Commit Graph

49483 Commits

Author SHA1 Message Date
Frank Tang
b27c3736c1 [Intl] Implement Intl.ListFromat format() and formatToParts().
Spec: http://tc39.github.io/proposal-intl-list-format/

Design Doc:  go/add-intl.listformat-to-v8

Test: intl/list-format/*

R=gsathya@chromium.org, mvstanton@chromium.org

Bug: v8:7871
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I820c205ca842c228ffe37f7e1648667f30f80bd8
Reviewed-on: https://chromium-review.googlesource.com/1126683
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54991}
2018-08-08 23:52:27 +00:00
Sergiy Byelozyorov
684d085640 Checkout mac_toolchain on Mac V8 builders
R=machenbach@chromium.org

Bug: chromium:863607
Change-Id: I999770d1dafbafe8bbe60b575a940f6feb90fae0
Reviewed-on: https://chromium-review.googlesource.com/1165551
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54990}
2018-08-08 19:48:40 +00:00
Michael Achenbach
6ac0d41d96 [CQ] Remove mips builders from CQ
NOTRY=true

Bug: chromium:872230
Change-Id: I15534f533e43cd4bdeedcdac204776178886c48d
Reviewed-on: https://chromium-review.googlesource.com/1166916
Reviewed-by: Michael Hablich <hablich@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54989}
2018-08-08 18:03:14 +00:00
Deepti Gandluri
d0934c4fc2 Refactor some instruction selector visitors for ia32/x64
Bug: v8:8005
Change-Id: I07774c23a332dac96e30d1bfe471db311de46496
Reviewed-on: https://chromium-review.googlesource.com/1166543
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54988}
2018-08-08 17:41:07 +00:00
Sathya Gunasekaran
62d8a064ab [Intl] Throw when language tag argument to Intl.Locale is empty
Also, fix one spec violation that checked for Name, but should just
check for Strings.

Bug: v8:8032, v8:7684
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ib9ffa48b86b4da6e881eeec4eb24ec623345aae4
Reviewed-on: https://chromium-review.googlesource.com/1167042
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54987}
2018-08-08 15:52:29 +00:00
Sigurd Schneider
44a49a4d01 Revert "[wasm] Publish new code from the background threads."
This reverts commit f991465b42.

Reason for revert: test failure
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux64%20-%20internal%20snapshot/16696

Original change's description:
> [wasm] Publish new code from the background threads.
> 
> R=​clemensh@chromium.org
> BUG=v8:7921
> 
> Change-Id: Ib86cb5f742907b6e54365827facfc765867ca22e
> Reviewed-on: https://chromium-review.googlesource.com/1156384
> Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54985}

TBR=mstarzinger@chromium.org,clemensh@chromium.org

Change-Id: Id7b0f8ec208a0117f386e6e809ebe61125cf1119
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7921
Reviewed-on: https://chromium-review.googlesource.com/1167522
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54986}
2018-08-08 15:44:57 +00:00
Michael Starzinger
f991465b42 [wasm] Publish new code from the background threads.
R=clemensh@chromium.org
BUG=v8:7921

Change-Id: Ib86cb5f742907b6e54365827facfc765867ca22e
Reviewed-on: https://chromium-review.googlesource.com/1156384
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54985}
2018-08-08 15:28:27 +00:00
Simon Zünd
ce206503bc [array] Add basic js-perf benchmarks for Array.p.copyWithin
This CL adds basic JS benchmarks for Array.p.copyWithin to get some
feedback for the upcoming Torque implementation.

R=jgruber@chromium.org

Bug: v8:7624
Change-Id: Ic193a2b576d5fb7ac9f39db0379cece9144f979f
Reviewed-on: https://chromium-review.googlesource.com/1167289
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#54984}
2018-08-08 15:05:16 +00:00
Predrag Rudic
96784a45e8 MIPS[64] Optimization to LongBranchAndLink PIC
Also, since trampoline code is position independent now,
these builtins can be deleted from this list of Isolate dependent
builtins.

Bug: v8:7882
Change-Id: Ie65f739ebd3136993548e9737b22e7de0f09bf25
Reviewed-on: https://chromium-review.googlesource.com/1163513
Reviewed-by: Ivica Bogosavljevic <ibogosavljevic@wavecomp.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Ivica Bogosavljevic <ibogosavljevic@wavecomp.com>
Cr-Commit-Position: refs/heads/master@{#54983}
2018-08-08 14:59:57 +00:00
Jaroslav Sevcik
bba36e19fb [turbofan] Optimistic slack tracking completion.
The idea is to compute the slack before compilation start. Then
we check that the slack tracking decision is the same at the end
of compilation. If it is, we just commit to that slack tracking
(by calling function->CompleteInobjectSlackTrackingIfActive).
If the slack tracking decision changed, we will retry the compilation.

This has several pieces:
- Expose computation of slack and instance size from the object model.
- Add compilation dependency on the slack tracking result.
- Change create lowering to use the dependency.
- Fix array creation to use the slack tracking result's instance
  size.

Bug: v8:7790
Change-Id: Id975300cfd6c1786733cd7cbf55cc507c05738b2
Reviewed-on: https://chromium-review.googlesource.com/1164957
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54982}
2018-08-08 14:55:22 +00:00
Marja Hölttä
0a71946912 [in-place weak refs] Use in-place weak refs in literals_map
This also allows us to get rid of Context::self_weak_cell.

BUG=v8:7308

Change-Id: I1b450385b674a4ad90c116648880fcbce6454c55
Reviewed-on: https://chromium-review.googlesource.com/1167186
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54981}
2018-08-08 14:42:24 +00:00
Junliang Yan
a27871d527 PPC/s390: Reland "[turboassembler] Introduce hard-abort mode"
Port d324382e1c

and

Port bd3f0a684b

Original Commit Message:

    This is a reland of a462a7854a

    Original change's description:
    > [turboassembler] Introduce hard-abort mode
    >
    > For checks and assertions (mostly for debug code, like stack alignment
    > or zero extension), we had two modes: Emit a call to the {Abort}
    > runtime function (the default), and emit a debug break (used for
    > testing, enabled via --trap-on-abort).
    > In wasm, where we cannot just call a runtime function because code must
    > be isolate independent, we always used the trap-on-abort behaviour.
    > This causes problems for our fuzzers, which do not catch SIGTRAP, and
    > hence do not detect debug code failures.
    >
    > This CL introduces a third mode ("hard abort"), which calls a C
    > function via {ExternalReference}. The C function still outputs the
    > abort reason, but does not print the stack trace. It then aborts via
    > "OS::Abort", just like the runtime function.
    > This will allow fuzzers to detect the crash and even find a nice error
    > message.
    >
    > Even though this looks like a lot of code churn, it is actually not.
    > Most added lines are new tests, and other changes are minimal.
    >
    > R=mstarzinger@chromium.org
    >
    > Bug: chromium:863799
    > Change-Id: I77c58ff72db552d49014614436259ccfb49ba87b
    > Reviewed-on: https://chromium-review.googlesource.com/1142163
    > Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
    > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
    > Cr-Commit-Position: refs/heads/master@{#54592}

R=clemensh@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I60023470fa07576fd313f628ade06e279d5f4927
Reviewed-on: https://chromium-review.googlesource.com/1165822
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54980}
2018-08-08 14:41:22 +00:00
Michael Lippautz
872b733ffc [heap] Create untangled entry for elements write barrier
Implement independent write barrier for contents of objects.

Change-Id: I739745f524245fa61b2b1cd01263cc8fe3a3d373
Reviewed-on: https://chromium-review.googlesource.com/1152909
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54979}
2018-08-08 14:38:53 +00:00
Camillo Bruni
c0d6659d90 [runtime] Cleanup: Use some more early returns
Change-Id: I5effe97c53ccae3238a452fe2012926db45d2afe
Reviewed-on: https://chromium-review.googlesource.com/1165222
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54978}
2018-08-08 14:03:51 +00:00
Michael Starzinger
b6f525aecc [cleanup] Remove some dead MacroAssembler declarations.
R=sigurds@chromium.org

Change-Id: I7df887f84024831b4c55b3468bd54429280dd14e
Reviewed-on: https://chromium-review.googlesource.com/1167054
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54977}
2018-08-08 13:35:33 +00:00
jgruber
9c5f1abcf5 [builtins] Pad embedded builtins with int3
This fills the padding between builtins in the embedded blob with a
sequence of int3 instructions (ia32,x64).

Drive-by: Unify code zapping. We can add better support for other
architectures later.

Bug: v8:6666
Change-Id: Ibcb120ec18a8062d7527e0c6fe5ca86869c0dad8
Reviewed-on: https://chromium-review.googlesource.com/1167050
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54976}
2018-08-08 13:07:17 +00:00
Marja Hölttä
e2fb86f804 [in-place weak refs] Use in-place weak refs in DependentCode
BUG=V8:7308

Change-Id: I4836aaca1474f08098120e6c17cc2b3bd65c70eb
Reviewed-on: https://chromium-review.googlesource.com/1166914
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54975}
2018-08-08 12:48:18 +00:00
Mike Stanton
ff4fa92e88 [builtins] Enable Torque Array.prototype.splice
Before, splice was implemented with a C++ fast path and a
comprehensive JavaScript version.

This impl. is entirely in Torque with a fastpath for SMI,
DOUBLE and OBJECT arrays, and a comprehensive slow path.
The same level of "sparse" array support as given by the
array.js implementation is included.

Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ibfa3407ed75b9ad15ac54cce446b3952e38f90a9
Reviewed-on: https://chromium-review.googlesource.com/1039190
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54974}
2018-08-08 12:32:35 +00:00
Michael Starzinger
da3c2db949 [cleanup] Unify {AreAliased} predicates.
R=sigurds@chromium.org

Change-Id: I1ca0e215da36400a8817bc8c8912ccfde8eca613
Reviewed-on: https://chromium-review.googlesource.com/1166911
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54973}
2018-08-08 12:06:21 +00:00
Marja Hölttä
e60b983bae [in-place weak refs] Remove unnecessary WeakCell check in IC
The parameter cannot be a WeakCell here anymore.

BUG=v8:7308

Change-Id: Ie96312e0988e801d3bf52368d731e3b0cf9cc2dc
Reviewed-on: https://chromium-review.googlesource.com/1167047
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54972}
2018-08-08 12:05:19 +00:00
Michael Starzinger
ff0473d6ad [wasm][arm] Support concurrent patching of jump table.
This is the port of concurrent jump table patching support to ARM. It
extends the corresponding stress test and changes the encoding of code
targets in jump table slots to use constant pool entries.

R=clemensh@chromium.org
TEST=cctest/test-jump-table-assembler
BUG=v8:8018

Change-Id: I4b709a7f14dace0f4eb9219f995d42ca607bb25f
Reviewed-on: https://chromium-review.googlesource.com/1164952
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54971}
2018-08-08 12:03:25 +00:00
Predrag Rudic
286602a515 MIPS[64] Fix BranchLong PIC optimization
In case of switching from non-optimized to optimized version
of BranchLong macro, we forgot to take the instruction which
is located in the branch delay slot of the unoptimized version
and copy it to branch delay slot of the optimized version.

This CL implements the missing functionality.

Change-Id: I5e4adcccd0e85fd381a97eea8588e07bd8b045ef
Reviewed-on: https://chromium-review.googlesource.com/1165082
Reviewed-by: Ivica Bogosavljevic <ibogosavljevic@wavecomp.com>
Commit-Queue: Ivica Bogosavljevic <ibogosavljevic@wavecomp.com>
Cr-Commit-Position: refs/heads/master@{#54970}
2018-08-08 11:58:03 +00:00
Marja Hölttä
a27cf3d5bf [in-place weak refs] Remove WeakCell helpers from CSA
BUG=v8:7308

Change-Id: Icdbf7e786ce4ac19d73ab8e69bb57c0b19271b33
Reviewed-on: https://chromium-review.googlesource.com/1167043
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54969}
2018-08-08 11:56:58 +00:00
Sergiy Byelozyorov
d652c85c5e [tools] Add v8_pixel2_perf_try to the list of bots that can be triggered
TBR=machenbach@google.om

No-Try: true
Bug: chromium:838864
Change-Id: Ic162e3fbd1c02b62cd8151bb5a598ca25db39d0b
Reviewed-on: https://chromium-review.googlesource.com/1163721
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54968}
2018-08-08 11:48:09 +00:00
Clemens Hammacher
b8a192be52 [cleanup] Remove DCHECK from third_party
DCHECKs (defined in src/logging.h) should not be used in third_party
code. This CL removes the only such use.

R=marja@chromium.org

Bug: v8:7754, v8:7965
Change-Id: I44196bd2d85e459e27c6a897f039f741edf1e2e1
Reviewed-on: https://chromium-review.googlesource.com/1158684
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54967}
2018-08-08 10:47:16 +00:00
Michael Starzinger
13cb050402 [wasm] Fix JumpTableAssembler corrupting surrounding code.
We instantiate the JumpTableAssembler in patching mode (i.e. directly on
existing code without an intermittent buffer). In this mode it is not
possible to record reloc information. This makes sure we no longer just
blindly write into the non-existing buffer.

R=clemensh@chromium.org
BUG=v8:8028

Change-Id: I4abb8f06cf819fef608e901c4740263f0cecd08a
Reviewed-on: https://chromium-review.googlesource.com/1166834
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54966}
2018-08-08 10:34:59 +00:00
Sathya Gunasekaran
363fe1eb66 [Intl] Optimize Intl.Collator
This patch ports most of the Intl.Collator from JS to C++.

The Intl.Collator object no longer stores all the resolved
values. Instead these are looked up on demand as part of
Intl.Collator.prototype.resolvedOptions(), saving several words. In
the future, we can cache the result of the resolvedOptions as well.

In this patch, we use ICU to do parsing of the unicode extension in
the bcp47 language tag instead of using a custom extension parser.

This patch also fixes several spec compliance bugs as well.

Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Iaaa7be4a628404da1bd83d882e04a2c6de70ebd9
Bug: v8:5751, v8:7480
Reviewed-on: https://chromium-review.googlesource.com/1165084
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54965}
2018-08-08 10:21:19 +00:00
Michael Starzinger
18a0a9746f [cleanup] Remove some dead MacroAssembler enums.
R=sigurds@chromium.org

Change-Id: I2f8210a386fa39030c7ffe4c7d0f25bd845c612a
Reviewed-on: https://chromium-review.googlesource.com/1166908
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54964}
2018-08-08 10:04:53 +00:00
Shiyu Zhang
819c984500 [x64] Implement partial constant pool for x64.
Partial constant pool aims at reducing code size and only takes effect for shareable constants.
Different from ARM’s constant pool, partial constant pool does not emit constant pools at the end of each code object. Instead, it keeps the first shareable constant inlined in the instructions and uses rip-relative memory loadings for the same constants in subsequent instructions. These rip-relative memory loadings will target at the position of the first inlined constant. For example:

  REX.W movq r10,0x7f9f75a32c20	  ; 10 bytes
  …
  REX.W movq r10,0x7f9f75a32c20	  ; 10 bytes
  …
turns into

  REX.W movq r10,0x7f9f75a32c20	  ; 10 bytes
  …
  REX.W movq r10,[rip+0xffffff96] ; 7 bytes
  …


Change-Id: I25a417f6d82da96024989bddf0451d7df9340c00
Reviewed-on: https://chromium-review.googlesource.com/1082231
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Shiyu Zhang <shiyu.zhang@intel.com>
Cr-Commit-Position: refs/heads/master@{#54963}
2018-08-08 09:45:37 +00:00
Michael Lippautz
efa7a97408 [heap] Introduce phase for marking wrappers
Introduces a phase for marking wrappers in the atomic pause. The phase
is opportunistic in a sense that it may no catch all wrappers. E.g.
there may be wrappers discovered only after processing ephemerons.

Bug: chromium:843903
Change-Id: Ic55fdcb37e3ff44156e4eca4c1c95919fc3fcd1d
Reviewed-on: https://chromium-review.googlesource.com/1166835
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54962}
2018-08-08 09:32:39 +00:00
Michael Achenbach
de80e94c9a [test] Refactoring - extract Android driver logic from perf runner
This prepares for reusing the driver logic for correctness testing.

NOTRY=true

Bug: chromium:866862
Change-Id: If901ca8552cf48f29e240ed5b52ea7e722e0e1e4
Reviewed-on: https://chromium-review.googlesource.com/1163608
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54961}
2018-08-08 09:12:18 +00:00
Michael Achenbach
daf719789a Revert "[CQ] Temporarily make node bot experimental"
This reverts commit 3c87d28b18.

Reason for revert: Offending test was disabled.

Original change's description:
> [CQ] Temporarily make node bot experimental
> 
> TBR=yangguo@chromium.org
> NOTRY=true
> 
> Bug: v8:8027
> Change-Id: I3d4383dc4e2c0af25d4e51aba4f4d6695030248c
> Reviewed-on: https://chromium-review.googlesource.com/1166823
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54956}

TBR=machenbach@chromium.org,yangguo@chromium.org

Change-Id: I7d7620fc3a8049176e2eab355b65c32d7d06cd77
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8027
Reviewed-on: https://chromium-review.googlesource.com/1166942
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54960}
2018-08-08 09:06:07 +00:00
Georg Neis
1c5f9d6c92 Revert "[turbofan] Remove optimization for NumberToString"
This reverts commit 2f2ce7b7db.

Reason for revert:
https://bugs.chromium.org/p/chromium/issues/detail?id=865494

Original change's description:
> [turbofan] Remove optimization for NumberToString
>
> We used to have an optimized version for ToString on number nodes
> which was allocating an object on the heap, therefore
> preventing this code from being executed on the compiler thread.
> Octane benchmark results show insignificant increase in performance
> (< 0.5%) without this optimization - see
> https://docs.google.com/spreadsheets/d/1MC5NrMoMSsqxZqw0ojoZvomBb7q2EOt1S0sFoJ8ld2c/edit#gid=1732639373
> which leads to the conclusion we can safely remove the optimization for now.
>
> Bug: v8:7790
> Change-Id: Ia1d53608f8d10ba20e0ff57cccb34583655382c6
> Reviewed-on: https://chromium-review.googlesource.com/1139063
> Commit-Queue: Maya Lekova <mslekova@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54495}

TBR=jarin@chromium.org,neis@chromium.org,mslekova@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: v8:7790, chromium:865494
Change-Id: I4b6c620e88c84ae889ce403fa46672db0d3b17c3
Reviewed-on: https://chromium-review.googlesource.com/1166783
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54959}
2018-08-08 09:03:36 +00:00
Tobias Tebbi
91ef86f9d1 [torque] add typeswitch statement
This adds a typeswitch statement

typeswitch (e)
case (x1 : Type1) {
  ...
} case (x2 : Type2) {

} ...
... case (xn : TypeN) {
  ...
}

This checks to which of the given types the result of evaluating e can
be cast, in the order in which they are listed. So if an earlier
type matches, a value of this type won't reach a later case.

The type-checks are performed by calling the cast<T>() macro.
The type of the argument passed to the cast macro is dependent on the
case and excludes all types checked earlier. For example, in

const x : Object = ...
typeswitch (x)
case (x : Smi) {
  ...
} case (x : HeapNumber) {
  ...
} case (x : HeapObject) {
  ...
}

there will be calls to cast<Smi>(Object) and
cast<HeapNumber>(HeapObject), because after the Smi check we know that
x has to be a HeapObject. With the refactored base.tq definition of
cast, this will generate efficient code and avoid repeating the Smi
check in the second case.

The type system ensures that all cases are reachable and that the type
given to the last case is safe without a runtime check (in other words,
the union of all checked types covers the type of e).

The cases can also be written as
case (Type) { ... }
, in which case the switched value is not re-bound with the checked
type.

Bug: v8:7793
Change-Id: Iea4aed7465d62b445e3ae0d33f52921912e095e3
Reviewed-on: https://chromium-review.googlesource.com/1156506
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54958}
2018-08-08 07:49:42 +00:00
v8-ci-autoroll-builder
224763d188 Update V8 DEPS.
Rolling v8/build: 60ce94a..8e67c4a

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/e19516b..ada05b3

Rolling v8/third_party/depot_tools: 2ebf9fd..735f71d

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I6af0db47405b4cd3352c62b42119523db0f904a4
Reviewed-on: https://chromium-review.googlesource.com/1166586
Reviewed-by: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54957}
2018-08-08 07:28:11 +00:00
Michael Achenbach
3c87d28b18 [CQ] Temporarily make node bot experimental
TBR=yangguo@chromium.org
NOTRY=true

Bug: v8:8027
Change-Id: I3d4383dc4e2c0af25d4e51aba4f4d6695030248c
Reviewed-on: https://chromium-review.googlesource.com/1166823
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54956}
2018-08-08 07:19:39 +00:00
Michael Achenbach
247e179ca7 Revert "[Interpreter] Do not use IC slots for property load/stores in an IIFE and top-level code"
This reverts commit 690bda84eb.

Reason for revert: Speculative revert for:
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8-Blink%20Linux%2064/25372

See more at:
https://github.com/v8/v8/wiki/Blink-layout-tests

Original change's description:
> [Interpreter] Do not use IC slots for property load/stores in an IIFE and top-level code
> 
> An IIFE or top-level code is executed only once hence, there is no need to collect
> type feedback. We can save some memory by not using IC slots for property Loads/Stores
> within a IIFE/top-level code. This CL emits Runtime Get/Set property calls instead of LdaNamedProperty
> /StaNamedProperty for the property loads within a IIFE and top-level code.
> 
> Change-Id: I3e0ce26d05d82bb3648cb9262c4e112a2c4556c9
> Reviewed-on: https://chromium-review.googlesource.com/1146579
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Chandan Reddy <chandanreddy@google.com>
> Cr-Commit-Position: refs/heads/master@{#54949}

TBR=rmcilroy@chromium.org,adamk@chromium.org,marja@chromium.org,yangguo@chromium.org,cbruni@chromium.org,leszeks@chromium.org,verwaest@chromium.org,chandanreddy@google.com

Change-Id: I642164a72453189fd0fe92b69f199f958ce56bef
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/1166782
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54955}
2018-08-08 06:39:55 +00:00
Ulan Degenbaev
5b434929a3 Revert "Fix invalidation of old-to-old slots after object trimming."
This reverts commit 719d23c032.

Reason for revert: TSAN failures

Original change's description:
> Fix invalidation of old-to-old slots after object trimming.
> 
> A recorded old-to-old slot may be overwritten with a pointer to a new
> space object. If the object containing the slot is trimmed later on,
> then the mark-compactor may crash on a stale pointer to new space.
> 
> This patch ensures that:
> 1) On trimming of an object we add it to the invalidated_slots sets.
> 2) The InvalidatedSlotsFilter::IsValid returns false for slots outside
>    the invalidated object unless the page was already swept.
> 
> Array left-trimming is handled as a special case because object start
> moves and cannot be added to the invalidated set. Instead, we clear
> the freed memory so that the recorded slots contain Smi values.
> 
> Bug: chromium:870226,chromium:816426
> Change-Id: Iffc05a58fcf52ece45fdb085b5d1fd4b3acb5d53
> Reviewed-on: https://chromium-review.googlesource.com/1163784
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Hannes Payer <hpayer@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54953}

TBR=ulan@chromium.org,hpayer@chromium.org,mlippautz@chromium.org

Change-Id: I2e1ff83c2db7902488951a8f597d38133aeb3b04
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:870226, chromium:816426
Reviewed-on: https://chromium-review.googlesource.com/1165862
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54954}
2018-08-07 19:15:58 +00:00
Ulan Degenbaev
719d23c032 Fix invalidation of old-to-old slots after object trimming.
A recorded old-to-old slot may be overwritten with a pointer to a new
space object. If the object containing the slot is trimmed later on,
then the mark-compactor may crash on a stale pointer to new space.

This patch ensures that:
1) On trimming of an object we add it to the invalidated_slots sets.
2) The InvalidatedSlotsFilter::IsValid returns false for slots outside
   the invalidated object unless the page was already swept.

Array left-trimming is handled as a special case because object start
moves and cannot be added to the invalidated set. Instead, we clear
the freed memory so that the recorded slots contain Smi values.

Bug: chromium:870226,chromium:816426
Change-Id: Iffc05a58fcf52ece45fdb085b5d1fd4b3acb5d53
Reviewed-on: https://chromium-review.googlesource.com/1163784
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54953}
2018-08-07 18:19:58 +00:00
Jakob Kummerow
bbe8db5948 [intl] Port CanonicalizeLocaleList to C++
This CL also contains some drive-by cleanup of related code.

Bug: v8:5751, v8:7987
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I6144d16c1d85922efc1dc419cce8a2eba2a60056
Reviewed-on: https://chromium-review.googlesource.com/1161545
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54952}
2018-08-07 18:02:23 +00:00
Mike Stanton
38c664fa9c [Torque] Turn Torque HasProperty usage into builtin calls
The CSA HasProperty has an inlining that makes it rather large.

Also, tighten up some type usage. ToObject() returns a JSReceiver
and we can do with less casting if we make use of this.

Change-Id: I56d2443b5d409314cc3c74a5a079810d857727ad
Reviewed-on: https://chromium-review.googlesource.com/1165241
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54951}
2018-08-07 16:33:51 +00:00
Tobias Tebbi
7957886b2f [torque] allow overloading generic macros
Previously, we requested instantiation of generics prior to selecting
a template overload, which resulted in unused templates being
instantiated, possibly triggering unnecessary compile errors.

Bug: v8:7793
Change-Id: I45f4bdbf8aa93749ece416c6c7458d64e6e051f5
Reviewed-on: https://chromium-review.googlesource.com/1154977
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54950}
2018-08-07 15:15:46 +00:00
Creddy
690bda84eb [Interpreter] Do not use IC slots for property load/stores in an IIFE and top-level code
An IIFE or top-level code is executed only once hence, there is no need to collect
type feedback. We can save some memory by not using IC slots for property Loads/Stores
within a IIFE/top-level code. This CL emits Runtime Get/Set property calls instead of LdaNamedProperty
/StaNamedProperty for the property loads within a IIFE and top-level code.

Change-Id: I3e0ce26d05d82bb3648cb9262c4e112a2c4556c9
Reviewed-on: https://chromium-review.googlesource.com/1146579
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Chandan Reddy <chandanreddy@google.com>
Cr-Commit-Position: refs/heads/master@{#54949}
2018-08-07 14:58:43 +00:00
Tobias Tebbi
469522160b [torque] generate implicit_cast according to VisitResult types
In the generated CSA, we called overloaded macros while relying on CSA
subtyping of TNodes. This doesn't work well with overloads, because
for C++ any TNode subtyping is treated as an implicit conversion, which
makes these calls ambiguous for C++.
As a solution, we insert implicit_cast conversions for arguments
according to the type predicted by Torque. This way, a CSA overload is always
called with exactly the signature declared in base.tq.
This has the additional benefit that it validates the signatures declared in
base.tq, which could previously be too permissive.
Also, this triggered a bug in structs, where VisitResult's were
carrying the wrong type.

Bug: v8:7793
TBR: danno@chromium.org
Change-Id: I8ed4bfd04793c8a8805a4a3dd5cf2a85c20ce786
Reviewed-on: https://chromium-review.googlesource.com/1165237
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54948}
2018-08-07 14:28:02 +00:00
Marja Hölttä
78c20334a4 [cleanup] Refactor SharedFunctionInfo::SetScript
The previous logic had 2 if-elses, but the branch taken in the first one
determines the branch taken in the second one too (so there are 2 possibilities,
not 4). Make the structure reflect this.

BUG=v8:8015

Change-Id: I75ce86aa9731c0cae21c82f9aad6c83cb950e0d6
Reviewed-on: https://chromium-review.googlesource.com/1163613
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54947}
2018-08-07 14:26:49 +00:00
Tobias Tebbi
36bb2e000b [csa] type and separate {Load,Store}{Fixed,Property}ArrayElement
This enables fast bounds checks on FixedArray's.

Change-Id: I0ae57b2c6981d8e1b2c7017ba658fd9c890d2bad
Reviewed-on: https://chromium-review.googlesource.com/1163614
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54946}
2018-08-07 14:15:51 +00:00
Georg Neis
c790b2790f [turbofan] Clarify a comment.
R=mvstanton@chromium.org

Change-Id: I4e717b0d608837cdde2bea2ebbcf83a2a5d6b749
Reviewed-on: https://chromium-review.googlesource.com/1165144
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54945}
2018-08-07 13:20:27 +00:00
Sigurd Schneider
7f99d292e2 [cleanup] Unify naming of instruction size constant
The instruction size in bytes is now kInstrSize on all platforms.

Bug: v8:6666
Change-Id: I2f9880a6a74199a439c8327a4117efb74240aa22
Reviewed-on: https://chromium-review.googlesource.com/1164955
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54944}
2018-08-07 12:18:13 +00:00
Yang Guo
ff7915421d Change test-log test to not use regex.
R=machenbach@chromium.org

Bug: v8:7855
Change-Id: Ifcd28d0aa24e07f0db70305d64b20361530069b0
Reviewed-on: https://chromium-review.googlesource.com/1163677
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54943}
2018-08-07 11:21:13 +00:00
Michael Starzinger
7579b1e3c8 [wasm] Support concurrent patching of jump table.
This adds initial support for concurrently patching jump table slots. It
is needed once different Isolates share code (for the --wasm-shared-code
feature). We need to ensure that instructions holding the target address
within a jump table slot do not cross cache-line boundaries. To do this,
the jump table has been split into consecutive pages.

Note that this also adds a stress test for multiple threads hammering at
a single slot concurrently. The test is currently limited to the ia32
and the x64 architecture, but will be extended to cover others. The test
reliably triggers tearing of the target address on almost every run of
the test and hence serves to prevent regressions.

R=clemensh@chromium.org
TEST=cctest/test-jump-table-assembler
BUG=v8:8018

Change-Id: Ife56bbb61ffcae5d8906ca7b8c604b195603707c
Reviewed-on: https://chromium-review.googlesource.com/1163664
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54942}
2018-08-07 11:20:09 +00:00