Commit Graph

6536 Commits

Author SHA1 Message Date
cbruni
9e4a304008 [cctest] Reducing recursion depth for asan tests.
Drive-by-fix: improve threading test log output by also showing the names of the
tests when they start and end.

Review-Url: https://codereview.chromium.org/2218033002
Cr-Commit-Position: refs/heads/master@{#38402}
2016-08-05 20:59:05 +00:00
verwaest
4943f72272 Remove bool result from analyze since it's always true
This also gets rid of the pending_error_handler field on DeclarationScope which wasn't actually used.

BUG=v8:5209

Review-Url: https://codereview.chromium.org/2218083002
Cr-Commit-Position: refs/heads/master@{#38400}
2016-08-05 18:59:57 +00:00
ahaas
6c44ab30fd [turbofan] Make Float32Neg and Float64Neg mandatory operators.
R=bmeurer@chromium.org

Review-Url: https://codereview.chromium.org/2215403002
Cr-Commit-Position: refs/heads/master@{#38399}
2016-08-05 18:52:05 +00:00
adamk
6768456db5 Use Variable::binding_needs_init() to determine hole initialization
The old code was using VariableMode, but that signal is both
over-pessimistic (some CONST and LET variables need no hole-initialization)
and inconsistent with other uses of the InitializationFlag enum (such
as %LoadLookupSlot).

This changes no observable behavior, but removes unnecessary hole
initialization and hole checks in a few places, including
block-scoped function declarations, super property lookups,
and new.target.

R=bmeurer@chromium.org, neis@chromium.org

Review-Url: https://codereview.chromium.org/2201193004
Cr-Commit-Position: refs/heads/master@{#38395}
2016-08-05 17:51:17 +00:00
klaasb
4732c219b0 [interpreter] Remove redundant code in ForInPrepare
ForInPrepare checked whether the receiver object was null, undefined or
converted to a JSObject. This is already done by the generated bytecode.

BUG=v8:4820
LOG=n

Review-Url: https://codereview.chromium.org/2208043002
Cr-Commit-Position: refs/heads/master@{#38394}
2016-08-05 17:36:00 +00:00
verwaest
ff1c3cdb18 Separate Scope into DeclarationScope and Scope
This reduces peak zone memory usage by ~10% on codeload and ~5% on mandreel.

BUG=v8:5209

Committed: https://crrev.com/2648162dcfff622f8587cea2faa8c3af56456968
Review-Url: https://codereview.chromium.org/2209573002
Cr-Original-Commit-Position: refs/heads/master@{#38367}
Cr-Commit-Position: refs/heads/master@{#38390}
2016-08-05 14:34:04 +00:00
machenbach
55a4344f41 [test] Activate ignition_staging variant
BUG=v8:5238
NOTREECHECKS=true

Review-Url: https://codereview.chromium.org/2214283003
Cr-Commit-Position: refs/heads/master@{#38381}
2016-08-05 12:48:36 +00:00
machenbach
2b6675c350 Revert of Separate Scope into DeclarationScope and Scope (patchset #13 id:240001 of https://codereview.chromium.org/2209573002/ )
Reason for revert:
[Sheriff] Make leak checker unhappy:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20-%20debug/builds/10959

Original issue's description:
> Separate Scope into DeclarationScope and Scope
>
> This reduces peak zone memory usage by ~10% on codeload and ~5% on mandreel.
>
> BUG=v8:5209
>
> Committed: https://crrev.com/2648162dcfff622f8587cea2faa8c3af56456968
> Cr-Commit-Position: refs/heads/master@{#38367}

TBR=marja@chromium.org,mstarzinger@chromium.org,ahaas@chromium.org,adamk@chromium.org,verwaest@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5209

Review-Url: https://codereview.chromium.org/2212383003
Cr-Commit-Position: refs/heads/master@{#38380}
2016-08-05 12:37:23 +00:00
hpayer
04fda1f686 [heap] Temporarily do not use size to iterate live object to investigate Win 10 memory regression.
BUG=chromium:633537

Review-Url: https://codereview.chromium.org/2211893002
Cr-Commit-Position: refs/heads/master@{#38369}
2016-08-05 10:58:38 +00:00
machenbach
dea16c9a42 Revert of [Interpreter] Collect type feedback for 'new' in the bytecode handler (patchset #6 id:100001 of https://codereview.chromium.org/2190293003/ )
Reason for revert:
[Sheriff] Fails on nosnap debug:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap%20-%20debug/builds/8403

Original issue's description:
> [Interpreter] Collect type feedback for 'new' in the bytecode handler
>
> Collect type feedback in the bytecode handler for 'new' bytecode. The
> earlier cl (https://codereview.chromium.org/2153433002/) was reverted
> because that implementation did not collect allocation site feedback.
> This regressed delta blue by an order of magnitude. This implementation
> includes collection of allocation site feedback.
>
> BUG=v8:4280, v8:4780
> LOG=N
>
> Committed: https://crrev.com/9d5e6129c4c7f9cbfe81a5fad2a470f219fe137c
> Cr-Commit-Position: refs/heads/master@{#38364}

TBR=bmeurer@chromium.org,rmcilroy@chromium.org,balazs.kilvady@imgtec.com,mythria@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4280, v8:4780

Review-Url: https://codereview.chromium.org/2212343002
Cr-Commit-Position: refs/heads/master@{#38368}
2016-08-05 10:36:20 +00:00
verwaest
2648162dcf Separate Scope into DeclarationScope and Scope
This reduces peak zone memory usage by ~10% on codeload and ~5% on mandreel.

BUG=v8:5209

Review-Url: https://codereview.chromium.org/2209573002
Cr-Commit-Position: refs/heads/master@{#38367}
2016-08-05 10:17:54 +00:00
rmcilroy
297f2d831a [Interpreter] Avoid dereferencing handles in ConstantPoolArrayBuilder.
Changes ConstantPoolArrayBuilder to do object lookups using the location
of the handles, rather than dereferencing the handles and comparing the
objects. This also updates CanonicalHandleScope when internalizing AST
nodes to ensure that duplicate objects share the same handles and so are
only added to the constant pool once.

BUG=v8:5203

Review-Url: https://codereview.chromium.org/2204243003
Cr-Commit-Position: refs/heads/master@{#38366}
2016-08-05 10:10:04 +00:00
mythria
9d5e6129c4 [Interpreter] Collect type feedback for 'new' in the bytecode handler
Collect type feedback in the bytecode handler for 'new' bytecode. The
earlier cl (https://codereview.chromium.org/2153433002/) was reverted
because that implementation did not collect allocation site feedback.
This regressed delta blue by an order of magnitude. This implementation
includes collection of allocation site feedback.

BUG=v8:4280, v8:4780
LOG=N

Review-Url: https://codereview.chromium.org/2190293003
Cr-Commit-Position: refs/heads/master@{#38364}
2016-08-05 09:58:39 +00:00
clarkchenwang
dfd8db8bec Add signature checking when directly import a foreign function
Review-Url: https://codereview.chromium.org/2204703002
Cr-Commit-Position: refs/heads/master@{#38349}
2016-08-04 20:34:02 +00:00
machenbach
03f5124822 [test] Enable test status filtering by variant
This adds the possibility to address test cases in the
status file with the variant under which the test is running.
This is only allowed in top-level sections.

Example:
[{
  'test-case': [PASS, SLOW],
}]

['variant == foo', {
  'test-case': [FAIL],
}]

The test case "test-case" is marked as slow in all variants.
Additionally, in variant foo, it'll be expected to fail.

This CL also exemplifies the new feature with test cases
running under the ignition_turbofan variant. The
corresponding legacy flag is deprecated.

BUG=v8:5238

Review-Url: https://codereview.chromium.org/2203013002
Cr-Commit-Position: refs/heads/master@{#38342}
2016-08-04 14:42:16 +00:00
epertoso
7eee144480 [turbofan] Basic reductions of 64-bit machine operators.
Only basic things for now, but enough, for example, to emit

mov rax, [rax+0xc]

instead of

mov rax, 0x3
mov rdx, [rdx+rax*4]

on x64.

BUG=

Review-Url: https://codereview.chromium.org/2211633003
Cr-Commit-Position: refs/heads/master@{#38338}
2016-08-04 12:37:08 +00:00
ahaas
7a1deffbd1 [serializer][heap] Record references in deserialized code objects.
References in code objects to new-space embedded objects have to be
recorded in a remembered set so that they get updated by the garbage
collector.

TEST=cctest/test-serialize/CodeSerializerEmbeddedObject

R=ulan@chromium.org, yangguo@chromium.org

Review-Url: https://codereview.chromium.org/2200333004
Cr-Commit-Position: refs/heads/master@{#38335}
2016-08-04 09:39:57 +00:00
rskang
94ad974df8 [Tracing] V8 Tracing Controller - Fix async trace event bug
Usage of hex IO manipulator for async event IDs corrupts future decimal number
outputs.

BUG=v8:5261

Review-Url: https://codereview.chromium.org/2200113003
Cr-Commit-Position: refs/heads/master@{#38331}
2016-08-04 08:49:22 +00:00
hpayer
62f2e7e8b0 Revert "[heap] Temporarily use old live object iterator to investigate Win 10 memory regression."
This reverts commit d2cf6e2956.

BUG=chromium:633537

Review-Url: https://codereview.chromium.org/2207383002
Cr-Commit-Position: refs/heads/master@{#38328}
2016-08-04 08:26:21 +00:00
ahaas
c088aea922 [heap] Record references in the new code objects in heap::CopyCode.
R=mlippautz@chromium.org
BUG=chromium:633539
TEST=cctest/test-heap/TestNewSpaceRefsInCopiedCode

Review-Url: https://codereview.chromium.org/2203783002
Cr-Commit-Position: refs/heads/master@{#38326}
2016-08-04 08:14:29 +00:00
jgruber
a53d468747 Properly handle exceptions in cctests
Thrown exceptions must be handled before another exception is thrown.
This fixes all remaining test failures exposed by not clearing pending
exceptions in JSEntryStub.

BUG=v8:5259

Review-Url: https://codereview.chromium.org/2207923002
Cr-Commit-Position: refs/heads/master@{#38324}
2016-08-04 07:22:11 +00:00
hpayer
d2cf6e2956 [heap] Temporarily use old live object iterator to investigate Win 10 memory regression.
BUG=chromium:633537

Review-Url: https://codereview.chromium.org/2205373002
Cr-Commit-Position: refs/heads/master@{#38311}
2016-08-03 18:11:43 +00:00
weiliang.lin
0872d08b00 [x64]: add cmpps/cmppd instructions
BUG=

Review-Url: https://codereview.chromium.org/2170323002
Cr-Commit-Position: refs/heads/master@{#38307}
2016-08-03 15:25:28 +00:00
haraken
c8241635f1 Change an output parameter of Maybe<T>::To() from a reference to a pointer
This is a follow-up fix for https://codereview.chromium.org/2194793003/

BUG=

Review-Url: https://codereview.chromium.org/2205203002
Cr-Commit-Position: refs/heads/master@{#38305}
2016-08-03 15:10:23 +00:00
klaasb
8097eeb9f2 [interpreter] Add CreateFunctionContext bytecode
Add a new bytecode to create a function context. The handler inlines
FastNewFunctionContextStub.

BUG=v8:4280
LOG=n

Review-Url: https://codereview.chromium.org/2187523002
Cr-Commit-Position: refs/heads/master@{#38301}
2016-08-03 14:43:26 +00:00
cbruni
ce49c32973 [api] Add v8::Object::SetAlignedPointerInInternalFields
This new API function allows for setting several internal fields at once.
By avoiding crossing the API each time for setting an internal property we
can speed up the wrapper creation which has to set two fields for every new
object.

BUG=chromium:630217

Review-Url: https://codereview.chromium.org/2185963002
Cr-Commit-Position: refs/heads/master@{#38299}
2016-08-03 14:39:34 +00:00
jochen
7036d96b57 Add a mode to completely deserialize scope chains
This will allow for the background parser to parse inner functions

BUG=v8:5215
R=marja@chromium.org,verwaest@chromium.org

Review-Url: https://codereview.chromium.org/2198043002
Cr-Commit-Position: refs/heads/master@{#38291}
2016-08-03 13:31:04 +00:00
bmeurer
cf4b9307ad [turbofan] Consume SignedSmall feedback for number operations.
So far we treated SignedSmall and Signed32 feedback the same for number
operations. However it would be beneficial to generate (a lot) less code
if we only do a Smi check on the inputs instead of doing the full Smi +
HeapNumber + conversion check that we need to do for Signed32 feedback.

R=epertoso@chromium.org
BUG=v8:4583

Review-Url: https://codereview.chromium.org/2207893002
Cr-Commit-Position: refs/heads/master@{#38290}
2016-08-03 12:47:53 +00:00
jgruber
d48170dbf5 Move NoSideEffectToString to C++
BUG=

Review-Url: https://codereview.chromium.org/2206573002
Cr-Commit-Position: refs/heads/master@{#38289}
2016-08-03 12:22:23 +00:00
bmeurer
66e96fc9d7 [turbofan] Unify number operation typing rules.
Move all the typing rules for unary and binary number operations to the
OperationTyper and use them for both the regular Typer as well as the
retyper that runs as part of SimplifiedLowering.

R=epertoso@chromium.org

Review-Url: https://codereview.chromium.org/2202883005
Cr-Commit-Position: refs/heads/master@{#38283}
2016-08-03 10:43:01 +00:00
mstarzinger
cc1e84b96c [turbofan] Remove eager frame state from all nodes.
This completely removes the ability from nodes to point directly to the
frame state representing their eager bailout point. All nodes now either
have zero or one frame state inputs. These frame states can by now be
found via checkpoints in the graph.

R=bmeurer@chromium.org
BUG=v8:5021

Review-Url: https://codereview.chromium.org/2020323004
Cr-Commit-Position: refs/heads/master@{#38282}
2016-08-03 10:39:09 +00:00
mstarzinger
0c8e3cea4b [turbofan] Remove eager frame state from bitwise ops.
This removes the frame state input representing the before-state from
nodes having any int32 bitwise operator. Lowering that inserts number
conversions of the inputs has to be disabled when deoptimization is
enabled, because the frame state layout is no longer known.

R=epertoso@chromium.org
BUG=v8:5021,v8:4746

Review-Url: https://codereview.chromium.org/2194383004
Cr-Commit-Position: refs/heads/master@{#38280}
2016-08-03 08:38:51 +00:00
jochen
2f8d4f4425 Do an access check before compiling code via eval()
Similarly to how we check whether the entered context has access to the target
context when invoking the function constructor, we should check the involved
contexts before invoking eval().

I forgot to add this in the initial CL that adds the check for the function
constructor. Move the code to a common location, and use it for the GlobalEval
builtin as well.

BUG=chromium:541703
R=verwaest@chromium.org

Review-Url: https://codereview.chromium.org/2199343002
Cr-Commit-Position: refs/heads/master@{#38277}
2016-08-03 07:42:53 +00:00
titzer
d4392107fa [wasm] Make LoadGlobal/StoreGlobal opcodes match what is coming in binary 0xC.
R=ahaas@chromium.org,bradnelson@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2209433002
Cr-Commit-Position: refs/heads/master@{#38262}
2016-08-02 22:40:50 +00:00
adamk
56f9754387 Remove --harmony-exponentiation-operator flag
It's shipped in M52.

R=caitp@igalia.com, littledan@chromium.org

Review-Url: https://codereview.chromium.org/2203843002
Cr-Commit-Position: refs/heads/master@{#38256}
2016-08-02 17:17:35 +00:00
rskang
9a6a56d21f Add args and copy support to V8 tracing controller.
BUG=v8:4561

Review-Url: https://codereview.chromium.org/2190973003
Cr-Commit-Position: refs/heads/master@{#38255}
2016-08-02 17:13:13 +00:00
alph
f7249cd9f4 Do not mark dependent_code arrays as weak in heap snapshot.
Review-Url: https://codereview.chromium.org/2197393003
Cr-Commit-Position: refs/heads/master@{#38251}
2016-08-02 15:20:44 +00:00
alph
aba8a8151e Add WeakCell support to heap profiler.
Review-Url: https://codereview.chromium.org/2204873003
Cr-Commit-Position: refs/heads/master@{#38245}
2016-08-02 13:43:57 +00:00
alph
0a920f607f Add Map::weak_cell_cache internal link to heap snapshot.
Review-Url: https://codereview.chromium.org/2204893002
Cr-Commit-Position: refs/heads/master@{#38244}
2016-08-02 13:06:19 +00:00
machenbach
8552e68223 [test] Fix joining FAIL expectations in status files
Without this fix, two rules [PASS, MODIFIER] and [FAIL]
would be joined as [PASS, MODIFIER, FAIL], undermining the
intention of the second rule to mark a test as failing.

BUG=v8:4680,v8:4900

Review-Url: https://codereview.chromium.org/2201033002
Cr-Commit-Position: refs/heads/master@{#38238}
2016-08-02 11:52:03 +00:00
mstarzinger
f4316f1604 [interpreter] Enable test that no longer fails.
R=machenbach@chromium.org

Review-Url: https://codereview.chromium.org/2207503002
Cr-Commit-Position: refs/heads/master@{#38237}
2016-08-02 10:26:10 +00:00
mstarzinger
962fd4ae4b [interpreter] Elide OSR polling from fake loops.
This makes sure we are not inserting {OsrPoll} instructions for any
statements that are not actually loops and have no back edges. Without
back edges the {BytecodeGraphBuilder} is unable to deduce loop ranges
and hence cannot construct a graph for OSR entry.

R=neis@chromium.org
TEST=mjsunit/regress/regress-5252
BUG=v8:5252

Review-Url: https://codereview.chromium.org/2200733002
Cr-Commit-Position: refs/heads/master@{#38233}
2016-08-02 09:16:59 +00:00
alph
1fe8207071 [heap profiler] Use internal type links for bound this and target function.
These are internal fields of the JSBoundFunction class.

Review-Url: https://codereview.chromium.org/2193993002
Cr-Commit-Position: refs/heads/master@{#38222}
2016-08-01 22:16:01 +00:00
hpayer
c1ea41645b [heap] Add more left and right trimming test cases for black areas.
BUG=

Review-Url: https://codereview.chromium.org/2185383002
Cr-Commit-Position: refs/heads/master@{#38218}
2016-08-01 17:10:31 +00:00
jgruber
6c53efc7c4 Move FormatStackTrace to C++
BUG=

Review-Url: https://codereview.chromium.org/2191293002
Cr-Commit-Position: refs/heads/master@{#38212}
2016-08-01 14:28:33 +00:00
ulan
ea45a210a6 Fix performance regression of heap snapshot generator that was
introduced in https://crrev.com/72f884a19fa4434bba6fc0e013ec4ea0a2366893

The regression comes from adding the next weak field of AllocationSite
as a hidden reference into the snapshot.

Before 72f884 the reference was implicitly ignored because the body
descriptor of AllocationSite did not include it.

This patch explicitly skip the next weak field of AllocationSite.

BUG=chromium:630027

Review-Url: https://codereview.chromium.org/2189643004
Cr-Commit-Position: refs/heads/master@{#38211}
2016-08-01 13:34:26 +00:00
mstarzinger
9ee6ca75d3 [turbofan] Switch inlining tests to global scope.
This switches our inlining tests (i.e. cctest/test-run-inlining) to rely
on global object instead of function context specialization, which is
more in sync with what we are actually shipping. It will also allow us
to test inlining with the BytecodeGraphBuilder without having to add
support for function context specialization just for testing purposes.

R=bmeurer@chromium.org
TEST=cctest/test-run-inlining
BUG=v8:5251

Review-Url: https://codereview.chromium.org/2200673002
Cr-Commit-Position: refs/heads/master@{#38209}
2016-08-01 12:59:58 +00:00
machenbach
a23a74a7be [test] Remove deprecated --ignition test-runner flag
The flag was introduced for ignition development. It can only
be used when running ignition tests in isolation on the bots.

The bots only use ignition_turbo in isolation since a while
and don't pass the --ignition flag anymore.

BUG=v8:5238

Review-Url: https://codereview.chromium.org/2197123002
Cr-Commit-Position: refs/heads/master@{#38206}
2016-08-01 12:11:43 +00:00
jochen
95cae2eb35 Move ContextSlotCache to its own file
Also remove unnecessary includes of scopeinfo.h all over the place

R=marja@chromium.org
TBR=verwaest@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2197973002
Cr-Commit-Position: refs/heads/master@{#38204}
2016-08-01 11:33:46 +00:00
hpayer
205457b1aa [heap] Reland "Remove black pages and use black areas instead."
BUG=chromium:630969,chromium:630386

Review-Url: https://codereview.chromium.org/2186863005
Cr-Commit-Position: refs/heads/master@{#38195}
2016-08-01 09:05:04 +00:00
jyan
77c9cb8341 [compiler] [wasm] Introduce Word32/64ReverseBytes as TF Optional Opcode
This commit fixes wasm little-endian load issue on big-endian platform
by introducing reverse byte operation immediately after a load.

R=bmeurer@chromium.org, titzer@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2045943002
Cr-Commit-Position: refs/heads/master@{#38183}
2016-07-29 19:33:28 +00:00
klaasb
26c1755242 [interpreter] Put object in register for ToObject/ForInPrepare
This gets rid of the Star bytecodes that were always dispatched to from
ToObject.
ToObject now outputs to register instead of to the accumulator and
ForInPrepare gets the receiver object from an input register.

BUG=v8:4820
LOG=n

Review-Url: https://codereview.chromium.org/2189463006
Cr-Commit-Position: refs/heads/master@{#38177}
2016-07-29 11:18:06 +00:00
haraken
cf1779495d Introduce Maybe::To/ToChecked
Per discussion in https://groups.google.com/a/chromium.org/d/topic/platform-architecture-dev/vGLGCaMqhCU/discussion

BUG=

Review-Url: https://codereview.chromium.org/2194793003
Cr-Commit-Position: refs/heads/master@{#38173}
2016-07-29 10:56:57 +00:00
georgia.kouveli
ca4707f775 Fixing test issue in test-cpu-profiler/TickLinesOptimized.
The test was calling OptimizeFunctionOnNextCall on a function before
ever executing it - crankshaft therefore didn't have any type info and
was generating a soft deoptimization bailout. Make sure we execute the
function before calling OptimizeFunctionOnNextCall to avoid this issue.

BUG=

Review-Url: https://codereview.chromium.org/2168603003
Cr-Commit-Position: refs/heads/master@{#38171}
2016-07-29 10:22:07 +00:00
jochen
a661f61123 Implement a character stream for external one byte streams
In contrast to the generic stream, this character stream works without
accessing the heap, and can be used on a background thread.

BUG=v8:5215
R=vogelheim@chromium.org,marja@chromium.org

Review-Url: https://codereview.chromium.org/2184393002
Cr-Commit-Position: refs/heads/master@{#38154}
2016-07-29 06:13:38 +00:00
bbudge
55b01ccbfc [Turbofan] Revert FP register aliasing support on Arm.
- Changes register allocation to only use even numbered registers on Arm.
- Turns on float32 testing in test-gap-resolver.cc.

This is effectively a revert of:
https://codereview.chromium.org/2086653003/

LOG=N
BUG=V8:4124, V8:5202

Review-Url: https://codereview.chromium.org/2176173003
Cr-Commit-Position: refs/heads/master@{#38151}
2016-07-29 00:50:57 +00:00
cbruni
f3f738fe8e [api] Introduce fast instantiations cache
This CL introduces a new fast flat instantiations cache for the first 1024 object templates.
After that we fall back to the existing slower dictionary cache.

Drive-by-fix: de-handlify and clean up some code in api-natives.cc

BUG=chromium:630217

Review-Url: https://codereview.chromium.org/2170743003
Cr-Commit-Position: refs/heads/master@{#38146}
2016-07-28 17:19:52 +00:00
hpayer
2c7efba658 Revert of [heap] Reland "Remove black pages and use black areas instead." (patchset #4 id:60001 of https://codereview.chromium.org/2185613002/ )
Reason for revert:
Still crashing.

Original issue's description:
> [heap] Reland "Remove black pages and use black areas instead."
>
> BUG=chromium:630969,chromium:630386
> LOG=n
>
> Committed: https://crrev.com/9e37a07c8de0a20ef2681e26824ff4d329102603
> Cr-Commit-Position: refs/heads/master@{#38057}

TBR=ulan@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=chromium:630969,chromium:630386

Review-Url: https://codereview.chromium.org/2183383004
Cr-Commit-Position: refs/heads/master@{#38129}
2016-07-28 10:29:35 +00:00
mstarzinger
7f6839d642 [test] Remove uses of runtime zone from tests.
R=mvstanton@chromium.org

Review-Url: https://codereview.chromium.org/2190623002
Cr-Commit-Position: refs/heads/master@{#38115}
2016-07-28 08:06:14 +00:00
ddchen
0a9d4003c7 [wasm] Add support for multiple indirect function tables
This patch updates internal data structures used by V8 to support
multiple indirect function tables (WebAssembly/design#682). But, since
this feature is post-MVP, the functionality is not directly exposed and
parsing/generation of WebAssembly is left unchanged. Nevertheless, it
is being used in an experiment to implement fine-grained control flow
integrity based on C/C++ types.

BUG=

Review-Url: https://codereview.chromium.org/2174123002
Cr-Commit-Position: refs/heads/master@{#38110}
2016-07-28 04:57:18 +00:00
fmeawad
821c3e563c Reland [Tracing] V8 Tracing Controller
V8 has had a trace event macro interface for while, but without a tracing
controller a standalone V8 would be unable to collect traces.

This CL introduces a complete Tracing Controller system for V8.
It is fully function except that it does not yet store trace event args.

This CL has a few components,
The tracing controller itself, contributed by the author of this CL
The Trace config (including the parser), contributed by lpy@
The Trace Object, Trace Writer, and Trace Buffer are all contributed by rksang@

BUG=v8:4561
LOG=N

The original CL was failing the V8 Arm Builder:
https://build.chromium.org/p/client.v8.ports/builders/V8%20Arm%20-%20builder/builds/2456
and the V8 Mips Builder:
https://build.chromium.org/p/client.v8.ports/builders/V8%20Mips%20-%20builder/builds/2506

The failure is due to undefined behavior of CHECK_EQ of 2 const char*

Fix in patch #1

Committed: https://crrev.com/3d598452679ce208ad9b2f48e0fb3fae352ce375
Cr-Commit-Position: refs/heads/master@{#38073}

patch from issue 2137013006 at patchset 200001 (http://crrev.com/2137013006#ps200001)

Review-Url: https://codereview.chromium.org/2183923004
Cr-Commit-Position: refs/heads/master@{#38104}
2016-07-27 16:21:54 +00:00
klaasb
27a9b032ab [interpreter] Don't keep postfix result if only visited for effect
Remove TODO to perform same optimization as AstGraphBuilder.
When visiting for effect in a postfix count operation, don't
keep the intermediate result of ToNumber.

BUG=v4:4280
LOG=n

Review-Url: https://codereview.chromium.org/2187823002
Cr-Commit-Position: refs/heads/master@{#38101}
2016-07-27 13:52:06 +00:00
jacob.bramley
cc00ba2df2 [arm] Clean up the use of UNALIGNED_ACCESSES.
All supported ARM targets support unaligned accesses for integer
accesses. This patch removes the remnants of support for older targets.

BUG=v8:5077

Review-Url: https://codereview.chromium.org/2184823002
Cr-Commit-Position: refs/heads/master@{#38099}
2016-07-27 13:28:02 +00:00
klaasb
d1baa31e52 Fix generate-bytecode-expectations crash
https://codereview.chromium.org/2176143002 removed parsing of a golden
file header option but did not remove the option.

BUG=
LOG=n

Review-Url: https://codereview.chromium.org/2189583002
Cr-Commit-Position: refs/heads/master@{#38096}
2016-07-27 12:23:13 +00:00
epertoso
43a86ff3b7 [turbofan] Add the CheckedTruncateTaggedToWord32 opcode.
This leads to a better handling of the Smi case when we introduce a checked truncation from a number or oddbal to a 32 bit word, which we were previously doing by concatenating a Smi to float64 conversion with a float64 to word32 truncation.

BUG=

Review-Url: https://codereview.chromium.org/2191503002
Cr-Commit-Position: refs/heads/master@{#38091}
2016-07-27 11:41:27 +00:00
yangguo
43ab247f56 Remove NaCl support.
Review-Url: https://codereview.chromium.org/2175193003
Cr-Commit-Position: refs/heads/master@{#38081}
2016-07-27 07:50:31 +00:00
lpy
13c3d06a31 Revert of [Tracing] V8 Tracing Controller (patchset #11 id:200001 of https://codereview.chromium.org/2137013006/ )
Reason for revert:
Revert this CL due to V8 Arm Builder failure and V8 Mips Builder failure.

https://build.chromium.org/p/client.v8.ports/builders/V8%20Arm%20-%20builder/builds/2456

https://build.chromium.org/p/client.v8.ports/builders/V8%20Mips%20-%20builder/builds/2506

Original issue's description:
> [Tracing] V8 Tracing Controller
>
> V8 has had a trace event macro interface for while, but without a tracing
> controller a standalone V8 would be unable to collect traces.
>
> This CL introduces a complete Tracing Controller system for V8.
> It is fully function except that it does not yet store trace event args.
>
> This CL has a few components,
> The tracing controller itself, contributed by the author of this CL
> The Trace config (including the parser), contributed by lpy@
> The Trace Object, Trace Writer, and Trace Buffer are all contributed by rksang@
>
> BUG=v8:4561
> LOG=N
>
> Committed: https://crrev.com/3d598452679ce208ad9b2f48e0fb3fae352ce375
> Cr-Commit-Position: refs/heads/master@{#38073}

TBR=jochen@chromium.org,mattloring@google.com,rskang@google.com,yangguo@chromium.org,fmeawad@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4561

Review-Url: https://codereview.chromium.org/2183943002
Cr-Commit-Position: refs/heads/master@{#38074}
2016-07-26 22:45:25 +00:00
fmeawad
3d59845267 [Tracing] V8 Tracing Controller
V8 has had a trace event macro interface for while, but without a tracing
controller a standalone V8 would be unable to collect traces.

This CL introduces a complete Tracing Controller system for V8.
It is fully function except that it does not yet store trace event args.

This CL has a few components,
The tracing controller itself, contributed by the author of this CL
The Trace config (including the parser), contributed by lpy@
The Trace Object, Trace Writer, and Trace Buffer are all contributed by rksang@

BUG=v8:4561
LOG=N

Review-Url: https://codereview.chromium.org/2137013006
Cr-Commit-Position: refs/heads/master@{#38073}
2016-07-26 22:15:39 +00:00
martyn.capewell
3a6440e48f ARM: Implement UnaligedLoad and UnaligedStore turbofan operators.
Port 580fdf3c05

This also reverses the MachineType stored for partial unaligned access support
such that it records the unsupported types, rather than supported types.

BUG=

Review-Url: https://codereview.chromium.org/2182493003
Cr-Commit-Position: refs/heads/master@{#38065}
2016-07-26 15:58:19 +00:00
bjaideep
d05c2f02c5 PPC: Fixed RememberedSetRemoveRange to have chunk->size > PageSize
Increased array size in the testcase such that the chunk size is
greater that the page size on PPC (4MB). This fixes the case when
(start + Page::kPageSize) memory location is tested to be part of
the chunk.
The testcase was added as part of https://codereview.chromium.org/2110213003/

R=ulan@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com

BUG=
LOG=N

Review-Url: https://codereview.chromium.org/2182113002
Cr-Commit-Position: refs/heads/master@{#38060}
2016-07-26 15:10:20 +00:00
ishell
13aa1d0203 [stubs] Call interface descriptors cleanup.
This is a first step towards a perfect world where a call interface descriptor is the only place that defines calling convention for a particular code stub.

Review-Url: https://codereview.chromium.org/2172223002
Cr-Commit-Position: refs/heads/master@{#38059}
2016-07-26 14:56:35 +00:00
hpayer
9e37a07c8d [heap] Reland "Remove black pages and use black areas instead."
BUG=630969,630386
LOG=n

Review-Url: https://codereview.chromium.org/2185613002
Cr-Commit-Position: refs/heads/master@{#38057}
2016-07-26 14:42:48 +00:00
jpp
060d984c94 [wasm][asm2wasm] Fixes a bug in 8-bit heap view accesses.
The bug was caused when validating expressions

X >> 0

for indexing into 8-bit heap views. If X was not an intish, the 'normal'
validation path would fail. That, however, left the type of X registered
in the AsmTyper::node_types_ member.

Later, in the 'lenient' code path for 8-bit views, the entire X >> 0
expression would be validated, which would cause X to be validated
again, at which point AsmTyper::SetTypeOf() would DCHECK because the
supplied node already had a type associated with it.

The fix was to simply FAIL() when X is not an intish. This is safe
because if X is not an intish, then

Validate(>>, !intish, FixNum)

will also fail.

BUG= https://bugs.chromium.org/p/chromium/issues/detail?id=628803
BUG= https://bugs.chromium.org/p/v8/issues/detail?id=4203
TEST= cctest/asmjs/test-asm-typer.cc
LOG= N

Review-Url: https://codereview.chromium.org/2181723002
Cr-Commit-Position: refs/heads/master@{#38053}
2016-07-26 14:05:05 +00:00
mstarzinger
94606a88e2 [interpreter] Disable OSR for BytecodeGenerator tests.
R=rmcilroy@chromium.org
TEST=cctest/test-bytecode-generator
BUG=v8:4764

Review-Url: https://codereview.chromium.org/2184663002
Cr-Commit-Position: refs/heads/master@{#38052}
2016-07-26 13:48:11 +00:00
bmeurer
5d2d46e388 [turbofan] Perform element index computation in word64 on 64-bit platforms.
This allows us to fuse the address computation with the actual memory
access operation on x64, which reduces the register pressure and the
number of instructions. There's probably some follow up cleanup that has
to happen to make sure the machine operator optimizations that are
relevant to word64 computations are also available (similar to what is
already available for word32).

R=epertoso@chromium.org

Review-Url: https://codereview.chromium.org/2183043002
Cr-Commit-Position: refs/heads/master@{#38051}
2016-07-26 13:14:04 +00:00
bakkot
c2bcfc3145 Wrap ClassLiterals in DoExpressions instead of giving them BlockScopes.
This slightly simplifies scope handling. It also makes it possible to
implement some potential future changes to classes purely in the parser
by adding additional code to the DoExpression.

This is a portion of https://codereview.chromium.org/2142333002/, which
probably isn't going through in full.

Review-Url: https://codereview.chromium.org/2176653003
Cr-Commit-Position: refs/heads/master@{#38035}
2016-07-25 19:21:44 +00:00
machenbach
aa32233676 [build] Fix header-hygiene warnings for arm64
This prepares for switching arm64 sim to gn.

BUG=chromium:474921

Review-Url: https://codereview.chromium.org/2174363002
Cr-Commit-Position: refs/heads/master@{#38033}
2016-07-25 18:16:26 +00:00
bjaideep
b1683f050a [Heap] Fix ArrayBuffer_SemiSpaceCopyMultipleTasks to respect PPC page size
The testcase allocates JSArraybuffer on 2 separate pages which should be
on the New space. In the testcase semi space size is set to 2MB.
Since page size on PPC is 4MB the semi new space size defaults to 4MB.
Therefore when allocating 2nd buffer, scavenge GC kicks in as from-space is
filled up and copies 1st buffer to to-space. Now, the 2nd buffer also gets
allocated on the same to-space, therefore both buffer end up being on the
same page. This fix should allocate enough semi new space to contain 2
pages (for all platform).
The testcase was added as part of https://codereview.chromium.org/2036643002

R=mlippautz@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com

BUG=
LOG=N

Review-Url: https://codereview.chromium.org/2167853002
Cr-Commit-Position: refs/heads/master@{#38028}
2016-07-25 16:02:46 +00:00
ivica.bogosavljevic
5d8094ee79 Fix cctest/test-code-stubs-mips64/ConvertDToI failure on big-endian architectures
Failure is due to different endianness on big endian. The test now passes on
both big-endian and little-endian architectures.

TEST=cctest/test-code-stubs-mips64/ConvertDToI
BUG=

Review-Url: https://codereview.chromium.org/2157373002
Cr-Commit-Position: refs/heads/master@{#38022}
2016-07-25 13:26:56 +00:00
neis
88a795d1c8 Remove the --ignition-generators flag.
This flag has been enabled by default for over a month now.

R=mstarzinger@chromium.org, rmcilroy@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2176143002
Cr-Commit-Position: refs/heads/master@{#38020}
2016-07-25 12:56:27 +00:00
klaasb
63ea19baa0 [interpreter] Add output register to ToName
ToName was always generated with a subsequent Star, fuse them.
Requires a few changes in the peephole optimizer as ToName cannot be
elided as easily, but must be replaced by Star.

BUG=v8:4280
LOG=n

Review-Url: https://codereview.chromium.org/2169813002
Cr-Commit-Position: refs/heads/master@{#38019}
2016-07-25 12:53:01 +00:00
ishell
5c8cb1689a [ic] Don't call LookupIterator::GetStoreTarget() when receiver is not a JSReceiver.
BUG=chromium:619166,chromium:625155

Review-Url: https://codereview.chromium.org/2175273002
Cr-Commit-Position: refs/heads/master@{#38018}
2016-07-25 12:32:59 +00:00
jochen
0a6ccaf268 Replace SmartPointer<T> with unique_ptr<T>
R=ishell@chromium.org,bmeurer@chromium.org
TBR=rossberg@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2175233003
Cr-Commit-Position: refs/heads/master@{#38009}
2016-07-25 11:14:34 +00:00
jochen
37ba8f961b Replace SmartArrayPointer<T> with unique_ptr<T[]>
R=bmeurer@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2173403002
Cr-Commit-Position: refs/heads/master@{#38007}
2016-07-25 10:27:47 +00:00
rmcilroy
a474e84181 [Intepreter] Always use BytecodeGraphBuilder when --turbo-from-bytecode
Always use the BytecodeGraphBuilder when the  --turbo-from-bytecode
is enabled, assuming the function should be compiled for Ignition.
Adds a new MaybeOptimizeIgnition function to runtime-profiler
which is called if the function should be optimized from bytecode
rather than going via full-codegen.

BUG=v8:4280

Committed: https://crrev.com/9ca7db914be88e6792a88eab4a1988ee031d70c4
Review-Url: https://codereview.chromium.org/2156753002
Cr-Original-Commit-Position: refs/heads/master@{#37921}
Cr-Commit-Position: refs/heads/master@{#38002}
2016-07-25 09:43:58 +00:00
ivica.bogosavljevic
436b8d551d Skip test-run-load-store/RunUnalignedLoadStoreUnalignedAccess on ARM
Skip test-run-load-store/RunUnalignedLoadStoreUnalignedAccess on ARM until
UnalignedLoad and UnalignedStore operators get implemented

NOTRY=true

Review-Url: https://codereview.chromium.org/2182433002
Cr-Commit-Position: refs/heads/master@{#38001}
2016-07-25 09:37:07 +00:00
machenbach
a4dbaf1c0c [gn] Migrate more custom cflags from gyp to gn
BUG=chromium:474921

Review-Url: https://codereview.chromium.org/2171263002
Cr-Commit-Position: refs/heads/master@{#38000}
2016-07-25 09:33:41 +00:00
adamk
f77d1bfc36 Remove redundant Scope book-keeping
The uses_arguments() bool is not needed for correct
behavior, since that same information is available after scope analysis
based on whether we allocated the Scope::arguments_ var.

BUG=v8:5209

Review-Url: https://codereview.chromium.org/2168293002
Cr-Commit-Position: refs/heads/master@{#37990}
2016-07-22 23:50:53 +00:00
ivica.bogosavljevic
580fdf3c05 Implement UnaligedLoad and UnaligedStore turbofan operators.
Implement UnalignedLoad and UnalignedStore optional
turbofan operators and use them in WasmCompiler for unaligned
memory access.

BUG=

Review-Url: https://codereview.chromium.org/2122853002
Cr-Commit-Position: refs/heads/master@{#37988}
2016-07-22 20:56:24 +00:00
klaasb
220284638e [interpreter] Add a register operand to ToNumber
ToNumber's result is always directly stored to a register using a Star
bytecode. Fuse it into ToNumber.

BUG=v8:4280
LOG=n

Review-Url: https://codereview.chromium.org/2165953002
Cr-Commit-Position: refs/heads/master@{#37976}
2016-07-22 10:26:12 +00:00
bmeurer
ba092fb09a [turbofan] Change Float64Max/Float64Min to JavaScript semantics.
So far we don't have a useful way to inline Math.max or Math.min in
TurboFan optimized code. This adds new operators NumberMax and NumberMin
and changes the Float64Max/Float64Min operators to have JavaScript
semantics instead of the C++ semantics that it had previously.

This also removes support for recognizing the tenary case in the
CommonOperatorReducer, since that doesn't seem to have any positive
impact (and actually doesn't show up in regular JavaScript, where
people use Math.max/Math.min instead).

Drive-by-fix: Also nuke the unused Float32Max/Float32Min operators.

R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2170343002
Cr-Commit-Position: refs/heads/master@{#37971}
2016-07-22 08:25:11 +00:00
jwolfe
3cfd80d6a2 Adjust whitespace to make tests oblivious to --harmony-function-tostring
See discussion in https://codereview.chromium.org/2156303002/#msg8

With the new --harmony-function-tostring behavior, these tests would
fail without this change. This change makes the tests pass regardless
of whether or not --harmony-function-tostring is used.

All of these changes are simply inserting a space after the "function"
keyword to match the current function toString behavior. When
--harmony-function-tostring is enabled, the toString behavior matches
the spacing used in the function declaration. With the declaration
matching the current formatting, the toString behavior becomes
unaffected by --harmony-function-tostring.

BUG=v8:4958
LOG=n

Review-Url: https://codereview.chromium.org/2161413002
Cr-Commit-Position: refs/heads/master@{#37959}
2016-07-22 00:18:41 +00:00
jpp
6f31bc9ce8 [wasm] ASM-2-WASM. Enforces switch default clause appearing last.
BUG= https://bugs.chromium.org/p/chromium/issues/detail?id=628803
BUG= https://bugs.chromium.org/p/v8/issues/detail?id=4203
TEST= cctest/asmjs/test-asm-typer.cc
LOG= N

Review-Url: https://codereview.chromium.org/2172603002
Cr-Commit-Position: refs/heads/master@{#37954}
2016-07-21 19:03:40 +00:00
jpp
d50998c480 V8. ASM-2-WASM. Enforces source code layout.
BUG= https://bugs.chromium.org/p/chromium/issues/detail?id=628450
BUG= https://bugs.chromium.org/p/v8/issues/detail?id=4203
TEST= cctest/asmjs/test-asm-typer.cc
TEST= mjsunit/wasm/*
LOG= N

Review-Url: https://codereview.chromium.org/2164273002
Cr-Commit-Position: refs/heads/master@{#37950}
2016-07-21 15:34:33 +00:00
ishell
8aeb7439c9 [ic] [stubs] Don't use Code::flags in megamorphic stub cache hash computations.
BUG=chromium:618701

Review-Url: https://codereview.chromium.org/2167493003
Cr-Commit-Position: refs/heads/master@{#37946}
2016-07-21 12:58:10 +00:00
titzer
d9eb33582f [wasm] Remove special memory type for (internal) globals and use local type instead.
R=ahaas@chromium.org,rossberg@chromium.org,bradnelson@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2165633006
Cr-Commit-Position: refs/heads/master@{#37945}
2016-07-21 12:35:10 +00:00
verwaest
f04fd635b6 Turn ZoneList inner_scopes into a linked list
Replace the zonelist with a link from a scope to any of its inner scopes, and a link to any sibling scope.
This makes scopes that track inner scopes use roughly the same amount of space as previously scopes without inner scopes would use for the empty zonelist (pointer to the memory + length field, which, granted could be slightly smaller on 64bit).

BUG=v8:5209

Review-Url: https://codereview.chromium.org/2162143005
Cr-Commit-Position: refs/heads/master@{#37941}
2016-07-21 11:25:56 +00:00
titzer
ff0b6d49ce [wasm] Remove the explicit count from WASM_BLOCK and WASM_LOOP macros.
R=ahaas@chromium.org, rossberg@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2170773003
Cr-Commit-Position: refs/heads/master@{#37939}
2016-07-21 11:06:19 +00:00
weiliang.lin
b973a77775 [x64] add Absps/d and Negps/d macro
BUG=

Review-Url: https://codereview.chromium.org/2161513002
Cr-Commit-Position: refs/heads/master@{#37937}
2016-07-21 11:02:42 +00:00
cbruni
4b59bf5313 [fullcodegen] [crankshaft] Avoid jumping to the runtime for ForInFilter
Use the ForInFilterStub directly. Hence we will only jump to the runtime for
special receivers (instance_type <= LAST_SPECIAL_RECEIVER_TYPE) and for
converting element indices which are not in the string cache.

BUG=

Review-Url: https://codereview.chromium.org/2151773002
Cr-Commit-Position: refs/heads/master@{#37934}
2016-07-21 09:34:11 +00:00