Commit Graph

47254 Commits

Author SHA1 Message Date
Vlad Tsyrklevich
5fb562fcf7 Reland "Enable cfi-icall on the v8 CFI bots"
This is a reland of 9a7e9cf2a7

Original change's description:
> Enable cfi-icall on the v8 CFI bots
>
> BUG=v8:7164
>
> Change-Id: I7522ba6ac2bde89c84bcd49bc116a432091a2938
> Reviewed-on: https://chromium-review.googlesource.com/990802
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52343}

CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_linux64_cfi_rel_ng

Bug: v8:7164
Change-Id: I683116e86685fb7295bb576e57ce85fed7445b3c
Reviewed-on: https://chromium-review.googlesource.com/1003692
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52562}
2018-04-12 08:44:39 +00:00
Clemens Hammacher
a05c7d51b1 [wasm] Fix data race on failed_ field
R=ahaas@chromium.org

Bug: chromium:831989, chromium:824681
Change-Id: I0a8b2cc9f80af5f954bd358c30a3c6d84b6adeae
Reviewed-on: https://chromium-review.googlesource.com/1009603
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52561}
2018-04-12 08:40:48 +00:00
Peter Marshall
c68f863d73 [typedarray] Fix ArrayBuffer creation for cross realm species
Fixes some failing test262 tests for a corner-case in the spec
where we need to use the buffer constructor from a different realm.

Bug: v8:7512
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I3f1334f6181eaaddf0326156139ac20a970c235b
Reviewed-on: https://chromium-review.googlesource.com/966223
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52560}
2018-04-12 08:33:43 +00:00
Sigurd Schneider
92af24008b [runtime] Fix function map index for Promise reject/resolve
Bug: chromium:829253
Change-Id: Ie9102adcecfe4f019ccf8b5e82e55509a416bfc3
Reviewed-on: https://chromium-review.googlesource.com/1007195
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52559}
2018-04-12 08:28:20 +00:00
Vlad Tsyrklevich
dab3d4ba24 [CFI] Disable cfi-icall checking for test helper
It's not possible to use GeneratedCode for this test because the called
stubs use the stdcall calling convention but GeneratedCode does not allow
specifying a custom calling convention.

BUG=v8:7164

Change-Id: Ic28c4313bb2b68103b94e4c1ae7c037a789edce2
Reviewed-on: https://chromium-review.googlesource.com/1008994
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52558}
2018-04-12 08:00:40 +00:00
Michael Achenbach
2f339ba0fc [build] Remove MB configs for deprecated dart.fyi bots
V8 part for https://crrev.com/c/1007058

NOTRY=true

Change-Id: I212eb12e83ea647af7d009747bf94baf3ab9febf
Reviewed-on: https://chromium-review.googlesource.com/1007238
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52557}
2018-04-12 06:26:17 +00:00
Jungshik Shin
98c0cd9f8f Use the base locale when getting the best match pattern
This is to fix an assertion failure in formatToParts when
Chinese calendar is specified with 'u-ca-chinese'.

See https://github.com/tc39/ecma402/issues/225 . This CL
is a temporary work-around to get v8 match the spec in terms
of the external behavior, but it's not taking the steps in
the spec, yet.

Moreover, the spec may have to be revised as to how to pick the best
match pattern when the default calendar for a locale is different from
the calendar specified via 'u-ca'. How to handle 'related year' part
also needs to be specified.

Bug: chromium:826549
Test: intl/date-format/format-with-extensions
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I1f9a2467e86e71e024bc9babe18f16e49746008e
Reviewed-on: https://chromium-review.googlesource.com/1006915
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jungshik Shin <jshin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52556}
2018-04-12 06:14:47 +00:00
Kim-Anh Tran
2b24df9929 [wasm] Fix Liftoff-prologue for tiering to correctly restore state
When using registers during the Liftoff-prologue, we need to make sure
that all reserved registers are correctly pushed to and restored
from stack.

Change-Id: Iac444448cfd99fca70a811cb941d0cf5979d638b
Reviewed-on: https://chromium-review.googlesource.com/1005754
Commit-Queue: Kim-Anh Tran <kimanh@google.com>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52555}
2018-04-12 06:01:17 +00:00
Junliang Yan
34f86aee33 PPC/s390: [debug] allow calls to some builtins on temporary objects
Port 077205be55

Original Commit Message:

    This CL allows SetPrototypeAdd and ArrayIteratorPrototypeNext
    to be called on temporary objects during side effect free evaluation.

R=kozyatinskiy@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I4f6d4e885c19a032723ea8fe39976780900ba922
Reviewed-on: https://chromium-review.googlesource.com/1008634
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#52554}
2018-04-12 03:50:26 +00:00
v8-autoroll
4a681e5f49 Update V8 DEPS.
Rolling v8/build: 73e352e..bf6af18

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/2c59f67..a227198

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I561d492911e3528b7fdf19fc24efa671eaa1245c
Reviewed-on: https://chromium-review.googlesource.com/1009283
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52553}
2018-04-12 03:31:05 +00:00
Alexei Filippov
1def6cd4a3 [cpu-profiler] Automatically create TracingCpuProfiler
Previously embedder had to create an instance of TracingCpuProfiler explicitly.
The patch makes the profiler created automatically for every isolate.
The profiler has no overhead unless tracing with v8.cpu_profiler category is enabled.

Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I9369c2c56bcddc72093eda33dc2bc185c9253b4a
Reviewed-on: https://chromium-review.googlesource.com/1006049
Commit-Queue: Alexei Filippov <alph@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52552}
2018-04-11 21:31:07 +00:00
Junliang Yan
c7393ac81c PPC/s390: interpreter: make interpreted frames distinguishable in the native stack
Port ada64b58bf

Original Commit Message:

    Before Turbofan/Ignition it was possible to use external profilers to
    sample running V8/Node.js processes and generate reports/FlameGraphs
    from that. It's still possible to do so, but non-optimized JavaScript
    functions appear in the stack as InterpreterEntryTrampoline. This commit
    adds a runtime flag which makes interpreted frames visible on the
    process' native stack as distinguishable functions, making the sampled
    data gathered by external profilers such as Linux perf and DTrace more
    useful.

R=matheus@sthima.com.br, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I0416b53c53248a5624061d0155712a3e2396c725
Reviewed-on: https://chromium-review.googlesource.com/1008045
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#52551}
2018-04-11 20:59:32 +00:00
Sigurd Schneider
638c950743 [turbofan] Fix context size in promise constructor
The promise constructor fast-path did allocate contexts that were
too large, resulting in GC overhead compared to the slow-path which
contributes to a performance regression we are currently dealing with.

Bug: chromium:829253
Change-Id: I82883358933df9ce5241bad53b85867455046cc1
Reviewed-on: https://chromium-review.googlesource.com/1007054
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52550}
2018-04-11 13:58:57 +00:00
Igor Sheludko
845aa75f6a [builtins] Remove unused LoadField builtin.
Bug: v8:7570
Change-Id: I8b15d6e9f4991d0a6884277a5d67090f24270fcc
Reviewed-on: https://chromium-review.googlesource.com/1005261
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52549}
2018-04-11 13:57:16 +00:00
Alexey Kozyatinskiy
077205be55 [debug] allow calls to some builtins on temporary objects
This CL allows SetPrototypeAdd and ArrayIteratorPrototypeNext
to be called on temporary objects during side effect free evaluation.

Bug: v8:7588
Change-Id: Id77848e48d98c243de91bc6c0fae5a0877e693d4
Reviewed-on: https://chromium-review.googlesource.com/998439
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52548}
2018-04-11 13:41:56 +00:00
Andreas Haas
e921be5c4f [wasm] Avoid checking for scheduled_exceptions in the wasm deserialization
ValueDeserializer::ReadWasmModule does not call API functions, therefore
there can be no scheduled_exceptions, and therefore we do not have to
translate scheduled_exceptions to pending_exceptions. On the contrary,
there can be pending_exceptions, which causes the call to
RETURN_EXCEPTION_IF_SCHEDULED_EXCEPTION to crash.

This CL fixes a crash in a layout test which was caused by another
CL (https://crrev.com/c/975547).

R=mstarzinger@chromium.org
CC=​binji@chromium.org

Change-Id: I3078a2a9a532b079b5a4ea604c2f3f777fa2e287
Reviewed-on: https://chromium-review.googlesource.com/1006794
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52547}
2018-04-11 13:32:26 +00:00
Hannes Payer
3e7b7ed24a [heap] Remove MemoryChunks from CodePageCollectionMemoryModificationScope set if they get freed.
Bug:chromium:831501
Change-Id: I82daa3dc1a6cc08cb63e42f4a54b69d28303ce0f

NOTREECHECKS=true

Change-Id: I82daa3dc1a6cc08cb63e42f4a54b69d28303ce0f
Reviewed-on: https://chromium-review.googlesource.com/1006755
Commit-Queue: Michael Hablich <hablich@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52546}
2018-04-11 11:54:17 +00:00
jgruber
8d3d738c41 [stubs] Remove unused MathPowStub parameters
All call sites passed nullptr as the isolate argument and DOUBLE as the
exponent type. Remove these unused arguments and related dead code.

Bug: v8:6666
Change-Id: Ie94d9b489f494b2a5c80f5cc3dc81013ed4f4414
Reviewed-on: https://chromium-review.googlesource.com/1006754
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52545}
2018-04-11 11:07:46 +00:00
Sigurd Schneider
bf2a7bde09 [deoptimizer] Disable test incompatible with deopt fuzzer
This test relies on allocation mementos remaining in place;
with the new forced GC in the deoptimizer, this test can't be
run with the deopt fuzzer on anymore.

Bug: v8:7644

Change-Id: I6271c00a7b6c4e90a5e190bac5debaafad03a0e3
Reviewed-on: https://chromium-review.googlesource.com/1004774
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52544}
2018-04-11 09:58:04 +00:00
Michael Starzinger
358f4454bb [liftoff] Fix stack layout on 32-bit architectures.
This improves the stack layout of {WasmCompiledFrame} frames built by
Liftoff so that the first spill slot immediately follows the frame
marker. We will rely on this in the future when we expect the first
spill slot to always hold a {WasmInstanceObject} reference.

R=clemensh@chromium.org

Change-Id: I2babe8a813af23f3b5bc139a2b0b334072625f7b
Reviewed-on: https://chromium-review.googlesource.com/1006615
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52543}
2018-04-11 09:53:23 +00:00
Clemens Hammacher
be1a231625 [wasm][interpreter] Check signature before getting code
On indirect function calls, if the corresponding table entry is empty,
we cannot call {GetCodeFromStartAddress}. In that case, the signature
check will fail anyway, so perform the signature check first, and only
get the code object if the check succeeds.

R=mstarzinger@chromium.org

Bug: chromium:831463
Change-Id: Iead949e4c12502b1a2a3949db2dabab4a184a1e7
Reviewed-on: https://chromium-review.googlesource.com/1005005
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52542}
2018-04-11 09:52:19 +00:00
Simon Zünd
3953955aab Extend the existing TypedArray.sort benchmark.
Benchmark now sorts every element type of TypedArray and groups the
benchmarks by integer and floating point types. Also adding a sort
benchmark that uses multiple custom compare functions.

R=petermarshall@chromium.org

Bug: v8:7624
Change-Id: Id0f44adf78398c99a17fe3edb6ee5d7fccc4d99b
Reviewed-on: https://chromium-review.googlesource.com/1000774
Commit-Queue: Simon Zünd <szuend@google.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52541}
2018-04-11 09:02:39 +00:00
Dan Elphick
f23e6e8839 [grokdump] Mark embedded builtins builds as non-shipping
Builds with and without embedded builtins (when combined with RO_SPACE
changes) results in different v8heapconst.py. So this marks embedded
builds as non-shipping. When embedded builtins becomes the default then
this non-embedded builds should be marked as non-shipping.

Bug: v8:7464
Change-Id: I8649183daf63ae9f54ed6207ed1104ecf33c89ff
Reviewed-on: https://chromium-review.googlesource.com/1005515
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52540}
2018-04-11 09:01:34 +00:00
Vlad Tsyrklevich
fc612a7102 [CFI] Expand blacklisted entries
Blacklist two functions that can call casted function pointers, there is
not an easy way to fix these failures yet.

BUG=v8:7164

Change-Id: I895ccb09359d38c95c1ff93e41c306ecb1ad57fc
Reviewed-on: https://chromium-review.googlesource.com/1003226
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52539}
2018-04-11 09:00:31 +00:00
Clemens Hammacher
4b88239533 Revert "[CFI] Refactor test use to use GeneratedCode"
This reverts commit e5a687be00.

Reason for revert: Crashes on GCC: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20gcc%204.8/builds/19002

Original change's description:
> [CFI] Refactor test use to use GeneratedCode
> 
> Replace direct call to generated code with call using GeneratedCode to
> match the rest of v8.
> 
> BUG=v8:7164
> 
> Change-Id: I3e45d3e7c45f06fc362a22217ee7f0f1b70745e2
> Reviewed-on: https://chromium-review.googlesource.com/1002534
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52536}

TBR=clemensh@chromium.org,vtsyrklevich@chromium.org

Change-Id: I684a93d20f104244e2b74ab79ddc7d6e3a1ecf3c
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7164
Reviewed-on: https://chromium-review.googlesource.com/1006614
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52538}
2018-04-11 08:49:25 +00:00
Simon Zünd
9018bb1af4 Add basic Array.p.sort benchmarks for the different element kinds.
The sort benchmarks are currently in their own directory, because we
might want to run them in isolation during the upcoming sort rework.

R=jgruber@chromium.org, petermarshall@chromium.org

Bug: v8:7382
Change-Id: Ic2e4e34d2838690529511d591099a66d0b908b0a
Reviewed-on: https://chromium-review.googlesource.com/1004997
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#52537}
2018-04-11 08:38:45 +00:00
Vlad Tsyrklevich
e5a687be00 [CFI] Refactor test use to use GeneratedCode
Replace direct call to generated code with call using GeneratedCode to
match the rest of v8.

BUG=v8:7164

Change-Id: I3e45d3e7c45f06fc362a22217ee7f0f1b70745e2
Reviewed-on: https://chromium-review.googlesource.com/1002534
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52536}
2018-04-11 08:30:05 +00:00
Michael Achenbach
75da03bc52 Whitespace change to test infra commit
TBR=santa
NOTREECHECKS=true

Change-Id: Icb7495de49d4cb4fd675d9d7c128a94aa5e8a443
Reviewed-on: https://chromium-review.googlesource.com/1006574
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52535}
2018-04-11 06:55:14 +00:00
v8-autoroll
d1b170bd72 Update V8 DEPS.
Rolling v8/build: c4de990..73e352e

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/1bae362..2c59f67

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I984a13dc91dddbf0ab6c79eca97395aaf6ad8c56
Reviewed-on: https://chromium-review.googlesource.com/1006097
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52534}
2018-04-11 03:40:52 +00:00
Matheus Marchini
ada64b58bf interpreter: make interpreted frames distinguishable in the native stack
Before Turbofan/Ignition it was possible to use external profilers to
sample running V8/Node.js processes and generate reports/FlameGraphs
from that. It's still possible to do so, but non-optimized JavaScript
functions appear in the stack as InterpreterEntryTrampoline. This commit
adds a runtime flag which makes interpreted frames visible on the
process' native stack as distinguishable functions, making the sampled
data gathered by external profilers such as Linux perf and DTrace more
useful.

R=bmeurer@google.com, franzih@google.com, jarin@google.com, yangguo@google.com

Bug: v8:7155
Change-Id: I3dc8876aa3cd9f1b9766624842a7cc354ccca415
Reviewed-on: https://chromium-review.googlesource.com/959081
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52533}
2018-04-10 19:33:55 +00:00
Alexei Filippov
4b0644f501 [profiler] Ensure the SafeStackFrameIterator progresses.
If it does not, the stack may be in an unconsistent state. Bailout if so.

BUG=chromium:828881

Change-Id: Ia66077d3846bf9a1d556a37fd8e0ca856f9d2464
Reviewed-on: https://chromium-review.googlesource.com/1002535
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Alexei Filippov <alph@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52532}
2018-04-10 18:48:15 +00:00
Clemens Hammacher
fb226a117a [wasm] Avoid transition from unhandlified to handlified
The ImportedFunctionEntry and IndirectFunctionTableEntry stored handles
internally, but were created from raw pointers. This is not allowed.
The two options to fix this are to either handlify the whole interface,
or do the opposite and use raw pointers everywhere. Since no current
user depends on a handlified interface, and both objects are being used
in performance critical code, this CL unhandlifies the interface and
adds a DisallowHeapAllocation scope to enforce that no GC happens while
any ImportedFunctionEntry or IndirectFunctionTableEntry is alive.

R=mstarzinger@chromium.org
CC=titzer@chromium.org

Change-Id: I098c2abcdd28c4b117272ac3ea0358ff2e56b36c
Reviewed-on: https://chromium-review.googlesource.com/1005075
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52531}
2018-04-10 18:42:55 +00:00
Erik Luo
4e2376b1cb [debug] whitelist Function, BigInt methods as side-effect-free
This whitelists Function-related builtins used by Blink callbacks at
the DOM wrapping stage, and other BigInt methods.

Bug: chromium:810176
Change-Id: If036114cd7f133f2c30247dff836698c2eb16a51
Reviewed-on: https://chromium-review.googlesource.com/1004000
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Erik Luo <luoe@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52530}
2018-04-10 17:15:25 +00:00
Junliang Yan
20a427f6a5 PPC/s390: fix compilation error
R=joransiu@ca.ibm.com

Change-Id: I995c7ea23899a00a92b350cbd1878c41d56760c2
Reviewed-on: https://chromium-review.googlesource.com/1005279
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#52529}
2018-04-10 17:11:15 +00:00
Sigurd Schneider
79b5f0b560 [mjsunit] Fix flakyness in mjsunittest
This mjsunittest assumed specific internal types (i.e. Smi)
for certain fields; it generates some dozens of variants of
the test using new Function, but used the same property names
in all of them. This causes V8 to sometimes learn more general
types for fields (i.e. unboxed double), which the test did not
expect. This commit uses unique field names for each of the test
variants.


Change-Id: Ib1ecb3ae33a57c8a1293a29a2233dad4e16a39fb
Reviewed-on: https://chromium-review.googlesource.com/1004897
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52528}
2018-04-10 16:50:45 +00:00
Michael Starzinger
f590c153e2 [frames] Turn all frame constants into {constexpr}.
This is in preparation of using some of these constants to compute
values for the Liftoff assembler that are themselves constexpr.

R=clemensh@chromium.org

Change-Id: I573ef4ca164e0107968e482996963fde9a3960b0
Reviewed-on: https://chromium-review.googlesource.com/1005056
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52527}
2018-04-10 16:11:13 +00:00
Ben L. Titzer
ff64dfa092 [wasm] Improve patching behavior for lazy compilation
This CL fixes the pathological O(n^2) patching behavior that
was introduced when simplifying the wasm instance/context data
structures. It introduces a per-instance reverse mapping of
function indexes to where they appear in import and indirect
function tables. The mapping is created lazily and rebuild in
response to too many failed lookups, which makes it robust
to table mutations in the future.

This CL also fixes a bug where the anonymous lazy compile stub
was not being used for direct calls, confusing the indirect
call patching mechanism.

R=clemensh@chromium.org,mstarzinger@chromium.org

Bug: v8:7424, chromium:830558
Change-Id: Ice0212593b31eb64687a3d52bd238020682a857f
Reviewed-on: https://chromium-review.googlesource.com/1004294
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52526}
2018-04-10 14:32:32 +00:00
Clemens Hammacher
3c2a693324 [cleanup] Remove redundant ROUND_UP macro
Replace all uses by the existing RoundUp function.

R=ulan@chromium.org

Bug: v8:7570
Change-Id: I7ff5e76ebea7b429ff4e4f3a8157ee831e7891ae
Reviewed-on: https://chromium-review.googlesource.com/1004898
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52525}
2018-04-10 14:15:00 +00:00
Ulan Degenbaev
2e8a98721c [heap] Make OutOfMemoryIneffectiveGC test more robust (the second try).
Change-Id: Ic10f599b6bb1c258082db61494a4e5c73220b00f
Reviewed-on: https://chromium-review.googlesource.com/1005255
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52524}
2018-04-10 14:07:31 +00:00
Igor Sheludko
b590d6a40c [runtime] Temporarily disable double fields unboxing.
... to see if it improves things in real-world area.

Change-Id: Icf6a1ff47f35eb3f7e25b549d736f7404148f6ab
Reviewed-on: https://chromium-review.googlesource.com/1004587
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52523}
2018-04-10 13:50:37 +00:00
Sigurd Schneider
543f2de418 [frames] Add context slot for builtin continuations
This CL adds a context slot to builtin continuation frames which
stores the context, even for stub continuations. This context slot
is used in NotifyDeoptimized to provide the JavaScript context.

Bug: v8:7639
Change-Id: Ibdfe24141a759cda6d319db0933bea57919dc171
Reviewed-on: https://chromium-review.googlesource.com/1002776
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52522}
2018-04-10 13:32:17 +00:00
Daniel Clifford
4eebf032e0 Add missing CSA routines in preparation for Torque
Change-Id: I170f47ee1c1e7e1a1296d5e5fc7fd1e2ab28a2f7
Reviewed-on: https://chromium-review.googlesource.com/1005076
Commit-Queue: Daniel Clifford <danno@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52521}
2018-04-10 13:08:23 +00:00
peterwmwong
b4cf629812 [js-perf-test] Add benchmark for String.prototype.matchAll
Bug: v8:6890
Change-Id: I0778aee65985852950c48b519baeb7fe6d81f8eb
Reviewed-on: https://chromium-review.googlesource.com/998394
Commit-Queue: Peter Wong <peter.wm.wong@gmail.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52520}
2018-04-10 12:47:33 +00:00
Marja Hölttä
3d222e13be [in-place weak refs] Fix weak slots in new space.
New space objects which die after scavenging might contain weak references.
IncrementalMarking::UpdateWeakReferencesAfterScavenge must drop the
corresponding slot.

This bug didn't surface before, since all weak slots are in the old space (but
this will change soon).

BUG=v8:7308

Change-Id: Ib1e507d4207e35547240dc0867ec7787b3f3103e
Reviewed-on: https://chromium-review.googlesource.com/1005000
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52519}
2018-04-10 11:50:33 +00:00
Jaroslav Sevcik
963062fb73 [turbofan] Re-enable stack pointer poisoning.
This re-enables stack pointer poisoning with untrusted code mitigations.

Bug: chromium:798964
Change-Id: I68b60641efefccbf0c4fd81c54809777feabc4be
Reviewed-on: https://chromium-review.googlesource.com/1002563
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52518}
2018-04-10 11:42:43 +00:00
Daniel Clifford
297c0b7521 Removed unused antlr4 files
Change-Id: Ic1f222e726694ffc5afe158ae1839ce9c55ec6d5
Reviewed-on: https://chromium-review.googlesource.com/1004996
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52517}
2018-04-10 11:40:44 +00:00
v8-autoroll
36d0336e66 Update V8 DEPS.
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/b5c70ce..1bae362

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I963fd7e0240434546b1cc5620741f850b85ece23
Reviewed-on: https://chromium-review.googlesource.com/1004914
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52516}
2018-04-10 10:26:51 +00:00
Jakob Gruber
affbe85e92 Revert "[runtime] Do some more StringTable shrinking"
This reverts commit 6823c0a496.

Reason for revert: https://crbug.com/830499

Original change's description:
> [runtime] Do some more StringTable shrinking
> 
> This CL further lowers the kMaxEmptyFactor constant to more aggressively shrink
> the StringTable when it's empty.
> 
> Bug: v8:5443, chromium:818642
> Change-Id: I1c263a0afd7e6bed8a8bb857db032bf126c3ef4b
> Reviewed-on: https://chromium-review.googlesource.com/995473
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Camillo Bruni <cbruni@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52401}

TBR=mlippautz@chromium.org,cbruni@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: v8:5443, chromium:818642
Change-Id: Ibd009fe1e9fcd0b36f168ad425e1eb5e663a1ca8
Reviewed-on: https://chromium-review.googlesource.com/1004456
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52515}
2018-04-10 10:18:21 +00:00
Daniel Clifford
0aa4ec27cd Add antlr4 runtime library to support Torque
Separating from main mega-CL for Torque to make landing it more
manageable.

Change-Id: Ic2cf2f5bff62613cb25cddd065479c85cfd9dd6c
Reviewed-on: https://chromium-review.googlesource.com/963704
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52514}
2018-04-10 10:01:01 +00:00
Jakob Gruber
1e928e9069 Revert "Add boolean runtime checks for different element kinds."
This reverts commit 29308cf0e5.

Reason for revert: Use existing runtime functions instead

Original change's description:
> Add boolean runtime checks for different element kinds.
> 
> This will be used for Array.p.sort benchmarks to ensure that the
> arrays will have the correct element kind.
> 
> R=​cbruni@chromium.org, jgruber@chromium.org
> 
> Bug: v8:7382
> Change-Id: I4fe58d97d7f18fd193d4432964cf6b4f5335e0e7
> Reviewed-on: https://chromium-review.googlesource.com/1004754
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52511}

TBR=cbruni@chromium.org,jgruber@chromium.org,szuend@google.com

Change-Id: I45742879d3637470752335772f294d7e8ff3ce35
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7382
Reviewed-on: https://chromium-review.googlesource.com/1004589
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52513}
2018-04-10 09:54:12 +00:00