Commit Graph

1201 Commits

Author SHA1 Message Date
Marja Hölttä
b90c98fc29 [objects.h splitting] Move SharedFunctionInfo.
BUG=v8:5402

Change-Id: If5f763e6a11d446e36719277a18b00a0cd8df8fa
Reviewed-on: https://chromium-review.googlesource.com/517162
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45565}
2017-05-29 14:03:48 +00:00
mattloring
6803eef142 Allow embedder to set promise internal field count
Asynchronous context tracking mechanisms in Node.js need to store some
state on all promise objects. This change will allow embedders to
configure the number of internal fields on promises as is already done
for ArrayBuffers.

BUG=v8:6435

Review-Url: https://codereview.chromium.org/2889863002
Cr-Commit-Position: refs/heads/master@{#45496}
2017-05-23 17:54:12 +00:00
Sathya Gunasekaran
aca3c14f15 [collections] Port Map constructor to CSA
Bug: v8:5717, v8:6354
Change-Id: I4be80eabcb0f98446e695a2ab1ad5804b7181ac7
Reviewed-on: https://chromium-review.googlesource.com/506818
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45489}
2017-05-23 13:21:47 +00:00
jgruber
d74ece4180 [objects] Extract DebugInfo and BreakPointInfo to own file
BUG=v8:5402

Review-Url: https://codereview.chromium.org/2900713004
Cr-Commit-Position: refs/heads/master@{#45486}
2017-05-23 12:17:09 +00:00
pierre.langlois
73ab0f4b9f [gn] Allow building a snapshot with unwinding information.
Add a new "v8_perf_prof_unwinding_info" option to gn that translates to building
the snapshot with "--perf-prof-unwinding-info". It allows unwinding TF generated
code from the snapshot.

Additionally, add a warning if one uses the option along with a snapshot which
was not build with unwinding information.

Running tests in this configuration revealed an issue in the checks performed
when accessing the stub cache. We would assume that the `Code::Flags` bitfield
only contains the `Kind` and `ExtraICState` fields, when there is also a
`HasUnwindingInfo` field which can now be set for stubs.

BUG=

Review-Url: https://codereview.chromium.org/2887783002
Cr-Commit-Position: refs/heads/master@{#45477}
2017-05-23 09:47:29 +00:00
Loo Rong Jie
e1b4b405b1 Rename builtins/builtins-debug-gen.cc and move to mksnapshot
Bug: v8:6055
Change-Id: Ib14dcef7f30bab88fad92b1a7329163beea50503
Reviewed-on: https://chromium-review.googlesource.com/511682
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Loo Rong Jie <loorongjie@gmail.com>
Cr-Commit-Position: refs/heads/master@{#45473}
2017-05-23 06:43:43 +00:00
thomasanderson
cb7dd0a911 Replace sanitizers:deps with exe_and_shlib_deps (v8)
All targets (at least on sanitizer builds) unconditionally depend
on //build/config/sanitizers:deps.

It is necessary for bug 593874 that all targets now also depend
on //buildtools/third_party/libc++:libcxx_proxy.  This requires
adding a new "global dependency": //build/config:exe_and_shlib_deps.

This CL updates references to sanitizers:deps to instead refer to
//build/config:exe_and_shlib_deps.

BUG=chromium:723069
R=bradnelson@chromium.org

Review-Url: https://codereview.chromium.org/2894013003
Cr-Commit-Position: refs/heads/master@{#45435}
2017-05-19 21:52:47 +00:00
Michael Lippautz
17a2c6e847 [heap] Introduce WorkStealingMarkingDeque
Currently only relies on private stacks of segments, i.e., doesn't steal
anything, yet.

Bug: chromium:651354
Change-Id: Icedad3e3169b61afe988a1ece10f73f3a973bdb2
Reviewed-on: https://chromium-review.googlesource.com/508351
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45422}
2017-05-19 11:49:59 +00:00
ulan
f1e82a2ee9 [heap] Add GN flag for enabling concurrent marking.
BUG=chromium:723600

Review-Url: https://codereview.chromium.org/2888093003
Cr-Commit-Position: refs/heads/master@{#45379}
2017-05-17 15:22:38 +00:00
Marja Hölttä
35f3e9d0e6 Reland: [objects.h splitting] Move Map and related classes.
Previous version was https://chromium-review.googlesource.com/502808

BUG=v8:5402

Change-Id: If327f4d7884577b7e5e6159372bf28a80cd21e51
Reviewed-on: https://chromium-review.googlesource.com/506073
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45369}
2017-05-17 12:12:18 +00:00
Michael Lippautz
b02bb408ef [heap] Add ItemParallelJob
Adds a generic job that is based on items and tasks.

Bug: chromium:651354
Change-Id: I378e04741c5761ea6c4a74816b9af8ea22867f53
Reviewed-on: https://chromium-review.googlesource.com/506075
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45353}
2017-05-16 21:50:56 +00:00
Leszek Swirski
4becbe345f [ignition] Change --trace-ignition to a runtime flag
Generate the code (extra runtime calls) for --trace-ignition support at
compile time, based on a #define (similar to TRACE_MAPS). Then check for
--trace-ignition at run-time when deciding whether to actually print
anything. This should make --trace-ignition less painful to use.

Note that --trace-igition is disabled by default, even on debug builds.
It has to be enabled with the gn arg "v8_enable_trace_ignition=true"

As a drive-by, TRACE_MAPS is renamed to V8_TRACE_MAPS, for consistency,
and SFI unique index (needed both by --trace-ignition and --trace-maps)
is cleaned up to be behind another #define.

Change-Id: I8dd0c62d0e6b7ee9c75541d45eb729dc03acbee9
Reviewed-on: https://chromium-review.googlesource.com/506203
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45346}
2017-05-16 16:11:14 +00:00
Jakob Kummerow
1345de0b1e [builtins] Tune Array.indexOf performance
BUG=v8:6371

Change-Id: Iacb4ad572ea83ade6262272ed30d4cb684f9d8ed
Reviewed-on: https://chromium-review.googlesource.com/505107
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45332}
2017-05-16 10:56:21 +00:00
Leszek Swirski
f133bc8ad5 [ignition] Introduce Switch bytecode for generators
Introduce a new SwitchSmiTable bytecode for generators, which does a
table lookup for the accumulator value in a jump table stored in the
constant array pool. This removes the if-else chains at resumable
function/loop headers.

As a drive-by, add a scoped environment saving struct to the bytecode
graph builder.

Bug: v8:6351
Bug: v8:6366
Change-Id: I63be15a8b599d6684c7df19dedb8860562678fb0
Reviewed-on: https://chromium-review.googlesource.com/500271
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45314}
2017-05-15 17:43:17 +00:00
Marja Hölttä
cc2c11441c Revert "[objects.h splitting] Move Map and related classes."
This reverts commit 7be0159e4b.

Reason for revert: Broke node by generating a broken debug-support.cc

Original change's description:
> [objects.h splitting] Move Map and related classes.
> 
> BUG=v8:5402
> 
> Change-Id: I64fae0a0271eb0f1b71f4ec5d9bd5d22deb1cf59
> Reviewed-on: https://chromium-review.googlesource.com/502808
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Commit-Queue: Marja Hölttä <marja@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#45305}

TBR=marja@chromium.org,mstarzinger@chromium.org,jarin@chromium.org,ishell@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5402

Change-Id: Ifa65537447eb0a1ef947b9d0dae6f07a8b150968
Reviewed-on: https://chromium-review.googlesource.com/506011
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45307}
2017-05-15 15:01:03 +00:00
Marja Hölttä
7be0159e4b [objects.h splitting] Move Map and related classes.
BUG=v8:5402

Change-Id: I64fae0a0271eb0f1b71f4ec5d9bd5d22deb1cf59
Reviewed-on: https://chromium-review.googlesource.com/502808
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45305}
2017-05-15 14:41:01 +00:00
rayb
468f1958e0 For building v8 using gn on aix_ppc64, linux_s390x and linux_ppc64(both LE and BE).
Also add support for host_byteorder logic which is introduced in - https://codereview.chromium.org/2815453004/

Chromium_BUG=706728
R=machenbach@chromium.org, dpranke@chromium.org, adamk@chromium.org

Review-Url: https://codereview.chromium.org/2809963004
Cr-Commit-Position: refs/heads/master@{#45268}
2017-05-12 01:35:09 +00:00
Andreas Haas
72019a0428 [wasm] Streaming decoder
This CL implements a streaming decoder which takes the bytes
of a wasm module as an input, potentially split into multiple
chunks, and decodes them into segments. Each segment either
contains the payload of a whole section, or the code of a
single function. The goal is that the streaming decoder is
used for streaming compilation. That's where the interface
comes from, see
(https://cs.chromium.org/chromium/src/v8/include/v8.h?q=OnBytesReceived&sq=package:chromium&l=4060)

Error positions are not reported correctly at the moment. I
plan to do this in a separate CL.

Change-Id: I6e3df6a91945c7baec2dc4f5de2e5f47636083df
Reviewed-on: https://chromium-review.googlesource.com/471350
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45250}
2017-05-11 09:46:31 +00:00
Jochen Eisinger
1c1e700ccd Make ICU a public dep of v8_base when building with i18n support
That's cleaner than having every target depending on v8 include icu
itself.

BUG=none
R=machenbach@chromium.org

Change-Id: Icaa9e8670718664041a6efe2622366c89b733f81
Reviewed-on: https://chromium-review.googlesource.com/500127
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45196}
2017-05-09 13:53:10 +00:00
Andreas Haas
eb64b26f8f [cleanup][wasm][fuzzer] Share code among the different fuzzers.
With this CL we share code among the wasm fuzzers which construct a
module and run it in the interpreter and as compiled code.The fuzzers
themselves only contain the code now which creates the module and the
parameters.

BUG=v8:6325
R=eholk@chromium.org

Change-Id: I1c2d8b013531c86cb27837f1b8ec89d2688c536b
Reviewed-on: https://chromium-review.googlesource.com/490048
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45156}
2017-05-08 09:58:26 +00:00
jgruber
f0e95769db [string] Move String.p.toLowerCase to CSA
This CL migrates the CPP builtin to CSA with fast paths for strings
that can be unpacked to direct one-byte strings. Short strings are
handled directly in CSA, others need to call into C for conversion.

Microbenchmarks for "abcd".toLowerCase() show speedups of 2.5x.

BUG=v8:6353,v8:6344

Review-Url: https://codereview.chromium.org/2859203002
Cr-Commit-Position: refs/heads/master@{#45141}
2017-05-05 15:59:08 +00:00
Michael Starzinger
2238a16c69 [asm.js] Remove AST-based asm.js validator implementation.
R=clemensh@chromium.org
BUG=v8:6127

Change-Id: I6a098151fef14c0c76c1762d99316a3ae7d12a8e
Reviewed-on: https://chromium-review.googlesource.com/496266
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45119}
2017-05-05 08:57:35 +00:00
Clemens Hammacher
6548f76c92 [build] Disable strict-overflow check on gcc
This flag generates false positives, since gcc inlines functions and
propagates constants, and then applies the check.

Drive-by: Refactor the checks that triggered the error to avoid
explicit casts.

R=jochen@chromium.org, machenbach@chromium.org
BUG=v8:6341

Change-Id: I86aebf402cbd2502ef17622a000a5bb777fd4b43
Reviewed-on: https://chromium-review.googlesource.com/494474
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45096}
2017-05-04 13:36:39 +00:00
Jochen Eisinger
668246a1b5 Reland "Make unittest link correctly again"
This reverts commit 5db25a0906.

Original change's description:
> Make unittest link correctly again
>
> Remains to port these fixes over to gyp.
>
> R=machenbach@chromium.org, jkummerow@chromium.org, mstarzinger@chromium.org
> BUG=v8:6325
>
> Change-Id: I3bebbc6d0ec52fcb60e3d51acd27e616f51d3dbb
> Reviewed-on: https://chromium-review.googlesource.com/490108
> Commit-Queue: Jochen Eisinger <jochen@chromium.org>
> Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#45026}

R=jkummerow@chromium.org
TBR=mstarzinger@chromium.org,clemensh@chromium.org
BUG=v8:6325

Change-Id: Ic3c0ffdf1f13045ea5a3929b720908e0b27a11c3
Reviewed-on: https://chromium-review.googlesource.com/494566
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45056}
2017-05-03 10:44:07 +00:00
Jochen Eisinger
76a84bbcc6 Revert "Disable -Werror=attributes on gcc"
This reverts commit 7683df248a.

Reason for revert: doesn't help with gcc, so removing

Original change's description:
> Disable -Werror=attributes on gcc
> 
> The warning triggers even if the attributes don't change - it's enough
> to declare them multiple times. Given that the other compilers don't
> complain, just disable the warning on gcc for now.
> 
> R=​jkummerow@chromium.org,mtrofin@chromium.org
> BUG=v8:6339
> NOTRY=true
> 
> Change-Id: Ie0fcc4feeb8568d4ab74ac65f6887523f3cdcbf9
> Reviewed-on: https://chromium-review.googlesource.com/494106
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#45045}

TBR=jkummerow@chromium.org,machenbach@chromium.org,mtrofin@chromium.org,gsathya@chromium.org,jochen@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:6339

Change-Id: I581e4f0499ae0d7e3bc791fd6fa9988aabe64c5e
Reviewed-on: https://chromium-review.googlesource.com/494469
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45052}
2017-05-03 09:48:23 +00:00
Michael Achenbach
5db25a0906 Revert "Make unittest link correctly again"
This reverts commit 0f5ebcca4e.

Reason for revert: Still blocks rolling:
https://codereview.chromium.org/2857903002/

Original change's description:
> Make unittest link correctly again
> 
> Remains to port these fixes over to gyp.
> 
> R=​machenbach@chromium.org, jkummerow@chromium.org, mstarzinger@chromium.org
> BUG=v8:6325
> 
> Change-Id: I3bebbc6d0ec52fcb60e3d51acd27e616f51d3dbb
> Reviewed-on: https://chromium-review.googlesource.com/490108
> Commit-Queue: Jochen Eisinger <jochen@chromium.org>
> Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#45026}

TBR=jkummerow@chromium.org,machenbach@chromium.org,mstarzinger@chromium.org,jochen@chromium.org,clemensh@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:6325

Change-Id: Icb11e6e12cb6c7bd6c68677359596fee740b6531
Reviewed-on: https://chromium-review.googlesource.com/494467
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45049}
2017-05-03 09:03:10 +00:00
Jochen Eisinger
7683df248a Disable -Werror=attributes on gcc
The warning triggers even if the attributes don't change - it's enough
to declare them multiple times. Given that the other compilers don't
complain, just disable the warning on gcc for now.

R=jkummerow@chromium.org,mtrofin@chromium.org
BUG=v8:6339
NOTRY=true

Change-Id: Ie0fcc4feeb8568d4ab74ac65f6887523f3cdcbf9
Reviewed-on: https://chromium-review.googlesource.com/494106
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45045}
2017-05-03 06:41:44 +00:00
ulan
c6816cd87d [heap] Implement simple concurrent marking deque.
This patch adds a concurrent marking deque that exposes the same interface
for the main thread as the existing marking deque.

The matching interface makes the concurrent marking deque a drop-in
replacement for the sequential marking deque without any change in
mark-compactor and incremental marker.

BUG=chromium:694255

Review-Url: https://codereview.chromium.org/2810893002
Cr-Commit-Position: refs/heads/master@{#45042}
2017-05-02 17:03:31 +00:00
ulan
41af9bc51b [heap] Extract marking deque to separate file.
BUG=chromium:694255

Review-Url: https://codereview.chromium.org/2852953004
Cr-Commit-Position: refs/heads/master@{#45030}
2017-05-02 12:48:04 +00:00
Jochen Eisinger
0f5ebcca4e Make unittest link correctly again
Remains to port these fixes over to gyp.

R=machenbach@chromium.org, jkummerow@chromium.org, mstarzinger@chromium.org
BUG=v8:6325

Change-Id: I3bebbc6d0ec52fcb60e3d51acd27e616f51d3dbb
Reviewed-on: https://chromium-review.googlesource.com/490108
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45026}
2017-05-02 11:42:49 +00:00
wychen
c1e24b6087 Split GN target v8_headers for browser non-code dependency
This is for https://crrev.com/2851953002/

BUG= chromium:716359

Review-Url: https://codereview.chromium.org/2853783002
Cr-Commit-Position: refs/heads/master@{#45009}
2017-05-02 08:49:38 +00:00
Daniel Ehrenberg
0ca84d06f5 Revert "[intl] Switch to using declared accessors"
This reverts commit 4968b2c4d1.

Reason for revert: Speculative revert for severe perf regression
https://bugs.chromium.org/p/chromium/issues/detail?id=716468#c3

Original change's description:
> [intl] Switch to using declared accessors
> 
> This patch cleans up the Intl code by switching to using declared
> accessors, rather than embedder fields, for holding references to
> ICU objects. Additionally:
> - Rename classes to be more similar to how other classes are named
> - Make some unreachable paths into check-fails, rather than throwing
>   JS exceptions
> - Move some macros from objects-inl.h into object-macros.h, to allow
>   the implementation here to not touch objects.h
> - Some setup logic is moved from runtime-i18n.cc to i18n.cc.
> 
> This patch leaves type tags as they are; a future patch should move
> from a special Intl type tagging system to object types as other system
> objects use. Future patches should also move more logic to i18n.cc
> 
> BUG=v8:5402,v8:5751,v8:6057
> CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_noi18n_rel_ng
> 
> Change-Id: Ia9cbb25cf8f52662e3deb15e64179d792c10842c
> Reviewed-on: https://chromium-review.googlesource.com/479651
> Commit-Queue: Daniel Ehrenberg <littledan@chromium.org>
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#44804}

TBR=adamk@chromium.org,marja@chromium.org,mstarzinger@chromium.org,littledan@chromium.org,jwolfe@igalia.com
# Not skipping CQ checks because original CL landed > 1 day ago.
BUG=v8:5402,v8:5751,v8:6057
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_noi18n_rel_ng

Change-Id: I7a45d7def1f1de0f21e3efb7de9b31f6bcfea46d
Reviewed-on: https://chromium-review.googlesource.com/490328
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Commit-Queue: Daniel Ehrenberg <littledan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44992}
2017-04-29 00:21:27 +00:00
Marja Hölttä
95a7cfe0ea [cleanup & objects.h splitting] Move StringHasher
BUG=v8:6325,v8:5402

Change-Id: If0c975fe377c0178c488fc1bedd02f9c8289ebbc
Reviewed-on: https://chromium-review.googlesource.com/490086
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44979}
2017-04-28 13:07:24 +00:00
jbroman
a16c3c9105 Expose the ValueSerializer data format version as a compile-time constant.
BUG=chromium:704293

Review-Url: https://codereview.chromium.org/2804643006
Cr-Commit-Position: refs/heads/master@{#44945}
2017-04-27 15:14:41 +00:00
ulan
e671ed3610 Decouple root visitors from object visitors.
This patch adds a new interface called RootVisitor and changes the root
iteration functions to accept a RootVisitor instead of an ObjectVisitor.

Future CLs will change ObjectVisitor to provide the host object to all
visiting functions, which will bring it in sync with static visitors.

Having separate visitors for roots and objects removes ambiguity in
VisitPointers and reduces chances of forgetting to record slots.

This is intended as pure refactoring. All places that require behavior
change are marked with TODO and will addressed in future CLs.

BUG=chromium:709075

Review-Url: https://codereview.chromium.org/2801073006
Cr-Commit-Position: refs/heads/master@{#44852}
2017-04-25 13:32:18 +00:00
Clemens Hammacher
fc6d4a1f08 [wasm] Move wasm-macro-gen.h to test/common/wasm
This header file is only used from tests.
Also, move the LoadStoreOpcodeOf method (only used in tests) from
wasm-opcodes.h to wasm-macro-gen.h.

R=ahaas@chromium.org

Change-Id: I8d4691be494b5c1fbe3084441329850930bad647
Reviewed-on: https://chromium-review.googlesource.com/486861
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44845}
2017-04-25 11:59:48 +00:00
Clemens Hammacher
e8df147f2b [wasm] [cleanup] Move LocalDeclEncoder to own compilation unit
wasm-macro-gen.h is mainly used from tests, but LocalDeclEncoder is
also used from various other places.
This CL moves the LocalDeclEncoder to an own compilation unit. We want
to later move wasm-macro-gen.h to the tests folder.
It also refactors the LocalDeclEncoder to reuse the
LEBHelper::write_u32v and LEBHelper::sizeof_u32v methods instead of
reimplementing it.

R=ahaas@chromium.org

Change-Id: Ia4651436f0544578da7c1c43596d343571942e97
Reviewed-on: https://chromium-review.googlesource.com/486724
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44838}
2017-04-25 10:56:01 +00:00
Daniel Ehrenberg
4968b2c4d1 [intl] Switch to using declared accessors
This patch cleans up the Intl code by switching to using declared
accessors, rather than embedder fields, for holding references to
ICU objects. Additionally:
- Rename classes to be more similar to how other classes are named
- Make some unreachable paths into check-fails, rather than throwing
  JS exceptions
- Move some macros from objects-inl.h into object-macros.h, to allow
  the implementation here to not touch objects.h
- Some setup logic is moved from runtime-i18n.cc to i18n.cc.

This patch leaves type tags as they are; a future patch should move
from a special Intl type tagging system to object types as other system
objects use. Future patches should also move more logic to i18n.cc

BUG=v8:5402,v8:5751,v8:6057
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_noi18n_rel_ng

Change-Id: Ia9cbb25cf8f52662e3deb15e64179d792c10842c
Reviewed-on: https://chromium-review.googlesource.com/479651
Commit-Queue: Daniel Ehrenberg <littledan@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44804}
2017-04-24 14:03:38 +00:00
Daniel Ehrenberg
2f8cae53f8 [intl] Reorganize code
- Split out code for Intl objects into src/objects/
- Rename i18n to intl (except for the name of the build flag)
- Use build system more broadly to turn on/off Intl code
- Delete a little bit of dead code

Bug: v8:5751
Change-Id: I41bf2825a5cb0df20824922b17c24cae637984da
Reviewed-on: https://chromium-review.googlesource.com/481284
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Daniel Ehrenberg <littledan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44801}
2017-04-24 13:54:15 +00:00
yangguo
461e47a8fe [d8] implement console for d8.
for now, it's just the methods
- log
- warn
- debug
- info
- error
- time
- timeEnd

R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2840543002
Cr-Commit-Position: refs/heads/master@{#44797}
2017-04-24 13:23:10 +00:00
kozyatinskiy
f28e487858 [console] fast console.assert(true)
A lot of web sites around the world has hack which replaces native console.assert by function with fast return.
Current console.assert is slow because we need to run CPP builtin but we should enter this builtin iff condition is false or omitted.

BUG=v8:6175
R=ishell@chromium.org,dgozman@chromium.org

Review-Url: https://codereview.chromium.org/2828933002
Cr-Commit-Position: refs/heads/master@{#44752}
2017-04-20 17:17:18 +00:00
Adam Klein
468ddfa6bb [cleanup] Remove runtime.js, move the remainder to more logical places
This patch retires runtime.js:
  - Removes some dead code from runtime.js (ToPositiveInteger, ToIndex),
  - Moves Array.prototype initialization to prologue.js
  - Moves SpeciesConstructor to the only file that calls it (typedarray.js)
  - Renames the remainder to reflect its only inhabitants ({Max,Min}Simple)

Change-Id: If9048a30c4f6b86396bfd647bb637b4175880fc3
Reviewed-on: https://chromium-review.googlesource.com/478579
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44730}
2017-04-19 18:59:11 +00:00
kozyatinskiy
54271c21e2 [inspector] move console to builtins
What will we get:
- console would be included into snapshot and allow us to reduce time that we spent in contextCreated function (~5 times faster),
- it allows us to make further small improvement of console methods, e.g. we can implement super quick return from console.assert if first argument is true,
- console calls are ~ 15% faster.

CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng

BUG=v8:6175
R=dgozman@chromium.org

Review-Url: https://codereview.chromium.org/2785293002
Cr-Original-Original-Original-Commit-Position: refs/heads/master@{#44353}
Committed: 55905f85d6
Review-Url: https://codereview.chromium.org/2785293002
Cr-Original-Original-Commit-Position: refs/heads/master@{#44355}
Committed: cc74ea0bc4
Review-Url: https://codereview.chromium.org/2785293002
Cr-Original-Commit-Position: refs/heads/master@{#44416}
Committed: f5dc738cda
Review-Url: https://codereview.chromium.org/2785293002
Cr-Commit-Position: refs/heads/master@{#44702}
2017-04-18 20:50:30 +00:00
hablich
c5aad5f284 Revert "Reland "ARM64: Add NEON support""
This reverts commit 8faf3d6f25.

Reason: blocks roll https://codereview.chromium.org/2820753003/

TBR=martyn.capewell@arm.com,jarin@chromium.org,bmeurer@chromium.org,machenbach@chromium.org

NOTRY=true

Review-Url: https://codereview.chromium.org/2819093002
Cr-Commit-Position: refs/heads/master@{#44660}
2017-04-15 10:27:17 +00:00
Adam Klein
003f818ac5 [cleanup] Merge harmony-string-padding.js into string.js
Change-Id: I9973858f2596a9bc4d66afbb26612189fbded7f3
Reviewed-on: https://chromium-review.googlesource.com/478413
Reviewed-by: Caitlin Potter <caitp@igalia.com>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44658}
2017-04-14 22:02:20 +00:00
martyn.capewell
8faf3d6f25 Reland "ARM64: Add NEON support"
This reverts commit cc047635ff.
The CL was reverted due to a missing DEPS mirror.

Original issue's description:
> ARM64: Add NEON support
>
> Add assembler, disassembler and simulator support for NEON in the ARM64 backend.
>
> BUG=
>
> Review-Url: https://codereview.chromium.org/2622643005
> Cr-Commit-Position: refs/heads/master@{#44306}

BUG=

Review-Url: https://codereview.chromium.org/2812573003
Cr-Commit-Position: refs/heads/master@{#44652}
2017-04-13 17:23:15 +00:00
Ross McIlroy
b7a7096668 [Interpreter] Remove BytecodePipeline.
The BytecodePipeline is no longer used by any optimizers, so remove it and
connect the BytecodeArrayBuilder directly to the BytecodeWriter.

Also remove some functions from BytecodeNode which are no longer used.

BUG=v8:6194

Change-Id: Id2ec94ff1d4db41b108a778100459283fbb2256c
Reviewed-on: https://chromium-review.googlesource.com/471528
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44619}
2017-04-12 15:18:50 +00:00
Daniel Vogelheim
9c3beacc4d [build] Add all fuzzer targets to v8_fuzzers group.
Change-Id: I7f519cc778157f3ddd4c3135d0620a9f46d1193c
Reviewed-on: https://chromium-review.googlesource.com/475873
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44611}
2017-04-12 12:24:04 +00:00
Leszek Swirski
2e27585601 [build] Add v8_trace_ignition build option
Since --trace-ignition now has to be enabled at snapshot-building time,
this patch adds it as a gn build option.

Change-Id: I5d55339a7be7eef4e1f9da46ec44fbfd431325b7
Reviewed-on: https://chromium-review.googlesource.com/474905
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44583}
2017-04-11 16:10:22 +00:00
Ross McIlroy
790b2d341c [Interpreter] Move dead code elimination to BytecodeArrayWriter.
Move dead bytecode elimination from a seperate bytecode pipeline optimizer
into the BytecodeArrayWriter. This removes the last bytecode pipeline
optimizer, which means we can remove the Bytecode pipeline which,
which should increase compile speed.

BUG=v8:6194

Change-Id: I47fb3c3463b2b8a92e02cf7a6b608683fcfa5261
Reviewed-on: https://chromium-review.googlesource.com/471407
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44568}
2017-04-11 12:39:14 +00:00
Ross McIlroy
fc7c2c5535 [Interpreter] Remove peephole optimizer.
All the optimizations have now been moved to either the BytecodeGenerator
or the BytecodeArrayWriter/Builder.

BUG=v8:6194

Change-Id: Ie5c5d55e824c94ffb503af376c72bc64ad1f6f81
Reviewed-on: https://chromium-review.googlesource.com/469349
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44564}
2017-04-11 11:46:42 +00:00
Michael Achenbach
64173571eb [build] Fix erroneously removed warning flag.
Bug: chromium:709420
TBR=marja@chromium.org

Change-Id: I71cf02137bcc7d8e163162c6dc1be6b906422281
Reviewed-on: https://chromium-review.googlesource.com/474747
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44552}
2017-04-11 09:48:21 +00:00
jkummerow
5f9af1e7b5 Reland "[snapshot] Move builtins generation into mksnapshot"
and out of the main library. This saves about 5% of binary size
(800KB on x64, 373KB on android_arm).

Only the GN build is supported; the GYP build is maintained working
but does not support the feature.

Previously landed as 4782bc0df8 / r44412.

BUG=v8:6055
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_nosnap_rel;

Review-Url: https://codereview.chromium.org/2760233005
Cr-Commit-Position: refs/heads/master@{#44489}
2017-04-07 13:31:29 +00:00
Marja Hölttä
8f54d18ba4 [objects.h splitting] Move out HashTable and related classes.
BUG=v8:5402
R=mstarzinger@chromium.org

Change-Id: I8ce43504fee83dcb6859418a526b2c7aea52e778
Reviewed-on: https://chromium-review.googlesource.com/468968
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44436}
2017-04-06 10:43:21 +00:00
machenbach
e4bb01b760 Revert of [inspector] move console to builtins (patchset #9 id:180001 of https://codereview.chromium.org/2785293002/ )
Reason for revert:
Seems to block roll:
https://codereview.chromium.org/2801013002/

See also:
https://build.chromium.org/p/client.v8.fyi/builders/Linux%20Tests%20%28dbg%29%281%29/builds/2731

Original issue's description:
> [inspector] move console to builtins
>
> What will we get:
> - console would be included into snapshot and allow us to reduce time that we spent in contextCreated function (~5 times faster),
> - it allows us to make further small improvement of console methods, e.g. we can implement super quick return from console.assert if first argument is true,
> - console calls are ~ 15% faster.
>
> BUG=v8:6175
> R=dgozman@chromium.org
>
> Review-Url: https://codereview.chromium.org/2785293002
> Cr-Original-Original-Commit-Position: refs/heads/master@{#44353}
> Committed: 55905f85d6
> Review-Url: https://codereview.chromium.org/2785293002
> Cr-Original-Commit-Position: refs/heads/master@{#44355}
> Committed: cc74ea0bc4
> Review-Url: https://codereview.chromium.org/2785293002
> Cr-Commit-Position: refs/heads/master@{#44416}
> Committed: f5dc738cda

TBR=dgozman@chromium.org,kozyatinskiy@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:6175

Review-Url: https://codereview.chromium.org/2801023003
Cr-Commit-Position: refs/heads/master@{#44429}
2017-04-06 08:38:14 +00:00
kozyatinskiy
ba9fc3d7bc Revert of [snapshot] Move builtins generation into mksnapshot (patchset #8 id:160001 of https://codereview.chromium.org/2760233005/ )
Reason for revert:
I think that this CL breaks chromium compilation on windows with clang (). All other CLs in the list looks trivial and don't change test/unittest/BUILD.gn.

[42456/47924] CXX obj/v8/test/unittests/unittests/value-serializer-unittest.obj
[42457/47924] LINK unittests.exe unittests.exe.pdb
FAILED: unittests.exe unittests.exe.pdb
E:/b/depot_tools/python276_bin/python.exe ../../build/toolchain/win/tool_wrapper.py link-wrapper environment.x64 False link.exe /nologo /OUT:./unittests.exe /PDB:./unittests.exe.pdb @./unittests.exe.rsp
bitmap-unittest.obj : error LNK2019: unresolved external symbol "public: void __cdecl v8::internal::List<class v8::internal::AllocationObserver *,class v8::internal::FreeStoreAllocationPolicy>::Add(class v8::internal::AllocationObserver * const &,class v8::internal::FreeStoreAllocationPolicy)" (?Add@?$List@PEAVAllocationObserver@internal@v8@@VFreeStoreAllocationPolicy@23@@internal@v8@@QEAAXAEBQEAVAllocationObserver@23@VFreeStoreAllocationPolicy@23@@Z) referenced in function "public: virtual void __cdecl v8::internal::Space::AddAllocationObserver(class v8::internal::AllocationObserver *)" (?AddAllocationObserver@Space@internal@v8@@UEAAXPEAVAllocationObserver@23@@Z)

slot-set-unittest.obj : error LNK2001: unresolved external symbol "public: void __cdecl v8::internal::List<class v8::internal::AllocationObserver *,class v8::internal::FreeStoreAllocationPolicy>::Add(class v8::internal::AllocationObserver * const &,class v8::internal::FreeStoreAllocationPolicy)" (?Add@?$List@PEAVAllocationObserver@internal@v8@@VFreeStoreAllocationPolicy@23@@internal@v8@@QEAAXAEBQEAVAllocationObserver@23@VFreeStoreAllocationPolicy@23@@Z)

bitmap-unittest.obj : error LNK2019: unresolved external symbol "public: bool __cdecl v8::internal::List<class v8::internal::AllocationObserver *,class v8::internal::FreeStoreAllocationPolicy>::RemoveElement(class v8::internal::AllocationObserver * const &)" (?RemoveElement@?$List@PEAVAllocationObserver@internal@v8@@VFreeStoreAllocationPolicy@23@@internal@v8@@QEAA_NAEBQEAVAllocationObserver@23@@Z) referenced in function "public: virtual void __cdecl v8::internal::Space::RemoveAllocationObserver(class v8::internal::AllocationObserver *)" (?RemoveAllocationObserver@Space@internal@v8@@UEAAXPEAVAllocationObserver@23@@Z)

slot-set-unittest.obj : error LNK2001: unresolved external symbol "public: bool __cdecl v8::internal::List<class v8::internal::AllocationObserver *,class v8::internal::FreeStoreAllocationPolicy>::RemoveElement(class v8::internal::AllocationObserver * const &)" (?RemoveElement@?$List@PEAVAllocationObserver@internal@v8@@VFreeStoreAllocationPolicy@23@@internal@v8@@QEAA_NAEBQEAVAllocationObserver@23@@Z)

./unittests.exe : fatal error LNK1120: 2 unresolved externals

Original issue's description:
> [snapshot] Move builtins generation into mksnapshot
>
> and out of the main library. This saves about 5% of binary size
> (800KB on x64, 373KB on android_arm).
>
> Only the GN build is supported; the GYP build is maintained working
> but does not support the feature.
>
> BUG=v8:6055
> CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_nosnap_rel;
>
> Review-Url: https://codereview.chromium.org/2760233005
> Cr-Commit-Position: refs/heads/master@{#44412}
> Committed: 4782bc0df8

TBR=jgruber@chromium.org,rmcilroy@chromium.org,machenbach@chromium.org,jkummerow@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:6055

Review-Url: https://codereview.chromium.org/2803903002
Cr-Commit-Position: refs/heads/master@{#44422}
2017-04-05 23:53:11 +00:00
Michael Achenbach
d96fbee9aa [build] Remove remaining disable-inspector options in GN
Bug: chromium:645890
Change-Id: I9856712ca8694b3447a611c3555c42145f449b11
Reviewed-on: https://chromium-review.googlesource.com/464726
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44417}
2017-04-05 17:59:07 +00:00
kozyatinskiy
f5dc738cda [inspector] move console to builtins
What will we get:
- console would be included into snapshot and allow us to reduce time that we spent in contextCreated function (~5 times faster),
- it allows us to make further small improvement of console methods, e.g. we can implement super quick return from console.assert if first argument is true,
- console calls are ~ 15% faster.

BUG=v8:6175
R=dgozman@chromium.org

Review-Url: https://codereview.chromium.org/2785293002
Cr-Original-Original-Commit-Position: refs/heads/master@{#44353}
Committed: 55905f85d6
Review-Url: https://codereview.chromium.org/2785293002
Cr-Original-Commit-Position: refs/heads/master@{#44355}
Committed: cc74ea0bc4
Review-Url: https://codereview.chromium.org/2785293002
Cr-Commit-Position: refs/heads/master@{#44416}
2017-04-05 16:55:19 +00:00
jkummerow
4782bc0df8 [snapshot] Move builtins generation into mksnapshot
and out of the main library. This saves about 5% of binary size
(800KB on x64, 373KB on android_arm).

Only the GN build is supported; the GYP build is maintained working
but does not support the feature.

BUG=v8:6055
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_nosnap_rel;

Review-Url: https://codereview.chromium.org/2760233005
Cr-Commit-Position: refs/heads/master@{#44412}
2017-04-05 13:28:48 +00:00
Marja Hölttä
f44759d9ff [objects.h splitting] Move out Dictionary and related classes.
BUG=v8:5402
R=mstarzinger@chromium.org

Change-Id: Ib53721867e0978b6f4f127883ae1b72145adb6e8
Reviewed-on: https://chromium-review.googlesource.com/461863
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44369}
2017-04-04 10:48:07 +00:00
machenbach
7c10795209 Revert of [inspector] move console to builtins (patchset #7 id:140001 of https://codereview.chromium.org/2785293002/ )
Reason for revert:
http://crbug.com/v8/6198

Original issue's description:
> [inspector] move console to builtins
>
> What will we get:
> - console would be included into snapshot and allow us to reduce time that we spent in contextCreated function (~5 times faster),
> - it allows us to make further small improvement of console methods, e.g. we can implement super quick return from console.assert if first argument is true,
> - console calls are ~ 15% faster.
>
> BUG=v8:6175
> R=dgozman@chromium.org
>
> Review-Url: https://codereview.chromium.org/2785293002
> Cr-Original-Commit-Position: refs/heads/master@{#44353}
> Committed: 55905f85d6
> Review-Url: https://codereview.chromium.org/2785293002
> Cr-Commit-Position: refs/heads/master@{#44355}
> Committed: cc74ea0bc4

TBR=dgozman@chromium.org,kozyatinskiy@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:6175

Review-Url: https://codereview.chromium.org/2790343002
Cr-Commit-Position: refs/heads/master@{#44358}
2017-04-04 06:48:04 +00:00
kozyatinskiy
cc74ea0bc4 [inspector] move console to builtins
What will we get:
- console would be included into snapshot and allow us to reduce time that we spent in contextCreated function (~5 times faster),
- it allows us to make further small improvement of console methods, e.g. we can implement super quick return from console.assert if first argument is true,
- console calls are ~ 15% faster.

BUG=v8:6175
R=dgozman@chromium.org

Review-Url: https://codereview.chromium.org/2785293002
Cr-Original-Commit-Position: refs/heads/master@{#44353}
Committed: 55905f85d6
Review-Url: https://codereview.chromium.org/2785293002
Cr-Commit-Position: refs/heads/master@{#44355}
2017-04-04 00:38:38 +00:00
kozyatinskiy
6ecbb8572a Revert of [inspector] move console to builtins (patchset #6 id:120001 of https://codereview.chromium.org/2785293002/ )
Reason for revert:
console.toString() should return "[object Object]"

Original issue's description:
> [inspector] move console to builtins
>
> What will we get:
> - console would be included into snapshot and allow us to reduce time that we spent in contextCreated function (~5 times faster),
> - it allows us to make further small improvement of console methods, e.g. we can implement super quick return from console.assert if first argument is true,
> - console calls are ~ 15% faster.
>
> BUG=v8:6175
> R=dgozman@chromium.org
>
> Review-Url: https://codereview.chromium.org/2785293002
> Cr-Commit-Position: refs/heads/master@{#44353}
> Committed: 55905f85d6

TBR=dgozman@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:6175

Review-Url: https://codereview.chromium.org/2795003003
Cr-Commit-Position: refs/heads/master@{#44354}
2017-04-03 23:29:34 +00:00
kozyatinskiy
55905f85d6 [inspector] move console to builtins
What will we get:
- console would be included into snapshot and allow us to reduce time that we spent in contextCreated function (~5 times faster),
- it allows us to make further small improvement of console methods, e.g. we can implement super quick return from console.assert if first argument is true,
- console calls are ~ 15% faster.

BUG=v8:6175
R=dgozman@chromium.org

Review-Url: https://codereview.chromium.org/2785293002
Cr-Commit-Position: refs/heads/master@{#44353}
2017-04-03 23:00:49 +00:00
machenbach
cc047635ff Revert "ARM64: Add NEON support"
This reverts commit 4506382dce.

We don't allow DEPS'ing things outside googlesource. This requires a
mirror. Also .gitignore entry is missing.

NOTRY=true
NOTREECHECKS=true
NOPRESUBMIT=true
TBR=bmeurer@chromium.org

Review-Url: https://codereview.chromium.org/2785183005
Cr-Commit-Position: refs/heads/master@{#44307}
2017-03-31 12:33:57 +00:00
martyn.capewell
4506382dce ARM64: Add NEON support
Add assembler, disassembler and simulator support for NEON in the ARM64 backend.

BUG=

Review-Url: https://codereview.chromium.org/2622643005
Cr-Commit-Position: refs/heads/master@{#44306}
2017-03-31 11:33:02 +00:00
Andreas Haas
eef2a462ad [gn] Remove the wasm_test_signatures source set.
The source set only contained a header file, which caused problems
when compiling a static library with VS.

R=machenbach@chromium.org
BUG=v8:6158

Change-Id: I3eed4a888e72cf6a2917190e4a1db7b38006cd0c
Reviewed-on: https://chromium-review.googlesource.com/463027
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44263}
2017-03-30 10:00:28 +00:00
Caitlin Potter
bf463c4dc0 [async-iteration] implement AsyncGenerator
- Introduce new struct AsyncGeneratorRequest, which holds
  information pertinent to resuming execution of an
  AsyncGenerator, such as the Promise associated with the async
  generator request. It is intended to be used as a singly
  linked list, and holds a pointer to the next item in te queue.

- Introduce JSAsyncGeneratorObject (subclass of
  JSGeneratorObject), which includes several new internal fields
  (`queue` which contains a singly linked list of
  AsyncGeneratorRequest objects, and `await_input` which
  contains the sent value from an Await expression (This is
  necessary to prevent function.sent (used by yield*) from
  having the sent value observably overwritten during
  execution).

- Modify SuspendGenerator to accept a set of Flags, which
  indicate whether the suspend is for a Yield or Await, and
  whether it takes place on an async generator or ES6
  generator.

- Introduce interpreter intrinsics and TF intrinsic lowering for
  accessing the await input of an async generator

- Modify the JSGeneratorStore operator to understand whether or
  not it's suspending for a normal yield, or an AsyncGenerator
  Await. This ensures appropriate registers are stored.

- Add versions of ResumeGeneratorTrampoline which store the
  input value in a different field depending on wether it's an
  AsyncGenerator Await resume, or an ordinary resume. Also modifies
  whether debug code will assert that the generator object is a
  JSGeneratorObject or a JSAsyncGeneratorObject depending on the
  resume type.

BUG=v8:5855
R=bmeurer@chromium.org, rmcilroy@chromium.org, jgruber@chromium.org,
littledan@chromium.org, neis@chromium.org
TBR=marja@chromium.org

Change-Id: I9d58df1d344465fc937fe7eed322424204497187
Reviewed-on: https://chromium-review.googlesource.com/446961
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44240}
2017-03-29 17:33:12 +00:00
jarin
51ef3212bf [turbofan] Remove the --print-turbo-replay flag.
Review-Url: https://codereview.chromium.org/2775423005
Cr-Commit-Position: refs/heads/master@{#44224}
2017-03-29 10:51:18 +00:00
Yang Guo
da5b745dba [api] deprecate unused context size estimate.
Change-Id: I8de170892f061a8b30d1e39d1a7d3b4e2fe9230d
Reviewed-on: https://chromium-review.googlesource.com/461823
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44222}
2017-03-29 09:56:22 +00:00
jgruber
ac67a8cd1a [builtins] Extract builtin definitions
Move builtin definitions (i.e. BUILTIN_LIST and family) to a separate header
in preparation for auto-generation of TFS interface descriptors.

BUG=v8:6116

Review-Url: https://codereview.chromium.org/2784793002
Cr-Commit-Position: refs/heads/master@{#44221}
2017-03-29 09:56:08 +00:00
Marja Hölttä
09050c8a96 [objects.h splitting] Move out FrameArray.
BUG=v8:5402
R=mstarzinger@chromium.org

Change-Id: I4220cd1d7907f9c353265aeab38ee53dcf6f56b6
Reviewed-on: https://chromium-review.googlesource.com/459541
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44112}
2017-03-24 17:38:13 +00:00
Marja Hölttä
c769745d58 [objects.h splitting] Move out DescriptorArray.
BUG=v8:5402
R=mstarzinger@chromium.org

Change-Id: I4b22be4ec2b55a2aeb003b23b2528cef6df29138
Reviewed-on: https://chromium-review.googlesource.com/459616
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44102}
2017-03-24 12:40:10 +00:00
bradnelson
083a8d7209 [wasm][asm.js] Asm.js -> wasm custom parser.
Add the --fast-validate-asm option, which directs asm.js code
to a new parser + validator + wasm code generator,
which is then compiled using WebAssembly.

This parser takes advantage of asm.js structure to linearly parse
asm.js code, keeping a scope stack + a few additional tables to track
varibles.

BUG=v8:6090
BUG=v8:4203

R=mstarzinger@chromium.org,marja@chromium.org,vogelheim@chromium.org,kschimpf@chromium.org

Review-Url: https://codereview.chromium.org/2757693003
Cr-Commit-Position: refs/heads/master@{#44084}
2017-03-24 05:53:50 +00:00
jwolfe
4a5d1e2535 Migrate String.prototype.to{Upper,Lower}Case functions from JS to CPP builtins.
Move ICU case conversion utility functions to a common location.

BUG=v8:5751
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_noi18n_rel_ng

Review-Url: https://codereview.chromium.org/2728763006
Cr-Commit-Position: refs/heads/master@{#44050}
2017-03-22 23:06:36 +00:00
Igor Sheludko
681e3312f0 [builtins][interpreter] Move BinaryOpAssembler to its own file.
This CL also
1) turns (Add/Subtract)WithFeedbackStub into builtins
2) makes interpreter use BinaryOpAssembler directly
3) drops unused (Multipy/Divide/Modulus)WithFeedbackStubs

BUG=v8:6116

Change-Id: I994aba6442f173535c13dfbaaafae1033de3f2ce
Reviewed-on: https://chromium-review.googlesource.com/458438
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44042}
2017-03-22 18:05:22 +00:00
Igor Sheludko
e046b80a55 [stubs] Introduce TF_STUB macro.
... which is a TF_BUILTIN-like wrapper for defining code stubs.

BUG=v8:6116

Change-Id: Iad599dfc71a50c5082d9e3fba2a7b553b9912207
Reviewed-on: https://chromium-review.googlesource.com/458476
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44022}
2017-03-22 12:56:32 +00:00
jkummerow
c8a727dec2 [interpreter] Split out intrinsics generation
This frees up the InterpreterAssembler for no longer being linked
into the main library.

BUG=v8:6055

Review-Url: https://codereview.chromium.org/2759093004
Cr-Commit-Position: refs/heads/master@{#43979}
2017-03-21 12:33:32 +00:00
jkummerow
f8c707305b [builtins] Move more files into v8_builtins_generators source set
BUG=v8:6055

Review-Url: https://codereview.chromium.org/2760953002
Cr-Commit-Position: refs/heads/master@{#43975}
2017-03-21 11:17:41 +00:00
sebmarchand
2470f2ac71 Disable the 'Function marked forceinline not inlined.' warning on Win.
This used to be disabled implicitly and started to broke after some
refactoring in https://codereview.chromium.org/2758563002

BUG=chromium:703027

Review-Url: https://codereview.chromium.org/2758423002
Cr-Commit-Position: refs/heads/master@{#43958}
2017-03-20 21:48:26 +00:00
jkummerow
221dec328f [interpreter] Split bytecode generation out of interpreter.cc
as InterpreterGenerator. This is in preparation for no longer including
the bytecode handler generation code in the main library.

BUG=v8:6055

Review-Url: https://codereview.chromium.org/2765433003
Cr-Commit-Position: refs/heads/master@{#43949}
2017-03-20 16:56:06 +00:00
Igor Sheludko
e06c719794 [builtins] Define interface descriptors for builtins with JSFunction linkage.
This is a first bulk of changes.

BUG=v8:6116

Change-Id: I9308129bd032c0bf5b60c8e0413ee2cb710891ea
Reviewed-on: https://chromium-review.googlesource.com/456556
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43930}
2017-03-20 12:21:30 +00:00
jgruber
542b41a7cc [gn] Enable stricter build flags
Default to the chromium-internal build config (instead of the more
permissive no_chromium_code config).

BUG=v8:5878

Review-Url: https://codereview.chromium.org/2758563002
Cr-Commit-Position: refs/heads/master@{#43909}
2017-03-17 15:18:18 +00:00
bradnelson
4c3217e132 [wasm][asm.js] Adding custom asm.js lexer.
Adding a custom lexer for asm.js parsing.
It takes advantage of a number of asm.js properties to simply things:
* Assumes 'use asm' is the only string.
* Does not handle unicode for now (tools don't emit it).
* Combines global + local string table with lexer.

R=marja@chromium.org,vogelheim@chromium.org,kschimpf@chromium.org

BUG=v8:4203
BUG=v8:6090

Review-Url: https://codereview.chromium.org/2751693002
Cr-Commit-Position: refs/heads/master@{#43874}
2017-03-16 18:10:45 +00:00
Daniel Vogelheim
dee16f8600 [parser] Simplify DuplicateFinder.
The current incarncation of DuplicateFinder does work that
AstValueFactory already does. All that remains is that
DuplicateFinder wraps a container.

Adding const-ness changes were necessary to have IsDuplicateSymbol
be const.

BUG=v8:6092

Change-Id: I8081cfeef363717405d5b6325e290fe7725390dc
Reviewed-on: https://chromium-review.googlesource.com/456317
Commit-Queue: Marja Hölttä <marja@chromium.org>
Commit-Queue: Daniel Vogelheim <vogelheim@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43872}
2017-03-16 17:44:14 +00:00
jgruber
a4c73fa704 [csa] Add CSA::CallBuiltin and Builtins::CallableFor
This is another step towards making calls to builtins more convenient.

Builtins::CallableFor is an automatically generated Callable accessor for TFS
builtins (whereas previously we had to manually add an accessor to
code-factory.{h,cc}).

CSA::CallBuiltin is a convenience wrapper around CallStub for TFS builtins.

We can begin removing accessors for TFS builtins from CodeFactory in an
upcoming commit.

BUG=v8:5737

Review-Url: https://codereview.chromium.org/2752213002
Cr-Commit-Position: refs/heads/master@{#43865}
2017-03-16 14:22:12 +00:00
jkummerow
b3507ff022 [refactor] Separate generated builtins and C++ builtins into separate files
This is in preparation for linking the former only into mksnapshot.
Just shuffling code around, no changes in functionality.

BUG=v8:6055

Review-Url: https://codereview.chromium.org/2752143004
Cr-Commit-Position: refs/heads/master@{#43858}
2017-03-16 11:32:01 +00:00
Marja Hölttä
beacd656f2 [iwyu|arm64] Pre-work for removing the illegal include macro-assembler.h -> assembler-inl.h
BUG=v8:5294

Change-Id: I6214c50c7d1344210a80763b066e5ec56df1265a
Reviewed-on: https://chromium-review.googlesource.com/453460
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43820}
2017-03-15 12:08:50 +00:00
jkummerow
d0e604bf26 FunctionEntryHook: require no-snapshot build
When a FunctionEntryHook parameter was passed to isolate creation,
we ignored any existing snapshots anyway. Since the ability to
bootstrap from scratch will be removed from snapshot builds, the
FunctionEntryHook feature must depend on a no-snapshot build.

BUG=v8:6055

Review-Url: https://codereview.chromium.org/2733203002
Cr-Commit-Position: refs/heads/master@{#43779}
2017-03-14 12:31:03 +00:00
Jochen Eisinger
2cd2f5feff Remove experimental fast accessor builder API
As the code isn't used, but would have to be ported from hand-written
assembly to CodeStubAssembler anyways, I propose to remove it and
restore it if we decide that we actually need it.

R=vogelheim@chromium.org
BUG=

Change-Id: Iffd7fc6ec534b1dd7a9144da900424355c8a7a02
Reviewed-on: https://chromium-review.googlesource.com/453461
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43763}
2017-03-14 08:14:48 +00:00
eholk
118c376fcb [wasm] Initial signal handler
This is basically the minimum viable signal handler for Wasm bounds checks.
It includes the TLS check and the fine grained instructions checks. These
two checks provide most of the safety for the signal handler. Future CLs will
add code range and data range checks for more robustness.

The trap handling code and data structures are all in src/trap-handler, with
the code that actually runs in the signal handler confined to
src/trap-handler/signal-handler.cc.

This changes adds a new V8 API that the embedder should call from a signal
handler that will give V8 the chance to handle the fault first. For hosts that
do not want to implement their own signal handler, we include the option to
install a simple one. This simple handler is also used for the tests.

When a Wasm module is instantiated, information about each function is passed
to the trap handler, which is used to classify faults. These are removed during
the instance finalizer.

Several future enhancements are planned before turning this on by default.
Obviously, the additional checks will be added to MaybeHandleFault. We are
also planning to add a two-level CodeObjectData table that is grouped by
isolates to make cleanup easier and also reduce potential for contending on
a single data structure.

BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277

Review-Url: https://codereview.chromium.org/2371833007
Cr-Original-Original-Commit-Position: refs/heads/master@{#43523}
Committed: a5af7fe9ee
Review-Url: https://codereview.chromium.org/2371833007
Cr-Original-Commit-Position: refs/heads/master@{#43755}
Committed: 338622d7ca
Review-Url: https://codereview.chromium.org/2371833007
Cr-Commit-Position: refs/heads/master@{#43759}
2017-03-13 22:12:23 +00:00
binji
65200967b7 Reland moving Atomics builtins to C++
This reverts the previous revert, commit
5a04f4fd68.

Previously reverted changes:

>    Revert "[SAB] Move Atomics builtins to C++"
>
>     This reverts commit 2b9840d86f.
>
>     Revert "[SAB] Remove unreachable Uint8Clamped atomics paths"
>
>     This reverts commit d1160fb14f.
>
>     Revert "Remove tiny unit test for MinSimple/MaxSimple"
>
>     This reverts commit 837760ecb7.
>
>     Revert "Remove infrastructure for experimental JS natives"
>
>     This reverts commit 8cfe45b6f1.

These changes were reverted to improve a perf regression on a Chrome
bot. Since then, the regression has reappeared, then disappeared again
all from seemingly unrelated changes.

BUG=v8:6033
TBR=adamk@chromium.org,hpayer@chromium.org,yangguo@chromium.org

Review-Url: https://codereview.chromium.org/2732213005
Cr-Commit-Position: refs/heads/master@{#43758}
2017-03-13 20:59:15 +00:00
eholk
aba151b92f Revert of [wasm] Initial signal handler (patchset #60 id:1170001 of https://codereview.chromium.org/2371833007/ )
Reason for revert:
ASAN breakage, such as https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20ASAN/builds/19111/steps/Check/logs/grow-memory

Original issue's description:
> [wasm] Initial signal handler
>
> This is basically the minimum viable signal handler for Wasm bounds checks.
> It includes the TLS check and the fine grained instructions checks. These
> two checks provide most of the safety for the signal handler. Future CLs will
> add code range and data range checks for more robustness.
>
> The trap handling code and data structures are all in src/trap-handler, with
> the code that actually runs in the signal handler confined to
> src/trap-handler/signal-handler.cc.
>
> This changes adds a new V8 API that the embedder should call from a signal
> handler that will give V8 the chance to handle the fault first. For hosts that
> do not want to implement their own signal handler, we include the option to
> install a simple one. This simple handler is also used for the tests.
>
> When a Wasm module is instantiated, information about each function is passed
> to the trap handler, which is used to classify faults. These are removed during
> the instance finalizer.
>
> Several future enhancements are planned before turning this on by default.
> Obviously, the additional checks will be added to MaybeHandleFault. We are
> also planning to add a two-level CodeObjectData table that is grouped by
> isolates to make cleanup easier and also reduce potential for contending on
> a single data structure.
>
> BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277
>
> Review-Url: https://codereview.chromium.org/2371833007
> Cr-Original-Commit-Position: refs/heads/master@{#43523}
> Committed: a5af7fe9ee
> Review-Url: https://codereview.chromium.org/2371833007
> Cr-Commit-Position: refs/heads/master@{#43755}
> Committed: 338622d7ca

TBR=ahaas@chromium.org,bradnelson@google.com,hpayer@chromium.org,jochen@chromium.org,mark@chromium.org,mseaborn@chromium.org,titzer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277

Review-Url: https://codereview.chromium.org/2744383002
Cr-Commit-Position: refs/heads/master@{#43757}
2017-03-13 20:03:25 +00:00
eholk
338622d7ca [wasm] Initial signal handler
This is basically the minimum viable signal handler for Wasm bounds checks.
It includes the TLS check and the fine grained instructions checks. These
two checks provide most of the safety for the signal handler. Future CLs will
add code range and data range checks for more robustness.

The trap handling code and data structures are all in src/trap-handler, with
the code that actually runs in the signal handler confined to
src/trap-handler/signal-handler.cc.

This changes adds a new V8 API that the embedder should call from a signal
handler that will give V8 the chance to handle the fault first. For hosts that
do not want to implement their own signal handler, we include the option to
install a simple one. This simple handler is also used for the tests.

When a Wasm module is instantiated, information about each function is passed
to the trap handler, which is used to classify faults. These are removed during
the instance finalizer.

Several future enhancements are planned before turning this on by default.
Obviously, the additional checks will be added to MaybeHandleFault. We are
also planning to add a two-level CodeObjectData table that is grouped by
isolates to make cleanup easier and also reduce potential for contending on
a single data structure.

BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277

Review-Url: https://codereview.chromium.org/2371833007
Cr-Original-Commit-Position: refs/heads/master@{#43523}
Committed: a5af7fe9ee
Review-Url: https://codereview.chromium.org/2371833007
Cr-Commit-Position: refs/heads/master@{#43755}
2017-03-13 19:14:35 +00:00
bjaideep
a7d07a3d29 [build] Add v8gen support for PPC/s390 architecture
Add PPC/s390 configs to mb_config and BUILD.gn. Also
use a script to get host byte ordering.

R=machenbach@chromium.org, dpranke@chromium.org
BUG=
LOG=N

Review-Url: https://codereview.chromium.org/2736993004
Cr-Commit-Position: refs/heads/master@{#43751}
2017-03-13 15:05:51 +00:00
jing.bao
b9614d4bd1 Add several SIMD opcodes to IA32
CreateInt32x4, Int32x4ExtractLane, Int32x4ReplaceLane
Int32x4Add, Int32x4Sub

Also add paddd, psubd, vpaddd, vpsubd, pinsrw to ia32-assembler

BUG=

Review-Url: https://codereview.chromium.org/2695613004
Cr-Original-Commit-Position: refs/heads/master@{#43483}
Committed: 4deb9ffdec
Review-Url: https://codereview.chromium.org/2695613004
Cr-Commit-Position: refs/heads/master@{#43708}
2017-03-10 02:40:06 +00:00
Michael Achenbach
5f00d289f6 [build] Introduce build flag to disable turbofan.
BUG=chromium:682617

Change-Id: I58800e5cf1926fabc684e0f140c2856175877bda
Reviewed-on: https://chromium-review.googlesource.com/451418
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43652}
2017-03-07 17:53:44 +00:00
Daniel Cheng
98d03583ca Add inspector headers to top-level v8 target if inspector is enabled.
Otherwise, v8 embedders need to depend on targets in src.

BUG=chromium:688155

Change-Id: Idea90d8f550cd4d0141b92a7bdd18f4df664d11b
Reviewed-on: https://chromium-review.googlesource.com/447845
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Daniel Cheng <dcheng@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43631}
2017-03-07 10:28:00 +00:00
Camillo Bruni
f3d0bda801 [builtins] For-in fast path for empty dict receivers
Change-Id: I58fc4ad8104f9a334a24de181168122f215a0505

BUG=chromium:678427

Change-Id: I58fc4ad8104f9a334a24de181168122f215a0505
Reviewed-on: https://chromium-review.googlesource.com/447980
Reviewed-by: Mythri Alle <mythria@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43628}
2017-03-07 09:21:19 +00:00
ulan
e96b5ed423 [heap] Implement concurrent marking boilerplate.
This patch adds a trivial ConcurrentMarking class that can start
background tasks.

BUG=chromium:694255

Review-Url: https://codereview.chromium.org/2728363002
Cr-Commit-Position: refs/heads/master@{#43615}
2017-03-06 15:19:36 +00:00
littledan
ccfe50b95a [date] Refactor TimezoneCache to be separate from the OS
This refactoring is preparatory work to enable ICU to be the backend
for timezone information rather than system calls. In the process, a
bit of code duplication that was inserted in the Solaris port patch is
eliminated here among modern POSIX backends.

One possible performance downside of this patch is that it introduces
a virtual method call for operations which were previously not virtual
methods. However, a couple factors mitigate this effect:
- The DateCache minimizes the need for calls into the TimezoneCache
- These calls were already not very high performance, as they included
  a system call which requires an RPC to get out of the sandbox, and
  they are surrounded by C++ builtins, which require a JS to C++
  transition.
- A future transition to ICU, enabled by this refactoring, may improve
  performance by eliminating the system call.

BUG=v8:6031

Review-Url: https://codereview.chromium.org/2731463003
Cr-Commit-Position: refs/heads/master@{#43588}
2017-03-03 13:54:57 +00:00
bmeurer
0b3e554e03 Revert of [wasm] Initial signal handler (patchset #56 id:1090001 of https://codereview.chromium.org/2371833007/ )
Reason for revert:
Breaks tree, i.e. https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20ASAN/builds/18928/steps/Check/logs/grow-memory

Original issue's description:
> [wasm] Initial signal handler
>
> This is basically the minimum viable signal handler for Wasm bounds checks.
> It includes the TLS check and the fine grained instructions checks. These
> two checks provide most of the safety for the signal handler. Future CLs will
> add code range and data range checks for more robustness.
>
> The trap handling code and data structures are all in src/trap-handler, with
> the code that actually runs in the signal handler confined to
> src/trap-handler/signal-handler.cc.
>
> This changes adds a new V8 API that the embedder should call from a signal
> handler that will give V8 the chance to handle the fault first. For hosts that
> do not want to implement their own signal handler, we include the option to
> install a simple one. This simple handler is also used for the tests.
>
> When a Wasm module is instantiated, information about each function is passed
> to the trap handler, which is used to classify faults. These are removed during
> the instance finalizer.
>
> Several future enhancements are planned before turning this on by default.
> Obviously, the additional checks will be added to MaybeHandleFault. We are
> also planning to add a two-level CodeObjectData table that is grouped by
> isolates to make cleanup easier and also reduce potential for contending on
> a single data structure.
>
> BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277
>
> Review-Url: https://codereview.chromium.org/2371833007
> Cr-Commit-Position: refs/heads/master@{#43523}
> Committed: a5af7fe9ee

TBR=ahaas@chromium.org,bradnelson@google.com,hpayer@chromium.org,jochen@chromium.org,mark@chromium.org,mseaborn@chromium.org,titzer@chromium.org,eholk@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277

Review-Url: https://codereview.chromium.org/2723133003
Cr-Commit-Position: refs/heads/master@{#43525}
2017-03-01 19:47:27 +00:00
eholk
a5af7fe9ee [wasm] Initial signal handler
This is basically the minimum viable signal handler for Wasm bounds checks.
It includes the TLS check and the fine grained instructions checks. These
two checks provide most of the safety for the signal handler. Future CLs will
add code range and data range checks for more robustness.

The trap handling code and data structures are all in src/trap-handler, with
the code that actually runs in the signal handler confined to
src/trap-handler/signal-handler.cc.

This changes adds a new V8 API that the embedder should call from a signal
handler that will give V8 the chance to handle the fault first. For hosts that
do not want to implement their own signal handler, we include the option to
install a simple one. This simple handler is also used for the tests.

When a Wasm module is instantiated, information about each function is passed
to the trap handler, which is used to classify faults. These are removed during
the instance finalizer.

Several future enhancements are planned before turning this on by default.
Obviously, the additional checks will be added to MaybeHandleFault. We are
also planning to add a two-level CodeObjectData table that is grouped by
isolates to make cleanup easier and also reduce potential for contending on
a single data structure.

BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277

Review-Url: https://codereview.chromium.org/2371833007
Cr-Commit-Position: refs/heads/master@{#43523}
2017-03-01 18:02:13 +00:00
Michael Achenbach
8e681b24f6 [build] Add build flag to activate the future configuration
BUG=chromium:682617

Change-Id: I96eb6bc982eca2d5f97585f3475583cac3fb338d
Reviewed-on: https://chromium-review.googlesource.com/448556
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43515}
2017-03-01 13:20:04 +00:00
binji
cb8fb46aa3 Move ArrayBuffer.prototype.slice implementation to C++
This will be useful for sharing the implementation with
SharedArrayBuffer.prototype.slice.

BUG=v8:5897

Review-Url: https://codereview.chromium.org/2697013009
Cr-Commit-Position: refs/heads/master@{#43503}
2017-02-28 20:31:02 +00:00
machenbach
a6b20adbf9 Revert of Add several SIMD opcodes to IA32 (patchset #9 id:160001 of https://codereview.chromium.org/2695613004/ )
Reason for revert:
Fails with nosse4:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20debug/builds/13853

Original issue's description:
> Add several SIMD opcodes to IA32
>
> CreateInt32x4, Int32x4ExtractLane, Int32x4ReplaceLane
> Int32x4Add, Int32x4Sub
>
> Also add paddd and psubd to ia32-assembler
>
> BUG=
>
> Review-Url: https://codereview.chromium.org/2695613004
> Cr-Commit-Position: refs/heads/master@{#43483}
> Committed: 4deb9ffdec

TBR=bbudge@chromium.org,gdeepti@chromium.org,bmeurer@chromium.org,jing.bao@intel.com
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review-Url: https://codereview.chromium.org/2717423003
Cr-Commit-Position: refs/heads/master@{#43489}
2017-02-28 14:54:28 +00:00
jing.bao
4deb9ffdec Add several SIMD opcodes to IA32
CreateInt32x4, Int32x4ExtractLane, Int32x4ReplaceLane
Int32x4Add, Int32x4Sub

Also add paddd and psubd to ia32-assembler

BUG=

Review-Url: https://codereview.chromium.org/2695613004
Cr-Commit-Position: refs/heads/master@{#43483}
2017-02-28 13:35:22 +00:00
binji
5a04f4fd68 This is a speculative chain of reverts to improve a Chrome
perf regression. See crbug.com/695653 for more info.

Revert "[SAB] Move Atomics builtins to C++"

This reverts commit 2b9840d86f.

Revert "[SAB] Remove unreachable Uint8Clamped atomics paths"

This reverts commit d1160fb14f.

Revert "Remove tiny unit test for MinSimple/MaxSimple"

This reverts commit 837760ecb7.

Revert "Remove infrastructure for experimental JS natives"

This reverts commit 8cfe45b6f1.

BUG=695653
TBR=hablich@chromium.org

Review-Url: https://codereview.chromium.org/2715223003
Cr-Commit-Position: refs/heads/master@{#43462}
2017-02-27 22:26:27 +00:00
caitp
0423341034 [async-iteration] implement Async-from-Sync Iterator
Introduce a new Object to allow GetIterator("async") to function when the
iterable does not have a Symbol.asyncIterator method.

This patch has been split out from https://codereview.chromium.org/2622833002/
and incorporates test cases.

BUG=v8:5855, v8:4483
R=jgruber@chromium.org, rmcilroy@chromium.org, neis@chromium.org
TBR=hpayer@chromium.org, bmeurer@chromium.org

Review-Url: https://codereview.chromium.org/2645313003
Cr-Commit-Position: refs/heads/master@{#43419}
2017-02-24 17:48:49 +00:00
adamk
8cfe45b6f1 Remove infrastructure for experimental JS natives
Now that no harmony-flagged features are implemented in experimental
JS, most of this is simply dead code.

As PostExperimentals() is no longer needed, I also removed the use of
Import() in the debug context, allowing the deletion of PostDebug()
along with PostExperimentals(); cleanup code is moved to the
end of PostNatives.

Also gets rid of some longer-dead code in prologue.js related to
TypedArrays, and some duplicate code for setting up SharedArrayBuffer
builtins.

Review-Url: https://codereview.chromium.org/2705293004
Cr-Commit-Position: refs/heads/master@{#43418}
2017-02-24 17:43:28 +00:00
Igor Sheludko
3233afb626 [ic] Move code from ic-compiler.h/.cc to KeyedStoreIC.
This is a preliminary cleanup necessary for the actual fix of the associated issue.

BUG=chromium:688734

Change-Id: Iecd39ed4cef34c6cc5d9652c5569e048f0db46af
Reviewed-on: https://chromium-review.googlesource.com/446341
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43410}
2017-02-24 10:32:48 +00:00
mtrofin
caa1d4b262 [wasm] Managed<T> ensures T's lifetime does not leak past Isolate's
Native resources allocated by v8, as internal implementation detail,
and held by a Foreign object, must be released when the Isolate is
torn down. Example: wasm::WasmModule allocated by wasm compile, and
held throughout the lifetime of the WebAssembly.Module object.

This change:
- Extends Managed<CppType> with a mechanism for doing just that
- Separates the role of Managed<CppType> to be strictly an owner of
the lifetime of the native resource. For cases where that's not
desirable, we can polymorphically use Foregin.
- moves managed.h out of wasm, since it's not wasm-specific.

BUG=680065

Review-Url: https://codereview.chromium.org/2676513008
Cr-Commit-Position: refs/heads/master@{#43350}
2017-02-21 17:23:38 +00:00
littledan
2b9840d86f [SAB] Move Atomics builtins to C++
This patch refactors the Atomics builtins so that they are implemented
as C++ builtins rather than experimental JS builtins. Previously, each
of these functions called out to a runtime function, so no significant
change in performance is anticipated. The goal of this patch is to
remove the last user of experimental JS builtins so that the mechanism
can be removed, for performance reasons. The patch includes a drive-by
fix of a check-fail. For the most part, the patch is just moving code
without modification from runtime-atomics.cc to
builtins-sharedarraybuffer.cc .

BUG=v8:5880

Review-Url: https://codereview.chromium.org/2698813004
Cr-Commit-Position: refs/heads/master@{#43335}
2017-02-20 22:08:52 +00:00
clemensh
a690aa2994 [wasm] Refactor code specialization / patching
All patching logic is now bundled in one compilation unit.
The CodeSpecialization object is set up by all relocation and patching
that should be applied, and then be run on individual code objects or
the whole instance in one go. We hence only need to iterate all
relocation tables exactly once at instantiation.
Also, we do not patch contexts any more since we do not embed them in
generated code any more.

R=titzer@chromium.org
BUG=v8:5991

Review-Url: https://codereview.chromium.org/2696143006
Cr-Commit-Position: refs/heads/master@{#43324}
2017-02-20 15:52:16 +00:00
eholk
3e1db847b3 [wasm] Syntax- and Type-aware Fuzzer
This is the beginning of a new fuzzer that generates
correct-by-construction Wasm modules. This should allow us to better
exercise the compiler and correctness aspects of fuzzing. It is based off
of ahaas' original Wasm fuzzer.

At the moment, it can generate expressions made up of most binops, and
also nested blocks with unconditional breaks. Future CLs will add
additional constructs, such as br_if, loops, memory access, etc.

The way the fuzzer works is that it starts with an array of arbitrary
data provided by libfuzzer. It uses the data to generate an expression.
Care is taken to make use of the entire string. Basically, the
generator has a bunch of grammar-like rules for how to construct an
expression of a given type. For example, an i32 can be made by adding
two other i32s, or by wrapping an i64. The process then continues
recursively until all the data is consumed.

We generate an expression from a slice of data as follows:
* If the slice is less than or equal to the size of the type (e.g. 4
  bytes for i32), then it will emit the entire slice as a constant.
* Otherwise, it will consume the first 4 bytes of the slice and use
  this to select which rule to apply. Each rule then consumes the
  remainder of the slice in an appropriate way. For example:
  * Unary ops use the remainder of the slice to generate the argument.
  * Binary ops consume another four bytes and mod this with the length
    of the remaining slice to split the slice into two parts. Each of
    these subslices are then used to generate one of the arguments to
    the binop.
  * Blocks are basically like a unary op, but a stack of block types is
    maintained to facilitate branches. For blocks that end in a break,
    the first four bytes of a slice are used to select the break depth
    and the stack determines what type of expression to generate.
The goal is that once this generator is complete, it will provide a one
to one mapping between binary strings and valid Wasm modules.

Review-Url: https://codereview.chromium.org/2658723006
Cr-Commit-Position: refs/heads/master@{#43289}
2017-02-17 17:06:29 +00:00
clemensh
b6bfe7b911 [wasm] Introduce WasmStackGuard builtin
Instead of placing a runtime call to StackGuard in the compiled wasm
code, we just call the builtin, which is cheaper. By passing Smi::kZero
as context, we save even more code space and avoid embedding the
context in the code.
The WasmStackGuard builtin then calls the new WasmStackGuard runtime
function, which gets the context from the instance attached to the
calling wasm code, and then does the usual StackGuard logic.

For the unity benchmark in asm-wasm mode, generated code size reduces
from 63.0 to 61.6 MB (-2.1%).

R=titzer@chromium.org, ahaas@chromium.org, mstarzinger@chromium.org

Review-Url: https://codereview.chromium.org/2691993004
Cr-Commit-Position: refs/heads/master@{#43277}
2017-02-17 11:37:49 +00:00
Michael Achenbach
34663b428c [test] Fix unittests for perf runner.
This was omitted in:
https://codereview.chromium.org/2615623003

TBR=clemensh@chromium.org,mtrofin@chromium.org
NOTRY=true

Change-Id: I78449fe72e27976b95a9557e0bd8f986ed8caa64
Reviewed-on: https://chromium-review.googlesource.com/443526
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43232}
2017-02-16 08:48:33 +00:00
littledan
407d6bf16b [bootstrapper] Remove Intl experimental natives files
These experimental natives previously only installed functions to the
appropriate parent. In this patch, the exports container is retained
so that the bootstrapper may install the functions instead. This
change is intended to reduce startup time. SharedArrayBuffer retains
some experimental natives exported from JS; this may be addressed
in a follow-on patch. The patch includes some minor cleanup of the
bootstrap process by removing "experimental exports", which was unused.

R=yangguo@chromium.org
BUG=v8:5880
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_noi18n_rel_ng

Review-Url: https://codereview.chromium.org/2683083003
Cr-Commit-Position: refs/heads/master@{#43221}
2017-02-15 17:36:25 +00:00
Michael Starzinger
d0b9062432 [turbofan] Implement early lowering based on type hints.
This allows part of typed lowering that is solely based on type-hints to
run as part of the graph construction. The lowering in question does not
inspect types and hence doesn't require the typer to have run before. We
insert the speculative simplied-level operations in favor of the generic
JavaScript-level variants.

R=bmeurer@chromium.org

Change-Id: I5f0549fc1e4ff607622ee9059e6232a32f77db2e
Reviewed-on: https://chromium-review.googlesource.com/442584
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43208}
2017-02-15 12:18:42 +00:00
Marja Hölttä
a1547aa914 [objects.h splitting] Move out Code::FindAndReplacePattern.
It's needed by code-stubs.h and it was defined in objects-inl.h.
That cannot work without violating the include rules.

BUG=v8:5402
R=mstarzinger@chromium.org

Change-Id: Icb84b97de5622df8cf76e9fc4d117982901c99d9
Reviewed-on: https://chromium-review.googlesource.com/441845
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43195}
2017-02-14 15:53:57 +00:00
bbudge
deabb19abc Remove SIMD.js from V8.
LOG=Y
BUG=v8:4124,v8:5948
R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org

Review-Url: https://codereview.chromium.org/2684313003
Cr-Original-Original-Commit-Position: refs/heads/master@{#43162}
Committed: d170c57ab9
Review-Url: https://codereview.chromium.org/2684313003
Cr-Original-Commit-Position: refs/heads/master@{#43169}
Committed: a9b59a11f1
Review-Url: https://codereview.chromium.org/2684313003
Cr-Commit-Position: refs/heads/master@{#43176}
2017-02-14 06:57:25 +00:00
franzih
a386eb4f04 Revert of Remove SIMD.js from V8. (patchset #7 id:120001 of https://codereview.chromium.org/2684313003/ )
Reason for revert:
Breaks Node integration build.

Original issue's description:
> Remove SIMD.js from V8.
>
> LOG=Y
> BUG=v8:4124,v8:5948
> R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org
>
> Review-Url: https://codereview.chromium.org/2684313003
> Cr-Original-Commit-Position: refs/heads/master@{#43162}
> Committed: d170c57ab9
> Review-Url: https://codereview.chromium.org/2684313003
> Cr-Commit-Position: refs/heads/master@{#43169}
> Committed: a9b59a11f1

TBR=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org,bradnelson@google.com,machenbach@chromium.org,bbudge@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4124,v8:5948

Review-Url: https://codereview.chromium.org/2695653005
Cr-Commit-Position: refs/heads/master@{#43170}
2017-02-13 21:33:46 +00:00
bbudge
a9b59a11f1 Remove SIMD.js from V8.
LOG=Y
BUG=v8:4124,v8:5948
R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org

Review-Url: https://codereview.chromium.org/2684313003
Cr-Original-Commit-Position: refs/heads/master@{#43162}
Committed: d170c57ab9
Review-Url: https://codereview.chromium.org/2684313003
Cr-Commit-Position: refs/heads/master@{#43169}
2017-02-13 20:43:08 +00:00
bradnelson
43fc15bb79 Revert of Remove SIMD.js from V8. (patchset #7 id:120001 of https://codereview.chromium.org/2684313003/ )
Reason for revert:
red

Original issue's description:
> Remove SIMD.js from V8.
>
> LOG=Y
> BUG=v8:4124,5948
> R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org
> (notry since trybots can't patch directory deletes)
> NOTRY=true
>
> Review-Url: https://codereview.chromium.org/2684313003
> Cr-Commit-Position: refs/heads/master@{#43162}
> Committed: d170c57ab9

TBR=bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org,bradnelson@google.com,bbudge@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4124,5948

Review-Url: https://codereview.chromium.org/2692933002
Cr-Commit-Position: refs/heads/master@{#43164}
2017-02-13 18:12:14 +00:00
bbudge
d170c57ab9 Remove SIMD.js from V8.
LOG=Y
BUG=v8:4124,5948
R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org
(notry since trybots can't patch directory deletes)
NOTRY=true

Review-Url: https://codereview.chromium.org/2684313003
Cr-Commit-Position: refs/heads/master@{#43162}
2017-02-13 15:59:22 +00:00
Michael Achenbach
f3b5f70cd2 [foozzie] Add more architectures for correctness comparisons
BUG=chromium:673246
NOTRY=true
TBR=jarin@chromium.org,ahaas@chromium.org

Change-Id: Ie2000f543e017dbef27c3faa49565fe838eddcee
Reviewed-on: https://chromium-review.googlesource.com/441345
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43153}
2017-02-13 10:49:25 +00:00
Jochen Eisinger
38ceadab02 Make sure a pure list of headers is never turned into a static library
Windows won't create empty .lib files, and will subsequently fail to
find the library other rules expect

R=machenbach@chromium.org
BUG=

Change-Id: I8b848834a6957c2164f0eafc853587d39ccb6ca9
Reviewed-on: https://chromium-review.googlesource.com/440244
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43141}
2017-02-13 08:43:43 +00:00
chunyang.dai
e5168c7929 [build] Enable gn build for vtune support in v8.
BUG=

Review-Url: https://codereview.chromium.org/2688483004
Cr-Commit-Position: refs/heads/master@{#43133}
2017-02-13 02:54:05 +00:00
Camillo Bruni
a360134bf1 [ignition] Simplify ForInPrepare by directly using TF builtin
Change-Id: I91bedd8d30e32f270fb528d0d8bbfed45074878f
Reviewed-on: https://chromium-review.googlesource.com/440065
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43103}
2017-02-10 14:33:11 +00:00
titzer
4f4da1f87d [wasm] Refactoring: move bytecode operands into wasm-decoder-impl.h
R=bradnelson@chromium.org,clemensh@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2682943007
Cr-Commit-Position: refs/heads/master@{#43077}
2017-02-10 01:16:37 +00:00
yangguo
058d7ab7f4 [debugger] implement per-function code coverage.
Collect code coverage from the available invocation counts.
The granularity is at function level, and invocation counts may
be lost to GC.

Coverage::Collect returns a std::vector of Coverage::ScriptData.
Each ScriptData contains a script ID and a std::vector of
Coverage::RangeEntry.
Each RangeEntry consists of a end position and the invocation
count. The start position is implicit from the end position of
the previous RangeEntry, or 0 if it's the first RangeEntry.

R=jgruber@chromium.org
BUG=v8:5808

Review-Url: https://codereview.chromium.org/2689493002
Cr-Commit-Position: refs/heads/master@{#43072}
2017-02-09 19:00:49 +00:00
danno
c205c9b7ea [builtins] Port parameter and argument-related code stubs to CSA
Includes the port of these three builtins: FastNewStrictArguments,
FastNewSloppyArguments and FastNewRestParameter. Also inline
the implementation of these into the corresponding interpreter
byte codes.

BUG=v8:5269
LOG=N
R=ishell@chromium.org, rmcilroy@chromium.org

Review-Url: https://codereview.chromium.org/2645743002
Cr-Commit-Position: refs/heads/master@{#43002}
2017-02-07 16:02:44 +00:00
ishell@chromium.org
32971301ea Rename TypeFeedbackVector to FeedbackVector.
... and TypeFeedbackMetadata to FeedbackMetadata.

BUG=

Change-Id: I2556d1c2a8f37b8cf3d532cc98d973b6dc7e9e6c
Reviewed-on: https://chromium-review.googlesource.com/439244
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#42999}
2017-02-07 14:46:36 +00:00
machenbach
13de00c0be [foozzie] Support multi-architecture builds
This adds optional multi-architecture builds, allowing to compile
x86 and x64 in one build. The correctness fuzzer can be configured to
compare the two executables, e.g. to compare x86 to x64 run the
launcher with: --second-d8=clang_x86/d8 in an x64 build.

Configuring the executable's architecture is now simplified and
inferred from the gn build configuration.

Building for clusterfuzz has now a new canonical target that can be
used by the infrastructure (defaults to d8).

The clusterfuzz release builder is now defined to compile
multi-arch builds, which will have an effect as soon as the
infrastructure refers to the new clusterfuzz target.

BUG=chromium:673246
NOTRY=true
TBR=mstarzinger,jarin

Review-Url: https://codereview.chromium.org/2649133010
Cr-Commit-Position: refs/heads/master@{#42884}
2017-02-02 11:32:52 +00:00
jgruber
cb19ecd610 [string] Migrate String.prototype.{split,replace} to TF
BUG=

Review-Url: https://codereview.chromium.org/2663803002
Cr-Original-Commit-Position: refs/heads/master@{#42881}
Committed: 65ad1e35d9
Review-Url: https://codereview.chromium.org/2663803002
Cr-Commit-Position: refs/heads/master@{#42883}
2017-02-02 11:31:01 +00:00
machenbach
2517b79cd6 Revert of [string] Migrate String.prototype.{split,replace} to TF (patchset #12 id:220001 of https://codereview.chromium.org/2663803002/ )
Reason for revert:
Breaks win64 debug:
https://build.chromium.org/p/client.v8/builders/V8%20Win64%20-%20debug/builds/14967

Original issue's description:
> [string] Migrate String.prototype.{split,replace} to TF
>
> BUG=
>
> Review-Url: https://codereview.chromium.org/2663803002
> Cr-Commit-Position: refs/heads/master@{#42881}
> Committed: 65ad1e35d9

TBR=bmeurer@chromium.org,ishell@chromium.org,yangguo@chromium.org,jgruber@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review-Url: https://codereview.chromium.org/2671673003
Cr-Commit-Position: refs/heads/master@{#42882}
2017-02-02 11:10:26 +00:00
jgruber
65ad1e35d9 [string] Migrate String.prototype.{split,replace} to TF
BUG=

Review-Url: https://codereview.chromium.org/2663803002
Cr-Commit-Position: refs/heads/master@{#42881}
2017-02-02 10:09:10 +00:00
bmeurer
a14f228188 [turbofan] Support fast access to the current global object.
This is essentially a port of http://crrev.com/2403003002 to TurboFan,
adding support for fast access to JSGlobalObject properties through the
current native contexts' JSGlobalProxy.

It's a slightly bigger change, since JSNativeContextSpecialization and
JSGlobalObjectSpecialization needs merging for this to work, as due to
different type feedback layout we cannot just turn a JSLoadNamed into
JSLoadGlobal operator (and same for JSStoreNamed vs. JSStoreGlobal).
This part of the change is mostly mechanical.

CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_rel_ng
R=ishell@chromium.org, jochen@chromium.org
BUG=chromium:634276,v8:5267

Review-Url: https://codereview.chromium.org/2664853002
Cr-Commit-Position: refs/heads/master@{#42805}
2017-01-31 06:47:01 +00:00
mvstanton
93f05b64ae [TypeFeedbackVector] Combine the literals array and the feedback vector.
They have the same lifetime. It's a match!

Both structures are native context dependent and dealt with (creation,
clearing, gathering feedback) at the same time. By treating the spaces used
for literal boilerplates as feedback vector slots, we no longer have to keep
track of the materialized literal count elsewhere.

A follow-on CL removes even more parser infrastructure related to this count.

BUG=v8:5456

Review-Url: https://codereview.chromium.org/2655853010
Cr-Commit-Position: refs/heads/master@{#42771}
2017-01-30 12:31:35 +00:00
marja
5f950698c0 [objects.h splitting] Move out ConstantElementsPair and BoileplateDescriptor.
BUG=v8:5402

Review-Url: https://codereview.chromium.org/2663513002
Cr-Commit-Position: refs/heads/master@{#42742}
2017-01-27 15:29:47 +00:00
danno
5344571580 Make enabling of CSA verifier a build-time flag
BUG=chromium:685561

Review-Url: https://codereview.chromium.org/2650273006
Cr-Commit-Position: refs/heads/master@{#42734}
2017-01-27 11:32:27 +00:00
brettw
9d9711a8eb Remove build_overrides/v8.gni.
Chrome now uses the default_args system for specifying its own definitions of
these variables so the separate file in build_overrides is no longer necessary.

BUG=684096

Review-Url: https://codereview.chromium.org/2652263003
Cr-Commit-Position: refs/heads/master@{#42712}
2017-01-26 20:18:58 +00:00
marja
6053f4a331 [parser]: Skipping inner funcs / initial implemetation of storing scope analysis data from preparsed scopes.
The data produced at the moment only contains information about scope type +
positions, and only the most trivial tests pass.

Upcoming CLs will extend the data to contain information about variables (once
PreParser can produce it) and add more test cases.

BUG=v8:5516

Review-Url: https://codereview.chromium.org/2650703003
Cr-Commit-Position: refs/heads/master@{#42656}
2017-01-25 13:03:19 +00:00
brettw
98dbcfde26 Conditionally convert V8 build overrides to declare_args.
We're converting the build_overrides system to the new default_args list of
overrides that can be listed in the toplevel .gn file. This will allow args to
be set on a per-repo basis.

This change conditionally adds the variables currently defined in
build_overrides/v8.gni to build args. This allows V8's build to be used in both
the new and old systems. Once all Chrome and pdfium have been updated, v8's
build overrides and the conditional checks around the new args can be removed.

BUG=684096

Review-Url: https://codereview.chromium.org/2654663003
Cr-Commit-Position: refs/heads/master@{#42639}
2017-01-25 00:20:56 +00:00
hablich
d840ed11d9 Revert of [build] Introduce an embedder version string (patchset #3 id:40001 of https://codereview.chromium.org/2619213002/ )
Reason for revert:
Blocks roll https://codereview.chromium.org/2647183002/

Original issue's description:
> [build] Introduce an embedder version string
>
> Sometimes, the embedder might want to merge a fix to an abandoned branch
> or to a supported branch but the fix is not relevant to Chromium.
> This adds a new version string that the embedder can set on compile time
> and that will be appended to the official V8 version.
> The separator must be provided in the string. For instance, to have a
> full version string like "5.5.372.37.custom.1", the embedder must set
> V8_EMBEDDER_STRING to ".custom.1".
>
> Related Node.js issue: https://github.com/nodejs/node/pull/9754
>
> BUG=v8:5740
> R=machenbach@chromium.org,hablich@chromium.com,ofrobots@google.com
>
> CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_rel_ng
>
> Review-Url: https://codereview.chromium.org/2619213002
> Cr-Original-Commit-Position: refs/heads/master@{#42175}
> Committed: fc86d4329b
> Review-Url: https://codereview.chromium.org/2619213002
> Cr-Commit-Position: refs/heads/master@{#42582}
> Committed: 2c1d1e6088

TBR=hablich@chromium.com,machenbach@chromium.org,ofrobots@google.com,mic.besace@gmail.com
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5740

Review-Url: https://codereview.chromium.org/2643393004
Cr-Commit-Position: refs/heads/master@{#42583}
2017-01-21 22:36:54 +00:00
mic.besace
2c1d1e6088 [build] Introduce an embedder version string
Sometimes, the embedder might want to merge a fix to an abandoned branch
or to a supported branch but the fix is not relevant to Chromium.
This adds a new version string that the embedder can set on compile time
and that will be appended to the official V8 version.
The separator must be provided in the string. For instance, to have a
full version string like "5.5.372.37.custom.1", the embedder must set
V8_EMBEDDER_STRING to ".custom.1".

Related Node.js issue: https://github.com/nodejs/node/pull/9754

BUG=v8:5740
R=machenbach@chromium.org,hablich@chromium.com,ofrobots@google.com

CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_rel_ng

Review-Url: https://codereview.chromium.org/2619213002
Cr-Original-Commit-Position: refs/heads/master@{#42175}
Committed: fc86d4329b
Review-Url: https://codereview.chromium.org/2619213002
Cr-Commit-Position: refs/heads/master@{#42582}
2017-01-21 19:04:22 +00:00
jgruber
87851fda78 [async-await] Move remaining async-await code to TF
This moves AsyncFunctionAwait{Caught,Uncaught} to CSA, and removes
async-await.js.

BUG=v8:5639

Review-Url: https://codereview.chromium.org/2643023002
Cr-Commit-Position: refs/heads/master@{#42579}
2017-01-20 19:36:28 +00:00
marja
226e454069 includes: move Label out of assembler.h.
E.g., ast/ast.h uses Label but shouldn't need to include assembler.h for that. With
this change, we can hope for proper layering in the future (not quite there
yet).

Also includes minor random include lowering and relevant IWYU fixes.

BUG=v8:5294

Review-Url: https://codereview.chromium.org/2645063002
Cr-Commit-Position: refs/heads/master@{#42563}
2017-01-20 14:21:34 +00:00
marja
7366d8954c objects.h splitting: Move RegExpMatchInfo.
BUG=v8:5402

Review-Url: https://codereview.chromium.org/2642353002
Cr-Commit-Position: refs/heads/master@{#42552}
2017-01-20 13:01:55 +00:00
jkummerow
89f5efb761 [ic] Clean up handler boilerplate
- builtins-ic.cc takes the place of the AccessorAssembler shim
- AccessorAssemblerImpl can then be renamed
- some cleanup in code-factory.cc
- drop old _TF name suffixes
- fix Generate##Name##Impl in TF_BUILTIN macro

Review-Url: https://codereview.chromium.org/2647493002
Cr-Commit-Position: refs/heads/master@{#42520}
2017-01-19 18:39:07 +00:00
jgruber
d37c407a81 [async-await] Move PromiseCreate and PromiseRelease to TF
BUG=v8:5639

Review-Url: https://codereview.chromium.org/2638073002
Cr-Commit-Position: refs/heads/master@{#42508}
2017-01-19 15:15:38 +00:00
mattloring
0ecc6b0600 FFI Compiler outline based on code stub assembler. We are looking to land this frame to allow specific type translation implementations to proceed in parallel.
BUG=v8:4456

Review-Url: https://codereview.chromium.org/2607993003
Cr-Commit-Position: refs/heads/master@{#42475}
2017-01-18 19:13:49 +00:00
caitp
4173fda417 [builtins] introduce AsyncBuiltinsAssembler for ES2016 features and beyond
First step in splitting apart https://codereview.chromium.org/2622833002/ to
land piece by piece.

Porting src/js/async-await.js to TF builtins using this boilerplate is
now very straightforward.

BUG=v8:4483, v8:5855
R=jgruber@chromium.org, gsathya@chromium.org

Review-Url: https://codereview.chromium.org/2635353002
Cr-Commit-Position: refs/heads/master@{#42466}
2017-01-18 15:41:03 +00:00
gsathya
875165ea17 [promises] Clean up promise utils and remove dead code
BUG=v8:5343

Review-Url: https://codereview.chromium.org/2637523002
Cr-Commit-Position: refs/heads/master@{#42423}
2017-01-17 17:09:51 +00:00
marja
4fb60b2158 objects.h splitting side work: move scopeinfo.cc to its logical place.
src/ast/scopeinfo.cc -> src/objects/scope-info.cc

BUG=v8:5402

Review-Url: https://codereview.chromium.org/2637793002
Cr-Commit-Position: refs/heads/master@{#42357}
2017-01-16 10:30:59 +00:00
ishell
b908229500 [build] Add more v8 build options and fix existing ones.
New options: v8_enable_trace_maps, v8_enable_v8_checks.
Renamed options for consistency: v8_object_print to v8_enable_object_print.
Fixed options: v8_enable_verify_heap, v8_enable_object_print.

BUG=

Review-Url: https://codereview.chromium.org/2625393003
Cr-Commit-Position: refs/heads/master@{#42338}
2017-01-13 17:28:51 +00:00
vogelheim
369e5c8cce [build] Have one build target for all v8 fuzzers.
R=machenbach@chromium.org, ahaas@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2632493002
Cr-Commit-Position: refs/heads/master@{#42310}
2017-01-13 09:09:26 +00:00
scottmg
ffc0931f87 Pull define for version out into v8-version-string.h and separate build target
This is part of removing the dependency of the Chromium browser DLL on
Windows on V8.

R=jochen@chromium.org
BUG=chromium:581766

Review-Url: https://codereview.chromium.org/2621983002
Cr-Original-Commit-Position: refs/heads/master@{#42243}
Committed: 4593845417
Review-Url: https://codereview.chromium.org/2621983002
Cr-Commit-Position: refs/heads/master@{#42289}
2017-01-12 20:51:37 +00:00
hablich
1adc70b0f9 Revert of Pull define for version out into v8-version.h and separate build target (patchset #1 id:1 of https://codereview.chromium.org/2621983002/ )
Reason for revert:
Blocks roll: https://codereview.chromium.org/2633463002/

Original issue's description:
> Pull define for version out into v8-version.h and separate build target
>
> This is part of removing the dependency of the Chromium browser DLL on
> Windows on V8.
>
> R=jochen@chromium.org
> BUG=chromium:581766
>
> Review-Url: https://codereview.chromium.org/2621983002
> Cr-Commit-Position: refs/heads/master@{#42243}
> Committed: 4593845417

TBR=jochen@chromium.org,machenbach@chromium.org,scottmg@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:581766

Review-Url: https://codereview.chromium.org/2627713008
Cr-Commit-Position: refs/heads/master@{#42257}
2017-01-12 09:26:47 +00:00
scottmg
4593845417 Pull define for version out into v8-version.h and separate build target
This is part of removing the dependency of the Chromium browser DLL on
Windows on V8.

R=jochen@chromium.org
BUG=chromium:581766

Review-Url: https://codereview.chromium.org/2621983002
Cr-Commit-Position: refs/heads/master@{#42243}
2017-01-11 18:40:53 +00:00
marja
03762b8488 objects.h splitting: move ModuleInfo
Including a fix: object-macros.h needs to be the last include: otherwise
we'll have a problem when a file does this:

#include "object-macros.h"
#include "x.h" // x.h also includes object-macros.h

BUG=v8:5402

Review-Url: https://codereview.chromium.org/2623573003
Cr-Commit-Position: refs/heads/master@{#42187}
2017-01-10 16:05:34 +00:00
hablich
f3026389ff Revert of [build] Introduce an embedder version string (patchset #2 id:20001 of https://codereview.chromium.org/2619213002/ )
Reason for revert:
Seems to break the Chromium build: https://codereview.chromium.org/2619193005/

Message:

[1832/9671] CXX obj/v8/v8_base/version.o
FAILED: obj/v8/v8_base/version.o
/b/c/cipd/goma/gomacc ../../third_party/llvm-build/Release+Asserts/bin/clang++ -MMD -MF obj/v8/v8_base/version.o.d -DV8_DEPRECATION_WARNINGS -DDCHECK_ALWAYS_ON=1 -DUSE_UDEV -DUI_COMPOSITOR_IMAGE_TRANSPORT -DUSE_AURA=1 -DUSE_PANGO=1 -DUSE_CAIRO=1 -DUSE_GLIB=1 -DUSE_NSS_CERTS=1 -DUSE_X11=1 -DUSE_PROPRIETARY_CODECS -DFULL_SAFE_BROWSING -DSAFE_BROWSING_CSD -DSAFE_BROWSING_DB_LOCAL -DCHROMIUM_BUILD -DENABLE_MEDIA_ROUTER=1 -DFIELDTRIAL_TESTING_ENABLED -DCR_CLANG_REVISION=289944-2 -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -DNDEBUG -DNVALGRIND -DDYNAMIC_ANNOTATIONS_ENABLED=0 -DV8_I18N_SUPPORT -DENABLE_HANDLE_ZAPPING -DV8_USE_EXTERNAL_STARTUP_DATA -DV8_TARGET_ARCH_X64 -DDEBUG -DU_USING_ICU_NAMESPACE=0 -DU_ENABLE_DYLOAD=0 -DU_STATIC_IMPLEMENTATION -DICU_UTIL_DATA_IMPL=ICU_UTIL_DATA_FILE -I../.. -Igen -I../../v8 -I../../v8/include -I../../third_party/icu/source/common -I../../third_party/icu/source/i18n -fno-strict-aliasing --param=ssp-buffer-size=4 -fstack-protector -funwind-tables -fPIC -pipe -B../../third_party/binutils/Linux_x64/Release/bin -fcolor-diagnostics -fdebug-prefix-map=/b/c/b/linux/src=. -m64 -march=x86-64 -pthread -g1 --sysroot=../../build/linux/debian_wheezy_amd64-sysroot -fvisibility=hidden -Xclang -load -Xclang ../../third_party/llvm-build/Release+Asserts/lib/libFindBadConstructs.so -Xclang -add-plugin -Xclang find-bad-constructs -Xclang -plugin-arg-find-bad-constructs -Xclang check-ipc -Wheader-hygiene -Wstring-conversion -Wtautological-overlap-compare -Werror -Wall -Wno-unused-variable -Wno-missing-field-initializers -Wno-unused-parameter -Wno-c++11-narrowing -Wno-covered-switch-default -Wno-deprecated-register -Wno-unneeded-internal-declaration -Wno-inconsistent-missing-override -Wno-shift-negative-value -Wno-undefined-var-template -Wno-nonportable-include-path -Wno-address-of-packed-member -Wsign-compare -Winconsistent-missing-override -Wshorten-64-to-32 -O3 -fno-ident -fdata-sections -ffunction-sections -fno-threadsafe-statics -fvisibility-inlines-hidden -std=gnu++11 -fno-rtti -fno-exceptions -Wno-deprecated -c ../../v8/src/version.cc -o obj/v8/v8_base/version.o
../../v8/src/version.cc:42:34: error: use of undeclared identifier 'V8_EMBEDDER_STRING'
const char* Version::embedder_ = V8_EMBEDDER_STRING;
                                 ^
1 error generated.

Original issue's description:
> [build] Introduce an embedder version string
>
> Sometimes, the embedder might want to merge a fix to an abandoned branch
> or to a supported branch but the fix is not relevant to Chromium.
> This adds a new version string that the embedder can set on compile time
> and that will be appended to the official V8 version.
> The separator must be provided in the string. For instance, to have a
> full version string like "5.5.372.37.custom.1", the embedder must set
> V8_EMBEDDER_STRING to ".custom.1".
>
> Related Node.js issue: https://github.com/nodejs/node/pull/9754
>
> BUG=v8:5740
> R=machenbach@chromium.org,hablich@chromium.com,ofrobots@google.com
>
> Review-Url: https://codereview.chromium.org/2619213002
> Cr-Commit-Position: refs/heads/master@{#42175}
> Committed: fc86d4329b

TBR=hablich@chromium.com,machenbach@chromium.org,ofrobots@google.com,mic.besace@gmail.com
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5740

Review-Url: https://codereview.chromium.org/2621033002
Cr-Commit-Position: refs/heads/master@{#42182}
2017-01-10 15:21:29 +00:00
ishell
0f159f5973 [runtime] Add MapUpdater class that manages all kinds of map updates.
... including property reconfiguring, elements kind change and migration
of a map to an up-to-date non-deprecated version.

BUG=v8:5495

Review-Url: https://codereview.chromium.org/2601643002
Cr-Commit-Position: refs/heads/master@{#42177}
2017-01-10 12:42:53 +00:00
mic.besace
fc86d4329b [build] Introduce an embedder version string
Sometimes, the embedder might want to merge a fix to an abandoned branch
or to a supported branch but the fix is not relevant to Chromium.
This adds a new version string that the embedder can set on compile time
and that will be appended to the official V8 version.
The separator must be provided in the string. For instance, to have a
full version string like "5.5.372.37.custom.1", the embedder must set
V8_EMBEDDER_STRING to ".custom.1".

Related Node.js issue: https://github.com/nodejs/node/pull/9754

BUG=v8:5740
R=machenbach@chromium.org,hablich@chromium.com,ofrobots@google.com

Review-Url: https://codereview.chromium.org/2619213002
Cr-Commit-Position: refs/heads/master@{#42175}
2017-01-10 12:34:10 +00:00
machenbach
0bdb469007 [foozzie] Add correctness fuzzer resources to build output
This adds the correctness fuzzer harness files to the output
directory guarded by a gn arg.

The switch will be turned on on the builder uploading builds to
clusterfuzz.

BUG=chromium:673246
NOTRY=true
TBR=tandrii@chromium.org,jochen@chromium.org

Review-Url: https://codereview.chromium.org/2623843002
Cr-Commit-Position: refs/heads/master@{#42166}
2017-01-10 10:19:21 +00:00
adamk
02149d89a5 Include harmony-string-padding.js in the context snapshot
The attached chromium bug suggests that turning this on via a flag
regressed a perf test. Having previously run into slowdowns due
to experimental JS natives, my suspicion is that this regression
can be fixed by including the new builtins in the snapshot.
My intention is to land this patch to see if the regression
goes away on the bots.

Given the nature of this feature, it seems low-risk to remove
the runtime flag. If need be, it would be trivial to craft
a patch to remove these two methods from String.prototype
if we run into web compat issues during the release (note
that no release branch has yet picked up this feature).

BUG=v8:4954, chromium:677444

Review-Url: https://codereview.chromium.org/2610853010
Cr-Commit-Position: refs/heads/master@{#42111}
2017-01-06 18:56:00 +00:00
jochen
12d20bdd31 Add v8_enable_verify_predictable gn args (mirroring the gyp var)
R=machenbach@chromium.org
BUG=chromium:645890

Review-Url: https://codereview.chromium.org/2614983002
Cr-Commit-Position: refs/heads/master@{#42093}
2017-01-05 15:01:30 +00:00
jochen
4692d96f74 Fix building simple_fuzzer with v8_static_library
We can't have "main" in a static library. so just include the small
fuzzer.cc in all simple fuzzers

BUG=none
R=machenbach@chromium.org,vogelheim@chromium.org

Review-Url: https://codereview.chromium.org/2608243005
Cr-Commit-Position: refs/heads/master@{#42086}
2017-01-05 09:27:40 +00:00
jarin
587fda09b7 [turbofan] Introduce graph assembler to build effect-control-linearizer sub-graphs.
Review-Url: https://codereview.chromium.org/2571903004
Cr-Commit-Position: refs/heads/master@{#42013}
2017-01-02 15:50:55 +00:00
bmeurer
45aa13514b [turbofan] Track multiple maps for LoadElimination.
Store maps on the CheckMaps operator instead of burning inputs for
the individual maps. Use the same data structure (the ZoneHandleSet)
in the LoadElimination to track multiple maps per object.

BUG=v8:5267
R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2431563002
Cr-Commit-Position: refs/heads/master@{#42010}
2017-01-02 13:03:02 +00:00
mvstanton
92d8d95575 [builtins] Move several CodeStub-based ICs to builtins
This CL is from danno@chromium.org. Moves code stubs

LoadIC
KeyedLoadICTF
StoreIC
KeyedStoreICTF
LoadICTrampoline
KeyedLoadICTrampolineTF
StoreICTrampoline
KeyedStoreICTrampolineTF

into builtins.

TBR Yang for serializer changes.

R=epertoso@chromium.org
TBR=yangguo@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2608883002
Cr-Commit-Position: refs/heads/master@{#42001}
2016-12-30 10:31:01 +00:00
mvstanton
b063b34373 [builtins] FastNewClosureStub becomes a builtin.
This aids in TurboFan concurrent compilation, a general good.

TBR for Ross, on vacation...

TBR=rmcilroy@chromium.org

BUG=

Review-Url: https://codereview.chromium.org/2607563002
Cr-Commit-Position: refs/heads/master@{#41970}
2016-12-28 11:43:16 +00:00
titzer
ceb29f7c62 [wasm] Rename ast-decoder.* to function-body-decoder.*
Since WASM is no longer an AST :-(

R=clemensh@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2594973003
Cr-Commit-Position: refs/heads/master@{#41889}
2016-12-21 12:42:06 +00:00
gsathya
90291792e6 [builtins] Add ReturnReceiver builtin
This removes RegExpPrototypeSpeciesGetter and IteratorPrototypeIterator and
uses ReturnReceiver builtin instead.

This patch also ports the PromiseSpecies to TF by reusing this
builtin.

BUG=v8:5343

Review-Url: https://codereview.chromium.org/2590373002
Cr-Commit-Position: refs/heads/master@{#41879}
2016-12-21 00:51:11 +00:00
gsathya
902a2f42e3 [build] Fix formatting in BUILD.gn
git cl format flagged this while merging

Review-Url: https://codereview.chromium.org/2594693003
Cr-Commit-Position: refs/heads/master@{#41875}
2016-12-20 22:55:51 +00:00
marja
a48e5ab880 objects.h splitting: Split out ScopeInfo + add necessary structures.
See tracking bug for more information.

BUG=v8:5402

Review-Url: https://codereview.chromium.org/2594663002
Cr-Commit-Position: refs/heads/master@{#41861}
2016-12-20 14:08:21 +00:00
clemensh
623300a6d8 [assembler] Introduce assembler-inl.h
This moves the platform-specific distinction to one place, and allows
to just include assembler-inl.h instead of macro-assembler.h to get the
correct inline functions defined in assembler.h (e.g.
RelocInfo::set_target_address).

R=mstarzinger@chromium.org, titzer@chromium.org

Review-Url: https://codereview.chromium.org/2587113002
Cr-Commit-Position: refs/heads/master@{#41843}
2016-12-20 10:07:45 +00:00
mlippautz
17318bbd39 [heap] Create a thin wrapper around wrapper tracing in V8 to avoid misuse
BUG=chromium:468240

Review-Url: https://codereview.chromium.org/2576453002
Cr-Commit-Position: refs/heads/master@{#41837}
2016-12-20 09:35:05 +00:00
jshin
af38272dd9 Optimize case conversion with icu_case_mapping
Use FastAsciiConvert (as used by Unibrow) for i18n-aware
case conversion with --icu_case_mapping.

Move FastAsciiConvert to src/string-case.cc so that it can be used
by both runtime-{string,i18n}.

Add more tests.

BUG=v8:4477,v8:4476
TEST=intl/general/case*

Review-Url: https://codereview.chromium.org/2533983006
Cr-Commit-Position: refs/heads/master@{#41821}
2016-12-19 18:43:55 +00:00
gsathya
81f765718e [builtins] move PromiseBuiltinsAssembler to it's own header file
BUG=v8:5343

Review-Url: https://codereview.chromium.org/2585133002
Cr-Commit-Position: refs/heads/master@{#41816}
2016-12-19 17:14:36 +00:00
jochen
1bdf908db0 Add a basic compiler dispatcher
It doesn't schedule steps yet, but there are tests.

BUG=v8:5215
R=rmcilroy@chromium.org,marja@chromium.org

Review-Url: https://codereview.chromium.org/2558293004
Cr-Commit-Position: refs/heads/master@{#41650}
2016-12-12 15:36:25 +00:00
lpy
0a3c8fc3ef [Tracing] Implement IC statistics in tracing.
This patch introduces:

1. ICStats class to store ic statistics items produced by V8,
2. A disabled by default tracing category v8.ic_stats,
3. An trace event V8.ICStats that contains ic statistics items in args,

We store ic statistics items in an array until the array is full to reduce
the number of trace events.

TBR=jkummerow@chromium.org,ishell@chromium.org

Review-Url: https://codereview.chromium.org/2503183002
Cr-Commit-Position: refs/heads/master@{#41559}
2016-12-07 16:58:46 +00:00
yangguo
d26cdb7d6f v8::Private::ForApi should be context-independent.
This is done by reimplementing Symbol.for directly on top of
NameDictionary. A nice side effect is the removal of src/js/symbol.js

R=jochen@chromium.org, peria@chromium.org
BUG=chromium:617892

Review-Url: https://codereview.chromium.org/2551763003
Cr-Commit-Position: refs/heads/master@{#41520}
2016-12-06 13:21:38 +00:00
clemensh
f5fb2da64c [inspector] Split off interface-types.h
This CL adds a new header src/debug/interface-types.h, moves the
definition of Location from the debug-interface.h to this new header,
and adds a new definition for the WasmDisassembly types.
This allows to use the types in other implementation files or headers
without having to include the entire debug-interface.h, reducing build
dependencies and compile time (especially for incremental builds).

The WasmDisassembly type replaces the old
std::pair<std::string, std::vector<std::tuple<...>>>, which was a bit
hard to unravel.

R=yangguo@chromium.org, kozyatinskiy@chromium.org, titzer@chromium.org

Review-Url: https://codereview.chromium.org/2529383002
Cr-Commit-Position: refs/heads/master@{#41488}
2016-12-05 13:32:24 +00:00
leszeks
b9d930735a [ignition] Rewrite reverse iterator as random iterator
This allows us to optimise the bytecode liveness analysis to jump
directly to previously seen indices. The analysis is optimised to store
a stack of loop ends (JumpLoop bytecode indices), and iterate through
these indices directly rather than looping through the bytecode array to
find them.

Review-Url: https://codereview.chromium.org/2536653003
Cr-Commit-Position: refs/heads/master@{#41485}
2016-12-05 13:03:43 +00:00
titzer
d9cfd7757e [wasm] Move all V8-specific limitations to wasm-limits.h
R=clemensh@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2551463002
Cr-Commit-Position: refs/heads/master@{#41477}
2016-12-05 10:02:47 +00:00
eholk
bf35d15e52 [wasm] OOB traps: build protected instruction list during codegen
During codegen, we build a list mapping protected instructions to their
associated landing pads. This will ultimately by used by the signal handler to
recover from out of bounds faults and throw a JS exception.

This is mostly pulled from my larger in-progress CL at
https://codereview.chromium.org/2371833007/.

BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277

Review-Url: https://codereview.chromium.org/2500443004
Cr-Commit-Position: refs/heads/master@{#41400}
2016-11-30 22:32:03 +00:00
jochen
a1473f5306 Split parsing of functions and top-level code into two separate methods
Also move them to a separate interface header to avoid having to include
parser.h so much

BUG=v8:5589
R=verwaest@chromium.org,marja@chromium.org

Review-Url: https://codereview.chromium.org/2534393002
Cr-Commit-Position: refs/heads/master@{#41386}
2016-11-30 13:21:37 +00:00
leszeks
2bf71f888f [ignition/turbo] Perform liveness analysis on the bytecodes
Replaces the graph-based liveness analyzer in the bytecode graph builder
with an initial bytecode-based liveness analysis pass, which is added to
the existing loop extent analysis.

Now the StateValues in the graph have their inputs initialised to
optimized_out, rather than being modified after the graph is built.

Review-Url: https://codereview.chromium.org/2523893003
Cr-Commit-Position: refs/heads/master@{#41355}
2016-11-29 12:27:15 +00:00
leszeks
a2e2a39ff1 Revert of [ignition/turbo] Perform liveness analysis on the bytecodes (patchset #17 id:320001 of https://codereview.chromium.org/2523893003/ )
Reason for revert:
Breaks the build:

https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20shared/builds/14886

Original issue's description:
> [ignition/turbo] Perform liveness analysis on the bytecodes
>
> Replaces the graph-based liveness analyzer in the bytecode graph builder
> with an initial bytecode-based liveness analysis pass, which is added to
> the existing loop extent analysis.
>
> Now the StateValues in the graph have their inputs initialised to
> optimized_out, rather than being modified after the graph is built.
>
> Committed: https://crrev.com/1852300954c216c29cf93444430681d213e87925
> Cr-Commit-Position: refs/heads/master@{#41344}

TBR=jarin@chromium.org,rmcilroy@chromium.org,yangguo@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review-Url: https://codereview.chromium.org/2541443002
Cr-Commit-Position: refs/heads/master@{#41346}
2016-11-29 10:51:45 +00:00
leszeks
1852300954 [ignition/turbo] Perform liveness analysis on the bytecodes
Replaces the graph-based liveness analyzer in the bytecode graph builder
with an initial bytecode-based liveness analysis pass, which is added to
the existing loop extent analysis.

Now the StateValues in the graph have their inputs initialised to
optimized_out, rather than being modified after the graph is built.

Review-Url: https://codereview.chromium.org/2523893003
Cr-Commit-Position: refs/heads/master@{#41344}
2016-11-29 10:46:20 +00:00
jochen
cfebe6034c Assign unique IDs to FunctionLiterals
They're supposed to be stable across several parse passes, so we'll also
store them in the associated SharedFunctionInfos

To achieve this, the PreParser and Parser need to generated the same number of
FunctionLiterals. To achieve this, we teach the PreParser about desuggaring of
class literals.

For regular functions, the function IDs are assigned in the order they occur in
the source. For arrow functions, however, we only know that it's an arrow function
after parsing the parameter list, and so the ID assigned to the arrow function is
larger than the IDs assigned to functions defined in the parameter list. This
implies that we have to reset the function ID counter to before the parameter list
when re-parsing an arrow function. To be able to do this, we store the number of
function literals found in the parameter list of arrow functions as well.

BUG=v8:5589

Review-Url: https://codereview.chromium.org/2481163002
Cr-Commit-Position: refs/heads/master@{#41309}
2016-11-28 11:40:53 +00:00
machenbach
1f74f551d0 [build] Link V8 as component in static library builds
BUG=v8:5435
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_compile_dbg_ng;master.tryserver.chromium.android:android_clang_dbg_recipe

Review-Url: https://codereview.chromium.org/2373783002
Cr-Commit-Position: refs/heads/master@{#41304}
2016-11-28 10:42:21 +00:00
bmeurer
c17e860569 [turbofan] Remove type feedback from AstGraphBuilder pipeline.
The AstGraphBuilder pipeline is only used for asm.js now, so the whole
type feedback mechanism is essentially dead code currently, thus we
better nuke it.

BUG=v8:5267,v8:5657

Review-Url: https://codereview.chromium.org/2523953002
Cr-Commit-Position: refs/heads/master@{#41201}
2016-11-23 06:10:35 +00:00
leszeks
292c4a0a2a [ignition] Replace branch+loop analysis with a single pass
Now that we have a JumpLoop bytecode, we can heavily simplify the
branch/loop analysis by assuming that only JumpLoop bytecodes are
backwards edges, and performing the loop analysis as a single
(backwards) pass.

This allows us to get rid of the branch analysis entirely, and builds a
framework to do liveness analysis in the same pass.

Review-Url: https://codereview.chromium.org/2519983002
Cr-Commit-Position: refs/heads/master@{#41194}
2016-11-22 18:05:18 +00:00
jkummerow
5ef05d8e2c [cleanup] Drop handwritten KeyedStoreIC code
The handwritten-assembly implementations of both dispatcher and
generic stub have been replaced by Turbofan-generated stubs.

Review-Url: https://codereview.chromium.org/2523473002
Cr-Commit-Position: refs/heads/master@{#41188}
2016-11-22 15:43:59 +00:00
clemensh
172f501233 [wasm] Implement official wasm text format
When disassembling functions for the inspector, we used an internal
text representation before. This CL implements the official text
format like it is understood by the spec interpreter.

Example output:
func $main (param i32) (result i32)
block i32
  get_local 0
  i32.const 2
  i32.lt_u
  if
    i32.const -2
    return
  end
  get_local 0
  call_indirect 0
end

R=rossberg@chromium.org, titzer@chromium.org
BUG=chromium:659715

Review-Url: https://codereview.chromium.org/2520943002
Cr-Commit-Position: refs/heads/master@{#41172}
2016-11-22 11:59:56 +00:00
thestig
ae0e92219b Properly define v8_enable_inspector and its override in GN.
Instead of directly using v8_enable_inspector_override from
build_overrides/v8.gni in all the GN configs, set a v8_enable_inspector
variable based on v8_enable_inspector_override and use that everywhere.
This is the more common pattern seen in over projects, and reduces the
need to include //build_overrides/v8.gni in many files.

Review-Url: https://codereview.chromium.org/2520683002
Cr-Commit-Position: refs/heads/master@{#41156}
2016-11-21 19:29:38 +00:00
leszeks
f91178e823 [ignition] Add a reverse bytecode iterator
This pre-calculates and stores a vector of bytecode offsets, and then allows
one to iterate over it backwards. This could probably be adapted to a
bidirectional/random access iterator if we wanted to, but for now reverse
is all we need.

Review-Url: https://codereview.chromium.org/2518003002
Cr-Commit-Position: refs/heads/master@{#41153}
2016-11-21 17:21:13 +00:00
leszeks
ae8a77ea5f [ignition] Refactor array iterator to separate out access
Refactors the bytecode array iterator to separate the iteration and the
bytecode parameter access, placing the latter into a separate
super-class. This will allow us to have other forms of access, e.g.
reverse iteration.

Review-Url: https://codereview.chromium.org/2519923002
Cr-Commit-Position: refs/heads/master@{#41152}
2016-11-21 17:18:51 +00:00
Miran.Karic
0ffe4fc390 Add icu libraries to fuzzer dependencies
In component build, fuzzer did not link with icu libraries, causing
errors. By adding icu libraries to dependencies fuzzer links correctly.

BUG=
TEST=fuzzer/*

Review-Url: https://codereview.chromium.org/2510063002
Cr-Commit-Position: refs/heads/master@{#41098}
2016-11-18 11:14:30 +00:00
jkummerow
248a3e25e9 [refactoring] Pull AccessorAssembler out of CodeStubAssembler
The new AccessorAssembler encapsulates all the functionality that's
specific to building LoadIC/StoreIC stubs.
There are two header files (accessor-assembler.h and
accessor-assembler-impl.h) so that clients of the assembler can include
the one, and subclassing assemblers can include the other.

Review-Url: https://codereview.chromium.org/2507733002
Cr-Commit-Position: refs/heads/master@{#41037}
2016-11-16 14:26:08 +00:00
Miran.Karic
a18be72c8e Add v8_os_page_size flag for cross compilation
When generating snapshot on a machine with a different page size than
the target machine, we can run into problems as the v8 page area size
changes. This is because v8 has page guards which depend on os page
size, so if the target has larger os page, v8 page area is smaller and
may not fit the contents.

The solution proposed here is adding a flag, v8_os_page_size, that
would, if used, override local os page size and use the one specified
during snapshot generation.

BUG=

Review-Url: https://codereview.chromium.org/2488403003
Cr-Commit-Position: refs/heads/master@{#40997}
2016-11-15 14:41:03 +00:00
tebbi
c3a6ca68d0 This CL enables precise source positions for all V8 compilers. It merges compiler::SourcePosition and internal::SourcePosition to a single class used throughout the codebase. The new internal::SourcePosition instances store an id identifying an inlined function in addition to a script offset.
SourcePosition::InliningId() refers to a the new table DeoptimizationInputData::InliningPositions(), which provides the following data for every inlining id:
 - The inlined SharedFunctionInfo as an offset into DeoptimizationInfo::LiteralArray
 - The SourcePosition of the inlining. Recursively, this yields the full inlining stack.
Before the Code object is created, the same information can be found in CompilationInfo::inlined_functions().

If SourcePosition::InliningId() is SourcePosition::kNotInlined, it refers to the outer (non-inlined) function.
So every SourcePosition has full information about its inlining stack, as long as the corresponding Code object is known. The internal represenation of a source position is a positive 64bit integer.

All compilers create now appropriate source positions for inlined functions. In the case of Turbofan, this required using AstGraphBuilderWithPositions for inlined functions too. So this class is now moved to a header file.

At the moment, the additional information in source positions is only used in --trace-deopt and --code-comments. The profiler needs to be updated, at the moment it gets the correct script offsets from the deopt info, but the wrong script id from the reconstructed deopt stack, which can lead to wrong outputs. This should be resolved by making the profiler use the new inlining information for deopts.

I activated the inlined deoptimization tests in test-cpu-profiler.cc for Turbofan, changing them to a case where the deopt stack and the inlining position agree. It is currently still broken for other cases.

The following additional changes were necessary:
 - The source position table (internal::SourcePositionTableBuilder etc.) supports now 64bit source positions. Encoding source positions in a single 64bit int together with the difference encoding in the source position table results in very little overhead for the inlining id, since only 12% of the source positions in Octane have a changed inlining id.
 - The class HPositionInfo was effectively dead code and is now removed.
 - SourcePosition has new printing and information facilities, including computing a full inlining stack.
 - I had to rename compiler/source-position.{h,cc} to compiler/compiler-source-position-table.{h,cc} to avoid clashes with the new src/source-position.cc file.
 - I wrote the new wrapper PodArray for ByteArray. It is a template working with any POD-type. This is used in DeoptimizationInputData::InliningPositions().
 - I removed HInlinedFunctionInfo and HGraph::inlined_function_infos, because they were only used for the now obsolete Crankshaft inlining ids.
 - Crankshaft managed a list of inlined functions in Lithium: LChunk::inlined_functions. This is an analog structure to CompilationInfo::inlined_functions. So I removed LChunk::inlined_functions and made Crankshaft use CompilationInfo::inlined_functions instead, because this was necessary to register the offsets into the literal array in a uniform way. This is a safe change because LChunk::inlined_functions has no other uses and the functions in CompilationInfo::inlined_functions have a strictly longer lifespan, being created earlier (in Hydrogen already).

BUG=v8:5432

Review-Url: https://codereview.chromium.org/2451853002
Cr-Commit-Position: refs/heads/master@{#40975}
2016-11-14 17:22:32 +00:00
ulan
e5b152264e Enable -Wsign-compare compiler warnings.
BUG=v8:5614

Review-Url: https://codereview.chromium.org/2493193002
Cr-Commit-Position: refs/heads/master@{#40958}
2016-11-14 10:49:15 +00:00
Miran.Karic
6f556b3394 Add icu libraries to unittests dependencies
In component build, unittests did not link with icu libraries, which
caused errors. By adding icu libraries to dependencies unittests links
correctly.

BUG=
TEST=unittests/*

Review-Url: https://codereview.chromium.org/2479863002
Cr-Commit-Position: refs/heads/master@{#40955}
2016-11-14 10:01:21 +00:00
gsathya
ec61e6b434 [promises] Remove one runtime call to create_resolving_functions
- Creates a new promise-utils.{h, cc} which refactors out the
logic to create resolving functions. This is shared between the
runtime functions and builtins.

- Changes PromiseResolveThenableJobInfo to store the context
since we no longer create the resolving functions in JS.

- Changes EnqueuPromiseResolveThenableJob to take in the promise and
  not the callbacks.

BUG=v8:5343

Review-Url: https://codereview.chromium.org/2487053002
Cr-Commit-Position: refs/heads/master@{#40941}
2016-11-11 20:59:46 +00:00
titzer
fa9c25cebf [wasm] Move all heap-allocated WASM structures into wasm-objects.h.
This CL moves all heap-allocated WASM data structures, both ones
that are bonafide JSObjects and ones that are FixedArrays only, into a
consistent place with consistent layout. Note that not all accessors are complete, and I haven't fully spread the new static typing goodness
to all places in the code.

R=ahaas@chromium.org,rossberg@chromium.org
CC=gdeepti@chromium.org,mtrofin@chromium.org,clemensh@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2490663002
Cr-Commit-Position: refs/heads/master@{#40913}
2016-11-11 11:13:17 +00:00
gsathya
cb6c8e48cc [promises] Move CreateResolvingFunctions to c++
- A new runtime function (%create_resolving_functions) is installed to
  call the CreateResolvingFunctions builtin from JS.

- Three new builtins are created - resolve and reject functions and a
  third function that creates a new JSFunctions from these
  resolve/reject builtins.

- The promise reject function is installed on the context temporarily
  as internal_promise_reject. This should go away once we remove
  PromiseSet.

BUG=v8:5343

Review-Url: https://codereview.chromium.org/2459283004
Cr-Commit-Position: refs/heads/master@{#40903}
2016-11-10 16:05:08 +00:00
jkummerow
5c03cb7922 [stubs] Port KeyedStoreIC_Megamorphic stub to Turbofan
BUG=v8:5269,v8:5561

Review-Url: https://codereview.chromium.org/2444353002
Cr-Commit-Position: refs/heads/master@{#40896}
2016-11-10 14:23:57 +00:00
lpy
2525b0573b [Tracing] Make TracingCategoryObserver v8 internal.
This patch removes TracingCategoryObserver API and moves the creation of
observer inside platform initialization, by assuming that either
Platform::AddTraceStateObserver is implemented correctly to add observer to
tracing controller that implemented by embedders, or default tracing controller
has already been set up and attached to platform before
v8::V8::InitializePlatform is called.

BUG=v8:5590

Review-Url: https://codereview.chromium.org/2471583004
Cr-Commit-Position: refs/heads/master@{#40739}
2016-11-03 18:03:56 +00:00
lpy
6df8096a00 [Tracing] Implement TracingCategoryObserver.
This patch implements TracingCategoryObserver to set global flag when a V8
specific category is enabled. Previously, we set a global flag each time when we
encounter a top level trace event, and use it as a global check. With this
patch, we can set a group of flags when tracing is enabled; besides, we make
V8 tracing feature use V8 flags instead of defining its own flag in a messy way.

With this patch, whatever V8 flag we want to imply in tracing, we define another
integer flag, and the original V8 flag will set it to 0x01 when passing by
commandline, tracing will set it to 0x10 when we start tracing and reset the bit
when we stop tracing.

Review-Url: https://codereview.chromium.org/2436273002
Cr-Commit-Position: refs/heads/master@{#40659}
2016-10-28 20:44:04 +00:00
gsathya
b15f8710c6 [promises] Create runtime-promise.cc
This patch moves promise specific runtime functions
to runtime-promise.cc from runtime-internal.cc

BUG=v8:5343

Review-Url: https://codereview.chromium.org/2452833003
Cr-Commit-Position: refs/heads/master@{#40618}
2016-10-27 12:28:14 +00:00
heimbuef
610c0d75c8 New zone-backed list datastructure to replace ZoneList
Since ZoneLists are essentially non-standard ZoneVectors and have a bad
growing behaviour (ZoneList-allocations make up ~50% of website parse
zone memory) we should stop using them. The zone-containers are merely
a clean-up, with none of them actually better suited to be used with
zones. This new datastructure allows most operations of a LinkedList (
except pop_first and insertAt/removeAt) but uses about the same memory
as a well-initialized ZoneVector/ZoneList (<3% overhead with reasonably
large lists). It also never attempts to free memory again (which would
not work in zones anyway).

The ZoneChunkList is essentially a doubly-linked-list of arrays of
variable size.

Some test-results where I tried storing 16k pointers in different list
types (lists themselves also zone-allocated):

List type                       Zone memory used   Time taken
-----------------------------------------------------------------------
Zone array (for comparison)     131072 B

Ideally initialized ZoneList    131088 B           0.062ms

ChunkZoneList                   134744 B           0.052ms <--new thing

ZoneDeque                       141744 B

ZoneLinkedList                  393264 B

Initially empty ZoneList        524168 B           0.171ms <--right now

ChunkZoneList only push_front   524320 B

Review-Url: https://codereview.chromium.org/2449383002
Cr-Commit-Position: refs/heads/master@{#40602}
2016-10-26 17:08:28 +00:00
bmeurer
df981a9ff5 [crankshaft] Refactor kAllowUndefinedAsNaN to kTruncatingToNumber.
The meaning of the HValue::kAllowUndefinedAsNaN is actually ToNumber
conversion (except for the uses in HBranch and HCompareHoleAndBranch,
which were confusing and useless anyways), so fix the naming to match
that.

Also properly integrate the handling of this flag with the existing
truncation analysis that is run as part of the representation changes
phase (i.e. where we already deal with truncating to int32 and smi).

This is done in preparation of allowing Crankshaft to handle any kind
of Oddball in the ToNumber truncation, instead of just undefined for
truncation ToNumber and undefined or boolean for ToInt32. It also helps
to make Crankshaft somewhat more compatible with the (saner)
implementation in TurboFan.

R=yangguo@chromium.org
BUG=v8:5400

Review-Url: https://codereview.chromium.org/2449353002
Cr-Commit-Position: refs/heads/master@{#40577}
2016-10-26 08:04:49 +00:00
clemensh
b1dec60bfa [wasm] Remove obsolete function name table
The function name table is not used any more since
https://chromiumcodereview.appspot.com/2424623002, so remove it.

R=titzer@chromium.org,ahaas@chromium.org

Review-Url: https://codereview.chromium.org/2451693002
Cr-Commit-Position: refs/heads/master@{#40552}
2016-10-25 09:00:09 +00:00
jgruber
77ddcfb3e0 [regexp] Remove unused code
This CL removes code that is now unused since the port of regexp.js has been
completed. Removed functions / classes are:

* regexp.js (GetSubstitution moved to string.js)
* RegExpConstructResult stub
* RegExpFlags intrinsic
* RegExpSource intrinsic
* RegExpInitializeAndCompile runtime function

BUG=v8:5339

Review-Url: https://codereview.chromium.org/2448463002
Cr-Commit-Position: refs/heads/master@{#40547}
2016-10-25 07:19:13 +00:00
ahaas
f8414ead48 [wasm] Add a new fuzzer which can also test wasm function calls.
Depending on the inputs the fuzzer creates multiple functions. These
functions can have signatures with an int32 return value and up to three
parameters of type int32, int64, float32, or float64.

R=titzer@chromium.org, clemensh@chromium.org

Review-Url: https://codereview.chromium.org/2447643002
Cr-Commit-Position: refs/heads/master@{#40530}
2016-10-24 11:15:00 +00:00
hpayer
726becfb49 Reland Update implementation of atomics with latest Chromium version but use compiler builtin atomics
BUG=

Review-Url: https://chromiumcodereview.appspot.com/2438273002
Cr-Commit-Position: refs/heads/master@{#40496}
2016-10-21 10:05:42 +00:00
hpayer
a007dfc18e [heap] Move typed slot filtering logic into sweeper.
Additionally, remove all code related to the old-style slots filtering and black area end markers.

BUG=chromium:648568

Review-Url: https://chromiumcodereview.appspot.com/2440683002
Cr-Commit-Position: refs/heads/master@{#40494}
2016-10-21 09:05:00 +00:00
machenbach
6e162add3e Revert of Update implementation of atomics with latest Chromium version but use compiler builtin atomics (patchset #10 id:190001 of https://chromiumcodereview.appspot.com/2425963002/ )
Reason for revert:
https://build.chromium.org/p/client.v8.ports/builders/V8%20Android%20Arm64%20-%20builder/builds/4851

Original issue's description:
> Update implementation of atomics with latest Chromium version but use compiler builtin atomics
>
> Ideally, we would use the standard library. However, when we are compiling against an older version of the standard library the atomic implementation may be slow.
>
> BUG=

TBR=mlippautz@chromium.org,ulan@chromium.org,jarin@chromium.org,hpayer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review-Url: https://chromiumcodereview.appspot.com/2438983002
Cr-Commit-Position: refs/heads/master@{#40489}
2016-10-21 08:10:31 +00:00
hpayer
343c4ebdd1 Update implementation of atomics with latest Chromium version but use compiler builtin atomics
Ideally, we would use the standard library. However, when we are compiling against an older version of the standard library the atomic implementation may be slow.

BUG=

Review-Url: https://chromiumcodereview.appspot.com/2425963002
Cr-Commit-Position: refs/heads/master@{#40488}
2016-10-21 07:33:10 +00:00
yangguo
2f135d464c [debugger] basic test infrastructure for new debugger test api.
This introduces:
- a way in d8 to send messages to the inspector and receive responses.
- a new test suite where existing debugger tests should migrate to.

R=jgruber@chromium.org, kozyatinskiy@chromium.org, machenbach@chromium.org
BUG=v8:5530

Review-Url: https://chromiumcodereview.appspot.com/2425973002
Cr-Commit-Position: refs/heads/master@{#40487}
2016-10-21 06:38:05 +00:00
aseemgarg
cf9ee0ec6c [wasm] simd scalar lowering F32x4Add and I32x4Add
BUG=v8:4124
TEST:test-run-wasm-simd-lowering
R=titzer@chromium.org,bradnelson@chromium.org,gdeepti@chromium.org

Review-Url: https://chromiumcodereview.appspot.com/2294743003
Cr-Commit-Position: refs/heads/master@{#40448}
2016-10-20 00:20:07 +00:00
kozyatinskiy
8bb2cef9c3 [inspector] introduce debug-interface.h
debug-interface.h contains part of v8-debug.h that is used by src/inspector.

BUG=v8:5510
R=dgozman@chromium.org, yangguo@chromium.org

Review-Url: https://codereview.chromium.org/2423713003
Cr-Commit-Position: refs/heads/master@{#40404}
2016-10-18 15:15:21 +00:00
caitp
86d0dd362f [builtins] implement Array.prototype[@@iterator] in TFJ builtins
Implements the variations of CreateArrayIterator() in TFJ builtins
(ArrayPrototypeValues, ArrayPrototypeEntries and ArrayPrototypeKeys), and
provides two new Object types with numerous maps which identify certain
behaviours, which will be useful for inlining.

Removes src/js/array-iterator.js entirely

Also adds support for printing Symbol literals inserted by the Parser during
desugaring when FLAG_print_builtin_ast is set to true.

BUG=v8:5388
R=bmeurer@chromium.org, cbruni@chromium.org
TBR=ulan@chromium.org

Review-Url: https://codereview.chromium.org/2405253006
Cr-Commit-Position: refs/heads/master@{#40373}
2016-10-18 02:43:14 +00:00
titzer
6d266f0088 [wasm] Add a Managed<T> wrapper class for allocating C++ classes that are deleted when the wrapper is garbage collected.
Use sparingly!

This doesn't add any really new functionality, other than making it more
convenient to do this.

This will primarily be used to wrap a WasmModule to be referenced from a
JSObject that represents an instance. There is one WasmModule C++ object
per parsed WasmModule, so this should not be more than a handful or a few
dozen in well-behaved programs.

R=rossberg@chromium.org,mlippautz@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2409173005
Cr-Commit-Position: refs/heads/master@{#40346}
2016-10-17 09:28:40 +00:00
ishell
ac886b0c1c [ic] Move Smi-handler creation code to SmiHandler class.
... to keep all the pieces in one place for easier modifications.

This CL also adds a new runtime call stats bucket: KeyedLoadIC_LoadElementDH.

BUG=

Review-Url: https://codereview.chromium.org/2412983008
Cr-Commit-Position: refs/heads/master@{#40314}
2016-10-14 12:37:32 +00:00
jochen
aee0a2573b parser fuzzer and parser shell should also work in component builds
R=machenbach@chromium.org,jgruber@chromium.org
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_win_dbg,v8_mac_dbg;master.tryserver.chromium.android:android_arm64_dbg_recipe

Review-Url: https://codereview.chromium.org/2417703003
Cr-Commit-Position: refs/heads/master@{#40297}
2016-10-14 08:35:52 +00:00
jochen
ad99b196cb Introduce a CompilerDispatcherTracer and track how long jobs take
R=ulan@chromium.org,cbruni@chromium.org,rmcilroy@chromium.org
BUG=v8:5215

Review-Url: https://codereview.chromium.org/2413243002
Cr-Commit-Position: refs/heads/master@{#40295}
2016-10-14 08:12:44 +00:00
jochen
29ddd7ff82 Fix import/export annotations for v8 targets that are always static
Instead of suppressing the linker warnings and disallowing incremental
linking, just fix the annotations..

R=machenbach@chromium.org,jgruber@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2420603002
Cr-Commit-Position: refs/heads/master@{#40260}
2016-10-13 12:44:36 +00:00
machenbach
f18a9ad780 [gn] Add back two warnings V8 uses with gyp
BUG=428099

Review-Url: https://codereview.chromium.org/2404283002
Cr-Commit-Position: refs/heads/master@{#40235}
2016-10-12 17:50:06 +00:00
jgruber
760328f229 [regexp] Extract code to regexp-utils.{h,cc}
This CL is in preparation for the upcoming port of
RegExp.prototype.replace, which will need use these methods in
runtime-regexp.cc. Moving them in advance makes that diff less noisy.

BUG=v8:5339

Review-Url: https://codereview.chromium.org/2398413002
Cr-Commit-Position: refs/heads/master@{#40229}
2016-10-12 15:15:44 +00:00
machenbach
3195f19e87 [inspector] Add swarming support to inspector tests
BUG=chromium:635948

Review-Url: https://codereview.chromium.org/2393863002
Cr-Commit-Position: refs/heads/master@{#40194}
2016-10-12 07:32:06 +00:00
neis
4ff5c2a72f [modules] Move runtime functions into new file (runtime-module.cc).
R=adamk@chromium.org
BUG=v8:1569

Review-Url: https://codereview.chromium.org/2404243002
Cr-Commit-Position: refs/heads/master@{#40184}
2016-10-11 17:32:38 +00:00
titzer
ff6941966e [wasm] Canonicalize function signature indices for matching in indirect calls.
R=bradnelson@chromium.org, ahaas@chromium.org, clemensh@chromium.org
BUG=chromium:575167

Review-Url: https://codereview.chromium.org/2403093002
Cr-Commit-Position: refs/heads/master@{#40169}
2016-10-11 12:40:33 +00:00
yangguo
0d8e52123e [Math] implement Math.random as TFJ builtin.
R=bmeurer@chromium.org
BUG=v8:5049, v8:5086

Review-Url: https://codereview.chromium.org/2402363002
Cr-Commit-Position: refs/heads/master@{#40149}
2016-10-11 06:47:15 +00:00
heimbuef
a96c2129af Replaced different means of zone pooling/reusing by one zone segment pool
BUG=v8:5409

Committed: https://crrev.com/a124feb0760896c8be61de08004a08c3bc9b4b3f
Committed: https://crrev.com/fc840361e357a571c709e0239ae82cc089800b3f
Review-Url: https://codereview.chromium.org/2348303002
Cr-Original-Original-Commit-Position: refs/heads/master@{#39633}
Cr-Original-Commit-Position: refs/heads/master@{#40048}
Cr-Commit-Position: refs/heads/master@{#40138}
2016-10-10 19:00:55 +00:00
titzer
d46c790ef3 [asmjs] Move switch-logic.h to asmjs/ directory.
R=bradnelson@chromium.org,aseemgarg@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2408823002
Cr-Commit-Position: refs/heads/master@{#40135}
2016-10-10 17:57:47 +00:00
jochen
c59cf8cd21 Turn libplatform into a component
BUG=v8:5412
R=jgruber@chromium.org,machenbach@chromium.org
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_compile_dbg_ng;master.tryserver.chromium.android:android_clang_dbg_recipe

Review-Url: https://codereview.chromium.org/2372983003
Cr-Commit-Position: refs/heads/master@{#40111}
2016-10-10 08:52:06 +00:00
hablich
25b4347507 Revert of Replaced different means of zone pooling/reusing by one zone segment pool (patchset #5 id:160001 of https://codereview.chromium.org/2348303002/ )
Reason for revert:
related to roll blocker: https://codereview.chromium.org/2400343002/

Original issue's description:
> Replaced different means of zone pooling/reusing by one zone segment pool
>
> BUG=v8:5409
>
> Committed: https://crrev.com/a124feb0760896c8be61de08004a08c3bc9b4b3f
> Committed: https://crrev.com/fc840361e357a571c709e0239ae82cc089800b3f
> Cr-Original-Commit-Position: refs/heads/master@{#39633}
> Cr-Commit-Position: refs/heads/master@{#40048}

TBR=mstarzinger@chromium.org,verwaest@chromium.org,heimbuef@google.com
NOTRY=true
NOPRESUBMIT=true
NOTREECHECKS=true
BUG=v8:5409

Review-Url: https://codereview.chromium.org/2401163002
Cr-Commit-Position: refs/heads/master@{#40099}
2016-10-07 21:18:13 +00:00
jochen
dedf6f6d74 Reland of land "Turn libbase into a component" (patchset #1 id:1 of https://codereview.chromium.org/2396933002/ )
Reason for revert:
let's see whether it sticks this time

Original issue's description:
> Revert of Reland "Turn libbase into a component" (patchset #1 id:1 of https://codereview.chromium.org/2395553002/ )
>
> Reason for revert:
> Speculative revert due to very strange-looking win/dbg failures
> which reference SignedDivisionByConstant:
>
> https://build.chromium.org/p/client.v8/builders/V8%20Win64%20-%20debug/builds/12736
>
> Original issue's description:
> > Reland "Turn libbase into a component"
> >
> > Original issue's description:
> > > Turn libbase into a component
> > >
> > > This is a precondition for turning libplatform into a component
> > >
> > > BUG=v8:5412
> > > R=jgruber@chromium.org,machenbach@chromium.org
> > > CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_compile_
> > dbg_ng;master.tryserver.chromium.android:android_clang_dbg_recipe
> > >
> > > Committed: https://crrev.com/614e615775f732d71b5ee94ed29737d8de687104
> > > Cr-Commit-Position: refs/heads/master@{#39950}
> >
> > BUG=v8:5412
> > TBR=jgruber@chromium.org,machenbach@chromium.org
> > CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_compile_dbg_ng;master.tryserver.chromium.android:android_clang_dbg_recipe;master.tryserver.chromium.mac:mac_chromium_compile_dbg_ng
> >
> > Committed: https://crrev.com/17cb51254cafa932025e9980b60f89f756d411cb
> > Cr-Commit-Position: refs/heads/master@{#39969}
>
> TBR=jgruber@chromium.org,machenbach@chromium.org,jochen@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:5412
>
> Committed: https://crrev.com/e75b9f6ed5da39e6c7a8d70cf48afbc9958afc85
> Cr-Commit-Position: refs/heads/master@{#40009}

TBR=jgruber@chromium.org,machenbach@chromium.org,adamk@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=v8:5412

Review-Url: https://codereview.chromium.org/2399323002
Cr-Commit-Position: refs/heads/master@{#40068}
2016-10-07 07:56:52 +00:00
adamk
b5c542bac8 Avoid static initializers in PropertyAccessCompiler
Introduce AccessCompilerData which hangs off the Isolate, and initialize
it when the first PropertyAccessCompiler is instantiated. This avoids
TSAN failures when trying to access load/store calling convention arrays.

BUG=v8:5427

Review-Url: https://codereview.chromium.org/2389313002
Cr-Commit-Position: refs/heads/master@{#40055}
2016-10-06 18:20:08 +00:00
alph
3990953ba8 [tracing] Add support for TracedValue JSON serializer.
BUG=chromium:406277

Review-Url: https://codereview.chromium.org/2399463004
Cr-Commit-Position: refs/heads/master@{#40049}
2016-10-06 15:27:13 +00:00
heimbuef
fc840361e3 Replaced different means of zone pooling/reusing by one zone segment pool
BUG=v8:5409

Committed: https://crrev.com/a124feb0760896c8be61de08004a08c3bc9b4b3f
Review-Url: https://codereview.chromium.org/2348303002
Cr-Original-Commit-Position: refs/heads/master@{#39633}
Cr-Commit-Position: refs/heads/master@{#40048}
2016-10-06 15:16:41 +00:00
adamk
e75b9f6ed5 Revert of Reland "Turn libbase into a component" (patchset #1 id:1 of https://codereview.chromium.org/2395553002/ )
Reason for revert:
Speculative revert due to very strange-looking win/dbg failures
which reference SignedDivisionByConstant:

https://build.chromium.org/p/client.v8/builders/V8%20Win64%20-%20debug/builds/12736

Original issue's description:
> Reland "Turn libbase into a component"
>
> Original issue's description:
> > Turn libbase into a component
> >
> > This is a precondition for turning libplatform into a component
> >
> > BUG=v8:5412
> > R=jgruber@chromium.org,machenbach@chromium.org
> > CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_compile_
> dbg_ng;master.tryserver.chromium.android:android_clang_dbg_recipe
> >
> > Committed: https://crrev.com/614e615775f732d71b5ee94ed29737d8de687104
> > Cr-Commit-Position: refs/heads/master@{#39950}
>
> BUG=v8:5412
> TBR=jgruber@chromium.org,machenbach@chromium.org
> CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_compile_dbg_ng;master.tryserver.chromium.android:android_clang_dbg_recipe;master.tryserver.chromium.mac:mac_chromium_compile_dbg_ng
>
> Committed: https://crrev.com/17cb51254cafa932025e9980b60f89f756d411cb
> Cr-Commit-Position: refs/heads/master@{#39969}

TBR=jgruber@chromium.org,machenbach@chromium.org,jochen@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5412

Review-Url: https://codereview.chromium.org/2396933002
Cr-Commit-Position: refs/heads/master@{#40009}
2016-10-05 19:14:41 +00:00
ahaas
90080f2a6b [wasm] Move test-signatures.h from test/cctest to test/common
R=titzer@chromium.org

Review-Url: https://codereview.chromium.org/2395743003
Cr-Commit-Position: refs/heads/master@{#39988}
2016-10-05 12:00:03 +00:00
epertoso
83a9356093 [turbofan] Introduces a step to verify the machine graph.
It is currently being rolled behind the --turbo_verify_machine_graph flag.

BUG=

Review-Url: https://codereview.chromium.org/2388313003
Cr-Commit-Position: refs/heads/master@{#39976}
2016-10-05 08:28:14 +00:00
jochen
17cb51254c Reland "Turn libbase into a component"
Original issue's description:
> Turn libbase into a component
>
> This is a precondition for turning libplatform into a component
>
> BUG=v8:5412
> R=jgruber@chromium.org,machenbach@chromium.org
> CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_compile_
dbg_ng;master.tryserver.chromium.android:android_clang_dbg_recipe
>
> Committed: https://crrev.com/614e615775f732d71b5ee94ed29737d8de687104
> Cr-Commit-Position: refs/heads/master@{#39950}

BUG=v8:5412
TBR=jgruber@chromium.org,machenbach@chromium.org
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_compile_dbg_ng;master.tryserver.chromium.android:android_clang_dbg_recipe;master.tryserver.chromium.mac:mac_chromium_compile_dbg_ng

Review-Url: https://codereview.chromium.org/2395553002
Cr-Commit-Position: refs/heads/master@{#39969}
2016-10-05 04:33:09 +00:00
machenbach
efcb1ff447 Revert of Turn libbase into a component (patchset #10 id:180001 of https://codereview.chromium.org/2381273002/ )
Reason for revert:
Main suspect for roll block:
https://codereview.chromium.org/2387403002/

Original issue's description:
> Turn libbase into a component
>
> This is a precondition for turning libplatform into a component
>
> BUG=v8:5412
> R=jgruber@chromium.org,machenbach@chromium.org
> CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_compile_dbg_ng;master.tryserver.chromium.android:android_clang_dbg_recipe
>
> Committed: https://crrev.com/614e615775f732d71b5ee94ed29737d8de687104
> Cr-Commit-Position: refs/heads/master@{#39950}

TBR=jgruber@chromium.org,jochen@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5412

Review-Url: https://codereview.chromium.org/2393603002
Cr-Commit-Position: refs/heads/master@{#39960}
2016-10-04 16:08:54 +00:00