The plan is to implement the same idea using vector IC machinery.
Stubs implementations and scopes modifications are left untouched for now.
Review URL: https://codereview.chromium.org/1419823003
Cr-Commit-Position: refs/heads/master@{#31458}
Use a unified NamedAccess operator parameter for both JSLoadNamed and
JSStoreNamed, and similar use PropertyAccess for both JSLoadProperty and
JSStoreProperty.
Review URL: https://codereview.chromium.org/1418993002
Cr-Commit-Position: refs/heads/master@{#31456}
It appears we haven't wired in the 32 float constant passed on the stack.
BUG=v8:4506
LOG=n
Review URL: https://codereview.chromium.org/1407003015
Cr-Commit-Position: refs/heads/master@{#31453}
(With a v8::Vector, the client is responsible for memory management.
I think there can be a situation where the Vector has a char[1] backing
store with '\0' in it, in which case the current code would leak.
If we always Dispose() the backing store this should be avoided.
Since dispose will delete[] the actual backing store, this should
also work then the backing store is nullptr.)
R=jochen@chromium.org
BUG=chromium:525885
LOG=N
Review URL: https://codereview.chromium.org/1410543005
Cr-Commit-Position: refs/heads/master@{#31446}
This change adds new flavors of Visit() methods for obtaining
expression results:
- VisitForAccumulatorValue() which places result in the accumulator.
- VisitForRegisterValue() which places the result in a register.
- VisitForEffect() which evaluates the expression and discards the result.
The targets of these calls place the expression result with
result_scope()->SetResultInRegister() or
result_scope()->SetResultInAccumulator().
By being smarter about result locations, there's less temporary
register usage. However, we now have a hazard with assignments
in binary expressions that didn't exist before. This change detects and
DCHECK's when a hazard is detected. A follow on CL will address this.
There are consequential changes to test-bytecode-generator.cc and
this change also adds new bytecode macros A(x, n) and THIS(n) for
register file entries for arguments and this.
BUG=v8:4280
LOG=NO
Review URL: https://codereview.chromium.org/1392933002
Cr-Commit-Position: refs/heads/master@{#31445}
The newly introduced root makes sure that we do not flush the
optimized code while the function is being compiled.
BUG=v8:4493
LOG=n
Review URL: https://codereview.chromium.org/1415133002
Cr-Commit-Position: refs/heads/master@{#31444}
This reverts commit a31cef44dc.
Original message:
[heap] Divide available memory upon compaction tasks
- Fairly (round-robin) divide available memory upon compaction tasks.
- Ensure an upper limit (of memory) since dividing is O(n) for n free-space
nodes.
- Refill from free lists managed by sweeper once a compaction space becomes
empty.
Assumption for dividing memory: Memory in the free lists is sparse upon starting
compaction (which means that only few nodes are available), except for memory
reducer GCs, which happen in idle time though (so it's less of a problem).
BUG=chromium:524425
LOG=N
Review URL: https://codereview.chromium.org/1421583002
Cr-Commit-Position: refs/heads/master@{#31443}
Set "no recover" in diagnostic mode to keep triggering
crashes. Otherwise, the v8 test driver won't notice tests
as failing.
Also port some common sanitizer cflags to cfi - those can be
removed on the build side afterwards.
BUG=chromium:515782
LOG=n
Review URL: https://codereview.chromium.org/1414763004
Cr-Commit-Position: refs/heads/master@{#31442}
Reason for revert:
Failing again: http://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/2183
Original issue's description:
> Reland of "[heap] Divide available memory upon compaction tasks"
>
> This reverts commit cf71c28f13.
>
> Original message:
>
> [heap] Divide available memory upon compaction tasks
> - Fairly (round-robin) divide available memory upon compaction tasks.
> - Ensure an upper limit (of memory) since dividing is O(n) for n free-space
> nodes.
> - Refill from free lists managed by sweeper once a compaction space becomes
> empty.
>
> Assumption for dividing memory: Memory in the free lists is sparse upon starting
> compaction (which means that only few nodes are available), except for memory
> reducer GCs, which happen in idle time though (so it's less of a problem).
>
> BUG=chromium:524425
> LOG=N
>
> Committed: https://crrev.com/63f42ecb965d04877f45043c1416170b6f79b962
> Cr-Commit-Position: refs/heads/master@{#31436}
TBR=hpayer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:524425
Review URL: https://codereview.chromium.org/1405273003
Cr-Commit-Position: refs/heads/master@{#31439}
This makes sure that initializing assignments of let-declared variables
perform an environment lookup and hence keep the variable alive. This is
needed because full-codegen contains debug code verifying the variable
is still inside the TDZ at the initializing assignment.
R=jarin@chromium.org
TEST=mjsunit/compiler/regress-variable-liveness-let
BUG=v8:4493
LOG=n
Review URL: https://codereview.chromium.org/1420573002
Cr-Commit-Position: refs/heads/master@{#31437}
This reverts commit cf71c28f13.
Original message:
[heap] Divide available memory upon compaction tasks
- Fairly (round-robin) divide available memory upon compaction tasks.
- Ensure an upper limit (of memory) since dividing is O(n) for n free-space
nodes.
- Refill from free lists managed by sweeper once a compaction space becomes
empty.
Assumption for dividing memory: Memory in the free lists is sparse upon starting
compaction (which means that only few nodes are available), except for memory
reducer GCs, which happen in idle time though (so it's less of a problem).
BUG=chromium:524425
LOG=N
Review URL: https://codereview.chromium.org/1415733004
Cr-Commit-Position: refs/heads/master@{#31436}
When eagerly parsing arrow functions, expressions in default
parameter initializers are parsed in the enclosing scope,
rather than in the function's scope (since that scope does not
yet exist). This leads to VariableProxies being added to the
wrong scope, and scope chains for FunctionLiterals being incorrect.
This patch addresses these problems by adding a subclass of
AstExpressionVisitor that moves VariableProxies to the proper
scope and fixes up scope chains of FunctionLiterals.
This is a revert of the revert https://crrev.com/e41614a058426fb6102e4ab2dd4f98997f00c0fc
with a much-improved (though not yet perfect) Scope::ResetOuterScope
method which properly fixes not only the outer_scope_ pointer but also
fixes the inner_scope_ list in the relevant outer_scopes.
More work likely still needs to be done to make this work completely,
but it's very close to correct.
BUG=v8:4395
LOG=y
Review URL: https://codereview.chromium.org/1414283002
Cr-Commit-Position: refs/heads/master@{#31435}
Also clean up the access check, which was doing too much.
This is in preparation of implementing Reflect.getPrototypeOf.
BUG=
Review URL: https://codereview.chromium.org/1402973002
Cr-Commit-Position: refs/heads/master@{#31434}
port d515e5138d30ab5b2a79e4cac99fcc5ca8d8991b(r31211).
contributed by zhengxing.li@intel.com
original commit message:
Previously, name conflicts between var and let declarations were only made into exceptions if they were visible at parse-time. This patch adds runtime checks so that sloppy-mode direct eval can't introduce conflicting var declarations. The change is implemented by traversing the scope chain when a direct eval introduces a var declaration to look for conflicting let declarations, up to the function boundary.
additional comment:
The original r31211 patch needs some additional changes for x87
1. Should use Smi::FromInt(variable->DeclarationPropertyAttributes())
BUG=
Review URL: https://codereview.chromium.org/1420683002
Cr-Commit-Position: refs/heads/master@{#31433}
Revert "Revert of [turbofan] Splinter into one range.
(patchset #2 id:80001 of https://codereview.chromium.org/1391023007/ )"
This reverts commit 23a8837fcc.
Also added a CHECK in Merge to validate that splitting yields a different
range and thus advances the algorithm. Ran stress bots successfully. Likely my earlier change in Splintering addressed the stress test scenario
that was looping infinitely.
BUG=
Review URL: https://codereview.chromium.org/1406983004
Cr-Commit-Position: refs/heads/master@{#31430}
Rolling v8/build/gyp to 3f21260b43401553c37bb28090b65a75577d5b4e
Rolling v8/tools/swarming_client to b64f0423ee66e730b0ceb88de8b9b89a98d7b61a
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review URL: https://codereview.chromium.org/1417863002
Cr-Commit-Position: refs/heads/master@{#31429}
range's internal structure, we take a range at a time and splinter based on
the blocks it covers. This is no different in scenarios where a UseInterval
covers non-deferred then deferred blocks. However, in scenarios where
a deferred block jumps to another one, and there are no other blocks
covered by the range in between, this CL will treat the two such blocks
together, while the previous one would treat them separately. This matters
in cases such as deoptimization blocks preceded (not necessarily
consecutively) by a single instruction (jump) Merging block.
Review URL: https://codereview.chromium.org/1415833002
Cr-Commit-Position: refs/heads/master@{#31422}
It is not always safe to allocate new heap objects in the JSGraph. We
might have to revisit this later once we do the canonicalization for
HeapConstants.
R=jarin@chromium.org
BUG=chromium:545364
LOG=n
Review URL: https://codereview.chromium.org/1413373002
Cr-Commit-Position: refs/heads/master@{#31421}
This reverts commit 24aca87090.
The API makes these values appear to be per-isolate, when in fact
they are per-context. Installing the results of these on Template
objects instantiated in multiple contexts can result in security
violations and contexts being retained indefinitely.
An alternative mechanism for using these in a sensible way is
provided by https://crrev.com/1409593002
BUG=
LOG=N
R=jochen@chromium.org, adamk@chromium.org
Review URL: https://codereview.chromium.org/1415663002
Cr-Commit-Position: refs/heads/master@{#31417}
The problem is that the gc pattern is different, and the list of debug scripts
may have more or less duplicates than before. The solution is to just turn off
--stress-opt for the test.
R=yangguo@chromium.org
BUG=v8:4502
LOG=N
Review URL: https://codereview.chromium.org/1416883002
Cr-Commit-Position: refs/heads/master@{#31415}
For now, only rewire builtins in v8natives.js to call the new runtime functions.
Review URL: https://codereview.chromium.org/1409613004
Cr-Commit-Position: refs/heads/master@{#31413}
Use the simple inline function version of {Min, Max} where possible to
improve performance
Now uses an forced inline js function instead of a python macro
to avoid expressions be evaluated twice
Follow-up to CR: https://codereview.chromium.org/1331993004
Review URL: https://codereview.chromium.org/1410473002
Cr-Commit-Position: refs/heads/master@{#31411}
