Commit Graph

49748 Commits

Author SHA1 Message Date
Michael Lippautz
8b2cee550c [heap] Fix ArrayBufferTracker processing
Avoid accessing |byte_length| during processing buffers. The length
might be a HeapNumber that has already been processed (e.g. moved) in
the current garbage collection cycle.

Bug: v8:8076
Change-Id: I6d79631e300845a29f15a9f60933ee41ffc95300
Reviewed-on: https://chromium-review.googlesource.com/1183193
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55256}
2018-08-21 10:50:46 +00:00
Jakob Gruber
dcc09b60ab Revert "[x64] Apply rip-relative call/jump for OFF_HEAP_TARGET"
This reverts commit ad5b736500.

Reason for revert: https://crbug.com/875678

Original change's description:
> [x64] Apply rip-relative call/jump for OFF_HEAP_TARGET
>
> Merge rip-relative loading and call/jump into one instruction for
> OFF_HEAP_TARGET call/jump. For example,
>
>   REX.W movq r10,[rip+#disp]
>   call r10
>
> turns into:
>
>   call [rip+#disp]
>
> Change-Id: I17e115d054b4b352bdaf8eba2e6ac4054bbedaca
> Reviewed-on: https://chromium-review.googlesource.com/1172152
> Commit-Queue: Shiyu Zhang <shiyu.zhang@intel.com>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55150}

TBR=sigurds@chromium.org,jgruber@chromium.org,shiyu.zhang@intel.com

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: chromium:875678
Change-Id: I5a9dd6e29cc53566d681864f7e275a70ccdcb0cb
Reviewed-on: https://chromium-review.googlesource.com/1183164
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55255}
2018-08-21 10:39:27 +00:00
Dominik Inführ
32ec3c1c5e [heap-profiler] Generate location for generators
Add source code location for generators into heap snapshot file.

Bug: chromium:854097
Change-Id: I726b245a707515502976476703e57b7f58c92782
Reviewed-on: https://chromium-review.googlesource.com/1174433
Commit-Queue: Dominik Inführ <dinfuehr@google.com>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55254}
2018-08-21 10:32:56 +00:00
Georg Neis
acf0925255 [turbofan] Force creation of initial maps upfront.
When encountering a JSFunction, generate its initial map (if
appropriate).  This ensures that we can depend on the initial
map during optimization.

We are not sure about the performance impact of this change, it
might cause regressions.

R=jarin@chromium.org, mslekova@chromium.org

Bug: v8:7790, chromium:875175
Change-Id: I4bbf62e30730f55a53d9bb7eee62c87d820616fb
Reviewed-on: https://chromium-review.googlesource.com/1180970
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55253}
2018-08-21 10:24:41 +00:00
Benedikt Meurer
932faf95b3 [cleanup] Use ThrowIfNotInstanceType() more consistently.
There were still a few places left in builtins where we have custom
logic to check for a certain instance type and raise the incompatible
receiver error.

Bug: v8:8015
Change-Id: Ic5ed80aa6327b2902209b1822677f75b19d8a715
Reviewed-on: https://chromium-review.googlesource.com/1183183
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55252}
2018-08-21 10:11:28 +00:00
Maya Lekova
fc41794efa Revert "[Intl] remove unused js"
This reverts commit 2dc505a418.

Reason for revert: Breaks a layout test "fast/js/date-proto-generic-invocation.html" as can be seen in 
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8-Blink%20Linux%2064/25626

Original change's description:
> [Intl] remove unused js
> 
> Bug: v8:8066
> Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
> Change-Id: I9d86577540cf227e038354d9661c60fcdc644b3f
> Reviewed-on: https://chromium-review.googlesource.com/1179467
> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
> Commit-Queue: Frank Tang <ftang@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55200}

TBR=gsathya@chromium.org,ftang@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: v8:8066
Change-Id: I4b6c7163a48f6f7fe439f8fd678abd053f60b020
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/1183163
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55251}
2018-08-21 09:56:09 +00:00
Maya Lekova
67c1f8fea0 Revert "[Intl] move Date.prototype.toLocale{,Date,Time}String to C++"
This reverts commit 8e57cd51fd.

Reason for revert: Breaks a layout test "fast/js/date-proto-generic-invocation.html" as can be seen in 
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8-Blink%20Linux%2064/25626

Original change's description:
> [Intl] move Date.prototype.toLocale{,Date,Time}String to C++
> 
> Bug: v8:7961
> Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
> Change-Id: Ie75eb443fc0907a4e1e4cafd4f5c06c23794f5a9
> Reviewed-on: https://chromium-review.googlesource.com/1156123
> Commit-Queue: Frank Tang <ftang@chromium.org>
> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55239}

TBR=jshin@chromium.org,gsathya@chromium.org,ftang@chromium.org

Change-Id: Iafc2541185f8a6e44088432b3de58bdb53854e1b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7961
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/1183162
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55250}
2018-08-21 09:10:58 +00:00
Ben L. Titzer
438e7ec6dc Reland "[asmjs] Properly validate asm.js heap sizes"
This is a reland of 5c3092718e
(the CL was reverted because of a Chromium test that is now fixed)

Original change's description:
> Reland "[asmjs] Properly validate asm.js heap sizes"
>
> This is a reland of 5d69010e26
>
> Original change's description:
> > [asmjs] Properly validate asm.js heap sizes
> >
> > Enforce both engine limitations and spec (http://asmjs.org/spec/latest/)
> > limitations on the size of asm.js heaps.
> >
> > R=clemensh@chromium.org
> > CC=​mstarzinger@chromium.org
> >
> > Bug: chromium:873600
> > Change-Id: I104c23bbd0a9a7c494f97f8f9e83ac5a37496dfd
> > Reviewed-on: https://chromium-review.googlesource.com/1174411
> > Commit-Queue: Ben Titzer <titzer@chromium.org>
> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#55163}
>
> Bug: chromium:873600
> Change-Id: Id24070bda3aafb9e1a32af0732a1b18f633ef932
> Reviewed-on: https://chromium-review.googlesource.com/1179681
> Commit-Queue: Ben Titzer <titzer@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55193}

Bug: chromium:873600
Change-Id: I6eca2a89589070837b109278f964fc8e9a0fd6f1
Reviewed-on: https://chromium-review.googlesource.com/1183081
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55249}
2018-08-21 09:00:04 +00:00
Georg Neis
c4d1a00873 [turbofan] Serialize SharedFunctionInfo.
GetBytecodeArrayRegisterCount is still missing.

Bug: v8:7790
Change-Id: I7255e60ef13e48a514cc09231cdb3cc42328d441
Reviewed-on: https://chromium-review.googlesource.com/1181568
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55248}
2018-08-21 08:57:15 +00:00
Creddy
29a112bbad Enable one shot flag by default
By default, enable one-shot optimization.

BUG=v8:8072

Change-Id: I353eb05325b9abfa9b9fab48cf47bad2891798e9
Reviewed-on: https://chromium-review.googlesource.com/1181901
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Chandan Reddy <chandanreddy@google.com>
Cr-Commit-Position: refs/heads/master@{#55247}
2018-08-21 08:38:57 +00:00
Hai Dang
bbe3d9913d Change CloneFastJSArray to use ExtractFixedArray.
This makes CloneFastJSArray allocate exact memory needed for the elements
to be copy, instead of over-allocating.

Bug: chromium:875723
Change-Id: Id8e14cff3caf42eb0fb4090ec755f1cadcf518e6
Reviewed-on: https://chromium-review.googlesource.com/1180893
Commit-Queue: Hai Dang <dhai@google.com>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55246}
2018-08-21 08:37:56 +00:00
Dominik Inführ
64e04c96af [heap-profiler] Store locations in snapshot
Start storing locations in heap snapshot file. Initial support
for closure, additional object types might be added in the future.
Needed to show source code locations for objects in the DevTools
heap snapshot viewer.

Bug: chromium:854097
Change-Id: I12659373ce1adf67b55c6a10ea1d0465fcdb4a10
Reviewed-on: https://chromium-review.googlesource.com/1174257
Commit-Queue: Dominik Inführ <dinfuehr@google.com>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55245}
2018-08-21 08:23:00 +00:00
Dan Elphick
fe5e07d763 Reland "[builtins] Start adding byte code handlers to builtins"
This is a reland of 041ae1f879

The clashing method has been fixed.

Original change's description:
> [builtins] Start adding byte code handlers to builtins
>
> Adds a new build flag, v8_enable_embedded_bytecode_handlers, that adds
> the bytecode handlers to the BUILTIN_LIST macros.
>
> Currently it's not connected up to the code-generation so it actually
> does nothing except expand the builtins table.
>
> Bug: v8:8068
> Change-Id: Iaecc3982cf22d04e6c46169b86c9d694952fd091
> Reviewed-on: https://chromium-review.googlesource.com/1179887
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55215}

Bug: v8:8068
Change-Id: Ibc98929a9ad464e9d4c9fc7d43401f0fb0df9a00
Reviewed-on: https://chromium-review.googlesource.com/1181981
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55244}
2018-08-21 07:42:52 +00:00
Rodrigo Bruno
cd2126fedd [heap] split ExternalStringTable verify into new space and full (new and old)
Bug: chromium:875847
Change-Id: I1412b25c667dc007dd4f605ec9abe20670e75836
Reviewed-on: https://chromium-review.googlesource.com/1181567
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Rodrigo Bruno <rfbpb@google.com>
Cr-Commit-Position: refs/heads/master@{#55243}
2018-08-21 07:09:22 +00:00
Aseem Garg
dd65e4b837 Revert "Reland "[asmjs] Properly validate asm.js heap sizes""
This reverts commit 5c3092718e.

Reason for revert: Broke fast/workers/worker-shared-asm-buffer.html

Original change's description:
> Reland "[asmjs] Properly validate asm.js heap sizes"
>
> This is a reland of 5d69010e26
>
> Original change's description:
> > [asmjs] Properly validate asm.js heap sizes
> >
> > Enforce both engine limitations and spec (http://asmjs.org/spec/latest/)
> > limitations on the size of asm.js heaps.
> >
> > R=clemensh@chromium.org
> > CC=​mstarzinger@chromium.org
> >
> > Bug: chromium:873600
> > Change-Id: I104c23bbd0a9a7c494f97f8f9e83ac5a37496dfd
> > Reviewed-on: https://chromium-review.googlesource.com/1174411
> > Commit-Queue: Ben Titzer <titzer@chromium.org>
> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#55163}
>
> Bug: chromium:873600
> Change-Id: Id24070bda3aafb9e1a32af0732a1b18f633ef932
> Reviewed-on: https://chromium-review.googlesource.com/1179681
> Commit-Queue: Ben Titzer <titzer@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55193}

TBR=mstarzinger@chromium.org,titzer@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: chromium:873600
Change-Id: I5845c584c7ac399b9b7939f5fd50c09b7b2cc3d2
Reviewed-on: https://chromium-review.googlesource.com/1182616
Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
Reviewed-by: Aseem Garg <aseemgarg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55242}
2018-08-21 00:51:54 +00:00
Aseem Garg
a4235f0093 Revert "[runtime] Improve for-in performance"
This reverts commit 8fa7f9ed93.

Reason for revert: Speculating that this breaks GC stress

Original change's description:
> [runtime] Improve for-in performance
> 
> - Add fast-path String conversion for Smi (which is the most common case)
>   This improves for-in by ~10% on non-initialized enum-caches
> - Don't use the NumberStringCache for large indices to not overflow the cache
>   during key collection. This improves worst-case performance by ~2.5x
> - Drop number_to_string_native and number_to_string_runtime counters
> 
> Bug: v8:7717
> Change-Id: Ic1ff385e3374e6a7e7e7bdb9ae75fb8c238105d1
> Reviewed-on: https://chromium-review.googlesource.com/1167049
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Camillo Bruni <cbruni@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55233}

TBR=ulan@chromium.org,cbruni@chromium.org,verwaest@chromium.org

Change-Id: I8d0332478afcd7c6a3f8fbf1f044b9aa870b6b13
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7717
Reviewed-on: https://chromium-review.googlesource.com/1182676
Reviewed-by: Aseem Garg <aseemgarg@chromium.org>
Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55241}
2018-08-21 00:34:43 +00:00
Ujjwal Sharma
126e88db07 [intl] Port DateTimeFormat.prototype.format and bound format function to C++
This increases the size of a DateFormat instance by a word to store
the bound format function.

The instance to be bound is stored on the context of this builtin function.

Bug: v8:7800
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I05968251d3411f5126dba3ce9b5b6b29836fd5dc
Reviewed-on: https://chromium-review.googlesource.com/1178763
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55240}
2018-08-21 00:00:08 +00:00
Frank Tang
8e57cd51fd [Intl] move Date.prototype.toLocale{,Date,Time}String to C++
Bug: v8:7961
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ie75eb443fc0907a4e1e4cafd4f5c06c23794f5a9
Reviewed-on: https://chromium-review.googlesource.com/1156123
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55239}
2018-08-20 22:17:40 +00:00
Vasili Skurydzin
97473f49e5 ppc: Allow passing r0 as a second argument to instructions in
PPC_X_OPCODE_D_FORM_LIST.

Change-Id: Ia4fbe3f81bdc8569f7b168c11362e3d99c1d2188
Reviewed-on: https://chromium-review.googlesource.com/1181646
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#55238}
2018-08-20 21:29:47 +00:00
Ross McIlroy
454f19e6c6 [Tests] Fix math-log2-log10.js on Android
BUG=v8:8074

Change-Id: I012666ff1a06d0a53f893031a3caf38ed0d40229
Reviewed-on: https://chromium-review.googlesource.com/1181421
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55237}
2018-08-20 20:06:13 +00:00
Georg Neis
72188ea993 [turbofan] Serialize feedback vector.
R=jarin@chromium.org

Bug: v8:7790
Change-Id: Id73084879bb0d03327e871bdd063353495c07a5b
Reviewed-on: https://chromium-review.googlesource.com/1180894
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55236}
2018-08-20 20:00:30 +00:00
Kevin Marshall
d31014c272 [fuchsia] Add QEMU third_party download dep entry to v8 DEPS.
The Fuchsia SDK will no longer include QEMU as part of the tarball.
QEMU will be downloaded separately from CIPD instead.

Fixes V8 roll failure: https://chromium-review.googlesource.com/1180602

Tested by verifying that
//build/config/fuchsia:blobstore_extended_qcow2 builds using the updated
Chromium build targets in //build/fuchsia/.

Change-Id: I01795aaf45dcdaa1a05481e4a72302c7aa387b3a
Reviewed-on: https://chromium-review.googlesource.com/1181688
Commit-Queue: Kevin Marshall <kmarshall@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55235}
2018-08-20 19:26:01 +00:00
Adam Klein
e0d77f3ec4 [parser] Clean up dead or overly general code in ExpressionClassifier
ParseErrorType is never passed to ExpressionClassifier, so there's
no need to store it in the Error struct (we can always use the Parser's
default of SyntaxError).

Also simplify the handling of non-simple parameter detection, which
was stored in a two-bit function_properties_ field that was only
being used for this purpose.

Bug: v8:8015
Change-Id: I198e8285cbafee650614d1ff5bb434fe9fd2a338
Reviewed-on: https://chromium-review.googlesource.com/1180525
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55234}
2018-08-20 19:01:00 +00:00
Camillo Bruni
8fa7f9ed93 [runtime] Improve for-in performance
- Add fast-path String conversion for Smi (which is the most common case)
  This improves for-in by ~10% on non-initialized enum-caches
- Don't use the NumberStringCache for large indices to not overflow the cache
  during key collection. This improves worst-case performance by ~2.5x
- Drop number_to_string_native and number_to_string_runtime counters

Bug: v8:7717
Change-Id: Ic1ff385e3374e6a7e7e7bdb9ae75fb8c238105d1
Reviewed-on: https://chromium-review.googlesource.com/1167049
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55233}
2018-08-20 18:55:55 +00:00
Benedikt Meurer
4f5a6db0f8 Revert "[turbofan] Optimize index checking for DataView accesses."
This reverts commit 5232b938d7.

Reason for revert: Regresses performance on the JSTests bots

Original change's description:
> [turbofan] Optimize index checking for DataView accesses.
> 
> Use CheckBounds and reduce the number of checks required to sanitize the
> indices for DataView accesses in optimized code. Also constant-fold the
> [[ByteLength]] if the DataView is a known compile-time constant (similar
> to what we do for TypedArrays already). This further improves performance
> of DataViews by 2-7% depending on the exact test case.
> 
> With this change DataView and TypedArray accesses themselves are mostly
> on par performance wise.
> 
> Bug: chromium:225811
> Change-Id: I6838339108b8a4dcf9b13ddecab40f1c3632967c
> Reviewed-on: https://chromium-review.googlesource.com/1179741
> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55190}

TBR=sigurds@chromium.org,bmeurer@chromium.org,mathias@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: chromium:225811
Change-Id: I90547f91bab27127f57ba812194d3a3e3deb8ff7
Reviewed-on: https://chromium-review.googlesource.com/1179563
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55232}
2018-08-20 18:44:18 +00:00
Timothy Gu
04a6adfc7e [vim-torque] Add a Torque vim syntax highlighter
The vim counterpart to the existing Visual Studio Code extension.

Change-Id: I7ee59e212a31e81034362eb406f3ffdbb2447acb
Reviewed-on: https://chromium-review.googlesource.com/1180705
Commit-Queue: Timothy Gu <timothygu@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55231}
2018-08-20 18:30:42 +00:00
Camillo Bruni
a7b368ee24 Heap Object Stats: Track external string resources
This CL adds support for the following virtual string types:
 - SCRIPT_SOURCE_EXTERNAL_ONE_BYTE_TYPE
 - SCRIPT_SOURCE_EXTERNAL_TWO_BYTE_TYPE
 - SCRIPT_SOURCE_NON_EXTERNAL_ONE_BYTE_TYPE
 - SCRIPT_SOURCE_NON_EXTERNAL_TWO_BYTE_TYPE
 - STRING_EXTERNAL_RESOURCE_ONE_BYTE_TYPE
 - STRING_EXTERNAL_RESOURCE_TWO_BYTE_TYPE

Change-Id: I8d278ede356bae4ba63c1dae45a347f1261c75cc
Reviewed-on: https://chromium-review.googlesource.com/1174392
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55230}
2018-08-20 18:21:40 +00:00
Vasili Skurydzin
67b549938d PPC: disable failing cctest on AIX temporarily
Change-Id: I8a0081acb9c5eb662bf43eceb52218096eac327c
Reviewed-on: https://chromium-review.googlesource.com/1174560
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#55229}
2018-08-20 17:59:34 +00:00
Deepti Gandluri
c7e4bf4550 Add ldrexd/strexd to the Arm assembler
Bug: v8:6532

Change-Id: Id89f81b12205900fc935e6232840e1976e24d3b4
Reviewed-on: https://chromium-review.googlesource.com/1176962
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55228}
2018-08-20 17:46:23 +00:00
Ross McIlroy
bca38dbf29 [Tests] Fix some OOM failures on Android by explicitly setting max_old_space_size.
BUG=v8:8040

Change-Id: I8de22af3978f2a8eb844eabdb757bd635050f901
Reviewed-on: https://chromium-review.googlesource.com/1181432
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55227}
2018-08-20 17:29:43 +00:00
Toon Verwaest
daff05a093 [asm] Remove invalid static cast of character stream
TBR=ahaas@chromium.org

Change-Id: I862cae063d85703235ead073b0f23515721a409f
Reviewed-on: https://chromium-review.googlesource.com/1181431
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55226}
2018-08-20 17:04:28 +00:00
Dan Elphick
737ffec54e Revert "[builtins] Start adding byte code handlers to builtins"
This reverts commit 041ae1f879.

Reason for revert: Causes jumbo builds to fail because of duplicate GenerateBytecodeHandler definitions.

Original change's description:
> [builtins] Start adding byte code handlers to builtins
> 
> Adds a new build flag, v8_enable_embedded_bytecode_handlers, that adds
> the bytecode handlers to the BUILTIN_LIST macros.
> 
> Currently it's not connected up to the code-generation so it actually
> does nothing except expand the builtins table.
> 
> Bug: v8:8068
> Change-Id: Iaecc3982cf22d04e6c46169b86c9d694952fd091
> Reviewed-on: https://chromium-review.googlesource.com/1179887
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55215}

TBR=rmcilroy@chromium.org,jgruber@chromium.org,delphick@chromium.org

Change-Id: I860b3ecf543944fd0f4fdcb8de09d21a4b784150
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8068
Reviewed-on: https://chromium-review.googlesource.com/1181301
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55225}
2018-08-20 15:26:15 +00:00
jgruber
72937ea4a8 Register alloc config for kRootRegister on ia32
This CL prepares the way for adding a root register on ia32. The new
register allocation configuration PreserveRootIA32 treats
kRootRegister as an unallocatable register.

Note that kRootRegister (on ia32) is still completely unused,
unallocated, and may be clobbered at many points. This is left to
future work.

Bug: v8:6666
Change-Id: I4aacdf9c3bb365d6ed49fea8f013f79b7b1f0a98
Reviewed-on: https://chromium-review.googlesource.com/1181023
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55224}
2018-08-20 14:51:34 +00:00
Jaroslav Sevcik
f53e813e29 [turbofan] Forward elements kind getter to map (in the broker)
Bug: v8:7790
Change-Id: Idc19240a6c05d4c182804351c3fc9bbd2650bfc0
Reviewed-on: https://chromium-review.googlesource.com/1181127
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55223}
2018-08-20 14:30:35 +00:00
Peter Marshall
30ff6719db [cpu-profiler] Separate the flags for generating extra line information
NeedsSourcePositionsForProfiling is used to control the generation of
the line end table during parsing (see ParseInfo::CreateScript). This
is costly both for memory and performance. Turning on detailed_line_info
by default caused regressions because we always generate the line end
table.

This CL splits the two conditions apart as they aren't related.

Bug: chromium:875677
Change-Id: I71006db586e504b4cf9232081ba249f5647f5b76
Reviewed-on: https://chromium-review.googlesource.com/1181041
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55222}
2018-08-20 14:28:54 +00:00
Michael Starzinger
60408d97ab [heap][cleanup] Avoid exposing store-buffer internals.
R=mlippautz@chromium.org
BUG=v8:7490

Change-Id: Ifb4b41db3ca34567d735203667978451815c60d4
Reviewed-on: https://chromium-review.googlesource.com/1181056
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55221}
2018-08-20 14:21:26 +00:00
Michael Starzinger
2af2d88bc5 [wasm] Fix interpreter entry with shared code.
This makes sure that debug info and interpreter handle are created
lazily, even when interpretation is triggered by a different Isolate
sharing the same WasmEngine (and hence the native module).

R=titzer@chromium.org
TEST=mjsunit/wasm/worker-interpreter
BUG=v8:7424

Change-Id: Iba17e207a537007fd2e642cede22dad7a708c6c7
Reviewed-on: https://chromium-review.googlesource.com/1181045
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55220}
2018-08-20 14:20:20 +00:00
Maya Lekova
28cde91495 [turbofan] Add JSTests for TurboFan
This commit adds a single NumberToString test suite.
It recognizes the following revert by showing more than 100x improvement:
https://chromium-review.googlesource.com/c/v8/v8/+/1166783

Bug: chromium:865494
Change-Id: I93dab3f0b21e98565c76e65722e90a92adc41d72
Reviewed-on: https://chromium-review.googlesource.com/1181042
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55219}
2018-08-20 14:12:13 +00:00
Dan Elphick
7b3676da42 [cleanup] Remove dead code in StartupSerializer
Now that we don't iterate over the strong roots in the StartupSerializer
twice, remove code related to skipping non-immortal immovable roots.
Factor out code from Serializer::VisitRootPointers and use that method in
the StartSerializer override.

Also update comments that reflected the old way of serializing.

Change-Id: Ieb5e63389f455b963244717cada7e5ccde8e41cb
Reviewed-on: https://chromium-review.googlesource.com/1179669
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55218}
2018-08-20 14:09:03 +00:00
Toon Verwaest
378375d2e5 [scanner] Templatize scan functions by encoding
This way we can avoid reencoding everything to utf16 (buffered) and avoid the
overhead of needing to check the encoding for each character individually.

This may result in a minor asm.js scanning regression due to one-byte tokens
possibly being more common.

Change-Id: I90b51c256d56d4f4fa2d235d7e1e58fc01e43f31
Reviewed-on: https://chromium-review.googlesource.com/1172437
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55217}
2018-08-20 13:54:16 +00:00
Jeremy Roman
28300e3321 bootstrapper: Use heap symbol for stackTraceLimit.
This is already a heap root, so no need to internalize the string again,
nor to open a local handle for it (the one the factory gives is sufficient).

Change-Id: I5095bd378956ab6667b8a1f9d8f3e3d19ddffdb9
Reviewed-on: https://chromium-review.googlesource.com/1177889
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Jeremy Roman <jbroman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55216}
2018-08-20 13:49:06 +00:00
Dan Elphick
041ae1f879 [builtins] Start adding byte code handlers to builtins
Adds a new build flag, v8_enable_embedded_bytecode_handlers, that adds
the bytecode handlers to the BUILTIN_LIST macros.

Currently it's not connected up to the code-generation so it actually
does nothing except expand the builtins table.

Bug: v8:8068
Change-Id: Iaecc3982cf22d04e6c46169b86c9d694952fd091
Reviewed-on: https://chromium-review.googlesource.com/1179887
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55215}
2018-08-20 13:43:06 +00:00
jgruber
e2de46567a [wasm] Do not try to relocate off-heap trampolines
Off-heap trampolines (short trampolines that jump to .text-embedded
builtin instruction streams) should contain exactly one OFF_HEAP_TARGET
reloc entry.

When AddAnonymousCode is called on such a trampoline, it copies the
(off-heap) *instruction stream* and thus should never perform any
relocations using the *trampoline's* RelocInfo.

Bug: v8:6666
Change-Id: I09a11344fb7e62d759c4c943712e7d4e91199130
Reviewed-on: https://chromium-review.googlesource.com/1179671
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55214}
2018-08-20 13:07:38 +00:00
Michael Starzinger
74004dbf3d [wasm] Actually print WasmModuleObject on debug printing.
R=titzer@chromium.org

Change-Id: If3d6843b7e7542799d8be5a9ecea9ad2f96a8c5a
Reviewed-on: https://chromium-review.googlesource.com/1181021
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55213}
2018-08-20 12:18:52 +00:00
Andreas Haas
af4cf8d150 [wasm] Abort decoding of BlockTypeImmediate after an error was detected
R=titzer@chromium.org

Bug: chromium:875556
Change-Id: I989dbaaec1eac3b7d0c761f25efec043cdeb9d71
Reviewed-on: https://chromium-review.googlesource.com/1180964
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55212}
2018-08-20 12:09:11 +00:00
Benedikt Meurer
35974e2da6 [turbofan] Improve CheckedInt32Mod lowering.
The CheckedInt32Mod lowering in the EffectControlLinearizer wasn't
playing well with subsequent optimizations in the MachineOperatorReducer
especially due to the use of Int32Mod, which introduces another (floating)
diamond in the MachineOperatorReducer. Switching to Uint32Mod and explicit
sign handling fixes the problem, plus we also do the mask trick in the
case where the left hand side is negative now.

With this change the performance on the benchmark mentioned in the bug
report goes from

  console.timeEnd: binary, 1872.346000
  console.timeEnd: modulo, 5967.464000
  console.timeEnd: binary, 6006.789000
  console.timeEnd: modulo, 6293.496000
  console.timeEnd: binary, 5969.264000
  console.timeEnd: modulo, 6291.874000

to

  console.timeEnd: binary, 1876.464000
  console.timeEnd: modulo, 5846.643000
  console.timeEnd: binary, 5962.545000
  console.timeEnd: modulo, 5972.639000
  console.timeEnd: binary, 5958.221000
  console.timeEnd: modulo, 5973.171000

so even the peak performance of the modulus is now mostly the same as
the binary bitwise and.

Bug: v8:8069
Change-Id: Iaf3828fc0f6c53352367e8bf6c42534f8b13bfb3
Reviewed-on: https://chromium-review.googlesource.com/1180971
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55211}
2018-08-20 11:45:32 +00:00
Michael Starzinger
3b8fd36b81 [wasm] Enable --wasm-shared-code by default.
R=titzer@chromium.org
BUG=v8:7424

Change-Id: Ic0b8088402a4f64d1a285298a16285bdca4a7167
Reviewed-on: https://chromium-review.googlesource.com/1180897
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55210}
2018-08-20 11:32:54 +00:00
Dan Elphick
5f69ffae18 [cleanup] Factor out BUILTIN_LIST_INTL macro
Small clean up to create a BUILTIN_LIST_INTL to include in BUILTIN_LIST
rather than having two definitions of BUILTIN_LIST depending on whether
V8_INTL_SUPPORT is enabled.

Change-Id: I05ce83fe478049398392c5204b22961d29eb3622
Reviewed-on: https://chromium-review.googlesource.com/1180967
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55209}
2018-08-20 11:31:47 +00:00
Georg Neis
252c36c900 [turbofan] Avoid use of ObjectLiteralMapFromCache.
Since the number of properties is always 0, we can just directly use the
Object function's initial map.

Bug: v8:7790
Change-Id: I061bd522f5bce1c059cd82f5946d8bc572dbfb27
Reviewed-on: https://chromium-review.googlesource.com/1180887
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55208}
2018-08-20 10:57:53 +00:00
jgruber
d74a9fd595 [regexp] Fix invalid lastIndex handling in RegExp.p[@@replace]
The RegExp replace implementation is a bit of a mess. Here, we first
try to handle parts of RegExp.p.exec, and then call directly into the
raw irregexp code (skipping RegExp.p.exec).

We got parts of this wrong: when lastIndex > string.length and the
regexp instance is sticky, two things should happen. 1. The match
should fail, and 2. lastIndex should be reset to 0. On the fast path,
we did the latter but not the former, instead running exec with a
lastIndex of 0.

This CL omits the irregexp call in this case, and defaults to a failed
match instead.

Bug: chromium:875493
Change-Id: I8c959610d267575e37686076a3fd5dfde322f0ca
Reviewed-on: https://chromium-review.googlesource.com/1180889
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55207}
2018-08-20 10:25:39 +00:00