Commit Graph

52566 Commits

Author SHA1 Message Date
Camillo Bruni
8e80210fe8 [log] Improve --trace-maps logging
Only log incrementally deserialized maps with --trace-maps instead of
iterating the whole heap and print all existing maps on every partial
deserialization for new contexts. This should greatly improve
performance of --trace-maps on websites with many iframes.

- Add helpers to share code: LogNewObjectEvents, LogScriptEvents,
  LogNewMapEvents
- Link AllocationSites before any GC

Change-Id: I5322421a83e057518f871540691511c80bc7786a
Reviewed-on: https://chromium-review.googlesource.com/c/1342029
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57874}
2018-11-27 14:02:25 +00:00
Sigurd Schneider
22f9a8e158 [tools] Improve locs.py
This CL fixes some style issues and improves json output for the LoC
counting script tools/locs.py.

Notry: true
Change-Id: I0805904e44ab240945ef88dd8214abb8ae02cf7d
Reviewed-on: https://chromium-review.googlesource.com/c/1352271
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57873}
2018-11-27 13:42:54 +00:00
Toon Verwaest
de20e6d3a8 [zone] Revert to previous zone allocation strategies due to severe memory regressions.
Unfortunately the previous strategy was slower but more memory efficient. For now simply revert.

Revert "[zone] Use 32kb instead of 1MB as high zone page size"
Revert "[zone] Get rid of the Zone's segment pool"
Revert "[zone] Further simplify zone expansion, use single default page size"

Bug: chromium:908359
Change-Id: I649542e7e61eef0c14a26ffd21039e8340ab4d04
Reviewed-on: https://chromium-review.googlesource.com/c/1351027
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57872}
2018-11-27 12:55:45 +00:00
Igor Sheludko
a31ffef811 [heap] Take expected OS page size into account for kStoreBufferSize
This CL fixes allocation size alignment violation when allocating store buffer.
If the actual CommitPageSize happens to be bigger than kMinExpectedOSPageSize
we will have a bit of memory wastage but that's a fair trade-off for having
fast store buffer overflow check in write barriers.

Change-Id: I1d775aa8b203cb198e8332477b0bc2befcd9b006
Reviewed-on: https://chromium-review.googlesource.com/c/1351007
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57871}
2018-11-27 12:46:58 +00:00
tzik
33ff811d86 Use NativeContext's embedder field for MicrotaskQueue
A pointer to MicrotaskQueue is stored in a NativeContext field as a Smi,
that is discouraged. This CL replaces it to use the dedicated field.

Bug: v8:8124
Change-Id: I5a770624b3a9c922051e86243da2ae216aaacf3a
Reviewed-on: https://chromium-review.googlesource.com/c/1351855
Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57870}
2018-11-27 12:26:53 +00:00
Michael Starzinger
64d373e51e [heap] Fix i-cache flushing operation order.
This unifies the order of i-cache flushing and permission changing
throughout V8. According to cctest/test-icache flushing after the
permission change is not robust on some ARM32 and ARM64 devices.

There have been observed failures of {TestFlushICacheOfExecutable} on
some devices. So far there haven't been any observed failures of the
corresponding {TestFlushICacheOfWritable} test.

Also the order of flushing before the permission change is the natural
order in which the GC currently performs operations. Until we see
concrete data substantiating the opposite, the following is the
supported and intended order throughout V8:

  exec -> perm(RW) -> patch -> flush -> perm(RX) -> exec

This CL tries to establish said order throughout the codebase.

R=ulan@chromium.org
TEST=cctest/test-icache
BUG=v8:8507,chromium:845877

Change-Id: Ic945082e643aa2d142d222a7913a99816aff4644
Reviewed-on: https://chromium-review.googlesource.com/c/1351025
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57869}
2018-11-27 12:16:43 +00:00
Toon Verwaest
cbe1cfa249 [scopes] Push unresolved variables at the back so we can MoveTail to rescope
Pushing unresolved variables at the front was an optimization for the case
where we didn't have an end pointer. That forces us to do an O(<new elements>)
walk to rescope variables. The implementation was more generic and even did
O(<all elements>). Now that we have an end pointer we can simply push at the
end and MoveTail which is O(1).

Change-Id: I65cd5752b432223d95cd529452a064d8dcc812e1
Reviewed-on: https://chromium-review.googlesource.com/c/1351010
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57868}
2018-11-27 11:55:46 +00:00
Toon Verwaest
0851de1023 [parser] Combine UnaryExpression and CountExpression behind single range-check
Change-Id: I8704003f05e74d55e724d669f5bbcef5c2214bf4
Reviewed-on: https://chromium-review.googlesource.com/c/1351018
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57867}
2018-11-27 11:54:41 +00:00
Camillo Bruni
7a3cb59fad Fix Reflect.construct with constructors without a prototype slot
Bug: chromium:907714
Change-Id: Ie8eacff1b12ec74faa392a1d2c8545f873ab13a1
Reviewed-on: https://chromium-review.googlesource.com/c/1351023
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57866}
2018-11-27 11:52:41 +00:00
Yang Guo
3a437ce47a Reland "Implement Faster MicrotaskQueue Step 2"
This is an attempt to reland https://crrev.com/1d726111ab7087a5, that
was reverted at https://crrev.com/0a820125230bec24.

Tbr: bmeurer@chromium.org
Bug: chromium:887920, v8:7253
Change-Id: I785417de7d0560b93bda5ade623fa5be3647d7dd
Reviewed-on: https://chromium-review.googlesource.com/c/1350530
Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57865}
2018-11-27 11:27:46 +00:00
Sigurd Schneider
ca39f55ae1 Revert "Use CopyElements (which uses memcpy) to copy FixedDoubleArray."
This reverts commit fac6f63eb8.

Reason for revert: https://bugs.chromium.org/p/chromium/issues/detail?id=907479

Original change's description:
> Use CopyElements (which uses memcpy) to copy FixedDoubleArray.
> 
> This improves the performance of ExtractFixedArray and
> CloneFastJSArray for double arrays, which in turn improve the
> performance of cloning double arrays with slice() or spreading.
> 
> This, however, does not improve performance of spreading holey
> double arrays, because spreading needs extra work to convert
> holes to undefined.
> 
> Bug: v8:7980
> Change-Id: Ib8aed74abbb0b06982a3b754e134fa415cb7de2d
> Reviewed-on: https://chromium-review.googlesource.com/c/1280308
> Reviewed-by: Michael Stanton <mvstanton@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Commit-Queue: Hai Dang <dhai@google.com>
> Cr-Commit-Position: refs/heads/master@{#56680}

TBR=mvstanton@chromium.org,neis@chromium.org,sigurds@chromium.org,dhai@google.com

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: v8:7980, chromium:907479
Change-Id: Iacf37fa3276345fe8e264fe976d296b015ed6790
Reviewed-on: https://chromium-review.googlesource.com/c/1351003
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57864}
2018-11-27 11:04:43 +00:00
Dan Elphick
a8152aac70 [cleanup] Move ReturnValue::Set to V8_DEPRECATED
Moves ReturnValue::Set from V8_DEPRECATE_SOON to V8_DEPRECATED now that
chromium no longer uses it.

Bug: v8:7289, v8:8238
Change-Id: Ib705f62dcaa508a8b42a67ed7eaafe7860e3e848
Reviewed-on: https://chromium-review.googlesource.com/c/1351020
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57863}
2018-11-27 10:53:03 +00:00
Ulan Degenbaev
276c56269f Add date range validity check to the date parser.
Now the parser rejects dates outside the [-8640e12ms, 8640e12ms] range
as specified by ES6 section 20.3.1.1.

Bug: chromium:908248, v8:7781
Change-Id: I3391ce7398c971d54794e5011564a0527794667a
Reviewed-on: https://chromium-review.googlesource.com/c/1350996
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57862}
2018-11-27 10:28:30 +00:00
Clemens Hammacher
2fd073764f Revert "[wasm] Add more unit tests for trap handler"
This reverts commit 4644b32e02.

Reason for revert: Link errors on win64: https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Win64%20-%20debug/25950

Original change's description:
> [wasm] Add more unit tests for trap handler
> 
> The unittests test if the trap handler only handles those traps it
> is supposed to handle:
> * Only handle traps when the thread-in-wasm flag is set.
> * Only handle traps of the right type, i.e. memory access violations.
> * Only handle traps at recorded instructions.
> 
> The tests also test the consistency of the thread-in-wasm flag. I made
> one change in the trap handler where that consistency could be
> violated.
> 
> All tests are executed with the default trap handler provided by V8,
> and with the trap handler callback installed in a test signal/exception
> handler.
> 
> Change-Id: I03904bb6effd2e8694d3f4d1fbf62bc38002646e
> Reviewed-on: https://chromium-review.googlesource.com/c/1340246
> Commit-Queue: Andreas Haas <ahaas@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#57858}

TBR=mstarzinger@chromium.org,ahaas@chromium.org,mark@chromium.org

Change-Id: Iac2f20c73744226885ea1810813863a21c5faf8c
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/1351021
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57861}
2018-11-27 10:26:41 +00:00
Clemens Hammacher
2cdd38e57a [wasm][test] Remove redundant function
The {setTableLength} method is redundant and has a single user. Remove
it, use {setTableBounds} instead.

Drive-by: Add default to the table max, to document that this can
actually be {undefined}, in which case the table has no maximum.

R=binji@chromium.org

Bug: v8:8238
Change-Id: I0d7a2f4d49d083f7adadbb4b6cd4933bcb1dc174
Reviewed-on: https://chromium-review.googlesource.com/c/1350126
Reviewed-by: Ben Smith <binji@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57860}
2018-11-27 10:13:32 +00:00
Ross McIlroy
a13550347f [Cleanup] Deprecate non-maybe versions of Function::New/Call
These functions have been marked V8_DEPRECATE_SOON for a long time,
now all uses have been removed from Chrome, mark them as deprecated.

BUG=v8:7290,v8:8238

Change-Id: If39a971a32b06ad3c32ce121db2effa23fce45fe
Reviewed-on: https://chromium-review.googlesource.com/c/1350124
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57859}
2018-11-27 10:03:20 +00:00
Andreas Haas
4644b32e02 [wasm] Add more unit tests for trap handler
The unittests test if the trap handler only handles those traps it
is supposed to handle:
* Only handle traps when the thread-in-wasm flag is set.
* Only handle traps of the right type, i.e. memory access violations.
* Only handle traps at recorded instructions.

The tests also test the consistency of the thread-in-wasm flag. I made
one change in the trap handler where that consistency could be
violated.

All tests are executed with the default trap handler provided by V8,
and with the trap handler callback installed in a test signal/exception
handler.

Change-Id: I03904bb6effd2e8694d3f4d1fbf62bc38002646e
Reviewed-on: https://chromium-review.googlesource.com/c/1340246
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57858}
2018-11-27 09:59:49 +00:00
Michael Achenbach
ac97d522f9 [test] Skip tests unsuitable for gc fuzzing
See:
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20NumFuzz%20-%20TSAN/3778

TBR=mslekova@chromium.org
NOTRY=true

Change-Id: I655a251a8c2364d0bc69b9b2e612967c29d49541
Reviewed-on: https://chromium-review.googlesource.com/c/1350999
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57857}
2018-11-27 09:11:41 +00:00
Michael Achenbach
369ff0767f [test] Bump shards on slow bot
NOTRY=true
TBR=sergiyb@chromium.org

Change-Id: I61597a265e5d98479cb88f5c8e01fed317044dd6
Reviewed-on: https://chromium-review.googlesource.com/c/1350998
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57856}
2018-11-27 09:06:28 +00:00
Daniel Clifford
1d08ecafbe [torque] Simplify and cleanup Cast and UnsafeCast
Change-Id: I57e21c5bc754ca07f52032f85ec8aeff96448dd0
Reviewed-on: https://chromium-review.googlesource.com/c/1342929
Commit-Queue: Daniel Clifford <danno@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57855}
2018-11-27 06:50:30 +00:00
v8-ci-autoroll-builder
524ab4e106 Update V8 DEPS.
Rolling v8/build: 2339062..076d347

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: Id8a3dca4c41f178d2e267bc4f0e066a22886de18
Reviewed-on: https://chromium-review.googlesource.com/c/1351247
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#57854}
2018-11-27 03:31:50 +00:00
Jakob Kummerow
0f581e4b99 [ubsan] Port Name/String/Symbol to the new design
Bug: v8:3770
Change-Id: I4da6404aa968adca1fbb49029fc304622101d6c3
Reviewed-on: https://chromium-review.googlesource.com/c/1349112
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57853}
2018-11-27 01:42:36 +00:00
Jakob Kummerow
fe0d26534c [cleanup] Drop ObjectSlot::Relaxed_Load(int, ...)
and Relaxed_Store(int, ...) by migrating the only call site
to using slot increment/decrement instead of offset calculations.
Also use SlotBase::location() more consistently.

Bug: v8:8238
Change-Id: I3099884a2a9e05041114205e7fb81691261afe19
Reviewed-on: https://chromium-review.googlesource.com/c/1349731
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57852}
2018-11-27 00:16:24 +00:00
Ben Smith
3896c04767 [wasm] Use uint32_t instead of unsigned
The style guide says that only `int` should be used of the builtin
integer types. Instead, we should use the stdint types.

See https://google.github.io/styleguide/cppguide.html#Integer_Types

Change-Id: I1af53a3bceefbfed85589b74a602c8ebe1c7ee25
Reviewed-on: https://chromium-review.googlesource.com/c/1342663
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57851}
2018-11-26 19:58:20 +00:00
Hannes Payer
9266bc2453 Reland: [heap] Release dead young generation large objects in the Scavenger.
This reverts commit 33713b5b61.

Bug: chromium:852420
Change-Id: I45f447b690af8534aeec8630a717abe92f4099f8
Reviewed-on: https://chromium-review.googlesource.com/c/1350997
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57850}
2018-11-26 19:47:20 +00:00
Hannes Payer
8930ad2bb9 [heap] Flip between large object and new large object allocation mode based on --young_generation_large_objects.
Bug: chromium:852420
Change-Id: I5bb03c6ab14b4e42988e917f7ca7d449d53723d8
Reviewed-on: https://chromium-review.googlesource.com/c/1350995
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57849}
2018-11-26 18:13:00 +00:00
Igor Sheludko
a86739187c [cleanup] Make Context independent of FixedArray
This CL makes it easier to organize the Context classes hierarchy and
simplifies Context class definition.

Bug: v8:8238
Change-Id: I65b8255daf255649c597dc195edf436d9471e3ea
Reviewed-on: https://chromium-review.googlesource.com/c/1350109
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57848}
2018-11-26 17:57:45 +00:00
Michael Lippautz
c32a378f48 [heap] Reland improvements for embedder tracing
Add a path into embedder tracing on allocation. This is safe as as Blink
is not allowed to call into V8 during object construction.

This is a reland of caed2cc033.

Also relands the cleanups of ce02d86bf2.

Bug: chromium:843903
Change-Id: Ic89792fe68337c540a1a93629aee2e92b8774ab2
Reviewed-on: https://chromium-review.googlesource.com/c/1350992
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57847}
2018-11-26 17:44:10 +00:00
Sergiy Belozorov
bf6b6fe6c9 [tools] Rename master.tryserver.blink:linux_trusty_blink_rel to luci.chromium.try:linux-blink-rel
TBR=machenbach@chromium.org

No-Try: true
No-Tree-Checks: true
Bug: chromium:868202
Change-Id: I0cfbd995d83733b30e58246b2faccc51379957a6
Reviewed-on: https://chromium-review.googlesource.com/c/1351017
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57846}
2018-11-26 16:52:36 +00:00
Ulan Degenbaev
1ad0cd560e Separate DescriptorArray from WeakFixedArray
This patch gives DescriptorArray its own visitor id and its
own layout that is independent from the layout of WeakFixedArray.
This allows us to use raw 16-bit integers for keeping track of
the number of descriptors (total, non-slack, and marked).

As a side-effect, we save one word per descriptor array on 64-bit.

v8:8486

Change-Id: If8389dde446319e5b3491abc948b52539dba235c
Reviewed-on: https://chromium-review.googlesource.com/c/1349245
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57845}
2018-11-26 16:41:20 +00:00
Ben L. Titzer
0397f782cd [wasm] Enable intrinsification of math imports
Flag flip to enable this feature.

R=mstarzinger@chromium.org

Bug: v8:8423
Change-Id: I59ee8c49c2f0323a32e8c7e6c9cf8d929b4a8bb4
Reviewed-on: https://chromium-review.googlesource.com/c/1349239
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57844}
2018-11-26 16:26:55 +00:00
George Wort
eb15bca2c4 [liftoff][arm] Implement Copy Sign
This implements copy sign for both the arm32 and arm64 port of Liftoff.

Bug: v8:6600
Change-Id: Ic822e75417c6b911a03e8e9a2d6d59a98fbc3d18
Reviewed-on: https://chromium-review.googlesource.com/c/1348430
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57843}
2018-11-26 16:25:50 +00:00
Hannes Payer
5ee0f0092d [heap] Fix space DCHECK in Scavenger::ScavengeObject to allow young generation LOs.
Bug: chromium:852420
Change-Id: I920c4ac8e66a7f29c28fcc62a0b1ea62370bdf5d
Reviewed-on: https://chromium-review.googlesource.com/c/1350993
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57842}
2018-11-26 16:16:45 +00:00
George Wort
883f5f3523 [liftoff][arm] Implement f64 functionality
This implements arithmetic operations on f64, as well as
conditional set for the arm32 port of Liftoff.

Bug: v8:6600
Change-Id: Ia060652e5292ed94da8a0ba656bddbcc13d9f610
Reviewed-on: https://chromium-review.googlesource.com/c/1348349
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57841}
2018-11-26 16:15:40 +00:00
Daniel Clifford
42130fd67a [builtins] Remove obsolete implementation of Array.prototype.slice
In the process, use the correct ArrayPrototype* naming convention for
the slice and splice builtins.

Change-Id: I1f85e5512dbde8f92e7c764aef9f137d0a6693e0
Reviewed-on: https://chromium-review.googlesource.com/c/1350869
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57840}
2018-11-26 16:01:56 +00:00
Mike Stanton
d1b2edbff1 Fix GcStress test failure.
CL "[Cleanup] String::GetChars() should assert against heap allocation"
was missing one DisallowHeapAllocation declaration.

(I had Michi look over the change, as the callstack actually comes from
 the garbage collector. Marja, I put you on TBR).

Thanks all..


TBR=marja@chromium.org

No-tree-checks: true
No-try: true
Bug: v8:8238
Change-Id: I71333124bc4bcef945430fc5242a516b6ed277ff
Reviewed-on: https://chromium-review.googlesource.com/c/1351013
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57839}
2018-11-26 15:44:15 +00:00
Clemens Hammacher
6476c47bd9 [wasm][fuzzer] Output table bounds and initializers
For indirect calls, we need to set up the tables correctly. This CL
adds this to the test case generation logic.

R=ahaas@chromium.org

Change-Id: I18a5a8e0659c46daec00d46d02fe50d5d94638d6
Reviewed-on: https://chromium-review.googlesource.com/c/1349985
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57838}
2018-11-26 15:37:00 +00:00
Clemens Hammacher
623f20ff6f [wasm][fuzzer] Fix test generation for indirect calls
Indirect calls rely on fixed signature indexes. Thus make test case
generation output the signatures exactly like they appear in the module.

R=ahaas@chromium.org

Change-Id: I80b088024da759ec87695363aeefb28685e1d704
Reviewed-on: https://chromium-review.googlesource.com/c/1350831
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57837}
2018-11-26 15:33:09 +00:00
Marja Hölttä
e8a1c25f6a [objects.h splitting] Move InstanceType and -Checker
BUG=v8:5402,v8:8238

Change-Id: Idd00fc664da8173612266ba7a976b383bb1f728e
Reviewed-on: https://chromium-review.googlesource.com/c/1349329
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57836}
2018-11-26 15:18:55 +00:00
Ben L. Titzer
99484e23cb [wasm] Intrinsify math imports
This CL adds new Wasm import call kinds that correspond to various
math functions that can be imported from JavaScript, such as trigonometry.
Instead of calling a special import wrapper that converts arguments
to tagged values by boxing, we can now generate calls to little WASM
stubs that contain a single WASM bytecode each.

R=mstarzinger@chromium.org
BUG=v8:8423

Change-Id: I59b1be2dd36d190a8b6c98b88c86cecc0ca7f4a2
Reviewed-on: https://chromium-review.googlesource.com/c/1349279
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57835}
2018-11-26 15:17:51 +00:00
Tobias Tebbi
5d6a735edc Revert "[turbofan] in-block scheduling: schedule non-effect-chain nodes late"
This reverts commit 41ad531f4f.

Reason for revert: https://crbug.com/907498

Original change's description:
> [turbofan] in-block scheduling: schedule non-effect-chain nodes late
> 
> By giving higher priority to processing non-effect-chain nodes, this
> changes the scheduling inside of basic blocks to place nodes before the
> latest possible effect chain node.
> 
> Change-Id: I8b130904a1bb2360b995eb9de4f471a911a4e388
> Reviewed-on: https://chromium-review.googlesource.com/c/1337743
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#57656}

TBR=mstarzinger@chromium.org,tebbi@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Change-Id: I76e57a25c157beed364455b0f1b55380305ef6c0
Reviewed-on: https://chromium-review.googlesource.com/c/1350989
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57834}
2018-11-26 15:16:46 +00:00
Leszek Swirski
4d15ce3f77 Remove extra no_gc declaration
No-tree-checks: true
No-try: true
Change-Id: I7f2d5806a94f381849e395f590f943eb8b1a0196
Reviewed-on: https://chromium-review.googlesource.com/c/1350994
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57833}
2018-11-26 15:15:40 +00:00
Michael Starzinger
19ddc1f142 [test] Fix jumbo build of test-icache test.
R=leszeks@chromium.org
TEST=cctest/test-icache

No-Tree-Checks: true
Change-Id: Ied26bb04d844a7585444a8bb48e12865133a4e81
Reviewed-on: https://chromium-review.googlesource.com/c/1350990
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57832}
2018-11-26 15:06:07 +00:00
Leszek Swirski
47daa48696 Reland "[parser] Perfect hash for keywords"
This is a reland of ca086a497c

Original change's description:
> [parser] Perfect hash for keywords
> 
> Use gperf to generate a perfect hash table for keyword lookup. Adds a
> python script which munges the output of gperf and adds additional
> cleanup and optimisations.
> 
> Change-Id: I3656a7287dbd0688917893de3a671faef9e4578a
> Reviewed-on: https://chromium-review.googlesource.com/c/1349240
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#57790}

Change-Id: Ifb53527ba3d0652ea4f5d03740f7c856ad5d91da
Reviewed-on: https://chromium-review.googlesource.com/c/1350121
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57831}
2018-11-26 14:10:24 +00:00
Camillo Bruni
9b8937c9d0 [parser] Clean up parser-base templatized types
Bug: v8:8238
Change-Id: I0f3b8336a63bb4e1859997b7b9f150f1e7b2d988
Reviewed-on: https://chromium-review.googlesource.com/c/1346338
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57830}
2018-11-26 14:06:19 +00:00
Andreas Haas
d86c7e4851 [d8] Make --stress-delay-tasks a d8-specific flag
The flag is only available in d8 and should therefore not be in
flag-definitions.h.

R=clemensh@chromium.org

Bug: v8:8238
Change-Id: Idd69914cea03e736cf3b156b5961d583a7b5352c
Reviewed-on: https://chromium-review.googlesource.com/c/1349244
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57829}
2018-11-26 14:05:14 +00:00
Benedikt Meurer
1bfb02471e [turbofan] Fix types of Promise#catch() and Promise#finally().
We cannot assign a meaningful type to Promise#catch() or
Promise#finally(), since they both return whatever the invocation of
'then' on the receiver returns, and that is monkeypatchable by arbitrary
user JavaScript.

Bug: chromium:908309, v8:7253
Change-Id: Ib15f81c366938a1b1f10be6c6af85c1f3374b898
Reviewed-on: https://chromium-review.googlesource.com/c/1350789
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57828}
2018-11-26 14:04:09 +00:00
Toon Verwaest
9dd8f4e7d8 [parser] Remove forward declarations for dead class DuplicateFinder
Change-Id: Ib584fa4fa38d1f042dc7220f516e35c0619ace45
Reviewed-on: https://chromium-review.googlesource.com/c/1350127
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57827}
2018-11-26 14:03:04 +00:00
Michael Starzinger
4458bef5d4 [test] Improve test-icache by running it iteratively.
R=ulan@chromium.org
BUG=v8:6792,v8:8157

Change-Id: Idf43b4dc74ad7ba89142f2480ed8632adf75f8ec
Reviewed-on: https://chromium-review.googlesource.com/c/1348069
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57826}
2018-11-26 14:01:59 +00:00
Aleksandar Rikalo
75a0133d83 MIPS[64]: Check for stack overflow when pushing arguments in JSConstructStubGeneric.
Addition to d056294.

Bug: chromium:896326
Change-Id: Ie76f6be778e963ad5205a99853f491b164dddf9a
Reviewed-on: https://chromium-review.googlesource.com/c/1349269
Reviewed-by: Predrag Rudic <prudic@wavecomp.com>
Reviewed-by: Sreten Kovacevic <skovacevic@wavecomp.com>
Commit-Queue: Sreten Kovacevic <skovacevic@wavecomp.com>
Cr-Commit-Position: refs/heads/master@{#57825}
2018-11-26 14:00:54 +00:00