Commit Graph

42854 Commits

Author SHA1 Message Date
Clemens Hammacher
9693835aeb [wasm] [decoder] Minor interface change
The baseline compiler needs to know the depth in order to access the
parent block. This is a small CL, but anything that can land before the
big baseline CL reduced the complexity of the latter.

R=ahaas@chromium.org

Bug: v8:6600
Change-Id: I2e29cc974908438266adb4301026dfe5fbfb1990
Reviewed-on: https://chromium-review.googlesource.com/677301
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48112}
2017-09-21 14:19:26 +00:00
Marja Hölttä
70e0261a95 [parser] Skipping inner funcs: Add debug code.
There are some mysterious, unreproducible CHECK failures (inconsistent
data). Add more information onto the stack (and thus, to minidumps) for
debugging them.

BUG=v8:5516,chromium:766693

Change-Id: Ic1ebc3036957ede4e3e1c1d287479897e54e40ed
Reviewed-on: https://chromium-review.googlesource.com/677294
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48111}
2017-09-21 13:42:30 +00:00
Clemens Hammacher
3a06391166 [base] Allow comparing enums in (D)CHECKs
In the current implementation, compilation would fail because
operator<< is not defined for enum classes. For others, the compiler
finds more than one operator<<, so it fails because it's ambiguous.

This CL fixes this by printing the integer value for enums, uses the
operator<< for all values that support it, and prints "<unprintable>"
otherwise.

Also, lots of unit tests.

R=ishell@chromium.org

Bug: v8:6837
Change-Id: I895ed226672aa07213f9605e094b87af186ec2e4
Reviewed-on: https://chromium-review.googlesource.com/671016
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48110}
2017-09-21 13:33:30 +00:00
Clemens Hammacher
008d7b2ad2 [wasm] Remove redundant validation
And add some tests for (seemingly) previously uncovered cases.
The additional check for unreachable code is not needed any more, since
polymorphic stack values get assigned a specific type on their first
use or validation anyway. Hence the first entry in the br_table will
assign specific types to all polymorphic stack values, and type checking
will fail if later entries do not match.

R=rossberg@chromium.org
CC=titzer@chromium.org

Change-Id: I1d0f91f927a2aa5186f874112e91ebffa1f1b3a7
Reviewed-on: https://chromium-review.googlesource.com/675405
Reviewed-by: Andreas Rossberg <rossberg@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48109}
2017-09-21 13:30:00 +00:00
Ivica Bogosavljevic
01e3be5046 MIPS[64]: Implement 3R MSA instructions in simulator
Bug: 
Change-Id: Ia7bbbb2aba28ec36b470a1b23ebe38fc3a09e600
Reviewed-on: https://chromium-review.googlesource.com/657757
Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com>
Reviewed-by: Miran Karić <Miran.Karic@imgtec.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48108}
2017-09-21 13:27:44 +00:00
Ulan Degenbaev
a76d0a771e Reland "[heap] Enable concurrent marking for x86 and x64."
This is a reland of 8c4a8250de
Original change's description:
> [heap] Enable concurrent marking for x86 and x64.
> 
> Bug: chromium:694255
> Change-Id: I28c8c6e5ba6c84123f3951e822c132860cb22c1d
> Reviewed-on: https://chromium-review.googlesource.com/641451
> Commit-Queue: Kentaro Hara <haraken@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Hannes Payer (slow) <hpayer@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48100}

Bug: chromium:694255
TBR: mlippautz@chromium.org
Change-Id: Ic36515dbd418c219bccbbf371126a4dfd66a466f
Reviewed-on: https://chromium-review.googlesource.com/676966
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48107}
2017-09-21 12:35:10 +00:00
Mostyn Bramley-Moore
2857dab5cb [jumbo] add some missing cctest header guards
Bug: chromium:746958
Change-Id: I0c1dfe1019b5324d322f5c7a6a2e6095c18f0b40
Reviewed-on: https://chromium-review.googlesource.com/676583
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Mostyn Bramley-Moore <mostynb@opera.com>
Cr-Commit-Position: refs/heads/master@{#48106}
2017-09-21 12:19:10 +00:00
Marja Hölttä
6389b7e6b6 [unicode] Return (the correct) errors for overlong / surrogate sequences.
This fix is two-fold:

1) Incremental UTF-8 decoding: Unify incorrect UTF-8 handling between V8 and
Blink.

Incremental UTF-8 decoding used to allow some overlong sequences / invalid code
points which Blink treated as errors. This caused the decoder and the Blink
UTF-8 decoder to produce a different number of bytes, resulting in random
failures when scripts were streamed (especially, this was detected by the
skipping inner functions feature which adds CHECKs against expected function
positions).

2) Non-incremental UTF-8 decoding: return the correct amount of invalid characters.

According to the encoding spec ( https://encoding.spec.whatwg.org/#utf-8-decoder
), the first byte of an overlong sequence / invalid code point generates an
invalid character, and the rest of the bytes are not processed (i.e., pushed
back to the byte stream). When they're handled, they will look like lonely
continuation bytes, and will generate an invalid character each.

As a result, an overlong 4-byte sequence should generate 4 invalid characters
(not 1).

This is a potentially breaking change, since the (non-incremental) UTF-8
decoding is exposed via the API (String::NewFromUtf8). The behavioral difference
happens when the client is passing in invalid UTF-8 (containing overlong /
surrogate sequences).

However, afaict, this doesn't change the semantics of any JavaScript program:
according to the ECMAScript spec, the program is a sequence of Unicode code
points, and there's no way to invoke the UTF-8 decoding functionalities from
inside JavaScript. Though, this changes the behavior of d8 when decoding source
files which are invalid UTF-8.

This doesn't change anything related to URI decoding (it already throws
exceptions for overlong sequences / invalid code points).

BUG: chromium:765608, chromium:758236, v8:5516
Bug: 
Change-Id: Ib029f6a8e87186794b092e4e8af32d01cee3ada0
Reviewed-on: https://chromium-review.googlesource.com/671020
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Franziska Hinkelmann <franzih@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48105}
2017-09-21 10:44:40 +00:00
Michael Lippautz
669c2cfe29 [heap] Fix verification of counters
No-Try: true
Bug: v8:6845
Change-Id: Ic823fe62e0ee6a954ca704d37a6cb54473720b9c
Reviewed-on: https://chromium-review.googlesource.com/676890
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48104}
2017-09-21 09:16:59 +00:00
Michael Achenbach
b36f39c34c Revert "[heap] Enable concurrent marking for x86 and x64."
This reverts commit 8c4a8250de.

Reason for revert: Flaky dcheck on several bots, e.g.:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20debug/builds/17055

Original change's description:
> [heap] Enable concurrent marking for x86 and x64.
> 
> Bug: chromium:694255
> Change-Id: I28c8c6e5ba6c84123f3951e822c132860cb22c1d
> Reviewed-on: https://chromium-review.googlesource.com/641451
> Commit-Queue: Kentaro Hara <haraken@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Hannes Payer (slow) <hpayer@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48100}

TBR=ulan@chromium.org,haraken@chromium.org,machenbach@chromium.org,hpayer@chromium.org,mlippautz@chromium.org

Change-Id: Id5954676c75e69b66e85f05ffab737ab7f760101
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:694255
Reviewed-on: https://chromium-review.googlesource.com/677203
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48103}
2017-09-21 09:15:53 +00:00
Mostyn Bramley-Moore
01946db5e0 [jumbo] add test namespaces for cctest
By adding a per test source file namespace, we can avoid a lot of
symbol collisions in jumbo builds.

While we're at it, let's remove some "using" statements that also
cause trouble.

Bug: chromium:746958
Change-Id: I6f8a723e1ba5905888638e0687b23193f3f012ca
Reviewed-on: https://chromium-review.googlesource.com/676803
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Mostyn Bramley-Moore <mostynb@opera.com>
Cr-Commit-Position: refs/heads/master@{#48102}
2017-09-21 08:46:16 +00:00
Igor Sheludko
2c22b8ecb7 [csa] Fix typo in machine graph verifier.
Bug: chromium:346399
Change-Id: I4d93dbef6deb0fee477f88e20c40106868e99dee
Reviewed-on: https://chromium-review.googlesource.com/674940
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48101}
2017-09-21 08:45:09 +00:00
Ulan Degenbaev
8c4a8250de [heap] Enable concurrent marking for x86 and x64.
Bug: chromium:694255
Change-Id: I28c8c6e5ba6c84123f3951e822c132860cb22c1d
Reviewed-on: https://chromium-review.googlesource.com/641451
Commit-Queue: Kentaro Hara <haraken@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Hannes Payer (slow) <hpayer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48100}
2017-09-21 07:01:00 +00:00
Jakob Kummerow
533e2f0b57 [bigint] Implement BigInt::Multiply
Bug: v8:6791
Change-Id: If128758e92e566603fa1e3213f42e1dd7a246793
Reviewed-on: https://chromium-review.googlesource.com/674134
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48099}
2017-09-21 06:24:00 +00:00
Ulan Degenbaev
f16b561bee Revert "Reland "[profiler] proper observation of old space inline allocations""
This reverts commit ec952aaa68.

Reason for revert: https://bugs.chromium.org/p/chromium/issues/detail?id=767144

Original change's description:
> Reland "[profiler] proper observation of old space inline allocations"
> 
> This is a reland of 672a41c3ca
> Original change's description:
> > [profiler] proper observation of old space inline allocations
> > 
> > Bug: chromium:633920
> > Change-Id: I9a2f4a89f6b9c0f63cb3b166b06a88a12f0a203c
> > Reviewed-on: https://chromium-review.googlesource.com/631696
> > Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com>
> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#48043}
> 
> Bug: chromium:633920
> Change-Id: I6fe743d31b8ff26f3858488d4c014c62d3c85add
> Reviewed-on: https://chromium-review.googlesource.com/671127
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com>
> Cr-Commit-Position: refs/heads/master@{#48085}

TBR=ulan@chromium.org,mlippautz@chromium.org,ofrobots@google.com

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: chromium:633920
Change-Id: I576cdab4a03f9fe057ebe1bf7da9dfe3c7bf62cd
Reviewed-on: https://chromium-review.googlesource.com/676683
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48098}
2017-09-21 04:19:29 +00:00
Deepti Gandluri
327df0b8c2 [wasm] Fix memory initialization on instantiate
Memory instantiate on initialize should always patch memory
references. If memory references are not patched for no initial
memory, on subsequent calls to grow_memory in wasm functions for
instances that share a module, the references will be patched
without resetting cloned compiled values to their correct initial
values.

BUG=chromium:763439

Change-Id: I666439332379b02aa344e99d61ef3dc88ab86cc8
Reviewed-on: https://chromium-review.googlesource.com/674707
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48097}
2017-09-20 22:52:31 +00:00
Bill Budge
c701bd2ebf [Turbofan] Fix x64 128 bit swaps when AVX is not supported.
- Changes x64 AssembleSwap to push/pop to swap 128 bit slot swaps.
- Reorders instructions to simplify 32/64 bit FP slot swaps.
- Refactor ia32 version of this, eliminating OffsetOperand in favor of
  existing ToOperand.

Bug: v8:6020
Change-Id: Ie0ae4c581c9aeb88ee786797851c3c77d5210a3d
Reviewed-on: https://chromium-review.googlesource.com/669748
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48096}
2017-09-20 21:25:31 +00:00
Jakob Kummerow
21bbdec52f [turbofan] Handlify JSModuleNamespace AccessInfo computation
For consistency with surrounding handlified code. No change in
functionality intended.

Change-Id: I8501514ce9caf94fc7e6fb45162fcfd3d730efcd
Reviewed-on: https://chromium-review.googlesource.com/671671
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48095}
2017-09-20 18:58:51 +00:00
Jakob Kummerow
b361ed5135 [bigint] Expose BigInt on the global object
Along with BigInt.prototype. Their functions only have skeleton
implementations. The purpose of this change is to make it easier
to gradually increase test coverage (e.g. for toString(radix)).

Of course this is still behind the --harmony-bigint flag.

Bug: v8:6791
Change-Id: Ic307fd9165c56ac782fba18d648ce893daaa718f
Reviewed-on: https://chromium-review.googlesource.com/671209
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48094}
2017-09-20 17:52:01 +00:00
Ilija Pavlovic
ce76dd60c8 Skip WASM atomic tests on big-endian machines.
There is no support to emulate atomic WASM operations on big-endian
platforms, since this would require bit swapping as a part of atomic
operations. Therefore, cctest/test-run-wasm-atomics/* will be skipped.

TEST=cctest/test-run-wasm-atomics/*
BUG=

Change-Id: I1a8b085f816f615011788092e6fc8a8390678382
Reviewed-on: https://chromium-review.googlesource.com/671010
Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com>
Cr-Commit-Position: refs/heads/master@{#48093}
2017-09-20 12:28:37 +00:00
Nico Weber
255bf2d65a v8: Fix most -Wunreachable-code warnings.
Do this by deleting code after calls to V8_Fatal() (either through
UNREACHABLE() or FATAL()). Comments suggest that the returns there
were needed to make a compiler happy, but all compilers seem to be
happy with this change too. My guess is that either
https://codereview.chromium.org/1393023003 which marked V8_Fatal()
as noreturn, or https://chromium-review.googlesource.com/#/c/544845/
which switched to the C++11 spelling of noreturn, fixed the warnings
that the explicit code after V8_Fatal() was supposed to silence.

There's one more warning in src/compiler/machine-graph-verifier.cc,
but fixing that changes behavior.  I asked about that one in
https://codereview.chromium.org/2573573004/#msg27 instead.

Bug: chromium:346399
Change-Id: Ie9519d5432bdeaaf382e8390d8254d3b79e622e4
Reviewed-on: https://chromium-review.googlesource.com/669803
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Nico Weber <thakis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48092}
2017-09-20 11:25:51 +00:00
Clemens Hammacher
5c2ffc9c3c [wasm] Execute more tests in both interpreter and compiled
This fixes a few leftovers where we use WASM_EXEC_TEST, but then
unconditionally execute the compiled code, and also changes more tests
to use WASM_EXEC_TEST, hence run in both the interpreter and compiled
code.
Once we have land the baseline compiler, those tests will also execute
in baseline compilation mode.

R=ahaas@chromium.org

Bug: v8:6600
Change-Id: I79598df21a7538934306e01ca6593f05afe19ed3
Reviewed-on: https://chromium-review.googlesource.com/672528
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48091}
2017-09-20 09:37:21 +00:00
Ivo Markovic
fce4faafd7 MIPS[64]: Fix register validation on R6
Bug: 
Change-Id: I62414a59246af359634b1309b03216c0a5c8764b
Reviewed-on: https://chromium-review.googlesource.com/663728
Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com>
Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com>
Cr-Commit-Position: refs/heads/master@{#48090}
2017-09-20 09:11:41 +00:00
Michael Lippautz
b2ef3777d7 [heap] Remove ProcessMarkingWorklist
Bug: chromium:758570
Change-Id: Ia2bd72c1756fbc4062c62d975e25bb0ca209a6ad
Reviewed-on: https://chromium-review.googlesource.com/674465
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48089}
2017-09-20 05:59:06 +00:00
Michael Hablich
7447fd53b5 Revert "Reland "[Memory] Move VirtualMemory out of base:: platform.""
This reverts commit f2cd10db14.

Reason for revert: Blocks the roll https://chromium-review.googlesource.com/c/chromium/src/+/674623

Original change's description:
> Reland "[Memory] Move VirtualMemory out of base:: platform."
> 
> This is a reland of 4dd293d922
> Original change's description:
> > [Memory] Move VirtualMemory out of base:: platform.
> > 
> > - Moves base::VirtualMemory to v8::internal::VirtualMemory.
> > - Makes VirtualMemory platform-independent by moving internals to new
> >   OS:: static methods, for each platform.
> > 
> > This will make it easier to delegate memory management in VirtualMemory
> > to V8::Platform, so that embedders like Blink can override it. We can't
> > depend on V8::Platform in base/platform.
> > 
> > Bug: chromium:756050
> > Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
> > Change-Id: Iadfe230b6850bd917727a373f277afded9883adf
> > Reviewed-on: https://chromium-review.googlesource.com/653214
> > Commit-Queue: Bill Budge <bbudge@chromium.org>
> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#48048}
> 
> Bug: chromium:756050
> Change-Id: Ib492c7c69f1833be127a571808301e96b84b8aa2
> Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
> Reviewed-on: https://chromium-review.googlesource.com/671125
> Commit-Queue: Bill Budge <bbudge@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48084}

TBR=bbudge@chromium.org,ulan@chromium.org,hpayer@chromium.org,mlippautz@chromium.org,scottmg@chromium.org

Change-Id: I04176d77ca9ad8315b0e1bb2b21f40f2c8ab9536
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:756050
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/674843
Reviewed-by: Michael Hablich <hablich@chromium.org>
Commit-Queue: Michael Hablich <hablich@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48088}
2017-09-20 05:36:29 +00:00
Michael Lippautz
0257c539bb [heap] Remove clear on tearing down marking work list when not marking
The work list should be empty in the case we are not tearing down
during incremental marking. Explicitly clear during incremental marking
and rely on DCHECKs for the other case.

Bug: chromium:758570
Change-Id: Iecc8935f0cbfda67f0e7afde42930050e7c94d2d
Reviewed-on: https://chromium-review.googlesource.com/674504
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48087}
2017-09-20 05:28:55 +00:00
jing.bao
e80cbe03f8 Delay rhs_instance_type load until needed in StrictEqual
When var_type_feedback is nullptr and {lhs} is not a String,
rhs_instance_type is not needed.

Bug: 
Change-Id: Ia39aa39ec7ad0063d2fb9b01fd326d7993ab4d26
Reviewed-on: https://chromium-review.googlesource.com/659340
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48086}
2017-09-20 01:34:15 +00:00
Ali Ijaz Sheikh
ec952aaa68 Reland "[profiler] proper observation of old space inline allocations"
This is a reland of 672a41c3ca
Original change's description:
> [profiler] proper observation of old space inline allocations
> 
> Bug: chromium:633920
> Change-Id: I9a2f4a89f6b9c0f63cb3b166b06a88a12f0a203c
> Reviewed-on: https://chromium-review.googlesource.com/631696
> Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48043}

Bug: chromium:633920
Change-Id: I6fe743d31b8ff26f3858488d4c014c62d3c85add
Reviewed-on: https://chromium-review.googlesource.com/671127
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com>
Cr-Commit-Position: refs/heads/master@{#48085}
2017-09-20 01:28:55 +00:00
Bill Budge
f2cd10db14 Reland "[Memory] Move VirtualMemory out of base:: platform."
This is a reland of 4dd293d922
Original change's description:
> [Memory] Move VirtualMemory out of base:: platform.
> 
> - Moves base::VirtualMemory to v8::internal::VirtualMemory.
> - Makes VirtualMemory platform-independent by moving internals to new
>   OS:: static methods, for each platform.
> 
> This will make it easier to delegate memory management in VirtualMemory
> to V8::Platform, so that embedders like Blink can override it. We can't
> depend on V8::Platform in base/platform.
> 
> Bug: chromium:756050
> Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
> Change-Id: Iadfe230b6850bd917727a373f277afded9883adf
> Reviewed-on: https://chromium-review.googlesource.com/653214
> Commit-Queue: Bill Budge <bbudge@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48048}

Bug: chromium:756050
Change-Id: Ib492c7c69f1833be127a571808301e96b84b8aa2
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/671125
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48084}
2017-09-19 18:48:07 +00:00
Jaroslav Sevcik
47b63806fc Revert "[Turbofan] Array.prototype.filter inlining."
This reverts commit 37aa13fe3b.

Reason for revert: Suspected to break 63.0.3219 Canary

Original change's description:
> [Turbofan] Array.prototype.filter inlining.
> 
> Support inlining of Array.prototype.filter in TurboFan.
> 
> Bug: v8:1956
> Change-Id: Iba4d683aaa86c6104e8a1cf4d0f549a0c516576a
> Reviewed-on: https://chromium-review.googlesource.com/657021
> Commit-Queue: Michael Stanton <mvstanton@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48040}

TBR=mvstanton@chromium.org,mstarzinger@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: v8:1956
Change-Id: I125a8caf128890d788e040adfe2fc76bd8d1fbea
Reviewed-on: https://chromium-review.googlesource.com/672783
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48083}
2017-09-19 14:33:39 +00:00
Jaroslav Sevcik
77836fec59 [profiler] Do not log timer events when --prof is specified.
Now hopefully getting it right, but still leaving in the confusing
flag implications.

Bug: v8:6520,chromium:766162
Change-Id: Idc6dca012bf0c9777b4a75cf424410ce5914c885
Reviewed-on: https://chromium-review.googlesource.com/671022
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48082}
2017-09-19 14:00:08 +00:00
Mythri
807d0abe4f Change runtime_profiler to use bytecode array length
Runtime profiler uses bytecode array size for the tiering up decisions.
Bytecode array size includes the header size as well. Inlining
heuristics use bytecode array length instead. Bytecode array length
is just the size of bytecode not inlcuding any headers. This change
is to keep both of them in sync to avoid confusion. Also, the header
contains several pointers and hence the size changes depending on the
size of kPointerSize.

Bug: 
Change-Id: I22a9cf5e0bb9d6853c6a8be8d69c9ff459418a0d
Reviewed-on: https://chromium-review.googlesource.com/670724
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48081}
2017-09-19 13:13:58 +00:00
Clemens Hammacher
2d75dd9bbb [cleanup] [wasm] Fix (D)CHECK macros
Use the (D)CHECK_{EQ,NE,GT,...} macros instead of (D)CHECK with an
embedded comparison. This gives better error messages and also does the
right comparison for signed/unsigned mismatches.

This will allow us to reenable the readability/check cpplint check.

R=ahaas@chromium.org

Bug: v8:6837
Change-Id: Ic8966dfeacf02b2684eeef23fde99ec2be4ed81e
Reviewed-on: https://chromium-review.googlesource.com/671364
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48080}
2017-09-19 11:40:37 +00:00
Clemens Hammacher
447af335e0 [cleanup] Fix (D)CHECK macros in src/regexp
Use the (D)CHECK_{EQ,NE,GT,...} macros instead of (D)CHECK with an
embedded comparison. This gives better error messages and also does the
right comparison for signed/unsigned mismatches.

This will allow us to reenable the readability/check cpplint check.

R=jgruber@chromium.org

Bug: v8:6837
Change-Id: I9c489ac0e1b15fd4789c37fd32c9d3c76121a288
Reviewed-on: https://chromium-review.googlesource.com/671343
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48079}
2017-09-19 11:30:48 +00:00
Michael Lippautz
4e5db9a6c8 [heap] Remove marking deque overflow handling
Removes
- SequentialMarkingDeque
- The ability to handle marking deque overflow
- BlackToGrey transitions

We switched to a different marking work list on M61 that fails
in OOM upon failing to allocate Segments used in the work list.

Bug: chromium:758570
Change-Id: I66e2ab912271bf84b085dccc9b4bdd96076b64fb
Reviewed-on: https://chromium-review.googlesource.com/632676
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48078}
2017-09-19 05:20:20 +00:00
Jakob Gruber
59e4b75187 [snapshot] Refactor Serializer
This CL refactors allocation & reservation logic into a new
DefaultSerializerAllocator class.  In upcoming work, this will be
further extended by a custom allocator for builtin serialization.

Additionally, this cleans up a bunch of cosmetics (encapsulation and
other nits).

Bug: v8:6624
Change-Id: Ibcf12a525c8fcb26d9c16b7a12fd598c37a0e10a
Reviewed-on: https://chromium-review.googlesource.com/650357
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48077}
2017-09-19 04:55:41 +00:00
Eric Holk
5b127a9796 [wasm] Track and expose number of recovered Wasm faults
This is primarily to aid in testing the Wasm out of bounds trap handler.  We
keep track of how many faults have been recovered by the Wasm trap handler. This
count is exposed to JavaScript through a testing-only runtime function. This
allows tests to verify whether the trap handler is actually running.

Bug: v8:5277
Change-Id: Ie8037a36d84eb08166c6e40c7225d912683d5786
Reviewed-on: https://chromium-review.googlesource.com/665968
Commit-Queue: Eric Holk <eholk@chromium.org>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48076}
2017-09-19 04:10:20 +00:00
Jakob Kummerow
52531a6b96 [bigint] Implement Add, Subtract, UnaryMinus
Bug: v8:6791
Change-Id: I058db23c03451dc5028c3d39af8607d31048295c
Reviewed-on: https://chromium-review.googlesource.com/667809
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48075}
2017-09-19 04:08:01 +00:00
Mircea Trofin
1bc42ab44c [wasm] Sanitize imports
Sanitize imports before we start the instance building process. This
avoids the possibility of exiting to JS while building instances,
and allowing JS to observe an inconsistent state of the wasm world -
e.g. incomplete specialization chains.

We now validate we never exit to JS during that process.

Bug: chromium:766260

Change-Id: I34930c8b70bdac16af464b3f62a2b6a38107acb3
Reviewed-on: https://chromium-review.googlesource.com/671480
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Reviewed-by: Eric Holk <eholk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48074}
2017-09-19 02:45:11 +00:00
Eric Holk
e6defddc15 [d8] zero realm_count_ on RealmScope teardown
Promises can sometimes be resolved after the RealmScope has been destroyed, such
as when a Wasm compile job finishes after the script main has finished. If the
Promise.then function refers to Realm.current, we were getting a use-after free
error when it would search for the list of realms. This change also zeros out
realm_count_ in addition to deleting the realms_ so that RealmFind will not
reference freed memory.

Bug: chromium:761710
Change-Id: I2d42997f363b284ccc5f4b225d3f59e0361e68d6
Reviewed-on: https://chromium-review.googlesource.com/671923
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Eric Holk <eholk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48073}
2017-09-19 00:42:11 +00:00
Adam Klein
3ac1947ea7 [ast] Remove unused feedback slot for the class name variable
Also store the variable directly on ClassLiteral, as the proxy serves
as a useless form of indirection.

Bug: v8:6092
Change-Id: If0182a808cde4e349c1bf5a003a1ecee5bd14b13
Reviewed-on: https://chromium-review.googlesource.com/667800
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48072}
2017-09-18 23:32:44 +00:00
Scott Graham
a900e53f04 fuchsia: Remove scaffolding for 3-sided roll
Chromium has rolled the Fuchsia SDK, so this can be removed now, and
the new zx_, etc. names used exclusively.

Bug: chromium:765754
Change-Id: I8bd60239da7a05e62d3b8d5209e1cfe898d8052a
Reviewed-on: https://chromium-review.googlesource.com/671769
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Scott Graham <scottmg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48071}
2017-09-18 22:37:53 +00:00
Josh Wolfe
af1c9de937 ship --harmony-plural-rules
R=littledan@chromium.org, adamk@chromium.org, caitp@igalia.com
CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_trusty_blink_rel
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_noi18n_rel_ng

Bug: v8:5601
Change-Id: Ifc5fa3e9de05f64d8a6cb82d67fb272800a208a3
Reviewed-on: https://chromium-review.googlesource.com/669720
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Josh Wolfe <jwolfe@igalia.com>
Cr-Commit-Position: refs/heads/master@{#48070}
2017-09-18 20:28:34 +00:00
Josh Wolfe
f42f51448b [intl] fix off-by-1 in NumberFormat formatToParts parameter parsing
R=adamk@chromium.org, mstarzinger@chromium.org

Bug: v8:5244, chromium:765479
Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: I684805acc194a93b96d74e3e64834867dce78dee
Reviewed-on: https://chromium-review.googlesource.com/668677
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Commit-Queue: Josh Wolfe <jwolfe@igalia.com>
Cr-Commit-Position: refs/heads/master@{#48069}
2017-09-18 20:07:23 +00:00
Caitlin Potter
88a4cf736e [esnext] ship --harmony-async-iteration
Enable --harmony-async-iteration (Symbol.asyncIterator, async generator
syntax, and for-await-of syntax) by default, as discussed in
https://groups.google.com/forum/#!topic/v8-users/SlLEsgNv4JY

BUG=v8:5855
R=adamk@chromium.org, gsathya@chromium.org

Change-Id: I77a77124a68813431daceca1b0cbaec5af271fee
Reviewed-on: https://chromium-review.googlesource.com/668877
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48068}
2017-09-18 15:15:07 +00:00
Scott Graham
afbdd1dd49 Reland "fuchsia: Set up for 3-sided roll to convert Magenta->Zircon"
This is a reland of aabb893a32
Original change's description:
> fuchsia: Set up for 3-sided roll to convert Magenta->Zircon
> 
> Fuchsia changed their kernel name from Magenta to Zircon and all the
> functions and defines along with it. In order to be able to roll the SDK
> in Chromium, we first need to land with this define added in v8, so that
> can roll in to Chromium, then roll the Fuchsia SDK with this magic
> define set (CHROMIUM_ROLLING_MAGENTA_TO_ZIRCON), then actually update v8
> to reference zx_ instead of mx_ and roll that again.
> 
> Chromium-side for reference: https://chromium-review.googlesource.com/c/chromium/src/+/669139
> 
> Bug: chromium:765754, chromium:707030
> Change-Id: I4ed5027f455d2346f431e7c700e87693348d5b79
> Reviewed-on: https://chromium-review.googlesource.com/668751
> Reviewed-by: Bill Budge <bbudge@chromium.org>
> Commit-Queue: Scott Graham <scottmg@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48047}

TBR=bbudge@chromium.org

Bug: chromium:765754, chromium:707030
Change-Id: Ib6e99ca418af527014622614d07d295b6110f9d5
Reviewed-on: https://chromium-review.googlesource.com/670944
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48067}
2017-09-18 15:00:47 +00:00
Marja Hölttä
68310c9f69 [scanner] UTF-8 handling fix (errors near chunk end).
The bug occurred when we detected an erroneous char late, and put the last
character in a chunk into the "incomplete char" buffer. It was not correctly
retrieved when seeking.

BUG=v8:6836

Change-Id: I8ca946dfdb39244c5ca0bdcebe047047010b3a07
Reviewed-on: https://chromium-review.googlesource.com/670729
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48066}
2017-09-18 14:13:26 +00:00
Mythri
5114f14cc1 [TurboFan] Remove SetForceInline
SetForceInline flag is no longer used. This flag was added for
inlining some of the javascript builtins. They are now ported to
TurboFan builtins. This cl removes SetForceInline runtime function
and the corresponding bits in the SharedFunctionInfo. Also update
inlining heuristics to not look for this bit.

Bug: v8:6682
Change-Id: Ie8df9648332b765a556e24609c38b4e55b810527
Reviewed-on: https://chromium-review.googlesource.com/668436
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48065}
2017-09-18 13:36:16 +00:00
Jaroslav Sevcik
d6ff08223b Revert "[turbofan] Temporarily turn off escape analysis."
This reverts commit 2b15425b0c.

Reason for revert: Re-enabling escape analysis after merging the flag change to 6.1.

Original change's description:
> [turbofan] Temporarily turn off escape analysis.
> 
> Bug: chromium:765433
> Change-Id: Iecc9540f6305bc24a0a5210c149b55403b9ce09d
> Reviewed-on: https://chromium-review.googlesource.com/667106
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48032}

TBR=mstarzinger@chromium.org,jarin@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: chromium:765433
Change-Id: Icac44fd76e2965df1e143700941b628ea7a69166
Reviewed-on: https://chromium-review.googlesource.com/670864
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48064}
2017-09-18 12:16:36 +00:00
Peter Marshall
b6849fc898 [build] Remove unused runtime flag for typed array size threshold.
This is now implemented as a build-time flag.

Change-Id: I10db18725ca6837ae04032725582717233b2c2e5
Reviewed-on: https://chromium-review.googlesource.com/670728
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48063}
2017-09-18 12:03:56 +00:00