Commit Graph

60277 Commits

Author SHA1 Message Date
Milad Farazmand
bd66cc1ddf [unwinder] Including all 64bit platforms as set by kRequiresCodeRange
Change-Id: I2de7128210313e40d3c310edd72658180f1ee110
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1968165
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#65485}
2019-12-17 17:11:56 +00:00
Ulan Degenbaev
ff7acbd697 Reland "Delay setting up deserialized JSArrayBuffer"
This is a reland of 83786cb49d

Original change's description:
> Delay setting up deserialized JSArrayBuffer
>
> Setting up JSArrayBuffer may trigger GC. Delay this until we
> are done with deserialization.
>
> R=ulan@chromium.org
>
> Bug: chromium:1033395
> Change-Id: I6c79bc47421bc2662dc1906534fc8e820c351ced
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1965580
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#65441}

Tbr: yangguo@chromium.org
Bug: chromium:1033395, chromium:1034059
Change-Id: I89d05768f52a480400d9c6f5aaaa233c5d5ba126
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1969896
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65484}
2019-12-17 17:09:46 +00:00
Clemens Backes
31dde88e8b Revert "[csa] use JSGraph to create constants in CodeAssembler"
This reverts commit 53308bf7c0.

Reason for revert: Fails on multiple arm bots, e.g. https://ci.chromium.org/p/v8/builders/ci/V8%20Arm%20-%20debug/12441

Original change's description:
> [csa] use JSGraph to create constants in CodeAssembler
> 
> Now that CodeAssembler uses optimizing TurboFan passes, creating
> constants without using the caching implemented in JSGraph leads to
> problems, since value numbering only works properly if all constants
> in the graph were introduced through the cache.
> To mitigate this, this CL creates the JSGraph earlier so that
> CodeAssembler can already use the same JSGraph used by later TurboFan
> optimizations.
> For other uses of RawMachineAssembler, everything stays as before.
> 
> This issue is creating bot failures in
> https://chromium-review.googlesource.com/c/v8/v8/+/1958011
> 
> Change-Id: Ife017876b19cb2602694279ef1da75f23e18a031
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1967329
> Reviewed-by: Maya Lekova <mslekova@chromium.org>
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#65477}

TBR=tebbi@chromium.org,mslekova@chromium.org

Change-Id: I6df6782adfb40632f51681942efab9b591f72cab
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1969901
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65483}
2019-12-17 14:34:26 +00:00
Clemens Backes
d69bfcf776 [wasm] Fix MSVC compile error
MSVC wants the static cast, even if the constant fits in the narrower
type anyway.

R=ahaas@chromium.org

Change-Id: I40043c02db1524ac591f6dcea14333695a53d028
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1924356
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65482}
2019-12-17 14:15:46 +00:00
Clemens Backes
4bae0d6a6b [wasm] Fix debug side table for out-of-line code
For out-of-line code, we need to generate the debug side table
information at the point where the out-of-line code is being triggered,
not when it is emitted (at the end of the function).

This CL also adds more tests to check the actual content of the debug
side table in different scenarios.

R=jkummerow@chromium.org

Bug: v8:10019
Change-Id: I7714c86ee7edc4918b5ecc97cbded84c27b00e09
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1967388
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65481}
2019-12-17 14:14:41 +00:00
Ulan Degenbaev
687d865fe2 [heap] Perform GCs on v8::BackingStore allocation
This adds heuristics to perform young and full GCs on allocation
of external ArrayBuffer backing stores.

Young GCs are performed proactively based on the external backing
store bytes for the young generation. Full GCs are performed only
if the allocation fails. Subsequent CLs will add heuristics to
start incremental full GCs based on the external backing store bytes.

This will allow us to remove AdjustAmountOfExternalMemory for
ArrayBuffers.

Bug: v8:9701, chromium:1008938
Change-Id: I0e8688f582989518926c38260b5cf14e2ca93f84
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1803614
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65480}
2019-12-17 14:13:37 +00:00
Maya Lekova
7ec8b6b9ee [turbofan] Improve error reporting in call reducer
Bug: chromium:1034203
Change-Id: I225fa6416d443802b063e149da6e6fca0a176bb1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1969898
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65479}
2019-12-17 13:50:16 +00:00
Zhang, Shiyu
0b812b721b Reland "Support Intel VTune ITT API"
This is a reland of 5f5b4b0407

Original change's description:
> Support Intel VTune ITT API
> 
> Add VTune domain support extension to use VTune Domain/Task API and
> tagging trace data for particular JS code block.
> 
> How to use:
> 1. Set `"checkout_ittapi" = True` in the custom_vars section of .gclient
> file to download intel/ittapi by 'gclient sync'
> 2. Build d8 with gn build flag 'v8_enable_vtunetracemark = true'
> 3. Run d8 with flag '--enable-vtune-domain-support'
> 
> The Vtune Domain/Task API can be invoked from JS to mark JS code block.
> You can mark the start of a JS task by
>     vtunedomainmark(domain_name, task_name, "start")
> and the end of a task by
>     vtunedomainmark(domain_name, task_name, "end")
> Tasks can nest.
> 
> The VTune API (ittapi) is integrated as an external third party library
> while the v8_vtune_jit also relies on the VTune ittapi. We have another
> patch almost ready which refactors the v8_vtune_jit related code to
> depend on the third_party/ittapi. We will submit the refactored v8_vtune_jit
> code after this patch stabilized and landed.
> 
> 
> Contributed by fanchen.kong@intel.com
> 
> Change-Id: I0ecc9dd4e1ea52545f1b6932fcdadfa7c1a6d2b2
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1938490
> Commit-Queue: Shiyu Zhang <shiyu.zhang@intel.com>
> Reviewed-by: Hannes Payer <hpayer@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#65409}

Change-Id: I563aa70fa2b8abe34c981af47aa7220cfc2a7edb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1963511
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65478}
2019-12-17 13:34:36 +00:00
Tobias Tebbi
53308bf7c0 [csa] use JSGraph to create constants in CodeAssembler
Now that CodeAssembler uses optimizing TurboFan passes, creating
constants without using the caching implemented in JSGraph leads to
problems, since value numbering only works properly if all constants
in the graph were introduced through the cache.
To mitigate this, this CL creates the JSGraph earlier so that
CodeAssembler can already use the same JSGraph used by later TurboFan
optimizations.
For other uses of RawMachineAssembler, everything stays as before.

This issue is creating bot failures in
https://chromium-review.googlesource.com/c/v8/v8/+/1958011

Change-Id: Ife017876b19cb2602694279ef1da75f23e18a031
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1967329
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65477}
2019-12-17 13:26:36 +00:00
Clemens Backes
48625b3747 [wasm] Fix committed code space tracking with --perf-prof
If --perf-prof is specified, we commit the whole code range at once, and
never update the {total_committed_code_space_} counter (see
{WasmCodeManager::Commit} and {WasmCodeManager::Decommit}). Hence we
should also not decrement that counter when the native module dies.

R=jkummerow@chromium.org

Bug: chromium:1032753
Change-Id: I9a40f1a1322485d7142ed56f5c9365305aa0e056
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1969790
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65476}
2019-12-17 13:23:06 +00:00
Dan Elphick
be5dd77215 [heap] Remove PrintStack from Heap::RecordStats
Since RecordStats during GC, (when it fails to recover enough memory),
it unsafe for it to allocate any memory. Thus it cannot call PrintStack
which can call SharedFunctionInfo::EnsureSourcePositionsAvailable and
which may allocate, so this removes the call to PrintStack which is
apparently not useful for debugging anyway.

Bug: chromium:1032087
Change-Id: I94feeaab1445f7fd4f770a20197546fc40c77390
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1967377
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65475}
2019-12-17 10:47:16 +00:00
Toon Verwaest
08a5b95d24 [json] Update feedback maps since they might be deprecated
Objects in arrays take the shape of the object right before as feedback to
speed up object creation. If a subsequent object with the same shape has a
member that also has the same shape, that member can cause the feedback map to
be deprecated. To avoid confusion, we now update (dedeprecate) the feedback map
before use.

Thanks a bunch Seth Brenith for figuring out the issue!

Bug: chromium:1029077
Change-Id: I047b1acfd4906616a2302f253ab9cd29272bdc79
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1970211
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65474}
2019-12-17 10:42:26 +00:00
Zhao Jiazhong
a64884fce3 [mips][wasm] Update wasm spec tests
port 0f8769d https://crrev.com/c/1967379

Change-Id: If756f5ea84657151a807d02a7407dadc959f06e9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1970975
Auto-Submit: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65473}
2019-12-17 10:40:06 +00:00
Mythri A
14832f8001 [test] Add more flags to mjsunit/deopt-array-builtin
In this test we expect that the feedback vector is not flushed
so we retain what we have learnt from the earlier executions. If we
flush the earlier feedback the code might deoptimize again and the test
fails. Hence adding --no-stress-flush-bytecode and --no-flush-bytecode
flags.

Bug: v8:10035
Change-Id: Ia71748e83d64a731f595fed7f5b85a8dafa2b31a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1969850
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65472}
2019-12-17 09:53:41 +00:00
Dominik Inführ
221f4068d3 [objects] Add extension field to JSArrayBuffer
Add pointer-sized field extension to the JSArrayBuffer class. Only
reserve space for this field when feature is enabled for now.

Bug: v8:10064
Change-Id: Idb6fdcdce2a048e6aed9a892bc46ce029e1119f3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1956166
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65471}
2019-12-17 09:46:06 +00:00
Maya Lekova
9c37ec0bbd [turbofan] Allow missing length and name in JSCallReducer
MapRef::GetStrongValue now returns an Optional to account for the case
where we can't figure out the name of the bound function during
serialization. We could reach out to the heap in the future in this
case.

Fixed: chromium:1034203
Change-Id: I9fa81921b5dbd8bc9f68aa3c10921bc01b695a6b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1967386
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65470}
2019-12-17 09:16:26 +00:00
Peter Marshall
285e4d69de [unwinder] Add a vector-based code page mechanism for arm32
Add an API on Isolate that returns a sorted vector of code pages allocated
within V8. The implementation is designed to be signal-safe, so that the
user (the UMA sampling profiler) can access this information from a signal
handler, where allocation and taking locks is prohibited.

This CL adds the machinery for maintaining the list of allocated code
pages. Further CLs will modify the Unwinder API itself to accept the code
pages provided by this API.

The unwinder API currently uses the reserved virtual-memory range called
the CodeRange to identify where all V8 code objects live, but this doesn't
exist on arm32 or any 32-bit platform, so this approach adds a way to
expose the location of all valid V8 code objects in a signal-safe way for
use by the UMA sampling profiler.

On 64-bit, this API always gives the code_range and embedded_code_range, and
does not maintain a vector of code pages. This is so that we have a unified
API on 32 and 64-bit that can be used in exactly the same way by embedders.

Design doc:
https://docs.google.com/document/d/1VGwUult5AHLRk658VetwEHMOmDDxA2eDQs9lDFMZTE0

Bug: v8:8116
Change-Id: I732509a45121fc54853182481c24d1083275afce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1564068
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65469}
2019-12-17 08:05:20 +00:00
v8-ci-autoroll-builder
532ca8300f Update V8 DEPS.
Rolling v8/build: 03d0c36..2da4a4a

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/69337c3..b119e4e

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: I6f83c95169248851b32bf2ec4f95144b8df295fc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1970152
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#65468}
2019-12-17 03:52:20 +00:00
Ng Zhi An
0c9805d0df [liftoff] Allocate stack slot sizes based on type
Liftoff supports unfixed stack slot sizes now, so we can have
SlotSizeForType return different values based on the value type it is
spilling. We make the change for architectures that support unaligned
access, x64, ia32, arm64.

Note for ppc/s390/mips/mips64 ports: SlotSizeForType remains as 8 byte
(old behavior), but can be changed.

This patch also makes adjustments to PatchPrepareStackFrame to align sp
to appropriate values (pointer size).

Bug: v8:9909
Change-Id: Iddd2dcd652b162a04a02ed704c5b06f6af8a186d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1956165
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65467}
2019-12-16 22:53:11 +00:00
Milad Farazmand
2886c2ebbc PPC/s390: [wasm] Update wasm spec tests
Port 0f8769dfe4

R=ahaas@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: Ica16f208f429d637faef14942d31ed66527b3dab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1969064
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#65466}
2019-12-16 18:48:50 +00:00
Joshua Litt
8d84d11d8b [promises] Port ResolvePromise to Torque.
Bug: v8:9838
Change-Id: I9cfa7af623af3b387962ea4fa90cfc599612f976
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1958961
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65465}
2019-12-16 18:32:10 +00:00
Victor Gomes
a50b1ea17f [CleanUp] Mispelled receiver
Change-Id: I0657847fd58d9dc08e5bbdc37c6c0dcc9527e5eb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1967378
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65464}
2019-12-16 16:20:20 +00:00
Clemens Backes
2d89d8a926 [arm] Fix constant pool hickup for huge table switch
The {cmp} instruction might add an entry to the constant pool at a time
where we didn't expect any entries to be added.
This can be fixed by moving the {CheckConstPool} call *after* the {cmp}.

R=mslekova@chromium.org

Bug: chromium:1034394
Change-Id: If075ad0b02e2973a734d70d9e58c205bd14e6a33
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1967380
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65463}
2019-12-16 15:54:50 +00:00
Shu-yu Guo
fa5d564746 Rename FinalizationGroup WeakCells' key to unregister_token
This is in preparation to hold on to unregister tokens weakly. The key
map will be changed to be keyed off the tokens' identity hash instead of
the token objects themselves. Once changed, a WeakCell's key (its
token's hash) will be different from its unregister token. In
particular, in case of collision, WeakCells with different unregister
tokens may have the same key.

Bug: v8:8179
Change-Id: Ifa18ace915265340db7f01431161a6e0425f2927
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1968958
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65462}
2019-12-16 15:18:20 +00:00
Joshua Litt
0661893385 [promises] Port PromiseReject to torque.
Bug: v8:9838
Change-Id: I4111e17515d5f2b440e30d08582174047be4b92b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1957761
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65461}
2019-12-16 14:54:42 +00:00
Michael Achenbach
8ae1727fda [foozzie] Mock readline for correctness fuzzing
Some test cases stress all global functions and hang when calling
readline.

No-Try: true
Bug: chromium:1034285
Change-Id: I0eaf64437c0806cf3df0a5306aecea4367763cad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1967381
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65460}
2019-12-16 14:43:20 +00:00
Andreas Haas
0f8769dfe4 [wasm] Update wasm spec tests
R=ecmziegler@chromium.org

Bug: v8:10063
Change-Id: I2c962e4c91578dd82ff40df1b2b69aeee7dbbf18
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1967379
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65459}
2019-12-16 14:14:39 +00:00
Thibaud Michaud
3a7759d320 [wasm] Missing lock in import wrapper cache
Add a lock to prevent races between {WasmImportWrapperCache::Get} and
the cache modification scope.

R=clemensb@chromium.org

Change-Id: Ife281c127c765d3ca57f58c975e15a76833983ca
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1965588
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65458}
2019-12-16 13:49:49 +00:00
Clemens Backes
7118c421f5 [codegen] Document MachineRepresentation values
If you are not using them too often, their relationship and meaning is
not totally obvious. Especially that {kTaggedSigned} means "uncompressed
Smi" cannot be inferred from the name.

R=neis@chromium.org

Bug: v8:10021
Change-Id: If684b87ba24da0bbce846d4e35a790c2ee96116b
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1967374
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65457}
2019-12-16 13:10:49 +00:00
Dominik Inführ
d3a1a5b6c4 [objects] Fix memory leak in PrototypeUsers::Add
PrototypeUsers::Add now iterates the WeakArrayList to find empty slots
before growing the array. Not reusing empty slots caused a memory leak.

It might also be desirable to shrink the WeakArrayList in the future.
Right now it is only compacted when invoking CreateBlob.

Also removed unused PrototypeUsers::IsEmptySlot declaration.

Bug: v8:10031
Change-Id: I570ec78fca37e8f0c794f1f40846a4daab47c225
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1967317
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65456}
2019-12-16 11:42:08 +00:00
Tobias Tebbi
bf8d8f1dc8 [torque] use macro keyword for methods
This makes it obvious that methods are actually macros.
Also, in the future, we might allow methods that are actually builtins.

Bug: v8:7793
Change-Id: Ib641c4b5a222b27c67aa0c31fd3611ed4a11842c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1967330
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65455}
2019-12-16 10:36:58 +00:00
Santiago Aboy Solanes
d235114325 Reland x2 "[turbofan][ptr-compr] Remove redundant ChangeTaggedToCompressed"
This is a reland of c924f54ee0

Reason: Added back a bitcast that was supposed to be redundant (but it
wasn't)

Changes can be seen from patchets 1..3.

Original change's description:
> [turbofan][ptr-compr] Remove redundant ChangeTaggedToCompressed
>
> The final goal is to eliminate it altogether. This CL just
> eliminate the redundant ones.
>
> Bug: v8:7703
> Change-Id: If6e718c373fca7c65ce46c347533ec4550fbc444
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1950968
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#65398}

Bug: v8:7703
Change-Id: I099e67d0255d4ad5529a73b272df893069374136
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1965582
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65454}
2019-12-16 10:29:38 +00:00
v8-ci-autoroll-builder
1d1d14daac Update V8 DEPS.
Rolling v8/build: 9caeb8b..03d0c36

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: Ifb2da55fd51334b96b5000bd956d0fd12f47d1a5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1965537
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#65453}
2019-12-15 03:37:52 +00:00
v8-ci-autoroll-builder
4616dcd792 Update V8 DEPS.
Rolling v8/build: 1c5a738..9caeb8b

Rolling v8/buildtools: 6b3e658..fa02977

Rolling v8/buildtools/linux64: git_revision:ad9e442d92dcd9ee73a557428cfc336b55cbd533..git_revision:6feb55993083dfd27b93da195c8a82a3a9529848

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/b34e896..69337c3

Rolling v8/third_party/depot_tools: f1ad6e4..ba4699f

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: Ie45bced17927efd17403d65731a6c90cbeadb0e0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1966143
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#65452}
2019-12-14 03:58:11 +00:00
Tobias Tebbi
0bb21f1137 [torque] allow Context as type for js-implicit context
Drive-by cleanup: improve prining of lists

Bug: v8:7793
Change-Id: I84d2d5c64ae3cb564acf53d93ea4f12a829b787d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1967328
Reviewed-by: Joshua Litt <joshualitt@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65451}
2019-12-13 23:30:00 +00:00
Michael Achenbach
d1aaf9dadc Revert "Delay setting up deserialized JSArrayBuffer"
This reverts commit 83786cb49d.

Reason for revert:
https://ci.chromium.org/p/v8/builders/ci/V8%20Blink%20Linux%20Debug/2037

Original change's description:
> Delay setting up deserialized JSArrayBuffer
> 
> Setting up JSArrayBuffer may trigger GC. Delay this until we
> are done with deserialization.
> 
> R=​ulan@chromium.org
> 
> Bug: chromium:1033395
> Change-Id: I6c79bc47421bc2662dc1906534fc8e820c351ced
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1965580
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#65441}

TBR=ulan@chromium.org,yangguo@chromium.org,petermarshall@chromium.org

Change-Id: I77b8ae836e9003eaaccef440dfaf3ae840c112cb
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:1033395
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1967327
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65450}
2019-12-13 18:44:52 +00:00
Anna Henningsen
bdb828c9c6 [api] Various improvements to documentation
This improves documentation about some things that came up
in conversation and things that I noticed while working on
those other things. :)

Change-Id: I4f47cec6594f7b331259bea8ed506f5de908d438
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1954386
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65449}
2019-12-13 18:08:35 +00:00
Johannes Henkel
2f205f5a33 [DevTools] Roll inspector_protocol (V8)
New revision: 726836d7317a4031f48af9960bab51d7a2ab2867

The gist is that serialization is direct from
protocol objects to CBOR, no more detour via
protocol::Value.

Upstream PRs:
https://chromium-review.googlesource.com/c/deps/inspector_protocol/+/1956388
https://chromium-review.googlesource.com/c/deps/inspector_protocol/+/1966418

Also:
https://chromium-review.googlesource.com/c/deps/inspector_protocol/+/1941035

Change-Id: I89f742a4fd47b5eb8ebd98ce6e10ecba0501cf66
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1958956
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Johannes Henkel <johannes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65448}
2019-12-13 17:31:25 +00:00
Jakob Kummerow
5785e0b733 Revert "Fix ArrayConcat length estimation for TypedArrays"
This reverts commit 5f8e95c1a1.

Reason for revert: crbug.com/1033418. TypedArrays are not, by default, concat-spreadable; the existing code is inconsistent and this CL didn't update/fix enough of it.

Original change's description:
> Fix ArrayConcat length estimation for TypedArrays
>
> TypedArrays cannot be handled on the JSArray path.
> This patch should provide a minor performance improvement while
> being functionally non-observable.
>
> Change-Id: I05259517b9079aa715b3cf4be9b0cf6bb47236ac
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1948712
> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#65419}

TBR=jkummerow@chromium.org,ishell@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: chromium:1033418
Change-Id: I345c8ebc38be6df42d5bdbecd0d06d19967ad6f1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1967324
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65447}
2019-12-13 15:43:54 +00:00
Joshua Litt
192c55839e [promises] Port PromiseReactionJob to torque.
Bug: v8:9838
Change-Id: I770133cdf719efeee8de9415bda0586d0f5ac8d9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1954329
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65446}
2019-12-13 14:42:05 +00:00
Dominik Inführ
7109150ad0 [heap] Allow semi space sizes above kMaxSemiSpaceSize
Maximum semispace size was capped at kMaxSemiSpaceSize. Also allow
non-power-of-2 sizes.

Change-Id: I3385674a13455b47802a3f6e62ac5b9ed3987264
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1962863
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65445}
2019-12-13 14:27:44 +00:00
Jakob Kummerow
3d64fa8edc [tests] Introduce Multi-Mapped Mock Allocator
This new testing allocator for ArrayBuffers uses a small real allocation
that is repeatedly mapped into the requested allocation size. Its purpose
is to allow testing of huge TypedArrays without actually consuming a huge
amount of memory, at the expense of correct behavior (elements will alias
each other). It is only supported on Linux for now, and of course off by
default.

Bug: v8:4153
Change-Id: I4917a78b6190dc075dc4614ebe2696e63addc8c2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1962270
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65444}
2019-12-13 14:26:04 +00:00
Michael Starzinger
fde8d2ced1 Remove mstarzinger@ from OWNERS files.
R=hpayer@chromium.org

Change-Id: I2b9a77317cd4dcf8502c237b7f8f167b80859859
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1962866
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65443}
2019-12-13 11:13:14 +00:00
David Carlier
a4545db74e FreeBSD update of process library mapping listing.
Not best to rely on /proc presence basically when
the linux compatibily layer is enabled so
going through more programmatically.

Change-Id: Ida4973f9da6dec6e9caa6e419f3612ec5ef95048
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710664
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65442}
2019-12-13 11:07:54 +00:00
Yang Guo
83786cb49d Delay setting up deserialized JSArrayBuffer
Setting up JSArrayBuffer may trigger GC. Delay this until we
are done with deserialization.

R=ulan@chromium.org

Bug: chromium:1033395
Change-Id: I6c79bc47421bc2662dc1906534fc8e820c351ced
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1965580
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65441}
2019-12-13 10:57:44 +00:00
Dan Elphick
f47a8a88fa [compiler] Optimize Instruction::IsTailCall
Moves the TailCall instruction codes to the start of the enum, and
changes the test for IsTailCall from 4 equality tests to a single
inequality.

Bug: v8:10051
Change-Id: I679d6377161bd4f9a05f6202763d52c0a67b7900
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1964075
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65440}
2019-12-13 10:53:04 +00:00
Michael Starzinger
b577c1fe95 Remove and update some outdated TODO(mstarzinger).
R=clemensb@chromium.org

Change-Id: Ibd6790a222590fd4dce9f918219a19f01c2e1e0f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1960293
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65439}
2019-12-13 10:18:04 +00:00
Zhao Jiazhong
e99f6ffef3 [mips64][codegen] Fix the case that register rd is the same as rs in Shr and Sar
The OutputRegister shouldn't be overwritten, because it may be the same register
as InputRegister(1), which will be used later.

And remove the useless if-else in And32, Or32, Xor32.

Change-Id: I1f944b5b6acd5c183cef537524827b47a8cb0186
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1967092
Auto-Submit: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65438}
2019-12-13 09:57:25 +00:00
v8-ci-autoroll-builder
3d0a0a8504 Update V8 DEPS.
Rolling v8/build: dfe5662..1c5a738

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/4082c91..b34e896

Rolling v8/third_party/depot_tools: 8b34eb4..f1ad6e4

Rolling v8/third_party/zlib: f262c1b..d7f3ca9

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: I8b0e66842ceb08f8c8158f832e375cc5da64b956
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1966133
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#65437}
2019-12-13 03:55:51 +00:00
Johannes Henkel
4a98a2608b [DevTools] Roll inspector_protocol. (V8)
Add Exported::AppendSerialized (consistency with Serialized interface).
Deprecate Exported::writeBinary.

Upstream PRs:
https://chromium-review.googlesource.com/c/deps/inspector_protocol/+/1958506
https://chromium-review.googlesource.com/c/deps/inspector_protocol/+/1941035

Change-Id: I50d6db05ea7c1336022b0b63e5ec2c69488ab525
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1958575
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Johannes Henkel <johannes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65436}
2019-12-12 20:18:26 +00:00