Commit Graph

47952 Commits

Author SHA1 Message Date
Bill Budge
1ae84e18d7 [wasm] Handle special case 32x4 and 16x8 shuffles on ia32
- Adds v/pshufhw, v/palignr instructions to assembler and
  macro-assembler.
- Uses better instruction sequences for 32x4 shuffles using half-
  shuffles and blends.
- Uses better instruction sequences for 16x8 shuffles.
- Uses better instruction sequences for concatenating 8x16 shuffles.

Change-Id: I3e6dca2937a2b167c754c47331c3a2f8ab9786db
Reviewed-on: https://chromium-review.googlesource.com/1066986
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53460}
2018-05-31 17:29:27 +00:00
Alexey Kozyatinskiy
d920bf37d6 [inspector] removed last usage of debugger context on inspector side
This is another step to remove a huge amount of legacy code from v8.

R=dgozman@chromium.org

Bug: v8:5530
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I634bda41c53a49dc4912291eb52f02847f56f4f3
Reviewed-on: https://chromium-review.googlesource.com/1080398
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53459}
2018-05-31 16:50:07 +00:00
Dan Elphick
6636f7ccd4 [bootstrapper] Eliminate all GetIsolates
Removes all explicit calls to GetIsolate() in runtime/ by passing it
through calling functions.

Bug: v8:7786
Change-Id: I6485827ea3ef9b215ca487b1f823c9f585f31f98
Reviewed-on: https://chromium-review.googlesource.com/1080747
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53458}
2018-05-31 14:59:36 +00:00
Dan Elphick
0a028aa30f [runtime] Eliminate all GetIsolates
Removes all explicit calls to GetIsolate() in runtime/ by passing it
through calling function functions and implicit calls via the single
argument Handle constructor and handle function.

Bug: v8:7786
Change-Id: I96ac2289a72a42c7abb6754418fecb8e03f2bb29
Reviewed-on: https://chromium-review.googlesource.com/1080528
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53457}
2018-05-31 11:08:56 +00:00
Dan Elphick
0f1204f2b5 [builtins] Eliminate all GetIsolates
Removes all explicit calls to GetIsolate() in builtins/ by passing it
through from calling functions and implicit calls via the Handle
constructor.

Bug: v8:7786
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I32e1cdee47075742e677a5f738a33ad30be515c6
Reviewed-on: https://chromium-review.googlesource.com/1079548
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53456}
2018-05-31 09:28:45 +00:00
Predrag Rudic
f86b153278 MIPS64 Fix load and store of float32 constant from/to stack
Tests that pointed out error are
cctest/test-code-generator/FuzzAssembleMove and
cctest/test-multiple-return/ReturnLastValueFloat32
on big endian architecture.

Change-Id: I47eb5d3b3aeffef4531f7961e94c0ccd7dece191
Reviewed-on: https://chromium-review.googlesource.com/1078755
Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com>
Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com>
Cr-Commit-Position: refs/heads/master@{#53455}
2018-05-31 09:24:56 +00:00
Dan Elphick
1a95fbcda3 [bootstrapper] Always pass isolate when making handles
Explicitly use the isolate form of the Handle constructor and handle function
in bootstrapper.cc

Bug: v8:7786
Change-Id: I0c29d5951ca61b70f4a820f102d3da55944fbe3d
Reviewed-on: https://chromium-review.googlesource.com/1080508
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53454}
2018-05-31 09:08:05 +00:00
Alexey Kozyatinskiy
003159e777 [inspector] RemoteObject.description should be empty for primitive type
We currently report description field for numbers. On client side user
can calculate description as remoteObject.unserializableValue ||
(remoteObject.value + ''). Let's report description only for objects to
simplify value -> remoteObject logic a bit.

R=dgozman@chromium.org
TBR=jgruber@chromium.org

Bug: chromium:595206
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I91356a44aa3024e20c8f966869abf4a41b88e4bc
Reviewed-on: https://chromium-review.googlesource.com/737485
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Pavel Feldman <pfeldman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53453}
2018-05-31 06:43:15 +00:00
v8-autoroll
9eb56e825b Update V8 DEPS.
Rolling v8/build: 10a93c2..a429f60

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/8fbdf9f..517100c

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I3da4d9e5880c5b82c0a6fe27acb6339b811e1626
Reviewed-on: https://chromium-review.googlesource.com/1080250
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53452}
2018-05-31 03:31:25 +00:00
Alexey Kozyatinskiy
47b650e22f [inspector] nice stepOut from async function
If async function A awaited async function B, stepOut from function B
should go to function A.

Bug: v8:7753
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Iedc1d8b85a52aa60519e56b319325436fc2168c9
Reviewed-on: https://chromium-review.googlesource.com/1054618
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53451}
2018-05-31 00:34:25 +00:00
Alexey Kozyatinskiy
85bb3ed275 [inspector] reenable some inspector tests
TBR=dgozman@chromium.org

Bug: v8:6170,v8:6171
Change-Id: I1f3eb7fbe1c2a9347428ce9742f22826035be52d
Reviewed-on: https://chromium-review.googlesource.com/1080046
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53450}
2018-05-30 22:51:43 +00:00
Alexei Filippov
90569cb053 [cpu-profiler] Remove deprecated Isolate::GetCpuProfiler method.
Do not create a CPU profiler for each isolate implicitly.

BUG=v8:7070

Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I6ddd93c58f56591477d8fe4249103a74b7698904
Reviewed-on: https://chromium-review.googlesource.com/1043449
Commit-Queue: Alexei Filippov <alph@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53449}
2018-05-30 22:16:28 +00:00
Ben Smith
b466a99f91 [wasm] Rename type to value in Global constructor
This was renamed recently in the spec.

Change-Id: I825e47e8b4113ddb2c3356ee8e7663705ba65e1c
Reviewed-on: https://chromium-review.googlesource.com/1079851
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53448}
2018-05-30 21:08:03 +00:00
Leszek Swirski
53d4dfc377 [sfi] Compress function arg counts to 16 bit
Compress the parameter count (and function length) stored in
SharedFunctionInfo to a uint16_t. This limits us to 2^16 - 1 parameters
per function, minus one for the "don't adapt arguments" sentinel value,
which is one fewer than Code::kMaxArguments was already. Anyway, 65534
arguments should be enough for anyone!

This drops SFI size by 4 bytes.

Bug: chromium:818642
Change-Id: I126bfb24453dcdc5087a104d3a12cf195a56fa9f
Reviewed-on: https://chromium-review.googlesource.com/1076627
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53447}
2018-05-30 16:35:50 +00:00
Alexey Kozyatinskiy
c002394687 [inspector] speedup async instrumentation
We use name of the function at the moment of first appearance of given
function in stack trace. Any further name changes would be ignored.
It gives us around 20% speedup.

Perf analysis: https://bit.ly/2wp99vt

R=yangguo@chromium.org,jgruber@chromium.org

Bug: v8:7078
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I9f21f0bd9cd923e5abaeffb9209df0be2f49afff
Reviewed-on: https://chromium-review.googlesource.com/1050984
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53446}
2018-05-30 16:17:51 +00:00
Alexey Kozyatinskiy
b6c9086ca1 [inspector] reworked async stack instrumentation for async functions
New intstrumentation consists of:
- kAsyncFunctionSuspended when async function is suspended on await
  (called on each await),
- kAsyncFunctionFinished when async function is finished.

Old instrumentation was based on reusing async function promise.
Using this promise produces couple side effects:
- for any promise instrumentation we first need to check if it is
  special case for async function promise or not - it requires
  expensive reading from promise object.
- we capture stack for async functions even if it does not contain
  awaits.
- we do not properly cancel async task created for async function.

New intsrumntation resolved all these problems as well as provide
clear mapping between async task and generator which we can use later
to fetch scope information for async functions on pause.

R=dgozman@chromium.org,yangguo@chromium.org

Bug: v8:7078
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ifdcec947d91e6e3d4d5f9029bc080a19b8e23d41
Reviewed-on: https://chromium-review.googlesource.com/1043096
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53445}
2018-05-30 16:01:59 +00:00
Tobias Tebbi
9f4e74848b [torque] cleanup: make TypeOracle contextual
In Torque, we have several global singleton classes. Using the contextual
variable pattern instead of passing around pointers in random places
makes the code more readable.
This CL does this for TypeOracle, we plan to do it for more classes in
the future.

Bug: v8:7754
Change-Id: Ib744b476ce51a4932c52274b2210149515f1663d
Reviewed-on: https://chromium-review.googlesource.com/1078729
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53444}
2018-05-30 15:36:29 +00:00
Junliang Yan
38ae84f430 Fix GCC 5.4 compilation error
GCC 5.4 complains type mismatch as follows:

../../v8/src/contexts.cc:302:34: error: format '%hhu' expects
argument of type 'int', but argument 3 has type
'v8::internal::VariableMode' [-Werror=format=]

Bug: chromium:841460
Change-Id: Id90c1211f459309e477a8ad5658cecdf9cc10938
Reviewed-on: https://chromium-review.googlesource.com/1077051
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#53443}
2018-05-30 14:42:28 +00:00
Pierre Langlois
c645e18bbc [builtins] Remove unused MathPowTagged and MathPowInteger descriptors.
The MathPowInternal builtin is now only called directly from the
code-generator. Also, this patch takes the opportunity to cleanup the builtin
for arm and arm64 a little.

Change-Id: If53edcecd42b227ef74ee817bc5d7fbbcea8b0e2
Reviewed-on: https://chromium-review.googlesource.com/1076127
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Pierre Langlois <pierre.langlois@arm.com>
Cr-Commit-Position: refs/heads/master@{#53442}
2018-05-30 14:41:10 +00:00
jgruber
b9e8a2b4ea Remove unused interface descriptors
Bug: v8:7754
Change-Id: I89d655129a860cd5f5d1d62600ab2df43d406974
Reviewed-on: https://chromium-review.googlesource.com/1078735
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53441}
2018-05-30 14:34:27 +00:00
Jaroslav Sevcik
febb376cc0 [turbofan] Shortcut TFJ builtin calls.
Lowers JS calls to direct code object calls for known TFJ builtins.

Bug: v8:7794
Change-Id: I68984eeeff799cae4b87e6ae6720228e90340200
Reviewed-on: https://chromium-review.googlesource.com/1078287
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53440}
2018-05-30 14:01:57 +00:00
Alexey Kozyatinskiy
6d87d95785 [inspector] use interrupt for pause only as last resort
With this CL we use interrupt for pause in two cases:
- when we process Debugger.pause on interruption,
- when we would like to break as soon as possible after OOM.
In all other cases, e.g. for async step into we use break
on function call by calling StepIn debugger action.

In mentioned cases we should not actually use interrupt as well:
- Debugger.pause in this case scheduled using interrupt and we
  may just break right now without requesting another interrupt,
  unfortunately blink side is not ready,
- we should use more reliable way to break right after near OOM
  callback, otherwise we can get this callback, increase limit,
  request break on next interrupt, before interrupt get another
  huge memory allocation and crash.

There are couple advantages:
- we get much better break locations for async stepping
  (see inspector tests expectations),
- we can remove DEBUG_BREAK interruption
  (it should speedup blackboxing with async tasks, see
  removed todo in debug.cc for details)
- it is required preparation step for async step out,
  (see https://chromium-review.googlesource.com/c/v8/v8/+/1054618)

Bug: v8:7753
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Iabd7627dbffa9a0eab1736064caf589d02591926
Reviewed-on: https://chromium-review.googlesource.com/1054155
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53439}
2018-05-30 13:54:37 +00:00
Camillo Bruni
f3131cef16 [js-perf-test] Fix benchmark suite
Add missing parameters to createSuiteWithWarmup

Change-Id: I8865f162443b43b8b7bee4680e17c34d397f8d53
Reviewed-on: https://chromium-review.googlesource.com/1078747
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53438}
2018-05-30 11:47:25 +00:00
Marja Hölttä
63c4c76c6f [in-place weak refs] Replace WeakCell (object_create_map) in PrototypeInfo.
BUG=v8:7308

Change-Id: Ide6440933d81fa82dd69d9eade9f289880ec0cb2
Reviewed-on: https://chromium-review.googlesource.com/1078308
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53437}
2018-05-30 11:25:35 +00:00
Camillo Bruni
812f2420ef [CSA] Type AllocateFixedArray users
Type users of AllocateFixedArray with intptr parameters.

Bug: v8:7796
Change-Id: I4b155fb3fcb90fe66a3c20a24f0cea678a5d85bc
Reviewed-on: https://chromium-review.googlesource.com/1078347
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53436}
2018-05-30 11:21:25 +00:00
Michael Starzinger
ca67753144 [assembler] Remove {RelocInfo::set_constant_pool} setter.
R=jgruber@chromium.org

Change-Id: I9925ded8cee5c620f543171b2f93abb1f954e72e
Reviewed-on: https://chromium-review.googlesource.com/1078438
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53435}
2018-05-30 10:47:12 +00:00
jgruber
faa18098d0 [mips,mips64] Fix sp and fp offsets for INTERNAL frames
https://crrev.com/c/1075047 introduced a bug on mips/mips64 in which
sp and fp offsets were set incorrectly for INTERNAL frames.

Bug: v8:6666,chromium:847728,chromium:847568
Change-Id: I9a48d30a82f10a4af50f1ed4dc1d77e8defbdd77
Reviewed-on: https://chromium-review.googlesource.com/1078109
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53434}
2018-05-30 10:28:12 +00:00
Ben L. Titzer
200dcb0557 Add size estimate to Managed<T>
Extends the functionality of Managed<T> to track an estimated size
for the external memory associated with an instance of Managed<T>
in order to allow for proper accounting in the garbage collector.

R=mstarzinger@chromium.org
CC=ulan@chromium.org

Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I8c49c6245eaf267c9264ebb93b43d5dfbf4671fd
Reviewed-on: https://chromium-review.googlesource.com/1076332
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53433}
2018-05-30 10:26:21 +00:00
jgruber
70b5fd3b6e [api] Add option to consume code cache on module compilation
This extends the ScriptCompiler::CompileModule function with a
CompileOptions argument. Accepted values are kNoCompileOptions (in
which case, behavior remains unmodified) and kConsumeCodeCache. If the
latter is passed, we try to fetch the given module from the code
cache.

Since it is possible to compile the same source code as both a script
and a module (and different code is generated for the two cases), a
new is_module bit is added to the SerializedCodeData header to
disambiguate between the two cases.

Bug: v8:7685
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I34b3642505577ed9ed0caedbee5876308c5a53ea
Reviewed-on: https://chromium-review.googlesource.com/1073327
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53432}
2018-05-30 07:32:48 +00:00
v8-autoroll
39e7d8f90c Update V8 DEPS.
Rolling v8/build: 39cffda..10a93c2

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/0043a4a..8fbdf9f

Rolling v8/third_party/depot_tools: f16fdf3..cf4aced

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I3057ec6ca493b4b901ff47fd037ccab2350f5b0e
Reviewed-on: https://chromium-review.googlesource.com/1077847
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53431}
2018-05-30 03:30:48 +00:00
Daniel Bratell
f95d7bcbcc Rename local macro CHECK_RECEIVER -> CHECK_RECEIVER_OBJECT
builtins_util.h declares a macro named CHECK_RECEIVER and in some
extreme jumbo build configurations, that macro will end up in the
same translation unit as runtime-dataview.cc

Bug: v8:7792
Change-Id: I6db865b6061afd6bf1c74b3a172485d68c749929
Reviewed-on: https://chromium-review.googlesource.com/1075052
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53430}
2018-05-29 22:55:43 +00:00
Anna Henningsen
edd6803f3b [SAB] Document and tighten FutexEmulation mutex_ scope
Document what pieces of data the global `FutexEmulation::mutex_`
mutex protects from concurrent access, and reduce the scope
in which said mutex is locked during `FutexEmulation::Wait()`
to match that description more closely.

Change-Id: I0764efabac06814d83ed5c4af4eb7da34af47cab
Reviewed-on: https://chromium-review.googlesource.com/1074689
Commit-Queue: Ben Smith <binji@chromium.org>
Reviewed-by: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53429}
2018-05-29 22:18:33 +00:00
Andreas Haas
2301ffe71a [wasm] Do not restart compilation tasks after compilation failed
This CL fixes a bad interleaving that can happen between the
CompilationState and streaming compilation. In that particular
interleaving, streaming compilation tries to restart compilation tasks
after compilation failed already, which fails with a check in the
CancelableTaskManager. The problem is the following:

The CompilationState notifies the streaming decoder of compilation
errors. After receiving the notification, the streaming decoder
ignores all subsequent incoming bytes. However, the CompilationState
does not notify the streaming decoder directly, it posts a task
which will notify the streaming decoder. This means that between the
failing of compilation and the notification of the streaming decoder
there is a time window in which compilation already failed but the
streaming decoder can still restart compilation tasks. The crash
happened when this time window was hit.

With this CL we check that compilation did not fail before we restart
compilation tasks. I was never able to reproduce this crash, so I don't
really know if this particular issue caused the crash.

R=titzer@chromium.org

Bug: chromium:840713
Change-Id: Ic522b1c21a7d7749c1e7f6097aa450a09fb271cc
Reviewed-on: https://chromium-review.googlesource.com/1075787
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53428}
2018-05-29 19:34:43 +00:00
Junliang Yan
aeb8f3246a PPC/s390: [masm] Don't push CodeObject when entering INTERNAL frames
Port 757631830d

Original Commit Message:

    The code slot of internal frames seems to be basically unused.
    As always, there are exceptions:

    1. In elements.cc we check whether the current code object is the apply
    builtin. We can use a heap lookup through the frame's pc instead.
    2. In isolate.cc we store a reference to the frame's code object to try
    and pack it into the minidump. This can safely be skipped.

    Remaining use-sites in frames.cc all skip INTERNAL frames by using the
    JavaScriptFrameIterator.

R=jgruber@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I3612b206f25b9e53645d2e1bc726a5e318a1f4be
Reviewed-on: https://chromium-review.googlesource.com/1076505
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#53427}
2018-05-29 18:57:02 +00:00
Junliang Yan
8993cff544 PPC/s390: [wasm] Introduce specialized WasmCompileLazy frame type.
Port b2abe2cf97

Original Commit Message:

    This makes the WasmCompileLazy builtin push a new WASM_COMPILE_LAZY
    frame type. We can thereby remove the workaround to return a relocated
    instance from the underlying runtime function. It also removes the last
    remaining embedded code objects from {WasmCode} objects.

R=mstarzinger@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: Icdc1ee06a1fade4bb805ae0fadf8219316731cd7
Reviewed-on: https://chromium-review.googlesource.com/1076529
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#53426}
2018-05-29 18:14:42 +00:00
Eric Holk
30d7d1a130 [wasm] Removed shared empty backing store
This is no longer needed now that Wasm is more aggressive about
collecting old memories. It also causes problems with the upcoming trap
handler fallback path.

Change-Id: I4b8513c28e0c0d7c6b232d399c1d97b645499ef1
Reviewed-on: https://chromium-review.googlesource.com/1043277
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Eric Holk <eholk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53425}
2018-05-29 17:58:38 +00:00
Vincent Belliard
6e374c17b4 [arm64][Liftoff] implement emit_type_conversion
Bug: v8:6600
Change-Id: I8662ac3589a6244565402c748624ea03d3e31960
Reviewed-on: https://chromium-review.googlesource.com/1071719
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Vincent Belliard <vincent.belliard@arm.com>
Cr-Commit-Position: refs/heads/master@{#53424}
2018-05-29 17:57:18 +00:00
Junliang Yan
d483edb5dd PPC/s390: [stubs] Route all ArrayConstructor stub accesses through CodeFactory
Port 0a373f8a0d

Original Commit Message:

    This is the initial step towards moving all array constructor stubs to
    builtins.

R=jgruber@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I3b46a3bd91780c2be938f710ceb18a7a8cd1824e
Reviewed-on: https://chromium-review.googlesource.com/1076595
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#53423}
2018-05-29 17:36:48 +00:00
Andreas Haas
3d52841dce [heap] Use the taskrunner API for the MemoryReducer
This CL switches to the new taskrunner API in the MemoryReducer. We
want to remove the old API eventually so that there is only one API for
task posting.

R=ulan@chromium.org
CC=gab@chromium.org

Change-Id: I1dd16e42dc0fca013a97c76dfce9c6479b97521b
Reviewed-on: https://chromium-review.googlesource.com/1061531
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53422}
2018-05-29 16:21:18 +00:00
Simon Zünd
7975b8cef9 [vscode-torque] Add vscode extension with basic Torque support.
This CL creates the "tools/torque" directory. It moves the existing
two scripts (making the parser and formatting Torque code) into that
director.

The extension lives in "tools/torque/vscode-torque" and currently only
provides basic syntax highlighting support. The easiest way to
install the extension is to simply create a symlink into your local
vscode extension directory (see README.md).

R=jgruber@chromium.org, tebbi@chromium.org

Change-Id: Ifc22b615341ed18f91c9b046090f569fcc083ab6
Reviewed-on: https://chromium-review.googlesource.com/1076548
Commit-Queue: Simon Zünd <szuend@google.com>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53421}
2018-05-29 16:03:38 +00:00
Simon Zünd
0dbac434af [js-perf-test] Make regress-2185-2 test into a benchmark.
The regression test 2185-2 measured the Array.p.sort time for various
pre-sorted data configurations. This CL adds the various data
configurations to the ArraySortPreSorted benchmark and removes the
regression test altogether.

R=cbruni@chromium.org, jgruber@chromium.org

Change-Id: I6e2eb235e4a7578f4a107229bfc6a9e89a3aa5e3
Reviewed-on: https://chromium-review.googlesource.com/1076188
Commit-Queue: Simon Zünd <szuend@google.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53420}
2018-05-29 15:56:58 +00:00
Mathias Bynens
dd78d60359 Ship Array.prototype.{flat,flatMap} 🎉
Intent to ship:
https://groups.google.com/d/msg/v8-users/15GL4-UHEcE/OEKOou3bBgAJ

Bug: v8:7220
Change-Id: Ib1efde29e27b956db3d8ebf12ff7a3f163db7c22
Reviewed-on: https://chromium-review.googlesource.com/1076335
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53419}
2018-05-29 15:44:18 +00:00
Camillo Bruni
f728d6984d [js-perf-test] Consistently use createSuite in all benchmarks
Change-Id: I7bf0144bacd0572a42b98d0a0f19df3daf63128b
Bug: chromium:840785
Reviewed-on: https://chromium-review.googlesource.com/1051240
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53418}
2018-05-29 15:06:48 +00:00
Junliang Yan
8b37b69824 PPC/s390: [stubs] General stub cleanup (includes & platform-independent code)
Port c52b7af57d

R=jgruber@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I75ec0305f618336ce63fb664ae356dfcf48948c4
Reviewed-on: https://chromium-review.googlesource.com/1075468
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#53417}
2018-05-29 15:02:28 +00:00
Simon Zünd
9ef4df2f30 [torque] Add unsafe cast to Torque.
This CL is a proposal to add "checked" casts (CAST in CSA) to the Torque language.
The CL adds the "unsafe_cast<>" operator that emits a "CAST".

Example:

let n: Number = ...;
...
if (TaggedIsSmi(n)) {
  let m: Smi = unsafe_cast<Smi>(n);
  ...
}

The cast wont incur a runtime overhead now.

R=tebbi@chromium.org

Change-Id: I9fca90d1d11e61617ba0270e5022fd66200e2195
Reviewed-on: https://chromium-review.googlesource.com/1070151
Commit-Queue: Simon Zünd <szuend@google.com>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53416}
2018-05-29 14:59:58 +00:00
Anna Henningsen
0fd549f885 [api] Allow escaping MaybeLocal handles on EscapableHandleScope
This adds a convenience overload for `EscapableHandleScope::Escape()`
which moves `MaybeLocal<T>`s into the outer scope, like a regular
`Local<T>`.

This basically moves the syntactic clutter of having to write
`maybe_local.FromMaybe(Local<Foo>())` instead of just `maybe_local`
to a central location.

Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I1d87d75c6564b10e8ec34957bdd3eac46ffea917
Reviewed-on: https://chromium-review.googlesource.com/1056529
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53415}
2018-05-29 14:51:18 +00:00
Tobias Nießen
dcc76e7e45 [simulator] Fix simulator output
This change fixes the usage message of arm, mips, mips64, ppc and s390
simulators.

Change-Id: Ib00d3049cb1c81c2653ee8b66d21eabde8f16f76
Reviewed-on: https://chromium-review.googlesource.com/1059623
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53414}
2018-05-29 14:38:28 +00:00
Sebastien Marchand
df2419039c Fix a Jumbo breakage
see crbug.com/841460 , we recently hit some build issues when using
Goma + jumbo builds because of a conflict on the definition of CONST,
v8 defines it in globals.h and including windows.h also defines it. It
should be possible to fix this by adding a bunch of #undef CONST but it
seems a little bit hacky and might not always work (this could only fix
the problem temporary if the jumbo merge limit changes and cause some
include files to get included in a different order).

Renaming the v8 definition of CONST to kConst, this follows the
style guide guidelines: "there is no reason to change old code to use
constant-style names, unless the old names are actually causing a
compile-time problem"
(https://google.github.io/styleguide/cppguide.html#Enumerator_Names)

I also had to turn the PropertyConstness enum into an enum class to
avoid some conflicts (both PropertyConstness and VariableMode define
kConst).


Bug: chromium:841460
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I2b70b9095374e88a5ae364cc557b39f20a3ab60f
Reviewed-on: https://chromium-review.googlesource.com/1064197
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sébastien Marchand <sebmarchand@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53413}
2018-05-29 14:36:48 +00:00
Mathias Bynens
10b98d0d93 Stage Array.prototype.{flat,flatMap}
Proposal repo: https://tc39.github.io/proposal-flatMap/

Bug: v8:7220
Change-Id: I79022fe26c609225dce21c0b45e8bedff12cc7b5
Reviewed-on: https://chromium-review.googlesource.com/1076427
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53412}
2018-05-29 14:24:18 +00:00
Tobias Tebbi
bf9d2893f0 [torque] add union types
This adds support for union types to Torque.

There is a new type expression
A | B
to form the union of the type expressions A and B.
This is only possible if A and B have a common supertype, to prevent
nonsensical unions of types with different representations.

Union types are normalized:
A | B == B | A
A | (B | C) == (A | B) | C
A | A == A

The subtyping rules are defined recursively:
(A | B) <: C  if  A <: C and B <: C
A <: (B | C)  if  A <: B or A <: C

This allows to define Object as a union type:

type Tagged generates 'TNode<Object>';
type Smi extends Tagged generates 'TNode<Smi>';
type HeapObject extends Tagged generates 'TNode<HeapObject>';
type Object = Smi | HeapObject;

The type {Tagged} is introduced to have a common supertype of all
tagged values, but we should not use it directly, because {Object}
contains the additional information that there is nothing but {Smi}
and {HeapObject} values.

When mapping union types to CSA types, we select the most specific
common supertype. For Number and Numeric, we already use union types
on the CSA side. Since it is not possible to map to CSA union types
in general, we special-case these two union types to map them to
the CSA union types we already use.

Bug: v8:7793
Change-Id: I7a4e466436f55d04012f29ef17acfdb957653908
Reviewed-on: https://chromium-review.googlesource.com/1076132
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53411}
2018-05-29 14:12:57 +00:00