Passing kTruncateMinusZero truncates -0.0 to Smi 0, while kNoTruncation returns
-0.0 as a heap number.

BUG=

Review-Url: https://codereview.chromium.org/2361363002
Cr-Commit-Position: refs/heads/master@{#39710}

V8 is collecting a growing amount of fuzzers, all of which take substantial
space on the bots and in chromium build archives. This CL improves that
situation by allowing component (shared library) builds for almost all fuzzers.

The parser fuzzer is handled as an exception since it would require exporting a
large number of additional functions.

A component build results in about a 50-100x improvement in file size for each
fuzzer (~50M-100M to around 1.1M).

BUG=chromium:648864
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_compile_dbg_ng;master.tryserver.chromium.android:android_clang_dbg_recipe

Review-Url: https://codereview.chromium.org/2360983002
Cr-Commit-Position: refs/heads/master@{#39709}

Fixed another TSAN issue in https://codereview.chromium.org/2365123002

TBR=caitp@igalia.com,adamk@chromium.org
BUG=v8:4483

Review-Url: https://codereview.chromium.org/2367203002
Cr-Commit-Position: refs/heads/master@{#39708}

BUG=v8:5408

Review-Url: https://codereview.chromium.org/2367693002
Cr-Commit-Position: refs/heads/master@{#39707}

The file formerly known as src/js/harmony-async-await.js does not
expose anything directly to JavaScript code; it just makes a few
functions available on the native context for the parser desugaring
to expand into. Experimental natives have various issues with
larger amounts of code, so this patch moves the JS builtins to
support async functions out of experimental natives and into the
core snapshot. The change would be done eventually anyway, but this
patch does it before removing the flag to support shipping the
feature while avoiding the pitfalls of experimental natives.

Drive by cleanup: remove more unused functions from the whitelist for experimental natives.

BUG=v8:5427,v8:4483

Review-Url: https://codereview.chromium.org/2365123002
Cr-Commit-Position: refs/heads/master@{#39706}

If DevTools is turned on in the middle of doing some things with async
functions, then more items may be popped from the Promise stack than were
pushed to it. In this sort of case, it's OK to have a catch misprediction,
but a crash is unacceptable. This patch defensively handles this edge
case where the Promise stack is unexpectedly empty for that reason.

BUG=v8:5167

Review-Url: https://codereview.chromium.org/2361333003
Cr-Commit-Position: refs/heads/master@{#39705}

Rolling v8/build to 7ec7ad1a5dba8b996440e3bcbd05983cbd41ef3b

Rolling v8/buildtools to 86f7e41d9424b9d8faf66c601b129855217f9a08

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://codereview.chromium.org/2363053004
Cr-Commit-Position: refs/heads/master@{#39704}

Reason for revert:
TSAN failures still happening; need to investigate more.

Original issue's description:
> Reland of Ship async functions (patchset #1 id:1 of https://codereview.chromium.org/2364963003/ )
>
> Reason for revert:
> Fixed underlying cause of TSAN issue; trying again while watching the bots.
>
> Original issue's description:
> > Revert of Ship async functions (patchset #2 id:20001 of https://codereview.chromium.org/2356943002/ )
> >
> > Reason for revert:
> > Triggers TSAN errors on Linux64:
> >
> > https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/11901
> >
> > Original issue's description:
> > > Ship async functions
> > >
> > > Intent to ship discussion:
> > > https://groups.google.com/forum/#!topic/v8-users/gwpcEIrgIZY
> > >
> > > BUG=v8:4483
> > >
> > > Committed: https://crrev.com/9f7540a0ec6333e7c71615609fe29274d9b7a4c5
> > > Cr-Commit-Position: refs/heads/master@{#39697}
> >
> > TBR=caitp@igalia.com,littledan@chromium.org
> > # Skipping CQ checks because original CL landed less than 1 days ago.
> > NOPRESUBMIT=true
> > NOTREECHECKS=true
> > NOTRY=true
> > BUG=v8:4483
> >
> > Committed: https://crrev.com/a4354b6c15fd9dbde2677efdf81fbc99ff0cf3e0
> > Cr-Commit-Position: refs/heads/master@{#39699}
>
> TBR=caitp@igalia.com,adamk@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:4483
>
> Committed: https://crrev.com/97cdf9f978e971df8a463fef7525bb942d305796
> Cr-Commit-Position: refs/heads/master@{#39702}

TBR=caitp@igalia.com,adamk@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4483

Review-Url: https://codereview.chromium.org/2365113003
Cr-Commit-Position: refs/heads/master@{#39703}

Reason for revert:
Fixed underlying cause of TSAN issue; trying again while watching the bots.

Original issue's description:
> Revert of Ship async functions (patchset #2 id:20001 of https://codereview.chromium.org/2356943002/ )
>
> Reason for revert:
> Triggers TSAN errors on Linux64:
>
> https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/11901
>
> Original issue's description:
> > Ship async functions
> >
> > Intent to ship discussion:
> > https://groups.google.com/forum/#!topic/v8-users/gwpcEIrgIZY
> >
> > BUG=v8:4483
> >
> > Committed: https://crrev.com/9f7540a0ec6333e7c71615609fe29274d9b7a4c5
> > Cr-Commit-Position: refs/heads/master@{#39697}
>
> TBR=caitp@igalia.com,littledan@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:4483
>
> Committed: https://crrev.com/a4354b6c15fd9dbde2677efdf81fbc99ff0cf3e0
> Cr-Commit-Position: refs/heads/master@{#39699}

TBR=caitp@igalia.com,adamk@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4483

Review-Url: https://codereview.chromium.org/2363093003
Cr-Commit-Position: refs/heads/master@{#39702}

This patch fixes the logic of finding the location of a duplicate
parameter error in arrow functions by only looking at the error if it
exists. This should address a TSAN error. Further, an UNREACHABLE()
statement is inserted somewhere in the ExpressionClassifier code
to make future similar bugs easier to find.

BUG=v8:4483

Review-Url: https://codereview.chromium.org/2365693004
Cr-Commit-Position: refs/heads/master@{#39701}

R=adamk@chromium.org
BUG=v8:1569

Review-Url: https://codereview.chromium.org/2362153003
Cr-Commit-Position: refs/heads/master@{#39700}

Revert of Ship async functions (patchset #2 id:20001 of https://codereview.chromium.org/2356943002/ )

Reason for revert:
Triggers TSAN errors on Linux64:

https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/11901

Original issue's description:
> Ship async functions
>
> Intent to ship discussion:
> https://groups.google.com/forum/#!topic/v8-users/gwpcEIrgIZY
>
> BUG=v8:4483
>
> Committed: https://crrev.com/9f7540a0ec6333e7c71615609fe29274d9b7a4c5
> Cr-Commit-Position: refs/heads/master@{#39697}

TBR=caitp@igalia.com,littledan@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4483

Review-Url: https://codereview.chromium.org/2364963003
Cr-Commit-Position: refs/heads/master@{#39699}

This makes the variable name for the repo consistent w/ chromium,
so that we can use a single variable across repos.

R=machenbach@chromium.org

Review-Url: https://codereview.chromium.org/2362973002
Cr-Commit-Position: refs/heads/master@{#39698}

Intent to ship discussion:
https://groups.google.com/forum/#!topic/v8-users/gwpcEIrgIZY

BUG=v8:4483

Review-Url: https://codereview.chromium.org/2356943002
Cr-Commit-Position: refs/heads/master@{#39697}

Also fix recursive call to avoid going back through the API.

R=neis@chromium.org
BUG=v8:1569

Review-Url: https://codereview.chromium.org/2366063002
Cr-Commit-Position: refs/heads/master@{#39696}

This patch tracks the stack of async functions differently from other
Promise async stack tracking. With this patch, the stack trace of a
callstack of async functions should look similarly to the call stack
if all of the functions were synchronous. An example can be found in
the updated test expectations: https://codereview.chromium.org/2362923002 .

The new stack traces are implemented using existing mechanisms in the
inspector. The inspector has two ways to save async stack traces: recurring
and non-recurring stacks. An example of a non-recurring stack is setTimeout,
and a recurring one is saved for setInterval. Recurring stacks are deleted
only when a special "cancel" function is called, rather than being deleted
after being used the first time. Previous Promise async stack tracking always
used non-recurring stacks.

For async functions, this patch saves a recurring stack. The top frame of
the stack is duplicated, as the resuming function contains a similar frame;
the devtools frontend is responsible for removing or marking this frame,
which it can do based on seeing the [async function] line which follows it.
The second frame will instead be provided by the resuming execution
context. The recurring stack is saved when the async function is entered, and
it is deleted from a finally block. The id of the stack is saved in the outer
Promise being constructed by the async function. When an intermediate
throwaway Promise will be triggered as a reaction, it will be identified as
such based on its debugging metadata, and the corresponding async function's
recurring stack will be used.

BUG=v8:4483

Review-Url: https://codereview.chromium.org/2357423002
Cr-Commit-Position: refs/heads/master@{#39695}

Revert of [turbofan] ChangeFloat64ToTagged shouldn't canonicalize. (patchset #5 id:80001 of https://codereview.chromium.org/2367593003/ )

Reason for revert:
Failing on the main waterfall again (again for typedarray, even tho it passed trybots?):

https://build.chromium.org/p/client.v8/builders/V8%20Mac64/builds/11515/steps/Check/logs/typedarray

Original issue's description:
> [turbofan] ChangeFloat64ToTagged shouldn't canonicalize.
>
> This matches current Crankshaft/fullcodegen behavior more closely and
> thus reduces the chances that we run into unnecessary polymorphism due
> to the field representation tracking in our object model.
>
> R=jarin@chromium.org
> BUG=v8:5267
>
> Committed: https://chromium.googlesource.com/v8/v8/+/6a939714e991ebf10d56ddbd2869325cca99c0ef
> Committed: https://crrev.com/ee158e6c4cc896479a32245432a3c2fdd31bcb73
> Cr-Commit-Position: refs/heads/master@{#39692}

TBR=jarin@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5267

Review-Url: https://codereview.chromium.org/2367963002
Cr-Commit-Position: refs/heads/master@{#39694}

There's no reason (anymore) to have empty imports in special_imports.  Remove
them from there and rename special_imports to namespace_imports to be more
precise.

R=adamk@chromium.org
BUG=v8:1569

Review-Url: https://codereview.chromium.org/2368613002
Cr-Commit-Position: refs/heads/master@{#39693}

This matches current Crankshaft/fullcodegen behavior more closely and
thus reduces the chances that we run into unnecessary polymorphism due
to the field representation tracking in our object model.

R=jarin@chromium.org
BUG=v8:5267

Committed: https://chromium.googlesource.com/v8/v8/+/6a939714e991ebf10d56ddbd2869325cca99c0ef
Review-Url: https://codereview.chromium.org/2367593003
Cr-Commit-Position: refs/heads/master@{#39692}

We need this to run checks for debugger-script and injected-script-source.

BUG=chromium:645640
R=machenbach@chromium.org

Review-Url: https://codereview.chromium.org/2363073003
Cr-Commit-Position: refs/heads/master@{#39691}

Add some micro-benchmarks to help measure the impact and benefit of String Iterator
optimizations.

BUG=v8:5388
R=bmeurer@chromium.org

Review-Url: https://codereview.chromium.org/2364743003
Cr-Commit-Position: refs/heads/master@{#39690}

Resolve imports and indirect exports at instantiation time.

With this CL we have some basic functionality for modules working.  Not yet
supported: star exports, namespace imports, cycle detection, proper variable
initialisation in mutually recursive modules.

BUG=v8:1569

Review-Url: https://codereview.chromium.org/2362083002
Cr-Commit-Position: refs/heads/master@{#39689}

This extends the KeyedLoadIC_Megamorphic stub to call getters it found
on the receiver without falling back to a runtime call.

Review-Url: https://codereview.chromium.org/2362453004
Cr-Commit-Position: refs/heads/master@{#39688}

DevTools wants to be able to detect async functions in order to print
their synopsis better in stack traces and tooltips. This patch provides a
simple method to do the check.

BUG=v8:4483

Review-Url: https://codereview.chromium.org/2365833002
Cr-Commit-Position: refs/heads/master@{#39687}

Some DOM objects, like FileList, have indexed property handlers, and become
JS_SPECIAL_API_OBJECT_TYPE.

BUG=chromium:148757

Review-Url: https://codereview.chromium.org/2364053003
Cr-Commit-Position: refs/heads/master@{#39686}

Revert of [wasm] Master CL for Binary 0xC changes. (patchset #26 id:490001 of https://codereview.chromium.org/2345593003/ )

Reason for revert:
Main suspect for tsan:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/11893

Also changes layout tests:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/10036

+mips builder:
https://build.chromium.org/p/client.v8.ports/builders/V8%20Mips%20-%20builder/builds/4032

Original issue's description:
> [wasm] Master CL for Binary 0xC changes.
>
> [0xC] Convert to stack machine semantics.
> [0xC] Use section codes instead of names.
> [0xC] Add elements section decoding.
> [0xC] Decoding of globals section.
> [0xC] Decoding of memory section.
> [0xC] Decoding of imports section.
> [0xC] Decoding of exports section.
> [0xC] Decoding of data section.
> [0xC] Remove CallImport bytecode.
> [0xC] Function bodies have an implicit block.
> [0xC] Remove the bottom label from loops.
> [0xC] Add signatures to blocks.
> [0xC] Remove arities from branches.
> Add tests for init expression decoding.
> Rework compilation of import wrappers and how they are patched.
> Rework function indices in debugging.
> Fix ASM->WASM builder for stack machine.
> Reorganize asm.js foreign functions due to import indices change.
>
> R=ahaas@chromium.org,rossberg@chromium.org,bradnelson@chromium.org
> BUG=chromium:575167
> LOG=Y
>
> Committed: https://crrev.com/76eb976a67273b8c03c744f64ad850b0432554b9
> Cr-Commit-Position: refs/heads/master@{#39678}

TBR=ahaas@chromium.org,bradnelson@chromium.org,mtrofin@chromium.org,rossberg@chromium.org,bradnelson@google.com,titzer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:575167

Review-Url: https://codereview.chromium.org/2361053004
Cr-Commit-Position: refs/heads/master@{#39685}

Megamorphic keyed loads often load fast properties from the receiver
(as opposed to its prototype chain). They should avoid polluting the
stub cache for this.

Drive-by fix: --trace-ic printed two identical log lines for
KeyedLoadIC misses taking the LoadIC::Load path.

Review-Url: https://codereview.chromium.org/2358373002
Cr-Commit-Position: refs/heads/master@{#39684}

Reland of [fullcodegen] Refactor code that calls store ICs. (patchset #1 id:1 of https://codereview.chromium.org/2363123002/ )

Reason for revert:
Didn't help

Original issue's description:
> Revert of [fullcodegen] Refactor code that calls store ICs. (patchset #1 id:20001 of https://codereview.chromium.org/2363513003/ )
>
> Reason for revert:
> race suspect:
> https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/11893
>
> Original issue's description:
> > [fullcodegen] Refactor code that calls store ICs.
> >
> > Make FCG::CallStoreIC() load slot and name and make FCG::CallKeyedStoreIC() load
> > slot according to store IC calling convention (StoreDescriptor).
> >
> > BUG=v8:5407
> >
> > Committed: https://crrev.com/12918397b4af7b2bede8b29e1e9b1940d5d5ad3b
> > Cr-Commit-Position: refs/heads/master@{#39679}
>
> TBR=mvstanton@chromium.org,ishell@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:5407
>
> Committed: https://crrev.com/51fa56d1b8e9e320f7442682415e9df50ab19591
> Cr-Commit-Position: refs/heads/master@{#39682}

TBR=mvstanton@chromium.org,ishell@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5407

Review-Url: https://codereview.chromium.org/2361393005
Cr-Commit-Position: refs/heads/master@{#39683}

Revert of [fullcodegen] Refactor code that calls store ICs. (patchset #1 id:20001 of https://codereview.chromium.org/2363513003/ )

Reason for revert:
race suspect:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/11893

Original issue's description:
> [fullcodegen] Refactor code that calls store ICs.
>
> Make FCG::CallStoreIC() load slot and name and make FCG::CallKeyedStoreIC() load
> slot according to store IC calling convention (StoreDescriptor).
>
> BUG=v8:5407
>
> Committed: https://crrev.com/12918397b4af7b2bede8b29e1e9b1940d5d5ad3b
> Cr-Commit-Position: refs/heads/master@{#39679}

TBR=mvstanton@chromium.org,ishell@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5407

Review-Url: https://codereview.chromium.org/2363123002
Cr-Commit-Position: refs/heads/master@{#39682}

The source size is not a real indicator for whether or not to inline a
certain function.

R=ishell@chromium.org, jarin@chromium.org
BUG=v8:3354,v8:5267

Committed: https://chromium.googlesource.com/v8/v8/+/1b33028607637ba8cb2d60433811f825b00a0cc1
Review-Url: https://codereview.chromium.org/2361813002
Cr-Commit-Position: refs/heads/master@{#39681}

Revert of [api] Clean up scopes and precheck instantiations cache (patchset #3 id:40001 of https://codereview.chromium.org/2206773003/ )

Reason for revert:
Regresses API see go/v8-startup-api

Original issue's description:
> [api] Clean up scopes and precheck instantiations cache
>
> Make sure all the scopes used in api-natives.cc have inlineable constructors
> and destructors. Additionally directly precheck the instantiations cache before
> trying to enter the InvokeScope which sets the save_context.
>
> BUG=chromium:630217
>
> Committed: https://crrev.com/a2496b942cad524f0f3144b107936eaa9a7c9fd5
> Cr-Commit-Position: refs/heads/master@{#38346}

TBR=yangguo@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=chromium:630217, chromium:635912

Review-Url: https://codereview.chromium.org/2366903003
Cr-Commit-Position: refs/heads/master@{#39680}

Make FCG::CallStoreIC() load slot and name and make FCG::CallKeyedStoreIC() load
slot according to store IC calling convention (StoreDescriptor).

BUG=v8:5407

Review-Url: https://codereview.chromium.org/2363513003
Cr-Commit-Position: refs/heads/master@{#39679}

[0xC] Convert to stack machine semantics.
[0xC] Use section codes instead of names.
[0xC] Add elements section decoding.
[0xC] Decoding of globals section.
[0xC] Decoding of memory section.
[0xC] Decoding of imports section.
[0xC] Decoding of exports section.
[0xC] Decoding of data section.
[0xC] Remove CallImport bytecode.
[0xC] Function bodies have an implicit block.
[0xC] Remove the bottom label from loops.
[0xC] Add signatures to blocks.
[0xC] Remove arities from branches.
Add tests for init expression decoding.
Rework compilation of import wrappers and how they are patched.
Rework function indices in debugging.
Fix ASM->WASM builder for stack machine.
Reorganize asm.js foreign functions due to import indices change.

R=ahaas@chromium.org,rossberg@chromium.org,bradnelson@chromium.org
BUG=chromium:575167
LOG=Y

Review-Url: https://codereview.chromium.org/2345593003
Cr-Commit-Position: refs/heads/master@{#39678}

Previously we would not have a total count of ICs when interpreting and
thus the check for sufficient type info would always succeed.
Also use the optimization checks for OSR while waiting for baseline
compilation and refactor the check.

BUG=v8:4280
BUG=chromium:634884

Review-Url: https://codereview.chromium.org/2360913003
Cr-Commit-Position: refs/heads/master@{#39677}

CpuFeatures::IsSupported(feature) indicates that the feature is
available on the target. AssemblerBase::IsEnabled(feature) indicates
that we've checked for support (using CpuFeatureScope). The main benefit
is that we can test on (for example) ARMv8, but have some assurance that
we won't generate ARMv8 instructions on ARMv7 targets.

This patch simply cleans up the usage, which had become inconsistent.
The instruction emission functions now check not only that their
dependent features are supported, but also that we've verified that
using CpuFeatureScope.

BUG=

Review-Url: https://codereview.chromium.org/2360243002
Cr-Commit-Position: refs/heads/master@{#39676}

Namely:
Runtime_LoadIC_MissFromStubFailure
Runtime_StoreIC_MissFromStubFailure
Runtime_KeyedStoreIC_MissFromStubFailure

BUG=chromium:608675

Review-Url: https://codereview.chromium.org/2346743003
Cr-Commit-Position: refs/heads/master@{#39675}

Review-Url: https://codereview.chromium.org/2362113003
Cr-Commit-Position: refs/heads/master@{#39674}

It looks like it tried to trigger lazy inner function parsing by
inserting a comment into an inner function.

1) We don't have lazy inner functions yet.
2) Even if we had, there's no way this heuristic could trigger laziness:
we need to do the laziness decision upfront, without looking at the
contents / size of the function.
3) Some of the combinations were weird: lazy_outer but non-lazy inner?

In the current heuristics, only the total script size affects laziness;
in particular, it doesn't matter where the long comment is.

R=mstarzinger@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2364003002
Cr-Commit-Position: refs/heads/master@{#39673}

According to new store IC calling convention the value, slot and vector are passed
on the stack and there's no need in trying to preserve values or respective registers
in store handlers.

Nice bonus: we also don't need virtual registers anymore.

BUG=v8:5407

Review-Url: https://codereview.chromium.org/2357323003
Cr-Commit-Position: refs/heads/master@{#39672}

Moving ToInteger to CodeStubAssembler allows us to inline it in several
builtins. In a follow-up commit, we'll add a TruncationMode argument to
specify how -0.0 should be handled.

BUG=

Review-Url: https://codereview.chromium.org/2364473006
Cr-Commit-Position: refs/heads/master@{#39671}