Commit Graph

43844 Commits

Author SHA1 Message Date
Toon Verwaest
442bd663a4 [snapshot] Use ThinStrings instead of custom forwarding using the hashfield to deserialize internalized strings
This is necessary to be able to store the string length next to the hash field in the same 64bit word on 64bit architectures. Otherwise the forwarding pointer will overwrite the length breaking heap guarantees. ThinStrings already just do the right thing, so just use that instead.

Bug: v8:7065
Change-Id: I4922365e72421995cd11437cb91572ff56f8a9e8
Reviewed-on: https://chromium-review.googlesource.com/763231
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49352}
2017-11-14 13:46:04 +00:00
Igor Sheludko
68f1dcf9e7 [runtime] Cleanup Map class definition.
.. by using macros for defining field offsets.

Bug: v8:5799
Change-Id: Id76e81bedb8f348b2efaa1d553bebac0ff90b474
Reviewed-on: https://chromium-review.googlesource.com/768382
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49351}
2017-11-14 12:24:35 +00:00
Camillo Bruni
e634740bf9 [log] Support --log-function-events in the parser
This partially retires --trace-parse and --trace-preparse which will be fully removed in
a later CL.

Drive-by-fix: make the Parser constructor arguments order more
consistent.

Bug: chromium:757467
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I80a688ce553adfa65ad346718604bd53a9e606a9
Reviewed-on: https://chromium-review.googlesource.com/744046
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49350}
2017-11-14 10:36:58 +00:00
Andreas Haas
ffee558e14 [cleanup] use unique_ptr for the DefaultPlatform
With this CL, {CreateDefaultPlatform} returns a unique_ptr to indicate
that the caller owns the returned memory. We had several memory leaks
where the memory of the DefaultPlatform did not get deallocated.

In addition, the {TracingController} of the {DefaultPlatform} also gets
received as a unique_ptr. Thereby we document that the {DefaultPlatform}
takes ownership of the {TracingController}. Note that the memory of the
{TracingController} was already owned by the {DefaultPlatform}, but it
was not documented in the interface, and it was used incorrectly in
tests.

This CL fixes the asan issues in 
https://chromium-review.googlesource.com/c/v8/v8/+/753583	
([platform] Implement TaskRunners in the DefaultPlatform)

R=rmcilroy@chromium.org

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I0d1a6d3b22bb8289dc050b1977e4f58381cec675
Reviewed-on: https://chromium-review.googlesource.com/755033
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49349}
2017-11-14 09:57:18 +00:00
Camillo Bruni
6526c6dd10 [RCS] Add explicit tests for function callbacks
This CL adds a very crude unittest to check that RuntimeCallStats work
correctly with api callbacks present. This currently doesn't check that
all parent timers (namely FunctionCallback) are handled properly.

Drive-by-Fix:
- Use Microseconds for all RCS timer tests
- Add TestWithContext::SetGlobalProperty helper
- Use explicit v8:: prefix in test-utils.{h,cc}

Change-Id: I054e78abca0b87a3b9e07d3b06cccdad15403bae
Reviewed-on: https://chromium-review.googlesource.com/766429
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49348}
2017-11-14 09:48:08 +00:00
Michael Stanton
ebe6d7a97f Revert "[TurboFan] Diagnostic code to track down bug in representation selection"
This reverts commit f010b28fbe.

Reason for revert: Introduces a clusterfuzz issue and CAnary crash

Original change's description:
> [TurboFan] Diagnostic code to track down bug in representation selection
> 
> We need to characterize the types of dead (IrOpcode::kDead) nodes
> introduced in compilation phases prior to representation selection.
> Normally, a dead node isn't expected at the start of this phase. The
> question is, which phase introduced the dead node and failed to
> deal with it properly?
> 
> Bug: chromium:780658
> Change-Id: Ief5b45480bb7d704a2d09dafd60b5d389e0fd42e
> Reviewed-on: https://chromium-review.googlesource.com/765968
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Commit-Queue: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49328}

TBR=mvstanton@chromium.org,mstarzinger@chromium.org

Change-Id: I5d628eb1de630ce4a353b6ef0f80fd74ad740f17
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:780658
Reviewed-on: https://chromium-review.googlesource.com/768747
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49347}
2017-11-14 09:26:51 +00:00
peterwmwong
81931e726b Remove NativeWeakMap
Bug: v8:7016
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I5a509fb91a337eec4a58ab4a13d7104e8ba3ff23
Reviewed-on: https://chromium-review.googlesource.com/760677
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49346}
2017-11-14 09:23:08 +00:00
Camillo Bruni
837ce0f9a3 [test] Adjust empty PropertyArray regression test
Make sure we have at least two elements in the Map, otherwise we don't
perform a proper dictionary lookup.

Bug: chromium:781218
Change-Id: I471e3822b95c15e3a5b2ac54c8ad1f030bd54d40
Reviewed-on: https://chromium-review.googlesource.com/768708
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49345}
2017-11-14 09:14:18 +00:00
Michael Achenbach
b6a6f675bc [test] Add fake command to swarming isolate
Temporary fix for isolate archiver behaving weirdly when the command is
missing.

NOTRY=true
TBR=sergiyb@chromium.org

Bug: v8:7012
Change-Id: I1ccee6be16605426e74b6c4a0379fa502106e5a9
Reviewed-on: https://chromium-review.googlesource.com/768727
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49344}
2017-11-14 09:03:18 +00:00
peterwmwong
c5c50e1860 [builtins] Port WeakMap/WeakSet constructor to CSA
- Remove weak-collection.js
- Adds TFJ builtins for WeakSet and WeakMap constructors
- Unified helpers and constructor behavior into a BaseCollectionsAssembler
- Fast paths for...
  - unmodified constructor function
  - argument is a fast JS array
  - entries are fast JS arrays, for Map/WeakMap
  - no arguments passed

Quick benchmarks shows significant improvements (1.12x - 5.7x!) for ALL collection constructors (weak and non-weak):
https://github.com/peterwmwong/v8-perf/blob/master/weakcollection-constructor/README.md

More could be done for performance.  Currently we always call out to JS to add entries, if we knew the prototype was unmodified, we could call the builtins directly.

Bug: v8:5049, v8:6604
Change-Id: Id7912c1eed5bcf512df7fd6238f04166a8a5937e
Reviewed-on: https://chromium-review.googlesource.com/760385
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49343}
2017-11-14 08:43:38 +00:00
Georg Neis
87aeb5eb8b [bigint,compiler] Add new BigInt bitset type.
R=jarin@chromium.org

Bug: v8:6791
Change-Id: I8519d0a9afdb457398ff428d0d3ec0734306052b
Reviewed-on: https://chromium-review.googlesource.com/765947
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49342}
2017-11-14 08:33:03 +00:00
Michal Majewski
a3f983a4ef Use new stress marking flag in gc fuzzer. Skip failed tests.
Bug: v8:6917
Change-Id: I41324b8bf1827c43a652fa5f6b83731eaa17776d
Reviewed-on: https://chromium-review.googlesource.com/766887
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michał Majewski <majeski@google.com>
Cr-Commit-Position: refs/heads/master@{#49341}
2017-11-14 08:31:58 +00:00
Yang Guo
8b54fec88f [heap] print useful message when heap init fails.
R=ulan@chromium.org

This is in response to

https: //github.com/nodejs/node/issues/16901
Change-Id: I78fd5ea5b1d5602c4e48b985189e1b4114ff6443
Reviewed-on: https://chromium-review.googlesource.com/758680
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49340}
2017-11-14 08:18:39 +00:00
Mathias Bynens
88a2b1ee98 [test] Fix cctest/test-regexp/ParserWithoutLookbehind
The lookbehind tests weren’t being skipped in the “without
lookbehind” case, resulting in a redundant test.

Bug: v8:4545
Change-Id: Ia004508373ba6ec49fd9de690909467eb0a15361
Reviewed-on: https://chromium-review.googlesource.com/765468
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49339}
2017-11-14 08:11:17 +00:00
v8-autoroll
f1b4ab1755 Update V8 DEPS.
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/aee17a9..755a485

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I501229bc239cb2f9a26996249daa998f6a0c1e32
Reviewed-on: https://chromium-review.googlesource.com/768447
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49338}
2017-11-14 04:41:15 +00:00
Adam Klein
18cac20c50 [parser] Greatly simplify Array spread rewriting code
Since each Array literal containing a spread is individually queued for
rewriting, there's no need for an AstVisitor here: a simple linear
pass through the queue is sufficient.

This patch deletes AstExpressionRewriter and all the machinery supporting
it in the AST. This code was built with the idea of using it as
a general expression rewriting mechanism in the parser, but those use
cases never materialized, and Array spread remains the only thing
that used this code.

Bug: v8:6092
Change-Id: I754c4883099e840881b005f20216f86e57721d5a
Reviewed-on: https://chromium-review.googlesource.com/765051
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49337}
2017-11-13 20:35:32 +00:00
Michael Achenbach
45e52d520b Revert "Make intl/overrides/caching.js more 'robust'"
This reverts commit 4091f2b3a8.

Reason for revert: Flaky on the bots:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64/builds/21321
https://build.chromium.org/p/client.v8/builders/V8%20Win64/builds/20879
https://build.chromium.org/p/client.v8/builders/V8%20Win64%20-%20msvc/builds/101

Original change's description:
> Make intl/overrides/caching.js more 'robust'
> 
> Bug: None
> Test: intl/overrides/caching
> Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng
> Change-Id: Iffd0f58f76d6514924badca18a2112df572e53d2
> Reviewed-on: https://chromium-review.googlesource.com/757945
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Commit-Queue: Jungshik Shin <jshin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49334}

TBR=adamk@chromium.org,jshin@chromium.org

Change-Id: Id2fe00089c2bcbc8ecc7958fe13c8a80da733e60
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: None
Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/766288
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49336}
2017-11-13 19:13:13 +00:00
Adam Klein
ead5abac9d [bigint] Correct StringToBigInt radix and junk handling
Fix two more places where StringToBigInt differs from parseInt:
  - Binary and octal radix prefixes are supported
  - Trailing non-whitespace junk is not allowed

This is done with a new Behavior enum in BigIntParseIntHelper,
along with a couple of bool configuration flags in StringToIntHelper.

Bug: v8:6791, v8:7038
Change-Id: Ib91bfc5ccb04ad0dd6c99bc81e19c1239264a469
Reviewed-on: https://chromium-review.googlesource.com/764595
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49335}
2017-11-13 18:55:00 +00:00
Jungshik Shin
4091f2b3a8 Make intl/overrides/caching.js more 'robust'
Bug: None
Test: intl/overrides/caching
Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: Iffd0f58f76d6514924badca18a2112df572e53d2
Reviewed-on: https://chromium-review.googlesource.com/757945
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Jungshik Shin <jshin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49334}
2017-11-13 18:42:10 +00:00
Jungshik Shin
bfaa6ef7b8 Avoid a double encoding conversion
BUG=None
TEST=test262/intl402/NumberFormat/* , intl/number-format/*

Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: I4fed7c749db1aee390675003d7dfdfea7bb94c7c
Reviewed-on: https://chromium-review.googlesource.com/760042
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Jungshik Shin <jshin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49333}
2017-11-13 18:40:00 +00:00
Michal Majewski
91497ff8eb [test] Enable random marking start points.
Stress marking by starting it in random points between 0 and
--stress_marking percent of the standard limit.

Bug: v8:6972

Change-Id: I84572ba937f34cf4fd7b5eb2d532f48ff122a060
Reviewed-on: https://chromium-review.googlesource.com/763453
Commit-Queue: Michał Majewski <majeski@google.com>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49332}
2017-11-13 16:50:10 +00:00
Camillo Bruni
306bb1ff2d [runtime] Merge HandleSlackTracking and AllocateJSObjectFromMap
This CL fixes uses of HandleSlackTracking which previously would write
fields twice. Additional checks ensure that only proper initial maps are
used with slack tracking.

Change-Id: Ifb03297635ed6b873eb8b27fec9794c9d36b71b6
Reviewed-on: https://chromium-review.googlesource.com/664810
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49331}
2017-11-13 16:38:30 +00:00
Michael Starzinger
5aff110b3c [wasm] Narrow code-space modification scopes.
R=hpayer@chromium.org

Change-Id: I748df06492b1712ff15cd56f6eeb159545986c93
Reviewed-on: https://chromium-review.googlesource.com/766431
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49330}
2017-11-13 16:17:20 +00:00
Michael Achenbach
58b4af1b45 [test] Skip some tests on gc fuzzer
NOTRY=true
TBR=majeski@google.com

Bug: v8:7012
Change-Id: Iaac782596ab3fdb7338f04fe7b3af7474b36fa57
Reviewed-on: https://chromium-review.googlesource.com/766347
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49329}
2017-11-13 15:01:35 +00:00
Mike Stanton
f010b28fbe [TurboFan] Diagnostic code to track down bug in representation selection
We need to characterize the types of dead (IrOpcode::kDead) nodes
introduced in compilation phases prior to representation selection.
Normally, a dead node isn't expected at the start of this phase. The
question is, which phase introduced the dead node and failed to
deal with it properly?

Bug: chromium:780658
Change-Id: Ief5b45480bb7d704a2d09dafd60b5d389e0fd42e
Reviewed-on: https://chromium-review.googlesource.com/765968
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49328}
2017-11-13 15:00:20 +00:00
Michael Starzinger
2bc09c95fb [builtins] Add stack check during generator resumption.
This fixes a corner-case where resuming a suspended generator would not
perform stack overflow checks and hence cause the stack to grow without
bounds.

R=neis@chromium.org
BUG=chromium:781583

Change-Id: Ib04116e489ac6b962cb821263860497abb57bbae
Reviewed-on: https://chromium-review.googlesource.com/765953
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49327}
2017-11-13 14:52:10 +00:00
Michal Majewski
392ab01d61 Introduce status file variable gc_fuzzer.
Bug: v8:6917
Change-Id: Ib983e3dfa8fac25fd494fb24e245bfd0caadd7fd
Reviewed-on: https://chromium-review.googlesource.com/766187
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michał Majewski <majeski@google.com>
Cr-Commit-Position: refs/heads/master@{#49326}
2017-11-13 14:33:10 +00:00
Camillo Bruni
b4c9e2e716 [unittests] Add TestWithIsolate::RunJS helper method
- Update most callsites to use the new RunJS method
- Update tests to use TestWithNativeContext if possible
- Remove RunJS from test-helpers.cc
- Remove TestWithRandomNumberGenerator from test-utils.h

Change-Id: Ib2a6cc56334dc391ca6a2aeb7780fa324f44f109
Reviewed-on: https://chromium-review.googlesource.com/765373
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49325}
2017-11-13 14:27:51 +00:00
Ulan Degenbaev
214f920ae5 [heap] Support ephemeral paths with --track-retaining-path flag.
If there is a WeakMap in a retaining path of an object, then we have
two choices:
1) use the WeakMap backing store as the retainer.
2) use the key in the WeakMap as the retainer.
Both cases can be useful for debugging memory leaks.

This patch adds a second parameter to %DebugTrackRetainingPath().

If this parameter is "track-ephemeral-path", then the retaining path
printer will use the key in the WeakMap as a retainer. Otherwise,
the WeakMap backing store will be reported as the retainer.

Bug: v8:6987
Change-Id: I9feae25bc734c3abed501b9f901a36d2248a105c
Reviewed-on: https://chromium-review.googlesource.com/753343
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49324}
2017-11-13 13:38:20 +00:00
Michael Lippautz
c44da6c271 [api] Refine description for PersistentBase::MarkActive
Bug: chromium:780749
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Ifd7da70dd9adffe5de7f126539c4780799d55673
Reviewed-on: https://chromium-review.googlesource.com/763528
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49323}
2017-11-13 13:19:42 +00:00
Michael Achenbach
9d5e17a7a9 [build] Remove MB configs for removed bots
NOTRY=true
NOTREECHECKS=true
TBR=sergiyb@chromium.org

Bug: chromium:782226
Change-Id: I108616ea7c94040b29e5522fdd6bded420771414
Reviewed-on: https://chromium-review.googlesource.com/758266
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49322}
2017-11-13 12:43:37 +00:00
Leszek Swirski
13d0784dc1 [compiler] Fix isolate cache/consume cache histogram sample
The consume code cache code path was only taken in the case where the
isolate cache lookup failed, making the "hit isolate cache when consume
code cache" histogram sample never work.

Bug: chromium:769203
Change-Id: I15398f9ce4fc53602b323b8efb8ac9787440dd85
Reviewed-on: https://chromium-review.googlesource.com/765455
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49321}
2017-11-13 12:11:03 +00:00
Daniel Clifford
cecbe26bca Fix index bug in splicing dictionary element arrays
Bug: chromium:783119
Change-Id: I617db4f6740fb2cfe036ccf162a12aa2bac28e86
Reviewed-on: https://chromium-review.googlesource.com/763460
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49320}
2017-11-13 11:21:40 +00:00
Michael Achenbach
2662b214f7 [test] Mark slow test on msan
NOTRY=true
TBR=sergiyb@chromium.org

Change-Id: I200c088d3cf1c3c1a16040b1395b534ccd9d9268
Reviewed-on: https://chromium-review.googlesource.com/765471
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49319}
2017-11-13 10:59:03 +00:00
Camillo Bruni
eab2f2e654 Disallow empty PropertyArray as properties backing store
The only empty PropertyArray is the empty_property_array object on the
isolate. Allowing empty PropertyArrays causes the turbofan to ignore the
existing hash when growing the backing store again. We currently only end
up with the empty PropertyArray when following back transitions.

Bug: chromium:781218, chromium:783713
Change-Id: If41dd09b965cdc8d957b9ca50ba3c8a7f4254769
Reviewed-on: https://chromium-review.googlesource.com/763230
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49318}
2017-11-13 10:56:53 +00:00
Michael Achenbach
61d85e6975 Whitespace change to trigger bots
Bug: 
Change-Id: I1fbe94b3f874e24abc8ce2a6387ffe9d31dbb7b0
Reviewed-on: https://chromium-review.googlesource.com/765659
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49317}
2017-11-13 10:47:44 +00:00
Yuki Shiino
84ad1f7c71 Export Context::BackupIncumbentScope.
This patch adds a missing V8_EXPORT to Context::BackupIncumbentScope.

Bug: 
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Ic4146ee1dad2f84222671fc54b4a463282356417
Reviewed-on: https://chromium-review.googlesource.com/762834
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Yuki Shiino <yukishiino@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49316}
2017-11-13 07:32:47 +00:00
Jakob Gruber
8122afa726 Revert "Reland "[Memory] Use OS::Allocate for all OS memory allocations.""
Revert this and its follow-up as suspect for current canary OOM crasher.

This reverts commit 4899bcb66d.
This reverts commit b73ee3344a.

TBR=adamk@chromium.org,hpayer@chromium.org

Bug: chromium:783708
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I4c00582e7ab2df22216ad6732e2843e9958db0c0
Reviewed-on: https://chromium-review.googlesource.com/765447
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49315}
2017-11-11 19:49:26 +00:00
Mathias Bynens
2feb99dc8a Reland "Ship RegExp Unicode property escapes" 🔥
This is a reland of 6f890fd5b2
Original change's description:
> Ship RegExp Unicode property escapes
>
> Intent to ship:
> https://groups.google.com/d/msg/v8-users/isa2JrstEbE/i6UvFO7RBwAJ
>
> BUG=v8:4743
>
> Change-Id: I62cdc6fa1f114fc8be26c5cf354c45a15ce49ab7
> Reviewed-on: https://chromium-review.googlesource.com/761776
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Commit-Queue: Mathias Bynens <mathias@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49312}

Bug: v8:4743
Change-Id: I6618242b147472a9a083573299ed3b3dda5ac6ed
Reviewed-on: https://chromium-review.googlesource.com/764908
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49314}
2017-11-11 17:18:45 +00:00
Michael Achenbach
30d50b3cc7 Revert "Ship RegExp Unicode property escapes"
This reverts commit 6f890fd5b2.

Reason for revert: Breaks layout test:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/19671

https://github.com/v8/v8/wiki/Blink-layout-tests

Original change's description:
> Ship RegExp Unicode property escapes
> 
> Intent to ship:
> https://groups.google.com/d/msg/v8-users/isa2JrstEbE/i6UvFO7RBwAJ
> 
> BUG=v8:4743
> 
> Change-Id: I62cdc6fa1f114fc8be26c5cf354c45a15ce49ab7
> Reviewed-on: https://chromium-review.googlesource.com/761776
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Commit-Queue: Mathias Bynens <mathias@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49312}

TBR=adamk@chromium.org,yangguo@chromium.org,mathias@chromium.org

Change-Id: I5e09070582cf247f61429a1d45ae5faa3d21518e
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:4743
Reviewed-on: https://chromium-review.googlesource.com/765348
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49313}
2017-11-11 12:59:58 +00:00
Mathias Bynens
6f890fd5b2 Ship RegExp Unicode property escapes
Intent to ship:
https://groups.google.com/d/msg/v8-users/isa2JrstEbE/i6UvFO7RBwAJ

BUG=v8:4743

Change-Id: I62cdc6fa1f114fc8be26c5cf354c45a15ce49ab7
Reviewed-on: https://chromium-review.googlesource.com/761776
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49312}
2017-11-11 09:39:25 +00:00
v8-autoroll
84dfd738ee Update V8 DEPS.
Rolling v8/build: 3dd2b5f..98bbbff

Rolling v8/third_party/android_tools: https://chromium.googlesource.com/android_tools/+log/4a9623a..9914c57

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/f83c79a..aee17a9

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: Ie699606b3a50ce4bb49d2aa10f0238834d4fb355
Reviewed-on: https://chromium-review.googlesource.com/764672
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49311}
2017-11-11 04:45:53 +00:00
Mircea Trofin
575aa7b84b Add primitives-based constructor for RelocIterator
This is meant to be used from the native wasm datastructures

Bug: v8:6876
Change-Id: Ie865cf3277b24f25e1845bf32837be1a24047472
Reviewed-on: https://chromium-review.googlesource.com/764502
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49310}
2017-11-10 22:49:37 +00:00
Adam Klein
fbb008a6c9 Add adamk to a few WATCHLISTS
And add a watchlist for the C++ API.

Change-Id: Id82d7191153afe701fc11958ba36ce7a8b29bef2
Reviewed-on: https://chromium-review.googlesource.com/764548
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49309}
2017-11-10 21:38:29 +00:00
Josh Wolfe
b4ccfdfbfe [intl] ship --harmony-number-format-to-parts
R=littledan@chromium.org, adamk@chromium.org

Bug: v8:5244
Change-Id: I1186601bc05bd5348acb4b0e1242d7d074020ad9
Reviewed-on: https://chromium-review.googlesource.com/757564
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Commit-Queue: Josh Wolfe <jwolfe@igalia.com>
Cr-Commit-Position: refs/heads/master@{#49308}
2017-11-10 21:02:57 +00:00
Mircea Trofin
92e3975de3 Add primitives-based constructor for SafepointTable
This allows SafepointTables to be reused by the upcoming WasmCode
(wasm out of the GC heap), and integrate with the stack iterator.

Bug: v8:6876
Change-Id: I24ff78a073fa99aeabe12a0c5a12709f5b1461a2
Reviewed-on: https://chromium-review.googlesource.com/764370
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49307}
2017-11-10 20:50:32 +00:00
Pierre Langlois
85e25df619 [csa] Transform multiplications into left shifts
Turn cases where we are multiplying with a power of two into a left shift. We
hit this optimisation roughly 500 times in the snapshot.

Bug: 
Change-Id: Ibd3104a3dbe49f247a2d84db94891f6e3a897026
Reviewed-on: https://chromium-review.googlesource.com/763229
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Pierre Langlois <pierre.langlois@arm.com>
Cr-Commit-Position: refs/heads/master@{#49306}
2017-11-10 18:29:11 +00:00
Bill Budge
b73ee3344a [Memory] Eliminate OS::ReleaseRegion.
- Eliminates OS::ReleaseRegion, replacing with calls to OS::Free.
- Adds bool return value to OS::Free.
- Cleans up types of flags, protection on Windows and Cygwin.

Bug: chromium:756050
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I6a642374e33876966a5552fb0cdf552dc6d79aaa
Reviewed-on: https://chromium-review.googlesource.com/762345
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49305}
2017-11-10 17:43:41 +00:00
Benjamin
4d3bc552b5 [coverage] add coverage for binary expressions
Adds block-level coverage tracking for binary && and ||
expressions. Introduces a BinaryOperation source-range
for tracking the operations themselves and an Expression
source-range, used for tracking NaryLogical expressions.

This builds on work by jgruber@chromium.org in
the issue.

TBR=marja@chromium.org
R=jgruber@chromium.org, rmcilroy@chromium.org

Bug: v8:6660
Change-Id: I83a81f13a3514a734c06948b2d3e91138fb00e18
Reviewed-on: https://chromium-review.googlesource.com/754564
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49304}
2017-11-10 17:41:51 +00:00
Jakob Gruber
e4b394a1f4 Revert "Reland "[runtime] Slightly optimize creation of class literals.""
This reverts commit 22932d6b43.

Reason for revert: TSAN https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/18232

Original change's description:
> Reland "[runtime] Slightly optimize creation of class literals."
> 
> Bug: v8:5799
> Change-Id: I782ec131c7194aef20942a19750168a974913c3f
> Reviewed-on: https://chromium-review.googlesource.com/757337
> Commit-Queue: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49291}

TBR=ulan@chromium.org,rmcilroy@chromium.org,jarin@chromium.org,ishell@chromium.org,verwaest@chromium.org

Change-Id: I0742d25b0e2364efc696d19492ba20614a3821fa
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:5799
Reviewed-on: https://chromium-review.googlesource.com/763458
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49303}
2017-11-10 16:00:31 +00:00