Commit Graph

45074 Commits

Author SHA1 Message Date
Andreas Haas
a7b26c6b83 [turbofan] Add fuzzer to test different signatures for multi-returns
This CL makes a fuzzer out of the cctest
test-multiple-return/ReturnMultipleRandom. The fuzzer creates a
CallDescriptor with input parameters and returns, and a function which
maps input parameters to returns. The fuzzer then calls this function
with a wrapper which checks that the correct mapping happened.

R=clemensh@chromium.org

Change-Id: Ib89c4063638baae69540a44486d7b2e9d13f8c1f
Reviewed-on: https://chromium-review.googlesource.com/859768
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50532}
2018-01-12 12:20:27 +00:00
Martyn Capewell
c6c2d9a3e4 [arm64] Tidy up stack related TF opcodes
Unify PokeCSP/JSSP and ClaimCSP/JSSP, remove RestoreJSSP/CSP, and
remove UseNativeStack.

Bug: v8:6644
Change-Id: I482237a0e112f986c6155dce253749f55bd08f5f
Reviewed-on: https://chromium-review.googlesource.com/860104
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
Cr-Commit-Position: refs/heads/master@{#50531}
2018-01-12 11:58:56 +00:00
Michael Lippautz
229a3e37f9 [object-stats] Add capability of recording virtual instance types
Each of those types have to split off a single actual instance type.
There can be many that split off the same instance type.

Bug: v8:7266
Change-Id: Ic78b707e26e67bdd2072cd8a716c89eaae024e48
Reviewed-on: https://chromium-review.googlesource.com/860651
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50530}
2018-01-12 11:44:16 +00:00
Jakob Gruber
2de8b68060 [debug-evaluate] Deserialize builtins before check
Instead of bailing out and assuming everything will be fine if a builtin
hasn't been deserialized yet, deserialize eagerly and perform the full
check.

Change-Id: I60b0d33786a266e124358e2eebe926d8f785881d
Reviewed-on: https://chromium-review.googlesource.com/859998
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50529}
2018-01-12 11:42:57 +00:00
Clemens Hammacher
9b2a15b763 [Liftoff] Implement i32.popcnt with C fallback
This adds support for i32.popcnt. If no hardware instruction for popcnt
is available, call out to C.

R=titzer@chromium.org

Bug: v8:6600
Change-Id: I9ae9e1d1e1392168d19c0eedcdd33eeea609a54f
Reviewed-on: https://chromium-review.googlesource.com/860658
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50528}
2018-01-12 11:39:26 +00:00
Michal Majewski
29b1c388e7 [test] Introduce stress sampling allocation profiler mode
Bug: v8:7209
Change-Id: Ia10479d7eea6ef2f352d008e2f4b74e2394ab79b
Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/861623
Commit-Queue: Michał Majewski <majeski@google.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Ali Ijaz Sheikh <ofrobots@google.com>
Cr-Commit-Position: refs/heads/master@{#50527}
2018-01-12 11:34:16 +00:00
Camillo Bruni
42e8ca9995 [Runtime] Set expected_nof_properties when creating Constructors
Bug: chromium:800032
Change-Id: I2ba740a3617df3652475e8fc5bd8e8e33cb14a0d
Reviewed-on: https://chromium-review.googlesource.com/861886
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50526}
2018-01-12 10:51:11 +00:00
Michal Majewski
7f01c9303f [test] Implement variant generators as processors
Bug: v8:6917
Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel_ng;luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ib5bfdf4d6fee6102f62c7334a1b22146f1a1fc5b
Reviewed-on: https://chromium-review.googlesource.com/857376
Commit-Queue: Michał Majewski <majeski@google.com>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50525}
2018-01-12 10:39:20 +00:00
Sigurd Schneider
887d8d7e02 Reland "[turbofan] Handle mixed packed/unpacked multimaps in Array.prototype.push"
This is a reland of ae14edca68
Original change's description:
> [turbofan] Handle mixed packed/unpacked multimaps in Array.prototype.push
> 
> Bug: v8:7127, v8:7204, v8:7205
> Change-Id: I4eb009492222b208ff8875b4b7940174dfb132ff
> Reviewed-on: https://chromium-review.googlesource.com/847576
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#50451}

Bug: v8:7127, v8:7204, v8:7205
Change-Id: I327aa69f0a12f8b3e3fd4e00219591f59e7ed746
Reviewed-on: https://chromium-review.googlesource.com/859857
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50524}
2018-01-12 10:18:00 +00:00
Sigurd Schneider
43d588cce6 [turbolizer] Eye candy that helps readability
- Turbolizer highlights input and output nodes on hover.
- The three panes support resizing now (snap to side still works).

Bug: 
Change-Id: Ida1513fd714a02ab772885ea1fdf6d9da8d540f6
Reviewed-on: https://chromium-review.googlesource.com/837068
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50523}
2018-01-12 09:35:30 +00:00
Yang Guo
73ba170a75 Pass v8_postmortem_support to gyp/gn bridge.
Also change fetch_deps.py to no longer be a no-op and rename
Main function for importing from other scripts.

R=machenbach@chromium.org

Bug: v8:6105
Change-Id: I067a212827316248f60e97ff27e9bb2dc20addfd
Reviewed-on: https://chromium-review.googlesource.com/860007
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50522}
2018-01-12 09:31:49 +00:00
Kanghua Yu
1f2fd64e11 [x64] Prevent using stack to swap two registers
R=jgruber@chromium.org

Bug: 
Change-Id: I344697a56cfc6d66173806c0038a5edcd94f8260
Reviewed-on: https://chromium-review.googlesource.com/842183
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50521}
2018-01-12 08:09:05 +00:00
v8-autoroll
1f596d4673 Update V8 DEPS.
Rolling v8/build: e176e6f..28d46dd

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/6385d5b..30e5a9f

Rolling v8/tools/clang: 2ae8604..2708887

Rolling v8/tools/swarming_client: 36e0979..8822987

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: Ifa356460efa17d6d2e8d29504167f0d9b7f6eb16
Reviewed-on: https://chromium-review.googlesource.com/863283
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50520}
2018-01-12 04:46:23 +00:00
Junliang Yan
6a898e0370 PPC/s390: fix linker error
R=joransiu@ca.ibm.com

Bug: 
Change-Id: I7d65f467ece4b93c268d481318f3d0e6f0485069
Reviewed-on: https://chromium-review.googlesource.com/860763
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#50519}
2018-01-11 21:19:15 +00:00
Caitlin Potter
2d889aa9a4 Reland "[esnext] load iterator.next only once at beginning of iteration"
https://github.com/tc39/ecma262/pull/988 gained concensus during the
september 2017 TC39 meetings. This moves the load of the "next" method
to the very beginning of the iteration protocol, rather than during
each iteration step.

This impacts:

- yield*
- for-of loops
- spread arguments
- array spreads

In the v8 implementation, this also affects async iteration versions of
these things (the sole exception being the Async-From-Sync iterator,
which requires a few more changes to work with this, likely done in a
followup patch).

This change introduces a new AST node, ResolvedProperty, which can be used
as a callee by Call nodes to produce the same bytecode as Property calls,
without observably re-loading the property. This is used in several
AST-desugarings involving the iteration protocol.

BUG=v8:6861, v8:5699
R=rmcilroy@chromium.org
TBR=neis@chromium.org, adamk@chromium.org

Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I9685db6e85315ba8a2df87a4537c2bf491e1e35b
Reviewed-on: https://chromium-review.googlesource.com/857593
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50518}
2018-01-11 20:27:13 +00:00
Georg Neis
ca54981260 [compiler] Add more Check*/Checked* operators to RedundancyElimination.
Also sort some lists to improve readability.

Bug: 
Change-Id: I296d1706e7c568c325732e9c57622bc4de571d62
Reviewed-on: https://chromium-review.googlesource.com/859240
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50517}
2018-01-11 20:01:33 +00:00
Vlad Tsyrklevich
2639dafab5 [CFI] Disable indirect call checking into JITd code
CFI-icall checking makes use of compile-time information to verify
whether a given indirect call is valid; however, this is impossible to
verify for calls into JITed code. Mark functions calling into JITed code
with an attribute disabling CFI-icall checking.

Bug=v8:7164

Change-Id: I20161510b810744ff5e234d77cf603913482a539
Reviewed-on: https://chromium-review.googlesource.com/861305
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50516}
2018-01-11 19:32:24 +00:00
Jungshik Shin
e6138f5411 Make date-constructor test more portable
The timezone offset in effect on Dec 25, 1995 won't be applicable
in years far away from 1995 (e.g. year 1111).

Calculate the timezone offset in Feb 1, 1995 and run other tests
on the same day.

This issue has been hidden because the current implementation doesn't
take into account the history of timezone offset changes(crbug.com/3547),
but was exposed when a correct implementation based on ICU was tried.
( https://chromium-review.googlesource.com/c/v8/v8/+/572148 ).

Bug: v8:7268
Test: webkit/date-constructor
Change-Id: I09834cff0baa47d6c8981e7712ebf39541e5ecb7
Reviewed-on: https://chromium-review.googlesource.com/861196
Commit-Queue: Jungshik Shin <jshin@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50515}
2018-01-11 18:44:33 +00:00
Leszek Swirski
61ad57ebfb [debug] Improve gdb code printing
Two usability improvements to the GDB jco macro:

 * Check if the desired pc is within the code space (or large object
   space), to avoid failures
 * Highlight the current pc in the outputted code (yellow and bold) to
   make it easier to find.

Change-Id: Ia094f33b61ed0fd2dd1e5e456992a17d97048639
Reviewed-on: https://chromium-review.googlesource.com/860102
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50514}
2018-01-11 18:43:28 +00:00
Martyn Capewell
c6ea032850 Reland "[arm64] Switch jssp to csp"
This is a reland of 50baf93425

This fixes the number of expected instructions in MaybeCallEntryHookDelayed,
only exposed by nosnap tests.

Original change's description:
> [arm64] Switch jssp to csp
>
> Switch stack pointer to using csp directly, making jssp redundant.
>
> Bug: v8:6644
> Change-Id: I8e38eda50d56a25161b187c0a033608dd9f90239
> Reviewed-on: https://chromium-review.googlesource.com/860097
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
> Cr-Commit-Position: refs/heads/master@{#50487}

Bug: v8:6644
Change-Id: Ie9a969ccbf00fd7a7cff8f45b73cdb6bc4f17df9
Reviewed-on: https://chromium-review.googlesource.com/860639
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
Cr-Commit-Position: refs/heads/master@{#50513}
2018-01-11 18:42:13 +00:00
Adam Klein
8d7522bc67 Revert "[heap] Remove page header tag from owner field."
This reverts commit 6af43874b5.

Reason for revert: Linux TSAN failures:

https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/19028

Original change's description:
> [heap] Remove page header tag from owner field.
> 
> Bug: chromium:800251
> Change-Id: I101131b4651b0bb27a79e5107ee43caf1229ffc7
> Reviewed-on: https://chromium-review.googlesource.com/860010
> Commit-Queue: Hannes Payer <hpayer@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#50507}

TBR=ulan@chromium.org,hpayer@chromium.org

Change-Id: I29001423959f6d9faadbdba5228b28cfb1f5b341
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:800251
Reviewed-on: https://chromium-review.googlesource.com/861923
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50512}
2018-01-11 17:56:55 +00:00
jgruber
e1f676ec99 [regexp] Add stack check to RegExpExec
Band-aid fix for infinite recursion in RegExp TFJ builtins.

TFJ builtins don't contain stack checks in general, so any deep
recursion involving only TFJ builtins can end up overflowing the stack
and segfaulting on the red area.

RegExp builtins in particular can only build such recursions using
RegExp.p.exec, and (as far as I can tell) only by modifying the instance
or prototype, thus hitting the slow path in all builtins.

This CL adds a stack check to RegExpExec, which is the choke point for
calling exec on slow-mode RegExps.

Bug: v8:7239, chromium:797481

Regression test

Change-Id: I78dbb5f868a775d9697606d513623f912639d7db
Reviewed-on: https://chromium-review.googlesource.com/856777
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50511}
2018-01-11 15:39:34 +00:00
Ben L. Titzer
1118edbebd [wasm] Remove unused field from WasmCompiledModule
R=ahaas@chromium.org

Bug: 
Change-Id: I3817745013828d455ca1b623724d8789cc5f01ce
Reviewed-on: https://chromium-review.googlesource.com/860643
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50510}
2018-01-11 15:30:55 +00:00
Michael Achenbach
5e50857e2c [foozzie] Suppress test cases with async in slow-path mode
NOTRY=true
TBR=gsathya@chromium.org

Bug: chromium:800651
Change-Id: I72717fcd694609132b76431c13c26fb3f79432dd
Reviewed-on: https://chromium-review.googlesource.com/860926
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50509}
2018-01-11 15:14:55 +00:00
Clemens Hammacher
29e4696ade [Liftoff] Fix i32.eqz on ia32
Ensure that for setcc, we only use a byte register as destination
register.

R=titzer@chromium.org

Bug: v8:6600, chromium:800756
Change-Id: Ie33f3faf602e7eda845205ba0ed2d9966460fd54
Reviewed-on: https://chromium-review.googlesource.com/860640
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50508}
2018-01-11 14:55:24 +00:00
Hannes Payer
6af43874b5 [heap] Remove page header tag from owner field.
Bug: chromium:800251
Change-Id: I101131b4651b0bb27a79e5107ee43caf1229ffc7
Reviewed-on: https://chromium-review.googlesource.com/860010
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50507}
2018-01-11 14:49:34 +00:00
Dan Elphick
9dd2b20350 [CSA]: Fix ElementOffsetFromIndex for dynamic SMIs
Non-constant SMIs were being shifted to the right with SHR instead of SAR,
which caused corruption of negative offsets.

Add tests for SMI access to arguments using CodeStubArguments.

Change-Id: I6cc4fc0a5dd0018524f5ff4f16f9e9a21866363f
Reviewed-on: https://chromium-review.googlesource.com/854055
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50506}
2018-01-11 14:38:25 +00:00
Clemens Hammacher
63aaa83370 [wasm][fuzzer] Allow tee_local and set_local
set_local was implemented before, but not added to any list of
alternatives. tee_local is now additionally implemented and added.

R=ahaas@chromium.org

Change-Id: I51f0b35c7b507e8af06efd1f9baac30790f28a3b
Reviewed-on: https://chromium-review.googlesource.com/860460
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50505}
2018-01-11 13:56:34 +00:00
Hannes Payer
f6657e4692 [heap] Replace page header check in store buffer with slower large object lookup.
Bug: chromium:800251
Change-Id: I44d997bd54be214c34ca2864470f7cdfc3cc30f3
Reviewed-on: https://chromium-review.googlesource.com/859437
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50504}
2018-01-11 12:45:43 +00:00
Ben L. Titzer
3a79d5bcc5 [wasm] Move (almost all) constants to wasm-constants.h
This CL centralizes constants related to decoding from several places
into one place and makes it no longer necessary to include
wasm-opcodes.h for some simple constants.

R=clemensh@chromium.org

Bug: 
Change-Id: I53aa81e34167df467bc7455b717bf67083033943
Reviewed-on: https://chromium-review.googlesource.com/859764
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50503}
2018-01-11 12:25:54 +00:00
Michael Lippautz
4ff98cb123 [object-stats] Refactor to allow additional passes over objects
Move heap iteration to object stats to untangle the dependency from
MC.

Bug: v8:7266
Change-Id: I6f0f4f5f3bb0a911591a211ffd71580343765cdd
Reviewed-on: https://chromium-review.googlesource.com/860358
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50502}
2018-01-11 12:24:40 +00:00
Michael Starzinger
4e116c4bc6 [wasm] Use common serialization API for all modes.
This funnels all serialization and deserialization calls through the
common interface in the wasm-serialization.h file. All call sites are
now uniform, independent of the --wasm-jit-to-native feature.

R=titzer@chromium.org
BUG=v8:6876

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I105907acfeba4b0e277b2003d099c5db6ab59dd3
Reviewed-on: https://chromium-review.googlesource.com/860042
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50501}
2018-01-11 12:23:34 +00:00
Michael Starzinger
4d09583ad9 [test] Restore "stress_incremental_marking" variant.
This removes the explicit --write-protect-code-memory flag from the list
of flags in the "stress_incremental_marking". The feature is enabled by
default by now and no longer needs explicit testing.

R=ulan@chromium.org
BUG=v8:6792

Change-Id: I5d6ba21dff261488bbe1b0148ce204bf78d57334
Reviewed-on: https://chromium-review.googlesource.com/860661
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50500}
2018-01-11 12:14:14 +00:00
Leszek Swirski
713eb9e765 [ignition] Change RestoreGeneratorRegisters to ResumeGenerator
This makes RestoreGeneratorRegisters do a fuller resume process: update
the state register to indicate that it is now executing, and update the
accumulator with the input_or_debug_pos of the generator - i.e., perform
the boilerplate generator resuming in one bytecode instead of several.

Change-Id: Ia87b6766ac023064b40d3e9a143e7b32118ea3a0
Reviewed-on: https://chromium-review.googlesource.com/859770
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50499}
2018-01-11 11:25:04 +00:00
Michael Starzinger
afd8a81884 [wasm] Enable native-heap WebAssembly code by default.
R=titzer@chromium.org
BUG=v8:6876

Change-Id: Ib9821123e89b4a198cfa921ffd4cf5bee55cc93d
Reviewed-on: https://chromium-review.googlesource.com/856999
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50498}
2018-01-11 10:21:10 +00:00
Sigurd Schneider
c5cc568ba1 [turbofan] Fix fast-path of String.prototype.charAt/charCodeAt
The fast-path of S.p.charAt/charCodeAt wrongly truncates the index,
i.e. charAt(k + 4294967295) yields the same as charAt(k-1). This CL
fixes this behaviour, at the cost of not providing a fast-path for
charAt(1.1), i.e. if charAt/charCodeAt is called with a Number.

Bug: chromium:800594
Change-Id: Ic8e749380d3118f0c9469eb626e81bf72cf09fec
Reviewed-on: https://chromium-review.googlesource.com/860003
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50497}
2018-01-11 09:10:57 +00:00
Sigurd Schneider
d44f75f5c8 [deoptimizer] Report if speculation bit changed with --trace-deopt
This CL adds output related to the no speculation bit on the feedback
vector. Messages appear on two occasions:
  - if a feedback vector is read from the deoptimization entry
  - if the no-speculation bit on a feedback vector is set
The latter only happens during object materialization.

Bug: v8:7127
Change-Id: I9676323d3223441472539a544d3309687dba27a3
Reviewed-on: https://chromium-review.googlesource.com/849092
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50496}
2018-01-11 08:32:33 +00:00
Michael Achenbach
3eab6df1d4 Update V8 DEPS.
Rolling v8/build: 2b74850..e176e6f

Rolling v8/buildtools: 1be57dc..d3ad6b3

Rolling v8/third_party/android_tools: https://chromium.googlesource.com/android_tools/+log/7d781b3..c78b258

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/d4706cb..6385d5b

Rolling v8/tools/clang: ac1e5f7..2ae8604

This also ports https://crrev.com/c/853294 and adds DEPS:
https://chromium.googlesource.com/android_ndk/+/e951c37

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I3222ced300fbf4aa2f5c478cc5aad0861b8e8dd5
Reviewed-on: https://chromium-review.googlesource.com/860764
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50495}
2018-01-11 08:15:12 +00:00
Ben Smith
a7e0c16d9e Mark the futex mjsunit tests as non-deterministic
Bug: v8:7177
Change-Id: Ifd050eaf5196a2989011b12b8e81041fd598ae8e
Reviewed-on: https://chromium-review.googlesource.com/861166
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50494}
2018-01-11 08:13:33 +00:00
Shenghua Zhang
05fa09b368 [ndk] Change android ndk root for v8
Because of the android sdk managed by CIPD (see go/use-adjective-apis),
its deps repo ndk needs to be relocated to third_party/android_ndk.
This CL changes the ndk root path in files in v8.

Bug: chromium:659808
Change-Id: I78d534cbb81eebd1dc631293d54764f027ed0567
Reviewed-on: https://chromium-review.googlesource.com/861182
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50493}
2018-01-11 08:10:33 +00:00
Taketoshi Aono
03e9d415c2 Reland: Reimplement Object.entries/values as CSA to optimize performance.
Add Object.entries/values builtins to debug-evaluate.cc whitelist macro.
This fix revert commit of https://chromium-review.googlesource.com/c/v8/v8/+/859937
Original is https://chromium-review.googlesource.com/c/v8/v8/+/810504
>> Reimplements Object.entries/values as CSA to optimize performance. See more detail about https://bugs.chromium.org/p/v8/issues/ Issue 6804.

This reverts commit 1b49f725ac.

Bug: v8:6804
Change-Id: I57e8b66e1c4ece2abb52e1630a97fbfd4070d810
Reviewed-on: https://chromium-review.googlesource.com/860679
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50492}
2018-01-11 07:04:00 +00:00
Ben Smith
f9feb5fa25 Remove SharedArrayBuffer.isView
It was included accidentally. It is not in the ES spec, nor is it
provided by any other browser.

BUG=chromium:793095

Change-Id: I2370a6d2b8d14def8dbd47ff4a1ffb4f5f65f097
Reviewed-on: https://chromium-review.googlesource.com/815757
Commit-Queue: Ben Smith <binji@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50491}
2018-01-11 00:22:57 +00:00
Junliang Yan
7cb600f26f PPC: Replace CALL_GENERATED_CODE by GeneratedCode wrapper
Port 30fabc4cdf

Original Commit Message:

    This ensures that there is only one entrance point from C++ to
    generated code, hence only one method has to be excluded from CFI.
    It also introduces type safety by only allowing the code to be called
    with the right arguments.
    This CL includes minor drive-by fixes in the tests, like removing
    unused dummy variables.

R=clemensh@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: Idb21a7b8103a8fb833c963c182463006d9dd6288
Reviewed-on: https://chromium-review.googlesource.com/857425
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#50490}
2018-01-10 20:40:13 +00:00
Ali Ijaz Sheikh
814577e3fd [tracing] allow embedders to provide own tracing timestamps
Make it possible for embedders to provide their own tracing timetamps by
providing an overridable virtual function on V8's tracing controller.

Bug: 
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I727e633cb7f63d4b41c2e427ecca3c9174c90bfe
Reviewed-on: https://chromium-review.googlesource.com/847690
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Fadi Meawad <fmeawad@chromium.org>
Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com>
Cr-Commit-Position: refs/heads/master@{#50489}
2018-01-10 19:36:23 +00:00
Adam Klein
89348016ff Revert "[arm64] Switch jssp to csp"
This reverts commit 50baf93425.

Reason for revert: breaks arm64 nosnap debug tests:

https://build.chromium.org/p/client.v8.ports/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20nosnap%20-%20debug/builds/8418

Original change's description:
> [arm64] Switch jssp to csp
> 
> Switch stack pointer to using csp directly, making jssp redundant.
> 
> Bug: v8:6644
> Change-Id: I8e38eda50d56a25161b187c0a033608dd9f90239
> Reviewed-on: https://chromium-review.googlesource.com/860097
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
> Cr-Commit-Position: refs/heads/master@{#50487}

TBR=martyn.capewell@arm.com,bmeurer@chromium.org

Change-Id: I20015885e6029271ee6558509cdb92ff1a106e5f
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6644
Reviewed-on: https://chromium-review.googlesource.com/860319
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50488}
2018-01-10 18:38:44 +00:00
Martyn Capewell
50baf93425 [arm64] Switch jssp to csp
Switch stack pointer to using csp directly, making jssp redundant.

Bug: v8:6644
Change-Id: I8e38eda50d56a25161b187c0a033608dd9f90239
Reviewed-on: https://chromium-review.googlesource.com/860097
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
Cr-Commit-Position: refs/heads/master@{#50487}
2018-01-10 17:45:35 +00:00
Josh Wolfe
6fe75e30aa Reland: Enable --harmony-function-tostring by default
Update tests to work with new behavior.

Thanks Yang Guo for fixing the GC problem in
ad126d46bb

R=adamk@chromium.org, machenbach@chromium.org
Q_INCLUDE_TRYBOTS=master.tryserver.blink:linux_trusty_blink_rel

Bug: v8:4958
Change-Id: Ia7d9417f80087fb6df4ef877d0b4357875ee6c30
Reviewed-on: https://chromium-review.googlesource.com/834458
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Josh Wolfe <jwolfe@igalia.com>
Cr-Commit-Position: refs/heads/master@{#50486}
2018-01-10 17:29:46 +00:00
Wael Al Jishi
73253d428c Ensure isolate exists in ReportApiFailure
This avoids a segfault rather than reporting the (API usage)
error message:
"Fatal error in v8::HandleScope::CreateHandle() Cannot create a
handle without a HandleScope"


Bug: 
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I68a3d77ca37cc09d9e70526008a072dee8973000
Reviewed-on: https://chromium-review.googlesource.com/832488
Commit-Queue: Wael Al Jishi <waelj@google.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50485}
2018-01-10 16:45:46 +00:00
Michael Lippautz
ff0abec84c [object-stats] Split zone stats tracing into separate flag
Bug: v8:7266
Change-Id: I0983ec2db72e7013eb28e20370e13be282d0da39
Reviewed-on: https://chromium-review.googlesource.com/860377
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50484}
2018-01-10 16:19:36 +00:00
Sathya Gunasekaran
54ea7158d3 Remove RequiresInstanceFieldInitializer bit from ParseInfo
This information is already stored in compiler_hints_. This saves 1
bit on ParseInfo.

Change-Id: I37927c256aacd18fb332b522989dc669aa80df01
Reviewed-on: https://chromium-review.googlesource.com/858427
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50483}
2018-01-10 16:15:36 +00:00