Commit Graph

33102 Commits

Author SHA1 Message Date
adamk
83b63c308a Sloppy eval declarations should not shadow lexical function declarations
This was being allowed due to the use of BindingFlags instead of VariableMode
to determine whether a looked-up binding was lexical. Because function
declarations are hoisted, they never need hole checks, and so were being
miscategorized as non-lexical.

This patch augments Context::Lookup with a VariableMode out param, which
allows this check to determine precisely whether the binding is lexical.

BUG=v8:4454, v8:5256

Review-Url: https://codereview.chromium.org/2206483004
Cr-Commit-Position: refs/heads/master@{#38260}
2016-08-02 20:27:38 +00:00
jpp
3fa56f2bb2 [wasm] asm.js. Adds support for clz32 in asm.js.
BUG= https://bugs.chromium.org/p/v8/issues/detail?id=4203

Review-Url: https://codereview.chromium.org/2200213002
Cr-Commit-Position: refs/heads/master@{#38259}
2016-08-02 18:36:52 +00:00
marja
51685002a6 Revert of Put Scopes into temporary Zone (patchset #12 id:220001 of https://codereview.chromium.org/2193793002/ )
Reason for revert:
Broke Node.js tests (test-require-dot etc.)

Original issue's description:
> Put Scopes into temporary Zone
>
> When parsing a eagerly-parsed-but-lazily-compiled function, we
> used to put some of its AST nodes into a discardable Zone. This
> CL puts the function Scope, its inner Scopes and the related AST
> nodes (Declarations, VariableProxys) into the temporary Zone
> too. This reduces peak memory usage and enables future work to
> keep the temporary Zone around for later compilation.
>
> BUG=
>
> Committed: https://crrev.com/eaebdd858b466057ccc39894a172c9b66868e8f7
> Cr-Commit-Position: refs/heads/master@{#38232}

TBR=adamk@chromium.org,titzer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review-Url: https://codereview.chromium.org/2205013002
Cr-Commit-Position: refs/heads/master@{#38258}
2016-08-02 18:16:14 +00:00
machenbach
3eab4e87da [test] Update testing-variant stages
This prepares for adding the ignition_staging variant to the
default variant set.

BUG=v8:5238

Review-Url: https://codereview.chromium.org/2205883002
Cr-Commit-Position: refs/heads/master@{#38257}
2016-08-02 17:25:39 +00:00
adamk
56f9754387 Remove --harmony-exponentiation-operator flag
It's shipped in M52.

R=caitp@igalia.com, littledan@chromium.org

Review-Url: https://codereview.chromium.org/2203843002
Cr-Commit-Position: refs/heads/master@{#38256}
2016-08-02 17:17:35 +00:00
rskang
9a6a56d21f Add args and copy support to V8 tracing controller.
BUG=v8:4561

Review-Url: https://codereview.chromium.org/2190973003
Cr-Commit-Position: refs/heads/master@{#38255}
2016-08-02 17:13:13 +00:00
machenbach
a63b3e51ab [test] Remove deprecated ignition-test-suite alias
This is not referenced anymore by the infrastructure after:
https://codereview.chromium.org/2202113003/

BUG=v8:5238

Review-Url: https://codereview.chromium.org/2203023003
Cr-Commit-Position: refs/heads/master@{#38254}
2016-08-02 16:45:34 +00:00
machenbach
4289c28fb9 [build] Conditionally print to stdout on Android
This adds a gyp/gn variable to control printing to stdout
on Android. This is false by default and true for all
v8 stand-alone android bots.

BUG=chromium:629806

Review-Url: https://codereview.chromium.org/2183063002
Cr-Commit-Position: refs/heads/master@{#38253}
2016-08-02 15:38:04 +00:00
alph
99460bc441 Do not mark prototype transitions as weak container in heap snapshot.
Review-Url: https://codereview.chromium.org/2203573004
Cr-Commit-Position: refs/heads/master@{#38252}
2016-08-02 15:25:12 +00:00
alph
f7249cd9f4 Do not mark dependent_code arrays as weak in heap snapshot.
Review-Url: https://codereview.chromium.org/2197393003
Cr-Commit-Position: refs/heads/master@{#38251}
2016-08-02 15:20:44 +00:00
mstarzinger
a4743baec1 [turbofan] Remove IfExceptionHint from exception projections.
This completely removes translation of exception handler predictions
from the graph IR. We now rely on the runtime using deoptimization
infomation via {FrameSummary} for predictions in optimized code.

R=bmeurer@chromium.org

Review-Url: https://codereview.chromium.org/2207533002
Cr-Commit-Position: refs/heads/master@{#38250}
2016-08-02 14:49:10 +00:00
cbruni
7e51190458 [api] Remove NeanderObject
We no longer need NeanderObject, the only user left was the message listener
machanism which could be replace by direct uses of FixedArrays.

BUG=chromium:630217

Review-Url: https://codereview.chromium.org/2195243003
Cr-Commit-Position: refs/heads/master@{#38249}
2016-08-02 14:41:09 +00:00
machenbach
0e988e4737 [test] Remove some deprecated test-runner variant shortcuts
It should be enough to specify --variants=... with the
desired set of variants. The stress/nostress shortcuts
might get confusing soon, as we intend to move the stress
option out of the developer default set.

BUG=v8:5238

Review-Url: https://codereview.chromium.org/2195373002
Cr-Commit-Position: refs/heads/master@{#38248}
2016-08-02 14:03:50 +00:00
yangguo
1515ddd8f1 [debugger] use handler table on unoptimized code for exception prediction.
R=mstarzinger@chromium.org

Review-Url: https://codereview.chromium.org/2197183002
Cr-Commit-Position: refs/heads/master@{#38247}
2016-08-02 13:47:49 +00:00
epertoso
524abd76b7 [turbofan] Adds speculative operator for bitwise and, or and xor.
BUG=

Review-Url: https://codereview.chromium.org/2201073002
Cr-Commit-Position: refs/heads/master@{#38246}
2016-08-02 13:43:58 +00:00
alph
aba8a8151e Add WeakCell support to heap profiler.
Review-Url: https://codereview.chromium.org/2204873003
Cr-Commit-Position: refs/heads/master@{#38245}
2016-08-02 13:43:57 +00:00
alph
0a920f607f Add Map::weak_cell_cache internal link to heap snapshot.
Review-Url: https://codereview.chromium.org/2204893002
Cr-Commit-Position: refs/heads/master@{#38244}
2016-08-02 13:06:19 +00:00
hpayer
682c4e448e Revert of [heap] Re-enable black allocation when finalizing marking. (patchset #1 id:1 of https://codereview.chromium.org/2202993002/ )
Reason for revert:
Crashes on tree.

Original issue's description:
> [heap] Re-enable black allocation when finalizing marking.
>
> BUG=chromium:630386
> LOG=n
>
> Committed: https://crrev.com/2c75cfd731e11daa649faf2e91cbb84767b11f8e
> Cr-Commit-Position: refs/heads/master@{#38240}

TBR=ulan@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:630386

Review-Url: https://codereview.chromium.org/2204593005
Cr-Commit-Position: refs/heads/master@{#38243}
2016-08-02 12:29:33 +00:00
bmeurer
6bd7bd4bc6 [turbofan] Use CheckMaps in JSGlobalObjectSpecialization.
This is a simple cleanup to use the recently added CheckMaps operator
instead of the hand-crafted map check sequence.

R=epertoso@chromium.org

Review-Url: https://codereview.chromium.org/2199263002
Cr-Commit-Position: refs/heads/master@{#38242}
2016-08-02 12:14:54 +00:00
bmeurer
c9324fe6c5 [turbofan] Fix invalid representation selection for Phis/Selects.
We cannot just blindly make a representation selection for Phi or Select
based on the truncations, but we also need to consider the type of the
inputs (or actually of the Phi/Select node itself). We can only use
Word32 representation based on Word32 truncation if the inputs are
Number or Oddball, same for Float64.

R=epertoso@chromium.org
BUG=v8:5255

Review-Url: https://codereview.chromium.org/2206553002
Cr-Commit-Position: refs/heads/master@{#38241}
2016-08-02 12:11:09 +00:00
hpayer
2c75cfd731 [heap] Re-enable black allocation when finalizing marking.
BUG=chromium:630386
LOG=n

Review-Url: https://codereview.chromium.org/2202993002
Cr-Commit-Position: refs/heads/master@{#38240}
2016-08-02 11:59:42 +00:00
hpayer
db7c4f43cd [heap] MarkCompactCollector::EmptyMarkingDeque never expects filler objects.
BUG=

Review-Url: https://codereview.chromium.org/2205853002
Cr-Commit-Position: refs/heads/master@{#38239}
2016-08-02 11:55:48 +00:00
machenbach
8552e68223 [test] Fix joining FAIL expectations in status files
Without this fix, two rules [PASS, MODIFIER] and [FAIL]
would be joined as [PASS, MODIFIER, FAIL], undermining the
intention of the second rule to mark a test as failing.

BUG=v8:4680,v8:4900

Review-Url: https://codereview.chromium.org/2201033002
Cr-Commit-Position: refs/heads/master@{#38238}
2016-08-02 11:52:03 +00:00
mstarzinger
f4316f1604 [interpreter] Enable test that no longer fails.
R=machenbach@chromium.org

Review-Url: https://codereview.chromium.org/2207503002
Cr-Commit-Position: refs/heads/master@{#38237}
2016-08-02 10:26:10 +00:00
alph
d25e45df73 Deprecate CpuProfileNode::GetCallUid
The client can use scriptId + lineNumber + columnNumber
to uniquelly identify the call site.

Review-Url: https://codereview.chromium.org/2199003003
Cr-Commit-Position: refs/heads/master@{#38236}
2016-08-02 09:45:00 +00:00
bmeurer
66f2d3bd66 [turbofan] Introduce initial support for TypedArrays.
This adds support for lowering keyed access to JSTypedArray objects to
element loads and stores instead of IC calls. There's still a lot of
room for improvement, but the improvements can be done incrementally
later.

We add a dedicated UnsafePointerAdd operator, which sits in the effect
chain, and does the (GC invisible) computation of addresses that are
potentially inside HeapObjects. Also there's now a dedicated Retain
operator, which ensures that we retain a certain tagged value, which is
necessary to ensure that we keep a JSArrayBuffer alive as long as we
might still potentially access elements in its backing store.

R=epertoso@chromium.org

Review-Url: https://codereview.chromium.org/2203693002
Cr-Commit-Position: refs/heads/master@{#38235}
2016-08-02 09:41:01 +00:00
jgruber
8135caef32 Make CallSite constructor inaccessible from JS
This type is not supposed to be constructable by users. Internally, we
use CallSiteUtils::Construct to create CallSite objects; and we simply
map a thrower builtin as the public CallSite constructor.

R=yangguo@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2201823002
Cr-Commit-Position: refs/heads/master@{#38234}
2016-08-02 09:33:38 +00:00
mstarzinger
962fd4ae4b [interpreter] Elide OSR polling from fake loops.
This makes sure we are not inserting {OsrPoll} instructions for any
statements that are not actually loops and have no back edges. Without
back edges the {BytecodeGraphBuilder} is unable to deduce loop ranges
and hence cannot construct a graph for OSR entry.

R=neis@chromium.org
TEST=mjsunit/regress/regress-5252
BUG=v8:5252

Review-Url: https://codereview.chromium.org/2200733002
Cr-Commit-Position: refs/heads/master@{#38233}
2016-08-02 09:16:59 +00:00
marja
eaebdd858b Put Scopes into temporary Zone
When parsing a eagerly-parsed-but-lazily-compiled function, we
used to put some of its AST nodes into a discardable Zone. This
CL puts the function Scope, its inner Scopes and the related AST
nodes (Declarations, VariableProxys) into the temporary Zone
too. This reduces peak memory usage and enables future work to
keep the temporary Zone around for later compilation.

BUG=

Review-Url: https://codereview.chromium.org/2193793002
Cr-Commit-Position: refs/heads/master@{#38232}
2016-08-02 08:08:35 +00:00
bmeurer
a758144329 [turbofan] Fix invalid comparison operator narrowing.
When we narrow a signed32 comparison to uint8 or uint16 representation,
we also need to change the condition to unsigned comparisons otherwise
the comparison will be done on int16/int8 which interprets the narrowed
bits wrong.

R=epertoso@chromium.org
BUG=v8:5254

Review-Url: https://codereview.chromium.org/2202803003
Cr-Commit-Position: refs/heads/master@{#38231}
2016-08-02 07:46:15 +00:00
hpayer
1575072c06 [heap] Give marking functions for incremental marking more precise names.
BUG=

Review-Url: https://codereview.chromium.org/2195313003
Cr-Commit-Position: refs/heads/master@{#38230}
2016-08-02 07:46:14 +00:00
franzih
26c902ec8c [turbofan] Minor refactoring.
Use CodeStubAssembler functions instead of LoadObjectField with
the offset.

BUG=

Review-Url: https://codereview.chromium.org/2198133002
Cr-Commit-Position: refs/heads/master@{#38229}
2016-08-02 07:13:00 +00:00
franzih
4c482bc57e [turbofan] Use assembler->LoadMap().
BUG=

Review-Url: https://codereview.chromium.org/2200713002
Cr-Commit-Position: refs/heads/master@{#38228}
2016-08-02 07:08:58 +00:00
franzih
4602d98ea4 [turbofan] Stub for typeof operator.
Replace hydrogen stub for typeof with TurboFan stub.

BUG=chromium:608675

Review-Url: https://codereview.chromium.org/2195863002
Cr-Commit-Position: refs/heads/master@{#38227}
2016-08-02 07:05:10 +00:00
machenbach
c98f3a98d7 Revert of [builtins] implement Array.prototype.includes in TurboFan (patchset #20 id:380001 of https://codereview.chromium.org/2146293003/ )
Reason for revert:
[Sheriff] Breaks:
https://build.chromium.org/p/client.v8.ports/builders/V8%20Arm%20-%20builder/builds/2592

Original issue's description:
> [builtins] implement Array.prototype.includes in TurboFan
>
> BUG=v8:5162
> R=bmeurer@chromium.org, ishell@chromium.org
>
> Committed: https://crrev.com/a488b5d8eb111a4883dc400bd826d079420edd68
> Cr-Commit-Position: refs/heads/master@{#38223}

TBR=adamk@chromium.org,bmeurer@chromium.org,cbruni@chromium.org,danno@chromium.org,ishell@chromium.org,littledan@chromium.org,caitp@igalia.com
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5162

Review-Url: https://codereview.chromium.org/2202163002
Cr-Commit-Position: refs/heads/master@{#38226}
2016-08-02 06:53:57 +00:00
Michael Achenbach
a9d51f9e97 Whitespace change to test infra change.
Cr-Commit-Position: refs/heads/master@{#38225}
2016-08-02 06:46:24 +00:00
v8-autoroll
994da5d715 Update V8 DEPS.
Rolling v8/build to a3a00fec14304015b590b283ba8ef6227aad4f53

Rolling v8/tools/mb to 65caad70eb36f22f3fcac6daa2f82365c0521657

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://codereview.chromium.org/2199203003
Cr-Commit-Position: refs/heads/master@{#38224}
2016-08-02 03:24:37 +00:00
caitp
a488b5d8eb [builtins] implement Array.prototype.includes in TurboFan
BUG=v8:5162
R=bmeurer@chromium.org, ishell@chromium.org

Review-Url: https://codereview.chromium.org/2146293003
Cr-Commit-Position: refs/heads/master@{#38223}
2016-08-01 22:19:57 +00:00
alph
1fe8207071 [heap profiler] Use internal type links for bound this and target function.
These are internal fields of the JSBoundFunction class.

Review-Url: https://codereview.chromium.org/2193993002
Cr-Commit-Position: refs/heads/master@{#38222}
2016-08-01 22:16:01 +00:00
ahaas
282cdf28ae [wasm] Use a LazyInstance in wasm-linkage.cc to avoid a data race.
The initialization of static variables that were used originally caused
a data race because multiple threads tried to initialize the variables
at the same time. The use of a LazyInstance guarantees that the
variables get initialized exactly once.

The same problem also existed in c-linkage.cc. There I fixed the problem
by using a local variable instead of a static variable.

BUG=v8:5242
R=titzer@chromium.org

Review-Url: https://codereview.chromium.org/2202433003
Cr-Commit-Position: refs/heads/master@{#38221}
2016-08-01 21:06:13 +00:00
hpayer
9005b5845a [heap] Drop filler objects on marking deque.
BUG=

Review-Url: https://codereview.chromium.org/2202633002
Cr-Commit-Position: refs/heads/master@{#38220}
2016-08-01 19:29:18 +00:00
klaasb
5bc2439783 Make FastNewFunctionContextStub take slots parameter
This will enable the interpreter to add a bytecode and use the stub.

BUG=v8:4280
LOG=n

Review-Url: https://codereview.chromium.org/2177273002
Cr-Commit-Position: refs/heads/master@{#38219}
2016-08-01 19:29:17 +00:00
hpayer
c1ea41645b [heap] Add more left and right trimming test cases for black areas.
BUG=

Review-Url: https://codereview.chromium.org/2185383002
Cr-Commit-Position: refs/heads/master@{#38218}
2016-08-01 17:10:31 +00:00
mattloring
292cebc58b Add libplatform deps file
Add deps file allowing libplatform.h to include v8-tracing.h.

Additionally removes redundant include/ that was causing build errors
for node-lkgr.

BUG=

Review-Url: https://codereview.chromium.org/2195403002
Cr-Commit-Position: refs/heads/master@{#38217}
2016-08-01 16:20:54 +00:00
jgruber
df4196db97 CHECK invalid arguments to CallSite constructor
This is a temporary measure to ensure clusterfuzz crashes at two
dedicated sites until the CallSite constructor is made inaccessible from
JS.

R=yangguo@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2196263002
Cr-Commit-Position: refs/heads/master@{#38216}
2016-08-01 15:27:28 +00:00
jgruber
e3d1061454 Remove GetStackTraceLine
BUG=

Review-Url: https://codereview.chromium.org/2194883002
Cr-Commit-Position: refs/heads/master@{#38215}
2016-08-01 15:10:13 +00:00
machenbach
6c1d6c9f81 [test] Add testing variant aliases.
This introduces aliases for testing variants that can be
combined with other variant names. E.g. --variants=dev,foo
would run the three developer default variants and variant
foo.

We'll have three stages: "dev" for variants to be run by
default on developer workstations, "more" for additional
variants, executed on all bots, "extra" for additional
variants executed on a subset of bots (e.g. not on very slow
or otherwise resource-limited bots).

BUG=v8:5238
NOTRY=true

Review-Url: https://codereview.chromium.org/2196223002
Cr-Commit-Position: refs/heads/master@{#38214}
2016-08-01 14:42:24 +00:00
cbruni
9aa4496278 [api] Cleaning up: Replace NeanderArray with FixedArray implementation
BUG=chromium:630217

Review-Url: https://codereview.chromium.org/2196533003
Cr-Commit-Position: refs/heads/master@{#38213}
2016-08-01 14:28:34 +00:00
jgruber
6c53efc7c4 Move FormatStackTrace to C++
BUG=

Review-Url: https://codereview.chromium.org/2191293002
Cr-Commit-Position: refs/heads/master@{#38212}
2016-08-01 14:28:33 +00:00
ulan
ea45a210a6 Fix performance regression of heap snapshot generator that was
introduced in https://crrev.com/72f884a19fa4434bba6fc0e013ec4ea0a2366893

The regression comes from adding the next weak field of AllocationSite
as a hidden reference into the snapshot.

Before 72f884 the reference was implicitly ignored because the body
descriptor of AllocationSite did not include it.

This patch explicitly skip the next weak field of AllocationSite.

BUG=chromium:630027

Review-Url: https://codereview.chromium.org/2189643004
Cr-Commit-Position: refs/heads/master@{#38211}
2016-08-01 13:34:26 +00:00