Commit Graph

41233 Commits

Author SHA1 Message Date
Karl Schimpf
ec8a587307 Make wasm memory histograms simple histograms.
This Cl fixes a fundamental misunderstanding when Wasm memory
histograms were added. They were added using
HISTOGRAM_MEMORY_LIST(). This macro implements aggregating memory
histograms that handle cases memory cases that are not module
specific.

The fixed memory histograms are all module specific, and are simple
histograms.

In addition, it removes field is_sync from ModuleCompiler and
WasmCompilationUnit, since the field is no longer needed to make the
fixed memory histograms synchronous.

Bug: v8:6361
Change-Id: I696109b4fd1a4aadc87a6bdbbc4b7daefd58ea51
Reviewed-on: https://chromium-review.googlesource.com/565349
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Commit-Queue: Karl Schimpf <kschimpf@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46541}
2017-07-10 21:42:48 +00:00
Karl Schimpf
0a5cbce468 Complete set of exception handling opcodes in decoder.
Adds missing opcodes for exception handling for the function body decoder.
Also adds error messages if the exception handling construct is not yet
functional.

Note that the previous prototype for catch and throw have been marked
as not yet functional. This was done because it doesn't model
exceptions the way the proposal suggests. Rather, they implement a
hard-coded (c++ model) of exceptions.

Bug: v8:6577
Change-Id: Ife170b9f0cb2be91b11082e43c4795ce81a427dc
Reviewed-on: https://chromium-review.googlesource.com/564138
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Karl Schimpf <kschimpf@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46540}
2017-07-10 20:03:28 +00:00
Karl Schimpf
9c43150541 Decode the exception section.
Modifies V8 to be able to parse the exception section (defining
exception types), when the experimental_wasm_eh flag is true.

Bug: v8:6577
Change-Id: I5d8b3fddaf5b0dec6b14ddd0992f9fb883e8dc90
Reviewed-on: https://chromium-review.googlesource.com/561757
Commit-Queue: Karl Schimpf <kschimpf@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46539}
2017-07-10 19:49:58 +00:00
Benedikt Meurer
1edb46cc04 [turbofan] Widen the fast-path for JSCreateArray.
This improves the general Array constructor call performance (w/o
usable AllocationSite feedback) in TurboFan by ~2x, i.e. for example
invoking the Array constructor like this

  var a = Array.call(undefined, n);

instead of

  var a = Array(n);

such that the CallIC doesn't know that it's eventually calling the
Array constructor.

It also thus changes the single argument Array constructor to always
return holey arrays. Previously the single argument case for the Array
constructor was somehow trying to dynamically detect 0 and in that case
returned a packed array instead of a holey one. That adds quite a lot
of churn, and doesn't seem to be very useful, especially since this
might lead to unnecessary feedback pollution later.

R=mvstanton@chromium.org

Bug: v8:2229, v8:5269, v8:6399
Change-Id: I3d7cb9bd975ec0e491e3cdbcf1230185cfd1e3de
Reviewed-on: https://chromium-review.googlesource.com/565721
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46538}
2017-07-10 19:16:38 +00:00
Adam Klein
be8983da7b [mjsunit] Skip regress-430201 on tsan builds due to timeouts
It's already skipped (for slowness) in debug, asan, and msan builds.

TBR=machenbach@chromium.org

Change-Id: I1d7cb38d88e621f6d14344426bc5f931b1d6ffcd
Reviewed-on: https://chromium-review.googlesource.com/565741
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46537}
2017-07-10 18:45:38 +00:00
Caitlin Potter
10b9c019ce [parser] avoid for-loop desugaring unless loop var may be captured
In https://chromium-review.googlesource.com/c/472247/, I avoided
running DesugarLexicalBindingsInForStatement() if there were no lexical
loop variables, the function was not resumable, and the variables are
not captured by eval or a function declaration.

I think it's now possible to limit this further, and only do the more
extensive desugaring if there's a function declaration / eval() call
in the loop body. `yield` and `await` are not an issue as those loop
variables are written to the register file and not lost.

This change just removes the `is_resumable()` condition. If it passes
tests, I think it's safe.

BUG=v8:4762, v8:5460, v8:6579

Change-Id: I92d0308ad9401c1338411bc9ae9021f978803d3a
Reviewed-on: https://chromium-review.googlesource.com/563587
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46536}
2017-07-10 18:06:18 +00:00
Ulan Degenbaev
e4b3f6a759 [heap] Fix data race in JSObject::RawFastDoublePropertyAsBitsAtPut with
concurrent marking.

The function should use relaxed store similar to other JSObject setters.

BUG=chromium:694255

Change-Id: I032f0763a5f2420d120bce976533aa0007868b97
Reviewed-on: https://chromium-review.googlesource.com/565573
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46535}
2017-07-10 17:57:48 +00:00
Benedikt Meurer
b707c602f0 Revert "[base] Make USE a variadic template"
This reverts commit 39e335c7cc.

Reason for revert: Breaks debug builds on Linux, especially mksnapshot fails now, i.e.:

FAILED: mksnapshot
python "../../build/toolchain/gcc_link_wrapper.py" --output="./mksnapshot" -- ../../third_party/llvm-build/Release+Asserts/bin/clang++ -pie -Wl,--fatal-warnings -fPIC -Wl,-z,noexecstack -Wl,-z,now -Wl,-z,relro -Wl,-z,defs -Wl,--no-as-needed -lpthread -Wl,--as-needed -fuse
-ld=gold -B../../third_party/binutils/Linux_x64/Release/bin -Wl,--threads -Wl,--thread-count=4 -Wl,--icf=all -m64 -Werror -Wl,--gdb-index --sysroot=../../build/linux/debian_jessie_amd64-sysroot -L../../build/linux/debian_jessie_amd64-sysroot/lib/x86_64-linux-gnu -Wl,-rpat
h-link=../../build/linux/debian_jessie_amd64-sysroot/lib/x86_64-linux-gnu -L../../build/linux/debian_jessie_amd64-sysroot/usr/lib/x86_64-linux-gnu -Wl,-rpath-link=../../build/linux/debian_jessie_amd64-sysroot/usr/lib/x86_64-linux-gnu -Wl,-rpath-link=. -Wl,--disable-new-dt
ags -rdynamic -nodefaultlibs -o "./mksnapshot" -Wl,--start-group @"./mksnapshot.rsp"  -Wl,--end-group   -ldl -lpthread -lrt -lc -lm -lgcc_s
../../src/elements.cc:3362: error: undefined reference to 'v8::internal::(anonymous namespace)::ElementsKindTraits<(v8::internal::ElementsKind)7>::Kind'
../../src/elements.cc:3362: error: undefined reference to 'v8::internal::(anonymous namespace)::ElementsKindTraits<(v8::internal::ElementsKind)8>::Kind'
../../src/elements.cc:3953: error: undefined reference to 'v8::internal::(anonymous namespace)::ElementsKindTraits<(v8::internal::ElementsKind)9>::Kind'
../../src/profiler/heap-snapshot-generator.cc:187: error: undefined reference to 'v8::internal::(anonymous namespace)::SnapshotSizeConstants<4ul>::kExpectedHeapGraphEdgeSize'
../../src/elements.cc:3953: error: undefined reference to 'v8::internal::(anonymous namespace)::ElementsKindTraits<(v8::internal::ElementsKind)10>::Kind'
../../src/profiler/heap-snapshot-generator.cc:198: error: undefined reference to 'v8::internal::(anonymous namespace)::SnapshotSizeConstants<4ul>::kExpectedHeapEntrySize'
../../src/profiler/heap-snapshot-generator.cc:199: error: undefined reference to 'v8::internal::(anonymous namespace)::SnapshotSizeConstants<8ul>::kExpectedHeapGraphEdgeSize'
../../src/profiler/heap-snapshot-generator.cc:200: error: undefined reference to 'v8::internal::(anonymous namespace)::SnapshotSizeConstants<8ul>::kExpectedHeapEntrySize'
clang: error: linker command failed with exit code 1 (use -v to see invocation)
ninja: build stopped: subcommand failed.

Original change's description:
> [base] Make USE a variadic template
> 
> This will allow for passing more than one variable. This is
> particularly interesting for calling a method on each type in a
> parameter pack, as in:
> 
> template<typename... T>
> void foo(T&&... ts) {
>   USE(do_something(ts)...);
> }
> 
> Drive-by fix: Allow to pass arbitrary types to USE, including
> references. This might prevent a copy for pass-by-value.
> 
> R=​ishell@chromium.org
> 
> Change-Id: I8f894d730bbcd195ed83705f98771994b4bc906f
> Reviewed-on: https://chromium-review.googlesource.com/565561
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#46527}

TBR=clemensh@chromium.org,ishell@chromium.org

Change-Id: Ibd3f0529e7a3136c4bcac15443da3d9f8dde8510
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/565141
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46534}
2017-07-10 17:19:30 +00:00
Enrico Bacis
5457e8a9b5 [ppc] use Double instead of double in ppc compiler
The use of double variables to store bit patterns may lead to bit flips
when the stored bit pattern is a signaling NaN (sNaN). Operations on a
sNaN variable (even just returning the variable from a function) may
turn it into a quiet NaN (qNaN), flipping the signaling bit and
affecting the information stored in the variable.

We observed this behaviour on ia32 architectures and therefore in the
simulator builds for other platforms. The use of the wrapper class
Double should prevent this behaviour.

R=ahaas@chromium.org

Change-Id: Ibd1119924a59db771fd4c250689ad9c2a35fff75
Reviewed-on: https://chromium-review.googlesource.com/562771
Reviewed-by: Jaideep Bajwa <bjaideep@ca.ibm.com>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Enrico Bacis <enricobacis@google.com>
Cr-Commit-Position: refs/heads/master@{#46533}
2017-07-10 17:13:08 +00:00
Tobias Tebbi
b618aa8106 [turbofan] restrict infamous escape analysis check to debug builds
This unconditional check caused a lot of canary crashes and recently stable merges while not being necessary for security. For code health and maintenance of Turbofan, it should be sufficient if this is only triggered in Clusterfuzz.

Bug: chromium:726638
Change-Id: Ib58d9c18f89939164cae19223fda490addbce007
Reviewed-on: https://chromium-review.googlesource.com/557867
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46532}
2017-07-10 17:03:08 +00:00
Georg Neis
7e854a765c MIPS[64]: Don't dereference handles in (macro-)assembler functions used by TF.
Port https://chromium-review.googlesource.com/c/561015/.

Bug: v8:6048
Change-Id: I887ad0651674fb1c503bea19660199eb5ab3e9ba
Reviewed-on: https://chromium-review.googlesource.com/565568
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46531}
2017-07-10 16:46:56 +00:00
Michael Lippautz
ec8904aedc [heap] Scavenger: Cache pretenuring feedback locally
Bug: chromium:738865
Change-Id: Icb92b649ecd3d4ab4c60f35ffe0649a35fe8b3f6
Reviewed-on: https://chromium-review.googlesource.com/565285
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46530}
2017-07-10 15:54:59 +00:00
Karl Schimpf
4496294550 Fix remaining cases of HistogramTimer that may run in background.
That is, change to use TimedHistogram (which functions properly on
background threads).

Bug: v8:6361
Change-Id: I821fb0afea97be422786778d576683f67667c31b
Reviewed-on: https://chromium-review.googlesource.com/559769
Commit-Queue: Karl Schimpf <kschimpf@chromium.org>
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46529}
2017-07-10 15:52:36 +00:00
Camillo Bruni
a389f16157 [CSA] Cleanup: Use SmiConstant(int) wherever possible
Change-Id: Iedd1ce0d790c0c1fd69b92657d6a9866f346cedd
Reviewed-on: https://chromium-review.googlesource.com/565563
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46528}
2017-07-10 15:50:59 +00:00
Clemens Hammacher
39e335c7cc [base] Make USE a variadic template
This will allow for passing more than one variable. This is
particularly interesting for calling a method on each type in a
parameter pack, as in:

template<typename... T>
void foo(T&&... ts) {
  USE(do_something(ts)...);
}

Drive-by fix: Allow to pass arbitrary types to USE, including
references. This might prevent a copy for pass-by-value.

R=ishell@chromium.org

Change-Id: I8f894d730bbcd195ed83705f98771994b4bc906f
Reviewed-on: https://chromium-review.googlesource.com/565561
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46527}
2017-07-10 15:47:46 +00:00
Ross McIlroy
c77d9da45c Remove overzelous DCHECK in ignition-statistics-extension.
It doesn't actually matter if we have arguments to the call, we just ignore
them.

BUG=chromium:740037

Change-Id: I50600c3ee5902e7de6ac558833e3ed9cd1a9a28f
Reviewed-on: https://chromium-review.googlesource.com/565509
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46526}
2017-07-10 15:09:54 +00:00
Ivica Bogosavljevic
ad360a26e6 MIPS[64]: Port [compiler] Delay generation of code stubs
Port 040fa06fb3
Port 659e8f7b5c

Bug: 
Change-Id: Ie08d65ff6647f8a15127a065e7224b5b5cec09a4
Reviewed-on: https://chromium-review.googlesource.com/558294
Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46525}
2017-07-10 15:08:49 +00:00
Ross McIlroy
758bbdc559 [Interpreter] Remove unused ControlScope::RethrowAccumulator.
Bug: 
Change-Id: I77915d33e427f00f42fb61ed0ba903e43d737180
Reviewed-on: https://chromium-review.googlesource.com/565417
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46524}
2017-07-10 15:07:44 +00:00
Michael Achenbach
22e808eb8d [release] Explicitly use Gerrit in all release tools
Pass --gerrit explicitly to be resiliant to possible rollbacks of the Gerrit
switch.

This'll also enforce using Gerrit on older release branches when using
the release tools for cherry-picking.

NOTRY=true
TBR=hablich@chromium.org

Bug: chromium:685318
Change-Id: If60784b4c804f38ca36649ac4b2e62209d7cf729
Reviewed-on: https://chromium-review.googlesource.com/565415
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46523}
2017-07-10 14:56:25 +00:00
Michael Achenbach
ba35cd5f36 Revert "Document RootIndexMap's requirement for immovable roots."
This reverts commit bb881c8880.

Reason for revert: nosnap debug:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap%20-%20debug/builds/13930

Original change's description:
> Document RootIndexMap's requirement for immovable roots.
> 
> R=​mstarzinger@chromium.org
> 
> Change-Id: I27cf279c77204becc449221e1bcebeacbc275792
> Reviewed-on: https://chromium-review.googlesource.com/565281
> Commit-Queue: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#46517}

TBR=yangguo@chromium.org,mstarzinger@chromium.org

Change-Id: Ifac3ec6192207bf2be8932408c37bea66bb435e8
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/565598
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46522}
2017-07-10 14:52:47 +00:00
Miran.Karic
2ce135af74 MIPS[64]: Fix memory load/store helper.
The CL introducing optimizations in memory load/store helper,
https://chromium-review.googlesource.com/c/552119/, caused several
failures on r6 builders. The problem was in Sdc1 macro instruction where
address in at register was overwritten before being used. Also in debug
mode a DCHECK was failing because an incorrect type was used.

BUG=

Change-Id: If38f9dfbbe2e72dfce05c24f7b6019060ef28334
Reviewed-on: https://chromium-review.googlesource.com/565297
Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com>
Commit-Queue: Miran Karić <Miran.Karic@imgtec.com>
Cr-Commit-Position: refs/heads/master@{#46521}
2017-07-10 14:32:24 +00:00
Albert Mingkun Yang
1ad821cc77 [heap] Fix comment for Page in spaces.h
Change-Id: Ib95ab0c5669fe344ff199cc6cad811e175bc8bb3
Reviewed-on: https://chromium-review.googlesource.com/565410
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Albert Mingkun Yang <albertnetymk@google.com>
Cr-Commit-Position: refs/heads/master@{#46520}
2017-07-10 14:14:24 +00:00
Michael Lippautz
2241b2476d [heap] Move scavenging logic to Scavenger
Bug: chromium:738865
Change-Id: I93721f535ecf8518bf0355e62d5848147460abc8
Reviewed-on: https://chromium-review.googlesource.com/565198
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46519}
2017-07-10 14:02:42 +00:00
titzer
11484e7e9b [wasm] Improve precision of slow DCHECK for WebAssembly-constructed internal objects.
BUG=chromium:740325
R=ahaas@chromium.org,mlippautz@chromium.org

Review-Url: https://codereview.chromium.org/2972353002
Cr-Commit-Position: refs/heads/master@{#46518}
2017-07-10 13:49:34 +00:00
Yang Guo
bb881c8880 Document RootIndexMap's requirement for immovable roots.
R=mstarzinger@chromium.org

Change-Id: I27cf279c77204becc449221e1bcebeacbc275792
Reviewed-on: https://chromium-review.googlesource.com/565281
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46517}
2017-07-10 13:48:03 +00:00
jgruber
14e80e5c91 Add Smi::ToInt helper method
This adds a convenience method for the common Smi to int conversion
pattern.

Bug: 
Change-Id: I7d7b171c36cfec5f6d10c60f1d9c3e06e3aed0fa
Reviewed-on: https://chromium-review.googlesource.com/563205
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Andreas Rossberg <rossberg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46516}
2017-07-10 13:33:03 +00:00
georgia.kouveli
c42a641846 Print missing builtin names when using a snapshot.
BUG=

Review-Url: https://codereview.chromium.org/2970443003
Cr-Commit-Position: refs/heads/master@{#46515}
2017-07-10 13:23:53 +00:00
Georg Neis
b0f1b0e4fd MIPS[64]: Don't create a handle for a builtin.
Port https://chromium-review.googlesource.com/c/519267/.

R=bmeurer@chromium.org

Bug: v8:6048
Change-Id: Ic94a12b30967fd26ebfa0c6752475d0c013f81e4
Reviewed-on: https://chromium-review.googlesource.com/565400
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46514}
2017-07-10 13:21:52 +00:00
Daniel Clifford
f6d1dc40c8 Support holey elements kind (not double) in TF-inlined forEach
BUG=v8:1956
LOG=N
R=bmeurer@chromium.org

Change-Id: I190002227d3321df0f68e77f3b7b0a468446c493
Reviewed-on: https://chromium-review.googlesource.com/561011
Commit-Queue: Daniel Clifford <danno@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46513}
2017-07-10 13:09:53 +00:00
Michael Achenbach
f014676112 [foozzie] Update test configurations to status quo
NOTRY=true

Bug: v8:6408
Change-Id: I9e70131158d837b735d398436a1da4b2e85daa67
Reviewed-on: https://chromium-review.googlesource.com/565398
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46512}
2017-07-10 12:32:22 +00:00
Maya Lekova
f2af839b19 [builtins] Port Proxy constructor to CSA.
Rename builtins-proxy.cc to builtins-proxy-gen.cc.

Bug: v8:6557, v8:6567
Change-Id: I0e52a0c0c6c9b307c33bb18ec36079bdfd4a89ef
Reviewed-on: https://chromium-review.googlesource.com/565278
Commit-Queue: Maya Lekova <mslekova@google.com>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46511}
2017-07-10 12:15:53 +00:00
Jaroslav Sevcik
aba708a146 Initial optimization of Map.prototype.(get|has) in Turbofan.
This introduces a new builtin (MapLookupHashIndex) and uses it
in Turbofan to compute Map.p.get and Map.p.has.

I have also refactored the existing CSA builtins for Map.p.get and 
Map.p.has to use the new builtin under the hood.

The code for the lookup has been also improved.
- Specialized lookups for smis, strings, heap numbers and everything else.
  - the advantage is that we can use fast equalities for the lookup.
  - strings can likely be optimized further if we care about the 
    internalized string fast case.
- Instead of a call to runtime to get the hash code, we now call C directly.

In the Turbofan implementation itself, there are no special optimizations yet.
The next step is to teach load elimination to reuse the indexes from
previous calls of MapLookupHashIndex. 

BUG=v8:6410

Change-Id: I0b1a70493eb031d444e51002f6b2cc1f30ea2b68
Reviewed-on: https://chromium-review.googlesource.com/560169
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46510}
2017-07-10 12:07:43 +00:00
Georg Neis
0d007e68ac [compiler] Change implementation of IsMaterializableFromRoot.
RootCanBeTreatedAsConstant checks that the object is not in new space.
This check is not thread-safe and, moreover, makes no sense in Turbofan.

R=bmeurer@chromium.org

Bug: v8:6048
Change-Id: I6df682ceef1508c33d5f32bd0d5bf25828e8c88f
Reviewed-on: https://chromium-review.googlesource.com/565259
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46509}
2017-07-10 12:02:46 +00:00
titzer
0c22df6555 [wasm] Allow full u32 range for table maximum in WebAssembly.Table constructor.
R=clemensh@chromium.org
BUG=chromium:740199

Review-Url: https://codereview.chromium.org/2977543002
Cr-Commit-Position: refs/heads/master@{#46508}
2017-07-10 11:18:45 +00:00
Camillo Bruni
b14de85dd9 [cleanup] Improve readability of AllocationSite
Bug: v8:6211
Change-Id: Iab0e787e7d9abfb9f24cd77276e1c00cc2e165a7
Reviewed-on: https://chromium-review.googlesource.com/561456
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46507}
2017-07-10 11:03:02 +00:00
Loo Rong Jie
c5b46fd3dd [wasm] Pull return true out of macro
Change-Id: I7fd794342a13718059b47ea25c26d850ed2da509
Reviewed-on: https://chromium-review.googlesource.com/564189
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46506}
2017-07-10 10:31:52 +00:00
Ulan Degenbaev
5359d8680a [heap] Add support for multiple concurrent marking tasks.
BUG=chromium:694255

Change-Id: Ib0403a2d406428d2cd7896521abb6e95c3841c1c
Reviewed-on: https://chromium-review.googlesource.com/563364
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46505}
2017-07-10 10:16:52 +00:00
Andreas Haas
b2133cd615 [wasm] Handle invalid function index in the elements section correctly
An invalid I32V value as index could be used to get a valid
WasmFunction.

R=clemensh@chromium.org

Bug: chromium:735887
Change-Id: I5fbfa01fc3300d86a4a2ba9bcbb86fc02f231ef9
Reviewed-on: https://chromium-review.googlesource.com/561536
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46504}
2017-07-10 10:08:42 +00:00
Clemens Hammacher
5b11996a97 [wasm] Fix error output for duplicate exports
There are other things to export beside functions. Thus, also print the
export kind when printing an error for duplicate export names.

R=titzer@chromium.org

Change-Id: I7477040dda274a16cfd776d7ac8db6e50a197b97
Reviewed-on: https://chromium-review.googlesource.com/564940
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46503}
2017-07-10 09:53:32 +00:00
Georg Neis
8cfec1586b Revert "[compiler] Move the main pipeline's code assembly pass into the background."
This reverts commit 66b54ab152.

Reason for revert: TSAN unhappy.

Original change's description:
> [compiler] Move the main pipeline's code assembly pass into the background.
> 
> R=​bmeurer@chromium.org
> 
> Bug: v8:6048
> Change-Id: I60bc35c02b5460416c3b0e2872fc72ebf9b808a5
> Reviewed-on: https://chromium-review.googlesource.com/563386
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Commit-Queue: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#46499}

TBR=neis@chromium.org,bmeurer@chromium.org

Change-Id: I84ac8ad92c98ebe541e04529cda2b7e1eb07eafc
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6048
Reviewed-on: https://chromium-review.googlesource.com/564421
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46502}
2017-07-10 09:20:11 +00:00
Juliana Franco
1910fcc397 [deoptimizer] Add trampoline pc to the DeoptimizationInputData.
Extend the deoptimization jump-table in optimized code objects
to also contain entries for lazy deoptimization exits, and
introduce a trampoline pc in the DeoptimizationInputData,
which maps back from the return-site to the jump-table offset.

Bug: v8:6562, v8:6561
Change-Id: Id085d5467e3ceff251c2ec2768329a9e22c0aff6
Reviewed-on: https://chromium-review.googlesource.com/563403
Commit-Queue: Juliana Patricia Vicente Franco <jupvfranco@google.com>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46501}
2017-07-10 09:16:09 +00:00
Georg Neis
2e1f5567cc [cleanup] Prefer handle.address() over handle.location() in some places.
... so that we can get rid of explicit AllowHandleDereference at the
call sites.

Bug: v8:6048
Change-Id: I1c31998fc8e0a63348f52ad60dd8c49244d45b40
Reviewed-on: https://chromium-review.googlesource.com/563658
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46500}
2017-07-10 08:51:37 +00:00
Georg Neis
66b54ab152 [compiler] Move the main pipeline's code assembly pass into the background.
R=bmeurer@chromium.org

Bug: v8:6048
Change-Id: I60bc35c02b5460416c3b0e2872fc72ebf9b808a5
Reviewed-on: https://chromium-review.googlesource.com/563386
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46499}
2017-07-10 08:47:55 +00:00
Igor Sheludko
fa41e3b218 [runtime] Create only one instance of %ThrowTypeError%.
... according to the spec ES#sec-%throwtypeerror%

Bug: v8:4034
Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: Ia4f2d228397edf55447fe3e71402c8fc4589369a
Reviewed-on: https://chromium-review.googlesource.com/563214
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46498}
2017-07-10 08:26:02 +00:00
Benedikt Meurer
3b84cbfeb0 [builtins] Port Map and Set iterators to CodeStubAssembler.
This is the next step towards faster Map and Set iteration. It
introduces the appropriate instance types for Map and Set
iterators (following the pattern for Array iterators) and migrates
the following builtins to the CodeStubAssembler:

  - Set.prototype.entries
  - Set.prototype.values
  - Map.prototype.entries
  - Map.prototype.keys
  - Map.prototype.values
  - %SetIteratorPrototype%.next
  - %MapIteratorPrototype%.next

This already provides a significant performance boost for regular
for-of iteration of Sets and Maps, by a factor of 5-10 depending
on the input. The final step will be to inline some fast-paths
into TurboFan.

Drive-by-fix: Remove obsolete %IsJSSetIterator and %IsJSMapIterator
intrinsics and runtime functions.

TBR=jgruber@chromium.org

Bug: v8:6344, v8:6571, chromium:740122
Change-Id: I3ab0ee49e2afe8d4295707a5ecbd51adda621918
Reviewed-on: https://chromium-review.googlesource.com/563626
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46497}
2017-07-10 07:57:02 +00:00
Miran.Karic
64025a858f MIPS[64]: Optimize MipsCtz and MipsPopcnt in code generator.
The CL adds optimizations to MipsCtz and MipsPopcnt for mips32 and to
Mips64Ctz, Mips64Dctz, Mips64Popcnt and Mips64Dpopcnt for mips64 in
code generator.

BUG=

Change-Id: I080d4eca6b8521c3d01d727b883f3efa9876b7a1
Reviewed-on: https://chromium-review.googlesource.com/563197
Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com>
Commit-Queue: Miran Karić <Miran.Karic@imgtec.com>
Cr-Commit-Position: refs/heads/master@{#46496}
2017-07-10 07:29:22 +00:00
Michael Achenbach
5a6e24e9e4 Revert "[builtins] Port Map and Set iterators to CodeStubAssembler."
This reverts commit 3f22832be7.

Reason for revert: Layout tests:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/16849

Original change's description:
> [builtins] Port Map and Set iterators to CodeStubAssembler.
> 
> This is the next step towards faster Map and Set iteration. It
> introduces the appropriate instance types for Map and Set
> iterators (following the pattern for Array iterators) and migrates
> the following builtins to the CodeStubAssembler:
> 
>   - Set.prototype.entries
>   - Set.prototype.values
>   - Map.prototype.entries
>   - Map.prototype.keys
>   - Map.prototype.values
>   - %SetIteratorPrototype%.next
>   - %MapIteratorPrototype%.next
> 
> This already provides a significant performance boost for regular
> for-of iteration of Sets and Maps, by a factor of 5-10 depending
> on the input. The final step will be to inline some fast-paths
> into TurboFan.
> 
> Drive-by-fix: Remove obsolete %IsJSSetIterator and %IsJSMapIterator
> intrinsics and runtime functions.
> 
> Bug: v8:6571, chromium:740122
> Change-Id: Iad7a7dec643d8f8b5799327f89a351108ae856bf
> Reviewed-on: https://chromium-review.googlesource.com/563399
> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#46492}

TBR=jgruber@chromium.org,bmeurer@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: v8:6571, chromium:740122
Change-Id: Iadb48d72e3b85ec8ad880e50ab7912c5502caf07
Reviewed-on: https://chromium-review.googlesource.com/564419
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46495}
2017-07-10 04:44:13 +00:00
v8-autoroll
cf8d672d96 Update V8 DEPS.
Rolling v8/build: e934a19..4dba73a

TBR=machenbach@chromium.org,hablich@chromium.org

Change-Id: Ia5565c87706a87cf470539128f5a4a5d0663aee8
Reviewed-on: https://chromium-review.googlesource.com/563886
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46494}
2017-07-10 03:26:24 +00:00
v8-autoroll
1f62eca7a8 Update V8 DEPS.
Rolling v8/third_party/catapult: 256098d..00b0c16

TBR=machenbach@chromium.org,hablich@chromium.org

Change-Id: I4fda81b9cb1c3c55261abeccc65161593ddd2ea9
Reviewed-on: https://chromium-review.googlesource.com/563785
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46493}
2017-07-09 03:30:10 +00:00
Benedikt Meurer
3f22832be7 [builtins] Port Map and Set iterators to CodeStubAssembler.
This is the next step towards faster Map and Set iteration. It
introduces the appropriate instance types for Map and Set
iterators (following the pattern for Array iterators) and migrates
the following builtins to the CodeStubAssembler:

  - Set.prototype.entries
  - Set.prototype.values
  - Map.prototype.entries
  - Map.prototype.keys
  - Map.prototype.values
  - %SetIteratorPrototype%.next
  - %MapIteratorPrototype%.next

This already provides a significant performance boost for regular
for-of iteration of Sets and Maps, by a factor of 5-10 depending
on the input. The final step will be to inline some fast-paths
into TurboFan.

Drive-by-fix: Remove obsolete %IsJSSetIterator and %IsJSMapIterator
intrinsics and runtime functions.

Bug: v8:6571, chromium:740122
Change-Id: Iad7a7dec643d8f8b5799327f89a351108ae856bf
Reviewed-on: https://chromium-review.googlesource.com/563399
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46492}
2017-07-08 18:46:59 +00:00