Commit Graph

42854 Commits

Author SHA1 Message Date
Mostyn Bramley-Moore
e52b4a6284 Update AUTHORS file for Vewd Software
Formerly known as Opera TV.

Change-Id: If141d86e744f3ea9dc9605f6d2b35fc78d291a69
Reviewed-on: https://chromium-review.googlesource.com/683175
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Mostyn Bramley-Moore <mostynb@vewd.com>
Cr-Commit-Position: refs/heads/master@{#48212}
2017-09-28 17:25:36 +00:00
Mircea Trofin
1cb0b9bf6a [wasm] Rename Release to Merge in the DisjointAllocationPool
Merge better captures the upcoming usecase in the wasm native heap,
where allocating/freeing is moving the accounting of memory from
a free list to an allocated list and vice-versa - making 'Release'
an odd API when allocating.

Bug: 
Change-Id: I9010959c91a1e8585eb06303ab06078132a03f60
Reviewed-on: https://chromium-review.googlesource.com/688004
Reviewed-by: Eric Holk <eholk@chromium.org>
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48211}
2017-09-28 17:24:22 +00:00
Clemens Hammacher
324e0a7adb Revert "[turbofan] eagerly prune None types and deadness from the graph"
This reverts commit e1cdda2512.

Reason for revert: Fails 'constructor-inlining' on GC-Stress bot: https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/15270

Original change's description:
> [turbofan] eagerly prune None types and deadness from the graph
> 
> In addition to using the {Dead} node to prune dead control nodes and nodes that 
> depend on them, we introduce a {DeadValue} node representing an impossible value 
> that can occur at any position in the graph. The extended {DeadCodeElimination}
> prunes {DeadValue} and its uses, inserting a crashing {Unreachable} node into
> the effect chain when possible. The remaining uses of {DeadValue} are handled
> in {EffectControlLinearizer}, where we always have access to the effect chain.
> In addition to explicitly introduced {DeadValue} nodes, we consider any value use
> of a node with type {None} as dead.
> 
> Bug: chromium:741225
> Change-Id: Icc4b636d1d018c452ba1a2fa7cd3e00e522f1655
> Reviewed-on: https://chromium-review.googlesource.com/641250
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48208}

TBR=jarin@chromium.org,tebbi@chromium.org

Change-Id: I9c175d47e2ee4b11a36ed90421202f2354610398
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:741225
Reviewed-on: https://chromium-review.googlesource.com/690080
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48210}
2017-09-28 16:58:15 +00:00
Enrico Bacis
6cd7a5a73a [wasm] Introduce the WasmContext
The WasmContext struct introduced in this CL is used to store the
mem_size and mem_start address of the wasm memory. These variables can
be accessed at C++ level at graph build time (e.g., initialized during
instance building). When the GrowMemory runtime is invoked, the context
variables can be changed in the WasmContext at C++ level so that the
generated code will load the correct values.

This requires to insert a relocatable pointer only in the
JSToWasmWrapper (and in the other wasm entry points), the value is then
passed from function to function as an automatically added additional
parameter. The WasmContext is then dropped when creating an Interpreter
Entry or when invoking a JavaScript function. This removes the need of
patching the generated code at runtime (i.e., when the memory grows)
with respect to WASM_MEMORY_REFERENCE and WASM_MEMORY_SIZE_REFERENCE.
However, we still need to patch the code at instance build time to patch
the JSToWasmWrappers; in fact the address of the WasmContext is not
known during compilation, but only when the instance is built.

The WasmContext address is passed as the first parameter. This has the
advantage of not having to move the WasmContext around if the function
does not use many registers. This CL also changes the wasm calling
convention so that the first parameter register is different from the
return value register. The WasmContext is attached to every
WasmMemoryObject, to share the same context with multiple instances
sharing the same memory. Moreover, the nodes representing the
WasmContext variables are cached in the SSA environment, similarly to
other local variables that might change during execution.  The nodes are
created when initializing the SSA environment and refreshed every time a
grow_memory or a function call happens, so that we are sure that they
always represent the correct mem_size and mem_start variables.

This CL also removes the WasmMemorySize runtime (since it's now possible
to directly retrieve mem_size from the context) and simplifies the
GrowMemory runtime (since every instance now has a memory_object).

R=ahaas@chromium.org,clemensh@chromium.org
CC=gdeepti@chromium.org

Change-Id: I3f058e641284f5a1bbbfc35a64c88da6ff08e240
Reviewed-on: https://chromium-review.googlesource.com/671008
Commit-Queue: Enrico Bacis <enricobacis@google.com>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48209}
2017-09-28 16:14:03 +00:00
Tobias Tebbi
e1cdda2512 [turbofan] eagerly prune None types and deadness from the graph
In addition to using the {Dead} node to prune dead control nodes and nodes that 
depend on them, we introduce a {DeadValue} node representing an impossible value 
that can occur at any position in the graph. The extended {DeadCodeElimination}
prunes {DeadValue} and its uses, inserting a crashing {Unreachable} node into
the effect chain when possible. The remaining uses of {DeadValue} are handled
in {EffectControlLinearizer}, where we always have access to the effect chain.
In addition to explicitly introduced {DeadValue} nodes, we consider any value use
of a node with type {None} as dead.

Bug: chromium:741225
Change-Id: Icc4b636d1d018c452ba1a2fa7cd3e00e522f1655
Reviewed-on: https://chromium-review.googlesource.com/641250
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48208}
2017-09-28 15:42:02 +00:00
Toon Verwaest
6e68a28bfc Replace specific IC Code::Kind with Code::STUB
Bug: 
Change-Id: I41d3f3086f5e90a1a1579c18eca59b5d098f637f
Reviewed-on: https://chromium-review.googlesource.com/690374
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48207}
2017-09-28 15:40:41 +00:00
Yang Guo
64b67ddad5 Prevent unitialized variable.
R=hablich@chromium.org

Bug: chromium:646005
Change-Id: I425111cb393d0119fa18fbe14bc32d5e7560b181
Reviewed-on: https://chromium-review.googlesource.com/667157
Commit-Queue: Michael Hablich <hablich@chromium.org>
Reviewed-by: Michael Hablich <hablich@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48206}
2017-09-28 14:27:21 +00:00
Martyn Capewell
193dcf7693 [arm64] Pair some pushes and delete unused code
Pair some stack ops so that they deal with an even numbers of registers, add
padding around profile entry calls, and delete some unused macro assembler code.

Bug: v8:6644
Change-Id: I5a5529f04738ba2a2fdb1b0d4ee93c567a3c504e
Reviewed-on: https://chromium-review.googlesource.com/686823
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
Cr-Commit-Position: refs/heads/master@{#48205}
2017-09-28 13:36:17 +00:00
Ben L. Titzer
afb7bdc46a [wasm] Move compilation methods to module-compiler.h
Note that this also makes it possible to move several classes
into the module-compiler.cc file and inline their implementations.

This also allows removing several uses of wasm-module.h from
other places in V8 that include wasm-objects.h.

R=yangguo@chromium.org,clemensh@chromium.org,ahaas@chromium.org

Bug: 
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I303ee2bb49dc53c951d377a1b65699c1e0e91da7
Reviewed-on: https://chromium-review.googlesource.com/687494
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48204}
2017-09-28 13:14:26 +00:00
Marja Hölttä
40856948a6 [parser] Skipping inner funcs: Turn off FLAG_preparser_scope_analysis.
For sorting out regressions.

BUG=v8:5516

Change-Id: I117667346b5de33c1cadd250e4a0d4f2dc807227
Reviewed-on: https://chromium-review.googlesource.com/690077
Reviewed-by: Michael Hablich <hablich@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48203}
2017-09-28 12:41:56 +00:00
Michael Starzinger
4ba6f15ece [objects] Remove obsolete uses of {ReplaceCode} methods.
R=rmcilroy@chromium.org

Change-Id: Id568afef0d6ac68170faa33ad9ab4bba97d40ce9
Reviewed-on: https://chromium-review.googlesource.com/690294
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48202}
2017-09-28 12:37:46 +00:00
Toon Verwaest
b8b25e1c27 [ic] Remove extra-ic-state and Map::code_cache
There are only very few custom compiled IC handlers left that go in there, and for each compiled handler we only have 1 cache hit on top25; maximally saving 60ms over 33s. Additionally we'll migrate the remaining handlers to data-driven handlers anyway. Let's try to remove this code.

Bug: 
Change-Id: Ib874cc498015046a3ff67c83ea8b10b3c4eb7d0f
Reviewed-on: https://chromium-review.googlesource.com/668409
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48201}
2017-09-28 11:24:12 +00:00
Peter Marshall
690d52afa8 [cleanup] Remove List.
ZoneList still used List as a base class, so this CL merges the two
classes together. We also remove unused functions in List and ZoneList.

We keep the inline header but move it to src/zone/zone-list-inl.h. The
includes that use this header are still quite tangled, but we can fix
that later.

Bug: v8:6333
Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: Ia809813834b2328ff616623f8a843812a1eb42a7
Reviewed-on: https://chromium-review.googlesource.com/681658
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48200}
2017-09-28 10:47:40 +00:00
Michael Achenbach
7e4fc16330 Revert "[build] Switch windows default compilation to MSVS 2017"
This reverts commit a0d2ffb661.

Reason for revert: Breaks CI

Original change's description:
> [build] Switch windows default compilation to MSVS 2017
> 
> Bug: v8:6857
> Change-Id: Icab007681753c6f8143147ea8b2c1b06bf325d92
> Reviewed-on: https://chromium-review.googlesource.com/686900
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48196}

TBR=machenbach@chromium.org,brucedawson@chromium.org,sergiyb@chromium.org

Change-Id: I5c961c8c28c6213014cf61ad342984193a18498e
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6857
Reviewed-on: https://chromium-review.googlesource.com/690034
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48199}
2017-09-28 10:15:24 +00:00
Michael Starzinger
ac4756360f Reland "[turbofan] Implement lowering of {JSCreateClosure}."
This is a reland of 9d3c4b4b91
Original change's description:
> [turbofan] Implement lowering of {JSCreateClosure}.
> 
> This adds support for inline allocation of {JSFunction} objects as part
> of closures instantiation for {JSCreateClosure} nodes. The lowering is
> limited to instantiation sites which have already seen more than one
> previous instantiation, this avoids the need to increment the respective
> counter.
> 
> R=jarin@chromium.org
> 
> Change-Id: I462c557453fe58bc5f09020a3d5ebdf11c2ea68b
> Reviewed-on: https://chromium-review.googlesource.com/594287
> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48176}

Change-Id: I3ec3880bea89798a34a3878e6122b95db1014151
Reviewed-on: https://chromium-review.googlesource.com/686834
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48198}
2017-09-28 10:10:42 +00:00
Peter Marshall
329f694678 [cleanup] Replace List with std::vector in api.
The members of HandleScopeImplementer are copied with memcpy when
the isolate is transferred to another thread. List contained some
primitives which allowed us to manually free the backing store, which
was needed in order to ensure that threads would not hold on to
old pointers and use them later. With std::vector, we can't do that.

Here we change the HandleScopeImplementer to instead use a custom
structure DetachableVector, which contains a std::vector but allows
manual detaching and freeing of the backing store. This allows us to
maintain the old behavior.

Bug: v8:6333
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I6361d161cdb19878ba19ed51d6ba2fae99e8cdc0
Reviewed-on: https://chromium-review.googlesource.com/660125
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48197}
2017-09-28 09:32:18 +00:00
Michael Achenbach
a0d2ffb661 [build] Switch windows default compilation to MSVS 2017
Bug: v8:6857
Change-Id: Icab007681753c6f8143147ea8b2c1b06bf325d92
Reviewed-on: https://chromium-review.googlesource.com/686900
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48196}
2017-09-28 08:47:38 +00:00
Toon Verwaest
f178361763 [ic] Make transition-code unaware of handler encodings
Bug: 
Change-Id: I6894c097a994527b5e749527966c5de6c42d964b
Reviewed-on: https://chromium-review.googlesource.com/668405
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48195}
2017-09-28 08:15:39 +00:00
Yang Guo
aaebbbaa59 Remove --string-slices and --serialize-eager.
Both flags are obsolete.

R=cbruni@chromium.org

Change-Id: I78f5980f2d0bd569b8e5f6e29539cf87293cab94
Reviewed-on: https://chromium-review.googlesource.com/684296
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48194}
2017-09-28 04:41:18 +00:00
Jakob Kummerow
d6603be47d [bigint] Fixes for issues found in local testing
- The fallback path for "digit_mul" was missing shifts
- RightTrim() could end up reading digit(-1) (i.e. the bit field)
- Add SLOW_DCHECKs to digit()/set_digit() to catch any further
  invalid-index issues

Bug: v8:6791
Change-Id: I901edfce90bb6ac11e74c3c3f577225f12bad177
Reviewed-on: https://chromium-review.googlesource.com/683796
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48193}
2017-09-28 04:35:55 +00:00
Clemens Hammacher
af85c865ba [wasm] Reduce size of ProtectedInstructionData
Since code objects cannot grow larger than 2GB anyway, it's enough to
store the instruction offset and landing pad offset as 32-bit values.
This reduces the size of the ProtectedInstructionData struct by 50%.

R=eholk@chromium.org

Bug: v8:5277
Change-Id: I4d2e0dc76b8a853fb50d51d70d5ec4038ee594ac
Reviewed-on: https://chromium-review.googlesource.com/686757
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Eric Holk <eholk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48192}
2017-09-27 19:26:23 +00:00
Eric Holk (eholk)
46f6e24a41 [wasm] trap handlers: Factor out landing pad search code
This is the first of a series of refactoring CLs to make way for
Windows trap handling support.

See https://chromium-review.googlesource.com/c/v8/v8/+/626558 as well.

Bug: 
Change-Id: I5fe9ef9c1cec58a81e51fcffbbe4419e0e298ab7
Reviewed-on: https://chromium-review.googlesource.com/644104
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Commit-Queue: Eric Holk <eholk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48191}
2017-09-27 19:01:01 +00:00
Paul Irish
70b79c959a DevTools: correct protocol typo for exceptionRevoked
Bug: NONE
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Iaf820f8235ea85c21fb8e904c132c8c2039bf941
Reviewed-on: https://chromium-review.googlesource.com/653237
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Pavel Feldman <pfeldman@chromium.org>
Commit-Queue: Pavel Feldman <pfeldman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48190}
2017-09-27 18:01:16 +00:00
Georgia Kouveli
e7d9972da3 [arm64] Update CallApiCallbackStub and CallApiGetterStub for JSSP removal.
Bug: v8:6644
Change-Id: I601b78ba681925521005acabed1ee6e91df98ed0
Reviewed-on: https://chromium-review.googlesource.com/686762
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com>
Cr-Commit-Position: refs/heads/master@{#48189}
2017-09-27 17:12:33 +00:00
Andreas Haas
82c378e1e0 [wasm] Turn off async compilation
Async compilation causes problem when the isolate shuts down
concurrently.

R=hablich@chromium.org

Bug: chromium:764313
Change-Id: I35b5ba9bdb70291b53e87a5323f5408930f01ddd
Reviewed-on: https://chromium-review.googlesource.com/687076
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48188}
2017-09-27 16:33:54 +00:00
Clemens Hammacher
5fee363604 [wasm] Avoid allocating a zone for processing protected instructions
By reusing a single vector instead of allocating one per code object,
we can save lots of heap allocations.

R=eholk@chromium.org

Bug: v8:5277
Change-Id: Ia462c97293cd00607d9f2faf29e265ea78d49394
Reviewed-on: https://chromium-review.googlesource.com/686819
Reviewed-by: Eric Holk <eholk@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48187}
2017-09-27 16:25:19 +00:00
Eric Holk
f180d9fb59 [wasm] check trap handler consistency in debug builds; simplify structures
This CL includes validation code for the trap handler data structures in debug
mode to help catch issues like v8:6841 sooner in the future.

We also now eagerly initialize the free list pointers to make the logic of
finding the next free entry more obvious.

Bug: v8:5277
Change-Id: I13c3180c59b6152508c480e2042072a91e6ca977
Reviewed-on: https://chromium-review.googlesource.com/674128
Commit-Queue: Eric Holk <eholk@chromium.org>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48186}
2017-09-27 16:24:14 +00:00
Sergiy Byelozyorov
c431c974b4 Whitespace CL to test trybots and CI
TBR=machenbach@chromium.org

Bug: chromium:747960
No-Try: true
No-Presubmit: true
No-Tree-Checks: true
Change-Id: I06af6e09c76a8006717d10a669812840c4f58b24
Reviewed-on: https://chromium-review.googlesource.com/687498
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48185}
2017-09-27 16:13:09 +00:00
Yang Guo
5dcedc18c1 [snapshot] correctly mark SFIs with deserialized code.
We used to only mark top-level SFIs with the 'deserialized' bit.
Now we do it for every SFI that has cached code. This is the
first step to surface caching information in the future.

R=cbruni@chromium.org

Bug: chromium:769166
Change-Id: I12f21511419ce54fd07a2cc277a65866660c366a
Reviewed-on: https://chromium-review.googlesource.com/686715
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48184}
2017-09-27 14:32:34 +00:00
Ben L. Titzer
552150b228 [wasm] Move heap-object related functionality out of wasm-module.h.
These functions clearly belong closer to respective classes
in wasm-objects.h.

R=clemensh@chromium.org

Bug: 
Change-Id: I46117b15181d33b237f4cdf318ce66ddb18d96bd
Reviewed-on: https://chromium-review.googlesource.com/684594
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48183}
2017-09-27 14:31:15 +00:00
Michael Achenbach
21b24620dd Whitelist change to test infra
TBR=sergiyb@chromium.org

Bug: chromium:747960
No-Try: true
No-Presubmit: true
No-Tree-Checks: true
Change-Id: I4acaa2b825585ba41b70de58bed727b558c3b1ac
Reviewed-on: https://chromium-review.googlesource.com/687215
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48182}
2017-09-27 14:11:37 +00:00
Clemens Hammacher
8f0cd1c244 [turbofan] Fix passing float parameters on the stack
There was an issue with passing float32 parameters, if the value was
spilled on the stack and passed as stack parameter.
First, we sometimes reduced the stack pointer by 8 bytes instead of 4,
and second, there was a mismatch between movsd and movss.

R=titzer@chromium.org

Bug: chromium:718858
Change-Id: Ia884df369ddd95adeff3733f9715f589996f0b65
Also-By: ahaas@chromium.org
Reviewed-on: https://chromium-review.googlesource.com/684738
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48181}
2017-09-27 13:49:55 +00:00
Michael Starzinger
fb35717fde [asm.js] Remove dead code for calling Math.fround directly.
R=clemensh@chromium.org

Change-Id: I03fb9ae37a7950fdb8a819383b114dfc2c13d618
Reviewed-on: https://chromium-review.googlesource.com/686914
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48180}
2017-09-27 12:45:23 +00:00
Sergiy Byelozyorov
38b176737d Whitespace CL to test trybots and CI
TBR=machenbach@chromium.org

Bug: 747960
No-Try: true
No-Presubmit: true
No-Tree-Checks: true
Change-Id: I0cab4da0bb6070e43e636fe9b5f2991f31b93d35
Reviewed-on: https://chromium-review.googlesource.com/686815
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48179}
2017-09-27 11:39:38 +00:00
Michael Starzinger
9e618c72b3 Revert "[turbofan] Implement lowering of {JSCreateClosure}."
This reverts commit 9d3c4b4b91.

Reason for revert: Breaks cctest/test-debug/NoBreakWhenBootstrapping in no-snap mode.

Original change's description:
> [turbofan] Implement lowering of {JSCreateClosure}.
> 
> This adds support for inline allocation of {JSFunction} objects as part
> of closures instantiation for {JSCreateClosure} nodes. The lowering is
> limited to instantiation sites which have already seen more than one
> previous instantiation, this avoids the need to increment the respective
> counter.
> 
> R=​jarin@chromium.org
> 
> Change-Id: I462c557453fe58bc5f09020a3d5ebdf11c2ea68b
> Reviewed-on: https://chromium-review.googlesource.com/594287
> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48176}

TBR=mstarzinger@chromium.org,jarin@chromium.org

Change-Id: Id52281f6a3c0b7c2603053ecf002777d5b0d6f1f
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/686534
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48178}
2017-09-27 10:02:52 +00:00
Martyn Capewell
1cc93be0f1 [arm64] Add slot copier to masm and use in builtins
Abstract some stack slot copies through a macro assembler function. This
eliminates some non-paired stack operations.

Bug: v8:6644
Change-Id: Icaa3ebb1bec42587ad461bd548a4225c7b4e5d15
Reviewed-on: https://chromium-review.googlesource.com/685238
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
Cr-Commit-Position: refs/heads/master@{#48177}
2017-09-27 09:35:07 +00:00
Michael Starzinger
9d3c4b4b91 [turbofan] Implement lowering of {JSCreateClosure}.
This adds support for inline allocation of {JSFunction} objects as part
of closures instantiation for {JSCreateClosure} nodes. The lowering is
limited to instantiation sites which have already seen more than one
previous instantiation, this avoids the need to increment the respective
counter.

R=jarin@chromium.org

Change-Id: I462c557453fe58bc5f09020a3d5ebdf11c2ea68b
Reviewed-on: https://chromium-review.googlesource.com/594287
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48176}
2017-09-27 09:20:21 +00:00
Benedikt Meurer
adfaf74d33 [turbofan] Fix off-by-one in constant-folding of frozen elements.
Bug: chromium:768367, v8:6819, v8:6820, v8:6831
Change-Id: I90538217f794c91a83ae5cfb12e0d0347d5f8574
Reviewed-on: https://chromium-review.googlesource.com/685240
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48175}
2017-09-27 05:43:25 +00:00
Jakob Kummerow
35f94cbe55 [refactoring] Prepare conversions{.h,-inl.h,.cc} for BigInt.parseInt
- Move things to conversions.cc that don't need to be in headers
- Turn InternalStringToInt into a subclassable helper class
  so we can re-use it for BigInt.parseInt
- Bonus: play a round of IWYU with all the .cc files who thought that
  #including conversions-inl.h would give them nice Unicode things

Bug: v8:6791
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I64022543a9b83002e2b78416c7e87b40a1a016e6
Reviewed-on: https://chromium-review.googlesource.com/673725
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48174}
2017-09-26 22:52:31 +00:00
Jakob Kummerow
3b57e96cd1 [bigint] Support BigInts in +,-,*,/,% binary ops.
This CL teaches the respective bytecode handlers and standalone stubs
about BigInts, and collects "kBigInt" feedback for them. However,
Turbofan does not yet care about such feedback, so it is simply converted
to "any" for now (making TF emit stub calls for BigInt operations).

Bug: v8:6791
Change-Id: I6440c108ccd79058d77adc2a6041251db9d5f81d
Reviewed-on: https://chromium-review.googlesource.com/683758
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48173}
2017-09-26 22:01:54 +00:00
Jakob Kummerow
3faea676c8 Reland "[bigint] Implement Divide and Remainder"
This is a reland of r48152 / 2f88c9b2df, originally
reviewed on https://chromium-review.googlesource.com/678037,
with a small fix for Clang on Windows.

TBR=littledan@chromium.org

Bug: v8:6791
Change-Id: I70bc950f82682f40486540d2ac6e10540888d663
Reviewed-on: https://chromium-review.googlesource.com/685255
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48172}
2017-09-26 19:56:37 +00:00
Michael Achenbach
b3e68b3318 Revert "Add fast path to ObjectGetOwnPropertyDescriptor"
This reverts commit e0b76c9a84.

Reason for revert: Changes layout tests:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/18522

See also:
https://github.com/v8/v8/wiki/Blink-layout-tests

Original change's description:
> Add fast path to ObjectGetOwnPropertyDescriptor
> 
> Bug: v8:6557
> Change-Id: I384e9f36058c73d40be1faf5ae1bf8c01d068f0e
> Reviewed-on: https://chromium-review.googlesource.com/682059
> Commit-Queue: Maya Lekova <mslekova@google.com>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48166}

TBR=ishell@chromium.org,mslekova@google.com

Change-Id: I27aa52786f79dd617faea6336df684821c1720d2
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6557
Reviewed-on: https://chromium-review.googlesource.com/685314
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48171}
2017-09-26 16:54:19 +00:00
Clemens Hammacher
83162121b4 [wasm] [decoder] Also trace global index
With --trace-wasm-decoder, we were printing the local variable index
for values on the stack generated by get_local instructions. This CL
adds the same feature for globals.

R=titzer@chromium.org

Change-Id: Ie113ebcc2d1abcd67df2d01bf4bdb452635732c8
Reviewed-on: https://chromium-review.googlesource.com/684737
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48170}
2017-09-26 16:09:01 +00:00
Michael Starzinger
02d999abad [asm.js] Fix Math.abs signature to return unsigned.
This fixes the signature of "Math.abs" from "(signed) -> signed" to
"(signed) -> unsigned" and hence fixes cases where the absolute value
would overflow the range of signed 32-bit values. This is in sync with
spec erratas (and ECMAScript semantics).

Note that this also switches the underlying implementation of the above
absolute value function to a branch-free version.

R=clemensh@chromium.org
TEST=mjsunit/regress/regress-6838-3
BUG=v8:6838

Change-Id: Ib13b7ecd336ae386cbde7c574e727bf52f841e00
Reviewed-on: https://chromium-review.googlesource.com/684181
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48169}
2017-09-26 13:02:53 +00:00
Andreas Haas
ab7bd9f408 [wasm] Reduce size of the trap handler ool code
With this CL we use the same optimizations for the trap handler ool code
which we already use for trap-if.

* Call a builtin instead of calling the runtime directly.
* Use one call per ool code instead of a source position parameter.
* Do not pass the trap reason as parameter.

R=titzer@chromium.org, eholk@chromium.org

Change-Id: Ieef6da96f340269c3e91efd21ac24e61a42193f4
Reviewed-on: https://chromium-review.googlesource.com/684436
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48168}
2017-09-26 13:00:34 +00:00
Tobias Tebbi
e6d84f4ecb [csa] fix variable merge for switch default label
Bug: 
Change-Id: I52e757aa2de951ff40660545472321c7dec84241
Reviewed-on: https://chromium-review.googlesource.com/632156
Reviewed-by: Daniel Clifford <danno@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48167}
2017-09-26 12:31:29 +00:00
Maya Lekova
e0b76c9a84 Add fast path to ObjectGetOwnPropertyDescriptor
Bug: v8:6557
Change-Id: I384e9f36058c73d40be1faf5ae1bf8c01d068f0e
Reviewed-on: https://chromium-review.googlesource.com/682059
Commit-Queue: Maya Lekova <mslekova@google.com>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48166}
2017-09-26 12:21:43 +00:00
Marja Hölttä
f130bfd394 [unicode] Fix overlong / surrogate sequences detection some more.
Follow up to https://chromium-review.googlesource.com/671020

We still didn't return the correct amount of invalid characters, according to
the Encoding spec ( https://encoding.spec.whatwg.org/#utf-8-decoder ), when we
saw a byte sequence which was as start of an overlong / invalid sequence, but
there weren't enough continuation bytes.

A more rigorous test will follow in
https://chromium-review.googlesource.com/c/v8/v8/+/681217

BUG=chromium:765608

Change-Id: I535670edc14d3bae144e5a9ca373f12eec78a934
Reviewed-on: https://chromium-review.googlesource.com/681674
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48165}
2017-09-26 12:08:24 +00:00
Yang Guo
dc7b2b2ba7 Reland "[snapshot] include version string in the startup snapshot."
This is a reland of 629406d1e9
Original change's description:
> [snapshot] include version string in the startup snapshot.
> 
> This is to easier diagnose build issues involving the snapshot.
> Sample error message for mismatching snapshot:
> 
> #
> # Fatal error in ../../src/snapshot/snapshot-common.cc, line 286
> # Version mismatch between V8 binary and snapshot.
> #   V8 binary version: 6.3.1 (candidate)
> #    Snapshot version: 6.3.0 (candidate)
> # The snapshot consists of 2820444 bytes and contains 1 contexts.
> #
> 
> 
> R=machenbach@chromium.org
> 
> Bug: chromium:764327
> Change-Id: Icdc7aeac77819b113985b424feda814a072d5406
> Reviewed-on: https://chromium-review.googlesource.com/684295
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Commit-Queue: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48161}

Bug: chromium:764327
Change-Id: I3721689824e0a6909eede86d0829dc258ae40c4d
Reviewed-on: https://chromium-review.googlesource.com/684494
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48164}
2017-09-26 11:29:44 +00:00
Tobias Tebbi
8f2977a3c6 [turbofan] fix escape analysis for not word aligned fields
On big endian 64 bit architectures, kHashFieldOffset is not word-aligned. 
This breaks the assumption in escape analysis that all fields are word-aligned. 
Fix this by not dematerializing such objects.

Alternative fix for https://chromium-review.googlesource.com/c/v8/v8/+/681335

Change-Id: I7d8e4c7934d9306cc06a614ae110e7cf7235394f
Reviewed-on: https://chromium-review.googlesource.com/681714
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48163}
2017-09-26 11:10:53 +00:00