Commit Graph

56909 Commits

Author SHA1 Message Date
Maciej Goszczycki
8e53e4b2e3 [cleanup][heap] Improve heap iterator naming
Rename LargeObjectIterator to LargeObjectSpaceObjectIterator.
Rename SemiSpaceIterator to SemiSpaceObjectIterator.
Rename CombinedHeapIterator to CombinedHeapObjectIterator.
Rename ReadOnlyHeapIterator to ReadOnlyHeapObjectIterator.
Rename HeapIterator to HeapObjectIterator.
Rename HeapObjectIterator to PagedSpaceObjectIterator.
Rename PagedSpaces to PagedSpaceIterator.

Bug: v8:9183
Change-Id: If4bd65d81e50bb45d207a897baaca8b723e4f10b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1645914
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Cr-Commit-Position: refs/heads/master@{#62217}
2019-06-17 14:38:02 +00:00
Mythri A
9b77a149a6 [test] Add %PrepareFunctionForOptimize in mjsunit tests
Bug: v8:8801, v8:8394, v8:9183
Change-Id: Ic31f97a1b591317a004dc52c8eee777dd6353487
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1662299
Commit-Queue: Mythri Alle <mythria@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Auto-Submit: Mythri Alle <mythria@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62216}
2019-06-17 14:13:02 +00:00
Mike Stanton
0c5479df6d [Turbofan] Make JSCallReducer::ReducePromiseConstructor concurrent
The only piece missing at this point was to serialize the code
objects for the resolve and reject handlers.

Bug: v8:7790
Change-Id: If636f9d74dfc9606cf5f45c4f02dd118fb5d8f00
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1662295
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62215}
2019-06-17 14:05:02 +00:00
Ross McIlroy
994db73210 [cleanup] Add missing %PrepareFunctionForOptimize in mjsunit tests
Bug: v8:8801,v8:8394,v8:9183
Change-Id: I55027b3ba0c78f40d82aaf2d160aaf957d02cab5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1662292
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62214}
2019-06-17 13:14:51 +00:00
Dan Elphick
df202cfe7e [codegen] Default to inlining off-heap builtin trampolines
Previously only AssemblerOptions created by AssemblerOptions::Default()
could have inline_offheap_trampolines set to true.

This fixes OutOfLineTruncateDoubleToI from generating calls via the
DoubleToI trampoline.

Bug: v8:9338
Change-Id: Ia4638cd185e9041c7c69996783d0ce5600e9723a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1662288
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62213}
2019-06-17 12:55:39 +00:00
Michael Achenbach
d4191cdc9a [foozzie] Reduce no-ic experiment until bugs are fixed
We have too many dupes in the no-ic comparisons. We'll increase the
experiment size again once bugs are fixed.

TBR=jarin@chromium.org
NOTRY=true

Bug: chromium:961709
Change-Id: Ic946100b45fd73e1bee59f188a766384836bcdcf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660624
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62212}
2019-06-17 12:17:39 +00:00
Sigurd Schneider
81fc0c462e Revert "[arm64] Refactor constant pool implementation"
This reverts commit ac79b539ec.

Reason for revert: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim/18611

Original change's description:
> [arm64] Refactor constant pool implementation
> 
> This refactors the constant pool handling for arm64. The immediate goal
> is to allow 32bit compressed pointers in the pool. The mediate goal is
> to unify the implementation with the arm constant pool, which will be
> done in a follow-up CL.
> 
> Bug: v8:8054
> Change-Id: I74db4245e5e1025f2e4de4144090fa4ce25883ab
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1645316
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62209}

TBR=mstarzinger@chromium.org,sigurds@chromium.org,jgruber@chromium.org,georgia.kouveli@arm.com

Change-Id: Iff03e81a2e70d125ef2c06b6ff3aff8d0e3688ef
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8054
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1662293
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62211}
2019-06-17 11:50:13 +00:00
Michael Starzinger
f066d764cc [wasm] Support {WebAssembly.Function} in tables.
This adds preliminary support for storing constructed WebAssembly
functions in tables. Note that for now only tables at index #0 are
supported, extending it to other tables indexes will be done as a
follow-up.

R=ahaas@chromium.org
TEST=mjsunit/wasm/type-reflection
BUG=v8:7742

Change-Id: I9aa07813e07f0ceb4eafe37af412b45c7d235722
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1640209
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62210}
2019-06-17 11:07:19 +00:00
Sigurd Schneider
ac79b539ec [arm64] Refactor constant pool implementation
This refactors the constant pool handling for arm64. The immediate goal
is to allow 32bit compressed pointers in the pool. The mediate goal is
to unify the implementation with the arm constant pool, which will be
done in a follow-up CL.

Bug: v8:8054
Change-Id: I74db4245e5e1025f2e4de4144090fa4ce25883ab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1645316
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62209}
2019-06-17 10:53:39 +00:00
Mike Stanton
c5b9eda7ca [Turbofan] Brokerize more promise reductions in JSCallReducer
The functions

 * JSCallReducer::ReducePromisePrototypeThen
 * JSCallReducer::ReducePromisePrototypeFinally
 * JSCallReducer::ReducePromisePrototypeCatch

need the prototype for all receiver maps to be serialized in order
to take effect. We can do this by processing our receiver hints
when processing a builtin call in the serializer.

Bug: v8:7790
Change-Id: I3d9144924cf6926cfcd93b60ac703cfba2d3d93a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660623
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62208}
2019-06-17 10:44:09 +00:00
Jakob Gruber
45a751a187 [regexp] Fix up includes for noi18n builds
The breaking change was
https://chromium-review.googlesource.com/c/v8/v8/+/1658157

Bug: v8:9359
Change-Id: I6fa956631a8e475123cf6f8f44e66f2c499d47b7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660627
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62207}
2019-06-17 10:42:29 +00:00
Thibaud Michaud
ac9a9bd70e [cleanup] Transfer ownership for compilation jobs
Make NewCompilationJob methods return a unique_ptr to explicitly
transfer ownership.

R=mstarzinger@chromium.org

Bug: v8:9183
Change-Id: I1cc6614cc1941b1b27489443a3c330cf6e88f089
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660474
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62206}
2019-06-17 10:23:04 +00:00
Thibaud Michaud
f45c25f785 [cleanup] Remove dead code
R=mstarzinger@chromium.org

Bug: v8:9183
Change-Id: Id64bffd899afe1389748a0cd3527e41d1e028bad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660472
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62205}
2019-06-17 10:21:59 +00:00
Toon Verwaest
2a2994080f [cleanup] Remove forward declaration for dead ContextSlotCache
Change-Id: Iacfa08afd809f5edba8e5e4e45ebe6e9c87b9814
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660625
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Auto-Submit: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62204}
2019-06-17 10:14:30 +00:00
Andreas Haas
0403003beb [wasm] Refactor {unreachable} validation
In the existing code, whenever unreachable control instructions needed
values from the stack which were not available, values of type kWasmVar
were put on the stack. When these values were type-checked the first
time, the expected type was assigned to them for later validation. This
behavior has several draw-backs:
* In an unobservable way, this implementation does not match the
  requirements of the spec. With the anyref proposal, this difference
  becomes observable.
* Type checking functions were not read-only anymore, because if
  unreachable code was validated, the stack got manipulated in these
  functions.

With the refactoring, I pulled out the handling of unreachable code
out of the type checking functions. These checking functions can be
validation-only functions.

For type checking unreachable code, I start by popping values of the
expected types off the stack. Thereby all available values on the stack
get type-checked. Afterwards, I push all values again on the stack with
the expected type if needed. This allows to continue the expected type
checking for later instructions.

R=clemensh@chromium.org

Bug: v8:7581
Change-Id: Ib98e70a44bf9780626d4aa8a3e5fe8c2f230b787
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1645328
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62203}
2019-06-17 09:41:43 +00:00
Georg Schmid
9681601bb8 Reland "[csa] Tweak CSA pipeline to eliminate more redundant checks"
This is a reland of a66e3e5744

Original change's description:
> [csa] Tweak CSA pipeline to eliminate more redundant checks
>
> - Lower LoadObjectField to LoadFromObject
> - Mark LoadFromObject and StoreToObject as non-allocating
> - Use optimizable BitcastTaggedSignedToWord in TaggedIsNotSmi check
>
> R=jarin@chromium.org, tebbi@chromium.org
>
> Change-Id: I42992d46597be795aee3702018f7efd93fcc6ebf
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1657926
> Commit-Queue: Georg Schmid <gsps@google.com>
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62173}

R=tebbi@chromium.org

Change-Id: Id7ae13ba17a2083fd4109f34ce026030716ececb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660622
Commit-Queue: Georg Schmid <gsps@google.com>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62202}
2019-06-17 09:40:29 +00:00
Jakob Gruber
c51e4f3c66 [regexp] Rewrite certain Assertion sequences
RegExp assertions (e.g.: '^', '$', '\b', ...) sequences have certain
properties that this rewriter exploits:

1. They are zero-width and order-independent, thus one can remove all
duplicate assertions.
2. If a subsequence is guaranteed to fail, the entire sequence fails.
Any sequence always known to fail (e.g. containing both '\b' and '\B')
can be rewritten to a single node that triggers failure.

This CL generalizes the previous optimization for repeated assertions
to be order-independent, i.e. assertions only have to be in the same
sequence but not next to each other.

Bug: v8:6515, v8:6126
Change-Id: I3f92f081ce8a55ad8c34c269a09a6686e3b008f3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1657925
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62201}
2019-06-17 09:21:58 +00:00
Jakob Kummerow
6b1b510553 [wasm-c-api] Un-.gitignore third_party/wasm-api/
Drive-by cleanup: alpha-sort entries in .gitignore

NOTRY=true

Change-Id: I14cd97d256a3bc370daad5f64e389d1efb7d50ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660613
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62200}
2019-06-17 08:52:37 +00:00
Yu Yin
212c962fee [mips][builtins] Make ContinueToBuiltinHelper skip off-heap builtin trampolines
Port 7b48dd55 https://crrev.com/c/1648155

Original Commit Message:

    This changes Generate_ContinueToBuiltinHelper to generate code to load
    the builtin address directly from the builtins table rather than going
    via the executable code in the trampoline's code object.

    The set up for Generate_ContinueToBuiltinHelper is changed so that the
    builtin index is stored on the stack in place of the builtin Code
    object which is no longer needed.

Change-Id: I1c8a5a18ac998b16d84556f08637b32d758f44da
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1659992
Commit-Queue: Dan Elphick <delphick@chromium.org>
Auto-Submit: Yu Yin <xwafish@gmail.com>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62199}
2019-06-17 08:47:17 +00:00
Jakob Gruber
def9aa5d0a [regexp] Extract more parts of the regexp compiler
Bug: v8:9359
Change-Id: I06a4ccc53abff25237a1113774a0b17bdf861c86
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1658157
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62198}
2019-06-17 08:25:08 +00:00
v8-ci-autoroll-builder
dbfe54b12b Update V8 DEPS.
Rolling v8/build: fc6c021..8ef7aaa

Rolling v8/buildtools: 9c81a61..6ae683b

Rolling v8/buildtools/linux64: git_revision:81ee1967d3fcbc829bac1c005c3da59739c88df9..git_revision:8c7f49102234f4f4b9349dcb258554675475e596

Rolling v8/third_party/instrumented_libraries: a959e4f..523c0fd

TBR=machenbach@chromium.org,sergiyb@chromium.org,tmrts@chromium.org

Change-Id: Iec7e2e610ed51abd1fc79835737bc0f1baa80be6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1661694
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#62197}
2019-06-17 03:31:42 +00:00
v8-ci-autoroll-builder
aad6df1dc4 Update V8 DEPS.
Rolling v8/build: 7498eac..fc6c021

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/000fc63..2e4b470

Rolling v8/tools/clang: f72f02b..96bccf1

TBR=machenbach@chromium.org,sergiyb@chromium.org,tmrts@chromium.org

Change-Id: Ic6497154440ff7d830ed17b542ed86b4f8d94e72
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1661855
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62196}
2019-06-16 20:07:32 +00:00
v8-ci-autoroll-builder
9764d98da6 Update V8 DEPS.
Rolling v8/build: be4d13b..7498eac

Rolling v8/buildtools: 8756a42..9c81a61

Rolling v8/buildtools/third_party/libc++/trunk: ad46488..5938e05

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/e502dbc..000fc63

Rolling v8/tools/clang: 539db7d..f72f02b

TBR=machenbach@chromium.org,sergiyb@chromium.org,tmrts@chromium.org

Change-Id: I03cc05994c0671fc0a98a65dc0467e09ebe86135
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1661335
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62195}
2019-06-15 08:07:40 +00:00
Johannes Henkel
673480f16a [DevTools] Roll inspector_protocol (V8)
New revision: 83b1154a9661d22bba9a368d368214cc20880419

This updates the usages of the protocol types to the new
definitions, using std::vector-based implementations
of protocol::Array.

Change-Id: Ibb095862fed7db23f1a0b4b5b726bddbe1e2585e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1654091
Commit-Queue: Johannes Henkel <johannes@chromium.org>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62194}
2019-06-15 01:33:50 +00:00
Igor Sheludko
c5391e9dde [ic][ptr-compr] Fix CloneObjectIC for pointer compression mode
Bug: chromium:973045, v8:7611, v8:9114, v8:9183, v8:9343
Tbr: verwaest@chromium.org,tebbi@chromium.org
Change-Id: I08b509368972956d1c7aedf53884d2590e4cfa27
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660619
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62193}
2019-06-14 18:56:02 +00:00
Ross McIlroy
d7a8170d2d [cleanup] Add missing %PrepareFunctionForOptimize in mjsunit tests
Bug: v8:8801,v8:8394,v8:9183
Change-Id: If482c6a14f389d54c6ca3891aa7b8475f7a1fce1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660617
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62192}
2019-06-14 17:03:41 +00:00
Mike Stanton
9b5635ee41 [Turbofan] Serialize prototypes for PromisePrototypeThen
In the JSCallReducer, we need to serialize prototypes of receiver
maps in order to verify that they are the promise prototype.

Bug: v8:7790
Change-Id: Ie9817e531b7faaa3f11dae61a120b46ef5c49847
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660487
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62191}
2019-06-14 16:47:31 +00:00
Mythri A
802f3e23eb [runtime] Move the check in %OptimizeFunctionOnNextCall to a later point
Bug: v8:8394, v8:9183, v8:8803
Change-Id: Icd52eaaae28f605b14c0e63d3aca18541e3c8f6e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660616
Commit-Queue: Mythri Alle <mythria@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62190}
2019-06-14 16:20:42 +00:00
Mythri A
8cbbc2e809 [cleanup] Add missing %PrepareFunctionForOptimize in mjsunit tests
Bug: v8:8801,v8:8394,v8:9183
Change-Id: I88c0268b30d4b927f9856db7a3b054b74baf1923
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660608
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62189}
2019-06-14 15:54:35 +00:00
Igor Sheludko
63a9919af3 [ptr-compr][cleanup] Remove [Compressed]MapWordSlot
... since decompression customization for MapWord is already
handled by HeapObject::MapField.

Bug: v8:9353, v8:9183
Change-Id: I009cdbbf8fc7e72029e1b9be54a0f0b73050e738
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660475
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62188}
2019-06-14 15:37:23 +00:00
Milad Farazmand
f186c66fb3 PPC/s390: [builtins] Make ContinueToBuiltinHelper skip off-heap builtin trampolines
Port 7b48dd55e1

Original Commit Message:

    This changes Generate_ContinueToBuiltinHelper to generate code to load
    the builtin address directly from the builtins table rather than going
    via the executable code in the trampoline's code object.

    The set up for Generate_ContinueToBuiltinHelper is changed so that the
    builtin index is stored on the stack in place of the builtin Code
    object which is no longer needed.

R=delphick@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: Ie696468685517333515bf4b0b78fdd7d8c4e7763
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660628
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#62187}
2019-06-14 14:56:33 +00:00
Sigurd Schneider
9bb5bd2abf Reland "[cleanup] Add operator parameter accessor for S8x16Shuffle"
This is a reland of 7e7c1b10d5

Original change's description:
> [cleanup] Add operator parameter accessor for S8x16Shuffle
>
> Bug: v8:7517, v8:9183
> Change-Id: Ic9beade6893b81aaa77f9c634cbeb7444260907b
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/973375
> Auto-Submit: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62177}

TBR=tebbi@chromium.org

Bug: v8:7517, v8:9183
Change-Id: Ia72d73416b2d6b8e7e2fba97cfce39e4ab387a08
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660610
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62186}
2019-06-14 14:27:13 +00:00
Daniel Vogelheim
b9342b7b5f Allow embedder to block or modify eval arguments.
This extends the existing Isolate::SetAllowCodeGenerationFromStringsCallback
mechanism, by adding SetModifyCodeGenerationFromStringCallback, which
can also modify the eval argument (it could e.g. add escaping).

Bug: chromium:940927
Change-Id: I2b72ec2e3b77a5a33f428a0db5cef3f9f8ed6ba2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593336
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62185}
2019-06-14 14:10:28 +00:00
Igor Sheludko
bc8106dceb [ptr-compr][cleanup] Introduce TaggedField<T, kOffset> template
It will allow us to use knowledge about the type of field during value
decompression upon field read.

Use the new class for HeapObject::MapField.

Bug: v8:9353
Change-Id: I1368426ec2e25fcec3af8d5cccd7a78d80423e72
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1658150
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62184}
2019-06-14 14:06:58 +00:00
Thibaud Michaud
490c41993b [cleanup] Add PrepareFunctionForOptimization
R=mythria@chromium.org

Bug: v8:9183
Change-Id: I3913ce4bb69895994a0e397f0f96c83813668ea4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660480
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62183}
2019-06-14 14:03:18 +00:00
Tobias Tebbi
bd0b0ce8e9 Reland "[torque] introduce separate implicit parameters for JavaScript calling convention"
This is a reland of 6eff6cc9f0

Original change's description:
> [torque] introduce separate implicit parameters for JavaScript calling convention
>
> Implicit parameters for builtins with JavaScript linkage are now separate, using
> the keyword "js-implicit". They have to be one of:
> - context: Context
> - receiver: Object (this in JS)
> - target: JSFunction (arguments.callee in JS)
> - newTarget: Object (new.target in JS)
>
> Bug: v8:9120 v8:7793
>
> Change-Id: I916f60971bb53d5046b6006725d0ce39291ca55e
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1658159
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Reviewed-by: Simon Zünd <szuend@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62174}

TBR=tmrts@chromium.org

Bug: v8:9120 v8:7793
Change-Id: Idb25d316d9d87e345ab74c2df583ff2648da012c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660483
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62182}
2019-06-14 14:02:13 +00:00
Ross McIlroy
ac7c82f905 [cleanup] Add %PrepareForOptimization to some more mjsunit tests.
Bug: v8:8801,v8:8394,v8:9183
Change-Id: If6a4f39991f222337f1c49bd0439e9669d89b030
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660486
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62181}
2019-06-14 13:55:11 +00:00
Sigurd Schneider
52a4e49c2b Revert "[cleanup] Add operator parameter accessor for S8x16Shuffle"
This reverts commit 7e7c1b10d5.

Reason for revert: https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket.appspot.com/8910673611629290864/+/steps/OptimizeForSize/0/logs/RunWasm_S16x4Reverse_simd_lowered/0
Original change's description:
> [cleanup] Add operator parameter accessor for S8x16Shuffle
> 
> Bug: v8:7517, v8:9183
> Change-Id: Ic9beade6893b81aaa77f9c634cbeb7444260907b
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/973375
> Auto-Submit: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62177}

TBR=sigurds@chromium.org,tebbi@chromium.org

Change-Id: Ic26376c9fe28e7e74cbdb1fa9ec2f7627d2adeee
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7517, v8:9183
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660609
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62180}
2019-06-14 13:10:00 +00:00
Yang Guo
64daad8e7b Revert "[csa] Tweak CSA pipeline to eliminate more redundant checks"
This reverts commit a66e3e5744.

Reason for revert: Likely to have caused UBSAN issues: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20UBSan/6671

Original change's description:
> [csa] Tweak CSA pipeline to eliminate more redundant checks
> 
> - Lower LoadObjectField to LoadFromObject
> - Mark LoadFromObject and StoreToObject as non-allocating
> - Use optimizable BitcastTaggedSignedToWord in TaggedIsNotSmi check
> 
> R=​jarin@chromium.org, tebbi@chromium.org
> 
> Change-Id: I42992d46597be795aee3702018f7efd93fcc6ebf
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1657926
> Commit-Queue: Georg Schmid <gsps@google.com>
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62173}

TBR=jarin@chromium.org,tebbi@chromium.org,gsps@google.com

Change-Id: I0a1c0515a8a61d32f77a392f1efc0751b6aae2a1
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660485
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62179}
2019-06-14 12:44:23 +00:00
Ross McIlroy
ab99a74ce8 [cleanup] Add %PrepareForOptimization to some more mjsunit tests.
Bug=v8:8801,v8:8394,v8:9183

Change-Id: I5bd3505938a49dab0299f1d1d022e8a31cc806c5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660479
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62178}
2019-06-14 12:37:18 +00:00
Sigurd Schneider
7e7c1b10d5 [cleanup] Add operator parameter accessor for S8x16Shuffle
Bug: v8:7517, v8:9183
Change-Id: Ic9beade6893b81aaa77f9c634cbeb7444260907b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/973375
Auto-Submit: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62177}
2019-06-14 12:34:53 +00:00
Sergiy Belozorov
1de4631ef4 [tools] Add support for --confidence-level flag to tools/try_perf.py
See example v8_linux64_perf_try(_triggered) builds on this CL triggered using
the following command lines:

  python tools/try_perf.py --linux64 --confidence-level 1 compile
  python tools/try_perf.py --linux64 --confidence-level 1 arewefastyet
  python tools/try_perf.py --linux64 --confidence-level 3 arewefastyet

This also fixes running tools/run_perf.py --help and adds logging for the
current confidence level, which allows users to monitor progress. Example runs:

  https://chrome-swarming.appspot.com/task?id=456e4d6e743cc510 (Compile)
  https://chrome-swarming.appspot.com/task?id=456e5145615aa510 (JetStream)
  https://chrome-swarming.appspot.com/task?id=456e53eeb9104410 (JSBench)
  https://chrome-swarming.appspot.com/task?id=456e541e0e13bc10 (AreWeFastYet)

Finally, this adds support for fractional confidence levels. Example runs:

  https://chrome-swarming.appspot.com/task?id=456e5970e6f24410 (AreWeFastYet)
  https://chrome-swarming.appspot.com/task?id=456e5a8f3f407c10 (Compile)

R=tmrts@chromium.org, machenbach@chromium.org

Bug: chromium:880724
Change-Id: I725a83060c0bdd3ef08a7f0e4df843611c712d37
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660471
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62176}
2019-06-14 12:33:49 +00:00
Yang Guo
4fb050565a Revert "[torque] introduce separate implicit parameters for JavaScript calling convention"
This reverts commit 6eff6cc9f0.

Reason for revert: Presubmit failure.

Original change's description:
> [torque] introduce separate implicit parameters for JavaScript calling convention
> 
> Implicit parameters for builtins with JavaScript linkage are now separate, using
> the keyword "js-implicit". They have to be one of:
> - context: Context
> - receiver: Object (this in JS)
> - target: JSFunction (arguments.callee in JS)
> - newTarget: Object (new.target in JS)
> 
> Bug: v8:9120 v8:7793
> 
> Change-Id: I916f60971bb53d5046b6006725d0ce39291ca55e
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1658159
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Reviewed-by: Simon Zünd <szuend@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62174}

TBR=sigurds@chromium.org,tebbi@chromium.org,tmrts@chromium.org,szuend@chromium.org

Change-Id: Ide206788745bd15677bd60fe32d2476321967069
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9120 v8:7793
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660482
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62175}
2019-06-14 12:15:49 +00:00
Tobias Tebbi
6eff6cc9f0 [torque] introduce separate implicit parameters for JavaScript calling convention
Implicit parameters for builtins with JavaScript linkage are now separate, using
the keyword "js-implicit". They have to be one of:
- context: Context
- receiver: Object (this in JS)
- target: JSFunction (arguments.callee in JS)
- newTarget: Object (new.target in JS)

Bug: v8:9120 v8:7793

Change-Id: I916f60971bb53d5046b6006725d0ce39291ca55e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1658159
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62174}
2019-06-14 12:02:58 +00:00
Georg Schmid
a66e3e5744 [csa] Tweak CSA pipeline to eliminate more redundant checks
- Lower LoadObjectField to LoadFromObject
- Mark LoadFromObject and StoreToObject as non-allocating
- Use optimizable BitcastTaggedSignedToWord in TaggedIsNotSmi check

R=jarin@chromium.org, tebbi@chromium.org

Change-Id: I42992d46597be795aee3702018f7efd93fcc6ebf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1657926
Commit-Queue: Georg Schmid <gsps@google.com>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62173}
2019-06-14 11:38:48 +00:00
Ross McIlroy
eab992fd40 [cleanup] Add %PrepareForOptimization to some more mjsunit tests.
Bug=v8:8801,v8:8394,v8:9183

Change-Id: I9d88d2aa2b261b0f8df83dd6075b68cbc626161f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660476
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62172}
2019-06-14 11:34:28 +00:00
Simon Zünd
f16f0bccad [stack-trace] Change column number for wasm frames to module offset
The CL https://crrev.com/c/1646846 changed column numbers for Wasm
frames in Error.stack traces. Instead of using the offset relative to
the beginning of the function, the absolute offset inside the module
is displayed as hex.

This CL propagates that change to the StackTrace C++ API, so
StackFrame::GetColumn() also returns the absolute offset. Note that the
StackFrame API historically uses "0" to signal "no information", so the
line and column numbers for Wasm frames are also adjusted to 1-based,
even though they signify function index and absolute offset
into the module.

This CL does not touch Script::PositionInfo.column. That field still
contains the offset relative to the function start.

Bug: v8:8742
Change-Id: If4fd37fa681c7ebd0823ce0d95eccc1335c35272
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1655300
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62171}
2019-06-14 11:33:18 +00:00
Dan Elphick
7b48dd55e1 [builtins] Make ContinueToBuiltinHelper skip off-heap builtin trampolines
This changes Generate_ContinueToBuiltinHelper to generate code to load
the builtin address directly from the builtins table rather than going
via the executable code in the trampoline's code object.

The set up for Generate_ContinueToBuiltinHelper is changed so that the
builtin index is stored on the stack in place of the builtin Code
object which is no longer needed.

Bug: v8:9338
Change-Id: I83f66af99fb27f131fc39ff426fdca4b1d674b70
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1648155
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62170}
2019-06-14 11:24:58 +00:00
Andreas Haas
76d33a174e [cleanup] Add PrepareFunctionForOptimization to regression tests(2)
R=mythria@chromium.org

Bug: v8:9183
Change-Id: Ia534816b460eaf005a0017afeb2d55ccb3402a37
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660473
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62169}
2019-06-14 10:56:48 +00:00
Andreas Haas
054af8477c [cleanup] Add PrepareFunctionForOptimization to regression tests
R=mythria@chromium.org

Bug: v8:9183
Change-Id: Id7c29452ef6d643b59eb3252df188bf288e2de23
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660469
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62168}
2019-06-14 09:59:20 +00:00