Commit Graph

58698 Commits

Author SHA1 Message Date
Santiago Aboy Solanes
f5e7363561 Reland "[ptr-compr] Storing a Tagged value stores the lower 32 bits"
This is a reland of 9b1e174f85c42d6efd5481e9153dbf593e2b3f1e\

Reverted for a test failure that was unrelated to this CL. It was fixed in
https://chromium-review.googlesource.com/c/v8/v8/+/1845223.

Original change's description:
> [ptr-compr] Storing a Tagged value stores the lower 32 bits
>
> This CL changes the Tagged stores when pointer compression is enabled.
> It shouldn't affect anything for the time being since if we have pointer
> compression enabled, we are going to be storing Compressed values. Later,
> we will eliminate the Compressed representation and that it's where it
> will come into effect.
>
> The Arm64 side of the CL looks bigger since we eliminated the opcode in
> https://chromium-review.googlesource.com/c/v8/v8/+/1803345.
>
> Bug: v8:7703
> Change-Id: Ic4afbff9646b5d058adb9619b20ccccb3f5aed45
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1822044
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64133}

Bug: v8:7703
Change-Id: I7775e90c36f180adb0484b22eaf3918d9c012b77
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1845219
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64156}
2019-10-08 09:37:16 +00:00
Thibaud Michaud
874609cb87 [regalloc] Enable control-flow aware allocation
R=neis@chromium.org

Bug: v8:9088
Change-Id: I869e3b3b5426bbf0097096f5819a4debd91afcf0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1844782
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64155}
2019-10-08 08:50:06 +00:00
Jakob Gruber
cca5ada9fe [regexp] Fix UB (signed left shift) in peephole optimizer
Left-shifting a variable of signed type containing a negative value is
undefined behavior.

Bug: chromium:1010465,v8:9330
Change-Id: Ide524f87a7d76f906f6034de4c6605df150c66a8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1847151
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64154}
2019-10-08 08:34:26 +00:00
Clemens Backes
cea0ebcce1 Skip wasm/many-modules test on a stress bot
The test creates 10000 modules, which runs in less then one second in
release builds, but can take much longer with stress flags and on
special bots.
It timed out on the tsan isolates bot in a variant passing
--stress-wasm-code-gc.
Since the test should only verify that we support more than 1000
modules in a single isolate, we do not need to run it in that variant.
Thus just skip it.

R=fgm@chromium.org

Bug: v8:9814
Change-Id: Ie3a4f62a053b1f7cff2c2206f39ddd71a533ae3e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1845229
Reviewed-by: Francis McCabe <fgm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64153}
2019-10-08 08:03:25 +00:00
v8-ci-autoroll-builder
432026ac6f Update V8 DEPS.
Rolling v8/build: 359f95f..5c36051

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/ddbd321..cd2fb1e

Rolling v8/third_party/depot_tools: c9256e1..e7ae514

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: I943bdc1b17988202de69dc861d74c686f913c2e3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1846971
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#64152}
2019-10-08 03:42:32 +00:00
Deepti Gandluri
0de2c4ae63 [arm64-simulator] Disable load poison disasm tests
Bug: v8:9820
Change-Id: Ie9f00b18b7bfe7d16778f053d43dd368a960cc62
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1845689
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64151}
2019-10-07 23:09:27 +00:00
Michael Lippautz
3677468397 [api, heap] Implement TracedReference
TracedGlobalTrait was unable to override v8::TracedGlobal<v8::Object> for
avoiding the destructor because it is needed on the API surface itself and C++
ODR which prohibits specialization after template instantiation.

Avoid this problem by providing a separate type TracedReference
that, similar to TracedGlobal, is purely traced but avoids the destructor
completely. This only works for embedders that have their memory management
tied to V8 as it is prone to accessing already reclaimed objects otherwise.

Bug: chromium:995684
Change-Id: Iab4332ed417b26c58638a8f9389174cc355a305b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1840972
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64150}
2019-10-07 22:34:54 +00:00
Frank Tang
a0bd6602c3 [test] Remove incorrect expectation
Remove test expectations whose behavior is not specified or contradicts
the Stage 3 PR https://github.com/tc39/ecma402/pull/349 which we plan
to land soon.

The Chinese calendar (and other calendars) now need to choose
different patterns for non-default calendars to support the correct
behavior.

Bug: v8:9320
Change-Id: Ia84e0eb1f7244b0d2d252071cf985d97f2acec58
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1838437
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64149}
2019-10-07 22:33:49 +00:00
Tobias Tebbi
782322fecc [torque] allow untagged builtin parameters
For this, all Torque stub-linkage builtins use TFC instead of TFS,
with a custom descriptor added to interface-descriptors.h

To avoid having complex logic in the generated code, the new class
TorqueInterfaceDescriptor contains the logic to create a
CallInterfaceDescriptor from a signature consisting of TNode types.

As an example and test, this CL ports StringCharAt to Torque.

Bug: v8:7793
Change-Id: I8339d2ad6e4f908ebdc3b8d30244e4bcbd974f21
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1798427
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64148}
2019-10-07 22:32:44 +00:00
Frank Tang
d22b954c0e [Intl] Add test for calendar of formatRange
Bug: v8:9812
Change-Id: I222b9c3c8c87e83b61009c84e2ab0499187308e0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1842623
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64147}
2019-10-07 22:31:39 +00:00
Irina Yatsenko
4f0f635391 Unit tests for remembered set after removal of the store buffer
Change-Id: Ibbcd91115c21e3513602a039ebb68a0107a4022f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1829172
Commit-Queue: Irina Yatsenko <irinayat@microsoft.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64146}
2019-10-07 22:30:34 +00:00
Michael Lippautz
994b64c024 GCExtension: Provide fast path when called with no arguments
Bug: chromium:1005073
Change-Id: I300fd4ef272c0b69dade195048c11a828ac46203
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1845411
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64145}
2019-10-07 17:30:40 +00:00
Igor Sheludko
340868769c [ptr-compr] Set isolate root to the beginning of a 4Gb reservation
With the smi-corrupting decompression approach we don't have to sign
extend Smis anymore and therefore we can switch to zero extending
approach by moving the isolate root to the beginning of the reserved
4Gb region.

Bug: v8:9706
Change-Id: Icd6008fa87d0924519b574fdec445976f742e306
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1835548
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64144}
2019-10-07 17:26:30 +00:00
Santiago Aboy Solanes
bea464ba84 [turboprop] Disable Float poisoning test
Bug: v8:9684
Change-Id: I6988579693788d5bbc878c63269fe7c1bec65831
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1845223
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64143}
2019-10-07 16:58:35 +00:00
Seth Brenith
07fc96c0a8 [cleanup][torque] Use @generateCppClass in some simple cases, part 3
Just mechanical conversion to remove boilerplate code. When .tq and .h
files didn't agree on what a field is named, I used the name from the .h
file. In a couple of cases the generated accessor became slightly more
specific (HeapObject instead of Object), and I had to update the code
that uses those accessors accordingly.

Change-Id: Ie3af1590e3889887b167c9d045b07860b01f7d15
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1776479
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#64142}
2019-10-07 16:17:06 +00:00
Junliang Yan
0cbbb88dfa [regexp] Disable regexp peephole optimization on Big-Endian
Disable because it's not yet supported on BE

Bug: v8:9330
Change-Id: Ia850801d410d3eeaccf9933dd2669f6077e2919c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1834904
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#64141}
2019-10-07 15:09:38 +00:00
Dominik Inführ
35e73840ad [heap] Remove pre-freeing from TypedSlotSet
TypedSlotSet is only recorded for code pages. Code pages are not swept
concurrently to the application, so pre-freeing is not needed for typed
slot sets anymore.

Also replaces the manually allocated buffer with a regular std::vector.

Bug: v8:9454
Change-Id: I901851ad8b525c1653c9818e6599308319aeade2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1844773
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64140}
2019-10-07 15:03:58 +00:00
Maya Lekova
e25cdf24bb Revert "[ptr-compr] Storing a Tagged value stores the lower 32 bits"
This reverts commit 9b1e174f85.

Reason for revert: Breaks arm64 sim debug build - https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20debug/17609

Original change's description:
> [ptr-compr] Storing a Tagged value stores the lower 32 bits
> 
> This CL changes the Tagged stores when pointer compression is enabled.
> It shouldn't affect anything for the time being since if we have pointer
> compression enabled, we are going to be storing Compressed values. Later,
> we will eliminate the Compressed representation and that it's where it
> will come into effect.
> 
> The Arm64 side of the CL looks bigger since we eliminated the opcode in
> https://chromium-review.googlesource.com/c/v8/v8/+/1803345.
> 
> Bug: v8:7703
> Change-Id: Ic4afbff9646b5d058adb9619b20ccccb3f5aed45
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1822044
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64133}

TBR=neis@chromium.org,jgruber@chromium.org,solanes@chromium.org

Change-Id: I901f0802b40144492594f293657f7f2b58dc32cf
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7703
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1845217
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64139}
2019-10-07 14:48:21 +00:00
Hans Wennborg
92f56942ae Enable v8_use_snapshot by default for 64-bit Windows cross builds
It was disabled because it didn't use to work, but it does now, see bugs.

Bug: chromium:803591, v8:9736
Change-Id: I53a04199f001b436bd5a247b51cd7c25e3a6e990
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1844776
Commit-Queue: Hans Wennborg <hans@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Hans Wennborg <hans@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64138}
2019-10-07 14:33:32 +00:00
Clemens Backes
eb7a36be47 [wasm] Replace RecursiveMutex by Mutex
Some of the methods in {WasmCodeAllocator} can be called either without
holding the lock, or while already holding it. In order to support both
situations, we used a {RecursiveMutex} so far.
This CL refactors this to be a simple {Mutex} again, and passes a
{WasmCodeAllocator::OptionalLock} object which stores whether the lock
is already held or not.
Note that getting the lock twice fails immediately in debug builds,
while forgetting to get the lock might only fail on TSan.

The alternative would be to duplicate all methods, having one variant
that expects that the lock is held and one that assume that it's
unlocked. It would be multiple methods though to duplicate across both
{NativeModule} and {WasmCodeAllocator}, hence I went for the
{OptionalLock} instead.

Bug: v8:9477

R=mstarzinger@chromium.org

Change-Id: I4e32286cdb93385ac655d408191b330efdd7ad66
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1825338
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64137}
2019-10-07 14:20:17 +00:00
Joey Gouly
c8ebe89d06 [arm64][asan] Add missing CLEANUP to test
Found while testing with asan.

Change-Id: I82529422770653535aae148a4acc6089c5a4fee7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1844786
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
Cr-Commit-Position: refs/heads/master@{#64136}
2019-10-07 14:19:13 +00:00
Igor Sheludko
0910613a08 [ptr-compr][turbofan][x64] Improve comparisons with compressed heap objects
So Word32Equal(YYY, CompressedHeapConstant(XXX)) is now generated as
  cmpl [r13+0xXXX], rYYY

instead of
  movq rXXX,[r13+0xXXX]
  cmpl rYYY, rXXX

Bug: v8:8948
Change-Id: I346c3e9bdb17ae5443e9e488da0eefa07e391b33
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1841353
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64135}
2019-10-07 14:02:22 +00:00
Thibaud Michaud
0759c506e2 [wasm] Support multi-value in JS to JS wrappers
R=mstarzinger@chromium.org

Bug: v8:9492
Change-Id: Ie404eb6cb07ea033a10d29dd1b9aba6cb1f03b69
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1826663
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64134}
2019-10-07 13:29:31 +00:00
Santiago Aboy Solanes
9b1e174f85 [ptr-compr] Storing a Tagged value stores the lower 32 bits
This CL changes the Tagged stores when pointer compression is enabled.
It shouldn't affect anything for the time being since if we have pointer
compression enabled, we are going to be storing Compressed values. Later,
we will eliminate the Compressed representation and that it's where it
will come into effect.

The Arm64 side of the CL looks bigger since we eliminated the opcode in
https://chromium-review.googlesource.com/c/v8/v8/+/1803345.

Bug: v8:7703
Change-Id: Ic4afbff9646b5d058adb9619b20ccccb3f5aed45
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1822044
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64133}
2019-10-07 13:28:26 +00:00
Santiago Aboy Solanes
ca1259fcac [ptr-compr][arm64] Temporarily enable pointer compression on arm64
... and make sure that the arm64 ptr-compr bots proceed testing V8 without
pointer compression in order to keep testing the other config.

Bug: v8:7703
Change-Id: I0017345273d5328d95a338064dd80b44974c1c53
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1844780
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64132}
2019-10-07 13:27:21 +00:00
Clemens Backes
71bd1461ae Fix overlap check in {CopyChars} and use {std::copy_n} unconditionally
This CL fixes the overlap check by using {<=} instead of {<}. This
allows us to always use {std::copy_n}, which should fall back to
{memcpy} internally (instead of the potentially slower {memmove} we
were using before).
This might also fix the regressions seen mostly on atom CPUs.

R=leszeks@chromium.org

Bug: chromium:1006157
Change-Id: Ib61048d65e99a9e7edac5ed894ceaf9e26ad4409
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1844781
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64131}
2019-10-07 12:30:49 +00:00
Dan Elphick
cf182b05b7 [cleanup] Remove dead code related to side-effect checks
Removes CodeStubAssembler::GotoIfDebugExecutionModeChecksSideEffects and
associated test as well as the PerformSideEffectCheckForObject runtime
function.

Bug: v8:9396
Change-Id: Id7748be8fbf1d633f759fef8751ddca13a21748c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1824937
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64130}
2019-10-07 12:11:49 +00:00
Clemens Backes
44c3b7b518 [wasm] Fix regression caused by multiple code spaces
The {GetNearRuntimeStubEntry} and {GetNearCallTargetForFunction}
functions need to find the code space that contains the current
function. This lookup requires a lock and is non-trivial. The repeated
lookup caused severe regressions.

This CL introduces a {JumpTablesRef} struct which holds information
about the jump tables to use. It can be looked up once and then used
for a whole function or even several functions within the same code
space (in {NativeModule::AddCompiledCode} which adds a whole vector of
compilation results).

This fixes the regressions.

R=ahaas@chromium.org

Bug: chromium:1004262, v8:9477
Change-Id: I50bd8327a131e3bee79d86b6d7e867a506959312
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1840153
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64129}
2019-10-07 11:46:59 +00:00
Joey Gouly
8ca191b6cb [tests] Fix subobject-linkage error when building with GCC
Placing these tests in anonymous namespaces, is the suggested fix
according to the GCC documentation.

The GCC documentation states: "If a type A depends on a type B with no or
 internal linkage, defining it in multiple translation units would be an
ODR violation because the meaning of B is different in each translation unit.
If A only appears in a single translation unit, the best way to silence the
warning is to give it internal linkage by putting it in an anonymous namespace as well."

Change-Id: I69a1e9b5f1789e9a7a62c762cd499809a72e0ea5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1836255
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64128}
2019-10-07 11:11:39 +00:00
Clemens Backes
d1799e3b28 [cleanup] Remove unneeded functor
Because of a GCC bug we needed to use a functor instead of a constexpr
function. Since we do not support gcc before version 5 any more, this
can be cleaned up now.

R=jkummerow@chromium.org

Bug: v8:9396
Change-Id: I848c5a25e1d5fa44a1497b06826f9a59b93ed695
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1835543
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64127}
2019-10-07 10:49:19 +00:00
Dominik Inführ
b31bf8aa71 [heap] Insert directly into RememberedSet and remove StoreBuffer
This CL removes the StoreBuffer and inserts slots into the
RememberedSet directly from within the RecordWrite builtin. Only calls
into C code when either the SlotSet-array or the bucket is not
allocated. This avoids filling the store buffer up with duplicates or
due to a write-heavy workload and then blocking the main thread on
store buffer processing.

The first CL (https://crrev.com/c/1815241) got reverted, because
mksnapshot was using a different size for SlotSet than the final
binary on ARM. This is fixed now, SlotSet has a standard layout.

Bug: v8:9454
Change-Id: I881641f4ee08a8b42c36fdca8733138b908096bd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1842452
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64126}
2019-10-07 10:19:53 +00:00
Dan Elphick
427a2fd5a9 [parser] Fix preparsing of modules containing labels
Fixes spurious DCHECK triggering due to bug introduced in
https://chromium-review.googlesource.com/c/v8/v8/+/1836258.

Bug: chromium:1011596
Change-Id: Ia3b1eb25d326e465b3239f191aad11d90a2e56a8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1844777
Reviewed-by: Sathya Gunasekaran  <gsathya@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64125}
2019-10-07 10:18:14 +00:00
Mathias Bynens
65940f4369 [regexp] Remove UseCounter for matchAll with non-g RegExp
We've gathered sufficient data, so the use counter can now be removed
again.

The use counter was originally added here:

- V8 CL: https://chromium-review.googlesource.com/c/v8/v8/+/1718145
- Chromium CL: https://chromium-review.googlesource.com/c/chromium/src/+/1718367

The Chromium plumbing was removed here:
https://chromium-review.googlesource.com/c/chromium/src/+/1839851

BUG=v8:9551

Change-Id: I829a0fe34d9ebade1403cb4d1c0b9c997f125074
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1844774
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64124}
2019-10-07 09:04:23 +00:00
Michael Achenbach
e6c1385129 [foozzie] Correctness-compare pointer compression build
This adds a fake toolchain for pointer compression, used for
correctness fuzzing. The toolchain enables us to have an extra build
with inverse pointer-compression defaults side-by-side.

The extra build is used similarly to existing x64/x86 comparisons,
except that we now compare builds with different compile-time flags.

Change-Id: I75491371262204b86eaa006ca8d04848f49121ac
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1829275
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64123}
2019-10-07 07:58:42 +00:00
Michael Achenbach
43cc21a117 [test] Replace deprecated test262 test config entry
The entries test262_variants and test262 are now equal after previous changes.
This switches all to test262 to prepare removing the former.

Bug: v8:9791
Change-Id: I677ea36798556e1aeed8bc11c3272804141e1eb8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1835539
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64122}
2019-10-07 07:57:37 +00:00
v8-ci-autoroll-builder
2fd3e180ad Update V8 DEPS.
Rolling v8/build: f60b4e5..359f95f

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: I89fce2878ea8bfa1fa5803220bc9446e17767f55
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1844552
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#64121}
2019-10-07 03:46:55 +00:00
v8-ci-autoroll-builder
39962a4912 Update V8 DEPS.
Rolling v8/build: cf8d1d9..f60b4e5

Rolling v8/third_party/depot_tools: d696f20..c9256e1

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: I8d3ee4364b25a6176865dd8a0d227465a9e6da17
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1843093
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#64120}
2019-10-06 03:31:07 +00:00
v8-ci-autoroll-builder
d9fa5bce27 Update V8 DEPS.
Rolling v8/build: 90168ea..cf8d1d9

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/8305659..ddbd321

Rolling v8/third_party/depot_tools: f3c5fef..d696f20

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: Ibfd3dc3fdeb38aec3ab5bdcad4d58163d2ad66c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1842077
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#64119}
2019-10-05 03:33:49 +00:00
Ng Zhi An
8214bea687 [wasm-simd] Implement f64x2 add sub mul div for ia32
Bug: v8:9728
Change-Id: Ie769ae0431b7924a4b8f8858681d57e92c00f4b3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1808400
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64118}
2019-10-04 21:10:54 +00:00
Ng Zhi An
d05b2d3e3d Unify assembler for packed double-precision floats
We reuse PACKED_OP_LIST to generate *pd instructions. Introduce a new pd
base method, similar to ps and vps.

Bug: v8:9396
Change-Id: Id9d81c22c9110935484fd929ef7bf5cc20e9ae7e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1834767
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64117}
2019-10-04 20:39:32 +00:00
Michael Lippautz
fe78dd71a7 [api] Advance deprecations in EmbedderHeapTracer
Change-Id: I0751c1761a2d07dd89d831ca6370ae01bc569b6a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1841351
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64116}
2019-10-04 19:05:12 +00:00
Igor Sheludko
a1e73fd6af [ptr-compr][arm64] Set kRootRegisterBias to zero
... in order to improve performance of decompression code on C++ side
(because computation of isolate root from isolate pointer becomes a trivial
reinterpret cast) and measure the impact separately from other ptr-compr
changes.

Bug: v8:9353
Change-Id: I36906cef2968355411ee944d97625ecd2652646b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1835550
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64115}
2019-10-04 15:30:26 +00:00
Dominik Inführ
3aeadaac22 [heap] Remove pre-freeing of SlotSet buckets
Now that sweeping uses its own RememberedSet, pre-freeing of empty
buckets is not necessary anymore. Mutator inserts into a different
remembered set, than the sweeper removes slots from.

Bug: v8:9454
Change-Id: I65d046926aa82aeb9eca7694e6a7eff1331d7e01
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1835547
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64114}
2019-10-04 15:14:45 +00:00
Milad Farazmand
b2411f9325 PPC/s390: [builtins] Tweak optimized check in InterpreterEntryTrampoline
Port 7177d87fb0

Original Commit Message:

    Reorders the Smi check and the empty OptimizationMarker check as the
    latter implies the first and means there is now just a single comparison
    on the fast path.

R=delphick@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I4129e8d710d25fb1df02742816ab3b56430a7523
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1841611
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#64113}
2019-10-04 15:07:35 +00:00
Georg Neis
a6b0756d87 [turbofan] Move GetPropertyCell to JSGlobalObjectRef
It was on JSGlobalProxyRef but in reality the property cells exist in
the global object, not in the global proxy.

Bug: v8:7790
Change-Id: Ia7bd5731c730db09602a1aec61b64b1355abf6a0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1841352
Commit-Queue: Georg Neis <neis@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64112}
2019-10-04 14:48:58 +00:00
Igor Sheludko
0c4852c413 Reland "[ptr-compr] Disable double fields unboxing"
This is a reland of b271ea3c94

The failing arm64 disasm poison test was fixed.

Original change's description:
> [ptr-compr] Disable double fields unboxing
>
> Double field unboxing optimization is incompatible with pointer compression so
> we land this CL before enabling pointer compression in order to separate memory
> and performance regressions caused by disabled double field unboxing from
> pointer compression change.
>
> Bug: v8:9799
> Change-Id: Ic8118356496a3f351344215b409f9722de6c9355
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1835546
> Commit-Queue: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64089}

Tbr: verwaest@chromium.org
Cq-Include-Trybots: luci.v8.try:v8_linux_arm64_dbg
Bug: v8:9799
Change-Id: Ib7c126d70859537c3d0bce54a49f23909c14a6ab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1840411
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64111}
2019-10-04 14:07:06 +00:00
Dan Elphick
7177d87fb0 [builtins] Tweak optimized check in InterpreterEntryTrampoline
Reorders the Smi check and the empty OptimizationMarker check as the
latter implies the first and means there is now just a single comparison
on the fast path.

Bug: v8:9771
Change-Id: Ibba1f322944b17186842983e227684b301ed5f31
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1833683
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64110}
2019-10-04 13:12:38 +00:00
Mike Stanton
18a8548d2f [TurboFan] Add DCHECK to FunctionBlueprint equality
A slow dcheck can verify that hints are equal for the same
SharedFunctionInfo+FeedbackVector combo.

Bug: v8:7790
Change-Id: I43dcacf19c857770b609d13c310835a873c814fe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1835952
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64109}
2019-10-04 12:58:23 +00:00
Georg Neis
1200f3c95b [turbofan] Be smarter when serializing function calls
Recursively serialize arguments to higher-order functions if
appropriate. This should recover all or most of the Deltablue
regression with --concurrent-inlining. It is also a prerequisite to
allowing speculation in the call reducer for these situations.

Bug: v8:7790, v8:9702
Change-Id: I1ac8ac8b8e4dc0f2e19c89aacfb45d18f2df190f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1835541
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64108}
2019-10-04 12:02:27 +00:00
Igor Sheludko
da8bc4a0a8 [ptr-compr][cleanup] Remove branchy decompression implementation
... as the smi-corrupting decompression seems to be stable enough.

Bug: v8:9706
Change-Id: I404924ec4a12b37d8bc3e521c5563aa7e6357dc6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1835544
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64107}
2019-10-04 11:57:17 +00:00