hours ago
      940be66 correct expectation for signDisplay: "exceptZero" by Frank Yung-Fong Tang · 9 hours ago
      df0207c Test revoked [[ProxyHandler]] by Alexey Shvayka · 9 hours ago
      d6834ac Test revoked callable [[ProxyTarget]] by Alexey Shvayka · 9 hours ago
      449f3ed Test revoked [[ProxyTarget]] by Alexey Shvayka · 9 hours ago
      c2f0a3c Bring back accidentally removed __proto__ test by Alexey Shvayka · 9 hours ago
      0c06bbc Add "proto-from-ctor-realm" test for AggregateError by Alexey Shvayka · 9 hours ago
      a240781 Use isConstructor harness in revocation function test by Alexey Shvayka · 9 hours ago
      c31133b Add Proxy.revocable built-in test by Alexey Shvayka · 9 hours ago
      fadb907 Atomics.waitAsync: fix lint trash by Rick Waldron · 10 hours ago
      d7e4de1 Atomics.waitAsync: validate array type; waiter list position, notify before timeout by Rick Waldron · 10 hours ago
      161ce48 Atomics.waitAsync: misused symbol args. by Rick Waldron · 10 hours ago
      127fa27 Atomics: remove erroneous argument from getReport() in harness/atomicsHelper.js by Rick Waldron · 10 hours ago
      bd5b37e Atomics.waitAsync: symbol for timeout throws by Rick Waldron · 10 hours ago
      eeb75f6 Atomics.waitAsync: poisoned object throws by Rick Waldron · 10 hours ago
      db9c0ef Atomics.waitAsync: out of range index by Rick Waldron · 10 hours ago
      0923420 Atomics.waitAsync: fix lint issues by Rick Waldron · 10 hours ago
      c3efb56 Atomics.waitAsync: make all agent timeouts async by Rick Waldron · 10 hours ago
      f03c0c2 fixup! Atomics.waitAsync: no spurious wakeup on [operation] by Rick Waldron · 10 hours ago
      e9ee3dc Atomics: add setTimeout, getReportAsync & safeBroadcastAsync to harness/atomicsHelper .js by Rick Waldron · 10 hours ago
      a46bbfd Atomics: drop unused id argument to agent receiveBroadcast handler by Rick Waldron · 10 hours ago
      974a4ff Atomics.waitAsync: no spurious wakeup on [operation] by Rick Waldron · 10 hours ago
      6d4b4eb Atomics.waitAsync: false, nan, negative, null, object zero timeouts by Rick Waldron · 10 hours ago
      4c2ca05 Atomics.waitAsync: negative index throws by Rick Waldron · 10 hours ago
      a196c93 Atomics.waitAsync: negative timeout by Rick Waldron · 10 hours ago
      677fb82 Atomics.waitAsync: false for timeouts, revised. by Rick Waldron · 10 hours ago
      9519cd8 Atomics.waitAsync: Return Value by Rick Waldron · 10 hours ago
      dabcc05 Atomics.waitAsync: false, nan for timeouts by Rick Waldron · 10 hours ago
      c0f0adf Atomics.waitAsync: ValidateSharedIntegerTypedArray, ValidateAtomicAccess & Return promiseCapability.[[Promise]] by Rick Waldron · 10 hours ago
      4e48a56 Atomics.wait: fix esid by Rick Waldron · 10 hours ago
      bb37b88 Atomics.waitAsync: add descriptor, length, name tests by Rick Waldron · 10 hours ago
      f32b35e Atomics.waitAsync: add feature to features.txt by Rick Waldron · 10 hours ago
      1394a4f Fix Proxy tests by Alexey Shvayka · 10 hours ago
      fe0d4dc Fix bound function tests by Alexey Shvayka · 10 hours ago
      57fa74b Add yield* throw() method test by Alexey Shvayka · 5 days ago
      5628e99 Add default parameters test by Alexey Shvayka · 5 days ago
      1c06724 Add ObjectBindingPattern destructuring tests by Alexey Shvayka · 5 days ago
      4d9944e Add ArrayBindingPattern destructuring tests by Alexey Shvayka · 5 days ago
      1d513c3 Update indices-groups-object.js by Gus Caplan · 5 days ago
      30542f3 Update groups-object.js by Gus Caplan · 5 days ago
      97bd6fd Update indices-groups-object.js by Gus Caplan · 5 days ago
      a799a4a Sort out __proto__ occurances outside of annexB by Gus Caplan · 5 days ago
      e1fb459 Use slice in RegExp lookBehind test by Michaël Zasso · 5 days ago
      68205eb Fixed wrong `esid` and `features` in a Promise.all test by jhnaldo · 5 days ago
      048b6b5 Assert that Symbol is a constructor by Alexey Shvayka · 9 days ago
      4a8e49b Add test for \0 in Unicode patterns (#2569) by Alexey Shvayka · 13 days ago
      156d1b6 Fix async iterator methods not passing absent values tests (#2571) by Alexey Shvayka · 13 days ago
      13d057d fix namespace set test (#2574) by Gus Caplan · 13 days ago
      27a41b6 Improve malformed RegExp named groups coverage (#2568) by Alexey Shvayka · 13 days ago
      6fb6ff6 Add String.prototype.split test by Alexey Shvayka · 2 weeks ago
      0c0bcef Add String.prototype.search test by Alexey Shvayka · 2 weeks ago
      2597829 Add String.prototype.replaceAll test by Alexey Shvayka · 2 weeks ago
      f21c828 Add String.prototype.replace test by Alexey Shvayka · 2 weeks ago
      d8a6a06 Add String.prototype.match test by Alexey Shvayka · 2 weeks ago
      c1a7ffa Rename searchValue-replace-method-abrupt.js by Alexey Shvayka · 2 weeks ago
      18bb955 Upstream additional language tag canonicalisation and Intl.Locale tests from SpiderMonkey by André Bargull · 2 weeks ago
      5d8e6c8 Restore grandfathered tests removed in #2054 by André Bargull · 2 weeks ago
      de02cf4 Re-enable variant subtag canonicalisation in tests by André Bargull · 2 weeks ago
      a525174 Add Unicode and Transformed extension canonicalisation by André Bargull · 2 weeks ago
      1c93566 Update language tag mappings to CLDR 36.1 by André Bargull · 2 weeks ago
      033f31a Add the language tag mappings python script by André Bargull · 2 weeks ago
      756ee6a Update list of numbering systems by André Bargull · 2 weeks ago
      7556d59 Update list of Intl service constructors by André Bargull · 2 weeks ago
      
      
      Bug: v8:7834
      Change-Id: I533f42e2460ba355091e46dec29a4920255a134f
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163877
      Commit-Queue: Frank Tang <ftang@chromium.org>
      Reviewed-by: 's avatarShu-yu Guo <syg@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67352}
      3fe19f31
    • Kong, Fanchen's avatar
      [wasm-simd] [liftoff] Fix i8x16.extract_lane_s on ia32 · 3eb43fbc
      Kong, Fanchen authored
      movsx_b needs a byte register on ia32, but is using arbitrary gp register.
      
      Bug: v8:9909
      Change-Id: I5f31733ccf4ca3b04a3564a9133aec496653079e
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2158928Reviewed-by: 's avatarZhi An Ng <zhin@chromium.org>
      Commit-Queue: Fanchen Kong <fanchen.kong@intel.com>
      Cr-Commit-Position: refs/heads/master@{#67351}
      3eb43fbc
    • Shu-yu Guo's avatar
      [weakrefs] Update js_weak_refs worklist after scavenges · f684ef02
      Shu-yu Guo authored
      The js_weak_refs worklist is currently not updated after scavenges,
      unlike other weak reference worklist.
      
      Bug: v8:8179, chromium:1073981
      Change-Id: I48172606995253edb8a0c96f2b7e2dc34cd3d0d6
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163827
      Commit-Queue: Shu-yu Guo <syg@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67350}
      f684ef02
    • Bill Budge's avatar
      Revert "[builtins] Clean up the use of class_name / ES5 [[Class]]" · 213016d6
      Bill Budge authored
      This reverts commit 29c1eab9.
      
      Reason for revert: Causes Blink test failures:
      https://ci.chromium.org/p/v8/builders/ci/V8%20Blink%20Linux/4222
      
      Original change's description:
      > [builtins] Clean up the use of class_name / ES5 [[Class]]
      > 
      > Before ES2015, the ES spec had a [[Class]] internal slot for all
      > objects, which Object.prototype.toString() would use to figure the
      > returned string. Post-ES2015, the [[Class]] slot was removed in spec for
      > all objects, with the @@toStringTag well-known symbol the proper way to
      > change Object.prototype.toString() output.
      > 
      > At the time, spec-identical handling without the use of [[Class]] was
      > implemented in V8 for all objects other than API objects, where issues
      > with the Web IDL spec [1] prevented Blink, and hence V8, to totally
      > migrate to @@toStringTag. However, since 2016 [2] Blink has been setting
      > @@toStringTag on API class prototypes to manage the
      > Object.prototype.toString() output, so the legacy [[Class]] handling in
      > V8 has not been necessary for the past couple of years.
      > 
      > This CL removes the remaining legacy [[Class]] handling in
      > Object.prototype.toString(), JSReceiver::class_name(), and
      > GetConstructorName(). However, it does not remove the class_name field
      > in FunctionTemplateInfo, as it is still used for the `name` property of
      > created functions.
      > 
      > This CL also cleans up other places in the codebase that still reference
      > [[Class]].
      > 
      > This change should have minimal impact on web-compatibility. For the
      > change to be observable, a script must do one of the following:
      > 
      > 1. delete APIConstructor.prototype[Symbol.toStringTag];
      > 2. Object.setPrototypeOf(apiObject, somethingElse);
      > 
      > Before this CL, these changes will not change the apiObject.toString()
      > output. But after this CL, they will make apiObject.toString() show
      > "[object Object]" (in the first case) or the @@toStringTag of the other
      > prototype (in the latter case).
      > 
      > However, both are deemed unlikely. @@toStringTag is not well-known
      > feature of JavaScript, nor does it get tampered much on API
      > constructors. In the second case, setting the prototype of an API object
      > would effectly render the object useless, as all its methods (including
      > property getters/setters) would no longer be accessible.
      > 
      > Currently, @@toStringTag-based API object branding is not yet
      > implemented by other browsers. This V8 bug in particular has been an
      > impediment to standardizing toString behavior. Fixing this bug will
      > unblock [3] and lead to a better Web IDL spec, and better toString()
      > compatibility for all.
      > 
      > [1]: https://www.w3.org/Bugs/Public/show_bug.cgi?id=28244
      > [2]: https://crrev.com/909c0d7d5a53c8526ded351683c65ea7d17531d4
      > [3]: https://github.com/heycam/webidl/pull/357
      > 
      > Bug: chromium:793406
      > Cq-Include-Trybots: luci.chromium.try:linux-rel
      > Change-Id: Iceded24e37afa2646ec385d5018909f55b177f93
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2146996
      > Commit-Queue: Timothy Gu <timothygu@chromium.org>
      > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#67327}
      
      TBR=verwaest@chromium.org,timothygu@chromium.org
      
      Change-Id: I678d2ffc1064b1d1ddb62024cc23c6c41b216ef4
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: chromium:793406
      Cq-Include-Trybots: luci.chromium.try:linux-rel
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163956Reviewed-by: 's avatarBill Budge <bbudge@chromium.org>
      Commit-Queue: Bill Budge <bbudge@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67349}
      213016d6
  2. 23 Apr, 2020 8 commits