Commit Graph

32066 Commits

Author SHA1 Message Date
bgeron
2652812b64 [turbofan] Allow stores bigger than tagged size in store-store elimination.
BUG=

Review-Url: https://codereview.chromium.org/2107833002
Cr-Commit-Position: refs/heads/master@{#37374}
2016-06-29 09:29:37 +00:00
ivica.bogosavljevic
77546feb85 Reland of "Implement WASM big-endian support".
Reland of https://codereview.chromium.org/2034093002 (reverted by
https://codereview.chromium.org/2080153002).

Original commit message:
Implement WASM support on big-endian platforms. WASM has
an implicit requirement that it is running on little-endian
machine. We achieve WASM support on BE by keeping data
in memory in little-endian order, and changing data
endianness before storing to memory and after loading from
memory.

BUG=

Review-Url: https://codereview.chromium.org/2083523002
Cr-Commit-Position: refs/heads/master@{#37373}
2016-06-29 09:26:31 +00:00
mstarzinger
45190a4fbf Revert of [turbofan] Implicitly emit eager checkpoint at graph building. (patchset #13 id:260001 of https://codereview.chromium.org/2074703002/ )
Reason for revert:
Causers flaky failures on the waterfall on Mac with the following error in the builtin QuickSort method:

#
# Fatal error in Zone
# Allocation failed - process out of memory
#

Original issue's description:
> [turbofan] Implicitly emit eager checkpoint at graph building.
>
> This makes preparation of eager checkpoints within the graph builder
> implicit. Every sub-expression visitation is now guaranteed to emit
> valid checkpoints in AstContext.
>
> R=jarin@chromium.org
> BUG=v8:5021
>
> Committed: https://crrev.com/74e328efee7995aeee6d568f9d14f9bbc1087100
> Cr-Commit-Position: refs/heads/master@{#37368}

TBR=jarin@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5021

Review-Url: https://codereview.chromium.org/2104973004
Cr-Commit-Position: refs/heads/master@{#37372}
2016-06-29 09:20:17 +00:00
zhengxing.li
9a9ffd1370 X87: disable some sin/cos/expm1/tan test cases for x87.
The reason:
  All RunFloat64Sin/RunFloat64Cos/RunFloat64Expm1/RunFloat64Tan/Ieee754.Expm1/Ieee754.Cos/Ieee754.Tan test cases
  use the C++ function to generate the expected value or result. So for x87, all those expected value or result are
  extended double precision as the extended double precision is default for x87 Gcc compiler and std lib on linux platform.

  The issue is:
  For RunFloat64Sin/RunFloat64Cos/RunFloat64Expm1/RunFloat64Tan test cases, the expected values generated by C++ function
  are extended double precision, the results generated by X87 jitted code are double precision according to the ECMA standard.
  The comparison of different precisons caused some of those test cases failed.

  For Ieee754.Expm1/Ieee754.Cos/Ieee754.Tan test cases, the expected values are pre-defined double precision values, the results
  generated by C++ function are extended double precision. The comparison of different precisons caused some of those test cases
  failed too.

  This CL disables RunFloat64Sin/RunFloat64Cos/RunFloat64Expm1/RunFloat64Tan/Ieee754.Expm1/Ieee754.Cos/Ieee754.Tan test cases for x87.

BUG=

Review-Url: https://codereview.chromium.org/2111493002
Cr-Commit-Position: refs/heads/master@{#37371}
2016-06-29 09:02:51 +00:00
epertoso
c0d4bb89a1 [ia32] Fixes a wrong use of Operand in a test.
Operand(reg) -> reg
Operand(reg, 0) -> [reg]

BUG=

Review-Url: https://codereview.chromium.org/2111503002
Cr-Commit-Position: refs/heads/master@{#37370}
2016-06-29 08:53:55 +00:00
neis
40641fbc03 [regexp] Fix writing of lastIndex in JSRegExp::Initialize.
The lastIndex property must be written with the semantics of a strict [[Set]],
so an exception must be thrown when the attributes don't allow writing.  We used
to ignore the attributes.

R=littledan@chromium.org, yangguo@chromium.org
BUG=v8:5138

Review-Url: https://codereview.chromium.org/2109593002
Cr-Commit-Position: refs/heads/master@{#37369}
2016-06-29 08:48:03 +00:00
mstarzinger
74e328efee [turbofan] Implicitly emit eager checkpoint at graph building.
This makes preparation of eager checkpoints within the graph builder
implicit. Every sub-expression visitation is now guaranteed to emit
valid checkpoints in AstContext.

R=jarin@chromium.org
BUG=v8:5021

Review-Url: https://codereview.chromium.org/2074703002
Cr-Commit-Position: refs/heads/master@{#37368}
2016-06-29 08:44:45 +00:00
bmeurer
85c9f0018a [turbofan] Run representation selection without the Typer decorator.
It's not safe to magically compute types during representation
selection, so better disable the Typer decorator before we start
to do the representation/truncation analysis. This will also allow
us to move to a world where we can run representation selection
concurrently eventually.

R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2103363004
Cr-Commit-Position: refs/heads/master@{#37367}
2016-06-29 08:18:21 +00:00
mlippautz
a7159577b7 [heap] Iterate handles with special left-trim visitor
BUG=chromium:620553
LOG=N
R=hpayer@chromium.org

Review-Url: https://codereview.chromium.org/2102243002
Cr-Commit-Position: refs/heads/master@{#37366}
2016-06-29 08:18:20 +00:00
jochen
356a85be5d Provide a convenience array buffer allocator
BUG=none
R=ulan@chromium.org

Review-Url: https://codereview.chromium.org/2101413002
Cr-Commit-Position: refs/heads/master@{#37365}
2016-06-29 07:42:40 +00:00
ivica.bogosavljevic
5c86692a5e Fix '[wasm] Separate compilation from instantiation'.
Port c1d01aea11

Fix a few failures which occur because instruction cache
hasn't been flushed after update of WASM references.

BUG=mjsunit/wasm/asm-wasm-heap,mjsunit/wasm/start-function

Review-Url: https://codereview.chromium.org/2103093003
Cr-Commit-Position: refs/heads/master@{#37364}
2016-06-29 07:39:19 +00:00
machenbach
15498e16c8 [test] Fix status file.
BUG=v8:5161
NOTRY=true
NOTREECHECKS=true
TBR=bmeurer@chromium.org

Review-Url: https://codereview.chromium.org/2111483002
Cr-Commit-Position: refs/heads/master@{#37363}
2016-06-29 07:33:12 +00:00
machenbach
33452e7a05 [test] Skip flaky tests with turbofan
BUG=v8:5161
NOTRY=true
TBR=bmeurer@chromium.org

Review-Url: https://codereview.chromium.org/2107113002
Cr-Commit-Position: refs/heads/master@{#37362}
2016-06-29 07:21:10 +00:00
bmeurer
be32c055f1 [turbofan] Drop the obsolete TypeGuard operator.
The only real use case left for TypeGuard was the renaming inside the
LoadElimination, but this case only occurs in dead code (guarded by a
previous Check), so it's not relevant, and we can drop the TypeGuard
operator completely.

R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2108793003
Cr-Commit-Position: refs/heads/master@{#37361}
2016-06-29 06:36:05 +00:00
machenbach
61eb77643e [release] Include extra GPU trybots in v8 rolls
TBR=hablich@chromium.org, kbr@chromium.org
NOTRY=true

Review-Url: https://codereview.chromium.org/2106053002
Cr-Commit-Position: refs/heads/master@{#37360}
2016-06-29 06:24:19 +00:00
bmeurer
50e1954703 [builtins] Drop the special MathRandomRaw.
This is the last user of %_DoubleLo and actually unnecessary, since we
can just use the normal Math.random() instead.

R=yangguo@chromium.org

Review-Url: https://codereview.chromium.org/2109483004
Cr-Commit-Position: refs/heads/master@{#37359}
2016-06-29 06:20:57 +00:00
mlippautz
0e1eaec71d Revert of [heap] Optimize ArrayBuffer tracking (patchset #5 id:80001 of https://codereview.chromium.org/2107443002/ )
Reason for revert:
Seems to break GPU bots

Original issue's description:
> [heap] Optimize ArrayBuffer tracking
>
> With the current approach we only need to track using an unordered set as we can
> still access the backing store pointer and length by the time we free the
> backing store.
>
> BUG=chromium:619491, chromium:611688
> LOG=N
> R=ulan@chromium.org
>
> Committed: https://crrev.com/8d2ae27808f047ca8b8f90e63a9c8735321d2ad0
> Cr-Commit-Position: refs/heads/master@{#37318}

TBR=ulan@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:619491, chromium:611688

Review-Url: https://codereview.chromium.org/2105273002
Cr-Commit-Position: refs/heads/master@{#37358}
2016-06-29 05:31:56 +00:00
yangguo
b1063f7a41 Use source position table for crankshaft code.
R=bmeurer@chromium.org
BUG=v8:5117

Review-Url: https://codereview.chromium.org/2101523003
Cr-Commit-Position: refs/heads/master@{#37357}
2016-06-29 04:29:14 +00:00
v8-autoroll
5dbec9be14 Update V8 DEPS.
Rolling v8/build to 5340820b7f216d4f155213173cf678774741788d

Rolling v8/buildtools to c36df184fb212b911d5e0fdee45647610e3ea54d

Rolling v8/tools/mb to e79fc1007f026e7d899abec066b714c750103019

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://codereview.chromium.org/2102393002
Cr-Commit-Position: refs/heads/master@{#37356}
2016-06-29 03:27:55 +00:00
jwolfe
1ac0965542 Allow trailing commas in function parameter lists
Add a flag harmony_trailing_commas_in_parameters that allows trailing
commas in function parameter declaration lists and function call
parameter lists. Trailing commas are allowed in parenthetical lists like
`(a, b, c,)` only if the next token is `=>`, thereby making it an arrow
function declaration. Only 1 trailing comma is allowed, not `(a,,)`. A
trailing comma must follow a non-rest parameter, so `(,)` and `(...a,)`
are still SyntaxErrors. However, a trailing comma is allowed after a
spread parameter, e.g. `a(...b,);`.

Add parser tests for all of the above.

BUG=v8:5051
LOG=y

Review-Url: https://codereview.chromium.org/2094463002
Cr-Commit-Position: refs/heads/master@{#37355}
2016-06-29 01:39:10 +00:00
aseemgarg
fa5cb207a1 [wasm] fix loops and if-else to take int type instead of signed
BUG=617526
R=bradnelson@chromium.org
TEST=regress-617526.js

Review-Url: https://codereview.chromium.org/2101923003
Cr-Commit-Position: refs/heads/master@{#37354}
2016-06-29 00:40:32 +00:00
bradnelson
e42983d147 [wasm] Making compare and conditionals more correct.
Comparisons were allowing asm 'int' values in places
that require strict 'signed' or 'unsigned' but not both.

Fixes crash when these make it to asm-wasm.

BUG=599413
BUG=v8:4203
R=aseemgarg@chromium.org

Review-Url: https://codereview.chromium.org/2106683003
Cr-Commit-Position: refs/heads/master@{#37353}
2016-06-28 23:50:14 +00:00
mtrofin
9d6014ad55 Revert "Revert "[wasm] Complete separation of compilation and instantiation""
This reverts commit 1eb1dfabe4.

The original compilation separation change avoided associating a heap
for the wasm instance if memory was not provided, nor needed. The
grow memory CL assumed the old behavior, where a memory buffer was
always present, but may have had a zero size.

The 2CLS  landed shortly after one another. We decided to treat the
grow memory as the race condition winner, so this CL here re-lands
compilation separation, plus adjusts grow memory to deal with
the undefined mem buffer.

BUG=

Review-Url: https://codereview.chromium.org/2102193003
Cr-Commit-Position: refs/heads/master@{#37352}
2016-06-28 23:50:13 +00:00
mtrofin
1eb1dfabe4 Revert "[wasm] Complete separation of compilation and instantiation"
This reverts commit 0c7ee92783.

BUG=

Review-Url: https://codereview.chromium.org/2103983003
Cr-Commit-Position: refs/heads/master@{#37351}
2016-06-28 21:55:35 +00:00
bradnelson
c5856779eb [wasm] Forbid sign mismatch in asm typer.
asm.js forbids mixing signed and unsigned % or /.
We had been allowing these.

Fixes crash.

BUG=618602
BUG=v8:4203
R=aseemgarg@chromium.org

Review-Url: https://codereview.chromium.org/2107683002
Cr-Commit-Position: refs/heads/master@{#37350}
2016-06-28 21:01:36 +00:00
bradnelson
58920e04bc [wasm] Require wasm explicit asm instantiation to be of a function.
We were not checking that the string passed to instantiateFromAsm
contains a function declaration (any declaration was allowed).

Fixes crash.

BUG=620649
BUG=v8:4203
R=aseemgarg@chromium.org

Review-Url: https://codereview.chromium.org/2109533002
Cr-Commit-Position: refs/heads/master@{#37349}
2016-06-28 20:58:28 +00:00
mtrofin
0c7ee92783 [wasm] Complete separation of compilation and instantiation
Support for serializing/deserializing the compiled wasm module.

We want to reuse the javascript snapshotting mechanics, at least in the
short term, when we still use the JS heap for the compiled wasm code.
Given that a module may be compiled in one v8 instance and then
instantiated later, in a different instance, whatever information we need
at instantiation time must also be serializable.

We currently hold on to the un-decoded wasm bytes, for enabling
debugging scenarios. This imposes a ~20% penalty on the memory
requirements of the wasm compiled code. We do not need this data
otherwise, for runtime, and it is sensible to consider eventually loading it
on demand. Therefore, I intentionally avoided relying on it and re-
decoding the wasm module data, and instead saved the information
necessary to support instantiation.

Given how whatever we need to persist must be serializable, the CL
uses a structure made out of serializable objects (fixed arrays mostly)
for storing this information. I preferred going this route rather than
adding more wasm-specific support to the serializer, given that we want
to eventually move off the JS heap, and therefore the serializer.

Additionally, it turns out this extra information is relatively not complex:
minimal structure, little nesting depth, mostly simple data like numbers
or byte blobs, or opaque data like compiled functions.

This CL also moves export compilation ahead of instantiation time.

This change added a helper getter to FixedArray, to make typed retrieval
of elements easier.

BUG=

Review-Url: https://codereview.chromium.org/2094563002
Cr-Commit-Position: refs/heads/master@{#37348}
2016-06-28 20:49:27 +00:00
hpayer
f99f633309 Revert of [heap] Reland uncommit unused large object page memory. (patchset #1 id:1 of https://codereview.chromium.org/2101383002/ )
Reason for revert:
Crashes unbox-double-arrays

Original issue's description:
> [heap] Reland uncommit unused large object page memory.
>
> BUG=
>
> Committed: https://crrev.com/dd0ee5fd11653ba41a292641ccd66ae7cc5a8398
> Cr-Commit-Position: refs/heads/master@{#37341}

TBR=ulan@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review-Url: https://codereview.chromium.org/2106933003
Cr-Commit-Position: refs/heads/master@{#37347}
2016-06-28 20:22:35 +00:00
bjaideep
85cebe7389 PPC/s390: Reland [heap] Avoid the use of cells to point from code to new-space objects.
Port 5e05854019

Original commit message:

    The reason for reverting is: This breaks gc-stress bot:
    https://chromegw.corp.google.com/i/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot

    Abortion of compaction could cause duplicate entries in the typed-old-to-new remembered set.
    These duplicates could cause a DCHECK to trigger which checks that slots recorded in the
    remembered set never point to to-space. This reland-CL allows duplicates in the remembered
    set by removing the DCHECK, and additionally clears entries in the remembered set if objects are moved.

    Original issue's description:

    Cells were needed originally because there was no typed remembered set to
    record direct pointers from code space to new space. A previous
    CL (https://codereview.chromium.org/2003553002/) already introduced
    the remembered set, this CL uses it.

    This CL
    * stores direct pointers in code objects, even if the target is in new space,
    * records the slot of the pointer in typed-old-to-new remembered set,
    * adds a list which stores weak code-to-new-space references,
    * adds a test to test-heap.cc for weak code-to-new-space references,
    * removes prints in tail-call-megatest.js

R=ahaas@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com

BUG=
LOG=N

Review-Url: https://codereview.chromium.org/2108673003
Cr-Commit-Position: refs/heads/master@{#37346}
2016-06-28 18:58:57 +00:00
epertoso
588e15c034 [ia32] Fixes a bug in cmpw.
The opcodes for 'cmpw r/m16, r16' and 'cmpw r16, r/m16' were swapped, causing a few issues when less than/greater than comparison were performed.

Adds a regression test.

BUG=621926

Committed: https://crrev.com/efa7095e3e360fbadbe909d831ac11b268ca26b0
Review-Url: https://codereview.chromium.org/2103713003
Cr-Original-Commit-Position: refs/heads/master@{#37339}
Cr-Commit-Position: refs/heads/master@{#37345}
2016-06-28 18:35:44 +00:00
bjaideep
05638b9d1d PPC/s390: [turbofan] Introduce Float64Pow and NumberPow operators.
Port e607e12ea0

Original commit message:
    Introduce a new machine operator Float64Pow that for now is backed by
    the existing MathPowStub to start the unification of Math.pow, and at
    the same time address the main performance issue that TurboFan still has
    with the imaging-darkroom benchmark in Kraken.

    Also migrate the Math.pow builtin itself to a TurboFan builtin and
    remove a few hundred lines of hand-written platform code for special
    handling of the fullcodegen Math.pow version.

R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com

BUG=v8:3599,v8:5086,v8:5157
LOG=N

Review-Url: https://codereview.chromium.org/2106883002
Cr-Commit-Position: refs/heads/master@{#37344}
2016-06-28 18:01:37 +00:00
ishell
ab7234a492 [ic] Move sloppy_arguments_elements_map down in the root list.
Addressing comment in https://codereview.chromium.org/2102073002/

BUG=chromium:576312, chromium:623516

Review-Url: https://codereview.chromium.org/2109713002
Cr-Commit-Position: refs/heads/master@{#37343}
2016-06-28 18:01:36 +00:00
epertoso
bcdd031590 Revert of [ia32] Fixes a bug in cmpw. (patchset #3 id:40001 of https://codereview.chromium.org/2103713003/ )
Reason for revert:
Causes "buildbot failure in V8 on V8 Linux gcc 4.8, Check"

Original issue's description:
> [ia32] Fixes a bug in cmpw.
>
> The opcodes for 'cmpw r/m16, r16' and 'cmpw r16, r/m16' were swapped, causing a few issues when less than/greater than comparison were performed.
>
> Adds a regression test.
>
> BUG=621926
>
> Committed: https://crrev.com/efa7095e3e360fbadbe909d831ac11b268ca26b0
> Cr-Commit-Position: refs/heads/master@{#37339}

TBR=bmeurer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=621926

Review-Url: https://codereview.chromium.org/2106913002
Cr-Commit-Position: refs/heads/master@{#37342}
2016-06-28 17:44:46 +00:00
hpayer
dd0ee5fd11 [heap] Reland uncommit unused large object page memory.
BUG=

Review-Url: https://codereview.chromium.org/2101383002
Cr-Commit-Position: refs/heads/master@{#37341}
2016-06-28 17:41:30 +00:00
ulan
c4f4d6352f Make v8::Isolate::SetRAILMode thread safe and remove the
PERFORMANCE_DEFAULT mode.

BUG=

Review-Url: https://codereview.chromium.org/2108503003
Cr-Commit-Position: refs/heads/master@{#37340}
2016-06-28 17:32:32 +00:00
epertoso
efa7095e3e [ia32] Fixes a bug in cmpw.
The opcodes for 'cmpw r/m16, r16' and 'cmpw r16, r/m16' were swapped, causing a few issues when less than/greater than comparison were performed.

Adds a regression test.

BUG=621926

Review-Url: https://codereview.chromium.org/2103713003
Cr-Commit-Position: refs/heads/master@{#37339}
2016-06-28 17:23:32 +00:00
gdeepti
ef2f33d6c6 Implement Wasm GrowMemory opcode as a wasm runtime call
- GrowMemory runtime function, tests added to checks if memory can be grown
  and relocation information is updated correctly

R=titzer@chromium.org, bradnelson@chromium.org

Review-Url: https://codereview.chromium.org/2051043002
Cr-Commit-Position: refs/heads/master@{#37338}
2016-06-28 16:49:13 +00:00
bradnelson
3325de6d68 Adding some wasm committers to top level OWNERS.
Following the existing model where most committers are top-level OWNERS, this enables easier boilerplate changes to the V8 build environment and tests in the PST time-zone.

R=danno@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2101423002
Cr-Commit-Position: refs/heads/master@{#37337}
2016-06-28 16:28:06 +00:00
ishell
7031861990 [ic] Use UnseededNumberDictionary as a storage for names in TypeFeedbackMetadata.
The serializer does not support serialization of HashTables in general because
after deserialization it might be necessary to rehash the table.
However the UnseededNumberDictionary does not require rehashing and this CL allows
them to be serialized.

This CL also changes the shape of UnseededNumberDictionary: the details field is
no longer part of the entry since no one needs it.

BUG=chromium:576312, chromium:623516

Review-Url: https://codereview.chromium.org/2102073002
Cr-Commit-Position: refs/heads/master@{#37336}
2016-06-28 16:16:12 +00:00
nikolaos
61c137c811 Fix bug with re-scoping arrow function parameter initializers
When re-scoping arrow function parameter initializers, temporaries
should be moved from the closure of the old scope to the closure of
the new scope, if necessary.

R=adamk@chromium.org, rossberg@chromium.org
BUG=chromium:622663
LOG=N

Review-Url: https://codereview.chromium.org/2083083007
Cr-Commit-Position: refs/heads/master@{#37335}
2016-06-28 15:10:17 +00:00
yangguo
872c461b00 [snapshot] revisit snapshot API.
This part of the snapshot API should not be in use yet, so we can still
change this. The motivation for this change is:
- Use MaybeHandle where reasonable.
- Remove ambiguity: when we use index to create context from snapshot,
  we should not have a silent fallback if snapshot is not available.
- Symmetry: rename to Context::FromSnapshot to mirror templates.

R=jochen@chromium.org
BUG=chromium:617892

Review-Url: https://codereview.chromium.org/2100073002
Cr-Commit-Position: refs/heads/master@{#37334}
2016-06-28 13:48:05 +00:00
cbruni
6b63d524c2 [keys] support shadowing keys in the KeyAccumulator
This cl fixes the long-standing bug for for-in with shadowing properties.

BUG=v8:705

Review-Url: https://codereview.chromium.org/2081733002
Cr-Commit-Position: refs/heads/master@{#37333}
2016-06-28 13:33:31 +00:00
bjaideep
04b655c6e9 PPC/AIX: [heap] Uncommit unused large object page memory.
Port d61a5c376b

Original commit message:

    As a first step I uncommit the memory on the main thread. Also
    to measure impact and stability of that optimization. In a
    follow-up CL, the uncommitting should be moved on the concurrent thread.

R=jochen@chromium.org, hpayer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com

BUG=
LOG=N

Review-Url: https://codereview.chromium.org/2041233003
Cr-Commit-Position: refs/heads/master@{#37332}
2016-06-28 13:30:25 +00:00
machenbach
994dc21148 [gn] Use one source of truth for test source files.
This avoids forgetting to add files for either gyp or gn.

While for most executables, this is detected by compilation
errors, for test executables, it can lead to tests silently
not running.

BUG=chromium:474921

Review-Url: https://codereview.chromium.org/2098313002
Cr-Commit-Position: refs/heads/master@{#37331}
2016-06-28 13:24:08 +00:00
bgeron
f416886358 [compiler] Load elimination now traverses CheckTaggedPointer.
It also dereferences the inputs of StoreField, if those were
CheckTaggedPointers. Tested manually.

BUG=

Review-Url: https://codereview.chromium.org/2104893002
Cr-Commit-Position: refs/heads/master@{#37330}
2016-06-28 13:21:00 +00:00
bmeurer
d5ed22808f [turbofan] Introduce proper CheckNumber operator.
We use CheckNumber to guard values as being proper numbers, i.e. if the
input value is anything but a Number, we deoptimize. This follows the
existing effect/control linearization magic that we already use for the
other checks.

R=jarin@chromium.org
BUG=v8:5141

Review-Url: https://codereview.chromium.org/2109623002
Cr-Commit-Position: refs/heads/master@{#37329}
2016-06-28 13:09:10 +00:00
mlippautz
5ff508a822 Add crash instrumentation for crbug.com/621147
BUG=chromium:621147
LOG=N
R=ishell@chromium.org,cbruni@chromium.org

Review-Url: https://codereview.chromium.org/2100313002
Cr-Commit-Position: refs/heads/master@{#37328}
2016-06-28 12:54:36 +00:00
bjaideep
1ef7e4e2a6 AIX: Adding bbigtoc link step option to fix TOC overflow error
Adding link option -bbigtoc to fix TOC overflow error.
    The option instructs the linker to generate TOC larger
    than 64k.

    TOC: http://www.ibm.com/developerworks/rational/library/overview-toc-aix/

R=machenbach@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com

BUG=
LOG=N

Review-Url: https://codereview.chromium.org/2107513002
Cr-Commit-Position: refs/heads/master@{#37327}
2016-06-28 12:45:42 +00:00
ishell
e6076a7951 Use proper write barrier mode when creating rest parameters.
BUG=chromium:623912

Review-Url: https://codereview.chromium.org/2109603002
Cr-Commit-Position: refs/heads/master@{#37326}
2016-06-28 12:42:40 +00:00
ahaas
5e05854019 Reland [heap] Avoid the use of cells to point from code to new-space objects.
The reason for reverting is: This breaks gc-stress bot:
https://chromegw.corp.google.com/i/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot

Abortion of compaction could cause duplicate entries in the typed-old-to-new remembered set. These duplicates could cause a DCHECK to trigger which checks that slots recorded in the remembered set never point to to-space. This reland-CL allows duplicates in the remembered set by removing the DCHECK, and additionally clears entries in the remembered set if objects are moved.

Original issue's description:

Cells were needed originally because there was no typed remembered set to
record direct pointers from code space to new space. A previous
CL (https://codereview.chromium.org/2003553002/) already introduced
the remembered set, this CL uses it.

This CL
* stores direct pointers in code objects, even if the target is in new space,
* records the slot of the pointer in typed-old-to-new remembered set,
* adds a list which stores weak code-to-new-space references,
* adds a test to test-heap.cc for weak code-to-new-space references,
* removes prints in tail-call-megatest.js

Review-Url: https://codereview.chromium.org/2097023002
Cr-Commit-Position: refs/heads/master@{#37325}
2016-06-28 12:36:31 +00:00