Commit Graph

37842 Commits

Author SHA1 Message Date
mtrofin
caa1d4b262 [wasm] Managed<T> ensures T's lifetime does not leak past Isolate's
Native resources allocated by v8, as internal implementation detail,
and held by a Foreign object, must be released when the Isolate is
torn down. Example: wasm::WasmModule allocated by wasm compile, and
held throughout the lifetime of the WebAssembly.Module object.

This change:
- Extends Managed<CppType> with a mechanism for doing just that
- Separates the role of Managed<CppType> to be strictly an owner of
the lifetime of the native resource. For cases where that's not
desirable, we can polymorphically use Foregin.
- moves managed.h out of wasm, since it's not wasm-specific.

BUG=680065

Review-Url: https://codereview.chromium.org/2676513008
Cr-Commit-Position: refs/heads/master@{#43350}
2017-02-21 17:23:38 +00:00
Michael Achenbach
a49ff6abb7 [foozzie] Add better default configs for correctness fuzzing
This should make http://crbug.com/694535 quiet.

BUG=chromium:694535
NOTRY=true
TBR=mstarzinger@chromium.org,jarin@chromium.org

Change-Id: I268c810662b274b45842aa22d840330b5c984277
Reviewed-on: https://chromium-review.googlesource.com/445645
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43349}
2017-02-21 17:01:01 +00:00
bbudge
9fe0b4c708 [V8] Implement SIMD Boolean vector types to allow mask registers.
- Adds new machine types SimdBool4/8/16 for the different boolean vector types.
- Adds a kSimdMaskRegisters flag for each platform. These are all false for now.
- Removes Create, ExtractLane, ReplaceLane, Equal, NotEqual, Swizzle and Shuffle
  opcodes from the Boolean types. These are unlikely to be well supported natively,
  and can be synthesized using Select.
- Changes the signature of Relational opcodes to return boolean vectors.
- Changes the signature of Select opcodes to take boolean vectors.
- Updates the ARM implementation of Relational and Select opcodes.

LOG=N
BUG=v8:4124

Review-Url: https://codereview.chromium.org/2700813002
Cr-Commit-Position: refs/heads/master@{#43348}
2017-02-21 16:45:30 +00:00
Leszek Swirski
fd596007f2 [everywhere] Custom representation for frame type
Use an opaque format for the frame type marker on the stack, where the
marker is simply shifted left by 1 instead of being a Smi. This allows
us to generate simpler code for frame initialisation, as we can push a
smaller value, decreasing the prologue by 4 bytes and one instruction.

Drive-by: Use the same format for JsFrameMarker.

Change-Id: I812dde9b37869fe20de4148a665d06cf23ce7372
Reviewed-on: https://chromium-review.googlesource.com/443426
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43347}
2017-02-21 16:13:55 +00:00
Michael Lippautz
c65e620237 [heap] Be more restrictive about fast promotion mode
Exclude memory reducing scenarios and apply minimum percentage to absolute
sizes wrt. capacity rather then relative survival rate.

R=ulan@chromium.org
BUG=chromium:693413

Change-Id: I30cac99a2ce72227e269d72f52a459d4be6234a5
Reviewed-on: https://chromium-review.googlesource.com/445737
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43346}
2017-02-21 15:06:34 +00:00
Michael Lippautz
5738535ee0 [interpreter/fcg] Remove support for optimizing away memento creation
FCG implemented an optimziation which could avoid emitting a memento if the
memento was only needed for transitioning. This optimization is currently
turned off as we always run with pretenuring. Since this optimization will not
be ported to Ignition for now, we just remove the support from FCG.

Disabling allocation site pretenuring will then not make FCG and Iginition
diverge in their behavior.

BUG=chromium:693413

Change-Id: I69aea73426fc69d48e1fe6ed13caaf28f9cfb32f
Reviewed-on: https://chromium-review.googlesource.com/445258
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43345}
2017-02-21 15:04:47 +00:00
Michael Starzinger
875ccb48ff [turbofan] Fix missing name check for keyed global load.
This fixes a missing name check for keyed property loads targeting the
global object where the feedback was warmed up with a single name. This
affects {JSLoadProperty} nodes only, syntactic global property loads via
the {JSLoadGlobal} operator are not affected.

R=bmeurer@chromium.org
TEST=mjsunit/regress/regress-crbug-694416
BUG=chromium:694416

Change-Id: I54aa3f27eaa72630539f02602ec7642b04835b27
Reviewed-on: https://chromium-review.googlesource.com/445224
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43344}
2017-02-21 14:51:07 +00:00
mythria
0b709628de [Debugger] Add a ReturnValueScope to correctly handle return values in nested debug breaks.
Decouples return value handling from DebugScope when handling nested break
statements. Return values are handled in ReturnValueScope. This would correctly
reset the return_values when exiting the break statements.

BUG=v8:688950

Review-Url: https://codereview.chromium.org/2702343003
Cr-Commit-Position: refs/heads/master@{#43343}
2017-02-21 13:45:36 +00:00
ulan
fbee722c91 [heap] Notify GC on potentially unsafe object layout changes.
During concurrent marking we need special handling of object layout
changes that remove tagged in-object fields or replaces them with
untagged in-object fields.

This patch adds a function for notifying object layout changes and
verification code that is triggered on each map change in runtime.

BUG=chromium:694255

Review-Url: https://codereview.chromium.org/2702303002
Cr-Commit-Position: refs/heads/master@{#43342}
2017-02-21 11:03:48 +00:00
clemensh
a182f8d510 Define illegal zone_allocator constructor only for MSVS
It turns out that the default constructor of allocators used in
standard containers is still needed in MSVS 2015.
This CL defines the constructor only when compiling on windows.

R=bbudge@chromium.org

Review-Url: https://codereview.chromium.org/2708593004
Cr-Commit-Position: refs/heads/master@{#43341}
2017-02-21 10:18:41 +00:00
neis
b0c7a0fc6d [compiler] Refine typing of NumberShiftRightLogical.
Use the type of the RHS to compute a more precise output type.  In
particular, if the RHS is, say, 1, we now know that the result is a
subtype of Unsigned31.

R=jarin@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2706763003
Cr-Commit-Position: refs/heads/master@{#43340}
2017-02-21 09:48:08 +00:00
neis
99d618193a [compiler] Cleanup: Move DCHECK into ChangeToPureOp.
R=jarin@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2703113003
Cr-Commit-Position: refs/heads/master@{#43339}
2017-02-21 09:46:17 +00:00
gdeepti
684323b45c [wasm] Identify wasm functions with index into the function tables.
Currently, the default name for wasm functions in generated code is 'wasm', tag wasm functions with the index into the function table to identify functions. Snippets of sample output with --print-code below.

Before:
--- Code ---
kind = WASM_FUNCTION
name = wasm
compiler = turbofan

After:
--- Code ---
kind = WASM_FUNCTION
name = wasm#200
compiler = turbofan

R=mtrofin@chromium.org

Review-Url: https://codereview.chromium.org/2690113012
Cr-Original-Commit-Position: refs/heads/master@{#43296}
Committed: 5fc3ac29e4
Review-Url: https://codereview.chromium.org/2690113012
Cr-Commit-Position: refs/heads/master@{#43338}
2017-02-21 09:30:24 +00:00
v8-autoroll
c6ce410fbf Update V8 DEPS.
Rolling v8/build: 3e739fd..769428e

Rolling v8/third_party/catapult: 84a7af6..71c4c9a

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Change-Id: I238047fb122635854895bc7a6cc3c5fae9c00790
Reviewed-on: https://chromium-review.googlesource.com/445456
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43337}
2017-02-21 04:19:35 +00:00
mtrofin
b40d44ecc1 [wasm] Embedder can control what buffers wasm compilation works on.
Two controls, one for instantiation and one for compilation. They allow
the embedder (e.g. Chrome) check properties of the parameters of those
two operations, and decide if they are allowed to continue.

For example, Chrome may now decline compilation of certain size buffers,
in synchronous cases; same for instantiation (where the buffer size
refers to the size of the buffer containing wasm wire bytes)

BUG=v8:5981

Review-Url: https://codereview.chromium.org/2699843003
Cr-Original-Commit-Position: refs/heads/master@{#43295}
Committed: d9bc0ffb16
Review-Url: https://codereview.chromium.org/2699843003
Cr-Commit-Position: refs/heads/master@{#43336}
2017-02-21 03:43:14 +00:00
littledan
2b9840d86f [SAB] Move Atomics builtins to C++
This patch refactors the Atomics builtins so that they are implemented
as C++ builtins rather than experimental JS builtins. Previously, each
of these functions called out to a runtime function, so no significant
change in performance is anticipated. The goal of this patch is to
remove the last user of experimental JS builtins so that the mechanism
can be removed, for performance reasons. The patch includes a drive-by
fix of a check-fail. For the most part, the patch is just moving code
without modification from runtime-atomics.cc to
builtins-sharedarraybuffer.cc .

BUG=v8:5880

Review-Url: https://codereview.chromium.org/2698813004
Cr-Commit-Position: refs/heads/master@{#43335}
2017-02-20 22:08:52 +00:00
Michael Lippautz
2fe02ed40b Reland "[heap] Add histogram counter for young generation handling"
This reverts commit 9a407a4383.

BUG=chromium:693413

Change-Id: I469dbba6b45982f3a083b30546c60e5dacc5d8a2
Reviewed-on: https://chromium-review.googlesource.com/445198
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43334}
2017-02-20 18:28:29 +00:00
Caitlin Potter
f5609a6c54 [builtins] refactor ArrayIncludes using TF_BUILTIN
Use TF_BUILTIN() to implement ArrayIncludes(). It's easier on the eyes and
easier to read.

BUG=v8:3575
R=cbruni@chromium.org, ishell@chromium.org

Change-Id: I9cbe395829f0fcc7d01ba28ed7b5a2007c52cae3
Reviewed-on: https://chromium-review.googlesource.com/444830
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43333}
2017-02-20 17:42:25 +00:00
titzer
7f672535e6 [wasm] Move decoding constants out of wasm-module.h and into module-decoder.h
R=clemensh@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2703243002
Cr-Commit-Position: refs/heads/master@{#43332}
2017-02-20 17:42:02 +00:00
Michael Lippautz
9a407a4383 Revert "[heap] Add histogram counter for young generation handling"
This reverts commit 17ef406da1.

Reason for revert: <INSERT REASONING HERE>

Original change's description:
> [heap] Add histogram counter for young generation handling
> 
> BUG=chromium:693413
> 
> Change-Id: I6c6bc62e7f2c702be2462e4b0c3704fabf44f9d2
> Reviewed-on: https://chromium-review.googlesource.com/445156
> Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#43316}

TBR=ulan@chromium.org,mlippautz@chromium.org,hpayer@chromium.org,v8-reviews@googlegroups.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:693413

Change-Id: I38b293d6594278370ec0c5cb20234811b48086f6
Reviewed-on: https://chromium-review.googlesource.com/445179
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43331}
2017-02-20 16:53:01 +00:00
Michael Lippautz
33766a8c71 Revert "[heap] Add prefix for young generation handling use counter"
This reverts commit 2c7f32e21c.

Reason for revert: <INSERT REASONING HERE>

Original change's description:
> [heap] Add prefix for young generation handling use counter
> 
> R=​ulan@chromium.org
> BUG=chromium:693413
> 
> Change-Id: Ie8e6a5e20e904b81228b67f33c976569e305872c
> Reviewed-on: https://chromium-review.googlesource.com/445157
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#43319}

TBR=ulan@chromium.org,mlippautz@chromium.org,v8-reviews@googlegroups.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:693413

Change-Id: If5d545d98f61931301ccf4166aa2acab82bdf4ca
Reviewed-on: https://chromium-review.googlesource.com/445178
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43330}
2017-02-20 16:50:48 +00:00
ishell
58a374bc34 [ic] Cleanup stub cache.
BUG=

Review-Url: https://codereview.chromium.org/2710513003
Cr-Commit-Position: refs/heads/master@{#43329}
2017-02-20 16:42:49 +00:00
Marja Hölttä
7a457c711b [parser] Skipping inner funcs: params part 5
Handle eval in default parameters.

BUG=v8:5516
R=vogelheim@chromium.org

Change-Id: Ib6543a4aef9a3cc9636e65d0337bc269c8a079dc
Reviewed-on: https://chromium-review.googlesource.com/444747
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43328}
2017-02-20 16:37:24 +00:00
dusan.simicic
38affafd35 MIPS[64]: Skip float-constant-folding tests
qNaN and sNaN values have different binary representation on MIPS
compared to ARM/x86 architectures. We are skipping these tests because
we can't provide specific NaNs encodings from ARM/x86 architectures.

BUG=

Review-Url: https://codereview.chromium.org/2702213003
Cr-Commit-Position: refs/heads/master@{#43327}
2017-02-20 16:21:49 +00:00
Michael Starzinger
e9a750b5e1 Revert "[turbofan] Handle comparison operations in early lowering."
This reverts commit f967d3e9de.

Reason for revert: Tanks Mandreel again. Needs investigation.

Original change's description:
> [turbofan] Handle comparison operations in early lowering.
> 
> This handles comparison operations (equality and relational) having
> number feedback during the early type-hint lowering (i.e. during graph
> construction).
> 
> R=​bmeurer@chromium.org
> 
> Change-Id: I97afd6c0d78a790ce38b731f2532ca18d812a32c
> Reviewed-on: https://chromium-review.googlesource.com/444766
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#43315}

TBR=mstarzinger@chromium.org,bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Change-Id: Iec335827fe841ac6f1bd45ce095d0a741b2ff5b5
Reviewed-on: https://chromium-review.googlesource.com/445177
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43326}
2017-02-20 16:06:00 +00:00
Michael Starzinger
3d157f7ff6 [turbofan] Extend LoopVariableOptimizer to speculative ops.
This extends the matching of arithmetic operations against the loop
induction variable to speculative number operations (on top of the
existing JS-level operations). This is needed now that lowering to
speculative operations is done during graph construction.

R=jarin@chromium.org
BUG=chromium:693035

Change-Id: I7c3f71af92b5c059f1d7b3b7f2d3b4a73d7dc43d
Reviewed-on: https://chromium-review.googlesource.com/445196
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43325}
2017-02-20 15:54:00 +00:00
clemensh
a690aa2994 [wasm] Refactor code specialization / patching
All patching logic is now bundled in one compilation unit.
The CodeSpecialization object is set up by all relocation and patching
that should be applied, and then be run on individual code objects or
the whole instance in one go. We hence only need to iterate all
relocation tables exactly once at instantiation.
Also, we do not patch contexts any more since we do not embed them in
generated code any more.

R=titzer@chromium.org
BUG=v8:5991

Review-Url: https://codereview.chromium.org/2696143006
Cr-Commit-Position: refs/heads/master@{#43324}
2017-02-20 15:52:16 +00:00
Caitlin Potter
6746227291 [builtins] fix incorrect return value in ArrayIncludes
Take runtime path if startIndex parameter requires a ToInteger() call,
which can modify the elements kind of the receiver.

This removes a stub call from the builtin, and simplifies code slightly.

BUG=v8:5986
R=bmeurer@chromium.org, cbruni@chromium.org

Change-Id: Id238a81ab8ba28621858004b34d00a4356b8037f
Reviewed-on: https://chromium-review.googlesource.com/445006
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#43323}
2017-02-20 14:41:25 +00:00
clemensh
7a91e3c69c [wasm] Add JSToWasmWrapperCache to reuse generated wrapper code
The generated code for JSToWasm wrappers only depends on the signature
of the exported function. Hence, we can reuse the generated code and
just patch the reference to the called wasm code.

For the unity-wasm benchmark, we reach a hit rate of 98.07% for this
cache, and only 395 instead of 20471 wrappers are compiled. This brings
down instantiation time from 2.9s to 1.6s on a MBP.

R=titzer@chromium.org

Review-Url: https://codereview.chromium.org/2705993002
Cr-Commit-Position: refs/heads/master@{#43322}
2017-02-20 13:20:01 +00:00
tebbi
d8ccbd693c [turbofan] escape analysis bugfixes that got reverted with https://codereview.chromium.org/2680973013/
R=bmeurer@chromium.org

Review-Url: https://codereview.chromium.org/2701403003
Cr-Commit-Position: refs/heads/master@{#43321}
2017-02-20 13:18:52 +00:00
Michael Lippautz
3cf5edae90 [heap] Fix fast promotion mode computation
Bailout didn't happen if we decided to shrink newspace at the end of a
Mark-Compact GC.

BUG=chromium:693413

Change-Id: Ia4acf565c836b188655773e74083f9151e4ab30b
Reviewed-on: https://chromium-review.googlesource.com/445176
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43320}
2017-02-20 13:15:36 +00:00
Michael Lippautz
2c7f32e21c [heap] Add prefix for young generation handling use counter
R=ulan@chromium.org
BUG=chromium:693413

Change-Id: Ie8e6a5e20e904b81228b67f33c976569e305872c
Reviewed-on: https://chromium-review.googlesource.com/445157
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43319}
2017-02-20 12:56:28 +00:00
bmeurer
fc3312255f [turbofan] Unify NodeProperties::InferReceiverMaps.
Unify the three different implementations of InferReceiverMaps, which
were basically copy&paste with slightly different optimizations applied
later into a single NodeProperties::InferReceiverMaps helper, which also
returns a ZoneHandleSet of maps, rather than only a single map.

BUG=v8:5267
R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2703133003
Cr-Commit-Position: refs/heads/master@{#43318}
2017-02-20 12:54:03 +00:00
yangguo
46290669d1 [serializer] allow duplicate API external references.
Due to link-time optimizations functions with same code
can be folded into one, resulting in duplicate references.

R=jochen@chromium.org, peria@chromium.org
BUG=chromium:617892

Review-Url: https://codereview.chromium.org/2707903002
Cr-Commit-Position: refs/heads/master@{#43317}
2017-02-20 12:52:53 +00:00
Michael Lippautz
17ef406da1 [heap] Add histogram counter for young generation handling
BUG=chromium:693413

Change-Id: I6c6bc62e7f2c702be2462e4b0c3704fabf44f9d2
Reviewed-on: https://chromium-review.googlesource.com/445156
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43316}
2017-02-20 12:00:59 +00:00
Michael Starzinger
f967d3e9de [turbofan] Handle comparison operations in early lowering.
This handles comparison operations (equality and relational) having
number feedback during the early type-hint lowering (i.e. during graph
construction).

R=bmeurer@chromium.org

Change-Id: I97afd6c0d78a790ce38b731f2532ca18d812a32c
Reviewed-on: https://chromium-review.googlesource.com/444766
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43315}
2017-02-20 11:59:00 +00:00
jgruber
3acc00a017 [regexp] Fix smi receiver in stack accessors
info.This returns a Local<Object>, which results in a call to
Utils::OpenHandle<JSReceiver>.  Casting to a Local<Value> first uses the
correct OpenHandle<Object> overload.

BUG=chromium:693500

Review-Url: https://codereview.chromium.org/2706833002
Cr-Commit-Position: refs/heads/master@{#43314}
2017-02-20 11:48:10 +00:00
Toon Verwaest
f9c5997c86 [parser] Directly keep track of the scope stack on the parser again.
By now lazy allocation of block scopes probably doesn't make that much sense anymore, since the memory overhead significantly reduced. Not indirecting scope() over ScopeState is faster, which is more important at this point.

BUG=v8:5209

Change-Id: I2968f01252769e7b1198a0a0876765a06ab0d3bd
Reviewed-on: https://chromium-review.googlesource.com/445025
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43313}
2017-02-20 11:15:16 +00:00
titzer
9dae92066e [wasm] Fix fuzzer size calculation
R=ahaas@chromium.org, mythria@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2702123003
Cr-Commit-Position: refs/heads/master@{#43312}
2017-02-20 11:06:50 +00:00
Marja Hölttä
6b5f7d23dc [parser] Skipping inner funcs: add tests for strict mode.
BUG=v8:5516
R=vogelheim@chromium.org

Change-Id: I7a39e49cc569b87064e5ac6764f4e3a65b2c6d11
Reviewed-on: https://chromium-review.googlesource.com/444765
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43311}
2017-02-20 10:56:12 +00:00
titzer
df834f3ff2 [wasm] Split the compilation and instantiation API into sync and async methods.
This makes it easier to implement asynchronous compilation by hiding all the implementation details of both synchronous and asynchronous compilation within wasm-module.cc, whereas before the code in wasm-js.cc actually implemented asynchronous compilation in terms of synchronous.

BUG=

Review-Url: https://codereview.chromium.org/2695813005
Cr-Commit-Position: refs/heads/master@{#43310}
2017-02-20 10:41:57 +00:00
dcheng
db624fc4d7 Always early return from HandleApiCallHelper on access check failure.
BUG=693695

Review-Url: https://codereview.chromium.org/2702123002
Cr-Commit-Position: refs/heads/master@{#43309}
2017-02-20 10:07:05 +00:00
danno
1b3c4afcad Revert of [interpreter] Create custom call opcodes for specific argument counts (patchset #13 id:240001 of https://codereview.chromium.org/2684993002/ )
Reason for revert:
Due to arm64 failures

Original issue's description:
> [interpreter] Create custom call opcodes for specific argument counts
>
> Specifically, add bytecodes for Call0, Call1, Call2, CallProperty0, CallProperty1,
> and CallProperty2. Also share the bytecode handler code between between
> equivalent CallX and CallPropertyX handlers.
>
> Review-Url: https://codereview.chromium.org/2684993002
> Cr-Commit-Position: refs/heads/master@{#43290}
> Committed: 00d6f1f80a

TBR=rmcilroy@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.

Review-Url: https://codereview.chromium.org/2709533002
Cr-Commit-Position: refs/heads/master@{#43308}
2017-02-20 09:51:19 +00:00
Toon Verwaest
872a5fce74 Reimplement TraceIC using the logger
BUG=

Change-Id: Ib7cc2a04a7c8e314e1f4a8720eef569a6a4a3b18
Reviewed-on: https://chromium-review.googlesource.com/444406
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43307}
2017-02-20 09:50:40 +00:00
dcheng
40b74d04da Make CreationContext() not crash when there is no creation context.
Remote objects don't have a creation context.

BUG=527190

Review-Url: https://codereview.chromium.org/2693203003
Cr-Commit-Position: refs/heads/master@{#43306}
2017-02-20 09:47:14 +00:00
Igor Sheludko
a0e6e9af66 [crankshaft] Remove unused code related to hydrogen code stubs.
BUG=

Change-Id: Ib82400e3a1b9d58257b26b8a5d7d22f5822d7a6c
Reviewed-on: https://chromium-review.googlesource.com/445084
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43305}
2017-02-20 09:45:33 +00:00
Igor Sheludko
c6b57edc04 [crankshaft][turbofan] Compilers' part of constant field tracking.
The constant field tracking is still disabled.

BUG=v8:5495

Change-Id: I543fe50b82e2255bbf200ea785ec53e3623e30cb
Reviewed-on: https://chromium-review.googlesource.com/440924
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43304}
2017-02-20 09:05:55 +00:00
hablich
1bbbfb42d5 Revert of [wasm] Embedder can control what buffers wasm compilation works on. (patchset #3 id:60001 of https://codereview.chromium.org/2699843003/ )
Reason for revert:
Introduces a new test failure/flake: https://build.chromium.org/p/client.v8/builders/V8%20Linux/builds/16427

Original issue's description:
> [wasm] Embedder can control what buffers wasm compilation works on.
>
> Two controls, one for instantiation and one for compilation. They allow
> the embedder (e.g. Chrome) check properties of the parameters of those
> two operations, and decide if they are allowed to continue.
>
> For example, Chrome may now decline compilation of certain size buffers,
> in synchronous cases; same for instantiation (where the buffer size
> refers to the size of the buffer containing wasm wire bytes)
>
> BUG=v8:5981
>
> Review-Url: https://codereview.chromium.org/2699843003
> Cr-Commit-Position: refs/heads/master@{#43295}
> Committed: d9bc0ffb16

TBR=bradnelson@chromium.org,titzer@chromium.org,mtrofin@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=v8:5981

Review-Url: https://codereview.chromium.org/2701413002
Cr-Commit-Position: refs/heads/master@{#43303}
2017-02-20 08:01:01 +00:00
hablich
96afb852bc Revert of [wasm] Identify wasm functions with index into the function tables. (patchset #7 id:110001 of https://codereview.chromium.org/2690113012/ )
Reason for revert:
Introduces a new test failure/flake: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20debug/builds/13707

Original issue's description:
> [wasm] Identify wasm functions with index into the function tables.
>
> Currently, the default name for wasm functions in generated code is 'wasm', tag wasm functions with the index into the function table to identify functions. Snippets of sample output with --print-code below.
>
> Before:
> --- Code ---
> kind = WASM_FUNCTION
> name = wasm
> compiler = turbofan
>
> After:
> --- Code ---
> kind = WASM_FUNCTION
> name = wasm#200
> compiler = turbofan
>
> R=mtrofin@chromium.org
>
> Review-Url: https://codereview.chromium.org/2690113012
> Cr-Commit-Position: refs/heads/master@{#43296}
> Committed: 5fc3ac29e4

TBR=mtrofin@chromium.org,gdeepti@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.

Review-Url: https://codereview.chromium.org/2708593002
Cr-Commit-Position: refs/heads/master@{#43302}
2017-02-20 07:53:25 +00:00
v8-autoroll
56bb134f72 Update V8 DEPS.
Rolling v8/build: 6d17aae..3e739fd

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Change-Id: Ibb3a878d44b3fd56e95bbfa608500761c882bd21
Reviewed-on: https://chromium-review.googlesource.com/444426
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43301}
2017-02-20 04:22:06 +00:00