Commit Graph

58198 Commits

Author SHA1 Message Date
Jakob Gruber
ba72dc0803 Revert "[compiler] Optionally apply an offset to stack checks"
This reverts commit 4a16305b65.

Reason for revert: Need to revalidate assumptions behind the CHECK.

Original change's description:
> [compiler] Optionally apply an offset to stack checks
> 
> The motivation behind this change is that the frame size of an optimized
> function and its unoptimized version may differ, and deoptimization
> may thus trigger a stack overflow. The solution implemented in this CL
> is to optionally apply an offset to the stack check s.t. the check
> becomes 'sp - offset > limit'. The offset is applied to stack checks at
> function-entry, and is set to the difference between the optimized and
> unoptimized frame size.
> 
> A caveat: OSR may not be fully handled by this fix since we've already
> passed the function-entry stack check. A possible solution would be to
> *not* skip creation of function-entry stack checks for inlinees.
> 
> This CL: 1. annotates stack check nodes with the stack check kind, where
> kind is one of {function-entry,iteration-body,unknown}. 2. potentially
> allocates a temporary register to store the result of the 'sp - offset'
> in instruction selection (and switches input registers to 'unique'
> mode). 3. Applies the offset in code generation.
> 
> Drive-by: Add src/compiler/globals.h for compiler-specific globals.
> 
> Bug: v8:9534,chromium:1000887
> Change-Id: I257191c4a4978ccb60cfa5805ef421f30f0e9826
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762521
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63701}

TBR=neis@chromium.org,sigurds@chromium.org,jgruber@chromium.org

Change-Id: Iebf46d5256b6dee13451741781ef85a5fe9b1628
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9534, chromium:1000887
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1800565
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63706}
2019-09-12 09:23:47 +00:00
Georg Neis
2304c194f0 [compiler] Replace remaining mutable reference arguments
Bug: v8:9429
Change-Id: Id775a765d9700e1d2c46b4598f5e4c8350e28f14
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796340
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63705}
2019-09-12 08:56:15 +00:00
Swapnil Gaikwad
91e3243d60 Extend GetIterator bytecode to perform JSReceiver check on object[Symbol.iterator]()
Current GetIterator bytecode loads and calls @@iterator property on a
given object. This change extends the bytecode functionality to check
whether the value returned after calling @@iterator property is a valid
JSReceiver. The bytecode throws SymbolIteratorInvalid exception if the
returned value is not a valid JSReceiver. This change absorbs the
functionality of additional two bytecodes - JumpIfJSReceiver and
CallRuntime, that are part of the iterator protocol in the GetIterator
bytecode.

Bug: v8:9489
Change-Id: I9e84cfe85eeb9a1b8a97ca0595375ac26ba1bbfd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792905
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Swapnil Gaikwad <swapnilgaikwad@google.com>
Cr-Commit-Position: refs/heads/master@{#63704}
2019-09-12 08:51:35 +00:00
Clemens Hammacher
98c86c6b1f [base] Implement {Reversed} using {rbegin} and {rend}
This removes the {base::ReversedAdapter} class and uses
{base::iterator_range} instead. The types are inferred from what
{std::rbegin} and {std::rend} return.

Since src/base/adapters.h would only contain this one method after
this refactoring, it was merged into src/base/iterator.h.
Some includes of src/base/adapters.h were unused and hence dropped.

R=mlippautz@chromium.org

Bug: v8:9396
Change-Id: I597172ec790193b73af196d1afcd64bbed0a597d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1798432
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63703}
2019-09-12 08:38:59 +00:00
Shu-yu Guo
b378a2e9c3 Roll test262
59a1a01..ef7fd2bc

Bug: v8:7834, v8:9712
Change-Id: Iebc11aa3be2fa692bfae7069f45e89d795132cfa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1799398
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63702}
2019-09-12 06:55:05 +00:00
Jakob Gruber
4a16305b65 [compiler] Optionally apply an offset to stack checks
The motivation behind this change is that the frame size of an optimized
function and its unoptimized version may differ, and deoptimization
may thus trigger a stack overflow. The solution implemented in this CL
is to optionally apply an offset to the stack check s.t. the check
becomes 'sp - offset > limit'. The offset is applied to stack checks at
function-entry, and is set to the difference between the optimized and
unoptimized frame size.

A caveat: OSR may not be fully handled by this fix since we've already
passed the function-entry stack check. A possible solution would be to
*not* skip creation of function-entry stack checks for inlinees.

This CL: 1. annotates stack check nodes with the stack check kind, where
kind is one of {function-entry,iteration-body,unknown}. 2. potentially
allocates a temporary register to store the result of the 'sp - offset'
in instruction selection (and switches input registers to 'unique'
mode). 3. Applies the offset in code generation.

Drive-by: Add src/compiler/globals.h for compiler-specific globals.

Bug: v8:9534,chromium:1000887
Change-Id: I257191c4a4978ccb60cfa5805ef421f30f0e9826
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762521
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63701}
2019-09-12 06:48:25 +00:00
Clemens Hammacher
3d2159462c [wasm] Allocate one far jump table per code space
This moves the code to allocate the far jump table from
{SetRuntimeStubs} to {AddCodeSpace} to allocate one such table per code
space.
Also, the {runtime_stub_table_} and {runtime_stub_entries_} fields do
not make sense any more now and are replaced by calls to
{GetNearRuntimeStubEntry} and {GetRuntimeStubId}.

R=mstarzinger@chromium.org

Bug: v8:9477
Change-Id: Ie1f5c9d4eb282270337a684c34f097d8077fdfbb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795348
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63700}
2019-09-12 06:27:26 +00:00
Jakob Gruber
5b5a360857 [compiler] Assign dedicated names to zones used by the pipeline
To make --trace-zone-stats output more meaningful.

Bug: v8:9574
Change-Id: I06cb725b11e3815c23294310270774b7148c64eb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795355
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63699}
2019-09-12 06:03:15 +00:00
Clemens Hammacher
9f5141968f Revert "Update V8 DEPS."
This reverts commit 5e0e5829e9.

Reason for revert: Still breaks android builders: https://ci.chromium.org/p/v8/builders/ci/V8%20Android%20Arm64%20-%20builder/28054 and https://ci.chromium.org/p/v8/builders/ci/V8%20Android%20Arm%20-%20builder/28026

Original change's description:
> Update V8 DEPS.
> 
> Rolling v8/build: 2d9fa32..716ef3d
> 
> Rolling v8/buildtools: 74cfb57..cd73d21
> 
> Rolling v8/buildtools/linux64: git_revision:152c5144ceed9592c20f0c8fd55769646077569b..git_revision:ad9e442d92dcd9ee73a557428cfc336b55cbd533
> 
> Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/884c81e..c979465
> 
> Rolling v8/third_party/depot_tools: e5641be..0910f78
> 
> Rolling v8/third_party/googletest/src: 3a45039..33a0d4f
> 
> Rolling v8/third_party/icu: 53f6b23..faee8bc
> 
> Rolling v8/tools/clang: 51c4acf..e7d79d1
> 
> TBR=machenbach@chromium.org,tmrts@chromium.org
> 
> Change-Id: Ib53bf18762e6e8828a6e6cf5cd57ee361bfc5ee4
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1799962
> Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
> Cr-Commit-Position: refs/heads/master@{#63697}

TBR=machenbach@chromium.org,v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com,tmrts@chromium.org

Change-Id: Ib1a643744ff6b664a6b9164e4005b263d676171f
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1798611
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63698}
2019-09-12 05:54:57 +00:00
v8-ci-autoroll-builder
5e0e5829e9 Update V8 DEPS.
Rolling v8/build: 2d9fa32..716ef3d

Rolling v8/buildtools: 74cfb57..cd73d21

Rolling v8/buildtools/linux64: git_revision:152c5144ceed9592c20f0c8fd55769646077569b..git_revision:ad9e442d92dcd9ee73a557428cfc336b55cbd533

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/884c81e..c979465

Rolling v8/third_party/depot_tools: e5641be..0910f78

Rolling v8/third_party/googletest/src: 3a45039..33a0d4f

Rolling v8/third_party/icu: 53f6b23..faee8bc

Rolling v8/tools/clang: 51c4acf..e7d79d1

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: Ib53bf18762e6e8828a6e6cf5cd57ee361bfc5ee4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1799962
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#63697}
2019-09-12 03:50:44 +00:00
Dmitry Gozman
aaf4714310 [inspector] Prepare to simpler async stepping
Add should_pause to V8StackTraceId in preparation for
async stepping simplification [1].

[1] https://chromium-review.googlesource.com/c/v8/v8/+/1783724

BUG=chromium:1000475
TBR=yangguo@chromium.org

Change-Id: I3a90d33322c83f624a3d28c18ebdfff80b2cd904
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1799453
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63696}
2019-09-12 00:16:20 +00:00
Ng Zhi An
8d4fbc33f4 Reduce the number of ints tested
This reduces the runtime from ~20m to ~2m (very unscientific measure
based on running the entire asm-wasm-i32 test with and without this
change).

I removed most of the constants that looked uninteresting, e.g. testing
for 10, 20, 30, isn't that interesting. The edge cases are left
untouched, min/max signed positive/negative ints and +/- 1 from both.

Bug: v8:7783
Bug: v8:9396
Change-Id: Ice363fc3f786dd55ff118ffa42f9ecea07880338
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1791632
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63695}
2019-09-11 20:27:24 +00:00
Ulan Degenbaev
e9730043cf [api, heap] Add v8::Isolate::MeasureMemory API
This adds a new API function and provides a simple implementation
of performance.measureMemory() in d8. The implementation currently
immediately resolves the result promise with the current heap size.

Bug: chromium:973627

Change-Id: Ia8e1963a49b7df628b5487a2c0d601473f0cb039
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796502
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63694}
2019-09-11 18:18:10 +00:00
Ng Zhi An
134e110211 [wasm-simd] Implement f32x4.sqrt f64x2.sqrt for x64
Implementations for other architectures will follow in subsequent
changes.

Bug: v8:8460
Change-Id: I279388ab76b1d88d65cbe179088be5573c17fc58
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796317
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63693}
2019-09-11 17:26:32 +00:00
Joshua Litt
93a29bdce0 Revert "[top-level-await] Implement top-level-await in V8"
This reverts commit 591d1c9de4.

Reason for revert: breaks blink

Original change's description:
> [top-level-await] Implement top-level-await in V8
> 
> Implements AsyncModules in SourceTextModule. However, there is no
> support in the parser or D8 for actually creating / resolving
> AsyncModules. Also adds a flag '--top-level-await,' but the only
> external facing change with the flag enabled is that Module::Evaluate
> returns a promise.
> 
> Bug: v8:9344
> Change-Id: Idc722efc1e2aa780d04bdb985bb7920ab969d34e
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1728037
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Joshua Litt <joshualitt@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63686}

TBR=ulan@chromium.org,adamk@chromium.org,neis@chromium.org,joshualitt@chromium.org

Change-Id: I6ceeb3a293a948af04bf200ab784ceb03386a3fd
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9344
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1797656
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63692}
2019-09-11 17:00:21 +00:00
Ng Zhi An
b0209cc1ee Use array.every instead of iterating using for loop
This speeds up the check by ~10x.

This was tested by writing a simple test that compares a for-loop and
array.every():

for (var i = 0; i < kMemSize; i++) {
      assertEquals(0, array[i]);
}

assertTrue(array.every((e => e == 0)));

The for-loop takes ~180s, every() takes ~19s.

Numbers above are for arm.debug build (simulator). On x64.debug builds
we can see a similar 10x improvement, from ~6s to ~400ms.

Bug: v8:7783
Bug: v8:9396
Change-Id: I83d46c7ec4a634612032c1d79585339cadb8b641
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1793904
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63691}
2019-09-11 16:59:15 +00:00
Francis McCabe
685494d986 Remove unused declaration of private method
Remove unused/unimplementation private method that has a NOLINT comment

Bug: v8:9429
Change-Id: I8c5de440c8b456586b3a7c1a92af2d9a1fca4e78
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792231
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63690}
2019-09-11 16:33:05 +00:00
Igor Sheludko
516b780994 [csa] Add statically typed CSA::BuildFastLoop()
... and the following helper methods:
- IntPtrOrSmiConstant
- IntPtrOrSmiXXX
- Increment
- Decrement

Bug: v8:9708
Change-Id: I9da8bba4da2012a873fd3f23972c678ff80eec21
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1798623
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63689}
2019-09-11 15:57:05 +00:00
Igor Sheludko
8d710631c7 [csa] Add statically typed CSA::ElementOffsetFromIndex()
This is a first step towards removal of dynamic ParameterMode.

Bug: v8:9708
Change-Id: I3502584264952dc12b44fd85b91274c9a0ddf31d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1798622
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63688}
2019-09-11 15:53:25 +00:00
Clemens Hammacher
9a34e1e651 [wasm] Reserve new code spaces big enough
Ensure that the jump tables do not take more than 50% of newly reserved
code spaces. In particular, this ensures that the jump tables always
fit in the newly reserved code space.

R=mstarzinger@chromium.org

Bug: v8:9477
Change-Id: I72cdbb7c7dc7916167594c0fc8e1ddb1511756ff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1782559
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63687}
2019-09-11 15:33:14 +00:00
Joshua Litt
591d1c9de4 [top-level-await] Implement top-level-await in V8
Implements AsyncModules in SourceTextModule. However, there is no
support in the parser or D8 for actually creating / resolving
AsyncModules. Also adds a flag '--top-level-await,' but the only
external facing change with the flag enabled is that Module::Evaluate
returns a promise.

Bug: v8:9344
Change-Id: Idc722efc1e2aa780d04bdb985bb7920ab969d34e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1728037
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63686}
2019-09-11 15:28:24 +00:00
Dominik Inführ
cb1c2b0fbf Remove noscript_shared_function_infos
SharedFunctionInfos that do not belong to a script were tracked in
noscript_shared_function_infos. However this was only used in object-stats.
Remove this since it was actually leaking memory in some use cases.

Bug: v8:9674
Change-Id: I9482f7e5dedf975666a70684b3d2ea04c9a23518
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1798423
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63685}
2019-09-11 15:18:24 +00:00
Liviu Rau
f3bb773bf2 Remove no-embed bots
Removed all references in .pyl files.

Bug: v8:9694
Change-Id: Id6f1f6075b022836cda4f0b3d61eb0edbead17db
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1798422
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63684}
2019-09-11 14:43:35 +00:00
Clemens Hammacher
f08cc27477 Reland "[wasm] Patch jump tables in all code spaces"
This is a reland of d7d25d2abc

Original change's description:
> [wasm] Patch jump tables in all code spaces
> 
> If there are multiple code spaces, make sure to patch the jump tables
> in all of them.
> 
> R=mstarzinger@chromium.org
> 
> Bug: v8:9477
> Change-Id: I2ec3d3de913b99623fd310004555337329588da0
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789289
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63651}

Bug: v8:9477
Change-Id: I89c3d59d8366ac9479e58feea91dd40ee4e01f66
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796065
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63683}
2019-09-11 14:41:44 +00:00
Clemens Hammacher
aeccaceb27 [wasm] Remove default implementation for unknown architectures
The jump table assembler is implemented on all architectures now, so
remove the default code. It would be untested otherwise.

R=mstarzinger@chromium.org

Change-Id: I45e42fc04ebb3bb07d975648b1498e2ea4e757d4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796328
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63682}
2019-09-11 14:09:24 +00:00
Igor Sheludko
4c6f2e96f1 [turbofan] Rename BitcastTaggedSignedToWord to BitcastTaggedToWordForTagAndSmiBits
... to precisely express which guarantees does this operator provide.

Drive-by-fix: use it for other tag-checking predicates in CSA.

Bug: v8:9396
Change-Id: Ifee22922ac02ec8866038be1a97625a32638d521
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795504
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63681}
2019-09-11 13:46:54 +00:00
Clemens Hammacher
16191e9ad9 [wasm] Add function slots to the far jump table
This adds the --wasm-far-jump-table flag, which enables the extension
of the far jump table with a slot for each wasm function.

R=mstarzinger@chromium.org

Bug: v8:9477
Change-Id: I61cb4592aa8ed75e2772371e9b7dbfdfe9bb0046
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792907
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63680}
2019-09-11 13:34:32 +00:00
Clemens Hammacher
8734a486f4 [wasm] Refactor runtime stub table to far jump table
This CL renames the runtime stub table to far jump table, and changes
the implementation so it can later be patched concurrently.
A follow-up CL will extend this table to also contain slots for wasm
functions (if needed).

R=mstarzinger@chromium.org

Bug: v8:9477
Change-Id: I20bf0a0bb66dc0333f794761c1506b27137b53e7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789159
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63679}
2019-09-11 13:25:02 +00:00
Georg Neis
c8880a232b Remove always-on flag --experimental_inline_promise_constructor
Change-Id: Ie0bd818c629bed3011212fb7c8ab81202a462501
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1798424
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63678}
2019-09-11 13:17:22 +00:00
Joyee Cheung
fe6839ba6d [class] parse static private methods and accessors
This patch uses a bit in the Variable bit fields to distinguish
static private names from instance private names, so that we
can check the conflicts of private accessors that are complementary
but with different staticness in the parser, and use this
information later when generating code for checking static brands
for private method access.

Design doc: https://docs.google.com/document/d/1rgGRw5RdzaRrM-GrIMhsn-DLULtADV2dmIdh_iIZxlc/edit

Bug: v8:8330
Change-Id: I8d70600e594e3d07f77ea519751b7ca2e0de87b5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1781010
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Cr-Commit-Position: refs/heads/master@{#63677}
2019-09-11 12:59:52 +00:00
Michael Starzinger
75a0c1fc03 [wasm] Remove obsolete {WasmCode::kRuntimeStub}.
R=clemensh@chromium.org
BUG=v8:8519

Change-Id: I3c63637fb9cb694e4d50be2fded1dcc02de7f2ba
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796559
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63676}
2019-09-11 12:45:52 +00:00
Joshua Litt
d7acd6ac59 [protectors] Move ArrayConstructorProtector to Protectors
Also converts ACP from a Cell to a PropertyCell.

Bug: v8:9463
Change-Id: I6cd26d4e4fd8869a17bf75f83cc177524f8082d7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795742
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63675}
2019-09-11 11:57:32 +00:00
Igor Sheludko
0f704b102f [ptr-compr] Use 32-bit operations in CSA::NumberToString implementation
... to make it "smi-corrupting" decompression-friendly.

Also add a cctest for the CSA implementation.

Bug: v8:9706
Change-Id: I1f1b0aa1b40832a0c2ce81658da316b3e442189c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796802
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63674}
2019-09-11 11:39:31 +00:00
Santiago Aboy Solanes
1304b3c986 [CSA][cleanup] Type VARIABLE in interpreter generator
Bug: v8:6949, v8:9396
Change-Id: I19b865bea9ebe40f8f96cd220963cd3181412c82
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792906
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63673}
2019-09-11 11:21:37 +00:00
Michael Lippautz
3569a4febe [heap] Fix parameter parsing on GC builtin
Do not assume that the MaybeHandle that is returned when fetching for a property
is valid and instead check for its contents. Treat an empty handle as not
finding the right property.

Bug: chromium:1002827
Change-Id: Iac158086ec5f66cd9602f4a73ae78de367dd3e77
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796556
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63672}
2019-09-11 10:13:16 +00:00
Simon Zünd
1b5697cc9e Add test for debug evaluating a previously non-whitelisted variable
This CL adds a test where we evaluate a variable that is context
allocated (through the use of 'eval'), but not used by the closure.
This did not work with the previous whitelist approach, but works now
with the new blacklist approach (see https://crrev.com/c/1795354)

Bug: v8:9482
Change-Id: I1e453dec0b624bf7e0312100e119d86c9c481ba9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796543
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63671}
2019-09-11 09:45:33 +00:00
Victor Gomes
1e42880ed4 [Value Serializer] Remove allocation flag
From verwaest@ work on the Json's parser, we know that removing the allocation type argument when creating objects using the factory class increases performance. This will also allow us to optimise these functions in a latter CL.

Change-Id: If78f62a63fe41453f4def8bea77b6eddc2ab7f36
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792168
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@google.com>
Cr-Commit-Position: refs/heads/master@{#63670}
2019-09-11 09:44:23 +00:00
Santiago Aboy Solanes
6376671c9c [CSA][cleanup] Renamed bool rhs_is_smi to rhs_known_smi
functionality is:
If rhs_is_smi is true, we are sure that rhs is a Smi.
If rhs_is_smi is false, rhs might or not be a Smi.

Therefore, rhs_known_smi fits better.

Change-Id: Ie6dd0446ef85ba0730189e2012a21c24d1731b74
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796551
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63669}
2019-09-11 09:43:18 +00:00
Sigurd Schneider
17d2b57700 [arm64] Marking random-bit-correlations as slow
Notry: true
Notreechecks: true
Change-Id: Ie15006dfd812a26486c7e2a5d09c713b92456ebe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796555
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63668}
2019-09-11 09:42:15 +00:00
Santiago Aboy Solanes
e6b3b41012 [CSA][cleanup] TNodify interpreter-intrinsics-generator
Bug: v8:6949, v8:9396
Change-Id: If9fa66de4aecfe72c30ac81c563216fd5e057eb3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792903
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63667}
2019-09-11 08:57:16 +00:00
Simon Zünd
2e11dff7f2 Change debug-evaluate from a whitelist to a blacklist approach
This CL changes how variables are resolved during debug evaluate.
We now re-parse the whole script when creating a ScopeIterator.
This gives us accurate scope information for all parent scopes of the
closure in which we stopped. Using this information, we build
blacklists of stack-allocated variables. Each context on the chain
in between the closure context up to the original native context is
wrapped in a debug-evaluate context with such a blacklist attached.
Variable lookup for debug-evalute contexts then works as follows:

  1) Look up in the materialized stack variables (stayed the same).
  2) Check the blacklist to find out whether to abort further lookup.
  3) Look up in the original context.

Steps 1-3 is repeated for each debug-evaluate context, since they
mirror the original context chain.

R=ulan@chromium.org, yangguo@chromium.org

Change-Id: Ied8e5786772c70566da9627ee3b7eff066fba2b4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795354
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63666}
2019-09-11 07:52:45 +00:00
Mu Tao
99983ce362 [mips32][cleanup] Eliminate non-const reference parameters
Fix build errors introduced by

commit af063685fe

and not fully fixed by

commit db3cc4a247

Change-Id: Ifdc92f5d55061670127999058d374914985df762
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795643
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Mu Tao <pamilty@gmail.com>
Auto-Submit: Mu Tao <pamilty@gmail.com>
Cr-Commit-Position: refs/heads/master@{#63665}
2019-09-11 07:51:40 +00:00
Mu Tao
cad71bef09 [mips][cleanup] Eliminate non-const reference parameters
Port ab0f971091

Original Commit Message:

    - Eliminates non-const reference parameters in test/cctest.

Change-Id: I038314e0cc2b28e70e7ebcbd2d076ef62893285e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795646
Commit-Queue: Mu Tao <pamilty@gmail.com>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Auto-Submit: Mu Tao <pamilty@gmail.com>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63664}
2019-09-11 07:50:36 +00:00
Michael Achenbach
952d14a3f9 Whitespace change to test bots
Change-Id: I14103a02fa96f66f220559780e9d8ee116ff3e10
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796548
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63663}
2019-09-11 07:42:25 +00:00
Michael Achenbach
a6fa59c0a8 Revert "Update V8 DEPS."
This reverts commit d72ae9abf8.

Reason for revert: https://ci.chromium.org/p/v8/builders/ci/V8%20Android%20Arm%20-%20builder/27990

Original change's description:
> Update V8 DEPS.
> 
> Rolling v8/build: 2d9fa32..0f7adef
> 
> Rolling v8/buildtools: 74cfb57..cd73d21
> 
> Rolling v8/buildtools/linux64: git_revision:152c5144ceed9592c20f0c8fd55769646077569b..git_revision:ad9e442d92dcd9ee73a557428cfc336b55cbd533
> 
> Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/884c81e..050abd8
> 
> Rolling v8/third_party/depot_tools: e5641be..d207f49
> 
> Rolling v8/third_party/googletest/src: 3a45039..33a0d4f
> 
> TBR=machenbach@chromium.org,tmrts@chromium.org
> 
> Change-Id: I465ba35dd9e70e02c684687b656c34c5bd53ff23
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796705
> Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
> Cr-Commit-Position: refs/heads/master@{#63661}

TBR=machenbach@chromium.org,v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com,tmrts@chromium.org

Change-Id: I0ffabeb2df5a2949adf5ebb319bec20513a04c55
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796545
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63662}
2019-09-11 06:43:07 +00:00
v8-ci-autoroll-builder
d72ae9abf8 Update V8 DEPS.
Rolling v8/build: 2d9fa32..0f7adef

Rolling v8/buildtools: 74cfb57..cd73d21

Rolling v8/buildtools/linux64: git_revision:152c5144ceed9592c20f0c8fd55769646077569b..git_revision:ad9e442d92dcd9ee73a557428cfc336b55cbd533

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/884c81e..050abd8

Rolling v8/third_party/depot_tools: e5641be..d207f49

Rolling v8/third_party/googletest/src: 3a45039..33a0d4f

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: I465ba35dd9e70e02c684687b656c34c5bd53ff23
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796705
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#63661}
2019-09-11 03:51:55 +00:00
Frank Tang
8574ecf2b7 Remove CHECK which fail while the locale is long.
Bug: chromium:997401
Change-Id: I7a78f4ad1fd05ab2bb2dbcd343060b2647aef4e6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771954
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63660}
2019-09-10 19:28:54 +00:00
Michael Lippautz
aa7c6e22f9 [heap] Provide async GC for JS
Reuse the existing builtin and extension infrastructure to provide a
garbage collection mechanism that allows for asynchronous execution.

On --expose-gc, this changes the gc call to parse parameters the
following:
(1) Parse options when encountering an options object with known properties.
(2) No parameters is parsed as
    {type: 'major', execution: 'sync'}.
(3) Truthy parameter that is not setting options is parsed as
    {type: 'minor', execution: 'sync'}.

(2) and (3) preserve backwards compatibility for existing callers as this may be
used widely across various test and benchmarking infrastructures.

Valid options:
- type: 'major' or 'minor' for full GC and Scavenge, respectively.
- execution: 'sync' or 'async' for synchronous and asynchronous
  execution respectively.

Returns a Promise that resolves when GC is done when asynchronous execution
is requested, and undefined otherwise.

Note: This is implemented as builtin to avoid having any stack at all. This
information is also passed to the embedder to allow skipping stack scanning.

Change-Id: Ie5c9b6f0d55238abfeb9051ffa1837501d474934
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1793143
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63659}
2019-09-10 18:58:21 +00:00
Santiago Aboy Solanes
09af9adf9a [CSA][cleanup] TNodify the binary op assembler
Bug: v8:6949, v8:9396
Change-Id: I4c9382079190379661a26fbe6e1f4f6040a56d08
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792902
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63658}
2019-09-10 18:37:00 +00:00
Gus Caplan
67180425bc Stage optional chaining
Bug: v8:9553
Change-Id: I376d4bd3d1554e1ed0bdeea79c47bd2a45e643d8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795886
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63657}
2019-09-10 18:24:40 +00:00