Commit Graph

55939 Commits

Author SHA1 Message Date
Simon Zünd
6b9af6b7cf [torque] Add naming convention check for struct names
R=sigurds@chromium.org

Bug: v8:7793
Change-Id: Id0ba3a7b9f168e661ca786a0f1e18cd58c9210aa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593073
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61147}
2019-05-02 09:37:55 +00:00
Clemens Hammacher
444ee7bda4 [wasm] Store trap handler index as int
The index is an {int} initially. We then store it as {intptr_t}, and
the accessor returns it as {size_t}.
This CL consolidates everything to {int}, fixes naming of
{HasTrapHandlerIndex} and defines the simple accessors inline.

R=titzer@chromium.org

Bug: v8:9183
Change-Id: I1afa792117201d4dda3fcc437a4e518489b9ff17
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590079
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61146}
2019-05-02 09:35:05 +00:00
Tamer Tas
7584a9b02c Update V8 DEPS.
Rolling v8/build: 4087d63..d6fe3ed

Rolling v8/test/test262/harness: 9bd99c6..4555345

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/5b26b37..5a34ef7

Rolling v8/third_party/depot_tools: e49aed3..020b429

Rolling v8/third_party/googletest/src: a53e931..9997a83

Rolling v8/third_party/icu: 35f7e13..ae4b77d

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: Ic24825a733ac1e0f6956de7096fc23952c673ff3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591348
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#61145}
2019-05-02 08:30:40 +00:00
Frank Tang
43eaa0a3d1 [Intl] Add feature mapping for Intl.DateTimeFormat-formatRange
Two PR of test262 tests are in
https://github.com/tc39/test262/pull/2139 and
https://github.com/tc39/test262/pull/2134

Bug: v8:7729
Change-Id: Ic416be0cec0fda90ee89c03ba4c6bb3192bf871d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1589633
Reviewed-by: Jungshik Shin <jshin@chromium.org>
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61144}
2019-05-02 02:57:00 +00:00
Milad Farazmand
2054c4a1f2 PPC/s390: Reland "[ptr-compr] New RelocInfo for compressed pointers."
Port 18c29ab939

Original Commit Message:

    Port ed319e841c

    Original Commit Message:

        Failure addressed by not exposing the new test to the jitless environment.
        (jgruber@ on TBR).

        New enum RelocInfo::COMPRESSED_EMBEDDED_OBJECT created to support
        compressed pointers in generated code. Enum name EMBEDDED_OBJECT
        changed to FULL_EMBEDDED_OBJECT.

        RelocInfo::[set_]target_object() abstract away the difference between
        FULL_EMBEDDED_OBJECT and COMPRESSED_EMBEDDED_OBJECT.

        Compressed embedded objects can only be created at this time on
        x64 with pointer compression turned on. Arm64 constant pools don't
        support compressed objects at this time.

R=miladfar@ca.ibm.com, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I97ef9b7394f384c2a1b97aab9fdac0eeb80eb734
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591993
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#61143}
2019-05-01 16:27:02 +00:00
Milad Farazmand
3335d81341 PPC/s390: [cleanup] Use Vector::begin instead of Vector::start
Port 0875682600

Original Commit Message:

    Port 4b0f9c856e

    Original Commit Message:

        Our {Vector} template provides both {start} and {begin} methods. They
        return exactly the same value. Since the {begin} method is needed for
        iteration, and is also what standard containers provide, this CL
        switches all uses of the {start} method to use {begin} instead.

        Patchset 1 was auto-generated by using this clang AST matcher:
            callExpr(
                callee(
                  cxxMethodDecl(
                    hasName("start"),
                    ofClass(hasName("v8::internal::Vector")))
                ),
                argumentCountIs(0))

        Patchset 2 was created by running clang-format. Patchset 3 then
        removes the now unused {Vector::start} method.

R=miladfar@ca.ibm.com, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: Ief052e7655ede161504cf058eddd81714e6e5929
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590168
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61142}
2019-05-01 15:49:32 +00:00
Milad Farazmand
9d53a080a8 PPC/s390: [liftoff] Optimise {i32,i64}_{and,or,xor} with immediates
Port 403cac989a

Original Commit Message:

    This is an extension of 138d2dfcb1.

R=joey.gouly@arm.com, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: If344e23bc4f96835125068497fabbd0d2ba0305a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591413
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#61141}
2019-05-01 13:05:11 +00:00
Georg Neis
7c1ed0b8f8 Reland "[turbofan] Avoid raw InferReceiverMaps in JSCallReducer"
This is a reland of 9284ad5731, after
adding a missing speculation mode check in ReduceCallApiFunction.

Original change's description:
> [turbofan] Avoid raw InferReceiverMaps in JSCallReducer
>
> Instead provide an abstraction that makes it hard to forget
> dealing with unreliable maps.
>
> This also fixes a deopt loop in Function.prototype.bind and
> one in Array.prototype.reduce.
>
> Bug: v8:9137
> Change-Id: If6a51182c8693a62e9fb6d302cec19b4d48e25cb
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578501
> Commit-Queue: Georg Neis <neis@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61106}

Tbr: jarin@chromium.org
Bug: v8:9137, v8:9197
Change-Id: I0db68d267055969553c0c1b85fad7b909075c062
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1589976
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61140}
2019-05-01 09:34:01 +00:00
Sathya Gunasekaran
5f0ef667c7 [class] Remove flags for class fields
Bug: v8:5367, v8:5368
Change-Id: I86f25f9f658e21a05604f3014e6ebf74f1a8a1f7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590164
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61139}
2019-05-01 02:02:51 +00:00
Johannes Henkel
9b78d20ba5 [DevTools] Roll inspector_protocol
New Rev: 8c3f1afc2dc5b8588bc2dc5f12a93255383d7236

Change-Id: I88fcc74b969d114cc6c491c9d1aa5872245f8f5c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590624
Reviewed-by: Alexei Filippov <alph@chromium.org>
Commit-Queue: Johannes Henkel <johannes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61138}
2019-04-30 23:13:48 +00:00
Sathya Gunasekaran
ff14c88679 Revert "Reland "[json] Speed up json parsing""
This reverts commit 36dd2bca5b.

Reason for revert: msan still failing https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/26453


Original change's description:
> Reland "[json] Speed up json parsing"
> 
> This is a reland of de8aaef5a3
> 
> Original change's description:
> > [json] Speed up json parsing
> >
> > - scan using raw data pointers + GC callback
> > - scan using scanner tables
> > - cap internalizing large string values
> > - inline fast transitioning logic
> >
> > Change-Id: I545620017b38b80e4193dfaf19381411adf5ff89
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584320
> > Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> > Reviewed-by: Igor Sheludko <ishell@chromium.org>
> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#61132}
> 
> Tbr: ulan@chromium.org
> Change-Id: Iafd5e7c750a9f3eae706baf51dc4c9237c916132
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588887
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61136}

TBR=ulan@chromium.org,gsathya@chromium.org,ishell@chromium.org,verwaest@chromium.org

Change-Id: If0a34e017fed7688873c21f4b65f62b246820732
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590626
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61137}
2019-04-30 22:09:30 +00:00
Toon Verwaest
36dd2bca5b Reland "[json] Speed up json parsing"
This is a reland of de8aaef5a3

Original change's description:
> [json] Speed up json parsing
>
> - scan using raw data pointers + GC callback
> - scan using scanner tables
> - cap internalizing large string values
> - inline fast transitioning logic
>
> Change-Id: I545620017b38b80e4193dfaf19381411adf5ff89
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584320
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61132}

Tbr: ulan@chromium.org
Change-Id: Iafd5e7c750a9f3eae706baf51dc4c9237c916132
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588887
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61136}
2019-04-30 21:04:38 +00:00
Ben L. Titzer
475124b68d [arraybuffer] Uncomment test/mjsunit/harmony/sharedarraybuffer.js
R=binji@chromium.org

Change-Id: I936d906be90c0c6d3b84b5ad4e8cb574ab8cd970
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1585851
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61135}
2019-04-30 18:36:28 +00:00
Sathya Gunasekaran
813d149e17 Revert "[json] Speed up json parsing"
This reverts commit de8aaef5a3.

Reason for revert: breaks MSAN https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket.appspot.com/8914730548828313776/+/steps/Check/0/logs/json/0

Original change's description:
> [json] Speed up json parsing
> 
> - scan using raw data pointers + GC callback
> - scan using scanner tables
> - cap internalizing large string values
> - inline fast transitioning logic
> 
> Change-Id: I545620017b38b80e4193dfaf19381411adf5ff89
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584320
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61132}

TBR=ulan@chromium.org,ishell@chromium.org,verwaest@chromium.org

Change-Id: I870c82f6f2a5bc3d2dfea57d5d6306cdccbbe935
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590384
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61134}
2019-04-30 18:24:49 +00:00
Clemens Hammacher
7dbdb0558e [wasm] Store and pass compilation units by value
Wasm compilation units got smaller and smaller with recent refactorings
(https://crrev.com/c/1587386, https://crrev.com/c/1587387,
https://crrev.com/c/1587388, plus previous CLs).
They now only store a function index and the requested compilation
tier. Hence there is no reason any more to heap-allocate them.
This CL changes the compilation unit queues and interfaces to store and
pass compilation units by value. Methods that could return an empty
{unique_ptr} before are now returning a {base::Optional}.

R=mstarzinger@chromium.org

Bug: v8:8343
Change-Id: I63037156b1a700095c13010450e5fedb51544401
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588456
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61133}
2019-04-30 18:11:58 +00:00
Toon Verwaest
de8aaef5a3 [json] Speed up json parsing
- scan using raw data pointers + GC callback
- scan using scanner tables
- cap internalizing large string values
- inline fast transitioning logic

Change-Id: I545620017b38b80e4193dfaf19381411adf5ff89
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584320
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61132}
2019-04-30 18:04:14 +00:00
Joey Gouly
403cac989a [liftoff] Optimise {i32,i64}_{and,or,xor} with immediates
This is an extension of 138d2dfcb1.

Change-Id: Icb10aab6e6799ab4f45dcbd26fc69206dbef29bb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588430
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61131}
2019-04-30 17:32:27 +00:00
Alexei Filippov
074cf1c369 [profiler] Refactor SamplingHeapProfiler
Remove extra allocation observer.
Minor tweaks.

Change-Id: Ic7e6e2f8cb39ff960960cca6cc3ece46438a4bd5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588405
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Alexei Filippov <alph@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61130}
2019-04-30 16:49:57 +00:00
Andreas Haas
e24e5710ec [wasm] Support importing anyref tables
R=clemensh@chromium.org

Bug: v8:7581
Change-Id: I6b20698e556ed3808f8b190f88cb700301825b54
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588432
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61129}
2019-04-30 16:36:20 +00:00
Clemens Hammacher
a30fd9ea92 Revert "[heap] Use normal marking write barrier for fixed array elements"
This reverts commit 7c42628676.

Reason for revert: Compile error on cfi: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20-%20cfi/20196

Original change's description:
> [heap] Use normal marking write barrier for fixed array elements
> 
> This simplifies the marking write barrier for elements to mark the
> values instead of revisiting the array.
> 
> Bug: chromium:918485
> 
> Change-Id: Id5da0d5b9ff8385a256fe14f4bf7171f9f6343e1
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588459
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Hannes Payer <hpayer@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61125}

TBR=ulan@chromium.org,hpayer@chromium.org,mlippautz@chromium.org

Change-Id: I8576fe00b19db906aa80ca9cb54c3b8cc95e3d97
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:918485
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590076
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61128}
2019-04-30 16:11:54 +00:00
Ross McIlroy
7d6f205209 [Test] Add PrepareForOptimization to cctests
BUG=v8:8801

Change-Id: I20e1b343f33293a5de3a8953650a26852126533a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588466
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Auto-Submit: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61127}
2019-04-30 15:49:02 +00:00
Mythri A
f0cf0b2862 [ic] Fix TraceIC to also work without feedback vector
TraceIC always expects a valid feedback vector to check for state
transitions. With lazy feedback allocations, it is possible that we don't
have feedback vectors. This cl fixes TraceIC to also work when there is no
feedback vector.

Bug: v8:8394
Change-Id: If7e40a9f16de7415e04a812440ccc0cfcf1cbc07
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584322
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61126}
2019-04-30 15:39:03 +00:00
Ulan Degenbaev
7c42628676 [heap] Use normal marking write barrier for fixed array elements
This simplifies the marking write barrier for elements to mark the
values instead of revisiting the array.

Bug: chromium:918485

Change-Id: Id5da0d5b9ff8385a256fe14f4bf7171f9f6343e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588459
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61125}
2019-04-30 15:31:22 +00:00
Frederik Gossen
5a0f0ebfad [wasm] Remove unused {UseLazyStubs}
Remove unused function {UseLazyStubs}. Lazy compile stubs are now set on
a per function basis. This made the function {UseLazyStubs} redundant.

Change-Id: I8e715d6a9774c39841219c04c42364fc2e964569
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588473
Commit-Queue: Frederik Gossen <frgossen@google.com>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61124}
2019-04-30 15:16:12 +00:00
Milad Farazmand
18c29ab939 PPC/s390: Reland "[ptr-compr] New RelocInfo for compressed pointers."
Port ed319e841c

Original Commit Message:

    Failure addressed by not exposing the new test to the jitless environment.
    (jgruber@ on TBR).

    New enum RelocInfo::COMPRESSED_EMBEDDED_OBJECT created to support
    compressed pointers in generated code. Enum name EMBEDDED_OBJECT
    changed to FULL_EMBEDDED_OBJECT.

    RelocInfo::[set_]target_object() abstract away the difference between
    FULL_EMBEDDED_OBJECT and COMPRESSED_EMBEDDED_OBJECT.

    Compressed embedded objects can only be created at this time on
    x64 with pointer compression turned on. Arm64 constant pools don't
    support compressed objects at this time.

R=mvstanton@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I8bdb5391fd2b2565d2fcaf6c806fcdbe1a1f27b2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1589862
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#61123}
2019-04-30 14:39:22 +00:00
Mythri A
41ef63df21 [Test] Add %PrepareForOptimization in tests
With bytecode flushing and lazy feedback allocation, we need to call
%PrepareForOptimization before we call %OptimizeFunctionOnNextCall

Bug: v8:8801, v8:8394
Change-Id: I81918f174b2f97cbaa8b8ef2e459080c2581f535
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588415
Commit-Queue: Mythri Alle <mythria@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61122}
2019-04-30 14:18:22 +00:00
Jakob Gruber
397f53ed0f [arm] Fix relative code target relocation
Relative code targets are emitted as pc-relative jumps. The
relocation delta must be subtracted (not added) from the branch
offset.

Before GC:

        |-------- branch offset --->|
 [host code object]                 [target code object]

After GC:

 |- delta ->|      |- new offset -->|
            [host code object]      [target code object]

See also the similar fix for mips in https://crrev.com/c/1581239.

Bug: v8:6666
Change-Id: Ie0867d98906d4a8daa7e335884f7a4d814333872
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1581260
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61121}
2019-04-30 14:05:45 +00:00
Yu Yin
61672d9d7d [mips] Fix build error after switch to CodeBuilder.
Fix several small compile problems which causes by
https://crrev.com/c/1585737.

Change-Id: I78a07d597db9d81d4a99aac08e257f380be8f7e6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1589202
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Yu Yin <xwafish@gmail.com>
Cr-Commit-Position: refs/heads/master@{#61120}
2019-04-30 13:50:03 +00:00
Michael Starzinger
8215f39860 [platform] Remove dead {OS::StrChr} wrapper.
Change-Id: Ifbf1b49d7caad9b050945b07065ee5ecb9d9f9e4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588470
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61119}
2019-04-30 13:47:51 +00:00
Sigurd Schneider
f0a4b252c8 Revert "[turbofan] Avoid raw InferReceiverMaps in JSCallReducer"
This reverts commit 9284ad5731.

Reason for revert: breaks blink tests:
https://ci.chromium.org/p/v8/builders/ci/V8-Blink%20Win/16839

Original change's description:
> [turbofan] Avoid raw InferReceiverMaps in JSCallReducer
> 
> Instead provide an abstraction that makes it hard to forget
> dealing with unreliable maps.
> 
> This also fixes a deopt loop in Function.prototype.bind and
> one in Array.prototype.reduce.
> 
> Bug: v8:9137
> Change-Id: If6a51182c8693a62e9fb6d302cec19b4d48e25cb
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578501
> Commit-Queue: Georg Neis <neis@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61106}

TBR=jarin@chromium.org,neis@chromium.org

Change-Id: I97e0f47fb82eda76656905a3f7cc494babd92be6
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9137
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588433
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61118}
2019-04-30 13:46:06 +00:00
Sigurd Schneider
febe3a10dd [regalloc] Enable control-flow aware allocation
We enable this feature to collect performance data; revert at will.

Bug: v8:9088
Change-Id: I57cd79707fe56ec5a2d6d5ee65b7ce24bda57773
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1585726
Auto-Submit: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61117}
2019-04-30 13:45:02 +00:00
Frederik Gossen
0ffd860e03 [wasm-hints] Unify Lazy Validation
Treat lazy functions the same no matter whether they are lazy due to
compilation hints or flags ({--wasm-lazy-compilation},
{--asm-wasm-lazy-compilation}). Test coverage is given by regression
tests 956771 and 956771b.

Bug: v8:9003
Change-Id: I123f83636f055fb142cd71f6cde88480f3c141bd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1585846
Commit-Queue: Frederik Gossen <frgossen@google.com>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61116}
2019-04-30 13:33:31 +00:00
Jaroslav Sevcik
da6ebfafad [turbofan] Handle -0 truncation in word32->float64 rep change.
This just adds the same case we already added in
https://chromium-review.googlesource.com/c/v8/v8/+/1478192
for conversions to tagged representation.

Bug: chromium:957559
Change-Id: I62a388ba47bd72d65fa07d0141362d7f1383c96e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588428
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61115}
2019-04-30 13:21:21 +00:00
Frederik Gossen
197b1d979c [wasm] Fix Wasm Lazy Compilation
Fix recognition of lazy functions when {--wasm-lazy-compilation} is
used.

Bug: chromium:956771
Change-Id: I3f9bb25ccf3920a6c3d266876faace8841dcdc61
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1585843
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Frederik Gossen <frgossen@google.com>
Cr-Commit-Position: refs/heads/master@{#61114}
2019-04-30 13:05:20 +00:00
Sigurd Schneider
0a0d70eb8c [builtins] Check for stack overflow in JSConstructStub
Bug: chromium:951322
Change-Id: Ibbc656c4a22adffc7d7df305541d4264a3b199ab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1583760
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61113}
2019-04-30 12:28:56 +00:00
Andreas Haas
c7627bbc8a [wasm] Refactor WasmTableObject::Grow
This CL refactors WasmTableObject::Grow to make it usable for the
table.grow instruction of WebAssembly.

The refactored version of WasmTableObject::Grow does additionally:
* Check if growing is possible
* Grow the FixedArray backing store of the table and initialize the new
  fields.
* Calculate the return value of WasmTableObject::Grow.

R=jkummerow@chromium.org

Bug: v8:7581
Change-Id: Ic6c867b96c30bd987ea281d5b3515a04bc5a3900
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588136
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61112}
2019-04-30 11:38:26 +00:00
Yang Guo
2e6b9f576c Revert "[test] Remove longer timeout on bots"
This reverts commit e632f8f45b.

Reason for revert: Seems to cause some timeouts to trigger failures: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20TSAN/26129

Original change's description:
> [test] Remove longer timeout on bots
> 
> CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_linux_gc_stress_dbg
> CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_linux_gcc_rel
> CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_linux64_msan_rel
> CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_linux64_tsan_rel
> CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_linux_arm64_dbg
> CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_mac64_asan_rel
> CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_win64_dbg
> CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_android_arm64_n5x_rel_ng
> CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_linux64_cfi_rel_ng
> CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_linux64_ubsan_rel_ng
> CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_linux_arm_lite_rel_ng
> CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_linux_noi18n_rel_ng
> CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_mac64_dbg_ng
> 
> Bug: v8:9145
> Change-Id: I6efee8579d9d9e0aad0431f6b87c152141d4ec7f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1581261
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Tamer Tas <tmrts@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61107}

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: I5e23aebc41e6ab15baa57093f7f056cdabd58f21
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9145
Cq-Include-Trybots: luci.v8.try:v8_linux_gc_stress_dbg, luci.v8.try:v8_linux_gcc_rel, luci.v8.try:v8_linux64_msan_rel, luci.v8.try:v8_linux64_tsan_rel, luci.v8.try:v8_linux_arm64_dbg, luci.v8.try:v8_mac64_asan_rel, luci.v8.try:v8_win64_dbg, luci.v8.try:v8_android_arm64_n5x_rel_ng, luci.v8.try:v8_linux64_cfi_rel_ng, luci.v8.try:v8_linux64_ubsan_rel_ng, luci.v8.try:v8_linux_arm_lite_rel_ng, luci.v8.try:v8_linux_noi18n_rel_ng, luci.v8.try:v8_mac64_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588425
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61111}
2019-04-30 11:01:39 +00:00
Peng Fei
1c4482ec3d [mips32] Fix the target address when relocate relative reference.
Change-Id: Ie44615daa6e0bef13a969cfb4fa62654ce31f448
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1581239
Commit-Queue: peng fei <pfgenyun@gmail.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61110}
2019-04-30 10:32:27 +00:00
Clemens Hammacher
cce8439f48 Remove sorting methods from Vector
Instead, use std::sort and std::stable_sort at the 3 (!) call sites
directly. This also removes the weird comparer adaptors from Vector,
which are only used in ZoneList.

R=jkummerow@chromium.org

Bug: v8:9183
Change-Id: I4d0377976fb0a965cb68a21d4307df9ba09fd55d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1587394
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61109}
2019-04-30 10:18:06 +00:00
Mike Stanton
9c938706a7 [ptr-compr] Fix build break with CodeBuilder
New RelocInfo test needs to adapt to the new pattern.

Change-Id: I09e531d099541511f94b929de647a3e3510f748f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588465
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61108}
2019-04-30 09:52:16 +00:00
Michael Achenbach
e632f8f45b [test] Remove longer timeout on bots
CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_linux_gc_stress_dbg
CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_linux_gcc_rel
CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_linux64_msan_rel
CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_linux64_tsan_rel
CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_linux_arm64_dbg
CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_mac64_asan_rel
CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_win64_dbg
CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_android_arm64_n5x_rel_ng
CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_linux64_cfi_rel_ng
CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_linux64_ubsan_rel_ng
CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_linux_arm_lite_rel_ng
CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_linux_noi18n_rel_ng
CQ_INCLUDE_TRYBOTS=luci.v8.try:v8_mac64_dbg_ng

Bug: v8:9145
Change-Id: I6efee8579d9d9e0aad0431f6b87c152141d4ec7f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1581261
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61107}
2019-04-30 09:50:26 +00:00
Georg Neis
9284ad5731 [turbofan] Avoid raw InferReceiverMaps in JSCallReducer
Instead provide an abstraction that makes it hard to forget
dealing with unreliable maps.

This also fixes a deopt loop in Function.prototype.bind and
one in Array.prototype.reduce.

Bug: v8:9137
Change-Id: If6a51182c8693a62e9fb6d302cec19b4d48e25cb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1578501
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61106}
2019-04-30 09:19:56 +00:00
Frederik Gossen
150a8abaf5 [test] Prevent Unintentionally Undefined Error Types
Ignore the error type in {assertThrows} only if it was not passed as an
argument. If users do not care about the error type they can user the
generic type {Error}. Before this change, an undefined error type would
simply be ignored. A simple typo could therefore disable the error type
assertion without being recognized.

Change-Id: I9becfd0bf14dcaa511854e65ff94f94481cc79b0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1585855
Commit-Queue: Frederik Gossen <frgossen@google.com>
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61105}
2019-04-30 08:43:06 +00:00
Mike Stanton
ed319e841c Reland "[ptr-compr] New RelocInfo for compressed pointers."
Failure addressed by not exposing the new test to the jitless environment.
(jgruber@ on TBR).

New enum RelocInfo::COMPRESSED_EMBEDDED_OBJECT created to support
compressed pointers in generated code. Enum name EMBEDDED_OBJECT
changed to FULL_EMBEDDED_OBJECT.

RelocInfo::[set_]target_object() abstract away the difference between
FULL_EMBEDDED_OBJECT and COMPRESSED_EMBEDDED_OBJECT.

Compressed embedded objects can only be created at this time on
x64 with pointer compression turned on. Arm64 constant pools don't
support compressed objects at this time.

NOPRESUBMIT=true

Bug: v8:7703
TBR: jgruber@chromium.org
Change-Id: Ifff53b041bab09b4b8c3e16085e5df4aa2b99f4f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588461
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61104}
2019-04-30 07:37:06 +00:00
v8-ci-autoroll-builder
da5b9a55ae Update V8 DEPS.
Rolling v8/build: c185a34..4087d63

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/d235eb2..5b26b37

Rolling v8/third_party/depot_tools: 6837707..e49aed3

Rolling v8/tools/clang: 396602c..210f1dc

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I7844de2802808ecbcc98c5ca80ebe8b0613b4395
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588730
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#61103}
2019-04-30 03:39:25 +00:00
Milad Farazmand
0875682600 PPC/s390: [cleanup] Use Vector::begin instead of Vector::start
Port 4b0f9c856e

Original Commit Message:

    Our {Vector} template provides both {start} and {begin} methods. They
    return exactly the same value. Since the {begin} method is needed for
    iteration, and is also what standard containers provide, this CL
    switches all uses of the {start} method to use {begin} instead.

    Patchset 1 was auto-generated by using this clang AST matcher:
        callExpr(
            callee(
              cxxMethodDecl(
                hasName("start"),
                ofClass(hasName("v8::internal::Vector")))
            ),
            argumentCountIs(0))

    Patchset 2 was created by running clang-format. Patchset 3 then
    removes the now unused {Vector::start} method.

R=clemensh@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I119532691af31a3db1107c47de8b6f0c84697b5c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588226
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#61102}
2019-04-29 21:36:34 +00:00
Jakob Kummerow
4349e32d4c [ubsan] Fix overflow in AdjustAmountOfExternalAllocatedMemory
Similar issue as crbug.com/933103, so the fix follows the same
pattern too.

No regression test, because it will OOM anyway.

Bug: chromium:957015
Change-Id: Ic5b67d84aa1c44609e6c96485974af9ecab2ed0e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1585854
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61101}
2019-04-29 20:36:39 +00:00
Benedikt Meurer
4995c85f28 [runtime] Optimize general object spread.
This adds a new %_CopyDataProperties intrinsic, that reuses most of the
existing machinery that we already have in place for Object.assign() and
computed property names in object literals. This speeds up the general
case for object spread (where the spread is not the first item in an
object literal) and brings it on par with Object.assign() at least - in
most cases it's significantly faster than Object.assign().

In the test case [1] referenced from the bug, the performance goes from

  objectSpreadLast: 3624 ms.
  objectAssignLast: 1938 ms.

to

  objectSpreadLast: 646 ms.
  objectAssignLast: 1944 ms.

which corresponds to a **5-6x performance boost**, making object spread
faster than Object.assign() in general.

Drive-by-fix: This refactors the Object.assign() fast-path in a way that
it can be reused appropriately for object spread, and adds another new
builtin SetDataProperties, which does the core of the Object.assign()
work. We can teach TurboFan to inline Object.assign() based on the new
SetDataProperties builtin at some later point to further optimize
Object.assign().

[1]: https://gist.github.com/bmeurer/0dae4a6b0e23f43d5a22d7c91476b6c0

Bug: v8:9167
Change-Id: I57bea7a8781c4a1e8ff3d394873c3cd4c5d73834
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1587376
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61100}
2019-04-29 18:47:19 +00:00
Suraj Sharma
57b30632d8 [torque] Convert few class layout definitions to torque.
Converted JSGlobalObject, JSIteratorResult, JSLocale, JSDateTimeFormat,
JSListFormat, JSNumberFormat, JSPluralRules, JSRelativeTimeFormat,
JSSegmenter, JSAsyncFromSyncIterator to torque.

Bug: v8:8952
Change-Id: Id912197054727815b481b2c683b93473bfcbd0c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1574491
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Suraj Sharma <surshar@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#61099}
2019-04-29 18:10:59 +00:00
Maciej Goszczycki
561b9b07fd [cleanup] Remove Movability from globals.h
It was once widely used throughout v8 but now there is no need for it
anymore.

Bug: v8:9183
Change-Id: Id766987d468383cf459414eb5edfdee71b83a60b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1585839
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61098}
2019-04-29 17:25:49 +00:00