Commit Graph

40236 Commits

Author SHA1 Message Date
bmeurer
130d7dc34c [turbofan] Properly merge compatible field access infos.
For a polymorphic access to o.x we would only merge it into a single
PropertyAccessInfo so far, if x is at the same offset in all maps and
the property index of x (in the descriptor arrays) is the same. But that
doesn't matter for code generation and blocks optimizations even.

BUG=v8:6278,v8:6344,v8:6396
R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2883883002
Cr-Commit-Position: refs/heads/master@{#45294}
2017-05-15 09:03:58 +00:00
jing.bao
1073dc987b [ia32] Add rcpps, rsqrtps, cvtdq2ps, cvttps2dq
instr(xmm, xmm/mem)
vinstr(xmm, xmm/mem)

BUG=

Review-Url: https://codereview.chromium.org/2870253003
Cr-Commit-Position: refs/heads/master@{#45293}
2017-05-15 09:00:42 +00:00
jarin
168eb163a7 [turbofan] Ignore accumulator uses in frame state for the apply-argument optimization decision.
BUG=chromium:718820

Review-Url: https://codereview.chromium.org/2878343003
Cr-Commit-Position: refs/heads/master@{#45292}
2017-05-15 08:35:40 +00:00
bmeurer
558cee1d14 [turbofan] Always inline small functions directly.
Introduce a flag --max_inlined_nodes_small (defaults to 10), which gives
the upper limit of AST nodes for a function to be considered "small" by
the inlining heuristic. These functions will always be inlined
immediately, independent of the budget.

R=jarin@chromium.org
BUG=v8:6395,v8:6278,v8:6344,v8:6394

Review-Url: https://codereview.chromium.org/2883853002
Cr-Commit-Position: refs/heads/master@{#45291}
2017-05-15 08:33:46 +00:00
jgruber
e658bc575f [array] Simplify index calculation in Array.p.indexOf
No semantic changes, just a readability refactoring that removes
a couple of unnecessary variables and labels.

BUG=v8:6371

Review-Url: https://codereview.chromium.org/2881763003
Cr-Commit-Position: refs/heads/master@{#45290}
2017-05-15 08:32:32 +00:00
Michael Starzinger
6c75e145ec [asm.js] Remove dead nullptr check of signatures.
R=clemensh@chromium.org

Change-Id: I616a972283cc85ccaf63c46d0cc11ccbb7563a46
Reviewed-on: https://chromium-review.googlesource.com/504527
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45289}
2017-05-15 08:32:15 +00:00
jgruber
f0082e5631 [turbofan] Lower optimization size limit to 80K
250K was probably still too generous and 80K leads to improvements
locally.

BUG=v8:6348

Review-Url: https://codereview.chromium.org/2876413002
Cr-Commit-Position: refs/heads/master@{#45288}
2017-05-15 08:25:25 +00:00
jgruber
646fdacaa7 [csa] Add ToLength and ToString variants with inlined fast checks
Smis can easily be handled outside the stub call without adding much to code
size.

The ToString inlining adds overhead of repeated instance type loads and checks,
but under the assumption that it is called with mostly string values it should
speed things up (a local RegExp.p[@@replace] microbenchmark shows consistent
1.6% improvements).

Drive-by-fix: Remove duplication in ToString implementations.

BUG=

Review-Url: https://codereview.chromium.org/2874423003
Cr-Commit-Position: refs/heads/master@{#45287}
2017-05-15 07:51:15 +00:00
Camillo Bruni
3a80814d53 [runtime] Keep FAST_SLOPPY_ARGUMENTS packed
With this CL SloppyArguments immediately go to dictionary elements on
deletion, keeping the arguments backing store packed.

Bug: v8:6251
Change-Id: I90d1972179447bf6810e7fe2b8e0bc8703b38d9d
Reviewed-on: https://chromium-review.googlesource.com/486921
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45286}
2017-05-15 07:36:41 +00:00
v8-autoroll
252ca1a6b0 Update V8 DEPS.
Rolling v8/build: cb040e9..63fb52b

Rolling v8/third_party/icu: 4b06aad..87232d8

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Change-Id: Ie82d5813078e93ce03eb5161199971efef264b7e
Reviewed-on: https://chromium-review.googlesource.com/505712
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45285}
2017-05-15 03:31:59 +00:00
v8-autoroll
a0f0a0bbfe Update V8 DEPS.
Rolling v8/build: 3639cca..cb040e9

Rolling v8/third_party/catapult: ff3b45d..37015fb

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Change-Id: I8fa21ea36bec3f6f235b6c0a82eef358abceeb82
Reviewed-on: https://chromium-review.googlesource.com/505868
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45284}
2017-05-14 03:35:16 +00:00
v8-autoroll
1fa584336b Update V8 DEPS.
Rolling v8/build: 00764a8..3639cca

Rolling v8/third_party/catapult: 1ff6ffc..ff3b45d

Rolling v8/tools/clang: 4dfb853..162cac4

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Change-Id: Ia06ca0b5c6f911d86fc6e6fdae197a79a84675a3
Reviewed-on: https://chromium-review.googlesource.com/505707
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45283}
2017-05-13 03:34:42 +00:00
Eric Holk
b9e4bbb0a0 Remove CcTestArrayBufferAllocator
This is almost identical to V8's default array buffer allocator.  The only
difference is that 0 byte allocations are changed into 1 byte allocations.  We
do not seem to need this behavior, so it does not seem worth maintaining yet
another allocator.

Bug: 
Change-Id: I94f45f1276958791be9a6f2405fcfba8fa6eaa38
Reviewed-on: https://chromium-review.googlesource.com/505199
Reviewed-by: Ben Smith <binji@chromium.org>
Commit-Queue: Eric Holk <eholk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45282}
2017-05-12 22:07:56 +00:00
Adam Klein
68f0a47b28 [ignition] Move generator object creation to BytecodeGenerator
This lets us avoid allocating the "this" variable for every
generator, since the BytecodeGenerator can directly read
the receiver via BytecodeArrayBuilder::Receive() when passing
it into %_CreateJSGeneratorObject.

Bug: v8:6351
Change-Id: Ib5e1f3303b6b5d5fc051ce76ea62129fd6afac65
Reviewed-on: https://chromium-review.googlesource.com/500507
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#45281}
2017-05-12 18:07:02 +00:00
Michael Lippautz
fc5765ce79 [heap] Simplify PageParallelJob
Remove FinalizePageSequentially as it had only a single use case that
was tied to the full collector.

Bug: chromium:651354
Change-Id: I03299ddbd439ea273e02dd33f12c005371694130
Reviewed-on: https://chromium-review.googlesource.com/504508
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45280}
2017-05-12 13:41:14 +00:00
ivica.bogosavljevic
dd9ac62cd3 MIPS: Fix unaligned memory access for 64-bit types in wasm-external-refs
TEST=wasm-spec-tests/tests/set_local,wasm-spec-tests/tests/imports
BUG=

Review-Url: https://codereview.chromium.org/2859223004
Cr-Commit-Position: refs/heads/master@{#45279}
2017-05-12 13:17:37 +00:00
Ross McIlroy
4e43fc65f6 [Compiler] Only look in optimized code cache if function is compiled.
We make assumptions that baseline code exists if we run the optimized code
(e.g., to deopt to the baseline code). If the baseline code has been
cleared by code flushing (only full-codegen) then it might not exist
but there is still optimized code in the map.

BUG=v8:6389

Change-Id: Id4db664afee96c2da3a36a177f425293aae9a0a3
Reviewed-on: https://chromium-review.googlesource.com/503010
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45278}
2017-05-12 13:11:04 +00:00
Michael Starzinger
fe9c60c175 [asm.js] Maintain global order of exported functions.
This makes sure that the order of exports as they appear in asm.js
modules is maintained globally (not just per function) while being
translated to a WASM module.

R=clemensh@chromium.org
TEST=mjsunit/asm/asm-validation
BUG=chromium:720586

Change-Id: I8b26d717ae2f88467d41670bced901f196c7b3fc
Reviewed-on: https://chromium-review.googlesource.com/503708
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45277}
2017-05-12 12:11:06 +00:00
jgruber
11d80c95ca [array] Fast allocation in Array.p.map and Array.p.filter
No need to call through ConstructJS -> ArrayCode -> ArrayConstructorStub
-> AllocateJSArray if we can call AllocateJSArray directly.

This also moves ArraySpeciesCreate to builtins-array-gen to free
up space in the binary.

BUG=v8:6354

Review-Url: https://codereview.chromium.org/2874833004
Cr-Commit-Position: refs/heads/master@{#45276}
2017-05-12 11:37:21 +00:00
mvstanton
0e788e3291 [builtins] String.prototype.slice as a CSA builtin.
BUG=v8:6370

Review-Url: https://codereview.chromium.org/2870013004
Cr-Commit-Position: refs/heads/master@{#45275}
2017-05-12 11:35:32 +00:00
mvstanton
752bdcbf0f Remove outdated comment.
I just tried a local mac build, and the assert seems to be okay.
Let's see what the waterfall thinks.

R=mlippautz@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2875273002
Cr-Commit-Position: refs/heads/master@{#45274}
2017-05-12 10:47:43 +00:00
ivica.bogosavljevic
afd201f144 Update MIPS owners
Add Miran Karic and Dusan Simicic
Remove Paul Lind, Gergely Kis, Akos Palfi, Balasz Kilvady
and Dusan Milosavljevic

NOTRY=true

Review-Url: https://codereview.chromium.org/2881493003
Cr-Commit-Position: refs/heads/master@{#45273}
2017-05-12 10:06:35 +00:00
Loo Rong Jie
749840645b Concat help strings and print in one go
Compilers don't flatten os << const char* for you. Save a bit binary size.

Bug:NO

Change-Id: Iabe0de83fdf6394f223d0423e63bd5aadf1453b3
Reviewed-on: https://chromium-review.googlesource.com/503829
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Loo Rong Jie <loorongjie@gmail.com>
Cr-Commit-Position: refs/heads/master@{#45272}
2017-05-12 09:53:18 +00:00
Clemens Hammacher
eb18a5146b [base] Fix integer check in CHECK/DCHECK macros
The current implementation failed when comparing an integral type to a
reference to an integral type of different signedness (see updated
unittest).
This CL fixes the checks to actually test the std::decay<T>::type,
i.e. with all references, const or volatile modifiers stripped.

R=jochen@chromium.org, ishell@chromium.org
TEST=unittests/LoggingTest.CompareWithReferenceType

Change-Id: Ib0ac077a91e0409ada7a80b68150cb98cbdd32f1
Reviewed-on: https://chromium-review.googlesource.com/502814
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45271}
2017-05-12 09:39:48 +00:00
Mircea Trofin
ca370361d4 [wasm] use Vector's size_t members.
Bug: 
Change-Id: Ic5b96bfb6b8b468434c06aed5e12b4ddb278dd08
Reviewed-on: https://chromium-review.googlesource.com/503440
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Commit-Queue: Brad Nelson <bradnelson@chromium.org>
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45270}
2017-05-12 05:38:43 +00:00
v8-autoroll
c5246e6942 Update V8 DEPS.
Rolling v8/build: 2e68430..00764a8

Rolling v8/third_party/catapult: 27f7008..1ff6ffc

Rolling v8/tools/clang: ae881aa..4dfb853

Rolling v8/tools/swarming_client: e6fc938..a941a08

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Change-Id: I5a68e9bc325e394b618e0f5605b3c4b13a80f263
Reviewed-on: https://chromium-review.googlesource.com/503869
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45269}
2017-05-12 03:38:32 +00:00
rayb
468f1958e0 For building v8 using gn on aix_ppc64, linux_s390x and linux_ppc64(both LE and BE).
Also add support for host_byteorder logic which is introduced in - https://codereview.chromium.org/2815453004/

Chromium_BUG=706728
R=machenbach@chromium.org, dpranke@chromium.org, adamk@chromium.org

Review-Url: https://codereview.chromium.org/2809963004
Cr-Commit-Position: refs/heads/master@{#45268}
2017-05-12 01:35:09 +00:00
Mircea Trofin
74543fedd8 Use size_t for Vector<T> size.
Conf. c++ coding guide (https://chromium.googlesource.com/chromium/src/+/master/styleguide/c++/c++.md#Types),
we may use size_t for vector indices, etc.

Bug: 
Change-Id: I578fb4199c061b006d03e1cc68e745868b40c227
Reviewed-on: https://chromium-review.googlesource.com/503590
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45267}
2017-05-12 00:56:14 +00:00
kozyatinskiy
f61facfdaf [inspector] use creation stack trace as parent for async call chains
Creation stack trace points to the place where callback was actually chained, scheduled points where parent promise was resolved.
For async tasks without creation stack (e.g. setTimeout) we continue to use scheduled as creation since usually they are the same.

BUG=v8:6189
R=dgozman@chromium.org

Review-Url: https://codereview.chromium.org/2868493002
Cr-Original-Commit-Position: refs/heads/master@{#45198}
Committed: e118462f18
Review-Url: https://codereview.chromium.org/2868493002
Cr-Commit-Position: refs/heads/master@{#45266}
2017-05-11 19:21:24 +00:00
Michael Achenbach
28f3bf1a27 [test] Enable passing --extra-flags multiple times
This prepares for:
https://chromium-review.googlesource.com/c/503210

TBR=jkummerow@chromium.org

Bug: 720606
Change-Id: If291077e1647c7116101b9e1ee685ccbc67619a0
Reviewed-on: https://chromium-review.googlesource.com/503368
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45265}
2017-05-11 18:35:59 +00:00
Andreas Haas
47e6e260f4 [wasm] Change the error_pc in the decoder to error_offset
The error_pc was only used to calculated the relative error offset.
Switching to an error_offset directly will allow us later to give the
decoder a base offset. Thereby we can get correct error
positions even when the decoder is executed on multiple memory chunks,
which will happen with streaming compilation. With this change I also
had to provide "kind of" reasonable error position in the
StreamingDecoder.

R=clemensh@chromium.org

Change-Id: I736fa082c51c64334d23771061acf97e2c47778e
Reviewed-on: https://chromium-review.googlesource.com/502909
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45264}
2017-05-11 17:43:25 +00:00
Michael Lippautz
b2bf0c986e [heap] MinorMC: Update gc tracer counters
Bug: chromium:651354
Change-Id: I356d551f249c9c9c785bb082412ff872639f692f
Reviewed-on: https://chromium-review.googlesource.com/502813
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45263}
2017-05-11 17:36:16 +00:00
ulan
ee41ee6bd7 [heap] Color object black on unsafe layout change.
This is a part of synchronization protocol with the concurrent marking.

BUG=chromium:694255

Review-Url: https://codereview.chromium.org/2872323002
Cr-Commit-Position: refs/heads/master@{#45262}
2017-05-11 15:34:04 +00:00
Michael Lippautz
7a88f72946 Revert "Revert "Revert "Revert "[global-handles] Remove dead code""""
This reverts commit 682d5369b8.

Reason for revert: Didn't see that this was the Reland... now we should be in good state.

Original change's description:
> Revert "Revert "Revert "[global-handles] Remove dead code"""
> 
> This reverts commit c836a95e87.
> 
> Reason for revert: I don't think this was related.
> 
> Original change's description:
> > Revert "Revert "[global-handles] Remove dead code""
> > 
> > This reverts commit 58020872dc.
> > 
> > Reason for revert: Turned out to be a bot issue, reverting the revert. 
> > 
> > Original change's description:
> > > Revert "[global-handles] Remove dead code"
> > > 
> > > This reverts commit e2890c19a7.
> > > 
> > > Reason for revert: Looks like this CL causes slowdown on multiple builders, Check tests timeout and raise exceptions on the bot. Possible it is a bot issue as well, see tracking bug - https://bugs.chromium.org/p/chromium/issues/detail?id=720606
> > > 
> > > Original change's description:
> > > > [global-handles] Remove dead code
> > > > 
> > > > Bug: chromium:720477
> > > > Change-Id: I090168c575c41b7038af5dfba6cd8973d1154c51
> > > > Reviewed-on: https://chromium-review.googlesource.com/501790
> > > > Reviewed-by: Hannes Payer <hpayer@chromium.org>
> > > > Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
> > > > Cr-Commit-Position: refs/heads/master@{#45241}
> > > 
> > > TBR=hpayer@chromium.org,mlippautz@chromium.org,jochen@chromium.org
> > > NOPRESUBMIT=true
> > > NOTREECHECKS=true
> > > NOTRY=true
> > > Bug: chromium:720477
> > > 
> > > Change-Id: I92f40d8c4dbfdb5208b3068648612e8c5b97fb20
> > > Reviewed-on: https://chromium-review.googlesource.com/502029
> > > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
> > > Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
> > > Cr-Commit-Position: refs/heads/master@{#45243}
> > 
> > TBR=hpayer@chromium.org,gdeepti@chromium.org,mlippautz@chromium.org,jochen@chromium.org,v8-reviews@googlegroups.com
> > NOPRESUBMIT=true
> > NOTREECHECKS=true
> > NOTRY=true
> > Bug: chromium:720477
> > 
> > Change-Id: I70e190e0c27074228a8128aa849e5a419af915e8
> > Reviewed-on: https://chromium-review.googlesource.com/502030
> > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
> > Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#45244}
> 
> TBR=hpayer@chromium.org,gdeepti@chromium.org,mlippautz@chromium.org,jochen@chromium.org,v8-reviews@googlegroups.com
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> Bug: chromium:720477
> 
> Change-Id: If3e4abea51d87546e25076b906a4c91e5ccf947b
> Reviewed-on: https://chromium-review.googlesource.com/503007
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#45246}

TBR=hpayer@chromium.org,gdeepti@chromium.org,mlippautz@chromium.org,jochen@chromium.org,v8-reviews@googlegroups.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Bug: chromium:720477

Change-Id: Id7dc886cc20b3b36ca5bb643686fe4fe2e98a3a7
Reviewed-on: https://chromium-review.googlesource.com/503008
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45261}
2017-05-11 14:26:37 +00:00
Clemens Hammacher
651c4e9a5a [wasm] Remove impossible TODO
std::vector can never store const types, as the stored type has to be
either copy-constructable or move-constructable.
std::vector<const X> does not compile and makes no sense if you think
about it.
Thus remove the TODO to use such a vector.

R=ahaas@chromium.org

Change-Id: Ieb00a31872f04c720d2ef90b70452c18e79f0a5d
Reviewed-on: https://chromium-review.googlesource.com/503148
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45260}
2017-05-11 14:24:34 +00:00
gsathya
c8b77e9614 Reland [interpreter] Add intrinsics for map/set instance type checks
BUG=v8:6261, v8:6278, v8:6344

Review-Url: https://codereview.chromium.org/2868343002
Cr-Original-Commit-Position: refs/heads/master@{#45236}
Committed: 55a610ba24
Review-Url: https://codereview.chromium.org/2868343002
Cr-Commit-Position: refs/heads/master@{#45259}
2017-05-11 14:15:45 +00:00
Michael Lippautz
ece19e99b1 [heap] MinorMC: Use HeapVisitor instead of StaticNewSpacevisitor
Bug: chromium:651354
Change-Id: I797a0eee698c9c5a6bf191fb041111c9ff5440cf
Reviewed-on: https://chromium-review.googlesource.com/503227
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45258}
2017-05-11 13:02:56 +00:00
dusan.simicic
84f244dd6a MIPS64: Fix load in Generate_JSConstructStubGeneric
This patch fixes regresion introduced in CL:
https://chromium-review.googlesource.com/c/489525/

ldr instruction is unaligned load on MIPS and it is not available in
MIPS64r6 architecture.

BUG=

Review-Url: https://codereview.chromium.org/2873873005
Cr-Commit-Position: refs/heads/master@{#45257}
2017-05-11 12:44:43 +00:00
Michael Starzinger
b4948f1b81 [asm.js] Test and fix function (table) immutability.
This makes sure that function variables as well as function table
variables are properly typed as immutable, hence assignments to them
should cause validation failures.

R=clemensh@chromium.org
TEST=mjsunit/asm/immutable
BUG=chromium:721271

Change-Id: Ia3f65fd0782ca571ffcf99520fdbd8fc5a359d16
Reviewed-on: https://chromium-review.googlesource.com/503209
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45256}
2017-05-11 12:25:26 +00:00
Michael Starzinger
26f2d5c21e [parser] Remove redundant "dot" tracking for numbers.
This removes logic tracking whether a number literal in the source
contained a "dot" character or not. The tracking was only needed for
validation of asm.js modules on the AST, it is obsolete now.

R=marja@chromium.org

Change-Id: Ib474e2281db80fe56d43e1af52221a7c66261e01
Reviewed-on: https://chromium-review.googlesource.com/503228
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45255}
2017-05-11 12:24:20 +00:00
ulan
8a5382b789 [heap] Slot snapshot for visiting JSObjects in concurrent marker.
The mutator can convert a pointer slot of a JSObject to an unboxed
double slot. To make it we safe for the concurrent marker, we require
synchronization using the object markbits.

The concurrent marker visits the JSObject as follows:
- save snapshot of object slot addresses and values.
- visit the snapshot only after successful transition of the object
  from grey to black.

Before an unsafe layout change the mutator colors the object black
and visits it using the bailout marking deque.

BUG=chromium:694255

Review-Url: https://codereview.chromium.org/2876553002
Cr-Commit-Position: refs/heads/master@{#45254}
2017-05-11 11:11:11 +00:00
Michael Starzinger
9acc66cd83 [asm.js] Avoid redundant string copying in builder.
R=clemensh@chromium.org

Change-Id: I5c37cdf4f11ff7062e6af8c7af5b6eabf1baedad
Reviewed-on: https://chromium-review.googlesource.com/503207
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45253}
2017-05-11 11:08:04 +00:00
ulan
e4b3f93eab [heap] Add a flag to disable remembered set verification.
BUG=chromium:720606

Review-Url: https://codereview.chromium.org/2871173006
Cr-Commit-Position: refs/heads/master@{#45252}
2017-05-11 11:04:12 +00:00
Michael Achenbach
332353556e [CQ] Make linux64 gcc debug bot mandatory
Bug: v8:6355
NOTRY=true
TBR=sergiyb@chromium.org

Change-Id: Ib0b6d32cf330d03d1898f55f7fc21092ce816beb
Reviewed-on: https://chromium-review.googlesource.com/503269
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45251}
2017-05-11 10:02:10 +00:00
Andreas Haas
72019a0428 [wasm] Streaming decoder
This CL implements a streaming decoder which takes the bytes
of a wasm module as an input, potentially split into multiple
chunks, and decodes them into segments. Each segment either
contains the payload of a whole section, or the code of a
single function. The goal is that the streaming decoder is
used for streaming compilation. That's where the interface
comes from, see
(https://cs.chromium.org/chromium/src/v8/include/v8.h?q=OnBytesReceived&sq=package:chromium&l=4060)

Error positions are not reported correctly at the moment. I
plan to do this in a separate CL.

Change-Id: I6e3df6a91945c7baec2dc4f5de2e5f47636083df
Reviewed-on: https://chromium-review.googlesource.com/471350
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45250}
2017-05-11 09:46:31 +00:00
Michael Achenbach
a6424c7626 [release] Relax git_footers parsing to match that of Gerrit (JGit).
Port https://chromium-review.googlesource.com/c/501849/

NOTRY=true
TBR=tandrii@chromium.org
Bug: chromium:717504

Change-Id: Ia37759c615cc3ad4d2978a4589ca687a750afc46
Reviewed-on: https://chromium-review.googlesource.com/503028
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45249}
2017-05-11 09:02:47 +00:00
mlippautz
4ea91a0190 [heap] MinorMC: Only iterate new space global handles for ptr updates
The reason we need this mode is that IterateRoots for the Scavenger only
captures dependent weak nodes. This is also what we do for marking for the
minor MC.

Since the regular marking might also mark objects that are weakly
(non-dependently) pointed to by nodes we need to capture all of them during
pointers updating. The reason this works for the Scavenger is because we do one
pass at the end of the scavenger (combined with resetting) that captures all
those nodes.

BUG=chromium:651354

Review-Url: https://codereview.chromium.org/2869413002
Cr-Commit-Position: refs/heads/master@{#45248}
2017-05-11 08:06:59 +00:00
jgruber
f9c4fc0d20 [error] Clear external_caught_exception in Error formatting
Clearing the pending exception is not enough - if we want to swallow an
exception while currently on top of an external handler (e.g. TryCatch),
we also need to clear external_caught_exception.

BUG=chromium:719380

Review-Url: https://codereview.chromium.org/2870423002
Cr-Commit-Position: refs/heads/master@{#45247}
2017-05-11 06:35:53 +00:00
Michael Lippautz
682d5369b8 Revert "Revert "Revert "[global-handles] Remove dead code"""
This reverts commit c836a95e87.

Reason for revert: I don't think this was related.

Original change's description:
> Revert "Revert "[global-handles] Remove dead code""
> 
> This reverts commit 58020872dc.
> 
> Reason for revert: Turned out to be a bot issue, reverting the revert. 
> 
> Original change's description:
> > Revert "[global-handles] Remove dead code"
> > 
> > This reverts commit e2890c19a7.
> > 
> > Reason for revert: Looks like this CL causes slowdown on multiple builders, Check tests timeout and raise exceptions on the bot. Possible it is a bot issue as well, see tracking bug - https://bugs.chromium.org/p/chromium/issues/detail?id=720606
> > 
> > Original change's description:
> > > [global-handles] Remove dead code
> > > 
> > > Bug: chromium:720477
> > > Change-Id: I090168c575c41b7038af5dfba6cd8973d1154c51
> > > Reviewed-on: https://chromium-review.googlesource.com/501790
> > > Reviewed-by: Hannes Payer <hpayer@chromium.org>
> > > Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
> > > Cr-Commit-Position: refs/heads/master@{#45241}
> > 
> > TBR=hpayer@chromium.org,mlippautz@chromium.org,jochen@chromium.org
> > NOPRESUBMIT=true
> > NOTREECHECKS=true
> > NOTRY=true
> > Bug: chromium:720477
> > 
> > Change-Id: I92f40d8c4dbfdb5208b3068648612e8c5b97fb20
> > Reviewed-on: https://chromium-review.googlesource.com/502029
> > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
> > Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#45243}
> 
> TBR=hpayer@chromium.org,gdeepti@chromium.org,mlippautz@chromium.org,jochen@chromium.org,v8-reviews@googlegroups.com
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> Bug: chromium:720477
> 
> Change-Id: I70e190e0c27074228a8128aa849e5a419af915e8
> Reviewed-on: https://chromium-review.googlesource.com/502030
> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#45244}

TBR=hpayer@chromium.org,gdeepti@chromium.org,mlippautz@chromium.org,jochen@chromium.org,v8-reviews@googlegroups.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Bug: chromium:720477

Change-Id: If3e4abea51d87546e25076b906a4c91e5ccf947b
Reviewed-on: https://chromium-review.googlesource.com/503007
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45246}
2017-05-11 05:59:00 +00:00
v8-autoroll
57ed8ba330 Update V8 DEPS.
Rolling v8/build: 5a162d8..2e68430

Rolling v8/third_party/catapult: 0e86ab1..27f7008

Rolling v8/tools/swarming_client: 11e31af..e6fc938

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Change-Id: I076d768c3580e0981740cd27a40decac24fa062b
Reviewed-on: https://chromium-review.googlesource.com/502350
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45245}
2017-05-11 03:38:57 +00:00