Commit Graph

54805 Commits

Author SHA1 Message Date
Clemens Hammacher
67770d6125 [wasm] Call via jump table after lazy compile
The WasmCompileLazy runtime function used to return the start of the
instructions of the newly compiled function. With garbage collection of
wasm code, it would be tricky to keep this wasm code object alive until
it is being called. Thus make the runtime function not return anything,
and call via the jump table instead. The jump table was patched as part
of lazy compilation to point to the compiled code.

Drive-by: Merge {LazyCompileFunction} into single caller {CompileLazy}.

R=mstarzinger@chromium.org

Bug: v8:8217
Change-Id: Id3c02f4dfe2c536e335af2e7e1b9700203d48675
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1509472
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60163}
2019-03-11 14:56:22 +00:00
Simon Zünd
ca0b91b0ec [torque-ls] Add "goto definition" support for class and struct fields
This CL changes the FieldAccessExpression to include a SourcePosition
for the field, allowing a jump from such an access to the definition
of a field inside a class or struct.

Drive-by: Change the source position of a field from the position
of its type to the position of its name. This will coincidentally
improve the accuracy of error messages.

R=danno@chromium.org

Bug: v8:8880
Change-Id: I7996e8a57a2ff90e8bdca6f40c1b298d48071e23
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1512573
Reviewed-by: Daniel Clifford <danno@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60162}
2019-03-11 14:18:07 +00:00
Jakob Gruber
0f82719bf0 [regexp] Throw exceptions from within the interpreter
It will soon be possible to throw arbitrary exceptions from within
interpreter execution (namely, in interrupts). We can thus no longer
assume that an EXCEPTION return code means we need to throw a stack
overflow exception.

Bug: v8:8724
Change-Id: I10e24aba4305dc7b39248ced9a52735c59ab662c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1511474
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60161}
2019-03-11 13:51:44 +00:00
Georg Neis
1d327898a4 Fix DCHECK in Map::TryUpdateSlow
R=jarin@chromium.org

Bug: chromium:940423
Change-Id: I9e357d8fe424b291bc25a1d389696df88deda6a3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1514735
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60160}
2019-03-11 13:50:04 +00:00
Milad Farazmand
421c5aaf11 ppc: fixing ThreadId on ppc
Fixing ThreadId according to the following changes:
656254b17b

Change-Id: I1e1943ac7e3ed03799c213e566816bfe5c21967d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1512718
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#60159}
2019-03-11 13:36:11 +00:00
Clemens Hammacher
1f6fc83046 [wasm] Sample code size after baseline finished
Our UMA data shows a lot of small modules, and I have the suspicion we
are loosing some numbers about the bigger ones. Thus sample the module
code size after baseline compilation finished. At that point the
majority of the code was generated.
Sampling after top-tier finished is not that easy since we do not spawn
a foreground task at that point.

R=mstarzinger@chromium.org

Bug: v8:8217
Change-Id: Icaa4a2efb201d24cbc8d2e1b8da516ae26574f01
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1508675
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60158}
2019-03-11 13:30:02 +00:00
Maya Lekova
333fd4d026 [turbofan] Add IsInlineable predicate to SharedFunctionInfoRef
Bug: v8:7790

R=neis@chromium.org

Change-Id: I10085cff40e14ea63074e29649af55fa2c0ea462
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1514494
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60157}
2019-03-11 13:25:51 +00:00
Georg Neis
708c91154c [turbofan] Manually serialize descriptors for a field type dependency
It wasn't always guaranteed that they were serialized before taking the
dependency.

Bug: chromium:940361
Change-Id: Id5e5e14532809e7496546c2011176e33848506ce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1514495
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60156}
2019-03-11 12:45:00 +00:00
Simon Zünd
bb882c32b9 [cleanup] Run torque formatter on array-sort.tq
R=tmrts@chromium.org

Change-Id: I652a142c815c7268700de3b743f09495748ec399
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1514634
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60155}
2019-03-11 12:42:20 +00:00
Jakob Gruber
4a9b0a7431 [regexp] Add IrregexpInterpreter::Result type
Similar to NativeRegExpMacroAssembler::Result, the regexp interpreter
will need a RETRY return code in case the subject string
representation changes during an interrupt. This CL adds a new
IrregexpInterpreter::Result type to decouple from RegExpImpl::Result.

Bug: v8:8724
Change-Id: I946fc0cbc4d7d8631312b72f13a45abeb9986905
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1511472
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60154}
2019-03-11 12:03:20 +00:00
Maya Lekova
a49a279f56 Revert "[presubmit] use the correct path for third party libraries"
This reverts commit beaca8cf8b.

Reason for revert: Broke presubmit bot - https://ci.chromium.org/p/v8/builders/ci/V8%20Presubmit/2938

Note that the problem is not with this CL itself, but it uncovers some presubmit issue in Torque code. Until the latter is fixed, I'm reverting to unblock the tree.

Original change's description:
> [presubmit] use the correct path for third party libraries
> 
> This CL ensures that presubmit script checks Torque files in third_party
> dependencies.
> 
> R=​szuend@chromium.org
> TBR=machenbach@chromium.org,sergiyb@chromium.org
> CC=​​yangguo@chromium.org
> 
> No-Try: true
> Change-Id: I9e2b193defbebe7ae85cfc5d14ce50c2ac367e9b
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1513674
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Reviewed-by: Simon Zünd <szuend@chromium.org>
> Commit-Queue: Tamer Tas <tmrts@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60152}

TBR=tmrts@chromium.org,szuend@chromium.org

Change-Id: If8e2db0801f51ef737243ccfcc909d05fb42e3e6
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1514633
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60153}
2019-03-11 12:02:03 +00:00
Tamer Tas
beaca8cf8b [presubmit] use the correct path for third party libraries
This CL ensures that presubmit script checks Torque files in third_party
dependencies.

R=szuend@chromium.org
TBR=machenbach@chromium.org,sergiyb@chromium.org
CC=​yangguo@chromium.org

No-Try: true
Change-Id: I9e2b193defbebe7ae85cfc5d14ce50c2ac367e9b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1513674
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60152}
2019-03-11 11:36:15 +00:00
Simon Zünd
e416f4da69 [array] Change fast- to slow-path transition for Array#sort
With the recent changes to Array#sort, the main algorithm does not
need to bail out anymore. Only the initial copying into the workarray,
as well as the final copying back into the original backing store
might cause a switch from fast-path to the slow-path.

This CL changes the slow-path so sorting itself is not restarted and
the slow-path will continue copying where the fast-path left off.

R=jgruber@chromium.org

Bug: v8:7382
Change-Id: I4ab61daa62bb816f4f6e16e60bde1f948ad1e7db
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1507717
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60151}
2019-03-11 11:35:12 +00:00
Simon Zünd
2dac9b80b3 [cleanup] Remove unnecessary labels from Array#sort
With the recent changes to Array#sort, some bailout labels and
accessor checks became superfluous. This CL removes them along
with some other minor cleanup work.

R=jgruber@chromium.org

Bug: v8:8834
Change-Id: I7429482ceaccbe743e2b8190d83bfa2c34875b11
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1507678
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60150}
2019-03-11 11:28:25 +00:00
Andreas Haas
c931faa200 [wasm] Remove the table_object instance field
The table_object instance field is not needed anymore because its
purpose is fulfilled now by the tables field I introduced to support
multiple tables.

In addition I removed {table_instances_} from the {InstanceBuilder}.
This field existed because tables could exist without a WasmTableObject.
With recent changes, WasmTableObjects always exist.

R=mstarzinger@chromium.org

Bug: v8:7581
Change-Id: I5e8e3d2910f7ed7ae74d61eff660f9451b3493ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1466641
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60149}
2019-03-11 11:27:20 +00:00
Andreas Haas
f3d1777dbf [wasm] Add tests for table.[get|set] instructions
I forgot to add the test file to https://crrev.com/c/1463519.

R=mstarzinger@chromium.org

Bug: v8:7581
Change-Id: I88d50fe83ae60a8170110504ce7f765aa28db517
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1511480
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60148}
2019-03-11 11:24:50 +00:00
Mythri
4e321413d8 Allocate feedback cells in an array decoupled from other slots
This is a pre-work for allocating feedback vectors lazily. Feedback cells
are required to share the feedback vectors across the different closures
of the same function. Currently, they are held in the CreateClosureSlot
in the feedback vector. With lazy feedback vector allocation, we may not
have a feedback vector. However, we still need a place to store the
feedback cells, so if feedback vector is allocated in future it can still
be shared across closures.

Here is the detailed design doc:
https://docs.google.com/document/d/1m2PTNChrlJqw9MiwK_xEJfqbFHAgEHmgGqmIN49PaBY/edit

BUG=v8:8394

Change-Id: Ib406d862b2809b1293bfecdcfcf8dea3127cb1c7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1503753
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60147}
2019-03-11 11:20:21 +00:00
Clemens Hammacher
656254b17b Clean up ThreadId
The {id_} stored in {ThreadId} should not be atomic. Only getting a new
id for the current thread needs to be atomic. If any user of {ThreadId}
needs atomicity, that user should wrap {ThreadId} in a {std::atomic}
instead.

Drive-by: Remove {Equals} method, use {operator==} instead.
Drive-by: Move static methods after member methods.

R=ishell@chromium.org

Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel
Bug: v8:8834
Change-Id: Id0470eb2fa907948843ac1153e2dc5dcd9a8fbc8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1494006
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60146}
2019-03-11 10:37:05 +00:00
Michael Lippautz
4c7cabb1d8 [heap] Delay embedder tracing prologue until heap is set up
v8::EmbedderHeapTracer::TracePrologue may call back into V8 during
StartMarking. In this case we expect that the write barriers are set up and
consistent, i.e., global flag matches page flag.

Blink calls back into V8 in a corner case where sweeping is finalized on
incremental marking start which may trigger resettting a V8 Value which may
trigger DescriptorArray re-shuffling.

Bug: chromium:940003
Change-Id: Ia15c798d0faaab802df1c3b569b5b6a323a4fe59
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1514492
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60145}
2019-03-11 09:39:32 +00:00
Shiyu Zhang
93d1508db0 [builtins] Reimplement ToString as CSA to optimize performance
Currently, if input types are not string or number, ToString builtin
will fall into runtime and a loop of ToPrimitive and type-checks is
done in runtime, which is slow.

This CL reimplements ToString to add support for that ToPrimitive and
type-checks loop in CSA instead of runtime to improve performance. This
will benefit Array.prototype.toString/join a lot when the array elements
are objects.

This Cl improves the performance of Speedometer2.0 EmberJS-Debug case
by ~14% on Atom.

Change-Id: I27c2669097be1e542e30119cdffcf79c0d16a0eb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1498698
Commit-Queue: Shiyu Zhang <shiyu.zhang@intel.com>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60144}
2019-03-11 07:58:41 +00:00
Jaroslav Sevcik
ac8e98e404 [turbofan] Check for dead control in branch elimination.
If the branch associated with the condition is kDead, the current
node will be killed anyway, so let us just survive the lowering.

Bug: chromium:935092
Change-Id: If7b39e3b5452d6c9bc5199080eb38725e6c4eab5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1488769
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60143}
2019-03-11 06:30:00 +00:00
v8-ci-autoroll-builder
536f515682 Update V8 DEPS.
Rolling v8/build: 8da0480..61c98e6

Rolling v8/test/wasm-js/data: b552862..299e687

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: If1c6e07dac6b0cc58a03307e737353ebb9fceb57
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1513938
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#60142}
2019-03-11 03:43:40 +00:00
v8-ci-autoroll-builder
c340d7b6e4 Update V8 DEPS.
Rolling v8/build: 0ee4cbc..8da0480

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/26a1944..b88eedc

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I67809fa36e3df8e65e2bb59a62d902c91675be23
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1513319
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#60141}
2019-03-10 03:24:21 +00:00
Sergiy Belozorov
f90e5eb9d3 [tools] Whitespace CL
TBR=sergiyb@chromium.org

Bug: chromium:934964
Change-Id: I95ffd94f31c60b0e82cac7653ad4e5978bd3b9d9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1503759
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60140}
2019-03-09 20:20:21 +00:00
Anna Henningsen
f0bb5d2fcf [api] remove LegacyBuildEmbedderGraphCallback
This should not be used anymore (and it definitely is not by Node.js
or Chromium).

Change-Id: I4a1ce1fda98efd197a64ce0969dae5c8b18f6e97
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1511484
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60139}
2019-03-09 08:38:05 +00:00
Deepti Gandluri
70e0d69794 [wasm-simd] Fix code generation for Integer Splats.
Integer splats should use an operand when a register is not allocated.

Bug: V8:8927
Change-Id: I14c80b7b073fae3754ec32f4fa8605af399ef341
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1513102
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60138}
2019-03-09 03:46:55 +00:00
v8-ci-autoroll-builder
acfed8a0b6 Update V8 DEPS.
Rolling v8/build: ba214bf..0ee4cbc

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/a07cd8f..26a1944

Rolling v8/third_party/depot_tools: 2f3c820..3485a26

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I8b2d600c00d4a84db60c36ae87fd6e8ecede8b56
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1513165
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#60137}
2019-03-09 03:32:05 +00:00
Yu Yin
72fcf3e7bf [mips] Fix atomic compare exchange.
We want to compare two inputs so need to perform the same
operation(ExtractBits) on them.

Change-Id: I6c81884fdd34dfa125b842f010cd40f8a6816a0f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1511132
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Yu Yin <xwafish@gmail.com>
Cr-Commit-Position: refs/heads/master@{#60136}
2019-03-09 02:16:24 +00:00
Deepti Gandluri
7c3ee1c852 [wasm] Rename Atomics Wake operator to Notify.
Change-Id: Ie080683af1d990e5205c75a2a199f0581d826811
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1511630
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60135}
2019-03-09 01:46:44 +00:00
Sathya Gunasekaran
4f1700103a [class] Expose private class fields in inspector protocol
This allows the devtools to preview the private fields that are
installed on an object.

Change-Id: I6d8aad7ad0e51cdf18f6139b4bb8665e4b606aa5
Bug: v8:8773, v8:8337
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1487914
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60134}
2019-03-08 22:17:26 +00:00
Z Duong Nguyen-Huu
e2c3db172a Torquefy some simple types
Script, PrototypeInfo, JSCollectionIterator, JSWeakCollection, JSSloppyArgumentsObject, JSArgumentsObject

Bug: v8:8952
Change-Id: Id0d7049f3d5971a0fd4af56dd4850ad3b44c22e9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1506198
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60133}
2019-03-08 21:59:06 +00:00
Matt Gardner
b0ebd51e01 [turbofan] Use heap constant optimizations for has property
Call to ReduceKeyedLoadFromHeapConstant got lost in rebasing,
as did the kHas check in ReduceElementAccessOnString. Added
some tests to ensure both cases are covered.

Change-Id: I8d6992c33315436b6228471b9bc57e3b267ad09f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1508837
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Matt Gardner <magardn@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#60132}
2019-03-08 19:16:35 +00:00
Z Duong Nguyen-Huu
5af460f527 Reland Remove builtin-function-id in SFI
This is the reland of https://chromium-review.googlesource.com/c/v8/v8/+/1495898

builtin_function_id corresponded to BuiltinFunctionId (a manually maintained list of 'interesting' functionsmainly used during optimization). With this change, we nuke builtin-function-id in favor of builtin-id and 8 bits is freed up in SFI.

Bug: v8:6993
Change-Id: I7e1681cc2a95864c71ce8bdda075481310607166
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1506445
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#60131}
2019-03-08 18:40:05 +00:00
Z Duong Nguyen-Huu
1952508eca Torquefy some simple types
TemplateInfo, FunctionTemplateRareData, FunctionTemplateInfo, ObjectTemplateInfo

Bug: v8:8952
Change-Id: Ib355cf825ca8c57be45d3a55ff595d356c8737ce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1504774
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#60130}
2019-03-08 18:38:05 +00:00
Junliang Yan
4706fa7106 aix: fix function_descriptor issue on regexp
the problem is that we call irregexp code in two ways:

1. CallCFunction9 from CSA builtins
2. Through GeneratedCode::Call from the runtime.

1 is a standard C call and expects the target to be a FD,
2 is our own implementation where we dynamically generate a FD.
So there's a mismatch between the two.

Change-Id: I8391db30fa7586d296b5d1880a7f44dafad21a2a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1487341
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Auto-Submit: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60129}
2019-03-08 16:25:00 +00:00
Mike Stanton
041a996dbb [Torque] More TypedArray builtins in Torque.
This CL contains find, findIndex, every and some. Now that we've
established the pattern on the torque side for iterating array
builtins, it's a very easy port, which nonetheless decreases
code size in the snapshot, w00t!

Bug: v8:8906
Change-Id: I3082d8e3e298e55733a42d6b441e5812b7f12f3d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1496976
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60128}
2019-03-08 15:28:10 +00:00
Clemens Hammacher
1b7eacdcff [wasm] Speed up generation of module with many functions
Reusing the same {Binary} object (with the same {ArrayBuffer}
underneath) speeds up the limits test with 1M functions by a factor of
11x in an optdebug build.

R=titzer@chromium.org

Change-Id: I36d032d652c66f5b7f5a80399588652d7e3946ec
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1511475
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60127}
2019-03-08 14:18:14 +00:00
Clemens Hammacher
10b80795f3 [iwyu] Fix includes in accounting allocator
R=sigurds@chromium.org

Bug: v8:7490, v8:8834
Change-Id: I5d94c2f262826977bbf15ad32a10875f01304039
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1505432
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60126}
2019-03-08 13:51:13 +00:00
Takuto Ikuta
e823924b55 [inspector] fix BUILD.gn to use correct deps type
inspector target has header come from protocol_generated_sources in
sources. So protocol_generated_sources needs to be in public_deps.

Bug: chromium:931596
Change-Id: I3b5ea390e79549b48930b16819840e1a0f87304b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1506994
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Auto-Submit: Takuto Ikuta <tikuta@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60125}
2019-03-08 13:42:13 +00:00
Clemens Hammacher
c9576a8175 [wasm] Several fixes in wasm-module-builder.js
This CL cleans up a few things as noted by binji in
https://github.com/WebAssembly/spec/pull/979, plus a few more I found
along the way.
In particular:
1) Remove the unused and incorrect {bytesWithHeader} method.
2) Introduce kMaxVarInt32Size and kMaxVarInt64Size constants.
3) Remove redundant {ensure_space} calls (irrelevant for performance).
4) Use {toModule} method instead of duplicating code.
5) Merge two identical leb encoding implementations.

R=titzer@chromium.org
CC=​binji@chromium.org

Change-Id: Idec74e2e46a71766107c182a4176c516d883adad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1511273
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60124}
2019-03-08 13:16:33 +00:00
Michael Achenbach
a72db1d268 Whitespace change to trigger builders
Change-Id: I60b39b08ab6843826a92b78b4f9e96e485f86198
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1511479
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60123}
2019-03-08 13:16:14 +00:00
Igor Sheludko
cc1ef74384 [tsan] Avoid modifying flags back and forth for each microtask queue test
... but do it once for the whole group of tests instead.

Bug: v8:8929
Change-Id: I4c92a4cc29f8cf8a1011a563fe41972844c59972
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1511476
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60122}
2019-03-08 12:56:23 +00:00
Clemens Hammacher
913efea62c [wasm] Improve f32 and f64 encoding
A minor improvement to copy over all bytes at once.

R=titzer@chromium.org
CC=binji@chromium.org

Change-Id: Ia9264a28afa76a5ed51d378d0db5bb192aeef2b6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1511272
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60121}
2019-03-08 12:46:52 +00:00
Jakob Gruber
82fdb91505 [regexp-builtins-fuzzer] Print generated source in verbose mode
My standard procedure for debugging regexp builtin fuzzer finds is to
turn on verbose mode and run the repro. This extends verbose output to
include the generated script which contains e.g. the regexp pattern,
the subject string, and the actual function call.

Tbr: yangguo@chromium.org
Bug: v8:8968
Change-Id: I0c7e930f4cbd34014f2781ca280919c5b002b049
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1511276
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60120}
2019-03-08 11:40:41 +00:00
Sigurd Schneider
7a6e829b72 [heap] Add VisitEphemeron method
This modifies the ObjectVisitor to provide a dedicated VisitEphemeron
method invoked when visiting a EphemeronHashTable. This is pre-work
for further changes to how ephemerons are handled during scavenging.

Bug: v8:8557
Change-Id: Ia423b10667ec222cbe5f44d8a931ea33314625f4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1508673
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60119}
2019-03-08 11:34:51 +00:00
Mike Stanton
d6465298b6 [Torque] Port Array.prototype.shift to Torque
Optimizations to use fast memmove to move elements are preserved, as
well as heuristics for bailout to the runtime if left or right
trimming is desired.

Bug: v8:7672
Change-Id: I01ffc1143b63d705d99a40eab3a7e873596d0aa4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1499495
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60118}
2019-03-08 11:26:12 +00:00
Clemens Hammacher
8161d6b40c [compiler] Remove SpeculationFence
It's not being used, and causes compile errors on windows because of a
name clash (see referenced bugs).

R=mstarzinger@chromium.org
CC=tebbi@chromium.org, jarin@chromium.org

Bug: v8:8953
Change-Id: I22dcdbcbe92f92c390a2f2cdd289dda7f7dc4eb1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1505794
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60117}
2019-03-08 11:11:21 +00:00
Michael Starzinger
bff8621397 [gcmole] Modernize gcmole bootstrap script.
This updates the existing bootstrap.sh script for gcmole to work against
LLVM and Clang version 8.0 releases. This is a follow-up to a previous
change which adapted the gcmole plugin to compile against those same
versions.

R=mslekova@chromium.org
BUG=v8:8813

Change-Id: Id6052fb9a7ec8a63d205eab2d4e233e2121c733d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1511275
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60116}
2019-03-08 11:08:51 +00:00
Andreas Haas
275402260c [wasm] Construct WasmExportedFunctions for table elements lazily
We have to create WasmExportedFunction objects for any WebAssembly
function which may escape a WebAssembly instance. Up until now we
created these WasmExportedFunction objects eagerly during instantiation
time: for any exported function, and any element in an exported table we
create such an object.

With the anyref proposal, the table.get instruction can allow any
function in a table to escape its instance. Therefore we would have to
create a WasmExportedFunction object for any function which is put into
a table.

With this CL we create WasmExportedFunctions for table entries lazily.
We initialize tables with placeholders consisting of the instance and
the function index. If we encounter a placeholder in table.get, we
create the WasmExportedFunction for the expected function to return it.

R=mstarzinger@chromium.org
CC=titzer@chromium.org

Bug: v8:7581
Change-Id: I4f32bd7433285d0b04a22c0fb70b736bac55b3f1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1505575
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60115}
2019-03-08 10:40:41 +00:00
Pavel Medvedev
03ce1d147d Use inherited ctors for MacroAssembler and TurboAssembler
instead of forwarding template constructors for these classes introduced in
edab9a2021 commit.

TurboAssemblerBase constructors were declared as public to make the inherited
TurboAssembler, and MacroAssembler ctors also public.

This fixes Visual C++ 2017 compile error, when the template ctor in
TurboAssemblerBase class matches deleted copy ctor.

Bug: v8:8935
Change-Id: I1144a7025830c3a0ab86acaa8ea81def02d293b1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1496977
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60114}
2019-03-08 09:31:30 +00:00