Commit Graph

44589 Commits

Author SHA1 Message Date
Sigurd Schneider
9d3e0774c9 [turbofan] Add support for updating feedback via CheckBounds
Add support for disallowing speculation upon deoptimize from
a CheckBound node, and use this in the case of array builtins
in js-call-reducer to prevent deoptimization loops.

Bug: v8:7127
Change-Id: I04cf655b10178d2938d2f0ee6b336601fab6463b
Reviewed-on: https://chromium-review.googlesource.com/822195
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50097}
2017-12-14 08:13:10 +00:00
Brad Nelson
09a5289904 Adding bbudge to src/compiler OWNERS (focus on backend).
R=jarin@chromium.org

Bug: 
Change-Id: I43c72aa222a6b41b22b3f80f3d4ce3113b965a81
Reviewed-on: https://chromium-review.googlesource.com/822526
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50096}
2017-12-14 07:25:51 +00:00
v8-autoroll
d38b21c626 Update V8 DEPS.
Rolling v8/build: 3d92234..9caf5bf

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/fbee132..9cfb34e

Rolling v8/tools/clang: 73924d8..ec766dc

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I9c3106b436041575140f3bfc447585ee0613a617
Reviewed-on: https://chromium-review.googlesource.com/826862
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50095}
2017-12-14 04:52:10 +00:00
bsheedy
c52cba07ef Fix implicit conversions in disasm-arm64.cc
Adds static_cast<int> to a number of return values in disasm-arm64.cc.
The implicit conversion from size_t (unsigned long) to int was causing
compilation warnings/errors when upgrading to Android NDK r16.

Bug: chromium:771171
Change-Id: I9a5f80d65565e1a9ab4caf2cf874240f04f406a1
Reviewed-on: https://chromium-review.googlesource.com/826254
Commit-Queue: Brian Sheedy <bsheedy@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50094}
2017-12-14 00:49:40 +00:00
Jakob Kummerow
741213d6ed [cleanup] Clean up CSA::RelationalComparison for readability
Bug: v8:7109
Change-Id: I6384546566a760bd2956685a09d2327616eabd6d
Reviewed-on: https://chromium-review.googlesource.com/810266
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50093}
2017-12-13 23:41:10 +00:00
Adam Klein
e520f4e534 [api] Add an ApiCheck for Function::Call on a null handle
This would help separate such API misuses from other Invoke() crashes
which indicate crashes in generated code.

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I6c596fb63950d7306fab1b689dd913a61764d257
Reviewed-on: https://chromium-review.googlesource.com/825942
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50092}
2017-12-13 23:06:50 +00:00
Junliang Yan
cae7667c19 PPC/s390: Reland [turbofan] Implement on-stack returns (Intel)
Port bd732f7ddd

Original Commit Message:

    The original CL introduced a test which uses a random number generator.
    I disable the test for now, which is okay because this CL adds to a
    work-in-progress feature anyways, and I will fix the problem in another
    CL.

    Original description:
    Add the ability to return (multiple) return values on the stack:

    - Extend stack frames with a new buffer region for return slots.
      This region is located at the end of a caller's frame such that
      its slots can be indexed as caller frame slots in a callee
      (located beyond its parameters) and assigned return values.
    - Adjust stack frame constructon and deconstruction accordingly.
    - Extend linkage computation to support register plus stack returns.
    - Reserve return slots in caller frame when respective calls occur.
    - Introduce and generate architecture instructions ('peek') for
      reading back results from return slots in the caller.
    - Aggressive tests.
    - Some minor clean-up.

    So far, only ia32 and x64 are implemented.

R=ahaas@chromium.org, joransiu@ca.ibm.com, jbarboza@ca.ibm.com
BUG=
LOG=N

Change-Id: I8d63286aa5af5f52cc2eeaf2adeee13d0ff19e7d
Reviewed-on: https://chromium-review.googlesource.com/823084
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50091}
2017-12-13 20:06:06 +00:00
Andreas Haas
2c3fae967b [wasm] Allow to restart background tasks during streaming compilation
In a certain scenario streaming compilation got stuck and did never
finish. This CL fixes this issue.

Scenario:
* Streaming compilation starts
* The compilation tasks execute all compiation units in the working
  queue and set the finished_ flag to true.
* New data arrives over streaming
* The compilation tasks compile so fast that the executed_units_ queue
  gets full. The compilation tasks stop executing and wait for the
  finisher task to restart them.
* The finisher task does not restart the compilation tasks because the
  finished_ flag is set.

With this CL I remove the finished flag and instead look at the size
of the working queue directly.

In addition I added a test which does not actually reproduce this
scenario but seems good to have anyways.

R=mtrofin@chromium.org

Change-Id: I44560c43e51be13c4461208368e21137b115656c
Reviewed-on: https://chromium-review.googlesource.com/824523
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50090}
2017-12-13 19:51:36 +00:00
Sergiy Byelozyorov
599324d03e [tools] Pass output to GetOutcome function
R=majeski@google.com
TBR=machenbach@chromium.org

This is breaking some test runs, e.g.
https://chromium-swarm.appspot.com/task?id=3a69c31ccb964d10&refresh=10&show_raw=1.

Bug: v8:6917
Change-Id: I61c12eafdf12a1bee2bf08de75f26b0d44fd0056
Reviewed-on: https://chromium-review.googlesource.com/825122
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50089}
2017-12-13 19:41:16 +00:00
Ali Ijaz Sheikh
9034d8c8a5 [heap] establish invariants between top_on_previous_step_ and AllocationObserversActive()
top_on_previous_step_ can only be valid when Allocation Observers are
active. Add some assertions in the code to ensure this holds.

Use AllocationObserversActive() more pervasively. Remove some code based
on the established invariant.

Bug: 
Change-Id: I7f0d4c4f617ed9fa05c6b94202a90953fbc33cfd
Reviewed-on: https://chromium-review.googlesource.com/823576
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com>
Cr-Commit-Position: refs/heads/master@{#50088}
2017-12-13 19:33:57 +00:00
Bill Budge
9f252b9a4a [d8] Rework ArrayBuffer Allocators again.
- Makes ArrayBufferAllocatorBase forward all operations to default
  ArrayBufferAllocator.
- ShellArrayBufferAllocator uses VM for allocations over a threshold.

Bug: chromium:793750,v8:7146
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I62d8f9281b744e987223a16fbb762bd77747bf39
Reviewed-on: https://chromium-review.googlesource.com/822764
Reviewed-by: Eric Holk <eholk@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50087}
2017-12-13 19:13:06 +00:00
Ulan Degenbaev
3ecb047aba [runtime] Decrease the maximum number of descriptors.
This ensures that MigrateFastToFast does not overflow the length of the
property array.

Bug: chromium:789393
Change-Id: I77adc319c1c8c469ea482bad35ead8661d535192
Reviewed-on: https://chromium-review.googlesource.com/824167
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50086}
2017-12-13 18:59:26 +00:00
Sergiy Byelozyorov
db46a3099d Whitespace CL
TBR=sergiyb@chromium.org

Bug: chromium:747960
Change-Id: I4b28456f7a2809065ef8581a2440b87161996332
Reviewed-on: https://chromium-review.googlesource.com/824169
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50085}
2017-12-13 18:33:36 +00:00
Benedikt Meurer
0b9036dcc9 [turbofan] Make Array#find use integers for the index.
The k value passed to NumberAdd was outside the integer range, which
meant it had to choose Double as the only valid representation. The
other array builtins pass the result of CheckBounds here to specifically
force the types into integer range, which allows the representation
selection to pick Word32 instead of Float64 representation.

Drive-by-fix: Pass kind to AccessBuilder::ForJSArrayLength() as well.

Bug: chromium:791045, v8:1956
Change-Id: I357e1ba0dc52be544e631e4d554ab772b9b4c9bb
Reviewed-on: https://chromium-review.googlesource.com/823968
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50084}
2017-12-13 17:29:25 +00:00
Sergiy Byelozyorov
98e4b6a130 V8: Migrate 8 builders to LUCI
TBR=machenbach@chromium.org

No-Try: true
Bug: chromium:747960
Change-Id: If7cb86066c7579a02b3cb56bb64084574fa4187d
Reviewed-on: https://chromium-review.googlesource.com/824922
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50083}
2017-12-13 17:23:14 +00:00
Michael Starzinger
d184d7353d [simulator] Simplify simulator initialization sequence.
R=clemensh@chromium.org

Change-Id: I80201b16c5d7a373ae5ff56bfafb46f4425bf997
Reviewed-on: https://chromium-review.googlesource.com/824243
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50082}
2017-12-13 17:08:24 +00:00
Igor Sheludko
7cdfb6df23 [ic] Introduce proper StoreGlobalIC dispatcher.
The dispatcher is responsible for handling stores to lexical environment
variables and for storing directly to the JSGlobalObject. In the latter
case the dispatcher also ensures that JSGlobalProxy is provided as
a receiver if a setter function has to be called.
Unlike StoreIC the calling convention for the StoreGlobalIC does not include
receiver.

Bug: v8:7206, chromium:576312, v8:5561
Change-Id: Ifa896c7b41bf440785b757c2272ec91211e79c98
Reviewed-on: https://chromium-review.googlesource.com/818965
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50081}
2017-12-13 16:23:54 +00:00
Ulan Degenbaev
ce5eb004d5 [heap] Fix Page::ShrinkToHighWaterMark.
Revision 5bc1d29 introduced a bug in the case when the filler is in
the unmapped region, which leads to CHECK failure.

Change-Id: I013e4386f6d5e9cdad22c11e1a7a9f1a088375ae
Reviewed-on: https://chromium-review.googlesource.com/823845
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50080}
2017-12-13 15:53:00 +00:00
Michal Majewski
8cd7617195 [test] Ignore rename coverage data in execution time.
Bug: v8:6917
Change-Id: I88fdb12c39311531600c0715fff5abe5da051295
Reviewed-on: https://chromium-review.googlesource.com/824271
Commit-Queue: Michał Majewski <majeski@google.com>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50079}
2017-12-13 15:04:51 +00:00
Michal Majewski
af192c8905 [test] Remove output from testcase.
Bug: v8:6917
Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: I5ca840db75766413659cb96fd28b922712040cec
Reviewed-on: https://chromium-review.googlesource.com/823843
Commit-Queue: Michał Majewski <majeski@google.com>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50078}
2017-12-13 15:00:52 +00:00
Clemens Hammacher
5760d76ef7 [Liftoff] Attach source positions and safepoint info
So far we generated source positions and safepoint information, but we
never actually attached it to the generated code objects. This CL adds
that.

R=titzer@chromium.org

Bug: v8:6600, chromium:793694
Change-Id: I8f4c6d8752f4c31a1df51c4893c262ea5925f3b5
Reviewed-on: https://chromium-review.googlesource.com/824266
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50077}
2017-12-13 14:10:10 +00:00
Michal Majewski
c8102945af [test] Code cleanup in testcfg.py
- All testcase/testsuite/variant generator subclasses renamed to
  just TestCase/TestSuite/VariantGenerator since they're private
  implementation.
- All `testcase` variables renamed to `test` to not conflict with
  a module name.
- No more two statements in the same line.
- Removed some unused testsuite methods.

Bug: v8:6917
Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: I7710f3419f738a5f9ddca73765dd2cad2e35b952
Reviewed-on: https://chromium-review.googlesource.com/823964
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michał Majewski <majeski@google.com>
Cr-Commit-Position: refs/heads/master@{#50076}
2017-12-13 13:36:20 +00:00
Clemens Hammacher
3b0049e393 [label] Document meaning of kNear and kFar distances
The intel manual knows "short jumps", "near jumps" and "far jumps",
where our Label::kNear corresponds to short jumps and Label::kFar
corresponds to near jumps.
Add some words to document this.

R=mstarzinger@chromium.org

Change-Id: I2b41cc770ee2c1fecff5e7363cede264ca3cd033
Reviewed-on: https://chromium-review.googlesource.com/824270
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50075}
2017-12-13 13:33:20 +00:00
Michael Starzinger
f4dde20044 [simulator] Refactor redirections to be process-wide.
This refactors the list of redirections of runtime call targets that
simulators maintain to be process-wide (as opposed to be per Isolate).
Such redirections are used for static C++ call targets which themselves
are process-wide, which makes this model a closer fit. Access is already
properly synchronized via a mutex.

Along the way this also introduces the {SimulatorBase} class as a common
base class for all simulator implementations.

R=clemensh@chromium.org

Change-Id: Iae8602c44b1b34cb916dde2b22c9403b0496b3d4
Reviewed-on: https://chromium-review.googlesource.com/823966
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50074}
2017-12-13 13:28:10 +00:00
Ross McIlroy
1d1f52534e [Interpreter] Make RegisterList constructor private to avoid missue.
RegisterLists should only be allocated via the register allocator. To ensure
this, make the RegisterList constructor private and only expose it to tests
and the BytecodeRegisterAllocator.

Change-Id: I09ebfc5c0f1baecfb1333fd672b96d462fd26fcf
Reviewed-on: https://chromium-review.googlesource.com/822196
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50073}
2017-12-13 13:15:35 +00:00
Clemens Hammacher
d5fbf0edcf [Liftoff] Fix stack space reservation
LiftoffAssembler::ReserveStackSpace expected number of bytes, not
number of stack slots. Also, make this clear in the naming of the
parameter, and remove a dead field.

R=titzer@chromium.org

Bug: v8:6600
Change-Id: Ic4c7167cfa26a169b2936acdde865863141f441d
Reviewed-on: https://chromium-review.googlesource.com/823967
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50072}
2017-12-13 13:14:30 +00:00
Clemens Hammacher
5aaeb2fd1c [wasm] Simplify bounds check
We really just need one check instead of three. This also unifies the
error message to be the same on 32 and 64 bit systems.

Drive-by: Fix potential overflow in {validate_size}.

R=titzer@chromium.org

Bug: chromium:794353
Change-Id: I63c1f5ef53c1f245b9e82bcbf86a5d9ac0d2725e
Reviewed-on: https://chromium-review.googlesource.com/824082
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50071}
2017-12-13 10:44:24 +00:00
Georgia Kouveli
577b4c80e4 Update JSEntryStub for arm64 stack alignment.
This includes adding a padding slot to the stack handler, which is done for all
architectures for consistency.

Bug: v8:6644
Change-Id: I8a6379a82e2a9d1819069850b6734489bd6071a6
Reviewed-on: https://chromium-review.googlesource.com/822477
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com>
Cr-Commit-Position: refs/heads/master@{#50070}
2017-12-13 10:38:40 +00:00
Sigurd Schneider
6630a1f111 [turbofan] Disallow speculation after deopt from array builtin
This disallows speculation after deoptimization from any of
Array.{forEach,map,filter,find} due to CheckMap fails. Such
CheckMap fails happen if the builtins' function argument
causes the map of the array to change. The js-call-lowering
refrains from optimizing builtins for which speculation was
disallowed.

Bug: v8:6898, v8:7127
Change-Id: Ied6696f8fb023ee404fb82e9d37bfb061f293854
Reviewed-on: https://chromium-review.googlesource.com/819354
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50069}
2017-12-13 10:33:16 +00:00
Clemens Hammacher
4b3043ef20 [Liftoff] Implement memory operations
Add support for loading and storing i32 values to and from memory.
Support for f32 and for non-traphandler configurations (i.e. emitting
bounds checks) will be added in a follow-up CL.

R=titzer@chromium.org

Bug: v8:6600
Change-Id: I43c44ce61f5acbac325261212374eb0f48c6ee89
Reviewed-on: https://chromium-review.googlesource.com/809164
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50068}
2017-12-13 10:29:39 +00:00
Tobias Tebbi
60247ea2ce [turbofan] maintain source positions in loop peeling and polymorphic inlining
I also used the opportunity to clean up the loop peeler a bit by making the
class stateful, to avoid passing long argument lists around.

Bug: v8:5864
Change-Id: I2e034c6eabd381b01e15cf3e6aa3ce7b14e7b3d8
Reviewed-on: https://chromium-review.googlesource.com/822933
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50067}
2017-12-13 09:51:46 +00:00
Sigurd Schneider
1edca59ffa [turbofan] Mark builtin stub frames as deoptimized again
For eager deopts within builtin stub frames we skiped marking the
underlying function as deoptimized. This avoided deopt loops where
we would just generate the same optimized code all over again.

Bug: v8:6898
Change-Id: Ie3d7ee4dfcbeb63e6087112d5740a423c4730599
Reviewed-on: https://chromium-review.googlesource.com/822491
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50066}
2017-12-13 09:17:17 +00:00
Michal Majewski
08a05c2bff [test] Move data access from suite to test.
- create testcase subclass for each test
- move get_command, get_source from suite to test
- promises-aplus tests are broken
- moving expected outcomes etc. is still in progress

Bug: v8:6917
Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: I006e64ecf51dda95c41dff88c68b24f17a638566
Reviewed-on: https://chromium-review.googlesource.com/798331
Commit-Queue: Michał Majewski <majeski@google.com>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50065}
2017-12-13 09:14:47 +00:00
Sigurd Schneider
cd99bada9a [turbofan] Add support to deoptimizer for setting no speculation bit
This CL adds support to the deoptimizer for setting the no speculation
bit on a provided feedback vector if desired.

Bug: v8:7127
Change-Id: I31fd1ea306cf5a4e919faeb896a83c1afdfccd63
Reviewed-on: https://chromium-review.googlesource.com/819370
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50064}
2017-12-13 08:52:34 +00:00
Michael Stanton
a52b4cdf2d Revert "[ICs] Eliminate trampoline ICs in TurboFan generic lowering"
This reverts commit 7d699b938c.

Reason for revert: Actually we like the trampolines. Slight reduction in code size, and prevents spanning the icache.

Original change's description:
> [ICs] Eliminate trampoline ICs in TurboFan generic lowering
> 
> Trampoline ICs differ from normal ICs only in that they
> load the feedback vector from the stack instead of accepting it
> as an argument. We created them for FullCodeGen, where you always
> have the feedback vector on the stack, and can reduce the amount
> of code required to invoke an ICs by hiding the stack load down
> in the trampoline IC.
> 
> Now the concept isn't really necessary, and we can achieve a
> nice cleanup of our idea-space by removing it. The first step is
> to remove their usage in TurboFan.
> 
> Bug: v8:7199
> Change-Id: I08aefa5de199b1f19adea261b7086a84338c0805
> Reviewed-on: https://chromium-review.googlesource.com/822193
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#50038}

TBR=mvstanton@chromium.org,tebbi@chromium.org

Change-Id: I63dcd98b799739d1d6ea55508b1ea5cfad9e3292
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7199
Reviewed-on: https://chromium-review.googlesource.com/822420
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50063}
2017-12-13 08:51:14 +00:00
Sigurd Schneider
8ff8c11069 [turbofan] Thread feedback through to deoptimization entries
Bug: v8:7127
Change-Id: Iec65ead1540289aa99f496fd66595f2de88db68c
Reviewed-on: https://chromium-review.googlesource.com/817417
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50062}
2017-12-13 08:21:52 +00:00
peterwmwong
e2ce2e0aff [turbofan] Fix Array.p.find handling of holes in double elements
Bug: chromium:791045, v8:1956
Change-Id: I1400fc95b78e0f4771867d136377b14aed5bd4f4
Reviewed-on: https://chromium-review.googlesource.com/819510
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50061}
2017-12-13 05:38:17 +00:00
v8-autoroll
27da2f8ccf Update V8 DEPS.
Rolling v8/build: e796de3..3d92234

Rolling v8/buildtools: 282996b..1be57dc

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/cb82b10..fbee132

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: Iea76a8896a0e92c76bf334922be62a3c60c8fcaa
Reviewed-on: https://chromium-review.googlesource.com/822305
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50060}
2017-12-13 04:57:09 +00:00
Alexei Filippov
5c10512ce8 Mark test-cpu-profiler/NativeFrameStackTrace test as flaky
BUG=v8:7202
TBR=mstarzinger@chromium.org

Change-Id: I5399eab9a04edf98d57ee9e18be76e69f7cc9fa2
Reviewed-on: https://chromium-review.googlesource.com/823566
Reviewed-by: Alexei Filippov <alph@chromium.org>
Commit-Queue: Alexei Filippov <alph@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50059}
2017-12-13 01:54:23 +00:00
Alexei Filippov
f514cc967d [cpu-profiler] Introduce NativeFrame type.
The new frame type is inteneded to represent native C++ stack frames.
JS code may sometimes make calls to helper native functions that do not
provide any special stack layout besides the return address and frame pointer.

Currently the stack iterator bails out when it sees an unknown frame.
The patch allows the iterator to unwind stacks having such frames.

BUG=chromium:768540

Change-Id: I9c273c7015695a6733c0a0c52b522fca7b25de0d
Reviewed-on: https://chromium-review.googlesource.com/794991
Commit-Queue: Alexei Filippov <alph@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50058}
2017-12-13 00:05:45 +00:00
v8-autoroll
3b59a7954b Update V8 DEPS.
Rolling v8/build: ca599b0..e796de3

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/d624b3c..cb82b10

Rolling v8/tools/clang: 8688d26..73924d8

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I28fc53da5f713100b3d93cdac5e8a2708f7c5a5f
Reviewed-on: https://chromium-review.googlesource.com/821373
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50057}
2017-12-12 22:31:31 +00:00
Sergiy Byelozyorov
26f5c30b70 Whitespace CL
TBR=sergiyb@chromium.org

Bug: chromium:747960
Change-Id: Ib12ac093d1605ef4b409d8e73b0a75da83b2fb48
Reviewed-on: https://chromium-review.googlesource.com/817568
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50056}
2017-12-12 21:07:28 +00:00
Sergiy Byelozyorov
18d7c66131 Migrate 3 more builders to LUCI
TBR=machenbach@chromium.org

No-Try: true
Bug: chromium:793687
Change-Id: I08f54c20ad50c3f733505ce0c6769cc08281beb7
Reviewed-on: https://chromium-review.googlesource.com/822613
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50055}
2017-12-12 20:29:23 +00:00
Clemens Hammacher
aba57b1164 [wasm] Introduce LoadType and StoreType enums
These enums capture the "type" of a load and store in one value, with
accessors to get the value type, memory type, memory size etc.
This will simplify implementing memory operations in Liftoff.

R=titzer@chromium.org

Bug: v8:6600
Change-Id: Ief673e90fe63292853f97e5e95b5c39da1296730
Reviewed-on: https://chromium-review.googlesource.com/822476
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50054}
2017-12-12 19:59:03 +00:00
Tobias Tebbi
1220809924 [profiler] allow non-existing source position of inlined call
Turbofan does not always maintain source positions. Since the profiler
is best-effort only, this is ok and we should not assert it.
Source positions for stack traces are computed with an independent
mechanism: the stack walker. It's impossible to use the stack walker
here since it assumes that the frames actually exist.

Bug: chromium:787959
Change-Id: I43c3c4e6de0a9b5f76b05c53af238cb1df6ea1c5
Reviewed-on: https://chromium-review.googlesource.com/822930
Reviewed-by: Alexei Filippov <alph@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50053}
2017-12-12 19:16:23 +00:00
Ali Ijaz Sheikh
4623b8223b [heap] replace DisableInlineAllocationSteps with PauseAllocationObservers
* DisableInlineAllocationSteps was a blunt hammer added to work around
  tests that needed to avoid artificially lower limits imposed by
  observers. PauseAllocationObserversScope can properly disable step on
  a temporary basis.
* Modify tests. Remove DisableInlineAllocationSteps.

This exposed a bug in allocation observers: we were not doing a step
when a fresh page is added.

Fix this by moving the step into UpdateAllocationInfo. We should be
doing a step (and keeping top_on_previous_step_ consistent) whenever
we move move top(). UpdateAllocationInfo is the correct place for this
rather than the callers of UpdateAllocationInfo.

Bug: 
Change-Id: I2edc238dc2e73bf9a2e9738c2a9b50efcac5cbf0
Reviewed-on: https://chromium-review.googlesource.com/821052
Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50052}
2017-12-12 19:12:03 +00:00
Marja Hölttä
10d9c31488 [parser] Fix NaryOperation positions.
If an initializer is a NaryOperation, its position ends up as a start position
of a Scope, and a DCHECK used to fire.

Interestingly, this was not caught by our existing tests.

BUG=chromium:791256

Change-Id: Id47f850c7ad17ca580352f9bd56c9567b485c3b8
Reviewed-on: https://chromium-review.googlesource.com/822093
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50051}
2017-12-12 18:54:03 +00:00
Clemens Hammacher
a3a024f0e8 Reland^2 "[wasm] [cleanup] Only pass information really needed"
This is a reland of fa18e78dc7.

Mips compile error is fixed.

Original change's description:
> [wasm] [cleanup] Only pass information really needed
>
> Instead of always passing the MachineType, we can often just pass the
> accessed memory size or the MachineRepresentation, which is less
> information to pass and will simplify the upcoming refactoring for
> memory operations in Liftoff.
>
> R=titzer@chromium.org
>
> Bug: v8:6600
> Change-Id: I8748f8e00dcfdbc4082893143fe88bdafde99053
> Reviewed-on: https://chromium-review.googlesource.com/822194
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#50041}

TBR=titzer@chromium.org

Bug: v8:6600
Change-Id: I3dff3072d6ceebd74873ace0c7dce7cccc3055d5
Reviewed-on: https://chromium-review.googlesource.com/822851
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50050}
2017-12-12 18:50:53 +00:00
Eugene Ostroukhov
64d145534c [inspector] allow generatePreview for wrapObject
This method is needed by some Blink agents to generate object previews.

Bug: 
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I2304a6e44ea65ec469f3a3216b8bed789f706d0c
Reviewed-on: https://chromium-review.googlesource.com/821596
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Eugene Ostroukhov <eostroukhov@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50049}
2017-12-12 18:02:13 +00:00
Clemens Hammacher
7b80915a69 Revert "Reland "[wasm] [cleanup] Only pass information really needed""
This reverts commit ee106cb907.

Reason for revert: Still failing on big endian mips. 

Original change's description:
> Reland "[wasm] [cleanup] Only pass information really needed"
> 
> This is a reland of fa18e78dc7.
> 
> Mips compile error is fixed.
> 
> Original change's description:
> > [wasm] [cleanup] Only pass information really needed
> >
> > Instead of always passing the MachineType, we can often just pass the
> > accessed memory size or the MachineRepresentation, which is less
> > information to pass and will simplify the upcoming refactoring for
> > memory operations in Liftoff.
> >
> > R=titzer@chromium.org
> >
> > Bug: v8:6600
> > Change-Id: I8748f8e00dcfdbc4082893143fe88bdafde99053
> > Reviewed-on: https://chromium-review.googlesource.com/822194
> > Reviewed-by: Ben Titzer <titzer@chromium.org>
> > Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#50041}
> 
> TBR=titzer@chromium.org
> 
> Bug: v8:6600
> Change-Id: Ia2c47464277a7c7a70099e7f7d6e32003e34d87e
> Reviewed-on: https://chromium-review.googlesource.com/822342
> Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#50047}

TBR=titzer@chromium.org,clemensh@chromium.org

Change-Id: I448e3ad433451fb468c2db66b4b297e8c72a8c69
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6600
Reviewed-on: https://chromium-review.googlesource.com/822696
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50048}
2017-12-12 17:59:25 +00:00