Commit Graph

23851 Commits

Author SHA1 Message Date
Sigurd Schneider
0dfd9ea512 [coverage] Fix coverage with default arguments
In the presence of default arguments, the body of the function gets
wrapped into another block. This caused our trailing-range-after-return
optimization to not apply, because the wrapper block had no source
range assigned. This CL correctly assignes a source range to that block,
which allows already present code to handle it correctly.

Note that this is not a real coverage bug; we've just been reporting
whitespace as uncovered. We're fixing it for consistency.

Originally reported on github.com/bcoe/c8/issues/66

Bug: v8:9952
Change-Id: Iab3905f558eb99126e0dad8072d03d0a312fdcd3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1903430
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64836}
2019-11-07 12:34:35 +00:00
Santiago Aboy Solanes
07f26fc606 [ptr-compr] Remove the DecompressionElimination Reducer
Since the turbo_decompression_elimination flag is removed, there
are several methods in machine-type.h that get simplified, e.g
TypeCompressedTaggedPointer() can be replaced by just
"TaggedPointer()".

Also Removing the creation of Change to/from Compressed nodes.
Removing these Change nodes' logic is left to a follow-up CL.

Bug: v8:7703
Change-Id: Iff1f9aa8361189cf781a26317fd342b942fd5aa4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1897537
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64834}
2019-11-07 11:42:45 +00:00
Dominik Inführ
51dbe16ce0 Increase old space size for regress-678917.js
When --always-promote-young-mc is enabled, this test becomes more
flaky. Increase old space size, such that objects fit into the
old generation during mark-compact.

Bug: v8:9192
Change-Id: Iad3b914c7d5b7bafa752f3b6178684a137bd8dad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1890101
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64830}
2019-11-07 10:19:45 +00:00
Jakob Gruber
98b76b4607 Re-enable mjsunit/big-object-literal in non-debug builds
Runtime of this test has improved since we initially skipped it. Let's
attempt unskipping on all non-debug builds.

Bug: v8:8411
Change-Id: I5d409f7359532e3d7d18f5b0a77765165478d44a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1903426
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64825}
2019-11-07 07:35:55 +00:00
Francis McCabe
7361981276 Mark try.js as a slow test in arm64 simulator
Bug:
Change-Id: I19a549f773d5a6ce9ffc5b869215e3bad9aebac6

Failing test: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20-%20arm64%20-%20sim%20-%20pointer%20compression/3128

Change-Id: I19a549f773d5a6ce9ffc5b869215e3bad9aebac6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1897248
Commit-Queue: Francis McCabe <fgm@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64822}
2019-11-06 21:59:13 +00:00
Ulan Degenbaev
b33a8508cc [heap]: Make addition of detached contexts robust for GC
The (age, context) pair has to be added atomically in to the weak
array of detached contexts. Otherwise, GC may happen after insertion
of age and observe inconsistent state.

Bug: chromium:1016703
Change-Id: Icb20bed4359904b2d976986a236558542e314bbf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1895573
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64820}
2019-11-06 17:59:21 +00:00
Ng Zhi An
465c97fe22 [wasm-simd] Implement load_splat and load_extend
Introduce new operator LoadTransform that holds a LoadTransformInfo param,
which describes the kind of load (normal, unaligned, protected), and a
transformation (splat or extend, signed or unsigned).

We have a new method that a full decoder needs to implement, LoadTransform,
which resuses the existing LoadType we have, but also takes a LoadTransform,
to distinguish between splats and extends at the decoder level.

This implements 4 out of the 10 suggested load splat/extend operations
(to keep the cl smaller), and is also missing interpreter support (will
be added in the future).



Change-Id: I1e65c693bfbe30e2a511c81b5a32e06aacbddc19
Bug: v8:9886
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1863863
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64819}
2019-11-06 17:42:22 +00:00
Sathya Gunasekaran
bebe6314b8 [test] Skip slow MultipleIsolates test on arm64
Change-Id: Idc0cd3a96ba329cf8175f22eea60b7614d73d929
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1901272
Commit-Queue: Sathya Gunasekaran  <gsathya@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64818}
2019-11-06 17:08:18 +00:00
Michael Starzinger
125f727c72 [wasm][test] Remove obsolete TODO from interpreter cctest.
The test coverage in question is by now provided by a different set of
mjsunit tests, namely the "mjsunit/wasm/anyref-globals-interpreter"
suite which run all globals tests in --wasm-interpret-all mode.

R=ahaas@chromium.org
TEST=cctest/test-run-wasm-interpreter/ReferenceTypeLocals

Change-Id: I439b1ee74da3c36995bb3d5819e35d4074400868
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1901266
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64812}
2019-11-06 14:53:14 +00:00
Santiago Aboy Solanes
5f84573003 [ptr-compr] Add int comparison cases in DecompressionOptimizer
There is at least one case where a Load output flows into an
In32LessThanOrEqual node without any bitcasts or truncations in the
middle. We have to consider these cases in the reducer.

Bug: v8:7703
Change-Id: I1ed9c41e80c0603fd287d096c3050c5ae27c2b3e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1879945
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64811}
2019-11-06 14:52:09 +00:00
Michael Starzinger
330445cee4 [test][x64] Test disassembly of indirect call again.
R=clemensb@chromium.org
TEST=cctest/test-disasm-x64/DisasmX64

Change-Id: I011d0d5e25c472c5a62ad73edd42165e55b34e2b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1900460
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64809}
2019-11-06 14:38:41 +00:00
Igor Sheludko
94a8519a9a [tests] Skip tests that timeouts with --force-slow-path pt.2
No-Tree-Checks: true
No-Try: true
Change-Id: Ic756f1716a9667f10970e35992db5399ed54cacc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1901267
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64808}
2019-11-06 14:28:58 +00:00
Michael Starzinger
2679ebdc5f [wasm][test] Introduce separate test-api-wasm.cc file.
R=clemensb@chromium.org
TEST=cctest/test-api-wasm

Change-Id: I4f3c7e215304bd9b89bb7fd21cda06fa3a18abac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1900458
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64805}
2019-11-06 14:11:43 +00:00
Igor Sheludko
56dd1fec8b [tests] Skip tests that timeouts with --force-slow-path
No-Tree-Checks: true
No-Try: true
Change-Id: Ibf9af30908eac161827b77052582c5c8a86ce401
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1900463
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64803}
2019-11-06 14:02:33 +00:00
Santiago Aboy Solanes
c7a7ed22b3 [ptr-compr] Add Phi case in DecompressionOptimizer
Phis act as proxys: a phi's input has only 32 bits observed iff
the phi's output has only 32 bits observed. When the Tagged Phi
has only 32 bits observed, the Phi's MachineRepresentation
changes to the Compressed counterpart.

Also, update machine graph verifier so that Phis of Compressed
accept Tagged inputs as well.

Bug: v8:7703
Change-Id: I365d0b38f76edbaecbfea29f603abd2ce2224878
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1879943
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64802}
2019-11-06 13:19:41 +00:00
Simon Zünd
702f2bad8b Connect REPL mode to the V8 inspector
There already exists a optional boolean flag 'replMode' for the
'Runtime.evaluate' command. This CL ferries the flag from the inspector
to DebugEvaluate::Global.

The existing DebugEvaluate::GlobalREPL is removed in favor of a
the REPLMOde enum to reduce code duplication.

Bug: chromium:1018158
Change-Id: Iafb43a3015b6876a02ac0db6cdfcac2cfa388862
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1881149
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64801}
2019-11-06 13:12:11 +00:00
Igor Sheludko
e309b2d995 [builtins] Port %TypedArray%.prototype.set to Torque
... in an uintptr friendly way.

Drive-by-fix:
1) IsForceSlowPath() check is integrated into Cast<FastJSArray>
2) disable tests incompatible with --force-slow-path in "slow_path" variant

Bug: v8:8906, v8:4153
Change-Id: I427f117073bc295120aa52fb3fe023ee04d58302
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1899988
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64799}
2019-11-06 12:51:21 +00:00
Victor Gomes
8534e52d41 [compiler] Fallback to slow path for any unexpected opcode in TryGetScopeInfo
The bug is due to an unexpected opcode. To avoid similar issues in the future, we fallback to CheckContextExtensionSlowPath. This was the default behaviour before the CL (https://chromium-review.googlesource.com/c/v8/v8/+/1876051).

Bug: chromium:1020983
Change-Id: Ia7f0f2986ec0008d1128ad3856efbb5d9e52dfc6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1899989
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64794}
2019-11-06 09:31:24 +00:00
Simon Zünd
fbcc2e874d Introduce REPL mode
Design doc: bit.ly/v8-repl-mode

This CL adds a new REPL mode that can be used via
DebugEvaluate::GlobalREPL. REPL mode only implements re-declaration
of 'let' bindings at the moment. Example:

REPL Input 1: let x = 21;
REPL Input 2: let x = 42;

This would normally throw a SyntaxError, but works in REPL mode.

The implementation is done by:
  - Setting a 'repl mode' bit on {Script}, {ScopeInfo}, {ParseInfo}
    and script {Scope}.
  - Each global let declaration still gets a slot reserved in the
    respective {ScriptContext}.
  - When a new REPL mode {ScriptContext} is created, name clashes
    for let bindings are not reported as errors.
  - Declarations, loads and stores for global let in REPL mode are
    now "load/store global" instead of accessing their respective
    context slot directly. This causes a lookup in the ScriptContextTable
    where the found slot for each name is guaranteed to be the same
    (the first one).

Bug: chromium:1004193, chromium:1018158
Change-Id: Ia6ab526b9f696400dbb8bfb611a4d43606119a47
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1876061
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64793}
2019-11-06 09:17:04 +00:00
Joshua Litt
31813fbf61 Revert "[hole-check-elimination] Simplest possible hole check elimination"
This reverts commit 10883f561a.

Reason for revert: Causes bytecode mismatch

Bug:chromium:1020538, chromium:1021457

Original change's description:
> [hole-check-elimination] Simplest possible hole check elimination
>
> doc: https://docs.google.com/document/d/1Y9uF3hS2aUrwKU56vGxlvEs_IiGgmWSzau8097Y-XBM/edit
>
> Bug: v8:7427
> Change-Id: Iedd36c146cefff7e6687fdad48d263889c5c8347
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1778902
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63913}

TBR=rmcilroy@chromium.org,leszeks@chromium.org,verwaest@chromium.org,joshualitt@chromium.org

Bug: v8:7427
Change-Id: Ib4369a3560e929692585c4546435684deae5ee9b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1899163
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Reviewed-by: Joshua Litt <joshualitt@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64789}
2019-11-05 22:22:54 +00:00
Ng Zhi An
b6edadc09b [wasm-simd] Implement f64x2 comparisons for arm
Bug: v8:9813
Change-Id: I716ed7c2802c38a4b4c8973db4e3bc50e16cec39
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1872930
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64788}
2019-11-05 22:05:54 +00:00
Ng Zhi An
92a5b3998d [wasm-simd] Implement i64x2 add sub mul for ia32
Bug: v8:9728
Change-Id: I6d8f096adc42a6d417f876d5805302b3bea3308b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1867381
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64787}
2019-11-05 22:01:54 +00:00
Joshua Litt
94890a0d46 [replaceAll] Implement String.prototype.replaceAll.
Implements TC39 String.prototype.replaceAll as a torque
builtin per the https://github.com/tc39/proposal-string-replaceall
proposal.

Note: matchAll changes were already added to V8 in https://chromium-review.googlesource.com/c/v8/v8/+/1846067

Bug: v8:9801
Change-Id: Ib8158eb39c854202d04710d6f9c33dcdd93fad93
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1877054
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64785}
2019-11-05 19:00:29 +00:00
Peter Kvitek
91c8be9599 [DevTools] Implemented DevTools protocol API to retrieve V8 RunTime Call Stats.
The new APIs are:
enableRuntimeCallStats
disableRuntimeCallStats
getRuntimeCallStats

The RunTime Call Stats are collected per isolate.

Change-Id: I7e520e2c866288aa9f9dc74f12572abedf0d3ac8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1881601
Commit-Queue: Peter Kvitek <kvitekp@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64784}
2019-11-05 18:59:24 +00:00
Eric Leese
5c23e6b5f2 V8 Wasm locations should always be based on byte offsets
Currently there are two ways wasm locations are represented in the
inspector. This remains unchanged for now. Also, currently there are
multiple ways location is represented within V8, with the line number
sometimes being a function index and sometimes being 0, and the column
number being a byte offset which is sometimes function relative and
sometimes module relative. With this change, the line number is never
used within V8 (it is always 0), and the column number is always a
byte offset from the beginning of the module. This simplifies
translation logic and keeps it in one place, and will simplify future
changes to wasm location representation in the inspector API.

Bug: chromium:1013527
Change-Id: I8813d47c881988f9ab49d7529fb81fe10dbbccff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1886915
Commit-Queue: Eric Leese <leese@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64774}
2019-11-05 14:53:45 +00:00
Santiago Aboy Solanes
9716206049 [cleanup] Re-mark compiler/osr-big as SLOW for arm64 sim builds
Bug: v8:9937
Change-Id: Ia0ad5def3cf8e5b9209b546e1d3fb9213bbfa810
Fixed: v8:9937
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1899622
Auto-Submit: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64771}
2019-11-05 14:03:50 +00:00
Pierre Langlois
d8dd3d65bc [cctest] Use 'strtoull' when decoding an address from the log.
We were using 'strtoll' which returns a signed integer, we should have used
'strtoull' instead.

Change-Id: Ie2e48ecc1fa58cff4b61fcea30087608769a80bb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1893333
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Pierre Langlois <pierre.langlois@arm.com>
Cr-Commit-Position: refs/heads/master@{#64765}
2019-11-05 12:46:39 +00:00
Stefano Sanfilippo
6c0825aaa7 [compiler, api] Allow modifying codegen hook to block non-strings.
Instead of inferring allow_codegen from the state of MaybeLocal<String>, return it separately. This allows to distinguish "could not stringify this object" from "block execution of this object", regardless of whether the object is a string or not. Currently, the hook can trigger an EvalError only if the original source was a string.

Modify the logic so that one of the three mechanisms (unconditional, non-modifying, modifying) decides alone. Before, if the non-modifying callback rejected a value, the value would be forwarded to the modifying callback, but the unconditional would not forward to the non-modifying callback. This introduces a more uniform behaviour where the three mechanisms act in decreasing priority.

Change-Id: Iaaa9873227052653d714df65f31c4de914f48b7d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1776082
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Stefano Sanfilippo <ssanfilippo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64763}
2019-11-05 11:49:19 +00:00
Joshua Litt
1a6ffffb30 Revert "Reland "[regexp] Clone match info for match indices.""
This reverts commit d4574d186f.

Reason for revert: In addition to the earlier octane regression, this cl also created a regression in desktop browsing

Bug: chromium:1019601

Original change's description:
> Reland "[regexp] Clone match info for match indices."
> 
> This reverts commit d7793c0684.
> 
> Reason for revert: This cl *will* cause regexp regressions. We are trying to gauge the real world impact.
> 
> Original change's description:
> > Revert "[regexp] Clone match info for match indices."
> >
> > This reverts commit dfd9ceb984.
> >
> > Reason for revert: Regressions https://chromeperf.appspot.com/group_report?rev=64356 https://crbug.com/1015749
> >
> > Original change's description:
> > > [regexp] Clone match info for match indices.
> > >
> > > The current behavior for generating match indices simply stashes a
> > > pointer to the match info and then constructs the indices lazily.
> > > However, it turns out the match info object used to create the result
> > > object is the regexp_last_match_info living on native context, and thus
> > > it can change between the creation of the result object and the generation
> > > of indices. This cl clones the match info which will be safer.
> > >
> > > Bug: v8:9548
> > > Change-Id: Ia6f26f88fbc22fd09671bf4c579d39a1510b552d
> > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864585
> > > Commit-Queue: Joshua Litt <joshualitt@chromium.org>
> > > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> > > Cr-Commit-Position: refs/heads/master@{#64356}
> >
> > TBR=jgruber@chromium.org,joshualitt@chromium.org
> >
> > # Not skipping CQ checks because original CL landed > 1 day ago.
> >
> > Bug: v8:9548, chromium:1015749
> > Change-Id: I9c30b8fb459cf2aa89d920bf061614441250844d
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1870236
> > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#64407}
> 
> TBR=jgruber@chromium.org,joshualitt@chromium.org
> 
> 
> Bug: v8:9548, chromium:1015749
> Change-Id: I151511307e3d8752fdbde4b8247514031b141b08
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1879587
> Reviewed-by: Joshua Litt <joshualitt@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Commit-Queue: Joshua Litt <joshualitt@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64587}

TBR=jgruber@chromium.org,joshualitt@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: v8:9548, chromium:1015749
Change-Id: Ie5a8e55338728aae33102d82e60a188f6440e8f5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1898030
Reviewed-by: Joshua Litt <joshualitt@chromium.org>
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64749}
2019-11-04 18:32:16 +00:00
Santiago Aboy Solanes
b01d5be96f Re-marking two tests as SLOW
Bug: v8:6949
Change-Id: If147de926cdc0b03f1bba17974edfce21d7fb256
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1897887
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64747}
2019-11-04 17:22:17 +00:00
Nico Hartmann
ab9cd1ab6f Regression test for word64-lowered BigInt accumulator
This issue was fixed in https://chromium-review.googlesource.com/c/v8/v8/+/1873692

Bug: chromium:1016450
Change-Id: I56e1c504ae6876283568a88a9aa7d24af3ba6474
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1876057
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64738}
2019-11-04 14:04:22 +00:00
Milad Farazmand
0c3906f4dc Fix an error caused by a bug in Python < 2.7.9
There seems to be a bug in Python versions prior
to 2.7.9 where running exec could produce the following error:

SyntaxError: unqualified exec is not allowed in function
'_ParsePythonTestTemplates' it contains a nested function
with free variables (testcfg.py, line 71)

https://bugs.python.org/issue21591

It's causing an issue on all Ubuntu 14 and RHEL 7 machines.

The proposed change is an equivalent syntax which doesn't
produce an error:
https://docs.python.org/2/reference/simple_stmts.html#the-exec-statement


Change-Id: I159cc1be58ff375f313ae5c4fb814763704b880e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1893647
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#64736}
2019-11-04 13:42:10 +00:00
Santiago Aboy Solanes
8e07c79de7 Un-marking tests that were marked SLOW due to TNodification
Bug: v8:6949
Change-Id: Ie26d89e3219a8ac54b643cc8817a85797000d1e4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1895557
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64734}
2019-11-04 13:30:30 +00:00
Nico Hartmann
149e4935ba Preserve feedback and speculation mode for JSCall
Changing the target of JSCall nodes (e.g. while lowering higher order calls)
now preserves feedback and speculation mode to allow further (speculative)
optimizations. A flag is introduced to mark feedback unrelated to the call
target after such a transformation. This flag is used to prevent access to
the feedback without the need to invalidate it.

Bug: v8:9702
Change-Id: I311d3a4b1b22d6f65e5837a23b0b7585c8d75eed
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1844788
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64733}
2019-11-04 13:22:50 +00:00
Santiago Aboy Solanes
0ec75c9173 [ptr-compr] Add State related cases in DecompressionOptimizer
Relevant opcodes:
 * kFrameState
 * kStateValues
 * kTypedStateValues

The code to decompress CompressedHeapConstants is not there for the
opcodes stated above. We can only do this optimization for Loads
for the moment.

Bug: v8:7703
Change-Id: I226089f1b2b78d0bd742785c7c9924284a97c72d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1879942
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64732}
2019-11-04 12:28:04 +00:00
Dan Elphick
352bbb1279 Reland "Reland: [builtins] Move non-JS linkage builtins code objects into RO_SPACE"
This is a reland of 855591a54d

Fixes break in builds that verify ReadOnlyHeap by relaxing the requirement for
Code objects to be in CODE_SPACE in PagedSpaceObjectIterator::FromCurrentPage.

Original change's description:
> Reland: [builtins] Move non-JS linkage builtins code objects into RO_SPACE
>
> Reland of https://chromium-review.googlesource.com/c/v8/v8/+/1795358.
>
> [builtins] Move non-JS linkage builtins code objects into RO_SPACE
>
> Creates an allow-list of builtins that can still go in code_space
> including all TFJ builtins and a small manual list that should be pared
> down in the future.
>
> For builtins that go in RO_SPACE a Code object is created that contains an
> immediate trap instruction. Generally these Code objects are still no
> smaller than CODE_SPACE Code objects because of the Code object alignment
> requirements. This will hopefully be addressed in a follow-up CL either by
> relaxing them or removing the instruction stream completely.
>
> In the snapshot, this reduces code_space from ~152k to ~40k (-112k) and
> increases by the same amount.
>
> Change-Id: I76661c35c7ea5866c1fb16e87e87122b3e3ca0ce
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1893336
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64700}

Change-Id: I4eeb7dab3027b42fa58c5dfb2bad9873e9fff250
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1893192
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64728}
2019-11-04 10:45:10 +00:00
Leszek Swirski
2535d0faf4 [heap] Introduce OffThreadLargeObjectSpace
Add a new LargeObjectSpace for off-thread allocation. Similar to the
paged OffThreadSpace, it always allocates pages, doesn't participate
in mark or sweep, and can be merged into the OldLargeObjectSpace once
its objects are ready.

Bug: chromium:1011762
Change-Id: I95e2d38b10a9cc5eae4ffd35afef95272e13c731
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1881153
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64727}
2019-11-04 10:34:30 +00:00
Frank Tang
7d417c32ed Fix variant sorting in locale by rolling ICU
chromium rolling in https://chromium-review.googlesource.com/c/chromium/src/+/1896236

Bug: v8:9741
Change-Id: I64e5cfc9200b59e8c7a908ddd8c46a525d2581c8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1896280
Auto-Submit: Frank Tang <ftang@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64725}
2019-11-04 10:25:30 +00:00
Dan Elphick
fea98b6fad [heap] Enable Verify for RO_SPACE when it is shared
This re-enables verification for RO_SPACE when V8_SHARED_RO_HEAP is
defined. This required refactoring PagedSpaceObjectIterator and methods
in its calling chain to explicitly pass the PagedSpace and Heap pointers
through as they cannot be obtained from the Page in this mode.

Also removes unused Page::Print() method.

Bug: v8:7464
Change-Id: Ibc2c147a7bde6723f43bbaf93cf1db93e76c611e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1893350
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64722}
2019-11-04 09:55:45 +00:00
Sigurd Schneider
05eb0e41aa [heap-profiler] Improve reporting for WeakMap entries
This CL improves reporting for WeakMap entries: If a retaining chain
goes through a WeakMap entry (i.e. key and weak map are alive, and keep
value alive) then both the key and the value are reported. Additionally
the phrasing is clarified, such that entries in retaining paths are
easier to understand.

Bug: chromium:1020096
Change-Id: Ib05cd6f7939c6de41b554c682ad1fbf685b87608
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1893335
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64721}
2019-11-04 09:46:15 +00:00
Deepti Gandluri
17e01bc7f9 [wasm] Allow atomic operations on non-shared WebAssembly.memory
Currently atomic operations are only allowed on shared WebAssembly.memory.
An attempt to use atomic operations otherwise is a validation failure, there
is an ongoing attempt to allow Wasm atomic operations on any memory object.

https://github.com/WebAssembly/threads/issues/144

This CL adds experimental support for allowing atomic operations on all
memory objects behind the --wasm-atomics-on-non-shared-memory flag. Note
that Wait/Notify may not work as expected as they have additional checks
to ensure that the memory is a SAB.

Bug: v8:9921
Change-Id: Ia65b1a4a96ec026430fcce028465423f600adacd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1895703
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64716}
2019-11-01 23:34:15 +00:00
Mythri Alle
a28c760ef0 Revert "[runtime] Correctly handle global stores when global object has proxies"
This reverts commit b8ac4eb4dc.

Reason for revert: https://bugs.chromium.org/p/chromium/issues/detail?id=1020533

Original change's description:
> [runtime] Correctly handle global stores when global object has proxies
> 
> When global object has proxies we should first call hasProperty and
> then call SetProperty if has property returns true. This cl fixes both
> StoreGlobal and StoreLookupGlobal to correctly handle these cases.
> 
> Bug: chromium:1018871
> Change-Id: I140514e2119c6bab2125abcdc1b19d46526be5ff
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1889885
> Commit-Queue: Mythri Alle <mythria@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64687}

TBR=mythria@chromium.org,verwaest@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: chromium:1018871
Change-Id: I5abbf9275cba17576e1b1e492abd36d6bc1ca1bf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1893194
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64714}
2019-11-01 19:10:56 +00:00
Bartek Nowierski
63dc55568b Add a debug v8 API SetDetachedWindowReason
A window is a Blink concept. This API marks the context as backing
a detached window. This doesn't necessarily mean that the context is
detached.

Every time a JS function is called within a context that has a non-zero
DetachedWindowReason, Runtime::kReportDetachedWindowAccess is invoked,
which will report this call to Blink via a callback, which in turn can
report number of such calls via UKM metrics.

Bug: chromium:1018156
Change-Id: I67c89fef459f4efcb912229eed8a4f3ea3b60f54
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1862829
Auto-Submit: Bartek Nowierski <bartekn@chromium.org>
Commit-Queue: Bartek Nowierski <bartekn@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64707}
2019-11-01 00:57:40 +00:00
Z Nguyen-Huu
b50dea24b1 [wasm] Report module name if available
Currently, when debugging wasm, the internal script URL is shown, which
has the form wasm://wasm/wasm-<hex-script-id>. With this change, if the
module specifies a module name, it would report the URL as
wasm://wasm/<module-name>-<hex-script-id>, as this will help the user
identify what they are debugging.

Bug: chromium:1017678
Change-Id: I26ff6249bd1e832d62402619a68b61c115c24640
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1888810
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64703}
2019-10-31 20:32:31 +00:00
Bill Budge
8b104dee9c Revert "Reland: [builtins] Move non-JS linkage builtins code objects into RO_SPACE"
This reverts commit 855591a54d.

Reason for revert: Breaks arm64 sim tests
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20debug/17957
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20gc%20stress/16585

Original change's description:
> Reland: [builtins] Move non-JS linkage builtins code objects into RO_SPACE
> 
> Reland of https://chromium-review.googlesource.com/c/v8/v8/+/1795358.
> 
> [builtins] Move non-JS linkage builtins code objects into RO_SPACE
> 
> Creates an allow-list of builtins that can still go in code_space
> including all TFJ builtins and a small manual list that should be pared
> down in the future.
> 
> For builtins that go in RO_SPACE a Code object is created that contains an
> immediate trap instruction. Generally these Code objects are still no
> smaller than CODE_SPACE Code objects because of the Code object alignment
> requirements. This will hopefully be addressed in a follow-up CL either by
> relaxing them or removing the instruction stream completely.
> 
> In the snapshot, this reduces code_space from ~152k to ~40k (-112k) and
> increases by the same amount.
> 
> Change-Id: I76661c35c7ea5866c1fb16e87e87122b3e3ca0ce
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1893336
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64700}

TBR=ulan@chromium.org,jgruber@chromium.org,delphick@chromium.org

Change-Id: I4211c3bb7fe4741e0ba3898f92ce382dfc93c4f3
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1893636
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64701}
2019-10-31 20:30:07 +00:00
Dan Elphick
855591a54d Reland: [builtins] Move non-JS linkage builtins code objects into RO_SPACE
Reland of https://chromium-review.googlesource.com/c/v8/v8/+/1795358.

[builtins] Move non-JS linkage builtins code objects into RO_SPACE

Creates an allow-list of builtins that can still go in code_space
including all TFJ builtins and a small manual list that should be pared
down in the future.

For builtins that go in RO_SPACE a Code object is created that contains an
immediate trap instruction. Generally these Code objects are still no
smaller than CODE_SPACE Code objects because of the Code object alignment
requirements. This will hopefully be addressed in a follow-up CL either by
relaxing them or removing the instruction stream completely.

In the snapshot, this reduces code_space from ~152k to ~40k (-112k) and
increases by the same amount.

Change-Id: I76661c35c7ea5866c1fb16e87e87122b3e3ca0ce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1893336
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64700}
2019-10-31 18:18:56 +00:00
Frank Tang
fc5b196fa6 Roll to ICU 65.1
Remove fixed tests

Bug: v8:9876, chromium:1014272
Change-Id: Idde035073f630f29ad00d1c764bdef0a8528d2dc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1891511
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64699}
2019-10-31 17:13:46 +00:00
Dan Elphick
1db94eddb8 [compiler] Force all calls to JS builtins to be lowered
Previously only Builtins declared TFJ or CPP in builtins-definitions.h
were converted to direct calls in ReduceJSCall. This allows all
builtins with JS linkage to be converted. To facilitate this, it adds
Builtins::HasJSLinkage(id) that returns true for any builtins with
JSTrampolineDescriptor as their call descriptor.

It also ensures that any JS functions installed by the bootstrapper are
also required to have JS linkage to catch early errors.

Change-Id: I2fddca41f9ab1c7c9633aa0ab4847a5c108e2bb2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1883549
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64698}
2019-10-31 17:05:40 +00:00
Ng Zhi An
ceb0aef09e Move some instructions into to sse macro list
Move rcpps, rsqrtps, sqrtps to SSE_INSTRUCTION_LIST.

Bug: v8:9810
Change-Id: Ib95a789dbeb4fc4472da11359cafe76db2027934
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1874513
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64697}
2019-10-31 17:04:35 +00:00
Ng Zhi An
82144cf3bc [wasm-simd] Implement i64x2 shifts for ia32
Bug: v8:9728
Change-Id: If45c7f9fcadef1c18d4889e407920861892cff1e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1866684
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64695}
2019-10-31 16:58:45 +00:00