Commit Graph

55954 Commits

Author SHA1 Message Date
Michael Achenbach
d8e79d16fd [test] Skip slow test in full debug mode
TBR=mslekova@chromium.org
NOTRY=true

Bug: v8:9145
Change-Id: I4672c61f6fc40878c2997826ac6492c37edbfc64
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599597
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61312}
2019-05-08 07:47:58 +00:00
Michael Starzinger
0b830b328a [gcmole] Fix BUILD.gn to include compiler directory.
R=clemensh@chromium.org

Change-Id: I8f51731a789b242cdd489f6321bc1ba909aa5d66
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599548
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61311}
2019-05-08 07:35:48 +00:00
v8-ci-autoroll-builder
e7c111a3a4 Update wasm-spec.
Rolling v8/test/wasm-js/data: 27799cd..ec592be

[spec] Constrain name section ordering (#1012) (Andreas Rossberg)
https://chromium.googlesource.com/external/github.com/WebAssembly/spec/+/ec592be

[spec] Typo in type table (#1013) (Galaxtone)
https://chromium.googlesource.com/external/github.com/WebAssembly/spec/+/08fe3e3

TBR=ahaas@chromium.org,clemensh@chromium.org

Change-Id: I2610be6a50dd18800dc5096dbd0f9188d2f9879e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1600972
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#61310}
2019-05-08 04:42:28 +00:00
Yu Yin
998e68faba [mips][liftoff] Optimise {i32,i64}_{and,or,xor} with immediates
port https://crrev.com/c/1588430 to mips.

Change-Id: Ic1474294a8be5191cc8d10ba65cdc5eb28ac1362
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1596045
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Yu Yin <xwafish@gmail.com>
Cr-Commit-Position: refs/heads/master@{#61309}
2019-05-08 01:05:45 +00:00
Alexei Filippov
3bfb0a235b Add myself to test/inspector/OWNERS
Change-Id: Iaf4ad9a097e7201d072341525e6364e1d4f689b5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599774
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61308}
2019-05-07 20:49:12 +00:00
Z Duong Nguyen-Huu
daa62d4f98 Add new frozen, sealed holey elements kind
This is the follow-up for frozen, sealed packed elements kind.
Design docs: bit.ly/fast-frozen-sealed-elements-in-v8
This change is only support the transition from holey elements to holey sealed elements (via object.seal) or to holey frozen elements (via object.freeze).
Added tests for non-extensible, sealed, frozen holey elements in https://chromium-review.googlesource.com/c/v8/v8/+/1574503 and https://chromium-review.googlesource.com/c/v8/v8/+/1582481

Bug: v8:6831
Change-Id: Ia4373648f79f2ebebb390982a503145844a0c123
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1574777
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61307}
2019-05-07 19:09:32 +00:00
Milad Farazmand
cbcb103059 PPC/s390: [builtins] Check for stack overflow in JSConstructStub
Port 0a0d70eb8c

R=sigurds@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: Id4a864b95368c392de8b363076114cd36c463397
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598549
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#61306}
2019-05-07 18:50:47 +00:00
Balaram Makam
8d18a19107 [intl] Early return for identical and empty strings.
When one of two compared strings is empty, or when both
are the same object, we can skip the calls to Flatten
and into ICU.

Performance results on hikey620(cortex-a53) device:
Speedometer2.0 - no impact.
Jetstream2.0 - only impacts CDJS subtest:

name  old score  new score  delta
CDJS  2.33 ± 3%  2.38 ± 1%  +2.35%  (p=0.009 n=6+5)

Change-Id: Ibe490f86188caab1d7712b52c610658e1e2b819c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584221
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61305}
2019-05-07 18:15:51 +00:00
Santiago Aboy Solanes
3c51043860 [ptr-compr][turbofan] Calling the non-compressed Tagged loads and stores
This CL changes the instruction selector so that we use the normal load
and store, instead of the one that (de)compresses.

Also removed "return;"s and "break;"s that were unnecessary.

Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Bug: v8:8977, v8:7703
Change-Id: I4f2a82bfc4d300dd56300f394f59c3f9da242ba8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593296
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61304}
2019-05-07 17:38:46 +00:00
Mythri A
b107699620 Also hold BytecodeArrays for optimized functions in PrepareFunctionForOptimization
In PrepareFunctionForOptimization, for functions that are already optimized
we didn't hold on to the bytecode array strongly. If these functions get
deoptimized before we call OptimizeFunctionOnNextCall, then they need to
be re-optimized again. So we should hold the bytecode arrays for optimized
functions as well. OptimizeFunctionOnNextCall removes it from the table if
the function is still optimized.


Bug: v8:8801
Change-Id: I7f3d94d9842223d85843c9ddb109c8bc9f414891
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599388
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61303}
2019-05-07 17:28:46 +00:00
Clemens Hammacher
b804bdd40b [wasm] Skip grow-shared-memory on gc_stress + slow_path
The test is timing out a lot recently, blocking the LKGR.
The underlying issue still needs to be found and fixed.
If the test passes, it is fast.

TBR=titzer@chromium.org

No-Try: true
Bug: v8:9221
Change-Id: Ie2cbfa310a5088ed736cfd930eefe993e68af9b3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599550
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61302}
2019-05-07 17:25:56 +00:00
Igor Sheludko
47a302f398 [cleanup] Move WriteBarrierKind to v8::internal::compiler namespace
... to minimize pollution of v8::internal namespace.
This CL also removes usages of WriteBarrierKind from CodeAssembler interface.

Bug: v8:9183
Change-Id: I7e87c0a98cfd08b3740a022cf12d3aab415da67a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599176
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61301}
2019-05-07 16:54:56 +00:00
Santiago Aboy Solanes
19dfa835a7 [ptr-compr][turbofan] Removing unaligned tagged loads and stores
This is the last string of CLs! We eliminated all Tagged loads and stores.

That's why I also cleaned up that TODO in machine-type.h

Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Bug: v8:8977, v8:7703
Change-Id: Icb23b396d0cbb6ee914637e34e26b52435f0000c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593085
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61300}
2019-05-07 16:49:22 +00:00
Toon Verwaest
1a04b5ee5a [runtime] Move ForwardStringIfExists to snapshot deserializer
That's the only place where it's used, with a known StringTableKey type.
This also makes MakeThin available on String.

Change-Id: If1aca892045dadae91c902e783822280ae01f485
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598764
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61299}
2019-05-07 16:48:15 +00:00
Clemens Hammacher
50030e69b5 [wasm][gc] Potentially finish GC when Isolate dies
In the {WasmEngine::RemoveIsolate} method, we might remove the last
outstanding isolate for the current GC. In that case, finish the GC at
that point.

R=mstarzinger@chromium.org

Bug: v8:8217
Change-Id: I7d710756d29265e0552fcc318435133f7db03dda
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598706
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61298}
2019-05-07 16:47:08 +00:00
Maggie Chen
b2f75b008d Finch:increase max_old_space_size to 4 GB based on availability of physical memory
This is for the finch experiment CL 1592792 V8HugeMaxOldGenerationSize
(--js-flags="huge_max_old_generation_size").
The purpose of this finch is to support web apps that require more heap
space for their data sets.

The current max_old_space_size is 2 GB. This CL increases the size to 4 GB for
64-bit systems with a physical memory size bigger than 16 GB. This CL does not
change MaxGrowingFactor. HeapController::kMaxSize is still set to 2GB so the
GC schedule remains the same.

All tests from "tools\dev\gm.py x64.release.check" passes in my local machine
with FLAG_increase_max_old_space_size forced to true.

Bug:958974

Change-Id: I9d916d75c0b16342040dd1336e28e423e5bcc474
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1592129
Commit-Queue: Maggie Chen <magchen@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61297}
2019-05-07 16:46:05 +00:00
Clemens Hammacher
4d4fe18d84 Revert "[torque] Introduce force_assert_statements compiler option"
This reverts commit 2d45ecf09f.

Reason for revert: Fails on arm64 msan: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/26567

Original change's description:
> [torque] Introduce force_assert_statements compiler option
> 
> "assert(...)" statements are usually only visited and generated in
> debug builds. To provide Language Server support for statements inside
> asserts, the force_assert_statements option allows to manually
> override this behavior and visit assert statements in release builds.
> 
> R=​sigurds@chromium.org
> 
> Bug: v8:7793
> Change-Id: I38f48e35f2b0a1a98abb74b7babb1edd2d7dba24
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599180
> Auto-Submit: Simon Zünd <szuend@chromium.org>
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61295}

TBR=sigurds@chromium.org,szuend@chromium.org

Change-Id: Ib0f72a756ff1f6c9838d3d7f837a326b1dab3278
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7793
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599549
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61296}
2019-05-07 16:08:27 +00:00
Simon Zünd
2d45ecf09f [torque] Introduce force_assert_statements compiler option
"assert(...)" statements are usually only visited and generated in
debug builds. To provide Language Server support for statements inside
asserts, the force_assert_statements option allows to manually
override this behavior and visit assert statements in release builds.

R=sigurds@chromium.org

Bug: v8:7793
Change-Id: I38f48e35f2b0a1a98abb74b7babb1edd2d7dba24
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599180
Auto-Submit: Simon Zünd <szuend@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61295}
2019-05-07 15:36:34 +00:00
Simon Zünd
034defadf3 [torque-ls] Add boilerplate for DocumentSymbol requests and responses
DocumentSymbol responses provide all symbols (macros, classes, etc.)
in a given document. The LSP standard evolved over time and supports
two different kind of responses here:
  - A simpler one, that is a plain list of all the symbols
  - A more detailed one, allowing a hierarchy of symbols. For example
    a class symbol has a list of field/method symbols attached. This
    is used by editors to build hierarchical outline views.

For now, the simpler response is chosen as its also used for
workspace wide symbol searches.

This CL adds the necessary boilerplate so the actual implementation CL
is easier to review.

R=tebbi@chromium.org

Bug: v8:8880
Change-Id: I6c86fc839b1f4e0309f6403a5f9afd5c162c0e89
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598757
Auto-Submit: Simon Zünd <szuend@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61294}
2019-05-07 15:30:19 +00:00
Santiago Aboy Solanes
0f70676107 [ptr-compr][turbofan] Removed Tagged loads/stores in effect control linearizer
The Change nodes have to be explicitly introduced in effect control linearizer
since it runs after the pass that adds the Change nodes automatically.

This is a CL in a string of CLs that aims to eliminate all Tagged loads and
stores. We are getting close to that goal.

Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Bug: v8:8977, v8:7703
Change-Id: I07521edad0d6d28a549572b56edd91aa5ddb7146
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591774
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61293}
2019-05-07 15:13:28 +00:00
Toon Verwaest
d9467de414 [runtime] Specialize LookupKey to StringTableKey
Change-Id: I079befeac55aae9ef9ff7743f69fdd3977adcb18
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598760
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61292}
2019-05-07 14:59:00 +00:00
Benedikt Meurer
ddc1184db5 [map] Turn on in-place field representation changes again.
This switches --modify-field-representation-inplace to true again, after
the issue with the elements kinds transitions is fixed.

Cq-Include-Trybots: luci.chromium.try:linux-rel,win7-rel
Doc: http://bit.ly/v8-in-place-field-representation-changes
Bug: v8:8749, v8:8865, v8:9114, chromium:959645, chromium:952682
Change-Id: Ieb9a40d6ff44dd5f327e18ed7e7a169951c58416
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598705
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61291}
2019-05-07 14:45:25 +00:00
Sigurd Schneider
45addf1fd5 [torque] Also predeclare generics
This allows generic specializations to appear
before the generic itself.

Bug: v8:7793
Change-Id: I127fb49380a14cdf2a63854117d25fc865a95352
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599178
Reviewed-by: Simon Zünd <szuend@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61290}
2019-05-07 14:28:41 +00:00
Toon Verwaest
0dfe759fad [runtime] Use SequentialStringKey to implement LookupStringIfExists_NoAllocate
This is a step towards reducing the number of StringTableKeys to the absolute
minimum so we can better optimize how they work. This always flattens
ConsStrings into a buffer to avoid expensive comparison with cons string (as
well as hash computation).

Change-Id: I6dcf0bdd2a722f490dad02b7f887083e1ac46000
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598707
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61289}
2019-05-07 14:19:03 +00:00
Santiago Aboy Solanes
1a0ea54d70 [ptr-compr][wasm] Replacing Tagged loads and stores with Compressed ones
This is a CL in a string that aims to replace the Tagged loads and stores
nodes that are still being created.

Also took the liberty of cleaning up part of wasm-compiler. There were some
cases where we could have been using the existing macros, but weren't.

Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Bug: v8:8977, v8:7703
Change-Id: Ic6ce2f9dc9f2ad440c91c98b1f449d3c76f42fd2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591773
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61288}
2019-05-07 14:13:53 +00:00
Santiago Aboy Solanes
f08d526e7b Reland "[ptr-compr][turbofan] Adding the final compressed access builders"
This is a reland of cb3caa1ea3

Original change's description:
> [ptr-compr][turbofan] Adding the final compressed access builders
>
> This CL is the final one for the access-builder.cc's changes. There are
> still Tagged loads and stores (e.g in wasm) which will be tackled on
> following CLs.
>
> Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
> Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
> Bug: v8:8977, v8:7703
> Change-Id: I2667eaacbada0846fe5f128bb17a1a305862c64d
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590077
> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61272}

Bug: v8:8977, v8:7703
Change-Id: I6bdaad7e6c628dfa6d5a41581fd0ee4ef9d36260
Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599168
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61287}
2019-05-07 14:08:43 +00:00
Milad Farazmand
50cda32248 PPC/S390 : [test] Marking regress-779407 test as slow on PPC and S390 simulator
Change-Id: Id27308356d1e2fb46e20225e4cab9ccc006abda7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1599248
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#61286}
2019-05-07 14:05:13 +00:00
Michael Achenbach
27a7929e34 [test] Skip flaky test on predictable mode
TBR=mslekova@chromium.org
NOTRY=true

Bug: v8:8537
Change-Id: I0230916b533ddd7fa8d40ef531a475f1245366f8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598762
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61285}
2019-05-07 13:57:18 +00:00
Benedikt Meurer
6564c6dfc4 [map] Make field representation updates work with elements kind transitions.
Generalize the existing work-around in the method
`Map::GeneralizeIfCanHaveTransitionableFastElementsKind()` to also go to
the most general field representation (in addition to going to the most
field type) for objects with transitionable fast elements kinds. That
means that we essentially disable field representation tracking for
arrays, arguments objects and value wrappers (for which the field type
tracking is already disabled).

Drive-by-fix: Remove the `constness` parameter to the above mentioned
helper method. And fix the printing of the descriptor expectations to
properly print the field type.

Change-Id: I1bba9415f4bdd2c916f9d105d9120c7071d2c498
Cq-Include-Trybots: luci.chromium.try:linux-rel,win7-rel
Doc: http://bit.ly/v8-in-place-field-representation-changes
Bug: v8:8749, v8:8865, v8:9114, chromium:959645, chromium:952682
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598756
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61284}
2019-05-07 13:13:51 +00:00
Michael Achenbach
25af5db375 [test] Mark slow test
TBR=mslekova@chromium.org
NOTRY=true

Change-Id: I22af7e52ac457279b057e3e8c0b346e73e37ff86
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598761
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61283}
2019-05-07 13:05:27 +00:00
Nico Hartmann
20795b18f0 [js-perf-test] Add perf test for BigInt's ToBoolean
This cl also adds a separate test suite for BigInts

Bug: v8:9213
Change-Id: I57271eed0f9c33a543fe15550964d55e3df3e963
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1596728
Commit-Queue: Nico Hartmann <nicohartmann@google.com>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61282}
2019-05-07 12:59:47 +00:00
Michael Achenbach
a7826ddf8f [test] Add more capacity and timeouts for slow builders
TBR=tmrts@chromium.org

Also skip some tests too slow in full debug mode.

Bug: v8:9145
Change-Id: Ied8781be26d2c1efd7720e333775da9f6d632236
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598759
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61281}
2019-05-07 12:45:27 +00:00
Toon Verwaest
9ce8ed7584 [runtime] Cleanup StringTableKey
- Performs hash / length check before calling IsMatch
- Casts to string before calling IsMatch
- Removes special two-char internalization key
  (will look into removing StringTableNoAllocateKey next, and possible fold
  StringTableInsertionKey into InternalizedStringKey).

Change-Id: Ida76761eb2c3dc350c829ac2bfe12d52aef5f96d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598753
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61280}
2019-05-07 12:28:52 +00:00
Sigurd Schneider
48fa759e2c [torque] Add missing header for std::strlen
Bug: v8:7793
Change-Id: I0349b4fe3b69e5403a111a5fd43ff11021b7cf0b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598701
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Auto-Submit: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61279}
2019-05-07 12:27:47 +00:00
Clemens Hammacher
eae5c62d28 [wasm][gc] Start next gc after current one
We only run one GC at a time. If another one should be triggered before
the previous one finished, that second one is just ignored.
This CL changes that to set a bit on the current GC to trigger another
one once it finished. This fixes situations where
a) a lot of code becomes dead after a GC is triggered but before it
   finished, but
b) no more code becomes dead after the GC.

R=mstarzinger@chromium.org

Bug: v8:8217
Change-Id: I5b5ca055124f467e1b0d67b8eb818069affc4a1d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598696
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61278}
2019-05-07 12:13:16 +00:00
Clemens Hammacher
d1eb6c5fa1 [wasm][gc] Add stack guard for code gc
Beside scheduling a foreground task per isolate, do also request a
stack guard interrupt to report live code objects. This ensures that
also workers which never return from wasm code will report their live
wasm code objects.

R=mstarzinger@chromium.org

Bug: v8:8217
Change-Id: I07ba9e5125263365596331197813494d8ad5ee89
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1596739
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61277}
2019-05-07 12:10:16 +00:00
Maya Lekova
c958a1c6ca Revert "[ptr-compr][turbofan] Adding the final compressed access builders"
This reverts commit cb3caa1ea3.

Reason for revert: Speculative revert, timeouts on Windows https://ci.chromium.org/p/v8/builders/ci/V8%20Win32%20-%20nosnap%20-%20shared/33313

Original change's description:
> [ptr-compr][turbofan] Adding the final compressed access builders
>
> This CL is the final one for the access-builder.cc's changes. There are
> still Tagged loads and stores (e.g in wasm) which will be tackled on
> following CLs.
>
> Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
> Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
> Bug: v8:8977, v8:7703
> Change-Id: I2667eaacbada0846fe5f128bb17a1a305862c64d
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590077
> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61272}

TBR=mvstanton@chromium.org,jarin@chromium.org,solanes@chromium.org

Change-Id: I7c1ba713dc808359b97e6fa8f7afaa87c9daad68
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8977, v8:7703
Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598703
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61276}
2019-05-07 12:08:29 +00:00
Peter Marshall
330e5ba26f Reland "[typedarray] Make JSTypedArray::length authoritative."
This is a reland of ad44c258d7

Patchset 2 is the original CL
Patchset 3 fixes some misuses of FixedArrayBase::length() and adds some
DCHECKS to flush out any more misuses.
Patchset 4 adds the PPC/S390 port by miladfar@ca.ibm.com.

Original change's description:
> [typedarray] Make JSTypedArray::length authoritative.
>
> This is the first step towards full huge typed array support in V8.
> Before this change, the JSTypedArray::length and the elements backing
> store length (FixedTypedArrayBase::length) were used more or less
> interchangeably to determine the number of elements in a JSTypedArray.
>
> With this change we disentangle these two lengths, and instead make
> JSTypedArray::length authoritative. For on-heap typed arrays, the
> FixedTypedArrayBase::length will remain the number of elements in the
> backing store, but for the off-heap typed arrays, this length will be
> set to 0 (matching the fact that the FixedTypedArrayBase instance does
> not contain any elements itself).
>
> This also unifies the JSTypedArray::set_/length() and length_value()
> methods to only have JSTypedArray::set_/length() which returns/takes
> size_t values. Currently this still requires the values to be in Smi
> range, but later we will extend this to allow arbitrary size_t values
> (in the safe integer range).
>
> Bug: v8:4153, v8:7881
> Change-Id: Iff9089130bb31fa9e08e0cf913e7ab52c3dbf107
> Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
> Doc: http://doc/1Z-wM2qwvAuxH46e9ivtkYvKzzwYZg8ymm0x0wJaomow
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1543729
> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Reviewed-by: Hannes Payer <hpayer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60648}

Bug: v8:4153, v8:7881, v8:9105
Change-Id: Ic38f833071a723642ebc6f82a4012dbc0878ef98
Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594435
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61275}
2019-05-07 11:46:06 +00:00
Andreas Haas
8168c76976 [wasm] Implement the table.fill instruction
The implementation is done with a runtime function.

R=mstarzinger@chromium.org

Bug: v8:7581
Change-Id: I5f27b1fdc7cc2baf6919b4db3bf053a350b91a74
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1596738
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61274}
2019-05-07 11:36:44 +00:00
Dan Elphick
4bb788182b Revert "[compiler] Don't collect source positions for the top frame"
This reverts commit 758700a708.

Reason for revert: Broken

Original change's description:
> [compiler] Don't collect source positions for the top frame
> 
> While most source positions were not collected even throwing exceptions,
> the top frame still was always collected as it was used to initialize
> the JSMessageObject. This skips even that frame, by storing the
> SharedFunctionInfo and bytecode offset in the JSMessageObject allowing
> it to lazily evaluate the actual source position.
> 
> Also adds tests to test-api.cc that test each of the source position
> functions in isolation to ensure that they don't rely on previous
> invocations to call the source collection function.
> 
> Since no source positions are now collected at the point when an
> exception is thrown, the mjsunit/stack-traces-overflow now passes again
> with the flag enabled. (cctest/test-cpu-profiler/Inlining2 is now the
> only failure).
> 
> Bug: v8:8510
> Change-Id: Ic5382bdbab65cd8838f0c84b544fabb1a9109d13
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1587385
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61271}

TBR=ulan@chromium.org,rmcilroy@chromium.org,delphick@chromium.org

Change-Id: I3ee0b5db5f8a1b3255f68070dc10d27d0e013048
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8510
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598758
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61273}
2019-05-07 11:34:52 +00:00
Santiago Aboy Solanes
cb3caa1ea3 [ptr-compr][turbofan] Adding the final compressed access builders
This CL is the final one for the access-builder.cc's changes. There are
still Tagged loads and stores (e.g in wasm) which will be tackled on
following CLs.

Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Bug: v8:8977, v8:7703
Change-Id: I2667eaacbada0846fe5f128bb17a1a305862c64d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590077
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61272}
2019-05-07 11:19:33 +00:00
Dan Elphick
758700a708 [compiler] Don't collect source positions for the top frame
While most source positions were not collected even throwing exceptions,
the top frame still was always collected as it was used to initialize
the JSMessageObject. This skips even that frame, by storing the
SharedFunctionInfo and bytecode offset in the JSMessageObject allowing
it to lazily evaluate the actual source position.

Also adds tests to test-api.cc that test each of the source position
functions in isolation to ensure that they don't rely on previous
invocations to call the source collection function.

Since no source positions are now collected at the point when an
exception is thrown, the mjsunit/stack-traces-overflow now passes again
with the flag enabled. (cctest/test-cpu-profiler/Inlining2 is now the
only failure).

Bug: v8:8510
Change-Id: Ic5382bdbab65cd8838f0c84b544fabb1a9109d13
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1587385
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61271}
2019-05-07 11:04:43 +00:00
Santiago Aboy Solanes
eef7b8d675 [ptr-compr][turbofan] Now using Compressed representation, type and access
Follow -up CL that aims to eliminate the straggler tagged loads and stores.

It includes a lot of access builder changes. There are 8 access
(2 Any and 6 Pointer) that are still remaining as tagged since changing
those to compressed make some tests fail.

Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Bug: v8:8977, v8:7703
Change-Id: Iad305fd3a2da257764d22bad30b25489f727e676
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588431
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61270}
2019-05-07 10:37:48 +00:00
Santiago Aboy Solanes
df6029f5a9 [cleanup] Removing GraphBuilderTester class
GraphBuilderTester was introduced at a time where RawMachineAssembler
was going to be deprecated (https://codereview.chromium.org/1423923003/).
Now we know that it's not going to happen any time soon.

Since GraphBuilderTester it's only used in one test which can use
RawMachineAssembler, I updated it and removed the class.

Now the .h file had another class, which is now the only class in the file.
Therefore, I renamed it and updated the include calls to it.

Also updated the include commands: some were not necessary, and some others
could be moved to more aptly places.

Bug: v8:9183
Change-Id: I44bf16090c0515b1b9ff6cbded1bdb0adb4e44e2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594563
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61269}
2019-05-07 09:54:51 +00:00
Simon Zünd
9f73c480ef [torque-ls] Add "goto definition" support for method calls
R=sigurds@chromium.org

Bug: v8:8880
Change-Id: Ib862842f3624689d004b1b7750f260be79fc9c36
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598693
Commit-Queue: Simon Zünd <szuend@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Auto-Submit: Simon Zünd <szuend@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61268}
2019-05-07 09:48:21 +00:00
Mythri A
9fe37d238e Reland [ic] Remove the check for fast prototypes in LoadIC_Uninitialized
This is a reland of d14ed12e56
with fix for test failures in lite mode.

When handling load named properties (without feedback vectors) we used
to miss to runtimes if the prototypes aren't set. This was because we
wanted to give the prototype a chance to become fast, since most prototypes
start in slow mode but move to fast after the initial setup. Though this
check is not really useful when we don't have feedback vectors, and once
feedback vectors are allocated we will turn the prototypes fast anyway.

Bug: v8:8394, v8:8860
Change-Id: I5c7b5061e1d9068c72d6f0eea47517880940a054
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591772
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61267}
2019-05-07 09:46:51 +00:00
Michael Achenbach
c0bc087b26 [tools] Port: Add recursive and quiet flags to mb lookup.
This ports: https://crrev.com/c/1576022

Bug: chromium:958870
Change-Id: Id187f5af80823fe58e38f1365baebabfc6587316
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594556
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61266}
2019-05-07 09:26:34 +00:00
Peter Marshall
077a16582e [tracing] Fix test TraceWriter to expect uninitialized TraceObjects
The TraceObject passed to AppendTraceEvent can be completely
uninitialized (set to all 0s) in some situations where a flush happens
between creation and initialization of the TraceObject.

Fix the MockTraceWriter in test-tracing to expect nullptr strings for
the name of the object so that it does not try to construct an
std::string from a null char*.

Bug: v8:9214
Change-Id: Ib4f3b039ab98d5d786991134cb71ecc62f127179
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598751
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Auto-Submit: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61265}
2019-05-07 09:25:29 +00:00
Sigurd Schneider
70678d53a1 [torque] Make torque declarations order independent
Torque semantic analysis is now a four-stage process:

 1. The TypeDeclarationVisitor introduces a TypeAlias for every
    TypeDeclaration* (or derived) in the Torque source, but does
    not process the TypeDeclaration* itself.
 2. All aliases are resolved in a dependency respecting manner.
    This CL also changes struct member resolution to happen at
    this point already. Types for classes are created, but their
    members are not resolved to allow classes to mutually reference
    each other in their field types.
 3. 'value' declarations (macros, etc.) are processed.
 4. Members of classes are processed.

Bug: v8:7793
Change-Id: I46108555a5cdf30df03c5d4399ec786ee6cc6df4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584319
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61264}
2019-05-07 09:19:16 +00:00
Simon Zünd
7626fe352c [torque] "OneOf" parser rule returns Identifier* instead of std::string
To obtain SourcePositions for unary and binary operators, this CL
changes the "OneOf" parser rule to produce an Identifier*. Forwarding
this new identifier as callee for a CallExpression enables
"goto Definition" support for operators in the Language Server.

Side note: VSCode won't highlight operators with an underlined font
when hovering with Ctrl pressed. "goto Definition" will work
nonetheless using default F12 or Ctrl-Click.

R=tebbi@chromium.org

Bug: v8:7793
Change-Id: Iada06009e324a3de8c453ec058427049e921a70d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598690
Auto-Submit: Simon Zünd <szuend@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61263}
2019-05-07 08:38:02 +00:00