Commit Graph

2516 Commits

Author SHA1 Message Date
Benedikt Meurer
248fd5ffe0 Revert "[turbofan] Do not consume SignedSmall feedback in TurboFan anymore."
This reverts commit 4fd92b252b.

Reason for revert: Significant tankage on the no-mitigations bots (bad timing on the regular bots)

Original change's description:
> [turbofan] Do not consume SignedSmall feedback in TurboFan anymore.
> 
> This changes TurboFan to treat SignedSmall feedback similar to Signed32
> feedback for binary and compare operations, in order to simplify and
> unify the machinery.
> 
> This is an experiment. If this turns out to tank performance, we will
> need to revisit and ideally revert this change.
> 
> Bug: v8:7094
> Change-Id: I885769c2fe93d8413e59838fbe844650c848c3f1
> Reviewed-on: https://chromium-review.googlesource.com/c/1261442
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#56411}

TBR=jarin@chromium.org,bmeurer@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: v8:7094
Change-Id: I9fff3b40e6dc0ceb7611b55e1ca9940089470404
Reviewed-on: https://chromium-review.googlesource.com/c/1267175
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56427}
2018-10-07 10:19:01 +00:00
Benedikt Meurer
4fd92b252b [turbofan] Do not consume SignedSmall feedback in TurboFan anymore.
This changes TurboFan to treat SignedSmall feedback similar to Signed32
feedback for binary and compare operations, in order to simplify and
unify the machinery.

This is an experiment. If this turns out to tank performance, we will
need to revisit and ideally revert this change.

Bug: v8:7094
Change-Id: I885769c2fe93d8413e59838fbe844650c848c3f1
Reviewed-on: https://chromium-review.googlesource.com/c/1261442
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56411}
2018-10-05 12:41:22 +00:00
Vasili Skurydzin
ab6462e883 ppc64,aix: fixed Abort() calling sequence on Aix
fixed Abort() calling sequence on platforms with function descriptors by taking
function descriptor of the External Reference object into account when calling
C code.

Change-Id: I54c04a5f1774f2768380cc5c95b1b807204335ce
Reviewed-on: https://chromium-review.googlesource.com/c/1258186
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#56356}
2018-10-03 19:40:59 +00:00
Sigurd Schneider
4130d6162b [wasm] Reflect unavailability of root register in linkage
The root register is not available in JS-to-Wasm functions, and
this was not reflected in the linkage. Similarily, it is not
available in C-to-Wasm functions.

Change-Id: I2dbfd06ef99d6f9b9940e9489f563441d9ebfabd
Bug: v8:6666
Reviewed-on: https://chromium-review.googlesource.com/1256766
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56346}
2018-10-02 16:31:48 +00:00
Georg Neis
26e6ed33c1 [turbofan] First steps in brokerizing JSNativeContextSpecialization.
Picking a few low-hanging fruits.

Bug: v8:7790
Change-Id: I798d579b1f1a08fab821e159d08f453d2dad89c1
Reviewed-on: https://chromium-review.googlesource.com/1254124
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56320}
2018-10-01 15:08:03 +00:00
Mathias Bynens
f7d357b20a Remove always-true --harmony-bigint runtime flag
It was shipped in Chrome 67.

Bug: v8:6791, v8:8238
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux_noi18n_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I94d8f0aa18570452403a35dea270b18f155c970a
Reviewed-on: https://chromium-review.googlesource.com/1253604
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56310}
2018-10-01 11:31:13 +00:00
Igor Sheludko
8034b9a539 [heap] Add missing notification about freed code range
It was accidentally removed in CL that introduced BoundedPageAllocator.

This CL also cleans up the CodeRangeAddressHint a bit.

Bug: v8:8096, chromium:887252
Change-Id: Idc84796dd1ff1b440cbe3515732984264defcf2d
Reviewed-on: https://chromium-review.googlesource.com/1249125
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56287}
2018-09-28 11:01:50 +00:00
Igor Sheludko
de5d1200b2 [ptr-compr] Re-imlpement BoundedPageAllocator::ReleasePages()
Trimming may free up some allocatable pages that can be reused by subsequent
allocations.

This CL also fixes base::AddressRegion::contains(Address, size_t).

Bug: v8:8096
Change-Id: I3b7381fd32f7dbf186dffc1a26d5a88cd8a30d2f
Reviewed-on: https://chromium-review.googlesource.com/1249127
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56284}
2018-09-28 10:41:06 +00:00
Florian Sattler
56c832a5a5 [utils] Move ThreadedList into own header
Change-Id: I49a4e9740f6a3715ca5cdafd121b3b99fed8dc6b
Reviewed-on: https://chromium-review.googlesource.com/1245428
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Florian Sattler <sattlerf@google.com>
Cr-Commit-Position: refs/heads/master@{#56267}
2018-09-27 15:07:41 +00:00
Creddy
0714bd9fa0 Reland "[interpreter] Separate bytecodes for one-shot property loads and stores"
This is a reland of eccf186749

Original change's description:
> [interpreter] Separate bytecodes for one-shot property loads and stores
> 
> Create LdaNamedPropertyNoFeedback and StaNamedPropertyNoFeedback
> for one-shot property loads and stores. This CL replaces the runtime
> calls with new bytecodes for named property load stores in one-shot code.
> the runtime calls needed extra set of consecutive registers and
> additional move instructions. This increased the size of
> bytecode-array and possibly extended the life time of objects.
> By replacing them with NoFeedback bytecodes we avoid these issues.
> 
> Bug: v8:8072
> Change-Id: I20a38a5ce9940026171d870d354787fe0b7c5a6f
> Reviewed-on: https://chromium-review.googlesource.com/1196725
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Chandan Reddy <chandanreddy@google.com>
> Cr-Commit-Position: refs/heads/master@{#56211}

Bug: v8:8072
Change-Id: Ie8e52b37daf35c7bc08bb910d7b15a9b783354e4
Reviewed-on: https://chromium-review.googlesource.com/1245742
Commit-Queue: Chandan Reddy <chandanreddy@google.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56266}
2018-09-27 13:56:53 +00:00
Georg Neis
bcbb6d9eb4 [turbofan] Prepare broker for the next steps.
- Add a new broker mode kRetired, in which the heap can
  again be accessed.
- Change the way modes work. We now always start in kDisabled.
  If FLAG_concurrent_compiler_frontend is on, we eventually move
  to kSerializing, then to kSerialized, then to kRetired.
- Add an ObjectDataKind to ObjectData that indicates whether the
  data is just a dummy (i.e. created while broker was in kDisabled
  mode).

This also happens to fix a bug found by clusterfuzz.

Bug: v8:7790, chromium:889722
Change-Id: I38833fe7ad26d2d3efb15ba560576defb82f673a
Reviewed-on: https://chromium-review.googlesource.com/1245425
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56260}
2018-09-27 10:22:51 +00:00
Clemens Hammacher
5ead3a5507 [wasm] Refactor code space allocation
Make {AllocateForCode} return an actual buffer, and move the OOM check
into that method. This allows us to generate more precise OOM messages.

R=mstarzinger@chromium.org

Change-Id: Ie9ed81248fe8068c92eec29a4911ffef43032de2
Reviewed-on: https://chromium-review.googlesource.com/1245769
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56258}
2018-09-27 09:57:59 +00:00
Clemens Hammacher
6d86857cd4 [wasm] Remove AddressRange, use base::AddressRegion
R=ahaas@chromium.org

Bug: v8:8015
Change-Id: Ic449b76ab3957bb989bbb1fc9cc1fb4782db7acf
Reviewed-on: https://chromium-review.googlesource.com/1240119
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56240}
2018-09-26 12:49:44 +00:00
Maya Lekova
3c3330f6f0 Revert "[interpreter] Separate bytecodes for one-shot property loads and stores"
This reverts commit eccf186749.

Reason for revert: Speculative revert because it seems to introduce a pretty stable flake on gc stress tests, see https://bugs.chromium.org/p/v8/issues/detail?id=8229

Original change's description:
> [interpreter] Separate bytecodes for one-shot property loads and stores
> 
> Create LdaNamedPropertyNoFeedback and StaNamedPropertyNoFeedback
> for one-shot property loads and stores. This CL replaces the runtime
> calls with new bytecodes for named property load stores in one-shot code.
> the runtime calls needed extra set of consecutive registers and
> additional move instructions. This increased the size of
> bytecode-array and possibly extended the life time of objects.
> By replacing them with NoFeedback bytecodes we avoid these issues.
> 
> Bug: v8:8072
> Change-Id: I20a38a5ce9940026171d870d354787fe0b7c5a6f
> Reviewed-on: https://chromium-review.googlesource.com/1196725
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Chandan Reddy <chandanreddy@google.com>
> Cr-Commit-Position: refs/heads/master@{#56211}

TBR=rmcilroy@chromium.org,yangguo@chromium.org,jarin@chromium.org,neis@chromium.org,cbruni@chromium.org,chandanreddy@google.com

Change-Id: I445db58e6d4c275b434fabad5fad775bf259033f
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8072
Reviewed-on: https://chromium-review.googlesource.com/1245421
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56232}
2018-09-26 08:36:14 +00:00
Ross McIlroy
3a00ba5f1a [Compile] Refactor UnoptimizedCompilationJob to use BackgroundCompilerTask
This CL makes UnoptimizedCompilationJob a simple proxy for
BackgroundCompilerTask. A follow-up CL will remove UnoptimizedCompilationJob
entirely and have CompilerDispatcher deal directly with BackgroundCompilerTasks

BUG=v8:8041, v8:8015

Change-Id: Ia53d05c015c4ca2ee32a4d1c5d0c65edb3caeda8
Reviewed-on: https://chromium-review.googlesource.com/1236257
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56212}
2018-09-25 14:23:54 +00:00
Creddy
eccf186749 [interpreter] Separate bytecodes for one-shot property loads and stores
Create LdaNamedPropertyNoFeedback and StaNamedPropertyNoFeedback
for one-shot property loads and stores. This CL replaces the runtime
calls with new bytecodes for named property load stores in one-shot code.
the runtime calls needed extra set of consecutive registers and
additional move instructions. This increased the size of
bytecode-array and possibly extended the life time of objects.
By replacing them with NoFeedback bytecodes we avoid these issues.

Bug: v8:8072
Change-Id: I20a38a5ce9940026171d870d354787fe0b7c5a6f
Reviewed-on: https://chromium-review.googlesource.com/1196725
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Chandan Reddy <chandanreddy@google.com>
Cr-Commit-Position: refs/heads/master@{#56211}
2018-09-25 13:53:53 +00:00
Georg Neis
74b40e34d5 [turbofan] Remove redundant isolate argument from typers.
This is just a cleanup.

Bug: v8:7790
Change-Id: Ic0114451159b8c504f527f3cf3bdaed6a8cc8741
Reviewed-on: https://chromium-review.googlesource.com/1243103
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56206}
2018-09-25 13:00:05 +00:00
Georg Neis
78dd1d0c69 [turbofan] Move typer into the background.
... if FLAG_concurrent_compiler_frontend is enabled.

Bug: v8:7790
Change-Id: I448560b21d54c8907e8cbf68bdaf8bbdf2b034df
Reviewed-on: https://chromium-review.googlesource.com/1241959
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56205}
2018-09-25 12:40:50 +00:00
Clemens Hammacher
141dd66713 [wasm][cleanup] Use AddressRange instead of std::pair
In the wasm code manager unittest, use the more specific AddressRange
class instead of a generic std::pair.
Also, rename the two {CheckLooksLike} methods to capture what they
actually check ({CheckPool} and {CheckRange}).

R=ahaas@chromium.org

Bug: v8:8015
Change-Id: Ia02523eabb1ddd8a3e8a255cc3987017b8338721
Reviewed-on: https://chromium-review.googlesource.com/1240135
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56176}
2018-09-24 14:46:15 +00:00
Dan Elphick
d235f550ab [deprecation] Deprecate ToBoolean(Local<Context>)
ToBoolean and BooleanValue cannot throw exceptions so the Maybe versions
of the functions don't make sense. As such this deprecates the Maybe
versions and undeprecates ToBoolean(Isolate*). It also adds
BooleanValue(Isolate*).

Fix up all of the v8 code to not use the deprecated functions.

Bug: v8:7279, v8:8015
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I50e7474d205c75baa153f0dea7f02dcf60232d1d
Reviewed-on: https://chromium-review.googlesource.com/1238476
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56163}
2018-09-24 12:02:09 +00:00
Aseem Garg
cc4bd49117 [wasm] fix name section errors
This CL ignores multiple name sections in wasm modules instead throwing an error.
This is in line with the spec with regards to custom sections.

BUG=v8:8186
R=clemensh@chromium.org,adamk@chromium.org

Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I8c6610afe389d8f8d03f9fca164bd46cb5fb030d
Reviewed-on: https://chromium-review.googlesource.com/1232676
Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56152}
2018-09-21 20:35:25 +00:00
Igor Sheludko
4d6a01c15d [cleanup] Introduce STRUCT_MAPS_LIST generated from STRUCT_LIST.
In order to workaround MSVC compilation issue this CL explicitly adds _TYPE
suffixes to struct instance type names in STRUCT_LIST.

Bug: v8:8015
Change-Id: If71a26e4cbd41bc7372bf127bd050159d0d324ce
Reviewed-on: https://chromium-review.googlesource.com/1238496
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56149}
2018-09-21 16:10:34 +00:00
Benedikt Meurer
74adec5b3b [cleanup] Remove obsolete runtime functions.
Remove %ToPrimitive, %ToPrimitive_Number, %SameValue and %SameValueZero,
as these runtime functions were only used from tests. For the %SameValue
we use Object.is() to test the internal algorithm (the actual one even),
and for %SameValueZero we use Set#has() - this was already the case for
most uses anyways.

Also drop %IsDate and %ValueOf, which didn't have uses at all.

Bug: v8:8015
Change-Id: Ice26d25e68aed4d5d8adac0547c56aedf9826b13
Reviewed-on: https://chromium-review.googlesource.com/1237677
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56127}
2018-09-21 10:59:12 +00:00
Benedikt Meurer
3978bb02f7 [turbofan] Remove unused JSToInteger operator.
The JSToInteger operator is not used anywhere in TurboFan nowadays, so
no point in keeping the dead code in the tree.

Bug: v8:8015
Change-Id: If03ba63c4b932ba0aac60b9bbc89fee3909a93c6
Reviewed-on: https://chromium-review.googlesource.com/1238238
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56126}
2018-09-21 10:54:07 +00:00
Jakob Gruber
c63cbbdd98 Remove --lazy-handler-deserialization flag
Handlers were recently moved to the builtins table, and we never added
full support for this flag. It doesn't add much value and lazy
deserialization is scheduled for mid-term removal anyways, so let's
just delete it.

--lazy-deserialization now controls both builtin- and
handler-deserialization behavior.

Bug: v8:6624
Change-Id: Iffb7286a00157966abf99158ba629ce4765536d6
Reviewed-on: https://chromium-review.googlesource.com/1238235
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56117}
2018-09-21 09:15:23 +00:00
Jakob Kummerow
9ed4b96578 Fix building with GCC 7.x and 8.x
GCC 7.x doesn't like it (-Werror=subobject-linkage) when a class
either derives from a class or has a member field of a type that
was declared in an anonymous namespace.
It is also opposed (-Werror=attributes) to visibility attributes
being defined at explicit template instantiations.
GCC 8.x further has reservations (-Werror=class-memaccess) about
letting memset/memcpy modify areas within non-POD objects.

Change-Id: Ic5107bb5ee3af6233e3741e3ef78d03a0a84005a
Reviewed-on: https://chromium-review.googlesource.com/1208306
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56106}
2018-09-21 01:12:25 +00:00
Ross McIlroy
07a35d28f2 Merge UnoptimizedCompileJobTest::CompileFailureToFinalize and UnoptimizedCompileJobTest::CompileFailureToAnalyse
They both do the same thing, and UnoptimizedCompileJobTest.CompileFailureToFinalize was
failing on arm due to stack size parameters.

BUG=v8:8041

No-Presubmit: true
No-Tree-Checks: true
No-Try: true

Change-Id: I2506aed026420c2634d5cd41b0dc268debb512eb
Reviewed-on: https://chromium-review.googlesource.com/1236814
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56099}
2018-09-20 16:28:05 +00:00
Ross McIlroy
80195fc58d [Compile] Refactor CompilerDispatcher for inner function compilation jobs
Refactors the CompilerDispatcher to be able to enqueue eager inner functions
for off-thread compilation during top-level compilation of a script.

Unoptimized compile jobs are simplified to only have two phases - compile
and finalization. Only finalization requires heap access (and therefore
needs to be run on the main thread). The change also introduces a requirement
to register a SFI with a given compile job after that job is posted, this
is due to the fact that an SFI won't necessarily exist at the point the job
is posted, but is created later when top-level compile is being finalized.
Logic in the compile dispatcher is update to deal with the fact that a job
may not be able to progress if it doesn't yet have an associated SFI
registered with it.

BUG=v8:8041

Change-Id: I66cccd626136738304a7cab0e501fc65cf342514
Reviewed-on: https://chromium-review.googlesource.com/1215782
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56088}
2018-09-20 14:06:39 +00:00
Benedikt Meurer
3a9466a89c [turbofan] Unify RedundancyElimination for speculative number operations.
Remove the NumberConstant right hand side limitation for the speculative
number operation optimization, and extend the logic to also deal with
SpeculativeToNumber, which is common when dealing with postfix increment
and array operations.

Also add appropriate tests for all the relevant cases, specifically we
mjsunit tests to increase the general coverage for the various cases
here (in addition to dedicated unittests).

Bug: v8:8015
Change-Id: I8c92f98490c63b07eb19686efd404322979e57c4
Reviewed-on: https://chromium-review.googlesource.com/1235919
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56072}
2018-09-20 12:08:55 +00:00
Florian Sattler
c7c3571956 [cleanup] Refactor base, compiler, and wasm classes to use bools instead of converting ints.
Fixing clang-tidy warning.

Bug: v8:8015
Change-Id: I5686fa0c1ed73b17f592a012b00c08c575ae5387
Reviewed-on: https://chromium-review.googlesource.com/1234234
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Florian Sattler <sattlerf@google.com>
Cr-Commit-Position: refs/heads/master@{#56062}
2018-09-20 09:14:25 +00:00
Benedikt Meurer
4491072507 [turbofan] Fix RedundancyElimination and add more test coverage.
Make the RedundancyElimination handle all simplified operators that are
listed in the SIMPLIFIED_CHECKED_OP_LIST, and fix a couple of bugs and
oversights in the code. This also adds a lot of test coverage for all
the cases that we care about in RedundancyElimination (with respect to
Check/Checked simplified operators).

Bug: v8:8015
Change-Id: I57d29113389841b09abcd013313bf5dd1c67735f
Reviewed-on: https://chromium-review.googlesource.com/1233655
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56032}
2018-09-19 13:08:12 +00:00
Georg Neis
3f6612583e [turbofan] Don't create handle in JSHeapBroker::native_context.
Instead, remember the canonical handle during SerializeStandardObjects.

Bug: v8:7790
Change-Id: Id57d861e92088fbc64c05fbee1612376000c06c9
Reviewed-on: https://chromium-review.googlesource.com/1233494
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56029}
2018-09-19 12:47:20 +00:00
Maya Lekova
fef047a4a5 [turbofan] Implement constant folding of string concatenations
This CL implements the following design doc:
https://docs.google.com/document/d/1h5kdfemMQMpUd15PSKW1lqikJW5hsGwrmOvoqhGFRts/edit?ts=5b978756#heading=h.urs7r34mx9p

Bug: v8:7790
Change-Id: I5f758c6d906ea9275c30b28f339063c64a2dc8d8
Reviewed-on: https://chromium-review.googlesource.com/1221807
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56021}
2018-09-19 09:47:23 +00:00
Clemens Hammacher
7b43c4022b [wasm] Skip failing test on native arm/mips
The test allocates a code object of maximum size. This was recently
increased to 1GB. This makes the test run OOM on some native arm and
mips devices.

TBR=ahaas@chromium.org

No-Try: true
Change-Id: Ie6cc50e92493c341c3205e9a6efa547d3d489275
Reviewed-on: https://chromium-review.googlesource.com/1233333
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56013}
2018-09-19 06:06:58 +00:00
tzik
8a7adb0bc1 Use MicrotaskQueue class as the default microtask storage
This CL introduces the global default microtask queue as the replacement
of Heap::microtask_queue and Isolate::pending_microtask_count.

Bug: v8:8124
Change-Id: I0a6a7618a1a6ca7ceaf370dc15917a6b3690542c
Reviewed-on: https://chromium-review.googlesource.com/1226760
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56012}
2018-09-19 05:20:36 +00:00
Michael Lippautz
1f3802a1e7 [heap] Remove obsolete AbortTracing calls and deprecate interface
V8 does not abort incremental marking anymore.

Bug: chromium:843903
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Id39e9cf8ef2afc388bab2bbad1d458ee2649f8e8
Reviewed-on: https://chromium-review.googlesource.com/1226889
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56009}
2018-09-19 05:17:21 +00:00
Clemens Hammacher
c8fe898dd8 [wasm] Track code reservations in the WasmMemoryTracker
The WasmMemoryTracker keeps track of reserved memory in order to avoid
running out of virtual address space. So far, we were only tracking
reservations for wasm memory, and not for code. This CL changes that to
also include code reservations.

Drive-by: Some cleanup around the allocation of the WasmCodeManager.

R=titzer@chromium.org

Bug: chromium:883639
Change-Id: I0c2586a742022ae00752132e048346d54e2a1a7c
Reviewed-on: https://chromium-review.googlesource.com/1230134
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56001}
2018-09-18 16:07:45 +00:00
Florian Sattler
6df4c37779 [cleanup] Mark heap/ methods in subclasses with override.
Fixing clang-tidy warning.

Bug: v8:8015
Change-Id: Ibdb4b81e1ba764d73bac6592eeef5783097076fc
Reviewed-on: https://chromium-review.googlesource.com/1225896
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Florian Sattler <sattlerf@google.com>
Cr-Commit-Position: refs/heads/master@{#55965}
2018-09-17 15:32:31 +00:00
Adam Klein
83db8c3698 [iwyu] Don't include microtask-queue-inl.h from objects-inl.h
Instead include it in the files that need to use it.

Change-Id: I2321f423ddcc1c0e779332c2e7d1a372bfb4ebbb
Reviewed-on: https://chromium-review.googlesource.com/1227305
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55964}
2018-09-17 15:29:51 +00:00
Igor Sheludko
69621ef0c1 [cleanup] Introduce base::AddressRegion helper class
Bug: v8:8015
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I2ce078b662e3dd93e0fac310b0d73c4cadbaccb3
Reviewed-on: https://chromium-review.googlesource.com/1226640
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55957}
2018-09-17 13:02:54 +00:00
Florian Sattler
2c97e1458f [cleanup] Refactor compiler to use default members.
Fixing clang-tidy warning.

Bug: v8:8015
Change-Id: I7d885f0e2ba3cdf97de190166dc4cdd24dc0c11e
Reviewed-on: https://chromium-review.googlesource.com/1224091
Commit-Queue: Florian Sattler <sattlerf@google.com>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55956}
2018-09-17 12:12:21 +00:00
Creddy
aaab2907cc [Interpreter] Create and use CallNoFeedback bytecode for one-shot code
We do not have to collect feedback for function calls in one-shot code.
This CL avoids allocating CallICslots for each function call by
emitting CallNoFeedback bytecodes. We save one CallICSlot (two entries
in feedback vector) per function call in One-shot.

Bug: v8:8072
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ic2580e5972acd5124c2e71d540985736ce797fe8
Reviewed-on: https://chromium-review.googlesource.com/1178051
Commit-Queue: Chandan Reddy <chandanreddy@google.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55951}
2018-09-17 11:28:25 +00:00
Georg Neis
f5274a0381 [turbofan] Serialize PropertyCell fields.
Bug: v8:7790
Change-Id: I993d04e6ca6b8986749bb3782113ef928952995b
Reviewed-on: https://chromium-review.googlesource.com/1226975
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55945}
2018-09-17 09:41:26 +00:00
Florian Sattler
756d12c172 [cleanup] Mark wasm methods in subclasses with override.
Fixing clang-tidy warning.

Bug: v8:8015
Change-Id: If115a71b1c57eecdec7c57d3613a4f0bd90f2e66
Reviewed-on: https://chromium-review.googlesource.com/1226791
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Florian Sattler <sattlerf@google.com>
Cr-Commit-Position: refs/heads/master@{#55944}
2018-09-17 09:38:05 +00:00
Georg Neis
ec55c1ff3d [turbofan] Serialize more Map fields.
... as well as ScopeInfo::ContextLength.

Bug: v8:7790
Change-Id: I3ca8b6f252d96b21d0990f8fc08e076eeeea4176
Reviewed-on: https://chromium-review.googlesource.com/1226973
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55939}
2018-09-17 09:00:19 +00:00
Florian Sattler
0c789aa57f [cleanup] Mark compiler methods in subclasses with override.
Fixing clang-tidy warning.

Bug: v8:8015
Change-Id: I5164899da0994a855182ed203572c5984ab87449
Reviewed-on: https://chromium-review.googlesource.com/1227070
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Florian Sattler <sattlerf@google.com>
Cr-Commit-Position: refs/heads/master@{#55938}
2018-09-17 08:51:47 +00:00
Benedikt Meurer
0c296cb229 [turbofan] Initial support to compute NumberAdd/NumberSubtract in Word64.
This change introduces the necessary conversion operators to convert
from Word64 to other representations (Tagged, Word32, Float64, etc.),
and plugs in the Word64 representation for NumberAdd/NumberSubtract,
such that TurboFan will go to Int64Add/Sub on 64-bit architectures
when the inputs and the output of the operation is in safe integer
range. This includes the necessary changes to the Deoptimizer to be
able to rematerialize Int64 values as Smi/HeapNumber when going back
to Ignition later.

This change might affect performance, although measurements indicate
that there should be no noticable performance impact.

The goal is to have TurboFan support Word64 representation to a degree
that changing the TypedArray length to an uint64_t (for 64-bit archs)
becomes viable and doesn't have any negative performance implications.
Independent of that we might get performance improvements in other areas
such as for crypto code later.

Bug: v8:4153, v8:7881, v8:8171, v8:8178
Design-Document: bit.ly/turbofan-word64
Change-Id: I29d56e2a31c1bae61d04a89d29ea73f21fd49c59
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel
Reviewed-on: https://chromium-review.googlesource.com/1225709
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55937}
2018-09-17 08:32:04 +00:00
Benedikt Meurer
b8e554d53c [turbofan] Properly constant-fold Float64 comparisons.
While investigating crbug.com/878742 I found that somehow the
MachineOperatorReducer lacks the ability to constant-fold
comparisons of Float64 constants, which obviously leads to
pretty weird code.

Bug: v8:8015
Change-Id: I7e18ce10e9d5c87f131fb083ccd3e1e336189dae
Reviewed-on: https://chromium-review.googlesource.com/1226132
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55935}
2018-09-17 08:29:54 +00:00
Florian Sattler
df5263b0c0 [cleanup] Mark test/ methods in subclasses with override.
Fixing clang-tidy warning.

Bug: v8:8015
Change-Id: I6bd8e0c8c1965f22a3429fda12bc70ae454c39c2
Reviewed-on: https://chromium-review.googlesource.com/1226978
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Florian Sattler <sattlerf@google.com>
Cr-Commit-Position: refs/heads/master@{#55930}
2018-09-17 07:40:00 +00:00
Igor Sheludko
37d87f610f [ptr-compr] Introduce BoundedPageAllocator and use it instead of CodeRange.
This is a reland of 16816e53be

Bug: v8:8096
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I257fc391931a0a4bf01f2e8136183aaed044231c
Reviewed-on: https://chromium-review.googlesource.com/1226915
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55928}
2018-09-15 22:25:40 +00:00