Commit Graph

40641 Commits

Author SHA1 Message Date
Toon Verwaest
b186ca9c75 [runtime] Move MaxNumberKey and NextEnumerationIndex to the subclasses that use it
Bug: 
Change-Id: Ica3ebd998ad44d24c401cfb74cf5cbe3a6164c47
Reviewed-on: https://chromium-review.googlesource.com/541344
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46099}
2017-06-21 14:58:44 +00:00
Ulan Degenbaev
af1c9e345d [heap] Fix data race in runtime functions that use std::sort.
BUG=chromium:694255

Change-Id: I52237650b2e80428d21acfa2c4993a07d224b8c5
Reviewed-on: https://chromium-review.googlesource.com/542819
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46098}
2017-06-21 14:57:38 +00:00
Mythri
ef4957baec Set the number of ticks required to optimize based on function size.
Currently, the number of ticks to wait before optimizing is a constant (if
sufficient feedback is available). This cl changes it so that, larger
functions would have to wait longer for optimizing. The number of ticks
required scales linearly with the function size.

Bug: 
Change-Id: Id27bea715cf15960667cf63381b1cbe8dac94428
Reviewed-on: https://chromium-review.googlesource.com/538614
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46097}
2017-06-21 14:45:46 +00:00
Peter Marshall
736693c498 [lsan] Remove suppression for JSArrayBuffer::SetupAllocatingData.
I can't reproduce any issues with an lsan build, so we will remove
this for now and keep an eye out.

Bug: v8:6315
Change-Id: Iad2a1b23f3614ec9a09a83bb01e235969c3f9fcc
Reviewed-on: https://chromium-review.googlesource.com/542835
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46096}
2017-06-21 13:38:54 +00:00
jgruber
63a7fa5aa3 [coverage] Improve source range precision
This CL improves reported source range precision in a couple of ways:

Source ranges are now standardized to consist of an inclusive start
index and an exclusive end index (similar to what's reported for
functions). For example:

0123456789  // Offset.
{ f(); }    // Block represented as range {0,8}.

Duplicate singleton ranges (i.e. same start and end offsets) are now
merged (this only becomes relevant once jump statement coverage is
added). For example:

for (.) break;  // Break- and loop continuation have same positions.

SourceRangeScope incorrectly collected starting position
(unconditionally) and end position (when no semi-colon was present).

01234567890123  // Offset.
for (.) break   // Loop body range is {8,13}, was {6,9}.

Bug: v8:6000
Change-Id: I62e7c70cc894a20f318330a2fbbcedc47da2b5db
Reviewed-on: https://chromium-review.googlesource.com/541358
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46095}
2017-06-21 13:33:54 +00:00
Ulan Degenbaev
d1c2c8ed8f [heap] Fix a markbit data race in deserializer.
BUG=chromium:694255

Change-Id: Icd949cb6cd3c7405dbdf1933f6239851443f87a8
Reviewed-on: https://chromium-review.googlesource.com/542616
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46094}
2017-06-21 13:32:49 +00:00
Ross McIlroy
69a645d3c6 [TurboFan] Enable typed lowering of JSStringConcat to ConsString allocation.
Adds typed lowering of JSStringConcat to ConsString allocation if the
following conditions hold:
 - All concatinations will result in a ConsString of >= ConString::kMinLength
 - No concatinations will result in a empty string in the RHS unless there is
   a sequential string in the LHS.

This also means JSStringConcat needs an eager checkpoint since it can
deopt if throwing a RangeError when the string length protector is valid.

BUG=v8:6243

Change-Id: I01ca79f884df467c10f2c032c72d51b5199c1a3c
Reviewed-on: https://chromium-review.googlesource.com/526636
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46093}
2017-06-21 13:31:45 +00:00
Michael Lippautz
d03768b008 [heap] Avoid repeated loads of object size
The iterator already provides the size.

Bug: chromium:651354
Change-Id: I683bfe5c82441bf39c21b18daa58eba91b798c64
Reviewed-on: https://chromium-review.googlesource.com/543495
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46092}
2017-06-21 13:30:40 +00:00
Michael Achenbach
1911518736 [build] Switch cfi bot to gn
NOTRY=true

Bug: chromium:645890,chromium:726584
Change-Id: Ie16650d7e8912233407a7f5b2dcb98f917869bdc
Reviewed-on: https://chromium-review.googlesource.com/541319
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46091}
2017-06-21 13:29:36 +00:00
Toon Verwaest
3568a433fb [runtime] Merge *NumberDictionary::Set and AtNumberPut
Bug: 
Change-Id: Idf5673ef3262c64d1c214362accc42554dbc2e69
Reviewed-on: https://chromium-review.googlesource.com/541340
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46090}
2017-06-21 13:28:32 +00:00
Michael Starzinger
94c95971c9 [fullcodegen] Deprecate usage of patching ToBooleanICStub.
This switches all uses of the patching {ToBooleanICStub} over to the
existing and non-patching {ToBoolean} CSA-builtin, and removes some
supporting code.

R=verwaest@chromium.org
BUG=v8:6408

Change-Id: Iab60c95e6b54e426408390e056b679f6227e7ce0
Reviewed-on: https://chromium-review.googlesource.com/539576
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46089}
2017-06-21 13:27:25 +00:00
Michael Starzinger
b7ba63e931 [deoptimizer] Simplify Runtime_NotifyDeoptimized a bit.
R=jarin@chromium.org

Change-Id: I0cf5eb57b0f1528f08bc47b3bfddced5cff1abf2
Reviewed-on: https://chromium-review.googlesource.com/543118
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46088}
2017-06-21 12:34:17 +00:00
bmeurer
217012973c [turbofan] Introduce new JSConstructWithArrayLike operator.
Add a new JSConstructWithArrayLike operator that is backed by the
ConstructWithArrayLike builtin (similar to what was done before
for the JSCallWithArrayLike operator), and use that operator to
optimize Reflect.construct inlining in TurboFan. This is handled
uniformly with JSConstructWithSpread in the JSCallReducer.

Also add missing test coverage for Reflect.construct in optimized
code, especially for some interesting corner cases.

R=petermarshall@chromium.org
BUG=v8:4587,v8:5269

Review-Url: https://codereview.chromium.org/2949813002
Cr-Commit-Position: refs/heads/master@{#46087}
2017-06-21 12:31:59 +00:00
Michael Starzinger
72a597fa21 [turbofan] Move RegisterWeakObjectsInOptimizedCode.
This addresses a TODO about the correct location of the helper function
in question, it is now internal to TurboFan instead of being shared.

R=jarin@chromium.org

Change-Id: I7e6112e9bc9759255a416fa2e2a9f92a8e4248c8
Reviewed-on: https://chromium-review.googlesource.com/542840
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46086}
2017-06-21 12:27:24 +00:00
Michael Lippautz
ee35abf125 [heap] Build proper iterator for iterating live objects
- Iterator advancing is kept mainly unchanged.
- The iterator stores the size of the object which is to be used by the
  caller in follow ups. This way we might be able to avoid further out
  of line loads.
- The iteartor follows the regular std conventions allowing range based
  loops.

Bug: chromium:651354
Change-Id: I8928224a62d3a48a48145a2d00279a28608bc634
Reviewed-on: https://chromium-review.googlesource.com/543335
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46085}
2017-06-21 12:20:14 +00:00
Michael Lippautz
0b92f0723c [heap] Cleanup RemoveRange in VisitBlackObjects
Bug: 
Change-Id: I0e49aec183cfb5cd71f82862718cdbc62add0247
Reviewed-on: https://chromium-review.googlesource.com/543038
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46084}
2017-06-21 12:18:39 +00:00
Michael Starzinger
9c38b8ae04 [ast] Simplify assignment of OSR entry ids.
R=verwaest@chromium.org

Change-Id: I39921052ddf0934f1a626f3e1e458280475ae265
Reviewed-on: https://chromium-review.googlesource.com/539515
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46083}
2017-06-21 12:17:35 +00:00
Ulan Degenbaev
7e192a91b8 [heap] Fix data race in Heap::MoveElements.
BUG=chromium:694255

Change-Id: Id15b12ab821de4af7518b658dc63e35bde483312
Reviewed-on: https://chromium-review.googlesource.com/541325
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46082}
2017-06-21 12:16:31 +00:00
mcgreevy
25f86761e6 Roll v8 isolate binaries to match the chromium versions.
The chromium versions were rolled here: https://codereview.chromium.org/2949663002/

BUG=chromium:692940

Review-Url: https://codereview.chromium.org/2950003002
Cr-Commit-Position: refs/heads/master@{#46081}
2017-06-21 12:15:36 +00:00
Ross McIlroy
1b64598dd5 [Interpreter] Inline some functions to improve expression depth of binary ops.
Inlines some functions to improve reduce the stack requirements for
chains of binary operations in the bytecode generator, thereby
enabling support of deeper expression stacks.

BUG=chromium:731861

Change-Id: I5ca437d507e9b2a7eb74f33deaa708ecd646077b
Reviewed-on: https://chromium-review.googlesource.com/541356
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46080}
2017-06-21 12:15:25 +00:00
Andreas Haas
49101b5267 [wasm] Remove dead code
R=clemensh@chromium.org

Change-Id: Iee0296d138f892f5d734cadbc28361746c191c3c
Reviewed-on: https://chromium-review.googlesource.com/542855
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46079}
2017-06-21 11:01:14 +00:00
Andreas Haas
6828887b85 [wasm] Remove the wasm-asmjs fuzzer
The fuzzer has already been removed from chromium. In addition I removed
code which was only used by this fuzzer.

BUG=chromium:734550
R=clemensh@chromium.org
CC=mstarzinger@chromium.org

Change-Id: I2ff4614e4d64131412ead759318e5c38e38f5d3d
Reviewed-on: https://chromium-review.googlesource.com/542816
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46078}
2017-06-21 10:59:35 +00:00
Ross McIlroy
811643b49b Reland: [IdentityMap] Fix size if GC short-cuts objects.
BUG=chromium:704132

Change-Id: I5be333888215718c2680f5a442fe26ffd988f04e
Reviewed-on: https://chromium-review.googlesource.com/541443
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46077}
2017-06-21 09:37:20 +00:00
v8-autoroll
0838b93855 Update V8 DEPS.
Rolling v8/build: 97e4bb9..9ffcabd

Rolling v8/buildtools: 9a65473..b92ff91

Rolling v8/third_party/catapult: c2d7f3a..a64c010

Rolling v8/tools/clang: 7659b77..9bb118e

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Change-Id: I2335882b10ab4b13793177c02bd6f40d99158a1f
Reviewed-on: https://chromium-review.googlesource.com/542136
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46076}
2017-06-21 03:35:04 +00:00
Bill Budge
73ca1690ae [WASM SIMD] Eliminate boolean vector materialization in SIMD tests.
- Now that there are no boolean vector types, we can directly test the
  results of relational ops.

Bug: v8:6020
Change-Id: Id2139133ae3a548a9985a26a3427cbeddc6272a6
Reviewed-on: https://chromium-review.googlesource.com/536176
Reviewed-by: Aseem Garg <aseemgarg@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46075}
2017-06-20 23:04:43 +00:00
Mircea Trofin
045c40d09c [wasm] Reopen CEntryStub handle in deferred scope when async compiling.
Bug: chromium:734108
Change-Id: I696b104e3b6b9dd71a60c21baa558d4f1fec1dfb
Reviewed-on: https://chromium-review.googlesource.com/541624
Commit-Queue: Brad Nelson <bradnelson@chromium.org>
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46074}
2017-06-20 22:22:56 +00:00
Aseem Garg
ef0f0b28f8 Revert "Revert "[WASM SIMD] Store simd lowering compare ops result as -1 instead of 1""
This reverts commit dddd2c696c.

Reason for revert: The breakage seemed unrelated (it wasn't fixed on revert).

Original change's description:
> Revert "[WASM SIMD] Store simd lowering compare ops result as -1 instead of 1"
> 
> This reverts commit 2f83ffa99d.
> 
> Reason for revert: Bots failed after this landed. Need to figure out if it is related.
> 
> Original change's description:
> > [WASM SIMD] Store simd lowering compare ops result as -1 instead of 1
> > 
> > BUG: v8:6020
> > Change-Id: I3148511233ee6f89acd71644e0c43f72ccc5eef0
> > Reviewed-on: https://chromium-review.googlesource.com/538160
> > Reviewed-by: Bill Budge <bbudge@chromium.org>
> > Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
> > Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#46071}
> 
> TBR=bbudge@chromium.org,gdeepti@chromium.org,mtrofin@chromium.org,aseemgarg@chromium.org
> 
> Change-Id: I300eadd02ab2d20817461e6f9a2c23c138b42256
> No-Presubmit: true
> No-Tree-Checks: true
> No-Try: true
> Reviewed-on: https://chromium-review.googlesource.com/541717
> Reviewed-by: Aseem Garg <aseemgarg@chromium.org>
> Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#46072}

TBR=bbudge@chromium.org,gdeepti@chromium.org,mtrofin@chromium.org,aseemgarg@chromium.org

Change-Id: I83021de8db76c27ea8d0570509713ef5c4560418
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/541719
Reviewed-by: Aseem Garg <aseemgarg@chromium.org>
Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46073}
2017-06-20 21:44:17 +00:00
Aseem Garg
dddd2c696c Revert "[WASM SIMD] Store simd lowering compare ops result as -1 instead of 1"
This reverts commit 2f83ffa99d.

Reason for revert: Bots failed after this landed. Need to figure out if it is related.

Original change's description:
> [WASM SIMD] Store simd lowering compare ops result as -1 instead of 1
> 
> BUG: v8:6020
> Change-Id: I3148511233ee6f89acd71644e0c43f72ccc5eef0
> Reviewed-on: https://chromium-review.googlesource.com/538160
> Reviewed-by: Bill Budge <bbudge@chromium.org>
> Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
> Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#46071}

TBR=bbudge@chromium.org,gdeepti@chromium.org,mtrofin@chromium.org,aseemgarg@chromium.org

Change-Id: I300eadd02ab2d20817461e6f9a2c23c138b42256
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/541717
Reviewed-by: Aseem Garg <aseemgarg@chromium.org>
Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46072}
2017-06-20 21:06:43 +00:00
Aseem Garg
2f83ffa99d [WASM SIMD] Store simd lowering compare ops result as -1 instead of 1
BUG: v8:6020
Change-Id: I3148511233ee6f89acd71644e0c43f72ccc5eef0
Reviewed-on: https://chromium-review.googlesource.com/538160
Reviewed-by: Bill Budge <bbudge@chromium.org>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46071}
2017-06-20 20:43:18 +00:00
Sathya Gunasekaran
323cf26df0 [Collections] Change ::HasKey to return bool
Mask the lower byte before doing the compare.

Bug: v8:5717, v8:6455
Change-Id: I0c7e8b79adc36fb5ee643eae2e42fd892cd560fd
Reviewed-on: https://chromium-review.googlesource.com/527885
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46070}
2017-06-20 18:45:27 +00:00
Adam Klein
8744ef8109 [cleanup] Prune dead macros from src/js/macros.py
Also remove support for "python macros" as the last
existing one is removed in this patch.

Change-Id: I537d604a0a1c9ca11cd5c195841b9f5a0ec74850
Reviewed-on: https://chromium-review.googlesource.com/540836
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46069}
2017-06-20 18:44:22 +00:00
machenbach
c3f2c5ef8d Revert of [parser] Forbid \08 in strict strings (patchset #3 id:40001 of https://codereview.chromium.org/2950633002/ )
Reason for revert:
Breaks layout test:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/16403

See:
https://github.com/v8/v8/wiki/Blink-layout-tests

Original issue's description:
> [parser] Forbid \08 in strict strings and in untagged templates
>
> This was never legal; the spec only allows '\0' in strict-mode strings or templates
> when not followed by a decimal digit. Previously we were only enforcing that it
> not be followed by an _octal_ digit.
>
> This was already fixed for numeric literals, but not for escape sequences in strings.
>
> BUG=v8:6504
>
> Review-Url: https://codereview.chromium.org/2950633002
> Cr-Commit-Position: refs/heads/master@{#46046}
> Committed: b102540e44

TBR=vogelheim@chromium.org,bakkot@gmail.com
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:6504

Review-Url: https://codereview.chromium.org/2946953002
Cr-Commit-Position: refs/heads/master@{#46068}
2017-06-20 18:24:00 +00:00
Michael Achenbach
41b02eec5f Revert "Revert "Fix GCC 7 build errors""
This reverts commit da607264dd.

Reason for revert: Looked wrong. The persistent layout test
failures started in the next revision. The failure on the revision
of the reverted CL was just a flake.

Original change's description:
> Revert "Fix GCC 7 build errors"
> 
> This reverts commit c0f1ff2451.
> 
> Reason for revert: Speculative revert for layout test timeout:
> https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/16402
> 
> Original change's description:
> > Fix GCC 7 build errors
> > 
> > BUG=chromium:691681
> > R=​franzih@chromium.org
> > 
> > Change-Id: Id7e5698487f16dc217a804f6d3f24da7213c72b9
> > Reviewed-on: https://chromium-review.googlesource.com/530227
> > Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#46045}
> 
> TBR=adamk@chromium.org,franzih@chromium.org,mic.besace@gmail.com,verwaest@chromium.org
> 
> Change-Id: I2119a87a95ed9eb88b7b32ae436edf28dfc86c16
> No-Presubmit: true
> No-Tree-Checks: true
> No-Try: true
> Bug: chromium:691681
> Reviewed-on: https://chromium-review.googlesource.com/541227
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#46065}

TBR=adamk@chromium.org,machenbach@chromium.org,franzih@chromium.org,mic.besace@gmail.com,verwaest@chromium.org

Change-Id: Ieee7f6b3b80d380e720206e7b43c4b580918b1d7
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:691681
Reviewed-on: https://chromium-review.googlesource.com/541228
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46067}
2017-06-20 18:22:54 +00:00
Sathya Gunasekaran
d5040c4390 [collections] Add OrderedHashTable::Delete
Bug: v8:5717
Change-Id: Icc601c409ac79195991facf1cb2027aab6145ff8
Reviewed-on: https://chromium-review.googlesource.com/540659
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46066}
2017-06-20 18:20:12 +00:00
Michael Achenbach
da607264dd Revert "Fix GCC 7 build errors"
This reverts commit c0f1ff2451.

Reason for revert: Speculative revert for layout test timeout:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/16402

Original change's description:
> Fix GCC 7 build errors
> 
> BUG=chromium:691681
> R=​franzih@chromium.org
> 
> Change-Id: Id7e5698487f16dc217a804f6d3f24da7213c72b9
> Reviewed-on: https://chromium-review.googlesource.com/530227
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#46045}

TBR=adamk@chromium.org,franzih@chromium.org,mic.besace@gmail.com,verwaest@chromium.org

Change-Id: I2119a87a95ed9eb88b7b32ae436edf28dfc86c16
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:691681
Reviewed-on: https://chromium-review.googlesource.com/541227
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46065}
2017-06-20 18:16:34 +00:00
Clemens Hammacher
41e8af2c7c [wasm] Fix errors on exported globals
On an error during {ProcessExports()}, we would just continue
execution, resulting in a DCHECK failure later.
I did not find any tests for exported globals, so I added a few
(including a regression test for the referenced bug).

R=ahaas@chromium.org
BUG=chromium:734295

Change-Id: I35370de934c274f870680c662ef848c72268a7bc
Reviewed-on: https://chromium-review.googlesource.com/539401
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46064}
2017-06-20 17:32:22 +00:00
Daniel Vogelheim
79324c4de6 [parser] Treat \ufffe as non-whitespace.
R=marja@chromium.org

Bug: chromium:726625
Change-Id: I3f451a47b5a60a4c367d04a5466acd9e2f90df14
Reviewed-on: https://chromium-review.googlesource.com/530849
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46063}
2017-06-20 16:44:51 +00:00
Clemens Hammacher
ebc76f64c5 [wasm] Keep instances of imported code alive
If one wasm instance imports an exported function of another instance,
we unwrap the js-to-wasm wrapper of the export and use the underlying
code object directly. However, the code object does not keep the wasm
instance alive. It is only connected via a WeakCell.
With this CL, we explicitly store a FixedArray of all wasm instances
from which we imported functions to keep them alive at least as long as
the instance which imports the code.

R=mtrofin@chromium.org, ahaas@chromium.org
BUG=chromium:734345

Change-Id: I8dcfc9a4ea2d791a62d8cb7255039e481c50bdfd
Reviewed-on: https://chromium-review.googlesource.com/539738
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46062}
2017-06-20 16:23:09 +00:00
Ross McIlroy
84b602537e Revert "[IdentityMap] Fix size if GC short-cuts objects."
This reverts commit d58bb2dcfa.

Reason for revert: New test breaks on optimize-for-size:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20-%20debug/builds/16469/steps/OptimizeForSize/logs/GCShortCutting

Original change's description:
> [IdentityMap] Fix size if GC short-cuts objects.
> 
> BUG=chromium:704132
> 
> Change-Id: I6146c907d4f26147676f7dde4974c44fe541e8fe
> Reviewed-on: https://chromium-review.googlesource.com/541362
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#46059}

TBR=rmcilroy@chromium.org,mstarzinger@chromium.org

Change-Id: Ib2ba207dcc1b3193d3645090e9c0a9676f38c353
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:704132
Reviewed-on: https://chromium-review.googlesource.com/541224
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46061}
2017-06-20 16:14:01 +00:00
Ulan Degenbaev
6c7304b00b [heap] Separate iteration of black allocated objects from write barrier.
This patch replaces IterateBlackObject with two functions:
- RecordWrites,
- ProcessBlackAllocatedObject.

The RecordWrites function is a write barrier, and its behaviour depends
on whether the concurrent marking is on or not.

The ProcessBlackAllocatedObject is the same indepenent from the
concurrent marker.

BUG=chromium:694255

Change-Id: I1666371fbdac9b26c6f875b9e1d1751da4ea1960
Reviewed-on: https://chromium-review.googlesource.com/541441
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46060}
2017-06-20 15:42:44 +00:00
Ross McIlroy
d58bb2dcfa [IdentityMap] Fix size if GC short-cuts objects.
BUG=chromium:704132

Change-Id: I6146c907d4f26147676f7dde4974c44fe541e8fe
Reviewed-on: https://chromium-review.googlesource.com/541362
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46059}
2017-06-20 15:36:47 +00:00
Michael Starzinger
73ddfb146b [turbofan] Tweak AllocationSite::CanTrack for TurboFan.
This adapts the predicate in question to be geared towards TurboFan now
that Crankshaft is no longer being used. It makes the predicate respect
the --allocation-site-pretenuring flag again in all cases.

R=mlippautz@chromium.org
BUG=v8:6408

Change-Id: Ib2753f70d7904764859a2d91815a675745416239
Reviewed-on: https://chromium-review.googlesource.com/541321
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46058}
2017-06-20 15:06:27 +00:00
Camillo Bruni
881e980780 [cleanup] Move Clone and AllocationSite creation into runtime-literals.cc
Change-Id: I353d5959eef5369ae42ed7a176d6e59e94cc2d77
Reviewed-on: https://chromium-review.googlesource.com/541424
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46057}
2017-06-20 15:04:16 +00:00
Alexey Kozyatinskiy
f6bc208864 [debugger] removed BreakPositionAlignment.STATEMENT_ALIGNED
Inspector uses only BREAK_POSITION_ALIGNED, no tests pass STATEMENT_ALIGNED. It's exposed only with debugger API but I'm pretty sure that nobody actually uses it and as far as mirrors API is deprecated - it's time to remove it.

R=jgruber@chromium.org

Bug: none
Change-Id: I28d62e145811d3eb6f4d64007c47c51b2ecbaf0f
Reviewed-on: https://chromium-review.googlesource.com/536934
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46056}
2017-06-20 15:01:47 +00:00
Dusan Simicic
932fd3ba90 MIPS: Fix CallSize call from MacroAssembler
Remove ast_id parameter from CallSize() which is not removed in

https: //codereview.chromium.org/2944013002
Bug: 
Change-Id: I40c9460bf105c9a91f614a9ab2360eee70ab9b78
Reviewed-on: https://chromium-review.googlesource.com/541437
Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com>
Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com>
Cr-Commit-Position: refs/heads/master@{#46055}
2017-06-20 14:40:47 +00:00
Ulan Degenbaev
502ce7e234 [heap] Fix markbit data races with concurrent marker.
BUG=chromium:694255

Change-Id: I65b4ecc7630ece32e351c1c6acea3960f7b6778b
Reviewed-on: https://chromium-review.googlesource.com/541380
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46054}
2017-06-20 14:32:04 +00:00
Dusan Simicic
b772ef4b57 MIPS[64]: Implement Shuffle SIMD operations
Add support for S32x4Shuffle, S16x8Shuffle, S8x16Shuffle for mips and
mips64 architectures.

Bug: 
Change-Id: I2c062525ed94edfcb38a53f4bbef02131e313ba3
Reviewed-on: https://chromium-review.googlesource.com/531007
Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46053}
2017-06-20 14:29:15 +00:00
Michael Lippautz
87d9f75716 [heap] MinorMC: Avoid unecessarily updating allocation sites
AllocationSite objects survive if a page moves within new space. The
intended behavior was to update the count only when they are visited by
the Scavenger the first time, as they would die afterwards.

This fixes that case where we would move a page within new space where
most objects survive. We would unnecessarily update the AllocationSite
in this case.

Bug: chromium:651354
Change-Id: Ife4dd3e7f60320e0050e7c83dfc5457f66e2287c
Reviewed-on: https://chromium-review.googlesource.com/541302
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46052}
2017-06-20 14:26:54 +00:00
Michael Starzinger
21cbc91443 [asm.js] Ensure coercion of imports is non-observable.
This makes sure that the coercion of global import values to numbers
remains non-observable to JavaScript. It allows instantiation failures
to fall back to JavaScript proper without accidentally causing some
side-effect to happen twice. Also coercions might invalidate previous
checks done during linking or throw exceptions.

R=clemensh@chromium.org
TEST=mjsunit/regress/regress-6431
BUG=v8:6431

Change-Id: Ibe2f7a336bc0fb25532d526746ecc802e04bbd5c
Reviewed-on: https://chromium-review.googlesource.com/512544
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46051}
2017-06-20 13:55:35 +00:00
Clemens Hammacher
6269b2be1e [wasm] Avoid constructing overflowing WireBytesRefs
The constructor of WireBytesRef checks that offset+length is still in
the uint32_t range. This CL avoids triggering this check on illegally
size strings.

R=ahaas@chromium.org
BUG=chromium:734246

Change-Id: Iab5c7013aa3e0ac5060bc4733e712a1652679b1a
Reviewed-on: https://chromium-review.googlesource.com/539402
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46050}
2017-06-20 13:48:44 +00:00