Commit Graph

15674 Commits

Author SHA1 Message Date
Sathya Gunasekaran
2e4b86b0de [benchmarks] Add ES6 Map/Set benchmarks from SixSpeed
Bug: v8:5717
Change-Id: I92c6d897ae7701e6c778590709f6f1c8a16295b0
Reviewed-on: https://chromium-review.googlesource.com/478591
Reviewed-by: Franziska Hinkelmann <franzih@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44696}
2017-04-18 17:05:58 +00:00
Camillo Bruni
1979ab55fb [heap-verification] Increase verification for arguments objects
BUG: v8/6251
Change-Id: I64e6ad220f05384e4cd549c1356fd713423c3044
Reviewed-on: https://chromium-review.googlesource.com/480072
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44695}
2017-04-18 15:55:14 +00:00
kozyatinskiy
38be4a17c1 [inspector] avoid cloning of async call chains
- separated V8StackTraceImpl and AsyncStackTrace,
- V8Debugger owns all AsyncStackTrace and cleanup half of them when limit is reached (first created - first cleaned),
- V8StackTraceImpl, AsyncStackTrace and async-task-related tables in V8Debugger have weak reference to other async stack traces.
- async tasks are cleared with related async stacks.

BUG=v8:6189
R=dgozman@chromium.org

Review-Url: https://codereview.chromium.org/2816043006
Cr-Original-Commit-Position: refs/heads/master@{#44670}
Committed: 1bca73bc83
Review-Url: https://codereview.chromium.org/2816043006
Cr-Commit-Position: refs/heads/master@{#44694}
2017-04-18 15:53:08 +00:00
Marja Hölttä
7fcf658a7b [parser] Skipping inner funcs: make the flag experimental.
The feature is not quite ready for getting ClusterFuzzed.

BUG=v8:5516

Change-Id: I90a42f950727c8ecf46cb2987c9a459b2ba1f5a7
Reviewed-on: https://chromium-review.googlesource.com/480400
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44693}
2017-04-18 15:16:10 +00:00
Michael Starzinger
e6590a37ba [turbofan] Fix translation containing arguments elements.
This fixes the de-duplication logic used when writing the deoptimizer
translation of a frame-state containing {kArgumentsElementsState}. The
object counts as a captured object and participates in the numbering of
duplicated objects.

R=jarin@chromium.org
TEST=mjsunit/regress/regress-crbug-711166
BUG=chromium:711166

Change-Id: I4a3b892017ab8217197e5f94c1a0975d0cd6979f
Reviewed-on: https://chromium-review.googlesource.com/476631
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44692}
2017-04-18 14:44:01 +00:00
yangguo
0e12ac85c1 Revert of Introduce mkgrokdump to update tools/v8heapconst.py. (patchset #19 id:350001 of https://codereview.chromium.org/2809653003/ )
Reason for revert:
http://build.chromium.org/p/client.v8/builders/V8%20Win64/builds/17063/steps/Check/logs/mkgrokdump

Original issue's description:
> Introduce mkgrokdump to update tools/v8heapconst.py.
>
> - Migrate make grokdump to GYP and GN
> - Move code from d8 into stand-alone execution
> - Add test case to ensure it's up-to-date
>
> Review-Url: https://codereview.chromium.org/2809653003
> Cr-Commit-Position: refs/heads/master@{#44687}
> Committed: 0cc0c130fa

TBR=mstarzinger@chromium.org,machenbach@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review-Url: https://codereview.chromium.org/2824853003
Cr-Commit-Position: refs/heads/master@{#44691}
2017-04-18 14:41:13 +00:00
Marja Hölttä
42b2eb0e0e [parser] Move newly added cctest/test-parsing/LazyFunctionLength to unittests.
BUG=v8:5516

Change-Id: Ie2e41ffa82c63788e285641232a5d555155b0d13
Reviewed-on: https://chromium-review.googlesource.com/480239
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44689}
2017-04-18 14:27:32 +00:00
bmeurer
245ab01ad4 [turbofan] Inline Array constructor calls with multiple parameters.
BUG=v8:6262
R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2821273002
Cr-Commit-Position: refs/heads/master@{#44688}
2017-04-18 14:14:58 +00:00
yangguo
0cc0c130fa Introduce mkgrokdump to update tools/v8heapconst.py.
- Migrate make grokdump to GYP and GN
- Move code from d8 into stand-alone execution
- Add test case to ensure it's up-to-date

Review-Url: https://codereview.chromium.org/2809653003
Cr-Commit-Position: refs/heads/master@{#44687}
2017-04-18 14:05:27 +00:00
yangguo
7b4e4ab70f Do not use new struct type where unnecessary.
We can use TUPLE2 or TUPLE3 for structs that do not need special
handling by deoptimizer and compiler.

This frees up a few instance types, so that adding the next few
new structs will not cause ABI compatibility to break.

R=mstarzinger@chromium.org

Review-Url: https://codereview.chromium.org/2811183005
Cr-Commit-Position: refs/heads/master@{#44685}
2017-04-18 12:46:39 +00:00
jgruber
21b104e3b8 [errors] Improve NotGeneric error message
This changes the message from

"method_name is not generic"

to

"method_name requires that 'this' be a primitive_name object"

BUG=v8:6206

Review-Url: https://codereview.chromium.org/2814043006
Cr-Commit-Position: refs/heads/master@{#44683}
2017-04-18 12:23:29 +00:00
bmeurer
199e543f7c [turbofan] Introduce a dedicated Array type.
Use Type::Array to constant-fold Array.isArray builtin based on the
value input type. Also use it to improve type based alias analysis,
where we know that stores to an object of type Array don't affect stores
to an object of type OtherObject, and vice versa.

R=jarin@chromium.org
BUG=v8:6262

Review-Url: https://codereview.chromium.org/2819583002
Cr-Commit-Position: refs/heads/master@{#44681}
2017-04-18 12:12:27 +00:00
Marja Hölttä
5d2c6ec33d [parser] Set SharedFunctionInfo::length later.
No usage sites are getting the length for uncompiled functions, so we can
postpone setting the correct length until after compilation. This way we don't
need to produce and store it for skipped inner functions.

In the current implementation, getting the function length compiles it (and
users rely on it - so the feature is probably not going to go away).

BUG=v8:5516

Change-Id: Id8c9a05d2391505a6cde613841094170c9a1b808
Reviewed-on: https://chromium-review.googlesource.com/468927
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44679}
2017-04-18 11:00:59 +00:00
machenbach
6fac39b333 Revert of [inspector] avoid cloning of async call chains (patchset #7 id:120001 of https://codereview.chromium.org/2816043006/ )
Reason for revert:
Speculative revert. Seems to block the roll:
https://codereview.chromium.org/2822983004/

Might require changing a browser test first?

Original issue's description:
> [inspector] avoid cloning of async call chains
>
> - separated V8StackTraceImpl and AsyncStackTrace,
> - V8Debugger owns all AsyncStackTrace and cleanup half of them when limit is reached (first created - first cleaned),
> - V8StackTraceImpl, AsyncStackTrace and async-task-related tables in V8Debugger have weak reference to other async stack traces.
> - async tasks are cleared with related async stacks.
>
> BUG=v8:6189
> R=dgozman@chromium.org
>
> Review-Url: https://codereview.chromium.org/2816043006
> Cr-Commit-Position: refs/heads/master@{#44670}
> Committed: 1bca73bc83

TBR=dgozman@chromium.org,kozyatinskiy@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:6189

Review-Url: https://codereview.chromium.org/2825713002
Cr-Commit-Position: refs/heads/master@{#44678}
2017-04-18 10:17:32 +00:00
yangguo
4f3d859f31 [regexp] explicitly whitelist allowed binary property classes.
BUG=v8:4743
TBR=jgruber@chromium.org

Review-Url: https://codereview.chromium.org/2827613002
Cr-Commit-Position: refs/heads/master@{#44677}
2017-04-18 10:01:27 +00:00
Michael Achenbach
716d59659a [test] Skip flaky test.
Bug: v8:5193
TBR=yangguo@chromium.org
NOTRY=true

Change-Id: I2f6b8e9e9468195fca4e74b83c642a8595c4a51b
Reviewed-on: https://chromium-review.googlesource.com/480091
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44673}
2017-04-18 07:27:43 +00:00
Michael Achenbach
219991278f Roll icu 450be73:b34251
This rolls:
450be73..b34251f

Bug: v8:6252
Change-Id: I496f35bad1717105c8e450ce045f3e9929574e0f
Reviewed-on: https://chromium-review.googlesource.com/475652
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44672}
2017-04-18 06:58:19 +00:00
gdeepti
78b8d7ed8c [wasm] Handle no initial memory case correctly when memory is exported
Currently when the module has memory specified in the compiled bytes, but with no initial memory
exported memory assigns a bogus buffer to the instance. When grow_memory is called on this buffer, it tries to patch an incorrect address.
 - Fix exported memory to handle no initial memory
 - Fix grow_memory to handle uninitialized buffers

BUG=chromium:710844
R=bradnelson@chromium.org

Review-Url: https://codereview.chromium.org/2820223002
Cr-Commit-Position: refs/heads/master@{#44671}
2017-04-18 06:34:16 +00:00
kozyatinskiy
1bca73bc83 [inspector] avoid cloning of async call chains
- separated V8StackTraceImpl and AsyncStackTrace,
- V8Debugger owns all AsyncStackTrace and cleanup half of them when limit is reached (first created - first cleaned),
- V8StackTraceImpl, AsyncStackTrace and async-task-related tables in V8Debugger have weak reference to other async stack traces.
- async tasks are cleared with related async stacks.

BUG=v8:6189
R=dgozman@chromium.org

Review-Url: https://codereview.chromium.org/2816043006
Cr-Commit-Position: refs/heads/master@{#44670}
2017-04-18 01:42:35 +00:00
mtrofin
71cf4890d0 [wasm] instantiate expressed in terms of compile
Today, the semantics of:

WebAssembly.instantiate

and

WebAssembly.compile().then(new WebAssemblyInstance)

are subtly different, to the point where attempting the proposed
change uncovered bugs.

In the future, it's possible that .instantiate actually have different
semantics - if we pre-specialized to the provided ffi, for example.
Right now that's not the case.

This CL:
- gets our implementation closer to what developers may write using
the compile -> new Instance alternative, in particular wrt promise
creation. By reusing code paths, we uncover more bugs, and keep
maintenance cost lower.

- it gives us the response-based WebAssembly.instantiate implicitly.
Otherwise, we'd need that same implementation on the blink side. The
negative is maintenance: imagine if the bugs I mentioned could only be
found when running in Blink.

BUG=chromium:697028

Review-Url: https://codereview.chromium.org/2806073002
Cr-Original-Commit-Position: refs/heads/master@{#44592}
Committed: 7829af3275
Review-Url: https://codereview.chromium.org/2806073002
Cr-Commit-Position: refs/heads/master@{#44669}
2017-04-18 01:31:16 +00:00
Josh Wolfe
1236335551 fix assertion failure with --harmony CreateDynamicFunction() in stack overflow conditions
Bug=chromium:707066
R=littledan@chromium.org, adamk@chromium.org, caitp@igalia.com
CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_trusty_blink_rel

Change-Id: I24ce0a08816940ef4646d0f2de188d4832c823a0
Reviewed-on: https://chromium-review.googlesource.com/474990
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Commit-Queue: Josh Wolfe <jwolfe@igalia.com>
Cr-Commit-Position: refs/heads/master@{#44668}
2017-04-17 20:06:15 +00:00
Adam Klein
2733087279 [intl] Remove always-true --datetime-format-to-parts flag
This flag was shipped with V8 5.7 (Chrome 57).

Bug: v8:5244
Change-Id: I044edb8d7e74ea3c84bf46ec5cf81b8ff1b7a3de
Reviewed-on: https://chromium-review.googlesource.com/477975
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44667}
2017-04-17 19:25:51 +00:00
gdeepti
c8c03c150d [wasm] Implement wasm x64 I16x8 Ops
- Add I16x8 Splat, ExtractLane, ReplaceLane, shift ops, Some BinOps and compare ops
 - Add pshufhw, pshuflw in the assembler, disassembler
 - Fix incorrect modrm for pextrw, this bug disregards the register allocated and always makes pextrw use rax.
 - Fix pextrw disasm to take the 0 - 7 bits of the immediate instead of 0 - 3.
 - Pextrw, pinsrw are in the assembler use 128 bit encodings, pextrw, pinsrw in the disassembler use legacy encodings, fix inconsistencies causing weird code gen when --print-code is used.

Review-Url: https://codereview.chromium.org/2767983002
Cr-Commit-Position: refs/heads/master@{#44664}
2017-04-17 18:47:46 +00:00
bradnelson
5b9b77655c [wasm] Add some more owners, clean up old ones.
BUG=None
TEST=None
R=mtrofin@chromium.org
LOG=N

Review-Url: https://codereview.chromium.org/2824793002
Cr-Commit-Position: refs/heads/master@{#44663}
2017-04-17 18:41:35 +00:00
Michael Achenbach
069d5bff32 [test] Skip slow test on arm simulator
NOTRY=true
TBR=hablich@chromium.org

Change-Id: I36418c2d0198c52a52ba3426a2792b2f52c29d67
Reviewed-on: https://chromium-review.googlesource.com/479411
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44661}
2017-04-16 13:58:58 +00:00
hablich
c5aad5f284 Revert "Reland "ARM64: Add NEON support""
This reverts commit 8faf3d6f25.

Reason: blocks roll https://codereview.chromium.org/2820753003/

TBR=martyn.capewell@arm.com,jarin@chromium.org,bmeurer@chromium.org,machenbach@chromium.org

NOTRY=true

Review-Url: https://codereview.chromium.org/2819093002
Cr-Commit-Position: refs/heads/master@{#44660}
2017-04-15 10:27:17 +00:00
kozyatinskiy
49d32849b3 [inspector] store v8:StackTrace as FixedArray
- creating JSArray and further setter and getter calls are slower then on fixed array.

BUG=v8:6189
R=yangguo@chromium.org

Review-Url: https://codereview.chromium.org/2813773002
Cr-Commit-Position: refs/heads/master@{#44657}
2017-04-14 16:49:08 +00:00
Sathya Gunasekaran
484d25d4df [d8] Fix leak in IntializeModuleEmbedderData
If the current context is overwritten by doing Realm.navigate(0) we
fail to delete the module embedder data from the correct current
context, because we have an handle to the old context which was
already cleaned up by calling DisposeRealm in RealmNavigate.

This patch disallows navigation to the first realm.

Bug: chromium:711165
Change-Id: I6b9d3187367dae9d1fe38c0efa361d461c94c917
Reviewed-on: https://chromium-review.googlesource.com/476970
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44656}
2017-04-13 21:52:28 +00:00
martyn.capewell
8faf3d6f25 Reland "ARM64: Add NEON support"
This reverts commit cc047635ff.
The CL was reverted due to a missing DEPS mirror.

Original issue's description:
> ARM64: Add NEON support
>
> Add assembler, disassembler and simulator support for NEON in the ARM64 backend.
>
> BUG=
>
> Review-Url: https://codereview.chromium.org/2622643005
> Cr-Commit-Position: refs/heads/master@{#44306}

BUG=

Review-Url: https://codereview.chromium.org/2812573003
Cr-Commit-Position: refs/heads/master@{#44652}
2017-04-13 17:23:15 +00:00
Caitlin Potter
fa0066d170 [async-iteration] implement spec update for yield* in async generators
e3246ad69c
removed some redundancies in yield and yield*.

In particular:
- AsyncGeneratorRawYield becomes unnecessary, and is deleted in this CL
- Parser::RewriteYieldStar() is updated to perform the IteratorValue() algorithm as appropriate

BUG=v8:6187, v8:5855
R=rmcilroy@chromium.org, adamk@chromium.org, littledan@chromium.org, vogelheim@chromium.org

Change-Id: I05e8429b9cbd4531c330ee53a05656b90162064c
Reviewed-on: https://chromium-review.googlesource.com/471806
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#44649}
2017-04-13 14:32:30 +00:00
Leszek Swirski
0010be5b23 [compiler] Always use deopt count for disabling optimization
Currently we count optimizations to decide to disable optimization, and
count deopts to detect this decision and allow re-enabling optimizations
after a while.

However, throwing out TurboFan OSR code and GC optimized code evictions
do not count as deopts, which means that the optimization count
increases without increasing the deopt count. This increased optimization
count disables further optimization -- which is bad, because these are
not "true" deopts -- and can stop the optimization from being re-enabled,
because the deopt count can't go high enough.

Instead, we now only ever look at deopts to disable/re-enable
optimization, and opt counts are only used for naming log files and in
tests.

Change-Id: I0c7d6be497545449a38cf952cd2f007ee51982ba
Reviewed-on: https://chromium-review.googlesource.com/468811
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44647}
2017-04-13 13:41:26 +00:00
yangguo
c80c0f11f4 [api] consistently expose all well-known symbols.
R=jochen@chromium.org

Review-Url: https://codereview.chromium.org/2812603002
Cr-Commit-Position: refs/heads/master@{#44643}
2017-04-13 12:40:39 +00:00
yangguo
768c5e2143 [api] Expose instanceof through v8::Value::InstanceOf.
This is requested for Node.js N-API. Tests to be added.

Review-Url: https://codereview.chromium.org/2812613002
Cr-Commit-Position: refs/heads/master@{#44641}
2017-04-13 12:37:21 +00:00
Michael Starzinger
f09460389b [asm.js] Test and fix "|0" annotation of calls.
This fixes the validation of "|0" annotations of call sites that are
used to indicate a "signed" return type of functions. We use lookahead
during call validation and request deferred validation as part of the
actual OR-expression. Special care has to be taken to get precedence
levels of all involved operators right.

R=clemensh@chromium.org
TEST=mjsunit/asm/call-annotation
BUG=v8:6183

Change-Id: If0586f669e7cee26a13425b0fd9f41098e852d68
Reviewed-on: https://chromium-review.googlesource.com/475871
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44639}
2017-04-13 10:38:22 +00:00
jgruber
876e23c54d [regexp] Fix incorrect DCHECK in FixSingleCharacterDisjunctions
The condition only applies in unicode mode, where any lone surrogates
are desugared into a character class (and will not be considered in this
optimization). Non-unicode mode treats lone surrogates exactly like
any other codepoint.

BUG=chromium:711092

Review-Url: https://codereview.chromium.org/2808403006
Cr-Commit-Position: refs/heads/master@{#44638}
2017-04-13 10:33:08 +00:00
Franziska Hinkelmann
b30503387f [type feedback] Allow position 0.
In eval scripts, the source code position can be 0 rather
than greater than 0.

Add regression test.

Drive-by fix: unrelated typo.

Bug: 707223
Change-Id: If52c0736daac3ad42ac6d324eb8ec5f1798f6f5a
Reviewed-on: https://chromium-review.googlesource.com/476630
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Franziska Hinkelmann <franzih@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44637}
2017-04-13 09:55:14 +00:00
georgia.kouveli
57040734d8 [arm64] Fix another ubfx corner case.
This issue was fixed in VisitWord64And in 2f8ad11f. Port the fix to
VisitWord32And.

BUG=

Review-Url: https://codereview.chromium.org/2815853002
Cr-Commit-Position: refs/heads/master@{#44636}
2017-04-13 09:51:20 +00:00
Michael Achenbach
7d08b5e4d2 [test] Run test262 under asan with more variants
Bug: chromium:710428,v8:6248
Change-Id: I70430d5a200199563bf5468a6cc80614307f63e6
Reviewed-on: https://chromium-review.googlesource.com/474847
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44635}
2017-04-13 09:49:24 +00:00
Clemens Hammacher
6e70425be1 [wasm] Provide scope information via inspector
This CL implements the proposed change to show information about
WebAssembly values and call frames via the inspector interface.
Each interpreted WebAssembly frame will have two scopes: A global scope
showing information about the memory (to be extended for globals), and
a local scope showing information about parameters, local variables, and
stack values.
Names of local variables will be added later.

R=ahaas@chromium.org, yangguo@chromium.org
BUG=v8:6245,v8:5822

Change-Id: I0a35fddd0a353933c86adf62083233b08098a2c7
Reviewed-on: https://chromium-review.googlesource.com/474865
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44633}
2017-04-13 09:00:02 +00:00
Michael Starzinger
68b047d094 [turbofan] Fix lowering of JSGetSuperConstructor.
This fixes the existing lowering of {JSGetSuperConstructor} nodes to
unconditional throws. The above operator is marked as {kNoWrite} but
runtime calls are not marked as such. Any deoptimizing operation after
the throw would not be able to find a valid {Checkpoint}. We remove the
lowering case in question.

R=bmeurer@chromium.org
TEST=mjsunit/regress/regress-6248
BUG=v8:6248

Change-Id: I22c922947336254502f698b02f944cf35dd8688a
Reviewed-on: https://chromium-review.googlesource.com/476570
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44632}
2017-04-13 08:34:22 +00:00
bmeurer
385734bf11 [turbofan] Let ChangeFloat64ToTagged canonicalize to Smi if possible.
When the incoming value to ChangeFloat64ToTagged is in Smi range, we
represent it as Smi instead of a HeapNumber. This addresses a range of
problems where TurboFan unnecessarily deoptimizes because an operation
learned Smi feedback in Ignition, but was then confronted with a tagged
HeapNumber in TurboFan, just because the value was also represented as
unboxed double somewhere in the meantime.

BUG=v8:6256
R=yangguo@chromium.org

Review-Url: https://codereview.chromium.org/2815283002
Cr-Commit-Position: refs/heads/master@{#44631}
2017-04-13 06:57:04 +00:00
Caitlin Potter
e2670e80a5 [js-perf-test] add microbenchmarks for C-style for loops
Adds some benchmarks copied from v8:4762.

BUG=v8:4762, v8:5460
R=adamk@chromium.org

Change-Id: I0b96080042781c2c46c0c8a3896a921bde97c1e5
Reviewed-on: https://chromium-review.googlesource.com/475934
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#44629}
2017-04-12 21:56:43 +00:00
binji
7b300ba2e9 [SAB] Validate index before value conversion using ToIndex
It's required by the spec -- and observable -- that the index be validated
before the conversion of the value(s) via ToInteger.

The previous implementation also had an old test for validating the atomic
index, which has now been switched to ToIndex.

This also exposed an issue in the ia32 code generator: cmpxchg_b requires a
byte register, but the ia32 instruction selector was ensuring that the
new_value was a byte register, not the TempRegister. This change forces the
temp register to use edx, which always can be used as a byte register (dl).
This is the same behavior as currently used in UseByteRegister.

BUG=v8:4614
R=jarin@chromium.org,jkummerow@chromium.org

Review-Url: https://codereview.chromium.org/2814753003
Cr-Commit-Position: refs/heads/master@{#44626}
2017-04-12 19:08:40 +00:00
kozyatinskiy
aee49387f7 [inspector] store creation stack in current V8StackTraceImpl
We currently store it in parent stack trace but stacks with the same parent can have different creations stacks.

BUG=v8:6189
R=dgozman@chromium.org

Review-Url: https://codereview.chromium.org/2807273002
Cr-Commit-Position: refs/heads/master@{#44624}
2017-04-12 19:02:58 +00:00
hans
b2dc9230c1 Fix -Wshorten-64-to-32 in test-assembler-arm64.cc
The arm64 MacroAssembler expects buffer_size to be an unsigned, not a
size_t.

BUG=chromium:710913

Review-Url: https://codereview.chromium.org/2818513002
Cr-Commit-Position: refs/heads/master@{#44623}
2017-04-12 18:44:27 +00:00
kozyatinskiy
81bb72c11c [inspector] cache stack frame for call sites
Usually program doesn't contain a lot of different stack frames in collected stack trace.

BUG=v8:6189
R=yangguo@chromium.orr
TBR=bmeurer@chromium.org

Review-Url: https://codereview.chromium.org/2788413004
Cr-Commit-Position: refs/heads/master@{#44622}
2017-04-12 18:33:20 +00:00
Ross McIlroy
b7a7096668 [Interpreter] Remove BytecodePipeline.
The BytecodePipeline is no longer used by any optimizers, so remove it and
connect the BytecodeArrayBuilder directly to the BytecodeWriter.

Also remove some functions from BytecodeNode which are no longer used.

BUG=v8:6194

Change-Id: Id2ec94ff1d4db41b108a778100459283fbb2256c
Reviewed-on: https://chromium-review.googlesource.com/471528
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44619}
2017-04-12 15:18:50 +00:00
Michael Achenbach
e63d74b117 Revert "[heap-verification] Increase verification for arguments objects"
This reverts commit b9194e93f2.

Reason for revert: Makes old pipeline flaky with custom snapshot:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20-%20custom%20snapshot%20-%20debug/builds/14049

Original change's description:
> [heap-verification] Increase verification for arguments objects
> 
> BUG: v8:6251
> Change-Id: I8a6dd528656a69c7910770acaf2133830b60c291
> Reviewed-on: https://chromium-review.googlesource.com/475651
> Commit-Queue: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#44609}

TBR=jkummerow@chromium.org,cbruni@chromium.org,v8-reviews@googlegroups.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Change-Id: Iedfdad290bf4f5f6ec2534e8c5378a7cc195db82
Reviewed-on: https://chromium-review.googlesource.com/475719
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44616}
2017-04-12 14:06:21 +00:00
Marja Hölttä
7079bdb830 [parser] Skipping inner funcs: Add a simple mjsunit test.
Unfortunately, this test cannot test that a function was really skipped (i.e.,
not parsed).

BUG=v8:5516

Change-Id: I8db5027d2216a95cc012ceae8e17554095cc1d4f
Reviewed-on: https://chromium-review.googlesource.com/457037
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44615}
2017-04-12 13:52:52 +00:00
hablich
d3f1d5c50c Revert of [wasm] instantiate expressed in terms of compile (patchset #6 id:140001 of https://codereview.chromium.org/2806073002/ )
Reason for revert:
Roll blocker: https://bugs.chromium.org/p/chromium/issues/detail?id=710824

Original issue's description:
> [wasm] instantiate expressed in terms of compile
>
> Today, the semantics of:
>
> WebAssembly.instantiate
>
> and
>
> WebAssembly.compile().then(new WebAssemblyInstance)
>
> are subtly different, to the point where attempting the proposed
> change uncovered bugs.
>
> In the future, it's possible that .instantiate actually have different
> semantics - if we pre-specialized to the provided ffi, for example.
> Right now that's not the case.
>
> This CL:
> - gets our implementation closer to what developers may write using
> the compile -> new Instance alternative, in particular wrt promise
> creation. By reusing code paths, we uncover more bugs, and keep
> maintenance cost lower.
>
> - it gives us the response-based WebAssembly.instantiate implicitly.
> Otherwise, we'd need that same implementation on the blink side. The
> negative is maintenance: imagine if the bugs I mentioned could only be
> found when running in Blink.
>
> BUG=chromium:697028
>
> Review-Url: https://codereview.chromium.org/2806073002
> Cr-Commit-Position: refs/heads/master@{#44592}
> Committed: 7829af3275

TBR=bradnelson@chromium.org,ahaas@chromium.org,adamk@chromium.org,mtrofin@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:697028

Review-Url: https://codereview.chromium.org/2810203002
Cr-Commit-Position: refs/heads/master@{#44614}
2017-04-12 13:27:56 +00:00
Camillo Bruni
b9194e93f2 [heap-verification] Increase verification for arguments objects
BUG: v8:6251
Change-Id: I8a6dd528656a69c7910770acaf2133830b60c291
Reviewed-on: https://chromium-review.googlesource.com/475651
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44609}
2017-04-12 11:31:16 +00:00
yangguo
5f90a6eb06 [debug,api] Do not use embedder field for debug context id.
We used to reserve the 0-th embedder data field for the debug
context id. This is no longer necessary since the inspector
has migrated to be part of V8. This makes the API a bit simpler.

R=clemensh@chromium.org, jochen@chromium.org, kozyatinskiy@chromium.org
BUG=v8:5530

Review-Url: https://codereview.chromium.org/2806303002
Cr-Commit-Position: refs/heads/master@{#44607}
2017-04-12 11:24:44 +00:00
bmeurer
8c0c5e8117 [turbofan] Properly represent the float64 hole.
The hole NaN should also have proper Type::Hole, and not silently hide
in the Type::Number. This way we can remove all the special casing for
the hole NaN, and we also finally get the CheckNumber right.

This also allows us to remove some ducktape from the Deoptimizer, as for
escape analyzed FixedDoubleArrays we always pass the hole value now to
represent the actual holes.

Also-By: jarin@chromium.org
BUG=chromium:684208,chromium:709753,v8:5267
R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2814013003
Cr-Commit-Position: refs/heads/master@{#44603}
2017-04-12 10:10:48 +00:00
Clemens Hammacher
366f75301d [wasm] [interpreter] Avoid double parsing of locals
The local variables were parsed two times, which in fact doubled the
amount of local variables allocated for each called function.
This was costing memory and performance. As the additional local
variables were never used, we did not recognize this before.

Add a test case for locals and stack values of interpreted frames.

R=ahaas@chromium.org
BUG=v8:5822

Change-Id: Ie5cb8d8f5441edee6abb46aa6bebef4a033d582b
Reviewed-on: https://chromium-review.googlesource.com/474749
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44602}
2017-04-12 09:57:18 +00:00
jgruber
4635572471 [regexp] Consider surrogate pairs when optimizing disjunctions
RationalizeConsecutiveAtoms optimizes ab|ac|az to a(?:b|c|d).
Ensure that this optimization does not split surrogate pairs in unicode
mode.

BUG=chromium:641091

Review-Url: https://codereview.chromium.org/2813893002
Cr-Commit-Position: refs/heads/master@{#44599}
2017-04-12 09:09:12 +00:00
bmeurer
483812d46c [turbofan] Fix typing rule for CheckBounds.
As of crrev.com/2760213003, the CheckBounds operator passes a truncation
that identfies zero and minus zero. However that was not reflected in
the typing rule, and as such the type of CheckBounds(-0,length) was
always Type::None. That confused the typed alias analysis in the
LoadElimination and led to ignoring StoreElement nodes.

BUG=chromium:708050
R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2812013006
Cr-Commit-Position: refs/heads/master@{#44598}
2017-04-12 09:02:28 +00:00
dusan.simicic
8d2db536c9 MIPS[64]: Support for some SIMD operations (4)
Add support for F32x4Abs, F32x4Neg, F32x4RecipApprox,
F32x4RecipRefine, F32x4RecipSqrtApprox, F32x4RecipSqrtRefine,
F32x4Add, F32x4Sub, F32x4Mul, F32x4Max, F32x4Min,
F32x4Eq, F32x4Ne, F32x4Lt, F32x4Le, I32x4SConvertF32x4,
I32x4UConvertF32x4 operations for mips32 and mips64
architectures.

BUG=

Review-Url: https://codereview.chromium.org/2778203002
Cr-Commit-Position: refs/heads/master@{#44597}
2017-04-12 07:32:00 +00:00
Sathya Gunasekaran
a7c4e77846 [builtins] Change semantics of class constructors returning primitives
This change mirrors the semantics for derived class constructors. This
change doesn't affect non class constructors.

This change could potentially break web compat. More details:
https://github.com/tc39/ecma262/pull/469

Bug=v8:5536

Change-Id: I519599949523733332d0b35e4f8d9ecb01cac495
Reviewed-on: https://chromium-review.googlesource.com/461225
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44594}
2017-04-12 04:35:43 +00:00
mtrofin
7829af3275 [wasm] instantiate expressed in terms of compile
Today, the semantics of:

WebAssembly.instantiate

and

WebAssembly.compile().then(new WebAssemblyInstance)

are subtly different, to the point where attempting the proposed
change uncovered bugs.

In the future, it's possible that .instantiate actually have different
semantics - if we pre-specialized to the provided ffi, for example.
Right now that's not the case.

This CL:
- gets our implementation closer to what developers may write using
the compile -> new Instance alternative, in particular wrt promise
creation. By reusing code paths, we uncover more bugs, and keep
maintenance cost lower.

- it gives us the response-based WebAssembly.instantiate implicitly.
Otherwise, we'd need that same implementation on the blink side. The
negative is maintenance: imagine if the bugs I mentioned could only be
found when running in Blink.

BUG=chromium:697028

Review-Url: https://codereview.chromium.org/2806073002
Cr-Commit-Position: refs/heads/master@{#44592}
2017-04-12 00:01:04 +00:00
mtrofin
53908d05b9 [wasm] Bumped DEPS for public js api tests, fixed failures.
This also fixes an existing discrepancy.

BUG=v8:6017

Review-Url: https://codereview.chromium.org/2808403002
Cr-Commit-Position: refs/heads/master@{#44590}
2017-04-11 20:09:20 +00:00
Michael Starzinger
76f0a91c92 [asm.js] Test and fix function table definition failures.
R=clemensh@chromium.org
BUG=v8:6127

Change-Id: I7f418b4e1accc8d560886cd5c05bdc54d3088249
Reviewed-on: https://chromium-review.googlesource.com/474864
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44586}
2017-04-11 16:46:26 +00:00
Caitlin Potter
96698b55e0 [parser] allow ASI when "await" or "yield" follows "let"
Per https://github.com/tc39/test262/pull/956, André believes that ASI
should be permitted in these situations.

BUG=
R=marja@chromium.org, adamk@chromium.org, littledan@chromium.org

Change-Id: I5602d8a507576607750ffa9e873e1bfa53dd3523
Reviewed-on: https://chromium-review.googlesource.com/472568
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#44585}
2017-04-11 16:32:39 +00:00
Clemens Hammacher
b3ff390364 [wasm] Fix tests and improve error message
The test "assertThrows(builder.instantiate)" threw a TypeError before,
which made the test pass, but not because of the feature we wanted to
test.
This CL fixes the test to call builder.instantiate correctly, and also
tests for the correct error message.

Drive-by fix: Fix {expected} and {found} parameters in assertThrows.

R=ahaas@chromium.org

Change-Id: I11c0f63885cc14a36559e637aea60a9da6f1bb8f
Reviewed-on: https://chromium-review.googlesource.com/472886
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44584}
2017-04-11 16:22:33 +00:00
Leszek Swirski
57afd0bb07 Reland: [ignition] Add call bytecodes for undefined receiver
Adds a collection of call bytecodes which have an implicit undefined
receiver argument, for cases such as global calls where we know that the
receiver has to be undefined. This way we can skip an LdaUndefined,
decrease bytecode register pressure, and set a more accurate
ConvertReceiverMode on the interpreter and TurboFan call.

As a side effect, the "normal" Call bytecode now becomes a rare case
(only with calls and super property calls), so we get rid of its 0-2
argument special cases and modify CallProperty[N] to use the
NotNullOrUndefined ConvertReceiverMode.

Reland of https://chromium-review.googlesource.com/c/463287 after fixing
tests in https://codereview.chromium.org/2813873002.

Change-Id: I314d69c7643ceec6a5750ffdab60dad38dad09e5
Reviewed-on: https://chromium-review.googlesource.com/474752
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44582}
2017-04-11 15:52:37 +00:00
kozyatinskiy
2e4a687338 [v8] v8::StackTrace::AsArray returns correct array
After [1] we return JSArray with internal structs, we should return JSObjects instead.

[1] https://codereview.chromium.org/2789073002

BUG=v8:6189
R=yangguo@chromium.org

Review-Url: https://codereview.chromium.org/2806373005
Cr-Commit-Position: refs/heads/master@{#44581}
2017-04-11 15:30:50 +00:00
yangguo
eee279257a [regexp] Add tests for binary property classes.
See https://tc39.github.io/proposal-regexp-unicode-property-escapes

R=jgruber@chromium.org
BUG=v8:4743

Review-Url: https://codereview.chromium.org/2807293003
Cr-Commit-Position: refs/heads/master@{#44577}
2017-04-11 14:06:45 +00:00
Peter Marshall
9679a3661f [test] Add a benchmark for constructing all types of TypedArrays.
This constructs different typed arrays from different types of other
typed arrays, hopefully countering microbenchmarks which are able to
optimize for exactly one pair of types.

Bug: v8:5977
Change-Id: Ie3b07d6ecaaca6db0be410e902e437a2a643d71c
Reviewed-on: https://chromium-review.googlesource.com/474748
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44576}
2017-04-11 13:46:10 +00:00
littledan
c1a9e556ca Reland of [date] Add ICU backend for timezone info behind a flag (patchset #1 id:1 of https://codereview.chromium.org/2811103002/ )
Reason for revert:
Reland with tests marked as off in no-i18n mode

Original issue's description:
> Revert of [date] Add ICU backend for timezone info behind a flag (patchset #17 id:320001 of https://codereview.chromium.org/2724373002/ )
>
> Reason for revert:
> Breaks noi18n:
> https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20noi18n%20-%20debug/builds/13314
>
> Original issue's description:
> > [date] Add ICU backend for timezone info behind a flag
> >
> > This patch implements a timezone backend which is based on ICU, rather
> > than operating system calls. It can be turned on by passing the
> > --icu-timezone-data flag. The goal here is to take advantage of ICU's
> > data, which is more complete than the data that some system calls expose.
> > For example, without any special code, this patch fixes the time zone
> > of Lord Howe Island to have a correct 30 minute DST offset, rather than
> > 60 minutes as the OS backends assume it to have.
> >
> > Unfortunately, the parenthized timezone name in Date.prototype.toString()
> > differs across platforms. This patch chooses the long timezone name,
> > which matches Windows behavior and might be the most intelligible, but
> > the web compatibility impact is unclear.
> >
> > BUG=v8:6031,v8:2137,v8:6076
> >
> > Review-Url: https://codereview.chromium.org/2724373002
> > Cr-Commit-Position: refs/heads/master@{#44562}
> > Committed: b213f23990
>
> TBR=ulan@chromium.org,jshin@chromium.org,jgruber@chromium.org,littledan@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:6031,v8:2137,v8:6076
>
> Review-Url: https://codereview.chromium.org/2811103002
> Cr-Commit-Position: refs/heads/master@{#44565}
> Committed: 13ad508110

TBR=ulan@chromium.org,jshin@chromium.org,jgruber@chromium.org,machenbach@chromium.org
BUG=v8:6031,v8:2137,v8:6076

Review-Url: https://codereview.chromium.org/2813863002
Cr-Commit-Position: refs/heads/master@{#44575}
2017-04-11 13:17:29 +00:00
Michael Achenbach
bb61aa4a02 [test] Skip non-default testing variants for test262 and asan
This is a noop right now as we run test262 without variants on asan.

We'll use the status file to whitelist the variants in a synchronous way in v8 after the infra change lands to activate them.

Bug: chromium:710428
NOTRY=true

Change-Id: I146bbc648775ef0e250c16695b956ecd1d6e105e
Reviewed-on: https://chromium-review.googlesource.com/474845
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44574}
2017-04-11 13:14:44 +00:00
Wiktor Garbacz
cc208b2892 [compiler-dispatcher] FinishNow all remaining jobs.
This a step towards using CompilerDispatcher in parallel
parsing.

BUG=v8:6093

Change-Id: Idee84105e342950badb5694fa2a850e05430abaa
Reviewed-on: https://chromium-review.googlesource.com/473246
Commit-Queue: Wiktor Garbacz <wiktorg@google.com>
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44573}
2017-04-11 13:13:05 +00:00
Caitlin Potter
30439676db [async-iteration] implement spec change to [Async-from-Sync Iterator]
A really slight change in behaviour introduced by
395b2e3b2f

Just swaps the order that properties are loaded from an iterator result
object in the various Async-from-Sync Iterator methods.

Fixes for the test262 tests have been submitted already (https://github.com/tc39/test262/pull/961).

BUG=v8:5855, v8:6242
R=littledan@chromium.org, jwolfe@igalia.com,

Change-Id: I1ff0e1b7758c126d02aec27d67ceeb15b91c06cf
Reviewed-on: https://chromium-review.googlesource.com/474087
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#44572}
2017-04-11 12:55:03 +00:00
littledan
38c5394ccb [intl] Fix NumberFormat options handling spec compliance issues
The goal of this patch was to refactor NumberFormat parameter handling
to be usable by a PluralRules implementation. Along the way, I found
and fixed a couple minor issues where options handling differed from
the specification, and removed some dead code. Regression tests are
added as test262 tests. With this change, the overall flow more closely
resembles the specification plus this editorial change which is out
for review: https://github.com/tc39/ecma402/pull/130/files

BUG=v8:6015,v8:6016
R=yangguo,jungshik

Review-Url: https://codereview.chromium.org/2717613005
Cr-Commit-Position: refs/heads/master@{#44571}
2017-04-11 12:51:41 +00:00
Wiktor Garbacz
7deb682187 [compiler-dispatcher] Enqueue jobs without SFI.
This a step towards using CompilerDispatcher in parallel
parsing.

BUG=v8:6093

Change-Id: I7c0dc0a5f5b25652a8aa98c94b1e069c1f081a5b
Reviewed-on: https://chromium-review.googlesource.com/473106
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Wiktor Garbacz <wiktorg@google.com>
Cr-Commit-Position: refs/heads/master@{#44570}
2017-04-11 12:46:53 +00:00
mathias
f956279ed6 [regexp] remove \p{Other_ID_Start} and \p{Other_ID_Continue}
The spec proposal has been updated to drop contributory binary
properties such as `Other_ID_Start` and `Other_ID_Continue`.

This patch reverts commit 26e5d0129c and
adds tests to ensure these properties are not supported.

R=
BUG=v8:4743

Review-Url: https://codereview.chromium.org/2809143003
Cr-Commit-Position: refs/heads/master@{#44569}
2017-04-11 12:40:41 +00:00
Ross McIlroy
790b2d341c [Interpreter] Move dead code elimination to BytecodeArrayWriter.
Move dead bytecode elimination from a seperate bytecode pipeline optimizer
into the BytecodeArrayWriter. This removes the last bytecode pipeline
optimizer, which means we can remove the Bytecode pipeline which,
which should increase compile speed.

BUG=v8:6194

Change-Id: I47fb3c3463b2b8a92e02cf7a6b608683fcfa5261
Reviewed-on: https://chromium-review.googlesource.com/471407
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44568}
2017-04-11 12:39:14 +00:00
machenbach
13ad508110 Revert of [date] Add ICU backend for timezone info behind a flag (patchset #17 id:320001 of https://codereview.chromium.org/2724373002/ )
Reason for revert:
Breaks noi18n:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20noi18n%20-%20debug/builds/13314

Original issue's description:
> [date] Add ICU backend for timezone info behind a flag
>
> This patch implements a timezone backend which is based on ICU, rather
> than operating system calls. It can be turned on by passing the
> --icu-timezone-data flag. The goal here is to take advantage of ICU's
> data, which is more complete than the data that some system calls expose.
> For example, without any special code, this patch fixes the time zone
> of Lord Howe Island to have a correct 30 minute DST offset, rather than
> 60 minutes as the OS backends assume it to have.
>
> Unfortunately, the parenthized timezone name in Date.prototype.toString()
> differs across platforms. This patch chooses the long timezone name,
> which matches Windows behavior and might be the most intelligible, but
> the web compatibility impact is unclear.
>
> BUG=v8:6031,v8:2137,v8:6076
>
> Review-Url: https://codereview.chromium.org/2724373002
> Cr-Commit-Position: refs/heads/master@{#44562}
> Committed: b213f23990

TBR=ulan@chromium.org,jshin@chromium.org,jgruber@chromium.org,littledan@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:6031,v8:2137,v8:6076

Review-Url: https://codereview.chromium.org/2811103002
Cr-Commit-Position: refs/heads/master@{#44565}
2017-04-11 12:07:29 +00:00
Ross McIlroy
fc7c2c5535 [Interpreter] Remove peephole optimizer.
All the optimizations have now been moved to either the BytecodeGenerator
or the BytecodeArrayWriter/Builder.

BUG=v8:6194

Change-Id: Ie5c5d55e824c94ffb503af376c72bc64ad1f6f81
Reviewed-on: https://chromium-review.googlesource.com/469349
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44564}
2017-04-11 11:46:42 +00:00
Michael Starzinger
1f3a863bbd [turbofan] Fix traversal order of boilerplate objects.
This fixes {JSCreateLowering} to traverse boilerplate objects in the
same order the runtime uses (i.e. properties first, elements second).
That order is hard-coded in the nesting of {AllocationSite} objects.

R=bmeurer@chromium.org
TEST=mjsunit/regress/regress-crbug-709537
BUG=chromium:709537

Change-Id: I8f446a0880448ea88a3e242e92d11d611581a42b
Reviewed-on: https://chromium-review.googlesource.com/474028
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44563}
2017-04-11 11:42:52 +00:00
littledan
b213f23990 [date] Add ICU backend for timezone info behind a flag
This patch implements a timezone backend which is based on ICU, rather
than operating system calls. It can be turned on by passing the
--icu-timezone-data flag. The goal here is to take advantage of ICU's
data, which is more complete than the data that some system calls expose.
For example, without any special code, this patch fixes the time zone
of Lord Howe Island to have a correct 30 minute DST offset, rather than
60 minutes as the OS backends assume it to have.

Unfortunately, the parenthized timezone name in Date.prototype.toString()
differs across platforms. This patch chooses the long timezone name,
which matches Windows behavior and might be the most intelligible, but
the web compatibility impact is unclear.

BUG=v8:6031,v8:2137,v8:6076

Review-Url: https://codereview.chromium.org/2724373002
Cr-Commit-Position: refs/heads/master@{#44562}
2017-04-11 11:37:31 +00:00
Ross McIlroy
f3e4b7c14d [Interpreter] Move non-effectful accumulator load elision to BytecodeArrayWriter
Moves the logic for eliding non-effectful accumulator load elision from the
peephole optimizer to the BytecodeArrayWriter.

BUG=v8:6194

Change-Id: I05fbe4ee8ac340e5c355285d0b47e4a9d52fd0a8
Reviewed-on: https://chromium-review.googlesource.com/469828
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44560}
2017-04-11 11:26:59 +00:00
dusan.simicic
2468dacd69 MIPS[64]: Support for some SIMD operations (3)
Add support for I32x4Mul, I32x4MaxS, I32x4MinS, I32x4Eq,
I32x4Ne, I32x4Shl, I32x4ShrS, I32x4ShrU, I32x4MaxU,
I32x4MinU, S32x4Select operations for mips32 and mips64
architectures

BUG=

Review-Url: https://codereview.chromium.org/2780713003
Cr-Commit-Position: refs/heads/master@{#44559}
2017-04-11 11:11:26 +00:00
Camillo Bruni
55f5bac450 [tools] Add options to separate more entries in tickprocessor
Enable separatio of ic, bytecode, builtin and stub entries through:
    --separate-ic=true
    --separate-bytecodes=true
    --separate-builtins=true
    --separate-stubs=true

Change-Id: I6da4be7add093bb54abe956c60cd186e735ed9b5
Reviewed-on: https://chromium-review.googlesource.com/473046
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44555}
2017-04-11 10:23:02 +00:00
Michael Starzinger
7f7d403d1e [asm.js] Test and fix call kind collisions.
R=clemensh@chromium.org
TEST=mjsunit/asm/call-collisions
BUG=v8:6202

Change-Id: Ie382ed011defb0146c07336b1fd65532ecc20e2e
Reviewed-on: https://chromium-review.googlesource.com/473146
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44554}
2017-04-11 10:05:03 +00:00
gsathya
94283dcf44 [ESNext] Implement DynamicImportCall
This patch implements the runtime semantics of dynamic import.

We create a new ASTNode so that we can pass the JSFunction closure() to
the runtime function from which we get the script_url.

d8 implements the embedder logic required to load and evaluate the modules.

The API is mostly implemented as specified.

BUG=8:5785

Review-Url: https://codereview.chromium.org/2703563002
Cr-Commit-Position: refs/heads/master@{#44551}
2017-04-11 09:33:11 +00:00
Clemens Hammacher
81c7135c84 [wasm] Check for UTF-8 validity of section names
According to the spec, section names must be valid UTF-8. This CL adds
a check for that.
Imported and exported names were already checked before.
In order to use the {consume_string} function from the
WasmSectionIterator, it moved it out of the ModuleDecoder into the
anonymous namespace. It now also gets a name for the string to be
parsed, for better error messages.

R=rossberg@chromium.org

Change-Id: I20b1ddb0bd1c7ada237d8303951073310fe1c714
Reviewed-on: https://chromium-review.googlesource.com/470207
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Rossberg <rossberg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44550}
2017-04-11 08:52:53 +00:00
yangguo
26e5d0129c [regexp] implement \p{Other_ID_Start} and \p{Other_ID_Continue}.
Other_ID_Start and Other_ID_Continue are not supported by ICU, so for
now we implement these manually as special binary property classes.

R=jgruber@chromium.org
BUG=v8:4743

Review-Url: https://codereview.chromium.org/2808803002
Cr-Commit-Position: refs/heads/master@{#44549}
2017-04-11 07:10:33 +00:00
Michael Achenbach
925212a1cf Revert "[ignition] Add call bytecodes for undefined receiver"
This reverts commit 751e893591.

Reason for revert: Breaks layout tests:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/14885

See:
https://github.com/v8/v8/wiki/Blink-layout-tests

Original change's description:
> [ignition] Add call bytecodes for undefined receiver
> 
> Adds a collection of call bytecodes which have an implicit undefined
> receiver argument, for cases such as global calls where we know that the
> receiver has to be undefined. This way we can skip an LdaUndefined,
> decrease bytecode register pressure, and set a more accurate
> ConvertReceiverMode on the interpreter and TurboFan call.
> 
> As a side effect, the "normal" Call bytecode now becomes a rare case
> (only with calls and super property calls), so we get rid of its 0-2
> argument special cases and modify CallProperty[N] to use the
> NotNullOrUndefined ConvertReceiverMode.
> 
> Change-Id: I9374a32fefd66fc0251b5193bae7a6b7dc31eefc
> Reviewed-on: https://chromium-review.googlesource.com/463287
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#44530}

TBR=rmcilroy@chromium.org,mstarzinger@chromium.org,leszeks@chromium.org,v8-reviews@googlegroups.com,v8-mips-ports@googlegroups.com,v8-ppc-ports@googlegroups.com,v8-x87-ports@googlegroups.com,bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Change-Id: I7629dec609d0ec938ce7105d6c1c74884e5f9272
Reviewed-on: https://chromium-review.googlesource.com/474744
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44548}
2017-04-11 06:47:01 +00:00
yangguo
7a8d20a79f [snapshot] encode resource before serializing.
Before serializing an external string for a native source, we replace
its resource field with the type and index of the native source. Upon
deserialization, we restore the resource.

This change also removes the native source caches with a more straight-
forward mechanism to find the resource type and index.

R=ulan@chromium.org

Review-Url: https://codereview.chromium.org/2807023003
Cr-Commit-Position: refs/heads/master@{#44545}
2017-04-11 05:46:46 +00:00
Caitlin Potter
b086856f0a [prettyprinter] improve call-printing of GetIterator nodes
Fix error message printed by Runtime_ThrowCalledNonCallable.

As noted on the bug, this has a slight problem in that it will always
print that "asyncIterator" was not callable for GetIterator with an
async IteratorType, though it may be referring to a different call.
This issue is present regardless of the change I introduced to perform
this desugaring in the BytecodeGenerator.

BUG=v8:6187
R=adamk@chromium.org, verwaest@chromium.org

Change-Id: I2077b7cd5976d9d9ba044f0dff44ee8c312d1263
Reviewed-on: https://chromium-review.googlesource.com/470806
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#44543}
2017-04-11 01:53:49 +00:00
aseemgarg
14be6ae5e1 [Atomics] use TFJ builtins for atomic add, sub, and, or, and xor
BUG=v8:4614
R=binji@chromium.org,jarin@chromium.org

Review-Url: https://codereview.chromium.org/2799863002
Cr-Commit-Position: refs/heads/master@{#44542}
2017-04-11 00:09:37 +00:00
bbudge
dbfc030057 [WASM SIMD] Implement packing and unpacking integer conversions.
- Adds WASM opcodes I32x4SConvertI16x8Low, I32x4SConvertI16x8High,
  I32x4UConvertI16x8Low, I32x4UConvertI16x8High, which unpack half of
  an I16x8 register into a whole I32x4 register, with signed or unsigned
  extension. Having separate Low/High opcodes works around the difficulty
  of having multiple output registers, which would be necessary if we unpacked
  the entire I16x8 register.

- Adds WASM opcodes I16x8SConvertI8x16Low, I16x8SConvertI8x16High,
  I16x8UConvertI8x16Low, I16x8UConvertI8x16High, similarly to above.

- Adds WASM opcodes I16x8SConvertI32x4, I16x8UConvertI32x4,
  I8x16SConvert16x8, I8x16UConvertI16x8, which pack two source registers
  into a single destination register with signed or unsigned saturation. These
  could have been separated into half operations, but this is simpler to
  implement with SSE, AVX, and is acceptable on ARM. It also avoids adding
  operations that only modify half of their destination register.

- Implements these opcodes for ARM.

LOG=N
BUG=v8:6020

Review-Url: https://codereview.chromium.org/2800523002
Cr-Commit-Position: refs/heads/master@{#44541}
2017-04-10 23:07:30 +00:00
bbudge
5f7e633113 [ARM] Implement D-register versions of vzip, vuzp, and vtrn.
LOG=N
BUG=v8:6020

Review-Url: https://codereview.chromium.org/2797923006
Cr-Original-Commit-Position: refs/heads/master@{#44536}
Committed: 6588187ae3
Review-Url: https://codereview.chromium.org/2797923006
Cr-Commit-Position: refs/heads/master@{#44540}
2017-04-10 21:41:02 +00:00
bbudge
0ce8543e76 Revert of [ARM] Implement D-register versions of vzip, vuzp, and vtrn. (patchset #4 id:60001 of https://codereview.chromium.org/2797923006/ )
Reason for revert:
Breaks:
http://builders/V8%20Arm%20-%20debug/builds/2751

Original issue's description:
> [ARM] Implement D-register versions of vzip, vuzp, and vtrn.
>
> LOG=N
> BUG=v8:6020
>
> Review-Url: https://codereview.chromium.org/2797923006
> Cr-Commit-Position: refs/heads/master@{#44536}
> Committed: 6588187ae3

TBR=martyn.capewell@arm.com,bmeurer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:6020

Review-Url: https://codereview.chromium.org/2810703003
Cr-Commit-Position: refs/heads/master@{#44537}
2017-04-10 20:00:16 +00:00
bbudge
6588187ae3 [ARM] Implement D-register versions of vzip, vuzp, and vtrn.
LOG=N
BUG=v8:6020

Review-Url: https://codereview.chromium.org/2797923006
Cr-Commit-Position: refs/heads/master@{#44536}
2017-04-10 17:56:44 +00:00
Peter Marshall
e00dd8ebe1 [runtime] Filter out non-JSObject prototypes when eliding iteration.
We assumed that every JSArray would have a JSObject as a prototype,
but it could be null, in which case we bail out to slow path.

Also rename spread_array variable here, because this fast-path
isn't just used by spreads anymore.

Bug: chromium:707675
Change-Id: I8045d83977735dd00c3ebde2e0704f6b04afdedd
Reviewed-on: https://chromium-review.googlesource.com/472907
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44531}
2017-04-10 15:37:11 +00:00
Leszek Swirski
751e893591 [ignition] Add call bytecodes for undefined receiver
Adds a collection of call bytecodes which have an implicit undefined
receiver argument, for cases such as global calls where we know that the
receiver has to be undefined. This way we can skip an LdaUndefined,
decrease bytecode register pressure, and set a more accurate
ConvertReceiverMode on the interpreter and TurboFan call.

As a side effect, the "normal" Call bytecode now becomes a rare case
(only with calls and super property calls), so we get rid of its 0-2
argument special cases and modify CallProperty[N] to use the
NotNullOrUndefined ConvertReceiverMode.

Change-Id: I9374a32fefd66fc0251b5193bae7a6b7dc31eefc
Reviewed-on: https://chromium-review.googlesource.com/463287
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44530}
2017-04-10 15:30:11 +00:00
jgruber
db61537afc [regexp] Avoid side effects between map load and fast path check
Loading the map, performing a side-effect, and then using the stored
pointer for the fast-path check is another antipattern that can lead to
unintended shapes on the fast path.

BUG=chromium:709029

Review-Url: https://codereview.chromium.org/2807153002
Cr-Commit-Position: refs/heads/master@{#44528}
2017-04-10 14:57:55 +00:00
ulan
3477957ecd [heap] Start concurrent marking simultaneously with incremental marking.
This patch hooks up concurrent marking (behind the flag) with the rest
of the GC:
1. Incremental marking spawns concurrent marking task seeded with the
root set.
2. Mark-compact waits for concurrent marking tasks to finish.
3. Scavenger does fast promotion if concurrent marking is pending.

BUG=chromium:694255

Review-Url: https://codereview.chromium.org/2735803005
Cr-Commit-Position: refs/heads/master@{#44526}
2017-04-10 14:22:31 +00:00
mtrofin
85b1f108c5 Fixed accounting issues due to code table containing imports as well as wasm funcs.
Ensuring we move forward all the deferred handles, in all cases.

BUG=

Review-Url: https://codereview.chromium.org/2807013002
Cr-Commit-Position: refs/heads/master@{#44525}
2017-04-10 14:03:59 +00:00
Andreas Haas
72d5f3848e Terminate the decoding loop more gracefully.
The decoder has the assumption that it always holds that pc <= end.
However, in the FunctionBodyDecoder, end was set to start to terminate
the decoding loop. Thereby the assumption was violated, which caused a
crash. I set end to pc now to end the decoding loop, which preserves
the assumption and terminates the loop.

BUG=chromium:709741
TEST=unittests/FunctionBodyDecoderTest.Regression709741
R=clemensh@chromium.org

Change-Id: I5bfd61bdc4809fc16f12ca8611876c66a79aaa36
Reviewed-on: https://chromium-review.googlesource.com/472723
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44524}
2017-04-10 14:02:42 +00:00
Clemens Hammacher
88e169dc62 [wasm] Stop decoding sections once an error occured
We went on decoding the next section, which happened to be the start
section. But since the function section had an error, the signature
pointer was not still {nullptr} on the start function, leading to a
segfault.

Drive-by fix: Improve decoder trace output.

R=ahaas@chromium.org
BUG=chromium:708714, chromium:708787

Change-Id: I5ae2adb32764b9d154f1ca878019f26ac31839b4
Reviewed-on: https://chromium-review.googlesource.com/472847
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44521}
2017-04-10 13:00:50 +00:00
Camillo Bruni
186bfbb1b9 [runtime] Fix TypedArray slice when sharing the underlying buffer
According to the spec the copy step is defined iteratively and with
@@species we can create a TypedArray which shares the buffer with the
receiver which in turn prevents us from using memcpy.

Bug: v8:6223

Change-Id: If1bad085ea1d022bf3fb2cffc81645b2f7f56346
Reviewed-on: https://chromium-review.googlesource.com/471409
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44520}
2017-04-10 12:57:21 +00:00
Clemens Hammacher
d50ebde72d [wasm] Refactor wasm::Result type
- Store std::string instead of std::unique_ptr<char[]> for the error
  message.
- Remove ErrorCode, which was just kSuccess and kError anyway. Error is
  now detected on whether error_msg_ is empty or not.
- Refactor constructors for perfect forwarding; this will allow us to
  implement Result<std::unique_ptr<X*>>.
- Refactor Decoder::toResult for perfect forwarding.
- Remove output operators (operator<<) for Result; it was only used in
  the error case anyway. Print error message directly instead.
  The operator was problematic since it assumed the existence of an
  output operator for every T which is used in Result<T>.
- Remove ModuleError and FunctionError, introduce general static
  Result<T>::Error method instead.

R=ahaas@chromium.org

Change-Id: I1e0f602a61ee9780fee2a3ed33147d431fb092ba
Reviewed-on: https://chromium-review.googlesource.com/472748
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44518}
2017-04-10 12:26:51 +00:00
Marja Hölttä
930174c25c [parser] Skipping inner funcs: Fix untrue DCHECK.
The DCHECK added by https://chromium-review.googlesource.com/461827 was not true
in case we failed to compile the function.

BUG=chromium:708598

Change-Id: I6a542c3ac6281c0549396b4ff0af34ea44450006
Reviewed-on: https://chromium-review.googlesource.com/472826
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44513}
2017-04-10 11:03:30 +00:00
yangguo
582921454d [regexp] add more tests for binary property classes.
R=jgruber@chromium.org
BUG=v8:4743

Review-Url: https://codereview.chromium.org/2803693006
Cr-Commit-Position: refs/heads/master@{#44512}
2017-04-10 10:19:01 +00:00
Ross McIlroy
496864f8af Reland: [Interpreter] Move BinaryOp Smi transformation into BytecodeGenerator.""
This relands commit d3e9aade0f. The original CL was reverted speculatively but didn't cause the buildbot failure.

Original change's description:
> [Interpreter] Move BinaryOp Smi transformation into BytecodeGenerator.
> 
> Perform the transformation to <BinaryOp>Smi for Binary ops which take Smi
> literals in the BytecodeGenerator. This enables us to perform the
> transformation for literals on either side for commutative operations, and
> Avoids having to do the check on every bytecode in the peephole optimizer.
> 
> In the process, adds Smi bytecode variants for all binary operations, adding
>  - MulSmi
>  - DivSmi
>  - ModSmi
>  - BitwiseXorSmi
>  - ShiftRightLogical
> 
> BUG=v8:6194
> 
> Change-Id: If1484252f5385c16957004b9cac8bfbb1f209219
> Reviewed-on: https://chromium-review.googlesource.com/466246
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#44477}

TBR=rmcilroy@chromium.org,machenbach@chromium.org,yangguo@chromium.org,mstarzinger@chromium.org,mythria@chromium.org,v8-reviews@googlegroups.com,ishell@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
BUG=v8:6194

Change-Id: I2ccaefa1ce58d3885f5c2648755985c06f25c1d8
Reviewed-on: https://chromium-review.googlesource.com/472746
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44511}
2017-04-10 09:58:18 +00:00
Andreas Haas
e313bc1731 [wasm] Refactor the Result object
Instead of storing {start} and {error_pc} we now store the
{error_offset}, which is anyways the only value we use.

R=clemensh@chromium.org

Change-Id: Ifd9791eff5c9efce2e7e2a1989bf3b5eaa464a02
Reviewed-on: https://chromium-review.googlesource.com/471527
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44510}
2017-04-10 09:50:19 +00:00
Wiktor Garbacz
c8bc0cac8d [compiler-dispatcher] Just parse functions without SFI.
This is inital work in order to utilize CompilerDispatcher in parallel
parsing.

BUG=v8:6093

Change-Id: I6aae4f32ddb2314585d09039c1c5d7e658dc896f
Reviewed-on: https://chromium-review.googlesource.com/469709
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Wiktor Garbacz <wiktorg@google.com>
Cr-Commit-Position: refs/heads/master@{#44509}
2017-04-10 09:29:50 +00:00
Peter Marshall
cc75535dc9 [runtime] Fix spec bug in TypedArrayConstruct with mutating iterables.
The spec requires that we use IterableToList, which we skipped for
some arrays as an optimization. We can't skip this for arrays with
objects though, because the objects may mutate the array during
the copying step via valueOf side effects.

Also clean up the implementation to use a runtime function rather
than a builtin as the helper. Also reverses the result of the helper
because I think it is a bit more intuitive that way.

Bug: v8:6224
Change-Id: I9199491abede4479785df6d9068331bc2d6e9c5e
Reviewed-on: https://chromium-review.googlesource.com/471986
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44507}
2017-04-10 09:11:01 +00:00
Michael Starzinger
f764f432c3 [asm.js] Test and fix function table type checks.
R=clemensh@chromium.org
TEST=message/asm-table-mismatch-[def|use]
BUG=v8:6202

Change-Id: I3e87f84591bedbda6366883a850dced149db0c8a
Reviewed-on: https://chromium-review.googlesource.com/471666
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44506}
2017-04-10 08:47:34 +00:00
binji
03e260cb2a [SAB] Fix {newtarget-prototype-is-not-object,proto-from-ctor-realm} tests
This revealed a bug in the TypedArray(typedArray) constructor when the arg is backed by a SharedArrayBuffer.

Also install the species getter and add a test, since it's not tested in
test262 presently.

BUG=v8:5983,v8:5984
R=adamk@chromium.org

Review-Url: https://codereview.chromium.org/2798403004
Cr-Commit-Position: refs/heads/master@{#44500}
2017-04-08 20:13:45 +00:00
Daniel Ehrenberg
dff88c86f6 test262 roll
Includes a drive-by fix to a couple of superficial Intl changes

With this roll, test262 starts to look at test262 feature
flags to determine which harmony flags to turn on. There's
still more to do, including adding feature flags to existing
upstream tests and taking advantage of more flags here.


Change-Id: I9cb813e0450be9dc7769ac9c601092bd3572556f
Reviewed-on: https://chromium-review.googlesource.com/471546
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Daniel Ehrenberg <littledan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44495}
2017-04-07 20:02:20 +00:00
Clemens Hammacher
1a73f73b3b [wasm] Implement extensible name section
The format of the name section changed recently. It now contains
subsections of different type (currently for function names or local
variable names).
This CL changes our internal wasm module builders (in JS and C++) to
emit this new format, and changes the decoder to understand it.
We currently only parse the function name section, and ignore names of
local variables. I will later extend this to parse local variable names
when needed for debugging.

R=ahaas@chromium.org, rossberg@chromium.org
BUG=v8:6222

Change-Id: I2627160c25c9209a3f09abe0b88941ec48b24434
Reviewed-on: https://chromium-review.googlesource.com/470247
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Rossberg <rossberg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44492}
2017-04-07 16:31:47 +00:00
jkummerow
5f9af1e7b5 Reland "[snapshot] Move builtins generation into mksnapshot"
and out of the main library. This saves about 5% of binary size
(800KB on x64, 373KB on android_arm).

Only the GN build is supported; the GYP build is maintained working
but does not support the feature.

Previously landed as 4782bc0df8 / r44412.

BUG=v8:6055
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_nosnap_rel;

Review-Url: https://codereview.chromium.org/2760233005
Cr-Commit-Position: refs/heads/master@{#44489}
2017-04-07 13:31:29 +00:00
Michael Achenbach
084471ce6b Revert "[Interpreter] Move BinaryOp Smi transformation into BytecodeGenerator."
This reverts commit d3e9aade0f.

Reason for revert: Speculative for:
https://build.chromium.org/p/client.v8.ports/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20nosnap%20-%20debug/builds/4449

Bisect points to this CL.

Original change's description:
> [Interpreter] Move BinaryOp Smi transformation into BytecodeGenerator.
> 
> Perform the transformation to <BinaryOp>Smi for Binary ops which take Smi
> literals in the BytecodeGenerator. This enables us to perform the
> transformation for literals on either side for commutative operations, and
> Avoids having to do the check on every bytecode in the peephole optimizer.
> 
> In the process, adds Smi bytecode variants for all binary operations, adding
>  - MulSmi
>  - DivSmi
>  - ModSmi
>  - BitwiseXorSmi
>  - ShiftRightLogical
> 
> BUG=v8:6194
> 
> Change-Id: If1484252f5385c16957004b9cac8bfbb1f209219
> Reviewed-on: https://chromium-review.googlesource.com/466246
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#44477}

TBR=rmcilroy@chromium.org,yangguo@chromium.org,mstarzinger@chromium.org,mythria@chromium.org,ishell@chromium.org,v8-reviews@googlegroups.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:6194

Change-Id: If57dbdbe40be77804bf437463b855d3167e2d473
Reviewed-on: https://chromium-review.googlesource.com/471308
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44488}
2017-04-07 13:17:52 +00:00
jgruber
52a53da5a4 [csa] Fix CSA::ToUint32 rounding for negative HeapNumbers
The spec requires truncation while ToUint32 originally rounded down.
This also adds a bunch of test cases to check edge case behavior.

BUG=v8:6212

Review-Url: https://codereview.chromium.org/2805783003
Cr-Commit-Position: refs/heads/master@{#44487}
2017-04-07 12:50:15 +00:00
Michael Starzinger
82e3c3ee35 [asm.js] Test and fix function type checking.
R=ahaas@chromium.org
TEST=message/asm-function-mismatch-def
BUG=v8:6208

Change-Id: I415281d63bb376da3220ba31bbdf0b3d60e03299
Reviewed-on: https://chromium-review.googlesource.com/469947
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44482}
2017-04-07 12:10:45 +00:00
Ross McIlroy
8dc308d0a8 [Interpreter] Remove nop elision from peephole and be smarter about emitting nops.
Rather than doing nop elision in the peephole optimizer, be smarter about
emitting nops for elided register transfers in the bytecode optimizer.

BUG=v8:6194

Change-Id: Ib1a7168a0d143e4f2da7c6d43080998793c30822
Reviewed-on: https://chromium-review.googlesource.com/468929
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44479}
2017-04-07 10:57:26 +00:00
Ross McIlroy
d3e9aade0f [Interpreter] Move BinaryOp Smi transformation into BytecodeGenerator.
Perform the transformation to <BinaryOp>Smi for Binary ops which take Smi
literals in the BytecodeGenerator. This enables us to perform the
transformation for literals on either side for commutative operations, and
Avoids having to do the check on every bytecode in the peephole optimizer.

In the process, adds Smi bytecode variants for all binary operations, adding
 - MulSmi
 - DivSmi
 - ModSmi
 - BitwiseXorSmi
 - ShiftRightLogical

BUG=v8:6194

Change-Id: If1484252f5385c16957004b9cac8bfbb1f209219
Reviewed-on: https://chromium-review.googlesource.com/466246
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44477}
2017-04-07 09:44:57 +00:00
Michael Starzinger
d43cebe7b5 [asm.js] Test and fix function name collisions.
R=ahaas@chromium.org
TEST=message/asm-function-variable-collision
BUG=v8:6127

Change-Id: I75658f0bf58a8b3de5eb42f4f054476f8d2c139b
Reviewed-on: https://chromium-review.googlesource.com/469651
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44475}
2017-04-07 09:03:11 +00:00
jgruber
f3b848fe5d [regexp] Updates for unicode escapes in capture names
Update docs and tests for recent changes in the spec for unicode escapes
in capture group names.

https://github.com/tc39/proposal-regexp-named-groups/issues/23

BUG=v8:5437

Review-Url: https://codereview.chromium.org/2788423003
Cr-Commit-Position: refs/heads/master@{#44474}
2017-04-07 08:57:42 +00:00
raphael.kubo.da.costa
5ec1cddcdd Expose %IteratorPrototype% as an intrinsic in the public API.
The WebIDL spec expects iterator objects from interfaces that declare pair
iterators to ultimately inherit from %IteratorPrototype%. Expose the
intrinsic object in the public API so we can use it in Blink's bindings
code.

BUG=chromium:689576
R=caitp@igalia.com,jkummerow@chromium.org,jochen@chromium.org

Review-Url: https://codereview.chromium.org/2784543004
Cr-Commit-Position: refs/heads/master@{#44472}
2017-04-07 08:33:57 +00:00
jgruber
1329d15e99 [regexp] Throw on invalid capture group names in replacer string
References to invalid names (i.e. not specified as a named group in the
pattern) throw a SyntaxError. Unmatched groups are still replaced by the
empty string.

See https://github.com/tc39/proposal-regexp-named-groups/issues/14.

BUG=v8:5437

Review-Url: https://codereview.chromium.org/2791183002
Cr-Commit-Position: refs/heads/master@{#44471}
2017-04-07 08:32:46 +00:00
jarin
e97b29a4c5 [turbofan] Add type to the allocation operator.
This gives us more precise type information, so we can avoid some type
guards to refine the type information back.

The motivation for this is to help escape analysis by not introducing
redundant type guards (which escape analysis cannot handle yet even
though it could and should do).

Motivating example:

In the example below, the out-of-object property array for properties
fld5 and fld6 gets type Any when it is created by "o.fld5 = 5" (for
object literals, we store 4 properties in-objeca, the rest goes out
of object).

When we run load elimination for the load the out-of-object property
array (to store 6 into o.fld6), load elimination inserts TypeGuard to
enforce the Type::Internal() type. This makes escape analysis bail out
on this object, and we do not eliminate the object creation.

function f() {
  var o = {};
  o.fld1 = 1;
  o.fld2 = 2;
  o.fld3 = 3;
  o.fld4 = 4;
  o.fld5 = 5;
  o.fld6 = 6;
}

f();
f();
%OptimizeFunctionOnNextCall(f);
f();

Review-Url: https://codereview.chromium.org/2797993006
Cr-Commit-Position: refs/heads/master@{#44470}
2017-04-07 08:32:12 +00:00
jgruber
fae3f6bf44 Revert of [profiler] reduce incorrectly unaccounted ticks. (patchset #4 id:60001 of https://codereview.chromium.org/2799603005/ )
Reason for revert:
https://build.chromium.org/p/client.v8/builders/V8%20Win32%20-%20debug/builds/8247/steps/Check%20%28flakes%29/logs/CollectOptimizedTople..

Original issue's description:
> [profiler] reduce incorrectly unaccounted ticks.
>
> No longer invalidate the tick sample if there is no JS frame or only one
> non-interpreted JS frame on the stack.
>
> R=jarin@chromium.org
>
> Review-Url: https://codereview.chromium.org/2799603005
> Cr-Commit-Position: refs/heads/master@{#44465}
> Committed: 57bef9a1e2

TBR=jarin@chromium.org,cbruni@chromium.org,yangguo@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review-Url: https://codereview.chromium.org/2804593005
Cr-Commit-Position: refs/heads/master@{#44469}
2017-04-07 08:23:42 +00:00
jgruber
4498419438 [regexp] Add tests for recent changes in Annex B
See https://github.com/tc39/ecma262/pull/303.

BUG=v8:5937,v8:6201

Review-Url: https://codereview.chromium.org/2793313002
Cr-Commit-Position: refs/heads/master@{#44467}
2017-04-07 07:52:10 +00:00
jgruber
a8651c5671 [regexp] Support unicode capture names in non-unicode patterns
This ensures that capture names containing surrogate pairs are parsed
correctly even in non-unicode RegExp patterns by introducing a new
scanning mode which unconditionally combines surrogate pairs.

BUG=v8:5437,v8:6192

Review-Url: https://codereview.chromium.org/2791163003
Cr-Commit-Position: refs/heads/master@{#44466}
2017-04-07 07:34:10 +00:00
yangguo
57bef9a1e2 [profiler] reduce incorrectly unaccounted ticks.
No longer invalidate the tick sample if there is no JS frame or only one
non-interpreted JS frame on the stack.

R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2799603005
Cr-Commit-Position: refs/heads/master@{#44465}
2017-04-07 05:00:13 +00:00
jgruber
ed5496f3cd [regexp] Properly handle HeapNumbers in AdvanceStringIndex
This fixes behavior for HeapNumber {index} arguments passed to
AdvanceStringIndex.

Previously, we'd blindly treat {index} as a Smi. Passing a HeapNumber instead
would result in a Smi addition on the tagged HeapNumber pointer.

BUG=chromium:709015

Review-Url: https://codereview.chromium.org/2798933003
Cr-Commit-Position: refs/heads/master@{#44458}
2017-04-06 18:43:09 +00:00
Peter Marshall
4f03ccdfcf [errors] Add the requested length to the TypedArray length error.
Why not?

Bug: v8:6215
Change-Id: I29f3731cbd0d03af6858eb475a1df8b8988cb89f
Reviewed-on: https://chromium-review.googlesource.com/469848
Reviewed-by: Franziska Hinkelmann <franzih@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44452}
2017-04-06 16:05:58 +00:00
jgruber
1ccf6c0943 [regexp] Fix two more possible shape changes on fast path
This CL fixes two more cases in which a regexp could unintentionally transition
to slow mode while on the fast path, leading to possible OOB accesses of
lastIndex.

In both cases, the fix is to re-check the shape and possibly bail to runtime.

BUG=chromium:708247,v8:6210

Review-Url: https://codereview.chromium.org/2803603005
Cr-Commit-Position: refs/heads/master@{#44451}
2017-04-06 15:52:21 +00:00
mlippautz
2db171c2ba [heap] Fix page promotions tests
Drive-by: Fix some getters.

BUG=chromium:651354

Review-Url: https://codereview.chromium.org/2798333002
Cr-Commit-Position: refs/heads/master@{#44449}
2017-04-06 15:20:39 +00:00
Clemens Hammacher
95c5c76fe3 [wasm] [fuzzer] Bound the number of steps to execute
To avoid running infinitely or hitting the stack size limit, bound the
number of steps to execute in the interpreter to 16k.

R=ahaas@chromium.org
BUG=chromium:708457

Change-Id: Ib101bbbc06627641dae2fd1cd1a8d950aa504eaf
Reviewed-on: https://chromium-review.googlesource.com/469609
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44446}
2017-04-06 14:20:18 +00:00
domenic
0d25fee308 Add isPromise V8 extras util
This is used by streams in
https://streams.spec.whatwg.org/commit-snapshots/1375e266b2fe8246bd95cb9d8a49876ba9359dc9/#rs-pipe-through

This also fixes an omission in a6e635d692
that did not properly update the
%OptimizeObjectForAddingMultipleProperties call in prologue.js.

BUG=chromium:668951
R=gsathya@chromium.org,littledan@chromium.org

Review-Url: https://codereview.chromium.org/2796243002
Cr-Commit-Position: refs/heads/master@{#44442}
2017-04-06 13:16:35 +00:00
bmeurer
dd7ce93ce0 [turbofan] Collect and use type feedback on ToNumber.
Make Ignition collect BinaryOperationFeedback on ToNumber, using the
shared type feedback slot with the following Inc/Dec bytecode, and use
this feedback in TurboFan to turn the ToNumber(x) operation into a
SpeculativeNumberMultiply(x,1) with the feedback hint.

R=jarin@chromium.org, mstarzinger@chromium.org, rmcilroy@chromium.org
BUG=v8:6214,v8:5267

Review-Url: https://codereview.chromium.org/2804813003
Cr-Commit-Position: refs/heads/master@{#44440}
2017-04-06 11:54:44 +00:00
Camillo Bruni
98d1d4ec9b [tests] Introduce %HeapObjectVerify runtime function for tests
Bug: v8/6024
Change-Id: Iff8a1b7a75e9f8f18ac24f31a5275e91aa16a272
Reviewed-on: https://chromium-review.googlesource.com/469347
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44439}
2017-04-06 11:16:43 +00:00
rossberg
0344b73e66 [wasm] Fix typing of loop labels in br_table
R=ahaas@chromium.org
BUG=v8:6204

Review-Url: https://codereview.chromium.org/2799753003
Cr-Commit-Position: refs/heads/master@{#44435}
2017-04-06 10:25:55 +00:00
Andreas Haas
22615158ed Reland [wasm] Make WebAssembly.compile() asynchronous
The following aspects were changed for the reland:

* The DeferredHandleScope is supposed with a specific pattern,
  i.e. allocate handles in a normal HandleScope and then 
  reopen them in the DeferredHandleScope.
* Set the native_context when it is used in a task.

Change-Id: Ia42c46ec6bc73179cb1f458e36658414ff85cc23
Reviewed-on: https://chromium-review.googlesource.com/468809
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44434}
2017-04-06 10:13:08 +00:00
machenbach
e4bb01b760 Revert of [inspector] move console to builtins (patchset #9 id:180001 of https://codereview.chromium.org/2785293002/ )
Reason for revert:
Seems to block roll:
https://codereview.chromium.org/2801013002/

See also:
https://build.chromium.org/p/client.v8.fyi/builders/Linux%20Tests%20%28dbg%29%281%29/builds/2731

Original issue's description:
> [inspector] move console to builtins
>
> What will we get:
> - console would be included into snapshot and allow us to reduce time that we spent in contextCreated function (~5 times faster),
> - it allows us to make further small improvement of console methods, e.g. we can implement super quick return from console.assert if first argument is true,
> - console calls are ~ 15% faster.
>
> BUG=v8:6175
> R=dgozman@chromium.org
>
> Review-Url: https://codereview.chromium.org/2785293002
> Cr-Original-Original-Commit-Position: refs/heads/master@{#44353}
> Committed: 55905f85d6
> Review-Url: https://codereview.chromium.org/2785293002
> Cr-Original-Commit-Position: refs/heads/master@{#44355}
> Committed: cc74ea0bc4
> Review-Url: https://codereview.chromium.org/2785293002
> Cr-Commit-Position: refs/heads/master@{#44416}
> Committed: f5dc738cda

TBR=dgozman@chromium.org,kozyatinskiy@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:6175

Review-Url: https://codereview.chromium.org/2801023003
Cr-Commit-Position: refs/heads/master@{#44429}
2017-04-06 08:38:14 +00:00
jgruber
ae45935646 [regexp] Ensure there are no shape changes on the fast path
BUG=v8:5437,chromium:708247

Review-Url: https://codereview.chromium.org/2797993002
Cr-Commit-Position: refs/heads/master@{#44428}
2017-04-06 08:12:56 +00:00
Ross McIlroy
108e96a4fc [Interpreter] Move ToName elision into BytecodeGenerator.
Moves the ToName elision out of the peephole optimizer and into the
BytecodeGenerator.

BUG=v8:6194

Change-Id: Ic355adbe21f967dc5d52babdd37100a260c62c26
Reviewed-on: https://chromium-review.googlesource.com/467466
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44427}
2017-04-06 08:01:02 +00:00
kozyatinskiy
ba9fc3d7bc Revert of [snapshot] Move builtins generation into mksnapshot (patchset #8 id:160001 of https://codereview.chromium.org/2760233005/ )
Reason for revert:
I think that this CL breaks chromium compilation on windows with clang (). All other CLs in the list looks trivial and don't change test/unittest/BUILD.gn.

[42456/47924] CXX obj/v8/test/unittests/unittests/value-serializer-unittest.obj
[42457/47924] LINK unittests.exe unittests.exe.pdb
FAILED: unittests.exe unittests.exe.pdb
E:/b/depot_tools/python276_bin/python.exe ../../build/toolchain/win/tool_wrapper.py link-wrapper environment.x64 False link.exe /nologo /OUT:./unittests.exe /PDB:./unittests.exe.pdb @./unittests.exe.rsp
bitmap-unittest.obj : error LNK2019: unresolved external symbol "public: void __cdecl v8::internal::List<class v8::internal::AllocationObserver *,class v8::internal::FreeStoreAllocationPolicy>::Add(class v8::internal::AllocationObserver * const &,class v8::internal::FreeStoreAllocationPolicy)" (?Add@?$List@PEAVAllocationObserver@internal@v8@@VFreeStoreAllocationPolicy@23@@internal@v8@@QEAAXAEBQEAVAllocationObserver@23@VFreeStoreAllocationPolicy@23@@Z) referenced in function "public: virtual void __cdecl v8::internal::Space::AddAllocationObserver(class v8::internal::AllocationObserver *)" (?AddAllocationObserver@Space@internal@v8@@UEAAXPEAVAllocationObserver@23@@Z)

slot-set-unittest.obj : error LNK2001: unresolved external symbol "public: void __cdecl v8::internal::List<class v8::internal::AllocationObserver *,class v8::internal::FreeStoreAllocationPolicy>::Add(class v8::internal::AllocationObserver * const &,class v8::internal::FreeStoreAllocationPolicy)" (?Add@?$List@PEAVAllocationObserver@internal@v8@@VFreeStoreAllocationPolicy@23@@internal@v8@@QEAAXAEBQEAVAllocationObserver@23@VFreeStoreAllocationPolicy@23@@Z)

bitmap-unittest.obj : error LNK2019: unresolved external symbol "public: bool __cdecl v8::internal::List<class v8::internal::AllocationObserver *,class v8::internal::FreeStoreAllocationPolicy>::RemoveElement(class v8::internal::AllocationObserver * const &)" (?RemoveElement@?$List@PEAVAllocationObserver@internal@v8@@VFreeStoreAllocationPolicy@23@@internal@v8@@QEAA_NAEBQEAVAllocationObserver@23@@Z) referenced in function "public: virtual void __cdecl v8::internal::Space::RemoveAllocationObserver(class v8::internal::AllocationObserver *)" (?RemoveAllocationObserver@Space@internal@v8@@UEAAXPEAVAllocationObserver@23@@Z)

slot-set-unittest.obj : error LNK2001: unresolved external symbol "public: bool __cdecl v8::internal::List<class v8::internal::AllocationObserver *,class v8::internal::FreeStoreAllocationPolicy>::RemoveElement(class v8::internal::AllocationObserver * const &)" (?RemoveElement@?$List@PEAVAllocationObserver@internal@v8@@VFreeStoreAllocationPolicy@23@@internal@v8@@QEAA_NAEBQEAVAllocationObserver@23@@Z)

./unittests.exe : fatal error LNK1120: 2 unresolved externals

Original issue's description:
> [snapshot] Move builtins generation into mksnapshot
>
> and out of the main library. This saves about 5% of binary size
> (800KB on x64, 373KB on android_arm).
>
> Only the GN build is supported; the GYP build is maintained working
> but does not support the feature.
>
> BUG=v8:6055
> CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_nosnap_rel;
>
> Review-Url: https://codereview.chromium.org/2760233005
> Cr-Commit-Position: refs/heads/master@{#44412}
> Committed: 4782bc0df8

TBR=jgruber@chromium.org,rmcilroy@chromium.org,machenbach@chromium.org,jkummerow@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:6055

Review-Url: https://codereview.chromium.org/2803903002
Cr-Commit-Position: refs/heads/master@{#44422}
2017-04-05 23:53:11 +00:00
Michael Achenbach
d96fbee9aa [build] Remove remaining disable-inspector options in GN
Bug: chromium:645890
Change-Id: I9856712ca8694b3447a611c3555c42145f449b11
Reviewed-on: https://chromium-review.googlesource.com/464726
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44417}
2017-04-05 17:59:07 +00:00
kozyatinskiy
f5dc738cda [inspector] move console to builtins
What will we get:
- console would be included into snapshot and allow us to reduce time that we spent in contextCreated function (~5 times faster),
- it allows us to make further small improvement of console methods, e.g. we can implement super quick return from console.assert if first argument is true,
- console calls are ~ 15% faster.

BUG=v8:6175
R=dgozman@chromium.org

Review-Url: https://codereview.chromium.org/2785293002
Cr-Original-Original-Commit-Position: refs/heads/master@{#44353}
Committed: 55905f85d6
Review-Url: https://codereview.chromium.org/2785293002
Cr-Original-Commit-Position: refs/heads/master@{#44355}
Committed: cc74ea0bc4
Review-Url: https://codereview.chromium.org/2785293002
Cr-Commit-Position: refs/heads/master@{#44416}
2017-04-05 16:55:19 +00:00
Ross McIlroy
7bedd1111d [Interpreter] Move ToBoolean elision in BytecodeGenerator.
Move the ToBoolean elision in the BytecodeGenerator instead of the
peephole optimizer. Adds a TypeHint mechanism to the ExpressionResult
to enable passing of type hints through the ast visitor.

BUG=v8:6194

Change-Id: Ic55506ba11b213f7459250004d3f18cab04ee9b3
Reviewed-on: https://chromium-review.googlesource.com/467208
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44415}
2017-04-05 16:51:28 +00:00
Michael Starzinger
5e8eb624fa [asm.js] Prevent throwing of asm.js warning messages.
This fixes a corner case which allowed warnings during the asm.js
instantiation to be promoted to actual exceptions. Even instantiation
attempts that fail are not allowed to throw exceptions observable by
JavaScript, but need to fall back to JavaScript execution.

R=clemensh@chromium.org
TEST=mjsunit/regress/regress-6203
BUG=v8:6203

Change-Id: I86f5a3adda4bcfe63b5cddc42d8ae1c3dbb88147
Reviewed-on: https://chromium-review.googlesource.com/468808
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44414}
2017-04-05 14:41:52 +00:00
jkummerow
4782bc0df8 [snapshot] Move builtins generation into mksnapshot
and out of the main library. This saves about 5% of binary size
(800KB on x64, 373KB on android_arm).

Only the GN build is supported; the GYP build is maintained working
but does not support the feature.

BUG=v8:6055
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_nosnap_rel;

Review-Url: https://codereview.chromium.org/2760233005
Cr-Commit-Position: refs/heads/master@{#44412}
2017-04-05 13:28:48 +00:00
Wiktor Garbacz
4f8b76068d [compiler-dispatcher] Use an integer job id.
It enables jobs without a SharedFunctionInfo.

BUG=v8:6093

Change-Id: I70e226638fdb5b3a0634cc4437d128771c838eee
Reviewed-on: https://chromium-review.googlesource.com/468966
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Wiktor Garbacz <wiktorg@google.com>
Cr-Commit-Position: refs/heads/master@{#44411}
2017-04-05 12:50:11 +00:00
Michael Starzinger
42b179c4e5 [asm.js] Fix source positions of ToNumber conversions.
This extends the test coverage for source position tracking of ToNumber
conversion to also test conversion to "double" type. It also fixes the
discovered inconsistencies. Note that the conversion to "float" remains
untested as imported functions are not allowed have "float" return type.

R=clemensh@chromium.org
TEST=mjsunit/wasm/asm-wasm-exception-in-tonumber
BUG=v8:6127

Change-Id: I6c59b7a24456a585a814f19a86eb9447ac5098ab
Reviewed-on: https://chromium-review.googlesource.com/467251
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44409}
2017-04-05 12:34:55 +00:00
Clemens Hammacher
eeaceccbc6 [wasm] [decoder] Templatize decode function for unchecked decoding
In the C++ wasm interpreter, we decode LEB encoded immediates each time
we execute the respective instruction. The whole instruction sequence
was validated before, thus we know that all integers are valid.
This CL refactors several Decoder methods to allow for either checked
or unchecked decoding. In the checked case, an error is set if a check
fails, in the unchecked case, a DCHECK will fail.

This improves performance of the interpreter by 20.5%.

R=ahaas@chromium.org
BUG=v8:5822

Change-Id: If69efd4f6fbe19d84bfc2f4aa000f429a8e22bf5
Reviewed-on: https://chromium-review.googlesource.com/468786
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44406}
2017-04-05 11:14:32 +00:00