Commit Graph

58487 Commits

Author SHA1 Message Date
Igor Sheludko
fd4cc2b254 [ptr-compr][csa] Preparing for smi-corrupting decompression
This CL fixes comparison operations that take into account full-word
value instead of the lower 32 bits and tweaks some CSA helper functions
for smi-corrupting decompression.

Bug: v8:9706
Change-Id: I50e38a9f34b911ec0b8dd4e21298417bf23160aa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1824943
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63995}
2019-09-26 15:08:51 +00:00
Santiago Aboy Solanes
dcf3b66349 [builtins] Defer throw in InterpreterEntryTrampoline
Bug: v8:9771
Change-Id: I6ffa794e1b3e22f2c584a9959222b63c84a47374
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1825222
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Auto-Submit: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63994}
2019-09-26 15:03:11 +00:00
Victor Gomes
be1164775f Reland "[Context] Add a bit flag to indicate if extension might exist"
This is a reland of d7b67ce206

Original change's description:
> [Context] Add a bit flag to indicate if extension might exist
> 
> Checking the bit flag instead of comparing pointers should improve performance.
> This will also allow us to remove the extension slot in Context and save memory.
> 
> Bug: v8:9744
> Change-Id: I7ab9feeadfb934955798d877d13bc0e1d78a191c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1814918
> Commit-Queue: Victor Gomes <victorgomes@google.com>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63906}

Bug: v8:9744
Change-Id: Ic4725ad5730a8f8fff6288d6af2205c230aff79d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1815256
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@google.com>
Cr-Commit-Position: refs/heads/master@{#63993}
2019-09-26 15:00:00 +00:00
Patrick Thier
6612943010 [regexp] Bytecode peephole optimization
Bytecodes used by the regular expression interpreter often occur in
specific sequences. The number of dispatches in the interpreter can be
reduced if those sequences are combined into a single bytecode.

This CL adds a peephole optimization pass for regexp bytecodes.
This pass checks the generated bytecode for pre-defined sequences that
can be merged into a single bytecode.

With the currently implemented bytecode sequences a speedup of 1.12x on
regex-dna and octane-regexp is achieved.

Bug: v8:9330
Change-Id: I827f93273a5848e5963c7e3329daeb898995d151
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1813743
Commit-Queue: Patrick Thier <pthier@google.com>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63992}
2019-09-26 14:57:37 +00:00
Igor Sheludko
4ce267a832 [ptr-compr] Generate TaggedEqual as Word32Equal of compressed values
... in both CSA code and TurboFan. This is a prerequisite for smi-corrupting
decompression.

The decompression eliminator changes is a workaround to ensure that the result
of comparisons of two constant Smis is still a constexpr (the failing test is
cctest/test-torque/TestLoadEliminationFixed). Better optimizations will be
landed in a follow-up CLs.

Bug: v8:9706
Change-Id: Ie2d90f6a7714aa749439e3f457d90d663d0efe49
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1815133
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63991}
2019-09-26 14:56:32 +00:00
Jiayao Lin
53780c06b7 [wasm] Fix PC not aligned on s390 debug test case
DCHECK(IsAligned(addr, alignof(T))) is false on s390 debug simulator test
 case. So copy to an aligned buffer and we can relocate the serialized code.

Change-Id: I8e4ad9ff25fd9a9e5478831250ff741c3e72a86f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1822860
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Clemens Backes [né Hammacher] <clemensb@chromium.org>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#63990}
2019-09-26 14:43:42 +00:00
Milad Farazmand
6d32f8691a PPC/s390: [builtins] Avoid reloading undefined value in InterpreterEntryTrampoline
Port 40c0f84a38

Original Commit Message:

    Since we were already loading the undefined value a few lines above,
    we could avoid loading it again.

R=solanes@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: Ibda02f97ab5472aabfa02eb16b8db4b50035b27b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1827539
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#63989}
2019-09-26 14:13:49 +00:00
Yu Yin
7889803e82 [mips] Use t9 as the function call register.
on mips, we should use t9 when jump to a ExternalReference, because
the callee function will consider t9 as the function start address.

Change-Id: I56e2bf073fd24b2f3434dfd255d48264bfd0b2cd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1826417
Auto-Submit: Yu Yin <xwafish@gmail.com>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63988}
2019-09-26 13:44:23 +00:00
Michael Starzinger
cae9aaeb32 [wasm] Improve {WasmExceptionPackage} type safety.
This uses Handle<WasmExceptionPackage> where applicable to increase type
safety. Note that {WasmExceptionPackage} is not a full-fledged instance
type though. The {HeapObject::IsWasmExceptionPackage} predicate is an
approximation because a precise version could only be implemented using
handlified code performing a property lookup.

R=clemensb@chromium.org

Change-Id: I061e3eea201a0e9909ba67ae33db81d14aaefe4b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1477673
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Backes [né Hammacher] <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63987}
2019-09-26 11:44:46 +00:00
Victor Gomes
14d1e5320c Reland "[Heap] Allocate descriptor array in young"
This is a reland of 0d6aa842e6

The reason for the revert was flaky tests, but those continued to failed randomly after the revert.
See: https://bugs.chromium.org/p/chromium/issues/detail?id=1005723#c24

After discussing with Toon, we decided that the memory gains from allocating descriptor arrays
in young space outcome the few micro-benchmark regressions.

Original change's description:
> [Heap] Allocate descriptor array in young
>
> This hopefully fix the regression test from c693e005a7
>
> Bug: v8:1004766
> Change-Id: If3c554070af6b795e4b3f99cd592a62453028874
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1809363
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Victor Gomes <victorgomes@google.com>
> Cr-Commit-Position: refs/heads/master@{#63858}

Bug: v8:1004766
Change-Id: I649f8e70abf2e5605bc073db788642705498166b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1824940
Auto-Submit: Victor Gomes <victorgomes@google.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@google.com>
Cr-Commit-Position: refs/heads/master@{#63986}
2019-09-26 11:43:41 +00:00
Dominik Inführ
a2db71667a [heap] Invalidate objects unconditionally
InvalidateRecordedSlots needs to invalidate old-to new objects
unconditionally. Checking slot_set_[OLD_TO_NEW] is not enough, since the
sweeping_slot_set_ could still contain slots.

ClearRecordedSlot in MigrateFastToFast is not necessary as well. This is
only required in DeleteObjectPropertyFast since we might potentially
shrink the object.

Bug: chromium:1008301,chromium:1008046
Change-Id: If2c757a619b52d070825e4faadce7710eae61a07
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1826717
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63985}
2019-09-26 11:42:36 +00:00
Sathya Gunasekaran
ca1c77ab18 Revert "[TurboProp] Add MidTierMachineLoweringPhase to avoid Late/MemoryOptimizationPhases"
This reverts commit c70de45c6a.

Reason for revert: speculative revert

Original change's description:
> [TurboProp] Add MidTierMachineLoweringPhase to avoid Late/MemoryOptimizationPhases
> 
> Adds a MidTierMachineLoweringPhase which does select and memory lowering to machine
> nodes. This allows TurboProp to avoid the LateOptimizationPhase and
> MemoryOptimizationPhase phases while still lowering all simplified nodes to
> machine nodes before instruction selection.
> 
> BUG=v8:9684
> 
> Change-Id: I60533db93152ff044a2fa8c1c31adedeb3747856
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1815130
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63981}

TBR=rmcilroy@chromium.org,neis@chromium.org

Change-Id: I99cddb2c435ad6347bdc9b61b95d48dca94294c7
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9684
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1826720
Reviewed-by: Sathya Gunasekaran  <gsathya@chromium.org>
Commit-Queue: Sathya Gunasekaran  <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63984}
2019-09-26 11:32:58 +00:00
Clemens Backes
7777aa4276 Change all TODOs from clemensh to clemensb
R=adamk@chromium.org

No-Try: true
Change-Id: I71824f52802c125dbee51216054575f44d08d534
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1825243
Commit-Queue: Clemens Backes [né Hammacher] <clemensb@chromium.org>
Auto-Submit: Clemens Backes [né Hammacher] <clemensb@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63983}
2019-09-26 10:25:27 +00:00
Michael Achenbach
a65cf262ce [test] Bump shards on slow bot
TBR=tmrts@chromium.org,liviurau@chromium.org
NOTRY=true

Change-Id: I2ab31012de34716d50586ef44da43a0bc8f89ac6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1826719
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63982}
2019-09-26 10:15:57 +00:00
Ross McIlroy
c70de45c6a [TurboProp] Add MidTierMachineLoweringPhase to avoid Late/MemoryOptimizationPhases
Adds a MidTierMachineLoweringPhase which does select and memory lowering to machine
nodes. This allows TurboProp to avoid the LateOptimizationPhase and
MemoryOptimizationPhase phases while still lowering all simplified nodes to
machine nodes before instruction selection.

BUG=v8:9684

Change-Id: I60533db93152ff044a2fa8c1c31adedeb3747856
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1815130
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63981}
2019-09-26 09:58:47 +00:00
Mike Stanton
dbfcdcff54 Add jgruber@chromium.org as a compiler owner.
Change-Id: I333ceca8c811c32dd6c7cad941082ca7a87a985e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1826718
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63980}
2019-09-26 09:54:37 +00:00
Clemens Backes
0f2ed107ef Rename clemensh to clemensb in OWNERS
R=adamk@chromium.org

No-Try: true
Change-Id: Idedb3d80382c876f09c545cf0f1cc7387b9ad805
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1825242
Auto-Submit: Clemens Backes [né Hammacher] <clemensb@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63979}
2019-09-26 08:44:44 +00:00
Jakob Gruber
4de2137d63 [ia32] Tentative fix for invalid codegen on ia32
It looks like codegen on ia32 may sometimes miss a byte during
emit_arith. Our working theory is that this happens because `length`
in emit_operand, for whatever reason, is 0 and we thus do not advance
`pc_` correctly. The tentative fix is to use EMIT to increment the pc_
on each single write instead of relying on `length`.

Bug: v8:9774
Change-Id: I522eef96481f44f57628f914c9c170f1644ec47a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1824941
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63978}
2019-09-26 07:36:42 +00:00
Clemens Backes [né Hammacher]
6b59680c12 Revert "Update V8 DEPS."
This reverts commit 253fddc647.

Reason for revert: Still fails on android builders: https://ci.chromium.org/p/v8/builders/ci/V8%20Android%20Arm%20-%20builder/28305

Original change's description:
> Update V8 DEPS.
> 
> Rolling v8/build: 7f88e8b..c9a62d3
> 
> Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/6bb5733..e00ffeb
> 
> Rolling v8/third_party/depot_tools: 7211cf6..f0faf48
> 
> Rolling v8/tools/clang: d0c91c0..925d2e5
> 
> TBR=machenbach@chromium.org,tmrts@chromium.org
> 
> Change-Id: I7a74868be617b958054f1387f6ca3f15ad3ab079
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1826260
> Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
> Cr-Commit-Position: refs/heads/master@{#63976}

TBR=machenbach@chromium.org,v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com,tmrts@chromium.org

Change-Id: I94d44623846a3f39e629e77e25b26d62b92ba84b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1825240
Reviewed-by: Clemens Backes [né Hammacher] <clemensb@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63977}
2019-09-26 07:29:37 +00:00
v8-ci-autoroll-builder
253fddc647 Update V8 DEPS.
Rolling v8/build: 7f88e8b..c9a62d3

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/6bb5733..e00ffeb

Rolling v8/third_party/depot_tools: 7211cf6..f0faf48

Rolling v8/tools/clang: d0c91c0..925d2e5

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: I7a74868be617b958054f1387f6ca3f15ad3ab079
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1826260
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#63976}
2019-09-26 03:33:27 +00:00
Ng Zhi An
cab91c712c [cleanup] Do not emit temp registers for instructions that don't need them
A lot of the instructions in RO_OP_LIST do not require temp registers in
the codegen, but a temp register is emitted. We split RO_OP_LIST into
two lists, one which requires temp registers RO_OP_LIST_ONE_TEMP, and
RO_OP_LIST is now for instructions that do not use temp registers.

There are a couple more instructions currently in RO_OP_LIST, but use
scratch registers in the codegen, those can be cleaned up to use temp
registers and then moved into RO_OP_LIST_ONE_TEMP.

Change-Id: Iccc49111c1cce05324c64c36458f49920231d6bf
Bug: v8:9396
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1819870
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63975}
2019-09-25 22:48:21 +00:00
Z Nguyen-Huu
74ade4a779 [builtins] Port RegExp MatchAll to Torque
Bug: v8:8976
Change-Id: Ibe20feb63b676f76b21dd8be7a9d1f3887af470a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1816926
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63974}
2019-09-25 20:41:28 +00:00
Ng Zhi An
628cc44a29 [wasm-simd] Implement f64x2 f32x4 qfma and qfms for arm64
FMA operations is always supported on arm64, so in the test, we expect
fused results on arm64 whenever we run on TurboFan.

Bug: v8:9415
Change-Id: Ia2016533b9b76ee14b8c8da1c0d4ff7753276714
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1819723
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63973}
2019-09-25 20:13:28 +00:00
Frank Tang
aad8c7f81b [Intl] Implement ECMA402 PR 349 and 351
It is controlled by flag harmony_intl_other_calendars.
But this is also pretty intern-dependent with
harmony_intl_add_calendar_numbering_system and should be launched
all together to be meaningful.

https://github.com/tc39/ecma402/pull/349/
#349 Normative: Allow calendar to determine choice of pattern

https://github.com/tc39/ecma402/pull/351
#351 Normative: Permit relatedYear and yearName in output



Bug: v8:9155
Change-Id: I67cd6bba6276bbb995186a9fe6202429d724ba61
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588401
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63972}
2019-09-25 19:53:48 +00:00
Dominik Inführ
2b8dab42e5 [heap] Insert into old-to-new slots non-atomically
Since https://crrev.com/c/1771783 the mutator owns the old-to-new
remembered set, while the sweeper modifies the sweeping-slot-set.
This allows us to update the old-to-new remembered set non-atomically.

In this CL the mutator now inserts non-atomically into the remembered
set. The AccessMode is now explicit for Insert-operations as well.

Bug: v8:9454
Change-Id: I94730345f7dd34fe309839969330687c94b3080b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1803652
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63971}
2019-09-25 16:53:17 +00:00
Milad Farazmand
1a92c9851c PPC/s390: [ptr-compr] Switch to 31 bit Smis on 64-bit architectures
Port 12a9ee3a5b

Original Commit Message:

    32 bit Smis are incompatible with pointer compression so we land disable
    them before enabling pointer compression in order to separate memory and
    performance regressions caused by 31 bit Smis from pointer compression
    change.

R=ishell@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I5d180c6435796284224a45053ff44e7a25fa6e2a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1822118
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#63970}
2019-09-25 14:23:56 +00:00
Ingvar Stepanyan
c7848612d8 Add support for reporting raw Wasm scripts
This addition will allow to experiment with parsing DWARF information from
WebAssembly on the frontend side for improved debugging.

The frontend must explicitly opt-in to this experiment by setting
`supportsWasmDwarf: true` in `Debugger.enable` params.

When this option is present, and Wasm appears to contain DWARF information
(heuristic: `.debug_info` custom section is present), V8 will not try to
disassemble and report each WebAssembly function as a separate fake script, but
instead will report Wasm module as a whole.

Note that V8 already does this when Wasm is associated with a source map.

Additionally, this CL adds a dedicated `Debugger.getWasmBytecode` command that
accepts scriptId and returns raw wire bytes of the chosen WebAssembly module.

Change-Id: I7a6e80daf8d91ffaaba04fa15688f2ba9552870f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1809375
Commit-Queue: Ingvar Stepanyan <rreverser@google.com>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63969}
2019-09-25 14:05:26 +00:00
Peter Marshall
01e52d8068 [build] Add missing header to build (regexp/special-case.h)
This was missed in a file move

Bug: chromium:991547
Change-Id: I4442f2e4e7acdb91b16151714b87e229bce1a409
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1824945
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Auto-Submit: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63968}
2019-09-25 13:41:16 +00:00
Clemens Hammacher
35ca0abdc5 [wasm] Ship far jump tables
This flips the --wasm-far-jump-table flag. It will allow for more than
128MB of code space per wasm module on arm64, and will increase the
limit on the number of modules per process on x64 (was ~1000 before,
because we reserved 1GB for the code space per module).

R=mstarzinger@chromium.org

Bug: v8:9477
Change-Id: I870ec616f4812e38ef1e3fccf0629854a247bb4f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1815247
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Backes [né Hammacher] <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63967}
2019-09-25 12:44:56 +00:00
Ross McIlroy
6d5e9b798e [TurboProp] Split out MemoryLowering from MemoryOptimizer
Seperates the memory lowering operations into a seperate MemoryLowering
class which is used by the MemoryOptimizer. This will enable TurboProp
to reduce memory operations without having to do a full memory
optimization pass.

BUG=v8:9684

Change-Id: I1b333f1360fd342612672842bf879f44ab1ee60c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1815243
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63966}
2019-09-25 11:16:03 +00:00
Thibaud Michaud
63e9a7d9bf [wasm] Add multi-return support for Wasm to JS calls
Allows JS functions returning array-like objects to be imported as
multi-return functions in WebAssembly modules. Importing a generator
does not work as required by the specification yet.

R=mstarzinger@chromium.org

Bug: v8:9492
Change-Id: Iaf61a0f718eb50676913aa1486fb39cebecfc090
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1815246
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63965}
2019-09-25 11:14:58 +00:00
Dominik Inführ
ecb1638a56 [heap] Activate old-to-new slot invalidation
The previous CL https://crrev.com/c/1771783 introduced the old-to-new
invalidation set, while still manually deleting slots in the remembered
set. This CL only clears slots during sweeping when shrinking objects.
The invalidation set is now used to filter slots in scavenge and
mark-compact.

Bug: v8:9454
Change-Id: I3a4c562d29cce0eddd9884e5f6fc1a09d1b5cd5e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1807275
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63964}
2019-09-25 10:55:45 +00:00
Yu Yin
b7ec33b469 [mips][wasm-c-api] Fix unaligned store.
when wasm have multiple returns but not aligned such as return
{kWasmI32, kWasmI64, kWasmI64, kWasmI32 } like
test/wasm-api-tests/multi-return.cc do, wasm compiler will generate
store instructions but not unaligned store instructions to store the
return values, this will cause check failed on mips simulator, the
test maybe will successful on mips native machine if the host kernel
can handle the unaligend stores.

This patch also fix the return address offset.

Change-Id: I7de93fdbef3341e7d0057f6ecbc95a9d2f86c943
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1824309
Commit-Queue: Clemens Backes [né Hammacher] <clemensh@chromium.org>
Reviewed-by: Clemens Backes [né Hammacher] <clemensh@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63963}
2019-09-25 10:50:45 +00:00
Dan Elphick
db90b8d644 [roheap] Add Isolate parameter to Code::Disassemble
In preparation for Code objects that aren't executable and can be in
RO_SPACE, pass an Isolate into Code::Disassemble.

Bug: v8:7464
Change-Id: I99f5faf23dd4709a48925e1ae44d1ce595ea6f5f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1822043
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63962}
2019-09-25 10:46:45 +00:00
Clemens Hammacher
e1b0086a6a [wasm] Increase maximum code space on arm64
With the far jump table, we need to distinguish the maximum size of a
single code space from the maximum total code size per module. On
arm64, they differ, because we now support 1GB of code space, but each
code space is still limited to 128MB.

Bug: v8:9477

R=mstarzinger@chromium.org

Change-Id: I7b9aaec56a1d9d1f70573b6b895216d5b3f38346
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1815253
Commit-Queue: Clemens Backes [né Hammacher] <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63961}
2019-09-25 10:44:35 +00:00
Yu Yin
368241d000 [mips64][ptr-compr] Switch to 31 bit Smis on 64-bit architectures
Port 12a9ee3a5b

Original Commit Message:

    32 bit Smis are incompatible with pointer compression so we land disable
    them before enabling pointer compression in order to separate memory and
    performance regressions caused by 31 bit Smis from pointer compression
    change.

Change-Id: I19647f18e7feafc6ca5b922c73785839ab528421
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1824306
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Yu Yin <xwafish@gmail.com>
Cr-Commit-Position: refs/heads/master@{#63960}
2019-09-25 09:56:16 +00:00
Dan Elphick
0f15403a04 [cleanup] Move string functions out of CSA
Moves the following functions from CodeStubAssembler to
BuiltinsStringAssembler:

SubString
CopyStringCharacters
AllocAndCopyStringCharacters

Bug: v8:9396
Change-Id: Ieb534b7fa7e72db9b05cdc2a34bd88b7a52ee985
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1822040
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Auto-Submit: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63959}
2019-09-25 07:59:34 +00:00
Dan Elphick
d3253633b2 [cleanup] Move FindOrderedHashTableEntry out of CSA
Move CodeStubAssembler::FindOrderedHashTableEntry into
CollectionsBuiltinsAssembler and remove the specializations since they
can now be generated directly by the call sites.

Bug: v8:9396
Change-Id: I23e84167dafc2fec1886a842a8649f0500c4f447
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1822041
Auto-Submit: Dan Elphick <delphick@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63958}
2019-09-25 07:55:54 +00:00
Dan Elphick
564d6747b1 [cleanup] Remove unused CSA::BasicStoreNumberDictionaryElement
Last use of BasicStoreNumberDictionaryElement was removed in
https://chromium-review.googlesource.com/c/v8/v8/+/1627977

Bug: v8:9396
Change-Id: I08c1da67393c3549a8c756abd2a5ca4e35fa3b2a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1822042
Auto-Submit: Dan Elphick <delphick@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63957}
2019-09-25 07:06:26 +00:00
v8-ci-autoroll-builder
2c8336e787 Update V8 DEPS.
Rolling v8/build: 04fbb76..7f88e8b

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/8669b37..6bb5733

Rolling v8/third_party/depot_tools: ba5bc99..7211cf6

Rolling v8/tools/clang: e514199..d0c91c0

TBR=machenbach@chromium.org,tmrts@chromium.org

Change-Id: I8139c9c1b3d322cf0cc5d49d190a20d55ff35a4f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1823582
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#63956}
2019-09-25 03:46:44 +00:00
Ng Zhi An
8a5386f240 [wasm-simd] Implement f64x2 splat extract_lane replace_lane for ia32
Bug: v8:9728
Change-Id: I8d993368fc23ab9e8cc08e31f4405678ec4ce824
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1803790
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63955}
2019-09-24 23:24:08 +00:00
Ng Zhi An
9cd54cd4f5 [cleanup] use DCHECK_LT where applicable
This gives nicer error messages.

Was
  Fatal error in ../../src/compiler/backend/instruction.h, line 778
  Debug check failed: i < InputCount().

Now
  Fatal error in ../../src/compiler/backend/instruction.h, line 778
  Debug check failed: i < InputCount() (5 vs. 3).

Bug: v8:9396
Change-Id: Iab2aea49245a42397bf07f4abf9e3de501c758b9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1817258
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63954}
2019-09-24 23:12:28 +00:00
Andreas Haas
9cf9e82a2a [wasm][interpreter] Fix memory leak with the reference stack
This CL fixes a memory leak in the interpreter. The leak was caused by
a cycle the object graph that was rooted with a global object. The
cycle was the following:

A global handle, owned by the interpreter -> reference stack of the
Interpreter -> ref.func element (WasmExportedFunction) ->
WasmInstanceObject -> WasmDebugInfo -> InterpreterHandle -> Interpreter

With this CL we get rid of the global handle. Instead we store the stack
in the WasmDebugInfo. We then have to load the reference stack every time
we enter the Interpreter and want access the reference stack.

R=mstarzinger@chromium.org

Bug: chromium:1000610
Change-Id: If8995725f7ec35862b2f99a07582c861027daaf1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1800582
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63953}
2019-09-24 17:20:40 +00:00
Santiago Aboy Solanes
54301b0090 [turbofan] Reintroduce LoadStackArgument simplified operator
We are going to change again Tagged to not mean 'Full Tagged'. Then,
we have to reintroduce this operator, which was removed in
https://chromium-review.googlesource.com/c/v8/v8/+/1594439.

Bug: v8:7703
Change-Id: I8df65b76eed67613297b04d67c791cb6580bb49e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1817613
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63952}
2019-09-24 16:42:38 +00:00
Milad Farazmand
7caea48816 PPC/s390: [ptr-compr] Switch to 31 bit Smis on 64-bit architectures
Port 12a9ee3a5b

Original Commit Message:

    32 bit Smis are incompatible with pointer compression so we land disable
    them before enabling pointer compression in order to separate memory and
    performance regressions caused by 31 bit Smis from pointer compression
    change.

R=ishell@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I1a353f2d6a682ba27e579a7de1bf7ea2240a6bbd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1822117
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#63951}
2019-09-24 16:14:08 +00:00
Georg Neis
944236faf6 [turbofan] Remove a redundant method call
R=mslekova@chromium.org

Bug: v8:7790
Change-Id: Ie6cc694ac3d11bdd454c2f6d23e24b4fdd59b00e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1822039
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63950}
2019-09-24 15:54:58 +00:00
Santiago Aboy Solanes
a73bef9cbe [turbofan] Reintroduce LoadMessage/StoreMessage simplified operators
We are going to change again Tagged to not mean 'Full Tagged'. Then,
we have to reintroduce these operators.

These allow to write a tagged uncompressed pointer even if pointer
compression is enabled.

This CL is basically a revert of
https://chromium-review.googlesource.com/c/v8/v8/+/1593301.

Bug: v8:7703
Change-Id: Ic1c66690b6bc74f697c9f5bf6d3ff45bb764c268
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1817612
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63949}
2019-09-24 15:25:19 +00:00
Jakob Gruber
8aead3b53b [regexp] Add correctness fuzzer suppression
This extends suppressions to also handle excess zone allocations in
the parser.

Bug: chromium:1002510
Change-Id: Id418564d244ed618703e62260de31a6b1a2842f8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1821459
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63948}
2019-09-24 14:57:22 +00:00
Dan Elphick
f674045458 [parser] Fix destructured parameters in arrowheads
Always unmark arrowhead parameters as assigned directly after their
initialization as the parser doesn't know when it first sees the
"assignment" that it may be in an arrowhead.

Bug: chromium:1003403, v8:8510
Change-Id: Iad5a4136d5ec06331fc43b81a809fd72cee2dd65
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1815131
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63947}
2019-09-24 14:11:52 +00:00
Joshua Litt
0ceee9ad28 [top-level-await] Add support for parsing top level await
Adds support for parsing top level await to V8, as well as
many tests.

This is the final cl in the series to add support for top level
await to v8.

Spec is here:
https://tc39.es/proposal-top-level-await/#sec-execute-async-module

Bug: v8:9344
Change-Id: Ie8f17ad8c7c60d1f6996d134ae154416cc1f31e3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1703878
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63946}
2019-09-24 14:01:32 +00:00