Commit Graph

48819 Commits

Author SHA1 Message Date
Peter Marshall
93b173ee94 [typedarrays] Crash with OOM message when buffer allocation fails.
Currently we don't check the result of AllocateUninitialized and just
continue execution, failing at the following memcpy.

Instead, check for a nullptr result from the embedder-provided allocator
and crash with OOM.

Bug: chromium:853706
Change-Id: I7a9b4e5d0ce3ef2b2cbb5fd3dc949ec2705bdfaa
Reviewed-on: https://chromium-review.googlesource.com/1113454
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54127}
2018-07-02 09:23:38 +00:00
Stephan Herhut
eb87b88a38 [wasm] Use esp/rsp register directly in stack checks
This change helps mostly to reduce register pressure. By default, we
compile LoadStackPointer into a move from the stack register into some
general purpose register and then later use that register. This might
trigger a spill to free up space, which is particularly costly in
loops.

Change-Id: I886233f890b7833f873fc24773f621add7cf0588
Reviewed-on: https://chromium-review.googlesource.com/1104351
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54126}
2018-07-02 08:32:18 +00:00
Rodrigo Bruno
a11b12bb25 [heap] Fixed code to avoid repeated strings in the external string table.
Change-Id: Ic32383b9a4116b8f05568d7e8e0ca70a18813cea
Reviewed-on: https://chromium-review.googlesource.com/1121458
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Rodrigo Bruno <rfbpb@google.com>
Cr-Commit-Position: refs/heads/master@{#54125}
2018-07-02 08:17:58 +00:00
Michael Starzinger
870e81a273 [wasm] Fix direct call tag computation during serialization.
This makes sure the reverse tag translation of direct call targets to
respective call tags is properly performed. Otherwise all direct call
end up being deserialized to call the function with index '0'. Ooops!

R=clemensh@chromium.org
TEST=mjsunit/wasm/compiled-module-serialization
BUG=chromium:857049

Change-Id: I37c1ee72b000daec87efdeed08d60a067b1a1b0c
Reviewed-on: https://chromium-review.googlesource.com/1120256
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54124}
2018-07-02 08:07:28 +00:00
Michael Achenbach
c888293c7d Revert "[builtins] Add %IsTraceCategoryEnabled and %Trace builtins"
This reverts commit 8d4572a22b.

Reason for revert:
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux64%20TSAN/21312

Original change's description:
> [builtins] Add %IsTraceCategoryEnabled and %Trace builtins
> 
> Adds the builtin Trace and IsTraceCategoryEnabled functions
> exposed via extra bindings. These are intended to use by
> embedders to allow basic trace event support from JavaScript.
> 
> ```js
> isTraceCategoryEnabled('v8.some-category')
> 
> trace('e'.charCodeAt(0), 'v8.some-category',
>       'Foo', 0, { abc: 'xyz'})
> ```
> 
> Bug: v8:7851
> Change-Id: I7bfb9bb059efdf87d92a56a0aae326650730c250
> Reviewed-on: https://chromium-review.googlesource.com/1103294
> Commit-Queue: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Fadi Meawad <fmeawad@chromium.org>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54121}

TBR=fmeawad@chromium.org,yangguo@chromium.org,cbruni@chromium.org,bmeurer@chromium.org,jasnell@gmail.com

Change-Id: I352e2413aa771ba9eb069bcc26c04414abfc500f
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7851
Reviewed-on: https://chromium-review.googlesource.com/1122036
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54123}
2018-07-02 06:06:47 +00:00
Anna Henningsen
477df066db [API] Expand BigInt API
Provide a more complete BigInt API.

Bug: v8:7712
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ic8562d616f3125deabdf8b52c7019b191bef0e07
Reviewed-on: https://chromium-review.googlesource.com/1101198
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54122}
2018-07-02 05:39:36 +00:00
James M Snell
8d4572a22b [builtins] Add %IsTraceCategoryEnabled and %Trace builtins
Adds the builtin Trace and IsTraceCategoryEnabled functions
exposed via extra bindings. These are intended to use by
embedders to allow basic trace event support from JavaScript.

```js
isTraceCategoryEnabled('v8.some-category')

trace('e'.charCodeAt(0), 'v8.some-category',
      'Foo', 0, { abc: 'xyz'})
```

Bug: v8:7851
Change-Id: I7bfb9bb059efdf87d92a56a0aae326650730c250
Reviewed-on: https://chromium-review.googlesource.com/1103294
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Fadi Meawad <fmeawad@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54121}
2018-07-02 05:16:16 +00:00
v8-ci-autoroll-builder
ca675a0887 Update V8 DEPS.
Rolling v8/build: 23d647e..213a0e3

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: Id0d7a996abe5b5bc7e92cfcc7b125d40dee12659
Reviewed-on: https://chromium-review.googlesource.com/1121959
Reviewed-by: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#54120}
2018-07-02 03:31:06 +00:00
v8-ci-autoroll-builder
23222f0a88 Update V8 DEPS.
Rolling v8/build: b79f5b5..23d647e

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: Iedbe6547eac1badd18f35ee32aae1319ea220c25
Reviewed-on: https://chromium-review.googlesource.com/1121821
Reviewed-by: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#54119}
2018-07-01 03:38:14 +00:00
v8-ci-autoroll-builder
c425f5fde6 Update V8 DEPS.
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/f76f0b4..34f0d7e

Rolling v8/third_party/depot_tools: a19649b..024a331

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I847abf895aa5182d1dbab83746223d34635954c6
Reviewed-on: https://chromium-review.googlesource.com/1121625
Commit-Queue: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Reviewed-by: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#54118}
2018-06-30 03:44:00 +00:00
Sergiy Byelozyorov
5d4dbb6ee9 Update V8 DEPS.
Rolling v8/build: 8e3406c..b79f5b5

Rolling v8/buildtools: 9c9fd97..0dd5c6f

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/e2d6bbc..f76f0b4

Rolling v8/third_party/depot_tools: ae1f033..a19649b

Rolling v8/tools/clang: de629a4..dec27d7

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I5721136b50509762c2b22a0782b9fbfd370fbde5
Reviewed-on: https://chromium-review.googlesource.com/1121079
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54117}
2018-06-29 21:15:10 +00:00
Aseem Garg
d3fe5ac7c3 [wasm] add simd horiz and reduce to interpreter
This CL adds simd select, addHoriz, shuffle, anyTrue and all true to the
interpreter. It also gets rid of SIMD_COMPILED_AND_LOWERED_TEST and
SIMD_COMPILED_TEST macros.

R=gdeepti@chromium.org
BUG=v8:6020

Change-Id: I44abbcaddc3223a95c79ccc65ae9c6bf1a911c5d
Reviewed-on: https://chromium-review.googlesource.com/1119258
Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54116}
2018-06-29 20:13:50 +00:00
Rodrigo Bruno
90da229fa2 Reland "[heap] Updated spaces Verify to check external memory count."
This is a reland of 6b810dad78

Original change's description:
> [heap] Updated spaces Verify to check external memory count.
> 
> Bug: chromium:845409
> Change-Id: Ieb690f2d6ed699f306f1ff351cb5f62d9e2db860
> Reviewed-on: https://chromium-review.googlesource.com/1114820
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Rodrigo Bruno <rfbpb@google.com>
> Cr-Commit-Position: refs/heads/master@{#54035}

Bug: chromium:845409
Change-Id: I71576bd397ca70d9ce76de279c2d9d1fa5a70596
Reviewed-on: https://chromium-review.googlesource.com/1120365
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Rodrigo Bruno <rfbpb@google.com>
Cr-Commit-Position: refs/heads/master@{#54115}
2018-06-29 16:00:00 +00:00
Rodrigo Bruno
1424416975 Revert "[heap] Added External Strings to external memory accounting."
This reverts commit 5863c0b652.

Reason for revert: Breaks GPU bots (https://ci.chromium.org/p/v8/builders/luci.v8.ci/Mac%20V8%20FYI%20Release%20(Intel)/1648)

Original change's description:
> [heap] Added External Strings to external memory accounting.
> 
> Bug: chromium:845409
> Change-Id: I3fe2b294f6e038d77787cf0870d244ba7cc20550
> Reviewed-on: https://chromium-review.googlesource.com/1118164
> Commit-Queue: Rodrigo Bruno <rfbpb@google.com>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54110}

TBR=ulan@chromium.org,hpayer@chromium.org,mlippautz@chromium.org,rfbpb@google.com

Change-Id: I77787df6aef2efec95c79714d1baf43feeb8a27e
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:845409
Reviewed-on: https://chromium-review.googlesource.com/1120265
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Rodrigo Bruno <rfbpb@google.com>
Cr-Commit-Position: refs/heads/master@{#54114}
2018-06-29 13:13:26 +00:00
Clemens Hammacher
79349d506d [ia32] Move explicit stack limit checking to TurboAssembler
Liftoff needs to emit the same code, thus move it to a place where it
can be reused.
Also, switch the _MSC_VER switch to V8_OS_WIN. It is unclear if
_MSC_VER would also be set in clang. V8_OS_WIN seems to fit better.

Drive-by: Reorder the code to save one jmp in the loop (loop inversion).

R=mstarzinger@chromium.org

Bug: v8:7908, v8:6600
Change-Id: Ia76aa4dad3f96e179a9daad8c1551b1aab499878
Reviewed-on: https://chromium-review.googlesource.com/1120174
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54113}
2018-06-29 13:05:25 +00:00
Hannes Payer
4c9919e5f0 Reland "[heap] Clear from space after garbage collection."
Bug: chromium:829771
Change-Id: I0e3f81b14d971d077afba2f4065e229b99948808
Reviewed-on: https://chromium-review.googlesource.com/1119687
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54112}
2018-06-29 12:39:25 +00:00
Michael Starzinger
dba806579e [wasm] Make {InstanceBuilder} use regular foreground counters.
R=clemensh@chromium.org

Change-Id: Ia5f1d52df1b2ebbe4ea4d38464fc59b0d128426d
Reviewed-on: https://chromium-review.googlesource.com/1119924
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54111}
2018-06-29 11:56:25 +00:00
Rodrigo Bruno
5863c0b652 [heap] Added External Strings to external memory accounting.
Bug: chromium:845409
Change-Id: I3fe2b294f6e038d77787cf0870d244ba7cc20550
Reviewed-on: https://chromium-review.googlesource.com/1118164
Commit-Queue: Rodrigo Bruno <rfbpb@google.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54110}
2018-06-29 10:54:55 +00:00
Simon Zünd
327668d544 [array] Fix read-only property in NumberDictionary fast-path
This CL fixes the NumberDictionary fast-path in Array.p.sort, when
storing to a read-only property that was never read from.

R=jgruber@chromium.org

Bug: v8:7907
Change-Id: I2b772fb5b1619a94a7d239ba4417ecb7902a167c
Reviewed-on: https://chromium-review.googlesource.com/1119910
Commit-Queue: Simon Zünd <szuend@google.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54109}
2018-06-29 10:40:35 +00:00
Rodrigo Bruno
4442ed615d Reland "Reland "[heap] Added per-page array buffer accouting (external memory).""
This is a reland of 9072bef085

Original change's description:
> Reland "[heap] Added per-page array buffer accouting (external memory)."
> 
> This is a reland of d4792e8f6b
> 
> Original change's description:
> > [heap] Added per-page array buffer accouting (external memory).
> > 
> > Bug: chromium:845409
> > Change-Id: Ibc568cdc501edf5d84d9c6379aff58be069369af
> > Reviewed-on: https://chromium-review.googlesource.com/1114602
> > Commit-Queue: Rodrigo Bruno <rfbpb@google.com>
> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#54028}
> 
> Bug: chromium:845409
> Change-Id: I6b11d7f66313bcbcc31be9217c1b780cf3eaee99
> Reviewed-on: https://chromium-review.googlesource.com/1116638
> Commit-Queue: Rodrigo Bruno <rfbpb@google.com>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54066}

Bug: chromium:845409
Change-Id: Icff4e2a2b974942f73f5e6bb0bfd6ee8655e8ce7
Reviewed-on: https://chromium-review.googlesource.com/1119985
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Rodrigo Bruno <rfbpb@google.com>
Cr-Commit-Position: refs/heads/master@{#54108}
2018-06-29 10:07:10 +00:00
Clemens Hammacher
c7019d7517 [wasm] Remove additional wire bytes copy in CompilationState
Since the wire bytes are now stored on the C++ heap, referenced
directly from the {NativeModule}, there is no need any more for the
additional copy in the {CompilationState}.

R=mstarzinger@chromium.org

Bug: v8:7868
Change-Id: I3ca25981b37bc14037a83a199354b70b4e52f8c7
Reviewed-on: https://chromium-review.googlesource.com/1118886
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54107}
2018-06-29 09:59:05 +00:00
Clemens Hammacher
d52d3bc2cd [wasm][cleanup] Remove redundant parameters
R=mstarzinger@chromium.org

Bug: v8:7754
Change-Id: I0cbd3e82a865aa2e52019057cea796cd6a8b17e2
Reviewed-on: https://chromium-review.googlesource.com/1118560
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54106}
2018-06-29 09:55:25 +00:00
Clemens Hammacher
a71f40ded6 [wasm][cleanup] Rename fields and methods for function names
Just a refactoring to make clear that we are talking about function
names. Note that there are also names for locals inside functions,
which we currently don't use.

Drive-by: Remove style-guide violation by {WasmModule::names_} field.

R=mstarzinger@chromium.org

Bug: v8:7754
Change-Id: I9c47ea01893f128e1716be01032adfaf006ae28a
Reviewed-on: https://chromium-review.googlesource.com/1118271
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54105}
2018-06-29 09:41:15 +00:00
jgruber
88b53ab569 [gm] Set v8_enable_fast_mksnapshot by default
This change somehow got lost when relanding an earlier CL in
https://crrev.com/c/1118139

Bug: v8:7891
Change-Id: I31244be136322cccfb465c24356f1d0fd5e0c6d6
Reviewed-on: https://chromium-review.googlesource.com/1119786
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54104}
2018-06-29 09:30:16 +00:00
Sreten Kovacevic
cbd5e30dbe [mips] Port: [explicit isolates] Pass Isolate to Object::Print
Commit edec05ea73

Usage of Print function was not consistent with it's signature,
which caused failures in compilation.

Original commit message:

`All Object::Print functions now take an Isolate* parameter. Various
XX::XXPrint functions now take an Isolate if it's needed rather than
calling GetIsolate(). Such method use DECL_PRINTER_WITH_ISOLATE rather
than DECL_PRINTER.

The _v8_internal_Print_ function (intended for use in gdb) now uses
Isolate::Current() to get hold of an Isolate.

Reduces the GetIsolate and GetHeap count by 9 and 5 respectively.

Also removes unneeded gdb/lldb macros (along with their support
functions), jfv, jfm, jda and jta, since job does the same thing.`

Cr-Original-Commit-Position: refs/heads/master@{#54029}
Change-Id: I5d4eb974340159ae91a50c1c2272ab195fc514ea
Reviewed-on: https://chromium-review.googlesource.com/1116965
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com>
Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com>
Cr-Commit-Position: refs/heads/master@{#54103}
2018-06-29 08:12:35 +00:00
Clemens Hammacher
b0820c457f [wasm] NativeModule::module() should just return its module
No need to go via the {ModuleEnv} in the {CompilationState}.

R=mstarzinger@chromium.org

Change-Id: I11ff647824ad107131ce329453b365d6ecaec7fb
Reviewed-on: https://chromium-review.googlesource.com/1118561
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54102}
2018-06-29 08:03:25 +00:00
Clemens Hammacher
c908496b15 Revert "Reland^2 "[wasm] Enable Liftoff by default on ia32 and x64""
This reverts commit d8281a297b.

Reason for revert: breaks win32: https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Win32/14559

Original change's description:
> Reland^2 "[wasm] Enable Liftoff by default on ia32 and x64"
> 
> This is a reland of 20f33823c9.
> The flakes that lead to the revert are hopefully fixed with
> https://crrev.com/c/1118171.
> 
> Original change's description:
> > [wasm] Enable Liftoff by default on ia32 and x64
> >
> > R=titzer@chromium.org, hablich@chromium.org
> >
> > Bug: v8:6600, chromium:787421
> > Change-Id: Ia8ae56ddef3b27b0721d5a66ff19abe098a2c6ca
> > Reviewed-on: https://chromium-review.googlesource.com/1109899
> > Reviewed-by: Ben Titzer <titzer@chromium.org>
> > Reviewed-by: Michael Hablich <hablich@chromium.org>
> > Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#53965}
> 
> TBR=titzer@chromium.org, hablich@chromium.org
> 
> Bug: v8:6600, chromium:787421
> Change-Id: Icfc6f5c7701f18891ede34edb2bc22a7c01c8d6d
> Reviewed-on: https://chromium-review.googlesource.com/1118485
> Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54099}

TBR=titzer@chromium.org,hablich@chromium.org,clemensh@chromium.org

Change-Id: I0caa20c70ab18a8da4665b565d35801c3cf03fed
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6600, chromium:787421
Reviewed-on: https://chromium-review.googlesource.com/1119885
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54101}
2018-06-29 08:00:50 +00:00
Michael Hablich
07422dbde5 Revert "Reland "[heap] Added per-page array buffer accouting (external memory).""
This reverts commit 9072bef085.

Reason for revert: Speculative revert because of https://chromium-review.googlesource.com/c/chromium/src/+/1118280

Original change's description:
> Reland "[heap] Added per-page array buffer accouting (external memory)."
> 
> This is a reland of d4792e8f6b
> 
> Original change's description:
> > [heap] Added per-page array buffer accouting (external memory).
> > 
> > Bug: chromium:845409
> > Change-Id: Ibc568cdc501edf5d84d9c6379aff58be069369af
> > Reviewed-on: https://chromium-review.googlesource.com/1114602
> > Commit-Queue: Rodrigo Bruno <rfbpb@google.com>
> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#54028}
> 
> Bug: chromium:845409
> Change-Id: I6b11d7f66313bcbcc31be9217c1b780cf3eaee99
> Reviewed-on: https://chromium-review.googlesource.com/1116638
> Commit-Queue: Rodrigo Bruno <rfbpb@google.com>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54066}

TBR=ulan@chromium.org,hpayer@chromium.org,mlippautz@chromium.org,rfbpb@google.com

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: chromium:845409
Change-Id: I818e24d236d93a4645d1532b666056f89156eb86
Reviewed-on: https://chromium-review.googlesource.com/1119825
Reviewed-by: Michael Hablich <hablich@chromium.org>
Commit-Queue: Michael Hablich <hablich@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54100}
2018-06-29 07:59:45 +00:00
Clemens Hammacher
d8281a297b Reland^2 "[wasm] Enable Liftoff by default on ia32 and x64"
This is a reland of 20f33823c9.
The flakes that lead to the revert are hopefully fixed with
https://crrev.com/c/1118171.

Original change's description:
> [wasm] Enable Liftoff by default on ia32 and x64
>
> R=titzer@chromium.org, hablich@chromium.org
>
> Bug: v8:6600, chromium:787421
> Change-Id: Ia8ae56ddef3b27b0721d5a66ff19abe098a2c6ca
> Reviewed-on: https://chromium-review.googlesource.com/1109899
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Reviewed-by: Michael Hablich <hablich@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#53965}

TBR=titzer@chromium.org, hablich@chromium.org

Bug: v8:6600, chromium:787421
Change-Id: Icfc6f5c7701f18891ede34edb2bc22a7c01c8d6d
Reviewed-on: https://chromium-review.googlesource.com/1118485
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54099}
2018-06-29 07:26:15 +00:00
v8-ci-autoroll-builder
038859609a Update V8 DEPS.
Rolling v8/build: 5fc0186..8e3406c

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/d96c633..e2d6bbc

Rolling v8/third_party/depot_tools: b3853af..ae1f033

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I27e7412d84723d40d045e94ba87e9a36e9fd6373
Reviewed-on: https://chromium-review.googlesource.com/1119647
Commit-Queue: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Reviewed-by: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#54098}
2018-06-29 03:52:25 +00:00
Bill Budge
6afa211028 [wasm simd] Add unit tests for shuffle matching methods.
- Adds some unit tests for InstructionSelector::TryMatch* methods.
- Adds a TryMatchIdentity method. We should detect identity shuffles
  and emit no code in that case.

Bug: v8:6020
Change-Id: I5dea84738bf87db7112eb7d19f91b1e6b20811c7
Reviewed-on: https://chromium-review.googlesource.com/1116058
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54097}
2018-06-28 18:52:33 +00:00
Caitlin Potter
6c585ef0e8 [runtime] perform type conversion earlier in IntegerIndexedElementSet
When storing an indexed property in a typed array, it's necessary to
convert the value to a Number (or to a Bigint) before performing the
bounds check, per
https://tc39.github.io/ecma262/#sec-integerindexedelementset.

This CL adds appropriate type conversions in
Object::SetPropertyInternal (which technically is reached after the
bounds check has already occurred, but this isn't observable yet ---
In the future, once OOB accesses on TypedArrays actually throw, this
will need to be refactored again), and in StoreFastElementStub, and
ElementsTransitionAndStoreStub (via CSA::EmitElementStore).

The change was not necessary in TurboFan, as
JSNativeContextSpecialization already performs the value conversion
before the boundscheck.

The result is some fixed test262 tests, and some new test coverage
for this behaviour in mjsunit.

BUG=v8:7896, v8:5327
R=neis@chromium.org, jkummerow@chromium.org, gsathya@chromium.org

Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ibe6bec24c72ef6a4fd3e77d5bcafa03737f4c5e3
Reviewed-on: https://chromium-review.googlesource.com/1117372
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54096}
2018-06-28 18:28:33 +00:00
Sergiy Byelozyorov
62f7384539 [tools] Whitespace CL
TBR=sergiyb@chromium.org

No-Try: true
Bug: chromium:857179
Change-Id: I6bbaa2601d62d303391d082a2ae1dff8d3c6e2b8
Reviewed-on: https://chromium-review.googlesource.com/1118562
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54095}
2018-06-28 17:11:46 +00:00
Clemens Hammacher
94ffae69a9 [wasm] Reenable RunWasmTurbofan_Int32DivS_trap_effect test
The flake is hopefully fixed with https://crrev.com/c/1118171.

R=titzer@chromium.org

Bug: v8:7879
Change-Id: I67ac9a447cbf8a99dfc612e84b3e381cc86fa643
Reviewed-on: https://chromium-review.googlesource.com/1118381
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54094}
2018-06-28 17:02:06 +00:00
Ben Smith
c9b4f805a3 [wasm] postMessage of WebAssembly.Module in d8
Supporting postMessage from WebAssembly.Module requires implementing
some logic in the ValueSerializer and ValueDeserializer delegates. This
change implements some simple logic for d8.

This change also fixes a DCHECK that occurs when sending a shared
WebAssembly.Memory object to two Workers.

Bug: chromium:857049
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Idddb23a48175c7175967af3fbc03d8572452a069
Reviewed-on: https://chromium-review.googlesource.com/1117871
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54093}
2018-06-28 16:54:06 +00:00
Clemens Hammacher
63372e4679 [wasm] Do not cancel all compilation on context disposal
We should only cancel asynchronous compilation jobs for the isolate
which is being recycled.

R=titzer@chromium.org

Bug: chromium:854755
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I31d6c3ccb648f5465e52f4bc47c4261894458e60
Reviewed-on: https://chromium-review.googlesource.com/1118378
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54092}
2018-06-28 15:34:27 +00:00
Clemens Hammacher
ad19b86d1f [wasm] Store wire bytes in OwnedVector
Another pair of {std::unique_ptr} and {size_t} that can be stored as
one {OwnedVector}, which allows to pass it as one thing.

R=mstarzinger@chromium.org

Bug: v8:7754
Change-Id: Ideac0dbd390ba8147b6620daa86f0d3da6c3b609
Reviewed-on: https://chromium-review.googlesource.com/1118236
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54091}
2018-06-28 15:15:36 +00:00
Clemens Hammacher
ad57eec545 [wasm] Store WasmModule directly in the NativeModule
Instead of storing both the {NativeModule} and the {WasmModule} in a
{Managed} object, just store the {WasmModule} in the {NativeModule}
directly. This fixes crashes that happen if the {Managed<WasmModule>}
dies before the {Managed<NativeModule>}.

R=mstarzinger@chromium.org

Bug: chromium:854794, v8:7879, v8:7889
Change-Id: I6b11729943fe7a03d225138782655ee5dafd26a6
Reviewed-on: https://chromium-review.googlesource.com/1118171
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54090}
2018-06-28 14:10:36 +00:00
Théotime Grohens
00f3ab176e [torque] Add '\n' handling in Torque strings
This CL adds the newline character as a valid character
in Torque strings.

You can now write Print('Hello, World!\n') in Torque and it works!

Change-Id: I2a1f87cfef492fedd3d24086e226d3ebaf882115
Reviewed-on: https://chromium-review.googlesource.com/1118229
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Théotime Grohens <theotime@google.com>
Cr-Commit-Position: refs/heads/master@{#54089}
2018-06-28 13:27:51 +00:00
Georg Neis
bb8aadb7a5 [cleanup] Remove unused function and fix typo in comment.
R=sigurds@chromium.org

Bug: v8:7902
Change-Id: I0a126221ffded34cccc7db793e92d0ae22952bb4
Reviewed-on: https://chromium-review.googlesource.com/1118235
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54088}
2018-06-28 13:26:46 +00:00
Georg Neis
41454fdb3c [test] Skip two tests in debug mode.
When run locally, one times out and the other runs out of stack space.

R=sigurds@chromium.org

Change-Id: I7cc1aa9bb0857f12ac46baf80de18a2c5175b8b9
Reviewed-on: https://chromium-review.googlesource.com/1118231
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54087}
2018-06-28 13:22:31 +00:00
Clemens Hammacher
885f99cde7 Revert "Reland "[heap] Clear from space after garbage collection."
This reverts commit cd5d72fd8f.

Reason for revert: breaks TSAN: https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux64%20TSAN/21284

Original change's description:
> Reland "[heap] Clear from space after garbage collection.
> 
> Bug: chromium:829771
> Change-Id: I829b4d40bdbe1474eb7f087059be3e58b154768c
> Reviewed-on: https://chromium-review.googlesource.com/1106657
> Commit-Queue: Hannes Payer <hpayer@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54082}

TBR=ulan@chromium.org,hpayer@chromium.org

Change-Id: I6b719266bd088f8835d2c769d471c8872256fb40
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:829771
Reviewed-on: https://chromium-review.googlesource.com/1118298
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54086}
2018-06-28 13:21:27 +00:00
Clemens Hammacher
15428f19f2 [wasm] Register protected instructions after deserialization
R=mstarzinger@chromium.org

Bug: chromium:856938
Change-Id: I57699de23b5c35a531c7601fd14a91f075abb0da
Reviewed-on: https://chromium-review.googlesource.com/1117182
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54085}
2018-06-28 13:06:45 +00:00
Clemens Hammacher
37ca8c3d2d [wasm] Remove friendship between NativeModule and (de)serializer
This CL removes the friendship between {NativeModule} and
{NativeModuleSerializer}/{NativeModuleDeserializer}.
Instead, it adds a new public method ({AddDeserializedCode}) which is
being called from the deserializer.

Drive-by: Unify the argument order to {AddCode}, {AddOwnedCode} and
{WasmCode}.

R=mstarzinger@chromium.org

Bug: chromium:856938
Change-Id: I88943c90c45650e21ae6bc17395a17f86319c046
Reviewed-on: https://chromium-review.googlesource.com/1117075
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54084}
2018-06-28 13:02:34 +00:00
Predrag Rudic
38ea669732 MIPS32: Mark ArraySpliceTorque as isolate dependent
This CL complements commit f2695f7363
for MIPS32. That commit addressed problem for MIPS64.

Original message:
>ArraySpliceTorque builtin triggers generation of MIPS specific
>trampolines due to its large size, and this code is not PIC
>and cannot be isolate independent.
>
>This CL is a workaround that marks ArraySpliceTorque as
>isolate dependent on MIPS64.
>
>Bug: v8:7882
>Change-Id: I0b5764236268c2529e149b275dcf382dab709682
>Reviewed-on: https://chromium-review.googlesource.com/1111847
>Commit-Queue: Jakob Gruber <jgruber@chromium.org>
>Reviewed-by: Michael Stanton <mvstanton@chromium.org>
>Reviewed-by: Jakob Gruber <jgruber@chromium.org>
>Cr-Commit-Position: refs/heads/master@{#53968}

Bug: v8:7882
Change-Id: Iffdfab673781cca1eb14d11428ffcf7a01c21f27
Reviewed-on: https://chromium-review.googlesource.com/1117186
Commit-Queue: Sreten Kovacevic <sreten.kovacevic@mips.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54083}
2018-06-28 12:39:47 +00:00
Hannes Payer
cd5d72fd8f Reland "[heap] Clear from space after garbage collection.
Bug: chromium:829771
Change-Id: I829b4d40bdbe1474eb7f087059be3e58b154768c
Reviewed-on: https://chromium-review.googlesource.com/1106657
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54082}
2018-06-28 12:37:24 +00:00
Ross McIlroy
c51bcd17bb [sfi] Remove DebugInfo field in SharedFunctionInfo.
Merges DebugInfo field into the function_identifier field, storing the function
identifier in the DebugInfo. Also moves some debugging_hints bits to the SFI flags,
and others to the DebugInfo. Finally, changes the logic to store debugger patched
bytecode array on the SFI instead of the DebugInfo, simplifying the logic in the
InterpreterEntryTrampoline.

BUG=chromium:818642,chromium:783853
TBR=hpayer@chromium.org

Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: If440080c0f08fac4fb96f5e18dcc0eb9b86d4821
Reviewed-on: https://chromium-review.googlesource.com/1115819
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54081}
2018-06-28 10:08:52 +00:00
jgruber
edef59ca27 Reland "[build] Disable slow asserts for v8_enable_fast_mksnapshot"
This is a reland of 7a0d6a5000

Original change's description:
> [build] Disable slow asserts for v8_enable_fast_mksnapshot
>
> Slow asserts double the time spent in mksnapshot. While we want them
> enabled on our bot builds, local builds should be fast and don't
> necessarily need them.
>
> This also adds v8_enable_fast_mksnapshot as default in gm.py.
>
> Bug: v8:7891,v8:6688
> Change-Id: I5ab1491f3396c4351de30dbbb80a81e2242c5db9
> Reviewed-on: https://chromium-review.googlesource.com/1116552
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54074}

TBR=jkummerow@chromium.org

Bug: v8:7891, v8:6688
Change-Id: I3b1e80b3ca156b7d571ebc7f04e341f0ba716691
Reviewed-on: https://chromium-review.googlesource.com/1118139
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54080}
2018-06-28 10:07:42 +00:00
jgruber
30caa69fb0 Disable multi_snapshots by default
The multi-snapshot feature is only used on bots, where we need the
ability to execute tests with/without mitigations controllable through a
runtime flag.

This disables the flag by default and only enables it on bot configs.

Note: standard single-snapshot builds silently use the available
snapshot regardless of the value of --untrusted-code-mitigations.

Bug: v8:7891,v8:6688
Change-Id: I0d1a91e5c1c17b4d91b42d176b50ea44d2128d48
Reviewed-on: https://chromium-review.googlesource.com/1117687
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54079}
2018-06-28 10:02:12 +00:00
Clemens Hammacher
615c215f94 [wasm] Ensure constness of WasmModule after decoding
We pass the {WasmModule} by non-const pointer and by non-const
reference a lot. This violates the style guide, and adds the risk of
accidentally modifying it.
This CL makes the {WasmModule} const during compilation and
instantiation.

R=mstarzinger@chromium.org

Bug: v8:7754
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ie1878322828b63284b341d97da595e8e91dd4f51
Reviewed-on: https://chromium-review.googlesource.com/1117194
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54078}
2018-06-28 09:52:02 +00:00