Commit Graph

46021 Commits

Author SHA1 Message Date
Michael Achenbach
ce286f2106 [foozzie] Migrate more harness adjustments to V8 repo
This adds printing on failures to compare output when correctness fuzzing.

TBR=yangguo@chromium.org
NOTRY=true

Bug: chromium:813833
Change-Id: I0280561392f6614960608db4e93341552c716142
Reviewed-on: https://chromium-review.googlesource.com/934843
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51529}
2018-02-23 17:12:07 +00:00
Junliang Yan
11805b137d PPC/s390: [turbofan] Masking/poisoning in codegen (optimized code, arm)
Port 2579951648

Original Commit Message:

    This introduces masking of loads with speculation bit during code generation.
    At the moment, this is done only under the
    --branch-load-poisoning flag, and this CL enlarges the set of supported
    platforms from {x64} to {x64, arm}.

    Overview of changes:
    - new register configuration configuration with one register reserved for
      the speculation poison/mask (kSpeculationPoisonRegister).
    - in codegen, we introduce an update to the poison register at the starts
      of all successors of branches (and deopts) that are marked as safety
      branches (deopts).
    - in memory optimizer, we lower all field and element loads to PoisonedLoads.
    - poisoned loads are then masked in codegen with the poison register.
      * only integer loads are masked at the moment.

R=tebbi@chromium.org, joransiu@ca.ibm.com, bjaideep@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: Idda9bf06133d8999290cda5bcf6333c064b3e6dc
Reviewed-on: https://chromium-review.googlesource.com/927163
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#51528}
2018-02-23 16:52:47 +00:00
Michael Achenbach
a988f2ecde Revert "[CQ] Temporarily drop gcc bots from CQ"
This reverts commit e234176b95.

Reason for revert: goma problem fixed

Original change's description:
> [CQ] Temporarily drop gcc bots from CQ
> 
> NOTRY=true
> NOTREECHECKS=true
> TBR=yangguo@chromium.org
> 
> Bug: chromium:814810
> Change-Id: Ibf9d5d637f4e98a295d0cde6632679c77c3a4eb3
> Reviewed-on: https://chromium-review.googlesource.com/931921
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#51478}

TBR=machenbach@chromium.org,yangguo@chromium.org

Change-Id: Ifb4af81d4ccb784ec724d6ca4ab351f1df0db755
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:814810
Reviewed-on: https://chromium-review.googlesource.com/934801
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51527}
2018-02-23 16:48:58 +00:00
jgruber
1ee80ebab0 Remove unused runtime functions
The list of runtime function use counts was generated with:

$ grep -o '^ *F(\w*' src/runtime/runtime.h | sed 's/^ *F(//' | sort | while read f; do USE_COUNT=$(git grep "\(Runtime::k\|Runtime::kInline\|%\|%_\)$f" | wc -l); echo $USE_COUNT $f; done

This reduces libv8.so size by 59K on an x64 release build.

Bug: v8:7310
Change-Id: Ib4d097e63ed065f41bf73e9529e4354575be5229
Reviewed-on: https://chromium-review.googlesource.com/934272
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51526}
2018-02-23 16:47:52 +00:00
Mythri
61d653c99b [Interpreter] Use CSA::Select instead of branches
CSA::Select makes the code compact and cleaner. Use it instead of
branches.

Bug: v8:7310
Change-Id: I3694b5ab5f8085c60266a4ad02640075005f4f94
Reviewed-on: https://chromium-review.googlesource.com/934509
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51525}
2018-02-23 16:44:52 +00:00
Clemens Hammacher
0237747a70 [Assembler][x64] Pass Operand by value
The Operand class is small enough to be efficiently passed by value.
This saves binary size and performance because the Operand does not need
to be emitted to the caller's frame and loaded in the callee.
Binary saving is 30kB in release mode on x64.

R=mstarzinger@chromium.org

Bug: v8:7310
Change-Id: Ibad9d438ace23cfe8e4641bd48063ab7035656f4
Reviewed-on: https://chromium-review.googlesource.com/934137
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51524}
2018-02-23 16:33:02 +00:00
Marja Hölttä
bdec7137ec [iwyu] Fixes related to isolate.h
BUG=v8:7490, v8:7310

Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I2eb6897d9dcc72cc6f399a8752b9f30d7d7010f8
Reviewed-on: https://chromium-review.googlesource.com/934504
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51523}
2018-02-23 16:03:37 +00:00
Sigurd Schneider
bcb5d45210 [turbofan] Introduce StringSubstring operator
Adding the StringSubstring simplified operator is a precursor to
improve inlining of String.p.{substr,substring,slice}.
This also contains a drive-by renaming to normalize different
spellings of 'Substring'.

Bug: v8:7250, v8:7340
Change-Id: I89e0fbafeab80f5d2f3ef348a5303d32c0abfe0a
Reviewed-on: https://chromium-review.googlesource.com/919084
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51522}
2018-02-23 15:51:57 +00:00
Sigurd Schneider
b47bf130a4 [cleanup] Remove unused monkey patches
A.p.includes can now replace monkey-patched A.p.contains.

Bug: v8:7310, v8:7327
Change-Id: Ibbd6c5526322599c06f5485471cf6a6361b082b9
Reviewed-on: https://chromium-review.googlesource.com/934265
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51521}
2018-02-23 15:13:57 +00:00
jgruber
190680401f [deoptimizer] Support off-heap code in deoptimizer
The deoptimizer can create argument adaptor frames, in which case we
write a return address onto the stack that jumps into the middle of
the ArgumentsAdaptorTrampoline builtin. Now that this builtin is
off-heap, we need to calculate the return address based on the
off-heap instruction stream, not the on-heap trampoline.

Bug: v8:6666
Change-Id: I55b27fe8b0573f6c6ae66375850352f71bdff618
Reviewed-on: https://chromium-review.googlesource.com/934202
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51520}
2018-02-23 14:35:12 +00:00
Sigurd Schneider
0165432e20 [cleanup] Rename Word to Int32/IntPtr depending on context
Bug: v8:7310
Change-Id: I3b9832c7090d5c4b2f425f85095b0d7bae29fbfd
Reviewed-on: https://chromium-review.googlesource.com/934321
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51519}
2018-02-23 14:34:07 +00:00
jgruber
97adad01a3 [heap] Support off-heap code in address-to-code lookups
Off-heap code may have pc values that are not within
[instruction_start, instruction_end]. Handle these kinds of objects in
heap Code lookup functions.

Bug: v8:6666
Change-Id: Ib7a58f962ef6311c48234e506a35485fd5966814
Reviewed-on: https://chromium-review.googlesource.com/934184
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51518}
2018-02-23 14:31:07 +00:00
Marja Hölttä
f8569ff38a [data structures] Fix ZoneChunkList some more.
Currently, pop_back() doesn't update size. Fix that.

BUG=v8:7489

Change-Id: If11d2ddcaae3223289c168c1e6e1ad94d6775516
Reviewed-on: https://chromium-review.googlesource.com/934456
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51517}
2018-02-23 14:20:07 +00:00
Peter Marshall
aaa1d27153 [turbofan] Add a constructor frame state for promise constructors.
This fixes issues where the stack track contained 'Promise' but
not 'new'.

Bug: v8:7253
Change-Id: I840fcc0a76e2376aab0b64d321f5cf8ccc672956
Reviewed-on: https://chromium-review.googlesource.com/928762
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51516}
2018-02-23 14:06:17 +00:00
Peter Marshall
5621814e0b [CSA] Fix the typed verison of Select to strictly check types.
Previously, typing errors would be hidden by the SloppyTNode cast. Both
lambdas should always return strictly checked types that match the
templated type of the select, otherwise unchecked values can reach
TNodes.

Bug: v8:7479
Change-Id: Icd316c21a30c8c8305b7740c985efaa54c9a7015
Reviewed-on: https://chromium-review.googlesource.com/934455
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51515}
2018-02-23 13:56:37 +00:00
Sigurd Schneider
53e00e3900 Reland "[turbofan] Move String.* functions to JSCallReducer"
This is a reland of 3ff4b44735.

Original version did not handle V8_INTL_SUPPORT.

Original change's description:
> [turbofan] Move String.* functions to JSCallReducer
>
> Bug: v8:7250, v8:7340
> Change-Id: Ibb8d5badf89c66bd9bcb6bb390256ae81d0e899c
> Reviewed-on: https://chromium-review.googlesource.com/913208
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#51505}

Bug: v8:7250, v8:7340
Change-Id: Id908cbcfaa9e9cf5459d6d3289e6ec00e387d287
Reviewed-on: https://chromium-review.googlesource.com/934268
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51514}
2018-02-23 13:43:28 +00:00
jgruber
481c21e0f4 [builtins] Add IsOffHeapSafe predicate and test
Off-heap-safety slightly differs from isolate-independence in that it
allows external references and checks instruction-size constraints.

This adds the new predicate as well as a cctest verifying it. New
DCHECKs are introduced to document assumptions and upcoming work.

Note that this breaks the --stress-off-heap-code flag. Fixes will
follow in upcoming CLs.

Bug: v8:6666
Change-Id: If4f3e0f4428bacc8d293cd864b9b07b81679c423
Reviewed-on: https://chromium-review.googlesource.com/934183
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51513}
2018-02-23 13:26:13 +00:00
jgruber
6d84b8d57c [builtins] Remove off-heap CallStub and CallRuntime boilerplate
This is the follow-up CL to
https://chromium-review.googlesource.com/#/c/v8/v8/+/931122.

Now that HeapConstants can be loaded through the builtins constants
table, the extra CallStub and CallRuntime has become unnecessary.

Bug: v8:6666
Change-Id: I02bb7805ac37bed6fe27fdd0689ac22ad7de034b
Reviewed-on: https://chromium-review.googlesource.com/931123
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51512}
2018-02-23 13:21:48 +00:00
Dan Elphick
efd5f6d82a [builtins] Add typing to builtins-array-gen
Convert all context, receiver and argc Node*s to their appropriate TNode
type.

Bug: v8:7310
Change-Id: Ic6bf22ffb22199d390731d424b7395c47a8f19cf
Reviewed-on: https://chromium-review.googlesource.com/934442
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51511}
2018-02-23 13:12:15 +00:00
Marja Hölttä
4be3f416e6 [data structures] Fix ZoneChunkList end iterator.
BUG=v8:7478

Change-Id: Iad67d49729dfeb89fde26772689a22098f491b8a
Reviewed-on: https://chromium-review.googlesource.com/931548
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51510}
2018-02-23 13:08:13 +00:00
Peter Marshall
6040cbb876 [cleanup] Add CSA types to Number{Inc,Dec,Add,Sub}
Bug: v8:7310
Change-Id: I8d3ac3127d5ca3ea88fbb954727a7222de5d75a0
Reviewed-on: https://chromium-review.googlesource.com/934261
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51509}
2018-02-23 12:48:23 +00:00
Ben L. Titzer
c047ba7327 [wasm] Inline the WasmCodeManager::SetCodeTable() method
R=ahaas@chromium.org

Bug: v8:7310
Change-Id: I7f4f4f7990a202232a0871f5d73dd8025306e96e
Reviewed-on: https://chromium-review.googlesource.com/934262
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51508}
2018-02-23 12:42:08 +00:00
Sigurd Schneider
0ef07c95f4 Revert "[turbofan] Move String.* functions to JSCallReducer"
This reverts commit 3ff4b44735.

Reason for revert: Does not handle V8_INTL_SUPPORT correctly

Original change's description:
> [turbofan] Move String.* functions to JSCallReducer
> 
> Bug: v8:7250, v8:7340
> Change-Id: Ibb8d5badf89c66bd9bcb6bb390256ae81d0e899c
> Reviewed-on: https://chromium-review.googlesource.com/913208
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#51505}

TBR=sigurds@chromium.org,bmeurer@chromium.org

Change-Id: I6efb3b758b0fcadc012a90c4175de3c1ebccee95
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7250, v8:7340
Reviewed-on: https://chromium-review.googlesource.com/934267
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51507}
2018-02-23 12:41:04 +00:00
Georg Neis
e733f407aa [ic] Remove unreachable %Unreachable.
R=ishell@chromium.org

Bug: v8:7310
Change-Id: Ibdf4c0c5a53de88d492668786734be08420df90e
Reviewed-on: https://chromium-review.googlesource.com/934342
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51506}
2018-02-23 12:24:48 +00:00
Sigurd Schneider
3ff4b44735 [turbofan] Move String.* functions to JSCallReducer
Bug: v8:7250, v8:7340
Change-Id: Ibb8d5badf89c66bd9bcb6bb390256ae81d0e899c
Reviewed-on: https://chromium-review.googlesource.com/913208
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51505}
2018-02-23 12:22:13 +00:00
Georg Neis
6246a1f9e5 [csa] Add some types to some string/regexp-related functions.
E.g. SubString and StringAdd.

Bug: v8:7310
Change-Id: I352044f88fe79c5b576c5423d6feae3bcb7d725a
Reviewed-on: https://chromium-review.googlesource.com/934284
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51504}
2018-02-23 12:09:51 +00:00
Yang Guo
0b9b48b59d [debug] fix break for builtin constructors with regular construct stub.
Regular construct stubs eventually call InvokeFunction, which does
performs debug hook checking. For builtins such as Object, Array, etc.
this approach does not work since they have specialized construct stubs
that do not check for the debug hook.

R=bmeurer@chromium.org

Bug: v8:178
Change-Id: I3e1f5d2dae1c7a6220b7236bd6ea71d83a65171f
Reviewed-on: https://chromium-review.googlesource.com/931702
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51503}
2018-02-23 11:04:19 +00:00
Gabriel Charette
3856d8d57d Revert "[v8] Add finer grain trace events to EVACUATE_COPY step."
This reverts commit f64a87c45a.

Revert "[v8] Even finer grain trace events for EVACUATE_COPY step."

This reverts commit 2c1b6d383e.

Traces have been gathered by the bots. I'm still analyzing the results
but let's revert these for now to soothe the poor bots which are
running with v8.gc tracing enabled and regressing like crazy
because of this crbug.com/814800.

R=hpayer@chromium.org

Bug: chromium:814800, chromium:813824
Change-Id: If97c1ff5d14de18414c3b8d65ecb3aaf4f1bb32d
Reviewed-on: https://chromium-review.googlesource.com/934131
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Gabriel Charette <gab@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51502}
2018-02-23 10:49:16 +00:00
Peter Marshall
6a2926e559 [cleanup] Add CSA types to CallBuiltin and GetMethod.
Bug: v8:7310
Change-Id: Iaebe8fa8e5a622b0963754548aa7e29fd6028e22
Reviewed-on: https://chromium-review.googlesource.com/934203
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51501}
2018-02-23 10:23:44 +00:00
Clemens Hammacher
fd8c3cde13 [Liftoff] Support arbitrary frame sizes
Instead of limiting the number of used spill slots and bailing out if
the limit is exceeded, we now store the number of spill slots used and
patch the stack frame size after generating all code.
This removes a lot of checks and bailouts.

Drive-by: Fix a bug with spilling f64 caller frame slots which was
uncovered by the additional test coverage after this CL.

R=titzer@chromium.org

Bug: v8:6600
Change-Id: I25d856f99451642cc15239c0461402e51487d0a1
Reviewed-on: https://chromium-review.googlesource.com/929162
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51500}
2018-02-23 10:14:54 +00:00
Kim-Anh Tran
c84ae392a7 [wasm] Remove dead code (old_code_table)
Bug: v8:7310
Change-Id: I6f1c2424fbf377b358546d76a9bc3bbd300aeab5
Reviewed-on: https://chromium-review.googlesource.com/933762
Commit-Queue: Kim-Anh Tran <kimanh@google.com>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51499}
2018-02-23 10:13:34 +00:00
jgruber
de9a101d20 [builtins] Replace placeholders in constants table
During builtins generation, parts of the builtins table may be filled
with placeholder code objects.

This CL ensures that such placeholders are replaced by the real
builtin object during finalization of the builtins constants table.

Bug: v8:6666
Change-Id: I3a2635b29b37690fd7e950b9f38d500704671afb
Reviewed-on: https://chromium-review.googlesource.com/934241
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51498}
2018-02-23 09:44:00 +00:00
Peter Marshall
64cee29718 [cleanup] Add CSA types to ToSmiIndex and callers.
Also a small drive-by cleanup to ToSmiLength to make the two functions
more consistent.

Bug: v8:7310
Change-Id: Ied01b72c2d30445eebac2bdab33d96e2df994274
Reviewed-on: https://chromium-review.googlesource.com/931545
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51497}
2018-02-23 09:28:31 +00:00
Sigurd Schneider
6be614fb2d Reland "[turbofan] Disable speculation for JSCall nodes by default"
This is a reland of ccbbdb93a1.

Original change's description:
> [turbofan] Disable speculation for JSCall nodes by default
>
> Change-Id: I7360601f4e1b419cf8d35480b068418bdd700be9
> Reviewed-on: https://chromium-review.googlesource.com/928649
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#51467}

Bug: v8:7340

Change-Id: I5557afcdad0c7f9610a396dcfa45f8985a13c1ba
Reviewed-on: https://chromium-review.googlesource.com/931546
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51496}
2018-02-23 08:31:41 +00:00
jgruber
6e58903424 [builtins] Generalize the constant lookup mechanism
Moves the decision whether to embed the constant or perform a lookup
through the builtins constants table to
CodeAssembler::UntypedHeapConstant.

Root constants continue to be embedded (and are later turned into
loads through root-register by the backend); non-root constants are
added to the constants table at generation-time and loaded from there
at runtime.

This allows us to remove the recently added boilerplate around
CallStub and CallRuntime in a follow-up.

Bug: v8:6666
Change-Id: Id981088e4b9d665c678acc9718383179f681f063
Reviewed-on: https://chromium-review.googlesource.com/931122
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51495}
2018-02-23 06:17:09 +00:00
v8-autoroll
0b1a36cb3f Update V8 DEPS.
Rolling v8/build: b3523c3..787ae8b

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/d2d530b..13a8b37

Rolling v8/tools/clang: c29e3d7..7e69312

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I6d46c7a380b2de8e0b3da20009ee7410b84ad9d3
Reviewed-on: https://chromium-review.googlesource.com/933609
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51494}
2018-02-23 05:00:42 +00:00
Jakob Kummerow
ec19cd24f2 [cleanup] Clean up CSA::LoadFixedTypedArrayElementAsTagged
and use it more often.

Bug: v8:7310
Change-Id: I7773f35415a0bb529cdaac380c9068f4ed5010ae
Reviewed-on: https://chromium-review.googlesource.com/930236
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51493}
2018-02-23 03:46:53 +00:00
Jakob Kummerow
ddc155d89f [bigint] Add CSA support for Big*64Array stores
Bug: v8:6791
Change-Id: I1423321552e50d9ccb40a94b73f393d6d46fa629
Reviewed-on: https://chromium-review.googlesource.com/927789
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51492}
2018-02-23 02:30:04 +00:00
Jakob Kummerow
3ef16185e4 Reland "[bigint] Implement DataView.{get,set}Big*64"
Originally reviewed at https://chromium-review.googlesource.com/929429
and landed as r51486 / d50c7731e8.

Update in reland: whitelisted new builtins as side effect free.

Bug: v8:6791
Change-Id: Iff45700c8a4eca23f3ee6fc9c0cb340dc027cbc6
Reviewed-on: https://chromium-review.googlesource.com/932802
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51491}
2018-02-23 00:57:38 +00:00
Michael Achenbach
34ba47dae9 [foozzie] Remove async suppressions
NOTRY=true
TBR=gsathya@chromium.org

Bug: chromium:800651
Change-Id: I9e978c430cbeef0fcf004d1cfbd1e64f15983155
Reviewed-on: https://chromium-review.googlesource.com/933294
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51490}
2018-02-23 00:20:48 +00:00
Adam Klein
f7d7b5c6a4 ToString of a Proxied function should not throw
Without --harmony-function-tostring, anything other than a JSFunction
or JSBoundFunction throw when Function.prototype.toString is called on
them. But with the toString revision, anything callable allows toString
(and for non-Functions returns the good old "function () { [native code] }"
string).

Bug: v8:7484
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I3540e213a40992151761b59666fe36e0510da908
Reviewed-on: https://chromium-review.googlesource.com/932825
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51489}
2018-02-22 22:55:50 +00:00
Sathya Gunasekaran
8a78db6d4a [test262] Test262 Roll
Fixes broken background compile error reporting.

Fixes broken tests in DateTimeFormat and NumberFormat: PluralRules
constructor requires 'new'.

Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I65216a3172595397f5de638c9d5d9d021d3257ce
Reviewed-on: https://chromium-review.googlesource.com/931935
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51488}
2018-02-22 22:31:50 +00:00
Michael Achenbach
56b4c41b6a Revert "[bigint] Implement DataView.{get,set}Big*64"
This reverts commit d50c7731e8.

Reason for revert: Fails on many bots, like:
https://build.chromium.org/p/client.v8/builders/V8%20Linux/builds/23331

Original change's description:
> [bigint] Implement DataView.{get,set}Big*64
> 
> Bug: v8:6791
> Change-Id: I4b5ad3cf68b5c2423d6e055332d7f0dfce7c1e99
> Reviewed-on: https://chromium-review.googlesource.com/929429
> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#51486}

TBR=jkummerow@chromium.org,neis@chromium.org

Change-Id: I95c260134d7d2671cd4cc0f8c07971af04d97546
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6791
Reviewed-on: https://chromium-review.googlesource.com/932801
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51487}
2018-02-22 21:29:12 +00:00
Jakob Kummerow
d50c7731e8 [bigint] Implement DataView.{get,set}Big*64
Bug: v8:6791
Change-Id: I4b5ad3cf68b5c2423d6e055332d7f0dfce7c1e99
Reviewed-on: https://chromium-review.googlesource.com/929429
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51486}
2018-02-22 20:10:10 +00:00
Clemens Hammacher
537885e829 [wasm][interpreter] Fix indirect calls to other instances
When calling a function through a function table, check whether the
instance of the called function differs from the current instance, and
in that case call the other function via a c-wasm-entry instead of
interpreting it.
The c-wasm-entry needs to pass the wasm context, so this CL changes
this to receive the wasm context as parameter instead of embedding the
context of the calling instance.

R=titzer@chromium.org

Bug: chromium:814562, v8:7400
Change-Id: Iea93f270542169f8aac4f8c81aacec559c716368
Reviewed-on: https://chromium-review.googlesource.com/930966
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51485}
2018-02-22 19:51:41 +00:00
Yang Guo
bebfd9d8bb [debug] add cctest for conditional breakpoint.
R=jgruber@chromium.org

Change-Id: I951d05f11d227fa3bc817010176bd966c23ad337
Reviewed-on: https://chromium-review.googlesource.com/931463
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51484}
2018-02-22 19:46:55 +00:00
Erik Luo
be270c15ad Reland "[debug] add tests, mark side-effect-free (Typed)Array, WeakMap/Set fns"
This is a reland of ba5bac8ceb.

Original change's description:
> [debug] add tests, mark side-effect-free (Typed)Array, WeakMap/Set fns
> 
> Adds more whitelisted methods in debug-evaluate for:
> Array, TypedArray, ArrayBuffer, DataView, WeakMap, WeakSet
> 
> Bug: chromium:810176
> Change-Id: I502776ad3191ccc2a355e5684b5f885a5f58d186
> Reviewed-on: https://chromium-review.googlesource.com/923414
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Erik Luo <luoe@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#51456}

Bug: chromium:810176
Change-Id: I64ff0aa632ddf77ad683de76b61ebe4e85d5f879
Reviewed-on: https://chromium-review.googlesource.com/931987
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Erik Luo <luoe@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51483}
2018-02-22 19:45:51 +00:00
Dan Elphick
a2ec753539 [serializer] Explicitly declare unused byte codes
Creates a macro that in debug builds generates case statements for
unused bytes codes (marked UNREACHABLE). This will catch the case where
a byte code declared to be unused is actually used. Should be easier to
maintain than the existing comments.

Change-Id: I0b5d830be88b7ef747975657283c1b1e98182360
Reviewed-on: https://chromium-review.googlesource.com/928650
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51482}
2018-02-22 19:24:09 +00:00
Michael Achenbach
8d889e390b [foozzie] Migrate mjsunit harness adjustments to V8 repo
This migrates harness adjustments, to be loaded after mjsunit.js on
fuzzers for correctness fuzzing.

This is the first step adding deeper pretty printing. Other
adjustments will be added in follow ups.

Bug: chromium:813833
Change-Id: I51168a31e733d54808cb8853a1c90e897acf3791
Reviewed-on: https://chromium-review.googlesource.com/930565
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51481}
2018-02-22 18:33:59 +00:00
Michael Achenbach
22fb961b70 [foozzie] Rename folder to account for new clusterfuzz configs
We'll soon also host other configurations for general fuzzing, not only
correctness fuzzing in the new tools/clusterfuzz folder.

TBR=yangguo@chromium.org

Bug: chromium:813833
Change-Id: Icd966bfec91cc547522bad5d1a842500b554754f
Reviewed-on: https://chromium-review.googlesource.com/930331
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51480}
2018-02-22 17:42:39 +00:00