Commit Graph

54974 Commits

Author SHA1 Message Date
Michael Achenbach
1d966566a4 [release] Make included trybots in roll CL description more readable
NOTRY=true

Change-Id: I40ef00c7c2886f356de9f0caa667f453b63b7637
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1539837
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60482}
2019-03-27 07:55:37 +00:00
v8-ci-autoroll-builder
e5ec70dd40 Update V8 DEPS.
Rolling v8/build: aee5bb4..5256fba

Rolling v8/buildtools: 31e0bb5..d09c967

Rolling v8/buildtools/third_party/libc++/trunk: 4daecde..955113d

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/85ead57..2b058ca

Rolling v8/third_party/depot_tools: e17d1ed..c74cce1

Rolling v8/tools/clang: 23688af..e0abf7a

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I5a9ea4b5f86dddf8cbee9cdc9dd6460409065f33
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1540381
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#60481}
2019-03-27 03:44:48 +00:00
Bill Budge
1c378d02c1 [wasm simd] Fix F32x4Min/Max bug with signaling NaNs.
- Fixes a bug where signaling NaNs are converted to
  Infinities rather than quiet NaNs.

Bug: v8:6020,v8:8639
Change-Id: I2601378f06f1987983f2b93e8970f401333073be
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1536911
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60480}
2019-03-27 01:10:48 +00:00
Milad Farazmand
b0cfb7786b PPC/S390: [lite] Allocate feedback vectors lazily
Port: 7629afdb9d

Original Commit Message:

    Allocate feedback vectors lazily when the function's interrupt budget has
    reached a specified threshold. This cl introduces a new field in the
    ClosureFeedbackCellArray to track the interrupt budget for allocating
    feedback vectors. Using the interrupt budget on the bytecode array could
    cause problems when there are closures across native contexts and we may
    delay allocating feedback vectors in one of them causing unexpected
    performance cliffs. In the long term we may want to remove interrupt budget
    from bytecode array and use context specific budget for tiering up decisions
    as well.

Change-Id: I261a7f7cedbdaa3be2d0cf22bfa701598f749fd9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1539794
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#60479}
2019-03-27 00:59:18 +00:00
Deepti Gandluri
dfc0100aff [wasm-simd] Add tracing for S128 Locals in the interpreter
Change-Id: Ibe60c5025a25b353e6661576872a8fda1aeef5de
Bug: v8:9014
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1536986
Reviewed-by: Aseem Garg <aseemgarg@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60478}
2019-03-26 23:30:06 +00:00
Frank Tang
af8aef071f Roll test262
Bug: v8:7834
Change-Id: I513f13033dd9aab72a78feb45ec5181183f9cc51
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538833
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60477}
2019-03-26 21:39:06 +00:00
Georg Neis
b9076b4976 [csa] Fix instanceof for LHS with proxy in prototype chain
If the LHS has a proxy in its prototype chain (or is itself one), then
the LHS's [prototype_or_initial_map] being the hole does not necessarily
imply that the result is false.

This CL also adds support for --force-slow-path, which would have been
useful in finding this bug earlier.

Bug: v8:9036
Change-Id: I6f5134d6ce18f9f14549ced3d33527f54ce9bcb2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1539497
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60476}
2019-03-26 19:35:25 +00:00
Michael Achenbach
227f8e99e0 Whitespace change to trigger builders
Change-Id: I6169e925f9f77e3a6b8f90c0df5ecedcb4164c2b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1539499
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60475}
2019-03-26 19:33:49 +00:00
Michael Achenbach
470aaf6699 Revert "[wasm] Implement table.init for interpreter"
This reverts commit 63608968b6.

Reason for revert:
https://ci.chromium.org/p/v8/builders/ci/V8%20Win32%20-%20debug/19535

Original change's description:
> [wasm] Implement table.init for interpreter
> 
> This also fixes CheckCallViaJS when a trap occurs. In that case, the
> trap callback is called instead of an exception being thrown, so if it
> isn't handled, a bogus result will be returned instead.
> 
> Bug: v8:8965
> Change-Id: I560e89f353756df23c062fb8c9484d9971c19253
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1539078
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Commit-Queue: Ben Smith <binji@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60473}

TBR=binji@chromium.org,mstarzinger@chromium.org

Change-Id: Iee528ac2f16988b25579af3555e6f17974cb0b05
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8965
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1539498
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60474}
2019-03-26 19:27:00 +00:00
Ben Smith
63608968b6 [wasm] Implement table.init for interpreter
This also fixes CheckCallViaJS when a trap occurs. In that case, the
trap callback is called instead of an exception being thrown, so if it
isn't handled, a bogus result will be returned instead.

Bug: v8:8965
Change-Id: I560e89f353756df23c062fb8c9484d9971c19253
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1539078
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60473}
2019-03-26 18:49:16 +00:00
Deepti Gandluri
fff8b5ca1d [wasm-simd] Fix Interpreter BitSelect and Boolean reductions
- Swap BitSelect operand order
 - Simplify, fix bugs for reductions

Bug: v8:8636, v8:8665
Change-Id: I9f43ac8007f9ecb317b1ffa4f99e9c249c58a2dd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1534972
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60472}
2019-03-26 18:12:02 +00:00
Clemens Hammacher
d6c888d690 [wasm] Reorder instance fields
Reorder fields such that often-accessed fields are first. This
minimized generated code size on x86 and x64.

R=titzer@chromium.org

Bug: chromium:839919
Change-Id: Ia2ef9bd2f9a1aa735ed9b1de93cb78aa5d77467b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538120
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60471}
2019-03-26 16:56:48 +00:00
Sigurd Schneider
432751ae75 [cleanup] Reduce dependents of ordered-hash-table.h to 71.
Together with the previous CL, this is a 10x improvement.


Bug: v8:8834
Change-Id: I89b86ee88c82479997c08b725571369b1bf9d190
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1539592
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60470}
2019-03-26 16:13:58 +00:00
Simon Zünd
44290e04d0 [torque] Fix typo in class definitions (week -> weak)
R=sigurds@chromium.org

Bug: v8:8952
Change-Id: I93a9a136e83510a92cd38b2bb16d0965be95110a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538483
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60469}
2019-03-26 15:46:05 +00:00
Clemens Hammacher
42127d825f [wasm] Allow mixing tagged and untagged fields
In WasmInstanceObject we want to reorder the fields such that fields
that are often accessed from generated code have a small offset (<128
bytes). This requires mixing tagged and untagged fields.
This CL prepares the existing GC support for WasmInstanceObject to only
visit the listed tagged fields.

R=titzer@chromium.org

Bug: chromium:839919
Change-Id: Ia85d7bcfff54af35785b6d573e7e682a26c39ae6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538119
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60468}
2019-03-26 15:18:21 +00:00
Nico Weber
a0c30858ff Disable v8_use_snapshot by default in 32-bit mac->win cross builds.
The snapshot requires building host code in target bitness, and
chromium's base doesn't build in 32-bit on mac hosts due to some
64-bit-only assembly code.

Bug: chromium:794838
Change-Id: I89887fe63c88c435bc4743c3d99f22ffe79a5bd6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1534635
Auto-Submit: Nico Weber <thakis@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Nico Weber <thakis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60467}
2019-03-26 15:12:51 +00:00
Leszek Swirski
e1f5da3cff [objects] Clean up string instance type docs
Moves the string instance type tag definitions around to be in order, makes
their definitions slightly clearer (in terms of shifted 1 rather than hex
values), and unifies/fixes the descriptions of the bits in the comments.

Bug: v8:8834
Change-Id: I632b93053734445264f6c607c541e4171aae8038
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1539583
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60466}
2019-03-26 14:11:31 +00:00
Jaroslav Sevcik
e6fbf933b8 [turbofan] Run memory optimizer last.
Run memory optimizer after all the other graph phases. This is
a step towards enabling allocation folding for arrays with
>16 elements because constant additions will be properly
constant-folded.

Bug: v8:8984
Change-Id: Ia3c78a3bd32264f4f83d3e20bd78abf240d9292b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1539496
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60465}
2019-03-26 13:52:01 +00:00
Jaroslav Sevcik
37c861a7d6 [turbofan] Fix receiver != holder case for constant loads.
Bug: chromium:945187
Change-Id: If6f36a4767ffda5f23873c79775116514dd0a2b6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1539582
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60464}
2019-03-26 13:50:41 +00:00
Milad Farazmand
040887988a Revert "PPC/S390: [heap] Clean-up keys of oldspace weakmaps during scavenge"
This reverts commit dd07cbcfdf.

Change-Id: I3397af6d5c5cf2349b35c940eb46f4f9d2440a50
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538904
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#60463}
2019-03-26 12:58:23 +00:00
Georg Neis
2f1a38da21 [turbofan] Fix typo in macro name
TBR=jarin@chromium.org

Bug: v8:7790
Change-Id: I8aeced2c149ef1a97d6e9df4f21afcf6a4145be0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1539636
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60462}
2019-03-26 11:12:01 +00:00
Sigurd Schneider
6d0fe3e45a [cleanup] Free 400 targets from the draconic reign of..
..ordered-hash-table.h.

Bug: v8:8834
Change-Id: Ibb79006beb020d06bc516d9a2dac81015a403728
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538518
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60461}
2019-03-26 10:56:21 +00:00
Georg Neis
294671e832 [turbofan] Support GetSuperConstructor in serializer
Drive-by: also add support for trivial bytecodes such as LdaFalse.

Bug: v8:7790
Change-Id: I72626500096310899d37d57e3d0dd3bd54fddff4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1532066
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60460}
2019-03-26 10:23:55 +00:00
Mike Stanton
539017b0b6 [Builtins] Make it harder to store signalling NaNs in Torque/CSA
The bottlenecks to prevent storing signalling NaNs in backing stores
were not perfect. This change makes it harder by ensuring that all
the Torque-side "[]=" operator overloads for FixedDoubleArray stores
have signalling NaNs silenced.

Bug: chromium:944435
Change-Id: I295d9b34f4c896db30989bb9db1a2b452daa03ae
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538517
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60459}
2019-03-26 10:22:50 +00:00
Georg Neis
2bd4bc6f04 [turbofan] Create helper for inserting map checks
... in the case of unreliable receiver maps in JSCallReducer.

Change-Id: I68aea1f74fe98f3ac9bc7251f1af789f2cf9bc56
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1532332
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60458}
2019-03-26 09:46:45 +00:00
Georg Neis
1750001733 [turbofan] Don't serialize for CallNoFeedback bytecode
We don't normally generate code for that.

R=jarin@chromium.org

Bug: v8:7790
Change-Id: Icd8b61e894b721ac44fd1d79d2460def9c8c5af3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1535824
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60457}
2019-03-26 09:45:40 +00:00
Sigurd Schneider
fe98ad93e9 Add V8_EXPORT to TickSample
Bug: v8:9020
Change-Id: Ieeec2b237b0531a84ea71dc53d24444c3425dda7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538130
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60456}
2019-03-26 09:19:31 +00:00
Benedikt Meurer
ea7b41ce34 [tracing] Log detailed information via "v8.turbofan" category.
The details of the TurboFan pipeline stages are probably not relevant to
most users of the "disabled-by-default-v8.compile" category, so we now
log them to "disabled-by-default-v8.turbofan" category instead.

Bug: v8:8598, v8:9039
Change-Id: Ib451f163f74eb11ffbeb0dc6f2ee590208bd296b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538135
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60455}
2019-03-26 07:30:44 +00:00
Michael Lippautz
5c765ce405 Remove unused GN flag v8_enable_full_heap_snapshots
The flag has been replaced by v8_enable_raw_heap_snapshots.

Bug: chromium:936797
Change-Id: I2466c6636c462fe49a090dc3c262c80fc40d783f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1532329
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60454}
2019-03-26 05:08:03 +00:00
v8-ci-autoroll-builder
4a049eddd9 Update V8 DEPS.
Rolling v8/build: 625ee00..aee5bb4

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/347c5e4..85ead57

Rolling v8/third_party/depot_tools: ba35c7f..e17d1ed

Rolling v8/tools/clang: ad70d89..23688af

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I291cce7855a51614bde1d858e3705db03235cbed
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1539276
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#60453}
2019-03-26 03:36:53 +00:00
Frank Tang
7b2d7d4528 [Intl] Only use DecimalFormat
Force to use locale with extension if the created NumberFormat
is not a DecimalFormat.
Check the dynamic class id.
Guard DecimalFormat casting code

Bug: v8:9035
Change-Id: Id32a3f652b93ddfca82f95f30ad2107b364ee7fc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1536571
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60452}
2019-03-26 00:28:47 +00:00
Cliff Smolinsky
31d7e1d366 Replace shlwapi call with STL.
The only use of shlwapi is for a single method which can be easily
replaced by simple wstring calls. This change makes that swap and
removes the reference to shlwapi completely.

Bug: v8:9031
Change-Id: Ia8f2c44e8166d93e309016896b26a84bdb90d720
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1534960
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Cliff Smolinsky <cliffsmo@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#60451}
2019-03-25 16:59:58 +00:00
Mythri
7629afdb9d [lite] Allocate feedback vectors lazily
Allocate feedback vectors lazily when the function's interrupt budget has
reached a specified threshold. This cl introduces a new field in the
ClosureFeedbackCellArray to track the interrupt budget for allocating
feedback vectors. Using the interrupt budget on the bytecode array could
cause problems when there are closures across native contexts and we may
delay allocating feedback vectors in one of them causing unexpected
performance cliffs. In the long term we may want to remove interrupt budget
from bytecode array and use context specific budget for tiering up decisions
as well.

Bug: v8:8394
Change-Id: Ia8fbb71f5e8543a92f14c44aa762973da82d445c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1520719
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60450}
2019-03-25 16:02:38 +00:00
Igor Sheludko
26ffe82e70 [classes] Properly handle static length computed property
Bug: chromium:913943
Change-Id: I2f7774ca1ea0a7855620a99d7e26cd764260129b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538124
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60449}
2019-03-25 15:35:08 +00:00
Benedikt Meurer
a2af7e1101 [tracing] Improve tracing signals for compilation/optimization.
This adds OBJECT/SNAPSHOT trace events for Script and SharedFunctionInfo
objects, logging their creation with appropriate information to make
sense of them.

Based on that we introduces five flow events to model the optimized
compilation via tracing in the "disabled-by-default-v8.compile" category:

  - "v8.optimizingCompile.start" logs the creation of the
    PipelineCompilationJob (for TurboFan JavaScript optimization)
    with the "function" argument referring to the trace event
    object created for the SharedFunctionInfo.
  - "v8.optimzingCompile.prepare" logs the preparation of the
    PipelineCompilationJob on the main thread, also carrying the
    "function" argument. This connects the flow event to the actual
    tracing duration event associated with the preparation phases.
  - "v8.optimizingCompile.execute" logs the (usually concurrent)
    optimization of the TurboFan graph (again with "function").
  - "v8.optimizingCompile.finalize" logs the main thread phase which
    finalizes the optimized code and eventually installs it (in case
    of success).
  - "v8.optimizingCompile.end" signals the end of the
    PipelineCompilationJob, which carries the "compilationInfo",
    that contains the interesting bits of the OptimizedCompilationInfo,
    specifically whether the compile was successfull and which functions
    were inlined for example.

This also adds two instant events "V8.AbortOptimization" and
"V8.RetryOptimization" in "disabled-by-default-v8.compile" category
that are emitted when TurboFan cannot optimize a certain function.
In case of "V8.RetryOptimization", TurboFan might be able to optimize
it later, whereas "V8.AbortOptimization" permanently disables the
optimization of a given function. The JSON representation of this is

```js
{
  "pid": 256639,
  "tid": 256639,
  "ts": 6935411377801,
  "tts": 159116,
  "ph": "I",
  "cat": "disabled-by-default-v8.compile",
  "name": "V8.AbortOptimization",
  "dur": 0,
  "tdur": 0,
  "args": {
    "reason": "Function is too big to be optimized",
    "function": {
      "id_ref": "0x600000001",
      "scope": "v8::internal::SharedFunctionInfo"
    }
  }
},
```

where the "function" refers to a previously emitted SNAPSHOT for the
function in question. In the trace viewer it will show up as instant
event under "v8.optimizingCompile.prepare" in case of the relevant
example where optimization is disabled due to reaching the bytecode
limit (as in the JSON above), i.e. it'll look something like this

  https://i.paste.pics/aafc2de9df10ea8f5acc1a761d80f07b.png

for the example highlighted in the recent blog post

  https://ponyfoo.com/articles/javascript-performance-pitfalls-v8

that describes the optimization limit. The "v8.optimizingCompile.end"
duration event will also carry this information as part of the
"compilationInfo" object, but specifically for CI tools, etc. it might
be a whole lot easier to just look for the "V8.AbortOptimization"
instant event.

Bug: v8:8598, v8:9039
Tbr: ulan@chromium.org
Doc: bit.ly/v8-tracing-signals
Change-Id: Ic87ac336004690c65b6b15ad73bc6fbd4b5f12c4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1511483
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60448}
2019-03-25 14:49:08 +00:00
Sigurd Schneider
24038b9357 Revert "[heap] Clean-up keys of oldspace weakmaps during scavenge"
This reverts commit 6604f1826d.

Bug: chromium:945341

Original change's description:
> [heap] Clean-up keys of oldspace weakmaps during scavenge
> 
> This CL adds handling for cleaning up weakmap (EphemeronHashTable)
> keys during scavenge, even if the weakmap resides in oldspace.
> 
> Change-Id: If8d711c050ddbcae4dd6e8da549e0c0d08ba47b2
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1523787
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60432}

TBR=ulan@chromium.org,jarin@chromium.org,sigurds@chromium.org,leszeks@chromium.org

Change-Id: I9dd9b11990a262a457fd1bedc2b45b4a786a81f7
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538133
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60447}
2019-03-25 14:31:03 +00:00
Milad Farazmand
dd07cbcfdf PPC/S390: [heap] Clean-up keys of oldspace weakmaps during scavenge
Port 6604f1826d

Original Commit Message:

     This CL adds handling for cleaning up weakmap (EphemeronHashTable)
     keys during scavenge, even if the weakmap resides in oldspace.

Change-Id: Idf8b6115e57b1229864afefe6ffee85acb5e7547
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538320
Reviewed-by: Milad Farazmand <miladfar@ca.ibm.com>
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#60446}
2019-03-25 14:29:58 +00:00
Michael Starzinger
080fa87143 [asm.js] Fix break depth calculation for named blocks.
The target of a 'break' statement without a provided label must be a
regular block belonging to a surrounding loop or switch statement, named
blocks (i.e. the one that just define a label) on the other hand must be
targeted specifically with the provided label (and not implicitly). This
fixes the behavior by introducing a dedicated {BlockKind::kNamed} for
this purpose.

R=clemensh@chromium.org
TEST=mjsunit/regress/regress-9022
BUG=v8:9022

Change-Id: I94c3d5b1196ed94b8b1b31f6eb3b68070cf324e8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538126
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60445}
2019-03-25 14:00:58 +00:00
Sigurd Schneider
368d04bd1b Revert "[debug] Mark toLocaleString and TA#join builtins as side-effect free."
This reverts commit 660d828790.

Reason for revert: breaks no-i18n build:
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20noi18n%20-%20debug/25919

Original change's description:
> [debug] Mark toLocaleString and TA#join builtins as side-effect free.
> 
> Bug: chromium:940373
> Change-Id: If5f90ff5f873f0687c6a6a4063e0d09d6bbbd556
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1533157
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Peter Wong <peter.wm.wong@gmail.com>
> Cr-Commit-Position: refs/heads/master@{#60440}

TBR=yangguo@chromium.org,peter.wm.wong@gmail.com,petermarshall@chromium.org,szuend@chromium.org

Change-Id: I5ee52f8f37bea83e80c53838d232332cb3486640
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:940373
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538132
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60444}
2019-03-25 13:57:10 +00:00
Peter Marshall
bad7b827f0 [cleanup] Clean up trace event tests by removing macros
The macros take implicit local arguments and make the tests harder to
read. Remove the macros and add a helper to get size directly given
this is the only use of the helper that returns the whole list.

Remove the typedef of vector of trace events, because it is only used
in two places now and is also called 'list' not vector.

Use unique pointers for the ownership of MockTraceObject.

Change-Id: Iec495c436cf7326224137321a84035c817622eaa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538131
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60443}
2019-03-25 13:46:58 +00:00
Benedikt Meurer
19dcbec829 [cleanup] Remove obsolete --type_info_threshold flag.
The --type_info_threshold is no longer supported for a long time and
doesn't do anything useful nowadays, so no point in having that around.

Drive-by-fix: Remove the FeedbackVector::ComputeCounts() logic, since
it's dead code anyways by now.

Bug: v8:8834
Change-Id: I05f7517b3b82e34c0a83357337a456ab9c9f1f42
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538128
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60442}
2019-03-25 13:40:38 +00:00
Clemens Hammacher
573a91cd16 [wasm][gc] Introduce GlobalWasmCodeRef for use in FrameArray
{FrameArray} needs a way to keep {WasmCode} alive from a JS container.
This CL instruces {GlobalWasmCodeRef}, which is the equivalent to a
global handle: It increments the {WasmCode} reference counter on
construction and decrements it on destruction.
The {GlobalWasmCodeRef} is held in a {Managed} from JS.

R=titzer@chromium.org

Bug: v8:8217
Change-Id: I5604a666840c27078db63c8618412ca412525be1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1533862
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60441}
2019-03-25 13:26:31 +00:00
peterwmwong
660d828790 [debug] Mark toLocaleString and TA#join builtins as side-effect free.
Bug: chromium:940373
Change-Id: If5f90ff5f873f0687c6a6a4063e0d09d6bbbd556
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1533157
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Peter Wong <peter.wm.wong@gmail.com>
Cr-Commit-Position: refs/heads/master@{#60440}
2019-03-25 13:20:14 +00:00
Joyee Cheung
d9de15e5f1 Add missing include in ic.cc for V8_TRACE_FEEDBACK_UPDATES
It otherwise does not compile on macOS when V8_TRACE_FEEDBACK_UPDATES
is enabled.

Change-Id: Ie3abaf901a9e28a02aaebd1de96448ce097bd0d2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1537295
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Cr-Commit-Position: refs/heads/master@{#60439}
2019-03-25 13:12:03 +00:00
Clemens Hammacher
8e84ba3501 [wasm][gc] Add data structures for ref-counted WasmCode
This adds support to ref-count uses of WasmCode, and introduces a
{WasmCodeRefScope} to be used whereever WasmCode objects need to be
kept alive, e.g. because a pointer is passed around.
Future CLs will introduce proper scopes in the whole code base and
enable the DCHECK that's currently commented out.

R=titzer@chromium.org

Bug: v8:8217
Change-Id: I1659a0e9d57cd22fe70e6f2661d0d8af9f0906c7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1526005
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60438}
2019-03-25 13:07:08 +00:00
Jaroslav Sevcik
149b82230e [turbofan] Only lower constant load if feedback agrees with receiver map.
Bug: chromium:945187
Change-Id: I564a4495f13651ea9fdf1b95c25658b92ff9de49
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538125
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60437}
2019-03-25 13:06:04 +00:00
Benedikt Meurer
077e49a196 [turbofan] Remove duplicated optimization limit.
Before this change we had essentially two optimization limits, one hard
limit in the TurboFan pipeline (128KiB), and a soft limit in the runtime
profiler (60KiB). The hard limit was only relevant to --always-opt and
other internal test infrastructure, and the soft limit was always
enforced on regular JavaScript, but didn't properly disable further
optimization for the function (so for example --trace-opt would
continuesly report attempts to optimize the function).

Now with this change we only have the hard limit, set to 60KiB, in the
TurboFan pipeline and use that consistently.

Bug: v8:8598
Change-Id: I9e2ae7cb67de4a2256d3a7b9c3aee3dab60c2ec1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538127
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60436}
2019-03-25 12:38:31 +00:00
Sigurd Schneider
ceb0bea586 [WIP][deoptimizer] Accept kCompressed as state value input
Change-Id: Ie09953d0b9453a1f22312ad1782e2c41b8230679
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1533858
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60435}
2019-03-25 12:20:00 +00:00
Clemens Hammacher
f43b45a143 [wasm][cleanup] Use macros to load instance fields
Use the existing macros to load MemoryStart and MemorySize from the
instance.

R=titzer@chromium.org

Change-Id: Iaa597fedcfc4581503d7cdf2fb94da6e285cc545
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538122
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60434}
2019-03-25 12:00:49 +00:00
Benedikt Meurer
27258eb8cc [tracing] Log precise TurboFan/Wasm phase information via Tracing.
This extends the existing PipelineStatistics in the TurboFan pipeline
(also used for Wasm) to emit trace events for the various phases of the
(optimized) compilation. This works for "disabled-by-default-v8.compile"
and "disabled-by-default-v8.wasm" categories.

We also rename the existing phase names to match the naming convention
for the V8 trace events (starting with either "V8.TF" or "V8.Wasm") to
make it easy to spot and categorize them in the trace viewer.

This can be seen in action here

  https://i.paste.pics/a33c0e3942ff707af44f67ed4bac46b0.png

taken from a run of Octane/TypeScript.

Bug: v8:8598
Change-Id: Id40092ee8afc8d998532f8641780052769cad320
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538121
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60433}
2019-03-25 11:12:39 +00:00