From 157eb4e05c90eec115562aef551c2701f0f9ddb7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C3=ABl=20Zasso?= Date: Wed, 5 Feb 2025 09:51:19 +0100 Subject: [PATCH 01/19] deps: update V8 to 13.2.152.38 --- deps/v8/.gitignore | 2 + deps/v8/AUTHORS | 7 +- deps/v8/BUILD.bazel | 87 +- deps/v8/BUILD.gn | 363 +-- deps/v8/COMMON_OWNERS | 1 - deps/v8/DEPS | 218 +- deps/v8/ENG_REVIEW_OWNERS | 3 +- deps/v8/bazel/defs.bzl | 4 +- deps/v8/gni/v8.gni | 9 +- deps/v8/include/cppgc/internal/logging.h | 6 +- .../include/cppgc/internal/member-storage.h | 11 + .../include/cppgc/internal/persistent-node.h | 11 +- .../include/cppgc/internal/pointer-policies.h | 59 +- deps/v8/include/cppgc/member.h | 27 +- deps/v8/include/cppgc/name-provider.h | 3 + deps/v8/include/js_protocol.pdl | 15 +- deps/v8/include/v8-array-buffer.h | 23 + deps/v8/include/v8-callbacks.h | 41 + deps/v8/include/v8-context.h | 11 +- deps/v8/include/v8-debug.h | 5 + deps/v8/include/v8-embedder-heap.h | 30 - deps/v8/include/v8-fast-api-calls.h | 57 +- deps/v8/include/v8-handle-base.h | 14 + deps/v8/include/v8-initialization.h | 28 +- deps/v8/include/v8-inspector.h | 6 +- deps/v8/include/v8-internal.h | 81 +- deps/v8/include/v8-isolate.h | 51 +- deps/v8/include/v8-local-handle.h | 34 +- deps/v8/include/v8-metrics.h | 10 + deps/v8/include/v8-object.h | 9 +- deps/v8/include/v8-primitive.h | 31 + deps/v8/include/v8-sandbox.h | 5 +- deps/v8/include/v8-script.h | 9 +- deps/v8/include/v8-source-location.h | 7 +- deps/v8/include/v8-unwinder-state.h | 2 +- deps/v8/include/v8-version.h | 6 +- deps/v8/include/v8config.h | 31 +- deps/v8/infra/mb/mb_config.pyl | 5 +- deps/v8/infra/testing/builders.pyl | 181 +- deps/v8/pyrightconfig.json | 4 + deps/v8/src/DEPS | 4 + deps/v8/src/api/api-arguments.h | 4 +- deps/v8/src/api/api-inl.h | 8 +- deps/v8/src/api/api-natives.cc | 15 +- deps/v8/src/api/api.cc | 510 +++-- deps/v8/src/api/api.h | 55 +- deps/v8/src/asmjs/asm-js.cc | 11 +- deps/v8/src/asmjs/asm-parser.cc | 8 +- deps/v8/src/ast/ast-value-factory.cc | 2 +- deps/v8/src/ast/ast-value-factory.h | 12 +- deps/v8/src/ast/ast.cc | 20 +- deps/v8/src/ast/ast.h | 62 +- deps/v8/src/ast/modules.cc | 2 +- deps/v8/src/ast/modules.h | 2 +- deps/v8/src/ast/prettyprinter.cc | 37 +- deps/v8/src/ast/scopes.cc | 130 +- deps/v8/src/ast/scopes.h | 38 +- deps/v8/src/base/bounded-page-allocator.cc | 37 +- deps/v8/src/base/bounds.h | 8 +- deps/v8/src/base/compiler-specific.h | 7 - deps/v8/src/base/cpu.cc | 14 +- deps/v8/src/base/cpu.h | 6 + deps/v8/src/base/immediate-crash.h | 2 +- deps/v8/src/base/logging.h | 219 +- deps/v8/src/base/macros.h | 49 +- deps/v8/src/base/platform/mutex.h | 23 +- deps/v8/src/base/platform/platform-posix.cc | 8 +- .../src/base/platform/platform-starboard.cc | 2 +- deps/v8/src/base/safe_conversions.h | 197 +- deps/v8/src/base/safe_conversions_arm_impl.h | 22 +- deps/v8/src/base/safe_conversions_impl.h | 199 +- deps/v8/src/base/sanitizer/ubsan.h | 20 + deps/v8/src/base/string-format.h | 59 +- .../template-meta-programming/algorithm.h | 75 - .../base/template-meta-programming/common.h | 40 + .../src/base/template-meta-programming/list.h | 208 +- deps/v8/src/base/template-utils.h | 9 +- deps/v8/src/base/vector.h | 13 +- deps/v8/src/baseline/baseline-assembler-inl.h | 3 +- .../src/baseline/baseline-batch-compiler.cc | 6 +- deps/v8/src/baseline/baseline-compiler.cc | 53 +- deps/v8/src/baseline/baseline-compiler.h | 2 +- .../baseline/x64/baseline-assembler-x64-inl.h | 8 +- deps/v8/src/bigint/bigint-internal.h | 7 +- deps/v8/src/bigint/bigint.h | 5 +- deps/v8/src/bigint/tostring.cc | 24 +- deps/v8/src/builtins/accessors.cc | 4 +- deps/v8/src/builtins/accessors.h | 2 +- deps/v8/src/builtins/arm/builtins-arm.cc | 176 +- deps/v8/src/builtins/arm64/builtins-arm64.cc | 295 ++- deps/v8/src/builtins/array-concat.tq | 8 +- deps/v8/src/builtins/array-join.tq | 2 +- deps/v8/src/builtins/array-lastindexof.tq | 2 +- deps/v8/src/builtins/array-map.tq | 2 +- deps/v8/src/builtins/array-reverse.tq | 4 +- deps/v8/src/builtins/array-shift.tq | 7 +- deps/v8/src/builtins/array-to-reversed.tq | 2 +- deps/v8/src/builtins/array-unshift.tq | 7 +- deps/v8/src/builtins/array.tq | 4 +- deps/v8/src/builtins/base.tq | 49 +- deps/v8/src/builtins/builtins-api.cc | 2 +- deps/v8/src/builtins/builtins-array-gen.cc | 8 +- deps/v8/src/builtins/builtins-array.cc | 48 +- deps/v8/src/builtins/builtins-arraybuffer.cc | 19 +- .../builtins-async-disposable-stack.cc | 2 +- .../builtins-atomics-synchronization.cc | 4 +- deps/v8/src/builtins/builtins-call-gen.cc | 12 +- .../src/builtins/builtins-collections-gen.cc | 6 +- deps/v8/src/builtins/builtins-console.cc | 12 +- deps/v8/src/builtins/builtins-definitions.h | 1798 +++++++-------- deps/v8/src/builtins/builtins-descriptors.h | 52 +- .../src/builtins/builtins-disposable-stack.cc | 2 +- deps/v8/src/builtins/builtins-function.cc | 13 +- .../v8/src/builtins/builtins-generator-gen.cc | 48 +- deps/v8/src/builtins/builtins-ic-gen.cc | 40 +- deps/v8/src/builtins/builtins-inl.h | 50 + deps/v8/src/builtins/builtins-internal-gen.cc | 147 +- deps/v8/src/builtins/builtins-internal.cc | 8 + deps/v8/src/builtins/builtins-intl.cc | 33 +- deps/v8/src/builtins/builtins-iterator-gen.h | 1 + deps/v8/src/builtins/builtins-json.cc | 4 +- deps/v8/src/builtins/builtins-lazy-gen.cc | 8 +- deps/v8/src/builtins/builtins-object-gen.cc | 29 +- deps/v8/src/builtins/builtins-object.cc | 14 +- deps/v8/src/builtins/builtins-reflect.cc | 8 +- deps/v8/src/builtins/builtins-regexp-gen.cc | 131 +- deps/v8/src/builtins/builtins-regexp-gen.h | 5 + .../builtins-sharedarraybuffer-gen.cc | 62 +- .../builtins/builtins-sharedarraybuffer.cc | 52 +- deps/v8/src/builtins/builtins-string.cc | 62 +- deps/v8/src/builtins/builtins-struct.cc | 11 +- deps/v8/src/builtins/builtins-trace.cc | 2 +- .../src/builtins/builtins-typed-array-gen.cc | 9 +- deps/v8/src/builtins/builtins-utils-inl.h | 11 +- deps/v8/src/builtins/builtins-utils.h | 55 +- deps/v8/src/builtins/builtins.cc | 54 +- deps/v8/src/builtins/builtins.h | 34 +- deps/v8/src/builtins/console.tq | 10 +- .../src/builtins/constants-table-builder.cc | 4 +- deps/v8/src/builtins/convert.tq | 4 +- deps/v8/src/builtins/data-view.tq | 3 +- deps/v8/src/builtins/function.tq | 10 +- deps/v8/src/builtins/ia32/builtins-ia32.cc | 174 +- deps/v8/src/builtins/iterator.tq | 98 + deps/v8/src/builtins/js-to-js.tq | 49 +- deps/v8/src/builtins/js-to-wasm.tq | 81 +- .../src/builtins/loong64/builtins-loong64.cc | 321 ++- deps/v8/src/builtins/math.tq | 8 +- .../v8/src/builtins/mips64/builtins-mips64.cc | 115 +- deps/v8/src/builtins/ppc/builtins-ppc.cc | 52 +- deps/v8/src/builtins/regexp-match.tq | 38 +- deps/v8/src/builtins/riscv/builtins-riscv.cc | 367 +-- deps/v8/src/builtins/s390/builtins-s390.cc | 76 +- deps/v8/src/builtins/set-difference.tq | 4 +- .../src/builtins/setup-builtins-internal.cc | 10 +- deps/v8/src/builtins/wasm-strings.tq | 101 +- deps/v8/src/builtins/wasm-to-js.tq | 30 +- deps/v8/src/builtins/wasm.tq | 31 +- deps/v8/src/builtins/x64/builtins-x64.cc | 571 +++-- deps/v8/src/codegen/arm/assembler-arm-inl.h | 82 +- deps/v8/src/codegen/arm/assembler-arm.h | 12 +- deps/v8/src/codegen/arm/constants-arm.cc | 11 + deps/v8/src/codegen/arm/constants-arm.h | 14 +- .../v8/src/codegen/arm/macro-assembler-arm.cc | 36 +- deps/v8/src/codegen/arm/macro-assembler-arm.h | 5 +- deps/v8/src/codegen/arm/register-arm.h | 2 + .../src/codegen/arm64/assembler-arm64-inl.h | 87 +- deps/v8/src/codegen/arm64/assembler-arm64.cc | 21 +- deps/v8/src/codegen/arm64/assembler-arm64.h | 52 +- .../src/codegen/arm64/instructions-arm64.cc | 27 +- .../v8/src/codegen/arm64/instructions-arm64.h | 21 +- .../arm64/interface-descriptors-arm64-inl.h | 2 +- .../codegen/arm64/macro-assembler-arm64.cc | 192 +- .../src/codegen/arm64/macro-assembler-arm64.h | 32 +- deps/v8/src/codegen/arm64/register-arm64.h | 1 + deps/v8/src/codegen/assembler-arch.h | 2 +- deps/v8/src/codegen/assembler-inl.h | 2 +- deps/v8/src/codegen/assembler.cc | 10 +- deps/v8/src/codegen/assembler.h | 26 +- deps/v8/src/codegen/bailout-reason.h | 8 +- deps/v8/src/codegen/code-stub-assembler-inl.h | 16 +- deps/v8/src/codegen/code-stub-assembler.cc | 339 ++- deps/v8/src/codegen/code-stub-assembler.h | 76 +- deps/v8/src/codegen/compilation-cache.cc | 31 +- deps/v8/src/codegen/compilation-cache.h | 4 +- deps/v8/src/codegen/compiler.cc | 184 +- deps/v8/src/codegen/compiler.h | 26 +- deps/v8/src/codegen/constants-arch.h | 2 +- .../src/codegen/external-reference-table.cc | 2 +- deps/v8/src/codegen/external-reference.cc | 44 +- deps/v8/src/codegen/external-reference.h | 35 +- deps/v8/src/codegen/ia32/assembler-ia32-inl.h | 35 +- deps/v8/src/codegen/ia32/assembler-ia32.h | 11 +- .../src/codegen/ia32/macro-assembler-ia32.cc | 31 +- .../src/codegen/ia32/macro-assembler-ia32.h | 5 +- deps/v8/src/codegen/ia32/register-ia32.h | 2 + .../src/codegen/interface-descriptors-inl.h | 19 +- deps/v8/src/codegen/interface-descriptors.h | 49 +- .../codegen/loong64/assembler-loong64-inl.h | 41 +- .../src/codegen/loong64/assembler-loong64.cc | 47 +- .../src/codegen/loong64/assembler-loong64.h | 39 +- .../src/codegen/loong64/constants-loong64.cc | 13 + .../src/codegen/loong64/constants-loong64.h | 6 +- .../loong64/macro-assembler-loong64.cc | 238 +- .../codegen/loong64/macro-assembler-loong64.h | 64 +- .../v8/src/codegen/loong64/register-loong64.h | 8 +- deps/v8/src/codegen/machine-type.h | 7 + deps/v8/src/codegen/macro-assembler-base.cc | 12 +- deps/v8/src/codegen/macro-assembler-base.h | 19 +- deps/v8/src/codegen/macro-assembler.h | 2 +- .../src/codegen/mips64/assembler-mips64-inl.h | 36 +- .../v8/src/codegen/mips64/assembler-mips64.cc | 45 +- deps/v8/src/codegen/mips64/assembler-mips64.h | 36 +- .../v8/src/codegen/mips64/constants-mips64.cc | 13 + deps/v8/src/codegen/mips64/constants-mips64.h | 6 +- .../codegen/mips64/macro-assembler-mips64.cc | 4 +- deps/v8/src/codegen/mips64/register-mips64.h | 2 + .../src/codegen/optimized-compilation-info.cc | 17 +- .../src/codegen/optimized-compilation-info.h | 55 +- deps/v8/src/codegen/ppc/assembler-ppc-inl.h | 100 +- deps/v8/src/codegen/ppc/assembler-ppc.cc | 4 +- deps/v8/src/codegen/ppc/assembler-ppc.h | 12 +- deps/v8/src/codegen/ppc/constants-ppc.cc | 11 + deps/v8/src/codegen/ppc/constants-ppc.h | 6 +- .../v8/src/codegen/ppc/macro-assembler-ppc.cc | 9 +- deps/v8/src/codegen/ppc/macro-assembler-ppc.h | 3 +- deps/v8/src/codegen/ppc/register-ppc.h | 2 + deps/v8/src/codegen/register-arch.h | 2 +- deps/v8/src/codegen/register-configuration.cc | 2 +- deps/v8/src/codegen/reglist.h | 2 +- deps/v8/src/codegen/reloc-info.cc | 15 +- deps/v8/src/codegen/reloc-info.h | 19 +- .../src/codegen/riscv/assembler-riscv-inl.h | 38 +- deps/v8/src/codegen/riscv/assembler-riscv.cc | 74 +- deps/v8/src/codegen/riscv/assembler-riscv.h | 40 +- .../src/codegen/riscv/base-constants-riscv.cc | 44 +- .../src/codegen/riscv/base-constants-riscv.h | 13 + deps/v8/src/codegen/riscv/cpu-riscv.cc | 8 +- deps/v8/src/codegen/riscv/extension-riscv-v.h | 1 - .../riscv/interface-descriptors-riscv-inl.h | 18 + .../codegen/riscv/macro-assembler-riscv.cc | 599 ++++- .../src/codegen/riscv/macro-assembler-riscv.h | 371 +++- deps/v8/src/codegen/riscv/register-riscv.h | 10 + deps/v8/src/codegen/s390/assembler-s390-inl.h | 87 +- deps/v8/src/codegen/s390/assembler-s390.cc | 38 +- deps/v8/src/codegen/s390/assembler-s390.h | 21 +- deps/v8/src/codegen/s390/constants-s390.cc | 15 +- deps/v8/src/codegen/s390/constants-s390.h | 59 +- deps/v8/src/codegen/s390/cpu-s390.cc | 4 +- .../s390/interface-descriptors-s390-inl.h | 4 +- .../src/codegen/s390/macro-assembler-s390.cc | 219 +- .../src/codegen/s390/macro-assembler-s390.h | 26 +- deps/v8/src/codegen/s390/register-s390.h | 25 +- deps/v8/src/codegen/signature.h | 15 +- deps/v8/src/codegen/source-position.cc | 17 +- deps/v8/src/codegen/tnode.h | 6 +- .../codegen/unoptimized-compilation-info.h | 6 +- deps/v8/src/codegen/x64/assembler-x64-inl.h | 52 +- deps/v8/src/codegen/x64/assembler-x64.cc | 30 +- deps/v8/src/codegen/x64/assembler-x64.h | 19 +- .../v8/src/codegen/x64/macro-assembler-x64.cc | 167 +- deps/v8/src/codegen/x64/macro-assembler-x64.h | 27 +- deps/v8/src/codegen/x64/register-x64.h | 1 + deps/v8/src/common/assert-scope.cc | 5 +- deps/v8/src/common/assert-scope.h | 10 +- deps/v8/src/common/code-memory-access-inl.h | 76 +- deps/v8/src/common/code-memory-access.cc | 16 +- deps/v8/src/common/code-memory-access.h | 36 +- deps/v8/src/common/globals.h | 65 +- deps/v8/src/common/message-template.h | 13 +- deps/v8/src/common/thread-local-storage.h | 61 + deps/v8/src/compiler/access-builder.cc | 54 +- deps/v8/src/compiler/access-builder.h | 5 + deps/v8/src/compiler/access-info.cc | 26 +- deps/v8/src/compiler/access-info.h | 8 +- deps/v8/src/compiler/all-nodes.cc | 2 +- deps/v8/src/compiler/allocation-builder-inl.h | 2 +- .../backend/arm/code-generator-arm.cc | 65 +- .../backend/arm/instruction-selector-arm.cc | 5 + .../backend/arm64/code-generator-arm64.cc | 96 +- .../backend/arm64/instruction-codes-arm64.h | 1 + .../arm64/instruction-scheduler-arm64.cc | 2 + .../arm64/instruction-selector-arm64.cc | 9 +- .../v8/src/compiler/backend/bitcast-elider.cc | 2 +- .../v8/src/compiler/backend/code-generator.cc | 93 +- deps/v8/src/compiler/backend/code-generator.h | 17 +- .../backend/ia32/code-generator-ia32.cc | 78 +- .../backend/ia32/instruction-selector-ia32.cc | 5 + .../src/compiler/backend/instruction-codes.h | 2 +- .../backend/instruction-selector-adapter.h | 6 +- .../backend/instruction-selector-impl.h | 9 + .../compiler/backend/instruction-selector.cc | 85 +- .../compiler/backend/instruction-selector.h | 10 +- deps/v8/src/compiler/backend/instruction.cc | 21 +- deps/v8/src/compiler/backend/instruction.h | 44 +- .../v8/src/compiler/backend/jump-threading.cc | 9 +- .../backend/loong64/code-generator-loong64.cc | 96 +- .../loong64/instruction-selector-loong64.cc | 70 +- .../backend/mips64/code-generator-mips64.cc | 2 +- .../mips64/instruction-selector-mips64.cc | 81 +- .../backend/ppc/code-generator-ppc.cc | 14 +- .../backend/ppc/instruction-selector-ppc.cc | 10 +- .../compiler/backend/register-allocator.cc | 9 +- .../backend/riscv/code-generator-riscv.cc | 213 +- .../backend/riscv/instruction-codes-riscv.h | 2 + .../riscv/instruction-scheduler-riscv.cc | 2 + .../riscv/instruction-selector-riscv.h | 84 +- .../riscv/instruction-selector-riscv32.cc | 3 +- .../riscv/instruction-selector-riscv64.cc | 187 +- .../backend/s390/code-generator-s390.cc | 36 +- .../backend/s390/instruction-selector-s390.cc | 50 +- .../backend/x64/code-generator-x64.cc | 125 +- .../backend/x64/instruction-codes-x64.h | 3 + .../backend/x64/instruction-scheduler-x64.cc | 4 + .../backend/x64/instruction-selector-x64.cc | 100 +- .../src/compiler/basic-block-instrumentor.cc | 8 +- .../compiler/branch-condition-duplicator.cc | 2 +- .../v8/src/compiler/bytecode-graph-builder.cc | 37 +- deps/v8/src/compiler/c-linkage.cc | 2 +- deps/v8/src/compiler/code-assembler.cc | 95 +- deps/v8/src/compiler/code-assembler.h | 118 +- .../src/compiler/common-operator-reducer.cc | 2 +- deps/v8/src/compiler/common-operator.cc | 42 +- deps/v8/src/compiler/common-operator.h | 45 +- .../src/compiler/compilation-dependencies.cc | 84 +- .../src/compiler/compilation-dependencies.h | 10 +- .../compiler-source-position-table.cc | 3 +- .../compiler/const-tracking-let-helpers.cc | 63 +- deps/v8/src/compiler/control-equivalence.h | 2 +- deps/v8/src/compiler/control-path-state.h | 2 +- deps/v8/src/compiler/dead-code-elimination.cc | 2 +- .../src/compiler/decompression-optimizer.cc | 2 +- deps/v8/src/compiler/diamond.h | 2 +- .../src/compiler/escape-analysis-reducer.cc | 5 +- deps/v8/src/compiler/escape-analysis.cc | 2 +- deps/v8/src/compiler/fast-api-calls.cc | 16 +- deps/v8/src/compiler/feedback-source.cc | 2 +- deps/v8/src/compiler/feedback-source.h | 4 +- deps/v8/src/compiler/frame-states.cc | 24 +- deps/v8/src/compiler/frame-states.h | 44 +- deps/v8/src/compiler/graph-reducer.cc | 2 +- deps/v8/src/compiler/graph-reducer.h | 2 +- deps/v8/src/compiler/graph-trimmer.cc | 2 +- deps/v8/src/compiler/heap-refs.cc | 100 +- deps/v8/src/compiler/heap-refs.h | 132 +- deps/v8/src/compiler/int64-lowering.cc | 2 +- deps/v8/src/compiler/int64-lowering.h | 2 +- deps/v8/src/compiler/js-call-reducer.cc | 170 +- deps/v8/src/compiler/js-call-reducer.h | 8 +- .../src/compiler/js-context-specialization.cc | 119 +- .../src/compiler/js-context-specialization.h | 7 +- deps/v8/src/compiler/js-create-lowering.cc | 11 +- deps/v8/src/compiler/js-generic-lowering.cc | 3 + deps/v8/src/compiler/js-graph.cc | 5 + deps/v8/src/compiler/js-graph.h | 2 +- deps/v8/src/compiler/js-heap-broker.cc | 55 +- deps/v8/src/compiler/js-heap-broker.h | 8 +- deps/v8/src/compiler/js-inlining.cc | 23 +- .../js-native-context-specialization.cc | 72 +- .../js-native-context-specialization.h | 4 +- deps/v8/src/compiler/js-operator.cc | 21 +- deps/v8/src/compiler/js-operator.h | 17 +- deps/v8/src/compiler/js-typed-lowering.cc | 106 +- deps/v8/src/compiler/js-typed-lowering.h | 1 + deps/v8/src/compiler/linear-scheduler.cc | 2 +- deps/v8/src/compiler/linkage.cc | 48 +- deps/v8/src/compiler/linkage.h | 20 +- deps/v8/src/compiler/loop-analysis.cc | 2 +- deps/v8/src/compiler/loop-analysis.h | 2 +- deps/v8/src/compiler/loop-peeling.cc | 2 +- .../src/compiler/loop-variable-optimizer.cc | 2 +- .../v8/src/compiler/machine-graph-verifier.cc | 2 +- deps/v8/src/compiler/machine-graph.h | 2 +- .../src/compiler/machine-operator-reducer.cc | 2 +- deps/v8/src/compiler/machine-operator.cc | 11 +- deps/v8/src/compiler/machine-operator.h | 10 +- deps/v8/src/compiler/node-marker.cc | 2 +- deps/v8/src/compiler/node-matchers.h | 15 +- deps/v8/src/compiler/node-origin-table.cc | 3 +- deps/v8/src/compiler/node-properties.cc | 2 +- deps/v8/src/compiler/node-properties.h | 2 +- deps/v8/src/compiler/node.h | 2 +- deps/v8/src/compiler/opcodes.h | 9 +- deps/v8/src/compiler/operation-typer.cc | 2 +- deps/v8/src/compiler/operation-typer.h | 2 +- deps/v8/src/compiler/operator-properties.cc | 1 + deps/v8/src/compiler/operator.h | 4 +- deps/v8/src/compiler/pipeline-data-inl.h | 20 +- deps/v8/src/compiler/pipeline.cc | 184 +- deps/v8/src/compiler/pipeline.h | 10 +- deps/v8/src/compiler/processed-feedback.h | 1 + .../src/compiler/property-access-builder.cc | 20 + .../v8/src/compiler/property-access-builder.h | 2 + deps/v8/src/compiler/raw-machine-assembler.cc | 5 +- deps/v8/src/compiler/raw-machine-assembler.h | 35 +- deps/v8/src/compiler/revectorizer.h | 2 +- deps/v8/src/compiler/scheduler.cc | 2 +- deps/v8/src/compiler/select-lowering.cc | 2 +- .../compiler/simplified-lowering-verifier.cc | 1 + deps/v8/src/compiler/simplified-lowering.cc | 15 +- deps/v8/src/compiler/simplified-operator.cc | 22 +- deps/v8/src/compiler/simplified-operator.h | 5 +- .../src/compiler/string-builder-optimizer.cc | 2 +- deps/v8/src/compiler/turbofan-enabled.cc | 2 +- ...alizer.cc => turbofan-graph-visualizer.cc} | 37 +- ...sualizer.h => turbofan-graph-visualizer.h} | 6 +- .../compiler/{graph.cc => turbofan-graph.cc} | 8 +- .../compiler/{graph.h => turbofan-graph.h} | 8 +- .../compiler/{typer.cc => turbofan-typer.cc} | 91 +- .../compiler/{typer.h => turbofan-typer.h} | 8 +- .../compiler/{types.cc => turbofan-types.cc} | 8 +- .../compiler/{types.h => turbofan-types.h} | 8 +- .../src/compiler/turboshaft/access-builder.h | 2 +- deps/v8/src/compiler/turboshaft/assembler.h | 287 +-- .../block-instrumentation-reducer.h | 4 +- .../turboshaft/branch-elimination-reducer.h | 26 +- .../turboshaft/builtin-call-descriptors.h | 11 + .../src/compiler/turboshaft/copying-phase.h | 3 + .../turboshaft/define-assembler-macros.inc | 11 +- .../fast-api-call-lowering-reducer.h | 39 +- .../src/compiler/turboshaft/graph-builder.cc | 274 ++- .../compiler/turboshaft/graph-visualizer.cc | 4 +- deps/v8/src/compiler/turboshaft/graph.h | 22 + deps/v8/src/compiler/turboshaft/index.h | 18 +- .../turboshaft/instruction-selection-phase.cc | 6 +- .../turboshaft/instruction-selection-phase.h | 3 +- .../turboshaft/int64-lowering-reducer.h | 14 +- .../turboshaft/loop-unrolling-reducer.h | 42 +- .../turboshaft/machine-lowering-reducer-inl.h | 65 +- .../turboshaft/machine-optimization-reducer.h | 422 ++-- .../maglev-early-lowering-reducer-inl.h | 105 +- .../turboshaft/maglev-graph-building-phase.cc | 500 +++-- deps/v8/src/compiler/turboshaft/operations.cc | 43 +- deps/v8/src/compiler/turboshaft/operations.h | 127 +- deps/v8/src/compiler/turboshaft/opmasks.h | 15 + deps/v8/src/compiler/turboshaft/phase.cc | 2 +- deps/v8/src/compiler/turboshaft/phase.h | 48 +- deps/v8/src/compiler/turboshaft/pipelines.h | 19 +- .../compiler/turboshaft/recreate-schedule.cc | 12 +- .../src/compiler/turboshaft/reducer-traits.h | 85 +- .../src/compiler/turboshaft/representations.h | 32 + .../turboshaft/simplified-lowering-phase.cc | 16 - .../turboshaft/simplified-lowering-phase.h | 20 - .../turboshaft/simplified-lowering-reducer.h | 102 - .../store-store-elimination-reducer-inl.h | 5 +- deps/v8/src/compiler/turboshaft/tracing.h | 2 +- .../turboshaft/type-inference-analysis.h | 8 + deps/v8/src/compiler/turboshaft/typer.h | 3 +- deps/v8/src/compiler/turboshaft/types.h | 21 +- .../wasm-gc-typed-optimization-reducer.cc | 158 +- .../wasm-gc-typed-optimization-reducer.h | 126 +- .../wasm-in-js-inlining-reducer-inl.h | 18 +- .../wasm-load-elimination-reducer.h | 13 +- .../turboshaft/wasm-lowering-reducer.h | 95 +- .../compiler/turboshaft/wasm-revec-reducer.cc | 381 +++- .../compiler/turboshaft/wasm-revec-reducer.h | 315 ++- .../turboshaft/wasm-turboshaft-compiler.cc | 2 +- deps/v8/src/compiler/type-cache.h | 8 +- deps/v8/src/compiler/verifier.cc | 31 +- .../compiler/wasm-address-reassociation.cc | 2 +- .../src/compiler/wasm-compiler-definitions.cc | 10 +- .../src/compiler/wasm-compiler-definitions.h | 12 +- deps/v8/src/compiler/wasm-compiler.cc | 651 +++--- deps/v8/src/compiler/wasm-compiler.h | 79 +- deps/v8/src/compiler/wasm-gc-lowering.cc | 24 +- deps/v8/src/compiler/wasm-graph-assembler.cc | 28 +- deps/v8/src/compiler/wasm-inlining-into-js.cc | 13 +- deps/v8/src/compiler/wasm-inlining.cc | 9 +- deps/v8/src/compiler/wasm-load-elimination.cc | 2 +- deps/v8/src/compiler/wasm-typer.cc | 8 +- deps/v8/src/d8/d8-platforms.cc | 24 +- deps/v8/src/d8/d8-test.cc | 26 +- deps/v8/src/d8/d8.cc | 211 +- deps/v8/src/d8/d8.h | 7 + deps/v8/src/date/date.cc | 197 +- deps/v8/src/date/date.h | 73 +- deps/v8/src/debug/debug-coverage.cc | 3 +- deps/v8/src/debug/debug-evaluate.cc | 17 +- deps/v8/src/debug/debug-frames.cc | 6 +- deps/v8/src/debug/debug-interface.cc | 54 +- deps/v8/src/debug/debug-interface.h | 10 +- deps/v8/src/debug/debug-scopes.cc | 2 +- .../src/debug/debug-stack-trace-iterator.cc | 4 +- deps/v8/src/debug/debug-wasm-objects.cc | 21 +- deps/v8/src/debug/debug.cc | 22 +- deps/v8/src/debug/debug.h | 7 +- deps/v8/src/debug/interface-types.h | 3 +- deps/v8/src/debug/liveedit.cc | 2 +- .../wasm/gdb-server/wasm-module-debug.cc | 18 +- .../v8/src/deoptimizer/arm/deoptimizer-arm.cc | 2 + .../deoptimizer/arm64/deoptimizer-arm64.cc | 6 +- deps/v8/src/deoptimizer/deoptimize-reason.h | 1 + .../deoptimizer/deoptimizer-cfi-builtins.cc | 77 - .../src/deoptimizer/deoptimizer-cfi-empty.cc | 16 - deps/v8/src/deoptimizer/deoptimizer.cc | 264 ++- deps/v8/src/deoptimizer/deoptimizer.h | 26 +- deps/v8/src/deoptimizer/frame-description.h | 5 + .../deoptimizer/frame-translation-builder.cc | 16 +- .../deoptimizer/frame-translation-builder.h | 4 +- .../src/deoptimizer/ia32/deoptimizer-ia32.cc | 2 + .../loong64/deoptimizer-loong64.cc | 2 + .../deoptimizer/mips64/deoptimizer-mips64.cc | 2 + .../v8/src/deoptimizer/ppc/deoptimizer-ppc.cc | 2 + .../deoptimizer/riscv/deoptimizer-riscv.cc | 2 + .../src/deoptimizer/s390/deoptimizer-s390.cc | 2 + deps/v8/src/deoptimizer/translated-state.cc | 162 +- deps/v8/src/deoptimizer/translated-state.h | 54 +- deps/v8/src/deoptimizer/translation-opcode.h | 12 +- .../v8/src/deoptimizer/x64/deoptimizer-x64.cc | 9 + deps/v8/src/diagnostics/etw-debug-win.cc | 20 + deps/v8/src/diagnostics/etw-debug-win.h | 32 + .../etw-isolate-capture-state-monitor-win.cc | 68 + .../etw-isolate-capture-state-monitor-win.h | 44 + .../v8/src/diagnostics/etw-jit-metadata-win.h | 4 + deps/v8/src/diagnostics/etw-jit-win.cc | 237 +- deps/v8/src/diagnostics/gdb-jit.cc | 10 +- deps/v8/src/diagnostics/objects-debug.cc | 138 +- deps/v8/src/diagnostics/objects-printer.cc | 254 ++- deps/v8/src/diagnostics/perf-jit.cc | 8 +- deps/v8/src/diagnostics/s390/disasm-s390.cc | 4 +- .../src/diagnostics/unwinding-info-win64.cc | 6 +- deps/v8/src/diagnostics/x64/disasm-x64.cc | 2 +- deps/v8/src/execution/arguments-inl.h | 2 +- deps/v8/src/execution/arguments.h | 2 +- deps/v8/src/execution/arm/simulator-arm.cc | 2 +- deps/v8/src/execution/arm/simulator-arm.h | 8 +- .../arm64/pointer-authentication-arm64.h | 4 +- .../v8/src/execution/arm64/simulator-arm64.cc | 7 +- deps/v8/src/execution/arm64/simulator-arm64.h | 8 +- deps/v8/src/execution/execution.cc | 19 +- deps/v8/src/execution/execution.h | 6 +- deps/v8/src/execution/frame-constants.h | 75 +- deps/v8/src/execution/frames-inl.h | 39 +- deps/v8/src/execution/frames.cc | 395 ++-- deps/v8/src/execution/frames.h | 137 +- deps/v8/src/execution/isolate-data.h | 12 +- deps/v8/src/execution/isolate-inl.h | 7 +- deps/v8/src/execution/isolate-utils-inl.h | 20 +- deps/v8/src/execution/isolate.cc | 548 ++--- deps/v8/src/execution/isolate.h | 114 +- deps/v8/src/execution/local-isolate.h | 4 + .../execution/loong64/simulator-loong64.cc | 7 +- .../src/execution/loong64/simulator-loong64.h | 8 +- deps/v8/src/execution/messages.cc | 37 +- deps/v8/src/execution/messages.h | 5 +- .../src/execution/mips64/simulator-mips64.cc | 7 +- .../src/execution/mips64/simulator-mips64.h | 8 +- deps/v8/src/execution/ppc/simulator-ppc.cc | 32 +- deps/v8/src/execution/ppc/simulator-ppc.h | 8 +- .../v8/src/execution/riscv/simulator-riscv.cc | 43 +- deps/v8/src/execution/riscv/simulator-riscv.h | 18 +- .../execution/s390/frame-constants-s390.cc | 4 +- .../src/execution/s390/frame-constants-s390.h | 4 - deps/v8/src/execution/s390/simulator-s390.cc | 167 +- deps/v8/src/execution/s390/simulator-s390.h | 12 +- deps/v8/src/execution/simulator-base.h | 2 +- deps/v8/src/execution/simulator.h | 22 +- deps/v8/src/execution/stack-guard.cc | 40 +- deps/v8/src/execution/stack-guard.h | 10 +- deps/v8/src/execution/tiering-manager.cc | 35 +- deps/v8/src/execution/vm-state-inl.h | 14 +- deps/v8/src/execution/vm-state.h | 6 +- .../src/extensions/cputracemark-extension.h | 4 +- .../externalize-string-extension.cc | 9 +- deps/v8/src/extensions/gc-extension.h | 4 +- .../vtunedomain-support-extension.h | 4 +- deps/v8/src/flags/flag-definitions.h | 202 +- deps/v8/src/flags/flags.cc | 94 +- deps/v8/src/fuzzilli/fuzzilli.h | 4 +- deps/v8/src/handles/global-handles-inl.h | 2 +- deps/v8/src/handles/global-handles.cc | 26 +- deps/v8/src/handles/global-handles.h | 18 +- deps/v8/src/handles/handles-inl.h | 68 +- deps/v8/src/handles/handles.cc | 42 +- deps/v8/src/handles/handles.h | 223 +- deps/v8/src/handles/local-handles-inl.h | 6 +- deps/v8/src/handles/local-handles.h | 11 +- deps/v8/src/handles/maybe-handles-inl.h | 62 +- deps/v8/src/handles/maybe-handles.h | 74 +- deps/v8/src/handles/persistent-handles.cc | 8 +- deps/v8/src/handles/persistent-handles.h | 8 +- deps/v8/src/handles/traced-handles-inl.h | 5 +- deps/v8/src/handles/traced-handles.cc | 41 +- deps/v8/src/heap/array-buffer-sweeper.cc | 143 +- deps/v8/src/heap/array-buffer-sweeper.h | 14 +- .../heap/base/asm/arm64/push_registers_asm.cc | 12 +- deps/v8/src/heap/base/bytes.h | 32 + deps/v8/src/heap/base/stack.h | 6 - deps/v8/src/heap/concurrent-marking.cc | 11 +- deps/v8/src/heap/cppgc-js/cpp-heap.cc | 38 +- deps/v8/src/heap/cppgc-js/cpp-heap.h | 2 + deps/v8/src/heap/cppgc-js/cpp-snapshot.cc | 3 + .../heap/cppgc-js/cross-heap-remembered-set.h | 4 +- deps/v8/src/heap/cppgc/heap-base.cc | 8 +- deps/v8/src/heap/cppgc/heap-base.h | 11 +- deps/v8/src/heap/cppgc/marker.cc | 19 +- deps/v8/src/heap/cppgc/marking-verifier.cc | 76 + deps/v8/src/heap/cppgc/marking-verifier.h | 5 + deps/v8/src/heap/cppgc/object-allocator.cc | 51 +- deps/v8/src/heap/cppgc/persistent-node.cc | 9 +- deps/v8/src/heap/cppgc/pointer-policies.cc | 2 +- .../v8/src/heap/cppgc/prefinalizer-handler.cc | 7 +- deps/v8/src/heap/cppgc/prefinalizer-handler.h | 3 - deps/v8/src/heap/cppgc/stats-collector.h | 14 +- deps/v8/src/heap/cppgc/sweeper.cc | 714 +++--- deps/v8/src/heap/cppgc/sweeper.h | 5 +- deps/v8/src/heap/ephemeron-remembered-set.cc | 4 +- deps/v8/src/heap/evacuation-verifier-inl.h | 5 +- deps/v8/src/heap/evacuation-verifier.cc | 3 +- deps/v8/src/heap/factory-base.cc | 56 +- deps/v8/src/heap/factory-base.h | 3 +- deps/v8/src/heap/factory-inl.h | 5 +- deps/v8/src/heap/factory.cc | 243 +- deps/v8/src/heap/factory.h | 77 +- .../finalization-registry-cleanup-task.cc | 5 +- deps/v8/src/heap/free-list.cc | 32 +- deps/v8/src/heap/free-list.h | 5 + deps/v8/src/heap/gc-tracer.cc | 138 +- deps/v8/src/heap/gc-tracer.h | 70 +- deps/v8/src/heap/heap-allocator.cc | 21 + deps/v8/src/heap/heap-allocator.h | 8 +- deps/v8/src/heap/heap-controller.cc | 7 +- deps/v8/src/heap/heap-controller.h | 2 +- deps/v8/src/heap/heap-inl.h | 121 +- deps/v8/src/heap/heap-layout-inl.h | 102 + deps/v8/src/heap/heap-layout.cc | 40 + deps/v8/src/heap/heap-layout.h | 67 + deps/v8/src/heap/heap-utils-inl.h | 20 + deps/v8/src/heap/heap-utils.h | 23 + deps/v8/src/heap/heap-verifier.cc | 85 +- ...ects-visiting-inl.h => heap-visitor-inl.h} | 269 ++- .../{objects-visiting.cc => heap-visitor.cc} | 6 +- .../{objects-visiting.h => heap-visitor.h} | 135 +- deps/v8/src/heap/heap-write-barrier-inl.h | 134 +- deps/v8/src/heap/heap-write-barrier.cc | 124 +- deps/v8/src/heap/heap-write-barrier.h | 31 +- deps/v8/src/heap/heap.cc | 414 ++-- deps/v8/src/heap/heap.h | 121 +- deps/v8/src/heap/incremental-marking-inl.h | 2 + deps/v8/src/heap/incremental-marking.cc | 98 +- deps/v8/src/heap/incremental-marking.h | 2 +- deps/v8/src/heap/large-page-metadata.cc | 2 + deps/v8/src/heap/large-spaces.cc | 3 +- deps/v8/src/heap/live-object-range-inl.h | 107 + deps/v8/src/heap/live-object-range.h | 66 + deps/v8/src/heap/local-heap.cc | 36 +- deps/v8/src/heap/local-heap.h | 36 +- deps/v8/src/heap/main-allocator-inl.h | 2 +- deps/v8/src/heap/main-allocator.cc | 36 +- deps/v8/src/heap/main-allocator.h | 5 +- deps/v8/src/heap/mark-compact-inl.h | 2 +- deps/v8/src/heap/mark-compact.cc | 433 ++-- deps/v8/src/heap/mark-compact.h | 4 + deps/v8/src/heap/mark-sweep-utilities.cc | 9 +- deps/v8/src/heap/marking-barrier-inl.h | 29 +- deps/v8/src/heap/marking-barrier.cc | 56 +- deps/v8/src/heap/marking-barrier.h | 11 + deps/v8/src/heap/marking-inl.h | 101 +- deps/v8/src/heap/marking-visitor-inl.h | 136 +- deps/v8/src/heap/marking-visitor.h | 66 +- deps/v8/src/heap/marking.h | 49 - deps/v8/src/heap/memory-allocator.cc | 53 +- deps/v8/src/heap/memory-allocator.h | 6 - deps/v8/src/heap/memory-chunk-layout.cc | 86 - deps/v8/src/heap/memory-chunk-layout.h | 71 +- deps/v8/src/heap/memory-chunk.h | 30 +- deps/v8/src/heap/memory-measurement.cc | 81 +- deps/v8/src/heap/memory-measurement.h | 4 +- deps/v8/src/heap/minor-gc-job.cc | 4 +- deps/v8/src/heap/minor-mark-sweep.cc | 19 +- deps/v8/src/heap/mutable-page-metadata.cc | 15 +- deps/v8/src/heap/mutable-page-metadata.h | 9 +- deps/v8/src/heap/new-spaces.cc | 31 +- deps/v8/src/heap/new-spaces.h | 39 +- deps/v8/src/heap/object-stats.cc | 14 +- deps/v8/src/heap/page-metadata.cc | 6 +- deps/v8/src/heap/paged-spaces.cc | 11 +- deps/v8/src/heap/paged-spaces.h | 6 +- deps/v8/src/heap/pretenuring-handler-inl.h | 58 +- deps/v8/src/heap/pretenuring-handler.cc | 15 +- deps/v8/src/heap/pretenuring-handler.h | 11 +- deps/v8/src/heap/read-only-heap-inl.h | 12 +- deps/v8/src/heap/read-only-heap.cc | 131 +- deps/v8/src/heap/read-only-heap.h | 50 +- deps/v8/src/heap/read-only-promotion.cc | 26 +- deps/v8/src/heap/read-only-spaces.cc | 315 +-- deps/v8/src/heap/read-only-spaces.h | 87 +- deps/v8/src/heap/safepoint.cc | 9 + deps/v8/src/heap/safepoint.h | 7 + deps/v8/src/heap/scavenger-inl.h | 58 +- deps/v8/src/heap/scavenger.cc | 241 +- deps/v8/src/heap/scavenger.h | 47 +- deps/v8/src/heap/setup-heap-internal.cc | 107 +- deps/v8/src/heap/spaces-inl.h | 4 +- deps/v8/src/heap/sweeper.cc | 111 +- deps/v8/src/heap/sweeper.h | 6 + deps/v8/src/heap/visit-object.cc | 161 ++ deps/v8/src/heap/visit-object.h | 28 + deps/v8/src/heap/weak-object-worklists.cc | 7 +- deps/v8/src/heap/weak-object-worklists.h | 15 +- .../young-generation-marking-visitor-inl.h | 36 +- .../heap/young-generation-marking-visitor.h | 15 +- deps/v8/src/ic/accessor-assembler.cc | 39 +- deps/v8/src/ic/accessor-assembler.h | 8 +- deps/v8/src/ic/ic-stats.cc | 4 +- deps/v8/src/ic/ic.cc | 150 +- deps/v8/src/ic/ic.h | 14 +- deps/v8/src/ic/keyed-store-generic.cc | 7 +- deps/v8/src/ic/stub-cache.cc | 4 +- deps/v8/src/init/bootstrapper.cc | 701 +++--- deps/v8/src/init/bootstrapper.h | 12 +- deps/v8/src/init/heap-symbols.h | 1 - deps/v8/src/init/isolate-group.cc | 20 + deps/v8/src/init/isolate-group.h | 57 + deps/v8/src/init/v8.cc | 2 +- deps/v8/src/inspector/custom-preview.cc | 6 +- deps/v8/src/inspector/custom-preview.h | 6 +- deps/v8/src/inspector/injected-script.cc | 6 +- deps/v8/src/inspector/string-util.cc | 15 +- deps/v8/src/inspector/string-util.h | 11 +- deps/v8/src/inspector/v8-console.cc | 6 - .../src/inspector/v8-debugger-agent-impl.cc | 91 +- .../v8/src/inspector/v8-debugger-agent-impl.h | 7 +- deps/v8/src/inspector/v8-debugger-script.cc | 15 +- deps/v8/src/inspector/v8-debugger-script.h | 5 +- deps/v8/src/inspector/v8-debugger.cc | 50 +- deps/v8/src/inspector/v8-debugger.h | 17 +- .../inspector/v8-heap-profiler-agent-impl.cc | 5 +- deps/v8/src/inspector/v8-inspector-impl.cc | 9 - deps/v8/src/inspector/v8-stack-trace-impl.cc | 37 +- .../src/interpreter/bytecode-array-builder.cc | 66 +- .../src/interpreter/bytecode-array-builder.h | 9 +- deps/v8/src/interpreter/bytecode-generator.cc | 160 +- deps/v8/src/interpreter/bytecode-generator.h | 7 +- deps/v8/src/interpreter/bytecodes.h | 9 + .../src/interpreter/constant-array-builder.cc | 15 + .../src/interpreter/constant-array-builder.h | 7 +- .../src/interpreter/interpreter-assembler.cc | 7 +- .../src/interpreter/interpreter-generator.cc | 56 +- deps/v8/src/json/json-parser.cc | 47 +- deps/v8/src/json/json-parser.h | 1 + deps/v8/src/json/json-stringifier.cc | 211 +- deps/v8/src/json/json-stringifier.h | 4 +- .../default-foreground-task-runner.cc | 8 +- deps/v8/src/libsampler/sampler.cc | 11 +- deps/v8/src/logging/code-events.h | 8 +- deps/v8/src/logging/log.cc | 48 +- deps/v8/src/logging/log.h | 13 +- deps/v8/src/logging/runtime-call-stats.cc | 2 +- deps/v8/src/logging/runtime-call-stats.h | 4 +- .../src/maglev/arm/maglev-assembler-arm-inl.h | 20 +- .../v8/src/maglev/arm/maglev-assembler-arm.cc | 2 +- .../maglev/arm64/maglev-assembler-arm64-inl.h | 21 +- .../maglev/arm64/maglev-assembler-arm64.cc | 5 +- deps/v8/src/maglev/maglev-assembler-inl.h | 66 +- deps/v8/src/maglev/maglev-assembler.cc | 32 +- deps/v8/src/maglev/maglev-assembler.h | 66 +- deps/v8/src/maglev/maglev-code-generator.cc | 140 +- deps/v8/src/maglev/maglev-code-generator.h | 5 +- deps/v8/src/maglev/maglev-compilation-info.cc | 12 +- deps/v8/src/maglev/maglev-compilation-info.h | 23 +- deps/v8/src/maglev/maglev-compiler.cc | 47 +- .../maglev/maglev-concurrent-dispatcher.cc | 11 +- .../src/maglev/maglev-concurrent-dispatcher.h | 4 +- deps/v8/src/maglev/maglev-graph-builder.cc | 963 +++++--- deps/v8/src/maglev/maglev-graph-builder.h | 79 +- deps/v8/src/maglev/maglev-graph-printer.cc | 23 + deps/v8/src/maglev/maglev-graph.h | 54 +- .../maglev/maglev-interpreter-frame-state.cc | 115 +- .../maglev/maglev-interpreter-frame-state.h | 77 +- deps/v8/src/maglev/maglev-ir-inl.h | 24 +- deps/v8/src/maglev/maglev-ir.cc | 389 +++- deps/v8/src/maglev/maglev-ir.h | 274 ++- .../maglev-phi-representation-selector.cc | 214 +- .../maglev-phi-representation-selector.h | 46 +- ...maglev-post-hoc-optimizations-processors.h | 18 +- deps/v8/src/maglev/maglev-regalloc.cc | 12 +- .../maglev/riscv/maglev-assembler-riscv-inl.h | 1967 +++++++++++++++++ .../maglev/riscv/maglev-assembler-riscv.cc | 619 ++++++ deps/v8/src/maglev/riscv/maglev-ir-riscv.cc | 939 ++++++++ .../maglev/s390/maglev-assembler-s390-inl.h | 31 +- .../src/maglev/s390/maglev-assembler-s390.cc | 2 +- .../src/maglev/x64/maglev-assembler-x64-inl.h | 29 +- .../v8/src/maglev/x64/maglev-assembler-x64.cc | 5 +- deps/v8/src/numbers/conversions.cc | 22 +- deps/v8/src/numbers/conversions.h | 2 +- deps/v8/src/objects/all-objects-inl.h | 1 - deps/v8/src/objects/arguments-inl.h | 41 +- deps/v8/src/objects/arguments.h | 50 +- deps/v8/src/objects/arguments.tq | 2 +- deps/v8/src/objects/backing-store.cc | 64 +- deps/v8/src/objects/bigint-inl.h | 18 - deps/v8/src/objects/bigint.cc | 193 +- deps/v8/src/objects/bigint.h | 36 +- deps/v8/src/objects/bytecode-array-inl.h | 6 +- deps/v8/src/objects/bytecode-array.h | 1 + deps/v8/src/objects/call-site-info.cc | 3 +- deps/v8/src/objects/casting.h | 128 +- deps/v8/src/objects/code-inl.h | 7 +- deps/v8/src/objects/code-kind.cc | 2 +- deps/v8/src/objects/code-kind.h | 22 +- deps/v8/src/objects/code.cc | 9 +- .../src/objects/compilation-cache-table-inl.h | 5 - .../v8/src/objects/compilation-cache-table.cc | 9 +- deps/v8/src/objects/compilation-cache-table.h | 7 +- deps/v8/src/objects/compressed-slots.h | 4 +- deps/v8/src/objects/contexts-inl.h | 18 +- deps/v8/src/objects/contexts.cc | 178 +- deps/v8/src/objects/contexts.h | 61 +- deps/v8/src/objects/contexts.tq | 190 +- deps/v8/src/objects/data-handler-inl.h | 12 +- deps/v8/src/objects/debug-objects-inl.h | 17 +- deps/v8/src/objects/debug-objects.cc | 49 +- deps/v8/src/objects/debug-objects.h | 23 +- deps/v8/src/objects/debug-objects.tq | 44 +- deps/v8/src/objects/deoptimization-data-inl.h | 31 +- deps/v8/src/objects/deoptimization-data.cc | 18 +- deps/v8/src/objects/deoptimization-data.h | 51 +- deps/v8/src/objects/dependent-code-inl.h | 7 +- deps/v8/src/objects/dependent-code.cc | 14 +- deps/v8/src/objects/dependent-code.h | 4 +- deps/v8/src/objects/descriptor-array-inl.h | 64 +- deps/v8/src/objects/descriptor-array.h | 5 + deps/v8/src/objects/dictionary-inl.h | 50 +- deps/v8/src/objects/dictionary.h | 18 - deps/v8/src/objects/elements-kind.cc | 5 +- deps/v8/src/objects/elements-kind.h | 62 +- deps/v8/src/objects/elements.cc | 94 +- deps/v8/src/objects/elements.h | 5 +- deps/v8/src/objects/embedder-data-slot-inl.h | 21 +- deps/v8/src/objects/embedder-data-slot.h | 12 +- deps/v8/src/objects/feedback-cell-inl.h | 4 +- deps/v8/src/objects/feedback-vector-inl.h | 103 +- deps/v8/src/objects/feedback-vector.cc | 73 +- deps/v8/src/objects/feedback-vector.h | 29 +- deps/v8/src/objects/feedback-vector.tq | 21 +- deps/v8/src/objects/field-index-inl.h | 9 +- deps/v8/src/objects/fixed-array-inl.h | 492 ++--- deps/v8/src/objects/fixed-array.cc | 8 +- deps/v8/src/objects/fixed-array.h | 422 ++-- deps/v8/src/objects/fixed-array.tq | 40 +- deps/v8/src/objects/foreign-inl.h | 7 +- deps/v8/src/objects/free-space-inl.h | 10 +- deps/v8/src/objects/function-kind.h | 8 - deps/v8/src/objects/hash-table-inl.h | 80 +- deps/v8/src/objects/hash-table.h | 35 +- deps/v8/src/objects/heap-number.h | 2 + deps/v8/src/objects/heap-object.h | 116 +- deps/v8/src/objects/instance-type.h | 32 +- deps/v8/src/objects/instruction-stream-inl.h | 22 +- deps/v8/src/objects/instruction-stream.h | 1 - deps/v8/src/objects/intl-objects.cc | 9 +- deps/v8/src/objects/js-array-buffer-inl.h | 1 + deps/v8/src/objects/js-array-buffer.cc | 2 +- deps/v8/src/objects/js-array-buffer.h | 56 +- deps/v8/src/objects/js-array.h | 2 +- deps/v8/src/objects/js-array.tq | 4 +- .../objects/js-atomics-synchronization-inl.h | 2 + .../src/objects/js-atomics-synchronization.cc | 19 +- deps/v8/src/objects/js-disposable-stack-inl.h | 3 +- deps/v8/src/objects/js-disposable-stack.cc | 206 +- deps/v8/src/objects/js-disposable-stack.h | 4 +- deps/v8/src/objects/js-duration-format.cc | 9 +- deps/v8/src/objects/js-function-inl.h | 25 +- deps/v8/src/objects/js-function.cc | 30 +- deps/v8/src/objects/js-function.h | 14 +- deps/v8/src/objects/js-number-format.cc | 45 +- deps/v8/src/objects/js-objects-inl.h | 34 +- deps/v8/src/objects/js-objects.cc | 188 +- deps/v8/src/objects/js-objects.h | 24 +- deps/v8/src/objects/js-objects.tq | 4 +- deps/v8/src/objects/js-plural-rules.cc | 34 +- deps/v8/src/objects/js-proxy.h | 6 +- deps/v8/src/objects/js-regexp.cc | 2 +- deps/v8/src/objects/js-regexp.h | 2 + deps/v8/src/objects/js-struct.cc | 7 +- deps/v8/src/objects/js-temporal-objects.cc | 10 +- deps/v8/src/objects/js-weak-refs-inl.h | 3 +- deps/v8/src/objects/literal-objects-inl.h | 18 +- deps/v8/src/objects/literal-objects.cc | 5 +- deps/v8/src/objects/literal-objects.h | 19 +- deps/v8/src/objects/literal-objects.tq | 6 +- deps/v8/src/objects/lookup-inl.h | 44 +- deps/v8/src/objects/lookup.cc | 57 +- deps/v8/src/objects/lookup.h | 30 +- deps/v8/src/objects/managed-inl.h | 6 +- deps/v8/src/objects/managed.cc | 4 +- deps/v8/src/objects/managed.h | 2 + deps/v8/src/objects/map-inl.h | 65 +- deps/v8/src/objects/map-updater.cc | 3 +- deps/v8/src/objects/map-updater.h | 4 +- deps/v8/src/objects/map.cc | 175 +- deps/v8/src/objects/map.h | 59 +- deps/v8/src/objects/map.tq | 4 +- deps/v8/src/objects/megadom-handler-inl.h | 3 +- deps/v8/src/objects/megadom-handler.h | 2 +- deps/v8/src/objects/module-inl.h | 2 - deps/v8/src/objects/module.cc | 4 +- deps/v8/src/objects/name-inl.h | 7 +- deps/v8/src/objects/name.h | 1 + deps/v8/src/objects/object-list-macros.h | 4 +- deps/v8/src/objects/object-macros-undef.h | 53 +- deps/v8/src/objects/object-macros.h | 278 +-- .../objects/objects-body-descriptors-inl.h | 409 +--- deps/v8/src/objects/objects-definitions.h | 1 + deps/v8/src/objects/objects-inl.h | 187 +- deps/v8/src/objects/objects.cc | 210 +- deps/v8/src/objects/objects.h | 30 +- deps/v8/src/objects/ordered-hash-table-inl.h | 19 - deps/v8/src/objects/ordered-hash-table.cc | 16 +- deps/v8/src/objects/ordered-hash-table.h | 9 - deps/v8/src/objects/property-cell-inl.h | 14 +- deps/v8/src/objects/property-cell.h | 50 +- deps/v8/src/objects/property-cell.tq | 12 +- deps/v8/src/objects/property-descriptor.cc | 41 +- deps/v8/src/objects/property-descriptor.h | 23 +- deps/v8/src/objects/prototype-inl.h | 9 +- deps/v8/src/objects/prototype.h | 8 +- deps/v8/src/objects/regexp-match-info-inl.h | 30 +- deps/v8/src/objects/regexp-match-info.h | 29 +- deps/v8/src/objects/regexp-match-info.tq | 2 +- deps/v8/src/objects/scope-info.cc | 17 +- deps/v8/src/objects/scope-info.h | 2 - .../v8/src/objects/shared-function-info-inl.h | 35 +- deps/v8/src/objects/shared-function-info.cc | 14 +- deps/v8/src/objects/shared-function-info.h | 11 +- deps/v8/src/objects/shared-function-info.tq | 6 +- deps/v8/src/objects/simd.cc | 37 +- deps/v8/src/objects/slots-inl.h | 9 +- deps/v8/src/objects/slots.h | 19 +- deps/v8/src/objects/source-text-module.cc | 4 +- deps/v8/src/objects/source-text-module.h | 2 - .../src/objects/string-forwarding-table-inl.h | 8 +- .../v8/src/objects/string-forwarding-table.cc | 11 +- deps/v8/src/objects/string-inl.h | 85 +- deps/v8/src/objects/string-set-inl.h | 4 - deps/v8/src/objects/string-set.h | 6 +- deps/v8/src/objects/string-table-inl.h | 2 +- deps/v8/src/objects/string-table.cc | 17 +- deps/v8/src/objects/string-table.h | 6 +- deps/v8/src/objects/string.cc | 264 +-- deps/v8/src/objects/string.h | 191 +- .../src/objects/swiss-name-dictionary-inl.h | 2 +- deps/v8/src/objects/swiss-name-dictionary.cc | 10 +- deps/v8/src/objects/tagged-field-inl.h | 100 +- deps/v8/src/objects/tagged-field.h | 32 +- deps/v8/src/objects/tagged-impl-inl.h | 23 +- deps/v8/src/objects/tagged-impl.cc | 6 +- deps/v8/src/objects/tagged-impl.h | 8 +- deps/v8/src/objects/tagged-value-inl.h | 8 +- deps/v8/src/objects/tagged.h | 20 +- deps/v8/src/objects/templates.cc | 13 +- deps/v8/src/objects/transitions-inl.h | 103 +- deps/v8/src/objects/transitions.cc | 7 +- deps/v8/src/objects/transitions.h | 20 +- deps/v8/src/objects/trusted-object.h | 5 + deps/v8/src/objects/turbofan-types-inl.h | 1 + deps/v8/src/objects/value-serializer.cc | 13 +- deps/v8/src/objects/visitors-inl.h | 33 +- deps/v8/src/objects/visitors.h | 22 +- ...ort-assertions.cc => import-attributes.cc} | 2 +- ...mport-assertions.h => import-attributes.h} | 6 +- deps/v8/src/parsing/parser-base.h | 56 +- deps/v8/src/parsing/parser.cc | 201 +- deps/v8/src/parsing/parser.h | 10 +- deps/v8/src/parsing/parsing.cc | 4 +- .../pending-compilation-error-handler.cc | 5 +- deps/v8/src/parsing/preparser.h | 8 +- .../src/parsing/scanner-character-streams.cc | 11 +- deps/v8/src/profiler/cpu-profiler.cc | 3 +- deps/v8/src/profiler/heap-profiler.cc | 9 +- deps/v8/src/profiler/heap-profiler.h | 5 +- .../profiler/heap-snapshot-generator-inl.h | 4 +- .../src/profiler/heap-snapshot-generator.cc | 70 +- .../v8/src/profiler/heap-snapshot-generator.h | 4 +- deps/v8/src/profiler/profiler-listener.cc | 3 +- deps/v8/src/profiler/profiler-listener.h | 4 +- .../v8/src/profiler/sampling-heap-profiler.cc | 11 +- deps/v8/src/profiler/strings-storage.cc | 24 +- deps/v8/src/profiler/tick-sample.cc | 4 +- .../regexp/arm/regexp-macro-assembler-arm.cc | 18 +- .../regexp/arm/regexp-macro-assembler-arm.h | 4 +- .../arm64/regexp-macro-assembler-arm64.cc | 31 +- .../arm64/regexp-macro-assembler-arm64.h | 4 +- .../src/regexp/experimental/experimental.cc | 25 +- .../ia32/regexp-macro-assembler-ia32.cc | 13 +- .../regexp/ia32/regexp-macro-assembler-ia32.h | 4 +- .../loong64/regexp-macro-assembler-loong64.cc | 11 +- .../loong64/regexp-macro-assembler-loong64.h | 4 +- .../mips64/regexp-macro-assembler-mips64.cc | 13 +- .../mips64/regexp-macro-assembler-mips64.h | 4 +- .../regexp/ppc/regexp-macro-assembler-ppc.cc | 16 +- .../regexp/ppc/regexp-macro-assembler-ppc.h | 4 +- .../src/regexp/regexp-bytecode-generator.cc | 3 +- .../v8/src/regexp/regexp-bytecode-generator.h | 4 +- deps/v8/src/regexp/regexp-compiler.cc | 17 +- deps/v8/src/regexp/regexp-compiler.h | 4 +- .../src/regexp/regexp-macro-assembler-arch.h | 2 +- .../regexp/regexp-macro-assembler-tracer.cc | 11 +- .../regexp/regexp-macro-assembler-tracer.h | 9 +- deps/v8/src/regexp/regexp-macro-assembler.h | 8 +- deps/v8/src/regexp/regexp-nodes.h | 2 +- deps/v8/src/regexp/regexp-parser.cc | 6 +- deps/v8/src/regexp/regexp-result-vector.cc | 49 + deps/v8/src/regexp/regexp-result-vector.h | 37 + deps/v8/src/regexp/regexp-stack.cc | 6 +- deps/v8/src/regexp/regexp-stack.h | 32 +- deps/v8/src/regexp/regexp-utils.cc | 25 +- deps/v8/src/regexp/regexp-utils.h | 2 +- deps/v8/src/regexp/regexp.cc | 207 +- deps/v8/src/regexp/regexp.h | 41 +- .../riscv/regexp-macro-assembler-riscv.cc | 11 +- .../riscv/regexp-macro-assembler-riscv.h | 4 +- .../s390/regexp-macro-assembler-s390.cc | 24 +- .../regexp/s390/regexp-macro-assembler-s390.h | 4 +- .../regexp/x64/regexp-macro-assembler-x64.cc | 43 +- .../regexp/x64/regexp-macro-assembler-x64.h | 4 +- deps/v8/src/roots/roots-inl.h | 17 +- deps/v8/src/roots/roots.cc | 6 +- deps/v8/src/roots/roots.h | 24 +- deps/v8/src/roots/static-roots.h | 1536 ++++++------- deps/v8/src/runtime/runtime-array.cc | 2 +- deps/v8/src/runtime/runtime-atomics.cc | 9 +- deps/v8/src/runtime/runtime-classes.cc | 39 +- deps/v8/src/runtime/runtime-compiler.cc | 15 +- deps/v8/src/runtime/runtime-function.cc | 5 +- deps/v8/src/runtime/runtime-generator.cc | 15 +- deps/v8/src/runtime/runtime-internal.cc | 19 +- deps/v8/src/runtime/runtime-literals.cc | 5 +- deps/v8/src/runtime/runtime-module.cc | 16 +- deps/v8/src/runtime/runtime-object.cc | 59 +- deps/v8/src/runtime/runtime-proxy.cc | 4 +- deps/v8/src/runtime/runtime-regexp.cc | 238 +- deps/v8/src/runtime/runtime-scopes.cc | 81 +- deps/v8/src/runtime/runtime-shadow-realm.cc | 4 +- deps/v8/src/runtime/runtime-strings.cc | 4 +- deps/v8/src/runtime/runtime-test-wasm.cc | 186 +- deps/v8/src/runtime/runtime-test.cc | 100 +- deps/v8/src/runtime/runtime-trace.cc | 12 +- deps/v8/src/runtime/runtime-typedarray.cc | 4 +- deps/v8/src/runtime/runtime-wasm.cc | 307 ++- deps/v8/src/runtime/runtime.cc | 5 +- deps/v8/src/runtime/runtime.h | 145 +- deps/v8/src/sandbox/code-pointer-inl.h | 6 +- deps/v8/src/sandbox/code-pointer-table.cc | 3 - deps/v8/src/sandbox/code-pointer-table.h | 2 - .../compactible-external-entity-table-inl.h | 8 +- .../src/sandbox/cppheap-pointer-table-inl.h | 9 +- deps/v8/src/sandbox/cppheap-pointer-table.h | 17 +- deps/v8/src/sandbox/external-buffer-table.h | 1 + .../src/sandbox/external-entity-table-inl.h | 8 + deps/v8/src/sandbox/external-entity-table.h | 10 + deps/v8/src/sandbox/external-pointer-inl.h | 29 - .../src/sandbox/external-pointer-table-inl.h | 11 +- deps/v8/src/sandbox/external-pointer-table.cc | 11 +- deps/v8/src/sandbox/external-pointer-table.h | 13 +- deps/v8/src/sandbox/external-pointer.h | 20 - deps/v8/src/sandbox/indirect-pointer-inl.h | 16 +- deps/v8/src/sandbox/indirect-pointer-tag.h | 81 +- deps/v8/src/sandbox/isolate-inl.h | 31 +- deps/v8/src/sandbox/isolate.h | 14 +- deps/v8/src/sandbox/js-dispatch-table-inl.h | 119 +- deps/v8/src/sandbox/js-dispatch-table.cc | 16 +- deps/v8/src/sandbox/js-dispatch-table.h | 16 +- deps/v8/src/sandbox/sandbox.cc | 16 + deps/v8/src/sandbox/sandbox.h | 18 + deps/v8/src/sandbox/tagged-payload.h | 10 +- deps/v8/src/sandbox/testing.cc | 15 + deps/v8/src/sandbox/trusted-pointer-table.h | 1 + deps/v8/src/snapshot/code-serializer.cc | 14 +- deps/v8/src/snapshot/code-serializer.h | 12 +- deps/v8/src/snapshot/context-deserializer.cc | 19 +- deps/v8/src/snapshot/context-deserializer.h | 6 +- deps/v8/src/snapshot/context-serializer.cc | 5 +- deps/v8/src/snapshot/deserializer.cc | 58 +- deps/v8/src/snapshot/deserializer.h | 65 +- .../v8/src/snapshot/embedded/embedded-data.cc | 6 +- .../embedded/embedded-file-writer-interface.h | 3 - .../snapshot/embedded/embedded-file-writer.cc | 13 - .../snapshot/embedded/embedded-file-writer.h | 3 - .../platform-embedded-file-writer-generic.cc | 6 +- .../platform-embedded-file-writer-mac.cc | 4 - .../platform-embedded-file-writer-win.cc | 4 - deps/v8/src/snapshot/object-deserializer.cc | 33 +- deps/v8/src/snapshot/object-deserializer.h | 12 +- deps/v8/src/snapshot/read-only-serializer.cc | 3 +- deps/v8/src/snapshot/serializer.cc | 9 +- .../src/snapshot/shared-heap-deserializer.cc | 9 +- deps/v8/src/snapshot/snapshot.cc | 7 +- deps/v8/src/snapshot/snapshot.h | 2 +- deps/v8/src/strings/string-builder.cc | 5 +- deps/v8/src/strings/string-builder.h | 10 +- deps/v8/src/strings/string-case.cc | 18 +- deps/v8/src/strings/string-case.h | 5 +- deps/v8/src/strings/string-hasher-inl.h | 15 +- deps/v8/src/strings/string-hasher.h | 8 +- deps/v8/src/strings/unicode-decoder.h | 10 +- deps/v8/src/strings/uri.cc | 18 +- deps/v8/src/torque/ast.h | 16 +- deps/v8/src/torque/cc-generator.cc | 26 +- deps/v8/src/torque/constants.h | 3 +- deps/v8/src/torque/csa-generator.cc | 18 +- deps/v8/src/torque/declarable.cc | 2 +- deps/v8/src/torque/declarable.h | 3 + deps/v8/src/torque/declaration-visitor.cc | 31 +- deps/v8/src/torque/implementation-visitor.cc | 95 +- deps/v8/src/torque/implementation-visitor.h | 11 +- deps/v8/src/torque/instructions.h | 5 +- deps/v8/src/torque/torque-compiler.cc | 2 +- deps/v8/src/torque/torque-compiler.h | 2 +- deps/v8/src/torque/torque-parser.cc | 98 +- deps/v8/src/torque/type-oracle.h | 6 +- deps/v8/src/torque/type-visitor.cc | 21 +- deps/v8/src/torque/types.cc | 2 +- deps/v8/src/torque/types.h | 3 +- deps/v8/src/torque/utils.cc | 36 +- deps/v8/src/tracing/perfetto-logger.cc | 9 +- deps/v8/src/tracing/perfetto-logger.h | 4 +- .../v8/src/trap-handler/handler-inside-win.cc | 9 +- deps/v8/src/trap-handler/trap-handler.h | 4 +- deps/v8/src/utils/allocation.cc | 13 - deps/v8/src/utils/allocation.h | 4 - deps/v8/src/utils/utils.h | 2 +- deps/v8/src/wasm/DEPS | 1 + .../baseline/arm/liftoff-assembler-arm-inl.h | 84 +- .../arm64/liftoff-assembler-arm64-inl.h | 17 +- .../ia32/liftoff-assembler-ia32-inl.h | 94 +- .../src/wasm/baseline/liftoff-assembler-inl.h | 14 +- .../v8/src/wasm/baseline/liftoff-assembler.cc | 7 +- deps/v8/src/wasm/baseline/liftoff-assembler.h | 5 +- deps/v8/src/wasm/baseline/liftoff-compiler.cc | 310 +-- deps/v8/src/wasm/baseline/liftoff-register.h | 2 +- .../loong64/liftoff-assembler-loong64-inl.h | 79 +- .../mips64/liftoff-assembler-mips64-inl.h | 5 - .../baseline/ppc/liftoff-assembler-ppc-inl.h | 5 - .../riscv/liftoff-assembler-riscv-inl.h | 57 +- .../riscv/liftoff-assembler-riscv32-inl.h | 148 +- .../riscv/liftoff-assembler-riscv64-inl.h | 139 +- .../s390/liftoff-assembler-s390-inl.h | 5 - .../baseline/x64/liftoff-assembler-x64-inl.h | 23 +- deps/v8/src/wasm/c-api.cc | 188 +- deps/v8/src/wasm/canonical-types.cc | 425 ++-- deps/v8/src/wasm/canonical-types.h | 376 +++- .../v8/src/wasm/compilation-environment-inl.h | 2 +- deps/v8/src/wasm/compilation-environment.h | 24 +- .../src/wasm/constant-expression-interface.cc | 92 +- .../src/wasm/constant-expression-interface.h | 2 +- deps/v8/src/wasm/constant-expression.cc | 17 +- deps/v8/src/wasm/constant-expression.h | 3 +- deps/v8/src/wasm/function-body-decoder-impl.h | 196 +- deps/v8/src/wasm/function-compiler.cc | 87 +- deps/v8/src/wasm/function-compiler.h | 23 +- .../wasm/fuzzing/random-module-generation.cc | 371 ++-- .../wasm/fuzzing/random-module-generation.h | 2 +- deps/v8/src/wasm/graph-builder-interface.cc | 90 +- deps/v8/src/wasm/inlining-tree.h | 6 + .../arm64/interpreter-builtins-arm64.cc | 23 +- .../wasm/interpreter/wasm-interpreter-inl.h | 2 +- .../wasm-interpreter-runtime-inl.h | 4 +- .../interpreter/wasm-interpreter-runtime.cc | 2 +- .../src/wasm/interpreter/wasm-interpreter.cc | 6 +- .../src/wasm/interpreter/wasm-interpreter.h | 2 +- .../x64/interpreter-builtins-x64.cc | 19 +- deps/v8/src/wasm/jump-table-assembler.cc | 303 ++- deps/v8/src/wasm/jump-table-assembler.h | 59 +- deps/v8/src/wasm/local-decl-encoder.cc | 5 +- deps/v8/src/wasm/module-compiler.cc | 1006 +++------ deps/v8/src/wasm/module-compiler.h | 38 +- deps/v8/src/wasm/module-decoder-impl.h | 129 +- deps/v8/src/wasm/module-decoder.cc | 89 +- deps/v8/src/wasm/module-decoder.h | 20 +- deps/v8/src/wasm/module-instantiate.cc | 430 ++-- deps/v8/src/wasm/module-instantiate.h | 19 +- deps/v8/src/wasm/names-provider.h | 4 + deps/v8/src/wasm/object-access.h | 6 - deps/v8/src/wasm/serialized-signature-inl.h | 108 - deps/v8/src/wasm/signature-hashing.h | 2 +- deps/v8/src/wasm/stacks.cc | 25 +- deps/v8/src/wasm/stacks.h | 36 +- deps/v8/src/wasm/std-object-sizes.h | 4 +- deps/v8/src/wasm/streaming-decoder.cc | 4 +- deps/v8/src/wasm/struct-types.h | 159 +- .../v8/src/wasm/turboshaft-graph-interface.cc | 593 ++--- deps/v8/src/wasm/turboshaft-graph-interface.h | 11 +- deps/v8/src/wasm/value-type.cc | 18 +- deps/v8/src/wasm/value-type.h | 743 ++++--- deps/v8/src/wasm/wasm-arguments.h | 6 +- deps/v8/src/wasm/wasm-builtin-list.h | 6 +- deps/v8/src/wasm/wasm-code-manager.cc | 176 +- deps/v8/src/wasm/wasm-code-manager.h | 73 +- .../v8/src/wasm/wasm-code-pointer-table-inl.h | 5 + deps/v8/src/wasm/wasm-code-pointer-table.cc | 28 +- deps/v8/src/wasm/wasm-code-pointer-table.h | 14 + deps/v8/src/wasm/wasm-debug.cc | 15 +- deps/v8/src/wasm/wasm-debug.h | 11 +- deps/v8/src/wasm/wasm-deopt-data.h | 3 + deps/v8/src/wasm/wasm-disassembler-impl.h | 4 + deps/v8/src/wasm/wasm-disassembler.cc | 33 +- deps/v8/src/wasm/wasm-engine.cc | 196 +- deps/v8/src/wasm/wasm-engine.h | 26 +- deps/v8/src/wasm/wasm-external-refs.cc | 76 +- deps/v8/src/wasm/wasm-feature-flags.h | 8 - deps/v8/src/wasm/wasm-features.cc | 3 - deps/v8/src/wasm/wasm-features.h | 4 + deps/v8/src/wasm/wasm-import-wrapper-cache.cc | 44 +- deps/v8/src/wasm/wasm-import-wrapper-cache.h | 25 +- deps/v8/src/wasm/wasm-init-expr.h | 28 +- deps/v8/src/wasm/wasm-js.cc | 1509 +++++++------ deps/v8/src/wasm/wasm-js.h | 13 +- deps/v8/src/wasm/wasm-limits.h | 8 +- deps/v8/src/wasm/wasm-linkage.h | 11 +- deps/v8/src/wasm/wasm-module-builder.cc | 93 +- deps/v8/src/wasm/wasm-module-builder.h | 91 +- deps/v8/src/wasm/wasm-module.cc | 102 +- deps/v8/src/wasm/wasm-module.h | 180 +- deps/v8/src/wasm/wasm-objects-inl.h | 94 +- deps/v8/src/wasm/wasm-objects.cc | 745 ++++--- deps/v8/src/wasm/wasm-objects.h | 169 +- deps/v8/src/wasm/wasm-objects.tq | 68 +- deps/v8/src/wasm/wasm-opcodes-inl.h | 16 +- deps/v8/src/wasm/wasm-opcodes.cc | 7 +- deps/v8/src/wasm/wasm-opcodes.h | 3 +- deps/v8/src/wasm/wasm-result.h | 6 +- deps/v8/src/wasm/wasm-serialization.cc | 149 +- deps/v8/src/wasm/wasm-subtyping.cc | 164 +- deps/v8/src/wasm/wasm-subtyping.h | 8 +- deps/v8/src/wasm/wasm-value.h | 9 +- deps/v8/src/wasm/well-known-imports.cc | 43 +- deps/v8/src/wasm/well-known-imports.h | 17 +- deps/v8/src/wasm/wrappers.cc | 152 +- deps/v8/src/zone/zone-containers.h | 16 + deps/v8/src/zone/zone.cc | 2 +- deps/v8/src/zone/zone.h | 2 +- deps/v8/test/benchmarks/benchmarks.status | 1 + deps/v8/test/bigint/bigint-shell.cc | 14 +- deps/v8/test/cctest/BUILD.gn | 10 +- deps/v8/test/cctest/cctest-utils.h | 3 - deps/v8/test/cctest/cctest.cc | 2 +- deps/v8/test/cctest/cctest.h | 2 +- deps/v8/test/cctest/cctest.status | 20 +- .../cctest/compiler/js-heap-broker-base.h | 22 +- .../cctest/compiler/test-code-assembler.cc | 6 +- .../cctest/compiler/test-code-generator.cc | 18 +- .../test-concurrent-shared-function-info.cc | 5 +- .../cctest/compiler/test-graph-visualizer.cc | 4 +- .../test/cctest/compiler/test-instruction.cc | 2 +- .../cctest/compiler/test-js-typed-lowering.cc | 2 +- deps/v8/test/cctest/compiler/test-linkage.cc | 10 +- .../cctest/compiler/test-loop-analysis.cc | 4 +- .../compiler/test-machine-operator-reducer.cc | 2 +- .../cctest/compiler/test-multiple-return.cc | 24 +- deps/v8/test/cctest/compiler/test-node.cc | 2 +- .../cctest/compiler/test-run-native-calls.cc | 6 +- deps/v8/test/cctest/heap/heap-utils.cc | 68 +- deps/v8/test/cctest/heap/heap-utils.h | 20 +- deps/v8/test/cctest/heap/test-alloc.cc | 2 +- .../cctest/heap/test-array-buffer-tracker.cc | 4 +- deps/v8/test/cctest/heap/test-compaction.cc | 51 +- .../cctest/heap/test-concurrent-allocation.cc | 27 +- .../heap/test-external-string-tracker.cc | 7 +- deps/v8/test/cctest/heap/test-heap.cc | 286 ++- deps/v8/test/cctest/heap/test-mark-compact.cc | 14 +- deps/v8/test/cctest/heap/test-spaces.cc | 122 +- .../test/cctest/heap/test-weak-references.cc | 56 +- deps/v8/test/cctest/test-api-array-buffer.cc | 214 ++ deps/v8/test/cctest/test-api-typed-array.cc | 2 +- deps/v8/test/cctest/test-api.cc | 388 +++- deps/v8/test/cctest/test-assembler-riscv32.cc | 2 +- deps/v8/test/cctest/test-assembler-riscv64.cc | 14 +- .../test/cctest/test-code-stub-assembler.cc | 14 +- deps/v8/test/cctest/test-debug-helper.cc | 2 +- deps/v8/test/cctest/test-debug.cc | 40 + deps/v8/test/cctest/test-descriptor-array.cc | 2 +- .../test/cctest/test-field-type-tracking.cc | 9 +- deps/v8/test/cctest/test-heap-profiler.cc | 6 +- deps/v8/test/cctest/test-icache.cc | 2 +- deps/v8/test/cctest/test-js-weak-refs.cc | 12 +- deps/v8/test/cctest/test-lockers.cc | 8 +- deps/v8/test/cctest/test-log-stack-tracer.cc | 2 +- deps/v8/test/cctest/test-mementos.cc | 3 +- deps/v8/test/cctest/test-ptr-compr-cage.cc | 29 +- deps/v8/test/cctest/test-regexp.cc | 4 +- deps/v8/test/cctest/test-serialize.cc | 65 +- deps/v8/test/cctest/test-shared-strings.cc | 202 +- deps/v8/test/cctest/test-strings.cc | 48 +- .../v8/test/cctest/wasm/test-backing-store.cc | 10 +- deps/v8/test/cctest/wasm/test-c-wasm-entry.cc | 10 +- .../cctest/wasm/test-compilation-cache.cc | 3 +- deps/v8/test/cctest/wasm/test-gc.cc | 289 +-- deps/v8/test/cctest/wasm/test-grow-memory.cc | 16 +- .../cctest/wasm/test-jump-table-assembler.cc | 8 +- .../cctest/wasm/test-liftoff-inspection.cc | 2 +- deps/v8/test/cctest/wasm/test-run-wasm-64.cc | 3 +- .../cctest/wasm/test-run-wasm-bulk-memory.cc | 6 +- deps/v8/test/cctest/wasm/test-run-wasm-js.cc | 2 +- .../cctest/wasm/test-run-wasm-memory64.cc | 4 +- .../test/cctest/wasm/test-run-wasm-module.cc | 1 - .../cctest/wasm/test-run-wasm-relaxed-simd.cc | 53 + .../cctest/wasm/test-run-wasm-simd-liftoff.cc | 2 +- .../v8/test/cctest/wasm/test-run-wasm-simd.cc | 839 ++++--- .../cctest/wasm/test-run-wasm-wrappers.cc | 30 +- deps/v8/test/cctest/wasm/test-run-wasm.cc | 66 +- .../cctest/wasm/test-streaming-compilation.cc | 24 +- .../test/cctest/wasm/test-wasm-breakpoints.cc | 2 +- .../wasm/test-wasm-import-wrapper-cache.cc | 71 +- deps/v8/test/cctest/wasm/test-wasm-metrics.cc | 4 +- .../cctest/wasm/test-wasm-serialization.cc | 189 +- .../cctest/wasm/test-wasm-shared-engine.cc | 14 +- deps/v8/test/cctest/wasm/test-wasm-stack.cc | 1 - .../cctest/wasm/test-wasm-trap-position.cc | 2 - deps/v8/test/cctest/wasm/wasm-run-utils.cc | 84 +- deps/v8/test/cctest/wasm/wasm-run-utils.h | 36 +- deps/v8/test/cctest/wasm/wasm-simd-utils.cc | 207 +- deps/v8/test/cctest/wasm/wasm-simd-utils.h | 28 +- deps/v8/test/common/types-fuzz.h | 29 +- deps/v8/test/common/wasm/test-signatures.h | 266 +-- deps/v8/test/common/wasm/wasm-macro-gen.h | 149 +- .../v8/test/common/wasm/wasm-module-runner.cc | 15 +- deps/v8/test/debugger/debug/wasm/asm-debug.js | 2 +- ...bled-tier-down-wasm-unsupported-liftoff.js | 1 - .../debugger/debug/wasm/frame-inspection.js | 2 - deps/v8/test/debugger/debugger.status | 7 +- deps/v8/test/fuzzer/fuzzer-support.cc | 14 +- deps/v8/test/fuzzer/fuzzer.status | 4 +- deps/v8/test/fuzzer/multi-return.cc | 15 +- deps/v8/test/fuzzer/parser.cc | 3 +- deps/v8/test/fuzzer/regexp.cc | 4 +- deps/v8/test/fuzzer/wasm-async.cc | 2 +- deps/v8/test/fuzzer/wasm-code.cc | 3 +- deps/v8/test/fuzzer/wasm-deopt.cc | 28 +- deps/v8/test/fuzzer/wasm-fuzzer-common.cc | 27 +- deps/v8/test/fuzzer/wasm-init-expr.cc | 5 +- .../debugger/async-chains-expected.txt | 18 - .../break-on-exception-framework-expected.txt | 48 +- ...eption-framework-promise-tree-expected.txt | 368 ++- ...tion-promise-catch-prediction-expected.txt | 91 +- ...-anonymous-and-content-script-expected.txt | 21 + .../ignore-anonymous-and-content-script.js | 57 + ...sm-get-breakable-locations-byte-offsets.js | 2 - .../wasm-jspi-async-stack-expected.txt | 109 +- .../debugger/wasm-scripts-expected.txt | 54 +- .../debugger/wasm-scripts-with-name.js | 2 - .../test/inspector/debugger/wasm-scripts.js | 14 +- .../v8/test/inspector/debugger/wasm-source.js | 2 - deps/v8/test/inspector/debugger/wasm-stack.js | 2 - .../heap-profiler/console-retaining-path.js | 2 +- .../heap-snapshot-js-weak-refs.js | 2 +- .../runtime/command-line-api-expected.txt | 22 + .../runtime/console-methods-expected.txt | 36 + .../runtime/error-stack-async-expected.txt | 66 + .../inspector/runtime/error-stack-async.js | 35 + .../runtime/regression-1140845-expected.txt | 2 +- .../inspector/runtime/regression-1140845.js | 2 +- .../duration-format/format-basic-digital.js | 1 - .../format-digital-longdigits.js | 10 + deps/v8/test/intl/number-format/pr925.js | 15 + .../resolvedOptions-pluralCategories-order.js | 41 + deps/v8/test/js-perf-test/JSTests4.json | 2 +- deps/v8/test/js-perf-test/RegExp.json | 49 +- .../test/js-perf-test/RegExp/RegExpTests.json | 67 - deps/v8/test/js-perf-test/RegExp/base.js | 6 +- .../test/js-perf-test/RegExp/base_replace.js | 3 + .../RegExp/base_replace_emoji_g.js | 22 + .../RegExp/base_replace_emoji_gu.js | 22 + .../RegExp/base_replace_emoji_gv.js | 22 + .../RegExp/base_replaceall_emoji_g.js | 22 + .../RegExp/base_replaceall_emoji_gu.js | 22 + .../RegExp/base_replaceall_emoji_gv.js | 22 + .../js-perf-test/RegExp/replace_emoji_g.js | 7 + .../js-perf-test/RegExp/replace_emoji_gu.js | 7 + .../js-perf-test/RegExp/replace_emoji_gv.js | 7 + .../js-perf-test/RegExp/replaceall_emoji_g.js | 7 + .../RegExp/replaceall_emoji_gu.js | 7 + .../RegExp/replaceall_emoji_gv.js | 7 + deps/v8/test/js-perf-test/RegExp/run.js | 16 +- .../RegExp/slow_replace_emoji_g.js | 7 + .../RegExp/slow_replace_emoji_gu.js | 7 + .../RegExp/slow_replace_emoji_gv.js | 7 + .../RegExp/slow_replaceall_emoji_g.js | 7 + .../RegExp/slow_replaceall_emoji_gu.js | 7 + .../RegExp/slow_replaceall_emoji_gv.js | 7 + .../fail/modules-import-assertions-fail-1.out | 6 - .../fail/modules-import-assertions-fail-3.out | 4 - ...s => modules-import-attributes-fail-1.mjs} | 4 +- .../fail/modules-import-attributes-fail-1.out | 5 + ...s => modules-import-attributes-fail-2.mjs} | 4 +- ...t => modules-import-attributes-fail-2.out} | 1 - ...s => modules-import-attributes-fail-3.mjs} | 4 +- .../fail/modules-import-attributes-fail-3.out | 4 + ...modules-skip-1-import-attributes-fail.mjs} | 0 ...odules-skip-3-import-attributes-fail.json} | 0 .../test/message/fail/wasm-function-name.js | 2 - .../fail/wasm-module-and-function-name.js | 2 - deps/v8/test/message/fail/wasm-module-name.js | 2 - deps/v8/test/message/fail/wasm-no-name.js | 2 - deps/v8/test/message/fail/wasm-trap.js | 2 - .../test/message/wasm-function-name-async.js | 2 - .../message/wasm-function-name-streaming.js | 2 +- .../wasm-module-and-function-name-async.js | 2 - ...wasm-module-and-function-name-streaming.js | 2 +- .../v8/test/message/wasm-module-name-async.js | 2 - .../message/wasm-module-name-streaming.js | 2 +- deps/v8/test/message/wasm-no-name-async.js | 2 - .../v8/test/message/wasm-no-name-streaming.js | 2 +- .../v8/test/message/wasm-recognize-imports.js | 2 +- deps/v8/test/message/wasm-trace-deopt-32.js | 2 +- deps/v8/test/message/wasm-trace-deopt-64.js | 2 +- deps/v8/test/message/wasm-trace-liftoff.js | 1 + deps/v8/test/message/wasm-trace-turbofan.js | 2 +- .../mjsunit/arguments-load-across-eval.js | 2 +- deps/v8/test/mjsunit/asm/noexpose-wasm.js | 37 - .../async-hooks/regress-crbug-1433521.js | 2 +- ...d_mutable_heap_slot_context_specialized.js | 104 + .../mjsunit/compiler/regress-356196918.js | 40 + .../mjsunit/compiler/regress-376100382.js | 17 + .../mjsunit/compiler/regress-376307767.js | 21 + .../mjsunit/compiler/regress-376818204.js | 18 + .../mjsunit/compiler/regress-385386138.js | 27 + .../compiler/regress-crbug-369685641.js | 26 + ...ady-not-constant-global-no-deopt-maglev.js | 6 +- ...et-already-not-constant-no-deopt-maglev.js | 6 +- deps/v8/test/mjsunit/harmony/atomics.js | 5 +- .../harmony/modules-import-assertions-1.mjs | 9 - .../harmony/modules-import-assertions-2.mjs | 9 - .../harmony/modules-import-assertions-3.mjs | 9 - .../harmony/modules-import-assertions-4.mjs | 9 - .../modules-import-assertions-dynamic-1.mjs | 12 - .../modules-import-assertions-dynamic-10.mjs | 19 - .../modules-import-assertions-dynamic-11.mjs | 19 - .../modules-import-assertions-dynamic-12.mjs | 26 - .../modules-import-assertions-dynamic-2.mjs | 13 - .../modules-import-assertions-dynamic-3.mjs | 13 - .../modules-import-assertions-dynamic-4.mjs | 14 - .../modules-import-assertions-dynamic-5.mjs | 12 - .../modules-import-assertions-dynamic-6.mjs | 18 - .../modules-import-assertions-dynamic-7.mjs | 63 - .../modules-import-assertions-dynamic-8.mjs | 13 - .../modules-import-assertions-dynamic-9.mjs | 13 - .../modules-import-attributes-dynamic-7.mjs | 4 +- ...tributes-dynamic-assertions-fallback-1.mjs | 15 - ...tributes-dynamic-assertions-fallback-2.mjs | 15 - .../harmony/modules-skip-imports-json-1.mjs | 4 +- .../harmony/regress/regress-368503280.js | 7 + .../harmony/regress/regress-369010108.js | 22 + .../harmony/regress/regress-369652654.js | 14 + .../v8/test/mjsunit/harmony/set-difference.js | 36 + deps/v8/test/mjsunit/huge-typedarrays.js | 4 +- ...d_mutable_heap_slot_context_specialized.js | 83 + ...utable_heap_slot_no_context_specialized.js | 46 + .../test/mjsunit/maglev/regress-367814188.js | 26 + .../test/mjsunit/maglev/regress-369652820.js | 25 + .../test/mjsunit/maglev/regress-371659897.js | 25 + .../test/mjsunit/maglev/regress-373473130.js | 16 + .../test/mjsunit/maglev/regress-375330032.js | 26 + .../test/mjsunit/maglev/regress-376502882.js | 27 + .../test/mjsunit/maglev/regress-376503834.js | 24 + .../test/mjsunit/maglev/regress-377352333.js | 17 + .../test/mjsunit/maglev/regress-377736134.js | 20 + .../test/mjsunit/maglev/regress-378014582.js | 17 + .../test/mjsunit/maglev/regress-379843860.js | 27 + .../test/mjsunit/maglev/regress-389330329.js | 37 + .../maglev/regress-6565476905713664.js | 43 + .../maglev/regress/regress-367758074.js | 34 + .../maglev/regress/regress-371044612.js | 22 + ...e_mutable_heap_slot_context_specialized.js | 110 + ...utable_heap_slot_no_context_specialized.js | 37 + .../mjsunit/maglev/string-wrapper-add-1.js | 37 + .../mjsunit/maglev/string-wrapper-add-2.js | 26 + .../mjsunit/maglev/string-wrapper-add-3.js | 35 + deps/v8/test/mjsunit/mjsunit.status | 88 +- .../mjsunit/regexp-match-global-atom-cache.js | 13 + .../{harmony => }/regexp-unicode-sets.js | 22 +- deps/v8/test/mjsunit/regress-367066330.js | 4 + deps/v8/test/mjsunit/regress-376701117.js | 27 + deps/v8/test/mjsunit/regress-376723691.js | 30 + deps/v8/test/mjsunit/regress-376738752.js | 25 + deps/v8/test/mjsunit/regress-377352368.js | 25 + .../test/mjsunit/regress-crbug-370694832.js | 56 + .../mjsunit/regress/asm/regress-575364.js | 2 +- .../test/mjsunit/regress/asm/regress-8505.js | 2 +- .../regress/proto-transition-regress.js | 2 +- .../test/mjsunit/regress/regress-1415210.js | 2 - .../test/mjsunit/regress/regress-357651585.js | 1 - .../test/mjsunit/regress/regress-366323469.js | 23 + .../test/mjsunit/regress/regress-366323504.js | 14 + .../test/mjsunit/regress/regress-366635361.js | 22 + .../test/mjsunit/regress/regress-366783816.js | 24 + .../test/mjsunit/regress/regress-367752279.js | 26 + .../test/mjsunit/regress/regress-367779587.js | 23 + .../test/mjsunit/regress/regress-368076858.js | 31 + .../test/mjsunit/regress/regress-368467195.js | 14 + .../test/mjsunit/regress/regress-369667727.js | 24 + .../test/mjsunit/regress/regress-371237560.js | 22 + .../test/mjsunit/regress/regress-372298921.js | 16 + .../test/mjsunit/regress/regress-372524119.js | 9 + .../mjsunit/regress/regress-372750822.mjs | 13 + .../test/mjsunit/regress/regress-372819446.js | 22 + .../test/mjsunit/regress/regress-374627491.js | 26 + .../test/mjsunit/regress/regress-374812617.js | 19 + .../test/mjsunit/regress/regress-376770786.js | 15 + .../test/mjsunit/regress/regress-377574368.js | 25 + .../mjsunit/regress/regress-crbug-1423650.js | 2 +- .../mjsunit/regress/regress-crbug-1424699.js | 2 +- .../mjsunit/regress/regress-crbug-1442801.js | 2 +- .../mjsunit/regress/regress-crbug-1443001.js | 2 +- .../regress/regress-crbug-366863049.js | 12 + .../regress/regress-crbug-366873205.js | 60 + .../regress/regress-crbug-368634139.js | 16 + .../regress/regress-crbug-369003813.js | 20 + .../regress/regress-crbug-370133742.js | 20 + .../regress/regress-crbug-371237564.js | 19 + .../regress/regress-crbug-371239173.js | 17 + .../regress/regress-crbug-371445202.js | 24 + .../regress/wasm/i32-lowering-inlining.js | 2 +- .../mjsunit/regress/wasm/loop-stack-check.js | 2 - .../mjsunit/regress/wasm/regress-11024.js | 2 +- .../mjsunit/regress/wasm/regress-1125951.js | 2 +- .../mjsunit/regress/wasm/regress-11335.js | 2 +- .../mjsunit/regress/wasm/regress-12874.js | 2 +- .../mjsunit/regress/wasm/regress-1364036.js | 2 +- .../mjsunit/regress/wasm/regress-1374535.js | 2 +- .../mjsunit/regress/wasm/regress-1447367.js | 2 +- .../mjsunit/regress/wasm/regress-14695.js | 2 +- .../mjsunit/regress/wasm/regress-1490847-3.js | 2 +- .../mjsunit/regress/wasm/regress-1492772.js | 2 +- .../mjsunit/regress/wasm/regress-1511849.js | 2 +- .../mjsunit/regress/wasm/regress-1512426.js | 2 - .../mjsunit/regress/wasm/regress-1514304.js | 2 +- .../mjsunit/regress/wasm/regress-1523414.js | 2 +- .../mjsunit/regress/wasm/regress-325372946.js | 2 +- .../mjsunit/regress/wasm/regress-326091470.js | 2 +- .../mjsunit/regress/wasm/regress-334687959.js | 2 +- .../mjsunit/regress/wasm/regress-342602616.js | 80 + .../mjsunit/regress/wasm/regress-347961785.js | 2 +- .../mjsunit/regress/wasm/regress-361123483.js | 21 + .../mjsunit/regress/wasm/regress-361717714.js | 26 + .../mjsunit/regress/wasm/regress-362539773.js | 18 + .../mjsunit/regress/wasm/regress-366307027.js | 15 + .../mjsunit/regress/wasm/regress-366323508.js | 17 + .../mjsunit/regress/wasm/regress-366350766.js | 13 + .../mjsunit/regress/wasm/regress-366350770.js | 16 + .../mjsunit/regress/wasm/regress-366350772.js | 23 + .../mjsunit/regress/wasm/regress-368070338.js | 14 + .../mjsunit/regress/wasm/regress-368086282.js | 46 + .../mjsunit/regress/wasm/regress-368512282.js | 22 + .../mjsunit/regress/wasm/regress-369533086.js | 36 + .../mjsunit/regress/wasm/regress-369652650.js | 13 + .../mjsunit/regress/wasm/regress-370191716.js | 26 + .../mjsunit/regress/wasm/regress-371565065.js | 73 + .../mjsunit/regress/wasm/regress-372067240.js | 16 + .../mjsunit/regress/wasm/regress-372261626.js | 21 + .../mjsunit/regress/wasm/regress-372294705.js | 11 + .../mjsunit/regress/wasm/regress-372993873.js | 12 + .../mjsunit/regress/wasm/regress-373684419.js | 11 + .../mjsunit/regress/wasm/regress-373702823.js | 29 + .../mjsunit/regress/wasm/regress-373907109.js | 25 + .../mjsunit/regress/wasm/regress-375220562.js | 11 + .../mjsunit/regress/wasm/regress-375314963.js | 24 + .../mjsunit/regress/wasm/regress-375343420.js | 35 + .../mjsunit/regress/wasm/regress-375346071.js | 21 + .../mjsunit/regress/wasm/regress-375959770.js | 46 + .../mjsunit/regress/wasm/regress-377620832.js | 89 + .../mjsunit/regress/wasm/regress-377971725.js | 16 + .../test/mjsunit/regress/wasm/regress-5531.js | 2 - .../test/mjsunit/regress/wasm/regress-5860.js | 2 - .../mjsunit/regress/wasm/regress-644682.js | 2 - .../mjsunit/regress/wasm/regress-648079.js | 2 - .../mjsunit/regress/wasm/regress-651961.js | 2 - .../mjsunit/regress/wasm/regress-654377.js | 2 - .../mjsunit/regress/wasm/regress-663994.js | 2 - .../mjsunit/regress/wasm/regress-666741.js | 2 +- .../mjsunit/regress/wasm/regress-667745.js | 2 - .../mjsunit/regress/wasm/regress-670683.js | 2 +- .../mjsunit/regress/wasm/regress-699485.js | 2 - .../mjsunit/regress/wasm/regress-709684.js | 2 +- .../mjsunit/regress/wasm/regress-737069.js | 2 - .../mjsunit/regress/wasm/regress-752423.js | 2 - .../mjsunit/regress/wasm/regress-813440.js | 2 +- .../mjsunit/regress/wasm/regress-875556.js | 2 - .../test/mjsunit/regress/wasm/regress-8947.js | 2 - .../mjsunit/regress/wasm/regress-964607.js | 2 - .../mjsunit/regress/wasm/regress-968078.js | 2 - .../regress/wasm/regress-crbug-1507663.js | 2 +- .../regress/wasm/regress-crbug-1510626.js | 2 +- .../regress/wasm/regress-crbug-772056.js | 2 - .../mjsunit/regress/wasm/regress-v8-14471.js | 2 +- .../sandbox/regress/regress-342297062-1.js | 33 + ...ss-342297062.js => regress-342297062-2.js} | 0 .../sandbox/regress/regress-342297062-3.js | 56 + .../sandbox/regress/regress-348084786.js | 36 + .../sandbox/regress/regress-354408144.js | 75 + .../sandbox/regress/regress-369748453-1.js | 22 + .../sandbox/regress/regress-369748453-2.js | 30 + .../sandbox/regress/regress-369748453-3.js | 52 + .../sandbox/regress/regress-376071292-1.js | 43 + .../shared-memory/regress-crbug-366323424.js | 11 + .../shared-memory/regress-crbug-366643711.js | 39 + .../test/mjsunit/shared-memory/shared-heap.js | 10 + deps/v8/test/mjsunit/stress-delay-tasks.js | 8 + deps/v8/test/mjsunit/string-wrapper-add-3.js | 35 + deps/v8/test/mjsunit/tools/foozzie.js | 5 +- .../maglev-frontend/regress-358461173-1.js | 28 + .../maglev-frontend/regress-358461173-2.js | 28 + .../maglev-frontend/regress-358957666.js | 18 + .../maglev-frontend/regress-359266991.js | 18 + .../maglev-frontend/regress-360207713.js | 35 + .../maglev-frontend/regress-361124378.js | 43 + .../maglev-frontend/regress-368725681.js | 16 + .../maglev-frontend/regress-372754523.js | 35 + .../maglev-frontend/regress-373025979.js | 33 + .../turboshaft/turboshaft-frontend-test.js | 27 - .../typedarray-growablesharedarraybuffer.js | 24 +- .../typedarray-resizablearraybuffer.js | 21 + deps/v8/test/mjsunit/wasm/adapter-frame.js | 2 - deps/v8/test/mjsunit/wasm/add-getters.js | 2 - deps/v8/test/mjsunit/wasm/anyfunc.js | 2 +- deps/v8/test/mjsunit/wasm/array-fill-gc.js | 74 + deps/v8/test/mjsunit/wasm/asm-wasm-copy.js | 2 - .../v8/test/mjsunit/wasm/asm-with-wasm-off.js | 2 +- deps/v8/test/mjsunit/wasm/calls.js | 2 - .../wasm/code-flushing-single-isolate.js | 2 +- deps/v8/test/mjsunit/wasm/code-flushing.js | 2 +- .../wasm/compiled-module-management.js | 2 +- .../wasm/compiled-module-serialization.js | 2 +- deps/v8/test/mjsunit/wasm/data-segments.js | 2 - .../mjsunit/wasm/deopt/deopt-call-indirect.js | 2 +- .../mjsunit/wasm/deopt/deopt-debugging.js | 56 + .../wasm/deopt/deopt-dynamic-tierup.js | 2 +- .../wasm/deopt/deopt-feedback-states.js | 2 +- .../deopt/deopt-inlined-param-stack-slots.js | 2 +- .../wasm/deopt/deopt-inlined-stacktrace.js | 2 +- .../test/mjsunit/wasm/deopt/deopt-inlined.js | 2 +- .../mjsunit/wasm/deopt/deopt-int64-values.js | 2 +- .../deopt-many-params-many-locals-s128.js | 2 +- .../wasm/deopt/deopt-many-params-tagged.js | 2 +- .../mjsunit/wasm/deopt/deopt-many-params.js | 2 +- .../mjsunit/wasm/deopt/deopt-many-results.js | 2 +- .../mjsunit/wasm/deopt/deopt-memory-access.js | 2 +- .../test/mjsunit/wasm/deopt/deopt-metrics.js | 2 +- .../test/mjsunit/wasm/deopt/deopt-minimal.js | 2 +- .../deopt-multi-instance-call-indirect.js | 86 + .../test/mjsunit/wasm/deopt/deopt-multiple.js | 2 +- deps/v8/test/mjsunit/wasm/deopt/deopt-nan.js | 2 +- .../wasm/deopt/deopt-non-inlineable-target.js | 2 +- .../wasm/deopt/deopt-non-inlined-target.js | 2 +- .../wasm/deopt/deopt-signal-handler.js | 2 +- .../deopt/deopt-tail-call-parent-frame.js | 2 +- .../wasm/deopt/deopt-too-many-inputs.js | 86 + .../mjsunit/wasm/deopt/deopt-value-types.js | 2 +- deps/v8/test/mjsunit/wasm/disallow-codegen.js | 2 +- deps/v8/test/mjsunit/wasm/divrem-trap.js | 2 +- .../test/mjsunit/wasm/empirical_max_memory.js | 2 - .../wasm/ensure-wasm-binaries-up-to-date.js | 2 - deps/v8/test/mjsunit/wasm/errors.js | 2 +- ...module-import-source-dynamic-not-found.mjs | 17 + .../wasm/esm/module-import-source-dynamic.mjs | 19 + deps/v8/test/mjsunit/wasm/exnref.js | 31 + deps/v8/test/mjsunit/wasm/export-table.js | 2 - deps/v8/test/mjsunit/wasm/expose-wasm.js | 7 - deps/v8/test/mjsunit/wasm/externref.js | 2 +- ...i-calls-with-wellknown-imports-conflict.js | 2 +- ...st-api-calls-with-wellknown-imports-i64.js | 2 +- deps/v8/test/mjsunit/wasm/ffi-error.js | 2 - deps/v8/test/mjsunit/wasm/ffi.js | 2 +- .../mjsunit/wasm/float-constant-folding.js | 2 - deps/v8/test/mjsunit/wasm/function-names.js | 2 - .../test/mjsunit/wasm/function-prototype.js | 2 - deps/v8/test/mjsunit/wasm/gc-buffer.js | 2 +- deps/v8/test/mjsunit/wasm/gc-casts-exnref.js | 128 +- deps/v8/test/mjsunit/wasm/gc-frame.js | 2 +- .../mjsunit/wasm/gc-js-interop-objects.js | 3 + .../mjsunit/wasm/gc-optimization-array-get.js | 2 +- deps/v8/test/mjsunit/wasm/gc-optimizations.js | 2 +- deps/v8/test/mjsunit/wasm/gc-stress.js | 2 +- deps/v8/test/mjsunit/wasm/generic-wrapper.js | 1 - deps/v8/test/mjsunit/wasm/globals.js | 2 - .../v8/test/mjsunit/wasm/graceful_shutdown.js | 2 +- .../mjsunit/wasm/grow-memory-detaching.js | 2 - .../mjsunit/wasm/grow-memory-in-branch.js | 2 +- .../test/mjsunit/wasm/grow-memory-in-call.js | 2 +- .../test/mjsunit/wasm/grow-memory-in-loop.js | 2 +- deps/v8/test/mjsunit/wasm/grow-memory.js | 2 +- deps/v8/test/mjsunit/wasm/import-function.js | 2 - deps/v8/test/mjsunit/wasm/import-memory.js | 2 - deps/v8/test/mjsunit/wasm/import-table.js | 2 - deps/v8/test/mjsunit/wasm/imported-strings.js | 21 +- deps/v8/test/mjsunit/wasm/indirect-calls.js | 2 - .../mjsunit/wasm/indirect-sig-mismatch.js | 2 - .../mjsunit/wasm/inlining-multi-instance.js | 93 + deps/v8/test/mjsunit/wasm/inlining.js | 2 +- deps/v8/test/mjsunit/wasm/instance-gc.js | 2 +- .../mjsunit/wasm/instance-memory-gc-stress.js | 2 +- .../mjsunit/wasm/instantiate-module-basic.js | 2 +- deps/v8/test/mjsunit/wasm/js-api.js | 8 +- .../wasm/lazy-feedback-vector-allocation.js | 2 +- .../test/mjsunit/wasm/memory-external-call.js | 2 - .../wasm/memory-instance-validation.js | 2 +- deps/v8/test/mjsunit/wasm/memory-size.js | 2 - deps/v8/test/mjsunit/wasm/memory.js | 2 - deps/v8/test/mjsunit/wasm/memory64.js | 72 +- deps/v8/test/mjsunit/wasm/module-memory.js | 2 +- deps/v8/test/mjsunit/wasm/module-prototype.js | 2 +- deps/v8/test/mjsunit/wasm/module-source.js | 2 +- .../wasm/multi-table-element-section.js | 2 - deps/v8/test/mjsunit/wasm/names.js | 2 - .../test/mjsunit/wasm/parallel_compilation.js | 2 +- deps/v8/test/mjsunit/wasm/params.js | 2 - deps/v8/test/mjsunit/wasm/receiver.js | 2 - .../serialization-with-compilation-hints.js | 2 +- .../mjsunit/wasm/shared-everything/basic.js | 2 +- deps/v8/test/mjsunit/wasm/shared-memory.js | 5 +- .../wasm/stack-switching-generic-wrapper.js | 2 +- .../mjsunit/wasm/stack-switching-no-stress.js | 109 + deps/v8/test/mjsunit/wasm/stack-switching.js | 239 +- deps/v8/test/mjsunit/wasm/stack.js | 2 +- deps/v8/test/mjsunit/wasm/stackwalk.js | 2 +- deps/v8/test/mjsunit/wasm/start-function.js | 2 - .../v8/test/mjsunit/wasm/streaming-compile.js | 2 +- .../mjsunit/wasm/streaming-error-position.js | 2 +- .../mjsunit/wasm/streaming-trap-location.js | 2 +- deps/v8/test/mjsunit/wasm/table-access.js | 2 - deps/v8/test/mjsunit/wasm/table-fill.js | 2 - .../test/mjsunit/wasm/table-grow-from-wasm.js | 2 - deps/v8/test/mjsunit/wasm/table.js | 2 - deps/v8/test/mjsunit/wasm/table64-copy.js | 2 +- deps/v8/test/mjsunit/wasm/table64-import.js | 4 +- deps/v8/test/mjsunit/wasm/table64-js-api.js | 90 + deps/v8/test/mjsunit/wasm/table64-limits.js | 17 +- deps/v8/test/mjsunit/wasm/table64-set.js | 2 +- ...est-serialization-with-lazy-compilation.js | 2 +- .../mjsunit/wasm/test-wasm-module-builder.js | 2 - deps/v8/test/mjsunit/wasm/trap-location.js | 2 - .../wasm/type-reflection-other-callable.js | 36 + .../wasm/type-reflection-with-externref.js | 8 +- deps/v8/test/mjsunit/wasm/type-reflection.js | 559 ++--- .../test/mjsunit/wasm/unicode-validation.js | 2 - .../mjsunit/wasm/unreachable-validation.js | 2 - deps/v8/test/mjsunit/wasm/unreachable.js | 2 - .../mjsunit/wasm/user-properties-common.js | 2 +- .../wasm/user-properties-constructed.js | 2 +- .../mjsunit/wasm/user-properties-exported.js | 2 +- .../mjsunit/wasm/user-properties-module.js | 2 +- .../mjsunit/wasm/user-properties-reexport.js | 2 +- .../wasm/verify-module-basic-errors.js | 2 - .../test/mjsunit/wasm/wasm-math-intrinsic.js | 2 +- deps/v8/test/mjsunit/wasm/wasm-object-api.js | 2 - .../v8/test/mjsunit/wasm/wasm-to-js-tierup.js | 2 +- deps/v8/test/mjsunit/wasm/wasm-to-js.js | 2 +- .../local-tests/test/staging/features.txt | 33 +- deps/v8/test/test262/prune-local-tests.sh | 17 - deps/v8/test/test262/test262.status | 488 +++- deps/v8/test/test262/testcfg.py | 3 +- deps/v8/test/test262/upstream-local-tests.sh | 22 - deps/v8/test/unittests/BUILD.gn | 7 +- .../unittests/api/remote-object-unittest.cc | 4 +- .../unittests/api/smi-tagging-unittest.cc | 79 + .../test/unittests/api/v8-array-unittest.cc | 17 +- .../test/unittests/api/v8-object-unittest.cc | 5 +- .../test/unittests/api/v8-script-unittest.cc | 143 +- .../assembler/disasm-arm64-unittest.cc | 24 +- .../assembler/disasm-s390-unittest.cc | 76 - .../macro-assembler-arm64-unittest.cc | 2 +- .../test/unittests/base/logging-unittest.cc | 9 + .../unittests/base/string-format-unittest.cc | 23 +- .../unittests/base/template-utils-unittest.cc | 19 +- .../optimizing-compile-dispatcher-unittest.cc | 2 +- .../instruction-selector-arm64-unittest.cc | 2 +- ...aft-instruction-selector-arm64-unittest.cc | 2 +- .../backend/instruction-selector-unittest.cc | 16 +- .../backend/instruction-selector-unittest.h | 10 +- ...urboshaft-instruction-selector-unittest.cc | 4 +- ...turboshaft-instruction-selector-unittest.h | 4 +- .../unittests/compiler/compiler-unittest.cc | 4 +- .../compiler/control-equivalence-unittest.cc | 2 +- .../unittests/compiler/function-tester.cc | 6 +- .../test/unittests/compiler/function-tester.h | 2 +- .../compiler/graph-reducer-unittest.cc | 3 +- .../test/unittests/compiler/graph-unittest.cc | 13 +- .../test/unittests/compiler/graph-unittest.h | 6 +- .../compiler/int64-lowering-unittest.cc | 18 +- .../compiler/js-call-reducer-unittest.cc | 18 +- .../compiler/js-create-lowering-unittest.cc | 2 +- .../compiler/linear-scheduler-unittest.cc | 2 +- .../compiler/linkage-tail-call-unittest.cc | 2 +- .../compiler/loop-peeling-unittest.cc | 4 +- .../compiler/node-matchers-unittest.cc | 2 +- ...t-instruction-selector-riscv64-unittest.cc | 40 +- .../run-bytecode-graph-builder-unittest.cc | 2 +- .../compiler/run-jsobjects-unittest.cc | 12 +- .../compiler/run-tail-calls-unittest.cc | 2 +- .../unittests/compiler/scheduler-unittest.cc | 5 +- .../compiler/simplified-operator-unittest.cc | 23 +- .../turboshaft/control-flow-unittest.cc | 1 - .../loop-unrolling-analyzer-unittest.cc | 70 + .../compiler/turboshaft/reducer-test.h | 4 +- .../simplified-lowering-reducer-unittest.cc | 38 - .../test/unittests/compiler/types-unittest.cc | 330 +-- .../value-numbering-reducer-unittest.cc | 2 +- .../x64/instruction-selector-x64-unittest.cc | 17 + ...shaft-instruction-selector-x64-unittest.cc | 16 + deps/v8/test/unittests/date/date-unittest.cc | 4 +- .../debug/debug-property-iterator-unittest.cc | 1 + .../execution/thread-termination-unittest.cc | 1 + .../flags/flag-definitions-unittest.cc | 17 + .../unittests/heap/base/bytes-unittest.cc | 36 + .../embedder-roots-handler-unittest.cc | 29 +- .../heap/cppgc-js/unified-heap-unittest.cc | 77 +- .../cppgc-js/young-unified-heap-unittest.cc | 4 +- .../heap/cppgc/concurrent-sweeper-unittest.cc | 13 +- .../heap/cppgc/marking-verifier-unittest.cc | 42 + .../unittests/heap/cppgc/member-unittest.cc | 19 +- .../heap/cppgc/prefinalizer-unittest.cc | 4 + .../unittests/heap/cppgc/sweeper-unittest.cc | 6 +- deps/v8/test/unittests/heap/cppgc/tests.h | 7 + .../test/unittests/heap/gc-tracer-unittest.cc | 116 +- .../unittests/heap/global-handles-unittest.cc | 21 +- .../heap/global-safepoint-unittest.cc | 4 +- deps/v8/test/unittests/heap/heap-unittest.cc | 199 +- deps/v8/test/unittests/heap/heap-utils.cc | 14 +- deps/v8/test/unittests/heap/heap-utils.h | 2 +- .../heap/inner-pointer-resolution-unittest.cc | 15 +- .../unittests/heap/shared-heap-unittest.cc | 10 +- .../unittests/inspector/inspector-unittest.cc | 16 +- .../bytecode-array-builder-unittest.cc | 88 +- .../AsyncGenerators.golden | 146 +- .../bytecode_expectations/AsyncModules.golden | 24 +- .../PrivateAccessorAccess.golden | 8 +- .../PrivateMethodAccess.golden | 4 +- .../StaticPrivateMethodAccess.golden | 30 +- .../generate-bytecode-expectations.cc | 7 +- .../interpreter/interpreter-tester.cc | 4 +- .../interpreter/interpreter-tester.h | 2 +- .../interpreter/interpreter-unittest.cc | 38 +- ...mics-synchronization-primitive-unittest.cc | 4 +- .../maglev/maglev-assembler-unittest.cc | 2 +- deps/v8/test/unittests/maglev/maglev-test.cc | 10 +- deps/v8/test/unittests/maglev/maglev-test.h | 2 +- .../concurrent-descriptor-array-unittest.cc | 7 +- .../objects/concurrent-prototype-unittest.cc | 11 +- .../objects/concurrent-string-unittest.cc | 18 +- .../objects/elements-kind-unittest.cc | 9 +- .../unittests/objects/modules-unittest.cc | 75 +- .../objects/value-serializer-unittest.cc | 10 +- .../unittests/objects/weakmaps-unittest.cc | 25 +- .../unittests/objects/weaksets-unittest.cc | 4 +- .../test/unittests/parser/decls-unittest.cc | 3 + .../test/unittests/parser/parsing-unittest.cc | 330 +-- .../test/unittests/regexp/regexp-unittest.cc | 62 +- .../runtime/runtime-debug-unittest.cc | 3 +- .../sandbox/pointer-table-unittest.cc | 99 + .../unittests/strings/unicode-unittest.cc | 6 +- deps/v8/test/unittests/test-helpers.cc | 2 +- deps/v8/test/unittests/test-utils.h | 3 - deps/v8/test/unittests/unittests.status | 7 + .../wasm/function-body-decoder-unittest.cc | 583 ++--- .../wasm/memory-protection-unittest.cc | 11 +- .../wasm/module-decoder-memory64-unittest.cc | 13 +- .../wasm/module-decoder-table64-unittest.cc | 22 +- .../unittests/wasm/module-decoder-unittest.cc | 115 +- .../test/unittests/wasm/subtyping-unittest.cc | 250 ++- .../wasm/trap-handler-native-unittest.cc | 23 +- .../wasm/trap-handler-simulator-unittest.cc | 8 +- .../test/unittests/wasm/wasm-compile-module.h | 94 + .../test/unittests/wasm/wasm-usecounters.cc | 120 + deps/v8/test/wasm-api-tests/regressions.cc | 4 +- deps/v8/test/wasm-api-tests/serialize.cc | 1 + deps/v8/test/wasm-api-tests/startup-errors.cc | 4 +- deps/v8/test/wasm-api-tests/table.cc | 3 +- deps/v8/test/wasm-api-tests/traps.cc | 3 +- deps/v8/test/wasm-js/testcfg.py | 4 + deps/v8/test/wasm-js/tests.tar.gz.sha1 | 2 +- deps/v8/test/wasm-js/wasm-js.status | 49 +- deps/v8/test/wasm-spec-tests/testcfg.py | 10 +- .../v8/test/wasm-spec-tests/tests.tar.gz.sha1 | 2 +- .../wasm-spec-tests/wasm-spec-tests.status | 74 +- deps/v8/test/webkit/webkit.status | 4 +- deps/v8/third_party/abseil-cpp/BUILD.gn | 13 +- deps/v8/third_party/abseil-cpp/CMakeLists.txt | 18 +- .../v8/third_party/abseil-cpp/README.chromium | 2 +- deps/v8/third_party/abseil-cpp/absl.gni | 41 +- .../abseil-cpp/absl/algorithm/container.h | 4 +- .../absl/algorithm/container_test.cc | 2 + .../abseil-cpp/absl/base/CMakeLists.txt | 1 + .../abseil-cpp/absl/base/attributes.h | 2 + .../third_party/abseil-cpp/absl/base/config.h | 2 +- .../absl/base/internal/nullability_impl.h | 73 +- .../third_party/abseil-cpp/absl/base/macros.h | 17 +- .../abseil-cpp/absl/base/nullability.h | 18 +- .../abseil-cpp/absl/base/policy_checks.h | 2 + .../abseil-cpp/absl/container/BUILD.bazel | 2 + .../abseil-cpp/absl/container/BUILD.gn | 2 + .../abseil-cpp/absl/container/CMakeLists.txt | 2 + .../absl/container/flat_hash_set_test.cc | 60 + .../absl/container/inlined_vector.h | 3 +- .../absl/container/inlined_vector_test.cc | 6 +- .../absl/container/internal/raw_hash_set.cc | 2 +- .../absl/container/internal/raw_hash_set.h | 202 +- .../container/internal/raw_hash_set_test.cc | 14 +- .../absl/crc/internal/non_temporal_memcpy.h | 28 +- .../absl/debugging/internal/elf_mem_image.h | 2 +- .../abseil-cpp/absl/debugging/symbolize.cc | 5 +- .../abseil-cpp/absl/flags/internal/flag.h | 4 + .../abseil-cpp/absl/hash/hash_test.cc | 32 + .../abseil-cpp/absl/hash/internal/hash.h | 14 +- .../abseil-cpp/absl/log/globals_test.cc | 9 + .../abseil-cpp/absl/log/internal/BUILD.bazel | 1 + .../absl/log/internal/vlog_config.cc | 9 +- .../abseil-cpp/absl/log/vlog_is_on_test.cc | 75 +- .../abseil-cpp/absl/numeric/int128.h | 18 +- .../absl/numeric/int128_have_intrinsic.inc | 10 +- .../absl/numeric/int128_no_intrinsic.inc | 9 +- .../abseil-cpp/absl/numeric/int128_test.cc | 88 +- .../abseil-cpp/absl/strings/BUILD.bazel | 2 +- .../abseil-cpp/absl/strings/BUILD.gn | 2 +- .../abseil-cpp/absl/strings/CMakeLists.txt | 2 +- .../abseil-cpp/absl/strings/ascii.cc | 13 +- .../abseil-cpp/absl/strings/ascii.h | 26 +- .../abseil-cpp/absl/strings/ascii_test.cc | 8 + .../abseil-cpp/absl/strings/charset.h | 7 +- .../abseil-cpp/absl/strings/escaping.cc | 90 +- .../absl/strings/escaping_benchmark.cc | 57 +- .../absl/strings/str_format_test.cc | 16 +- .../absl/strings/string_view_test.cc | 19 +- .../abseil-cpp/absl/synchronization/mutex.cc | 50 +- .../abseil-cpp/absl/time/duration.cc | 13 +- .../absl/time/internal/cctz/BUILD.bazel | 12 +- .../internal/cctz/src/time_zone_lookup.cc | 1 + .../cctz/src/time_zone_lookup_test.cc | 41 +- .../absl/time/internal/cctz/src/tzfile.h | 8 +- .../absl/time/internal/cctz/testdata/version | 2 +- .../cctz/testdata/zoneinfo/Africa/Maputo | Bin 131 -> 131 bytes .../testdata/zoneinfo/America/Bahia_Banderas | Bin 728 -> 700 bytes .../cctz/testdata/zoneinfo/America/Cancun | Bin 529 -> 538 bytes .../cctz/testdata/zoneinfo/America/Chihuahua | Bin 691 -> 691 bytes .../testdata/zoneinfo/America/Ciudad_Juarez | Bin 718 -> 718 bytes .../cctz/testdata/zoneinfo/America/Ensenada | Bin 1025 -> 1079 bytes .../cctz/testdata/zoneinfo/America/Hermosillo | Bin 286 -> 258 bytes .../cctz/testdata/zoneinfo/America/Mazatlan | Bin 718 -> 690 bytes .../cctz/testdata/zoneinfo/America/Merida | Bin 654 -> 654 bytes .../testdata/zoneinfo/America/Mexico_City | Bin 773 -> 773 bytes .../cctz/testdata/zoneinfo/America/Monterrey | Bin 644 -> 709 bytes .../cctz/testdata/zoneinfo/America/Ojinaga | Bin 718 -> 718 bytes .../testdata/zoneinfo/America/Santa_Isabel | Bin 1025 -> 1079 bytes .../cctz/testdata/zoneinfo/America/Tijuana | Bin 1025 -> 1079 bytes .../cctz/testdata/zoneinfo/Asia/Choibalsan | Bin 619 -> 594 bytes .../internal/cctz/testdata/zoneinfo/Asia/Dili | Bin 170 -> 170 bytes .../cctz/testdata/zoneinfo/Atlantic/Azores | Bin 1453 -> 1401 bytes .../cctz/testdata/zoneinfo/Atlantic/Madeira | Bin 1453 -> 1372 bytes .../time/internal/cctz/testdata/zoneinfo/CET | Bin 621 -> 1103 bytes .../internal/cctz/testdata/zoneinfo/CST6CDT | Bin 951 -> 1754 bytes .../time/internal/cctz/testdata/zoneinfo/EET | Bin 497 -> 682 bytes .../time/internal/cctz/testdata/zoneinfo/EST | Bin 111 -> 149 bytes .../internal/cctz/testdata/zoneinfo/EST5EDT | Bin 951 -> 1744 bytes .../cctz/testdata/zoneinfo/Europe/Lisbon | Bin 1454 -> 1463 bytes .../time/internal/cctz/testdata/zoneinfo/HST | Bin 112 -> 221 bytes .../time/internal/cctz/testdata/zoneinfo/MET | Bin 621 -> 1103 bytes .../time/internal/cctz/testdata/zoneinfo/MST | Bin 111 -> 240 bytes .../internal/cctz/testdata/zoneinfo/MST7MDT | Bin 951 -> 1042 bytes .../cctz/testdata/zoneinfo/Mexico/BajaNorte | Bin 1025 -> 1079 bytes .../cctz/testdata/zoneinfo/Mexico/BajaSur | Bin 718 -> 690 bytes .../cctz/testdata/zoneinfo/Mexico/General | Bin 773 -> 773 bytes .../internal/cctz/testdata/zoneinfo/PST8PDT | Bin 951 -> 1294 bytes .../internal/cctz/testdata/zoneinfo/Portugal | Bin 1454 -> 1463 bytes .../time/internal/cctz/testdata/zoneinfo/WET | Bin 494 -> 1463 bytes .../cctz/testdata/zoneinfo/zone1970.tab | 3 +- .../cctz/testdata/zoneinfo/zonenow.tab | 8 +- .../abseil-cpp/absl/types/BUILD.bazel | 1 + .../abseil-cpp/absl/types/BUILD.gn | 1 + .../abseil-cpp/absl/types/CMakeLists.txt | 1 + .../third_party/abseil-cpp/absl/types/span.h | 42 +- .../0002-delete-unprefixed-annotations.patch | 2 +- ...ete-static-initializer-in-stacktrace.patch | 2 +- .../abseil-cpp/symbols_arm64_dbg.def | 500 +---- .../abseil-cpp/symbols_arm64_rel.def | 1 - .../abseil-cpp/symbols_x64_dbg.def | 500 +---- .../abseil-cpp/symbols_x64_rel.def | 2 - .../abseil-cpp/symbols_x64_rel_asan.def | 6 +- .../abseil-cpp/symbols_x86_dbg.def | 500 +---- .../abseil-cpp/symbols_x86_rel.def | 2 - deps/v8/third_party/cpu_features/README.v8 | 2 +- deps/v8/third_party/fp16/README.v8 | 2 +- .../fp16/src/include/fp16/bitcasts.h | 10 +- deps/v8/third_party/glibc/README.v8 | 1 + .../third_party/inspector_protocol/README.v8 | 2 +- .../inspector_protocol/code_generator.py | 2 +- .../inspector_protocol/crdtp/cbor.h | 3 +- .../lib/Values_cpp.template | 3 +- deps/v8/third_party/llvm-libc/BUILD.gn | 16 + deps/v8/third_party/llvm-libc/README.md | 1 + deps/v8/third_party/llvm-libc/README.v8 | 12 + deps/v8/third_party/v8/builtins/array-sort.tq | 4 +- deps/v8/third_party/v8/codegen/fp16-inl.h | 6 +- deps/v8/third_party/zlib/chromeconf.h | 3 - .../zlib/google/zip_reader_unittest.cc | 7 +- .../third_party/zlib/google/zip_unittest.cc | 32 +- deps/v8/tools/.vpython3 | 5 + deps/v8/tools/README.md | 4 +- .../foozzie/testdata/baseline/d8.py | 10 +- .../clusterfuzz/foozzie/testdata/build1/d8.py | 9 +- .../clusterfuzz/foozzie/testdata/build2/d8.py | 8 +- .../clusterfuzz/foozzie/testdata/build3/d8.py | 10 +- .../clusterfuzz/foozzie/testdata/build4/d8.py | 16 + .../testdata/build4/v8_build_config.json | 1 + .../clusterfuzz/foozzie/testdata/build5/d8.py | 20 + .../testdata/build5/v8_build_config.json | 1 + .../foozzie/testdata/failure_output.txt | 27 +- .../foozzie/testdata/failure_output_arch.txt | 27 +- .../testdata/failure_output_second.txt | 27 +- .../clusterfuzz/foozzie/testdata/fuzz-123.js | 3 + .../foozzie/testdata/fuzz-wasm-struct-123.js | 7 + .../testdata/simulated_crash_output.txt | 5 + .../testdata/smoke_test_crash_output.txt | 5 + .../foozzie/testdata/smoke_test_output.txt | 45 +- .../tools/clusterfuzz/foozzie/v8_commands.py | 58 +- .../tools/clusterfuzz/foozzie/v8_foozzie.py | 313 ++- .../clusterfuzz/foozzie/v8_foozzie_test.py | 459 ++-- .../clusterfuzz/foozzie/v8_fuzz_config.py | 17 +- .../clusterfuzz/foozzie/v8_fuzz_flags.json | 2 + deps/v8/tools/clusterfuzz/foozzie/v8_mock.js | 6 + .../clusterfuzz/foozzie/v8_smoke_tests.js | 3 + .../clusterfuzz/foozzie/v8_suppressions.py | 233 +- .../mutators/function_call_mutator.js | 6 +- deps/v8/tools/clusterfuzz/js_fuzzer/run.js | 108 +- deps/v8/tools/clusterfuzz/js_fuzzer/runner.js | 123 ++ .../test/test_mutate_function_calls.js | 2 +- .../js_fuzzer/test/test_mutation_order.js | 2 +- .../js_fuzzer/test/test_regressions.js | 2 +- .../clusterfuzz/js_fuzzer/test/test_runner.js | 67 + .../input_archive/CrashTests/crash_test.js | 5 + .../input_archive/WebKit/JSTests/jsc_test.js | 5 + .../input_archive/chakra/chakra_test1.js | 5 + .../input_archive/chakra/chakra_test2.js | 5 + .../spidermonkey/spidermonkey_test.js | 5 + .../input_archive/v8/test/mjsunit/v8_test.js | 5 + .../trials/clusterfuzz_trials_config.json | 2 +- deps/v8/tools/debug_helper/compiler-types.cc | 2 +- deps/v8/tools/dev/gen-tags.py | 2 +- deps/v8/tools/dev/gm.py | 10 +- deps/v8/tools/gdbinit | 32 +- deps/v8/tools/gen-postmortem-metadata.py | 65 +- deps/v8/tools/lldb_visualizers.py | 8 +- deps/v8/tools/package-lock.json | 1895 +++++++++------- deps/v8/tools/package.json | 8 +- deps/v8/tools/predictable_wrapper.py | 2 +- .../linux-perf-chrome-renderer-cmd.sh | 87 +- deps/v8/tools/profiling/linux-perf-chrome.py | 99 +- deps/v8/tools/profiling/linux-perf-d8.py | 58 +- deps/v8/tools/run_perf.py | 9 +- deps/v8/tools/system-analyzer/local-server.sh | 27 +- deps/v8/tools/testrunner/base_runner.py | 10 +- deps/v8/tools/testrunner/build_config.py | 4 +- deps/v8/tools/testrunner/local/android.py | 5 + deps/v8/tools/testrunner/local/context.py | 8 + deps/v8/tools/testrunner/local/statusfile.py | 6 +- deps/v8/tools/testrunner/local/variants.py | 10 +- deps/v8/tools/testrunner/num_fuzzer.py | 4 +- deps/v8/tools/testrunner/objects/testcase.py | 100 +- deps/v8/tools/testrunner/standard_runner.py | 7 +- .../tools/testrunner/standard_runner_test.py | 26 +- deps/v8/tools/testrunner/testproc/fuzzer.py | 2 +- deps/v8/tools/turbolizer/README.md | 4 - deps/v8/tools/turbolizer/package-lock.json | 146 +- deps/v8/tools/turbolizer/package.json | 3 +- deps/v8/tools/turbolizer/rollup.config.js | 2 +- .../turboshaft-graph-operation.ts | 105 +- .../wasm/mjsunit-module-disassembler-impl.h | 86 +- deps/v8/tools/wasm/module-inspector.cc | 35 +- deps/v8/tools/wasm/update-wasm-spec-tests.sh | 206 +- deps/v8/tools/whitespace.txt | 3 +- 2069 files changed, 56620 insertions(+), 33911 deletions(-) create mode 100644 deps/v8/pyrightconfig.json create mode 100644 deps/v8/src/base/sanitizer/ubsan.h delete mode 100644 deps/v8/src/base/template-meta-programming/algorithm.h create mode 100644 deps/v8/src/base/template-meta-programming/common.h create mode 100644 deps/v8/src/common/thread-local-storage.h rename deps/v8/src/compiler/{graph-visualizer.cc => turbofan-graph-visualizer.cc} (99%) rename deps/v8/src/compiler/{graph-visualizer.h => turbofan-graph-visualizer.h} (98%) rename deps/v8/src/compiler/{graph.cc => turbofan-graph.cc} (96%) rename deps/v8/src/compiler/{graph.h => turbofan-graph.h} (97%) rename deps/v8/src/compiler/{typer.cc => turbofan-typer.cc} (96%) rename deps/v8/src/compiler/{typer.h => turbofan-typer.h} (91%) rename deps/v8/src/compiler/{types.cc => turbofan-types.cc} (99%) rename deps/v8/src/compiler/{types.h => turbofan-types.h} (99%) delete mode 100644 deps/v8/src/compiler/turboshaft/simplified-lowering-phase.cc delete mode 100644 deps/v8/src/compiler/turboshaft/simplified-lowering-phase.h delete mode 100644 deps/v8/src/compiler/turboshaft/simplified-lowering-reducer.h delete mode 100644 deps/v8/src/deoptimizer/deoptimizer-cfi-builtins.cc delete mode 100644 deps/v8/src/deoptimizer/deoptimizer-cfi-empty.cc create mode 100644 deps/v8/src/diagnostics/etw-debug-win.cc create mode 100644 deps/v8/src/diagnostics/etw-debug-win.h create mode 100644 deps/v8/src/diagnostics/etw-isolate-capture-state-monitor-win.cc create mode 100644 deps/v8/src/diagnostics/etw-isolate-capture-state-monitor-win.h create mode 100644 deps/v8/src/heap/heap-layout-inl.h create mode 100644 deps/v8/src/heap/heap-layout.cc create mode 100644 deps/v8/src/heap/heap-layout.h create mode 100644 deps/v8/src/heap/heap-utils-inl.h create mode 100644 deps/v8/src/heap/heap-utils.h rename deps/v8/src/heap/{objects-visiting-inl.h => heap-visitor-inl.h} (61%) rename deps/v8/src/heap/{objects-visiting.cc => heap-visitor.cc} (98%) rename deps/v8/src/heap/{objects-visiting.h => heap-visitor.h} (71%) create mode 100644 deps/v8/src/heap/live-object-range-inl.h create mode 100644 deps/v8/src/heap/live-object-range.h delete mode 100644 deps/v8/src/heap/memory-chunk-layout.cc create mode 100644 deps/v8/src/heap/visit-object.cc create mode 100644 deps/v8/src/heap/visit-object.h create mode 100644 deps/v8/src/maglev/riscv/maglev-assembler-riscv-inl.h create mode 100644 deps/v8/src/maglev/riscv/maglev-assembler-riscv.cc create mode 100644 deps/v8/src/maglev/riscv/maglev-ir-riscv.cc delete mode 100644 deps/v8/src/objects/bigint-inl.h rename deps/v8/src/parsing/{import-assertions.cc => import-attributes.cc} (91%) rename deps/v8/src/parsing/{import-assertions.h => import-attributes.h} (87%) create mode 100644 deps/v8/src/regexp/regexp-result-vector.cc create mode 100644 deps/v8/src/regexp/regexp-result-vector.h delete mode 100644 deps/v8/src/wasm/serialized-signature-inl.h create mode 100644 deps/v8/test/inspector/debugger/ignore-anonymous-and-content-script-expected.txt create mode 100644 deps/v8/test/inspector/debugger/ignore-anonymous-and-content-script.js create mode 100644 deps/v8/test/inspector/runtime/error-stack-async-expected.txt create mode 100644 deps/v8/test/inspector/runtime/error-stack-async.js create mode 100644 deps/v8/test/intl/duration-format/format-digital-longdigits.js create mode 100644 deps/v8/test/intl/number-format/pr925.js create mode 100644 deps/v8/test/intl/plural-rules/resolvedOptions-pluralCategories-order.js delete mode 100644 deps/v8/test/js-perf-test/RegExp/RegExpTests.json create mode 100644 deps/v8/test/js-perf-test/RegExp/base_replace_emoji_g.js create mode 100644 deps/v8/test/js-perf-test/RegExp/base_replace_emoji_gu.js create mode 100644 deps/v8/test/js-perf-test/RegExp/base_replace_emoji_gv.js create mode 100644 deps/v8/test/js-perf-test/RegExp/base_replaceall_emoji_g.js create mode 100644 deps/v8/test/js-perf-test/RegExp/base_replaceall_emoji_gu.js create mode 100644 deps/v8/test/js-perf-test/RegExp/base_replaceall_emoji_gv.js create mode 100644 deps/v8/test/js-perf-test/RegExp/replace_emoji_g.js create mode 100644 deps/v8/test/js-perf-test/RegExp/replace_emoji_gu.js create mode 100644 deps/v8/test/js-perf-test/RegExp/replace_emoji_gv.js create mode 100644 deps/v8/test/js-perf-test/RegExp/replaceall_emoji_g.js create mode 100644 deps/v8/test/js-perf-test/RegExp/replaceall_emoji_gu.js create mode 100644 deps/v8/test/js-perf-test/RegExp/replaceall_emoji_gv.js create mode 100644 deps/v8/test/js-perf-test/RegExp/slow_replace_emoji_g.js create mode 100644 deps/v8/test/js-perf-test/RegExp/slow_replace_emoji_gu.js create mode 100644 deps/v8/test/js-perf-test/RegExp/slow_replace_emoji_gv.js create mode 100644 deps/v8/test/js-perf-test/RegExp/slow_replaceall_emoji_g.js create mode 100644 deps/v8/test/js-perf-test/RegExp/slow_replaceall_emoji_gu.js create mode 100644 deps/v8/test/js-perf-test/RegExp/slow_replaceall_emoji_gv.js delete mode 100644 deps/v8/test/message/fail/modules-import-assertions-fail-1.out delete mode 100644 deps/v8/test/message/fail/modules-import-assertions-fail-3.out rename deps/v8/test/message/fail/{modules-import-assertions-fail-1.mjs => modules-import-attributes-fail-1.mjs} (60%) create mode 100644 deps/v8/test/message/fail/modules-import-attributes-fail-1.out rename deps/v8/test/message/fail/{modules-import-assertions-fail-2.mjs => modules-import-attributes-fail-2.mjs} (62%) rename deps/v8/test/message/fail/{modules-import-assertions-fail-2.out => modules-import-attributes-fail-2.out} (61%) rename deps/v8/test/message/fail/{modules-import-assertions-fail-3.mjs => modules-import-attributes-fail-3.mjs} (67%) create mode 100644 deps/v8/test/message/fail/modules-import-attributes-fail-3.out rename deps/v8/test/message/fail/{modules-skip-1-import-assertions-fail.mjs => modules-skip-1-import-attributes-fail.mjs} (100%) rename deps/v8/test/message/fail/{modules-skip-3-import-assertions-fail.json => modules-skip-3-import-attributes-fail.json} (100%) delete mode 100644 deps/v8/test/mjsunit/asm/noexpose-wasm.js create mode 100644 deps/v8/test/mjsunit/compiler/load_mutable_heap_slot_context_specialized.js create mode 100644 deps/v8/test/mjsunit/compiler/regress-356196918.js create mode 100644 deps/v8/test/mjsunit/compiler/regress-376100382.js create mode 100644 deps/v8/test/mjsunit/compiler/regress-376307767.js create mode 100644 deps/v8/test/mjsunit/compiler/regress-376818204.js create mode 100644 deps/v8/test/mjsunit/compiler/regress-385386138.js create mode 100644 deps/v8/test/mjsunit/compiler/regress-crbug-369685641.js delete mode 100644 deps/v8/test/mjsunit/harmony/modules-import-assertions-1.mjs delete mode 100644 deps/v8/test/mjsunit/harmony/modules-import-assertions-2.mjs delete mode 100644 deps/v8/test/mjsunit/harmony/modules-import-assertions-3.mjs delete mode 100644 deps/v8/test/mjsunit/harmony/modules-import-assertions-4.mjs delete mode 100644 deps/v8/test/mjsunit/harmony/modules-import-assertions-dynamic-1.mjs delete mode 100644 deps/v8/test/mjsunit/harmony/modules-import-assertions-dynamic-10.mjs delete mode 100644 deps/v8/test/mjsunit/harmony/modules-import-assertions-dynamic-11.mjs delete mode 100644 deps/v8/test/mjsunit/harmony/modules-import-assertions-dynamic-12.mjs delete mode 100644 deps/v8/test/mjsunit/harmony/modules-import-assertions-dynamic-2.mjs delete mode 100644 deps/v8/test/mjsunit/harmony/modules-import-assertions-dynamic-3.mjs delete mode 100644 deps/v8/test/mjsunit/harmony/modules-import-assertions-dynamic-4.mjs delete mode 100644 deps/v8/test/mjsunit/harmony/modules-import-assertions-dynamic-5.mjs delete mode 100644 deps/v8/test/mjsunit/harmony/modules-import-assertions-dynamic-6.mjs delete mode 100644 deps/v8/test/mjsunit/harmony/modules-import-assertions-dynamic-7.mjs delete mode 100644 deps/v8/test/mjsunit/harmony/modules-import-assertions-dynamic-8.mjs delete mode 100644 deps/v8/test/mjsunit/harmony/modules-import-assertions-dynamic-9.mjs delete mode 100644 deps/v8/test/mjsunit/harmony/modules-import-attributes-dynamic-assertions-fallback-1.mjs delete mode 100644 deps/v8/test/mjsunit/harmony/modules-import-attributes-dynamic-assertions-fallback-2.mjs create mode 100644 deps/v8/test/mjsunit/harmony/regress/regress-368503280.js create mode 100644 deps/v8/test/mjsunit/harmony/regress/regress-369010108.js create mode 100644 deps/v8/test/mjsunit/harmony/regress/regress-369652654.js create mode 100644 deps/v8/test/mjsunit/maglev/load_mutable_heap_slot_context_specialized.js create mode 100644 deps/v8/test/mjsunit/maglev/load_mutable_heap_slot_no_context_specialized.js create mode 100644 deps/v8/test/mjsunit/maglev/regress-367814188.js create mode 100644 deps/v8/test/mjsunit/maglev/regress-369652820.js create mode 100644 deps/v8/test/mjsunit/maglev/regress-371659897.js create mode 100644 deps/v8/test/mjsunit/maglev/regress-373473130.js create mode 100644 deps/v8/test/mjsunit/maglev/regress-375330032.js create mode 100644 deps/v8/test/mjsunit/maglev/regress-376502882.js create mode 100644 deps/v8/test/mjsunit/maglev/regress-376503834.js create mode 100644 deps/v8/test/mjsunit/maglev/regress-377352333.js create mode 100644 deps/v8/test/mjsunit/maglev/regress-377736134.js create mode 100644 deps/v8/test/mjsunit/maglev/regress-378014582.js create mode 100644 deps/v8/test/mjsunit/maglev/regress-379843860.js create mode 100644 deps/v8/test/mjsunit/maglev/regress-389330329.js create mode 100644 deps/v8/test/mjsunit/maglev/regress-6565476905713664.js create mode 100644 deps/v8/test/mjsunit/maglev/regress/regress-367758074.js create mode 100644 deps/v8/test/mjsunit/maglev/regress/regress-371044612.js create mode 100644 deps/v8/test/mjsunit/maglev/store_mutable_heap_slot_context_specialized.js create mode 100644 deps/v8/test/mjsunit/maglev/store_mutable_heap_slot_no_context_specialized.js create mode 100644 deps/v8/test/mjsunit/maglev/string-wrapper-add-1.js create mode 100644 deps/v8/test/mjsunit/maglev/string-wrapper-add-2.js create mode 100644 deps/v8/test/mjsunit/maglev/string-wrapper-add-3.js create mode 100644 deps/v8/test/mjsunit/regexp-match-global-atom-cache.js rename deps/v8/test/mjsunit/{harmony => }/regexp-unicode-sets.js (92%) create mode 100644 deps/v8/test/mjsunit/regress-367066330.js create mode 100644 deps/v8/test/mjsunit/regress-376701117.js create mode 100644 deps/v8/test/mjsunit/regress-376723691.js create mode 100644 deps/v8/test/mjsunit/regress-376738752.js create mode 100644 deps/v8/test/mjsunit/regress-377352368.js create mode 100644 deps/v8/test/mjsunit/regress-crbug-370694832.js create mode 100644 deps/v8/test/mjsunit/regress/regress-366323469.js create mode 100644 deps/v8/test/mjsunit/regress/regress-366323504.js create mode 100644 deps/v8/test/mjsunit/regress/regress-366635361.js create mode 100644 deps/v8/test/mjsunit/regress/regress-366783816.js create mode 100644 deps/v8/test/mjsunit/regress/regress-367752279.js create mode 100644 deps/v8/test/mjsunit/regress/regress-367779587.js create mode 100644 deps/v8/test/mjsunit/regress/regress-368076858.js create mode 100644 deps/v8/test/mjsunit/regress/regress-368467195.js create mode 100644 deps/v8/test/mjsunit/regress/regress-369667727.js create mode 100644 deps/v8/test/mjsunit/regress/regress-371237560.js create mode 100644 deps/v8/test/mjsunit/regress/regress-372298921.js create mode 100644 deps/v8/test/mjsunit/regress/regress-372524119.js create mode 100644 deps/v8/test/mjsunit/regress/regress-372750822.mjs create mode 100644 deps/v8/test/mjsunit/regress/regress-372819446.js create mode 100644 deps/v8/test/mjsunit/regress/regress-374627491.js create mode 100644 deps/v8/test/mjsunit/regress/regress-374812617.js create mode 100644 deps/v8/test/mjsunit/regress/regress-376770786.js create mode 100644 deps/v8/test/mjsunit/regress/regress-377574368.js create mode 100644 deps/v8/test/mjsunit/regress/regress-crbug-366863049.js create mode 100644 deps/v8/test/mjsunit/regress/regress-crbug-366873205.js create mode 100644 deps/v8/test/mjsunit/regress/regress-crbug-368634139.js create mode 100644 deps/v8/test/mjsunit/regress/regress-crbug-369003813.js create mode 100644 deps/v8/test/mjsunit/regress/regress-crbug-370133742.js create mode 100644 deps/v8/test/mjsunit/regress/regress-crbug-371237564.js create mode 100644 deps/v8/test/mjsunit/regress/regress-crbug-371239173.js create mode 100644 deps/v8/test/mjsunit/regress/regress-crbug-371445202.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-342602616.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-361123483.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-361717714.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-362539773.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-366307027.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-366323508.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-366350766.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-366350770.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-366350772.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-368070338.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-368086282.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-368512282.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-369533086.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-369652650.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-370191716.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-371565065.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-372067240.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-372261626.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-372294705.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-372993873.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-373684419.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-373702823.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-373907109.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-375220562.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-375314963.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-375343420.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-375346071.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-375959770.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-377620832.js create mode 100644 deps/v8/test/mjsunit/regress/wasm/regress-377971725.js create mode 100644 deps/v8/test/mjsunit/sandbox/regress/regress-342297062-1.js rename deps/v8/test/mjsunit/sandbox/regress/{regress-342297062.js => regress-342297062-2.js} (100%) create mode 100644 deps/v8/test/mjsunit/sandbox/regress/regress-342297062-3.js create mode 100644 deps/v8/test/mjsunit/sandbox/regress/regress-348084786.js create mode 100644 deps/v8/test/mjsunit/sandbox/regress/regress-354408144.js create mode 100644 deps/v8/test/mjsunit/sandbox/regress/regress-369748453-1.js create mode 100644 deps/v8/test/mjsunit/sandbox/regress/regress-369748453-2.js create mode 100644 deps/v8/test/mjsunit/sandbox/regress/regress-369748453-3.js create mode 100644 deps/v8/test/mjsunit/sandbox/regress/regress-376071292-1.js create mode 100644 deps/v8/test/mjsunit/shared-memory/regress-crbug-366323424.js create mode 100644 deps/v8/test/mjsunit/shared-memory/regress-crbug-366643711.js create mode 100644 deps/v8/test/mjsunit/shared-memory/shared-heap.js create mode 100644 deps/v8/test/mjsunit/stress-delay-tasks.js create mode 100644 deps/v8/test/mjsunit/string-wrapper-add-3.js create mode 100644 deps/v8/test/mjsunit/turboshaft/maglev-frontend/regress-358461173-1.js create mode 100644 deps/v8/test/mjsunit/turboshaft/maglev-frontend/regress-358461173-2.js create mode 100644 deps/v8/test/mjsunit/turboshaft/maglev-frontend/regress-358957666.js create mode 100644 deps/v8/test/mjsunit/turboshaft/maglev-frontend/regress-359266991.js create mode 100644 deps/v8/test/mjsunit/turboshaft/maglev-frontend/regress-360207713.js create mode 100644 deps/v8/test/mjsunit/turboshaft/maglev-frontend/regress-361124378.js create mode 100644 deps/v8/test/mjsunit/turboshaft/maglev-frontend/regress-368725681.js create mode 100644 deps/v8/test/mjsunit/turboshaft/maglev-frontend/regress-372754523.js create mode 100644 deps/v8/test/mjsunit/turboshaft/maglev-frontend/regress-373025979.js delete mode 100644 deps/v8/test/mjsunit/turboshaft/turboshaft-frontend-test.js create mode 100644 deps/v8/test/mjsunit/wasm/array-fill-gc.js create mode 100644 deps/v8/test/mjsunit/wasm/deopt/deopt-debugging.js create mode 100644 deps/v8/test/mjsunit/wasm/deopt/deopt-multi-instance-call-indirect.js create mode 100644 deps/v8/test/mjsunit/wasm/deopt/deopt-too-many-inputs.js create mode 100644 deps/v8/test/mjsunit/wasm/esm/module-import-source-dynamic-not-found.mjs create mode 100644 deps/v8/test/mjsunit/wasm/esm/module-import-source-dynamic.mjs delete mode 100644 deps/v8/test/mjsunit/wasm/expose-wasm.js create mode 100644 deps/v8/test/mjsunit/wasm/inlining-multi-instance.js create mode 100644 deps/v8/test/mjsunit/wasm/stack-switching-no-stress.js create mode 100644 deps/v8/test/mjsunit/wasm/table64-js-api.js create mode 100644 deps/v8/test/mjsunit/wasm/type-reflection-other-callable.js delete mode 100755 deps/v8/test/test262/prune-local-tests.sh delete mode 100755 deps/v8/test/test262/upstream-local-tests.sh create mode 100644 deps/v8/test/unittests/api/smi-tagging-unittest.cc delete mode 100644 deps/v8/test/unittests/compiler/turboshaft/simplified-lowering-reducer-unittest.cc create mode 100644 deps/v8/test/unittests/sandbox/pointer-table-unittest.cc create mode 100644 deps/v8/test/unittests/wasm/wasm-compile-module.h create mode 100644 deps/v8/test/unittests/wasm/wasm-usecounters.cc create mode 100644 deps/v8/third_party/llvm-libc/BUILD.gn create mode 100644 deps/v8/third_party/llvm-libc/README.md create mode 100644 deps/v8/third_party/llvm-libc/README.v8 create mode 100644 deps/v8/tools/clusterfuzz/foozzie/testdata/build4/d8.py create mode 100644 deps/v8/tools/clusterfuzz/foozzie/testdata/build4/v8_build_config.json create mode 100644 deps/v8/tools/clusterfuzz/foozzie/testdata/build5/d8.py create mode 100644 deps/v8/tools/clusterfuzz/foozzie/testdata/build5/v8_build_config.json create mode 100644 deps/v8/tools/clusterfuzz/foozzie/testdata/fuzz-wasm-struct-123.js create mode 100644 deps/v8/tools/clusterfuzz/foozzie/testdata/simulated_crash_output.txt create mode 100644 deps/v8/tools/clusterfuzz/foozzie/testdata/smoke_test_crash_output.txt create mode 100644 deps/v8/tools/clusterfuzz/js_fuzzer/runner.js create mode 100644 deps/v8/tools/clusterfuzz/js_fuzzer/test/test_runner.js create mode 100644 deps/v8/tools/clusterfuzz/js_fuzzer/test_data/input_archive/CrashTests/crash_test.js create mode 100644 deps/v8/tools/clusterfuzz/js_fuzzer/test_data/input_archive/WebKit/JSTests/jsc_test.js create mode 100644 deps/v8/tools/clusterfuzz/js_fuzzer/test_data/input_archive/chakra/chakra_test1.js create mode 100644 deps/v8/tools/clusterfuzz/js_fuzzer/test_data/input_archive/chakra/chakra_test2.js create mode 100644 deps/v8/tools/clusterfuzz/js_fuzzer/test_data/input_archive/spidermonkey/spidermonkey_test.js create mode 100644 deps/v8/tools/clusterfuzz/js_fuzzer/test_data/input_archive/v8/test/mjsunit/v8_test.js diff --git a/deps/v8/.gitignore b/deps/v8/.gitignore index 6ecb0ebecd7b0d..c1a7ebb92b9f0f 100644 --- a/deps/v8/.gitignore +++ b/deps/v8/.gitignore @@ -86,6 +86,8 @@ !/third_party/inspector_protocol !/third_party/jsoncpp /third_party/jsoncpp/source +!/third_party/llvm-libc +/third_party/llvm-libc/src !/third_party/re2 /third_party/re2/src !/third_party/test262-harness diff --git a/deps/v8/AUTHORS b/deps/v8/AUTHORS index cc270445c5600c..bf506ef2e54155 100644 --- a/deps/v8/AUTHORS +++ b/deps/v8/AUTHORS @@ -57,7 +57,7 @@ Alexander Botero-Lowry Alexander Karpinsky Alexander Neville Alexandre Vassalotti -Alexey Pavlyutkin +Alexey Pavlyutkin Alexis Campailla Allan Sandfeld Jensen Amos Lim @@ -210,6 +210,7 @@ Maxim Mazurok Maxim Mossienko Md Hasibul Hasan Meir Shpilraien +Meng Tan Michael Lutz Michael Mclaughlin Michael Smith @@ -268,6 +269,7 @@ Sébastien Doeraene Seo Sanghyeon Shawn Anastasio Shawn Presser +Sho Miyamoto Stefan Penner Stefan Stojanovic Stephan Hartmann @@ -290,6 +292,7 @@ Varun Varada Victor Costan Victor Polevoy Vlad Burlik +Vladimir Kempik Vladimir Krivosheev Vladimir Shutoff Wael Almattar @@ -303,6 +306,7 @@ Wiktor Garbacz Wouter Vermeiren Xiaofang Zou Xiaoyin Liu +Yagiz Nizipli Yanbo Li Yannic Bonenberger Yi Wang @@ -325,3 +329,4 @@ Yang Xiang Kotaro Ohsugi Jing Peiyang magic-akari +Ryuhei Shima diff --git a/deps/v8/BUILD.bazel b/deps/v8/BUILD.bazel index 1f269f9c149e56..6c19fa58f66ea0 100644 --- a/deps/v8/BUILD.bazel +++ b/deps/v8/BUILD.bazel @@ -68,10 +68,12 @@ load(":bazel/v8-non-pointer-compression.bzl", "v8_binary_non_pointer_compression # v8_control_flow_integrity # v8_enable_sandbox # cppgc_enable_caged_heap +# cppgc_enable_api_checks # cppgc_enable_check_assignments_in_prefinalizers # cppgc_enable_slim_write_barrier # cppgc_enable_object_names # cppgc_enable_pointer_compression +# cppgc_enable_slow_api_checks # cppgc_enable_verify_heap # cppgc_enable_young_generation # v8_enable_zone_compression @@ -148,6 +150,8 @@ v8_flag(name = "v8_enable_verify_predictable") v8_flag(name = "v8_enable_test_features") +v8_flag(name = "v8_wasm_random_fuzzers") + v8_flag( name = "v8_enable_maglev", default = True, @@ -187,6 +191,14 @@ selects.config_setting_group( ], ) +selects.config_setting_group( + name = "enable_maglev_riscv", + match_all = [ + ":enable_maglev", + "@v8//bazel/config:v8_target_riscv64", + ], +) + selects.config_setting_group( name = "enable_maglev_arm", match_all = [ @@ -326,10 +338,10 @@ selects.config_setting_group( ], ) -# Enable isolated cage if v8_enable_pointer_compression and +# Enable multiple cages if v8_enable_pointer_compression and # NOT v8_enable_pointer_compression_shared_cage. selects.config_setting_group( - name = "enable_pointer_compression_isolated_cage", + name = "enable_pointer_compression_multiple_cages", match_all = [ ":is_v8_enable_pointer_compression", ":is_not_v8_enable_pointer_compression_shared_cage", @@ -463,6 +475,7 @@ v8_config( "V8_ENABLE_SPARKPLUG", "V8_ENABLE_EXTENSIBLE_RO_SNAPSHOT", "V8_ENABLE_CONTINUATION_PRESERVED_EMBEDDER_DATA", + "V8_TLS_USED_IN_LIBRARY", ] + select({ "@v8//bazel/config:is_debug": [ "DEBUG", @@ -480,8 +493,7 @@ v8_config( ], "@v8//bazel/config:v8_target_arm64": ["V8_TARGET_ARCH_ARM64"], "@v8//bazel/config:v8_target_s390x": [ - "V8_TARGET_ARCH_S390", - "V8_TARGET_ARCH_S390X", + "V8_TARGET_ARCH_S390X" ], "@v8//bazel/config:v8_target_riscv64": [ # NOTE: Bazel rules for riscv64 weren't tested on a real system. @@ -525,8 +537,8 @@ v8_config( ":enable_pointer_compression_shared_cage": [ "V8_COMPRESS_POINTERS_IN_SHARED_CAGE", ], - ":enable_pointer_compression_isolated_cage": [ - "V8_COMPRESS_POINTERS_IN_ISOLATE_CAGE", + ":enable_pointer_compression_multiple_cages": [ + "V8_COMPRESS_POINTERS_IN_MULTIPLE_CAGES", ], "//conditions:default": [], }) + select({ @@ -837,7 +849,7 @@ filegroup( "src/base/strings.h", "src/base/sys-info.cc", "src/base/sys-info.h", - "src/base/template-meta-programming/algorithm.h", + "src/base/template-meta-programming/common.h", "src/base/template-meta-programming/functional.h", "src/base/template-meta-programming/list.h", "src/base/template-meta-programming/string-literal.h", @@ -1299,6 +1311,7 @@ filegroup( "src/base/sanitizer/lsan-virtual-address-space.h", "src/base/sanitizer/msan.h", "src/base/sanitizer/tsan.h", + "src/base/sanitizer/ubsan.h", "src/baseline/baseline.cc", "src/baseline/baseline.h", "src/baseline/baseline-assembler.h", @@ -1449,6 +1462,7 @@ filegroup( "src/common/ptr-compr.cc", "src/common/ptr-compr.h", "src/common/ptr-compr-inl.h", + "src/common/thread-local-storage.h", "src/common/segmented-table.h", "src/common/segmented-table-inl.h", "src/common/simd128.h", @@ -1674,8 +1688,13 @@ filegroup( "src/heap/heap-controller.cc", "src/heap/heap-controller.h", "src/heap/heap-inl.h", + "src/heap/heap-layout.cc", + "src/heap/heap-layout.h", + "src/heap/heap-layout-inl.h", "src/heap/heap-layout-tracer.cc", "src/heap/heap-layout-tracer.h", + "src/heap/heap-utils.h", + "src/heap/heap-utils-inl.h", "src/heap/heap-verifier.cc", "src/heap/heap-verifier.h", "src/heap/heap-write-barrier.cc", @@ -1695,6 +1714,8 @@ filegroup( "src/heap/large-spaces.h", "src/heap/linear-allocation-area.h", "src/heap/list.h", + "src/heap/live-object-range.h", + "src/heap/live-object-range-inl.h", "src/heap/local-factory.cc", "src/heap/local-factory.h", "src/heap/local-factory-inl.h", @@ -1735,7 +1756,6 @@ filegroup( "src/heap/memory-chunk.cc", "src/heap/memory-chunk.h", "src/heap/memory-chunk-inl.h", - "src/heap/memory-chunk-layout.cc", "src/heap/memory-chunk-layout.h", "src/heap/memory-measurement.cc", "src/heap/memory-measurement.h", @@ -1751,9 +1771,9 @@ filegroup( "src/heap/object-lock-inl.h", "src/heap/object-stats.cc", "src/heap/object-stats.h", - "src/heap/objects-visiting.cc", - "src/heap/objects-visiting.h", - "src/heap/objects-visiting-inl.h", + "src/heap/heap-visitor.cc", + "src/heap/heap-visitor.h", + "src/heap/heap-visitor-inl.h", "src/heap/page-metadata.cc", "src/heap/page-metadata.h", "src/heap/page-metadata-inl.h", @@ -1792,6 +1812,8 @@ filegroup( "src/heap/sweeper.h", "src/heap/traced-handles-marking-visitor.cc", "src/heap/traced-handles-marking-visitor.h", + "src/heap/visit-object.cc", + "src/heap/visit-object.h", "src/heap/weak-object-worklists.cc", "src/heap/weak-object-worklists.h", "src/heap/young-generation-marking-visitor.h", @@ -1911,7 +1933,6 @@ filegroup( "src/objects/backing-store.h", "src/objects/bigint.cc", "src/objects/bigint.h", - "src/objects/bigint-inl.h", "src/objects/bytecode-array.cc", "src/objects/bytecode-array.h", "src/objects/bytecode-array-inl.h", @@ -2193,8 +2214,8 @@ filegroup( "src/parsing/expression-scope.h", "src/parsing/func-name-inferrer.cc", "src/parsing/func-name-inferrer.h", - "src/parsing/import-assertions.cc", - "src/parsing/import-assertions.h", + "src/parsing/import-attributes.cc", + "src/parsing/import-attributes.h", "src/parsing/keywords-gen.h", "src/parsing/literal-buffer.cc", "src/parsing/literal-buffer.h", @@ -2291,6 +2312,8 @@ filegroup( "src/regexp/regexp-nodes.h", "src/regexp/regexp-parser.cc", "src/regexp/regexp-parser.h", + "src/regexp/regexp-result-vector.cc", + "src/regexp/regexp-result-vector.h", "src/regexp/regexp-stack.cc", "src/regexp/regexp-stack.h", "src/regexp/regexp-utils.cc", @@ -2817,6 +2840,13 @@ filegroup( "src/maglev/arm64/maglev-ir-arm64.cc", ], "//conditions:default": [], + }) + select({ + ":enable_maglev_riscv": [ + "src/maglev/riscv/maglev-assembler-riscv-inl.h", + "src/maglev/riscv/maglev-assembler-riscv.cc", + "src/maglev/riscv/maglev-ir-riscv.cc", + ], + "//conditions:default": [], }) + select({ ":enable_maglev_arm": [ "src/maglev/arm/maglev-assembler-arm-inl.h", @@ -2877,7 +2907,6 @@ filegroup( "src/wasm/function-body-decoder-impl.h", "src/wasm/function-compiler.cc", "src/wasm/function-compiler.h", - "src/wasm/fuzzing/random-module-generation.cc", "src/wasm/fuzzing/random-module-generation.h", "src/wasm/graph-builder-interface.cc", "src/wasm/graph-builder-interface.h", @@ -2900,7 +2929,6 @@ filegroup( "src/wasm/object-access.h", "src/wasm/pgo.cc", "src/wasm/pgo.h", - "src/wasm/serialized-signature-inl.h", "src/wasm/signature-hashing.h", "src/wasm/simd-shuffle.cc", "src/wasm/simd-shuffle.h", @@ -2983,6 +3011,11 @@ filegroup( "src/wasm/interpreter/wasm-interpreter-simd.cc", ], "//conditions:default": [], + }) + select({ + ":is_v8_wasm_random_fuzzers": [ + "src/wasm/fuzzing/random-module-generation.cc", + ], + "//conditions:default": [], }), ) @@ -3135,16 +3168,12 @@ filegroup( "src/compiler/frame-states.h", "src/compiler/functional-list.h", "src/compiler/globals.h", - "src/compiler/graph.cc", - "src/compiler/graph.h", "src/compiler/graph-assembler.cc", "src/compiler/graph-assembler.h", "src/compiler/graph-reducer.cc", "src/compiler/graph-reducer.h", "src/compiler/graph-trimmer.cc", "src/compiler/graph-trimmer.h", - "src/compiler/graph-visualizer.cc", - "src/compiler/graph-visualizer.h", "src/compiler/graph-zone-traits.h", "src/compiler/heap-refs.cc", "src/compiler/heap-refs.h", @@ -3268,6 +3297,14 @@ filegroup( "src/compiler/string-builder-optimizer.h", "src/compiler/turbofan.h", "src/compiler/turbofan-enabled.cc", + "src/compiler/turbofan-graph.cc", + "src/compiler/turbofan-graph.h", + "src/compiler/turbofan-graph-visualizer.cc", + "src/compiler/turbofan-graph-visualizer.h", + "src/compiler/turbofan-typer.cc", + "src/compiler/turbofan-typer.h", + "src/compiler/turbofan-types.cc", + "src/compiler/turbofan-types.h", "src/compiler/turboshaft/access-builder.h", "src/compiler/turboshaft/analyzer-iterator.cc", "src/compiler/turboshaft/analyzer-iterator.h", @@ -3282,7 +3319,6 @@ filegroup( "src/compiler/turboshaft/build-graph-phase.cc", "src/compiler/turboshaft/build-graph-phase.h", "src/compiler/turboshaft/builtin-call-descriptors.h", - "src/compiler/turboshaft/builtin-compiler.cc", "src/compiler/turboshaft/builtin-compiler.h", "src/compiler/turboshaft/csa-optimize-phase.cc", "src/compiler/turboshaft/csa-optimize-phase.h", @@ -3366,9 +3402,6 @@ filegroup( "src/compiler/turboshaft/select-lowering-reducer.h", "src/compiler/turboshaft/sidetable.cc", "src/compiler/turboshaft/sidetable.h", - "src/compiler/turboshaft/simplified-lowering-phase.cc", - "src/compiler/turboshaft/simplified-lowering-phase.h", - "src/compiler/turboshaft/simplified-lowering-reducer.h", "src/compiler/turboshaft/simplify-tf-loops.cc", "src/compiler/turboshaft/simplify-tf-loops.h", "src/compiler/turboshaft/snapshot-table.h", @@ -3409,10 +3442,6 @@ filegroup( "src/compiler/type-narrowing-reducer.h", "src/compiler/typed-optimization.cc", "src/compiler/typed-optimization.h", - "src/compiler/typer.cc", - "src/compiler/typer.h", - "src/compiler/types.cc", - "src/compiler/types.h", "src/compiler/use-info.h", "src/compiler/value-numbering-reducer.cc", "src/compiler/value-numbering-reducer.h", @@ -3626,6 +3655,8 @@ filegroup( "src/codegen/code-stub-assembler.h", "src/codegen/define-code-stub-assembler-macros.inc", "src/codegen/undef-code-stub-assembler-macros.inc", + "src/compiler/turboshaft/builtin-compiler.cc", + "src/compiler/turboshaft/builtin-compiler.h", "src/heap/setup-heap-internal.cc", "src/ic/accessor-assembler.cc", "src/ic/accessor-assembler.h", diff --git a/deps/v8/BUILD.gn b/deps/v8/BUILD.gn index 87b212921bb8d5..0c559713ea0b00 100644 --- a/deps/v8/BUILD.gn +++ b/deps/v8/BUILD.gn @@ -62,7 +62,7 @@ declare_args() { # Allows the embedder to add a custom suffix to the version string. v8_embedder_string = "" - # Sets -dENABLE_DISASSEMBLER. + # Sets -DENABLE_DISASSEMBLER. v8_enable_disassembler = "" # Sets the number of internal fields on promise objects. @@ -74,19 +74,19 @@ declare_args() { # Sets the number of internal fields on array buffer view objects. v8_array_buffer_view_internal_field_count = 0 - # Sets -dENABLE_GDB_JIT_INTERFACE. + # Sets -DENABLE_GDB_JIT_INTERFACE. v8_enable_gdbjit = "" - # Sets -dENABLE_VTUNE_JIT_INTERFACE. + # Sets -DENABLE_VTUNE_JIT_INTERFACE. v8_enable_vtunejit = false - # Sets -dENABLE_VTUNE_TRACEMARK. + # Sets -DENABLE_VTUNE_TRACEMARK. v8_enable_vtunetracemark = false - # Sets -dENABLE_HUGEPAGE + # Sets -DENABLE_HUGEPAGE v8_enable_hugepage = false - # Sets -dV8_ENABLE_PRIVATE_MAPPING_FORK_OPTIMIZATION. + # Sets -DV8_ENABLE_PRIVATE_MAPPING_FORK_OPTIMIZATION. # # This flag speeds up the performance of fork/execve on Linux systems for # embedders which use it (like Node.js). It works by marking the pages that @@ -97,7 +97,7 @@ declare_args() { # See v8:7381 for more details. v8_enable_private_mapping_fork_optimization = false - # Sets -dENABLE_HANDLE_ZAPPING. + # Sets -DENABLE_HANDLE_ZAPPING. v8_enable_handle_zapping = is_asan || is_debug # Enable slow dchecks. @@ -118,16 +118,16 @@ declare_args() { # Allow runtime-enabled code comments (with --code-comments). Enabled by # default in debug builds. - # Sets -dV8_CODE_COMMENTS + # Sets -DV8_CODE_COMMENTS v8_code_comments = "" # Allow runtime-enabled debug code (with --debug-code). Enabled by default in # debug builds. - # Sets -dV8_ENABLE_DEBUG_CODE + # Sets -DV8_ENABLE_DEBUG_CODE v8_enable_debug_code = "" # Enable native counters from the snapshot (impacts performance, sets - # -dV8_SNAPSHOT_NATIVE_CODE_COUNTERS). + # -DV8_SNAPSHOT_NATIVE_CODE_COUNTERS). # This option will generate extra code in the snapshot to increment counters, # as per the --native-code-counters flag. v8_enable_snapshot_native_code_counters = "" @@ -142,24 +142,24 @@ declare_args() { # Enable code-generation-time checking of types in the CodeStubAssembler. v8_enable_verify_csa = false - # Sets -dOBJECT_PRINT. + # Sets -DOBJECT_PRINT. v8_enable_object_print = "" - # Sets -dV8_TRACE_MAPS. + # Sets -DV8_TRACE_MAPS. v8_enable_trace_maps = "" - # Sets -dV8_ENABLE_CHECKS. + # Sets -DV8_ENABLE_CHECKS. v8_enable_v8_checks = "" - # Sets -dV8_TRACE_UNOPTIMIZED. + # Sets -DV8_TRACE_UNOPTIMIZED. v8_enable_trace_unoptimized = "" v8_enable_trace_ignition = false v8_enable_trace_baseline_exec = false - # Sets -dV8_TRACE_FEEDBACK_UPDATES. + # Sets -DV8_TRACE_FEEDBACK_UPDATES. v8_enable_trace_feedback_updates = false - # Sets -dV8_ATOMIC_OBJECT_FIELD_WRITES and turns all field write operations + # Sets -DV8_ATOMIC_OBJECT_FIELD_WRITES and turns all field write operations # into relaxed atomic operations. v8_enable_atomic_object_field_writes = "" @@ -167,7 +167,7 @@ declare_args() { # default setting code below. v8_enable_concurrent_marking = true - # Sets -dV8_IGNITION_DISPATCH_COUNTING. + # Sets -DV8_IGNITION_DISPATCH_COUNTING. # Enables counting frequencies of bytecode dispatches. After building in this # configuration, subsequent runs of d8 can output frequencies for each pair # of (current, next) bytecode instructions executed if you specify @@ -219,12 +219,12 @@ declare_args() { v8_enable_test_features = "" # Enable short builtins call instruction sequences by un-embedding builtins. - # Sets -dV8_SHORT_BUILTIN_CALLS + # Sets -DV8_SHORT_BUILTIN_CALLS v8_enable_short_builtin_calls = "" # Enable support for external code range relative to the pointer compression # cage. - # Sets -dV8_EXTERNAL_CODE_SPACE + # Sets -DV8_EXTERNAL_CODE_SPACE v8_enable_external_code_space = "" # With post mortem support enabled, metadata is embedded into libv8 that @@ -307,6 +307,9 @@ declare_args() { v8_current_cpu == "arm64" && (target_is_simulator || arm_control_flow_integrity != "none") + # A temporary flag for development of the WasmCodePointerTable. + v8_enable_wasm_code_pointer_table = false + # Enable heap reservation of size 4GB. Only possible for 64bit archs. cppgc_enable_caged_heap = v8_current_cpu == "x64" || v8_current_cpu == "arm64" || @@ -354,7 +357,7 @@ declare_args() { # Sets -DV8_DICT_PROPERTY_CONST_TRACKING v8_dict_property_const_tracking = false - # Enable map packing & unpacking (sets -dV8_MAP_PACKING). + # Enable map packing & unpacking (sets -DV8_MAP_PACKING). v8_enable_map_packing = false # Allow for JS promise hooks (instead of just C++). @@ -365,7 +368,7 @@ declare_args() { # The flag enables disabling the feature, to test this data's overhead. v8_enable_continuation_preserved_embedder_data = true - # Enable allocation folding globally (sets -dV8_ALLOCATION_FOLDING). + # Enable allocation folding globally (sets -DV8_ALLOCATION_FOLDING). # When it's disabled, the --turbo-allocation-folding runtime flag will be ignored. v8_enable_allocation_folding = true @@ -435,6 +438,9 @@ declare_args() { # Enable Turboshaft CSA pipeline. v8_enable_turboshaft_csa = false + # Black allocate objects on separate pages. + v8_enable_black_allocated_pages = "" + # Use sticky mark-bits for separating object generations. v8_enable_sticky_mark_bits = false @@ -448,6 +454,10 @@ declare_args() { # isn't present, which some embedders rely on. This option controls # the explicit dependency and allows the build to complete. v8_depend_on_icu_data_file = icu_use_data_file + + # Some fuzzers depend on fuzzing functionality linked into the v8 library. + # For binary size reasons this functionality is not always available. + v8_wasm_random_fuzzers = "" } # Derived defaults. @@ -495,6 +505,9 @@ if (v8_enable_drumbrake && v8_enable_webassembly) { is_drumbrake_supported, "DrumBrake is only available on x64, arm64 on Windows, Linux and MacOS.") } +if (v8_enable_black_allocated_pages == "") { + v8_enable_black_allocated_pages = !v8_enable_sticky_mark_bits +} # Toggle pointer compression for correctness fuzzing when building the # clang_x64_pointer_compression toolchain. We'll correctness-compare the @@ -524,13 +537,15 @@ if (v8_enable_zone_compression == "") { } if (v8_enable_short_builtin_calls == "") { v8_enable_short_builtin_calls = - v8_current_cpu == "x64" || v8_current_cpu == "arm64" + v8_current_cpu == "x64" || v8_current_cpu == "arm64" || + v8_current_cpu == "loong64" } if (v8_enable_external_code_space == "") { v8_enable_external_code_space = v8_enable_pointer_compression && v8_enable_pointer_compression_shared_cage && - (v8_current_cpu == "x64" || v8_current_cpu == "arm64") + (v8_current_cpu == "x64" || v8_current_cpu == "arm64" || + v8_current_cpu == "loong64") } if (v8_enable_sparkplug == "") { v8_enable_sparkplug = !v8_jitless @@ -538,7 +553,8 @@ if (v8_enable_sparkplug == "") { if (v8_enable_maglev == "") { v8_enable_maglev = v8_enable_turbofan && (v8_current_cpu == "arm" || v8_current_cpu == "x64" || - v8_current_cpu == "arm64") + v8_current_cpu == "arm64" || v8_current_cpu == "s390x" || + v8_current_cpu == "riscv64") } assert(v8_enable_turbofan || !v8_enable_maglev, "Maglev is not available when Turbofan is disabled.") @@ -579,8 +595,7 @@ if (v8_enable_short_builtin_calls && v8_enable_short_builtin_calls = false } if (v8_enable_shared_ro_heap == "") { - v8_enable_shared_ro_heap = !v8_enable_pointer_compression || - v8_enable_pointer_compression_shared_cage + v8_enable_shared_ro_heap = true } if (v8_enable_sandbox == "") { @@ -606,14 +621,12 @@ if (v8_enable_static_roots == "") { # location relative to the cage base. v8_enable_static_roots = v8_enable_pointer_compression && v8_enable_shared_ro_heap && - v8_enable_pointer_compression_shared_cage && v8_enable_external_code_space && v8_enable_webassembly && v8_enable_i18n_support } assert(!v8_enable_static_roots || (v8_enable_pointer_compression && v8_enable_shared_ro_heap && - v8_enable_pointer_compression_shared_cage && v8_enable_external_code_space && v8_enable_webassembly && v8_enable_i18n_support), "Trying to enable static roots in a configuration that is not supported") @@ -674,13 +687,6 @@ assert(!v8_disable_write_barriers || v8_enable_single_generation, assert(v8_current_cpu == "arm64" || !v8_control_flow_integrity, "Control-flow integrity is only supported on arm64") -if (v8_enable_shared_ro_heap && v8_enable_pointer_compression && - !v8_enable_pointer_compression_shared_cage) { - assert( - is_linux || is_chromeos || is_android, - "Sharing read-only heap with pointer compression is only supported on Linux or Android") -} - assert(!v8_enable_map_packing || !v8_enable_pointer_compression, "Map packing does not support pointer compression") @@ -740,10 +746,26 @@ assert(!v8_enable_cet_shadow_stack || (v8_target_cpu == "x64" && target_os == "win"), "CET shadow stack is supported only on x64 Windows") +if (v8_enable_sticky_mark_bits) { + # To support sticky mark bits, pretenured allocations must be allocated from + # a separate free-list and the atomic pause (or the sweeper) must fix up the + # mark bits. + assert(!v8_enable_black_allocated_pages, + "Black allocated pages are not yet supported with sticky mark bits") +} + if (v8_expose_public_symbols == "") { v8_expose_public_symbols = v8_expose_symbols } +# Some fuzzers depend on fuzzing functionality linked into the v8 library. +# For binary size reasons this functionality is not available for official +# builds, therefore these fuzzers do not function there and should be skipped +# instead. +if (v8_wasm_random_fuzzers == "") { + v8_wasm_random_fuzzers = !is_official_build +} + v8_random_seed = "314159265" v8_toolset_for_shell = "host" @@ -1002,16 +1024,25 @@ config("v8_header_features") { # List of defines that can appear in externally visible cppgc header files and # that are controlled by args.gn. external_cppgc_defines = [ - "CPPGC_SUPPORTS_OBJECT_NAMES", "CPPGC_CAGED_HEAP", + "CPPGC_ENABLE_API_CHECKS", + "CPPGC_ENABLE_LARGER_CAGE", + "CPPGC_ENABLE_SLOW_API_CHECKS", + "CPPGC_POINTER_COMPRESSION", "CPPGC_SLIM_WRITE_BARRIER", + "CPPGC_SUPPORTS_OBJECT_NAMES", "CPPGC_YOUNG_GENERATION", - "CPPGC_POINTER_COMPRESSION", - "CPPGC_ENABLE_LARGER_CAGE", ] enabled_external_cppgc_defines = [] +if (cppgc_enable_api_checks) { + enabled_external_cppgc_defines += [ "CPPGC_ENABLE_API_CHECKS" ] +} +cppgc_enable_slow_api_checks = v8_enable_slow_dchecks +if (cppgc_enable_slow_api_checks) { + enabled_external_cppgc_defines += [ "CPPGC_ENABLE_SLOW_API_CHECKS" ] +} if (cppgc_enable_object_names) { enabled_external_cppgc_defines += [ "CPPGC_SUPPORTS_OBJECT_NAMES" ] } @@ -1203,6 +1234,9 @@ config("features") { if (v8_enable_memory_sealing) { defines += [ "V8_ENABLE_MEMORY_SEALING" ] } + if (v8_enable_wasm_code_pointer_table) { + defines += [ "V8_ENABLE_WASM_CODE_POINTER_TABLE" ] + } if (v8_enable_wasm_gdb_remote_debugging) { defines += [ "V8_ENABLE_WASM_GDB_REMOTE_DEBUGGING" ] } @@ -1317,6 +1351,9 @@ config("features") { if (v8_enable_local_off_stack_check) { defines += [ "V8_ENABLE_LOCAL_OFF_STACK_CHECK" ] } + if (v8_enable_black_allocated_pages) { + defines += [ "V8_ENABLE_BLACK_ALLOCATED_PAGES" ] + } if (v8_enable_sticky_mark_bits) { defines += [ "V8_ENABLE_STICKY_MARK_BITS" ] } @@ -1326,6 +1363,9 @@ config("features") { if (v8_disable_leaptiering) { defines += [ "V8_DISABLE_LEAPTIERING" ] } + if (v8_wasm_random_fuzzers) { + defines += [ "V8_WASM_RANDOM_FUZZERS" ] + } } config("toolchain") { @@ -1416,14 +1456,11 @@ config("toolchain") { defines += [ "V8_TARGET_ARCH_LOONG64" ] } - if (v8_current_cpu == "s390" || v8_current_cpu == "s390x") { - defines += [ "V8_TARGET_ARCH_S390" ] + if (v8_current_cpu == "s390x") { cflags += [ "-ffp-contract=off" ] - if (v8_current_cpu == "s390x") { - defines += [ "V8_TARGET_ARCH_S390X" ] - } + defines += [ "V8_TARGET_ARCH_S390X" ] if (host_byteorder == "little") { - defines += [ "V8_TARGET_ARCH_S390_LE_SIM" ] + defines += [ "V8_TARGET_ARCH_S390X_LE_SIM" ] } else if (current_os != "zos") { cflags += [ "-march=z196" ] } @@ -2748,10 +2785,7 @@ action("v8_dump_build_config") { mips_use_msa_var = mips_use_msa } - js_shared_memory = - v8_enable_shared_ro_heap && (!v8_enable_pointer_compression || - v8_enable_pointer_compression_shared_cage) && - !v8_disable_write_barriers + js_shared_memory = v8_enable_shared_ro_heap && !v8_disable_write_barriers simd_mips = mips_arch_variant_var == "r6" && mips_use_msa simulator_run = target_cpu != v8_target_cpu use_sanitizer = is_asan || is_cfi || is_msan || is_tsan || is_ubsan @@ -2827,6 +2861,7 @@ action("v8_dump_build_config") { "verify_csa=$v8_enable_verify_csa", "verify_heap=$v8_enable_verify_heap", "verify_predictable=$v8_enable_verify_predictable", + "wasm_random_fuzzers=$v8_wasm_random_fuzzers", "memory_corruption_api=$v8_enable_memory_corruption_api", "leaptiering=$use_leaptiering", @@ -2900,9 +2935,6 @@ v8_source_set("v8_snapshot") { public = [] sources = [ "src/init/setup-isolate-deserialize.cc" ] - if (v8_control_flow_integrity) { - sources += [ "src/deoptimizer/deoptimizer-cfi-builtins.cc" ] - } if (emit_builtins_as_inline_asm) { deps += [ ":asm_to_inline_asm_default" ] sources += [ "$target_gen_dir/embedded.cc" ] @@ -3086,7 +3118,7 @@ v8_source_set("v8_initializers") { ### gcmole(ppc64) ### "src/builtins/ppc/builtins-ppc.cc", ] - } else if (v8_current_cpu == "s390" || v8_current_cpu == "s390x") { + } else if (v8_current_cpu == "s390x") { sources += [ ### gcmole(s390) ### "src/builtins/s390/builtins-s390.cc", @@ -3411,6 +3443,7 @@ v8_header_set("v8_internal_headers") { "src/common/segmented-table-inl.h", "src/common/segmented-table.h", "src/common/simd128.h", + "src/common/thread-local-storage.h", "src/compiler-dispatcher/lazy-compile-dispatcher.h", "src/compiler-dispatcher/optimizing-compile-dispatcher.h", "src/compiler/access-builder.h", @@ -3469,9 +3502,7 @@ v8_header_set("v8_internal_headers") { "src/compiler/graph-assembler.h", "src/compiler/graph-reducer.h", "src/compiler/graph-trimmer.h", - "src/compiler/graph-visualizer.h", "src/compiler/graph-zone-traits.h", - "src/compiler/graph.h", "src/compiler/heap-refs.h", "src/compiler/js-call-reducer.h", "src/compiler/js-context-specialization.h", @@ -3536,6 +3567,10 @@ v8_header_set("v8_internal_headers") { "src/compiler/simplified-operator.h", "src/compiler/state-values-utils.h", "src/compiler/string-builder-optimizer.h", + "src/compiler/turbofan-graph-visualizer.h", + "src/compiler/turbofan-graph.h", + "src/compiler/turbofan-typer.h", + "src/compiler/turbofan-types.h", "src/compiler/turbofan.h", "src/compiler/turboshaft/access-builder.h", "src/compiler/turboshaft/analyzer-iterator.h", @@ -3600,8 +3635,6 @@ v8_header_set("v8_internal_headers") { "src/compiler/turboshaft/runtime-call-descriptors.h", "src/compiler/turboshaft/select-lowering-reducer.h", "src/compiler/turboshaft/sidetable.h", - "src/compiler/turboshaft/simplified-lowering-phase.h", - "src/compiler/turboshaft/simplified-lowering-reducer.h", "src/compiler/turboshaft/simplify-tf-loops.h", "src/compiler/turboshaft/snapshot-table-opindex.h", "src/compiler/turboshaft/snapshot-table.h", @@ -3630,8 +3663,6 @@ v8_header_set("v8_internal_headers") { "src/compiler/type-cache.h", "src/compiler/type-narrowing-reducer.h", "src/compiler/typed-optimization.h", - "src/compiler/typer.h", - "src/compiler/types.h", "src/compiler/use-info.h", "src/compiler/value-numbering-reducer.h", "src/compiler/verifier.h", @@ -3758,7 +3789,13 @@ v8_header_set("v8_internal_headers") { "src/heap/heap-allocator.h", "src/heap/heap-controller.h", "src/heap/heap-inl.h", + "src/heap/heap-layout-inl.h", "src/heap/heap-layout-tracer.h", + "src/heap/heap-layout.h", + "src/heap/heap-utils-inl.h", + "src/heap/heap-utils.h", + "src/heap/heap-visitor-inl.h", + "src/heap/heap-visitor.h", "src/heap/heap-write-barrier-inl.h", "src/heap/heap-write-barrier.h", "src/heap/heap.h", @@ -3771,6 +3808,8 @@ v8_header_set("v8_internal_headers") { "src/heap/large-spaces.h", "src/heap/linear-allocation-area.h", "src/heap/list.h", + "src/heap/live-object-range-inl.h", + "src/heap/live-object-range.h", "src/heap/local-factory-inl.h", "src/heap/local-factory.h", "src/heap/local-heap-inl.h", @@ -3810,8 +3849,6 @@ v8_header_set("v8_internal_headers") { "src/heap/object-lock-inl.h", "src/heap/object-lock.h", "src/heap/object-stats.h", - "src/heap/objects-visiting-inl.h", - "src/heap/objects-visiting.h", "src/heap/page-metadata.h", "src/heap/paged-spaces-inl.h", "src/heap/paged-spaces.h", @@ -3836,6 +3873,7 @@ v8_header_set("v8_internal_headers") { "src/heap/sweeper.h", "src/heap/traced-handles-marking-visitor.h", "src/heap/trusted-range.h", + "src/heap/visit-object.h", "src/heap/weak-object-worklists.h", "src/heap/young-generation-marking-visitor-inl.h", "src/heap/young-generation-marking-visitor.h", @@ -3907,7 +3945,6 @@ v8_header_set("v8_internal_headers") { "src/objects/arguments-inl.h", "src/objects/arguments.h", "src/objects/backing-store.h", - "src/objects/bigint-inl.h", "src/objects/bigint.h", "src/objects/call-site-info-inl.h", "src/objects/call-site-info.h", @@ -4123,7 +4160,7 @@ v8_header_set("v8_internal_headers") { "src/objects/waiter-queue-node.h", "src/parsing/expression-scope.h", "src/parsing/func-name-inferrer.h", - "src/parsing/import-assertions.h", + "src/parsing/import-attributes.h", "src/parsing/keywords-gen.h", "src/parsing/literal-buffer.h", "src/parsing/parse-info.h", @@ -4178,6 +4215,7 @@ v8_header_set("v8_internal_headers") { "src/regexp/regexp-macro-assembler.h", "src/regexp/regexp-nodes.h", "src/regexp/regexp-parser.h", + "src/regexp/regexp-result-vector.h", "src/regexp/regexp-stack.h", "src/regexp/regexp-utils.h", "src/regexp/regexp.h", @@ -4365,6 +4403,8 @@ v8_header_set("v8_internal_headers") { sources += [ "src/maglev/arm/maglev-assembler-arm-inl.h" ] } else if (v8_current_cpu == "arm64") { sources += [ "src/maglev/arm64/maglev-assembler-arm64-inl.h" ] + } else if (v8_current_cpu == "riscv64") { + sources += [ "src/maglev/riscv/maglev-assembler-riscv-inl.h" ] } else if (v8_current_cpu == "x64") { sources += [ "src/maglev/x64/maglev-assembler-x64-inl.h" ] } else if (v8_current_cpu == "s390x") { @@ -4445,7 +4485,6 @@ v8_header_set("v8_internal_headers") { "src/wasm/names-provider.h", "src/wasm/object-access.h", "src/wasm/pgo.h", - "src/wasm/serialized-signature-inl.h", "src/wasm/signature-hashing.h", "src/wasm/simd-shuffle.h", "src/wasm/stacks.h", @@ -4781,7 +4820,7 @@ v8_header_set("v8_internal_headers") { "src/baseline/ppc/baseline-compiler-ppc-inl.h", ] } - } else if (v8_current_cpu == "s390" || v8_current_cpu == "s390x") { + } else if (v8_current_cpu == "s390x") { sources += [ ### gcmole(s390) ### "src/codegen/s390/assembler-s390-inl.h", @@ -4981,8 +5020,6 @@ v8_compiler_sources = [ "src/compiler/graph-assembler.cc", "src/compiler/graph-reducer.cc", "src/compiler/graph-trimmer.cc", - "src/compiler/graph-visualizer.cc", - "src/compiler/graph.cc", "src/compiler/heap-refs.cc", "src/compiler/js-call-reducer.cc", "src/compiler/js-context-specialization.cc", @@ -5040,16 +5077,73 @@ v8_compiler_sources = [ "src/compiler/state-values-utils.cc", "src/compiler/string-builder-optimizer.cc", "src/compiler/turbofan-enabled.cc", + "src/compiler/turbofan-graph-visualizer.cc", + "src/compiler/turbofan-graph.cc", + "src/compiler/turbofan-typer.cc", + "src/compiler/turbofan-types.cc", + "src/compiler/turboshaft/analyzer-iterator.cc", + "src/compiler/turboshaft/assembler.cc", + "src/compiler/turboshaft/block-instrumentation-phase.cc", + "src/compiler/turboshaft/block-instrumentation-reducer.cc", + "src/compiler/turboshaft/build-graph-phase.cc", + "src/compiler/turboshaft/code-elimination-and-simplification-phase.cc", + "src/compiler/turboshaft/copying-phase.cc", + "src/compiler/turboshaft/csa-optimize-phase.cc", + "src/compiler/turboshaft/debug-feature-lowering-phase.cc", + "src/compiler/turboshaft/decompression-optimization-phase.cc", + "src/compiler/turboshaft/decompression-optimization.cc", + "src/compiler/turboshaft/graph-builder.cc", + "src/compiler/turboshaft/graph-visualizer.cc", + "src/compiler/turboshaft/graph.cc", + "src/compiler/turboshaft/instruction-selection-phase.cc", + "src/compiler/turboshaft/late-escape-analysis-reducer.cc", + "src/compiler/turboshaft/late-load-elimination-reducer.cc", + "src/compiler/turboshaft/loop-finder.cc", + "src/compiler/turboshaft/loop-peeling-phase.cc", + "src/compiler/turboshaft/loop-unrolling-phase.cc", + "src/compiler/turboshaft/loop-unrolling-reducer.cc", + "src/compiler/turboshaft/machine-lowering-phase.cc", + "src/compiler/turboshaft/maglev-graph-building-phase.cc", + "src/compiler/turboshaft/memory-optimization-reducer.cc", + "src/compiler/turboshaft/operations.cc", + "src/compiler/turboshaft/optimize-phase.cc", + "src/compiler/turboshaft/phase.cc", + "src/compiler/turboshaft/pipelines.cc", + "src/compiler/turboshaft/pretenuring-propagation-reducer.cc", + "src/compiler/turboshaft/recreate-schedule-phase.cc", + "src/compiler/turboshaft/recreate-schedule.cc", + "src/compiler/turboshaft/representations.cc", + "src/compiler/turboshaft/sidetable.cc", + "src/compiler/turboshaft/simplify-tf-loops.cc", + "src/compiler/turboshaft/store-store-elimination-phase.cc", + "src/compiler/turboshaft/type-assertions-phase.cc", + "src/compiler/turboshaft/type-parser.cc", + "src/compiler/turboshaft/typed-optimizations-phase.cc", + "src/compiler/turboshaft/typer.cc", + "src/compiler/turboshaft/types.cc", + "src/compiler/turboshaft/use-map.cc", + "src/compiler/turboshaft/utils.cc", "src/compiler/type-cache.cc", "src/compiler/type-narrowing-reducer.cc", "src/compiler/typed-optimization.cc", - "src/compiler/typer.cc", - "src/compiler/types.cc", "src/compiler/value-numbering-reducer.cc", "src/compiler/verifier.cc", "src/compiler/zone-stats.cc", ] +if (!v8_enable_maglev) { + # When Maglev is not enabled, Turboshaft still needs Maglev's graph builder. + v8_compiler_sources += [ + "src/maglev/maglev-compilation-info.cc", + "src/maglev/maglev-compilation-unit.cc", + "src/maglev/maglev-graph-builder.cc", + "src/maglev/maglev-graph-printer.cc", + "src/maglev/maglev-interpreter-frame-state.cc", + "src/maglev/maglev-ir.cc", + "src/maglev/maglev-phi-representation-selector.cc", + ] +} + if (v8_current_cpu == "x86") { v8_compiler_sources += [ ### gcmole(ia32) ### @@ -5103,7 +5197,7 @@ if (v8_current_cpu == "x86") { "src/compiler/backend/ppc/instruction-selector-ppc.cc", "src/compiler/backend/ppc/unwinding-info-writer-ppc.cc", ] -} else if (v8_current_cpu == "s390" || v8_current_cpu == "s390x") { +} else if (v8_current_cpu == "s390x") { v8_compiler_sources += [ ### gcmole(s390) ### "src/compiler/backend/s390/code-generator-s390.cc", @@ -5229,86 +5323,6 @@ v8_source_set("v8_compiler") { configs = [ ":internal_config" ] } -# The src/compiler files with default optimization behavior. -v8_source_set("v8_turboshaft") { - visibility = [ ":*" ] # Only targets in this file can depend on this. - - sources = [ - "src/compiler/turboshaft/analyzer-iterator.cc", - "src/compiler/turboshaft/assembler.cc", - "src/compiler/turboshaft/block-instrumentation-phase.cc", - "src/compiler/turboshaft/block-instrumentation-reducer.cc", - "src/compiler/turboshaft/build-graph-phase.cc", - "src/compiler/turboshaft/code-elimination-and-simplification-phase.cc", - "src/compiler/turboshaft/copying-phase.cc", - "src/compiler/turboshaft/csa-optimize-phase.cc", - "src/compiler/turboshaft/debug-feature-lowering-phase.cc", - "src/compiler/turboshaft/decompression-optimization-phase.cc", - "src/compiler/turboshaft/decompression-optimization.cc", - "src/compiler/turboshaft/graph-builder.cc", - "src/compiler/turboshaft/graph-visualizer.cc", - "src/compiler/turboshaft/graph.cc", - "src/compiler/turboshaft/instruction-selection-phase.cc", - "src/compiler/turboshaft/late-escape-analysis-reducer.cc", - "src/compiler/turboshaft/late-load-elimination-reducer.cc", - "src/compiler/turboshaft/loop-finder.cc", - "src/compiler/turboshaft/loop-peeling-phase.cc", - "src/compiler/turboshaft/loop-unrolling-phase.cc", - "src/compiler/turboshaft/loop-unrolling-reducer.cc", - "src/compiler/turboshaft/machine-lowering-phase.cc", - "src/compiler/turboshaft/maglev-graph-building-phase.cc", - "src/compiler/turboshaft/memory-optimization-reducer.cc", - "src/compiler/turboshaft/operations.cc", - "src/compiler/turboshaft/optimize-phase.cc", - "src/compiler/turboshaft/phase.cc", - "src/compiler/turboshaft/pipelines.cc", - "src/compiler/turboshaft/pretenuring-propagation-reducer.cc", - "src/compiler/turboshaft/recreate-schedule-phase.cc", - "src/compiler/turboshaft/recreate-schedule.cc", - "src/compiler/turboshaft/representations.cc", - "src/compiler/turboshaft/sidetable.cc", - "src/compiler/turboshaft/simplified-lowering-phase.cc", - "src/compiler/turboshaft/simplify-tf-loops.cc", - "src/compiler/turboshaft/store-store-elimination-phase.cc", - "src/compiler/turboshaft/type-assertions-phase.cc", - "src/compiler/turboshaft/type-parser.cc", - "src/compiler/turboshaft/typed-optimizations-phase.cc", - "src/compiler/turboshaft/typer.cc", - "src/compiler/turboshaft/types.cc", - "src/compiler/turboshaft/use-map.cc", - "src/compiler/turboshaft/utils.cc", - ] - - if (!v8_enable_maglev) { - # When Maglev is not enabled, Turboshaft still needs Maglev's graph builder. - sources += [ - "src/maglev/maglev-compilation-info.cc", - "src/maglev/maglev-compilation-unit.cc", - "src/maglev/maglev-graph-builder.cc", - "src/maglev/maglev-graph-printer.cc", - "src/maglev/maglev-interpreter-frame-state.cc", - "src/maglev/maglev-ir.cc", - "src/maglev/maglev-phi-representation-selector.cc", - ] - } - - public_deps = [ - ":generate_bytecode_builtins_list", - ":run_torque", - ":v8_internal_headers", - ":v8_maybe_icu", - ":v8_tracing", - ] - - deps = [ - ":v8_base_without_compiler", - ":v8_libbase", - ":v8_shared_internal_headers", - ] - - configs = [ ":internal_config" ] -} - group("v8_compiler_for_mksnapshot") { if ((is_debug && !v8_optimized_debug && v8_enable_fast_mksnapshot) || !v8_enable_turbofan) { @@ -5515,7 +5529,9 @@ v8_source_set("v8_base_without_compiler") { "src/heap/heap-allocator.cc", "src/heap/heap-controller.cc", "src/heap/heap-layout-tracer.cc", + "src/heap/heap-layout.cc", "src/heap/heap-verifier.cc", + "src/heap/heap-visitor.cc", "src/heap/heap-write-barrier.cc", "src/heap/heap.cc", "src/heap/incremental-marking-job.cc", @@ -5533,7 +5549,6 @@ v8_source_set("v8_base_without_compiler") { "src/heap/marking.cc", "src/heap/memory-allocator.cc", "src/heap/memory-balancer.cc", - "src/heap/memory-chunk-layout.cc", "src/heap/memory-chunk-metadata.cc", "src/heap/memory-chunk.cc", "src/heap/memory-measurement.cc", @@ -5543,7 +5558,6 @@ v8_source_set("v8_base_without_compiler") { "src/heap/mutable-page-metadata.cc", "src/heap/new-spaces.cc", "src/heap/object-stats.cc", - "src/heap/objects-visiting.cc", "src/heap/page-metadata.cc", "src/heap/paged-spaces.cc", "src/heap/pretenuring-handler.cc", @@ -5558,6 +5572,7 @@ v8_source_set("v8_base_without_compiler") { "src/heap/sweeper.cc", "src/heap/traced-handles-marking-visitor.cc", "src/heap/trusted-range.cc", + "src/heap/visit-object.cc", "src/heap/weak-object-worklists.cc", "src/heap/zapping.cc", "src/ic/call-optimization.cc", @@ -5678,7 +5693,7 @@ v8_source_set("v8_base_without_compiler") { "src/objects/visitors.cc", "src/objects/waiter-queue-node.cc", "src/parsing/func-name-inferrer.cc", - "src/parsing/import-assertions.cc", + "src/parsing/import-attributes.cc", "src/parsing/literal-buffer.cc", "src/parsing/parse-info.cc", "src/parsing/parser.cc", @@ -5719,6 +5734,7 @@ v8_source_set("v8_base_without_compiler") { "src/regexp/regexp-macro-assembler-tracer.cc", "src/regexp/regexp-macro-assembler.cc", "src/regexp/regexp-parser.cc", + "src/regexp/regexp-result-vector.cc", "src/regexp/regexp-stack.cc", "src/regexp/regexp-utils.cc", "src/regexp/regexp.cc", @@ -5855,6 +5871,11 @@ v8_source_set("v8_base_without_compiler") { "src/maglev/arm64/maglev-assembler-arm64.cc", "src/maglev/arm64/maglev-ir-arm64.cc", ] + } else if (v8_current_cpu == "riscv64") { + sources += [ + "src/maglev/riscv/maglev-assembler-riscv.cc", + "src/maglev/riscv/maglev-ir-riscv.cc", + ] } else if (v8_current_cpu == "x64") { sources += [ "src/maglev/x64/maglev-assembler-x64.cc", @@ -5934,7 +5955,7 @@ v8_source_set("v8_base_without_compiler") { "src/wasm/well-known-imports.cc", "src/wasm/wrappers.cc", ] - if (!is_official_build) { + if (v8_wasm_random_fuzzers) { sources += [ ### gcmole(all) ### "src/wasm/fuzzing/random-module-generation.cc", @@ -6058,15 +6079,14 @@ v8_source_set("v8_base_without_compiler") { "src/regexp/arm64/regexp-macro-assembler-arm64.cc", ] if (v8_enable_webassembly) { - # Trap handling is enabled on arm64 Mac and Linux and in simulators on - # x64 on Linux, Mac, and Windows. + # Trap handling is enabled on arm64 and x64, on Linux, Mac and Windows. if ((current_cpu == "arm64" && (is_linux || is_chromeos || is_apple)) || (current_cpu == "x64" && (is_linux || is_chromeos || is_mac))) { sources += [ "src/trap-handler/handler-inside-posix.cc", "src/trap-handler/handler-outside-posix.cc", ] - } else if (current_cpu == "x64" && is_win) { + } else if ((current_cpu == "arm64" || current_cpu == "x64") && is_win) { sources += [ "src/trap-handler/handler-inside-win.cc", "src/trap-handler/handler-outside-win.cc", @@ -6139,7 +6159,7 @@ v8_source_set("v8_base_without_compiler") { "src/execution/ppc/simulator-ppc.cc", "src/regexp/ppc/regexp-macro-assembler-ppc.cc", ] - } else if (v8_current_cpu == "s390" || v8_current_cpu == "s390x") { + } else if (v8_current_cpu == "s390x") { sources += [ ### gcmole(s390) ### "src/codegen/s390/assembler-s390.cc", @@ -6226,6 +6246,10 @@ v8_source_set("v8_base_without_compiler") { if (is_win) { if (v8_enable_etw_stack_walking) { sources += [ + "src/diagnostics/etw-debug-win.cc", + "src/diagnostics/etw-debug-win.h", + "src/diagnostics/etw-isolate-capture-state-monitor-win.cc", + "src/diagnostics/etw-isolate-capture-state-monitor-win.h", "src/diagnostics/etw-jit-win.cc", "src/diagnostics/etw-jit-win.h", ] @@ -6315,8 +6339,7 @@ v8_source_set("v8_base_without_compiler") { # to implement atomic memory access if (v8_current_cpu == "mips64" || v8_current_cpu == "mips64el" || v8_current_cpu == "ppc64" || - (current_os != "zos" && - (v8_current_cpu == "s390" || v8_current_cpu == "s390x")) || + (current_os != "zos" && v8_current_cpu == "s390x") || v8_current_cpu == "riscv64" || v8_current_cpu == "riscv32") { if (!is_clang) { libs += [ "atomic" ] @@ -6337,10 +6360,6 @@ group("v8_base") { ":v8_base_without_compiler", ":v8_compiler", ] - - if (v8_enable_turbofan) { - public_deps += [ ":v8_turboshaft" ] - } } v8_source_set("torque_base") { @@ -6563,6 +6582,7 @@ v8_component("v8_libbase") { "src/base/sanitizer/lsan.h", "src/base/sanitizer/msan.h", "src/base/sanitizer/tsan.h", + "src/base/sanitizer/ubsan.h", "src/base/small-map.h", "src/base/small-vector.h", "src/base/string-format.h", @@ -6570,7 +6590,7 @@ v8_component("v8_libbase") { "src/base/strings.h", "src/base/sys-info.cc", "src/base/sys-info.h", - "src/base/template-meta-programming/algorithm.h", + "src/base/template-meta-programming/common.h", "src/base/template-meta-programming/functional.h", "src/base/template-meta-programming/list.h", "src/base/template-meta-programming/string-literal.h", @@ -7309,10 +7329,6 @@ if (current_toolchain == v8_snapshot_toolchain) { "src/snapshot/static-roots-gen.h", ] - if (v8_control_flow_integrity) { - sources += [ "src/deoptimizer/deoptimizer-cfi-empty.cc" ] - } - configs = [ ":internal_config", ":disable_icf", @@ -7327,7 +7343,6 @@ if (current_toolchain == v8_snapshot_toolchain) { ":v8_maybe_icu", ":v8_shared_internal_headers", ":v8_tracing", - ":v8_turboshaft", "//build/win:default_exe_manifest", ] } @@ -7561,7 +7576,7 @@ group("v8_fuzzers") { ] if (v8_enable_webassembly) { - if (!is_official_build) { + if (v8_wasm_random_fuzzers) { data_deps += [ ":v8_simple_wasm_compile_all_fuzzer", ":v8_simple_wasm_compile_fuzzer", @@ -7980,11 +7995,7 @@ if (v8_enable_webassembly) { sources = [ "test/fuzzer/wasm-streaming.cc" ] } - # Some fuzzers depend on fuzzing functionality linked into the v8 library. - # For binary size reasons this functionality is not available for official - # builds, therefore these fuzzers do not function there and should be skipped - # instead. - if (!is_official_build) { + if (v8_wasm_random_fuzzers) { v8_wasm_fuzzer("wasm_compile_all_fuzzer") { sources = [ "test/common/wasm/test-signatures.h", @@ -8020,7 +8031,7 @@ if (v8_enable_webassembly) { v8_wasm_fuzzer("wasm_deopt_fuzzer") { sources = [ "test/fuzzer/wasm-deopt.cc" ] } - } # !is_official_build + } # v8_wasm_random_fuzzers } v8_fuzzer("inspector_fuzzer") { diff --git a/deps/v8/COMMON_OWNERS b/deps/v8/COMMON_OWNERS index acd008e3360eff..741ba62748faa6 100644 --- a/deps/v8/COMMON_OWNERS +++ b/deps/v8/COMMON_OWNERS @@ -5,7 +5,6 @@ bikineev@chromium.org bmeurer@chromium.org cbruni@chromium.org clemensb@chromium.org -danno@chromium.org dinfuehr@chromium.org dlehmann@chromium.org dmercadier@chromium.org diff --git a/deps/v8/DEPS b/deps/v8/DEPS index f4a74a3515ceae..88dbfb8bf7332f 100644 --- a/deps/v8/DEPS +++ b/deps/v8/DEPS @@ -60,7 +60,7 @@ vars = { 'checkout_fuchsia_no_hooks': False, # reclient CIPD package version - 'reclient_version': 're_client_version:0.163.0.d27158ab-gomaip', + 'reclient_version': 're_client_version:0.171.0.1869ad5c-gomaip', # Fetch configuration files required for the 'use_remoteexec' gn arg 'download_remoteexec_cfg': False, @@ -76,22 +76,22 @@ vars = { 'build_with_chromium': False, # GN CIPD package version. - 'gn_version': 'git_revision:20806f79c6b4ba295274e3a589d85db41a02fdaa', + 'gn_version': 'git_revision:feafd1012a32c05ec6095f69ddc3850afb621f3a', # ninja CIPD package version # https://chrome-infra-packages.appspot.com/p/infra/3pp/tools/ninja - 'ninja_version': 'version:2@1.12.1.chromium.4', + 'ninja_version': 'version:3@1.12.1.chromium.4', # siso CIPD package version - 'siso_version': 'git_revision:eaee19cf51478b64614e2e8daad77378238a3c6c', + 'siso_version': 'git_revision:aa31236f9e208039b6196cbae4318d56d4c30e3d', # luci-go CIPD package version. - 'luci_go': 'git_revision:1aca70b6bf116c1bd8fbf0526c9a89e9be308718', + 'luci_go': 'git_revision:a52658ecc54d0fa4ad0065918588c890982634b2', # Three lines of non-changing comments so that # the commit queue can handle CLs rolling Fuchsia sdk # and whatever else without interference from each other. - 'fuchsia_version': 'version:24.20240913.4.1', + 'fuchsia_version': 'version:25.20241109.3.1', # Three lines of non-changing comments so that # the commit queue can handle CLs rolling android_sdk_build-tools_version @@ -129,9 +129,9 @@ vars = { deps = { 'build': - Var('chromium_url') + '/chromium/src/build.git' + '@' + '4bd877395d215d47c694a8383147eb158fafbbd6', + Var('chromium_url') + '/chromium/src/build.git' + '@' + '827e4e2f1e69d34141acde81be78e618e9a15b26', 'buildtools': - Var('chromium_url') + '/chromium/src/buildtools.git' + '@' + 'a7a84ac61eae5a8946807265a2fd8bd812daf384', + Var('chromium_url') + '/chromium/src/buildtools.git' + '@' + 'c61bf9c942c84d2c42d4ce4fd5cf751fa36c7fd7', 'buildtools/linux64': { 'packages': [ { @@ -177,7 +177,7 @@ deps = { 'test/mozilla/data': Var('chromium_url') + '/v8/deps/third_party/mozilla-tests.git' + '@' + 'f6c578a10ea707b1a8ab0b88943fe5115ce2b9be', 'test/test262/data': - Var('chromium_url') + '/external/github.com/tc39/test262.git' + '@' + 'd62fa93c8f9ce5e687c0bbaa5d2b59670ab2ff60', + Var('chromium_url') + '/external/github.com/tc39/test262.git' + '@' + 'ab69bd4dd8184ce6b96a0a02c904d20ee76b10ed', 'third_party/android_platform': { 'url': Var('chromium_url') + '/chromium/src/third_party/android_platform.git' + '@' + '6337c445f9963ec3914e7e0c5787941d07b46509', 'condition': 'checkout_android', @@ -235,11 +235,11 @@ deps = { 'condition': "checkout_centipede_deps", }, 'third_party/boringssl/src': { - 'url': Var('boringssl_url') + '/boringssl.git' + '@' + '58f3bc83230d2958bb9710bc910972c4f5d382dc', + 'url': Var('boringssl_url') + '/boringssl.git' + '@' + '571c76e919c0c48219ced35bef83e1fc83b00eed', 'condition': "checkout_centipede_deps", }, 'third_party/catapult': { - 'url': Var('chromium_url') + '/catapult.git' + '@' + '296226a4a0067c8cffeb8831fb87526a8035f3cc', + 'url': Var('chromium_url') + '/catapult.git' + '@' + '5a79ab54959253b47e9fae2ec6f7e117a676d8e6', 'condition': 'checkout_android', }, 'third_party/clang-format/script': @@ -253,13 +253,13 @@ deps = { 'condition': 'checkout_android', }, 'third_party/depot_tools': - Var('chromium_url') + '/chromium/tools/depot_tools.git' + '@' + '22df6f8e622dc3e8df8dc8b5d3e3503b169af78e', + Var('chromium_url') + '/chromium/tools/depot_tools.git' + '@' + '37661eea7e53b6f72e4102ce3381c61c02ab5ba3', 'third_party/fp16/src': Var('chromium_url') + '/external/github.com/Maratyszcza/FP16.git' + '@' + '0a92994d729ff76a58f692d3028ca1b64b145d91', 'third_party/fast_float/src': Var('chromium_url') + '/external/github.com/fastfloat/fast_float.git' + '@' + '3e57d8dcfb0a04b5a8a26b486b54490a2e9b310f', 'third_party/fuchsia-gn-sdk': { - 'url': Var('chromium_url') + '/chromium/src/third_party/fuchsia-gn-sdk.git' + '@' + '5086f6c9e4c6d3295a76fdb5d27209f2d6449c6a', + 'url': Var('chromium_url') + '/chromium/src/third_party/fuchsia-gn-sdk.git' + '@' + '615c91e9e572143cbc4144ec3593ba1d50d1ff81', 'condition': 'checkout_fuchsia', }, # Exists for rolling the Fuchsia SDK. Check out of the SDK should always @@ -275,21 +275,21 @@ deps = { 'dep_type': 'cipd', }, 'third_party/google_benchmark_chrome': { - 'url': Var('chromium_url') + '/chromium/src/third_party/google_benchmark.git' + '@' + 'f049b96d7a50ae19f2748aae7fba7bde705bcd8c', + 'url': Var('chromium_url') + '/chromium/src/third_party/google_benchmark.git' + '@' + '75f504f8c9501a07357e1033475629bb750a1d80', }, 'third_party/google_benchmark_chrome/src': { - 'url': Var('chromium_url') + '/external/github.com/google/benchmark.git' + '@' + '344117638c8ff7e239044fd0fa7085839fc03021', + 'url': Var('chromium_url') + '/external/github.com/google/benchmark.git' + '@' + '761305ec3b33abf30e08d50eb829e19a802581cc', }, 'third_party/fuzztest': - Var('chromium_url') + '/chromium/src/third_party/fuzztest.git' + '@' + '69fe98bf87d80fdc773481ae5180c63e431a13a1', + Var('chromium_url') + '/chromium/src/third_party/fuzztest.git' + '@' + '45d19136c8e70611b8fd1ace447d968c31ffa5a3', 'third_party/fuzztest/src': - Var('chromium_url') + '/external/github.com/google/fuzztest.git' + '@' + '32eb84a95951fa3a0148fb3e6a1a02f830ded136', + Var('chromium_url') + '/external/github.com/google/fuzztest.git' + '@' + '0021f30508bc7f73fa5270962d022acb480d242f', 'third_party/googletest/src': - Var('chromium_url') + '/external/github.com/google/googletest.git' + '@' + '0953a17a4281fc26831da647ad3fcd5e21e6473b', + Var('chromium_url') + '/external/github.com/google/googletest.git' + '@' + 'd144031940543e15423a25ae5a8a74141044862f', 'third_party/highway/src': - Var('chromium_url') + '/external/github.com/google/highway.git' + '@' + '8295336dd70f1201d42c22ab5b0861de38cf8fbf', + Var('chromium_url') + '/external/github.com/google/highway.git' + '@' + '00fe003dac355b979f36157f9407c7c46448958e', 'third_party/icu': - Var('chromium_url') + '/chromium/deps/icu.git' + '@' + '9408c6fd4a39e6fef0e1c4077602e1c83b15f3fb', + Var('chromium_url') + '/chromium/deps/icu.git' + '@' + '4239b1559d11d4fa66c100543eda4161e060311e', 'third_party/instrumented_libs': { 'url': Var('chromium_url') + '/chromium/third_party/instrumented_libraries.git' + '@' + 'bb6dbcf2df7a9beb34c3773ef4df161800e3aed9', 'condition': 'checkout_instrumented_libraries', @@ -305,153 +305,155 @@ deps = { 'third_party/jsoncpp/source': Var('chromium_url') + '/external/github.com/open-source-parsers/jsoncpp.git'+ '@' + '42e892d96e47b1f6e29844cc705e148ec4856448', 'third_party/libc++/src': - Var('chromium_url') + '/external/github.com/llvm/llvm-project/libcxx.git' + '@' + '50ab693ecb611942ce4440d8c9ed707ee65ed5e8', + Var('chromium_url') + '/external/github.com/llvm/llvm-project/libcxx.git' + '@' + '8e31ad42561900383e10dbefc1d3e8f38cedfbe9', 'third_party/libc++abi/src': - Var('chromium_url') + '/external/github.com/llvm/llvm-project/libcxxabi.git' + '@' + '29b2e9a0f48688da116692cb04758393053d269c', + Var('chromium_url') + '/external/github.com/llvm/llvm-project/libcxxabi.git' + '@' + '8ba0a768d6b26b72b0a695fc1806ba124c1b9783', 'third_party/libunwind/src': - Var('chromium_url') + '/external/github.com/llvm/llvm-project/libunwind.git' + '@' + 'dc70138c3e68e2f946585f134e20815851e26263', + Var('chromium_url') + '/external/github.com/llvm/llvm-project/libunwind.git' + '@' + '5b01ea4a6f3b666b7d190e7cb7c31db2ed4d94ce', + 'third_party/llvm-libc/src': + Var('chromium_url') + '/external/github.com/llvm/llvm-project/libc.git' + '@' + 'ccaf1e62d0950f4cf07962ed6237207b39046e76', 'third_party/llvm-build/Release+Asserts': { 'dep_type': 'gcs', 'bucket': 'chromium-browser-clang', 'objects': [ { - 'object_name': 'Linux_x64/clang-llvmorg-20-init-3847-g69c43468-28.tar.xz', - 'sha256sum': '6a30f7bc7c5f0eac02a40a4ec9a1ab906ddff2adacf2c9ff065916047c79f0fb', - 'size_bytes': 52892060, - 'generation': 1726118358890940, + 'object_name': 'Linux_x64/clang-llvmorg-20-init-9764-gb81d8e90-6.tar.xz', + 'sha256sum': '10fbc53c0730a50e2117b3414a45784667d6cf7d91a3bcaab2b3a78ede08c5d2', + 'size_bytes': 54119960, + 'generation': 1730990401272305, 'condition': 'host_os == "linux"', }, { - 'object_name': 'Linux_x64/clang-tidy-llvmorg-20-init-3847-g69c43468-28.tar.xz', - 'sha256sum': '35e00fc8f58cf7cd30f0ad27c2fdef56b677e287030072c46c0f024d23363ae4', - 'size_bytes': 13283180, - 'generation': 1726118359291453, + 'object_name': 'Linux_x64/clang-tidy-llvmorg-20-init-9764-gb81d8e90-6.tar.xz', + 'sha256sum': 'b53177355aae0a5f8bf0cf230d8d783d7eb1dc32fb525175aa64ebe93a697d59', + 'size_bytes': 13409228, + 'generation': 1730990401560844, 'condition': 'host_os == "linux" and checkout_clang_tidy', }, { - 'object_name': 'Linux_x64/clangd-llvmorg-20-init-3847-g69c43468-28.tar.xz', - 'sha256sum': '33e2276976dfeaf387f5ea16651ea591eebe3570a12469f3884c74f8079e88bf', - 'size_bytes': 26305668, - 'generation': 1726118359489734, + 'object_name': 'Linux_x64/clangd-llvmorg-20-init-9764-gb81d8e90-6.tar.xz', + 'sha256sum': 'ea60c8ed153b175d60973203d4efd8e03627d5eee3f567dd61dcc66cb76af152', + 'size_bytes': 27940520, + 'generation': 1730990401938247, 'condition': 'host_os == "linux" and checkout_clangd', }, { - 'object_name': 'Linux_x64/llvm-code-coverage-llvmorg-20-init-3847-g69c43468-28.tar.xz', - 'sha256sum': '426c6bd378848de0817a7695fee821bece9efb51e3ed1d7b750a75bc17bf00eb', - 'size_bytes': 2370472, - 'generation': 1726118360237343, + 'object_name': 'Linux_x64/llvm-code-coverage-llvmorg-20-init-9764-gb81d8e90-6.tar.xz', + 'sha256sum': 'aab41caead88fbbec57a352e5ad540ebdd54eda869ea632cadc01882454df23b', + 'size_bytes': 2385012, + 'generation': 1730990403020118, 'condition': 'host_os == "linux" and checkout_clang_coverage_tools', }, { - 'object_name': 'Linux_x64/llvmobjdump-llvmorg-20-init-3847-g69c43468-28.tar.xz', - 'sha256sum': 'e11c3043e76c7c79fe7905861a11c78433c6d796d049f837eda0a2ce118f0793', - 'size_bytes': 5410724, - 'generation': 1726118359908897, + 'object_name': 'Linux_x64/llvmobjdump-llvmorg-20-init-9764-gb81d8e90-6.tar.xz', + 'sha256sum': '16d08de19205ebd84e8fe5850132e29eb89c25ccd6ecd6cdf18ff0d6d5756047', + 'size_bytes': 5471316, + 'generation': 1730990402077586, 'condition': '(checkout_linux or checkout_mac or checkout_android and host_os != "mac")', }, { - 'object_name': 'Mac/clang-llvmorg-20-init-3847-g69c43468-28.tar.xz', - 'sha256sum': 'cabfc7ca792ef13d3e665c3a7811f9a76cc39094059c11606cea1724f0394bbc', - 'size_bytes': 47551968, - 'generation': 1726118361528729, + 'object_name': 'Mac/clang-llvmorg-20-init-9764-gb81d8e90-6.tar.xz', + 'sha256sum': 'cfc0c381a64b2770e1f3fe934dc08927b78cbe8204c4b145c175e1ac47a79b3f', + 'size_bytes': 48586148, + 'generation': 1730990404989096, 'condition': 'host_os == "mac" and host_cpu == "x64"', }, { - 'object_name': 'Mac/clang-mac-runtime-library-llvmorg-20-init-3847-g69c43468-28.tar.xz', - 'sha256sum': '50a618246d7fd23645640fc50ccb0d4684c1895def378b90963a289f920ea88a', - 'size_bytes': 879508, - 'generation': 1726118377526206, + 'object_name': 'Mac/clang-mac-runtime-library-llvmorg-20-init-9764-gb81d8e90-6.tar.xz', + 'sha256sum': '994d94a647c818d28f9551d46e39637b4a9f9e72ae0f3d98f75db949decfc811', + 'size_bytes': 973888, + 'generation': 1730990424944699, 'condition': 'checkout_mac and not host_os == "mac"', }, { - 'object_name': 'Mac/clang-tidy-llvmorg-20-init-3847-g69c43468-28.tar.xz', - 'sha256sum': '2c325505ea43a8d8a14770890d62aba9af37b397e3063e3fb622cfd51d4706f6', - 'size_bytes': 12884412, - 'generation': 1726118361811669, + 'object_name': 'Mac/clang-tidy-llvmorg-20-init-9764-gb81d8e90-6.tar.xz', + 'sha256sum': 'e3e779988cfbc9443fe050a31f92f0b2bfc8b855a8fa0d50b39bda520214323f', + 'size_bytes': 12989428, + 'generation': 1730990405580532, 'condition': 'host_os == "mac" and host_cpu == "x64" and checkout_clang_tidy', }, { - 'object_name': 'Mac/clangd-llvmorg-20-init-3847-g69c43468-28.tar.xz', - 'sha256sum': '1c1a0965cc95053dec8c649a7b3bb627ad2300ad230eed97b52ee70a8a8edd85', - 'size_bytes': 26553148, - 'generation': 1726118361978146, + 'object_name': 'Mac/clangd-llvmorg-20-init-9764-gb81d8e90-6.tar.xz', + 'sha256sum': 'fb3652a79650eb196f7229e8420d8482934db18ad899322a59d9532a967ba8f0', + 'size_bytes': 26917008, + 'generation': 1730990405502536, 'condition': 'host_os == "mac" and host_cpu == "x64" and checkout_clangd', }, { - 'object_name': 'Mac/llvm-code-coverage-llvmorg-20-init-3847-g69c43468-28.tar.xz', - 'sha256sum': '9259bd27c19ca9662c70ffc2b42c10afb584e7c584470d6e656e164643614b50', - 'size_bytes': 2247028, - 'generation': 1726118362377026, + 'object_name': 'Mac/llvm-code-coverage-llvmorg-20-init-9764-gb81d8e90-6.tar.xz', + 'sha256sum': '366c73a45297d36c015eb046232cecd6bbbb8fe8a460761ea4a488427c934846', + 'size_bytes': 2252492, + 'generation': 1730990406483704, 'condition': 'host_os == "mac" and host_cpu == "x64" and checkout_clang_coverage_tools', }, { - 'object_name': 'Mac_arm64/clang-llvmorg-20-init-3847-g69c43468-28.tar.xz', - 'sha256sum': 'e87eb4caa95c98ef36c40aec5b8cd07a6c4fb8959d3c7e7d452f6ed860c8c2bf', - 'size_bytes': 41352592, - 'generation': 1726118378868177, + 'object_name': 'Mac_arm64/clang-llvmorg-20-init-9764-gb81d8e90-6.tar.xz', + 'sha256sum': '07ea023580ba850f1cfde29018c6094f19fa2f876949afdd9b7ceacd02614315', + 'size_bytes': 42643072, + 'generation': 1730990426320272, 'condition': 'host_os == "mac" and host_cpu == "arm64"', }, { - 'object_name': 'Mac_arm64/clang-tidy-llvmorg-20-init-3847-g69c43468-28.tar.xz', - 'sha256sum': 'fcf8f25a8461db90686d0455bd8f195750a2cdc425cb03c48debe4d3e8bb9299', - 'size_bytes': 11476316, - 'generation': 1726118379144738, + 'object_name': 'Mac_arm64/clang-tidy-llvmorg-20-init-9764-gb81d8e90-6.tar.xz', + 'sha256sum': '2ba853495a456c137a03615bc90c1dc13378a083cd245c752e5cdb32cc5d710b', + 'size_bytes': 11551140, + 'generation': 1730990427298192, 'condition': 'host_os == "mac" and host_cpu == "arm64" and checkout_clang_tidy', }, { - 'object_name': 'Mac_arm64/clangd-llvmorg-20-init-3847-g69c43468-28.tar.xz', - 'sha256sum': 'cca4049d3362528511ebc603db05189c9bef406a80ae4fead22b1db0a4de83e6', - 'size_bytes': 22679568, - 'generation': 1726118379283835, + 'object_name': 'Mac_arm64/clangd-llvmorg-20-init-9764-gb81d8e90-6.tar.xz', + 'sha256sum': '8bd0290834025283494137c71f21cc53e5180a0fe5526ce5fc1def6b71adf56d', + 'size_bytes': 22996480, + 'generation': 1730990427104379, 'condition': 'host_os == "mac" and host_cpu == "arm64" and checkout_clangd', }, { - 'object_name': 'Mac_arm64/llvm-code-coverage-llvmorg-20-init-3847-g69c43468-28.tar.xz', - 'sha256sum': '001e8582de4bc7c434f321b5bacd2b0b45e553f3134cb7d78e1a4f62e2b97ac6', - 'size_bytes': 1969844, - 'generation': 1726118379757221, + 'object_name': 'Mac_arm64/llvm-code-coverage-llvmorg-20-init-9764-gb81d8e90-6.tar.xz', + 'sha256sum': '009bf6dca60483ceef0f5b267bab206e71f70150f595dee378704ac1bab15810', + 'size_bytes': 1978164, + 'generation': 1730990428146704, 'condition': 'host_os == "mac" and host_cpu == "arm64" and checkout_clang_coverage_tools', }, { - 'object_name': 'Win/clang-llvmorg-20-init-3847-g69c43468-28.tar.xz', - 'sha256sum': 'cb416511e6379b7fd3f362f637ebb8a28957d0d2ff2dc6e2d9f4484a381f2885', - 'size_bytes': 44655000, - 'generation': 1726118399720986, + 'object_name': 'Win/clang-llvmorg-20-init-9764-gb81d8e90-6.tar.xz', + 'sha256sum': '307a92baa82c49a97fa342e836c7d99c461757e3c4992e525ec11946e7e0c273', + 'size_bytes': 45504620, + 'generation': 1730990452347678, 'condition': 'host_os == "win"', }, { - 'object_name': 'Win/clang-tidy-llvmorg-20-init-3847-g69c43468-28.tar.xz', - 'sha256sum': '15af2ae61dabdfe0ddbdd48f467b996855ba51d0ef633c5c0ac3c74cdc0d8f2c', - 'size_bytes': 13114928, - 'generation': 1726118400057660, + 'object_name': 'Win/clang-tidy-llvmorg-20-init-9764-gb81d8e90-6.tar.xz', + 'sha256sum': 'e38e29eb61f0907e43dd9e4b13f7b624e88577deadbe783d0b6f5ba0fe73470f', + 'size_bytes': 13198876, + 'generation': 1730990452638793, 'condition': 'host_os == "win" and checkout_clang_tidy', }, { - 'object_name': 'Win/clang-win-runtime-library-llvmorg-20-init-3847-g69c43468-28.tar.xz', - 'sha256sum': '81d66840357d83ca1a2c85ebca5259a7a86d9e99c77b37727fbaee87ccacf675', - 'size_bytes': 2897452, - 'generation': 1726118416326356, + 'object_name': 'Win/clang-win-runtime-library-llvmorg-20-init-9764-gb81d8e90-6.tar.xz', + 'sha256sum': '7dada03189cd68e993f32d2f44ba60308c21d5aaff841072fb023f569f62981e', + 'size_bytes': 2481484, + 'generation': 1730990473380663, 'condition': 'checkout_win and not host_os == "win"', }, { - 'object_name': 'Win/clangd-llvmorg-20-init-3847-g69c43468-28.tar.xz', - 'sha256sum': '1304718c221543b16465a4b6108572fa1ba9f2b75c4e4398bdb01fb983428c10', - 'size_bytes': 25169688, - 'generation': 1726118400193324, + 'object_name': 'Win/clangd-llvmorg-20-init-9764-gb81d8e90-6.tar.xz', + 'sha256sum': '35d002034b9758bb22a81d68b29ef1fc8584bb8c80d8f8161daf811dd88af8c0', + 'size_bytes': 25507672, + 'generation': 1730990452771999, 'condition': 'host_os == "win" and checkout_clangd', }, { - 'object_name': 'Win/llvm-code-coverage-llvmorg-20-init-3847-g69c43468-28.tar.xz', - 'sha256sum': 'e01b8fbca72fc1cca6988e359d9a0eea8fa5ccbaff8d41deffd62970c7f4fed5', - 'size_bytes': 2382756, - 'generation': 1726118400642803, + 'object_name': 'Win/llvm-code-coverage-llvmorg-20-init-9764-gb81d8e90-6.tar.xz', + 'sha256sum': 'cec41d8e54630d4b4cc27c231af57f334c9149c0faeaf1f74bb4f258f47aee4d', + 'size_bytes': 2394780, + 'generation': 1730990453517854, 'condition': 'host_os == "win" and checkout_clang_coverage_tools', }, { - 'object_name': 'Win/llvmobjdump-llvmorg-20-init-3847-g69c43468-28.tar.xz', - 'sha256sum': '2f837a21d910ad748666282d0c1da15a438d9aae4fc1bc85dab7313da6dfeb7b', - 'size_bytes': 5439736, - 'generation': 1726118400404099, + 'object_name': 'Win/llvmobjdump-llvmorg-20-init-9764-gb81d8e90-6.tar.xz', + 'sha256sum': 'b53acffcb3bf0ef000b8af31ee622c34da647ecec28fbf9777db4d4c31057dfd', + 'size_bytes': 5495104, + 'generation': 1730990453035029, 'condition': 'checkout_linux or checkout_mac or checkout_android and host_os == "win"', }, ], @@ -471,9 +473,9 @@ deps = { 'condition': 'host_cpu != "s390" and host_os != "zos" and host_cpu != "ppc"' }, 'third_party/perfetto': - Var('android_url') + '/platform/external/perfetto.git' + '@' + '6fc824d618d2f06b5d9cd8655ba0419b6b3b366e', + Var('android_url') + '/platform/external/perfetto.git' + '@' + '24764a1d9c2fce1e9816ffae691f00353ade330d', 'third_party/protobuf': - Var('chromium_url') + '/chromium/src/third_party/protobuf.git' + '@' + '37bbf271c62d6c01c58c66505b17c7dcf086371a', + Var('chromium_url') + '/chromium/src/third_party/protobuf.git' + '@' + '0cbab48ca5b9c291a43782abede92830539e150a', 'third_party/re2/src': Var('chromium_url') + '/external/github.com/google/re2.git' + '@' + '6dcd83d60f7944926bfd308cc13979fc53dd69ca', 'third_party/requests': { @@ -491,9 +493,9 @@ deps = { 'condition': 'not build_with_chromium and host_cpu != "s390" and host_os != "zos" and host_cpu != "ppc"', }, 'third_party/zlib': - Var('chromium_url') + '/chromium/src/third_party/zlib.git'+ '@' + 'fa9f14143c7938e6a1d18443900efee7a1e5e669', + Var('chromium_url') + '/chromium/src/third_party/zlib.git'+ '@' + 'c7678ba8af4577e45023b35ae96b6b71efa0acf7', 'tools/clang': - Var('chromium_url') + '/chromium/src/tools/clang.git' + '@' + 'e47c184ec52d50c7aa2a99cd3bd26ebcafaa94b9', + Var('chromium_url') + '/chromium/src/tools/clang.git' + '@' + '05cdff47284016c9ad04ab66b955cc0442014435', 'tools/luci-go': { 'packages': [ { @@ -511,7 +513,7 @@ deps = { 'tools/protoc_wrapper': Var('chromium_url') + '/chromium/src/tools/protoc_wrapper.git' + '@' + 'dbcbea90c20ae1ece442d8ef64e61c7b10e2b013', 'third_party/abseil-cpp': { - 'url': Var('chromium_url') + '/chromium/src/third_party/abseil-cpp.git' + '@' + '1f7e21e34c3807a8841c9562cfc8b3213eb50bfc', + 'url': Var('chromium_url') + '/chromium/src/third_party/abseil-cpp.git' + '@' + '1ffd70268e0ecf41b5aa64e62e4ba10e28a589a5', 'condition': 'not build_with_chromium', }, 'third_party/zoslib': { diff --git a/deps/v8/ENG_REVIEW_OWNERS b/deps/v8/ENG_REVIEW_OWNERS index 27a979ebaf9d9e..d601572c0b16d3 100644 --- a/deps/v8/ENG_REVIEW_OWNERS +++ b/deps/v8/ENG_REVIEW_OWNERS @@ -3,9 +3,8 @@ # directories. adamk@chromium.org -danno@chromium.org gdeepti@chromium.org -hpayer@chromium.org +hpayer@chromium.org #{LAST_RESORT_SUGGESTION} leszeks@chromium.org mlippautz@chromium.org syg@chromium.org diff --git a/deps/v8/bazel/defs.bzl b/deps/v8/bazel/defs.bzl index ba1716d9ad466a..16f2a61faa39bf 100644 --- a/deps/v8/bazel/defs.bzl +++ b/deps/v8/bazel/defs.bzl @@ -432,7 +432,7 @@ def _v8_target_cpu_transition_impl(settings, "armeabi-v7a": "arm32", "s390x": "s390x", "riscv64": "riscv64", - "ppc": "ppc64le", + "ppc64": "ppc64le", } v8_target_cpu = mapping[settings["//command_line_option:cpu"]] return {"@v8//bazel/config:v8_target_cpu": v8_target_cpu} @@ -535,6 +535,7 @@ def build_config_content(cpu, icu): ("arch", arch), ("asan", "false"), ("atomic_object_field_writes", "false"), + ("cet_shadow_stack", "false"), ("cfi", "false"), ("clang_coverage", "false"), ("clang", "true"), @@ -588,6 +589,7 @@ def build_config_content(cpu, icu): ("verify_csa", "false"), ("verify_heap", "false"), ("verify_predictable", "false"), + ("wasm_random_fuzzers", "false"), ("write_barriers", "false"), ]) diff --git a/deps/v8/gni/v8.gni b/deps/v8/gni/v8.gni index 09c3e7adec40a9..847a399c2f0bb2 100644 --- a/deps/v8/gni/v8.gni +++ b/deps/v8/gni/v8.gni @@ -128,6 +128,12 @@ declare_args() { cppgc_is_standalone = false + # Enables certain checks on API level functionality. + cppgc_enable_api_checks = is_debug || dcheck_always_on + + # Enable slow checks on API level functionality. + cppgc_enable_slow_api_checks = false + # Enable object names in cppgc for profiling purposes. cppgc_enable_object_names = is_chrome_for_testing @@ -218,7 +224,8 @@ assert(!(v8_enable_webassembly && v8_enable_lite_mode), if (v8_enable_pointer_compression == "") { v8_enable_pointer_compression = - v8_current_cpu == "arm64" || v8_current_cpu == "x64" + v8_current_cpu == "arm64" || v8_current_cpu == "x64" || + v8_current_cpu == "loong64" } # The Wasm interpreter is currently supported only on arm64 and x64, on diff --git a/deps/v8/include/cppgc/internal/logging.h b/deps/v8/include/cppgc/internal/logging.h index 3a279fe0bef839..2129e85f2406e0 100644 --- a/deps/v8/include/cppgc/internal/logging.h +++ b/deps/v8/include/cppgc/internal/logging.h @@ -20,18 +20,18 @@ FatalImpl(const char*, const SourceLocation& = SourceLocation::Current()); template struct EatParams {}; -#if defined(DEBUG) +#ifdef CPPGC_ENABLE_API_CHECKS #define CPPGC_DCHECK_MSG(condition, message) \ do { \ if (V8_UNLIKELY(!(condition))) { \ ::cppgc::internal::DCheckImpl(message); \ } \ } while (false) -#else // !defined(DEBUG) +#else // !CPPGC_ENABLE_API_CHECKS #define CPPGC_DCHECK_MSG(condition, message) \ (static_cast(::cppgc::internal::EatParams(condition), message)>{})) -#endif // !defined(DEBUG) +#endif // !CPPGC_ENABLE_API_CHECKS #define CPPGC_DCHECK(condition) CPPGC_DCHECK_MSG(condition, #condition) diff --git a/deps/v8/include/cppgc/internal/member-storage.h b/deps/v8/include/cppgc/internal/member-storage.h index 2b5bfec4ed5cc1..fa221cf0531228 100644 --- a/deps/v8/include/cppgc/internal/member-storage.h +++ b/deps/v8/include/cppgc/internal/member-storage.h @@ -71,11 +71,17 @@ class V8_EXPORT CageBaseGlobal final { class V8_TRIVIAL_ABI CompressedPointer final { public: + struct AtomicInitializerTag {}; + using IntegralType = uint32_t; static constexpr auto kWriteBarrierSlotType = WriteBarrierSlotType::kCompressed; V8_INLINE CompressedPointer() : value_(0u) {} + V8_INLINE explicit CompressedPointer(const void* value, + AtomicInitializerTag) { + StoreAtomic(value); + } V8_INLINE explicit CompressedPointer(const void* ptr) : value_(Compress(ptr)) {} V8_INLINE explicit CompressedPointer(std::nullptr_t) : value_(0u) {} @@ -196,11 +202,16 @@ class V8_TRIVIAL_ABI CompressedPointer final { class V8_TRIVIAL_ABI RawPointer final { public: + struct AtomicInitializerTag {}; + using IntegralType = uintptr_t; static constexpr auto kWriteBarrierSlotType = WriteBarrierSlotType::kUncompressed; V8_INLINE RawPointer() : ptr_(nullptr) {} + V8_INLINE explicit RawPointer(const void* ptr, AtomicInitializerTag) { + StoreAtomic(ptr); + } V8_INLINE explicit RawPointer(const void* ptr) : ptr_(ptr) {} V8_INLINE const void* Load() const { return ptr_; } diff --git a/deps/v8/include/cppgc/internal/persistent-node.h b/deps/v8/include/cppgc/internal/persistent-node.h index d22692a768c49f..413ddd9189b049 100644 --- a/deps/v8/include/cppgc/internal/persistent-node.h +++ b/deps/v8/include/cppgc/internal/persistent-node.h @@ -18,6 +18,7 @@ namespace internal { class CrossThreadPersistentRegion; class FatalOutOfMemoryHandler; +class HeapBase; class RootVisitor; // PersistentNode represents a variant of two states: @@ -133,10 +134,14 @@ class V8_EXPORT PersistentRegionBase { }; // Variant of PersistentRegionBase that checks whether the allocation and -// freeing happens only on the thread that created the region. +// freeing happens only on the thread that created the heap. class V8_EXPORT PersistentRegion final : public PersistentRegionBase { public: - explicit PersistentRegion(const FatalOutOfMemoryHandler&); + V8_INLINE PersistentRegion(const HeapBase& heap, + const FatalOutOfMemoryHandler& oom_handler) + : PersistentRegionBase(oom_handler), heap_(heap) { + CPPGC_DCHECK(IsCreationThread()); + } // Clears Persistent fields to avoid stale pointers after heap teardown. ~PersistentRegion() = default; @@ -161,7 +166,7 @@ class V8_EXPORT PersistentRegion final : public PersistentRegionBase { private: bool IsCreationThread(); - int creation_thread_id_; + const HeapBase& heap_; }; // CrossThreadPersistent uses PersistentRegionBase but protects it using this diff --git a/deps/v8/include/cppgc/internal/pointer-policies.h b/deps/v8/include/cppgc/internal/pointer-policies.h index 06fa884f49f34b..bba484237da466 100644 --- a/deps/v8/include/cppgc/internal/pointer-policies.h +++ b/deps/v8/include/cppgc/internal/pointer-policies.h @@ -28,13 +28,19 @@ class WeakMemberTag; class UntracedMemberTag; struct DijkstraWriteBarrierPolicy { - V8_INLINE static void InitializingBarrier(const void*, const void*) { // Since in initializing writes the source object is always white, having no // barrier doesn't break the tri-color invariant. - } + V8_INLINE static void InitializingBarrier(const void*, const void*) {} + V8_INLINE static void InitializingBarrier(const void*, RawPointer storage) { + } +#if defined(CPPGC_POINTER_COMPRESSION) + V8_INLINE static void InitializingBarrier(const void*, + CompressedPointer storage) {} +#endif - template - V8_INLINE static void AssigningBarrier(const void* slot, const void* value) { + template + V8_INLINE static void AssigningBarrier(const void* slot, + const void* value) { #ifdef CPPGC_SLIM_WRITE_BARRIER if (V8_UNLIKELY(WriteBarrier::IsEnabled())) WriteBarrier::CombinedWriteBarrierSlow(slot); @@ -44,7 +50,7 @@ struct DijkstraWriteBarrierPolicy { WriteBarrier::GetWriteBarrierType(slot, value, params); WriteBarrier(type, params, slot, value); #endif // !CPPGC_SLIM_WRITE_BARRIER - } + } template V8_INLINE static void AssigningBarrier(const void* slot, RawPointer storage) { @@ -101,6 +107,11 @@ struct DijkstraWriteBarrierPolicy { struct NoWriteBarrierPolicy { V8_INLINE static void InitializingBarrier(const void*, const void*) {} + V8_INLINE static void InitializingBarrier(const void*, RawPointer storage) {} +#if defined(CPPGC_POINTER_COMPRESSION) + V8_INLINE static void InitializingBarrier(const void*, + CompressedPointer storage) {} +#endif template V8_INLINE static void AssigningBarrier(const void*, const void*) {} template @@ -119,10 +130,29 @@ template class V8_EXPORT SameThreadEnabledCheckingPolicy : private SameThreadEnabledCheckingPolicyBase { protected: + template + V8_INLINE void CheckPointer(RawPointer raw_pointer) { + if (raw_pointer.IsCleared() || raw_pointer.IsSentinel()) { + return; + } + CheckPointersImplTrampoline::Call( + this, static_cast(raw_pointer.Load())); + } +#if defined(CPPGC_POINTER_COMPRESSION) + template + V8_INLINE void CheckPointer(CompressedPointer compressed_pointer) { + if (compressed_pointer.IsCleared() || compressed_pointer.IsSentinel()) { + return; + } + CheckPointersImplTrampoline::Call( + this, static_cast(compressed_pointer.Load())); + } +#endif template void CheckPointer(const T* ptr) { - if (!ptr || (kSentinelPointer == ptr)) return; - + if (!ptr || (kSentinelPointer == ptr)) { + return; + } CheckPointersImplTrampoline::Call(this, ptr); } @@ -145,20 +175,27 @@ class V8_EXPORT SameThreadEnabledCheckingPolicy class DisabledCheckingPolicy { protected: - V8_INLINE void CheckPointer(const void*) {} + template + V8_INLINE void CheckPointer(T*) {} + template + V8_INLINE void CheckPointer(RawPointer) {} +#if defined(CPPGC_POINTER_COMPRESSION) + template + V8_INLINE void CheckPointer(CompressedPointer) {} +#endif }; -#ifdef DEBUG +#ifdef CPPGC_ENABLE_SLOW_API_CHECKS // Off heap members are not connected to object graph and thus cannot ressurect // dead objects. using DefaultMemberCheckingPolicy = SameThreadEnabledCheckingPolicy; using DefaultPersistentCheckingPolicy = SameThreadEnabledCheckingPolicy; -#else // !DEBUG +#else // !CPPGC_ENABLE_SLOW_API_CHECKS using DefaultMemberCheckingPolicy = DisabledCheckingPolicy; using DefaultPersistentCheckingPolicy = DisabledCheckingPolicy; -#endif // !DEBUG +#endif // !CPPGC_ENABLE_SLOW_API_CHECKS // For CT(W)P neither marking information (for value), nor objectstart bitmap // (for slot) are guaranteed to be present because there's no synchronization // between heaps after marking. diff --git a/deps/v8/include/cppgc/member.h b/deps/v8/include/cppgc/member.h index 457f163bc78eab..6a570bd5535fdf 100644 --- a/deps/v8/include/cppgc/member.h +++ b/deps/v8/include/cppgc/member.h @@ -38,9 +38,8 @@ class V8_TRIVIAL_ABI MemberBase { V8_INLINE MemberBase() = default; V8_INLINE explicit MemberBase(const void* value) : raw_(value) {} - V8_INLINE MemberBase(const void* value, AtomicInitializerTag) { - SetRawAtomic(value); - } + V8_INLINE MemberBase(const void* value, AtomicInitializerTag) + : raw_(value, typename RawStorage::AtomicInitializerTag{}) {} V8_INLINE explicit MemberBase(RawStorage raw) : raw_(raw) {} V8_INLINE explicit MemberBase(std::nullptr_t) : raw_(nullptr) {} @@ -87,7 +86,7 @@ class V8_TRIVIAL_ABI BasicMember final : private MemberBase, V8_INLINE BasicMember(SentinelPointer s) : Base(s) {} // NOLINT V8_INLINE BasicMember(T* raw) : Base(raw) { // NOLINT InitializingWriteBarrier(raw); - this->CheckPointer(Get()); + CheckPointer(raw); } V8_INLINE BasicMember(T& raw) // NOLINT : BasicMember(&raw) {} @@ -103,7 +102,7 @@ class V8_TRIVIAL_ABI BasicMember final : private MemberBase, V8_INLINE BasicMember(T* raw, AtomicInitializerTag atomic) : Base(raw, atomic) { InitializingWriteBarrier(raw); - this->CheckPointer(Get()); + CheckPointer(raw); } V8_INLINE BasicMember(T& raw, AtomicInitializerTag atomic) : BasicMember(&raw, atomic) {} @@ -231,7 +230,7 @@ class V8_TRIVIAL_ABI BasicMember final : private MemberBase, V8_INLINE BasicMember& operator=(T* other) { Base::SetRawAtomic(other); AssigningWriteBarrier(other); - this->CheckPointer(Get()); + CheckPointer(other); return *this; } @@ -290,14 +289,14 @@ class V8_TRIVIAL_ABI BasicMember final : private MemberBase, private: V8_INLINE explicit BasicMember(RawStorage raw) : Base(raw) { - InitializingWriteBarrier(Get()); - this->CheckPointer(Get()); + InitializingWriteBarrier(); + CheckPointer(); } V8_INLINE BasicMember& operator=(RawStorage other) { Base::SetRawStorageAtomic(other); AssigningWriteBarrier(); - this->CheckPointer(Get()); + CheckPointer(); return *this; } @@ -308,6 +307,10 @@ class V8_TRIVIAL_ABI BasicMember final : private MemberBase, V8_INLINE void InitializingWriteBarrier(T* value) const { WriteBarrierPolicy::InitializingBarrier(Base::GetRawSlot(), value); } + V8_INLINE void InitializingWriteBarrier() const { + WriteBarrierPolicy::InitializingBarrier(Base::GetRawSlot(), + Base::GetRawStorage()); + } V8_INLINE void AssigningWriteBarrier(T* value) const { WriteBarrierPolicy::template AssigningBarrier< StorageType::kWriteBarrierSlotType>(Base::GetRawSlot(), value); @@ -317,6 +320,12 @@ class V8_TRIVIAL_ABI BasicMember final : private MemberBase, StorageType::kWriteBarrierSlotType>(Base::GetRawSlot(), Base::GetRawStorage()); } + V8_INLINE void CheckPointer(T* value) { + CheckingPolicy::template CheckPointer(value); + } + V8_INLINE void CheckPointer() { + CheckingPolicy::template CheckPointer(Base::GetRawStorage()); + } V8_INLINE void ClearFromGC() const { Base::ClearFromGC(); } diff --git a/deps/v8/include/cppgc/name-provider.h b/deps/v8/include/cppgc/name-provider.h index ec512441472d47..849176fde0fc45 100644 --- a/deps/v8/include/cppgc/name-provider.h +++ b/deps/v8/include/cppgc/name-provider.h @@ -55,6 +55,9 @@ class V8_EXPORT NameProvider { * Specifies a name for the garbage-collected object. Such names will never * be hidden, as they are explicitly specified by the user of this API. * + * Implementations of this function must not allocate garbage-collected + * objects or otherwise modify the cppgc heap. + * * V8 may call this function while generating a heap snapshot or at other * times. If V8 is currently generating a heap snapshot (according to * HeapProfiler::IsTakingSnapshot), then the returned string must stay alive diff --git a/deps/v8/include/js_protocol.pdl b/deps/v8/include/js_protocol.pdl index 8dad9c98de9f6e..b96102b7f8f793 100644 --- a/deps/v8/include/js_protocol.pdl +++ b/deps/v8/include/js_protocol.pdl @@ -369,6 +369,14 @@ domain Debugger # call stacks (default). integer maxDepth + # Replace previous blackbox execution contexts with passed ones. Forces backend to skip + # stepping/pausing in scripts in these execution contexts. VM will try to leave blackboxed script by + # performing 'step in' several times, finally resorting to 'step out' if unsuccessful. + experimental command setBlackboxExecutionContexts + parameters + # Array of execution context unique ids for the debugger to ignore. + array of string uniqueIds + # Replace previous blackbox patterns with passed ones. Forces backend to skip stepping/pausing in # scripts with url matching one of the patterns. VM will try to leave blackboxed script by # performing 'step in' several times, finally resorting to 'step out' if unsuccessful. @@ -376,6 +384,8 @@ domain Debugger parameters # Array of regexps that will be used to check script url for blackbox state. array of string patterns + # If true, also ignore scripts with no source url. + optional boolean skipAnonymous # Makes backend skip steps in the script in blackboxed ranges. VM will try leave blacklisted # scripts by performing 'step in' several times, finally resorting to 'step out' if unsuccessful. @@ -606,7 +616,6 @@ domain Debugger properties # Type of the debug symbols. enum type - None SourceMap EmbeddedDWARF ExternalDWARF @@ -689,8 +698,8 @@ domain Debugger experimental optional integer codeOffset # The language of the script. experimental optional Debugger.ScriptLanguage scriptLanguage - # If the scriptLanguage is WebASsembly, the source of debug symbols for the module. - experimental optional Debugger.DebugSymbols debugSymbols + # If the scriptLanguage is WebAssembly, the source of debug symbols for the module. + experimental optional array of Debugger.DebugSymbols debugSymbols # The name the embedder supplied for this script. experimental optional string embedderName diff --git a/deps/v8/include/v8-array-buffer.h b/deps/v8/include/v8-array-buffer.h index 0a3d8170f68214..511ef3901ba29f 100644 --- a/deps/v8/include/v8-array-buffer.h +++ b/deps/v8/include/v8-array-buffer.h @@ -10,6 +10,7 @@ #include #include "v8-local-handle.h" // NOLINT(build/include_directory) +#include "v8-memory-span.h" // NOLINT(build/include_directory) #include "v8-object.h" // NOLINT(build/include_directory) #include "v8config.h" // NOLINT(build/include_directory) @@ -217,6 +218,18 @@ class V8_EXPORT ArrayBuffer : public Object { */ size_t MaxByteLength() const; + /** + * Attempt to create a new ArrayBuffer. Allocate |byte_length| bytes. + * Allocated memory will be owned by a created ArrayBuffer and + * will be deallocated when it is garbage-collected, + * unless the object is externalized. If allocation fails, the Maybe + * returned will be empty. + */ + static MaybeLocal MaybeNew( + Isolate* isolate, size_t byte_length, + BackingStoreInitializationMode initialization_mode = + BackingStoreInitializationMode::kZeroInitialized); + /** * Create a new ArrayBuffer. Allocate |byte_length| bytes, which are either * zero-initialized or uninitialized. Allocated memory will be owned by a @@ -394,6 +407,16 @@ class V8_EXPORT ArrayBufferView : public Object { */ size_t CopyContents(void* dest, size_t byte_length); + /** + * Returns the contents of the ArrayBufferView's buffer as a MemorySpan. If + * the contents are on the V8 heap, they get copied into `storage`. Otherwise + * a view into the off-heap backing store is returned. The provided storage + * should be at least as large as the maximum on-heap size of a TypedArray, + * was defined in gn with `typed_array_max_size_in_heap`. The default value is + * 64 bytes. + */ + v8::MemorySpan GetContents(v8::MemorySpan storage); + /** * Returns true if ArrayBufferView's backing ArrayBuffer has already been * allocated. diff --git a/deps/v8/include/v8-callbacks.h b/deps/v8/include/v8-callbacks.h index 567b36faf63ddb..f757eb15408272 100644 --- a/deps/v8/include/v8-callbacks.h +++ b/deps/v8/include/v8-callbacks.h @@ -369,6 +369,47 @@ using HostImportModuleDynamicallyCallback = MaybeLocal (*)( Local resource_name, Local specifier, Local import_attributes); +/** + * HostImportModuleWithPhaseDynamicallyCallback is called when we + * require the embedder to load a module with a specific phase. This is used + * as part of the dynamic import syntax. + * + * The referrer contains metadata about the script/module that calls + * import. + * + * The specifier is the name of the module that should be imported. + * + * The phase is the phase of the import requested. + * + * The import_attributes are import attributes for this request in the form: + * [key1, value1, key2, value2, ...] where the keys and values are of type + * v8::String. Note, unlike the FixedArray passed to ResolveModuleCallback and + * returned from ModuleRequest::GetImportAttributes(), this array does not + * contain the source Locations of the attributes. + * + * The Promise returned from this function is forwarded to userland + * JavaScript. The embedder must resolve this promise according to the phase + * requested: + * - For ModuleImportPhase::kSource, the promise must be resolved with a + * compiled ModuleSource object, or rejected with a ReferenceError if the + * module does not support source representation. + * - For ModuleImportPhase::kEvaluation, the promise must be resolved with a + * ModuleNamespace object of a module that has been compiled, instantiated, + * and evaluated. + * + * In case of an exception, the embedder must reject this promise with the + * exception. If the promise creation itself fails (e.g. due to stack + * overflow), the embedder must propagate that exception by returning an empty + * MaybeLocal. + * + * This callback is still experimental and is only invoked for source phase + * imports. + */ +using HostImportModuleWithPhaseDynamicallyCallback = MaybeLocal (*)( + Local context, Local host_defined_options, + Local resource_name, Local specifier, + ModuleImportPhase phase, Local import_attributes); + /** * Callback for requesting a compile hint for a function from the embedder. The * first parameter is the position of the function in source code and the second diff --git a/deps/v8/include/v8-context.h b/deps/v8/include/v8-context.h index 0861d66493bd2d..43dadadeabff59 100644 --- a/deps/v8/include/v8-context.h +++ b/deps/v8/include/v8-context.h @@ -427,7 +427,8 @@ class V8_EXPORT Context : public Data { static void CheckCast(Data* obj); - internal::Address* GetDataFromSnapshotOnce(size_t index); + internal::ValueHelper::InternalRepresentationType GetDataFromSnapshotOnce( + size_t index); Local SlowGetEmbedderData(int index); void* SlowGetAlignedPointerFromEmbedderData(int index); }; @@ -497,10 +498,10 @@ void* Context::GetAlignedPointerFromEmbedderData(int index) { template MaybeLocal Context::GetDataFromSnapshotOnce(size_t index) { - if (auto slot = GetDataFromSnapshotOnce(index); slot) { - internal::PerformCastCheck( - internal::ValueHelper::SlotAsValue(slot)); - return Local::FromSlot(slot); + if (auto repr = GetDataFromSnapshotOnce(index); + repr != internal::ValueHelper::kEmpty) { + internal::PerformCastCheck(internal::ValueHelper::ReprAsValue(repr)); + return Local::FromRepr(repr); } return {}; } diff --git a/deps/v8/include/v8-debug.h b/deps/v8/include/v8-debug.h index 52255f3700cb73..55ee9381bafe8b 100644 --- a/deps/v8/include/v8-debug.h +++ b/deps/v8/include/v8-debug.h @@ -130,6 +130,11 @@ class V8_EXPORT StackTrace { kDetailed = kOverview | kIsEval | kIsConstructor | kScriptNameOrSourceURL }; + /** + * Returns the (unique) ID of this stack trace. + */ + int GetID() const; + /** * Returns a StackFrame at a particular index. */ diff --git a/deps/v8/include/v8-embedder-heap.h b/deps/v8/include/v8-embedder-heap.h index 7cc9aa0e637b75..2ecfe5250bf5fb 100644 --- a/deps/v8/include/v8-embedder-heap.h +++ b/deps/v8/include/v8-embedder-heap.h @@ -21,37 +21,10 @@ class Value; */ class V8_EXPORT EmbedderRootsHandler { public: - enum class RootHandling { - kQueryEmbedderForNonDroppableReferences, - kDontQueryEmbedderForAnyReference, - }; - virtual ~EmbedderRootsHandler() = default; EmbedderRootsHandler() = default; - V8_DEPRECATED("Use the default constructor instead.") - explicit EmbedderRootsHandler(RootHandling default_traced_reference_handling) - : default_traced_reference_handling_(default_traced_reference_handling) {} - - /** - * Returns true if the |TracedReference| handle should be considered as root - * for the currently running non-tracing garbage collection and false - * otherwise. The default implementation will keep all |TracedReference| - * references as roots. - * - * If this returns false, then V8 may decide that the object referred to by - * such a handle is reclaimed. In that case, V8 calls |ResetRoot()| for the - * |TracedReference|. - * - * Note that the `handle` is different from the handle that the embedder holds - * for retaining the object. - * - * The concrete implementations must be thread-safe. - */ - V8_DEPRECATED("Use TracedReferenceHandling::kDroppable instead.") - virtual bool IsRoot(const v8::TracedReference& handle) = 0; - /** * Used in combination with |IsRoot|. Called by V8 when an * object that is backed by a handle is reclaimed by a non-tracing garbage @@ -74,9 +47,6 @@ class V8_EXPORT EmbedderRootsHandler { } private: - const RootHandling default_traced_reference_handling_ = - RootHandling::kDontQueryEmbedderForAnyReference; - friend class internal::TracedHandles; }; diff --git a/deps/v8/include/v8-fast-api-calls.h b/deps/v8/include/v8-fast-api-calls.h index 18466688cf90cb..f10444e3916c5d 100644 --- a/deps/v8/include/v8-fast-api-calls.h +++ b/deps/v8/include/v8-fast-api-calls.h @@ -270,9 +270,10 @@ class CTypeInfo { enum class SequenceType : uint8_t { kScalar, - kIsSequence, // sequence - kIsTypedArray, // TypedArray of T or any ArrayBufferView if T - // is void + kIsSequence, // sequence + kIsTypedArray V8_DEPRECATE_SOON( + "TypedArrays are not supported directly anymore."), + // is void kIsArrayBuffer // ArrayBuffer }; @@ -325,7 +326,9 @@ class CTypeInfo { Flags flags_; }; -struct FastApiTypedArrayBase { +struct V8_DEPRECATE_SOON( + "With the removal of FastApiTypedArray this type is not needed " + "anymore.") FastApiTypedArrayBase { public: // Returns the length in number of elements. size_t V8_EXPORT length() const { return length_; } @@ -337,7 +340,7 @@ struct FastApiTypedArrayBase { }; template -struct V8_DEPRECATE_SOON( +struct V8_DEPRECATED( "When an API function expects a TypedArray as a parameter, the type in the " "signature should be `v8::Local` instead of " "FastApiTypedArray<>. The API function then has to type-check the " @@ -372,18 +375,12 @@ struct V8_DEPRECATE_SOON( void* data_; }; -// Any TypedArray. It uses kTypedArrayBit with base type void -// Overloaded args of ArrayBufferView and TypedArray are not supported -// (for now) because the generic “any” ArrayBufferView doesn’t have its -// own instance type. It could be supported if we specify that -// TypedArray always has precedence over the generic ArrayBufferView, -// but this complicates overload resolution. -struct FastApiArrayBufferView { +struct V8_DEPRECATE_SOON("This API is dead within V8") FastApiArrayBufferView { void* data; size_t byte_length; }; -struct FastApiArrayBuffer { +struct V8_DEPRECATE_SOON("This API is dead within V8") FastApiArrayBuffer { void* data; size_t byte_length; }; @@ -496,6 +493,10 @@ class V8_EXPORT CFunction { // Returns whether an overload between this and the given CFunction can // be resolved at runtime by the RTTI available for the arguments or at // compile time for functions with different number of arguments. + V8_DEPRECATE_SOON( + "Overload resolution is only based on the parameter count. If the " + "parameter count is different, overload resolution is possible and " + "happens at compile time. Otherwise overload resolution is impossible.") OverloadResolution GetOverloadResolution(const CFunction* other) { // Runtime overload resolution can only deal with functions with the // same number of arguments. Functions with different arity are handled @@ -699,17 +700,19 @@ PRIMITIVE_C_TYPES(DEFINE_TYPE_INFO_TRAITS) #undef PRIMITIVE_C_TYPES #undef ALL_C_TYPES -#define SPECIALIZE_GET_TYPE_INFO_HELPER_FOR_TA(T, Enum) \ - template <> \ - struct TypeInfoHelper&> { \ - static constexpr CTypeInfo::Flags Flags() { \ - return CTypeInfo::Flags::kNone; \ - } \ - \ - static constexpr CTypeInfo::Type Type() { return CTypeInfo::Type::Enum; } \ - static constexpr CTypeInfo::SequenceType SequenceType() { \ - return CTypeInfo::SequenceType::kIsTypedArray; \ - } \ +#define SPECIALIZE_GET_TYPE_INFO_HELPER_FOR_TA(T, Enum) \ + template <> \ + struct V8_DEPRECATE_SOON( \ + "This struct is unnecessary now, because FastApiTypedArray has already " \ + "been deprecated as well") TypeInfoHelper&> { \ + static constexpr CTypeInfo::Flags Flags() { \ + return CTypeInfo::Flags::kNone; \ + } \ + \ + static constexpr CTypeInfo::Type Type() { return CTypeInfo::Type::Enum; } \ + static constexpr CTypeInfo::SequenceType SequenceType() { \ + return CTypeInfo::SequenceType::kIsTypedArray; \ + } \ }; #define TYPED_ARRAY_C_TYPES(V) \ @@ -736,7 +739,9 @@ struct TypeInfoHelper> { }; template <> -struct TypeInfoHelper> { +struct V8_DEPRECATE_SOON( + "TypedArrays are not supported directly anymore. Use Local instead.") + TypeInfoHelper> { static constexpr CTypeInfo::Flags Flags() { return CTypeInfo::Flags::kNone; } static constexpr CTypeInfo::Type Type() { return CTypeInfo::Type::kUint32; } @@ -779,6 +784,7 @@ class V8_EXPORT CTypeInfoBuilder { public: using BaseType = T; + START_ALLOW_USE_DEPRECATED() static constexpr CTypeInfo Build() { constexpr CTypeInfo::Flags kFlags = MergeFlags(internal::TypeInfoHelper::Flags(), Flags...); @@ -815,6 +821,7 @@ class V8_EXPORT CTypeInfoBuilder { return CTypeInfo(internal::TypeInfoHelper::Type(), internal::TypeInfoHelper::SequenceType(), kFlags); } + END_ALLOW_USE_DEPRECATED() private: template diff --git a/deps/v8/include/v8-handle-base.h b/deps/v8/include/v8-handle-base.h index 3075441e997910..fef78f2ceefe35 100644 --- a/deps/v8/include/v8-handle-base.h +++ b/deps/v8/include/v8-handle-base.h @@ -86,6 +86,16 @@ class IndirectHandleBase { return internal::ValueHelper::SlotAsValue(slot()); } +#ifdef V8_ENABLE_DIRECT_HANDLE + V8_INLINE internal::ValueHelper::InternalRepresentationType repr() const { + return location_ ? *location_ : internal::ValueHelper::kEmpty; + } +#else + V8_INLINE internal::ValueHelper::InternalRepresentationType repr() const { + return location_; + } +#endif // V8_ENABLE_DIRECT_HANDLE + private: internal::Address* location_ = nullptr; }; @@ -126,6 +136,10 @@ class DirectHandleBase { return reinterpret_cast(ptr_); } + V8_INLINE internal::ValueHelper::InternalRepresentationType repr() const { + return ptr_; + } + private: internal::Address ptr_ = internal::ValueHelper::kEmpty; }; diff --git a/deps/v8/include/v8-initialization.h b/deps/v8/include/v8-initialization.h index c3984668bb1100..9c9097c77d81aa 100644 --- a/deps/v8/include/v8-initialization.h +++ b/deps/v8/include/v8-initialization.h @@ -112,11 +112,18 @@ class V8_EXPORT V8 { const bool kV8TargetOsIsAndroid = false; #endif +#ifdef V8_ENABLE_CHECKS + const bool kV8EnableChecks = true; +#else + const bool kV8EnableChecks = false; +#endif + const int kBuildConfiguration = (internal::PointerCompressionIsEnabled() ? kPointerCompression : 0) | (internal::SmiValuesAre31Bits() ? k31BitSmis : 0) | (internal::SandboxIsEnabled() ? kSandbox : 0) | - (kV8TargetOsIsAndroid ? kTargetOsIsAndroid : 0); + (kV8TargetOsIsAndroid ? kTargetOsIsAndroid : 0) | + (kV8EnableChecks ? kEnableChecks : 0); return Initialize(kBuildConfiguration); } @@ -202,12 +209,18 @@ class V8_EXPORT V8 { /** * Returns true if the sandbox is configured securely. * - * If V8 cannot create a regular sandbox during initialization, for example - * because not enough virtual address space can be reserved, it will instead - * create a fallback sandbox that still allows it to function normally but - * does not have the same security properties as a regular sandbox. This API - * can be used to determine if such a fallback sandbox is being used, in - * which case it will return false. + * There are currently two reasons why this may return false: + * + * 1. If V8 cannot create a regular sandbox during initialization, for + * example because not enough virtual address space can be reserved, it + * will instead create a fallback sandbox that still allows it to + * function normally but does not have the same security properties as a + * regular sandbox. + * + * 2. The Sandbox will also attempt to reserve the first four gigabytes of + * the address space during initialization. This is used to mitigates + * certain issues where a Smi is treated as a pointer and dereferenced, + * causing an access somewhere in the 32-bit address range. */ static bool IsSandboxConfiguredSecurely(); @@ -288,6 +301,7 @@ class V8_EXPORT V8 { k31BitSmis = 1 << 1, kSandbox = 1 << 2, kTargetOsIsAndroid = 1 << 3, + kEnableChecks = 1 << 4, }; /** diff --git a/deps/v8/include/v8-inspector.h b/deps/v8/include/v8-inspector.h index 89bb0bbd539b28..61eb837c6a9573 100644 --- a/deps/v8/include/v8-inspector.h +++ b/deps/v8/include/v8-inspector.h @@ -297,11 +297,11 @@ class V8_EXPORT V8InspectorClient { return v8::MaybeLocal(); } - virtual void consoleTime(v8::Isolate* isolate, v8::Local label); + virtual void consoleTime(v8::Isolate* isolate, v8::Local label) {} virtual void consoleTimeEnd(v8::Isolate* isolate, - v8::Local label); + v8::Local label) {} virtual void consoleTimeStamp(v8::Isolate* isolate, - v8::Local label); + v8::Local label) {} virtual void consoleClear(int contextGroupId) {} virtual double currentTimeMS() { return 0; } diff --git a/deps/v8/include/v8-internal.h b/deps/v8/include/v8-internal.h index a13db2bd74ad4b..743c0a50c59bab 100644 --- a/deps/v8/include/v8-internal.h +++ b/deps/v8/include/v8-internal.h @@ -44,7 +44,9 @@ class Isolate; namespace internal { class Heap; +class LocalHeap; class Isolate; +class LocalIsolate; typedef uintptr_t Address; static constexpr Address kNullAddress = 0; @@ -160,15 +162,15 @@ struct SmiTagging<8> { std::is_signed_v>* = nullptr> V8_INLINE static constexpr bool IsValidSmi(T value) { // To be representable as a long smi, the value must be a 32-bit integer. - return (value == static_cast(value)); + return std::numeric_limits::min() <= value && + value <= std::numeric_limits::max(); } template && std::is_unsigned_v>* = nullptr> V8_INLINE static constexpr bool IsValidSmi(T value) { - return (static_cast(value) == - static_cast(static_cast(value))); + return value <= std::numeric_limits::max(); } }; @@ -234,10 +236,6 @@ using SandboxedPointer_t = Address; // virtual address space for userspace. As such, limit the sandbox to 128GB (a // quarter of the total available address space). constexpr size_t kSandboxSizeLog2 = 37; // 128 GB -#elif defined(V8_TARGET_ARCH_LOONG64) -// Some Linux distros on LoongArch64 configured with only 40 bits of virtual -// address space for userspace. Limit the sandbox to 256GB here. -constexpr size_t kSandboxSizeLog2 = 38; // 256 GB #else // Everywhere else use a 1TB sandbox. constexpr size_t kSandboxSizeLog2 = 40; // 1 TB @@ -963,8 +961,10 @@ class Internals { kIsolateCppHeapPointerTableOffset + kExternalPointerTableSize; static const int kIsolateTrustedPointerTableOffset = kIsolateTrustedCageBaseOffset + kApiSystemPointerSize; - static const int kIsolateApiCallbackThunkArgumentOffset = + static const int kIsolateSharedTrustedPointerTableAddressOffset = kIsolateTrustedPointerTableOffset + kTrustedPointerTableSize; + static const int kIsolateApiCallbackThunkArgumentOffset = + kIsolateSharedTrustedPointerTableAddressOffset + kApiSystemPointerSize; #else static const int kIsolateApiCallbackThunkArgumentOffset = kIsolateCppHeapPointerTableOffset + kExternalPointerTableSize; @@ -986,12 +986,12 @@ class Internals { // These constants are copied from static-roots.h and guarded by static asserts. #define EXPORTED_STATIC_ROOTS_PTR_LIST(V) \ - V(UndefinedValue, 0x69) \ - V(NullValue, 0x85) \ - V(TrueValue, 0xc9) \ - V(FalseValue, 0xad) \ - V(EmptyString, 0xa1) \ - V(TheHoleValue, 0x791) + V(UndefinedValue, 0x11) \ + V(NullValue, 0x2d) \ + V(TrueValue, 0x71) \ + V(FalseValue, 0x55) \ + V(EmptyString, 0x49) \ + V(TheHoleValue, 0x739) using Tagged_t = uint32_t; struct StaticReadOnlyRoot { @@ -1001,7 +1001,7 @@ class Internals { // Use 0 for kStringMapLowerBound since string maps are the first maps. static constexpr Tagged_t kStringMapLowerBound = 0; - static constexpr Tagged_t kStringMapUpperBound = 0x47d; + static constexpr Tagged_t kStringMapUpperBound = 0x425; #define PLUSONE(...) +1 static constexpr size_t kNumberOfExportedStaticRoots = @@ -1047,7 +1047,7 @@ class Internals { // Soft limit for AdjustAmountofExternalAllocatedMemory. Trigger an // incremental GC once the external memory reaches this limit. - static constexpr int kExternalAllocationSoftLimit = 64 * 1024 * 1024; + static constexpr size_t kExternalAllocationSoftLimit = 64 * 1024 * 1024; #ifdef V8_MAP_PACKING static const uintptr_t kMapWordMetadataMask = 0xffffULL << 48; @@ -1377,7 +1377,10 @@ class V8_EXPORT StrongRootAllocatorBase { protected: explicit StrongRootAllocatorBase(Heap* heap) : heap_(heap) {} + explicit StrongRootAllocatorBase(LocalHeap* heap); explicit StrongRootAllocatorBase(Isolate* isolate); + explicit StrongRootAllocatorBase(v8::Isolate* isolate); + explicit StrongRootAllocatorBase(LocalIsolate* isolate); // Allocate/deallocate a range of n elements of type internal::Address. Address* allocate_impl(size_t n); @@ -1397,9 +1400,8 @@ class StrongRootAllocator : private std::allocator { public: using value_type = T; - explicit StrongRootAllocator(Heap* heap) {} - explicit StrongRootAllocator(Isolate* isolate) {} - explicit StrongRootAllocator(v8::Isolate* isolate) {} + template + explicit StrongRootAllocator(HeapOrIsolateT*) {} template StrongRootAllocator(const StrongRootAllocator& other) noexcept {} @@ -1430,7 +1432,7 @@ struct MaybeDefineIteratorConcept {}; template struct MaybeDefineIteratorConcept< Iterator, std::enable_if_t>> { - using iterator_concept = Iterator::iterator_concept; + using iterator_concept = typename Iterator::iterator_concept; }; // Otherwise fall back to `std::iterator_traits` if possible. template @@ -1443,7 +1445,8 @@ struct MaybeDefineIteratorConcept< // TODO(pkasting): Add this unconditionally after dropping support for old // libstdc++ versions. #if __has_include() - using iterator_concept = std::iterator_traits::iterator_concept; + using iterator_concept = + typename std::iterator_traits::iterator_concept; #endif }; @@ -1623,16 +1626,25 @@ class WrappedIterator : public MaybeDefineIteratorConcept { // whether direct local support is enabled. class ValueHelper final { public: + // ValueHelper::InternalRepresentationType is an abstract type that + // corresponds to the internal representation of v8::Local and essentially + // to what T* really is (these two are always in sync). This type is used in + // methods like GetDataFromSnapshotOnce that need access to a handle's + // internal representation. In particular, if `x` is a `v8::Local`, then + // `v8::Local::FromRepr(x.repr())` gives exactly the same handle as `x`. #ifdef V8_ENABLE_DIRECT_HANDLE static constexpr Address kTaggedNullAddress = 1; - static constexpr Address kEmpty = kTaggedNullAddress; + + using InternalRepresentationType = internal::Address; + static constexpr InternalRepresentationType kEmpty = kTaggedNullAddress; #else - static constexpr Address kEmpty = kNullAddress; + using InternalRepresentationType = internal::Address*; + static constexpr InternalRepresentationType kEmpty = nullptr; #endif // V8_ENABLE_DIRECT_HANDLE template V8_INLINE static bool IsEmpty(T* value) { - return reinterpret_cast
(value) == kEmpty; + return ValueAsRepr(value) == kEmpty; } // Returns a handle's "value" for all kinds of abstract handles. For Local, @@ -1659,6 +1671,16 @@ class ValueHelper final { return *reinterpret_cast(slot); } + template + V8_INLINE static InternalRepresentationType ValueAsRepr(const T* value) { + return reinterpret_cast(value); + } + + template + V8_INLINE static T* ReprAsValue(InternalRepresentationType repr) { + return reinterpret_cast(repr); + } + #else // !V8_ENABLE_DIRECT_HANDLE template @@ -1671,6 +1693,17 @@ class ValueHelper final { return reinterpret_cast(slot); } + template + V8_INLINE static InternalRepresentationType ValueAsRepr(const T* value) { + return const_cast( + reinterpret_cast(value)); + } + + template + V8_INLINE static T* ReprAsValue(InternalRepresentationType repr) { + return reinterpret_cast(repr); + } + #endif // V8_ENABLE_DIRECT_HANDLE }; diff --git a/deps/v8/include/v8-isolate.h b/deps/v8/include/v8-isolate.h index 54571391fb8227..74bd5b88c9077b 100644 --- a/deps/v8/include/v8-isolate.h +++ b/deps/v8/include/v8-isolate.h @@ -524,7 +524,7 @@ class V8_EXPORT Isolate { kDurationFormat = 117, kInvalidatedNumberStringNotRegexpLikeProtector = 118, kOBSOLETE_RegExpUnicodeSetIncompatibilitiesWithUnicodeMode = 119, - kImportAssertionDeprecatedSyntax = 120, + kOBSOLETE_ImportAssertionDeprecatedSyntax = 120, kLocaleInfoObsoletedGetters = 121, kLocaleInfoFunctions = 122, kCompileHintsMagicAll = 123, @@ -549,6 +549,8 @@ class V8_EXPORT Isolate { kDocumentAllLegacyConstruct = 142, kConsoleContext = 143, kWasmImportedStringsUtf8 = 144, + kResizableArrayBuffer = 145, + kGrowableSharedArrayBuffer = 146, // If you add new values here, you'll also need to update Chromium's: // web_feature.mojom, use_counter_callback.cc, and enums.xml. V8 changes to @@ -672,6 +674,18 @@ class V8_EXPORT Isolate { void SetHostImportModuleDynamicallyCallback( HostImportModuleDynamicallyCallback callback); + /** + * This specifies the callback called by the upcoming dynamic + * import() and import.source() language feature to load modules. + * + * This API is experimental and is expected to be changed or removed in the + * future. The callback is currently only called when for source-phase + * imports. Evaluation-phase imports use the existing + * HostImportModuleDynamicallyCallback callback. + */ + void SetHostImportModuleWithPhaseDynamicallyCallback( + HostImportModuleWithPhaseDynamicallyCallback callback); + /** * This specifies the callback called by the upcoming import.meta * language feature to retrieve host-defined meta data for a module. @@ -963,6 +977,14 @@ class V8_EXPORT Isolate { */ Local ThrowException(Local exception); + /** + * Returns true if an exception was thrown but not processed yet by an + * exception handler on JavaScript side or by v8::TryCatch handler. + * + * This is an experimental feature and may still change significantly. + */ + bool HasPendingException(); + using GCCallback = void (*)(Isolate* isolate, GCType type, GCCallbackFlags flags); using GCCallbackWithData = void (*)(Isolate* isolate, GCType type, @@ -1427,13 +1449,29 @@ class V8_EXPORT Isolate { * This is an unfinished experimental feature. Semantics and implementation * may change frequently. */ + V8_DEPRECATED("Use SetIsLoading instead") void SetRAILMode(RAILMode rail_mode); /** * Update load start time of the RAIL mode */ + V8_DEPRECATED("Use SetIsLoading instead") void UpdateLoadStartTime(); + /** + * Optional notification to tell V8 whether the embedder is currently loading + * resources. If the embedder uses this notification, it should call + * SetIsLoading(true) when loading starts and SetIsLoading(false) when it + * ends. + * It's valid to call SetIsLoading(true) again while loading, which will + * update the timestamp when V8 considers the load started. Calling + * SetIsLoading(false) while not loading does nothing. + * V8 uses these notifications to guide heuristics. + * This is an unfinished experimental feature. Semantics and implementation + * may change frequently. + */ + void SetIsLoading(bool is_loading); + /** * Optional notification to tell V8 the current isolate is used for debugging * and requires higher heap limit. @@ -1746,7 +1784,8 @@ class V8_EXPORT Isolate { template friend class PersistentValueMapBase; - internal::Address* GetDataFromSnapshotOnce(size_t index); + internal::ValueHelper::InternalRepresentationType GetDataFromSnapshotOnce( + size_t index); void HandleExternalMemoryInterrupt(); }; @@ -1767,10 +1806,10 @@ uint32_t Isolate::GetNumberOfDataSlots() { template MaybeLocal Isolate::GetDataFromSnapshotOnce(size_t index) { - if (auto slot = GetDataFromSnapshotOnce(index); slot) { - internal::PerformCastCheck( - internal::ValueHelper::SlotAsValue(slot)); - return Local::FromSlot(slot); + if (auto repr = GetDataFromSnapshotOnce(index); + repr != internal::ValueHelper::kEmpty) { + internal::PerformCastCheck(internal::ValueHelper::ReprAsValue(repr)); + return Local::FromRepr(repr); } return {}; } diff --git a/deps/v8/include/v8-local-handle.h b/deps/v8/include/v8-local-handle.h index ef110a083dc3d6..4d15a7043cecfa 100644 --- a/deps/v8/include/v8-local-handle.h +++ b/deps/v8/include/v8-local-handle.h @@ -181,6 +181,11 @@ class LocalBase : public api_internal::DirectHandleBase { V8_INLINE static LocalBase FromSlot(internal::Address* slot) { return LocalBase(*slot); } + + V8_INLINE static LocalBase FromRepr( + internal::ValueHelper::InternalRepresentationType repr) { + return LocalBase(repr); + } }; #else // !V8_ENABLE_DIRECT_HANDLE @@ -213,6 +218,11 @@ class LocalBase : public api_internal::IndirectHandleBase { V8_INLINE static LocalBase FromSlot(internal::Address* slot) { return LocalBase(slot); } + + V8_INLINE static LocalBase FromRepr( + internal::ValueHelper::InternalRepresentationType repr) { + return LocalBase(repr); + } }; #endif // V8_ENABLE_DIRECT_HANDLE @@ -396,6 +406,11 @@ class V8_TRIVIAL_ABI Local : public LocalBase, V8_INLINE explicit Local(const LocalBase& other) : LocalBase(other) {} + V8_INLINE static Local FromRepr( + internal::ValueHelper::InternalRepresentationType repr) { + return Local(LocalBase::FromRepr(repr)); + } + V8_INLINE static Local FromSlot(internal::Address* slot) { return Local(LocalBase::FromSlot(slot)); } @@ -434,8 +449,9 @@ class V8_TRIVIAL_ABI LocalUnchecked : public Local { #if defined(V8_ENABLE_LOCAL_OFF_STACK_CHECK) && V8_HAS_ATTRIBUTE_TRIVIAL_ABI // In this case, the check is also enforced in the copy constructor and we // need to suppress it. - LocalUnchecked(const LocalUnchecked& other) - : Local(other, Local::do_not_check) noexcept {} + LocalUnchecked( + const LocalUnchecked& other) noexcept // NOLINT(runtime/explicit) + : Local(other, Local::do_not_check) {} LocalUnchecked& operator=(const LocalUnchecked&) noexcept = default; #endif @@ -455,11 +471,9 @@ class StrongRootAllocator> : public StrongRootAllocatorBase { static_assert(std::is_standard_layout_v); static_assert(sizeof(value_type) == sizeof(Address)); - explicit StrongRootAllocator(Heap* heap) : StrongRootAllocatorBase(heap) {} - explicit StrongRootAllocator(Isolate* isolate) - : StrongRootAllocatorBase(isolate) {} - explicit StrongRootAllocator(v8::Isolate* isolate) - : StrongRootAllocatorBase(reinterpret_cast(isolate)) {} + template + explicit StrongRootAllocator(HeapOrIsolateT* heap_or_isolate) + : StrongRootAllocatorBase(heap_or_isolate) {} template StrongRootAllocator(const StrongRootAllocator& other) noexcept : StrongRootAllocatorBase(other) {} @@ -565,7 +579,11 @@ class LocalVector { void push_back(const Local& x) { backing_.push_back(x); } void pop_back() { backing_.pop_back(); } - void emplace_back(const Local& x) { backing_.emplace_back(x); } + + template + void emplace_back(Args&&... args) { + backing_.push_back(value_type{std::forward(args)...}); + } void clear() noexcept { backing_.clear(); } void resize(size_t n) { backing_.resize(n); } diff --git a/deps/v8/include/v8-metrics.h b/deps/v8/include/v8-metrics.h index 9e77744bb29d68..bf19dead0e6120 100644 --- a/deps/v8/include/v8-metrics.h +++ b/deps/v8/include/v8-metrics.h @@ -8,9 +8,11 @@ #include #include +#include #include #include "v8-internal.h" // NOLINT(build/include_directory) +#include "v8-isolate.h" // NOLINT(build/include_directory) #include "v8-local-handle.h" // NOLINT(build/include_directory) #include "v8config.h" // NOLINT(build/include_directory) @@ -37,6 +39,10 @@ struct GarbageCollectionSizes { struct GarbageCollectionFullCycle { int reason = -1; + // The priority of the isolate during the GC cycle. A nullopt value denotes a + // mixed priority cycle, meaning the Isolate's priority was changed while the + // cycle was in progress. + std::optional priority = std::nullopt; GarbageCollectionPhases total; GarbageCollectionPhases total_cpp; GarbageCollectionPhases main_thread; @@ -86,6 +92,10 @@ using GarbageCollectionFullMainThreadBatchedIncrementalSweep = struct GarbageCollectionYoungCycle { int reason = -1; + // The priority of the isolate during the GC cycle. A nullopt value denotes a + // mixed priority cycle, meaning the Isolate's priority was changed while the + // cycle was in progress. + std::optional priority = std::nullopt; int64_t total_wall_clock_duration_in_us = -1; int64_t main_thread_wall_clock_duration_in_us = -1; double collection_rate_in_percent = -1.0; diff --git a/deps/v8/include/v8-object.h b/deps/v8/include/v8-object.h index 71a6c2c9c14911..3e57ae8efe33f3 100644 --- a/deps/v8/include/v8-object.h +++ b/deps/v8/include/v8-object.h @@ -704,6 +704,7 @@ class V8_EXPORT Object : public Value { * Prefer using version with Isolate parameter. */ MaybeLocal GetCreationContext(v8::Isolate* isolate); + V8_DEPRECATE_SOON("Use the version with the isolate argument.") MaybeLocal GetCreationContext(); /** @@ -712,13 +713,17 @@ class V8_EXPORT Object : public Value { * Prefer using version with Isolate parameter. **/ Local GetCreationContextChecked(v8::Isolate* isolate); + V8_DEPRECATE_SOON("Use the version with the isolate argument.") Local GetCreationContextChecked(); /** Same as above, but works for Persistents */ V8_INLINE static MaybeLocal GetCreationContext( - const PersistentBase& object) { - return object.template value()->GetCreationContext(); + v8::Isolate* isolate, const PersistentBase& object) { + return object.template value()->GetCreationContext(isolate); } + V8_DEPRECATE_SOON("Use the version with the isolate argument.") + V8_INLINE static MaybeLocal GetCreationContext( + const PersistentBase& object); /** * Gets the context in which the object was created (see GetCreationContext()) diff --git a/deps/v8/include/v8-primitive.h b/deps/v8/include/v8-primitive.h index 426bb379099e26..d3222f6de88d57 100644 --- a/deps/v8/include/v8-primitive.h +++ b/deps/v8/include/v8-primitive.h @@ -240,6 +240,13 @@ class V8_EXPORT String : public Name { */ virtual bool IsCacheable() const { return true; } + /** + * Internally V8 will call this Unaccount method when the external string + * resource should be unaccounted for. This method can be overridden in + * subclasses to control how allocated external bytes are accounted. + */ + virtual void Unaccount(Isolate* isolate) {} + // Disallow copying and assigning. ExternalStringResourceBase(const ExternalStringResourceBase&) = delete; void operator=(const ExternalStringResourceBase&) = delete; @@ -474,8 +481,20 @@ class V8_EXPORT String : public Name { * The string is not modified if the operation fails. See NewExternal for * information on the lifetime of the resource. */ + V8_DEPRECATE_SOON("Use the version with the isolate argument instead.") bool MakeExternal(ExternalStringResource* resource); + /** + * Associate an external string resource with this string by transforming it + * in place so that existing references to this string in the JavaScript heap + * will use the external string resource. The external string resource's + * character contents need to be equivalent to this string. + * Returns true if the string has been changed to be an external string. + * The string is not modified if the operation fails. See NewExternal for + * information on the lifetime of the resource. + */ + bool MakeExternal(Isolate* isolate, ExternalStringResource* resource); + /** * Creates a new external string using the one-byte data defined in the given * resource. When the external string is no longer live on V8's heap the @@ -496,8 +515,20 @@ class V8_EXPORT String : public Name { * The string is not modified if the operation fails. See NewExternal for * information on the lifetime of the resource. */ + V8_DEPRECATE_SOON("Use the version with the isolate argument instead.") bool MakeExternal(ExternalOneByteStringResource* resource); + /** + * Associate an external string resource with this string by transforming it + * in place so that existing references to this string in the JavaScript heap + * will use the external string resource. The external string resource's + * character contents need to be equivalent to this string. + * Returns true if the string has been changed to be an external string. + * The string is not modified if the operation fails. See NewExternal for + * information on the lifetime of the resource. + */ + bool MakeExternal(Isolate* isolate, ExternalOneByteStringResource* resource); + /** * Returns true if this string can be made external, given the encoding for * the external string resource. diff --git a/deps/v8/include/v8-sandbox.h b/deps/v8/include/v8-sandbox.h index 6e93d4ae62167c..4c4602e2777a8b 100644 --- a/deps/v8/include/v8-sandbox.h +++ b/deps/v8/include/v8-sandbox.h @@ -23,15 +23,14 @@ namespace v8 { * type check for a supertype must succeed for any subtype. * * The tag is currently in practice limited to 15 bits since it needs to fit - * together with a marking bit into the unused parts of a pointer (the top 16 - * bits). + * together with a marking bit into the unused parts of a pointer. */ enum class CppHeapPointerTag : uint16_t { kFirstTag = 0, kNullTag = 0, /** - * The lower type ids are reserved for the embedder to assign. For that, the + * The lower type ids are reserved for the embedder to assign. For that, the * main requirement is that all (transitive) child classes of a given parent * class have type ids in the same range, and that there are no unrelated * types in that range. For example, given the following type hierarchy: diff --git a/deps/v8/include/v8-script.h b/deps/v8/include/v8-script.h index 9d3556e222253a..244a5a77815c0f 100644 --- a/deps/v8/include/v8-script.h +++ b/deps/v8/include/v8-script.h @@ -155,7 +155,7 @@ class V8_EXPORT ModuleRequest : public Data { */ Local GetImportAttributes() const; - V8_DEPRECATE_SOON("Use GetImportAttributes instead") + V8_DEPRECATED("Use GetImportAttributes instead") Local GetImportAssertions() const { return GetImportAttributes(); } @@ -273,6 +273,13 @@ class V8_EXPORT Module : public Data { */ bool IsGraphAsync() const; + /** + * Returns whether this module is individually asynchronous (for example, + * if it's a Source Text Module Record containing a top-level await). + * See [[HasTLA]] in https://tc39.es/ecma262/#sec-cyclic-module-records + */ + bool HasTopLevelAwait() const; + /** * Returns whether the module is a SourceTextModule. */ diff --git a/deps/v8/include/v8-source-location.h b/deps/v8/include/v8-source-location.h index 92216ef2fa6152..eb307099c5f922 100644 --- a/deps/v8/include/v8-source-location.h +++ b/deps/v8/include/v8-source-location.h @@ -76,7 +76,12 @@ class V8_EXPORT SourceLocation final { * * \returns a human-readable string representing source location information. */ - std::string ToString() const; + std::string ToString() const { + if (!file_) { + return {}; + } + return std::string(function_) + "@" + file_ + ":" + std::to_string(line_); + } private: constexpr SourceLocation(const char* function, const char* file, size_t line) diff --git a/deps/v8/include/v8-unwinder-state.h b/deps/v8/include/v8-unwinder-state.h index 235211e3abeb2b..084692f3a4d5f8 100644 --- a/deps/v8/include/v8-unwinder-state.h +++ b/deps/v8/include/v8-unwinder-state.h @@ -19,7 +19,7 @@ struct CalleeSavedRegisters { }; #elif V8_TARGET_ARCH_X64 || V8_TARGET_ARCH_IA32 || V8_TARGET_ARCH_ARM64 || \ V8_TARGET_ARCH_MIPS64 || V8_TARGET_ARCH_PPC64 || V8_TARGET_ARCH_RISCV64 || \ - V8_TARGET_ARCH_S390 || V8_TARGET_ARCH_LOONG64 || V8_TARGET_ARCH_RISCV32 + V8_TARGET_ARCH_S390X || V8_TARGET_ARCH_LOONG64 || V8_TARGET_ARCH_RISCV32 struct CalleeSavedRegisters {}; #else #error Target architecture was not detected as supported by v8 diff --git a/deps/v8/include/v8-version.h b/deps/v8/include/v8-version.h index 4750214ffe3f3d..063e959b8d71d1 100644 --- a/deps/v8/include/v8-version.h +++ b/deps/v8/include/v8-version.h @@ -9,9 +9,9 @@ // NOTE these macros are used by some of the tool scripts and the build // system so their names cannot be changed without changing the scripts. #define V8_MAJOR_VERSION 13 -#define V8_MINOR_VERSION 0 -#define V8_BUILD_NUMBER 245 -#define V8_PATCH_LEVEL 25 +#define V8_MINOR_VERSION 2 +#define V8_BUILD_NUMBER 152 +#define V8_PATCH_LEVEL 38 // Use 1 for candidates and 0 otherwise. // (Boolean macro values are not supported by all preprocessors.) diff --git a/deps/v8/include/v8config.h b/deps/v8/include/v8config.h index 008abc0beceb77..9d58e85db29a68 100644 --- a/deps/v8/include/v8config.h +++ b/deps/v8/include/v8config.h @@ -581,15 +581,11 @@ path. Add it with -I to the command line // functions. // Use like: // V8_NOINLINE V8_PRESERVE_MOST void UnlikelyMethod(); -#if V8_OS_WIN -# define V8_PRESERVE_MOST -#else #if V8_HAS_ATTRIBUTE_PRESERVE_MOST # define V8_PRESERVE_MOST __attribute__((preserve_most)) #else # define V8_PRESERVE_MOST /* NOT SUPPORTED */ #endif -#endif // A macro (V8_DEPRECATED) to mark classes or functions as deprecated. @@ -681,7 +677,7 @@ path. Add it with -I to the command line // V8_NODISCARD Foo() { ... }; // [[nodiscard]] comes in C++17 but supported in clang with -std >= c++11. #if V8_HAS_CPP_ATTRIBUTE_NODISCARD -#define V8_NODISCARD +#define V8_NODISCARD [[nodiscard]] #else #define V8_NODISCARD /* NOT SUPPORTED */ #endif @@ -833,13 +829,9 @@ V8 shared library set USING_V8_SHARED. #elif defined(__PPC64__) || defined(_ARCH_PPC64) #define V8_HOST_ARCH_PPC64 1 #define V8_HOST_ARCH_64_BIT 1 -#elif defined(__s390__) || defined(__s390x__) -#define V8_HOST_ARCH_S390 1 -#if defined(__s390x__) +#elif defined(__s390x__) +#define V8_HOST_ARCH_S390X 1 #define V8_HOST_ARCH_64_BIT 1 -#else -#define V8_HOST_ARCH_32_BIT 1 -#endif #elif defined(__riscv) || defined(__riscv__) #if __riscv_xlen == 64 #define V8_HOST_ARCH_RISCV64 1 @@ -861,7 +853,7 @@ V8 shared library set USING_V8_SHARED. // compiler. #if !V8_TARGET_ARCH_X64 && !V8_TARGET_ARCH_IA32 && !V8_TARGET_ARCH_ARM && \ !V8_TARGET_ARCH_ARM64 && !V8_TARGET_ARCH_MIPS64 && \ - !V8_TARGET_ARCH_PPC64 && !V8_TARGET_ARCH_S390 && \ + !V8_TARGET_ARCH_PPC64 && !V8_TARGET_ARCH_S390X && \ !V8_TARGET_ARCH_RISCV64 && !V8_TARGET_ARCH_LOONG64 && \ !V8_TARGET_ARCH_RISCV32 #if defined(_M_X64) || defined(__x86_64__) @@ -878,11 +870,8 @@ V8 shared library set USING_V8_SHARED. #define V8_TARGET_ARCH_LOONG64 1 #elif defined(_ARCH_PPC64) #define V8_TARGET_ARCH_PPC64 1 -#elif defined(__s390__) -#define V8_TARGET_ARCH_S390 1 -#if defined(__s390x__) +#elif defined(__s390x__) #define V8_TARGET_ARCH_S390X 1 -#endif #elif defined(__riscv) || defined(__riscv__) #if __riscv_xlen == 64 #define V8_TARGET_ARCH_RISCV64 1 @@ -917,12 +906,8 @@ V8 shared library set USING_V8_SHARED. #define V8_TARGET_ARCH_64_BIT 1 #elif V8_TARGET_ARCH_PPC64 #define V8_TARGET_ARCH_64_BIT 1 -#elif V8_TARGET_ARCH_S390 -#if V8_TARGET_ARCH_S390X +#elif V8_TARGET_ARCH_S390X #define V8_TARGET_ARCH_64_BIT 1 -#else -#define V8_TARGET_ARCH_32_BIT 1 -#endif #elif V8_TARGET_ARCH_RISCV64 #define V8_TARGET_ARCH_64_BIT 1 #elif V8_TARGET_ARCH_RISCV32 @@ -985,8 +970,8 @@ V8 shared library set USING_V8_SHARED. #else #define V8_TARGET_LITTLE_ENDIAN 1 #endif -#elif V8_TARGET_ARCH_S390 -#if V8_TARGET_ARCH_S390_LE_SIM +#elif V8_TARGET_ARCH_S390X +#if V8_TARGET_ARCH_S390X_LE_SIM #define V8_TARGET_LITTLE_ENDIAN 1 #else #define V8_TARGET_BIG_ENDIAN 1 diff --git a/deps/v8/infra/mb/mb_config.pyl b/deps/v8/infra/mb/mb_config.pyl index ce26b4df0a1c91..a863438af85ca0 100644 --- a/deps/v8/infra/mb/mb_config.pyl +++ b/deps/v8/infra/mb/mb_config.pyl @@ -250,8 +250,9 @@ 'v8_android_arm_compile_rel': 'release_android_arm', 'v8_android_arm_verify_deterministic_dbg': 'debug_android_arm_verify_deterministic', 'v8_android_arm64_compile_dbg': 'debug_android_arm64', - 'v8_android_arm64_n5x_compile_rel': 'release_android_arm64', 'v8_android_arm64_d8_compile_rel': 'release_android_arm64', + 'v8_android_arm64_n5x_compile_rel': 'release_android_arm64', + 'v8_android_arm64_p7_compile_rel': 'release_android_arm64', 'v8_fuchsia_compile_rel': 'release_x64_fuchsia_trybot', 'v8_ios_simulator': 'release_x64_ios_simulator', 'v8_linux_compile_rel': 'release_x86_gcmole_trybot', @@ -300,6 +301,7 @@ 'v8_linux64_no_sandbox_compile_rel': 'release_x64_no_sandbox', 'v8_linux64_official_compile_rel': 'official_x64_on_release_branch', 'v8_linux64_predictable_compile_rel': 'release_x64_predictable', + 'v8_linux64_pku_compile_dbg': 'debug_x64', 'v8_linux64_pku_compile_rel': 'release_x64', 'v8_linux64_shared_compile_rel': 'release_x64_shared_verify_heap', 'v8_linux64_single_generation_compile_dbg': 'debug_x64_single_generation', @@ -358,6 +360,7 @@ 'v8_linux_arm64_compile_dbg': 'debug_simulate_arm64', 'v8_linux_arm64_gc_stress_compile_dbg': 'debug_simulate_arm64', 'v8_linux_mips64el_compile_rel': 'release_simulate_mips64el', + 'v8_numfuzz_asan_compile_rel': 'release_x64_asan_symbolized_verify_heap_turboshaft_csa', 'v8_numfuzz_compile_rel': 'release_x64', 'v8_numfuzz_compile_dbg': 'debug_x64', 'v8_numfuzz_tsan_compile_rel': 'release_x64_tsan', diff --git a/deps/v8/infra/testing/builders.pyl b/deps/v8/infra/testing/builders.pyl index 1afe45582fefbb..8c59078cd7f46c 100644 --- a/deps/v8/infra/testing/builders.pyl +++ b/deps/v8/infra/testing/builders.pyl @@ -44,22 +44,16 @@ {'name': 'v8testing', 'variant': 'default', 'shards': 4}, ], }, - ############################################################################## - # Fuchsia - 'v8_fuchsia_rel': { + 'v8_android_arm64_p7_rel': { 'swarming_dimensions' : { - 'os': 'Ubuntu-22.04', - }, - 'tests': [ - {'name': 'fuchsia-unittests'}, - ], - }, - 'V8 Fuchsia': { - 'swarming_dimensions' : { - 'os': 'Ubuntu-22.04', + 'device_os': 'AP2A.240705.004', + 'device_type': 'panther', + 'os': 'Android', }, 'tests': [ - {'name': 'fuchsia-unittests'}, + {'name': 'mozilla', 'variant': 'default'}, + {'name': 'test262', 'variant': 'default', 'shards': 12}, + {'name': 'v8testing', 'variant': 'default', 'shards': 4}, ], }, ############################################################################## @@ -444,7 +438,7 @@ {'name': 'benchmarks', 'variant': 'code_serializer', 'shards': 1}, {'name': 'd8testing', 'variant': 'code_serializer', 'shards': 1}, {'name': 'mozilla', 'variant': 'code_serializer', 'shards': 1}, - {'name': 'test262', 'variant': 'code_serializer', 'shards': 3}, + {'name': 'test262', 'variant': 'code_serializer', 'shards': 5}, # GC stress { 'name': 'd8testing', @@ -515,7 +509,7 @@ { 'name': 'mjsunit', 'test_args': ['--gc-stress', '--no-harness'], - 'shards': 3, + 'shards': 5, }, ], }, @@ -626,7 +620,7 @@ 'os': 'Ubuntu-22.04', }, 'tests': [ - {'name': 'v8testing', 'shards': 3}, + {'name': 'v8testing', 'shards': 5}, ], }, 'v8_linux64_no_shared_cage_dbg': { @@ -663,6 +657,16 @@ {'name': 'v8testing', 'shards': 2}, ], }, + 'v8_linux64_pku_dbg': { + 'swarming_dimensions' : { + 'os': 'Ubuntu-22.04', + 'cpu': 'x86-64-avx2', + 'pool': 'v8.tests', + }, + 'tests': [ + {'name': 'v8testing', 'variant': 'default'}, + ], + }, 'v8_linux64_pku_rel': { 'swarming_dimensions' : { 'os': 'Ubuntu-22.04', @@ -708,8 +712,8 @@ {'name': 'benchmarks', 'shards': 1}, {'name': 'mozilla', 'shards': 1}, {'name': 'optimize_for_size'}, - {'name': 'test262', 'shards': 4}, - {'name': 'test262', 'variant': 'extra', 'shards': 4}, + {'name': 'test262', 'shards': 6}, + {'name': 'test262', 'variant': 'extra', 'shards': 6}, {'name': 'v8initializers'}, {'name': 'v8testing', 'shards': 2}, {'name': 'v8testing', 'variant': 'extra', 'shards': 2}, @@ -1530,7 +1534,7 @@ {'name': 'benchmarks', 'variant': 'code_serializer', 'shards': 1}, {'name': 'd8testing', 'variant': 'code_serializer', 'shards': 1}, {'name': 'mozilla', 'variant': 'code_serializer', 'shards': 1}, - {'name': 'test262', 'variant': 'code_serializer', 'shards': 2}, + {'name': 'test262', 'variant': 'code_serializer', 'shards': 3}, ], }, 'V8 Linux64 - minor mc - debug': { @@ -1647,6 +1651,16 @@ {'name': 'v8testing', 'variant': 'default'}, ], }, + 'V8 Linux64 - PKU - debug': { + 'swarming_dimensions' : { + 'os': 'Ubuntu-22.04', + 'cpu': 'x86-64-avx2', + 'pool': 'v8.tests', + }, + 'tests': [ + {'name': 'v8testing', 'variant': 'default'}, + ], + }, 'V8 Linux64 gcc': { 'swarming_dimensions' : { 'os': 'Ubuntu-20.04', @@ -1707,7 +1721,7 @@ 'os': 'Ubuntu-22.04', }, 'tests': [ - {'name': 'v8testing', 'shards': 2}, + {'name': 'v8testing', 'shards': 5}, ], }, 'V8 Linux64 - no shared cage - debug': { @@ -1815,7 +1829,7 @@ { 'name': 'mjsunit', 'test_args': ['--gc-stress', '--no-harness'], - 'shards': 3, + 'shards': 5, }, ], }, @@ -2130,6 +2144,18 @@ {'name': 'v8testing', 'variant': 'default', 'shards': 4}, ], }, + 'V8 Android Arm64 - P7': { + 'swarming_dimensions': { + 'device_os': 'AP2A.240705.004', + 'device_type': 'panther', + 'os': 'Android', + }, + 'tests': [ + {'name': 'mozilla', 'variant': 'default'}, + {'name': 'test262', 'variant': 'default', 'shards': 12}, + {'name': 'v8testing', 'variant': 'default', 'shards': 4}, + ], + }, 'V8 Linux - arm - sim': { 'swarming_dimensions': { 'os': 'Ubuntu-22.04', @@ -2442,6 +2468,66 @@ }, ], }, + 'V8 NumFuzz - ASAN': { + 'swarming_dimensions': { + 'os': 'Ubuntu-22.04', + }, + 'swarming_task_attrs': { + 'expiration': 13800, + 'hard_timeout': 4200, + 'priority': 35, + }, + 'tests': [ + {'name': 'd8testing_random_gc', 'shards': 2}, + { + 'name': 'numfuzz', + 'suffix': 'marking', + 'test_args': ['--total-timeout-sec=2100', '--stress-marking=1'] + }, + { + 'name': 'numfuzz', + 'suffix': 'delay', + 'test_args': ['--total-timeout-sec=2100', '--stress-delay-tasks=1'] + }, + { + 'name': 'numfuzz', + 'suffix': 'interrupt', + 'test_args': ['--total-timeout-sec=2100', '--stress-interrupt-budget=1'] + }, + { + 'name': 'numfuzz', + 'suffix': 'threads', + 'test_args': ['--total-timeout-sec=2100', '--stress-thread-pool-size=1'] + }, + { + 'name': 'numfuzz', + 'suffix': 'stack', + 'test_args': ['--total-timeout-sec=2100', '--stress-stack-size=1'] + }, + { + 'name': 'numfuzz', + 'suffix': 'combined', + 'test_args': [ + '--total-timeout-sec=2100', + '--stress-delay-tasks=4', + '--stress-deopt=2', + '--stress-compaction=2', + '--stress-gc=4', + '--stress-marking=4', + '--stress-scavenge=4', + '--stress-thread-pool-size=2', + '--stress-stack-size=1', + '--stress-interrupt-budget=1', + ], + 'shards': 4 + }, + { + 'name': 'numfuzz', + 'suffix': 'scavenge', + 'test_args': ['--total-timeout-sec=2100', '--stress-scavenge=1'] + }, + ], + }, 'V8 NumFuzz - TSAN': { 'swarming_dimensions': { 'os': 'Ubuntu-22.04', @@ -2586,6 +2672,59 @@ }, ], }, + 'v8_numfuzz_asan_rel': { + 'swarming_dimensions': { + 'os': 'Ubuntu-22.04', + }, + 'tests': [ + { + 'name': 'numfuzz', + 'suffix': 'marking', + 'test_args': ['--total-timeout-sec=900', '--stress-marking=1'] + }, + { + 'name': 'numfuzz', + 'suffix': 'delay', + 'test_args': ['--total-timeout-sec=900', '--stress-delay-tasks=1'] + }, + { + 'name': 'numfuzz', + 'suffix': 'interrupt', + 'test_args': ['--total-timeout-sec=900', '--stress-interrupt-budget=1'] + }, + { + 'name': 'numfuzz', + 'suffix': 'threads', + 'test_args': ['--total-timeout-sec=900', '--stress-thread-pool-size=1'] + }, + { + 'name': 'numfuzz', + 'suffix': 'stack', + 'test_args': ['--total-timeout-sec=900', '--stress-stack-size=1'] + }, + { + 'name': 'numfuzz', + 'suffix': 'combined', + 'test_args': [ + '--total-timeout-sec=900', + '--stress-delay-tasks=4', + '--stress-deopt=2', + '--stress-compaction=2', + '--stress-gc=4', + '--stress-marking=4', + '--stress-scavenge=4', + '--stress-thread-pool-size=2', + '--stress-stack-size=1', + '--stress-interrupt-budget=1', + ], + }, + { + 'name': 'numfuzz', + 'suffix': 'scavenge', + 'test_args': ['--total-timeout-sec=900', '--stress-scavenge=1'] + }, + ], + }, 'v8_numfuzz_tsan_rel': { 'swarming_dimensions': { 'os': 'Ubuntu-22.04', diff --git a/deps/v8/pyrightconfig.json b/deps/v8/pyrightconfig.json new file mode 100644 index 00000000000000..eac5d8f4376896 --- /dev/null +++ b/deps/v8/pyrightconfig.json @@ -0,0 +1,4 @@ +{ + "include": ["tools"], + "exclude": ["tools/gcmole/bootstrap"] +} diff --git a/deps/v8/src/DEPS b/deps/v8/src/DEPS index 8cd950b5d1f5ea..4ede49967c4f41 100644 --- a/deps/v8/src/DEPS +++ b/deps/v8/src/DEPS @@ -18,6 +18,7 @@ include_rules = [ "-src/heap", "+src/heap/memory-chunk-metadata.h", "+src/heap/code-range.h", + "+src/heap/read-only-spaces.h", "+src/heap/trusted-range.h", "+src/heap/combined-heap.h", "+src/heap/factory.h", @@ -29,6 +30,8 @@ include_rules = [ "+src/heap/heap.h", "+src/heap/heap-verifier.h", "+src/heap/heap-inl.h", + "+src/heap/heap-layout-inl.h", + "+src/heap/heap-layout.h", "+src/heap/heap-write-barrier-inl.h", "+src/heap/heap-write-barrier.h", "+src/heap/local-factory-inl.h", @@ -50,6 +53,7 @@ include_rules = [ "+src/heap/safepoint.h", "+src/heap/base/stack.h", "+src/heap/conservative-stack-visitor.h", + "+src/heap/visit-object.h", "-src/inspector", "-src/interpreter", "+src/interpreter/bytecode-array-iterator.h", diff --git a/deps/v8/src/api/api-arguments.h b/deps/v8/src/api/api-arguments.h index 22f583585edf6c..e7a76a9b3437fc 100644 --- a/deps/v8/src/api/api-arguments.h +++ b/deps/v8/src/api/api-arguments.h @@ -264,7 +264,7 @@ class FunctionCallbackArguments static constexpr int kTargetIndex = T::kTargetIndex; static constexpr int kNewTargetIndex = T::kNewTargetIndex; - static_assert(T::kThisValuesIndex == BuiltinArguments::kReceiverArgsOffset); + static_assert(T::kThisValuesIndex == BuiltinArguments::kReceiverArgsIndex); static constexpr int kSize = T::kSize; static constexpr int kImplicitArgsOffset = T::kImplicitArgsOffset; @@ -309,7 +309,7 @@ class FunctionCallbackArguments }; static_assert(BuiltinArguments::kNumExtraArgs == - BuiltinExitFrameConstants::kNumExtraArgsWithoutReceiver); + BuiltinExitFrameConstants::kNumExtraArgs); static_assert(BuiltinArguments::kNumExtraArgsWithReceiver == BuiltinExitFrameConstants::kNumExtraArgsWithReceiver); diff --git a/deps/v8/src/api/api-inl.h b/deps/v8/src/api/api-inl.h index 32e3e476826de3..9051ccffdb432c 100644 --- a/deps/v8/src/api/api-inl.h +++ b/deps/v8/src/api/api-inl.h @@ -66,10 +66,10 @@ inline Local Utils::Convert(v8::internal::DirectHandle obj) { // Implementations of ToLocal -#define MAKE_TO_LOCAL(Name) \ - template