Commit Graph

42543 Commits

Author SHA1 Message Date
Benedikt Meurer
5fe0c6c63e [test] Increase for..in test coverage for optimized code.
Bug: v8:6702
Change-Id: I6e2fc1a56035b9841ad5c71504b74a89d7259ad1
Reviewed-on: https://chromium-review.googlesource.com/651366
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47851}
2017-09-06 13:57:32 +00:00
Mike Stanton
170a6266c2 Fix broken Array JSTests.
JSTests.json had some poor/wrong settings.

Bug: 
Change-Id: Id30589ba2392d2561037fd55d9e77a31ca6c7ad9
Reviewed-on: https://chromium-review.googlesource.com/649534
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47850}
2017-09-06 13:29:22 +00:00
Caitlin Potter
6ec1dbfc6d [cleanup] don't push useless nullptr on ia32/x64 JSEntryStub
The stack value is unused and does not need to be pushed or popped on
return from JSEntryTrampoline

Bug: 
Change-Id: I0e1920fc48b63cb0eea66454e5b74d9b3c2d5956
Reviewed-on: https://chromium-review.googlesource.com/650810
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47849}
2017-09-06 13:24:07 +00:00
Yang Guo
b49050c83e [js] turn MinSimple/MaxSimple into macros.
Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: I1a9561adc44ee1d8a6b68c36604992261c490043
Reviewed-on: https://chromium-review.googlesource.com/651414
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47848}
2017-09-06 12:20:19 +00:00
Clemens Hammacher
9e995e12ca [assembler] Make Register et al. real classes
Up to now, each architecture defined all Register types as structs,
with lots of redundancy. An often found comment noted that they cannot
be classes due to initialization order problems. As these problems are
gone with C++11 constexpr constants, I now tried making Registers
classes again.
All register types now inherit from RegisterBase, which provides a
default set of methods and named constructors (like ::from_code,
code(), bit(), is_valid(), ...).
This design allows to guarantee an interesting property: Each register
is either valid, or it's the no_reg register. There are no other
invalid registers. This is guaranteed statically by the constexpr
constructor, and dynamically by ::from_code.

I decided to disallow the default constructor completely, so instead of
"Register reg;" you now need "Register reg = no_reg;". This makes
explicit how the Register is initialized.

I did this change to the x64, ia32, arm, arm64, mips and mips64 ports.
Overall, code got much more compact and more safe. In theory, it should
also increase performance (since the is_valid() check is simpler), but
this is probably not measurable.

R=mstarzinger@chromium.org

Change-Id: I5ccfa4050daf4e146a557970e9d37fd3d2788d4a
Reviewed-on: https://chromium-review.googlesource.com/650927
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47847}
2017-09-06 12:13:09 +00:00
sreten.kovacevic
8f3ba46a6e MIPS[64]: Port: [Atomics] Make Atomics.exchange a builtin using TF and [Atomics] Make Atomics.compareExchange a builtin using TF
Port 301c12376e and 82b5c8c944

Implemented exchange and compareExchange atomics.

Bug: 
Change-Id: I11a0d3d608ecf809c7947dd560884c6451dcdb3c
Reviewed-on: https://chromium-review.googlesource.com/649186
Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com>
Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com>
Cr-Commit-Position: refs/heads/master@{#47846}
2017-09-06 11:49:18 +00:00
Jaroslav Sevcik
ae28e0cff1 Revert "[turbofan] Reland^2 "Polymorphic inlining - try merge map check dispatch with function call dispatch.""
This reverts commit 8cf4aafc21.

Reason for revert: Likely crashes Canary.

https://crash.corp.google.com/browse?q=product.name%3D%27Chrome_Mac%27%20AND%20product.version%3D%2763.0.3207.0%27%20AND%20custom_data.ChromeCrashProto.channel%3D%27canary%27%20AND%20custom_data.ChromeCrashProto.ptype%3D%27renderer%27%20AND%20custom_data.ChromeCrashProto.magic_signature_1.name%3D%27v8%3A%3Ainternal%3A%3Acompiler%3A%3AGraphTrimmer%3A%3ATrimGraph%27&sql_dialect=dremelsql&ignore_case=false&enable_rewrite=true&omit_field_name=&omit_field_value=&omit_field_opt=%3D&unnest=

Original change's description:
> [turbofan] Reland^2 "Polymorphic inlining - try merge map check dispatch with function call dispatch."
> 
> This reverts commit e26e6d8857.
> 
> Bug: chromium:758096
> Change-Id: I1d8ecda995c93c84a9a3c24da041fdb730dbd3b2
> Reviewed-on: https://chromium-review.googlesource.com/628169
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47812}

TBR=jarin@chromium.org,tebbi@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: chromium:758096
Change-Id: I96b62d08efa25ac1ead30e08401919d42a20ca1b
Reviewed-on: https://chromium-review.googlesource.com/652370
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47845}
2017-09-06 11:41:28 +00:00
jing.bao
ac2801f132 [x64] Eliminate redundant code in RecordWriteStub
Do conditional jump based on the second instruction rather than
generate similar assembly code twice.

Bug: 
Change-Id: I8c10f3415f213f88d8222a92671e7104c65befdc
Reviewed-on: https://chromium-review.googlesource.com/634631
Commit-Queue: Jing Bao <jing.bao@intel.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47844}
2017-09-06 08:50:36 +00:00
Franziska Hinkelmann
9865b356bc [api] Do not re-use PropertyCallbackArguments
args.Call() sets a return value on args. Do not reuse the
same args object, otherwise the return value might be from the previous Call().

Bug: v8:6627
Change-Id: I05fb2d8036f94908a492d46cc5d746bc145e419e
Reviewed-on: https://chromium-review.googlesource.com/651407
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Franziska Hinkelmann <franzih@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47843}
2017-09-06 08:31:56 +00:00
Michael Starzinger
8e02d4fd39 [frames] Remove obsolete {FrameSummary::Mode} support.
R=jarin@chromium.org
BUG=v8:6409

Change-Id: Ia0a04ad920b7b5c87e175ba0bcd604ef1e855f0c
Reviewed-on: https://chromium-review.googlesource.com/649727
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47842}
2017-09-06 08:05:49 +00:00
Mircea Trofin
4dd0d71277 [wasm] Correctly delete global handles to tables
We weren't deleting them correctly - the intention was to delete
them when an instance is finalized; the code was deleting them
only for the last instance in a chain of instances.

Bug: 
Change-Id: I177a64ac9f10a4993927d9654c032cb3f22eca51
Reviewed-on: https://chromium-review.googlesource.com/651238
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47841}
2017-09-06 06:23:16 +00:00
Anisha Rohra
1902b5a99f s390/PPC: Remove weak-list of optimized JS functions.
Port f0acede9bb

This CL removes the weak-list of JS functions from the context
and all the code that iterares over it. This list was being used
mainly during deoptimization (for code unlinking) and during
garbage collection. Removing it will improve performance of
programs that create many closures and trigger many scavenge GC
cycles.

No extra work is required during garbage collection. However,
given that we no longer unlink code from JS functions during
deoptimization, we leave it as it is, and on its next activation
we check whether the mark_for_deoptimization bit of that code is
set, and if it is, than we unlink it and jump to lazy compiled
code. This check happens in the prologue of every code object.

We needed to change/remove the cctests that used to check
something on this list.

R=bjaideep@ca.ibm.com, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I8007a837d43b6a339789cfd727e81ad7f4ac3ae1
Reviewed-on: https://chromium-review.googlesource.com/651891
Reviewed-by: Jaideep Bajwa <bjaideep@ca.ibm.com>
Commit-Queue: Jaideep Bajwa <bjaideep@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#47840}
2017-09-06 03:32:52 +00:00
Jakob Kummerow
8d7379c066 [modules] Turbofan inlining support for namespace accesses
Bug: v8:1569
Change-Id: I84317ce1ac145b69caa26452721f71aac88f219e
Reviewed-on: https://chromium-review.googlesource.com/636699
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47839}
2017-09-05 20:11:09 +00:00
Franziska Hinkelmann
b6bf9ad92d Reland "[api] Add test for EnumeratorCallback and for...in."
This is a reland of 56772de7f9
Original change's description:
> [api] Add test for EnumeratorCallback and for...in.
> 
> If a QueryCallback is present, it is used to
> filter the result from the EnumeratorCallback for
> enumerable properties. This tests assures that
> for...in loops work correctly with these interceptors.
> 
> Bug: v8:6627
> Change-Id: I1e568beac1e138a330034492b87bd49c22e0c804
> Reviewed-on: https://chromium-review.googlesource.com/609982
> Commit-Queue: Franziska Hinkelmann <franzih@chromium.org>
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47445}

TBR=adamk@chromium.org

Bug: v8:6627
Change-Id: I509016a879d175b01f7cc7918758354fe0df8ebf
Reviewed-on: https://chromium-review.googlesource.com/650906
Reviewed-by: Franziska Hinkelmann <franzih@chromium.org>
Commit-Queue: Franziska Hinkelmann <franzih@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47838}
2017-09-05 18:46:30 +00:00
Deepti Gandluri
a636fcc9d2 [wasm] Fix tables bounds check, add Table.Grow tests
BUG=v8:6749

R=titzer@chromium.org

Change-Id: I4ac2ac8d8ca98d71dbc5a86c3cca268cd836997c
Reviewed-on: https://chromium-review.googlesource.com/645146
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47837}
2017-09-05 18:24:39 +00:00
Jakob Kummerow
cfcdeab002 [storeic] Drop duplicate stubs for each LanguageMode
Only the error cases of overwriting readonly properties need the
language_mode to decide whether to throw or be silent. Reading it
from the feedback vector's metadata (just like the C++ code in
ic.cc does) removes the need to duplicate each stub for each
language_mode ("StoreIC" + "StoreICStrict" etc.).

Change-Id: Ic0c67f9d40ca36c65e41b4f162b2ab70d155e549
Reviewed-on: https://chromium-review.googlesource.com/647373
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47836}
2017-09-05 18:00:39 +00:00
Jakob Kummerow
62fee3b64c [compiler] Add missing "break" in switch statement
AFAICT this doesn't currently change observable behavior, but should
be fixed nonetheless.

Change-Id: I1dce90ae5bcad39d7d54dddd2559bd7f7ccbb095
Reviewed-on: https://chromium-review.googlesource.com/648354
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47835}
2017-09-05 17:52:49 +00:00
Clemens Hammacher
9ab9fbf1dd [wasm] Make ModuleCompiler::CompileToModuleObject static
The current usage pattern is always to allocate a {ModuleCompiler}, then
call {CompileToModuleObject}, then deallocate the {ModuleCompiler}.
Hence, the method can be made static and allocate the {ModuleCompiler}
internally.
This also gives back a reason for the existence of
{CompileToModuleObjectInternal}.

R=ahaas@chromium.org

Change-Id: Iac1ba28421ade6728046c0b9a6e9fc249a349491
Reviewed-on: https://chromium-review.googlesource.com/650386
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47834}
2017-09-05 17:47:14 +00:00
Adam Klein
f9cbfafac6 [ast] Inline one DCHECK caller of IsValidReferenceExpressionOrThis()
Also further tighten-up that calling DCHECK in BytecodeGraphBuilder,
and narrow the other caller to IsValidReferenceExpression.

Bug: v8:6092
Change-Id: I432a3d6f5991f2d1adf4f4f86e80d6ed8be5a0e8
Reviewed-on: https://chromium-review.googlesource.com/648196
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47833}
2017-09-05 17:46:09 +00:00
Jaideep Bajwa
fbd1d1ad25 PPC: Fix register corruption
Fix register corruption and save constant pool register.

R=joransiu@ca.ibm.com, jyan@ca.ibm.com
BUG=
LOG=N

Change-Id: I278b7f9a60e10c5347cdfba52432837f68c82836
Reviewed-on: https://chromium-review.googlesource.com/649812
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#47832}
2017-09-05 17:29:34 +00:00
Franziska Hinkelmann
43bb277898 [api] Use query interceptor in Object.keys().
The V8 API provides interceptors. They are not part of the
EcmaScript specification. But their behavior should be consistent.
For example, when an EnumeratorInterceptor is defined, Object.keys(),
Object.entries(), and Object.values() should all have the
same number of entries.

This CL creates consistent behavior among these
functions. If a QueryCallback is present, it is used to
filter the result from the EnumeratorCallback for
enumerable properties.

Bug: v8:6627
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I4f4271ddeb99a5e85918148c5033923c149b9468
Reviewed-on: https://chromium-review.googlesource.com/649786
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Franziska Hinkelmann <franzih@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47831}
2017-09-05 17:28:29 +00:00
Adam Klein
8e74542d7e [cleanup] Move ArrayIteratorKind enum to its only use in js-builtin-reducer
Change-Id: I891ff57b7a3a47e3371269b123705cdf6391499b
Reviewed-on: https://chromium-review.googlesource.com/648513
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47830}
2017-09-05 17:17:39 +00:00
Jakob Kummerow
c9532eb617 [gm.py] Detect --csa-trap-on-node in failure output
And add the helpfully suggested flag to the GDB re-run of mksnapshot.

NOTRY=true

Change-Id: I52011aa580c8d3e557f869b8306b9b978c73b946
Reviewed-on: https://chromium-review.googlesource.com/647693
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47829}
2017-09-05 16:48:59 +00:00
Leszek Swirski
2c524b0ca9 [runtime] Add --trace-interrupts flag
Add a flag which traces which interrupts are being handled by the
StackGuard's HandleInterrupts function.

Change-Id: I18fcf58b03cf6c255d7457d8a55b0a0dadb00931
Reviewed-on: https://chromium-review.googlesource.com/649530
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47828}
2017-09-05 16:33:00 +00:00
Mircea Trofin
e11cee846f [wasm] Rename the APIs that unwrap exports from other instances.
The renames capture what the item being unwrapped is - it's always
a js-to-wasm wrapper, which is more closely captured by "export" rather
than "import".

Bug: 
Change-Id: Iffc3d8cb9037afc2d32885301fd13fc12b8277ce
Reviewed-on: https://chromium-review.googlesource.com/648005
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47827}
2017-09-05 16:26:39 +00:00
Ross McIlroy
30f08f39f9 [Interpreter] Remove InterpreterExitTrampoline.
Always return to the InterpreterEntryTrampoline rather than calling the
InterpreterExitTrampoline from the Return bytecode handler. This fixes a
regression which occured if we upset the call/return stack by skipping the
return to the InterpreterEntryTrampoline from the return bytecode handler.

BUG=chromium:759390,chromium:753705

Change-Id: Ib625654a4a5072ac6c8d8e9611d1b9c0bbced4ca
Reviewed-on: https://chromium-review.googlesource.com/649517
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47826}
2017-09-05 16:20:39 +00:00
Mostyn Bramley-Moore
07660a1cf8 jumbo: avoid arm64 macro redefinition errors
Bug: chromium:746958
Change-Id: I4e23608995952efd0f0bd73d9bf4f9a3fc84d478
Reviewed-on: https://chromium-review.googlesource.com/650256
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Mostyn Bramley-Moore <mostynb@opera.com>
Cr-Commit-Position: refs/heads/master@{#47825}
2017-09-05 16:12:59 +00:00
Jaroslav Sevcik
4bce2509a8 [turbofan] Fix truncation for number feedback.
Checked number is not automatically truncating to float64.

Bug: chromium:761892
Change-Id: I34bd5d7867cd38b2be18cd39a810605603f515e2
Reviewed-on: https://chromium-review.googlesource.com/649513
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47824}
2017-09-05 14:48:08 +00:00
jgruber
0e4f6007e2 [builtins] Remove most Builtins::Name usages in API
Using the Builtins::Name type doesn't give use any range safety benefits
over simply using int id's, and it complicates use sites by always
forcing a static_cast<Builtins::Name>(id).

Bug: v8:6624
Change-Id: Id5fcf6800c781c637145ab1d00d821f9ad473321
Reviewed-on: https://chromium-review.googlesource.com/650247
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47823}
2017-09-05 13:13:49 +00:00
Jaroslav Sevcik
095de95be1 [interpreter] printing: output the native context index as string
Bug: 
Change-Id: Iedd273d517e2ee2e548a5e9732689114800e6128
Reviewed-on: https://chromium-review.googlesource.com/649749
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47822}
2017-09-05 12:57:09 +00:00
Michael Achenbach
2bc439279e [build] Fix swarming_client DEPS url
The repo url changed recently in Chromium, which breaks the V8 DEPS roller.

This uses the same url like Chromium again.

TBR=yangguo@chromium.org

Change-Id: Iffb9daa8380d111e77ebcef1da58082e346c1e4a
Reviewed-on: https://chromium-review.googlesource.com/650348
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47821}
2017-09-05 11:35:08 +00:00
Maya Lekova
affdc80880 Remove unnecessary check in StoreProxy
Bug: v8:6560, chromium:761639
Change-Id: Idf546f53b20387670e42187692e702ba5e9eab73
Reviewed-on: https://chromium-review.googlesource.com/647550
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Maya Lekova <mslekova@google.com>
Cr-Commit-Position: refs/heads/master@{#47820}
2017-09-05 10:58:18 +00:00
Leszek Swirski
76960c052e [ignition] Remove code-size multiplier
Now that FCG is gone, we don't need to have a code-size multiplier to
distinguish Ignition and FCG code sizes.

Bug: v8:6409
Change-Id: I05e5fa2483bfc17e91de22736b66ad27a5aab49b
Reviewed-on: https://chromium-review.googlesource.com/649149
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47819}
2017-09-05 10:12:18 +00:00
jgruber
79aee24581 [builtins] Implement lazy deserialization for TFJ builtins
This adds support for lazy deserialization of JS-linkage (TFJ) builtins,
still gated behind the --lazy-deserialization flag. If enabled, we
proceed as follows:

During isolate initialization, only eager builtins are deserialized. All
references to lazy builtins are replaced by the DeserializeLazy builtin.
In particular, this happens in the builtin table (Builtins::builtins_)
and in SharedFunctionInfo objects.

When calling into a not-yet deserialized function (i.e. the JSFunction's
code object is the DeserializeLazy builtin), the DeserializeLazy builtin
takes over.  It checks the builtin table to see if the target builtin
(determined by looking at the builtin id stored on the
SharedFunctionInfo) has already been deserialized. If so, it simply
copies the builtin code object to the JSFunction and SharedFunctionInfo.
Otherwise, we enter Runtime::kDeserializeLazy to deserialize the
builtin.

With --lazy-deserialization, isolate deserialization is 11% faster
(1.5ms vs.  1.7ms), and code_space->Size() is 33% lower (984K vs.
1475K).

Moving relocation infos & handler tables out of the partial snapshot
cache would additionally let us save up to 30K per isolate. Adding code
stubs to that list increases further potential savings to 262K.

Bug: v8:6624
Change-Id: I0ac7d05d165d2466998269bd431ac076a311cbeb
Reviewed-on: https://chromium-review.googlesource.com/649166
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47818}
2017-09-05 10:02:08 +00:00
Andreas Haas
bec2473677 [wasm] Update the wasm spec tests
R=titzer@chromium.org

Change-Id: I0be772d52b561e8664e128a9fb2c291256b2e9c2
Reviewed-on: https://chromium-review.googlesource.com/650287
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47817}
2017-09-05 09:44:48 +00:00
Mythri
60e127d4b2 Remove type feedback check from tiering up decisions for Ignition.
This cl: https://chromium-review.googlesource.com/c/538614/ changes the
number of ticks required for tiering up based on the size of function. An
earlier cl: https://chromium-review.googlesource.com/c/529165/ also resets
ticks when type feedback changes. So, it is reasonable to assume that a
function which has necessary number of ticks has the required type feedback
for optimizing. Hence, removing the check for type feedback from the tierinup
decision.

Bug: 
Change-Id: Ia350ad4dfba5f93f1a17bdc0c309bf6b41b0c1c9
Reviewed-on: https://chromium-review.googlesource.com/647851
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47816}
2017-09-05 09:25:28 +00:00
Ben L. Titzer
b8cdefb181 [frames] Simplify frames.h by inlining or removing single-use utilities.
R=petermarshall@chromium.org

Bug: 
Change-Id: Id7187d9e323951e66655d1c6df4676a8e94787dd
Reviewed-on: https://chromium-review.googlesource.com/649247
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47815}
2017-09-05 08:23:56 +00:00
Yang Guo
29691f8063 [snapshot] correctly clear feedback vector before serialization.
R=jgruber@chromium.org

Bug: v8:6422
Change-Id: Ib1075259325627451060b3a0a41cad5c917dc30e
Reviewed-on: https://chromium-review.googlesource.com/650246
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47814}
2017-09-05 08:20:16 +00:00
Daniel Bevenius
75bbd19fda Remove unused CodeAndVector struct
I could not find any usage of this struct and it is in the internal
namespace so I though it might be safe to remove it.

Bug: 
Change-Id: I85d605712ab1ab3218eb03ed4d3b5fc0e541e21a
Reviewed-on: https://chromium-review.googlesource.com/641270
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47813}
2017-09-05 07:42:39 +00:00
Jaroslav Sevcik
8cf4aafc21 [turbofan] Reland^2 "Polymorphic inlining - try merge map check dispatch with function call dispatch."
This reverts commit e26e6d8857.

Bug: chromium:758096
Change-Id: I1d8ecda995c93c84a9a3c24da041fdb730dbd3b2
Reviewed-on: https://chromium-review.googlesource.com/628169
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47812}
2017-09-05 07:32:16 +00:00
Yang Guo
f554b1544f Reland "[d8] implement setTimeout."
This is a reland of c0e4e79ba4
Original change's description:
> [d8] implement setTimeout.
> 
> R=ahaas@chromium.org, jarin@chromium.org
> 
> Bug: v8:6770
> Change-Id: Iebf4dc9f2dd75079c5362e02d859c48e2113cf20
> Reviewed-on: https://chromium-review.googlesource.com/643067
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47780}

Bug: v8:6770
Change-Id: I765b64cc597aa48871c6b2dca95dec9de94a8511
Reviewed-on: https://chromium-review.googlesource.com/647754
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47811}
2017-09-05 07:30:46 +00:00
Marja Hölttä
2b6780dc17 [scanner] Don't use UnicodeCache for IsLineTerminator.
For such a simple predicate, calling a(n inline) function that checks against
the values is faster (*) than maintaining the cache.

(*) When scanning a file that contains only comments, we're basically calling
IsLineTerminator in a loop. Parsing such files is now 7-18% faster in local
experiments.

BUG=v8:6092

Change-Id: I6a8f2aba9669a76152292f4e6c7853638d15aae3
Reviewed-on: https://chromium-review.googlesource.com/645633
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47810}
2017-09-05 07:04:06 +00:00
Jaroslav Sevcik
6d72ccf7fb [turbofan] Introduce --trace-turbo-scheduled for printing scheduled graphs.
Bug: v8:5267
Change-Id: If2a36a53016f683b9eddb6cba76e3328cd69f98b
Reviewed-on: https://chromium-review.googlesource.com/649847
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47809}
2017-09-05 04:58:39 +00:00
Juliana Franco
f0acede9bb Remove weak-list of optimized JS functions.
This CL removes the weak-list of JS functions from the context
and all the code that iterares over it. This list was being used
mainly during deoptimization (for code unlinking) and during
garbage collection. Removing it will improve performance of
programs that create many closures and trigger many scavenge GC
cycles.

No extra work is required during garbage collection. However,
given that we no longer unlink code from JS functions during
deoptimization, we leave it as it is, and on its next activation
we check whether the mark_for_deoptimization bit of that code is
set, and if it is, than we unlink it and jump to lazy compiled
code. This check happens in the prologue of every code object.
 
We needed to change/remove the cctests that used to check
something on this list.
 
Working in x64, ia32, arm64, arm, mips64 and mips. 
 

Bug: v8:6637
Change-Id: Ica99a12fd0351ae985e9a287918bf28caf6d2e24
TBR: mstarzinger@chromium.org
Reviewed-on: https://chromium-review.googlesource.com/647596
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47808}
2017-09-05 04:30:19 +00:00
Juliana Franco
9f2641dfaf Cleanup on Compilation Info.
Removed one function that was needed for code patching during
deoptimization, and one function needed for full code gen.

Bug: v8:6563
Change-Id: Iea0c8a3d374cf315ac4903f4e84a7a2f11563b70
Reviewed-on: https://chromium-review.googlesource.com/649747
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47807}
2017-09-05 03:54:49 +00:00
Enrico Bacis
b4a1f7920d [tool] prevent crash in tools/perf-to-html.py
The perf tests results are used by tools/perf-to-html.py to generate
html pages. Since the results are used as divisors to compute
percentages, when the one of them happens to be zero, the script
crashes.  This CL prevent the crash and uses the text "NaN" instead of
the percentage.

R=machenbach@chromium.org
CC=​ahaas@chromium.org,clemensh@chromium.org

Bug: chromium:761816
Change-Id: I482a85150c8323a7a837e6d589feee88279831cd
Reviewed-on: https://chromium-review.googlesource.com/649626
Commit-Queue: Enrico Bacis <enricobacis@google.com>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47806}
2017-09-04 19:23:09 +00:00
Leszek Swirski
6441d234c4 [flags] Remove interrupt budget flag
Since ignition bakes the interrupt budget into the snapshot (the
bytecode handlers reset the current function's interrupt budget to a
constant value), we should remove the interrupt budget flag, which won't
actually change anything if used.

Change-Id: I9672b73fea7abb6c9b575d3963f107e2397f8e49
Reviewed-on: https://chromium-review.googlesource.com/649148
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47805}
2017-09-04 16:21:59 +00:00
Camillo Bruni
7abdadca0e Sprinkle some DisallowHeapAllocation
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I7d34ccddeea08f5935e360e8c36791365f27f89e
Reviewed-on: https://chromium-review.googlesource.com/647706
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47804}
2017-09-04 16:10:49 +00:00
Marja Hölttä
36d703778c [parser] Tentatively enable FLAG_preparser_scope_analysis.
... mainly to get more canary coverage.

BUG=v8:5516

Change-Id: I323e7ee867ff2340d28e55ff249298d8a91fbde1
Reviewed-on: https://chromium-review.googlesource.com/649207
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47803}
2017-09-04 16:05:39 +00:00
Clemens Hammacher
1c1457fa70 [jumbo] Add missing undefs
R=mstarzinger@chromium.org

Bug: chromium:746958
Change-Id: Id0afb27e88944a64bf301533fa164668294f8446
Reviewed-on: https://chromium-review.googlesource.com/648978
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47802}
2017-09-04 15:20:39 +00:00