Reason for revert:
Looks like this breaks on nosnap: http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap%20-%20debug/builds/7626
Original issue's description:
> [builtins] New frame type for exits to C++ builtins
>
> Prior to this commit, calls to C++ builtins created standard exit
> frames, which are skipped when constructing JS stack traces. In order to
> show these calls on traces, we introduce a new builtin exit frame type.
>
> Builtin exit frames contain target and new.target on the stack and are
> not skipped during stack trace construction.
>
> BUG=v8:4815
> R=bmeurer@chromium.org, yangguo@chromium.org
> CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
>
> Committed: https://crrev.com/3c60c6b105f39344f93a8407f41534e5e60cf19a
> Cr-Commit-Position: refs/heads/master@{#37384}
TBR=yangguo@chromium.org,jgruber@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4815
Review-Url: https://codereview.chromium.org/2106113002
Cr-Commit-Position: refs/heads/master@{#37394}
Commit d0b8e7fb introduced some functionality to allocate additional
space in the function table, filled with an "undefined" function
signature. Use -1 instead of undefined_value() as the latter can have
the top bits cleared (which happens often for arm64) and causes
intermittent test failures.
BUG=
Review-Url: https://codereview.chromium.org/2105293002
Cr-Commit-Position: refs/heads/master@{#37393}
Avoid repeatedly traversing empty kHuge empty free list categories. This is an
oversight as all other categories are already eagerly unlinked upon getting
empty (in FreeList::FindNodeIn).
R=ulan@chromium.org
Review-Url: https://codereview.chromium.org/2109473004
Cr-Commit-Position: refs/heads/master@{#37391}
The implementation of DoubleRepresentation was based on undefined
behavior, and it can be replaced by bit_casts.
BUG=chromium:623168
R=titzer@chromium.org
Review-Url: https://codereview.chromium.org/2105683006
Cr-Commit-Position: refs/heads/master@{#37390}
A pointer comparison on the effect path states is not sufficient to
guarantee termination; we really need to check the actual nodes to
make sure we terminate properly, similar to what BranchElimination
does.
R=jarin@chromium.org
BUG=v8:5161
Review-Url: https://codereview.chromium.org/2112463002
Cr-Commit-Position: refs/heads/master@{#37389}
- Changes InstructionOperand canonicalization to map all FP operands to kFloat64 on Intel and other platforms with simple aliasing.
- Bypass expensive interference calculations and fixed FP live range processing for platforms with simple aliasing.
LOG=N
BUG=v8:4124
Review-Url: https://codereview.chromium.org/2101653003
Cr-Commit-Position: refs/heads/master@{#37388}
This functionality is duplicated with the same functionality in
SimplifiedLowering, which is kinda premature and doesn't seem to
be useful.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2103323003
Cr-Commit-Position: refs/heads/master@{#37386}
Prior to this commit, calls to C++ builtins created standard exit
frames, which are skipped when constructing JS stack traces. In order to
show these calls on traces, we introduce a new builtin exit frame type.
Builtin exit frames contain target and new.target on the stack and are
not skipped during stack trace construction.
BUG=v8:4815
R=bmeurer@chromium.org, yangguo@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Review-Url: https://codereview.chromium.org/2090723005
Cr-Commit-Position: refs/heads/master@{#37384}
There are no useful typing rules for Change and Checked operators, so we
better make sure we don't run them through the Typer at all.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2107783004
Cr-Commit-Position: refs/heads/master@{#37382}
This function should also be callable from a concurrent thread, so we cannot use
the scope here. Instead, provide a test that checks that no handles are created.
R=ulan@chromium.org
TEST=cctest/test-conversions/NoHandlesForTryNumberToSize
BUG=
Review-Url: https://codereview.chromium.org/2106083002
Cr-Commit-Position: refs/heads/master@{#37381}
This changes many interfaces to accept StandardFrames instead of
JavaScriptFrames, and use the StackTraceFrameIterator instead of the
JavaScriptFrameIterator.
Also, the detailed frame information array now contains the script in
addition to the function, as wasm frames are not associated to any
javascript function.
This is a rebase of (https://codereview.chromium.org/2069823003/), since clemensh's internship has ended.
R=yangguo@chromium.org,ahaas@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2109093003
Cr-Commit-Position: refs/heads/master@{#37379}
The start argument must be converted to an integer before the length argument is
converted. (Consequently, the start argument is converted even when the length
is 0.) This matters because conversion is observable.
Also rewrite the function in a way that closely resembles the spec text.
R=littledan@chromium.org
BUG=v8:5140
Review-Url: https://codereview.chromium.org/2109583002
Cr-Commit-Position: refs/heads/master@{#37378}
Reland of https://codereview.chromium.org/2034093002 (reverted by
https://codereview.chromium.org/2080153002).
Original commit message:
Implement WASM support on big-endian platforms. WASM has
an implicit requirement that it is running on little-endian
machine. We achieve WASM support on BE by keeping data
in memory in little-endian order, and changing data
endianness before storing to memory and after loading from
memory.
BUG=
Review-Url: https://codereview.chromium.org/2083523002
Cr-Commit-Position: refs/heads/master@{#37373}
Reason for revert:
Causers flaky failures on the waterfall on Mac with the following error in the builtin QuickSort method:
#
# Fatal error in Zone
# Allocation failed - process out of memory
#
Original issue's description:
> [turbofan] Implicitly emit eager checkpoint at graph building.
>
> This makes preparation of eager checkpoints within the graph builder
> implicit. Every sub-expression visitation is now guaranteed to emit
> valid checkpoints in AstContext.
>
> R=jarin@chromium.org
> BUG=v8:5021
>
> Committed: https://crrev.com/74e328efee7995aeee6d568f9d14f9bbc1087100
> Cr-Commit-Position: refs/heads/master@{#37368}
TBR=jarin@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5021
Review-Url: https://codereview.chromium.org/2104973004
Cr-Commit-Position: refs/heads/master@{#37372}
The reason:
All RunFloat64Sin/RunFloat64Cos/RunFloat64Expm1/RunFloat64Tan/Ieee754.Expm1/Ieee754.Cos/Ieee754.Tan test cases
use the C++ function to generate the expected value or result. So for x87, all those expected value or result are
extended double precision as the extended double precision is default for x87 Gcc compiler and std lib on linux platform.
The issue is:
For RunFloat64Sin/RunFloat64Cos/RunFloat64Expm1/RunFloat64Tan test cases, the expected values generated by C++ function
are extended double precision, the results generated by X87 jitted code are double precision according to the ECMA standard.
The comparison of different precisons caused some of those test cases failed.
For Ieee754.Expm1/Ieee754.Cos/Ieee754.Tan test cases, the expected values are pre-defined double precision values, the results
generated by C++ function are extended double precision. The comparison of different precisons caused some of those test cases
failed too.
This CL disables RunFloat64Sin/RunFloat64Cos/RunFloat64Expm1/RunFloat64Tan/Ieee754.Expm1/Ieee754.Cos/Ieee754.Tan test cases for x87.
BUG=
Review-Url: https://codereview.chromium.org/2111493002
Cr-Commit-Position: refs/heads/master@{#37371}
The lastIndex property must be written with the semantics of a strict [[Set]],
so an exception must be thrown when the attributes don't allow writing. We used
to ignore the attributes.
R=littledan@chromium.org, yangguo@chromium.org
BUG=v8:5138
Review-Url: https://codereview.chromium.org/2109593002
Cr-Commit-Position: refs/heads/master@{#37369}
This makes preparation of eager checkpoints within the graph builder
implicit. Every sub-expression visitation is now guaranteed to emit
valid checkpoints in AstContext.
R=jarin@chromium.org
BUG=v8:5021
Review-Url: https://codereview.chromium.org/2074703002
Cr-Commit-Position: refs/heads/master@{#37368}
It's not safe to magically compute types during representation
selection, so better disable the Typer decorator before we start
to do the representation/truncation analysis. This will also allow
us to move to a world where we can run representation selection
concurrently eventually.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2103363004
Cr-Commit-Position: refs/heads/master@{#37367}
Port c1d01aea11
Fix a few failures which occur because instruction cache
hasn't been flushed after update of WASM references.
BUG=mjsunit/wasm/asm-wasm-heap,mjsunit/wasm/start-function
Review-Url: https://codereview.chromium.org/2103093003
Cr-Commit-Position: refs/heads/master@{#37364}
The only real use case left for TypeGuard was the renaming inside the
LoadElimination, but this case only occurs in dead code (guarded by a
previous Check), so it's not relevant, and we can drop the TypeGuard
operator completely.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2108793003
Cr-Commit-Position: refs/heads/master@{#37361}
Reason for revert:
Seems to break GPU bots
Original issue's description:
> [heap] Optimize ArrayBuffer tracking
>
> With the current approach we only need to track using an unordered set as we can
> still access the backing store pointer and length by the time we free the
> backing store.
>
> BUG=chromium:619491, chromium:611688
> LOG=N
> R=ulan@chromium.org
>
> Committed: https://crrev.com/8d2ae27808f047ca8b8f90e63a9c8735321d2ad0
> Cr-Commit-Position: refs/heads/master@{#37318}
TBR=ulan@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:619491, chromium:611688
Review-Url: https://codereview.chromium.org/2105273002
Cr-Commit-Position: refs/heads/master@{#37358}
Rolling v8/build to 5340820b7f216d4f155213173cf678774741788d
Rolling v8/buildtools to c36df184fb212b911d5e0fdee45647610e3ea54d
Rolling v8/tools/mb to e79fc1007f026e7d899abec066b714c750103019
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2102393002
Cr-Commit-Position: refs/heads/master@{#37356}
Add a flag harmony_trailing_commas_in_parameters that allows trailing
commas in function parameter declaration lists and function call
parameter lists. Trailing commas are allowed in parenthetical lists like
`(a, b, c,)` only if the next token is `=>`, thereby making it an arrow
function declaration. Only 1 trailing comma is allowed, not `(a,,)`. A
trailing comma must follow a non-rest parameter, so `(,)` and `(...a,)`
are still SyntaxErrors. However, a trailing comma is allowed after a
spread parameter, e.g. `a(...b,);`.
Add parser tests for all of the above.
BUG=v8:5051
LOG=y
Review-Url: https://codereview.chromium.org/2094463002
Cr-Commit-Position: refs/heads/master@{#37355}
Comparisons were allowing asm 'int' values in places
that require strict 'signed' or 'unsigned' but not both.
Fixes crash when these make it to asm-wasm.
BUG=599413
BUG=v8:4203
R=aseemgarg@chromium.org
Review-Url: https://codereview.chromium.org/2106683003
Cr-Commit-Position: refs/heads/master@{#37353}
This reverts commit 1eb1dfabe4.
The original compilation separation change avoided associating a heap
for the wasm instance if memory was not provided, nor needed. The
grow memory CL assumed the old behavior, where a memory buffer was
always present, but may have had a zero size.
The 2CLS landed shortly after one another. We decided to treat the
grow memory as the race condition winner, so this CL here re-lands
compilation separation, plus adjusts grow memory to deal with
the undefined mem buffer.
BUG=
Review-Url: https://codereview.chromium.org/2102193003
Cr-Commit-Position: refs/heads/master@{#37352}
We were not checking that the string passed to instantiateFromAsm
contains a function declaration (any declaration was allowed).
Fixes crash.
BUG=620649
BUG=v8:4203
R=aseemgarg@chromium.org
Review-Url: https://codereview.chromium.org/2109533002
Cr-Commit-Position: refs/heads/master@{#37349}
Support for serializing/deserializing the compiled wasm module.
We want to reuse the javascript snapshotting mechanics, at least in the
short term, when we still use the JS heap for the compiled wasm code.
Given that a module may be compiled in one v8 instance and then
instantiated later, in a different instance, whatever information we need
at instantiation time must also be serializable.
We currently hold on to the un-decoded wasm bytes, for enabling
debugging scenarios. This imposes a ~20% penalty on the memory
requirements of the wasm compiled code. We do not need this data
otherwise, for runtime, and it is sensible to consider eventually loading it
on demand. Therefore, I intentionally avoided relying on it and re-
decoding the wasm module data, and instead saved the information
necessary to support instantiation.
Given how whatever we need to persist must be serializable, the CL
uses a structure made out of serializable objects (fixed arrays mostly)
for storing this information. I preferred going this route rather than
adding more wasm-specific support to the serializer, given that we want
to eventually move off the JS heap, and therefore the serializer.
Additionally, it turns out this extra information is relatively not complex:
minimal structure, little nesting depth, mostly simple data like numbers
or byte blobs, or opaque data like compiled functions.
This CL also moves export compilation ahead of instantiation time.
This change added a helper getter to FixedArray, to make typed retrieval
of elements easier.
BUG=
Review-Url: https://codereview.chromium.org/2094563002
Cr-Commit-Position: refs/heads/master@{#37348}
Port 5e05854019
Original commit message:
The reason for reverting is: This breaks gc-stress bot:
https://chromegw.corp.google.com/i/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot
Abortion of compaction could cause duplicate entries in the typed-old-to-new remembered set.
These duplicates could cause a DCHECK to trigger which checks that slots recorded in the
remembered set never point to to-space. This reland-CL allows duplicates in the remembered
set by removing the DCHECK, and additionally clears entries in the remembered set if objects are moved.
Original issue's description:
Cells were needed originally because there was no typed remembered set to
record direct pointers from code space to new space. A previous
CL (https://codereview.chromium.org/2003553002/) already introduced
the remembered set, this CL uses it.
This CL
* stores direct pointers in code objects, even if the target is in new space,
* records the slot of the pointer in typed-old-to-new remembered set,
* adds a list which stores weak code-to-new-space references,
* adds a test to test-heap.cc for weak code-to-new-space references,
* removes prints in tail-call-megatest.js
R=ahaas@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com
BUG=
LOG=N
Review-Url: https://codereview.chromium.org/2108673003
Cr-Commit-Position: refs/heads/master@{#37346}
The opcodes for 'cmpw r/m16, r16' and 'cmpw r16, r/m16' were swapped, causing a few issues when less than/greater than comparison were performed.
Adds a regression test.
BUG=621926
Committed: https://crrev.com/efa7095e3e360fbadbe909d831ac11b268ca26b0
Review-Url: https://codereview.chromium.org/2103713003
Cr-Original-Commit-Position: refs/heads/master@{#37339}
Cr-Commit-Position: refs/heads/master@{#37345}
