Commit Graph

50551 Commits

Author SHA1 Message Date
Michael Achenbach
ec21639857 Revert "[es2015] Introduce JSDataView::external_pointer."
This reverts commit 46573e51d8.

Reason for revert: Speculative revert for breaking chromium integration.

Might break gpu tests and linux debug:
https://ci.chromium.org/p/v8/builders/luci.v8.ci/Mac%20V8%20FYI%20Release%20(Intel)/2554

Also blocks the roll:
https://chromium-review.googlesource.com/c/chromium/src/+/1234328

Original change's description:
> [es2015] Introduce JSDataView::external_pointer.
> 
> This adds a new external_pointer field to every JSDataView instance
> which points directly into the backing store at the given view's
> byte_offset. This was the DataView performance is now almost on
> par with the TypedArray performance for accessing aligned memory
> (with appropriate endianess). This also serves as prepatory work
> to enable full 64-bit addressing of DataView backing stores in
> optimized code (soonish).
> 
> This change optimizes the bounds checking sequence in TurboFan in
> such a way that it further improves the DataView set/get performance
> by around 10%, almost closing the remaining gap between DataViews
> and TypedArrays.
> 
> Drive-by-fix: Get rid of the code duplication around DataView inlining
> in the JSCallReducer and have only a single bottleneck method now.
> 
> Bug: chromium:225811, v8:4153, v8:7881, v8:8171
> Change-Id: I9118efd4d19e93f0e51c931a9bec1a56a0f4593e
> Reviewed-on: https://chromium-review.googlesource.com/1231994
> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#56042}

TBR=yangguo@chromium.org,mlippautz@chromium.org,tebbi@chromium.org,bmeurer@chromium.org

Change-Id: I614a90043b1574b19936c37987db94806cac3bd7
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:225811, v8:4153, v8:7881, v8:8171
Reviewed-on: https://chromium-review.googlesource.com/1234417
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56059}
2018-09-20 06:31:33 +00:00
Jaroslav Sevcik
55feb110ff [turbofan] Put serializing standard objects into an own phase
Bug: v8:7790
Change-Id: I864a7541b7ff37b750fc73cd6614feca98e57c77
Reviewed-on: https://chromium-review.googlesource.com/1233758
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56058}
2018-09-20 04:54:49 +00:00
v8-ci-autoroll-builder
2461b84db6 Update V8 DEPS.
Rolling v8/build: 786a3d9..64006c6

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/c968ea0..582a06e

Rolling v8/third_party/depot_tools: 79c6513..f837545

Rolling v8/tools/clang: b170cc8..35ffce8

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I9a7f15b78303a1ec31250f21306e090b7b58ab19
Reviewed-on: https://chromium-review.googlesource.com/1235377
Commit-Queue: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Reviewed-by: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#56057}
2018-09-20 03:53:46 +00:00
Sam Clegg
505cccb9e9 [d8] Update new Worker API to match the Web API
Previously we only supported strings and not filenames.  This
changes the default to filename and adds a new `type: string` which can
be passed `options` to allow for strings to be passed in test code.

See: https://developer.mozilla.org/en-US/docs/Web/API/Worker/Worker

Bug: v8:8020
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ie8818885c5c5c071b6614852322cb45aeb01a647
Reviewed-on: https://chromium-review.googlesource.com/1185980
Commit-Queue: Sam Clegg <sbc@chromium.org>
Reviewed-by: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56056}
2018-09-20 00:10:28 +00:00
Junliang Yan
efc797179f PPC/s390: Ignore overflow/notoverflow for poisoning
R=joransiu@ca.ibm.com

Change-Id: Id88187906f82cc9956ffbc9c70e4a1fdd8b20b30
Reviewed-on: https://chromium-review.googlesource.com/1234974
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#56055}
2018-09-19 20:14:48 +00:00
Junliang Yan
3e49607c9d PPC/s390: [turbofan] Implement constant folding of string concatenations
Port fef047a4a5

Original Commit Message:

    This CL implements the following design doc:
    https://docs.google.com/document/d/1h5kdfemMQMpUd15PSKW1lqikJW5hsGwrmOvoqhGFRts/edit?ts=5b978756#heading=h.urs7r34mx9p

R=mslekova@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: Iac369feb7a0bfb1d878a3c0fb4a6efbee6371128
Reviewed-on: https://chromium-review.googlesource.com/1234973
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#56054}
2018-09-19 19:40:19 +00:00
Creddy
b603513eef Disable one-shot for LogAll cctest
The LogAll test is flaky on windows build, disable one-shot optimization
to check if the issue is related to one-shot or not.

Change-Id: Ia963faf4158277d8d5e8bcbd3cf6ce99b69a4d39
Reviewed-on: https://chromium-review.googlesource.com/1234416
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Chandan Reddy <chandanreddy@google.com>
Cr-Commit-Position: refs/heads/master@{#56053}
2018-09-19 18:05:39 +00:00
Hannes Payer
9d007cef64 [heap] Create a ScavengerCollector class and move scavenging out of heap.
Change-Id: I039bf7e25884dd2c7c22f22e458048b75c0ca904
Reviewed-on: https://chromium-review.googlesource.com/1233833
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56052}
2018-09-19 17:43:59 +00:00
Bill Budge
06354392ab [cleanup] Resolve old TODO on kFloat64Mod code generation
- Uses a temp register to hold esp so we can align it to a
  8-byte boundary.

Bug: v8:8015
Change-Id: I487789250aca89c360a70614d7b0bd382705febf
Reviewed-on: https://chromium-review.googlesource.com/1229614
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56051}
2018-09-19 17:35:48 +00:00
Florian Sattler
03f7ce40cf [cleanup] Remove unnecessary copies from general classes.
Fixing clang-tidy warning.

Bug: v8:8015
Change-Id: I829fe79b95a0275ccc94e32fea2cdc74affef714
Reviewed-on: https://chromium-review.googlesource.com/1228066
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Florian Sattler <sattlerf@google.com>
Cr-Commit-Position: refs/heads/master@{#56050}
2018-09-19 16:52:58 +00:00
Sam Clegg
ba463e55e8 .gitattributes: Mark minified emscripten js files as -diff
This prevents the contents of these files showing up in the
output of `git grep`.  This makes git grep much more useful as
these files are minified into a single line which is not human
readable.

Change-Id: I54047fe32d090570fa70935ce108455a47e4d888
Reviewed-on: https://chromium-review.googlesource.com/1232674
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Sam Clegg <sbc@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56049}
2018-09-19 16:27:10 +00:00
Clemens Hammacher
60d6f7c240 [base] Remove OffsetFrom and AddressFrom
Those two methods are spread over the code base, and their purpose is
often not clear. Historically, they were used to turn pointers into
integers in order to do computations on them. Today we have {Address}
which is uintptr_t, so we can compute directly on that.

This also makes the {RoundUp} and {RoundDown} macros only work on
integral values (including {Address}).

R=mlippautz@chromium.org

Bug: v8:8015
Change-Id: Ia98fb826793ee5d3a2a5b18c09c329d088443772
Reviewed-on: https://chromium-review.googlesource.com/1233914
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56048}
2018-09-19 16:23:49 +00:00
Sigurd Schneider
d333075033 [ia32,root] Preserve kRootRegister (ebx) in several builtins
This CL ensures that the InterpreterEntryTrampoline, as well as
InterpreterPushArgsThenCall and InterpreterPushArgs preserve
the kRootRegister (ebx).

Bug: v8:6666
Change-Id: I1e5b63f1002ffbe4dac84f039f373b6b77e67d8a
Reviewed-on: https://chromium-review.googlesource.com/1233793
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56047}
2018-09-19 15:42:14 +00:00
Florian Sattler
364fcb13d2 [cleanup] Refactor profiler to use default members.
Fixing clang-tidy warning.

Bug: v8:8015
Change-Id: I5645a85ca7d85ca9abf2cde9ed4191b1ae06ca73
Reviewed-on: https://chromium-review.googlesource.com/1224170
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Florian Sattler <sattlerf@google.com>
Cr-Commit-Position: refs/heads/master@{#56046}
2018-09-19 15:36:30 +00:00
Simon Zünd
e42c9d3ab9 [ia32, root] Preserve 'ebx' in FunctionPrototypeApply
R=jgruber@chromium.org

Bug: v8:6666
Change-Id: I51db8fdf5e649884aa94cb6c9e5cc733250b7ce9
Reviewed-on: https://chromium-review.googlesource.com/1233757
Commit-Queue: Simon Zünd <szuend@google.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56045}
2018-09-19 15:29:54 +00:00
Clemens Hammacher
5e94b2083a Reland "[wasm] Introduce a soft limit on reserved memory"
This is a reland of 3bb5cb63da

Original change's description:
> [wasm] Introduce a soft limit on reserved memory
> 
> Currently, wasm memory and wasm code use a shared limit for the total
> size of reservations. This can cause wasm code reservations to fail
> because wasm memories used all available reservation space.
> This CL introduces a soft limit which is used when allocating wasm
> memory with full guards. If this limit is reached and the respective
> flag is set, we fall back to allocation without full guards and check
> against the hard limit. Code reservations always check against the hard
> limit.
> 
> R=ahaas@chromium.org
> 
> Bug: v8:8196
> Change-Id: I3fcbaeaa6f72c972d408d291af5d6b788d43151d
> Reviewed-on: https://chromium-review.googlesource.com/1233614
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#56028}

Bug: v8:8196
Change-Id: If8baf429b02e23b344346f7335bc911b99ae5579
Reviewed-on: https://chromium-review.googlesource.com/1233756
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56044}
2018-09-19 15:12:18 +00:00
Michael Lippautz
fe566be004 [heap] Concurrently process wrapper objects
Concurrently process objects and only read embedder fields on the main
thread.

Also prepares the concurrent marking infrastructure to plug this
processing into different types.

Bug: chromium:885125, chromium:843903
Change-Id: I23b7f778c16cff118dec93e11e2bbd02aaf11a78
Reviewed-on: https://chromium-review.googlesource.com/1231175
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56043}
2018-09-19 14:14:06 +00:00
Benedikt Meurer
46573e51d8 [es2015] Introduce JSDataView::external_pointer.
This adds a new external_pointer field to every JSDataView instance
which points directly into the backing store at the given view's
byte_offset. This was the DataView performance is now almost on
par with the TypedArray performance for accessing aligned memory
(with appropriate endianess). This also serves as prepatory work
to enable full 64-bit addressing of DataView backing stores in
optimized code (soonish).

This change optimizes the bounds checking sequence in TurboFan in
such a way that it further improves the DataView set/get performance
by around 10%, almost closing the remaining gap between DataViews
and TypedArrays.

Drive-by-fix: Get rid of the code duplication around DataView inlining
in the JSCallReducer and have only a single bottleneck method now.

Bug: chromium:225811, v8:4153, v8:7881, v8:8171
Change-Id: I9118efd4d19e93f0e51c931a9bec1a56a0f4593e
Reviewed-on: https://chromium-review.googlesource.com/1231994
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56042}
2018-09-19 14:06:25 +00:00
Sergiy Byelozyorov
8f30ab323c [tools] Do not auto-CC v8-reviews@ on CLs created by branch creator script
R=machenbach@chromium.org

Bug: chromium:878303, chromium:877964
Change-Id: I9f0de35780861f3f121daa9952af70b332c11e98
Reviewed-on: https://chromium-review.googlesource.com/1231176
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56041}
2018-09-19 13:41:36 +00:00
Jakob Gruber
23cf68ac2c [ia32,root] Port all CallFunction variants
As part of this, we also update all InvokeFunctionCode callers to pass
ecx as the expected-argc register.

Drive-by: Inline InvokeFunction overload into its single use.

Bug: v8:6666
Change-Id: I67590ecc3f4981d014642c9e18d3ed6db9831e54
Reviewed-on: https://chromium-review.googlesource.com/1233653
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56040}
2018-09-19 13:39:12 +00:00
Jakob Gruber
15b7c38969 [ia32,root] {Interpreter,}OnStackReplacement
OnStackReplacement itself was dead code.

Bug: v8:6666
Change-Id: I72df335f23fb749e652899a170bb3dc800992ba7
Reviewed-on: https://chromium-review.googlesource.com/1232635
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56039}
2018-09-19 13:38:10 +00:00
Jakob Gruber
d2ca9b0b7d [ia32,root] Port all CEntry variants
Not much to do here. This CL bakes in incompatibility between
poisoning and embedded builtins, since we cannot unconditionally reset
the poison register (which we reused as kRootRegister) as we used to.

It also exposes a bug introduced in [0] where we set
Isolate::c_function to a garbage value.

[0] https://chromium-review.googlesource.com/1185011

Bug: v8:6666
Change-Id: Ia606f5d0e86c7ff68aa2af22acb89c2844519bf5
Reviewed-on: https://chromium-review.googlesource.com/1233255
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56038}
2018-09-19 13:37:05 +00:00
Jakob Gruber
41ea0372bd [ia32,root] DoubleToI, MathPow, InterruptCheck, StackCheck
This also adds checks that ebx contains the root pointer during indirect load.
And we work around a few spots where we create an ebx Register but do not
actually reference it (e.g. when emitting xmm3, which has the same code as
ebx).

Bug: v8:6666
Change-Id: I7ec9e644c2e9c59d6395a71c6c5f479fac711d8d
Reviewed-on: https://chromium-review.googlesource.com/1231093
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56037}
2018-09-19 13:35:28 +00:00
Michael Achenbach
72ee72aa61 [test] Skip flaky test on Android
Failed once here:
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Android%20Arm64%20-%20N5X/852

Test allocates a lot of memory. The output suggests that OS killed it.

NOTRY=true
TBR=rmcilroy@chromium.org

Change-Id: Id177d381133a2671a5c4e3f0cac2cc3ea6cd6ee7
Reviewed-on: https://chromium-review.googlesource.com/1233759
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56036}
2018-09-19 13:33:38 +00:00
Jakob Gruber
48dc11d29a [ia32,root] Port ArgumentsAdaptorTrampoline
Bug: v8:6666
Change-Id: I6a6ece9ebb573fc6bbd18840400774952778a7e1
Reviewed-on: https://chromium-review.googlesource.com/1230914
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56035}
2018-09-19 13:30:43 +00:00
Georg Neis
99782e074c [turbofan] Move TypedLowering phase into the background.
This is behind the --concurrent-compiler-frontend flag, which is
disabled by default (but implied by --future).

Bug: v8:7790
Change-Id: Ic7934ecfea042be4897b00095b8afca66862a9d5
Reviewed-on: https://chromium-review.googlesource.com/1233735
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56034}
2018-09-19 13:16:01 +00:00
Sigurd Schneider
4862381365 [ia32,root] Preserve kRootRegister (ebx) in two more builtins
This CL ensures that ConstructBoundFunction and
ConstructedNonConstructable preserve the kRootRegister (ebx).

Bug: v8:6666
Change-Id: I5aaee07aee9377f62028c98ccc8c6fdfe23dbc6d
Reviewed-on: https://chromium-review.googlesource.com/1233615
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56033}
2018-09-19 13:10:47 +00:00
Benedikt Meurer
4491072507 [turbofan] Fix RedundancyElimination and add more test coverage.
Make the RedundancyElimination handle all simplified operators that are
listed in the SIMPLIFIED_CHECKED_OP_LIST, and fix a couple of bugs and
oversights in the code. This also adds a lot of test coverage for all
the cases that we care about in RedundancyElimination (with respect to
Check/Checked simplified operators).

Bug: v8:8015
Change-Id: I57d29113389841b09abcd013313bf5dd1c67735f
Reviewed-on: https://chromium-review.googlesource.com/1233655
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56032}
2018-09-19 13:08:12 +00:00
Leszek Swirski
196874aa08 Revert "[wasm] Introduce a soft limit on reserved memory"
This reverts commit 3bb5cb63da.

Reason for revert: Breaks Win64 bot https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Win64/26418

Original change's description:
> [wasm] Introduce a soft limit on reserved memory
> 
> Currently, wasm memory and wasm code use a shared limit for the total
> size of reservations. This can cause wasm code reservations to fail
> because wasm memories used all available reservation space.
> This CL introduces a soft limit which is used when allocating wasm
> memory with full guards. If this limit is reached and the respective
> flag is set, we fall back to allocation without full guards and check
> against the hard limit. Code reservations always check against the hard
> limit.
> 
> R=​ahaas@chromium.org
> 
> Bug: v8:8196
> Change-Id: I3fcbaeaa6f72c972d408d291af5d6b788d43151d
> Reviewed-on: https://chromium-review.googlesource.com/1233614
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#56028}

TBR=ahaas@chromium.org,clemensh@chromium.org

Change-Id: If645e738b4a5800eceabd993738ac2285f4a63bc
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8196
Reviewed-on: https://chromium-review.googlesource.com/1233834
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56031}
2018-09-19 13:07:09 +00:00
Marja Hölttä
737a4e4c19 [in-place weak refs] Cleanup: Remove BodyDescriptorWeak
Unification: now BodyDescriptor deals with all weakness types.

This doesn't replace the weak list pointers with in-place weak references, since
it would cause extra work: we anyway recreate the lists after GC, so we
shouldn't track them at all during GC.

BUG=v8:7308

Change-Id: Ifb2f573d3e7ee311136b59e185cc659487c9cab3
Reviewed-on: https://chromium-review.googlesource.com/1229894
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56030}
2018-09-19 12:57:40 +00:00
Georg Neis
3f6612583e [turbofan] Don't create handle in JSHeapBroker::native_context.
Instead, remember the canonical handle during SerializeStandardObjects.

Bug: v8:7790
Change-Id: Id57d861e92088fbc64c05fbee1612376000c06c9
Reviewed-on: https://chromium-review.googlesource.com/1233494
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56029}
2018-09-19 12:47:20 +00:00
Clemens Hammacher
3bb5cb63da [wasm] Introduce a soft limit on reserved memory
Currently, wasm memory and wasm code use a shared limit for the total
size of reservations. This can cause wasm code reservations to fail
because wasm memories used all available reservation space.
This CL introduces a soft limit which is used when allocating wasm
memory with full guards. If this limit is reached and the respective
flag is set, we fall back to allocation without full guards and check
against the hard limit. Code reservations always check against the hard
limit.

R=ahaas@chromium.org

Bug: v8:8196
Change-Id: I3fcbaeaa6f72c972d408d291af5d6b788d43151d
Reviewed-on: https://chromium-review.googlesource.com/1233614
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56028}
2018-09-19 12:19:46 +00:00
Michael Achenbach
49ae2db3cf [test] Update bug on skipped test
TBR=sathya@chromium.org
NOTRY=true

Bug: v8:8197
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I3bb3f8e551e34ba3a1b5d05703121989ecfe4e3c
Reviewed-on: https://chromium-review.googlesource.com/1233734
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56027}
2018-09-19 11:58:01 +00:00
Stephan Herhut
ded9d22a5c [wasm] Add extra DCHECK to ensure pending exception
When module instantiation fails, we need to throw an exception or raise
an error additionally to just returning an empty handle. This change
adds an extra DCHECK to make sure this is not forgotten.

Bug: v8:8015
Change-Id: Ib5d580ccfa2fb689e01c2bdabe856c8c4a47a853
Reviewed-on: https://chromium-review.googlesource.com/1233259
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56026}
2018-09-19 10:38:00 +00:00
Clemens Hammacher
baa9bf19ef Reland "[wasm] Increase code space limit to 1024 MB"
This is a reland of 15d6d7b4ee.

Original change's description:
> [wasm] Increase code space limit to 1024 MB
>
> Liftoff increases code size, and people start deploying bigger modules.
> Increase the wasm code space limit from 512 MB to 1024 MB to account
> for this.
>
> R=titzer@chromium.org
>
> Bug: chromium:883639, chromium:872684
> Change-Id: I3a2ca29d456635f7f3aa1daef5fa2b0249dc1645
> Reviewed-on: https://chromium-review.googlesource.com/1226971
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#56003}

TBR=titzer@chromium.org

Bug: chromium:883639, chromium:872684
Change-Id: I54461d2a5f32eeaf90c71768eb9f37223dd5ebb6
Reviewed-on: https://chromium-review.googlesource.com/1233256
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56025}
2018-09-19 10:20:09 +00:00
Creddy
b2ed47b958 [interpreter] Restrict one-shot optimizations to only top-level IIFEs
IIFE`s within a function are not guaranteed to be executed only once.
They can be called multiple times and compiler can inline them.
Do the one-shot optimizations only for IIFE`s from top-level code.

Bug: v8:8072, chromium:886580
Change-Id: I02370681cc3eab270edcc75ee120ca7ad768ed52
Reviewed-on: https://chromium-review.googlesource.com/1231174
Commit-Queue: Chandan Reddy <chandanreddy@google.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56024}
2018-09-19 10:15:13 +00:00
Simon Zünd
deee2c2df6 [ia32, root] Port FunctionPrototypeCall
This CL is part of the effort to remove the usage of 'ebx' as it will
be the kRootRegister on ia32.

R=jgruber@chromium.org

Bug: v8:6666
Change-Id: Iad3d4718423a22790908d5028b2ec9e8b2253126
Reviewed-on: https://chromium-review.googlesource.com/1233258
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#56023}
2018-09-19 09:59:33 +00:00
Benedikt Meurer
bb5724283f [turbofan] Word64 conversions are lossless for Int64/Uint64 values.
Teach TurboFan about representation changes from Float64 to Word64 where
the input value is already known to be within the Int64 or Uint64 range.
While not all of these values have representations in Float64, those
that do can be converted to Word64 without loss of precision.

Same is true for Tagged to Word64 conversions, although here we don't
(currently) need the case for Uint64 ranges, so we can skip adding an
operator for that until it becomes necessary (there's a hard check in
the code so it'll not silently cause trouble).

Bug: v8:8178
Change-Id: Ie99b0bc9af096bd927f63b26b0a61e66454bc4ae
Reviewed-on: https://chromium-review.googlesource.com/1231593
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56022}
2018-09-19 09:50:13 +00:00
Maya Lekova
fef047a4a5 [turbofan] Implement constant folding of string concatenations
This CL implements the following design doc:
https://docs.google.com/document/d/1h5kdfemMQMpUd15PSKW1lqikJW5hsGwrmOvoqhGFRts/edit?ts=5b978756#heading=h.urs7r34mx9p

Bug: v8:7790
Change-Id: I5f758c6d906ea9275c30b28f339063c64a2dc8d8
Reviewed-on: https://chromium-review.googlesource.com/1221807
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56021}
2018-09-19 09:47:23 +00:00
Sigurd Schneider
e611e1cdea [turbolizer] Update rollup config
Change-Id: I09cb1ea773c84891cefc54e8bc016b5b201280bd
Bug: v8:7327

NOTRY=true

Change-Id: I09cb1ea773c84891cefc54e8bc016b5b201280bd
Reviewed-on: https://chromium-review.googlesource.com/1227973
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56020}
2018-09-19 09:41:31 +00:00
Benedikt Meurer
984048e8c7 [es2015] Clear JSTypedArray raw fields in the constructor.
The JSTypedArray instance is created early on in the TypedArray
constructors, using EmitFastNewObject, which puts Undefined into
all slots. But the code might still produce an exception afterwards
leaving the JSTypedArray in a weird state. It's not a security issue
since the object doesn't escape, but it confuses the heap verifier.

Bug: chromium:885404, v8:4153, v8:7881, v8:8171
Change-Id: I5fb8131fcae69edf4a92602ed477dca305c3d6c7
Reviewed-on: https://chromium-review.googlesource.com/1233257
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56019}
2018-09-19 09:28:11 +00:00
Michael Lippautz
44e77f8d93 [heap] Remove marking finalization flag
The flag was not used anymore and any CollectGarbage call will finalize
marking.

Change-Id: I29ee60b187c9038acc4b42b8334546498f54f117
Reviewed-on: https://chromium-review.googlesource.com/1228013
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56018}
2018-09-19 09:08:35 +00:00
Yang Guo
c8bfbed921 Reland "[regexp] implement regexp property sequence proposal"
This is a reland of f4c14fd971

TBR=jgruber@chromium.org

Original change's description:
> [regexp] implement regexp property sequence proposal
>
> Also-By: mathias@chromium.org
> Bug: v8:7467
> Change-Id: I9fd6e61f4da1097c2375f671b4801e9730f792c4
> Reviewed-on: https://chromium-review.googlesource.com/1227974
> Commit-Queue: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Mathias Bynens <mathias@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55991}

Bug: v8:7467
Change-Id: If07137dea5a8ea42dbff1d749d997eb4ae055d80
Reviewed-on: https://chromium-review.googlesource.com/1232634
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56017}
2018-09-19 08:39:22 +00:00
Jaroslav Sevcik
6a6f050e18 Turn on full masking with untrusted-code-mitigations
Bug: chromium:856973
Change-Id: Ib0feeb18e27dc455ecf8547b3dd5bd284c39735a
Reviewed-on: https://chromium-review.googlesource.com/1225899
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56016}
2018-09-19 08:33:13 +00:00
Florian Sattler
a072e666f6 [cleanup] Refactor first batch of general classes to use default members.
Fixing clang-tidy warning.

Bug: v8:8015
Change-Id: Ibc5a81aea25f797e90db891e90b2977f27e13990
Reviewed-on: https://chromium-review.googlesource.com/1224410
Commit-Queue: Florian Sattler <sattlerf@google.com>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56015}
2018-09-19 08:32:08 +00:00
Yang Guo
68b36a153c Revert "[wasm] Increase code space limit to 1024 MB"
This reverts commit 15d6d7b4ee.

Reason for revert: speculative revert for this failure: https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket.appspot.com/8934981003100286416/+/steps/Check/0/logs/Fixed/0

Original change's description:
> [wasm] Increase code space limit to 1024 MB
> 
> Liftoff increases code size, and people start deploying bigger modules.
> Increase the wasm code space limit from 512 MB to 1024 MB to account
> for this.
> 
> R=​titzer@chromium.org
> 
> Bug: chromium:883639, chromium:872684
> Change-Id: I3a2ca29d456635f7f3aa1daef5fa2b0249dc1645
> Reviewed-on: https://chromium-review.googlesource.com/1226971
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#56003}

TBR=titzer@chromium.org,clemensh@chromium.org

Change-Id: I77b3eb694edef122fb3467ca1938c5aff833911d
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:883639, chromium:872684
Reviewed-on: https://chromium-review.googlesource.com/1232958
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56014}
2018-09-19 08:02:51 +00:00
Clemens Hammacher
7b43c4022b [wasm] Skip failing test on native arm/mips
The test allocates a code object of maximum size. This was recently
increased to 1GB. This makes the test run OOM on some native arm and
mips devices.

TBR=ahaas@chromium.org

No-Try: true
Change-Id: Ie6cc50e92493c341c3205e9a6efa547d3d489275
Reviewed-on: https://chromium-review.googlesource.com/1233333
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56013}
2018-09-19 06:06:58 +00:00
tzik
8a7adb0bc1 Use MicrotaskQueue class as the default microtask storage
This CL introduces the global default microtask queue as the replacement
of Heap::microtask_queue and Isolate::pending_microtask_count.

Bug: v8:8124
Change-Id: I0a6a7618a1a6ca7ceaf370dc15917a6b3690542c
Reviewed-on: https://chromium-review.googlesource.com/1226760
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56012}
2018-09-19 05:20:36 +00:00
Camillo Bruni
9b50b3b096 [tools] callstats.py: don't retry after many failing results
Change-Id: Ie741a8e4452b6d65ec73bd91ecdea869d7eedc25
BUG: v8:8192
Reviewed-on: https://chromium-review.googlesource.com/1230100
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56011}
2018-09-19 05:19:31 +00:00
v8-ci-autoroll-builder
3137406425 Update V8 DEPS.
Rolling v8/build: c4b8ad9..786a3d9

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/460fd88..c968ea0

Rolling v8/third_party/depot_tools: ea4301e..79c6513

Rolling v8/third_party/fuchsia-sdk: 0953bbd..dc90d99

TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org

Change-Id: I524678f69b7810ce492d73395178067024c6237f
Reviewed-on: https://chromium-review.googlesource.com/1232692
Reviewed-by: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#56010}
2018-09-19 05:18:26 +00:00