Commit Graph

38062 Commits

Author SHA1 Message Date
Michael Achenbach
a022a1a9c4 [foozzie] More robust Date mock
Later manipulation of Array.prototype.concat could lead to calling the Date constructor with empty arguments list. This let a non-mocked date slip in.

BUG=chromium:698097
NOTRY=true
TBR=yangguo@chromium.org,mstarzinger@chromium.org

Change-Id: Ib4bd97e06ea7be8c32d0057d42943f9f82ea6b5f
Reviewed-on: https://chromium-review.googlesource.com/449732
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43570}
2017-03-03 08:51:48 +00:00
Michael Achenbach
bf84d924c3 [foozzie] Properly mock out Date
The old proxy only mocked out constructor calls and didn't intercept function application. It also kept the original constructor property, through which non-mocked dates could be constructed again.

BUG=chromium:697870
NOTRY=true
R=mstarzinger@chromium.org,yangguo@chromium.org

Change-Id: Icb4ef22342424f95463a7a9c57fa0bb8d910ac19
Reviewed-on: https://chromium-review.googlesource.com/448564
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43569}
2017-03-03 07:56:35 +00:00
ivica.bogosavljevic
4f426e104d MIPS: Fix int64->int32 lowering in wasm-to-interpeter entry on big-endian archs.
WASM interpreter requires that parameters are stored in big-endian natural
memory order (higher bits on lower addresses and lower bits on higher address).
On the other hand, WASM compiled code naturally stores data in memory in
little-endian order. This CL implements big-endian support for passing
double and int64 parameters to WASM interpreter.

TEST=cctest/test-wasm-interpreter-entry/TestArgumentPassing_int64,
     cctest/test-wasm-interpreter-entry/TestArgumentPassing_AllTypes

Review-Url: https://codereview.chromium.org/2721053002
Cr-Commit-Position: refs/heads/master@{#43568}
2017-03-03 07:34:39 +00:00
kozyatinskiy
0832bae354 [inspector] fixed endLine in Debugger.scriptParsed event
BUG=chromium:698077
R=lushnikov@chromium.org,alph@chromium.org

Review-Url: https://codereview.chromium.org/2730813002
Cr-Commit-Position: refs/heads/master@{#43567}
2017-03-03 06:58:11 +00:00
loorongjie
dbac977011 Reland Migrate Object.prototype.valueOf to CSA
Original issue: https://codereview.chromium.org/2724833002/

BUG=v8:6005
CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_trusty_blink_rel
R=bmeurer@chromium.org,yangguo@chromium.org

Review-Url: https://codereview.chromium.org/2725053007
Cr-Commit-Position: refs/heads/master@{#43566}
2017-03-03 06:30:26 +00:00
cwhan.tunz
a3709d47e6 [typedarrays] No callbacks for fast sorting of integer typed arrays
- No callbacks for std::sort of integer typed arrays when user-defined
  comparison is not given
- Use template function, instead of macro, for comparison function
- Do not sort if the array size is less than or equal to 1

BUG=v8:5953

Review-Url: https://codereview.chromium.org/2726153003
Cr-Commit-Position: refs/heads/master@{#43565}
2017-03-03 05:00:08 +00:00
v8-autoroll
092222c791 Update V8 DEPS.
Rolling v8/build: 2930f01..8ce7164

Rolling v8/third_party/catapult: b068264..7ef7617

Rolling v8/tools/clang: 37d701b..c9f2fc0

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Change-Id: I39deed72065ec038bc8852c4383d2f1f4746d43e
Reviewed-on: https://chromium-review.googlesource.com/449572
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43564}
2017-03-03 04:27:43 +00:00
Andreas Haas
036d811fbd [asmjs] Return early when AsmWasmBuilder::Run fails.
R=bradnelson@chromium.org

Change-Id: Ifc492b2c2d361ebde5b143b599175b13860781ca
Reviewed-on: https://chromium-review.googlesource.com/448576
Commit-Queue: Brad Nelson <bradnelson@chromium.org>
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43563}
2017-03-03 02:39:37 +00:00
aseemgarg
8b130a8495 [wasm] Implement simd lowering for F32x4 and I32x4 compare ops
R=bbudge@chromium.org,titzer@chromium.org,gdeepti@chromium.org,bradnelson@chromium.org,mtrofin@chromium.org
BUG=v8:6020

Review-Url: https://codereview.chromium.org/2728823005
Cr-Commit-Position: refs/heads/master@{#43562}
2017-03-03 02:31:44 +00:00
aseemgarg
81ad6b521f [wasm]implement simd lowering for f32x4->i32x4, i32x4 min/max and shift instructions
This fixes and relands https://codereview.chromium.org/2718323003.

R=bbudge@chromium.org,titzer@chromium.org,ahaas@chromium.org,machenbach@chromium.org,bradnelson@chromium.org
BUG=v8:6020

Review-Url: https://codereview.chromium.org/2724973003
Cr-Commit-Position: refs/heads/master@{#43561}
2017-03-03 02:04:07 +00:00
hpayer
ebe9e8cb6f [heap] Install a filler in newly allocated large objects to re-use ObjectMarking infrastructure.
BUG=chromium:694255

Review-Url: https://codereview.chromium.org/2728723004
Cr-Commit-Position: refs/heads/master@{#43560}
2017-03-02 21:59:50 +00:00
Toon Verwaest
4909edebf5 [ic] grow dictionary through special AddDictionaryProperty runtime helper
BUG=

Change-Id: I3d85ad84f5069f7fe349dcd82092696d0360cc94
Reviewed-on: https://chromium-review.googlesource.com/448225
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43559}
2017-03-02 21:17:57 +00:00
Adam Klein
fb16583179 Retain source order when hoisting sloppy block functions
This involved adding a count_ member to SloppyBlockFunctionMap, so
to avoid making DeclarationScope larger, this patch makes the
creation of the map lazy, thus reducing the size of DeclarationScope
by several words in the process.

BUG=chromium:688567

Change-Id: If9a9eb2ccc01690fe10edadb3aa9625454ff4a19
Reviewed-on: https://chromium-review.googlesource.com/448701
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43558}
2017-03-02 21:06:00 +00:00
Camillo Bruni
df060b0394 [CSA] Adding AllocateInNewSpace helper
This makes the assumption about new-space allocation in the CSA more clear.
Additionally AllocateInNewSpace asserts that the allocation will fit in the
new-space in a debug build.

Change-Id: Ica5e7e12656dcdaa2c739b3d300fdcbaeb2355a2
Reviewed-on: https://chromium-review.googlesource.com/448043
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43557}
2017-03-02 20:07:29 +00:00
bbudge
386e5a1149 Implement remaining Boolean SIMD operations on ARM.
- Implements Select instructions using a single ARM vbsl instruction.
- Renames boolean machine operators to match renamed S1xN machine types.
- Implements S1xN vector logical ops, AND, OR, XOR, NOT for ARM.
- Implements S1xN AnyTrue, AllTrue ops for ARM.
- Eliminates unused SIMD op categories in opcodes.h.

LOG=N
BUG=v8:6020

Review-Url: https://codereview.chromium.org/2711863002
Cr-Commit-Position: refs/heads/master@{#43556}
2017-03-02 19:50:33 +00:00
ahaas
91cd070769 [arm64][turbofan] Tst instructions can have a shifted operand.
This CL fixes a bug in the implementation of the code generation of
kArm64Tst32, where the shift input operand of kArm64Tst32 was ignored.
Please take a special look at the fix in kArm64Tst. I applied the fix
there as well, but because of differences in the instruction selector
I was not able to write a test for it.

R=v8-arm-ports@googlegroups.com
BUG=v8:6028

Review-Url: https://codereview.chromium.org/2729853003
Cr-Commit-Position: refs/heads/master@{#43555}
2017-03-02 19:46:09 +00:00
ulan
af55a29706 [heap] Do not delay mark-compact by doing scavenge.
This hack is causing false "last-resort" garbage collections.

When incremental marking is in progress and overshoots the limit,
our heuristics in the allocator request finishing the mark-compact
because V8 is in optimize-for-memory mode.

However, the mark-compact gets replaced by scavenger which leads to
retrying the allocation two times and eventually doing last resort GC
(which throws away all the marking info).

BUG=chromium:697119

Review-Url: https://codereview.chromium.org/2723003003
Cr-Commit-Position: refs/heads/master@{#43554}
2017-03-02 18:27:49 +00:00
hpayer
d003c2ad9c [heap] Use ObjectMarking in TransferMark.
BUG=chromium:694255

Review-Url: https://codereview.chromium.org/2723853006
Cr-Commit-Position: refs/heads/master@{#43553}
2017-03-02 18:12:09 +00:00
tebbi
12ce15c35b [wasm] change reducer order in WASM pipeline to make build predictable again
BinopMatcher does not notify the reducers using it when it flips inputs to commutative operators. This leads to value numbering not being re-executed in this case. Together with the fact that value numbering might still reduce such a modified node in the case of a hash collision merging the buckets of two equivalent nodes, this leads to unpredictable behaviour.

This is the easiest fix for the problem: Always running value numbering last. This is also a performance improvement because value numbering never changes but only replaces nodes.

R=mstarzinger@chromium.org

Review-Url: https://codereview.chromium.org/2728983002
Cr-Commit-Position: refs/heads/master@{#43552}
2017-03-02 17:53:33 +00:00
Michael Lippautz
78867ad870 Remove object grouping
Enbedders should switch to EmbedderHeapTracer API.

BUG=v8:5828

Change-Id: I82f2bc583d246617865a17f5904e02cd35f92fec
Reviewed-on: https://chromium-review.googlesource.com/448539
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43551}
2017-03-02 17:53:07 +00:00
ulan
2e00025038 [inspector] Enable debugger/pause-on-oom test with larger heap limit.
BUG=v8:6018

Review-Url: https://codereview.chromium.org/2729843002
Cr-Commit-Position: refs/heads/master@{#43550}
2017-03-02 17:49:15 +00:00
Toon Verwaest
fc8cc09024 [runtime] drop explicit thinstring unwrapping, it's done in InternalizeName
BUG=

Change-Id: Ic651f90b074bb712a0a03d4076a7d976bdc41138
Reviewed-on: https://chromium-review.googlesource.com/448538
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43549}
2017-03-02 16:12:27 +00:00
Peter Marshall
ff8b1abb1a [builtins] Reland of Port TypedArrayInitialize to CodeStubAssembler.
Turbofan is a lot slower than Crankshaft at constructing TypedArrays,
because we always go to the C++ builtin. Port the builtin to CSA
to improve performance, and to clean up the implementation, which is
split across multiple files and pieces at the moment.

This CL increases the performance with --future to roughly the same
as with crankshaft.

BUG=v8:5977

Change-Id: Id0d91a4592de41a3a308846d79bd44a608931762
Reviewed-on: https://chromium-review.googlesource.com/448537
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43548}
2017-03-02 14:31:18 +00:00
machenbach
d7cb3cfc91 Revert of Migrate Object.prototype.valueOf to CSA (patchset #4 id:80001 of https://codereview.chromium.org/2724833002/ )
Reason for revert:
Breaks layout tests:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/13900

See also:
https://github.com/v8/v8/wiki/Blink-layout-tests

Original issue's description:
> Migrate Object.prototype.valueOf to CSA
>
> BUG=v8:6005
>
> Review-Url: https://codereview.chromium.org/2724833002
> Cr-Commit-Position: refs/heads/master@{#43539}
> Committed: f93b27e639

TBR=bmeurer@chromium.org,yangguo@chromium.org,loorongjie@gmail.com
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:6005

Review-Url: https://codereview.chromium.org/2730573004
Cr-Commit-Position: refs/heads/master@{#43547}
2017-03-02 14:26:45 +00:00
Michael Achenbach
d5ecdedf13 [test] Add new json test results output for flakiness dashboard
BUG=chromium:689108

Change-Id: Id39d247f267131b1abf968546c7555b3657b14f3
Reviewed-on: https://chromium-review.googlesource.com/439566
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43546}
2017-03-02 14:26:04 +00:00
Peter Marshall
e68ce4f237 Revert "[builtins] Delete unused TypedArrayInitialize intrinsic."
This reverts commit 5c200fa0f1.

Reason for revert: Relies on changes that were reverted.

Original change's description:
> [builtins] Delete unused TypedArrayInitialize intrinsic.
> 
> This CL only deletes code. We dont call these anymore, so they are safe
> to remove.
> 
> BUG=v8:5977
> 
> Change-Id: I59889c3dbb9c2610f3502d582b6c307b1fb4f63b
> Reviewed-on: https://chromium-review.googlesource.com/448517
> Commit-Queue: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#43543}

TBR=cbruni@chromium.org,petermarshall@chromium.org,bmeurer@chromium.org,v8-reviews@googlegroups.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5977

Change-Id: I41f32b0b8f74bcfdf9afbd7cc150cca9f5edd199
Reviewed-on: https://chromium-review.googlesource.com/448563
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43545}
2017-03-02 13:50:05 +00:00
Michael Achenbach
cb672f4df6 Revert "[builtins] Delete unused TypedArrayInitialize intrinsic."
This reverts commit 5c200fa0f1.

Reason for revert: Breaks compile:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20builder/builds/23538

Maybe conflicts with a change that just landed.

Original change's description:
> [builtins] Delete unused TypedArrayInitialize intrinsic.
> 
> This CL only deletes code. We dont call these anymore, so they are safe
> to remove.
> 
> BUG=v8:5977
> 
> Change-Id: I59889c3dbb9c2610f3502d582b6c307b1fb4f63b
> Reviewed-on: https://chromium-review.googlesource.com/448517
> Commit-Queue: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#43543}

TBR=cbruni@chromium.org,petermarshall@chromium.org,bmeurer@chromium.org,v8-reviews@googlegroups.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5977

Change-Id: Iba1611f4c93d105a4163338b59bda42ea7937443
Reviewed-on: https://chromium-review.googlesource.com/448562
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43544}
2017-03-02 13:48:53 +00:00
Peter Marshall
5c200fa0f1 [builtins] Delete unused TypedArrayInitialize intrinsic.
This CL only deletes code. We dont call these anymore, so they are safe
to remove.

BUG=v8:5977

Change-Id: I59889c3dbb9c2610f3502d582b6c307b1fb4f63b
Reviewed-on: https://chromium-review.googlesource.com/448517
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43543}
2017-03-02 13:41:21 +00:00
Igor Sheludko
db53680d00 [ic] Generate FCG-specific IC dispatchers as tail calls to optimized-code specific ones.
... instead of inlining the dispatchers' code. This should reduce the size of the generated
builtins code.

BUG=

Change-Id: Ia3f68ea8b398f049bad87f6ce93c818f0af4674f
Reviewed-on: https://chromium-review.googlesource.com/447938
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43542}
2017-03-02 13:34:24 +00:00
Michael Lippautz
12963af725 [heap] Support for minor MC marking during incremental marking part 1
First part of relanding d2c093bcaf.

BUG=chromium:651354

Change-Id: I34ebea331d482d5039626ccff48b11ad175793ee
Reviewed-on: https://chromium-review.googlesource.com/448518
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43541}
2017-03-02 13:27:05 +00:00
Michael Starzinger
4a80642e54 [turbofan] Simplify {IfException} discovery during inlining.
This unifies the search for a potential {IfException} projection with
the existing predicate on {NodeProperties} used by the rest of the
system. Also contains a related drive-by change to graph builders. This
is in preparation of eliding {IfSuccess} projections when possible.

R=jarin@chromium.org

Change-Id: I8ba0ae9e9fdb69a77bce01578200ceea434535f7
Reviewed-on: https://chromium-review.googlesource.com/448039
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43540}
2017-03-02 13:07:28 +00:00
loorongjie
f93b27e639 Migrate Object.prototype.valueOf to CSA
BUG=v8:6005

Review-Url: https://codereview.chromium.org/2724833002
Cr-Commit-Position: refs/heads/master@{#43539}
2017-03-02 12:57:21 +00:00
Toon Verwaest
f662ae9781 [runtime] Only support internalized keys in NameDictionaryShape::IsMatch
BUG=

Change-Id: Iaae90ecfc36f05d596291f4755e767ef2799f2b0
Reviewed-on: https://chromium-review.googlesource.com/448221
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43538}
2017-03-02 12:53:36 +00:00
Michael Achenbach
ced6643726 [foozzie] Remove obsolete stack-trace suppressions
BUG=chromium:673246
NOTRY=true
TBR=yangguo@chromium.org

Change-Id: I413c23006f0f5e7879eaaece5f82f6c0fb4f7109
Reviewed-on: https://chromium-review.googlesource.com/447979
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43537}
2017-03-02 12:38:39 +00:00
hablich
1a39714805 Update V8 version to 5.9
TBR=machenbach@chromium.org
NOTRY=true

Review-Url: https://codereview.chromium.org/2723863005
Cr-Commit-Position: refs/heads/master@{#43536}
2017-03-02 11:09:43 +00:00
clemensh
fa8dba0e86 [wasm] Several unrelated cleanups
Most are minor performance optimizations that aggregated while implementing
other changes. Those fixes will probably not be visible in perf graphs, but
they bothered me anyway.

R=titzer@chromium.org, ahaas@chromium.org

Review-Url: https://codereview.chromium.org/2714373003
Cr-Commit-Position: refs/heads/master@{#43535}
2017-03-02 10:42:22 +00:00
clemensh
9fd418b96a [wasm] Exit loop once wasm code in JS_TO_WASM is found
This is a minor performance optimization. Instead of iterating the
relocation information till the end, we exit the loop once we found the
call to wasm code.

R=titzer@chromium.org, ahaas@chromium.org

Review-Url: https://codereview.chromium.org/2717973003
Cr-Commit-Position: refs/heads/master@{#43534}
2017-03-02 10:21:08 +00:00
mic.besace
c5c570f0c0 [build] Fix gyp files for building inspector
This patch fixes compilation of V8 with inspector on Windows as well as
cross-compilation of the V8 inspector.

BUG=

Refs: https://github.com/nodejs/node/pull/10992
Review-Url: https://codereview.chromium.org/2705423003
Cr-Commit-Position: refs/heads/master@{#43533}
2017-03-02 09:55:56 +00:00
clemensh
4cbac8ffb2 [compiler] Make ahaas@ and clemensh@ owners for wasm-*
R=titzer@chromium.org, mstarzinger@chromium.org
CC=ahaas@chromium.org
NOTRY=true

Review-Url: https://codereview.chromium.org/2727863003
Cr-Commit-Position: refs/heads/master@{#43532}
2017-03-02 09:24:36 +00:00
loorongjie
802d367df2 Remove unused GetRootNaN
BUG=v8:6005

Review-Url: https://codereview.chromium.org/2726853006
Cr-Commit-Position: refs/heads/master@{#43531}
2017-03-02 09:08:12 +00:00
Camillo Bruni
ebbc60703a [tools] Various fixes for callstats.html
- sort group entries properly
- show graphs by default
- do not render the graphs twice

Change-Id: I8af48b5ddf87aad3dd17bc856b7a0f883ee41058

NOTRY=true

Change-Id: I8af48b5ddf87aad3dd17bc856b7a0f883ee41058
Reviewed-on: https://chromium-review.googlesource.com/447977
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43530}
2017-03-02 09:01:57 +00:00
v8-autoroll
0ce9e1e84a Update V8 DEPS.
Rolling v8/build: 2d722d1..2930f01

Rolling v8/third_party/catapult: 4a91697..b068264

Rolling v8/third_party/instrumented_libraries: 5b6f777..f68b0bb

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Change-Id: Ic392ebcb1b46a17cdd436c21a06b24e0f3e96512
Reviewed-on: https://chromium-review.googlesource.com/448003
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43529}
2017-03-02 04:26:11 +00:00
bbudge
f3d26d3d55 [WASM] Fix failing Wasm SIMD F32x4 tests.
- Perform lane checks using FP compare instead of reinterpret casts. 0 and -0
will be different under I32 compare.
- Some arithmetic operations can generate NaN results, such as adding -Inf
and +Inf. Skip these tests until we have a way to do more sophisticated
FP comparisons in the SIMD tests.
- Eliminate a redundant F32x4 parameter for FP SIMD vector checking. We will only have this one FP type.

LOG=N
BUG=v8:6020

Review-Url: https://codereview.chromium.org/2594043002
Cr-Original-Commit-Position: refs/heads/master@{#42154}
Committed: 5560bbb498
Review-Url: https://codereview.chromium.org/2594043002
Cr-Commit-Position: refs/heads/master@{#43528}
2017-03-01 23:31:47 +00:00
jyan
16bbc2fa43 s390: optimize for int 64-bit operation and cleanup
R=joransiu@ca.ibm.com, bjaideep@ca.ibm.com

Review-Url: https://codereview.chromium.org/2722313003
Cr-Commit-Position: refs/heads/master@{#43527}
2017-03-01 23:30:21 +00:00
Marja Hölttä
12c2c15310 [parser] Skipping inner funcs: arrow functions now work too.
BUG=v8:5516
R=verwaest@chromium.org

Change-Id: I1bb88e981b81fec85ba6da314e3be927085e6e76
Reviewed-on: https://chromium-review.googlesource.com/447438
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43526}
2017-03-01 20:21:06 +00:00
bmeurer
0b3e554e03 Revert of [wasm] Initial signal handler (patchset #56 id:1090001 of https://codereview.chromium.org/2371833007/ )
Reason for revert:
Breaks tree, i.e. https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20ASAN/builds/18928/steps/Check/logs/grow-memory

Original issue's description:
> [wasm] Initial signal handler
>
> This is basically the minimum viable signal handler for Wasm bounds checks.
> It includes the TLS check and the fine grained instructions checks. These
> two checks provide most of the safety for the signal handler. Future CLs will
> add code range and data range checks for more robustness.
>
> The trap handling code and data structures are all in src/trap-handler, with
> the code that actually runs in the signal handler confined to
> src/trap-handler/signal-handler.cc.
>
> This changes adds a new V8 API that the embedder should call from a signal
> handler that will give V8 the chance to handle the fault first. For hosts that
> do not want to implement their own signal handler, we include the option to
> install a simple one. This simple handler is also used for the tests.
>
> When a Wasm module is instantiated, information about each function is passed
> to the trap handler, which is used to classify faults. These are removed during
> the instance finalizer.
>
> Several future enhancements are planned before turning this on by default.
> Obviously, the additional checks will be added to MaybeHandleFault. We are
> also planning to add a two-level CodeObjectData table that is grouped by
> isolates to make cleanup easier and also reduce potential for contending on
> a single data structure.
>
> BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277
>
> Review-Url: https://codereview.chromium.org/2371833007
> Cr-Commit-Position: refs/heads/master@{#43523}
> Committed: a5af7fe9ee

TBR=ahaas@chromium.org,bradnelson@google.com,hpayer@chromium.org,jochen@chromium.org,mark@chromium.org,mseaborn@chromium.org,titzer@chromium.org,eholk@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277

Review-Url: https://codereview.chromium.org/2723133003
Cr-Commit-Position: refs/heads/master@{#43525}
2017-03-01 19:47:27 +00:00
titzer
19f24d6ef5 [wasm] Better error message for exceeding module size limits.
R=mtrofin@chromium.org
BUG=chromium:695388

Review-Url: https://codereview.chromium.org/2724053002
Cr-Commit-Position: refs/heads/master@{#43524}
2017-03-01 19:46:04 +00:00
eholk
a5af7fe9ee [wasm] Initial signal handler
This is basically the minimum viable signal handler for Wasm bounds checks.
It includes the TLS check and the fine grained instructions checks. These
two checks provide most of the safety for the signal handler. Future CLs will
add code range and data range checks for more robustness.

The trap handling code and data structures are all in src/trap-handler, with
the code that actually runs in the signal handler confined to
src/trap-handler/signal-handler.cc.

This changes adds a new V8 API that the embedder should call from a signal
handler that will give V8 the chance to handle the fault first. For hosts that
do not want to implement their own signal handler, we include the option to
install a simple one. This simple handler is also used for the tests.

When a Wasm module is instantiated, information about each function is passed
to the trap handler, which is used to classify faults. These are removed during
the instance finalizer.

Several future enhancements are planned before turning this on by default.
Obviously, the additional checks will be added to MaybeHandleFault. We are
also planning to add a two-level CodeObjectData table that is grouped by
isolates to make cleanup easier and also reduce potential for contending on
a single data structure.

BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277

Review-Url: https://codereview.chromium.org/2371833007
Cr-Commit-Position: refs/heads/master@{#43523}
2017-03-01 18:02:13 +00:00
Eric Holk
d6808c0f9c [wasm] compile fuzzer: initialize temporary before filling.
BUG= https://bugs.chromium.org/p/chromium/issues/detail?id=697191

Change-Id: I01ddd6824b1a79d86944ac766f5c2070e9b0c244
Reviewed-on: https://chromium-review.googlesource.com/448317
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Eric Holk <eholk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43522}
2017-03-01 17:33:29 +00:00
jbroman
a927f81c7c [ValueSerializer] Allow wire format versions beginning with 13 to be deserialized in non-legacy mode.
As of version 13, delegates do not need to worry about colliding tags with the
tags reserved by v8, since v8 inserts a "host object" prefix beforehand. Thus
the format is now suitable for more general use, without opting into the "legacy"
mode that had this caveat.

Review-Url: https://codereview.chromium.org/2722213002
Cr-Commit-Position: refs/heads/master@{#43521}
2017-03-01 16:34:02 +00:00