Commit Graph

12669 Commits

Author SHA1 Message Date
jochen
3ca98851df Add a prepare to parse step to CompilerDispatcherJob
R=marja@chromium.org
BUG=v8:5215

Review-Url: https://codereview.chromium.org/2191443003
Cr-Commit-Position: refs/heads/master@{#38114}
2016-07-28 07:49:17 +00:00
yangguo
f7fa02f8b2 [inspector] add inspector protocol parser test build target for GYP.
This adds the build target inspector_protocol_parser_test, which depends
on several more inspector protocol related targets. The resulting
gtest executable runs, but has failures that have to be fixed.

GN build configuration will follow.

A copy of v8-inspector/js_protocol.json has been included to be able to
use it before the actual migration.

BUG=chromium:580337

Review-Url: https://codereview.chromium.org/2184733002
Cr-Commit-Position: refs/heads/master@{#38111}
2016-07-28 06:57:03 +00:00
ddchen
0a9d4003c7 [wasm] Add support for multiple indirect function tables
This patch updates internal data structures used by V8 to support
multiple indirect function tables (WebAssembly/design#682). But, since
this feature is post-MVP, the functionality is not directly exposed and
parsing/generation of WebAssembly is left unchanged. Nevertheless, it
is being used in an experiment to implement fine-grained control flow
integrity based on C/C++ types.

BUG=

Review-Url: https://codereview.chromium.org/2174123002
Cr-Commit-Position: refs/heads/master@{#38110}
2016-07-28 04:57:18 +00:00
fmeawad
821c3e563c Reland [Tracing] V8 Tracing Controller
V8 has had a trace event macro interface for while, but without a tracing
controller a standalone V8 would be unable to collect traces.

This CL introduces a complete Tracing Controller system for V8.
It is fully function except that it does not yet store trace event args.

This CL has a few components,
The tracing controller itself, contributed by the author of this CL
The Trace config (including the parser), contributed by lpy@
The Trace Object, Trace Writer, and Trace Buffer are all contributed by rksang@

BUG=v8:4561
LOG=N

The original CL was failing the V8 Arm Builder:
https://build.chromium.org/p/client.v8.ports/builders/V8%20Arm%20-%20builder/builds/2456
and the V8 Mips Builder:
https://build.chromium.org/p/client.v8.ports/builders/V8%20Mips%20-%20builder/builds/2506

The failure is due to undefined behavior of CHECK_EQ of 2 const char*

Fix in patch #1

Committed: https://crrev.com/3d598452679ce208ad9b2f48e0fb3fae352ce375
Cr-Commit-Position: refs/heads/master@{#38073}

patch from issue 2137013006 at patchset 200001 (http://crrev.com/2137013006#ps200001)

Review-Url: https://codereview.chromium.org/2183923004
Cr-Commit-Position: refs/heads/master@{#38104}
2016-07-27 16:21:54 +00:00
klaasb
27a9b032ab [interpreter] Don't keep postfix result if only visited for effect
Remove TODO to perform same optimization as AstGraphBuilder.
When visiting for effect in a postfix count operation, don't
keep the intermediate result of ToNumber.

BUG=v4:4280
LOG=n

Review-Url: https://codereview.chromium.org/2187823002
Cr-Commit-Position: refs/heads/master@{#38101}
2016-07-27 13:52:06 +00:00
jacob.bramley
cc00ba2df2 [arm] Clean up the use of UNALIGNED_ACCESSES.
All supported ARM targets support unaligned accesses for integer
accesses. This patch removes the remnants of support for older targets.

BUG=v8:5077

Review-Url: https://codereview.chromium.org/2184823002
Cr-Commit-Position: refs/heads/master@{#38099}
2016-07-27 13:28:02 +00:00
klaasb
d1baa31e52 Fix generate-bytecode-expectations crash
https://codereview.chromium.org/2176143002 removed parsing of a golden
file header option but did not remove the option.

BUG=
LOG=n

Review-Url: https://codereview.chromium.org/2189583002
Cr-Commit-Position: refs/heads/master@{#38096}
2016-07-27 12:23:13 +00:00
mlippautz
e97b8686f2 [heap] Don't consider mementos on pages below age mark
Objects that reside below the age mark could be on pages that have been moved
within new space. In this case mementos survived which can actually point to
already-collected allocation sites.

BUG=chromium:631050,chromium:581412
R=hpayer@chromium.org

Review-Url: https://codereview.chromium.org/2179033005
Cr-Commit-Position: refs/heads/master@{#38094}
2016-07-27 12:18:16 +00:00
epertoso
43a86ff3b7 [turbofan] Add the CheckedTruncateTaggedToWord32 opcode.
This leads to a better handling of the Smi case when we introduce a checked truncation from a number or oddbal to a 32 bit word, which we were previously doing by concatenating a Smi to float64 conversion with a float64 to word32 truncation.

BUG=

Review-Url: https://codereview.chromium.org/2191503002
Cr-Commit-Position: refs/heads/master@{#38091}
2016-07-27 11:41:27 +00:00
yangguo
071b655fa9 [debugger] Scope iterator should not visit inner function literals.
R=marja@chromium.org
BUG=chromium:621361

Review-Url: https://codereview.chromium.org/2185913003
Cr-Commit-Position: refs/heads/master@{#38087}
2016-07-27 09:04:20 +00:00
epertoso
94ab292fba [turbofan] Adds handling of number or oddball type feedback to SpeculativeNumberShiftLeft.
This required the introduction of the CheckedNumberOrOddballAsWord32 use info, and a change in the RepresentationChanger to handle it.

BUG=

Review-Url: https://codereview.chromium.org/2184513003
Cr-Commit-Position: refs/heads/master@{#38086}
2016-07-27 09:04:19 +00:00
mstarzinger
908f355ecc [interpreter] Enable OSR test that no longer fails.
R=mythria@chromium.org
TEST=mjsunit/regress/regress-2618
BUG=v8:4764

Review-Url: https://codereview.chromium.org/2183463003
Cr-Commit-Position: refs/heads/master@{#38085}
2016-07-27 08:58:53 +00:00
yangguo
43ab247f56 Remove NaCl support.
Review-Url: https://codereview.chromium.org/2175193003
Cr-Commit-Position: refs/heads/master@{#38081}
2016-07-27 07:50:31 +00:00
lpy
13c3d06a31 Revert of [Tracing] V8 Tracing Controller (patchset #11 id:200001 of https://codereview.chromium.org/2137013006/ )
Reason for revert:
Revert this CL due to V8 Arm Builder failure and V8 Mips Builder failure.

https://build.chromium.org/p/client.v8.ports/builders/V8%20Arm%20-%20builder/builds/2456

https://build.chromium.org/p/client.v8.ports/builders/V8%20Mips%20-%20builder/builds/2506

Original issue's description:
> [Tracing] V8 Tracing Controller
>
> V8 has had a trace event macro interface for while, but without a tracing
> controller a standalone V8 would be unable to collect traces.
>
> This CL introduces a complete Tracing Controller system for V8.
> It is fully function except that it does not yet store trace event args.
>
> This CL has a few components,
> The tracing controller itself, contributed by the author of this CL
> The Trace config (including the parser), contributed by lpy@
> The Trace Object, Trace Writer, and Trace Buffer are all contributed by rksang@
>
> BUG=v8:4561
> LOG=N
>
> Committed: https://crrev.com/3d598452679ce208ad9b2f48e0fb3fae352ce375
> Cr-Commit-Position: refs/heads/master@{#38073}

TBR=jochen@chromium.org,mattloring@google.com,rskang@google.com,yangguo@chromium.org,fmeawad@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4561

Review-Url: https://codereview.chromium.org/2183943002
Cr-Commit-Position: refs/heads/master@{#38074}
2016-07-26 22:45:25 +00:00
fmeawad
3d59845267 [Tracing] V8 Tracing Controller
V8 has had a trace event macro interface for while, but without a tracing
controller a standalone V8 would be unable to collect traces.

This CL introduces a complete Tracing Controller system for V8.
It is fully function except that it does not yet store trace event args.

This CL has a few components,
The tracing controller itself, contributed by the author of this CL
The Trace config (including the parser), contributed by lpy@
The Trace Object, Trace Writer, and Trace Buffer are all contributed by rksang@

BUG=v8:4561
LOG=N

Review-Url: https://codereview.chromium.org/2137013006
Cr-Commit-Position: refs/heads/master@{#38073}
2016-07-26 22:15:39 +00:00
martyn.capewell
3a6440e48f ARM: Implement UnaligedLoad and UnaligedStore turbofan operators.
Port 580fdf3c05

This also reverses the MachineType stored for partial unaligned access support
such that it records the unsupported types, rather than supported types.

BUG=

Review-Url: https://codereview.chromium.org/2182493003
Cr-Commit-Position: refs/heads/master@{#38065}
2016-07-26 15:58:19 +00:00
bjaideep
d05c2f02c5 PPC: Fixed RememberedSetRemoveRange to have chunk->size > PageSize
Increased array size in the testcase such that the chunk size is
greater that the page size on PPC (4MB). This fixes the case when
(start + Page::kPageSize) memory location is tested to be part of
the chunk.
The testcase was added as part of https://codereview.chromium.org/2110213003/

R=ulan@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com

BUG=
LOG=N

Review-Url: https://codereview.chromium.org/2182113002
Cr-Commit-Position: refs/heads/master@{#38060}
2016-07-26 15:10:20 +00:00
ishell
13aa1d0203 [stubs] Call interface descriptors cleanup.
This is a first step towards a perfect world where a call interface descriptor is the only place that defines calling convention for a particular code stub.

Review-Url: https://codereview.chromium.org/2172223002
Cr-Commit-Position: refs/heads/master@{#38059}
2016-07-26 14:56:35 +00:00
hpayer
9e37a07c8d [heap] Reland "Remove black pages and use black areas instead."
BUG=630969,630386
LOG=n

Review-Url: https://codereview.chromium.org/2185613002
Cr-Commit-Position: refs/heads/master@{#38057}
2016-07-26 14:42:48 +00:00
mstarzinger
e1ad114ed2 Reland of [interpreter] Add explicit OSR polling bytecode. (patchset #1 id:1 of https://codereview.chromium.org/2184553003/ )
Reason for revert:
Fix has been landed.

Original issue's description:
> Revert of [interpreter] Add explicit OSR polling bytecode. (patchset #6 id:100001 of https://codereview.chromium.org/2172233002/ )
>
> Reason for revert:
> Bunch of breakages. Maybe bad interaction with e520e5da55 ?
>
> E.g.:
> https://build.chromium.org/p/client.v8/builders/V8%20Linux64/builds/11607
>
> Original issue's description:
> > [interpreter] Add explicit OSR polling bytecode.
> >
> > This adds an explicit {OsrPoll} bytecode into every loop header which
> > triggers on-stack replacement when armed. Note that each such bytecode
> > stores the static loop depths as an operand, and hence can be armed for
> > specific loop depths.
> >
> > This also adds builtin code that triggers OSR compilation and switches
> > execution over to optimized code in case compilation succeeds. In case
> > compilation fails, the bytecode dispatch just continues unhindered.
> >
> > R=rmcilroy@chromium.org
> > TEST=mjsunit/ignition/osr-from-bytecode
> > BUG=v8:4764
> >
> > Committed: https://crrev.com/a55beb68e0ededb3773affa294a71edc50621458
> > Cr-Commit-Position: refs/heads/master@{#38043}
>
> TBR=rmcilroy@chromium.org,mstarzinger@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:4764
>
> Committed: https://crrev.com/439aa2c6d708bfd95db725bd6f97c4c49bbc51fc
> Cr-Commit-Position: refs/heads/master@{#38044}

TBR=rmcilroy@chromium.org,machenbach@chromium.org
BUG=v8:4764

Review-Url: https://codereview.chromium.org/2184713002
Cr-Commit-Position: refs/heads/master@{#38056}
2016-07-26 14:32:32 +00:00
jpp
060d984c94 [wasm][asm2wasm] Fixes a bug in 8-bit heap view accesses.
The bug was caused when validating expressions

X >> 0

for indexing into 8-bit heap views. If X was not an intish, the 'normal'
validation path would fail. That, however, left the type of X registered
in the AsmTyper::node_types_ member.

Later, in the 'lenient' code path for 8-bit views, the entire X >> 0
expression would be validated, which would cause X to be validated
again, at which point AsmTyper::SetTypeOf() would DCHECK because the
supplied node already had a type associated with it.

The fix was to simply FAIL() when X is not an intish. This is safe
because if X is not an intish, then

Validate(>>, !intish, FixNum)

will also fail.

BUG= https://bugs.chromium.org/p/chromium/issues/detail?id=628803
BUG= https://bugs.chromium.org/p/v8/issues/detail?id=4203
TEST= cctest/asmjs/test-asm-typer.cc
LOG= N

Review-Url: https://codereview.chromium.org/2181723002
Cr-Commit-Position: refs/heads/master@{#38053}
2016-07-26 14:05:05 +00:00
mstarzinger
94606a88e2 [interpreter] Disable OSR for BytecodeGenerator tests.
R=rmcilroy@chromium.org
TEST=cctest/test-bytecode-generator
BUG=v8:4764

Review-Url: https://codereview.chromium.org/2184663002
Cr-Commit-Position: refs/heads/master@{#38052}
2016-07-26 13:48:11 +00:00
bmeurer
5d2d46e388 [turbofan] Perform element index computation in word64 on 64-bit platforms.
This allows us to fuse the address computation with the actual memory
access operation on x64, which reduces the register pressure and the
number of instructions. There's probably some follow up cleanup that has
to happen to make sure the machine operator optimizations that are
relevant to word64 computations are also available (similar to what is
already available for word32).

R=epertoso@chromium.org

Review-Url: https://codereview.chromium.org/2183043002
Cr-Commit-Position: refs/heads/master@{#38051}
2016-07-26 13:14:04 +00:00
machenbach
439aa2c6d7 Revert of [interpreter] Add explicit OSR polling bytecode. (patchset #6 id:100001 of https://codereview.chromium.org/2172233002/ )
Reason for revert:
Bunch of breakages. Maybe bad interaction with e520e5da55 ?

E.g.:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64/builds/11607

Original issue's description:
> [interpreter] Add explicit OSR polling bytecode.
>
> This adds an explicit {OsrPoll} bytecode into every loop header which
> triggers on-stack replacement when armed. Note that each such bytecode
> stores the static loop depths as an operand, and hence can be armed for
> specific loop depths.
>
> This also adds builtin code that triggers OSR compilation and switches
> execution over to optimized code in case compilation succeeds. In case
> compilation fails, the bytecode dispatch just continues unhindered.
>
> R=rmcilroy@chromium.org
> TEST=mjsunit/ignition/osr-from-bytecode
> BUG=v8:4764
>
> Committed: https://crrev.com/a55beb68e0ededb3773affa294a71edc50621458
> Cr-Commit-Position: refs/heads/master@{#38043}

TBR=rmcilroy@chromium.org,mstarzinger@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4764

Review-Url: https://codereview.chromium.org/2184553003
Cr-Commit-Position: refs/heads/master@{#38044}
2016-07-26 11:07:20 +00:00
mstarzinger
a55beb68e0 [interpreter] Add explicit OSR polling bytecode.
This adds an explicit {OsrPoll} bytecode into every loop header which
triggers on-stack replacement when armed. Note that each such bytecode
stores the static loop depths as an operand, and hence can be armed for
specific loop depths.

This also adds builtin code that triggers OSR compilation and switches
execution over to optimized code in case compilation succeeds. In case
compilation fails, the bytecode dispatch just continues unhindered.

R=rmcilroy@chromium.org
TEST=mjsunit/ignition/osr-from-bytecode
BUG=v8:4764

Review-Url: https://codereview.chromium.org/2172233002
Cr-Commit-Position: refs/heads/master@{#38043}
2016-07-26 10:35:17 +00:00
bmeurer
32346aaea0 [turbofan] Fix overly aggressive dead code elimination.
When we eliminate nodes during truncation analysis that have no value
uses, we must make sure that we do not eliminate speculative number
operations that would have side effects depending on the inputs, i.e.
for example a SpeculativeNumberMultiply(x,y) does ToNumber(x) and
ToNumber(y) first, so if either x or y could throw an exception during
ToNumber conversion, we must not eliminate the multiplication, even if
it has no value uses (some later pass may kill the actual machine
multiplication, but the checks on the inputs have to remain still).
So we check whether both x and y are PlainPrimitive, i.e. neither
Receiver nor Symbol, which could raise exceptions for ToNumber, and
only in that case we propagate the "unusedness" of the node to its
inputs.

This also uncovered a bug with the type of Dead, which must be None,
as this represents an impossible value, so we had to fix that too.

Also the dead code removal will not work correctly for constants (i.e.
pure nodes with no value inputs), as those might be cached and hence
we might resurrect them for an unrelated node lowering during
SimplifiedLowering and only later kill the actual node (replacing its
uses with Dead), which would then also replace the new use with Dead.
So that was fixed as well. This shouldn't change anything for the
result, as unused constants automagically disappear from the graph later
on anyways.

R=yangguo@chromium.org
BUG=chromium:631318

Review-Url: https://codereview.chromium.org/2182003002
Cr-Commit-Position: refs/heads/master@{#38038}
2016-07-26 07:09:58 +00:00
bakkot
c2bcfc3145 Wrap ClassLiterals in DoExpressions instead of giving them BlockScopes.
This slightly simplifies scope handling. It also makes it possible to
implement some potential future changes to classes purely in the parser
by adding additional code to the DoExpression.

This is a portion of https://codereview.chromium.org/2142333002/, which
probably isn't going through in full.

Review-Url: https://codereview.chromium.org/2176653003
Cr-Commit-Position: refs/heads/master@{#38035}
2016-07-25 19:21:44 +00:00
machenbach
aa32233676 [build] Fix header-hygiene warnings for arm64
This prepares for switching arm64 sim to gn.

BUG=chromium:474921

Review-Url: https://codereview.chromium.org/2174363002
Cr-Commit-Position: refs/heads/master@{#38033}
2016-07-25 18:16:26 +00:00
bjaideep
b1683f050a [Heap] Fix ArrayBuffer_SemiSpaceCopyMultipleTasks to respect PPC page size
The testcase allocates JSArraybuffer on 2 separate pages which should be
on the New space. In the testcase semi space size is set to 2MB.
Since page size on PPC is 4MB the semi new space size defaults to 4MB.
Therefore when allocating 2nd buffer, scavenge GC kicks in as from-space is
filled up and copies 1st buffer to to-space. Now, the 2nd buffer also gets
allocated on the same to-space, therefore both buffer end up being on the
same page. This fix should allocate enough semi new space to contain 2
pages (for all platform).
The testcase was added as part of https://codereview.chromium.org/2036643002

R=mlippautz@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com

BUG=
LOG=N

Review-Url: https://codereview.chromium.org/2167853002
Cr-Commit-Position: refs/heads/master@{#38028}
2016-07-25 16:02:46 +00:00
caitp
917f0093fb [test] copy revoked proxy tests for array-concat to new files
The tests array-concat-revoked-proxy-*.js are copied out from array-concat.js,
in order to verify that they work correctly with a valid ArrayProtector cell.

These tests pass with https://crrev.com/122a9b7af02606dae558336082ab139a87eba39d
applied, but fail without it.

BUG=v8:5134
R=neis@chromium.org, cbruni@chromium.org, littledan@chromium.org

Review-Url: https://codereview.chromium.org/2177903002
Cr-Commit-Position: refs/heads/master@{#38026}
2016-07-25 15:26:16 +00:00
ivica.bogosavljevic
5d8094ee79 Fix cctest/test-code-stubs-mips64/ConvertDToI failure on big-endian architectures
Failure is due to different endianness on big endian. The test now passes on
both big-endian and little-endian architectures.

TEST=cctest/test-code-stubs-mips64/ConvertDToI
BUG=

Review-Url: https://codereview.chromium.org/2157373002
Cr-Commit-Position: refs/heads/master@{#38022}
2016-07-25 13:26:56 +00:00
neis
88a795d1c8 Remove the --ignition-generators flag.
This flag has been enabled by default for over a month now.

R=mstarzinger@chromium.org, rmcilroy@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2176143002
Cr-Commit-Position: refs/heads/master@{#38020}
2016-07-25 12:56:27 +00:00
klaasb
63ea19baa0 [interpreter] Add output register to ToName
ToName was always generated with a subsequent Star, fuse them.
Requires a few changes in the peephole optimizer as ToName cannot be
elided as easily, but must be replaced by Star.

BUG=v8:4280
LOG=n

Review-Url: https://codereview.chromium.org/2169813002
Cr-Commit-Position: refs/heads/master@{#38019}
2016-07-25 12:53:01 +00:00
ishell
5c8cb1689a [ic] Don't call LookupIterator::GetStoreTarget() when receiver is not a JSReceiver.
BUG=chromium:619166,chromium:625155

Review-Url: https://codereview.chromium.org/2175273002
Cr-Commit-Position: refs/heads/master@{#38018}
2016-07-25 12:32:59 +00:00
mvstanton
0a36b5cd2c [Turbofan] Make the -0 deopt case more efficient in multiplication.
After multiplying two integers we emit code like:

  if (result == 0) {
    if (OR_OPERATION(rhs, lhs) < 0) {
      DEOPT;
    }
  }

This CL allows us to eliminate the OR and comparison if either rhs or
lhs is a negative number, reducing the code to:

  if (result == 0) DEOPT;

BUG=

Review-Url: https://codereview.chromium.org/2167643002
Cr-Commit-Position: refs/heads/master@{#38016}
2016-07-25 12:15:22 +00:00
bmeurer
a2ad4c8f62 [turbofan] New GraphReducer based LoadElimination.
Turn the LoadElimination into a proper graph Reducer so that it can run
together with ValueNumbering and RedundancyElimination to a fixpoint
for maximum load/check elimination. This also adds initial support for
eliminating redundant LoadElement/StoreElement nodes.

BUG=v8:4930,v8:5141

Review-Url: https://codereview.chromium.org/2164253002
Cr-Commit-Position: refs/heads/master@{#38015}
2016-07-25 12:05:16 +00:00
mvstanton
480f155ed6 [Turbofan] IsUseLessGeneral shouldn't consider machine representation.
BUG=chromium:630952

Review-Url: https://codereview.chromium.org/2177193002
Cr-Commit-Position: refs/heads/master@{#38014}
2016-07-25 12:01:54 +00:00
rmcilroy
8d4658077c [Interpreter] Avoid allocating pairs array in VisitDeclarations.
Move the logic for allocating the global declaration pair array
from VisitDeclarations to a later step. This is required for
concurrent bytecode generation.

This change requires adding support for reserving fixed
constant pool array entries, which can be later updated
with the value of the literal.

BUG=v8:5203

Review-Url: https://codereview.chromium.org/2167763003
Cr-Commit-Position: refs/heads/master@{#38010}
2016-07-25 11:31:08 +00:00
jochen
0a6ccaf268 Replace SmartPointer<T> with unique_ptr<T>
R=ishell@chromium.org,bmeurer@chromium.org
TBR=rossberg@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2175233003
Cr-Commit-Position: refs/heads/master@{#38009}
2016-07-25 11:14:34 +00:00
bmeurer
5bed1516c8 [turbofan] Avoid introducing machine operators during typed lowering.
Introducing machine operators early causes trouble for the typing,
truncation analysis and representation selection, so we should rather
stick to simplified operators instead. Now there's only the for-in case
left, which is not clear how we can handle this in a better way.

Drive-by-fix: Also don't introduce Int32Constant and Word32Shl in
JSTypedLowering, but use NumberConstant and proper NumberShiftLeft
operators instead.

R=jarin@chromium.org
BUG=chromium:630951

Review-Url: https://codereview.chromium.org/2182453002
Cr-Commit-Position: refs/heads/master@{#38008}
2016-07-25 10:38:00 +00:00
jochen
37ba8f961b Replace SmartArrayPointer<T> with unique_ptr<T[]>
R=bmeurer@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2173403002
Cr-Commit-Position: refs/heads/master@{#38007}
2016-07-25 10:27:47 +00:00
yangguo
5cbe34bb46 Revert of [heap] Remove black pages and use black areas instead. (patchset #6 id:100001 of https://codereview.chromium.org/2160613002/ )
Reason for revert:
Suspected to cause crbug.com/630969

Original issue's description:
> [heap] Remove black pages and use black areas instead.
>
> BUG=630386
> LOG=n
>
> Committed: https://crrev.com/b008a0d5a3db80a854cb93d9c94d67bf2d780f2c
> Cr-Commit-Position: refs/heads/master@{#37967}

TBR=ulan@chromium.org,hpayer@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=630386

Review-Url: https://codereview.chromium.org/2176133002
Cr-Commit-Position: refs/heads/master@{#38006}
2016-07-25 10:17:40 +00:00
yangguo
02503b080f Make stack property collected by captureStackTrace non-enumerable and -writable.
TBR=jgruber@chromium.org

Review-Url: https://codereview.chromium.org/2177183002
Cr-Commit-Position: refs/heads/master@{#38005}
2016-07-25 10:04:13 +00:00
rmcilroy
a474e84181 [Intepreter] Always use BytecodeGraphBuilder when --turbo-from-bytecode
Always use the BytecodeGraphBuilder when the  --turbo-from-bytecode
is enabled, assuming the function should be compiled for Ignition.
Adds a new MaybeOptimizeIgnition function to runtime-profiler
which is called if the function should be optimized from bytecode
rather than going via full-codegen.

BUG=v8:4280

Committed: https://crrev.com/9ca7db914be88e6792a88eab4a1988ee031d70c4
Review-Url: https://codereview.chromium.org/2156753002
Cr-Original-Commit-Position: refs/heads/master@{#37921}
Cr-Commit-Position: refs/heads/master@{#38002}
2016-07-25 09:43:58 +00:00
ivica.bogosavljevic
436b8d551d Skip test-run-load-store/RunUnalignedLoadStoreUnalignedAccess on ARM
Skip test-run-load-store/RunUnalignedLoadStoreUnalignedAccess on ARM until
UnalignedLoad and UnalignedStore operators get implemented

NOTRY=true

Review-Url: https://codereview.chromium.org/2182433002
Cr-Commit-Position: refs/heads/master@{#38001}
2016-07-25 09:37:07 +00:00
machenbach
a4dbaf1c0c [gn] Migrate more custom cflags from gyp to gn
BUG=chromium:474921

Review-Url: https://codereview.chromium.org/2171263002
Cr-Commit-Position: refs/heads/master@{#38000}
2016-07-25 09:33:41 +00:00
yangguo
986814218b Native try-catch syntax parsing should not crash.
R=littledan@chromium.org
BUG=chromium:630559

Review-Url: https://codereview.chromium.org/2176613002
Cr-Commit-Position: refs/heads/master@{#37996}
2016-07-25 05:32:28 +00:00
bmeurer
e3e347b85c [turbofan] Remove overly restrictive DCHECK.
The dead code elimination in SimplifiedLowering can eliminate pure nodes
if they don't have value uses. But some of those can indeed have control
inputs, i.e. Phi nodes do of course have a control input.

R=jarin@chromium.org
BUG=chromium:630923

Review-Url: https://codereview.chromium.org/2177133002
Cr-Commit-Position: refs/heads/master@{#37995}
2016-07-25 05:22:19 +00:00
jarin
a81d19d583 [turbofan] Handle impossible types (Type::None()) in the backend.
BUG=chromium:630611

Review-Url: https://codereview.chromium.org/2177483002
Cr-Commit-Position: refs/heads/master@{#37994}
2016-07-25 04:02:58 +00:00
cbruni
7ede61ed1d [elements] Omit fast path in PrependElementIndices
In PrependElementIndicesImpl we sort a FixedArray of indices potentially
containing HeapNumbers. During the string conversion we might trigger a GC.
This in turn might try to read a slot where we previously had a HeapNumber
but the sort sneaked a SMI in there which is not a valid pointer.

BUG=chromium:630561

Review-Url: https://codereview.chromium.org/2173653003
Cr-Commit-Position: refs/heads/master@{#37993}
2016-07-23 12:16:14 +00:00
adamk
f77d1bfc36 Remove redundant Scope book-keeping
The uses_arguments() bool is not needed for correct
behavior, since that same information is available after scope analysis
based on whether we allocated the Scope::arguments_ var.

BUG=v8:5209

Review-Url: https://codereview.chromium.org/2168293002
Cr-Commit-Position: refs/heads/master@{#37990}
2016-07-22 23:50:53 +00:00
ivica.bogosavljevic
580fdf3c05 Implement UnaligedLoad and UnaligedStore turbofan operators.
Implement UnalignedLoad and UnalignedStore optional
turbofan operators and use them in WasmCompiler for unaligned
memory access.

BUG=

Review-Url: https://codereview.chromium.org/2122853002
Cr-Commit-Position: refs/heads/master@{#37988}
2016-07-22 20:56:24 +00:00
caitp
122a9b7af0 [builtins] take slow path in IsConcatSpreadable if proxy in prototype
BUG=v8:5134
R=cbruni@chromium.org, littledan@chromium.org, neis@chromium.org

Review-Url: https://codereview.chromium.org/2131383002
Cr-Commit-Position: refs/heads/master@{#37987}
2016-07-22 18:43:19 +00:00
littledan
9f45c188dd [test262] Use standalone Test262 harness project
TC-39 recently decided to remove the Python-based testing harness from the
Test262 project [1]. The code has been duplicated in a standalone project;
update V8's dependencies to fetch from that new location. This is based on
an earlier patch by Mike Pennisi.

[1] 2b9722db9b/es7/2016-05/may-25.md

BUG=v8:5078

Review-Url: https://codereview.chromium.org/2131743002
Cr-Commit-Position: refs/heads/master@{#37985}
2016-07-22 15:25:32 +00:00
jochen
b5b9dd730a Introduce a holder for compile jobs
Next step will be to add methods for parsing and then compiling.

BUG=v8:5215
R=marja@chromium.org

Review-Url: https://codereview.chromium.org/2171323002
Cr-Commit-Position: refs/heads/master@{#37980}
2016-07-22 12:22:37 +00:00
jgruber
89403e0316 Omit frames up to new target in Error constructor
BUG=v8:5216
R=yangguo@chromium.org

Review-Url: https://codereview.chromium.org/2175603003
Cr-Commit-Position: refs/heads/master@{#37978}
2016-07-22 11:45:50 +00:00
klaasb
220284638e [interpreter] Add a register operand to ToNumber
ToNumber's result is always directly stored to a register using a Star
bytecode. Fuse it into ToNumber.

BUG=v8:4280
LOG=n

Review-Url: https://codereview.chromium.org/2165953002
Cr-Commit-Position: refs/heads/master@{#37976}
2016-07-22 10:26:12 +00:00
bmeurer
ba092fb09a [turbofan] Change Float64Max/Float64Min to JavaScript semantics.
So far we don't have a useful way to inline Math.max or Math.min in
TurboFan optimized code. This adds new operators NumberMax and NumberMin
and changes the Float64Max/Float64Min operators to have JavaScript
semantics instead of the C++ semantics that it had previously.

This also removes support for recognizing the tenary case in the
CommonOperatorReducer, since that doesn't seem to have any positive
impact (and actually doesn't show up in regular JavaScript, where
people use Math.max/Math.min instead).

Drive-by-fix: Also nuke the unused Float32Max/Float32Min operators.

R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2170343002
Cr-Commit-Position: refs/heads/master@{#37971}
2016-07-22 08:25:11 +00:00
jgruber
4feafee9d9 Eagerly format traces in captureStackTrace
This allows us to skip complicated logic for setting the accessors.

BUG=

Review-Url: https://codereview.chromium.org/2164903004
Cr-Commit-Position: refs/heads/master@{#37969}
2016-07-22 08:14:50 +00:00
hpayer
b008a0d5a3 [heap] Remove black pages and use black areas instead.
BUG=630386
LOG=n

Review-Url: https://codereview.chromium.org/2160613002
Cr-Commit-Position: refs/heads/master@{#37967}
2016-07-22 07:02:24 +00:00
yangguo
6d0a420298 [debug] use catch prediction flag for promise rejections.
This is in preparation to implementing exception prediction for async
functions.  Each handler table entry can now predict "caught", "uncaught", or
"promise". The latter indicates that the exception will lead to a promise
rejection.

To mark the relevant try-catch blocks, we add a new native syntax.
try { } %catch (e) { } indicates a TryCatchStatement with the "promise"
prediction.

The previous implementation of using the function to tell the relevant
try-catch apart from inner try-catch blocks will not work for async functions
since these can have inner try-catch blocks inside the same function.

BUG=v8:5167

Review-Url: https://codereview.chromium.org/2161263003
Cr-Commit-Position: refs/heads/master@{#37966}
2016-07-22 06:04:54 +00:00
ritesht
b887013712 Revert "[wasm] Adding a convolution matrix filter test to highlight the performance advantages of JITing"
GC-Stress asserts in filter-jit.

This reverts commit ccfd224ec3.

BUG=v8:5044
R=bradnelson@chromium.org

Review-Url: https://codereview.chromium.org/2168343002
Cr-Commit-Position: refs/heads/master@{#37961}
2016-07-22 02:10:44 +00:00
jwolfe
3cfd80d6a2 Adjust whitespace to make tests oblivious to --harmony-function-tostring
See discussion in https://codereview.chromium.org/2156303002/#msg8

With the new --harmony-function-tostring behavior, these tests would
fail without this change. This change makes the tests pass regardless
of whether or not --harmony-function-tostring is used.

All of these changes are simply inserting a space after the "function"
keyword to match the current function toString behavior. When
--harmony-function-tostring is enabled, the toString behavior matches
the spacing used in the function declaration. With the declaration
matching the current formatting, the toString behavior becomes
unaffected by --harmony-function-tostring.

BUG=v8:4958
LOG=n

Review-Url: https://codereview.chromium.org/2161413002
Cr-Commit-Position: refs/heads/master@{#37959}
2016-07-22 00:18:41 +00:00
ritesht
ccfd224ec3 [wasm] Adding a convolution matrix filter test to highlight the performance advantages of JITing
This cl also fixes two bugs in the previous code:
    1) JITed functions were not allowed access to the heap because the module instance wasn't correctly synthesized. This wasn't discovered in the previous test.
    2) Decoding of functions with the JITSingleFunction opcode was off by 1 as the length of the opcode wasn't computed correctly.
BUG=5044

Review-Url: https://codereview.chromium.org/2168183002
Cr-Commit-Position: refs/heads/master@{#37957}
2016-07-21 22:39:41 +00:00
ivica.bogosavljevic
eaa86cbf06 MIPS: Fix infinite loop in Math.pow(2,-2147483648)
BUG=v8:5213

Review-Url: https://codereview.chromium.org/2163963003
Cr-Commit-Position: refs/heads/master@{#37955}
2016-07-21 19:38:01 +00:00
jpp
6f31bc9ce8 [wasm] ASM-2-WASM. Enforces switch default clause appearing last.
BUG= https://bugs.chromium.org/p/chromium/issues/detail?id=628803
BUG= https://bugs.chromium.org/p/v8/issues/detail?id=4203
TEST= cctest/asmjs/test-asm-typer.cc
LOG= N

Review-Url: https://codereview.chromium.org/2172603002
Cr-Commit-Position: refs/heads/master@{#37954}
2016-07-21 19:03:40 +00:00
jpp
d50998c480 V8. ASM-2-WASM. Enforces source code layout.
BUG= https://bugs.chromium.org/p/chromium/issues/detail?id=628450
BUG= https://bugs.chromium.org/p/v8/issues/detail?id=4203
TEST= cctest/asmjs/test-asm-typer.cc
TEST= mjsunit/wasm/*
LOG= N

Review-Url: https://codereview.chromium.org/2164273002
Cr-Commit-Position: refs/heads/master@{#37950}
2016-07-21 15:34:33 +00:00
ishell
8aeb7439c9 [ic] [stubs] Don't use Code::flags in megamorphic stub cache hash computations.
BUG=chromium:618701

Review-Url: https://codereview.chromium.org/2167493003
Cr-Commit-Position: refs/heads/master@{#37946}
2016-07-21 12:58:10 +00:00
titzer
d9eb33582f [wasm] Remove special memory type for (internal) globals and use local type instead.
R=ahaas@chromium.org,rossberg@chromium.org,bradnelson@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2165633006
Cr-Commit-Position: refs/heads/master@{#37945}
2016-07-21 12:35:10 +00:00
yangguo
07a0f9ebff [debugger] be more lenient about argument type in %DebugGetProperty.
R=mstarzinger@chromium.org
BUG=chromium:629996

Review-Url: https://codereview.chromium.org/2166123003
Cr-Commit-Position: refs/heads/master@{#37942}
2016-07-21 11:29:24 +00:00
verwaest
f04fd635b6 Turn ZoneList inner_scopes into a linked list
Replace the zonelist with a link from a scope to any of its inner scopes, and a link to any sibling scope.
This makes scopes that track inner scopes use roughly the same amount of space as previously scopes without inner scopes would use for the empty zonelist (pointer to the memory + length field, which, granted could be slightly smaller on 64bit).

BUG=v8:5209

Review-Url: https://codereview.chromium.org/2162143005
Cr-Commit-Position: refs/heads/master@{#37941}
2016-07-21 11:25:56 +00:00
titzer
ff0b6d49ce [wasm] Remove the explicit count from WASM_BLOCK and WASM_LOOP macros.
R=ahaas@chromium.org, rossberg@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2170773003
Cr-Commit-Position: refs/heads/master@{#37939}
2016-07-21 11:06:19 +00:00
weiliang.lin
b973a77775 [x64] add Absps/d and Negps/d macro
BUG=

Review-Url: https://codereview.chromium.org/2161513002
Cr-Commit-Position: refs/heads/master@{#37937}
2016-07-21 11:02:42 +00:00
cbruni
4b59bf5313 [fullcodegen] [crankshaft] Avoid jumping to the runtime for ForInFilter
Use the ForInFilterStub directly. Hence we will only jump to the runtime for
special receivers (instance_type <= LAST_SPECIAL_RECEIVER_TYPE) and for
converting element indices which are not in the string cache.

BUG=

Review-Url: https://codereview.chromium.org/2151773002
Cr-Commit-Position: refs/heads/master@{#37934}
2016-07-21 09:34:11 +00:00
jacob.bramley
e83739c0ae [arm] Fix infinite loop in Math.pow(2,2147483648).
BUG=v8:5214

Review-Url: https://codereview.chromium.org/2166743003
Cr-Commit-Position: refs/heads/master@{#37933}
2016-07-21 09:30:32 +00:00
rmcilroy
6b5949a8a0 [Interpreter] Avoid accessing on-heap literal in VisitLiteral.
Move VisitLiteral to decide what type of literal is being emitted by
checking the raw ASTValue type, instead of the internalized on-heap
value. This is required for concurrent bytecode generation.

As part of this change, the NUMBER AstValue constructor is modified to
try to convert numbers without a dot to SMIs where possible. This is to
maintain the behavior in NewNumber where such numbers are internalized as
SMIs, and ensures that we still emit LdaSmi bytecodes for these values
in the generated bytecode.

BUG=v8:5203

Review-Url: https://codereview.chromium.org/2152853002
Cr-Commit-Position: refs/heads/master@{#37931}
2016-07-21 09:20:19 +00:00
mstarzinger
57981a48bd [interpreter] Remove duped control scope in ForOfStatement.
This removes a duplicate control scope. The visitor for ForOfStatement
nodes in the AST uses VisitIterationBody which pushes a separate control
scope. The number of control scopes will be off when we use them for
tracking loop depths.

R=rmcilroy@chromium.org

Review-Url: https://codereview.chromium.org/2164503005
Cr-Commit-Position: refs/heads/master@{#37930}
2016-07-21 09:13:44 +00:00
machenbach
714b95f0ff Revert of [Intepreter] Always use BytecodeGraphBuilder when --turbo-from-bytecode (patchset #3 id:80001 of https://codereview.chromium.org/2156753002/ )
Reason for revert:
Breaks tsan:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/10758

Original issue's description:
> [Intepreter] Always use BytecodeGraphBuilder when --turbo-from-bytecode
>
> Always use the BytecodeGraphBuilder when the  --turbo-from-bytecode
> is enabled, assuming the function should be compiled for Ignition.
> Adds a new MaybeOptimizeIgnition function to runtime-profiler
> which is called if the function should be optimized from bytecode
> rather than going via full-codegen.
>
> BUG=v8:4280
>
> Committed: https://crrev.com/9ca7db914be88e6792a88eab4a1988ee031d70c4
> Cr-Commit-Position: refs/heads/master@{#37921}

TBR=mstarzinger@chromium.org,rmcilroy@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4280

Review-Url: https://codereview.chromium.org/2165223002
Cr-Commit-Position: refs/heads/master@{#37925}
2016-07-21 08:43:28 +00:00
rmcilroy
9ca7db914b [Intepreter] Always use BytecodeGraphBuilder when --turbo-from-bytecode
Always use the BytecodeGraphBuilder when the  --turbo-from-bytecode
is enabled, assuming the function should be compiled for Ignition.
Adds a new MaybeOptimizeIgnition function to runtime-profiler
which is called if the function should be optimized from bytecode
rather than going via full-codegen.

BUG=v8:4280

Review-Url: https://codereview.chromium.org/2156753002
Cr-Commit-Position: refs/heads/master@{#37921}
2016-07-21 07:50:29 +00:00
bmeurer
f793cb1fc3 [runtime] %TransitionElementsKind works for any kind of JSObject.
The optimizing compilers actually invoke %TransitionElementsKind for
any kind of JSObject, the only relevant thing is the elements kind.
The runtime function was however checking for JSArray unnecessarily.
This only worked by coincindence in Crankshaft because the stub would
normally not call into the runtime fallback.

R=jarin@chromium.org
BUG=chromium:629823

Review-Url: https://codereview.chromium.org/2166963004
Cr-Commit-Position: refs/heads/master@{#37919}
2016-07-21 07:23:58 +00:00
yangguo
ad4eb051e7 [debugger] use absolute source positions for break locations.
There is simply no point in converting between relative and absolute source
positions in both C++ and Javascript code.

R=jgruber@chromium.org

Review-Url: https://codereview.chromium.org/2169463002
Cr-Commit-Position: refs/heads/master@{#37916}
2016-07-21 06:30:40 +00:00
bbudge
8730875b2b [Turbofan] Fix GapResolver tests.
Fixes bug in test-gap-resolver.cc that didn't test different move reps.
Fixes test canonicalization so all slots have the same type (non-float).
Improve test failure text output.

LOG=N
BUG=v8:5187

Review-Url: https://codereview.chromium.org/2169493002
Cr-Commit-Position: refs/heads/master@{#37915}
2016-07-20 19:09:51 +00:00
ahaas
6627d81c68 [wasm] Use a C wrapper function to calculate F64Pow.
This CL more or less reverts commit https://codereview.chromium.org/2107733002/
The use of the MathPow code stub that was introduced by that commit caused
problems on arm64, and the MathPow code stub was also an obstacle in the
implementation of parallel code generation.

In addition this CL turns on the mjsunit/wasm/embenchen tests for arm64
which were turned off because of problems with MathPow on arm64.

R=titzer@chromium.org, bradnelson@chromium.org

Review-Url: https://codereview.chromium.org/2166793002
Cr-Commit-Position: refs/heads/master@{#37911}
2016-07-20 14:27:06 +00:00
ishell
7da34f8acb [ic] Fix megamorphic stub cache probing on some platforms.
This CL fixes weird performance implications when changing layout of Code::flags field:
it happened that the unused ICStateField with MONOMORPHIC value in the handlers' flags
was accidentally offsetting the underflow bug in stub cache probing code on arm, arm64,
mips and mips64.

Stub cache tests now work even when snapshot is enabled.

Drive-by-change: Fixed counters manipulation on arm64 and mips64.

BUG=chromium:618701

Review-Url: https://codereview.chromium.org/2161153002
Cr-Commit-Position: refs/heads/master@{#37910}
2016-07-20 14:19:39 +00:00
jgruber
9211dee01a Move Error methods to C++
This ports a large portion of Error methods to C++,
including the constructor, stack setter and getter,
and Error.prototype.toString.

BUG=

Committed: https://crrev.com/5742da056a290caa13a0b8717ddb1e43424e0d31
Review-Url: https://codereview.chromium.org/2142933003
Cr-Original-Commit-Position: refs/heads/master@{#37870}
Cr-Commit-Position: refs/heads/master@{#37908}
2016-07-20 13:05:47 +00:00
klaasb
5f603e838a [interpreter] Inline Star on dispatch for some bytecodes
For some bytecodes it is beneficial to always look for a Star
bytecode when dispatching to the next and inline perform it
without dispatching to the Star handler.

BUG=v8:4280
LOG=N

Review-Url: https://codereview.chromium.org/2142273003
Cr-Commit-Position: refs/heads/master@{#37904}
2016-07-20 12:52:20 +00:00
verwaest
13cbf54522 Inline Scope::Initialize into the only constructor that's always called right before
This additionally makes the invariant obvious that outer_scope==nullptr+is_with_scope is impossible.

BUG=v8:5209

Review-Url: https://codereview.chromium.org/2165923002
Cr-Commit-Position: refs/heads/master@{#37902}
2016-07-20 12:19:51 +00:00
bmeurer
52a66bf1a8 Revert of [turbofan] Introduce TruncateTaggedToBit operator for ToBoolean truncation. (patchset #2 id:20001 of https://codereview.chromium.org/2167593002/ )
Reason for revert:
Breaks arm64 gc stress:
https://build.chromium.org/p/client.v8.ports/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20gc%20stress/builds/1605

Original issue's description:
> [turbofan] Introduce TruncateTaggedToBit operator for ToBoolean truncation.
>
> Add a dedicated simplified operator to inline the general case for the
> ToBoolean conversion. In a follow up CL we will also use the ToBoolean
> hints gathered by the baseline compiler.
>
> Committed: https://crrev.com/8c50b51ab3d21efcd2f6900d83962159f21e1590
> Cr-Commit-Position: refs/heads/master@{#37882}

TBR=jarin@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review-Url: https://codereview.chromium.org/2170433002
Cr-Commit-Position: refs/heads/master@{#37899}
2016-07-20 10:18:46 +00:00
neis
f2c2ef1f0e Make toLocaleString on arrays always call toLocaleString on its elements.
As required by the spec.

This is a variant of what I reverted in f47e722403.
It will probably still cause a regression but now it's easier to migrate (parts of)
the current implementation to C++, which is expected to make things faster again.

BUG=chromium:627729,v8:5113

Review-Url: https://codereview.chromium.org/2164923002
Cr-Commit-Position: refs/heads/master@{#37897}
2016-07-20 09:32:20 +00:00
jacob.bramley
6ae7f2b5d8 [arm64] Avoid signed arithmetic in AddWithCarry.
This avoids implementation-defined signed overflow in the simulator's
AddWithCarry implementation. The implementation of AddWithCarry now uses
unsigned arithmetic exclusively.

Testing coverage is also significantly improved.

BUG=

Review-Url: https://codereview.chromium.org/2157283003
Cr-Commit-Position: refs/heads/master@{#37895}
2016-07-20 09:15:35 +00:00
bmeurer
1f3c8dc71f [turbofan] Properly handle bit->tagged representation changes.
Look at the output type instead of the output representation,
when converting to tagged representation.

R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2159373004
Cr-Commit-Position: refs/heads/master@{#37891}
2016-07-20 08:52:17 +00:00
verwaest
e8e09ca725 Remove ast_value_factory_ and usages from scope
This frees up a field in Scope and untangles scope a little from the parser.

BUG=v8:5209

Review-Url: https://codereview.chromium.org/2160943004
Cr-Commit-Position: refs/heads/master@{#37887}
2016-07-20 08:08:39 +00:00
bmeurer
8c50b51ab3 [turbofan] Introduce TruncateTaggedToBit operator for ToBoolean truncation.
Add a dedicated simplified operator to inline the general case for the
ToBoolean conversion. In a follow up CL we will also use the ToBoolean
hints gathered by the baseline compiler.

Review-Url: https://codereview.chromium.org/2167593002
Cr-Commit-Position: refs/heads/master@{#37882}
2016-07-20 06:49:17 +00:00
jgruber
8c163cfe45 Revert of Move Error methods to C++ (patchset #11 id:200001 of https://codereview.chromium.org/2142933003/ )
Reason for revert:
Clusterfuzz failures: https://bugs.chromium.org/p/chromium/issues/detail?id=629749

Original issue's description:
> Move Error methods to C++
>
> This ports a large portion of Error methods to C++,
> including the constructor, stack setter and getter,
> and Error.prototype.toString.
>
> BUG=
>
> Committed: https://crrev.com/5742da056a290caa13a0b8717ddb1e43424e0d31
> Cr-Commit-Position: refs/heads/master@{#37870}

TBR=yangguo@chromium.org,bmeurer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review-Url: https://codereview.chromium.org/2159223004
Cr-Commit-Position: refs/heads/master@{#37881}
2016-07-20 06:45:49 +00:00
peterssen
6a65cff40f Reinforce fast-accessor-assembler tests.
Add additional sanity checks for implicit parameters, mainly to prevent passing
a wrong context, which can lead to obscure errors.
This is a regression test after https://crrev.com/da4f2491501e54d436ed448c5e345480d1f5906b

BUG=chromium:508898

Review-Url: https://codereview.chromium.org/2160563003
Cr-Commit-Position: refs/heads/master@{#37876}
2016-07-19 15:45:53 +00:00
mythria
b401217675 Revert of [Interpreter] Collect type feedback for 'new' in the bytecode handler (patchset #6 id:100001 of https://codereview.chromium.org/2153433002/ )
Reason for revert:
This cl causes a large regression in octane (https://chromeperf.appspot.com/group_report?bug_id=629503). I have to investigate the reason before I can reland this.

Original issue's description:
> [Interpreter] Collect type feedback for 'new' in the bytecode handler
>
> Collect type feedback in the bytecode handler for 'new' bytecode. The
> current implementation does not collect allocation site feedback.
>
> BUG=v8:4280, v8:4780
> LOG=N
>
> Committed: https://crrev.com/1eadc76419b323fb2e55ae9953142f801704aa59
> Cr-Commit-Position: refs/heads/master@{#37862}

TBR=rmcilroy@chromium.org,bmeurer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4280, v8:4780

Review-Url: https://codereview.chromium.org/2165633003
Cr-Commit-Position: refs/heads/master@{#37872}
2016-07-19 14:17:28 +00:00
jgruber
5742da056a Move Error methods to C++
This ports a large portion of Error methods to C++,
including the constructor, stack setter and getter,
and Error.prototype.toString.

BUG=

Review-Url: https://codereview.chromium.org/2142933003
Cr-Commit-Position: refs/heads/master@{#37870}
2016-07-19 13:51:07 +00:00
jochen
562bb5823c Add API to create a "remote" instance of a given FunctionTemplate
BUG=chromium:618305
R=verwaest@chromium.org
CC=dcheng@chromium.org,haraken@chromium.org

Review-Url: https://codereview.chromium.org/2162443002
Cr-Commit-Position: refs/heads/master@{#37867}
2016-07-19 12:22:37 +00:00
oth
a451bd1a68 Reland "[interpeter] Move to table based peephole optimizer."
Original issue's description:
> [interpeter] Move to table based peephole optimizer.
>
> Introduces a lookup table for peephole optimizations.
>
> Fixes some tests using BytecodePeepholeOptimizer::Write() that should
> have been update to use BytecodePeepholeOptimizer::WriteJump().
>
> BUG=v8:4280
> LOG=N
>
> Committed: https://crrev.com/f4234422b93b21a286b0f31799009bcbe8b90b9e
> Cr-Commit-Position: refs/heads/master@{#37819}

BUG=v8:4280
LOG=N

Review-Url: https://codereview.chromium.org/2164583002
Cr-Commit-Position: refs/heads/master@{#37866}
2016-07-19 11:56:33 +00:00
mythria
1eadc76419 [Interpreter] Collect type feedback for 'new' in the bytecode handler
Collect type feedback in the bytecode handler for 'new' bytecode. The
current implementation does not collect allocation site feedback.

BUG=v8:4280, v8:4780
LOG=N

Review-Url: https://codereview.chromium.org/2153433002
Cr-Commit-Position: refs/heads/master@{#37862}
2016-07-19 11:10:33 +00:00
yangguo
4de5e1456e [debug] add test case for scope iterator using correct language mode.
TBR=mstarzinger@chromium.org
BUG=v8:5207

Review-Url: https://codereview.chromium.org/2154393003
Cr-Commit-Position: refs/heads/master@{#37860}
2016-07-19 11:07:03 +00:00
bmeurer
e0b8707c78 [turbofan] Fix typing rule for number addition.
R=jarin@chromium.org
BUG=chromium:629435

Review-Url: https://codereview.chromium.org/2161013002
Cr-Commit-Position: refs/heads/master@{#37859}
2016-07-19 10:08:13 +00:00
bmeurer
15f99cd5b5 [turbofan] Properly handle bit->float64 representation changes.
BUG=chromium:629062
R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2155323003
Cr-Commit-Position: refs/heads/master@{#37853}
2016-07-19 08:29:52 +00:00
mstarzinger
ca72704783 [turbofan] Allow deopt reasons without source positions.
This allows to pass deoptimization reasons to the profiler without the
requirement of always providing a source position. The absence of deopt
reasons is now communicated via a sentinel as the deopt id value. The
deoptimization reasons recently added to TurboFan are now passed to the
profiler.

R=bmeurer@chromium.org
TEST=cctest/test-cpu-profiler

Review-Url: https://codereview.chromium.org/2159793002
Cr-Commit-Position: refs/heads/master@{#37852}
2016-07-19 08:23:00 +00:00
bmeurer
173313e297 [crankshaft] Guard against side effects in Array.prototype.shift lowering.
We need to pay attention to potential side effects from parameter
evaluation when inlining the fast case Array.prototype.shift.

R=yangguo@chromium.org
BUG=chromium:614644

Review-Url: https://codereview.chromium.org/2161943002
Cr-Commit-Position: refs/heads/master@{#37850}
2016-07-19 06:43:04 +00:00
weiliang.lin
2e6628c487 [x64] fixed "vmovups reg, mem"
BUG=

Review-Url: https://codereview.chromium.org/2158923002
Cr-Commit-Position: refs/heads/master@{#37846}
2016-07-19 03:14:10 +00:00
thakis
6e5077a450 improve grammar in comment
Review-Url: https://codereview.chromium.org/2160633002
Cr-Commit-Position: refs/heads/master@{#37844}
2016-07-18 15:52:21 +00:00
jochen
02ba244125 Reland^2 "Don't compile functions in a context the caller doesn't have access to"
Original issue's description:
> Don't compile functions in a context the caller doesn't have access to
>
> Instead just return undefined
>
> A side effect of this is that it's no longer possible to compile
> functions in a detached context.
>
> BUG=chromium:541703
> R=verwaest@chromium.org,bmeurer@chromium.org

BUG=chromium:541703
R=verwaest@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng

Review-Url: https://codereview.chromium.org/2155503004
Cr-Commit-Position: refs/heads/master@{#37842}
2016-07-18 15:35:45 +00:00
yangguo
a51f429772 [regexp] Fix case-insensitive matching for one-byte subjects.
The bug occurs because we do not canonicalize character class ranges
before adding case equivalents. While adding case equivalents, we abort
early for one-byte subject strings, assuming that the ranges are sorted.
Which they are not.

R=marja@chromium.org
BUG=v8:5199

Review-Url: https://codereview.chromium.org/2159683002
Cr-Commit-Position: refs/heads/master@{#37833}
2016-07-18 12:03:37 +00:00
jarin
86110796f6 [turbofan] Eliminate checkpoints before return in common op reducer.
This makes sure that we preserve call's tailness even if we have
introduced a loop exit between the call and the return.

BUG=chromium:628773

Review-Url: https://codereview.chromium.org/2155123002
Cr-Commit-Position: refs/heads/master@{#37832}
2016-07-18 11:56:54 +00:00
mvstanton
47aaac6442 [Turbofan]: Eliminate the check for -0 if it's not possible/observable.
In int32 multiplication, if we have a positive integer as input, then we know we can't produce a -0 answer. The same is true if truncation is applied (x * y | 0). Without this information, we have to rather annoyingly check if the result of multiplication is 0, then OR the inputs to check for negativity, and possibly return -0. In TurboFan, we'll deopt in this case.

BUG=

Review-Url: https://codereview.chromium.org/2154073002
Cr-Commit-Position: refs/heads/master@{#37831}
2016-07-18 11:37:23 +00:00
georgia.kouveli
c598796643 [ARM] Generate flag setting instructions for arm.
Based on 317dc0578.

BUG=

Review-Url: https://codereview.chromium.org/2152253002
Cr-Commit-Position: refs/heads/master@{#37828}
2016-07-18 10:21:37 +00:00
ahaas
4ee07936b8 [wasm] Turn on arm64 tests.
These tests seem to pass just fine.

R=titzer@chromium.org

BUG=v8:4795

Review-Url: https://codereview.chromium.org/2162433002
Cr-Commit-Position: refs/heads/master@{#37826}
2016-07-18 09:52:09 +00:00
bmeurer
db635d5b72 [turbofan] Add support for eager/soft deoptimization reasons.
So far TurboFan wasn't adding the deoptimization reasons for eager/soft
deoptimization exits that can be used by either the DevTools profiler or
the --trace-deopt flag. This adds basic support for deopt reasons on
Deoptimize, DeoptimizeIf and DeoptimizeUnless nodes and threads through
the reasons to the code generation.

Also moves the DeoptReason to it's own file (to resolve include cycles)
and drops unused reasons.

R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2161543002
Cr-Commit-Position: refs/heads/master@{#37823}
2016-07-18 09:25:16 +00:00
oth
eae40165e1 Revert of [interpeter] Move to table based peephole optimizer. (patchset #38 id:730001 of https://codereview.chromium.org/2118183002/ )
Reason for revert:
Break MIPS port.

Original issue's description:
> [interpeter] Move to table based peephole optimizer.
>
> Introduces a lookup table for peephole optimizations.
>
> Fixes some tests using BytecodePeepholeOptimizer::Write() that should
> have been update to use BytecodePeepholeOptimizer::WriteJump().
>
> BUG=v8:4280
> LOG=N
>
> Committed: https://crrev.com/f4234422b93b21a286b0f31799009bcbe8b90b9e
> Cr-Commit-Position: refs/heads/master@{#37819}

TBR=rmcilroy@chromium.org,machenbach@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4280

Review-Url: https://codereview.chromium.org/2161563002
Cr-Commit-Position: refs/heads/master@{#37821}
2016-07-18 08:54:56 +00:00
oth
f4234422b9 [interpeter] Move to table based peephole optimizer.
Introduces a lookup table for peephole optimizations.

Fixes some tests using BytecodePeepholeOptimizer::Write() that should
have been update to use BytecodePeepholeOptimizer::WriteJump().

BUG=v8:4280
LOG=N

Review-Url: https://codereview.chromium.org/2118183002
Cr-Commit-Position: refs/heads/master@{#37819}
2016-07-18 08:34:59 +00:00
mstarzinger
a95cdbb4b4 [turbofan] Fix deopt point for [[ToObject]] lazy bailout.
This fixes the deoptimization information for the lazy bailout point
after a [[ToObject]] operation inserted for with statements. The result
value was pushed on the operand stack but erroneously ignored and left
on the operand stack by the FullCodeGenerator.

R=jarin@chromium.org
TEST=mjsunit/regress/regress-5205
BUG=v8:5205

Review-Url: https://codereview.chromium.org/2158443002
Cr-Commit-Position: refs/heads/master@{#37818}
2016-07-18 08:08:47 +00:00
neis
0e000a87f1 [modules] AST and parser rework.
Highlights:
- Record all imports and exports in the ModuleDescriptor.
- Remove ImportDeclaration; instead, introduce a new variable kind for imports.
- Set name on default exported anonymous functions.

Still to do: declaration of namespace imports.

BUG=v8:1569

Review-Url: https://codereview.chromium.org/2108193003
Cr-Commit-Position: refs/heads/master@{#37815}
2016-07-18 07:29:28 +00:00
joransiu
2b4c9c100b S390:Update inline asm constraint in test-platform
The GetStackPointer() routine in test-platform uses an inline
assembly code to store the current stack pointer value into a static
variable sp_addr.  The existing asm code for S390 uses an ST/STG
instruction, with the memory operand associated with the general ('=g')
constraint to sp_addr.

On GCC 4.8.5, the GCC compiler got confused and treated sp_addr as
an integer operand instead of memory operand, resulting in a store
being emitted that writes to an invalid meory location.

Given the specific store instructions being inlined here, we should
restict the sp_addr operand to explicitly be a memory operand using '=m'
instead of '=g'.

R=bmeurer@chromium.org,jkummerow@chormium.org,rmcilroy@chromium.org,yangguo@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2158523002
Cr-Commit-Position: refs/heads/master@{#37809}
2016-07-16 15:36:45 +00:00
jarin
514951f651 [turbofan] In effect control linearizer, only delay effect phi update for loops.
Delaying for merges caused branch cloning using dummy effect phi inputs,
potentially splitting the effect chain at start.

We still have to delay the creation for loops because we need to break
cycles.

BUG=chromium:628403

Review-Url: https://codereview.chromium.org/2159603002
Cr-Commit-Position: refs/heads/master@{#37808}
2016-07-16 12:39:14 +00:00
gdeepti
18543ff1da Convert SIMD wasm ops to runtime function calls
- Add Simd128 type to Wasm AST types
 - Decode SIMD prefix, wasm opcodes correctly
 - Add a pass that converts SIMD machine ops to runtime calls
 - Sample opcodes Int32x4Splat, Int32x4ExtractLane and test

LOG=N
BUG=v8:4124

R=bradnelson@chromium.org, bbudge@chromium.org, titzer@chromium.org

Committed: https://crrev.com/73df92fc2fdbbfadc17e8ab4e58ec56ae2b3d91a
Review-Url: https://codereview.chromium.org/1991143002
Cr-Original-Commit-Position: refs/heads/master@{#37789}
Cr-Commit-Position: refs/heads/master@{#37807}
2016-07-16 03:50:54 +00:00
dpranke
6c3aaae969 Land v8-side changes to switch to v8_current_cpu in the GN build.
This change makes  the architecture that we target generated
v8 code for a property of the current toolchain, rather than a
global setting that applies to every toolchain.

This will allow us to properly build two snapshots for two different
architectures in a single build, which is needed for android
webview/monochrome builds.

R=brettw@chromium.org, jochen@chromium.org, michaelbai@chromium.org
BUG=625383

Review-Url: https://codereview.chromium.org/2116913002
Cr-Commit-Position: refs/heads/master@{#37805}
2016-07-15 22:35:20 +00:00
ishell
e6b3002a61 Revert of [ic] [stubs] Don't use Code::flags in megamorphic stub cache hash computations. (patchset #2 id:20001 of https://codereview.chromium.org/2147433002/ )
Reason for revert:
Unfortunately, the performance issues are still there on Android.

Original issue's description:
> [ic] [stubs] Don't use Code::flags in megamorphic stub cache hash computations.
>
> This should avoid weird performance issues when changing layout of Code::flags field.
>
> BUG=chromium:618701
>
> Committed: https://crrev.com/aa4140b1ccc114b82700471513c715f68b7c5dac
> Cr-Commit-Position: refs/heads/master@{#37755}

TBR=jkummerow@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=chromium:618701

Review-Url: https://codereview.chromium.org/2147213004
Cr-Commit-Position: refs/heads/master@{#37801}
2016-07-15 17:21:46 +00:00
jpp
a25e9c6f97 V8. ASM-2-WASM. Fixes issue 628446.
The issue was caused by a mishandling of "special" identifiers, i.e.,
the module's name, and the module's parameter.

BUG= https://bugs.chromium.org/p/chromium/issues/detail?id=628446
BUG= https://bugs.chromium.org/p/v8/issues/detail?id=4203
TEST= cctest/asmjs/test-asm-typer.cc
TEST= cctest/wasm/*
LOG=N

Review-Url: https://codereview.chromium.org/2147403002
Cr-Commit-Position: refs/heads/master@{#37800}
2016-07-15 16:10:25 +00:00
ssanfilippo
cecded1c24 Emit unwinding information for TurboFan code.
This commit introduces support for writing unwinding tables in the
.eh_frame format, to be inserted in the jitdump read by Linux perf and
emitted with FLAG_perf_prof and FLAG_perf_prof_unwinding_info enabled.

x64 is fully implemented and tested, arm and arm64 are untested and the
unwinding information needs to be expanded, but the mechanism is ready.

BUG=v8:4899
LOG=N

Review-Url: https://codereview.chromium.org/2026313002
Cr-Commit-Position: refs/heads/master@{#37799}
2016-07-15 15:05:56 +00:00
ishell
5d66a7f76b [fullcode] Restore context after calling ToNumber builtin.
BUG=chromium:628573

Review-Url: https://codereview.chromium.org/2153783002
Cr-Commit-Position: refs/heads/master@{#37796}
2016-07-15 13:18:57 +00:00
oth
0e20ae6d8d Reland "[interpreter] Reduce dependencies in bytecodes.{h,cc}"
> Original issue's description:
> [interpreter] Reduce dependencies in bytecodes.{h,cc}
>
> This CL reduces the number of dependencies bytecodes.{h,cc} to facilitate
> generating the bytecode peephole optimizer table during build. Specifically,
> it avoids depending on v8_base.
>
> BUG=v8:4280
> LOG=N
>
> Committed: https://crrev.com/4edebb1cd870ae6c1359ad54f83e618e185883b1
> Cr-Commit-Position: refs/heads/master@{#37715}

BUG=v8:4280
LOG=N

Review-Url: https://codereview.chromium.org/2149093002
Cr-Commit-Position: refs/heads/master@{#37794}
2016-07-15 12:04:22 +00:00
neis
f47e722403 Revert "Make toLocaleString on arrays always call toLocaleString on its elements."
This reverts commit 457c02573c because it caused a
regression in SunSpider/string-fasta and possibly AreWeFastYet/Life.  Need to
implement this in a smarter way.

TBR=littledan@chromium.org
BUG=chromium:627729,v8:5113

Review-Url: https://codereview.chromium.org/2149303003
Cr-Commit-Position: refs/heads/master@{#37793}
2016-07-15 11:28:42 +00:00
jarin
9f859c66a1 [turbofan] Add re-typing for PlainPrimitiveToNumber during representation inference.
This makes sure that the uses of PlainPrimitiveToNumber get a more
precise type (so that the uses know how to interpret the output
representation).

BUG=chromium:628516

Review-Url: https://codereview.chromium.org/2151223002
Cr-Commit-Position: refs/heads/master@{#37792}
2016-07-15 10:37:27 +00:00
jarin
54a0389309 [turbofan] Loop peeling with explicit loop exits.
Review-Url: https://codereview.chromium.org/2143163002
Cr-Commit-Position: refs/heads/master@{#37791}
2016-07-15 10:24:25 +00:00
machenbach
9f46c1112b Revert of Convert SIMD wasm ops to runtime function calls (patchset #17 id:320001 of https://codereview.chromium.org/1991143002/ )
Reason for revert:
[Sheriff] Violates msan and tsan:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/builds/9663
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/10670

Original issue's description:
> Convert SIMD machine ops to runtime function calls
>  - Add Simd128 type to Wasm AST types
>  - Add a pass that converts SIMD machine ops to runtime calls
>  - Sample opcodes Int32x4Splat, Int32x4ExtractLane and test
>  - Separate out generic SIMD Machine ops as these cannot be
>  handled by runtime functions just yet.
>
> LOG=N
> BUG=v8:4124
>
> R=bradnelson@chromium.org, bbudge@chromium.org, titzer@chromium.org
>
> Committed: https://crrev.com/73df92fc2fdbbfadc17e8ab4e58ec56ae2b3d91a
> Cr-Commit-Position: refs/heads/master@{#37789}

TBR=bbudge@chromium.org,bradnelson@chromium.org,titzer@chromium.org,gdeepti@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4124

Review-Url: https://codereview.chromium.org/2154723002
Cr-Commit-Position: refs/heads/master@{#37790}
2016-07-15 09:00:02 +00:00
gdeepti
73df92fc2f Convert SIMD machine ops to runtime function calls
- Add Simd128 type to Wasm AST types
 - Add a pass that converts SIMD machine ops to runtime calls
 - Sample opcodes Int32x4Splat, Int32x4ExtractLane and test
 - Separate out generic SIMD Machine ops as these cannot be
 handled by runtime functions just yet.

LOG=N
BUG=v8:4124

R=bradnelson@chromium.org, bbudge@chromium.org, titzer@chromium.org

Review-Url: https://codereview.chromium.org/1991143002
Cr-Commit-Position: refs/heads/master@{#37789}
2016-07-15 08:30:25 +00:00
bakkot
f6c6ae9034 Block-scoped functions in evals are now only conditionally hoisted out.
Annex B.3.3 of the spec requires that sloppy-mode block-scoped functions
declared by "eval" are hoisted unless doing so would cause an early
error (which is to say, conflict with a lexical declaration). This patch
amends the check for conflicting declarations to include those outside
of the eval itself.

BUG=v8:4468, v8:4479

Review-Url: https://codereview.chromium.org/2112163002
Cr-Commit-Position: refs/heads/master@{#37783}
2016-07-14 22:43:01 +00:00
adamk
458bd3b9a3 Slight cleanup of TryCatch parsing/variable declaration
Instead of unconditionally parsing the catch parameter as an expression
and then recovering if it turns out to be a simple variable proxy
(the overwhelmingly common case), this patch peeks one token ahead
before attempting to parse. This avoids doing the usual RemoveUnresolved
gymnastics in ParseTryStatement, and as a side-effect slightly improves
function name inference for an async arrow function test case.

Review-Url: https://codereview.chromium.org/2151433005
Cr-Commit-Position: refs/heads/master@{#37780}
2016-07-14 17:55:45 +00:00
jpp
ca25c845e2 V8. ASM-2-WASM. Fixes import handling logic.
The asm typer would CHECK fail for imports like

var bogus = stdlib.<HeapViewType>

This CL changes this behavior so the typer reports a validation error
instead.

BUG= https://bugs.chromium.org/p/v8/issues/detail?id=4203
TEST=cctest/asmjs/test-asm-typer.cc
LOG=N

Review-Url: https://codereview.chromium.org/2152763002
Cr-Commit-Position: refs/heads/master@{#37777}
2016-07-14 16:44:26 +00:00
jpp
43d3187e7a V8. ASM-2-WASM. Small fixes.
1) Validation fails for literal indexes too large for accessing a given
heap type

2) Removes the special handling of FloatishDoubleQ, and FloatQDoubleQ;
the inheritance issue that required this special handling was fixed in
another CL.

3) Fix a macro name (from asm_* to ASM_*)

BUG= https://bugs.chromium.org/p/v8/issues/detail?id=4203
TEST=cctest/asmjs/test-asm-typer.cc
LOG=N

Review-Url: https://codereview.chromium.org/2150583003
Cr-Commit-Position: refs/heads/master@{#37776}
2016-07-14 16:40:59 +00:00
mtrofin
bd03c64297 [wasm] Compile and Instantiation
Implemented the WebAssembly.Module and WebAssembly.Instance
in terms of the WasmModule::CompileFunctions and
WasmModule::Instantiate APIs.

Added negative tests - for invalid module object.

BUG=

Review-Url: https://codereview.chromium.org/2121593002
Cr-Commit-Position: refs/heads/master@{#37775}
2016-07-14 16:31:07 +00:00
neis
1c1bdfe17e [test] Extend a test of destructuring.
R=adamk@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2147733003
Cr-Commit-Position: refs/heads/master@{#37773}
2016-07-14 16:11:41 +00:00
ssanfilippo
915e14777d Fix EhFrameTest.Alignment unit test on ARM.
R=machenbach@chromium.org
BUG=v8:4899
LOG=N

Review-Url: https://codereview.chromium.org/2153443002
Cr-Commit-Position: refs/heads/master@{#37772}
2016-07-14 15:41:58 +00:00
mstarzinger
ed5802cc8c [turbofan] Re-enable flaky tests that should no longer flake.
R=machenbach@chromium.org

Review-Url: https://codereview.chromium.org/2143973002
Cr-Commit-Position: refs/heads/master@{#37767}
2016-07-14 13:54:24 +00:00
mvstanton
e7111cfff7 [Turbofan]: Add integer multiplication with overflow to typed lowering.
BUG=

Review-Url: https://codereview.chromium.org/2141953002
Cr-Commit-Position: refs/heads/master@{#37764}
2016-07-14 13:25:15 +00:00
epertoso
d93fd41aaa [turbofan] Introduces the SpeculativeNumberShiftLeft opcode.
Typed lowering now produces SpeculativeNumberShiftLeft for JSShiftLeft if the type feedback is kSignedSmall or kSigned32.

BUG=v8:4583
LOG=n

Review-Url: https://codereview.chromium.org/2150553002
Cr-Commit-Position: refs/heads/master@{#37762}
2016-07-14 12:49:32 +00:00
jochen
63449d21d3 Revert of Reland "Don't compile functions in a context the caller doesn't have access to" (patchset #4 id:60001 of https://codereview.chromium.org/2143893005/ )
Reason for revert:
blink is unhappy about the microtask change

Original issue's description:
> Reland "Don't compile functions in a context the caller doesn't have access to"
>
> Original issue's description:
> > Don't compile functions in a context the caller doesn't have access to
> >
> > Instead just return undefined
> >
> > A side effect of this is that it's no longer possible to compile
> > functions in a detached context.
> >
> > BUG=chromium:541703
> > R=verwaest@chromium.org,bmeurer@chromium.org
>
> BUG=chromium:541703
> R=verwaest@chromium.org
>
> Committed: https://crrev.com/6bceabac5b705b2ce1f52d34650cea1ae3b8c617
> Cr-Commit-Position: refs/heads/master@{#37756}

TBR=verwaest@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:541703

Review-Url: https://codereview.chromium.org/2151843002
Cr-Commit-Position: refs/heads/master@{#37760}
2016-07-14 12:39:13 +00:00
mstarzinger
95ba1af314 [i18n] Make regression test work without i18n.
TBR=machenbach@chromium.org
NOTREECHECKS=true
NOTRY=true

Review-Url: https://codereview.chromium.org/2144263002
Cr-Commit-Position: refs/heads/master@{#37759}
2016-07-14 12:32:45 +00:00
bmeurer
6530a16eb5 [stubs] Properly handle length overflow in StringAddStub.
Using the Hydrogen code stub bailout mechanism is not correct for the
string length overflow check in the StringAddStub. Instead make sure we
just throw the proper exception.

R=mstarzinger@chromium.org
BUG=chromium:627934

Review-Url: https://codereview.chromium.org/2146353002
Cr-Commit-Position: refs/heads/master@{#37758}
2016-07-14 11:47:42 +00:00
mstarzinger
8226c88b52 [i18n] Ensure [[ToString]] conversion of time zone names.
This adds a missing conversion of time zone names to string primitives
before case conversion and regular expression matching are applied.

This is in sync with ECMA-402, section 12.1.1.1, step 16(a).

R=jochen@chromium.org
TEST=mjsunit/regress/regress-crbug-627935
BUG=chromium:627935

Review-Url: https://codereview.chromium.org/2143003005
Cr-Commit-Position: refs/heads/master@{#37757}
2016-07-14 11:31:29 +00:00
jochen
6bceabac5b Reland "Don't compile functions in a context the caller doesn't have access to"
Original issue's description:
> Don't compile functions in a context the caller doesn't have access to
>
> Instead just return undefined
>
> A side effect of this is that it's no longer possible to compile
> functions in a detached context.
>
> BUG=chromium:541703
> R=verwaest@chromium.org,bmeurer@chromium.org

BUG=chromium:541703
R=verwaest@chromium.org

Review-Url: https://codereview.chromium.org/2143893005
Cr-Commit-Position: refs/heads/master@{#37756}
2016-07-14 11:08:52 +00:00
ishell
aa4140b1cc [ic] [stubs] Don't use Code::flags in megamorphic stub cache hash computations.
This should avoid weird performance issues when changing layout of Code::flags field.

BUG=chromium:618701

Review-Url: https://codereview.chromium.org/2147433002
Cr-Commit-Position: refs/heads/master@{#37755}
2016-07-14 10:33:27 +00:00
ssanfilippo
a91dc7cde2 Reland Implement .eh_frame writer and disassembler.
Original commit message:

  Also, CodeGenerator::MakeCodeEpilogue now accepts an optional pointer
  to a EhFrameWriter and will attach unwinding information to the code
  object when passed one.

Reason for reverting:

  The STATIC_CONST_MEMBER_DEFINITION in eh-frame-writer-unittest.cc
  causes a compiler error on V8 Win64 - clang buildbot.

  Removing that bit.

BUG=v8:4899
LOG=N

Review-Url: https://codereview.chromium.org/2023503002
Cr-Commit-Position: refs/heads/master@{#37754}
2016-07-14 10:33:26 +00:00
bmeurer
d9cb130d0b [turbofan] Strength reduction for Int32MulWithOverflow.
Add simple strength reduction for Int32MulWithOverflow to the
MachineOperatorReducer.

R=mvstanton@chromium.org

Review-Url: https://codereview.chromium.org/2139733003
Cr-Commit-Position: refs/heads/master@{#37751}
2016-07-14 09:25:34 +00:00