Commits · ab03182318c1262185914dd3e568a2211645f9f9 · Linshizhi / V8

13 May, 2019 21 commits

[torque] Add definition for constexpr member · ab031823

Sigurd Schneider authored May 13, 2019

TBR=tebbi@chromium.org

Bug: v8:9239
Change-Id: I9634001a4b6a46680175b9dd04075a313788514c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1609544Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61452}

ab031823

Reland "[heap] Make trampoline CodeDataContainers immutable and deduplicate them" · f22bd828

Maciej Goszczycki authored May 13, 2019

Fixed by 6644f2b8
(https://chromium-review.googlesource.com/c/v8/v8/+/1605728)

This is a reland of 652e32f9

Original change's description:
> [heap] Make trampoline CodeDataContainers immutable and deduplicate them
>
> Moves all trampoline CodeDataContainers to read-only space, making them
> immutable. Containers with no 'kind specific flags' set or 'promise
> rejection' flag are deduplicated by replacing them with the new canonical
> CodeDataContainers roots.
>
> This saves around 36KB from the snapshot.
>
>     RO_SPACE  NEW_SPACE  OLD_SPACE  CODE_SPACE  MAP_SPACE  LO_SPACE
> old    32048          0     225944      149280      20240         0
> new    32120          0     189344      149280      20240         0
>
> Bug: v8:7464
> Change-Id: Iedd538a86311ef501cd88c90ec75e1308195762f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601257
> Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61378}

Bug: v8:7464
Change-Id: Ib98577d7d6c8c1205c94bf8c57d9cb38f51fdad3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1609539
Commit-Queue: Maciej Goszczycki <goszczycki@google.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61451}

f22bd828

[wasm] Use CommitPageSize where appropriate · d08eb736

Clemens Hammacher authored May 13, 2019

{CommitPageSize()} can be smaller than {AllocatePageSize()} (on win64,
it's 4kb vs 64kb), thus use the commit size where appropriate.

R=titzer@chromium.org

Change-Id: Ic9a009158d788aa0c53e15790ea089f01ade0d0a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1605940Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61450}

d08eb736

[wasm][gc] Check assumption on foreground task · 31712717

Clemens Hammacher authored May 13, 2019

If the gc foreground task is running, we don't expect any wasm code to
be live on the stack.
This CL adds a SLOW_DCHECK for this assumption.

R=mstarzinger@chromium.org

Bug: v8:8217
Change-Id: I0c221f6acaebd8c622d0f55ff85f69105482942f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1609541Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61449}

31712717

[test] Fix tests to work with lazy feedback allocation · 98a16f45

Mythri A authored May 13, 2019

Bug: v8:8394
Change-Id: I593393f30eaa6e87cef52d8b8883010e229cb12a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1609540
Auto-Submit: Mythri Alle <mythria@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61448}

98a16f45

[test] Add a missing %EnsureFeedbackVector in serializer-tester · bf3e8eab

Mythri A authored May 13, 2019

Bug: v8:8394
Change-Id: If551ad07c5f6d06f70fa7fb32b09886e1a8fdc54
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1609800
Commit-Queue: Mythri Alle <mythria@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Auto-Submit: Mythri Alle <mythria@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61447}

bf3e8eab

[turbofan] Fix handling of null in -0 == null comparison · 21085660

Sigurd Schneider authored May 13, 2019

TurboFan truncated null to +0 even in contexts such as -0 == null
because it was not handling the TypeCheck correctly. This restricts
the type conversion case to not apply truncation in this case (see
comment in patch).

Change-Id: Ia38ace9608800c8d61988de402a31dd863d9160a
Bug: chromium:961237
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1609538Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61446}

21085660

[wasm] Factor out {WasmCodeAllocator} · c5a16a39

Clemens Hammacher authored May 13, 2019

This factors out a {WasmCodeAllocator} which manages all code
reservations and allocations for a {NativeModule}. This will allow for
better testing of this component (which will be added in a separate CL).

R=titzer@chromium.org

Change-Id: I09727c30afc533e95569276147792d0e641b0507
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1605738
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61445}

c5a16a39

[torque] Add ClassFlag(s) enum · 5343d789

Sigurd Schneider authored May 11, 2019

This removes the need for passing ever more boolean flags
to the class constructor.

Change-Id: I0271e1b96585252183dcf070eb440ebdaf2a270f
Bug: v8:7793
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1607760
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61444}

5343d789

PPC/S390 : [test] Marking packed-elements test as slow on PPC and S390 simulator · 3a7722c7

Milad Farazmand authored May 10, 2019

Change-Id: I7ae01e67ade94530909914df97a17684f8c277f7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1606281Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#61443}

3a7722c7

[wasm] Implement the ref.func instruction · 4672b865

Andreas Haas authored May 13, 2019

I did the implementation with a runtime function. I extracted some code
from the implementation of table.get.

By accident I formatted anyfunc.js. However, since it's an improvement,
I don't want to undo it. I didn't change anything in the older tests
though, I only added new tests at the end.

R=mstarzinger@chromium.org

Bug: v8:7581
Change-Id: I31832ccc817e1e7989f486d6487108c14d21bbea
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1602701
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61442}

4672b865

[ptr-compr][cleanup] Derive Object from TaggedImpl<> · c6201bc0

Igor Sheludko authored May 13, 2019

Having an TaggedImpl template will simplify adding compressed variants
of Object and MaybeObject which is required for avoiding unnecessary
value decompression in tight copying loops and write barrier
implementations.

Bug: v8:7703, v8:9183
Change-Id: I388b008aad0dbeb2d33fc5fb80c5f29b55ef993e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588419
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61441}

c6201bc0

Only declare FATAL macro with arguments. · 90c003a3

Peter Marshall authored May 13, 2019

The FATAL macro (without arguments) is used by some other libraries
e.g. protobuf and this causes conflicts. We only declared FATAL()
previously, so go back to that behavior by declaring arguments
for FATAL every time we define it.

Change-Id: Ia4c280fd7a1f27c2031de2fb691d60083f361a9a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1607649
Auto-Submit: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61440}

90c003a3

[turbofan] Handle insufficient feedback in ComputeElementAccessInfos · b1e7cd96

Georg Neis authored May 13, 2019

Bug: chromium:961986, v8:7790
Change-Id: I4c5fbd8eafb96ffe7e54be28eb5c5462b49ed015
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1607648Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61439}

b1e7cd96

[test] Fix test case for GC Stress testing. · 585d822a

Benedikt Meurer authored May 13, 2019

We need to keep strong references to the final map, otherwise the test
may start failing randomly depending on GC timing, because the optimized
code will get deoptimized when the map disappears.

Bug: v8:9236
Change-Id: I3c18cba96546020b4d70b95993e1531e787ed253
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1607652
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61438}

585d822a

Allow alignment padding in handler table DCHECK. · 9138b23f

Michael Starzinger authored May 10, 2019

This allows handler tables to be followed by (at maximum) 4 bytes of
alignment padding. Data following the handler table (e.g. the constant
pool) might cause such padding to be added.

R=jgruber@chromium.org

Change-Id: Icb1d3156032b847dc805b8e3e63b02c0b29dbd51
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1605723Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61437}

9138b23f

Revert "[turbofan] re-wire Unreachable to the graph end at EffectPhi's" · 3e6952c9

Maya Lekova authored May 13, 2019

This reverts commit 2c0b1f6e.

Reason for revert: Seems to cause GC stress failures blocking LKGR:
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20gc%20stress/22453
https://ci.chromium.org/p/v8/builders/ci/V8%20Mac64%20GC%20Stress/7318

Original change's description:
> [turbofan] re-wire Unreachable to the graph end at EffectPhi's
> 
> This avoids the EffectControlLinearizer stumbling upon unreachable
> code.
> 
> Bug: chromium:958718
> Change-Id: I135c17813741e48e878a4624370eee1e06081031
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1605737
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61434}

TBR=jarin@chromium.org,tebbi@chromium.org

Change-Id: I85cf33f06617b15cdd435e2699ace99e532d26e2
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:958718
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1607655Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61436}

3e6952c9

[turbofan] Add more UMA metrics for concurrent compilation · 848e1b9a

Maya Lekova authored May 10, 2019

Design doc: http://doc/1umgFxjLQ9p22lVS_BdhmAlo1o9xnxnWlhVi_HMWNktM

Bug: v8:9074
Change-Id: I99289cc46465e1bce52d8552b2db6fb66bcff85b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1605735Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61435}

848e1b9a

[turbofan] re-wire Unreachable to the graph end at EffectPhi's · 2c0b1f6e

Tobias Tebbi authored May 11, 2019

This avoids the EffectControlLinearizer stumbling upon unreachable
code.

Bug: chromium:958718
Change-Id: I135c17813741e48e878a4624370eee1e06081031
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1605737Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61434}

2c0b1f6e

make deleted functions public in include · 5554781f

gengjiawen authored May 12, 2019

Effective Modern C++ Items 11:
Prefer deleted functions to private undefined ones


Change-Id: I35c6277fcc77c60fc0a3d904763039c916d62b78
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1608325Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61433}

5554781f

Update V8 DEPS. · 4eba72fd

v8-ci-autoroll-builder authored May 13, 2019

Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/ebd17dd..0fdfe63

TBR=machenbach@chromium.org,sergiyb@chromium.org,tmrts@chromium.org

Change-Id: I1a5bf49cd1434859ce363a3fe4410886a628efab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1608727Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#61432}

4eba72fd

12 May, 2019 1 commit

Update V8 DEPS. · fe5e8978

v8-ci-autoroll-builder authored May 12, 2019

Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/4be574d..ebd17dd

TBR=machenbach@chromium.org,sergiyb@chromium.org,tmrts@chromium.org

Change-Id: I87a2e6e391caacf4477b95da9bec9dd6e69285b2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1607681Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#61431}

fe5e8978

11 May, 2019 3 commits

Add micro-benchmark of array.indexOf, array.includes for frozen objects · d7033466

Z Duong Nguyen-Huu authored May 10, 2019

Bug: v8:6831
Change-Id: I4d244771629a1c4785353f125d919793bdf37267
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1604408Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#61430}

d7033466

[Intl] Remove harmony-locale flag · 377f182b

Frank Tang authored May 10, 2019

harmony-locale is shipped in m74 and m74 is already out.
Remove harmony-locale flag from the code.

Bug: v8:8910
Change-Id: If9634b6767cfe449cfa03980bbad26ceb7408c79
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1592465
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61429}

377f182b

Update V8 DEPS. · efdc544a

v8-ci-autoroll-builder authored May 11, 2019

Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/e2b4498..4be574d

Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/09537e9..ff39537

Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/1b52d87..cd862e3

Rolling v8/third_party/googletest/src: https://chromium.googlesource.com/external/github.com/google/googletest/+log/9997a83..3f5b5b8

TBR=machenbach@chromium.org,sergiyb@chromium.org,tmrts@chromium.org

Change-Id: I2eea0c391c6eb8802dbd7fb682a2726d0e0a7ac4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1607560Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#61428}

efdc544a

10 May, 2019 15 commits

Revert "Reland "[ptr-compr][x64] Temporarily enable pointer compression on x64"" · 37d89edf

Igor Sheludko authored May 10, 2019

This reverts commit d61a9347.

Reason for revert: May cause UBSan failures

Original change's description:
> Reland "[ptr-compr][x64] Temporarily enable pointer compression on x64"
>
> This is a reland of 42beed97
>
> Relanding after fixing Chromium issues.
>
> Original change's description:
> > [ptr-compr][x64] Temporarily enable pointer compression on x64
> >
> > ... and make sure that the x64 ptr-compr bots proceed testing V8 without
> > pointer compression in order to keep testing the full pointer mode.
> >
> > Bug: v8:7703
> > Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng,v8_linux64_tsan_rel
> > Change-Id: Iee725deda813425a6f0722948b54976154f50909
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1497139
> > Reviewed-by: Michael Hablich <hablich@chromium.org>
> > Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> > Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#60230}
>
> Bug: v8:7703
> Change-Id: Ib1498609603cb03be2464043658131d5a2f1e012
> Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng,v8_linux64_tsan_rel
> Cq-Include-Trybots: luci.chromium.try:fuchsia_x64,linux-rel,mac-rel
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1559850
> Commit-Queue: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61416}

TBR=machenbach@chromium.org,ishell@chromium.org

Change-Id: I77d8fe848e53cbea4be89429de967a5966ae7e48
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7703
Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng, v8_linux64_tsan_rel
Cq-Include-Trybots: luci.chromium.try:fuchsia_x64, linux-rel, mac-rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1606500
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61427}

37d89edf

Discard CHECK failure messages for official builds to save binary size · 28df916b

Andrew Grieve authored May 10, 2019

FATAL() calls with more than one argument are preserved.

The rest of chrome does this as well. Stack traces and minidumps should
be sufficient for analyzing the reason for crashes.

This saves 110kb for Android arm32.

Bug: chromium:958807
Change-Id: I88a1ec82f1ed7bd5e7dbccf6d645d5584f16de82
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598159
Commit-Queue: Andrew Grieve <agrieve@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61426}

28df916b

[wasm] Display wasm globals in the inspector · baf84940

Ben Smith authored May 10, 2019

They are added under the global scope object, as follows:

  {
    "memory": ...,
    "globals": {
      "global#0": ...,
      "global#1": ...,
      "global#2": ...,
    }
  }

We currently don't have any way to name globals in the wasm binary
format, but it is possible to extend the name section with these names
in the future.

Bug: v8:6846
Change-Id: I79fa4ed3d83964bc8e26d66516605d41e92b3d03
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601829
Commit-Queue: Ben Smith <binji@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61425}

baf84940

[DevTools] Detect if the state of the inspector session was encoded as CBOR. · 40257054

Johannes Henkel authored May 09, 2019

In the longer run we only want the CBOR code path, for now we need to handle
JSON as well. So we convert if possible.

Change-Id: I726b737f4cd2602d4fb676ce7cf996fcd1ba33e9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598254Reviewed-by: Alexei Filippov <alph@chromium.org>
Commit-Queue: Johannes Henkel <johannes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61424}

40257054

Extend the tests for more Intl objects. · 02c19000

Frank Tang authored May 10, 2019

Bug: v8:5751
Change-Id: Icfd4b86499395b49f67a97e46d1b1b87ed9c01eb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1605356Reviewed-by: Mathias Bynens <mathias@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61423}

02c19000

[torque] Automatically generate verifier functions · e483fb27

Seth Brenith authored May 10, 2019

This change generates functions that verify the things that Torque knows
about objects and their fields. We still must implement each verifier
function in objects-debug.cc, but we can call into the generated code to
verify that field types match their Torque definitions. If no additional
verification is required, we can use the macro USE_TORQUE_VERIFIER as a
shorthand for a verifier that calls the corresponding generated
function.

A new annotation @noVerifier can be applied to both class and field
definitions, to prevent generating verification code. This allows fully
customized verification for complicated cases like
JSFunction::prototype_or_initial_map, which might not exist at all, and
JSObject::elements, which might be a one pointer filler map.

Because Factory::InitializeJSObjectFromMap fills new objects with
undefined values, and many verifiers need to deal with partially-
initialized objects, the generated verifiers allow undefined values on
every class deriving from JSObject. In cases where stricter checks were
previously performed, they are kept in objects-debug.cc.

Bug: v8:7793
Change-Id: I84034efadca89ba0aceddf92e886ffbfaa4c23fa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594042
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61422}

e483fb27

[Intl] Speed up Intl.NumberFormat constructor x4 · 41bc1cfd

Frank Tang authored May 10, 2019

1. Use the newer LocalizedNumberFormatter API which improve
   the performance score x3.3.
   Here are how I got the performance score:
  $ python -u tools/run_perf.py --binary-override-path \
    out/x64.release/d8 --filter "JSTests/Intl"  \
    test/js-perf-test/JSTests5.json

  Look for NewIntlNumberFormat-Intl(Score) for 3 runs.

  BEFORE: 539   507  507
   AFTER: 2009 2069 1994

2. Also add symbol and enum to prepare implementing of the unified
   number proposal.


Bug: v8:8515
Change-Id: Ie1ca1dba1e806449632cc96b81d44f0dc61b6093
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1392233
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61421}

41bc1cfd

[tools] Remove near_timeouts and timeouts fields · 55a7c6a5

Sergiy Belozorov authored May 09, 2019

R=machenbach@chromium.org, tmrts@chromium.org

No-Tree-Checks: true
Bug: chromium:841700
Change-Id: I201f3f029406bf788182e3cc6cf62ff68839a00d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1603802
Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61420}

55a7c6a5

[Intl] Add "numberingSystem" for Intl.RelativeTimeFormat · 40d9fca8

Frank Tang authored May 10, 2019

Create an Intl::GetNumberingSystem function shared by several
Intl object which throw exception internally.

Bug: v8:9190
Change-Id: Ibe658e61bc8d0e5c061b26fe8527e69d086ea185
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1590442Reviewed-by: Frank Tang <ftang@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61419}

40d9fca8

Reland "Reland "[compiler] Don't collect source positions for the top frame"" · bf9e3e4d

Dan Elphick authored May 09, 2019

This is a reland of f2e65226

Nothing has changed but
https://chromium-review.googlesource.com/c/v8/v8/+/1585269 has been rolled
back due to v8:9234.

Original change's description:
> Reland "[compiler] Don't collect source positions for the top frame"
>
> Fixed crashes by adding missing call to EnsureSourcePositionsAvailable,
> which requires clearing and restoring the pending exception.
>
> > While most source positions were not collected even throwing exceptions,
> > the top frame still was always collected as it was used to initialize
> > the JSMessageObject. This skips even that frame, by storing the
> > SharedFunctionInfo and bytecode offset in the JSMessageObject allowing
> > it to lazily evaluate the actual source position.
> >
> > Also adds tests to test-api.cc that test each of the source position
> > functions in isolation to ensure that they don't rely on previous
> > invocations to call the source collection function.
> >
> > Since no source positions are now collected at the point when an
> > exception is thrown, the mjsunit/stack-traces-overflow now passes again
> > with the flag enabled. (cctest/test-cpu-profiler/Inlining2 is now the
> > only failure).
>
> Bug: v8:8510
> Change-Id: Ifa5fe31d3db34a6c6d6a9cef3d646ad620dabd81
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601270
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61372}

TBR=ulan@chromium.org

Bug: v8:8510
Change-Id: Iaa9e376f90d10c0f25d1bcc352808363e4ea8b4d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1605946Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61418}

bf9e3e4d

[mips64] Correct wasm address space limit. · a814f29f

Yu Yin authored May 10, 2019

MIPS64 has a user space of 2^40 bytes on most processors, address
space limits needs to be smaller. 256G is ok, but it will cause
mjsunit/wasm/bulk-memory-spec/memory_copy.wast get a OOM error.

Bug: v8:7747
Change-Id: Ie7a96336ef4ab6340def813478a09bdf3f76894e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1605524
Auto-Submit: Yu Yin <xwafish@gmail.com>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61417}

a814f29f

Reland "[ptr-compr][x64] Temporarily enable pointer compression on x64" · d61a9347

Igor Sheludko authored May 10, 2019

This is a reland of 42beed97

Relanding after fixing Chromium issues.

Original change's description:
> [ptr-compr][x64] Temporarily enable pointer compression on x64
>
> ... and make sure that the x64 ptr-compr bots proceed testing V8 without
> pointer compression in order to keep testing the full pointer mode.
>
> Bug: v8:7703
> Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng,v8_linux64_tsan_rel
> Change-Id: Iee725deda813425a6f0722948b54976154f50909
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1497139
> Reviewed-by: Michael Hablich <hablich@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#60230}

Bug: v8:7703
Change-Id: Ib1498609603cb03be2464043658131d5a2f1e012
Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng,v8_linux64_tsan_rel
Cq-Include-Trybots: luci.chromium.try:fuchsia_x64,linux-rel,mac-rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1559850
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61416}

d61a9347

Revert "Port Proxy SetProperty trap builtin to Torque" · 82b7db33

Dan Elphick authored May 10, 2019

This reverts commit 7275c9c8.

Reason for revert: Introduces a crash

Original change's description:
> Port Proxy SetProperty trap builtin to Torque
> 
> Spec: https://tc39.github.io/ecma262/#sec-proxy-object-internal-methods-and-internal-slots-set-p-v-receiver
> Bug: v8:6664
> Change-Id: Ieddb645669a72d78ff9c0a45267165de3c5276f1
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1585269
> Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Maya Lekova <mslekova@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#61351}

TBR=jgruber@chromium.org,mslekova@chromium.org,duongn@microsoft.com

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: v8:6664, v8:9234
Change-Id: I4e26f5321a51498ab44efac75a963afea7b2ca16
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1605944Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61415}

82b7db33

[turbofan] Introduce NamedAccessFeedback · ff74066b

Georg Neis authored May 10, 2019

Brokerize parts of named property access.

Bug: v8:7790
Change-Id: I465bced5f266969040d1e966946a162b0a850c5b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1596734Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61414}

ff74066b

[turbofan] Simplify effect-control-linearizer.h · e5a5f5ae

Georg Neis authored May 10, 2019

... by moving the EffectControlLinearizer class into the .cc file and
only exposing a single function in the header.

Change-Id: I63dc3edd9de7df60041f0687d920996e308e0d4e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1605739
Commit-Queue: Georg Neis <neis@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61413}

e5a5f5ae