Commit Graph

30516 Commits

Author SHA1 Message Date
mlippautz
01ca769c58 [heap] Remove dead code from PagedSpace
BUG=

Review URL: https://codereview.chromium.org/1909883002

Cr-Commit-Position: refs/heads/master@{#35774}
2016-04-25 18:18:45 +00:00
ulan
67f3103a26 Reland "Check for semaphore alignment on posix platforms. (patchset #1 id:1 of https://codereview.chromium.org/1912923003/ )"
This patch also fixed three misaligned semaphores.

This reverts commit 80c73e2cde.

BUG=chromium:605349
LOG=NO

Review URL: https://codereview.chromium.org/1917923002

Cr-Commit-Position: refs/heads/master@{#35773}
2016-04-25 18:12:18 +00:00
bjaideep
431ea9a0aa PPC: [Interpreter] Use FastNewSloppyArguments when possible.
Port c005029aa4

Original commit message:

    Use the FastNewSloppyArgumentsStub in the interpreter when function doesn't have
    duplicate parameters.

R=rmcilroy@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1916803002

Cr-Commit-Position: refs/heads/master@{#35772}
2016-04-25 16:45:30 +00:00
bjaideep
ff243a9579 PPC: [turbofan] Introduce TruncateTaggedToWord32 simplified operator.
Port 0231a7efa2

Original commit message:

    This allows us to get rid of the "push TruncateFloat64ToInt32 into Phi"
    trick that was used in the MachineOperatorReducer to combine the
    ChangeTaggedToFloat64 and TruncateFloat64ToInt32 operations. Instead of
    doing that later, we can just introduce the proper operator during the
    representation selection directly.

    Also separate the TruncateFloat64ToInt32 machine operator, which had two
    different meanings depending on a flag (either JavaScript truncation or
    C++ style round to zero). Now there's a TruncateFloat64ToWord32 which
    represents the JavaScript truncation (implemented via TruncateDoubleToI
    macro + code stub) and the RoundFloat64ToInt32, which implements the C++
    round towards zero operation (in the same style as the other WebAssembly
    driven Round* machine operators).

R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com

BUG=
LOG=N

Review URL: https://codereview.chromium.org/1921733003

Cr-Commit-Position: refs/heads/master@{#35771}
2016-04-25 16:29:05 +00:00
verwaest
1678bb557c MigrateInstance(target) before Object.assign(target, ...)
If the target is deprecated, the object will be updated on first store. If the source for that store equals the target, this will invalidate the cached representation of the source. Preventively upgrade the target.

BUG=chromium:604300
LOG=n

Review URL: https://codereview.chromium.org/1905933002

Cr-Commit-Position: refs/heads/master@{#35770}
2016-04-25 15:41:21 +00:00
jochen
7895b396f8 [api] Introduce MicrotasksScope::IsRunningMicrotasks
Returns true while V8 executes microtasks

BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/1920813002

Cr-Commit-Position: refs/heads/master@{#35769}
2016-04-25 15:22:32 +00:00
mlippautz
4e8736da2d [heap] Merge NewSpacePage into Page
BUG=chromium:581412
LOG=N

Review URL: https://codereview.chromium.org/1900423002

Cr-Commit-Position: refs/heads/master@{#35768}
2016-04-25 14:53:45 +00:00
mbrandy
fac7361c83 Fix bit field access for 64-bit big-endian architectures.
Need to use the kBitFieldSlot rather than kBitFieldOffset for
pointer-sized memory accesses.

(Fix for "[Atomics] code stubs for atomic operations")

R=bmeurer@chromium.org, binji@chromium.org, jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1914463003

Cr-Commit-Position: refs/heads/master@{#35767}
2016-04-25 14:06:07 +00:00
mbrandy
3bb5b67204 PPC64: [simulator] Do not sign-extend uint32_t call parameters.
R=bmeurer@chromium.org, titzer@chromium.org, mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1918503002

Cr-Commit-Position: refs/heads/master@{#35766}
2016-04-25 14:03:58 +00:00
mbrandy
36091039b3 Fix cctest/test-run-load-store for big-endian architectures.
R=bmeurer@chromium.org, titzer@chromium.org, ahaas@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1908253007

Cr-Commit-Position: refs/heads/master@{#35765}
2016-04-25 14:01:29 +00:00
yangguo
6f67d171f1 [regexp] Fix non-match and max match length in RegExpCharacterClass.
R=mstarzinger@chromium.org
BUG=chromium:605862
LOG=N

Review URL: https://codereview.chromium.org/1916763002

Cr-Commit-Position: refs/heads/master@{#35764}
2016-04-25 13:32:14 +00:00
neis
dd5ccc8a77 Remove obsolete code from v8natives.
R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1918783002

Cr-Commit-Position: refs/heads/master@{#35763}
2016-04-25 13:05:42 +00:00
bmeurer
dcf178fb29 [turbofan] Move ChangeTaggedToFoo lowerings to EffectControlLinearizer.
These also lower to subgraphs that have to be connected to the effect
and control chains, otherwise removing the atomic regions around heap
allocations would still be unsound.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1916763003

Cr-Commit-Position: refs/heads/master@{#35762}
2016-04-25 12:41:17 +00:00
neis
0ff89ea75b Migrate Object.definePropert{ies,y} from v8natives to builtins.
R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1919763002

Cr-Commit-Position: refs/heads/master@{#35761}
2016-04-25 12:24:48 +00:00
machenbach
cb855fe728 [build] Prepare moving v8.gyp to src/
This will allow to pull in gyp as a deps to the same location
as chromium (tools/gyp not build/gyp), needed for gn switch.

This is the first step of a 3-way move.
1) Copy v8.gyp in v8
2) Update references in embedders (follow up)
3) Remove old v8.gyp (follow up)

BUG=chromium:474921
LOG=n
NOTRY=true

Review URL: https://codereview.chromium.org/1920793002

Cr-Commit-Position: refs/heads/master@{#35760}
2016-04-25 12:20:24 +00:00
neis
17024be077 Migrate Object.getPrototypeOf from v8natives to builtins.
More v8natives cleanup to come...

R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1922453002

Cr-Commit-Position: refs/heads/master@{#35759}
2016-04-25 11:45:40 +00:00
yangguo
3c7391093b [debugger] fix mjsunit/regress/regress-crbug-119800 for ignition.
R=vogelheim@chromium.org
BUG=v8:4690
LOG=N

Review URL: https://codereview.chromium.org/1907293002

Cr-Commit-Position: refs/heads/master@{#35758}
2016-04-25 11:37:12 +00:00
mstarzinger
3fc0224cfc [compiler] Add baseline tier to compilation pipeline.
This adds a baseline tier to the compilation pipeline. Currently this
tier is used to model a path from the interpreter to optimized code via
full-codegen code (to ensure sufficient type feedback). Switching from
the unoptimized tier to the baseline tier is limited to happen only when
there are no activations of the given function on the stack.

R=rmcilroy@chromium.org,bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1903273004

Cr-Commit-Position: refs/heads/master@{#35757}
2016-04-25 10:48:34 +00:00
jarin
692eec3969 [turbofan] Remove obsolete parts of change lowering.
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1917753002

Cr-Commit-Position: refs/heads/master@{#35756}
2016-04-25 09:27:18 +00:00
hablich
80c73e2cde Revert of Check for semaphore alignment on posix platforms. (patchset #1 id:1 of https://codereview.chromium.org/1912923003/ )
Reason for revert:
blocks rolling. See https://bugs.chromium.org/p/chromium/issues/detail?id=605349 for more information.

This CL only triggers the problem earlier but is not the culprit.

The real bug is under investigation by the GC team.

Original issue's description:
> Check for semaphore alignment on posix platforms.
>
> BUG=chromium:605349
> LOG=NO
>
> Committed: https://crrev.com/8d24472acfaf7e67ca20106cb1f405fc0590c849
> Cr-Commit-Position: refs/heads/master@{#35717}

TBR=mlippautz@chromium.org,ulan@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=chromium:605349
LOG=N

Review URL: https://codereview.chromium.org/1921533002

Cr-Commit-Position: refs/heads/master@{#35755}
2016-04-25 09:25:07 +00:00
rmcilroy
c005029aa4 [Interpreter] Use FastNewSloppyArguments when possible.
Use the FastNewSloppyArgumentsStub in the interpreter when function doesn't have
duplicate parameters.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1909903003

Cr-Commit-Position: refs/heads/master@{#35754}
2016-04-25 09:25:06 +00:00
bmeurer
d1fb8384e0 [turbofan] Introduce Oddball::to_number_raw and use it for change lowering.
The Oddball::to_number_raw field contains the actual double value of the
Oddball converted to a number, and is located at the same offset as the
HeapNumber::value field, so for lowering changes we don't need to check
for undefined (or any other oddball explicitly).

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1922443002

Cr-Commit-Position: refs/heads/master@{#35753}
2016-04-25 09:18:37 +00:00
baptiste.afsa
2bc6070777 [turbofan] Refined cost model for instruction scheduling on arm64.
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1905883003

Cr-Commit-Position: refs/heads/master@{#35752}
2016-04-25 08:23:11 +00:00
baptiste.afsa
63a344ab43 [turbofan] Track floating-point registers live at function entry in instruction scheduler.
This patch make sure that the nop instructions used to mark floating-point
arguments live range begin will not be moved by the scheduler.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1896933004

Cr-Commit-Position: refs/heads/master@{#35751}
2016-04-25 08:12:31 +00:00
yangguo
098ff93558 [debugger] make step positions for for-of compatible with interpreter.
R=mstarzinger@chromium.org, rossberg@chromium.org
BUG=v8:4690
LOG=N

Review URL: https://codereview.chromium.org/1906653004

Cr-Commit-Position: refs/heads/master@{#35750}
2016-04-25 06:53:41 +00:00
jarin
9ebc1ed68c [turbofan] Run effect linearizer even for asm functions.
Review URL: https://codereview.chromium.org/1914943002

Cr-Commit-Position: refs/heads/master@{#35749}
2016-04-25 06:51:32 +00:00
bmeurer
256eeed5c3 [turbofan] Properly wire ObjectIs<Type> diamonds.
The ObjectIs<Type> predicates compile down to diamonds (in the general
case), and those should be connected properly to the control and effect
chain in the linearization pass.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1912743002

Cr-Commit-Position: refs/heads/master@{#35748}
2016-04-25 06:14:40 +00:00
jarin
9cae24b8cc [turbofan] Wire in floating control during effect linearization phase.
Review URL: https://codereview.chromium.org/1921483002

Cr-Commit-Position: refs/heads/master@{#35747}
2016-04-25 04:29:23 +00:00
v8-autoroll
fed8f3a55b Update V8 DEPS.
Rolling v8/tools/clang to db76f9f1d1ed7f4c4db1bf10f530506614375db3

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review URL: https://codereview.chromium.org/1912413002

Cr-Commit-Position: refs/heads/master@{#35746}
2016-04-25 03:16:22 +00:00
zhengxing.li
c631277411 X87: [turbofan] Introduce TruncateTaggedToWord32 simplified operator.
port 0231a7efa2 (r35743)

  original commit message:
  This allows us to get rid of the "push TruncateFloat64ToInt32 into Phi"
  trick that was used in the MachineOperatorReducer to combine the
  ChangeTaggedToFloat64 and TruncateFloat64ToInt32 operations. Instead of
  doing that later, we can just introduce the proper operator during the
  representation selection directly.

  Also separate the TruncateFloat64ToInt32 machine operator, which had two
  different meanings depending on a flag (either JavaScript truncation or
  C++ style round to zero). Now there's a TruncateFloat64ToWord32 which
  represents the JavaScript truncation (implemented via TruncateDoubleToI
  macro + code stub) and the RoundFloat64ToInt32, which implements the C++
  round towards zero operation (in the same style as the other WebAssembly
  driven Round* machine operators).

BUG=

Review URL: https://codereview.chromium.org/1912403002

Cr-Commit-Position: refs/heads/master@{#35745}
2016-04-25 02:50:02 +00:00
zhengxing.li
eb921c8a58 X87: [interpreter] Heal closures when bytecode array is gone.
port 5c8609de9d (r35724)

  original commit message:
  This ensures the InterpreterEntryTrampoline heals code entry fields
  inside closures when being called without a valid bytecode array. This
  is preparatory work to allow removal of bytecode when switching some
  functions to other types of code.

BUG=

Review URL: https://codereview.chromium.org/1920713002

Cr-Commit-Position: refs/heads/master@{#35744}
2016-04-25 02:43:42 +00:00
bmeurer
0231a7efa2 [turbofan] Introduce TruncateTaggedToWord32 simplified operator.
This allows us to get rid of the "push TruncateFloat64ToInt32 into Phi"
trick that was used in the MachineOperatorReducer to combine the
ChangeTaggedToFloat64 and TruncateFloat64ToInt32 operations. Instead of
doing that later, we can just introduce the proper operator during the
representation selection directly.

Also separate the TruncateFloat64ToInt32 machine operator, which had two
different meanings depending on a flag (either JavaScript truncation or
C++ style round to zero). Now there's a TruncateFloat64ToWord32 which
represents the JavaScript truncation (implemented via TruncateDoubleToI
macro + code stub) and the RoundFloat64ToInt32, which implements the C++
round towards zero operation (in the same style as the other WebAssembly
driven Round* machine operators).

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1919513002

Cr-Commit-Position: refs/heads/master@{#35743}
2016-04-24 11:41:20 +00:00
mtrofin
5ae587cfb3 [turbofan] Single entry into deferred
If a deferred block has multiple predecessors, they have to be
all deferred. Otherwise, we can run into a situation where if a range
that spills only in deferred blocks inserts its spill in the block, and
other ranges need moves inserted by ResolveControlFlow in the predecessors,
the register of the range spilled in the deferred block may be clobbered.

To avoid that, when a deferred block has multiple predecessors, and some
are not deferred, we add a non-deferred block to collect all such edges.

This CL addresses the validator assertion failure the referenced issue, as well
as the greedy allocator failure - which was caused by the situation described
above.

BUG=v8:4940
LOG=n

Review URL: https://codereview.chromium.org/1912093005

Cr-Commit-Position: refs/heads/master@{#35742}
2016-04-23 16:58:10 +00:00
mbrandy
b0530dc96b Fix hash field access for 64-bit big-endian architectures.
Need to use the kHashFieldSlot rather than kHashFieldOffset for
pointer-sized memory accesses.

(Fix for "[builtins] Migrate String.prototype.charCodeAt and String.prototype.charAt to TurboFan.")

R=bmeurer@chromium.org, epertoso@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1907393002

Cr-Commit-Position: refs/heads/master@{#35741}
2016-04-22 18:42:08 +00:00
Adam Klein
f6c09c893a Remove non-existent object-observe test from mjsunit.status
TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1907423002 .

Cr-Commit-Position: refs/heads/master@{#35740}
2016-04-22 18:31:44 +00:00
bjaideep
6d9c4c8663 PPC: [interpreter] Heal closures when bytecode array is gone.
Port 5c8609de9d

Original commit message:

    This ensures the InterpreterEntryTrampoline heals code entry fields
    inside closures when being called without a valid bytecode array. This
    is preparatory work to allow removal of bytecode when switching some
    functions to other types of code.

R=mstarzinger@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1913173002

Cr-Commit-Position: refs/heads/master@{#35739}
2016-04-22 17:57:26 +00:00
jarin
316d506297 [turbofan] Only connect the exception edge in to-number conversion.
Review URL: https://codereview.chromium.org/1914493002

Cr-Commit-Position: refs/heads/master@{#35738}
2016-04-22 17:57:25 +00:00
mbrandy
d0f414dbe6 Reland "Fix interpreter unittest for embedded constant pools."
The offset from fp to the register file is based on the frame size
-- which is one slot larger when embedded constant pools are enabled.

TEST=unittests/DecodeBytecodeAndOperands
TBR=rmcilroy@chromium.org, bmeurer@chromium.org, oth@chromium.org, mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1906963002

Cr-Commit-Position: refs/heads/master@{#35735}

Review URL: https://codereview.chromium.org/1909283003

Cr-Commit-Position: refs/heads/master@{#35737}
2016-04-22 15:32:22 +00:00
mbrandy
2a113b8e2e Revert of Fix interpreter unittest for embedded constant pools. (patchset #2 id:20001 of https://codereview.chromium.org/1906963002/ )
Reason for revert:
Need to fix the #undef logic.

Original issue's description:
> Fix interpreter unittest for embedded constant pools.
>
> The offset from fp to the register file is based on the frame size
> -- which is one slot larger when embedded constant pools are enabled.
>
> TEST=unittests/DecodeBytecodeAndOperands
> R=rmcilroy@chromium.org, bmeurer@chromium.org, oth@chromium.org, mstarzinger@chromium.org
> BUG=

TBR=bmeurer@chromium.org,mstarzinger@chromium.org,oth@chromium.org,rmcilroy@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1909323003

Cr-Commit-Position: refs/heads/master@{#35736}
2016-04-22 15:04:50 +00:00
mbrandy
074320ac2d Fix interpreter unittest for embedded constant pools.
The offset from fp to the register file is based on the frame size
-- which is one slot larger when embedded constant pools are enabled.

TEST=unittests/DecodeBytecodeAndOperands
R=rmcilroy@chromium.org, bmeurer@chromium.org, oth@chromium.org, mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1906963002

Cr-Commit-Position: refs/heads/master@{#35735}
2016-04-22 14:50:02 +00:00
rossberg
f8f551ae9a Stage harmony-for-in
TBR=hablich@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1915453002

Cr-Commit-Position: refs/heads/master@{#35734}
2016-04-22 14:07:11 +00:00
mbrandy
e7d521fb5f PPC64: [turbofan] Word32 loads should be unsigned.
TEST=cctest/test-run-load-store/*
R=joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, bjaideep@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1910123002

Cr-Commit-Position: refs/heads/master@{#35733}
2016-04-22 14:05:04 +00:00
mstarzinger
8e03bdefc0 [turbofan] Allocate SourcePositionTable inside a Zone.
This also removes the destructor of the class in question, which removed
any added decorator from the graph. However the adding of the decorator
happens explicitly, so symmetry suggests that removal should also happen
explicitly instead of implicitly in the destructor.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1914473002

Cr-Commit-Position: refs/heads/master@{#35732}
2016-04-22 13:58:48 +00:00
epertoso
339000bf3b [turbofan] Add the Verifier to the pipeline for code stubs.
Removes some control edges added from the RawMachineAssembler to the end of the graph.
Adds a parameter that tells the Verifier to ignore effect and control inputs.

Review URL: https://codereview.chromium.org/1912853003

Cr-Commit-Position: refs/heads/master@{#35731}
2016-04-22 13:56:36 +00:00
mike
b86ec74395 [modules] Infer strict mode from within scope object
Refactor the Scope object to automatically enable strict mode when
initialized as a "module" scope, relieving the caller of this
responsibility.

BUG=v8:4941
LOG=N
R=adamk@chromium.org

Review URL: https://codereview.chromium.org/1906923002

Cr-Commit-Position: refs/heads/master@{#35730}
2016-04-22 13:38:15 +00:00
yangguo
4b580cad0c [debugger,interpreter] fix source position of compare operation.
R=mstarzinger@chromium.org
BUG=v8:4690
LOG=N

Review URL: https://codereview.chromium.org/1903223003

Cr-Commit-Position: refs/heads/master@{#35729}
2016-04-22 13:11:48 +00:00
jarin
fcbe95c8dc Introduce approximate mode for StandardFrame::Summarize.
The approximate mode enables taking an approximate stack trace from GC,
where the top frames might be missing if inlined. Note that in that case,
the frame summary will refer to optimized code, so it will not be possible
to take source position. (The user of the summary will have to handle the
case frame_summary.abstract_code()->kind() == AbstractCode::OPTIMIZED_CODE
specially.)

Review URL: https://codereview.chromium.org/1907443002

Cr-Commit-Position: refs/heads/master@{#35728}
2016-04-22 12:39:00 +00:00
bmeurer
530cf26bb2 [turbofan] Don't run SimplifiedOperatorReducer in late optimization.
There's no point in running the SimplifiedOperatorReducer also during
the late optimization pass, as it will not do any useful work at that
point.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1909363002

Cr-Commit-Position: refs/heads/master@{#35727}
2016-04-22 12:16:46 +00:00
rossberg
9ce87d6772 Add flag for disallowing for-in initializers
This does not affect use counters.

R=nikolaos@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1911963003

Cr-Commit-Position: refs/heads/master@{#35726}
2016-04-22 12:04:15 +00:00
jochen
0714485cbb Revert of [GN] Define USE_EABI_HARDFLOAT=1 when arm_float_abi=="hard". (patchset #1 id:1 of https://codereview.chromium.org/1839763003/ )
Reason for revert:
Appears to break Android crbug.com/604422

Original issue's description:
> [GN] Define USE_EABI_HARDFLOAT=1 when arm_float_abi=="hard".
>
> Add this define to the config used for mksnapshot. This fixes a bug
> where certain applications would fail at runtime on Chromecast.
>
> BUG=592660
> LOG=Y
> Bug: internal b/27495984
>
> Test: Formerly broken Cast apps load and run as expected.
>
> Committed: https://crrev.com/86357d5235ceba61c151f0b6e509bcb365860454
> Cr-Commit-Position: refs/heads/master@{#35183}

TBR=dpranke@chromium.org,alokp@chromium.org,titzer@chromium.org,slan@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=592660,604422
LOG=n

Review URL: https://codereview.chromium.org/1906373002

Cr-Commit-Position: refs/heads/master@{#35725}
2016-04-22 11:19:49 +00:00