Commit Graph

8090 Commits

Author SHA1 Message Date
kschimpf
d4a108078d Fix use of history timers in background threads.
HistoryTimer's can't run in the background because they use a timer
with a simple api of Start() and Stop(). This CL fixes this problem
by building a base class TimedHistogram that doesn't have a timer.

The class HistoryTimer is modified to use this base class so that
uses that run on the foreground thread do not need to be modified.

It also adds a new class TimedHistogramScope that defines the timer
in this class. This allows the corresopnding TimedHistogram class to
be type safe.

BUG=v8:6361

Review-Url: https://codereview.chromium.org/2929853003
Cr-Commit-Position: refs/heads/master@{#46150}
2017-06-22 22:14:24 +00:00
Jochen Eisinger
14ba446bf2 Replace PREPARE_FOR_EXECUTION_PRIMITIVE
In most cases, I'm using ENTER_V8 which is due to the fact that the
respective methods might end up executing script, either because they
invoke some callback, or because they might trigger a proxy trap.

Also add microtask suppression scopes in the debugger to all the places
that need one according to tests.

BUG=v8:5830
R=marja@chromium.org,jgruber@chromium.org

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I24cc3de37fc0d8156acfe86b290568e5f8f662b4
Reviewed-on: https://chromium-review.googlesource.com/519262
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46146}
2017-06-22 17:00:40 +00:00
Marja Hölttä
1fce2d2d61 [parser] Skipping inner funcs: Fix function name declarations
let f = function g() { ... } declares "g" inside the function. This
CL makes the preparser declare it too, and saves + restores the scope data for
it.

BUG=v8:5516

Change-Id: Id4c64f446d30f5252038cfb0f0f473b85ba24a9b
Reviewed-on: https://chromium-review.googlesource.com/544816
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46133}
2017-06-22 13:38:26 +00:00
Martyn Capewell
0d7ea96a8d [arm64] Re-enable wasm tests.
Re-enable a couple of WebAssembly tests previously disabled by mistake.

Change-Id: I315b991bc1bb2a22aa5238e85e477704e3dc94df
Bug: 
Reviewed-on: https://chromium-review.googlesource.com/543123
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
Cr-Commit-Position: refs/heads/master@{#46132}
2017-06-22 13:27:06 +00:00
Marja Hölttä
2b730f6335 [parser] Skipping inner funcs: fix the test setup.
The test setup was as follows:
- Preparse function test() { ... }, get scope allocation data.
- Apply the scope allocation data to (function test() { ... })();
- Compare against normal scope allocation for (function test() { ... })();

But the IIFE is unnecessary - we already disable lazy parsing.

Cleaning this up is needed because in the next CL, I want to fix the Scopes
produced by PreParser in this case:

let f = function g() {
  // Here we should declare g!
}

And that fix will make the variables in
function test() {
  // Here we don't declare test
}
and
(function test() {
  // Here we do declare test
})();
not match any more, so it doesn't make sense to compare them against each other.

BUG=v8:5516

Change-Id: I93d154c6977bb3cbe405b6ca193cf6283df297bc
Reviewed-on: https://chromium-review.googlesource.com/543341
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46128}
2017-06-22 12:10:52 +00:00
Toon Verwaest
c5eec2d571 [runtime] Cleanup Dictionary constructors; remove NewEmpty
Bug: 
Change-Id: Iafd8174f567365ece3b124685bf50a10b57fbd09
Reviewed-on: https://chromium-review.googlesource.com/543499
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46127}
2017-06-22 12:02:02 +00:00
Toon Verwaest
4a635150f1 [runtime] Remove kIsEnumerable and move methods relying on it to BaseNameDictionary
Bug: 
Change-Id: Iab8fc855808b22a2786476ddc4568f3f474c73d8
Reviewed-on: https://chromium-review.googlesource.com/543079
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46125}
2017-06-22 10:42:12 +00:00
Michael Starzinger
e6c2df47e1 [fullcodegen] Deprecate usage of patching BinaryOpICStub.
This switches all uses of the patching {BinaryOpICStub} over to the
respective existing and non-patching CSA-builtins, and removes some
supporting code. It also removes the inlined SMI handling.

R=verwaest@chromium.org
BUG=v8:6408

Change-Id: If547c0127bfcafbd01ccb33b702b1868006ebcb1
Reviewed-on: https://chromium-review.googlesource.com/541398
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46122}
2017-06-22 09:29:20 +00:00
Jochen Eisinger
c4852ea94c Pull tracing related methods out of Platform
This will allow for embedders to easily implement their own Platform
without duplicating the tracing controller code.

BUG=v8:6511
R=fmeawad@chromium.org

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I7c64933d12b2cf53f0636fbc87f6ad5d22019f5c
Reviewed-on: https://chromium-review.googlesource.com/543015
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Fadi Meawad <fmeawad@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46118}
2017-06-22 08:58:40 +00:00
Daniel Ehrenberg
d54ffadfda [scopes] Fix sloppy-mode block-scoped function hoisting edge case
In edge cases such as the following, sloppy-mode block-scoped function
hoisting is expected to occur:

  eval(`
    with({a: 1}) {
      function a() {}
    }
  `)

In this case, there should be the equivalent of a var declaration
outside of the eval, which gets set to the value of the local function
a when the body of the with is executed.

Previously, the way that var declarations are hoisted out of eval
meant that the assignment to that var was an ordinary DYNAMIC_GLOBAL
assignment. However, such a lookup mode meant that the object in the
with scope received the assignment!

This patch fixes that error by marking the assignments produced by
the sloppy mode block scoped function hoisting desugaring so as to
generate a different runtime call which skips with scopes.

Bug: chromium:720247, v8:5135
Change-Id: Ie36322ddc9ca848bf680163e8c016f50d4597748
Reviewed-on: https://chromium-review.googlesource.com/529230
Commit-Queue: Daniel Ehrenberg <littledan@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46116}
2017-06-22 08:18:55 +00:00
bakkot
76078e140a Reland "[parser] Forbid \08 in strict strings"
(Reland: NeedsManualRebaseline'd newly-fixed layout test in Chromium.)

This was never legal; the spec only allows '\0' in strict-mode strings
or templates when not followed by a decimal digit. Previously we were
only enforcing that it not be followed by an _octal_ digit.

This was already fixed for numeric literals, but not for escape
sequences in strings.

BUG=v8:6504

Review-Url: https://codereview.chromium.org/2948903002
Cr-Commit-Position: refs/heads/master@{#46106}
2017-06-21 17:41:46 +00:00
Alexey Kozyatinskiy
d9be9fd88d Added v8::Module::GetModuleRequestPosition method
This method returns position of importing stmt in module source.

R=neis@chromium.org

Bug: chromium:721589
Change-Id: I8639796a001fdfec7cf5aa1bf1a27493f7a757a9
Reviewed-on: https://chromium-review.googlesource.com/541322
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46105}
2017-06-21 16:00:14 +00:00
Leszek Swirski
234d1f8a4b [bitvector] Allow BitVector to resize
Allows BitVector to resize, updating its own data and data length to
match the new length. We can fast-path resizes which fit into the same
data length (since high bits are already zero), and replace the pattern
where a BitVector is cloned using CopyFrom.

Change-Id: If79ca782c516e93b2a27c5e335e263554d522e88
Reviewed-on: https://chromium-review.googlesource.com/539522
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46101}
2017-06-21 15:13:05 +00:00
Michael Lippautz
ee35abf125 [heap] Build proper iterator for iterating live objects
- Iterator advancing is kept mainly unchanged.
- The iterator stores the size of the object which is to be used by the
  caller in follow ups. This way we might be able to avoid further out
  of line loads.
- The iteartor follows the regular std conventions allowing range based
  loops.

Bug: chromium:651354
Change-Id: I8928224a62d3a48a48145a2d00279a28608bc634
Reviewed-on: https://chromium-review.googlesource.com/543335
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46085}
2017-06-21 12:20:14 +00:00
Andreas Haas
6828887b85 [wasm] Remove the wasm-asmjs fuzzer
The fuzzer has already been removed from chromium. In addition I removed
code which was only used by this fuzzer.

BUG=chromium:734550
R=clemensh@chromium.org
CC=mstarzinger@chromium.org

Change-Id: I2ff4614e4d64131412ead759318e5c38e38f5d3d
Reviewed-on: https://chromium-review.googlesource.com/542816
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46078}
2017-06-21 10:59:35 +00:00
Ross McIlroy
811643b49b Reland: [IdentityMap] Fix size if GC short-cuts objects.
BUG=chromium:704132

Change-Id: I5be333888215718c2680f5a442fe26ffd988f04e
Reviewed-on: https://chromium-review.googlesource.com/541443
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46077}
2017-06-21 09:37:20 +00:00
Bill Budge
73ca1690ae [WASM SIMD] Eliminate boolean vector materialization in SIMD tests.
- Now that there are no boolean vector types, we can directly test the
  results of relational ops.

Bug: v8:6020
Change-Id: Id2139133ae3a548a9985a26a3427cbeddc6272a6
Reviewed-on: https://chromium-review.googlesource.com/536176
Reviewed-by: Aseem Garg <aseemgarg@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46075}
2017-06-20 23:04:43 +00:00
Sathya Gunasekaran
323cf26df0 [Collections] Change ::HasKey to return bool
Mask the lower byte before doing the compare.

Bug: v8:5717, v8:6455
Change-Id: I0c7e8b79adc36fb5ee643eae2e42fd892cd560fd
Reviewed-on: https://chromium-review.googlesource.com/527885
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46070}
2017-06-20 18:45:27 +00:00
machenbach
c3f2c5ef8d Revert of [parser] Forbid \08 in strict strings (patchset #3 id:40001 of https://codereview.chromium.org/2950633002/ )
Reason for revert:
Breaks layout test:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/16403

See:
https://github.com/v8/v8/wiki/Blink-layout-tests

Original issue's description:
> [parser] Forbid \08 in strict strings and in untagged templates
>
> This was never legal; the spec only allows '\0' in strict-mode strings or templates
> when not followed by a decimal digit. Previously we were only enforcing that it
> not be followed by an _octal_ digit.
>
> This was already fixed for numeric literals, but not for escape sequences in strings.
>
> BUG=v8:6504
>
> Review-Url: https://codereview.chromium.org/2950633002
> Cr-Commit-Position: refs/heads/master@{#46046}
> Committed: b102540e44

TBR=vogelheim@chromium.org,bakkot@gmail.com
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:6504

Review-Url: https://codereview.chromium.org/2946953002
Cr-Commit-Position: refs/heads/master@{#46068}
2017-06-20 18:24:00 +00:00
Sathya Gunasekaran
d5040c4390 [collections] Add OrderedHashTable::Delete
Bug: v8:5717
Change-Id: Icc601c409ac79195991facf1cb2027aab6145ff8
Reviewed-on: https://chromium-review.googlesource.com/540659
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46066}
2017-06-20 18:20:12 +00:00
Ross McIlroy
84b602537e Revert "[IdentityMap] Fix size if GC short-cuts objects."
This reverts commit d58bb2dcfa.

Reason for revert: New test breaks on optimize-for-size:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20-%20debug/builds/16469/steps/OptimizeForSize/logs/GCShortCutting

Original change's description:
> [IdentityMap] Fix size if GC short-cuts objects.
> 
> BUG=chromium:704132
> 
> Change-Id: I6146c907d4f26147676f7dde4974c44fe541e8fe
> Reviewed-on: https://chromium-review.googlesource.com/541362
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#46059}

TBR=rmcilroy@chromium.org,mstarzinger@chromium.org

Change-Id: Ib2ba207dcc1b3193d3645090e9c0a9676f38c353
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:704132
Reviewed-on: https://chromium-review.googlesource.com/541224
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46061}
2017-06-20 16:14:01 +00:00
Ross McIlroy
d58bb2dcfa [IdentityMap] Fix size if GC short-cuts objects.
BUG=chromium:704132

Change-Id: I6146c907d4f26147676f7dde4974c44fe541e8fe
Reviewed-on: https://chromium-review.googlesource.com/541362
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46059}
2017-06-20 15:36:47 +00:00
Dusan Simicic
b772ef4b57 MIPS[64]: Implement Shuffle SIMD operations
Add support for S32x4Shuffle, S16x8Shuffle, S8x16Shuffle for mips and
mips64 architectures.

Bug: 
Change-Id: I2c062525ed94edfcb38a53f4bbef02131e313ba3
Reviewed-on: https://chromium-review.googlesource.com/531007
Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46053}
2017-06-20 14:29:15 +00:00
mvstanton
b2b38f00c0 Remove enum RelocInfo::CODE_TARGET_WITH_ID.
RelocInfo no longer needs CODE_TARGET_WITH_ID thanks to the removal
of Crankshaft.

BUG=v8:6408
R=mstarzinger@chromium.org

Review-Url: https://codereview.chromium.org/2951473002
Cr-Commit-Position: refs/heads/master@{#46047}
2017-06-20 13:30:17 +00:00
bakkot
b102540e44 [parser] Forbid \08 in strict strings and in untagged templates
This was never legal; the spec only allows '\0' in strict-mode strings or templates
when not followed by a decimal digit. Previously we were only enforcing that it
not be followed by an _octal_ digit.

This was already fixed for numeric literals, but not for escape sequences in strings.

BUG=v8:6504

Review-Url: https://codereview.chromium.org/2950633002
Cr-Commit-Position: refs/heads/master@{#46046}
2017-06-20 13:28:17 +00:00
Clemens Hammacher
f244f0c5ef Implement managed objects with phantom handles
For each Managed<T> (which is a Foreign), we create a weak global handle
with a finalizer which deletes the referenced C++ object once the
Foreign is dead.
Before calling this finalizer, the garbage collector needs to mark the
referenced object black (i.e. live), because the finalizer might
resurrect it.
Since this is never done for managed objects, we can use the more
lightweight phantom handle semantics, which allows the referenced
object to be garbage collected right away.

However, we can't access the global handle via the WeakCallbackInfo,
because the global handle will already be garbage collected. So we need
to store it explicitly. This is solved by storing the global handle
together with the finalizer.
In order to implement this, ownership of the ManagedObjectFinalizer
is moved from the isolate to the managed object.

R=ulan@chromium.org, mtrofin@chromium.org
BUG=v8:6505, chromium:734345

Change-Id: I94a245df601f70e19355d82439d30099e159231b
Reviewed-on: https://chromium-review.googlesource.com/539578
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46036}
2017-06-20 10:58:45 +00:00
Sathya Gunasekaran
4cf144dc2e [Collections] Implement SmallOrderedHashMap
Bug: v8:6443
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I20b1006a5c5ff24a730f15286cf0f340ba047b78
Reviewed-on: https://chromium-review.googlesource.com/526001
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46034}
2017-06-20 10:25:15 +00:00
Bill Budge
22aad80e0b [ARM64] Implement WebAssembly SIMD opcodes for ARM64.
BUG: v8:6020
Change-Id: I7280827aa9a493677253cc2fbd42be8173b55b7a
Reviewed-on: https://chromium-review.googlesource.com/534956
Reviewed-by: Martyn Capewell <martyn.capewell@arm.com>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46018}
2017-06-19 19:55:06 +00:00
gdeepti
631c429f9a [wasm] SIMD/Atomics ops update to use the right prefix opcodes
- Use correct prefixes for SIMD/Atomics ops
 - S128 LoadMem/StoreMem should not use 0xc0/0xc1 opcodes, these are now
 being used for sign extension
 - S128 LoadMem/StoreMem should use prefixed opcodes

BUG=v8:6020

Review-Url: https://codereview.chromium.org/2943773002
Cr-Commit-Position: refs/heads/master@{#46016}
2017-06-19 19:23:11 +00:00
Miran.Karic
37b461a932 MIPS64: Add optimizations to li and Dsubu macro.
Here we optimize Dsubu by instead of loading imm and subtracting, we
load -imm and perform addition when loading -imm takes less instructions
than loading imm. Similarily li is optimized by loading -imm and
performing addition or loading ~imm and inverting bits using nor when
one of these loads takes two instructions less than loading imm, saving
at least one instruction. Tests are adjusted to cover these
optimizations.

BUG=
TEST=cctest/test-assembler-mips/li_macro
     cctest/test-assembler-mips/Dsubu

Review-Url: https://codereview.chromium.org/2909913002
Cr-Commit-Position: refs/heads/master@{#46001}
2017-06-19 12:20:17 +00:00
Leszek Swirski
24b7026d73 [compiler] Drive optimizations with feedback vector (reland)
For interpreted functions, use the optimized code slot in the feedback
vector to store an optimization marker (optimize/in optimization queue)
rather than changing the JSFunction's code object. Then, adapt the
self-healing mechanism to also dispatch based on this optimization
marker. Similarly, replace SFI marking with optimization marker checks
in CompileLazy.

This allows JSFunctions to share optimization information (replacing
shared function marking) without leaking this information across native
contexts. Non I+TF functions (asm.js or --no-turbo) use a
CheckOptimizationMarker shim which generalises the old
CompileOptimized/InOptimizationQueue builtins and also checks the same
optimization marker as CompileLazy and InterpreterEntryTrampoline.

This is a reland of https://chromium-review.googlesource.com/c/509716

Change-Id: I02b790544596562373da4c9c9f6afde5fb3bcffe
Reviewed-on: https://chromium-review.googlesource.com/535460
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45997}
2017-06-19 10:33:59 +00:00
Wiktor Garbacz
de9269f3c3 Reland#2 [parser] Refactor streaming scanner streams.
Unify, simplify logic, reduce UTF8 specific handling.

Intend of this is also to have stream views.
Stream views can be used concurrently by multiple threads, but
only one thread may fetch new data from the underlying source.
This together with unified stream view creation is intended to be
used for parse tasks.

BUG=v8:6093

Change-Id: I83c6f1e6ad280c28da690da41c466dfcbb7915e6
Reviewed-on: https://chromium-review.googlesource.com/535474
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45994}
2017-06-19 10:18:01 +00:00
hpayer
0d2ed6c328 [heap] Allow a minimum semi-space size of 512K.
This CL also reduces the minimum semi-space size to 512K.

BUG=chromium:716032
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_rel_ng

Review-Url: https://codereview.chromium.org/2942543002
Cr-Commit-Position: refs/heads/master@{#45992}
2017-06-19 10:16:13 +00:00
Sathya Gunasekaran
0831927a33 [Collections] Implement OrderedHashMap::Add
Bug: v8:5717
Change-Id: I6bed5f36b7d32cd893c4d1cb1bcc9f21b7fac2f1
Reviewed-on: https://chromium-review.googlesource.com/527932
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45986}
2017-06-17 00:51:03 +00:00
Camillo Bruni
015edc60ff [runtime] Don't store object literal boilerplates on first run
Storing the boilerplate on the first run leads to memory ovehead for code
that is run only once. Hence we directly return the creating literal on the
first run and only start creating copies from the second run on.

Bug: v8:6211
Change-Id: I69b96d124a5b594b991fdbcc76dbf935d973ffad
Reviewed-on: https://chromium-review.googlesource.com/530688
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45975}
2017-06-16 10:43:19 +00:00
Adam Klein
431abca0ca Revert "[builtins] Move most WeakMap/WeakSet code from JS to C++ builtins"
This reverts commit 8196e10265.

Reason for revert: Performance regression due to hashcode lookup.

Original change's description:
> [builtins] Move most WeakMap/WeakSet code from JS to C++ builtins
> 
> They were already implemented mostly in C++ (only error/negative
> cases were handled in script), so this is mostly just a cleanup.
> Only the constructors remain in script after this CL.
> 
> Bug: v8:6354
> Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
> Change-Id: I5b3579337a8e33dc30d49c2da5cfd42baec697bb
> Reviewed-on: https://chromium-review.googlesource.com/531670
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
> Commit-Queue: Adam Klein <adamk@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#45924}

TBR=adamk@chromium.org,cbruni@chromium.org,gsathya@chromium.org
Bug: v8:6354, chromium:733238
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng

Change-Id: Ia5a741b9587886298f3ca057f6a6adeba556b8e0
Reviewed-on: https://chromium-review.googlesource.com/537207
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45966}
2017-06-15 22:04:38 +00:00
Sathya Gunasekaran
bc2c785c20 [parser] Better error message when destructuring against undefined/null
Previously, when destructuring against null or undefined we would
print:

  d8> var { x } = null
  (d8):1: TypeError: Cannot match against 'undefined' or 'null'.
  var { x } = null
  ^
  TypeError: Cannot match against 'undefined' or 'null'.
      at (d8):1:1


The above message uses the term "match" which isn't a common term in
JavaScript to describe destructuring. This message also doesn't
provide the name of the property that fails destructuring.

This patch changes the error message to be:

  d8> var { x } = null;
  (d8):1: TypeError: Cannot destructure property `x` of 'undefined' or 'null'.
  var { x } = null;
        ^
  TypeError: Cannot destructure property `x` of 'undefined' or 'null'.
      at (d8):1:1

This patch changes the message to say "destructure" instead of "match".

This patch adds support for printing property names that are string
literals. We iterate through every property and pick the first string
literal property name if it exists. This provides at least some
feedback to the developer.

This patch also makes the pointer point to the position of the
property name that fails destructuring.

For computed and numeric property names, we print a generic error:
  d8> var { 1: x } = null
  (d8):1: TypeError: Cannot destructure against 'undefined' or 'null'.
  var { 1: x } = null
  ^
  TypeError: Cannot destructure against 'undefined' or 'null'.
      at (d8):1:1

Bug: v8:6499
Change-Id: I35b1ac749489828686f042975294b9926e2dfc53
Reviewed-on: https://chromium-review.googlesource.com/537341
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45965}
2017-06-15 21:52:58 +00:00
georgia.kouveli
51a6789bed [arm64] Fix assertion in IsImmLLiteral and enable literal pool tests.
BUG=

Review-Url: https://codereview.chromium.org/2922983002
Cr-Commit-Position: refs/heads/master@{#45948}
2017-06-14 13:52:00 +00:00
Ulan Degenbaev
ec27afa8a8 [heap] Fix test-api/Regress528 for concurrent marking.
BUG=chromium:694255
TBR=mlippautz@chromium.org

Change-Id: I5c6fbb392d68a348e3a8b3fb52368232883e9931
Reviewed-on: https://chromium-review.googlesource.com/535594
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45940}
2017-06-14 11:47:06 +00:00
Michael Starzinger
f251e9501c [fullcodegen] Remove support for bailout preparation.
This removes the ability to prepare bailout points in code generated by
the {FullCodeGenerator}. Such code is no longer used as the target of
deoptimization attempts, hence storing deoptimization data is obsolete.

R=jarin@chromium.org
BUG=v8:6409

Change-Id: I3200182a6e88014ce953881fa0d1ac0bc65ee424
Reviewed-on: https://chromium-review.googlesource.com/533153
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45939}
2017-06-14 10:48:02 +00:00
bbudge
5d7039eac3 [WASM] Simplify SIMD shuffle opcodes.
- Eliminates S32x4Shuffle, S16x8Shuffle opcodes. All shuffles are subsumed
  by S8x16Shuffle. This aligns us with the latest WASM SIMD spec.

LOG=N
BUG=v8:6020

Review-Url: https://codereview.chromium.org/2923103003
Cr-Commit-Position: refs/heads/master@{#45929}
2017-06-13 23:40:51 +00:00
Adam Klein
8196e10265 [builtins] Move most WeakMap/WeakSet code from JS to C++ builtins
They were already implemented mostly in C++ (only error/negative
cases were handled in script), so this is mostly just a cleanup.
Only the constructors remain in script after this CL.

Bug: v8:6354
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I5b3579337a8e33dc30d49c2da5cfd42baec697bb
Reviewed-on: https://chromium-review.googlesource.com/531670
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45924}
2017-06-13 19:12:15 +00:00
Ulan Degenbaev
eb6b3408dc [heap] TSAN annotation for mark-bits initialization.
This patch also fixes several cctests that require manual GC.

BUG=chromium:694255

Change-Id: Ida93ed2498a6c5b0187ee78d2b1da27d2ff1906a
Reviewed-on: https://chromium-review.googlesource.com/533233
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45913}
2017-06-13 15:17:45 +00:00
martyn.capewell
849a08b871 [arm64] Fix pre-shifted immediate generation involving csp.
The function that generated a pre-shifted immediate didn't account for the
instruction with post-shift being unencodable. Fix this by passing
information about the target instruction, and use it to limit the application
of pre-shift.

BUG=chromium:725858

Change-Id: Ia0f70b2ea057975d90162aa6889f15b553acd321
Review-Url: https://codereview.chromium.org/2922173004
Cr-Commit-Position: refs/heads/master@{#45911}
2017-06-13 15:04:13 +00:00
jarin
814d08a6af Move closing of generators upon final return to the generator-resume builtin.
Review-Url: https://codereview.chromium.org/2936813002
Cr-Commit-Position: refs/heads/master@{#45906}
2017-06-13 13:49:45 +00:00
Jochen Eisinger
322b2d7d14 Pass the string we're about to compile to embedder
This gives the embedder more context for deciding whether code
generation should be allowed or not, or they can chose to include the
code in a report.

BUG=chromium:732736
R=ahaas@chromium.org

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Ibbaa3d0574319d290f15565be3eed2ee4d3dda36
Reviewed-on: https://chromium-review.googlesource.com/532875
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45905}
2017-06-13 13:39:27 +00:00
Leszek Swirski
58978da698 Revert "[compiler] Drive optimizations with feedback vector"
This reverts commit e39c9e020f.

Reason for revert: Breaks https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20debug/builds/15561

Original change's description:
> [compiler] Drive optimizations with feedback vector
> 
> For interpreted functions, use the optimized code slot in the feedback vector
> to store an optimization marker (optimize/in optimization queue) rather than
> changing the JSFunction's code object. Then, adapt the self-healing mechanism
> to also dispatch based on this optimization marker. Similarly, replace SFI
> marking with optimization marker checks in CompileLazy.
> 
> This allows JSFunctions to share optimization information (replacing shared
> function marking) without leaking this information across native contexts. Non
> I+TF functions (asm.js or --no-turbo) use a CheckOptimizationMarker shim which
> generalises the old CompileOptimized/InOptimizationQueue builtins and also
> checks the same optimization marker as CompileLazy and
> InterpreterEntryTrampoline.
> 
> Change-Id: I6826bdde7ab9a919cdb6b69bc0ebc6174bcb91ae
> Reviewed-on: https://chromium-review.googlesource.com/509716
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#45901}

TBR=rmcilroy@chromium.org,mstarzinger@chromium.org,leszeks@chromium.org
No-Presubmit: true
No-Tree-Checks: true
No-Try: true

Change-Id: Ib6c2b4d90fc5f659a6dcaf3fd30321507ca9cb94
Reviewed-on: https://chromium-review.googlesource.com/532916
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45903}
2017-06-13 13:24:20 +00:00
Leszek Swirski
e39c9e020f [compiler] Drive optimizations with feedback vector
For interpreted functions, use the optimized code slot in the feedback vector
to store an optimization marker (optimize/in optimization queue) rather than
changing the JSFunction's code object. Then, adapt the self-healing mechanism
to also dispatch based on this optimization marker. Similarly, replace SFI
marking with optimization marker checks in CompileLazy.

This allows JSFunctions to share optimization information (replacing shared
function marking) without leaking this information across native contexts. Non
I+TF functions (asm.js or --no-turbo) use a CheckOptimizationMarker shim which
generalises the old CompileOptimized/InOptimizationQueue builtins and also
checks the same optimization marker as CompileLazy and
InterpreterEntryTrampoline.

Change-Id: I6826bdde7ab9a919cdb6b69bc0ebc6174bcb91ae
Reviewed-on: https://chromium-review.googlesource.com/509716
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45901}
2017-06-13 12:27:40 +00:00
Ulan Degenbaev
28810a2aa6 [heap] More cctest fixes for concurrent marker.
BUG=chromium:694255

Change-Id: Ia985a00fe2193bac96057994d93718224706ca04
Reviewed-on: https://chromium-review.googlesource.com/531168
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45893}
2017-06-13 09:55:17 +00:00
Leszek Swirski
09637ab3ce [runtime] Don't count profiler ticks on Code objects
With the deprecation of Crankshaft, it's no longer necessary for
FullCodeGen to keep track of its runtime profiler ticks on the code
object, and we can instead unify the behaviour of FCG and Ignition to
both increment the SFI counter instead.

Bug: v8:6408
Change-Id: Idcdd673aa39af06fe15a0fc14dfda2afafb5e417
Reviewed-on: https://chromium-review.googlesource.com/528117
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45892}
2017-06-13 09:54:13 +00:00
Michael Starzinger
9d23ec9f69 [turbofan] Remove deoptimization support from AstGraphBuilder.
The AST-based graph builder is by now only used for asm.js code. This
change hard-codes this assumption into the compilation pipeline and
hence allows us to remove support pertaining to deoptimization from
optimized code that was not derived from bytecode.

R=jarin@chromium.org
BUG=v8:6409

Change-Id: I1138f16f663db5b9ee34e3110184067b8fcffc8b
Reviewed-on: https://chromium-review.googlesource.com/531026
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45887}
2017-06-13 08:13:31 +00:00
jing.bao
f8df405cf3 [ia32] Add pextrb/pextrw, pinsrb, pshufb/pshuflw and AVX version
Also add vpinsrw

BUG=

Review-Url: https://codereview.chromium.org/2931333002
Cr-Commit-Position: refs/heads/master@{#45883}
2017-06-13 02:06:17 +00:00
Eric Holk
51acfb044f [wasm] Do not free externalized buffers when detaching
Once a buffer has been externalized, V8 is no longer responsible for managing
the memory. The fact that V8 was freeing was leading to double free errors once
Blink's GC got around to freeing the buffer too.

Bug: chromium:730171, chromium:731046
Change-Id: Ib18a7e37cafd51bce0c5a983d5cf8f3e64eb2c13
Reviewed-on: https://chromium-review.googlesource.com/530132
Commit-Queue: Brad Nelson <bradnelson@chromium.org>
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45882}
2017-06-13 01:14:55 +00:00
Adam Klein
1c7e463962 [cleanup] Remove on-by-default --harmony-trailing-commas flag
This feature has been on by default without incident
since V8 5.8.

Bug: v8:5051
Change-Id: I1baf81922efd87e07448955147c50a5ba5a0aa42
Reviewed-on: https://chromium-review.googlesource.com/532214
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45881}
2017-06-13 00:09:23 +00:00
Mircea Trofin
b29bfffdf9 [wasm] Initialize parallel jobs with less memory.
Avoid constructing zones and large zone objects when initializing
WasmCompilationUnit. The main reason we did that is so we can cache
the CEntryStub node, which requires a code object, obtainable only
on the main thread. We need that value, however, on background threads,
which is also where we need the aforementioned large objects. We only
need that for the WasmCompilationUnits being currently compiled, which
is a number proportional to the number of background threads provided
by the embedder. Specifically, one zone is needed only for the duration
of the background compilation, while the second zone needs to survive 
past that, so the compilation results may be committed to the GC heap
as Code objects.

The problem with these large objects is that the first allocation
in a Zone is at minimum 8KB. We used to allocate 2 zones. For
modules with 200K functions, that means 3.2GB of memory pre-allocated
before any of it is actually needed.

This change attaches a Handle to the CEntryStub on the WasmCompilationUnits,
and delays zone creation to when needed. The change also adds a way to 
cache CEntryStubs in a JSGraph from a given Code handle - limited to the
scenario needed by wasm (and removable once we get wasm off the GC heap,
which subsumes removing this dependency on CEntryStubs)

An additional constraint for this change is that we want it to be easily 
back-mergeable to address chromium:723899.

For the wasm payload in question, collecting the max memory used by d8
using /usr/bin/time --format='(%Xtext+%Ddata %Mmax)', we get the 
following numbers (in KB):

- unchanged: 3307480
- patch 1: 1807140 (45% reduction)
- patch 3: 1230320 (62% reduction from first)
- patch 5/6: 519368 (84% reduction from first)

Bug: chomium:732010, chromium:723899
Change-Id: I45b96792daf8a9c8dc47d45fb52da75945a41401
Reviewed-on: https://chromium-review.googlesource.com/530193
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45880}
2017-06-12 18:29:36 +00:00
Michael Lippautz
6713a76b06 [cctest] Fix SetJitCodeEventHandler
- Remove commented out line
- Simulate full space properly, independently of flags set

Bug: 
Change-Id: I6013caae43eb40dd568fbd872eb0ee78288c61bf
Reviewed-on: https://chromium-review.googlesource.com/531084
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45874}
2017-06-12 17:04:39 +00:00
Toon Verwaest
dda2b5b1ec [runtime] Devirtualize CompilationCacheKey::HashForObject
Distinguish the compilation caches instead by the shape of the key (cow fixed
array map meaning eval or script cache). This allows us to remove the odd "key"
argument from Shrink, EnsureCapacity and Rehash.

Bug: v8:6474
Change-Id: Ibcad22813063c3a9050da13dc51359f5b59e1254
Reviewed-on: https://chromium-review.googlesource.com/531184
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45873}
2017-06-12 17:00:52 +00:00
Clemens Hammacher
07b115f854 [wasm] [cleanup] Introduce WireBytesRef struct
In many places in WasmModule and contained structs we store references
into the wire bytes as pairs of offset and length.
This CL introduces a WireBytesRef struct which encapsulates these two
connected fields. This makes it easier to pass them and assign them as
one unit.

R=ahaas@chromium.org, mtrofin@chromium.org
BUG=v8:6474

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I4f2a40d848a51dc6f6f599f9253c3c6ed6e51627
Reviewed-on: https://chromium-review.googlesource.com/530687
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45859}
2017-06-12 12:57:21 +00:00
Ulan Degenbaev
066ad18763 [heap] Disable concurrent marking for cctest that rely on manual GC.
BUG=chromium:694255

Change-Id: Ibfffc68a513511866dc4eebcf0728e51feb1a7fd
Reviewed-on: https://chromium-review.googlesource.com/530746
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45855}
2017-06-12 11:55:38 +00:00
Marja Hölttä
9a71683d9c [objects.h splitting] Move String and related classes.
BUG=v8:5402,v8:6474

Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: Id38249fe9dc88001218aa1faa1b31c9d2f9703d1
Reviewed-on: https://chromium-review.googlesource.com/528102
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45853}
2017-06-12 11:53:18 +00:00
Clemens Hammacher
6a36b2a040 [wasm] [cleanup] Remove CompileInstantiateWasmModuleForTesting
This is a testing-only function, which is semantically equivalent to a
SyncCompile followed by SyncInstantiate.
We add a new SyncCompileAndInstantiate function to do those two steps
in one go, and use this method instead.
For AsmJs modules, a new testing function CompileAndRunAsmWasmModule is
introduced.

This is part of our effort to reduce the number of special paths for
testing. It is connected with
https://chromium-review.googlesource.com/529210, but should not
conflict with it.
After landing both CLs, we can later also get rid of
InstantiateModuleForTesting.

R=ahaas@chromium.org, mtrofin@chromium.org
BUG=v8:6474

Change-Id: I7891e968370d5eb68803076ce2639c65a2799dcc
Reviewed-on: https://chromium-review.googlesource.com/529844
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45852}
2017-06-12 11:52:13 +00:00
Jakob Gruber
0a355777c3 [cleanup] Remove duplicate Callable accessors from CodeFactory
Callables for TF builtins are autogenerated and accessible through
Builtins::CallableFor.  This removes the manually written accessors from
CodeFactory.

Bug: v8:6474,v8:5737
Change-Id: I9d8dec97995471c1bb258147220c190bf72e5de8
Reviewed-on: https://chromium-review.googlesource.com/530745
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45839}
2017-06-12 09:24:17 +00:00
jing.bao
6d18ae2589 [ia32][wasm] Support AVX instructions for I32x4Splat/ReplaceLane/ExtractLane
Add vpinsrd, vpextrd, vmovd. Supplement pshufd and add vpshufd.
Add Movd and Pshufd macro. Add AVX support to Pextrd.
Fix disassembler to recognize "pinsrd/pextrd xmm,[mem],imm8".

BUG=

Review-Url: https://codereview.chromium.org/2916093002
Cr-Commit-Position: refs/heads/master@{#45833}
2017-06-12 01:57:05 +00:00
Clemens Hammacher
be1135132a [wasm] [cleanup] Avoid shouting WASM
This CL removes most occurences of "WASM" from outputs and comments in
the code. They are replaced either by "WebAssembly" or (especially in
comments) "wasm". These are the spellings officially proposed on
http://webassembly.org/.

R=ahaas@chromium.org
BUG=v8:6474

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Id39fa5e25591678263745a4eab266db546e65983
Reviewed-on: https://chromium-review.googlesource.com/529085
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45824}
2017-06-09 16:24:19 +00:00
Jakob Kummerow
e5a4275d8c [cleanup] Remove unnecessary entries in cctest.status
BUG=v8:6474

Change-Id: Ic2548b5d80d3208271d34080c3d06acd1078fe75
Reviewed-on: https://chromium-review.googlesource.com/528106
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45823}
2017-06-09 16:05:09 +00:00
Daniel Ehrenberg
0d70437942 [parser] Remove an overzealous syntax error check
In some [1] cases where a lexical declaration is not allowed, ASI will
cause a `let` at the end of a line to be interpreted as an
identifier. A recent patch [2] to fix up the error messages from
misplaced `let` usage was a little overzealous in triggering
the error, throwing a SyntaxError in this edge case. This patch
restores the ASI behavior, which is permitted in JSC and
SpiderMonkey as well. Thanks to a test262 test from Andre Bargull
for raising this issue.

[1] https://tc39.github.io/ecma262/#sec-expression-statement
[2] https://codereview.chromium.org/2697193007

Bug: v8:3305
Change-Id: I80ae8ad9a8a93389ff1003323f0d3f003e7a8c8e
Reviewed-on: https://chromium-review.googlesource.com/529225
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Daniel Ehrenberg <littledan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45817}
2017-06-09 13:41:28 +00:00
Wiktor Garbacz
f4f723e818 [parsing] Fix past the end position for streaming streams.
Also, as this is hard to track down, always DCHECK position after ReadBlock().

Change-Id: Ie32c3a311dd8df91f651b6d82ccacc7c95e6fde0
Reviewed-on: https://chromium-review.googlesource.com/528196
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45811}
2017-06-09 11:35:24 +00:00
Alexandre Talon
8edef78d4d [ignition] Fix register flushing performance issue
In some codes flushing the registers was costly: we processed each
register whereas all the registers alone in their equivalence class need
not to be processed. We now overapproximate easily which classes are of
size 2 so as to save many iterations in the Flush() loop in some cases.

Bug: v8:6432
Change-Id: I945e151736e8a515263ac76312127d930fd20d74
Reviewed-on: https://chromium-review.googlesource.com/525795
Commit-Queue: Alexandre Talon <alexandret@google.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45805}
2017-06-09 09:58:15 +00:00
Michael Starzinger
c0bf6ee331 [compiler] Unplug Crankshaft from compilation pipeline.
This removes the ability of the compilation pipeline to invoke the
Crankshaft optimizing compiler for JavaScript functions. Note that in
this state Crankshaft can still be used to compile code stubs.

R=rmcilroy@chromium.org
BUG=v8:6408

Change-Id: I0bec7c8ec7c705c13257df43796403a228ea631c
Reviewed-on: https://chromium-review.googlesource.com/527443
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45803}
2017-06-09 09:26:47 +00:00
Daniel Ehrenberg
38a3e0741b [parser] Allow multiple labels for function declarations
In sloppy mode, allow multiply labelled function declarations, such as

a: b: function c() {}

Such a form is allowed by the specification, as well as ChakraCore,
SpiderMonkey and JSC (though ChakraCore because it doesn't enforce
any lexical label restrictions.)

Thanks to Andre Bargull for adding the test262 test which caught the bug.

Change-Id: I2d3f172830c2e63252f00afa03177a7d17d79a27
Reviewed-on: https://chromium-review.googlesource.com/527639
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Daniel Ehrenberg <littledan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45802}
2017-06-09 09:06:37 +00:00
Michael Starzinger
4e86ae8c2c Decouple the --ignition from the --turbo flag.
Both Ignition and TurboFan have been enabled by default for a while.
This just disentangles the implication between those two flags and sets
the --ignition individually. They can now be controlled individually.

R=rmcilroy@chromium.org
BUG=v8:6408

Change-Id: I08eca85120160efa5868b5ca36d1613964ed82eb
Reviewed-on: https://chromium-review.googlesource.com/527637
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45800}
2017-06-09 08:04:39 +00:00
bbudge
381f7da02c [WASM] Eliminate SIMD boolean vector types.
- Eliminates b1x4, b1x8, and b1x16 as distinct WASM types.
- All vector comparisons return v128 type.
- Eliminates b1xN and, or, xor, not.
- Selects take a v128 mask vector and are now bit-wise.
- Adds a new test for Select, where mask is non-canonical (not 0's and -1's).

LOG=N
BUG=v8:6020

Review-Url: https://codereview.chromium.org/2919203002
Cr-Commit-Position: refs/heads/master@{#45795}
2017-06-08 20:54:32 +00:00
sampsong
ae947e26fe PPC/s390: [compiler] Delay allocation of code-embedded heap numbers.
Port 659e8f7b5c

Original Commit Message:

    Instead of allocating and embedding certain heap numbers into the code
    during code assembly, emit dummies but record the allocation requests.
    Later then, in Assembler::GetCode, allocate the heap numbers and patch
    the code by replacing the dummies with the actual objects. The
    RelocInfos for the embedded objects are already recorded correctly when
    emitting the dummies.

R=neis@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, bjaideep@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:6048
LOG=N

Review-Url: https://codereview.chromium.org/2929843002
Cr-Commit-Position: refs/heads/master@{#45793}
2017-06-08 17:41:56 +00:00
Ross McIlroy
2c296b7eb3 [TurboFan] Add typing for the EmptyString and use this for JSToPrimitiveToString
Add the ability for the typer to track whether a string could be the empty
string. This is needed for typed lowering of JSStringConcat since we can't
create cons string chain with the empty string in arbitrary positions.

The ToPrimitiveToString bytecode handler is modified to collect feedback on
whether it has ever seen the empty string, which is used by
SpeculativeToPrimitiveToString to ensure that the output is non-empty (or
depot) which will subsiquently be used to enable inline cons-string creation
for the JSStringConcat operator in typed lowering in a subsiquent CL.

BUG=v8:6243

Change-Id: I41b99b59798993f756aada8cff90fb137d65ea52
Reviewed-on: https://chromium-review.googlesource.com/522122
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45786}
2017-06-08 09:51:26 +00:00
Michael Starzinger
e5fb221d55 [test] Deprecate and remove 'noturbofan' test variant.
The variant in question was intended to test Crankshaft, which is being
deprecated. Note that the variants 'nooptimization' and 'fullcode' still
test configuration where TurboFan is not active.

R=machenbach@chromium.org
BUG=v8:6408

Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: I587c3eee7ba511dfc270aab66b546d2532bc635f
Reviewed-on: https://chromium-review.googlesource.com/528133
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45785}
2017-06-08 09:48:36 +00:00
Toon Verwaest
3eabf5a529 [runtime] Drop PrototypeOptimizationMode to unify prototype handling
Don't treat new prototypes differently depending on how they become a
prototype. This is work towards always keeping prototypes in slow-mode.


Bug: v8:6471
Change-Id: I62de1018e21d91fda3a5da044615f32c718910b1
Reviewed-on: https://chromium-review.googlesource.com/526596
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45781}
2017-06-08 08:00:37 +00:00
Eric Holk
8f39e07d80 Add allocation information to ArrayBuffer::Contents
Array buffers can now have an allocation that is larger than the actual
buffer, such as when WebAssembly guard regions are enabled. Embedders
need to know the actual allocation start and length when externalizing
a buffer so they can deallocate it properly.

Bug: chromium:720302, v8:5277
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Ifc184fdd59d77af01c07a64d2c0229ca859a01b0
Reviewed-on: https://chromium-review.googlesource.com/523271
Commit-Queue: Eric Holk <eholk@chromium.org>
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45777}
2017-06-08 02:51:13 +00:00
Michael Starzinger
18d82682d1 [test] Remove dead and unmaintained test variants.
The two variants "turbofan" and "turbofan_opt" are not part of any of
the default sets of variants that run-tests.py uses. The only way to
trigger execution would be via the --variants flag directly, which our
infrastructure is not doing.

R=machenbach@chromium.org

Change-Id: Ifa58cb4a83a3760ffba73e8b40b417a845f53506
Reviewed-on: https://chromium-review.googlesource.com/526637
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45772}
2017-06-07 15:57:56 +00:00
jarin
b543c2daba [interpreter] Make sure allocated registers are always materialized in the register optimizer.
BUG=chromium:729369

Review-Url: https://codereview.chromium.org/2926063002
Cr-Commit-Position: refs/heads/master@{#45770}
2017-06-07 15:39:56 +00:00
Ross McIlroy
f2cd359ac9 [TurboFan] Speculatively lower ToPrimitiveToString to CheckString.
Adds support for Speculatively lower ToPrimitiveToString to CheckString
where the type hint shows the value has always been a string.

BUG=v8:6243

Change-Id: I7f36deb8c2bc309e6d0546e099c76ac518c6be09
Reviewed-on: https://chromium-review.googlesource.com/521123
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45760}
2017-06-07 12:55:36 +00:00
Ross McIlroy
fdfb8c9efb [TurboFan] Add support for generic lowering of StringConcat bytecode.
Adds support for lowering of ToPrimitiveToString and StringConcat bytecodes
to the corresponding builtins. As part of this, moves the interpreter
implementation of these operations into the appropriate builtin generators
and add builtin support for them.

Also adds TailCallRuntimeN operator to code-assembler which enables tail calling
a runtime function when the arguments have already been pushed onto the stack.

BUG=v8:6243

Change-Id: Id5c851bc42e4ff490d9a23a8990ae331c7eac73e
Reviewed-on: https://chromium-review.googlesource.com/515362
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45756}
2017-06-07 11:46:55 +00:00
Marja Hölttä
4ca7022295 Revert "Reland [parser] Refactor streaming scanner streams."
This reverts commit 7fa071a48b.

Reason for revert: https://bugs.chromium.org/p/chromium/issues/detail?id=729482

Original change's description:
> Reland [parser] Refactor streaming scanner streams.
> 
> Unify, simplify logic, reduce UTF8 specific handling.
> 
> Intend of this is also to have stream views.
> Stream views can be used concurrently by multiple threads, but
> only one thread may fetch new data from the underlying source.
> This together with unified stream view creation is intended to be
> used for parse tasks.
> 
> BUG=v8:6093
> 
> Change-Id: I3bce48185fa2c986d16619a9a8ece3ff4c4f5e60
> Reviewed-on: https://chromium-review.googlesource.com/509489
> Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Commit-Queue: Wiktor Garbacz <wiktorg@google.com>
> Cr-Commit-Position: refs/heads/master@{#45688}

TBR=marja@chromium.org,vogelheim@chromium.org,wiktorg@google.com
# Not skipping CQ checks because original CL landed > 1 day ago.
BUG=v8:6093

Change-Id: Iefa7c43a2f6ae3a7f3ef0f77d87b6ae36ae4be99
Reviewed-on: https://chromium-review.googlesource.com/525712
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45725}
2017-06-06 11:42:30 +00:00
Dusan Simicic
1b5efa26ca MIPS[64]: Skip WASM SIMD tests
For now skip WASM SIMD tests that fail when MIPS SIMD extension
is not available. Turn on these tests again when simd scalar lowering
mechanism supports all WASM SIMD operations.

Bug: 
Change-Id: I4589680147c04716ed66680aaa06639f4f2452d0
Reviewed-on: https://chromium-review.googlesource.com/524082
Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com>
Reviewed-by: Miran Karić <Miran.Karic@imgtec.com>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com>
Cr-Commit-Position: refs/heads/master@{#45721}
2017-06-06 09:55:35 +00:00
Mythri
c360c6a1d0 [Interpreter] Introduce bytecodes that check for hole and throw.
Introduces ThrowReferenceErrorIfHole / ThrowSuperNotCalledIfHole 
/ ThrowSuperAlreadyCalledIfNotHole bytecodes to handle hole checks.
In the bytecode-graph builder they are handled by introducing a deopt point
instead of adding explicit control flow. JumpIfNotHole / JumpIfNotHoleConstant
bytecodes are removed since they are no longer required.


Bug: v8:4280, v8:6383
Change-Id: I58b70c556b0ffa30e41a0cd44016874c3e9c5fe1
Reviewed-on: https://chromium-review.googlesource.com/509613
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45720}
2017-06-06 09:41:31 +00:00
jarin
7fa77063cf Move generator-close on exception from the generator function to the GeneratorResume builtin.
The change also moves creation of the iterator result from the parser to the bytecode generator.

Unfortunately, async generators will stay on the old scheme (try-finally around generator body) because I am not exactly sure how they work.

Review-Url: https://codereview.chromium.org/2917263002
Cr-Commit-Position: refs/heads/master@{#45713}
2017-06-05 19:54:14 +00:00
Adam Klein
b58439238b [generators] Remove generator_object_ member from Suspend AST node
Now that the BytecodeGenerator has a dedicated register holding
the generator object, BytecodeGenerator::VisitSuspend can
access the generator directly from that register. This reduces
by one the number of live registers at each suspend point.

Bug: v8:6351, v8:6460
Change-Id: I380a9d2bd8ca7eec6720e5392c1ca07dd0df0e2d
Reviewed-on: https://chromium-review.googlesource.com/522982
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45710}
2017-06-05 18:11:02 +00:00
Leszek Swirski
0ef0fc50b1 [ignition] Use jump table for generator resume mode
Bug: v8:6351
Change-Id: Iad82fcfb4172d7a9cbadffa1e40fd1cd26866895
Reviewed-on: https://chromium-review.googlesource.com/521107
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45705}
2017-06-05 13:52:07 +00:00
Wiktor Garbacz
7fa071a48b Reland [parser] Refactor streaming scanner streams.
Unify, simplify logic, reduce UTF8 specific handling.

Intend of this is also to have stream views.
Stream views can be used concurrently by multiple threads, but
only one thread may fetch new data from the underlying source.
This together with unified stream view creation is intended to be
used for parse tasks.

BUG=v8:6093

Change-Id: I3bce48185fa2c986d16619a9a8ece3ff4c4f5e60
Reviewed-on: https://chromium-review.googlesource.com/509489
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Wiktor Garbacz <wiktorg@google.com>
Cr-Commit-Position: refs/heads/master@{#45688}
2017-06-02 13:50:08 +00:00
Toon Verwaest
1e813e5341 Reland "[runtime] Pass global proxy as receiver to native accessors in case of contextual access"
Based on past discussions I'm going to try to reland this change. This makes window.document and document behave the same after navigation, which is a change from what the spec says. If this works out though, it would greatly simplify the spec; and fix the fact that currently it's leaking the underlying global object, which we don't want for security and object-identity reasons.

Bug: chromium:713732
Change-Id: I5ce89afb46349ff92b7f5a884a7c388fcff887bf
Reviewed-on: https://chromium-review.googlesource.com/522605
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45678}
2017-06-02 12:21:33 +00:00
jarin
f0645612c4 This is a first step towards reducing the number of stores/loads when suspending/resuming a generator.
Unfortunately, even for an empty generator, we still use 8 register for various things (try-finally, copies of generator object, parser-introduced temporaries). I will try to get rid of these in separate CLs.

Changes:

- SuspendGenerator bytecode now takes register list to save.
- ResumeGenerator was split into two bytecodes:
  * Resume generator reads the state out and marks the generator as
      'executing'.
  * RestoreGeneratorRegisters reloads the registers from
      the generator.
    + this required adding support for output register list.

- Introduced generator_object_ register in the bytecode generator.
  * in subsequent CLs, I will make better use of it, the goal is
      to get rid if the .generator_object local variable.

- Taught register optimizer to flush unassigned registers.

BUG=v8:6379

Review-Url: https://codereview.chromium.org/2894293003
Cr-Commit-Position: refs/heads/master@{#45675}
2017-06-02 11:55:48 +00:00
dusan.simicic
3e3dbdf3e5 MIPS[64]: Support for some SIMD operations (8)
Add support for S1x4And, S1x4Or, S1x4Xor, S1x4Not, S1x4AnyTrue,
S1x4AllTrue, S1x8And, S1x8Or, S1x8Xor, S1x8Not, S1x8AnyTrue,
S1x8AllTrue, S1x16And, S1x16Or, S1x16Xor, S1x16Not, S1x16AnyTrue,
S1x16AllTrue, SimdLoad, SimdStore operations for mips32 and mips64
architectures.

BUG=

Review-Url: https://codereview.chromium.org/2801683003
Cr-Commit-Position: refs/heads/master@{#45662}
2017-06-01 13:25:50 +00:00
Michael Achenbach
c588bf858f Revert "Reland "[runtime] Pass global proxy as receiver to native accessors in case of contextual access""
This reverts commit ba8a753947.

Reason for revert: A layout test is unhappy:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/16010

Original change's description:
> Reland "[runtime] Pass global proxy as receiver to native accessors in case of contextual access"
> 
> Based on past discussions I'm going to try to reland this change. This makes window.document and document behave the same after navigation, which is a change from what the spec says. If this works out though, it would greatly simplify the spec; and fix the fact that currently it's leaking the underlying global object, which we don't want for security and object-identity reasons.
> 
> Bug: chromium:713732
> Change-Id: I835ef510fc78f04c602434a7cec6420e027c4012
> Reviewed-on: https://chromium-review.googlesource.com/520764
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Kentaro Hara <haraken@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#45654}

TBR=haraken@chromium.org,verwaest@chromium.org
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:713732

Change-Id: Iecde1cd855c21efa73939bbfbff0c26540ee2d98
Reviewed-on: https://chromium-review.googlesource.com/521045
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45659}
2017-06-01 12:26:47 +00:00
Toon Verwaest
ba8a753947 Reland "[runtime] Pass global proxy as receiver to native accessors in case of contextual access"
Based on past discussions I'm going to try to reland this change. This makes window.document and document behave the same after navigation, which is a change from what the spec says. If this works out though, it would greatly simplify the spec; and fix the fact that currently it's leaking the underlying global object, which we don't want for security and object-identity reasons.

Bug: chromium:713732
Change-Id: I835ef510fc78f04c602434a7cec6420e027c4012
Reviewed-on: https://chromium-review.googlesource.com/520764
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45654}
2017-06-01 09:07:50 +00:00
Michael Lippautz
c375a548d2 [heap] Add retained size counter to array buffer tracking
Bug: 
Change-Id: If4a5408f8ff63a8a2b189f60fda37896a9403d3d
Reviewed-on: https://chromium-review.googlesource.com/519386
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45646}
2017-05-31 18:36:24 +00:00
jgruber
d3371c23cb [debug] Untangle DebugInfo from break point support
DebugInfo was very closely tied to break point support:
* It contained only information relevant to break points.
* It was created and freed by break point implementation.
* Existence of a DebugInfo on the shared function info implied existence of
  break points.

This CL is a step towards making DebugInfo usable by other debugging
functionality such as block coverage by decoupling it from break point support,
which is now only one kind of information stored on the DebugInfo object.

BUG=v8:6000

Review-Url: https://codereview.chromium.org/2909893002
Cr-Commit-Position: refs/heads/master@{#45640}
2017-05-31 14:26:58 +00:00
Clemens Hammacher
45618a9ab5 [wasm] Make prototype flags experimental
Most prototype implementations are not fully supported in the
interpreter. This is the case at least for exception handling, simd, and
atomics. Any function can be redirected to the interpreter though,
either by passing --wasm-interpret-all, or by dynamically redirecting to
the interpreter for debugging.
Making the flags experimental keeps the fuzzer from playing around with
these flags.

Drive-by: Refactor tests which explicitly set the prototype flag to use
a new scope for that.

R=ahaas@chromium.org
BUG=chromium:727584

Change-Id: I67da79f579f1ac93c67189afef40c6524bdd4430
Reviewed-on: https://chromium-review.googlesource.com/519402
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45639}
2017-05-31 14:18:08 +00:00
neis
659e8f7b5c [compiler] Delay allocation of code-embedded heap numbers.
Instead of allocating and embedding certain heap numbers into the code
during code assembly, emit dummies but record the allocation requests.
Later then, in Assembler::GetCode, allocate the heap numbers and patch
the code by replacing the dummies with the actual objects. The
RelocInfos for the embedded objects are already recorded correctly when
emitting the dummies.

R=jarin@chromium.org
BUG=v8:6048

Review-Url: https://codereview.chromium.org/2900683002
Cr-Commit-Position: refs/heads/master@{#45635}
2017-05-31 14:00:11 +00:00
martyn.capewell
fc3f29d329 Reland of Reland of "ARM64: Add NEON support"
This reverts commit c5aad5f284
The CL was reverted due to missing Chromium dependencies.

This commit removes the simulator trace-based tests, and the associated header file dependencies, previously pulled in by DEPS. The NEON support now has only hand-written tests, in test-assembler-arm64.cc. The remaining tests can be added in a later patch.

BUG=chromium:718439

Original issue's description:
> Reland "ARM64: Add NEON support"
>
> This reverts commit cc047635ff.
> The CL was reverted due to a missing DEPS mirror.
>
> Original issue's description:
> > ARM64: Add NEON support
> >
> > Add assembler, disassembler and simulator support for NEON in the ARM64 backend.
> >
> > BUG=
> >
> > Review-Url: https://codereview.chromium.org/2622643005
> > Cr-Commit-Position: refs/heads/master@{#44306}
>
> BUG=
>
> Review-Url: https://codereview.chromium.org/2812573003
> Cr-Commit-Position: refs/heads/master@{#44652}

Review-Url: https://codereview.chromium.org/2896303003
Cr-Commit-Position: refs/heads/master@{#45633}
2017-05-31 13:58:43 +00:00
Ulan Degenbaev
d8a42e4c09 [runtime] Change backing store of LayoutDescriptor to ByteArray.
BUG=v8:6277

Change-Id: I80314e6c5146e1f5021d07081b9eda3da5da6834
Reviewed-on: https://chromium-review.googlesource.com/518047
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45632}
2017-05-31 13:58:31 +00:00
jgruber
f710ba94b6 [builtins] Begin removing CodeFactory accessors
BUG=v8:5737

Review-Url: https://codereview.chromium.org/2913783002
Cr-Commit-Position: refs/heads/master@{#45629}
2017-05-31 12:40:13 +00:00
Alexey Kozyatinskiy
6f69e3ceca [inspector] removed break location right before suspension in async function
In current implementation in expressions like await foo() we have break location right after foo call and before actual await.
And we additionally have a lot of other statement locations because of do scope.

Let's move async debugging closer to sync debugging and introduce only one break location for await - before awaited function call.

Bug: v8:6425,v8:6162
Change-Id: I7568767856022c49101e7f3b7e39a2e401d21644
Reviewed-on: https://chromium-review.googlesource.com/514046
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45625}
2017-05-31 12:15:09 +00:00
dusan.simicic
f87271ccd0 MIPS[64]: Implement insert.df and I8 instructions in simulator
Add support for insert.df, andi.b, ori.b, nori.b, xori.b,
bmnzi.b, bmzi.b, bseli.b, shf.df MSA instructions in mips32
and mips64 simulator.

BUG=

Review-Url: https://codereview.chromium.org/2908753002
Cr-Commit-Position: refs/heads/master@{#45620}
2017-05-31 09:34:46 +00:00
Marja Hölttä
06f05ec231 [parser] Skipping inner funcs: make more functions skippable.
- Enable aggressive lazy inner funcs (make non-declaration funcs lazy, ie let f =
  function() { ... } when --experimental-preparser-scope-analysis is on.
- Turn on variable tracking for lazy top level functions: this makes their inner
  functions skippable.
- Test fix for an testing bug uncovered by this work: when restoring the data
  for the relevant scope, don't assume it's the outermost scope for which we
  have data.
- Fix: if we abort lazy parsing a function, we shouldn't produce any data for
  it.

BUG=v8:5516

Change-Id: I0606fbabb5886dc57dbb53ab5f3fb894ff5d032e
Reviewed-on: https://chromium-review.googlesource.com/518165
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45615}
2017-05-31 07:49:55 +00:00
Jochen Eisinger
d41fe9f592 Replace PREPARE_FOR_EXECUTION_WITH_CONTEXT_IN_RUNTIME_CALL_STATS_SCOPE
Use the appropriate ENTER_V8* macros instead

BUG=v8:5830
R=marja@chromium.org

Change-Id: I85d7ae69830f6bad4f7057c4a646906846a1baa0
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/517793
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45612}
2017-05-30 17:37:41 +00:00
Aleksey Kozyatinskiy
fb6a094db5 [inspector] moved var initialization break location before init expression (reland)
This CL improves break locations for expressions like 'var a = <expr>'. Without CL we use <expr> position as break location for initialization statement, with this CL we use position of first character after '=' as position.
Benefits (see test for details):
 - only one break in expressions which includes mix of property lookup and calls, e.g. var p = Promise.resolve().then(x => x * 2),
 - removed redundant break location for expressions like: let { x, y } = { x: 1, y: 2}.
 
TBR=dgozman@chromium.org,rmcilroy@chromium.org,machenbach@chromium.org,marja@chromium.org,kozyatinskiy@chromium.org,devtools-reviews@chromium.org,v8-reviews@googlegroups.com
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:5909

Change-Id: Ie84fa79afeed09e28cf8478ba610a0cfbfdfc294
Reviewed-on: https://chromium-review.googlesource.com/518116
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45598}
2017-05-30 12:54:49 +00:00
ulan
23cc6be3fc Rename "NoBarrier" memory operations to "Relaxed".
This is consistent with C++ memory model and avoids confusion with GC
write barrier.

BUG=

Review-Url: https://codereview.chromium.org/2912773002
Cr-Commit-Position: refs/heads/master@{#45584}
2017-05-30 07:44:37 +00:00
kschimpf
2a9965bd0e Move StatsTable into the Counters class.
By moving StatsTable from class Isolate to class Counters, it make the
class StatsTable thead safe. This is needed because these two classes
call each other, and for background compilation, instances of the
Counters class can persist longer that the corresponding Isolate it
came from.

It also removes unnecessary hops to the the Isolate, and checks if the
StatsTable has been created, for these communications.

BUG=v8:6361

Review-Url: https://codereview.chromium.org/2906063002
Cr-Commit-Position: refs/heads/master@{#45576}
2017-05-29 18:18:25 +00:00
ulan
b853d7fbb3 [heap] Fix a missing write barrier in Heap::Allocate.
BUG=

Review-Url: https://codereview.chromium.org/2906313002
Cr-Commit-Position: refs/heads/master@{#45571}
2017-05-29 15:03:50 +00:00
ulan
bc32a0a78f [heap] Disable concurrent marking for cctests that rely on manual GC.
BUG=chromium:694255

Review-Url: https://codereview.chromium.org/2910933002
Cr-Commit-Position: refs/heads/master@{#45570}
2017-05-29 14:43:05 +00:00
Marja Hölttä
b90c98fc29 [objects.h splitting] Move SharedFunctionInfo.
BUG=v8:5402

Change-Id: If5f763e6a11d446e36719277a18b00a0cd8df8fa
Reviewed-on: https://chromium-review.googlesource.com/517162
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45565}
2017-05-29 14:03:48 +00:00
Camillo Bruni
e822488d76 [runtime] Directly support double values in CloneShallowObjectLiteral
Bug: v8:6211
Change-Id: If6d2ef7889ae6a0c3aa430d3f69c53f19cc1f1c6
Reviewed-on: https://chromium-review.googlesource.com/509571
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45563}
2017-05-29 13:27:17 +00:00
Jochen Eisinger
68aa1ab388 Update module APIs to return Maybe<bool>
All APIs that can throw exceptions should return Maybe<> values

BUG=none
R=neis@chromium.org,gsathya@chromium.org

Change-Id: I6a6e5888cd71257bb02bdcfcc587c909d0c1d8f4
Reviewed-on: https://chromium-review.googlesource.com/517785
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45557}
2017-05-29 12:29:43 +00:00
ulan
75e679113b [heap] Add --stress-incremental-marking flag.
BUG=

Review-Url: https://codereview.chromium.org/2900603004
Cr-Commit-Position: refs/heads/master@{#45553}
2017-05-29 11:06:13 +00:00
Michael Achenbach
0a1cad371e [test] Deprecate timeout test expectations
Tests should instead be skipped or fixed.

Existing timeout expectations are either optimistically deleted or replaced by the SLOW keyword.

Change-Id: Ic43f52bf18d0702674c95f9263a109041a1c9cd8
Reviewed-on: https://chromium-review.googlesource.com/518122
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45552}
2017-05-29 10:38:55 +00:00
Sathya Gunasekaran
f4664d0257 [runtime] Implement SmallOrderedHashTable
Implements the Allocate, Add, and HasKey operations. Also, adds GC
support for this new instance type.

Bug: v8:6443
Change-Id: I1cc7ba2faead2a11f7b0381a57858629e123aee6
Reviewed-on: https://chromium-review.googlesource.com/500447
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45551}
2017-05-29 10:04:22 +00:00
Ilija.Pavlovic
aa0c8dcc18 Fix test OneByteArrayJoin.
The test OneByteArrayJoin failed on MIPS64 in debug mode after
https://chromium-review.googlesource.com/c/489946/ with error messages
"allocation failure GC in old space requested" and
"Fatal javascript OOM in CALL_AND_RETRY_LAST". Successful test execution
is possible on two ways: with flag --max_old_space_size=7 or with
modification in the test (constraints.set_max_old_space_size(7)).

TEST=cctest/test-strings/OneByteArrayJoin
BUG=

Review-Url: https://codereview.chromium.org/2907803002
Cr-Commit-Position: refs/heads/master@{#45548}
2017-05-29 08:30:50 +00:00
Michael Achenbach
ee1db48cc3 Revert "[inspector] moved var initialization break location before init expression"
This reverts commit 7a9cc70492.

Reason for revert: Changes layout tests:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/15882

This is about:
inspector/sources/debugger/source-frame-inline-breakpoint-decorations.html

Original change's description:
> [inspector] moved var initialization break location before init expression
> 
> This CL improves break locations for expressions like 'var a = <expr>'. Without CL we use <expr> position as break location for initialization statement, with this CL we use position of first character after '=' as position.
> Benefits (see test for details):
> - only one break in expressions which includes mix of property lookup and calls, e.g. var p = Promise.resolve().then(x => x * 2),
> - removed redundant break location for expressions like: let { x, y } = { x: 1, y: 2}.
> 
> Bug: v8:5909
> Change-Id: I039d911903a2826c9859710a63ab0462c992e11b
> Reviewed-on: https://chromium-review.googlesource.com/513926
> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#45530}

TBR=dgozman@chromium.org,marja@chromium.org,kozyatinskiy@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:5909

Change-Id: Ibf84401e8050d3c84db219d983de2c6bba0f697f
Reviewed-on: https://chromium-review.googlesource.com/518102
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45547}
2017-05-29 07:03:23 +00:00
Alexey Kozyatinskiy
7a9cc70492 [inspector] moved var initialization break location before init expression
This CL improves break locations for expressions like 'var a = <expr>'. Without CL we use <expr> position as break location for initialization statement, with this CL we use position of first character after '=' as position.
Benefits (see test for details):
- only one break in expressions which includes mix of property lookup and calls, e.g. var p = Promise.resolve().then(x => x * 2),
- removed redundant break location for expressions like: let { x, y } = { x: 1, y: 2}.

Bug: v8:5909
Change-Id: I039d911903a2826c9859710a63ab0462c992e11b
Reviewed-on: https://chromium-review.googlesource.com/513926
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45530}
2017-05-25 14:51:17 +00:00
dusan.simicic
1f06818739 MIPS[64]: Implement fill.df, copy_u.df, copy_s.df instructions in simulator
- Increase FPUregisters_[] element size to 128b in order to support MSA regs
- Add skeleton for MSA instr. decoding in mips32 and mips64 simulator
- Add support for fill.df, copy_u.df and copy_s.df MSA instructions
- Assembler test for fill.df, copy_u.df and copy_s.df

BUG=

Review-Url: https://codereview.chromium.org/2799923002
Cr-Commit-Position: refs/heads/master@{#45529}
2017-05-25 14:51:07 +00:00
Ross McIlroy
c68df4110d [Interpreter] Allocate context registers as temporary registers.
Rather than trying to pre-calculate the number of contexts required during
scope analysis, instead just allocate context registers in the register
allocator. This reduces frame size a bit due to reusing of registers when
the context isn't pushed.

 BUG=v8:6322, chromium:716265

Change-Id: I145e38fcb3797a3b86c91e90ea9326a6e55b9b89
Reviewed-on: https://chromium-review.googlesource.com/514087
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45522}
2017-05-24 17:12:02 +00:00
jarin
a957b0f424 Make non-Module generators only context allocate parameters.
In particular, local variables should be allocated on stack (in bytecode register), and stored/loaded to the generator object on generator suspend/resume.

The CL is based on @adamk's change to scoping/parsers (https://chromium-review.googlesource.com/c/498538/), I only made the debugger cope with this change.

I should note that the CL changes the scope type of suspended generators from ScopeType.Closure to ScopeType.Local. In the future we might want to introduce ScopeType.SuspendedGenerator to make the distinction explicit.

Some of the changes in the tests have been made because the debugger functions do not return scopes of closed generators anymore. Generators should be allowed to throw away their internal state when they finish.

BUG=v8:6368

Review-Url: https://codereview.chromium.org/2898163002
Cr-Commit-Position: refs/heads/master@{#45515}
2017-05-24 13:54:57 +00:00
dusan.simicic
a8421ddd50 MIPS[64]: Support for some SIMD operations (7)
Add support for I8x16Add, I8x16AddSaturateS, I8x16Sub, I8x16SubSaturateS,
I8x16Mul, I8x16MaxS, I8x16MinS, I8x16Eq, I8x16Ne, I8x16LtS,
I8x16LeS, I8x16ShrU, I8x16AddSaturateU, I8x16SubSaturateU, I8x16MaxU,
I8x16MinU, I8x16LtU, I8x16LeU, S128And, S128Or, S128Xor, S128Not for
mips32 and mips64 architectures.

BUG=

Review-Url: https://codereview.chromium.org/2798853003
Cr-Commit-Position: refs/heads/master@{#45512}
2017-05-24 13:18:14 +00:00
kozyatinskiy
fb78710c06 [inspector] removed call break location from for-of loop
There are two break locations at the same source location by desugaring:
- call iterator.next,
- before variable assignment.

Additionally location for for..of loops is moved from before "of" to before each variable expression.

We should not report first implicit call to avoid user confusion. User still able to go into .next function with both scenarios:
- when this call is reached by stepOver or stepInto from previous line,
- when this call is reached because of breakpoint at current line.

BUG=v8:6425
R=dgozman@chromium.org,jgruber@chromium.org

Review-Url: https://codereview.chromium.org/2893313002
Cr-Commit-Position: refs/heads/master@{#45509}
2017-05-24 12:12:53 +00:00
Peter Marshall
14fa66b7a3 [turbofan] Add SeqStringCharCodeAt operation.
Add a sequential string type to the compiler, and transform
charCodeAt on SeqString into SeqStringCharCodeAt.

SeqStringCharCodeAt can handle one and two byte strings.

Bug: v8:6391
Change-Id: I2785257522c28f3b268c9833f5313e9630cb982a
Reviewed-on: https://chromium-review.googlesource.com/509573
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45508}
2017-05-24 11:59:52 +00:00
Michael Starzinger
02fee655b3 [interpreter] Avoid redundant {PopContext} instructions.
This avoids emitting redundant {PopContext} bytecode instructions when
non-local control-flow leaves the method body. It also folds multiple
such {PopContext} instructions into one, in case several scoping levels
are crossed at one. Only the expected context of the target of a local
control-flow transfer matters.

R=rmcilroy@chromium.org
TEST=debugger/regress/regress-crbug-724858
BUG=chromium:724858

Change-Id: Id4a47ae9fea25e75ae1af13619720b16a3975edf
Reviewed-on: https://chromium-review.googlesource.com/512545
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45507}
2017-05-24 11:58:47 +00:00
Miran.Karic
cc1aae2812 MIPS64: Add optimizations to li macro.
A number of improvements in mips64 load immediate macro is added per
suggestions from MIPS ART team. Also fix Subu and Dsubu macro, add a
test for Subu and Dsubu and make minor code adjustments.

BUG=
TEST=cctest/test-assembler-mips/li_macro
     cctest/test-assembler-mips/Subu
     cctest/test-assembler-mips/Dsubu

Review-Url: https://codereview.chromium.org/2892163002
Cr-Commit-Position: refs/heads/master@{#45493}
2017-05-23 16:01:41 +00:00
Sathya Gunasekaran
aca3c14f15 [collections] Port Map constructor to CSA
Bug: v8:5717, v8:6354
Change-Id: I4be80eabcb0f98446e695a2ab1ad5804b7181ac7
Reviewed-on: https://chromium-review.googlesource.com/506818
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45489}
2017-05-23 13:21:47 +00:00
Tobias Tebbi
b9df000343 [generators] Improve yield* desugaring to save unnecessary try/catch and try/finally
Change-Id: Ia900c6c21d1ff330088a6566f8f6c7719c887ccf
Reviewed-on: https://chromium-review.googlesource.com/509256
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45466}
2017-05-22 16:08:41 +00:00
Michael Achenbach
c3f8b503ef Revert "[Interpreter] Improve handling of a === true / false."
This reverts commit bdf70aa0e2.

Reason for revert: Breaks perf testing. Comma missing in json.

Original change's description:
> [Interpreter] Improve handling of a === true / false.
> 
> Add support for direct jumping on True/False for strict equals of boolean
> literals. This improves the score for such comparisons by around 75% on
> baseline code, and by around 40x on optimized code for the added performance
> test.
> 
> Bug=v8:6403
> 
> Change-Id: I81ea16a057e081eb6d159cd64c8e8615f65f9abb
> Reviewed-on: https://chromium-review.googlesource.com/509570
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Mythri Alle <mythria@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#45450}

TBR=rmcilroy@chromium.org,mythria@chromium.org,bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Bug=v8:6403

Change-Id: I12b1868ba22354d056f38fe36e3c1e5fae5aa1b5
Reviewed-on: https://chromium-review.googlesource.com/509577
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45459}
2017-05-22 13:14:44 +00:00
Wiktor Garbacz
9a8efd8a4e [cleanup] Remove return after UNREACHABLE
Change-Id: I20ed35a7fb5104a9cc66bb54fa8966589c43d7f9
Reviewed-on: https://chromium-review.googlesource.com/507287
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Wiktor Garbacz <wiktorg@google.com>
Cr-Commit-Position: refs/heads/master@{#45458}
2017-05-22 13:10:01 +00:00
Raphael Kubo da Costa
b5e610c192 Make Object::GetOwnPropertyDescriptor() take a Name, not a String.
Most of the plumbing is already present in the non-public API. According to
ES2016, Symbols are also accepted in calls to getOwnProperty(), and taking
them is required in Blink for proper record<K,V> WebIDL conversions.

R=jochen@chromium.org,verwaest@chromium.org

Bug: chromium:724481
Change-Id: I0dfe0e57f6d811f04ecbfd8ec0c97e44c9f02c96
Reviewed-on: https://chromium-review.googlesource.com/509611
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Raphael Kubo da Costa (rakuco) <raphael.kubo.da.costa@intel.com>
Cr-Commit-Position: refs/heads/master@{#45454}
2017-05-22 12:02:26 +00:00
Ross McIlroy
905d7aaf91 [Interpreter] Add StringConcat bytecode.
Special cases addition expressions where one of the sides is known to be a
string to enable chains of string additions to be transformed into a series
of ToPrimitiveToString operations followed by a single string concatenation 
at the end of the chain of additions. This should avoid creating temporary
strings for each of the string additions (in essence this is an automated
string builder).

BUG=v8:6243

Change-Id: I44977d6dad00ee906f251c4bd9cab27e160c09d1
Reviewed-on: https://chromium-review.googlesource.com/493966
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45453}
2017-05-22 11:44:27 +00:00
Ross McIlroy
bdf70aa0e2 [Interpreter] Improve handling of a === true / false.
Add support for direct jumping on True/False for strict equals of boolean
literals. This improves the score for such comparisons by around 75% on
baseline code, and by around 40x on optimized code for the added performance
test.

Bug=v8:6403

Change-Id: I81ea16a057e081eb6d159cd64c8e8615f65f9abb
Reviewed-on: https://chromium-review.googlesource.com/509570
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45450}
2017-05-22 10:41:44 +00:00
Jochen Eisinger
536a5cd2a9 Add COMPONENT tags to OWNERS files where appropriate
R=danno@chromium.org
CC=sshruthi@chromium.org
TBR=verwaest@chromium.org,bmeurer@chromium.org,yangguo@chromium.org,rossberg@chromium.org

Change-Id: I32e09193fa6e847ac3336eab62b6d85c46d71164
Reviewed-on: https://chromium-review.googlesource.com/509508
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45447}
2017-05-22 10:15:28 +00:00
Ross McIlroy
f5d0df35d7 [Heap] Remove code flushing.
Only FullCodegen code ever gets flushed by code flushing. Since we are
deprecating the old pipeline, the added complexity introduced by code
flushing is no longer worth it. This CL removes it (but keeps code aging,
which is used to unlink SFIs from the compilation cache).

BUG=v8:6389,v8:6379,v8:6409

Change-Id: I90de113a101f86dbeaaf0511c61a090ef12aa365
Reviewed-on: https://chromium-review.googlesource.com/507388
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45446}
2017-05-22 09:34:43 +00:00
gdeepti
eeefc74a11 [wasm] Swap the implementation of SIMD compare ops using Gt/Ge insteas of Lt/Le
Currently SIMD integer comparison ops are implemented using Lt/Le, this is
sub-optimal on Intel, because all compares are done using pcmpgt(d/w/b) that
clobber the destination register, and will need additional instructions to
when using Lt/Le as the base implementation. This CL proposes moving to Gt/Ge
as the underlying implementation as this will only require swapping operands
on MIPS and is consistent with x86/ARM instructions.

BUG=v8:6020

R=bbudge@chromium.org, bmeurer@chromium.org, bradnelson@chromium.org

Review-Url: https://codereview.chromium.org/2874403002
Cr-Commit-Position: refs/heads/master@{#45440}
2017-05-21 22:40:46 +00:00
Loo Rong Jie
4f342fd6a9 [GYP] Move builtins generation into mksnapshot
Bug:v8:6055

Change-Id: Ifeac048e5bee2d1782cdaaabe9f5257129b7be0e
Reviewed-on: https://chromium-review.googlesource.com/508528
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Loo Rong Jie <loorongjie@gmail.com>
Cr-Commit-Position: refs/heads/master@{#45437}
2017-05-19 22:11:16 +00:00
Eric Holk
3603fb05a6 [wasm] Use ArrayBuffer::Allocator API for guard regions
The WebAssembly code now uses these new APIs to allocate memory with guard
regions. Guarded array buffers are no longer always external, which eliminates
a lot of special cases around WebAssembly memory.

Bug: chromium:720302
Change-Id: I355b74ac30a05a18c8b363bd256d57458742849f
Reviewed-on: https://chromium-review.googlesource.com/505715
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Commit-Queue: Eric Holk <eholk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45436}
2017-05-19 21:54:50 +00:00
thomasanderson
cb7dd0a911 Replace sanitizers:deps with exe_and_shlib_deps (v8)
All targets (at least on sanitizer builds) unconditionally depend
on //build/config/sanitizers:deps.

It is necessary for bug 593874 that all targets now also depend
on //buildtools/third_party/libc++:libcxx_proxy.  This requires
adding a new "global dependency": //build/config:exe_and_shlib_deps.

This CL updates references to sanitizers:deps to instead refer to
//build/config:exe_and_shlib_deps.

BUG=chromium:723069
R=bradnelson@chromium.org

Review-Url: https://codereview.chromium.org/2894013003
Cr-Commit-Position: refs/heads/master@{#45435}
2017-05-19 21:52:47 +00:00
mvstanton
c476e8afc1 [ignition] Use an intrinsic for GeneratorClose.
GeneratorClose is pretty simple, we can handle it in the interpreter.

BUG=v8:6351

Review-Url: https://codereview.chromium.org/2891353002
Cr-Commit-Position: refs/heads/master@{#45434}
2017-05-19 17:36:08 +00:00
Camillo Bruni
930e31e6e6 [csa] Enforce using BIND macro
This CL enforces passing an AssemblerDebugInfo object to Bind, most convently
acheived by the BIND macro.

Change-Id: I092714f10803f529d01d2fe716b96275b2bee806
Reviewed-on: https://chromium-review.googlesource.com/508729
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45433}
2017-05-19 16:47:56 +00:00
mvstanton
0980d759f5 [Interpreter] Handle various generator intrinsics
We can avoid some runtime calls by implementing intrinsics.

BUG=

Review-Url: https://codereview.chromium.org/2889973002
Cr-Commit-Position: refs/heads/master@{#45418}
2017-05-19 09:27:25 +00:00
Adam Klein
5dc2d6f6c5 Reland: [ignition] Be smarter about register allocation in VisitSuspend
Split BytecodeGenerator::VisitSuspend into two pieces, one for
building the suspension code and one for resumption (these
are split into separate Build methods for convenience).
Each gets its own RegisterAllocationScope, which allows us to
reduce the register file size of the empty generator by 1.

For consistency, rename VisitGeneratorPrologue() to
BuildGeneratorPrologue() to match the names of the two
newly-created methods.

This relands the patch originally committed in
98927ea51b, as the test failure
due to that change was a code flushing bug. Code flushing was
disabled in de4a4095cf.

R=rmcilroy@chromium.org

Bug: v8:6379
Change-Id: Ifb4deafea99693c0a4e8646cf4e9884c7374cfc6
Reviewed-on: https://chromium-review.googlesource.com/508814
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45406}
2017-05-18 20:30:39 +00:00
Adam Klein
9397c1b73a Revert "[parser] Refactor streaming scanner streams."
This reverts commit ce538f70c1.

Reason for revert: breaks BOM handling (thus breaking Outlook web apps).

Original change's description:
> [parser] Refactor streaming scanner streams.
> 
> Unify, simplify logic, reduce UTF8 specific handling.
> 
> Intend of this is also to have stream views.
> Stream views can be used concurrently by multiple threads, but
> only one thread may fetch new data from the underlying source.
> This together with unified stream view creation is intended to be
> used for parse tasks.
> 
> BUG=v8:6093
> 
> Change-Id: Ied8e93090c506d4735080298f0fdaeed32043915
> Reviewed-on: https://chromium-review.googlesource.com/501789
> Commit-Queue: Wiktor Garbacz <wiktorg@google.com>
> Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#45336}

TBR=marja@chromium.org,vogelheim@chromium.org,jochen@chromium.org,wiktorg@google.com
BUG=v8:6093, chromium:724166

Change-Id: I022a23b8052d20d83a640c07b7864c622548bf90
Reviewed-on: https://chromium-review.googlesource.com/508888
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45404}
2017-05-18 19:28:58 +00:00
ulan
6b5e443972 [heap] Fix verification of unsafe object layout changes.
This patch adds HeapObject::set_map_after_allocation method that
initializes the map of the object without object layout checks.

All other map setters now check that transitions unsafe for
concurrent marking properly notify the GC.

BUG=chromium:694255

Review-Url: https://codereview.chromium.org/2885883004
Cr-Commit-Position: refs/heads/master@{#45403}
2017-05-18 19:24:22 +00:00
Leszek Swirski
5e9939214e [ignition] Use jump for single deferred commands
For a single deferred commands, using a jump table is overkill, so
instead simply test the token against the single entry.

Bug: v8:4280
Bug: v8:6218
Change-Id: I0300f640080705fb10f46ad4ed5791703fa4dd77
Reviewed-on: https://chromium-review.googlesource.com/506153
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45393}
2017-05-18 10:27:58 +00:00
ivica.bogosavljevic
bbb728bff4 MIPS[64]: Fix typo in StackSlotAlignment test
BUG=

Review-Url: https://codereview.chromium.org/2892713002
Cr-Commit-Position: refs/heads/master@{#45392}
2017-05-18 09:42:44 +00:00
Camillo Bruni
5e9fd38564 [runtime] Support arbitrary number of properties for FastCloneShallowObject
Change-Id: I4b19700b613f81601321a336cc758cfd7f826f3e
Reviewed-on: https://chromium-review.googlesource.com/504347
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45390}
2017-05-18 08:20:33 +00:00
Marja Hölttä
05696362ad [parser] Skipping inner funcs: fix preparsing super.
Super calls need to refer to .this_function, .new.target and this, and super
property references need to refer to .this_function and this, so that the
is_used for those variables will be set and they will be allocated correctly.

BUG=v8:5516

Change-Id: Idc58539fccad70c995e029051b59a67ea66bff91
Reviewed-on: https://chromium-review.googlesource.com/506094
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45376}
2017-05-17 13:42:41 +00:00
Marja Hölttä
f270bbfa8f [parser|ast] Simplify AstNodeFactory Zone usage.
AstNodeFactory used to get the Zone directly from AstValueFactory. But that's
generally the wrong Zone (the main Zone, instead of the temp Zone), and the
creator of AstNodeFactory had to call set_zone right after. By adding a Zone
param, we can pass the correct Zone right away.

Also made PreParserFactory have an AstNodeFactory, so that we don't need to
create temporary AstNodeFactories all the time.

Also removed AstNodeFactory::BodyScope since DiscardableZoneScope essentially
did the same thing already.

BUG=v8:5516,v8:6092

Change-Id: I189d2e6afe91c91e49d8ed7e3496a0d9c405e1c5
Reviewed-on: https://chromium-review.googlesource.com/507129
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45370}
2017-05-17 12:15:18 +00:00