Commit Graph

57108 Commits

Author SHA1 Message Date
Igor Sheludko
35918904f3 [runtime] Properly handle thin strings in sliced strings
... when querying internalized strings table and computing hash.

Bug: chromium:974612
Change-Id: I59eed1477c8893cd0ff3eae593da092492668614
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678418
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62416}
2019-06-27 11:49:19 +00:00
Hannes Payer
f7abd6264b [heap] Experiment: only compact on memory reducing GCs.
Bug: chromium:966832
Change-Id: If705f3b3a58f1fa316499fb7f645751fd1e6f8a3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1679507
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62415}
2019-06-27 11:42:29 +00:00
Dan Elphick
52065b86ba [compiler] Add a stress mode for lazy source positions
If --stress-lazy-source-positions is enabled then always collect source
positions after lazy compilation to try and flush out bytecode mismatch
bugs.

Bug: v8:8510
Change-Id: I895611c9fde2c4743d62951674277973def01d3c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1679502
Commit-Queue: Dan Elphick <delphick@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Auto-Submit: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62414}
2019-06-27 10:58:59 +00:00
Igor Sheludko
e8aaff965b [ptr-compr][cleanup] Inline trivial methods of ObjectBoilerplateDescription
... and add getters with Isolate parameter.

Bug: v8:9353, v8:9396
Change-Id: Iab1e4652859f0a8922af6243bac3caee0888df63
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1679503
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62413}
2019-06-27 10:32:44 +00:00
Santiago Aboy Solanes
b9ea69544e [ptr-compr] Add missing else on representation change
In https://chromium-review.googlesource.com/c/v8/v8/+/1621941 we added
missing representation changes. By changing the return to an assignation,
we forgot to include the (now needed) else.

Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Bug: v8:7703
Change-Id: Ibc54a24ea4430fd43d70251ef1a44ef15c06aa46
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678659
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62412}
2019-06-27 10:30:44 +00:00
Dan Elphick
a05bcc3afd Reland "Enable lazy source positions by default"
Second attempt to reland 69fafb5fe3
now that the maybe_assigned bug is fixed.

> Original change's description:
> Enable lazy source positions by default
>
> Also adds a compile time flag which allows the default to be configured
> so node can disable it since it hangs the node cpu profiler tests.
>
> Bug: v8:8510
> Change-Id: Idf4785036dc6242769410091518a67ac9179b718
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1491491
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62089}

Bug: v8:8510
Change-Id: Ia6d5d1d3a3c2b6a14c70ee67b02bec62a6a1a1d4
Cq-Include-Trybots: luci.v8.try:v8_linux_gc_stress_dbg, v8_linux64_gc_stress_custom_snapshot_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1679498
Commit-Queue: Dan Elphick <delphick@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62411}
2019-06-27 09:41:09 +00:00
Clemens Hammacher
d5b7d5b456 [wasm] Add counter for tier-up time
Additionally to the baseline compilation time, do also measure the time
it takes to tier up to TurboFan.
Since the {AsyncCompileJob} will be gone after baseline compilation,
the timing has to be done via a separate callback, which will survive
until after top-tier compilation.

R=ahaas@chromium.org
CC=jwd@chromium.org

Bug: chromium:978425
Change-Id: I7914173191c8a7a2aeb47343973d4034010047a4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678362
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62410}
2019-06-27 09:40:04 +00:00
Andreas Haas
a1f8153092 [wasm] Import table only after checks
With recent spec changes (I think in the bulk memory proposal),
WebAssembly instances exist and can be used even when instantiation
itself fails. Therefore the order of checks and assignents during
instantiation may matter. That's why I move the table import after the
checks of the import in this CL.

Note that I'm not aware that this is a problem yet. I think in the worst
case this CL has no effect. In the best case it helps.

R=clemensh@chromium.org

Bug: v8:9396
Change-Id: I83998ff98bded443b3f015cee778fa29a3374534
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678656
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62409}
2019-06-27 09:30:34 +00:00
Zhang, Shiyu
d82b2455ae [intl] Speed up String.prototype.localCompare via compareUTF8
The localeCompare for ASCII chars needs to expand the string contents
from one-byte representation into two-byte representation, which
requires memory copy. This CL skips the representation conversion by
using compareUTF8. It can improve the JetStream2 cdjs case by 21% on
my machine.

Change-Id: I3841dc700e36744aadd9a1ff9fa7d93c84dc04fd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1624705
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62408}
2019-06-27 09:13:44 +00:00
Leszek Swirski
e79751b3c1 [parser] Always mark shadowed vars maybe_assigned
If there was an assignment to a maybe-shadowing dynamic variable,
then the shadowing variable would be marked maybe_assigned, but the
maybe-shadowed variable would stay unchanged. This meant that in
non-shadowing cases, the not-actually-shadowed variable would have
the wrong maybe_assigned state, and e.g. would break context
specialization.

This patch pessimistically unconditionally sets maybe_assigned on
variables shadowed by a dynamic variable in a `with` scope. This
marking can cause false positives and sub-optimal optimization for
some functions with 'with' blocks, but it's also the simplest fix
for this issue which doesn't affect performance in the common case
of no 'with' blocks.

Bug: v8:9394
Change-Id: I6924bd7d48dda61232aa9d72c39df1c76c665c67
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678365
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62407}
2019-06-27 08:26:02 +00:00
Michael Achenbach
efdd3e5564 [test] Update comment about adding more swarming attributes.
NOTRY=true
TBR=tmrts@chromium.org

Bug: chromium:978771
Change-Id: I997d212344af2e3940d5220349485685ba04040c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678360
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62406}
2019-06-27 08:21:12 +00:00
Sigurd Schneider
fc00693dba Revert "[codegen] Swap using xchgq rather than three movq on x64"
This reverts commit a8fccd95ec.

Reason for revert: We'd need to investigate on a range of hardware
generations to assess if this is a good change; in general new 
hardware (intel 9th gen / amd ryzen) seems to be happier with 
xchg, while older hardware is not happy with xchg.

Original change's description:
> [codegen] Swap using xchgq rather than three movq on x64
> 
> R=​sigurds@chromium.org
> 
> Change-Id: Icd6e66b9bb23ca0dbf9fc5fe5c737a0bc3056a89
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678359
> Auto-Submit: Thibaud Michaud <thibaudm@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62386}

TBR=sigurds@chromium.org,thibaudm@chromium.org

Change-Id: I8dc84d0899e6cbeccbca2cc557da9fb97c8d4bc8
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1679495
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62405}
2019-06-27 08:18:03 +00:00
Thibaud Michaud
468d5be753 Revert "[codegen] Use xchg instead of push/pop for swap"
This reverts commit c1ea574e16.

Reason for revert: We'd need to investigate on a range of hardware
generations to assess if this is a good change; in general new
hardware (intel 9th gen / amd ryzen) seems to be happier with
xchg, while older hardware is not happy with xchg.

Original change's description:
> [codegen] Use xchg instead of push/pop for swap
>
> R=​sigurds@chromium.org
>
> Change-Id: Id22a44fa15827d5c076496d872fe3be7da360b5e
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678356
> Auto-Submit: Thibaud Michaud <thibaudm@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62383}

TBR=sigurds@chromium.org,thibaudm@chromium.org

Change-Id: Ieecbbc21fa7094fdfd190b266f6d8486ee8611b8
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1679494
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62404}
2019-06-27 08:16:44 +00:00
Jaroslav Sevcik
a8070482c8 [turbofan] Serialize bytecode array for concurrent graph building.
We also introduce a subclass of AbstractBytecodeArray to allow access
to the off-heap copy of bytecode array from the bytecode iterator.

Note that not all bytecode iterators have been converted to iterate
the off-heap copy; in particular, bytecode analysis still iterates
the on-heap bytecode array.

Bug: v8:7790
Change-Id: Icc1b0adb5f63d7cfe94286311f64f209067bbfd5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1672931
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62403}
2019-06-27 07:08:11 +00:00
Z Nguyen-Huu
fc8c4ef27e Implement fastpath for proxy trap setPrototypeOf
ObjectSetPrototypeOf and ReflectSetPrototypeOf are now Torque builtins (previously CPP) and the Proxy path is implemented completely in Torque while everything else calls into runtime (and is thus a bit slower than previously).

Perf improvement in micro-benchmark JSTests/Proxies
Before:
SetPrototypeOfWithoutTrap-Proxies(Score): 120
SetPrototypeOfWithTrap-Proxies(Score): 112

After:
SetPrototypeOfWithoutTrap-Proxies(Score): 131
SetPrototypeOfWithTrap-Proxies(Score): 127

Bug: v8:6664
Change-Id: I630096e1964c91d1ec39e19f380a2e9e948de4bb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1669787
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62402}
2019-06-27 07:03:51 +00:00
Yang Guo
9f8561be3d Reland "[debugger] Expose reference to the function in debug-evaluate"
This is a reland of 8de427fae8

Original change's description:
> [debugger] Expose reference to the function in debug-evaluate
>
> R=verwaest@chromium.org
>
> Bug: chromium:878723
> Change-Id: Ic07f75f15230018b6d19cd1ee21f4be6dcad6360
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1667408
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Commit-Queue: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62385}

TBR=jgruber@chromium.org

Bug: chromium:878723
Change-Id: I0386655a9b2632d2d9438e674d4205ce5e5365f5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1679490
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62401}
2019-06-27 06:09:22 +00:00
Nico Hartmann
84b07695c0 Disables flaky test-heap/Regress615489
Bug: v8:9400
Change-Id: I98123cba0c81d5a7437d0ad08cfac1b3a366bc0e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678357
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62400}
2019-06-27 05:57:31 +00:00
v8-ci-autoroll-builder
8cd074ebc7 Update V8 DEPS.
Rolling v8/build: fa4e56c..deba8b5

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/304e510..d16c410

Rolling v8/third_party/depot_tools: 2cfafaf..788d9e0

TBR=machenbach@chromium.org,sergiyb@chromium.org,tmrts@chromium.org

Change-Id: Ib9f322499b6d3253beb951467fefa1b38cac59fe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1679668
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#62399}
2019-06-27 03:55:29 +00:00
Michael Achenbach
ca39b76399 [test] Bump shards on slow mac builder
NOTRY=true
TBR=tmrts@chromium.org

Change-Id: I2529fde85060571d0fd73e81e384948ef4cbd880
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678662
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62398}
2019-06-26 20:23:06 +00:00
Jakob Kummerow
881c9b8c05 [cleanup] Drop some occurrences of Isolate::Current
Just the low-hanging fruit. There is more to do.

Bug: v8:2487
Change-Id: Ia9afa32797960f6c4c7c4fa0f39c70efc63663e6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1669698
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62397}
2019-06-26 19:39:21 +00:00
Harley Li
be729136be Fix: console message only has the 1st argument
Bug: chromium:967927
Change-Id: Id84f8ebd1ecbad1b3d1fc41ec5d35a497e1ce506
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649174
Commit-Queue: Harley Li <hhli@chromium.org>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62396}
2019-06-26 19:38:16 +00:00
Francis McCabe
38863fc08c Revert "[debugger] Expose reference to the function in debug-evaluate"
This reverts commit 8de427fae8.

Reason for revert: Seems to be causing GC memory issues:
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20nosnap%20-%20debug/24545


But, also see: 7440edae1d

Original change's description:
> [debugger] Expose reference to the function in debug-evaluate
> 
> R=​verwaest@chromium.org
> 
> Bug: chromium:878723
> Change-Id: Ic07f75f15230018b6d19cd1ee21f4be6dcad6360
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1667408
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Commit-Queue: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62385}

TBR=yangguo@chromium.org,jgruber@chromium.org,verwaest@chromium.org

Change-Id: I099f7b2f40e8afdddc50201a8929950b2f4ac1e2
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:878723
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678401
Reviewed-by: Francis McCabe <fgm@chromium.org>
Commit-Queue: Francis McCabe <fgm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62395}
2019-06-26 17:52:08 +00:00
Georg Schmid
eaf2a23bc7 [objects] Migrate kHoleNanInt64 unboxed doubles to uninitialized values during boilerplate serialization
Boilerplate values may possess an unboxed double field filled with the kHoleNan64Int sentinel value, which indicates that the field is uninitialized. When a boilerplate value migrates away from the unboxed double representation to a tagged one, we should replace the sentinel value by the proper uninitialized oddball value.

This fixes an issue with JSCreateLowering::AllocateFastLiteral not detecting const stores of uninitialized values properly.

R=bmeurer@chromium.org, jarin@chromium.org

Bug: chromium:976598
Change-Id: I6bb216c0618a3105e6c8cfc04b1900d2f83a52ce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1674034
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Georg Schmid <gsps@google.com>
Cr-Commit-Position: refs/heads/master@{#62394}
2019-06-26 15:51:39 +00:00
Z Nguyen-Huu
55c33c015e Object.preventExtensions should return object even if object is proxy.
According to spec https://tc39.es/ecma262/#sec-object.preventextensions, the commit 8e0ef9b9a0 is missing the last step when object is proxy, it needs to return the object.
var proxy = new Proxy({}, {});
var object = Object.preventExtensions(proxy);
proxy === object; // should be true

Also, add mjsunit test.

Bug: v8:6664
Change-Id: Ic3688519539f8903ee0bc7e885905a86d195a4db
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1668443
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62393}
2019-06-26 15:36:34 +00:00
Irina Yatsenko
6056c0dc4a Make adding crash keys thread safe
Bug: chromium:977893
Change-Id: Ibd4be9b9ce13bcb8aca4b6ac6d7a1c56a01e39d9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1676606
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Irina Yatsenko <irinayat@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#62392}
2019-06-26 15:35:29 +00:00
Igor Sheludko
b2d47f24d2 [ptr-compr] Add getters with Isolate to fixed array-like and JSObject
Bug: v8:9353
Change-Id: I740b2987da1719af6c3d4a6471e7f047801cfd5b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678368
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62391}
2019-06-26 15:32:29 +00:00
Andreas Haas
5870236e96 [wasm][cleanup] Use getters in IndirectFunctionTableEntry::CopyFrom
This makes the code easier to read, and will also be helpful for the
extension to multiple indirect function tables.

R=clemensh@chromium.org

Bug: v8:9396
Change-Id: Idba143611e13f6b6cfc0e9d6c6f380ee3566db80
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678476
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62390}
2019-06-26 15:25:49 +00:00
Johannes Henkel
00e389d238 [DevTools] V8StackTrace: Add the ability to limit the max async depth...
... when building inspector objects.

This is useful in Chromium, when recording the initiator information
for navigations.

See https://chromium-review.googlesource.com/c/chromium/src/+/1674885

Change-Id: Ib9ddcaf05586ca1f48a31921a20ab11a703ec7b0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1677381
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Commit-Queue: Johannes Henkel <johannes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62389}
2019-06-26 15:17:19 +00:00
Sigurd Schneider
e3793ef554 [turbolizer] Don't show empty gaps in sequence view
Also show constant for ArchNops that encode assigning from a
constant.

Change-Id: I84590005dda62ebf445aada57f826f5ffcd5a802
Bug: v8:7327
Notry: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1672943
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62388}
2019-06-26 14:58:29 +00:00
Clemens Hammacher
3b329c5b17 [x64] Use AVX instructions consistently if available
For float to int conversions and vice versa the MacroAssembler on x64
was using a mix of AVX and non-AVX instructions.
This CL fixes that to consistently use AVX if available.

R=jkummerow@chromium.org

Change-Id: I3aecda9b99881254b24949ced5bed870fdc2a754
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678361
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62387}
2019-06-26 14:19:20 +00:00
Thibaud Michaud
a8fccd95ec [codegen] Swap using xchgq rather than three movq on x64
R=sigurds@chromium.org

Change-Id: Icd6e66b9bb23ca0dbf9fc5fe5c737a0bc3056a89
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678359
Auto-Submit: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62386}
2019-06-26 14:11:30 +00:00
Yang Guo
8de427fae8 [debugger] Expose reference to the function in debug-evaluate
R=verwaest@chromium.org

Bug: chromium:878723
Change-Id: Ic07f75f15230018b6d19cd1ee21f4be6dcad6360
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1667408
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62385}
2019-06-26 13:49:45 +00:00
Junliang Yan
7d0b12101a PPC: fix offset overflow on misaligned load
Offset adjustment on misaligned loads causes offset to be
overflow. This fixes it by using ldx if the new offset overflows.

Change-Id: Ib0fd339c127b70d5cbc9096b54480eb4355e753c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678396
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Auto-Submit: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#62384}
2019-06-26 13:19:05 +00:00
Thibaud Michaud
c1ea574e16 [codegen] Use xchg instead of push/pop for swap
R=sigurds@chromium.org

Change-Id: Id22a44fa15827d5c076496d872fe3be7da360b5e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678356
Auto-Submit: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62383}
2019-06-26 13:11:25 +00:00
Mike Stanton
bc427c404f [Turbofan] Promise brokerization improvement
We only need to save the native context scope info object to
properly brokerize promise call reductions, rather than
adding the field to each ContextRef.

Bug: v8:7790
Change-Id: Id13dc8505972123cf77a50573c816c9a913686e3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678416
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62382}
2019-06-26 13:07:55 +00:00
Nico Hartmann
9f061823bf Reland "[TurboFan] Fast path for JSAdd with BigInt feedback"
This is a reland of 5ff38bae08

Original change's description:
> [TurboFan] Fast path for JSAdd with BigInt feedback
> 
> This CL introduces the necessary infrastructure to generate speculative
> BigInt operations in case of BigInt feedback. In particular, the JSAdd
> operator is lowered to a speculative call to the  BigIntAdd builtin,
> with a deopt bailout in case of exceptions or violated assumptions.
> 
> Bug: v8:9213
> Change-Id: I05796336eef9a4389fc31d59cad2d69f75512647
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1657916
> Commit-Queue: Nico Hartmann <nicohartmann@google.com>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62362}

Bug: v8:9213
Change-Id: Ic0caf7aab2103b8f5e22a504427e8604cc894d75
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1677209
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@google.com>
Cr-Commit-Position: refs/heads/master@{#62381}
2019-06-26 12:41:57 +00:00
Igor Sheludko
933bb6e579 [ptr-compr] Use TaggedField<> in READ/WRITE macros
... instead of [Maybe]ObjectSlot.

Bug: v8:9353
Change-Id: I9747da70895e459882a83d06cc20a13b8519e500
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678196
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62380}
2019-06-26 12:30:05 +00:00
Junliang Yan
e62c82826d [inspector] fix typo in fromUTF16LE and cleanup test
Bug: v8:9355
Change-Id: I42a683f9480435499e603083e844a47150ae57c8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1676244
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#62379}
2019-06-26 11:50:31 +00:00
Igor Sheludko
b20ecdbd67 [ptr-compr][cleanup] Cleanup TaggedField<>::store() implementation
When concurrent marking is on then normal stores to tagged fields must
be relaxed stores.

Bug: v8:9396
Change-Id: Id1189a6c7df5ae8e9e5dc4dad653d35bdd109c5e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1677207
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62378}
2019-06-26 11:21:51 +00:00
Leszek Swirski
9c1363e5ad [map] Update map in PrepareForDataProperty
Deprecated maps might not be updated before being passed to
PrepareForDataProperty. If the target map is a dictionary map,
then adding the data property can fail.

As a drive-by, remove the dead ForTransitionHandler code, which
was another (potentially unsafe) caller of PrepareForDataProperty

Bug: chromium:977012
Change-Id: I894bbc9bca2001555474a3570eb03fe6b0f69ddd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1674029
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62377}
2019-06-26 10:17:41 +00:00
Jakob Gruber
ff5a3e3d86 [scanner] Use JSRegExp::Flags instead of v8::RegExp::Flags
There's no reason to use the API RegExp type instead of the internal
JSRegExp type. In fact, the parsed flags end up in
Runtime_CreateRegExpLiteral, which assumes them to be of type
JSRegExp::Flags.

Drive-by: Additional asserts and helper functions in JSRegExp.

Bug: v8:9359
Change-Id: I5c12aba7d4e39a4891fb23d8b47c55fc480a28d9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1667004
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62376}
2019-06-26 10:15:11 +00:00
Igor Sheludko
2a440bb295 [ptr-compr] Use [DECL|DEF]_GETTERS macros (part 1)
... for defining isolate-full getters.

Bug: v8:9353
Change-Id: I91aa11bfe41ab61b2fa72c21018fc38753a846bd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1676286
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62375}
2019-06-26 09:54:21 +00:00
Mathias Bynens
eb0dd1da71 Remove always-true --harmony-global runtime flag
It shipped in Chrome 71.

Bug: v8:5537
Change-Id: Ia78c58dc0af941ec87c05c933419f7e93d2b26f8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1675951
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Auto-Submit: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62374}
2019-06-26 09:47:14 +00:00
Igor Sheludko
0edbb7a372 [ptr-compr][cleanup] Add DECL_GETTER and DEF_GETTER macros
... instead of ISOLATELESS_GETTER for declaring and defining getters
and predicates that have to deal with decompression of tagged fields.

The new macro eases introduction of isolate-full getters.

Bug: v8:9353
Change-Id: Ic63baea819a9320c5677f5bd7dda123d7334d80f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1676285
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62373}
2019-06-26 09:35:52 +00:00
Igor Sheludko
90975cd4bc [ptr-compr][x64] Tweak isolate root bias value and decompression code
... in order to improve quality of C++ assembly.

This CL also switches C++ code to use branchful decompression.

Bug: v8:9353
Change-Id: Id6a5cc5db2ad729b4394cd541a7ec8035c0d4571
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1677204
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62372}
2019-06-26 09:24:06 +00:00
Sathya Gunasekaran
45561dc465 Move message-template to src/common
Change-Id: I8e6f10d6a5cba981134b44fda1a8ae3a4ea0fc97
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1675959
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62371}
2019-06-26 09:19:16 +00:00
Mike Stanton
386ff6e5d6 [TurboFan] Serializing context information
In TurboFan, context specialization is an optimization that tries to
either replace the load of a value from the context with a constant,
or if that can't be achieved, at least reduce the hops up the
context chain by starting a walk to the required depth from the
first constant context that it can reach.

Currently, this optimization is performed by looking into the
heap during a reducer pass. With fully concurrent TurboFan, we
need to instead gather information about contexts we may want
to perform this optimization on during serialization.

This CL adds functionality to the serializer to recognize and
model operations that affect the context register. We add to the
hinting structure already used by the serializer. There is
a new type of hint: a VirtualContext. This is a tuple consisting
of a handle to a Context, and a distance field that indicates how
far away in a to-be-realized chain this VirtualContext sits from
the context in the handle. For example:

bytecode stream:
...
CreateBlockContext
...

After a block context is created, the accumulator now contains
a VirtualContext Hint with a distance of 1 from any context hints
that we are keeping track of in the current context register.

More details in the design doc here:
https://docs.google.com/document/d/1Y0LKKCEenLWyAZTetoAIpKTZRCxaNdkYV8X1GaCax2A/edit?usp=sharing

Change-Id: I63732ebd106cc138fb1e9789d0676ece63e15d27
Bug: v8:7790
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1605941
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62370}
2019-06-26 08:25:53 +00:00
Sigurd Schneider
5de719d43a [BUILD] Check for inconsistent build configuration
This makes sure that BUILDING_V8_SHARED and USING_V8_SHARED are not
both set at once.

Change-Id: Iba3a4fac37518b6ec3658da4575453a7967ece0f
Bug: v8:8855
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627978
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62369}
2019-06-26 08:00:23 +00:00
Jakob Gruber
4c156936e8 [regexp] Allow JSRegExpResult allocations in large object space
Large regexp results may exceed kMaxRegularHeapObjectSize and must
thus be allocated in large object space.

Drive-by: Rename '%InNewSpace' to '%InYoungGeneration'.

Bug: chromium:976627
Change-Id: I38b5aecb95a95cf2fdbb24d19550cec34361a09d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1674027
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62368}
2019-06-26 07:50:33 +00:00
Clemens Hammacher
d105428754 [wasm] Add counters for asynchronous compile time
We currently only sample synchronous compilation via
"V8.WasmCompileModuleMicroSeconds.wasm". This adds a similar counter
for asynchronous and streaming compilation. Both use the
{AsyncCompileJob}, which now records the start time of compilation and
records a sample when baseline compilation finished.
The sample will only be taken if a high-resolution clock is available.

R=ahaas@chromium.org
CC=jwd@chromium.org

Bug: chromium:978425
Change-Id: I4b083a8ebba685a1cc8fa87bfe30e9a0943e3394
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1675963
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62367}
2019-06-25 20:35:08 +00:00