Commit Graph

44674 Commits

Author SHA1 Message Date
Jaroslav Sevcik
1da91b8389 Reland "[deoptimizer] Staged materialization of objects."
This relands commit e71b802279.

This can now back in as the fix for chromium:787301 had enough time to
be tested in Canary.

Original change's description:
> [deoptimizer] Staged materialization of objects.
>
> The existing object materialization in the deoptimizer has the following problems:
>
> - Objects do not necessarily verify during materialization (because during the
>   depth first walk we might have inconsistent objects).
>
> - Stack can overflow (because we just materialize using recursive calls).
>
> - We generalize object fields.
>
>
> This CL re-implements the materialization algorithm to solve this problem. The
> new implementation creates the objects in two steps:
>
> 1. We allocate space for all the objects. In general, we allocate ByteArrays
>    of the right size. For leaf objects that cannot participate in cycles,
>    we build and initialize the materialized objects completely.
>
>    For JS objects, we insert markers into the byte array at the positions
>    where unboxed doubles are expected.
>
> 2. We initialize all the objects with the proper field values and change the
>    map from the ByteArray map to the correct map. This requires some sync
>    with the concurrent marker (Heap::NotifyObjectLayoutChange).
>
>    When initializing the JS object fields, we make sure that we respect
>    the unboxed double marker.
>
> Bug: chromium:770106, v8:3836
> Change-Id: I1ec466a9d19db9538df4ba915516d4c3ca825632
> Reviewed-on: https://chromium-review.googlesource.com/777559
> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49821}

Bug: chromium:770106, v8:3836
Change-Id: Ied6c4e0fbae52713e55ae6dc13794a7521dbb8a5
Reviewed-on: https://chromium-review.googlesource.com/817745
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49982}
2017-12-11 08:45:58 +00:00
jing.bao
6ed2690e5c [ia32][wasm] Enable more SIMD tests on IA32
Implement IA32Movdqu
Add vmovdqu and Movdqu macro

Bug: 
Change-Id: Idc2b5c99adf38d6120ff451bde40d4ad8f2046de
Reviewed-on: https://chromium-review.googlesource.com/815944
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Jing Bao <jing.bao@intel.com>
Cr-Commit-Position: refs/heads/master@{#49981}
2017-12-11 02:28:06 +00:00
Mikhail Gusarov
f987549009 [build] Do not fail build if source dir has 'debug' in it.
If the source checkout had 'debug' somewhere in the path name, then
IsDebuggerFile() marked all modules as debug ones, which triggered
an assertion during snapshot generation.

Bug: 
Change-Id: I93537efca9152c5469bb760f32ca53b06351f7a4
Reviewed-on: https://chromium-review.googlesource.com/809205
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49980}
2017-12-10 22:26:34 +00:00
Bill Budge
f848965ef1 [D8] Clean up a few things.
- Remove unnecessary LSAN #include.
- Use i:: instead of internal:: for consistency.

Bug: 
Change-Id: I783b28402bf9c661e51b629167ec73b98a6b9fd7
Reviewed-on: https://chromium-review.googlesource.com/818198
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49979}
2017-12-10 15:41:04 +00:00
v8-autoroll
148b2615f1 Update V8 DEPS.
Rolling v8/build: d1735e8..ca599b0

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I76ab6088eecbfd6ae27c76ed0f39c51f6918f903
Reviewed-on: https://chromium-review.googlesource.com/817589
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49978}
2017-12-10 04:52:27 +00:00
Caitlin Potter
84a71a585a [parser] classify binding pattern errors when parsing await expression
await expressions are an invalid destructuring target, and should
result in a SyntaxError when used in a position where a destructuring
target is expected.

BUG=v8:7173
R=marja@chromium.org, adamk@chromium.org

Change-Id: I1bdb4bc13cb2e3e904fc4389a6e0abca1e0ed17f
Reviewed-on: https://chromium-review.googlesource.com/811946
Reviewed-by: Sathya Gunasekaran (ooo until 12/12) <gsathya@chromium.org>
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#49977}
2017-12-09 16:29:23 +00:00
v8-autoroll
ff3d8321d5 Update V8 DEPS.
Rolling v8/build: 404c19d..d1735e8

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/16753e0..d624b3c

Rolling v8/third_party/icu: 26f7d8a..e3b480d

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I2b61a541b5ff881d1d911f2b560661b8c1f0be7d
Reviewed-on: https://chromium-review.googlesource.com/818157
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49976}
2017-12-09 05:03:34 +00:00
Eric Holk
f3897c7e9e [wasm] cleanup after https://crrev.com/c/802322
Bug: v8:7143
Change-Id: Ie8eee40ba1761a5790dc67a8ce03d2b2cb949722
Reviewed-on: https://chromium-review.googlesource.com/815677
Commit-Queue: Eric Holk <eholk@chromium.org>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49975}
2017-12-09 00:55:04 +00:00
Ali Ijaz Sheikh
70598c505f [heap] match old space limit computation with new space
NewSpace::UpdateInlineAllocationLimit was computing the limit slighly
differently. Make old space and new space more consistent. The way
new space does it makes more sense as, logically, the step starts from
beyond the current object being allocated (size_in_bytes).

This behaviour change in preperation for a subsequent CL that refactors
a common SpaceWithLinearArea::ComputeLimit.

NewSpace: :UpdateInlineAllocationLimit and PagedSpace::ComputeLimit into
Change-Id: Ibe918d46dccf8e80ed35c770b3c365c3970d07ea
Reviewed-on: https://chromium-review.googlesource.com/815277
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com>
Cr-Commit-Position: refs/heads/master@{#49974}
2017-12-08 23:21:33 +00:00
Bill Budge
d15a7e85f9 [d8] ArrayBuffer size must be less than 2GB.
- Changes d8 ArrayBuffer::Allocators to restrict size to < 2GB on the
  Allocate/AllocateUninitialized paths. Reserve can still create larger
  ArrayBuffers.

Bug: chromium:793196
Change-Id: I662f8c681f715457d630df31039a1ea4d17cfafc
Reviewed-on: https://chromium-review.googlesource.com/817763
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49973}
2017-12-08 22:00:54 +00:00
Sergiy Byelozyorov
3ce02aa743 Whitespace CL
TBR=sergiyb@chromium.org

Change-Id: I23875fb4d02321767df92b41957f7f915fae7ffc
Reviewed-on: https://chromium-review.googlesource.com/817567
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49972}
2017-12-08 19:48:59 +00:00
Sergiy Byelozyorov
18efffcf7e Reland "[tools] Migrate v8_linux64_asan_rel_ng and v8_linux64_asan_rel_ng_triggered to LUCI"
This is a reland of 72e7b60bb4
Original change's description:
> [tools] Migrate v8_linux64_asan_rel_ng and v8_linux64_asan_rel_ng_triggered to LUCI
>
> No-Try: true
> Bug: chromium:748008, chromium:748000
> Change-Id: I487b7e85ade29b9aeaa9aeb4c90fd220581899a0
> Reviewed-on: https://chromium-review.googlesource.com/806171
> Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49938}

No-Try: true
Bug: chromium:748008, chromium:748000
Change-Id: I406543c15285db81adcd0979fc25397229ddff64
Reviewed-on: https://chromium-review.googlesource.com/814715
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49971}
2017-12-08 18:50:00 +00:00
Ulan Degenbaev
12779b16b0 [heap] Use unchecked length getter for concurrent marking of FixedArray.
If the fixed array is being concurrently left-trimmed then checked
getter can assert because the length is not necessarily a Smi.

This patch uses unchecked length getter to cache the length as Object*.
Only if the marker manages to color the array black, we are guaranteed
that the cached length is a Smi.

This patch also uses unchecked cast for FixedArray in HeapVisitor
for concurrent marker.

Note that this patch only affects debug mode.

Bug: chromium:694255
Change-Id: I5016a2234a9f5fb98b498e06f5d1428b3f1cc3c6
Reviewed-on: https://chromium-review.googlesource.com/817554
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49970}
2017-12-08 17:38:31 +00:00
Camillo Bruni
bbf43d8488 [api] Make api-arguments.h interface more obvious
- Introduce explicit CallXXX helpers in PropertyCallbackArguments for
  all Callback functions exposed in the api.
- Add bit on the Interceptors for checking whether they for names or
  indices.


Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Id862e4e39ba75b4610156adfe83f3eecfb2c048f
Reviewed-on: https://chromium-review.googlesource.com/799910
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49969}
2017-12-08 15:55:41 +00:00
Andreas Haas
3c395b20cf [wasm] Update spec tests
I also adjusted the update script because the output directory of the
run.py script we call has changed.

R=clemensh#chromium.org

Change-Id: I432c81f1a2ffd3c96a294f771064672f7edad250
Reviewed-on: https://chromium-review.googlesource.com/817275
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49968}
2017-12-08 15:25:10 +00:00
Sigurd Schneider
0afbcdfac1 Add output operator to VectorSlotPair
Bug: v8:7127
Change-Id: Ibdbf6c5627f3fe8a29ae44cc0c284896c344a0ae
Reviewed-on: https://chromium-review.googlesource.com/817295
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49967}
2017-12-08 15:21:50 +00:00
Ali Ijaz Sheikh
eb62a4aba4 [heap] make SupportsInlineAllocation virtual in SpaceWithLinearArea
This is a prepratory change to allow more refactoring of code between
New and PagedSpace.

Bug: 
Change-Id: Iabda8365cae0de2278d772e56728e900e688c9aa
Reviewed-on: https://chromium-review.googlesource.com/815904
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com>
Cr-Commit-Position: refs/heads/master@{#49966}
2017-12-08 15:13:50 +00:00
Sigurd Schneider
47a81f0bd2 Add speculation mode to Call node
This patch adds a field for the speculation mode to Call
nodes, and passes the speculation mode from the CallIC
to the Call node in the byte code graph builder.

Bug: v8:7127
Change-Id: I89fa10643b46143b36776de1d5ba6ebe3fa2c878
Reviewed-on: https://chromium-review.googlesource.com/814537
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49965}
2017-12-08 14:51:10 +00:00
Michael Achenbach
325a56cdd1 [test] Move predictable testing into a python wrapper
This moves the verify-predictable logic from the test runner into
a python wrapper script.

This revealed two more tests that don't print allocations, which are
now skipped.

Bug: v8:7166, v8:7177
Change-Id: Ie4a541cb2a20900414ffe1caf4b3fccc4a5edb52
Reviewed-on: https://chromium-review.googlesource.com/808971
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49964}
2017-12-08 14:46:10 +00:00
jgruber
301d74ce80 Revert "[regexp] Limit ATOM regexps to patterns length <= 2"
This reverts commit 1081720532.

While increasing the number of IRREGEXP regexp instances (vs. ATOM)
gives us a 3% perf improvement, it also results in higher memory
overhead. This CL is the suspected culprit for the recent 5x increase
in OOM crashes from within regexp codegen.

Bug: v8:6633, chromium:790833
Change-Id: Icca70b31fbda8cfb7a63dc895f6665dfe534359d
Reviewed-on: https://chromium-review.googlesource.com/817294
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49963}
2017-12-08 14:43:02 +00:00
Ivica Bogosavljevic
e1de82b431 Fix compilation failure due to explicit constructor
Some buildbots were not compiling due to error `chosen constructor
is explicit in copy-initialization`

Bug: 
Change-Id: I24b8f1c4467e05e2832d8252a4cfe7352e1e91da
Reviewed-on: https://chromium-review.googlesource.com/813758
Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49962}
2017-12-08 14:39:21 +00:00
John Barboza
3c5cb5e5c7 AIX: [Memory] Use madvise on POSIX to allow OS to reclaim memory.
Port 2cbfa2444d

Original Commit Message:

  [Memory] Use madvise on POSIX to allow OS to reclaim memory.

  - Use madvise when setting no permissions on memory.
  - Move platform specific mmap flag calculations to a helper fn.

  Bug: chromium:756050,chromium:788341
  Change-Id: I7d420a0abee9656a57fb0317301322da2fd7d7b5
  Reviewed-on: https://chromium-review.googlesource.com/790932


Change-Id: I5f7957066d0be96bd429b3d55c9293ffb996750c
Reviewed-on: https://chromium-review.googlesource.com/804554
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49961}
2017-12-08 14:21:50 +00:00
Michael Lippautz
4c7f2d814f [heap] Minor MC: Pause concurrent marking
Bug: 
Change-Id: I4e105a3a09fe3b58255189bb89fa38224078ae5c
Reviewed-on: https://chromium-review.googlesource.com/817196
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49960}
2017-12-08 13:33:33 +00:00
Sigurd Schneider
7be22a8c62 Use bits of call count on CallIC as flags
This CL uses bits of the call count as flags according
to CallCountField and SpeculationModeField defined in
CallICNexus.

Bug: v8:7127
Change-Id: I3f64c1807d61410f9029b46b9a59a1fcaa5a0a3b
Reviewed-on: https://chromium-review.googlesource.com/808926
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49959}
2017-12-08 13:31:03 +00:00
Michael Starzinger
64a4f4171d [builtins] Remove redundant branch in {AdvanceBytecodeOffset}.
Change-Id: I8485e7f11a1e105da79ea9bc99392c77666249ce
Reviewed-on: https://chromium-review.googlesource.com/816894
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49958}
2017-12-08 12:37:33 +00:00
Jaroslav Sevcik
27642eb00b [logging] Fix logging of lazy deserialized bytecode handlers.
Bug: v8:7180
Change-Id: If246db425a493e52092cba0fc28b1f02bd8d5db8
Reviewed-on: https://chromium-review.googlesource.com/816835
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49957}
2017-12-08 12:07:24 +00:00
jgruber
f9fe6d8d48 [debug] Refactor initialization of the feedback vector list
This separates common logic that applies to both coverage/type profiling
(i.e. collecting feedback vectors into the list) from work that's only
required by coverage (resetting SFI::has_reported_binary_coverage and
FeedbackVector::invocation_count).

Bug: v8:6000
Change-Id: Icb36a8a6af34b3a425814d69653e331ca8f76cd5
Reviewed-on: https://chromium-review.googlesource.com/813922
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Franziska Hinkelmann <franzih@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49956}
2017-12-08 12:01:53 +00:00
Ulan Degenbaev
e91234c1a4 [heap] Correctly restore platform in IncrementalMarkingUsingTasks test.
Bug: 
Change-Id: I9003407826865f1befb0ea7de60aa9fce2766da7
Reviewed-on: https://chromium-review.googlesource.com/814675
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49955}
2017-12-08 10:39:12 +00:00
Martyn Capewell
1614388fd6 Align deopt frame for JSConstructStub
Add an element of padding to the frame constructed by the deoptimiser
when entering JSConstructStub, and update the non-arm64 backends such
that the frames agree for normal and deopt entry.

Bug: v8:6644
Change-Id: I99625e75760f0695b2389446c2ac3cac97c220f4
Reviewed-on: https://chromium-review.googlesource.com/814397
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
Cr-Commit-Position: refs/heads/master@{#49954}
2017-12-08 10:30:42 +00:00
Georg Neis
d8a5506ce8 [modules] Include module specifier in instantiation error messages.
Bug: chromium:780819
Change-Id: I07c5ff3cf955edb087a175ea2d71a35e0f520ec3
Reviewed-on: https://chromium-review.googlesource.com/813839
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49953}
2017-12-08 09:11:58 +00:00
Clemens Hammacher
060f868edf [Liftoff] Store safepoint info
This CL prepares support for memory operations, where we will need to
call runtime functions for trapping, and hence need safepoint
information for iterating the frames correctly.

R=titzer@chromium.org

Bug: v8:6600
Change-Id: I8c65d80cd69747d13d9084e7427253413fb4b808
Reviewed-on: https://chromium-review.googlesource.com/810784
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49952}
2017-12-08 08:53:08 +00:00
Lei Zhang
c0fe7846c7 Update third_party/binutils version to match Chromium.
This upgrades binutils from 2.26 to 2.28.

BUG=chromium:761307

Change-Id: If556ca5912b4c06fdeb3f52b43a2530dfcabb624
Reviewed-on: https://chromium-review.googlesource.com/816017
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49951}
2017-12-08 07:28:26 +00:00
v8-autoroll
0272d38257 Update V8 DEPS.
Rolling v8/build: b70ba2b..404c19d

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/82cfea0..16753e0

Rolling v8/third_party/icu: 741688e..26f7d8a

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I866cbe195397f99ab5a9668bf36d6f2310da8a02
Reviewed-on: https://chromium-review.googlesource.com/816537
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49950}
2017-12-08 05:01:06 +00:00
Alexey Kozyatinskiy
1d5d6a0442 [inspector_protocol] roll to 752d4abd13119010cf30e454e8ef9b5fb7ef43a3
Includes:
- Better windows support in json generator.
- Add PDL2JSON, don't paste descriptions as comments into generated code.
- [inspector_protocol] generated only used types

R=pfeldman@chromium.org

Bug: none
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I3c634359b3ac4b00293ac7c5ee224dab53aae7ca
Reviewed-on: https://chromium-review.googlesource.com/810204
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Pavel Feldman <pfeldman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49949}
2017-12-08 03:48:06 +00:00
Mircea Trofin
f2e19a6387 [wasm] Add --wasm-jit-to-native under --future
Bug: v8:6876
Change-Id: I9de5218e4f44f3d593b93772283b2c1df0b07660
Reviewed-on: https://chromium-review.googlesource.com/809265
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49948}
2017-12-08 03:04:06 +00:00
Mircea Trofin
1048a6b4ea [wasm] Fix wasm-jit-to-native + W^X GC heap interaction issues
- in certain cases, we need both modification scopes because we may
mutate JS functions, even in the jit-to-native case - e.g. JS-to-wasm
wrappers
- added handling for wasm-to-wasm wrappers in the context of lazy
compilation.

Bug: v8:7105
Change-Id: I085c14e03ef0b08d040998f2207abf7bc3fff01c
Reviewed-on: https://chromium-review.googlesource.com/811285
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49947}
2017-12-08 02:21:46 +00:00
Mircea Trofin
4aa0d017ab Revert "Revert "[wasm] Fix wasm-to-wasm handling in 'native heap' lazy compile""
This reverts commit d59063b5e8.

Reason for revert: worked around android toolchain issue. 
chromium:771171 is expected to address android toolchain issue

Original change's description:
> Revert "[wasm] Fix wasm-to-wasm handling in 'native heap' lazy compile"
> 
> This reverts commit 59f221740c.
> 
> Reason for revert: android build issue (https://build.chromium.org/p/client.v8.fyi/builders/Android%20Release%20%28Nexus%205X%29/builds/3583)
> 
> Original change's description:
> > [wasm] Fix wasm-to-wasm handling in 'native heap' lazy compile
> > 
> > Wasm-to-wasm uses a tail call mechanism to reach the target
> > function. This means there is no frame for it. This CL ports
> > the fix for that for the WasmCodeManager case, akin the current
> > fix for the GC case.
> > 
> > Bug: v8:7140
> > Change-Id: I04c8a8da1de9cb837a0423493216d2226c53e756
> > Reviewed-on: https://chromium-review.googlesource.com/814498
> > Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> > Reviewed-by: Ben Titzer <titzer@chromium.org>
> > Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#49942}
> 
> TBR=bradnelson@chromium.org,titzer@chromium.org,mtrofin@chromium.org,clemensh@chromium.org
> 
> Change-Id: Iae0e43b386f08d2d56aeef70e9fa0af141232023
> No-Presubmit: true
> No-Tree-Checks: true
> No-Try: true
> Bug: v8:7140
> Reviewed-on: https://chromium-review.googlesource.com/815180
> Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
> Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49943}

TBR=bradnelson@chromium.org,titzer@chromium.org,mtrofin@chromium.org,clemensh@chromium.org

Change-Id: If613a6c986ac4cf0534aecd8ea9bf74ecac21292
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7140
Reviewed-on: https://chromium-review.googlesource.com/815956
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49946}
2017-12-08 01:01:45 +00:00
Bill Budge
5679ab102d Reland "[D8] Clean up ArrayBuffer Allocators in shell."
This is a reland of 0c2faa0633
Original change's description:
> [D8] Clean up ArrayBuffer Allocators in shell.
>
> - Reworks the class hierarchy in d8.cc to conform to the allocator API.
>   In particular, allocators should malloc/free or equivalent unless
>   v8::ArrayBuffer::Allocator::Reserve is called.
> - Modifies ExternalizedContents to remember the allocation mode.
> - ArrayAllocatorBase now tracks its allocations to make sure it doesn't
>   call Free on externalized array buffers it didn't allocate.
>
> Bug: chromium:756050
> Change-Id: Ic2d07d36358f1b4fa542bea27f93d1d51a1757e1
> Reviewed-on: https://chromium-review.googlesource.com/807355
> Commit-Queue: Bill Budge <bbudge@chromium.org>
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Reviewed-by: Eric Holk <eholk@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49893}

Bug: chromium:756050,v8:7146
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I8fe3a9d9af43196e16d02342a47347a76c0a1341
Reviewed-on: https://chromium-review.googlesource.com/811724
Reviewed-by: Eric Holk <eholk@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49945}
2017-12-07 22:40:13 +00:00
Ali Ijaz Sheikh
08688f6f27 [heap] make {New,Paged}Space::PauseAllocationObserver more consistent
Bring the two functions closer together in implementation. Avoid
unnecessary assignment to top_on_previous_step_.

Bug: 
Change-Id: I0b6881b02ab08a48bc2051e6786e22a7b25a4948
Reviewed-on: https://chromium-review.googlesource.com/815196
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com>
Cr-Commit-Position: refs/heads/master@{#49944}
2017-12-07 21:23:16 +00:00
Mircea Trofin
d59063b5e8 Revert "[wasm] Fix wasm-to-wasm handling in 'native heap' lazy compile"
This reverts commit 59f221740c.

Reason for revert: android build issue (https://build.chromium.org/p/client.v8.fyi/builders/Android%20Release%20%28Nexus%205X%29/builds/3583)

Original change's description:
> [wasm] Fix wasm-to-wasm handling in 'native heap' lazy compile
> 
> Wasm-to-wasm uses a tail call mechanism to reach the target
> function. This means there is no frame for it. This CL ports
> the fix for that for the WasmCodeManager case, akin the current
> fix for the GC case.
> 
> Bug: v8:7140
> Change-Id: I04c8a8da1de9cb837a0423493216d2226c53e756
> Reviewed-on: https://chromium-review.googlesource.com/814498
> Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49942}

TBR=bradnelson@chromium.org,titzer@chromium.org,mtrofin@chromium.org,clemensh@chromium.org

Change-Id: Iae0e43b386f08d2d56aeef70e9fa0af141232023
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7140
Reviewed-on: https://chromium-review.googlesource.com/815180
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49943}
2017-12-07 20:43:28 +00:00
Mircea Trofin
59f221740c [wasm] Fix wasm-to-wasm handling in 'native heap' lazy compile
Wasm-to-wasm uses a tail call mechanism to reach the target
function. This means there is no frame for it. This CL ports
the fix for that for the WasmCodeManager case, akin the current
fix for the GC case.

Bug: v8:7140
Change-Id: I04c8a8da1de9cb837a0423493216d2226c53e756
Reviewed-on: https://chromium-review.googlesource.com/814498
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49942}
2017-12-07 19:33:06 +00:00
Sergiy Byelozyorov
aa670efb40 Whitespace CL
TBR=sergiyb@chromium.org

Bug: chromium:791583
Change-Id: I34ca6f966276277a69194c52fabb475826a034ae
Reviewed-on: https://chromium-review.googlesource.com/813854
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49941}
2017-12-07 17:45:10 +00:00
Clemens Hammacher
0503f4ad4a [Liftoff] Fix initialization of f32 locals
We might run into the situation that all fp registers are already in
use for holding parameters. Thus, use the {GetUnusedRegister()} method
which might spill to free one of the registers.

R=ahaas@chromium.org

Bug: v8:6600, chromium:792037
Change-Id: I44b279922e31ac4acaa07b6a36ba2e394100fde0
Reviewed-on: https://chromium-review.googlesource.com/813834
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49940}
2017-12-07 17:23:23 +00:00
Sergiy Byelozyorov
04f7894f71 Revert "[tools] Migrate v8_linux64_asan_rel_ng and v8_linux64_asan_rel_ng_triggered to LUCI"
This reverts commit 72e7b60bb4.

Reason for revert: whitespace CL is not landed by CQ

Original change's description:
> [tools] Migrate v8_linux64_asan_rel_ng and v8_linux64_asan_rel_ng_triggered to LUCI
> 
> No-Try: true
> Bug: chromium:748008, chromium:748000
> Change-Id: I487b7e85ade29b9aeaa9aeb4c90fd220581899a0
> Reviewed-on: https://chromium-review.googlesource.com/806171
> Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49938}

TBR=machenbach@chromium.org,sergiyb@chromium.org

Change-Id: I171e71d34b6a4365b097e4fc951aa7ff7d619edd
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:748008, chromium:748000
Reviewed-on: https://chromium-review.googlesource.com/814714
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49939}
2017-12-07 17:10:26 +00:00
Sergiy Byelozyorov
72e7b60bb4 [tools] Migrate v8_linux64_asan_rel_ng and v8_linux64_asan_rel_ng_triggered to LUCI
No-Try: true
Bug: chromium:748008, chromium:748000
Change-Id: I487b7e85ade29b9aeaa9aeb4c90fd220581899a0
Reviewed-on: https://chromium-review.googlesource.com/806171
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49938}
2017-12-07 16:32:44 +00:00
jgruber
b3009ccbc9 [typedarray] Fix signed-ness of pointer comparisons
While the affect values must be valid addresses & thus will not overflow
the IntPtr type, they need to be interpreted as unsigned in comparisons.

Bug: chromium:792549, v8:7123, v8:3590
Change-Id: I864b50c8dbdc297d70bf83c74a83cc466c5f3eb0
Reviewed-on: https://chromium-review.googlesource.com/814395
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49937}
2017-12-07 15:53:12 +00:00
Michael Lippautz
41f928282b [heap] Enable embedder heap tracing in combination with finalizers
Bug: v8:7176
Change-Id: I83d68a7e792b656d9f40a142b5403ac98c4f44c4
Reviewed-on: https://chromium-review.googlesource.com/814116
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49936}
2017-12-07 15:01:28 +00:00
Clemens Hammacher
d26f8c31eb [Liftoff] Fix fp cache register list
This change got lost on a rebase of https://crrev.com/c/796854.

R=ahaas@chromium.org

Bug: v8:6600
Change-Id: I99e0b7f51f0b3ca1135c8d98fcc7b4c2c13193a3
Reviewed-on: https://chromium-review.googlesource.com/813923
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49935}
2017-12-07 14:41:45 +00:00
Michael Lippautz
2abbc50c6e [heap] Increase test coverage for embedder tracing
The tests illustrate the use of v8::EmbedderHeapTracer.

Bug: v8:7176
Change-Id: Ic383c968691fddb0ec96d66cb33ee42b9c304a75
Reviewed-on: https://chromium-review.googlesource.com/811924
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49934}
2017-12-07 14:11:51 +00:00
Sergiy Byelozyorov
12afb22458 [test] Add find-index.js to the list of resources for the test
R=jgruber@chromium.org

Bug: chromium:791045, v8:1956, v8:7165
Change-Id: I58ba09248824f0309a3d37afa3e59bdea7c5f1f1
Reviewed-on: https://chromium-review.googlesource.com/813914
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49933}
2017-12-07 13:49:46 +00:00