Commit Graph

53047 Commits

Author SHA1 Message Date
Sigurd Schneider
8a632f5c38 [mjsunit] Fix webkit/run-json-stringify in Debug mode again
Clang is known to use a lot of stack space for Debug builds, so
this patch lowers the recursion depth of that test.

Failing bot:

https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20full%20debug

First failing run:

https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20full%20debug/6606

Change-Id: Ib1da016b190fa0d9d7d38bced19f600a284c7f01
Reviewed-on: https://chromium-review.googlesource.com/c/1396079
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58555}
2019-01-04 15:53:38 +00:00
Peter Marshall
a0572f0bc7 [cpu-profiler] Reduce the size of inlining information
Previously we stored the source position table, which stored a mapping
of pc offsets to line numbers, and the inline_locations, which stored a
mapping of pc offsets to stacks of {CodeEntry, line_number} pairs. This
was slightly wasteful because we had two different tables which were
both keyed on the pc offset and contained some overlapping information.

This CL combines the two tables in a way. The source position table now
maps a pc offset to a pair of {line_number, inlining_id}. If the
inlining_id is valid, then it can be used to look up the inlining stack
which is stored in inline_locations, but is now keyed by inlining_id
rather than pc offset. This also has the nice effect of de-duplicating
inline stacks which we previously duplicated.

The new structure is similar to how this data is stored by the compiler,
except that we convert 'source positions' (char offset in a file) into
line numbers as we go, because we only care about attributing ticks to
a given line.

Also remove the helper RecordInliningInfo() as this is only actually
used to add inline stacks by one caller (where it is now inlined). The
other callers would always bail out or are only called from
test-cpu-profiler.

Remove AddInlineStack and replace it with SetInlineStacks which adds all
of the stacks at once. We need to do it this way because the source pos
table is passed into the constructor of CodeEntry, so we need to create
it before the CodeEntry, but the inline stacks are not (they are part of
rare_data which is not always present), so we need to add them after
construction. Given that we calculate both the source pos table and the
inline stacks before construction, it's just easier to add them all at
once.

Also add a print() method to CodeEntry to make future debugging easier
as I'm constantly rewriting this locally.

Bug: v8:8575, v8:7719, v8:7203

Change-Id: I39324d6ea13d116d5da5d0a0d243cae76a749c79
Reviewed-on: https://chromium-review.googlesource.com/c/1392195
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58554}
2019-01-04 15:05:55 +00:00
Sigurd Schneider
3346b8a38e [turbolizer] Improve TypeScript types
This CL adds more TypeScript types and inserts some instanceof checks to
ensure typing. The CL also selects es2018 as target and loads es6/es2018
libs for TypeScript types. This ensures that RegExp groups matching
results are properly typed.

Notry: true
Bug: v8:7327
Change-Id: I1a59a1047188a49579c975149b336cc232c05eef
Reviewed-on: https://chromium-review.googlesource.com/c/1396095
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58553}
2019-01-04 14:37:34 +00:00
Sigurd Schneider
ff3458cef1 [turbolizer] Enable TypeScript warning noUnusedLocals
...and fix all related issues.

Change-Id: I3bd37ae038b9ea7c4305600958c1ae20e67e0f1f
Notry: true
Bug: v8:7327
Reviewed-on: https://chromium-review.googlesource.com/c/1396092
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58552}
2019-01-04 14:30:14 +00:00
Sigurd Schneider
e75a97cd64 [turbolizer] Version bumps for dependencies
This CL updates TypeScript, rollup and d3 to newer versions.

Drive-bys:
 - Remove unused source file lang-disassembly.
 - Fix typing problem with FileReader callback

The rollup version update also ensures that watch mode works again:

  npm run-script watch

Change-Id: If852bc4287760017c185fbcb6dd9d2e36db36a04
Notry: true
Bug: v8:7327
Reviewed-on: https://chromium-review.googlesource.com/c/1396091
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58551}
2019-01-04 14:17:04 +00:00
Sigurd Schneider
f214b914cf [turbolizer] Various cleanups
- Move helper functions to utils
- Use let/const instead of var
- Fix display bug when schedule view was initially selected

Bug: v8:7327
Notry: true
Change-Id: I7caf3dd17b725a4553d035293716f452b9999ed8
Reviewed-on: https://chromium-review.googlesource.com/c/1396088
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58550}
2019-01-04 14:12:24 +00:00
Sigurd Schneider
b53dcfd5a6 [turbolizer] Split Graph class from GraphView
This CL splits out a Graph class from the GraphView, which improves
maintainability and is a first step towards preserving node positions
during phase view changes.

This CL also removes duplication of node storage on the graph and
provides a generator function instead. The only storage for nodes
in the graph is now the {nodeMap}.

Bug: v8:7327
Notry: true
Change-Id: I1659ecfe46f62a12d2fb3c40ccd6f4936f081b53
Reviewed-on: https://chromium-review.googlesource.com/c/1396087
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58549}
2019-01-04 13:36:43 +00:00
Sigurd Schneider
a53332fe35 [turbolizer] Improve handling of graph layout/redraw
This removes duplicate storage of edges in the graph view, thereby
reducing memory overhead.

Bug: v8:7327
Notry: true
Change-Id: I70df4bc102add8c89bc5145f01c0555b3e0a73d7
Reviewed-on: https://chromium-review.googlesource.com/c/1396085
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58548}
2019-01-04 13:15:23 +00:00
Clemens Hammacher
f5e1353f06 [wasm] Finish compilation units from background
"Finishing" currently only means decrementing a counter and notifying
users via the callback if baseline compilation or tier-up finished.
We can totally do this from background, if we spawn foreground tasks to
actually call the callback.

R=ahaas@chromium.org

Bug: v8:7921, v8:8423
Change-Id: I815964d07a4d9111248097c41ebbd650842304c3
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel
Reviewed-on: https://chromium-review.googlesource.com/c/1375662
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58547}
2019-01-04 12:25:31 +00:00
Mathias Bynens
40eb442783 [test] Fix expectations in WebKit JSON.stringify tests
The reference implementation used in the tests does not fully match
the spec, so for the diverging cases we need to explicitly specify
the correct expectation.

Every single change in this patch has been verified against every
major JavaScript engine using eshost + jsvu. All implementations
match the spec (and the V8 implementation), with the following two
exceptions:

- One expectation was wrong because of a JavaScriptCore bug (that
  is, we inherited the incorrect expectation when importing the
  tests from WebKit). A comment was added for that one.
- This work resulted in the discovery of bugs in Moddable/XS:
  https://github.com/Moddable-OpenSource/moddable/issues/112

Change-Id: I05d91d7acc5c8765e941fcd68c1086c2694c710c
Reviewed-on: https://chromium-review.googlesource.com/c/1396081
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58546}
2019-01-04 11:35:57 +00:00
Peter Marshall
af0428aca9 [cpu-profiler] Add source positions for inlined function calls
Currently in both kCallerLineNumbers and kLeafNodeLineNumbers modes, we
correctly capture inline stacks. In leaf number mode, this is simple as
we simply add the path onto the existing tree. For caller line numbers
mode this is more complex, because each path through various inlined
function should be represented in the tree, even when there are
multiple callsites to the same function inlined.

Currently we don't correctly show line numbers for inlined functions.
We do actually have this information though, which is generated by
turbofan and stored in the source_position_table data structure on the
code object.

This also changes the behavior of the SourcePositionTable class. A
problem we uncovered is that the PC that the sampler provides for every
frame except the leaf is the return address of the calling frame. This
address is *after* the call has already happened. It can be attributed
to the next line of the function, rather than the calling line, which
is wrong. We fix that here by using lower_bound in GetSourceLineNumber.

The same problem happens in GetInlineStack - the PC of the caller is
actually the instruction after the call. The information turbofan
generates assumes that the instruction after the call is not part of
the call (fair enough). To fix this we do the same thing as above - use
lower_bound and then iterate back by one.

TBR=alph@chromium.org

Bug: v8:8575, v8:8606
Change-Id: Idc4bd4bdc8fb70b70ecc1a77a1e3744a86f83483
Reviewed-on: https://chromium-review.googlesource.com/c/1374290
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58545}
2019-01-04 11:12:06 +00:00
Clemens Hammacher
3512fab37d Refactor lazily initialized singletons in simulators
Use the slimmer base::LeakyObject instead of base::LazyInstance.

R=tebbi@chromium.org

Bug: v8:8600
Change-Id: I71755db9fe3ea9c61be2cdf009a006947ef5560a
Reviewed-on: https://chromium-review.googlesource.com/c/1392203
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58544}
2019-01-04 10:49:26 +00:00
Predrag Rudic
aaec5fd51e MIPS: Fix broken build
Redefinition of GetHalfStackSlot after commit 5ea59597cf.

Change-Id: Ib2b1fe6bd130c6737a73ef55b09dc80f4cd9b3fb
Reviewed-on: https://chromium-review.googlesource.com/c/1396077
Reviewed-by: Sreten Kovacevic <skovacevic@wavecomp.com>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Predrag Rudic <prudic@wavecomp.com>
Cr-Commit-Position: refs/heads/master@{#58543}
2019-01-04 10:19:06 +00:00
Clemens Hammacher
5ed7dff356 [Liftoff][ia32] Fix i64 sign extension on non-byte register
The {movsx_b} instruction can only take byte registers (or operands) as
source. Ensure that for i8 sign extensions to i64, the src register is
moved to a temporary byte register first, similar to the same operation
on i32 a few lines above.

R=ahaas@chromium.org

Bug: chromium:918149, v8:6600
Change-Id: I17bc942127baee57279a7fc0caac9d82bd7c6bfb
Reviewed-on: https://chromium-review.googlesource.com/c/1394555
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58542}
2019-01-04 10:12:06 +00:00
Ross McIlroy
289452b06e [Test] Disable bytecode flushing in DecideToPretenureDuringCompilation.
The high GC stressing in this tests causes bytecode flushing which breaks some
invariants in the test.

BUG=v8:8629

Change-Id: I7efff098ed4fa96006c8200e174132a6297bd36f
Reviewed-on: https://chromium-review.googlesource.com/c/1394743
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58541}
2019-01-04 10:09:26 +00:00
Sigurd Schneider
5bcd6e1a60 [mjsunit] Disable test unsuitable for GC stress
regress-6989 uses assertOptimized and will hence fail randomly depending
on GC timing. This means we should not run it under GC stress.

This can be verified by running the test under GC stress and changing the
--gc-interval. It is easy to find values for which the test fails, and
values for which the test passes.

Change-Id: Ibd8bfbc1712ad60830255e4d89ea795023134891
Reviewed-on: https://chromium-review.googlesource.com/c/1396078
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58540}
2019-01-04 09:51:55 +00:00
Tamer Tas
6df42e36e5 [testrunner] remove dead code
This code is very old and is not referenced anywhere else.

Verifying that the code isn't called anywhere else:
- https://cs.chromium.org/search/?q=FilterTestCasesByArgs&type=cs
- https://cs.chromium.org/search/?q=FilterTestCasesByStatus&type=cs

R=machenbach@chromium.org
CC=yangguo@chromium.org,sergiyb@chromium.org

No-Try: true
Change-Id: I18b0309430d86649046e64e863ca252951786061
Reviewed-on: https://chromium-review.googlesource.com/c/1394553
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58539}
2019-01-04 09:40:53 +00:00
Andreas Haas
fc664bda17 [wasm] Update spec tests
One spec test is failing at the moment. I disabled it for now and
created an bugtracker issue:

https://crbug.com/v8/8633

R=gdeepti@chromium.org

Change-Id: Ibc3087d0582b95395d45d261155f6ac7e1a47f0c
Reviewed-on: https://chromium-review.googlesource.com/c/1394551
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58538}
2019-01-04 09:15:59 +00:00
Mathias Bynens
214282249f [harmony] Add flat/flatMap to Array.prototype[Symbol.unscopables]
https://github.com/tc39/proposal-flatMap/issues/74
https://github.com/tc39/proposal-flatMap/pull/75

BUG=v8:7220

Change-Id: I93ce66bddbb429beaa7486311f120ec32d6a35fb
Reviewed-on: https://chromium-review.googlesource.com/c/1390125
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58537}
2019-01-04 08:12:28 +00:00
v8-ci-autoroll-builder
b57f89fa86 Update V8 DEPS.
Rolling v8/build: 2df3750..29fca48

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/24bb5c4..ebf0d23

Rolling v8/third_party/depot_tools: db0055d..936a994

Rolling v8/tools/clang: 50670f1..a974cf8

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I038146fba5b70489bebdd57bb472b9975219ef89
Reviewed-on: https://chromium-review.googlesource.com/c/1395797
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#58536}
2019-01-04 03:48:29 +00:00
Frank Tang
3a72cd090b [Intl] Fix CHECK fail in Intl::ToLanguageTag()
Make the function return Maybe<std::string> to propagate error.

Bug: chromium:917151
Change-Id: I4330b0c54c122b1eddd3b37e21e0f387cb5d803a
Reviewed-on: https://chromium-review.googlesource.com/c/1392205
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58535}
2019-01-04 01:33:26 +00:00
Junliang Yan
bc344e38c5 PPC/s390: [ubsan] Port HeapObject to the new design
Port 9302db480e

Original Commit Message:

    Merging the temporary HeapObjectPtr back into HeapObject.

R=jkummerow@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I4f92282b7b4c66bb73da30e076a8378e0cf24836
Reviewed-on: https://chromium-review.googlesource.com/c/1394813
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58534}
2019-01-03 23:50:12 +00:00
Junliang Yan
643cb5f995 PPC/s390: [ubsan] Use Address parameters for calling generated code
Port 42b4180d20

Original Commit Message:

    The simulated C++ signature for generated code entry points should
    rely on primitive values (as opposed to ObjectPtr).

R=jkummerow@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I55c67e8d42d97b45d5b0eb878ddd6ab3cf872942
Reviewed-on: https://chromium-review.googlesource.com/c/1394755
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58533}
2019-01-03 22:39:04 +00:00
Junliang Yan
ac2a9f136e PPC/s390: Don't embed CompileLazyDeoptimizedCode
Port 71180e5447

Original Commit Message:

    This changes the CompileLazyDeoptimizedCode call to use the standard
    builtin calling sequence, which (for optimized code) creates an
    inlined off-heap trampoline instead of embedding a CODE_TARGET.

    missing only for the case of inlined trampolines.

R=jgruber@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: Ie81856899dd5d1b1e745b748ed714d98b4dab7ac
Reviewed-on: https://chromium-review.googlesource.com/c/1394806
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58532}
2019-01-03 21:04:53 +00:00
Junliang Yan
657d979f60 PPC/s390: [ubsan] Let Runtime functions return a plain Address
Port f1cb51ad4e

Original Commit Message:

    instead of Object* (which is deprecated) or ObjectPtr (which is
    unsuitable for cases where we need to control the ABI exactly).
    Callers in generated code expect a plain tagged value, so return
    precisely that. Same for C++ Builtins.

R=jkummerow@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I8055c9a9c99dbe8716f810c6b6cc1967bed9c3de
Reviewed-on: https://chromium-review.googlesource.com/c/1393920
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58531}
2019-01-03 17:44:26 +00:00
Junliang Yan
9f68ab2441 PPC/s390: [nojit] Change builtin pointers to use Smis underneath
Port fa3cbf60d5

Original Commit Message:

    This changes Torque's builtin pointers to use a Smi representation
    underneath instead of storing the Code target object. Callsites look
    up the target entry point through IsolateData::builtin_entry_table.

    The notable effect of this CL is that builtin pointer calls no longer
    call any on-heap Code.

R=jgruber@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I49bb08de916fd93e576936a56b0e1a0e21072289
Reviewed-on: https://chromium-review.googlesource.com/c/1394301
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58530}
2019-01-03 17:43:20 +00:00
Ulan Degenbaev
731ff0b897 [heap] Add V8_NOEXCEPT annotation for GCCallbackTuple
Bug: v8:8616
Change-Id: I0998b437712037277b81eb5d04b734826aabcd46
Reviewed-on: https://chromium-review.googlesource.com/c/1391754
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58529}
2019-01-03 16:50:10 +00:00
Junliang Yan
66910ffd83 PPC/s390: remove code-stubs related build files
R=jgruber@chromium.org, joransiu@ca.ibm.com

Change-Id: If31804509eaca51c0606409873dc180df4fb49f3
Reviewed-on: https://chromium-review.googlesource.com/c/1393301
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58528}
2019-01-03 16:16:44 +00:00
Clemens Hammacher
9f90c8dc43 [wasm] Force GC earlier to avoid running OOM
We currently trigger a GC when creating a module while the remaining
uncommitted code space is below 32MB. For bigger modules, this is not
enough. Instead, make this limit relative: Trigger GC if we fall below
50% of the available code space, and re-adjust this limit after each GC
to avoid repeated GCs that do not free anything.

R=ahaas@chromium.org

Bug: v8:8624
Change-Id: I7abfad3b57663d528a26d29232ad6bc2dc63cef4
Reviewed-on: https://chromium-review.googlesource.com/c/1391753
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58527}
2019-01-03 16:07:53 +00:00
Georg Neis
ef29f4b9a5 [turbofan] Improve UpdateType debug output.
This is a partial reland of d3d13e4bb1, which
made an incorrect assumption about how the typer visits the graph.

Bug: chromium:906567
Change-Id: I55b70fdf7e655973e6ae33b64e127252c745517f
Reviewed-on: https://chromium-review.googlesource.com/c/1394549
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58526}
2019-01-03 16:00:43 +00:00
Junliang Yan
4812f2afdf PPC/s390: [nojit] Add a kCallBuiltinPointer call kind
Port f323a5f415

Original Commit Message:

    Currently, Torque's builtin pointers store a Code target underneath and
    callsites generate a kArchCallCodeObject opcode. When embedded builtins
    are enabled, the call thus first calls the on-heap trampoline, which
    finally jumps to the target off-heap builtin code.

    This will no longer be possible in jitless mode, since on-heap code must
    not be executable.

    As a step towards changing the way builtin pointers are called
    (function pointers will hold the builtin index as a Smi, and callsites
    look up the off-heap target address and jump there), this CL adds a
    dedicated opcode for builtin pointer calls to the compiler pipeline.

    The calling mechanism itself is unchanged, changes there will happen
    in a follow-up.

R=jgruber@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I2d2229227e1c62e7c2515d4f5cb3d4dae49b3dd4
Reviewed-on: https://chromium-review.googlesource.com/c/1393913
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58525}
2019-01-03 15:44:51 +00:00
Clemens Hammacher
0f8676445b [Liftoff] Use int for liftoff register codes
The number of registers is very small, so any integer type is big
enough anyway. Just use the simplest one, which is int.

R=ahaas@chromium.org

Bug: v8:6600
Change-Id: I9762a5c934848b810b7937ee603cd183f883d557
Reviewed-on: https://chromium-review.googlesource.com/c/1394548
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58524}
2019-01-03 15:29:50 +00:00
Junliang Yan
3bf55e7889 PPC: fix offset overflow and dcheck failure
R=joransiu@ca.ibm.com

Change-Id: I0587b286f3132347172f353cbce405158ef1c403
Reviewed-on: https://chromium-review.googlesource.com/c/1393910
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58523}
2019-01-03 14:53:31 +00:00
Clemens Hammacher
20b6330037 [Liftoff] Keep consistent register mapping in non-merged regions
We currently de-duplicate used registers also in regions which do not
need merging. In those regions though it can never happen that we need
to pass different values from any merge input. Apart from introducing
unnecessary register moves, this also causes a DCHECK to fail, because
we might later want to merge back different registers into one.

Assume this initial stack state (where each letter is a register):
[A B B C]
If in any child block the two Bs get de-duplicated so something like
[A B D C]
then we run into trouble when merging back this state into the parent
state, because both B and D would need to be put into B.
In this case we can statically infer that B and D must hold the same
value anyway, but having this situation does not make much sense in the
first place, so the DCHECK fires correctly.

R=titzer@chromium.org

Bug: v8:8423, chromium:917412
Change-Id: I24c36b062e04a134cf7051725afab98126753f31
Reviewed-on: https://chromium-review.googlesource.com/c/1392190
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58522}
2019-01-03 14:37:48 +00:00
Clemens Hammacher
14faced4c0 [Liftoff] Fix moving stack values
On x64 the {kScratchRegister} cannot be held in a {LiftoffRegister},
since it is not a valid cache register. Also, the code unnecessarily
checked whether there is an unused cache register, but then didn't use
it. Simplify the logic to always use the scratch register, just
distinguish between 4-byte and 8-byte moves.
On ia32 we did not move 64-bit values correctly if we didn't have
unused registers and needed to move via the stack.

R=titzer@chromium.org

Bug: v8:6600, chromium:917588, chromium:917450
Change-Id: I0bbe946c6ac8fca62f85711ae47afdac9c02ae6b
Reviewed-on: https://chromium-review.googlesource.com/c/1391755
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58521}
2019-01-03 14:25:47 +00:00
Clemens Hammacher
42a42a68ba [presubmit] Do not check for V8_NOEXCEPT in include/
We don't have our macros available there, so we should not enforce
V8_NOEXCEPT on types declared in include/v8.h or other files in
include/.

R=mlippautz@chromium.org

Bug: v8:8616
No-Try: true
Change-Id: I51550a072a7957921c6cbd7e0866093f0462ff4e
Reviewed-on: https://chromium-review.googlesource.com/c/1394547
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58520}
2019-01-03 13:33:40 +00:00
Georg Neis
09ca8f76f6 Revert "[turbofan] Improve UpdateType debug output."
This reverts commit d3d13e4bb1.

Reason for revert: Makes an incorrect assumption.

Original change's description:
> [turbofan] Improve UpdateType debug output.
> 
> R=​jarin@chromium.org
> 
> Bug: chromium:906567
> Change-Id: Ic99c7a240ecb37c7b032b388f604d3f256d335b3
> Reviewed-on: https://chromium-review.googlesource.com/c/1392196
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Commit-Queue: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58497}

TBR=jarin@chromium.org,neis@chromium.org

Change-Id: I1bfc6d38f1c6cb67ef403d8be84070aa2c0effb6
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:906567
Reviewed-on: https://chromium-review.googlesource.com/c/1394546
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58519}
2019-01-03 13:05:01 +00:00
Clemens Hammacher
4339f5f179 [base] Refactor STATIC_CHAR_VECTOR into a template
Templates are nicer than macros, and in this case it's not more complex.

R=tebbi@chromium.org

Bug: v8:8562
Change-Id: I3aea7b4138f144166418c0827dd7c58ea459c670
Reviewed-on: https://chromium-review.googlesource.com/c/1392200
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58518}
2019-01-03 12:55:15 +00:00
Clemens Hammacher
0b25bbbe5f Remove deprecated 'throw()' specifier
This specifier is deprecated and will be removed in C++20. Replace it
with V8_NOEXCEPT where is makes sense and remove it otherwise. Also
remove redundant constructors.

R=tebbi@chromium.org

Bug: v8:8562
Change-Id: I1335dcac5cac14b62b655cfd507decd4de653043
Reviewed-on: https://chromium-review.googlesource.com/c/1392204
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58517}
2019-01-03 12:54:10 +00:00
Clemens Hammacher
5ea59597cf [Liftoff] Remove all computation of "half indexes"
Instead, always pass an index and an enum pointing to either half.

R=titzer@chromium.org

Bug: v8:6600, v8:8562
Change-Id: I7e73bd97bfc7ebf644b242980aa0a73cd5f18949
Reviewed-on: https://chromium-review.googlesource.com/c/1392189
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58516}
2019-01-03 12:09:09 +00:00
Mythri
fa844bdbee Set the correct scope when initializing parameters.
If the parameter list contains class declarations we should use the
block scope corresponding to the class when rewriting the initializers.

Bug: chromium:917988
Change-Id: I7fcd44a264b7c0113cbd821b759e0bee6c9345a0
Reviewed-on: https://chromium-review.googlesource.com/c/1392240
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58515}
2019-01-03 10:18:11 +00:00
Clemens Hammacher
84bda68fff [Liftoff][mips] Clean up "half stack slot" accesses
Bring mips in line with the ia32 and arm implementions. Instead of
computing the "half index" manually, pass the index and an enum
pointing to either half.

R=titzer@chromium.org

Bug: v8:6600
Change-Id: Id8812114df84fbddd4aa2570306526d291bface6
Reviewed-on: https://chromium-review.googlesource.com/c/1392188
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58514}
2019-01-03 10:02:57 +00:00
Clemens Hammacher
26a78061af Remove trap handler fallback for sanitizers
Since https://crrev.com/c/1335572, our sanitizers allow to set custom
segfault handlers. Thus remove special code that was added to handle
sanitizers that prevent installation of segfault handlers. Instead,
CHECK that the signal handler was installed correctly.

R=ahaas@chromium.org, mseaborn@chromium.org, mark@chromium.org

Bug: chromium:830894
Change-Id: I3bd66e33efdceb3e8469f3f4a09fbde90cb3d7ec
Reviewed-on: https://chromium-review.googlesource.com/c/1392199
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58513}
2019-01-03 09:53:17 +00:00
Leszek Swirski
00a2481a24 [ignition] Move destructuring assignments to bytecode generation
Instead of de-sugaring destructuring assignment in the parser (using the
pattern rewriter), pass the Object/ArrayLiterals through to the bytecode
generator, which can desugar them in-place.

This allows us to decrease the amount of AST node creation, and improve
the generated bytecode using domain-specific knowledge. As a side effect
we partially fix an old execution ordering spec bug.

Currently only implemented for assignments, not declarations, as the
latter has some additional complexity.

Bug: v8:4951
Change-Id: I3d69d232bea2968ef20df68a74014d9e05808cfe
Reviewed-on: https://chromium-review.googlesource.com/c/1375660
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58512}
2019-01-03 09:41:27 +00:00
Frank Tang
74d00a9b34 [Intl] Implement ApplyOptionsToTag in Intl.Locale
Bug: v8:7684
Change-Id: Ibe7db0ef1baacb33d07a45234e6bda4f69e95643
Reviewed-on: https://chromium-review.googlesource.com/c/1381732
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Jungshik Shin <jshin@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58511}
2019-01-03 06:17:10 +00:00
v8-ci-autoroll-builder
d86cc0935d Update V8 DEPS.
Rolling v8/build: 67f9fae..2df3750

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/16717a6..24bb5c4

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I19b8cb8c1d1e748ba91b2214570dda8b6e8e4300
Reviewed-on: https://chromium-review.googlesource.com/c/1394288
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#58510}
2019-01-03 06:16:05 +00:00
Junliang Yan
3e7fa30ba2 PPC/s390: [builtins] Remove InternalArray and reduce InternalPackedArray constructors.
Port 640d3adf5f

Original Commit Message:

    InternalPackedArray now only has one constructor variant that expects no
    arguments (Chrome's only usage of InternalPackedArray). As such, these TFC
    builtins are no longer used and were removed:
    - InternalArrayNoArgumentConstructor_Holey
    - InternalArraySingleArgumentConstructor_Packed
    - InternalArraySingleArgumentConstructor_Holey

    On x64.release, this reduces builtins size by ~1.2KB.

R=peter.wm.wong@gmail.com, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I46d86178c33e47acf2fb75fd3de743686641caa1
Reviewed-on: https://chromium-review.googlesource.com/c/1393825
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58509}
2019-01-03 02:47:00 +00:00
Junliang Yan
3136b4f5ba PPC/s390: [SFI] Add support for flushing old Bytecode from SharedFunctionInfos.
Port a55803a15d

Original Commit Message:

    This change makes the SFI to bytecode link pseudo-weak. The marking visitors
    check whether the bytecode is old, and if so, don't mark it and instead
    push the SFI onto a bytecode_flushing_candidates worklist. Once marking
    is complete, this list is walked, and for any of the candidates who's bytecode
    has not been marked (i.e., is only referenced by the shared function info),
    the bytecode is flushed and the SFI has the function data replaced with
    an UncompiledData (which overwrites the flushed bytecode array).

    Since we don't track JSFunctions, these can still think the underlying
    function is compiled, and so calling them will invoke
    InterpreterEntryTrampoline. As such, logic is added to
    InterpreterEntryTrampoline to detect flushed functions, and enter
    CompileLazy instead.

R=rmcilroy@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:8395
LOG=N

Change-Id: I4a913d318363a584d79aa6d7f4ee09f04a89bbbe
Reviewed-on: https://chromium-review.googlesource.com/c/1393824
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58508}
2019-01-03 02:17:30 +00:00
Fabrice de Gans-Riberi
f225a474bc Add support for different host/target platform in mksnapshot.
This Mac/Fuchsia build was broken as the generated assembly file must
follow Linux-style calling conventions.

Change-Id: I05d946e77690e97f05d57a3d5ba04cd2e63fbb9d
Reviewed-on: https://chromium-review.googlesource.com/c/1377230
Commit-Queue: Fabrice de Gans-Riberi <fdegans@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58507}
2019-01-03 01:41:14 +00:00
Frank Tang
5182e1ad11 Revert "[Intl] Validate u extension type"
This reverts commit 8d0942499c.

Reason for revert: Cause Memory regression

TBR=gsathya@chromium.org

Original change's description:
> [Intl] Validate u extension type
>
> Fix intl402/*/ignore-invalid-unicode-ext-values
> Add tests for other valid/invalid -u- ext values.
>
> Bug: v8:7481
> Change-Id: I429effd071bb03599a1e767bb2a9e9918a91b850
> Reviewed-on: https://chromium-review.googlesource.com/c/1351307
> Commit-Queue: Frank Tang <ftang@chromium.org>
> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58173}

TBR=cira@chromium.org,jshin@chromium.org,gsathya@chromium.org,ftang@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: v8:7481
Change-Id: Idabf2183684f264271ebe2b8c0ca10ae8e30d811
Reviewed-on: https://chromium-review.googlesource.com/c/1393499
Reviewed-by: Frank Tang <ftang@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58506}
2019-01-03 01:40:09 +00:00