Commit Graph

53194 Commits

Author SHA1 Message Date
Jakob Kummerow
6165031ba1 [ubsan] Blacklist a false positive
Bug: v8:3770
Change-Id: I59d73ef672e64fd722317c84afc6bc5cb387f5b1
Reviewed-on: https://chromium-review.googlesource.com/c/1404448
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58702}
2019-01-10 13:58:18 +00:00
Jakob Kummerow
fc329ce22a [ubsan] Fix various cases of undefined behavior
Mostly signed integer overflows, and a few cases of double
division by zero (which is defined by IEEE-754 to return
Infinity (or NaN for 0/0) but is UB in C++).
In base/ieee754.cc, use constants for NaN and Infinity instead
of computing these values.
In spaces-unittest.cc, ensure that a large enough allocation
is used.

Bug: v8:3770
Change-Id: I50d9a77dc860ef9993b7b269a5f8c117b0f62f9d
Reviewed-on: https://chromium-review.googlesource.com/c/1403454
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58701}
2019-01-10 13:52:04 +00:00
Jakob Kummerow
6733e9488b [ubsan] Use proper AssemblerOptions for Wasm Stubs
Pipeline::GenerateCodeForWasmNativeStub() currently does not pass
an Isolate to the PipelineData it creates, to ensure that compiled
code does not accidentally depend on a given Isolate. However, this
prevents the assembler from converting ExternalReference accesses to
RootArray offsets. This patch sets the corresponding AssemblerOption.

Bug: v8:3770
Change-Id: Ia4d5269e2e884a0af8abc6d122734f47db045ac0
Reviewed-on: https://chromium-review.googlesource.com/c/1404447
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58700}
2019-01-10 13:50:58 +00:00
Sami Kyostila
298fb68368 v8: Remove trace event category warming
Since all categories are now statically defined, there's no need to warm
any of them up explicitly in order for the categories to show up in the
tracing UI.

Depends on https://chromium-review.googlesource.com/c/chromium/src/+/1401273.

Bug: chromium:914579
Change-Id: I8ae8977130ae89d6ee3351194ad258d13f3c14f4
Reviewed-on: https://chromium-review.googlesource.com/c/1402779
Reviewed-by: Alexei Filippov <alph@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Sami Kyöstilä <skyostil@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58699}
2019-01-10 12:59:04 +00:00
Toon Verwaest
81a36c77ed [parser] Change how the preparser tracks parameters
This will make it easier to separate out parameter declaration from other other
parameter scope information tracking.

Change-Id: I8712dd7fc589c84bc1e1a1eab9038af6047b21cd
Reviewed-on: https://chromium-review.googlesource.com/c/1403118
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58698}
2019-01-10 12:35:55 +00:00
Jakob Gruber
8ea94bb3eb Revert "[test] add perf tests for String.p.startsWith"
This reverts commit 5dee355fe6.

Reason for revert: https://ci.chromium.org/p/v8-internal/builders/luci.v8-internal.ci/v8_linux64_perf_1/4282

Original change's description:
> [test] add perf tests for String.p.startsWith
> 
> Add performance tests for String.prototype.startsWith ahead of port to
> torque in order to keep track of how performance is affected.
> 
> Bug: v8:8400
> Change-Id: Ifc753a6f13da20c1760e545a99fd693717e3acc6
> Reviewed-on: https://chromium-review.googlesource.com/c/1402934
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58685}

TBR=jgruber@chromium.org,usharma1998@gmail.com

Change-Id: I5855b08fa5e55ab8594185a0a84a26f567e2b9d3
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8400
Reviewed-on: https://chromium-review.googlesource.com/c/1404446
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58697}
2019-01-10 12:34:51 +00:00
Jakob Kummerow
40ac5a39fc [ubsan] Fix numerical overflows in wasm
Mostly signed integer overflows, and a few cases of double
division by zero (which is defined by IEEE-754 to return
Infinity (or NaN for 0/0) but is UB in C++).

Bug: v8:3770
Change-Id: Id92725b0ac57cb357978124a3dc6f477430bc97d
Reviewed-on: https://chromium-review.googlesource.com/c/1403133
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58696}
2019-01-10 12:24:51 +00:00
Leszek Swirski
f9a858fc96 [ignition] Remove useless iterator 'done' setting
The 'done' setting dance in BuildFillArrayWithIterator turned out to
not be useful, as the StoreInArrayLiteral call could not ever throw an
exception. Since iterator exceptions count as done, we are guarnteed to
be done as soon as we enter the loop.

Change-Id: Ibe2ba1fcbe383bfcfedb185169890b6931cc7884
Reviewed-on: https://chromium-review.googlesource.com/c/1402792
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58695}
2019-01-10 11:37:42 +00:00
Leszek Swirski
7fbbce5fa1 [ignition] Fix iteration finalization exception suppression
The IteratorClose spec specifies that exceptions in
%GetMethod(iterator.return) are not suppressed by exceptions in the
given continuation (body of a loop, assignments in destructuring),
while exceptions in the execution of iterator.return() are.

This means that we have to split out the property access + a typeof
check to be outside the try-catch, and keep the call inside of it.

The non-split version is only for cases when there is no 'throws'
continuation (as is the case for yield* calling IteratorClose), so
the existing BuildIteratorClose can be renamed to reflect this.

Change-Id: Id71aea4fddd6ffb986bd9aaa09d29615a8800f71
Reviewed-on: https://chromium-review.googlesource.com/c/1402789
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58694}
2019-01-10 11:29:12 +00:00
Jakob Kummerow
af8ff984f6 [ubsan] Fix numerical overflows in the compiler
Mostly signed integer overflows, and a few cases of double
division by zero (which is defined by IEEE-754 to return
Infinity (or NaN for 0/0) but is UB in C++).

Bug: v8:3770
Change-Id: I8007987594ff534ca697c1c3247215a72a001343
Reviewed-on: https://chromium-review.googlesource.com/c/1403132
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58693}
2019-01-10 11:17:37 +00:00
Jakob Gruber
566a885d4a [nojit] Don't allocate executable memory in jitless mode
This CL disables RX (read and execute) permissions for Code memory
when in jitless mode. All memory that was previously allocated RX
is now read-only.

Bug: v8:7777
Cq-Include-Trybots: luci.v8.try:v8_linux_arm_lite_rel_ng
Change-Id: I52d6ed785d244ec33168a02293c5506d26f36fe8
Reviewed-on: https://chromium-review.googlesource.com/c/1390122
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58692}
2019-01-10 10:55:48 +00:00
tzik
d31bbfe7a8 Simplify x64 JSEntryVariant by merging Windows case to others
As a follow up of https://crrev.com/c/1372857, this merges Windows
cases into others by using Move() and arg_reg_{1,2,3,4}.

Bug: v8:8124
Change-Id: Iff015089fd2bfce29565ab213c8e41c8ef1cd68f
Reviewed-on: https://chromium-review.googlesource.com/c/1404774
Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58691}
2019-01-10 10:01:50 +00:00
Stephan Herhut
238a9044fe Revert "[regalloc] Introduce LiveRangeBundles"
This reverts commit d024b9a1f5.

Reason for revert: Left-over static counter in the code.

Original change's description:
> [regalloc] Introduce LiveRangeBundles
> 
> The idea behind this change is to restore some information about
> pre-ssa values to aid register allocation in sharing spill slots and
> reusing registers for connected live ranges.
> 
> By itself, this change does not improve much but it allows upcoming
> changes to freely spill and reload ranges without worrying about
> keeping the assignment stable.
> 
> Change-Id: I9320522592546655cc8fd0236d45fe075276a49e
> Reviewed-on: https://chromium-review.googlesource.com/c/1375665
> Commit-Queue: Stephan Herhut <herhut@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58688}

TBR=sigurds@chromium.org,herhut@chromium.org

Change-Id: Id4f84a0e418e17729a301c848a7b9694f0eb9931
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/1404439
Reviewed-by: Stephan Herhut <herhut@chromium.org>
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58690}
2019-01-10 09:45:50 +00:00
Andreas Haas
2755543ab3 [wasm] Remove --experimental-wasm-mut-global flag
The flag has been enabled by default since June 2018, see
https://crrev.com/c/1095650.

R=binji@chromium.org

Bug: v8:7625
Change-Id: I7cb4874db7f632b593f912e084b9fb7b8d568afe
Reviewed-on: https://chromium-review.googlesource.com/c/1402546
Reviewed-by: Ben Smith <binji@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58689}
2019-01-10 09:40:56 +00:00
Stephan Herhut
d024b9a1f5 [regalloc] Introduce LiveRangeBundles
The idea behind this change is to restore some information about
pre-ssa values to aid register allocation in sharing spill slots and
reusing registers for connected live ranges.

By itself, this change does not improve much but it allows upcoming
changes to freely spill and reload ranges without worrying about
keeping the assignment stable.

Change-Id: I9320522592546655cc8fd0236d45fe075276a49e
Reviewed-on: https://chromium-review.googlesource.com/c/1375665
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58688}
2019-01-10 09:06:51 +00:00
Stephan Herhut
ba56d28251 [regalloc] Cleanup use of kMaxFpRegisters
Minor refactoring to introduce kMaxRegisters instead of relying on
the fact that kMaxGpRegisters <= kMaxFpRegisters.

Bug: v8:8562
Change-Id: If8221a799199c62d5262cfad762489a5088351c7
Reviewed-on: https://chromium-review.googlesource.com/c/1403120
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58687}
2019-01-10 08:54:53 +00:00
v8-ci-autoroll-builder
d3f07e0018 Update V8 DEPS.
Rolling v8/build: 117f6f1..7b20546

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/3511bed..79517a0

Rolling v8/third_party/depot_tools: da90c53..b1be378

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: Iaa79e20f0600877618f2da249690b0ab54255de4
Reviewed-on: https://chromium-review.googlesource.com/c/1404196
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#58686}
2019-01-10 08:35:08 +00:00
Ujjwal Sharma
5dee355fe6 [test] add perf tests for String.p.startsWith
Add performance tests for String.prototype.startsWith ahead of port to
torque in order to keep track of how performance is affected.

Bug: v8:8400
Change-Id: Ifc753a6f13da20c1760e545a99fd693717e3acc6
Reviewed-on: https://chromium-review.googlesource.com/c/1402934
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58685}
2019-01-10 08:20:48 +00:00
Alexei Filippov
992e8fffce Fix OWNERS file name in src/tracing
TBR=yangguo@chromium.org
NOTRY=true

Change-Id: I5fa467a37d654c6e7254f429b7b2f662a77b2901
Reviewed-on: https://chromium-review.googlesource.com/c/1403017
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Commit-Queue: Alexei Filippov <alph@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58684}
2019-01-10 06:49:11 +00:00
tzik
7efa02a3cf Shuffle the parameter ordering of JSEntry
This moves |root_register_value| parameter of JSEntryFunction to the
first. I.e. the type of entry function will be changed from
 Object*(Object* new_target, Object* target, Object* receiver,
         int argc, Object*** args,
         Address root_register_value)
to
 Object*(Address root_register_value,
         Object* new_target, Object* target, Object* receiver,
         int argc, Object*** args),
and moves all parameter handling except for |root_register_value| from
JSEntryVariant to JSEntryTrampolineHelper.

This is a preparation to add another JS entry point for RunMicrotasks,
whose type will be
 Object*(Address root_register_value, MicrotaskQueue*).
The new entry point requires |root_register_value| to be the first to
share the implementation of the EntryFrame setup with existing ones.

Bug: v8:8124
Change-Id: I675376a2ccd240f61cf04eea6fe9a91031e06ede
Reviewed-on: https://chromium-review.googlesource.com/c/1372857
Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58683}
2019-01-10 06:17:15 +00:00
Frank Tang
d286fe3dbc [Intl] Fix getting undefined property crash
If the key of the u-ext has no value it will return error so
we should just return undefined for that case.

Bug: v8:8663
Change-Id: I7446ad74c8d0609ad268385b6f4d986060424ce9
Reviewed-on: https://chromium-review.googlesource.com/c/1404194
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58682}
2019-01-10 00:59:53 +00:00
Sigurd Schneider
76c377a344 [turbolizer] Format turbolizer source
Change-Id: Iffd68156515948254e4ce38021c511596acc5788
Notry: true
Bug: v8:7327
Reviewed-on: https://chromium-review.googlesource.com/c/1400849
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58681}
2019-01-09 20:46:22 +00:00
Georg Neis
99749a748f [turbofan] Add CanInlineArrayResizingBuiltin helper.
This is the analogue to CanInlineArrayIteratingBuiltin.

Change-Id: Ic96a8e230f50493d2482d5990d190ac2e7483fe9
Reviewed-on: https://chromium-review.googlesource.com/c/1400405
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58680}
2019-01-09 19:27:41 +00:00
Adam Klein
ca40805ae1 [scopes] Remove dead code identified by coverage reports
Change-Id: I5b2ec3e8b0d2882465b33fedf62a6eac8f952f93
Reviewed-on: https://chromium-review.googlesource.com/c/1387965
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58679}
2019-01-09 18:31:20 +00:00
Jakob Kummerow
d77e4a8484 [ubsan][cleanup] Drop ObjectSlot::load in favor of operator*
Now that we no longer have ObjectPtr and Object* return types,
one way to load the slot's contents is enough.

Bug: v8:3770
Change-Id: I5acaeed22e68595b0e0ba036fcc4ac3d15c57462
Reviewed-on: https://chromium-review.googlesource.com/c/1400416
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58678}
2019-01-09 17:52:39 +00:00
Clemens Hammacher
01f824c176 [wasm] Merge foreground work after compilation
Instead of spawning several foreground tasks, execute the work in a
single chunk.
This will allow us in a follow-up step to remove the deferred handle
scope and pass the handles directly.

R=ahaas@chromium.org

Bug: v8:7921, v8:8423
Change-Id: I4dae6241e2a33e89e304a04cb67c2229c34f7b99
Reviewed-on: https://chromium-review.googlesource.com/c/1402545
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58677}
2019-01-09 16:17:29 +00:00
Clemens Hammacher
24a43b3c4e [Liftoff] Fix reloading register spilled multiple times
Since register can be used multiple times on the stack, they can also
be spilled into multiple stack slots. At merge points, we then might
have to reload the spilled slots. A DCHECK currently checks that each
register is only loaded once. Instead of failing, just load the first
stack slot, the others are statically known to contain the same value
anyways.

R=ahaas@chromium.org

Bug: v8:6600, chromium:919533
Change-Id: Ic0c806238b2997f006829b4b509a50468a55befa
Reviewed-on: https://chromium-review.googlesource.com/c/1403124
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58676}
2019-01-09 16:12:50 +00:00
Ben L. Titzer
49a526ace9 Remove invalid DCHECKS in unwinding-info-writer
The unwinding info writer was assuming that a block that had no initial
state must be the start or end block. It was trying to check if the
block was the start or end by asserting that the block had either
no predecessors or no successors. Loop rotation breaks this assumption,
since it can move a block from inside a loop to before the loop
header, and the block can then be the "start" block. But since
such a block has both predecessor(s) and a successor, the check was
wrong.

R=clemensh@chromium.org
BUG=chromium:913844

Change-Id: Ic24c67a822d510cb082f25608089d313c3459be8
Reviewed-on: https://chromium-review.googlesource.com/c/1373770
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58675}
2019-01-09 15:52:08 +00:00
Yang Guo
c736883ed4 Optionally use halfsiphash for integer hashing.
Change-Id: Ibd14f7b3fe78635675c76ae864112e3a3a7bc701
Reviewed-on: https://chromium-review.googlesource.com/c/1382463
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58674}
2019-01-09 15:20:51 +00:00
Camillo Bruni
e355052048 [parser] Cleaning up adding skippable function preparse data
- Add DataGatheringScope::AddSkippableFunction
- Rename preparsed_scope_data_builder to preparse_data_builder

Change-Id: Ic882de638bed91a6ca4716f88db859410f1450b8
Reviewed-on: https://chromium-review.googlesource.com/c/1400846
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58673}
2019-01-09 15:19:46 +00:00
Junliang Yan
5d39e1984c PPC: fix PPC native C linkage
R=joransiu@ca.ibm.com

Change-Id: Iba732965ba7efc961295888b1cbf6ea1ef1990b0
Reviewed-on: https://chromium-review.googlesource.com/c/1403234
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58672}
2019-01-09 15:13:37 +00:00
Tamer Tas
9a529b122c [test] reformat and rename presubmit checks
R=sergiyb@chromium.org

No-Try: true
Change-Id: I94937b6852c8e7e8aece3b67eb1c2a79dbf71c25
Reviewed-on: https://chromium-review.googlesource.com/c/1392193
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58671}
2019-01-09 14:55:46 +00:00
Leszek Swirski
5e725a2b43 [parser] Don't desugar destructuring declarations.
Emit a single destructuring assignment for destructuring declarations,
which can be desugared by the bytecode generator. This allows us to
remove destructuring desugaring from the parser (specifically, the
pattern rewriter) entirely.

The pattern "rewriter" is now only responsible for walking the
destructuring pattern to declare variables, mark them assigned, and
potentially rewrite scopes for the edge case of parameters with a sloppy
eval.

Note that since the rewriter is no longer rewriting, we have to flip the
VariableProxy copying logic for var re-lookup, so that we now pass the
new VariableProxy to the variable declaration and leave the original
unresolved (rather than passing the original through and rewriting to a
new unresolved VariableProxy).

This change does have some effect on breakpoint locations, due to some
of the available information changing between the parser and bytecode
generator, however the new locations appear to be more consistent
between assignments and declarations.

Change-Id: I3a58dd0a387d2bfb8e5e9e22dde0acc5f440cb82
Reviewed-on: https://chromium-review.googlesource.com/c/1382462
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58670}
2019-01-09 14:09:23 +00:00
Stephan Herhut
5f138ac151 [regalloc] Fix register hints being ignored
When adding the new heuristic to allocate registers that do not
take part in hinting first, I managed to break hinting for most
cases. This change makes hinting operational again.

Bug: chromium:920106
Change-Id: I0f460a66196087266dcb70a7a0e5569124bdd2ff
Reviewed-on: https://chromium-review.googlesource.com/c/1402791
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58669}
2019-01-09 14:00:41 +00:00
Toon Verwaest
25dde52d6d [parser] Drop ParserFormalParameters::Parameter::name
It's anyway only read in case of simple parameters. In that case pattern is
guaranteed to be a VariableProxy, from which we can read the name as well.

Change-Id: Ie340064453594ab4f84b1d0223506801635c289d
Reviewed-on: https://chromium-review.googlesource.com/c/1402782
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58668}
2019-01-09 13:55:31 +00:00
Predrag Rudic
d586857cff [MIPS] Add Predrag Rudic and Aleksandar Rikalo as owners of MIPS files
Ivica Bogosavljevic is no longer part of MIPS V8 team, and therefore his
name is removed from OWNERS.

TBR=mstarzinger@chromium.org
NOTRY=true

No-Presubmit: true
Change-Id: I1ea6745b795573a17362dfd869528ddf78b8ab41
Reviewed-on: https://chromium-review.googlesource.com/c/1402775
Commit-Queue: Predrag Rudic <prudic@wavecomp.com>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58667}
2019-01-09 13:40:20 +00:00
Georg Neis
23fa506150 [turbofan] Precompute inlineability of array iteration builtins per map.
Bug: v8:7790
Change-Id: Ife2d4d19bc40ec195974c5302677fef4ab442fa2
Reviewed-on: https://chromium-review.googlesource.com/c/1398721
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58666}
2019-01-09 12:51:37 +00:00
tzik
d65de04018 Use V8_NOEXCEPT consistently between decls and impls
This is a leftover of the previous CL.
https://chromium-review.googlesource.com/c/v8/v8/+/1402305.

noexcept keyword needs to be consistent between the declaration and
implementation in C++17.

Bug: v8:8616, chromium:752720
Change-Id: I8a21426e550d666bd84c1a6e7bc36d1eec495333
Reviewed-on: https://chromium-review.googlesource.com/c/1402305
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58665}
2019-01-09 12:39:46 +00:00
Michael Starzinger
082bfec916 [asm.js] Fix semicolon insertion in presence of Unicode.
R=clemensh@chromium.org
TEST=mjsunit/asm/regress-920076
BUG=chromium:920076

Change-Id: Ieb6d1dd84ab9434ff17ee09444e7d8ce830f898c
Reviewed-on: https://chromium-review.googlesource.com/c/1402778
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58664}
2019-01-09 12:38:41 +00:00
Clemens Hammacher
3c99ee28d3 Revert "[wasm] Inline CompileFailed step"
This reverts commit 556ef4c387.

Reason for revert: Seems to cause hangs in tests.

Original change's description:
> [wasm] Inline CompileFailed step
> 
> The {CompileFailed} just calls {AsyncCompileFailed}, which also does
> not do much. Thus just inline directly call a function instead of
> spawning a foreground task. This saves one instance of DeferredHandles.
> 
> R=​ahaas@chromium.org
> 
> Bug: v8:7921, v8:8423
> Change-Id: Ia8fb72a3ce2efd1f9a069c1a3b0b670b15fd8bce
> Reviewed-on: https://chromium-review.googlesource.com/c/1402714
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58662}

TBR=ahaas@chromium.org,clemensh@chromium.org

Change-Id: I3430fb304b8df72b93330d104c09b0a144bbd069
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7921, v8:8423
Reviewed-on: https://chromium-review.googlesource.com/c/1402786
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58663}
2019-01-09 12:37:38 +00:00
Clemens Hammacher
556ef4c387 [wasm] Inline CompileFailed step
The {CompileFailed} just calls {AsyncCompileFailed}, which also does
not do much. Thus just inline directly call a function instead of
spawning a foreground task. This saves one instance of DeferredHandles.

R=ahaas@chromium.org

Bug: v8:7921, v8:8423
Change-Id: Ia8fb72a3ce2efd1f9a069c1a3b0b670b15fd8bce
Reviewed-on: https://chromium-review.googlesource.com/c/1402714
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58662}
2019-01-09 12:12:50 +00:00
Georg Neis
23f087ccca [turbofan] Precompute inlineability of array resize builtins per map.
Bug: v8:7790
Change-Id: Iad109ee7112b8c21b4fd89e189e68911b6aa4968
Reviewed-on: https://chromium-review.googlesource.com/c/1397708
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58661}
2019-01-09 12:09:45 +00:00
Toon Verwaest
82c0f925fe [parser] Compute IsPrivateName from the underlying string on-the-fly
Change-Id: Ib9f51cab17a3ed9e8960857e77fc80a9a08df798
Reviewed-on: https://chromium-review.googlesource.com/c/1400841
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58660}
2019-01-09 12:06:20 +00:00
Jakob Kummerow
ec2f4acf4b [ubsan] Clean up macro usage in *-inl.h
The incremental migration required several pairs of functionally
equivalent macros. This patch consolidates everything onto the
respective new version and drops the obsolete versions.

Bug: v8:3770
Change-Id: I4fb05ff223e8250c83a13f46840810b0893f410b
Reviewed-on: https://chromium-review.googlesource.com/c/1398223
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58659}
2019-01-09 12:05:15 +00:00
Michael Starzinger
56bed77bd5 [arm] Enable write-protected code pages.
R=hablich@chromium.org
BUG=chromium:845877

Change-Id: Ia5ede7b5aaa4d5937160b1e0733132c47afeb712
Reviewed-on: https://chromium-review.googlesource.com/c/1400407
Reviewed-by: Michael Hablich <hablich@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58658}
2019-01-09 11:18:15 +00:00
Toon Verwaest
5b4d4c2401 [parser] Parenthesized identifiers are invalid as part of a declaration
Bug: v8:8659
Change-Id: I7208589dcb5c40dd915a50517f83f3da646202be
Reviewed-on: https://chromium-review.googlesource.com/c/1402547
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58657}
2019-01-09 11:02:55 +00:00
Clemens Hammacher
c26b4977d6 [wasm] Create runtime objects later
For compilation we only need the NativeModule. Thus only create this
before compilation, create other runtime objects later.
This is a first step towards removing the deferred handles and
clustering all foreground work in one chunk after compilation.

R=ahaas@chromium.org

Bug: v8:7921, v8:8423
Change-Id: If62387d68ddf0f5e067adbaef5fbeca7178958a4
Reviewed-on: https://chromium-review.googlesource.com/c/1402544
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58656}
2019-01-09 11:01:15 +00:00
Predrag Rudic
b0dc60f6b3 MIPS[64]: Port '[Deopt] Remove jump table in prologue of deopt entries.'
Port commit 4ab96a9a81

Original message:
> Remove the use of a jump table in the prologue of the deopt entries
> and instead pass the bailout id explicitly in a register when calling
> the deopt entry routine from optimized code. This unifies the logic
> with the way the Arm64 code works. It saves the following amount of
> memory in code stubs:
>
>  - arm:  384KB
>  - ia32: 480KB
>  - x64:  240KB
>
> This could be offset by a slight increase in the size of optimized code
> for loading the immediate, however this impact should be minimal and
> will scale with the maximum number of bailout ids (e.g., the size of
> code will increase by one instruction per bailout id on Arm, therefore
> ~98,000 bailouts will be needed before the overhead is greater than
> the current fixed table size).
>
> Change-Id: I838604b48fa04cbd45320c7b9dac0de08fd8eb25
> Reviewed-on: https://chromium-review.googlesource.com/c/1398224
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58636}

Change-Id: I4d070b90ebd4f9d4e82eaa74fe6d41c3a39d93e8
Reviewed-on: https://chromium-review.googlesource.com/c/1400848
Reviewed-by: Sreten Kovacevic <skovacevic@wavecomp.com>
Commit-Queue: Sreten Kovacevic <skovacevic@wavecomp.com>
Cr-Commit-Position: refs/heads/master@{#58655}
2019-01-09 10:14:59 +00:00
Jakob Gruber
ba712bf89f [csa] Call FatalProcessOutOfMemory in OOM situations
OOMs in CSA code would trigger fairly arbitrary assertion failures on
some paths. This changes CSA::AllocateRaw to call
FatalProcessOutOfMemory (just like runtime methods).
CSA::AllocateFixedArray additionally checks for
FixedArray::kMaxLength.

This increases overall builtin code size on x64 release by 28K / 2.5%.

Bug: chromium:917561, chromium:848672
Change-Id: I757271264f396e0df8d8fe0570bad078075c27d5
Reviewed-on: https://chromium-review.googlesource.com/c/1400414
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58654}
2019-01-09 10:08:39 +00:00
Tom Tan
934af8dde9 .rodata from embedded.S should be read only
.rodata usually hosts read only data. MSVC link.exe complains mismatch when
merging this read/write .rodata from embedded.S with .rodata from other object
file.

Bug: chromium:919180
Change-Id: I7789e42afe116cc4bf772e2cbb312d19e4ce7fe5
Reviewed-on: https://chromium-review.googlesource.com/c/1396361
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58653}
2019-01-09 07:58:51 +00:00