Commit Graph

10492 Commits

Author SHA1 Message Date
Leszek Swirski
b4a3af9157 [ignition] Move for-of desugaring to bytecode
This removes the iteration protocol from the parser entirely, and opens
up future possibilities for more bytecodes implementing the various
functions of the protocol.

Change-Id: I316b8a92434d3b5f47927408a235ddaecd65d5bb
Reviewed-on: https://chromium-review.googlesource.com/c/1403125
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58795}
2019-01-14 16:37:41 +00:00
Clemens Hammacher
94958319d9 [wasm] Store enabled features in compilation env
The background compile tasks should not access the NativeModule during
the main compile phase.
This CL moves on of the accessed fields into the {CompilationEnv}. It
is initialized from the existing field on the {NativeModule}.

R=titzer@chromium.org

Bug: v8:8689
Change-Id: I9738e2fb4681a035cbacf3c9e00b9e5cc9419416
Reviewed-on: https://chromium-review.googlesource.com/c/1409423
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58793}
2019-01-14 15:57:41 +00:00
Ulan Degenbaev
13e07389ff Revert "[heap] Remove bailout marking worklist."
This reverts commit 68a8bdd829.

Reason for revert: memory regression: crbug.com/921239

Original change's description:
> [heap] Remove bailout marking worklist.
> 
> The concurrent marker can now process all objects.
> This patch also eagerly visits the objects that undergo layout
> changes. This is because previously such objects were pushed
> onto the bailout worklist, which is gone now.
> To preserve the incremental step accounting, the patch introduces
> a new GC tracer scope called MC_INCREMENTAL_LAYOUT_CHANGE.
> 
> Bug: v8:8486
> Change-Id: Ic1c2f0d4e2ac0602fc945f3258af9624247bd65f
> Reviewed-on: https://chromium-review.googlesource.com/c/1386486
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58712}

TBR=ulan@chromium.org,mlippautz@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: v8:8486, chromium:921239
Change-Id: I1f851b948f4ce403316e469999f0b16e8dfdb62d
Reviewed-on: https://chromium-review.googlesource.com/c/1408990
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58787}
2019-01-14 15:00:11 +00:00
Camillo Bruni
a6f4462987 Reland "[parser] Inline byte scope data into PreparseData object"
This is a reland of e2d44ede95

Original change's description:
> [parser] Inline byte scope data into PreparseData object
> 
> Each PreparseData object had at least one pointer to a PodArray for its
> serialized scope data. These objects usually have only tens of bytes of
> payload. By inlining the byte data we save 3 words per PreparseData object.
> This optimization saves 140KB of data on cnn.com.
> 
> 
> - Store data_length and inner_length as int32 saving a words on 64bit
> - Inline store byte data into PreparseData
> - OnHeapConsumedPreparseData directly uses the PreparseData object
> - get_inner, set_inner no longer allow Null sentinels
> 
> Change-Id: I1f62154d05ea2f98a6574efa738b32a8a84319d5
> Reviewed-on: https://chromium-review.googlesource.com/c/1406673
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Camillo Bruni <cbruni@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58751}

Change-Id: I1f0a22c641d0d67f435b01c82daf8da7f144bff4
Reviewed-on: https://chromium-review.googlesource.com/c/1407066
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58785}
2019-01-14 14:17:05 +00:00
Yang Guo
c8567109f5 [bootstrapper] consistently skip transferring existing property.
R=jgruber@chromium.org

Bug: v8:8669
Change-Id: I3c3995fa2e5661fa267a11649bdef1991b87c722
Reviewed-on: https://chromium-review.googlesource.com/c/1407064
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58784}
2019-01-14 14:03:32 +00:00
Clemens Hammacher
bd502b2bdd [wasm] Do not store the NativeModule in compilation units
Instead, pass it as a parameter to the compilation.
This makes compilation units slimmer with the end goal of them being
just the function index and execution tier.
It also makes ownership handling of the NativeModule easier.

R=titzer@chromium.org

Bug: v8:8343, v8:7921
Change-Id: I0522c894569c71d8b7245f5ed5612ab2a249e1ad
Reviewed-on: https://chromium-review.googlesource.com/c/1406668
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58776}
2019-01-14 12:28:38 +00:00
Maya Lekova
1ec1712c5b Revert "[parser] Inline byte scope data into PreparseData object"
This reverts commit e2d44ede95.

Reason for revert: Breaks GC stress tests - https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/23527

Original change's description:
> [parser] Inline byte scope data into PreparseData object
> 
> Each PreparseData object had at least one pointer to a PodArray for its
> serialized scope data. These objects usually have only tens of bytes of
> payload. By inlining the byte data we save 3 words per PreparseData object.
> This optimization saves 140KB of data on cnn.com.
> 
> 
> - Store data_length and inner_length as int32 saving a words on 64bit
> - Inline store byte data into PreparseData
> - OnHeapConsumedPreparseData directly uses the PreparseData object
> - get_inner, set_inner no longer allow Null sentinels
> 
> Change-Id: I1f62154d05ea2f98a6574efa738b32a8a84319d5
> Reviewed-on: https://chromium-review.googlesource.com/c/1406673
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Camillo Bruni <cbruni@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58751}

TBR=ulan@chromium.org,cbruni@chromium.org,leszeks@chromium.org

Change-Id: I39d92ee7bd2864e1b0c3a8fed4a11b68b3e14d58
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/1407073
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58753}
2019-01-11 16:02:05 +00:00
Camillo Bruni
e2d44ede95 [parser] Inline byte scope data into PreparseData object
Each PreparseData object had at least one pointer to a PodArray for its
serialized scope data. These objects usually have only tens of bytes of
payload. By inlining the byte data we save 3 words per PreparseData object.
This optimization saves 140KB of data on cnn.com.


- Store data_length and inner_length as int32 saving a words on 64bit
- Inline store byte data into PreparseData
- OnHeapConsumedPreparseData directly uses the PreparseData object
- get_inner, set_inner no longer allow Null sentinels

Change-Id: I1f62154d05ea2f98a6574efa738b32a8a84319d5
Reviewed-on: https://chromium-review.googlesource.com/c/1406673
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58751}
2019-01-11 15:20:37 +00:00
Jakob Gruber
3c24404675 [regexp] Fix oob read in JSRegExp::HasCompiledCode
The JSRegExp's data fixed array is variable size depending on the
regexp kind.

Bug: v8:8572
Change-Id: I8f07b8e8d2a9a81e0905563fb701e1e3687cafb5
Reviewed-on: https://chromium-review.googlesource.com/c/1405034
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58741}
2019-01-11 12:46:45 +00:00
Jakob Gruber
f3a23accad Remove fast_sqrt generated code
As far as I can tell these were unused; their only callers were arm
and ppc simulators, but codegen explicitly returned nullptr if in a
simulator build, falling back to std::sqrt.

There's more potential cleanup to be done here for other functions
defined in codegen-*.cc files.

Tbr: clemensh@chromium.org
Bug: v8:7777, v8:8675
Change-Id: I4b9d6062c6724a810ab094d09e3cd04a0b733d9b
Reviewed-on: https://chromium-review.googlesource.com/c/1405851
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58740}
2019-01-11 12:45:38 +00:00
Yang Guo
f451d6ce77 [logging] correctly log code events from deserialization.
R=jarin@chromium.org

Bug: v8:8671, v8:8674
Change-Id: I5cdcd49d05f08206aa32426f2fe0560568291f2e
Reviewed-on: https://chromium-review.googlesource.com/c/1405852
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58739}
2019-01-11 12:44:29 +00:00
Michael Starzinger
1583e86d56 [wasm] Remove Isolate from WasmImportWrapperCache.
R=clemensh@chromium.org

Change-Id: I48bfae1dbbfaafb1cadad8d3cbbc921c53801f8c
Reviewed-on: https://chromium-review.googlesource.com/c/1405857
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58727}
2019-01-11 10:24:45 +00:00
Deepti Gandluri
8468150d35 Reland "[wasm] Fix SIMD boolean reductions on Intel"
This is a reland of 8f83fd0a55

Original change's description:
> [wasm] Fix SIMD boolean reductions on Intel
> 
>  - Both AllTrue/AnyTrue values should return boolean 0/1
>    instead of 0xffffffff to match Spec/Toolchain
>  - Fix AllTrue implementation to be correct
>  - Add unit tests to spot check return values as the
>    cumulative test can coerce some return values to True/False
> 
> Change-Id: I84eb73c915414c9ec290e73f1306404ceff729f0
> Bug: v8:8636
> Reviewed-on: https://chromium-review.googlesource.com/c/1404197
> Reviewed-by: Bill Budge <bbudge@chromium.org>
> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58715}

Bug: v8:8636
Change-Id: Ifc438d7b64bf5d461cc848851165665104fe57d0
Reviewed-on: https://chromium-review.googlesource.com/c/1405909
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58719}
2019-01-11 01:21:27 +00:00
Michael Achenbach
82e58aaa80 Revert "[wasm] Fix SIMD boolean reductions on Intel"
This reverts commit 8f83fd0a55.

Reason for revert: Seems to break older intel chips:
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20debug/23954

Original change's description:
> [wasm] Fix SIMD boolean reductions on Intel
> 
>  - Both AllTrue/AnyTrue values should return boolean 0/1
>    instead of 0xffffffff to match Spec/Toolchain
>  - Fix AllTrue implementation to be correct
>  - Add unit tests to spot check return values as the
>    cumulative test can coerce some return values to True/False
> 
> Change-Id: I84eb73c915414c9ec290e73f1306404ceff729f0
> Bug: v8:8636
> Reviewed-on: https://chromium-review.googlesource.com/c/1404197
> Reviewed-by: Bill Budge <bbudge@chromium.org>
> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58715}

TBR=bbudge@chromium.org,gdeepti@chromium.org

Change-Id: I0eba24e0fe5215c1f8f377776692db245239e134
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8636
Reviewed-on: https://chromium-review.googlesource.com/c/1405321
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58716}
2019-01-10 20:18:12 +00:00
Deepti Gandluri
8f83fd0a55 [wasm] Fix SIMD boolean reductions on Intel
- Both AllTrue/AnyTrue values should return boolean 0/1
   instead of 0xffffffff to match Spec/Toolchain
 - Fix AllTrue implementation to be correct
 - Add unit tests to spot check return values as the
   cumulative test can coerce some return values to True/False

Change-Id: I84eb73c915414c9ec290e73f1306404ceff729f0
Bug: v8:8636
Reviewed-on: https://chromium-review.googlesource.com/c/1404197
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58715}
2019-01-10 19:11:35 +00:00
Ulan Degenbaev
68a8bdd829 [heap] Remove bailout marking worklist.
The concurrent marker can now process all objects.
This patch also eagerly visits the objects that undergo layout
changes. This is because previously such objects were pushed
onto the bailout worklist, which is gone now.
To preserve the incremental step accounting, the patch introduces
a new GC tracer scope called MC_INCREMENTAL_LAYOUT_CHANGE.

Bug: v8:8486
Change-Id: Ic1c2f0d4e2ac0602fc945f3258af9624247bd65f
Reviewed-on: https://chromium-review.googlesource.com/c/1386486
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58712}
2019-01-10 17:39:45 +00:00
Leszek Swirski
5e2c23e2d3 [destructuring] Get non-coercible message contents in runtime
For desrtucturing assignments from null/undefined, we throw an error
that references the destructuring object literal's property name, e.g.
for
  var { x } = null;
we report that we cannot destructure 'x' from null.

Rather than calculating this property during bytecode generation (and
including it in the bytecode as an argument to the type error
constructor), we can calculate it at exception throwing time, by
re-parsing the source in a similar way to the existing call site
rendering.

This slightly decreases bytecode size and slightly decreases the amount
of work the bytecode compiler needs to do. In the future, it could also
allow us to give more detailed error messages, as we now have access to
the entire AST and are on the slow path anyway.

Bug: v8:6499
Change-Id: Icdbd4667db548b4e5e62ef97797a3771b5c1bf72
Reviewed-on: https://chromium-review.googlesource.com/c/1396080
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58706}
2019-01-10 15:23:05 +00:00
Jakob Kummerow
fc329ce22a [ubsan] Fix various cases of undefined behavior
Mostly signed integer overflows, and a few cases of double
division by zero (which is defined by IEEE-754 to return
Infinity (or NaN for 0/0) but is UB in C++).
In base/ieee754.cc, use constants for NaN and Infinity instead
of computing these values.
In spaces-unittest.cc, ensure that a large enough allocation
is used.

Bug: v8:3770
Change-Id: I50d9a77dc860ef9993b7b269a5f8c117b0f62f9d
Reviewed-on: https://chromium-review.googlesource.com/c/1403454
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58701}
2019-01-10 13:52:04 +00:00
Jakob Kummerow
40ac5a39fc [ubsan] Fix numerical overflows in wasm
Mostly signed integer overflows, and a few cases of double
division by zero (which is defined by IEEE-754 to return
Infinity (or NaN for 0/0) but is UB in C++).

Bug: v8:3770
Change-Id: Id92725b0ac57cb357978124a3dc6f477430bc97d
Reviewed-on: https://chromium-review.googlesource.com/c/1403133
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58696}
2019-01-10 12:24:51 +00:00
Leszek Swirski
f9a858fc96 [ignition] Remove useless iterator 'done' setting
The 'done' setting dance in BuildFillArrayWithIterator turned out to
not be useful, as the StoreInArrayLiteral call could not ever throw an
exception. Since iterator exceptions count as done, we are guarnteed to
be done as soon as we enter the loop.

Change-Id: Ibe2ba1fcbe383bfcfedb185169890b6931cc7884
Reviewed-on: https://chromium-review.googlesource.com/c/1402792
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58695}
2019-01-10 11:37:42 +00:00
Leszek Swirski
7fbbce5fa1 [ignition] Fix iteration finalization exception suppression
The IteratorClose spec specifies that exceptions in
%GetMethod(iterator.return) are not suppressed by exceptions in the
given continuation (body of a loop, assignments in destructuring),
while exceptions in the execution of iterator.return() are.

This means that we have to split out the property access + a typeof
check to be outside the try-catch, and keep the call inside of it.

The non-split version is only for cases when there is no 'throws'
continuation (as is the case for yield* calling IteratorClose), so
the existing BuildIteratorClose can be renamed to reflect this.

Change-Id: Id71aea4fddd6ffb986bd9aaa09d29615a8800f71
Reviewed-on: https://chromium-review.googlesource.com/c/1402789
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58694}
2019-01-10 11:29:12 +00:00
Jakob Kummerow
af8ff984f6 [ubsan] Fix numerical overflows in the compiler
Mostly signed integer overflows, and a few cases of double
division by zero (which is defined by IEEE-754 to return
Infinity (or NaN for 0/0) but is UB in C++).

Bug: v8:3770
Change-Id: I8007987594ff534ca697c1c3247215a72a001343
Reviewed-on: https://chromium-review.googlesource.com/c/1403132
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58693}
2019-01-10 11:17:37 +00:00
Jakob Gruber
566a885d4a [nojit] Don't allocate executable memory in jitless mode
This CL disables RX (read and execute) permissions for Code memory
when in jitless mode. All memory that was previously allocated RX
is now read-only.

Bug: v8:7777
Cq-Include-Trybots: luci.v8.try:v8_linux_arm_lite_rel_ng
Change-Id: I52d6ed785d244ec33168a02293c5506d26f36fe8
Reviewed-on: https://chromium-review.googlesource.com/c/1390122
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58692}
2019-01-10 10:55:48 +00:00
Yang Guo
c736883ed4 Optionally use halfsiphash for integer hashing.
Change-Id: Ibd14f7b3fe78635675c76ae864112e3a3a7bc701
Reviewed-on: https://chromium-review.googlesource.com/c/1382463
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58674}
2019-01-09 15:20:51 +00:00
Camillo Bruni
e355052048 [parser] Cleaning up adding skippable function preparse data
- Add DataGatheringScope::AddSkippableFunction
- Rename preparsed_scope_data_builder to preparse_data_builder

Change-Id: Ic882de638bed91a6ca4716f88db859410f1450b8
Reviewed-on: https://chromium-review.googlesource.com/c/1400846
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58673}
2019-01-09 15:19:46 +00:00
Leszek Swirski
5e725a2b43 [parser] Don't desugar destructuring declarations.
Emit a single destructuring assignment for destructuring declarations,
which can be desugared by the bytecode generator. This allows us to
remove destructuring desugaring from the parser (specifically, the
pattern rewriter) entirely.

The pattern "rewriter" is now only responsible for walking the
destructuring pattern to declare variables, mark them assigned, and
potentially rewrite scopes for the edge case of parameters with a sloppy
eval.

Note that since the rewriter is no longer rewriting, we have to flip the
VariableProxy copying logic for var re-lookup, so that we now pass the
new VariableProxy to the variable declaration and leave the original
unresolved (rather than passing the original through and rewriting to a
new unresolved VariableProxy).

This change does have some effect on breakpoint locations, due to some
of the available information changing between the parser and bytecode
generator, however the new locations appear to be more consistent
between assignments and declarations.

Change-Id: I3a58dd0a387d2bfb8e5e9e22dde0acc5f440cb82
Reviewed-on: https://chromium-review.googlesource.com/c/1382462
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58670}
2019-01-09 14:09:23 +00:00
Predrag Rudic
d586857cff [MIPS] Add Predrag Rudic and Aleksandar Rikalo as owners of MIPS files
Ivica Bogosavljevic is no longer part of MIPS V8 team, and therefore his
name is removed from OWNERS.

TBR=mstarzinger@chromium.org
NOTRY=true

No-Presubmit: true
Change-Id: I1ea6745b795573a17362dfd869528ddf78b8ab41
Reviewed-on: https://chromium-review.googlesource.com/c/1402775
Commit-Queue: Predrag Rudic <prudic@wavecomp.com>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58667}
2019-01-09 13:40:20 +00:00
Sathya Gunasekaran
f417b4aad8 [class] Fix early error for duplicate private fields
Bug: v8:8656
Change-Id: I86f00d377ac99a065c4ecf02abed08ec4feb3686
Reviewed-on: https://chromium-review.googlesource.com/c/1401214
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58650}
2019-01-09 00:53:05 +00:00
Deepti Gandluri
f8e2634e96 [wasm] Add SIMD Shuffles for x64
Change-Id: I241565dea56db982a46eed8ecdd2fd2692c368ce
Reviewed-on: https://chromium-review.googlesource.com/c/1395800
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58648}
2019-01-08 21:46:39 +00:00
Peter Marshall
8784512feb [cpu-profiler] Add logging to flaky tests
These flakes can't be reproduced locally so we need more information
when they fail. Add some logging so that we can figure out why they
are breaking.

Bug: v8:8649, v8:8648
Change-Id: I2fb1384bb7592c6fc68c08952505e79329f00bec
Reviewed-on: https://chromium-review.googlesource.com/c/1400418
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58641}
2019-01-08 15:38:42 +00:00
Dan Elphick
3427ec9dfb [intepreter] Make bytecode mismatch failures more verbose
Print all the mismatch failures in the bytecode rather than aborting at
the first mismatch.

R=rmcilroy

Change-Id: Id572ead5fdc4d126ac9a05942f940b0eaef7150f
Reviewed-on: https://chromium-review.googlesource.com/c/1400412
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58628}
2019-01-08 12:58:15 +00:00
Jakob Kummerow
683dd5fe17 [ubsan] Misc post-Object-migration cleanup
Bug: v8:3770
Change-Id: I9214212454034cf1238cab43dc34d8d9f8ed2d37
Reviewed-on: https://chromium-review.googlesource.com/c/1398222
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58627}
2019-01-08 12:34:34 +00:00
Jakob Kummerow
ae8f83fe08 [ubsan] Rename ObjectPtr to Object
The two names refer to the same thing by now, so this patch is
entirely mechanical.

Bug: v8:3770
Change-Id: Ia360c06c89af6b3da27fd21bbcaeb2bdaa28ce22
Reviewed-on: https://chromium-review.googlesource.com/c/1397705
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58615}
2019-01-08 09:08:59 +00:00
Sathya Gunasekaran
0bd4e348e0 [dict] Add more useful methods
Change-Id: I1bed84a7aa2004f13a51cc60c4d6596b21968ba8
Bug: v8:6443, v8:7569
Reviewed-on: https://chromium-review.googlesource.com/c/1387995
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58602}
2019-01-07 19:39:34 +00:00
Joyee Cheung
5d40e9de86 [class] show private name in invalid private field access
This patch sets the name slot of the private name symbols for
private fields and display the names in error messages of invalid
private field accesses.

TBR: adamk@chromium.org
Bug: v8:8144
Change-Id: Id34c468e2bddd1c3001517b4d447c7497402df76
Reviewed-on: https://chromium-review.googlesource.com/c/1374332
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Cr-Commit-Position: refs/heads/master@{#58601}
2019-01-07 19:26:23 +00:00
Camillo Bruni
53b9e1ed26 [parser] Rename PreParsedScopeData to PreparseData
We plan to store additional information that is not related to scopes.
The new name will reflect this fact better.

Change-Id: I4ddb1017bc255e6ad271e4448848ed630f367d5b
Reviewed-on: https://chromium-review.googlesource.com/c/1388538
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58591}
2019-01-07 14:49:21 +00:00
peterwmwong
400fe0690f [js] Remove Experimental Extras JS Natives
- Removes build step and bootstrapping associated with building/loading `EXPERIMENTAL_EXTRAS` JS natives.
- Removes `--experimental-extras` flag

Bug: v8:7624
Change-Id: I4c45fe70da42847545037d63e9f1da77f5957f8b
Reviewed-on: https://chromium-review.googlesource.com/c/1397906
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Peter Wong <peter.wm.wong@gmail.com>
Cr-Commit-Position: refs/heads/master@{#58590}
2019-01-07 14:43:41 +00:00
peterwmwong
263dce9b57 [js] Remove CORE JS Natives (prologue.js), port extra utils to C++/Torque
- Removes the last `CORE` JS native script: `prologue.js`.
- Removes build step and bootstrapping associated with building/loading `CORE` JS natives.
- Removes `natives_utils_object` from context.
- Deprecates `--expose-natives-as` flag.
- Ports extra utils functions to C++ (`uncurryThis`) or Torque
  (`createPrivateSymbol`, `markPromiseAsHandled`, and `promiseState`).
- Move extra utils constants initialization into bootstrapper
  (`kPROMISE_PENDING`, `kPROMISE_FULFILLED`, `kPROMISE_REJECTED`).
- Removes unused extra utils functions `log` and `logStackTrace`.

Drive-by: Added test coverage for Array#includes being an unscopeable.

Bug: v8:7624
Change-Id: I5d983f8d11b76cb4dd3c2c67592ce1dc88364cd9
Reviewed-on: https://chromium-review.googlesource.com/c/1381672
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Peter Wong <peter.wm.wong@gmail.com>
Cr-Commit-Position: refs/heads/master@{#58577}
2019-01-07 11:57:46 +00:00
Hajime Hoshi
9301ea6a2a Reset the platform at MockPlatform in the test
This CL fixes the problem that the platform was set at MockPlatform's
constructor but was not reset.

Bug: v8:8527
Change-Id: I21c3b19320885b1b38999161db7cc1b8f15d798e
Reviewed-on: https://chromium-review.googlesource.com/c/1397821
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Hajime Hoshi <hajimehoshi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58574}
2019-01-07 11:47:41 +00:00
Yang Guo
61f4c2251e Assume flat string when checking CompileFunctionInContext arguments.
R=jkummerow@chromium.org

Change-Id: I54c6137a3c6e14d4102188f154aa7216e7414dbc
Reviewed-on: https://chromium-review.googlesource.com/c/1388533
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58562}
2019-01-07 07:19:06 +00:00
Peter Marshall
a0572f0bc7 [cpu-profiler] Reduce the size of inlining information
Previously we stored the source position table, which stored a mapping
of pc offsets to line numbers, and the inline_locations, which stored a
mapping of pc offsets to stacks of {CodeEntry, line_number} pairs. This
was slightly wasteful because we had two different tables which were
both keyed on the pc offset and contained some overlapping information.

This CL combines the two tables in a way. The source position table now
maps a pc offset to a pair of {line_number, inlining_id}. If the
inlining_id is valid, then it can be used to look up the inlining stack
which is stored in inline_locations, but is now keyed by inlining_id
rather than pc offset. This also has the nice effect of de-duplicating
inline stacks which we previously duplicated.

The new structure is similar to how this data is stored by the compiler,
except that we convert 'source positions' (char offset in a file) into
line numbers as we go, because we only care about attributing ticks to
a given line.

Also remove the helper RecordInliningInfo() as this is only actually
used to add inline stacks by one caller (where it is now inlined). The
other callers would always bail out or are only called from
test-cpu-profiler.

Remove AddInlineStack and replace it with SetInlineStacks which adds all
of the stacks at once. We need to do it this way because the source pos
table is passed into the constructor of CodeEntry, so we need to create
it before the CodeEntry, but the inline stacks are not (they are part of
rare_data which is not always present), so we need to add them after
construction. Given that we calculate both the source pos table and the
inline stacks before construction, it's just easier to add them all at
once.

Also add a print() method to CodeEntry to make future debugging easier
as I'm constantly rewriting this locally.

Bug: v8:8575, v8:7719, v8:7203

Change-Id: I39324d6ea13d116d5da5d0a0d243cae76a749c79
Reviewed-on: https://chromium-review.googlesource.com/c/1392195
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58554}
2019-01-04 15:05:55 +00:00
Peter Marshall
af0428aca9 [cpu-profiler] Add source positions for inlined function calls
Currently in both kCallerLineNumbers and kLeafNodeLineNumbers modes, we
correctly capture inline stacks. In leaf number mode, this is simple as
we simply add the path onto the existing tree. For caller line numbers
mode this is more complex, because each path through various inlined
function should be represented in the tree, even when there are
multiple callsites to the same function inlined.

Currently we don't correctly show line numbers for inlined functions.
We do actually have this information though, which is generated by
turbofan and stored in the source_position_table data structure on the
code object.

This also changes the behavior of the SourcePositionTable class. A
problem we uncovered is that the PC that the sampler provides for every
frame except the leaf is the return address of the calling frame. This
address is *after* the call has already happened. It can be attributed
to the next line of the function, rather than the calling line, which
is wrong. We fix that here by using lower_bound in GetSourceLineNumber.

The same problem happens in GetInlineStack - the PC of the caller is
actually the instruction after the call. The information turbofan
generates assumes that the instruction after the call is not part of
the call (fair enough). To fix this we do the same thing as above - use
lower_bound and then iterate back by one.

TBR=alph@chromium.org

Bug: v8:8575, v8:8606
Change-Id: Idc4bd4bdc8fb70b70ecc1a77a1e3744a86f83483
Reviewed-on: https://chromium-review.googlesource.com/c/1374290
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58545}
2019-01-04 11:12:06 +00:00
Ross McIlroy
289452b06e [Test] Disable bytecode flushing in DecideToPretenureDuringCompilation.
The high GC stressing in this tests causes bytecode flushing which breaks some
invariants in the test.

BUG=v8:8629

Change-Id: I7efff098ed4fa96006c8200e174132a6297bd36f
Reviewed-on: https://chromium-review.googlesource.com/c/1394743
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58541}
2019-01-04 10:09:26 +00:00
Clemens Hammacher
4339f5f179 [base] Refactor STATIC_CHAR_VECTOR into a template
Templates are nicer than macros, and in this case it's not more complex.

R=tebbi@chromium.org

Bug: v8:8562
Change-Id: I3aea7b4138f144166418c0827dd7c58ea459c670
Reviewed-on: https://chromium-review.googlesource.com/c/1392200
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58518}
2019-01-03 12:55:15 +00:00
Leszek Swirski
00a2481a24 [ignition] Move destructuring assignments to bytecode generation
Instead of de-sugaring destructuring assignment in the parser (using the
pattern rewriter), pass the Object/ArrayLiterals through to the bytecode
generator, which can desugar them in-place.

This allows us to decrease the amount of AST node creation, and improve
the generated bytecode using domain-specific knowledge. As a side effect
we partially fix an old execution ordering spec bug.

Currently only implemented for assignments, not declarations, as the
latter has some additional complexity.

Bug: v8:4951
Change-Id: I3d69d232bea2968ef20df68a74014d9e05808cfe
Reviewed-on: https://chromium-review.googlesource.com/c/1375660
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58512}
2019-01-03 09:41:27 +00:00
Clemens Hammacher
088bdc00e4 Store TypeCache as pointer instead of reference
Apart from being more in-line with the style guide, this allows to use
DEFINE_LAZY_LEAKY_OBJECT_GETTER for defining {TypeCache::Get}.

R=tebbi@chromium.org

Bug: v8:8562
Change-Id: I016b28624950ce9404180fc1ca1a232551f75cd0
Reviewed-on: https://chromium-review.googlesource.com/c/1392201
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58500}
2019-01-02 17:13:39 +00:00
Igor Sheludko
4a44cf83b0 [cleanup][csa] Introduce Times[SystemPointer|Tagged]Size instead of TimesPointerSize
Bug: v8:8477, v8:8562
Change-Id: I54b857cdacf9360b95d64147a486a0d5fa1ffe10
Reviewed-on: https://chromium-review.googlesource.com/c/1388526
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58473}
2018-12-27 03:48:55 +00:00
Jakob Kummerow
056f927861 [ubsan] Port Object to the new design
Tbr: ahaas@chromium.org,leszeks@chromium.org,verwaest@chromium.org
Bug: v8:3770
Change-Id: Ia6530fbb70dac05e9972283781c3550d8b50e1eb
Reviewed-on: https://chromium-review.googlesource.com/c/1390116
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58470}
2018-12-26 20:54:07 +00:00
Jakob Kummerow
444741ac11 Revert "[error] extend error stack w/ function parameters"
This reverts commit 97628eeeb9.

Reason for revert: breaks compilation in Lite mode, which does not allow overriding of certain flags. See https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket.appspot.com/8926078411629093216/+/steps/build/0/steps/compile/0/stdout.

Original change's description:
> [error] extend error stack w/ function parameters
> 
> Extend FrameArray to hold weak references to parameters for functions in
> the call stack. The goal here is to provide more metadata for postmortem
> tools (such as llnode), especially in cases of rethrowing (this will be
> particularly useful when using postmortem with promises on Node.js).
> 
> Besides postmortem, these changes allow us to print a more detailed
> stack trace for errors with parameters types (or even values), which can
> be useful since JavaScript functions can receive any number of
> parameters of any type, and having a function behave differently
> according to the number of parameters received as well as their types is
> a common pattern on JS libraries and frameworks.
> 
> R=​bmeurer@google.com, yangguo@google.com
> 
> Change-Id: Idf0984d0dbac16041f11d738d4b1c095a8eecd61
> Reviewed-on: https://chromium-review.googlesource.com/c/1289489
> Commit-Queue: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58468}

TBR=yangguo@chromium.org,bmeurer@google.com,bmeurer@chromium.org,mat@mmarchini.me

Change-Id: Ide0a434c1521ab2bbeca6821397ff63ba7d40fe5
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/1390128
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58469}
2018-12-26 19:03:45 +00:00
Matheus Marchini
97628eeeb9 [error] extend error stack w/ function parameters
Extend FrameArray to hold weak references to parameters for functions in
the call stack. The goal here is to provide more metadata for postmortem
tools (such as llnode), especially in cases of rethrowing (this will be
particularly useful when using postmortem with promises on Node.js).

Besides postmortem, these changes allow us to print a more detailed
stack trace for errors with parameters types (or even values), which can
be useful since JavaScript functions can receive any number of
parameters of any type, and having a function behave differently
according to the number of parameters received as well as their types is
a common pattern on JS libraries and frameworks.

R=bmeurer@google.com, yangguo@google.com

Change-Id: Idf0984d0dbac16041f11d738d4b1c095a8eecd61
Reviewed-on: https://chromium-review.googlesource.com/c/1289489
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58468}
2018-12-26 11:54:17 +00:00