Commit Graph

33787 Commits

Author SHA1 Message Date
lpy
252b84b0ed [Tracing] Fix runtime call stats tracing for GC.
This patch adds runtime call stats tracing for GC correctly, makes
--runtime-call-stats and tracing mutually exclusive with tracing taking
precedence if both modes are on, and uses only one runtime call stats in
counter.

BUG=v8:5089

Review-Url: https://codereview.chromium.org/2313193002
Cr-Commit-Position: refs/heads/master@{#39295}
2016-09-08 18:57:23 +00:00
adamk
e4273007b6 Properly handle holes following spreads in array literals
Before this change, the spread desugaring would naively call
`%AppendElement($R, the_hole)` and in some cases $R would have
a non-holey elements kind, putting the array into the bad state
of exposing holes to author code.

This patch avoids calling %AppendElement with a hole, instead
simply incrementing $R.length when it sees a hole in the literal
(this is safe because $R is known to be an Array). The existing
logic for elements transitions takes care of giving the array a
holey ElementsKind.

BUG=chromium:644215

Review-Url: https://codereview.chromium.org/2321533003
Cr-Commit-Position: refs/heads/master@{#39294}
2016-09-08 18:50:41 +00:00
cbruni
cd86053fac [printing] Fix DCHECK failure when printing FAST_HOLEY_DOUBLE_ELEMENTS
This CL fixes %DebugPrint for FAST_HOLEY_DOUBLE_ELEMENTS and now properly
distinguishes TheHole and NaN values.

BUG=

Review-Url: https://codereview.chromium.org/2294913004
Cr-Commit-Position: refs/heads/master@{#39293}
2016-09-08 18:31:42 +00:00
cbruni
6faf6c1545 Revert of [runtime] temporarily transform IsContext check from DHECK to CHECK (patchset #2 id:20001 of https://codereview.chromium.org/2164633002/ )
Reason for revert:
There have been no more occurrences of this on dev / beta so we can convert the CHECK back to DCHECK.

Original issue's description:
> [runtime] temporarily transform IsContext check from DCHECK to CHECK
>
> We are enabling this trial on canary to see if we can flush out some missing
> context restores.
>
> BUG=
>
> Committed: https://crrev.com/ec94ad400dc257af396efa3b1899bc3168347d82
> Cr-Commit-Position: refs/heads/master@{#37875}

TBR=jkummerow@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=

Review-Url: https://codereview.chromium.org/2303543003
Cr-Commit-Position: refs/heads/master@{#39292}
2016-09-08 18:28:22 +00:00
caitp
646f1f0a4a [JSON] call replacer function with correct holder in JSON.stringify
BUG=v8:5363
R=adamk@chromium.org, littledan@chromium.org, cbruni@chromium.org

Review-Url: https://codereview.chromium.org/2328523002
Cr-Commit-Position: refs/heads/master@{#39291}
2016-09-08 17:57:56 +00:00
epertoso
f94f2ae20e [turbofan] Introduces another DCHECK in the register allocator.
The previous DCHECK (removed in issue 2316033002) was checking that the new interval strictly overlapped with the first interval.

BUG=

Review-Url: https://codereview.chromium.org/2321113002
Cr-Commit-Position: refs/heads/master@{#39290}
2016-09-08 17:19:43 +00:00
ishell
aec5a80bb7 [stubs] CSA::CopyFixedArrayElements() is now able to convert elements' kind while copying.
Drive-by-fix: the old code never triggered write barrier.
Review-Url: https://codereview.chromium.org/2321993002
Cr-Commit-Position: refs/heads/master@{#39289}
2016-09-08 17:17:35 +00:00
aseemgarg
7b3875d107 [wasm] fix Simd ExtractLane to take immediate instead of param
BUG=v8:4124
TEST:test-run-wasm-simd
R=titzer@chromium.org,bradnelson@chromium.org,gdeepti@chromium.org

Review-Url: https://codereview.chromium.org/2300753005
Cr-Commit-Position: refs/heads/master@{#39288}
2016-09-08 17:16:03 +00:00
ofrobots
20d427a1e2 Revert of Use -fno-delete-null-pointer-checks with gcc builds (patchset #2 id:20001 of https://codereview.chromium.org/2310513002/ )
Reason for revert:
Fails on MIPS: https://build.chromium.org/p/client.v8.ports/builders/V8%20Mips%20-%20builder/builds/3653

Original issue's description:
> Use -fno-delete-null-pointer-checks with gcc builds
>
> R=bmeurer@chromium.org, jochen@chromium.org, machenbach@chromium.org
> BUG=v8:3782
>
> Committed: https://crrev.com/dbefc8ee2e9ee6e41b83f3d09c788c34bc923b43
> Cr-Commit-Position: refs/heads/master@{#39286}

TBR=jochen@chromium.org,bmeurer@chromium.org,machenbach@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3782

Review-Url: https://codereview.chromium.org/2328563002
Cr-Commit-Position: refs/heads/master@{#39287}
2016-09-08 15:56:24 +00:00
ofrobots
dbefc8ee2e Use -fno-delete-null-pointer-checks with gcc builds
R=bmeurer@chromium.org, jochen@chromium.org, machenbach@chromium.org
BUG=v8:3782

Review-Url: https://codereview.chromium.org/2310513002
Cr-Commit-Position: refs/heads/master@{#39286}
2016-09-08 15:49:58 +00:00
machenbach
c90964616e [gn] Switch linux gc stress trybot to gn
Fell through the cracks in a recent CL. Should have switched
with the CI bot, which is on GN already.

BUG=chromium:474921
NOTRY=true

Review-Url: https://codereview.chromium.org/2328533002
Cr-Commit-Position: refs/heads/master@{#39285}
2016-09-08 15:48:23 +00:00
mlippautz
5c3b6ca8d9 [heap] Fix debug check in ShrinkToHighWaterMark
BUG=
R=ulan@chromium.org

Review-Url: https://codereview.chromium.org/2328503002
Cr-Commit-Position: refs/heads/master@{#39284}
2016-09-08 15:06:19 +00:00
mythria
9a31162d9d [Interpreter] Collect allocation site feedback in call bytecode handler.
Adds support to collect allocation site feedback for Array function calls
to the call bytecode handler.

BUG=v8:4280, v8:4780
LOG=N

Review-Url: https://codereview.chromium.org/2307903002
Cr-Commit-Position: refs/heads/master@{#39283}
2016-09-08 14:50:09 +00:00
ahaas
853892a516 [wasm] Do not produce code for br_if if its condition does not validate.
I could not reproduce the bug in either a unittest nor a cctest. That's
why I created an mjsunit test now.

BUG=chromium:644682
R=titzer@chromium.org

Review-Url: https://codereview.chromium.org/2319213003
Cr-Commit-Position: refs/heads/master@{#39282}
2016-09-08 14:41:04 +00:00
machenbach
9142671847 [gn] Switch mac asan to gn
BUG=chromium:644643
NOTRY=true

Review-Url: https://codereview.chromium.org/2319583002
Cr-Commit-Position: refs/heads/master@{#39281}
2016-09-08 13:12:11 +00:00
ishell
ff06760b40 [stubs] CSA::LoadFixedDoubleArrayElement() is now able to do a hole check.
Review-Url: https://codereview.chromium.org/2321543003
Cr-Commit-Position: refs/heads/master@{#39280}
2016-09-08 13:03:03 +00:00
franzih
b0a7738a5f [api] Add interceptor for getOwnPropertyDescriptor().
The existing PropertyQueryCallback intercepts getOwnPropertyDescriptor, but
it returns only value and attributes, not the accessors. This
PropertyDescriptorCallback returns a descriptor similar to Ecma-262 6.2.4.

You can either set a PropertyQueryCallback or a PropertyDescriptorCallback,
but not both. When you set a callback for DefineProperty(), you can set a
PropertyDescriptorCallback but not a PropertyQueryCallback.

BUG=v8:5359

Review-Url: https://codereview.chromium.org/2311873002
Cr-Commit-Position: refs/heads/master@{#39279}
2016-09-08 12:51:49 +00:00
ulan
212624b757 [heap] Fix a formatting bug in --trace-incremental-marking.
BUG=

Review-Url: https://codereview.chromium.org/2324623004
Cr-Commit-Position: refs/heads/master@{#39278}
2016-09-08 12:36:34 +00:00
mstarzinger
9d6872cdf1 [deoptimizer] Materialize JSFunction objects without context.
This fixes the materialization of JSFunction objects to not rely on a
context being available. The context has been cleared because it might
be de-materiallized itself.

R=bmeurer@chromium.org
TEST=mjsunit/compiler/escape-analysis-materialize
BUG=chromium:644245

Review-Url: https://codereview.chromium.org/2320983002
Cr-Commit-Position: refs/heads/master@{#39277}
2016-09-08 12:15:50 +00:00
ishell
4ef7e3e7c7 [stubs] Fixing loads/stores from arrays by int32 offsets/indices. Step 3.
Review-Url: https://codereview.chromium.org/2319243002
Cr-Commit-Position: refs/heads/master@{#39276}
2016-09-08 11:59:42 +00:00
rodolph.perfetta
eea147fc2c [ARM] Fix arm assembler test 4.
The test was using some callee saved registers but tests don't save those.

BUG=v8:5354

Review-Url: https://codereview.chromium.org/2322923002
Cr-Commit-Position: refs/heads/master@{#39275}
2016-09-08 11:51:14 +00:00
mstarzinger
517a54286d [deoptimizer] Materialize JSArray objects without context.
This fixes the materialization of JSArray objects to not rely on a
context being available. The context has been cleared because it might
be de-materiallized itself.

R=bmeurer@chromium.org
BUG=chromium:644245

Review-Url: https://codereview.chromium.org/2323713002
Cr-Commit-Position: refs/heads/master@{#39274}
2016-09-08 11:38:03 +00:00
mlippautz
fdab63f56e [heap] Fixes for heap testing
BUG=chromium:636331
R=ulan@chromium.org

Review-Url: https://codereview.chromium.org/2319683002
Cr-Commit-Position: refs/heads/master@{#39273}
2016-09-08 11:21:19 +00:00
nikolaos
6874978c06 [parser] Refactor of Parse*Statement*, part 3
This patch moves the following parsing methods to ParserBase:

- ParseScopedStatement
- ParseVariableStatement
- ParseDebuggerStatement
- ParseV8Intrinsic

It also cleans up the implementation-specific use counter mechanism.

R=adamk@chromium.org, marja@chromium.org
BUG=
LOG=N

Review-Url: https://codereview.chromium.org/2318263002
Cr-Commit-Position: refs/heads/master@{#39272}
2016-09-08 11:04:24 +00:00
ishell
8295368697 [stubs] Fixing loads/stores from arrays by int32 offsets/indices. Step 2.
Review-Url: https://codereview.chromium.org/2319173002
Cr-Commit-Position: refs/heads/master@{#39271}
2016-09-08 10:57:10 +00:00
mstarzinger
9984d6f689 [deoptimizer] Support materialization of ContextExtension.
This adds support to the deoptimizer to materialize ContextExtension
objects that have been de-materialized by escape analysis. This is
follow-up to the inline allocation of such objects during the create
lowering phase (i.e. JSCreateWithContext and JSCreateCatchContext).

R=bmeurer@chromium.org
TEST=mjsunit/regress/regress-crbug-644245
BUG=chromium:644245

Review-Url: https://codereview.chromium.org/2317353003
Cr-Commit-Position: refs/heads/master@{#39270}
2016-09-08 10:33:20 +00:00
machenbach
45fe9019bf [gn] Switch android bots to gn
Also roll build and android_tools, which contains a bump of
the ndk to r12b.

BUG=chromium:629806

Review-Url: https://codereview.chromium.org/2320843003
Cr-Commit-Position: refs/heads/master@{#39269}
2016-09-08 10:31:10 +00:00
ishell
7dd7d9257b [stubs] Introduce CSA::OptimalParameterMode(), TagParameter() and UntagParameter().
Delete unused CSA::AllocateUninitializedFixedArray() which also does not
respect ParameterMode concept.

Review-Url: https://codereview.chromium.org/2321643002
Cr-Commit-Position: refs/heads/master@{#39268}
2016-09-08 10:04:45 +00:00
mstarzinger
96164b74f1 [deoptimizer] Clear context before NotifyDeoptimized.
This clears the context register by setting it to Smi(0) before calling
the Runtime::kNotifyDeoptimized helper. The deoptimizer must be able to
materialize all heap objects without any context available. The context
itself might be dematerialized.

With this change we make sure that invariant is maintained even without
escape analysis kicking in. We also satisfy the check that the context
register is either Smi(0) or a valid context. It might have been the
special {arguments_marker} in this particular case.

R=bmeurer@chromium.org
BUG=chromium:644245

Review-Url: https://codereview.chromium.org/2320673002
Cr-Commit-Position: refs/heads/master@{#39267}
2016-09-08 09:52:07 +00:00
bmeurer
4ed27fc836 [turbofan] Ensure that all prototypes are stable for push/pop.
When lowering Array.prototype.push/.pop to the fast inlined version, we
first need to ensure that all prototypes (including the Object.prototype)
are stable.

R=mvstanton@chromium.org
BUG=chromium:644689

Review-Url: https://codereview.chromium.org/2319533005
Cr-Commit-Position: refs/heads/master@{#39266}
2016-09-08 08:48:32 +00:00
marija.antic
0ef20b51b2 MIPS: Fix compilation failure for GCC5
BUG=

Review-Url: https://codereview.chromium.org/2304133002
Cr-Commit-Position: refs/heads/master@{#39265}
2016-09-08 07:51:51 +00:00
martyn.capewell
c0637c1f23 Reland of [turbofan] ARM: Implement vswp and use in gap resolver
Reason for revert:
Breaks g++ build.

Original issue's description:
> [turbofan] ARM: Implement vswp and use in gap resolver
>
> Use vswp to switch double-precision registers in the gap resolver, with fall
> back temp register-based code if NEON is not available.
>
> BUG=
>
> Committed: https://crrev.com/2837c2e65a2ee5b9fc610f30ce1215f52323ecbd
> Cr-Commit-Position: refs/heads/master@{#39209}

BUG=

Review-Url: https://codereview.chromium.org/2314043002
Cr-Commit-Position: refs/heads/master@{#39264}
2016-09-08 07:12:17 +00:00
landell
26c5b8fa1e uclibc now has support for backtrace and demangle functions
BUG=

Review-Url: https://codereview.chromium.org/2292973002
Cr-Commit-Position: refs/heads/master@{#39263}
2016-09-08 06:54:45 +00:00
bmeurer
91ed540ee6 [turbofan] Revert "Avoid overflow checks on SpeculativeNumberAdd/Subtract/Multiply."
The optimization is not correct for unsigned output types, and we the
overall complexity seems too high. We need to find a better way to
take into account the input/output type restrictions.

Also added a regression test for the unsigned output bug.

BUG=v8:5267,v8:5270,v8:5357
TBR=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2320013002
Cr-Commit-Position: refs/heads/master@{#39262}
2016-09-08 04:20:31 +00:00
jarin
b4f8a7c900 [turbofan] Ensure monotonicity for induction variable typing.
The trouble here is that the type of the induction variable might be
a bit ahead of the increment (JSAdd) operation's type. When we update
the type of the increment, we might only update the induction variable
type while the JSAdd type might be stale. If the induction variable typing
needs to fall back to normal phi typing (e.g., when the increment is not
an integer anymore), it might use the stale type.

To get around this, we fake monotonicity if we fallback to normal phi
typing. Another option would be to force re-typing of the increment
operation, but that seems to be harder to maintain.

BUG=chromium:644633

Review-Url: https://codereview.chromium.org/2320803002
Cr-Commit-Position: refs/heads/master@{#39261}
2016-09-08 03:51:11 +00:00
littledan
46edbd164d Clean up RegExp comments and test262 status
This patch fixes a bunch of out-of-date TODOs, un-skips some tests
and refers to appropriate bug numbers and current specification
status where appropriate.

R=adamk

Review-Url: https://codereview.chromium.org/2319203002
Cr-Commit-Position: refs/heads/master@{#39260}
2016-09-07 19:40:11 +00:00
franzih
9048298d4c [api] Fix typo.
BUG=

Review-Url: https://codereview.chromium.org/2315413002
Cr-Commit-Position: refs/heads/master@{#39259}
2016-09-07 18:55:40 +00:00
jshin
147c810cc7 Stage Intl.DateTimeFormat.formatToParts
Move it to HARMONY_STAGED bucket

Spec discussion:  https://github.com/tc39/ecma402/issues/30
It's in stage 4 and Firefox has already implemented it.

BUG=v8:5244
TEST=intl/date-format/date-format-to-parts.js
TEST=test262/intl402/DateTimeFormat/prototype/formatToParts/*

Review-Url: https://codereview.chromium.org/2317783003
Cr-Commit-Position: refs/heads/master@{#39258}
2016-09-07 17:17:39 +00:00
adamk
624bc966b3 Super property loads and stores should throw if [[Prototype]] is null
While fixing the bug, removed code duplication from super load/store
runtime calls, and inlined calls of Object::ReadAbsentProperty (left
over from strong mode).

BUG=v8:5335

Review-Url: https://codereview.chromium.org/2311413002
Cr-Commit-Position: refs/heads/master@{#39257}
2016-09-07 17:14:14 +00:00
mstarzinger
279bc5096b [deoptimizer] Support virtual context in interpreted frame.
This adds support for dematerialized context values as part of an
interpreted frame (similar to an FCG frame). Both frame translations
should be kept in sync as much as possible.

R=rmcilroy@chromium.org
BUG=chromium:644728

Review-Url: https://codereview.chromium.org/2313343002
Cr-Commit-Position: refs/heads/master@{#39256}
2016-09-07 16:02:13 +00:00
machenbach
86f119b85d [gn] Turn off lsan on mac asan
Chromium doesn't support lsan with mac's current toolchain.

BUG=chromium:644643
NOTRY=true

Review-Url: https://codereview.chromium.org/2322493002
Cr-Commit-Position: refs/heads/master@{#39255}
2016-09-07 15:30:30 +00:00
jbroman
ef94aab22f ValueSerializer: Take advantage of fast elements in dense array serialization.
This yields a ~5% serialization time improvement on typical JSON-esque data.
The approach taken matches json-stringifier fairly closely.

BUG=chromium:148757

Review-Url: https://codereview.chromium.org/2311063004
Cr-Commit-Position: refs/heads/master@{#39254}
2016-09-07 15:23:33 +00:00
bjaideep
b7625e70dc PPC64: disable regress/regress-353551 due to stack overflow
Testcase regress/regress-353551 fails with stack overflow error on
ppc64, increasing stack-size to 1100 resolves the issue, but will
cause other platforms to fail similar to
https://codereview.chromium.org/2072533002.
For now, disabling the testcase on ppc64.

R=machenbach@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com

BUG=
LOG=N

Review-Url: https://codereview.chromium.org/2314343002
Cr-Commit-Position: refs/heads/master@{#39253}
2016-09-07 14:24:35 +00:00
bjaideep
9908c589de PPC [heap]: Increase size of the compiled source object
On PPC the testcase CodeSerializerLargeCodeObject fails as
the object gets allocated in the code_space section of
the heap. This is because the code_space gets expanded
successfully to 1 page size (4MB on PPC) and can accommodate
the object (size=3784608 bytes). Increasing size of the compiled
source to (5096192 bytes) so that code_space is not expanded and
the space is allocated in the Large Object space of the heap.
Testcase was added as part of https://codereview.chromium.org/2226233002

R=mstarzinger@chromium.org, bmeurer@chromium.org

BUG=
LOG=N

Review-Url: https://codereview.chromium.org/2314843003
Cr-Commit-Position: refs/heads/master@{#39252}
2016-09-07 14:17:00 +00:00
nikolaos
dfd03bbd20 [parser] Refactor of Parse*Statement*, part 2
This patch moves the following parsing methods to ParserBase:

- ParseBlock

R=adamk@chromium.org, marja@chromium.org
BUG=
LOG=N

Review-Url: https://codereview.chromium.org/2312263002
Cr-Commit-Position: refs/heads/master@{#39251}
2016-09-07 13:32:24 +00:00
ulan
371c7a388f [heap] Add histogram counters to track GC reasons.
BUG=chromium:644713
LOG=NO

Review-Url: https://codereview.chromium.org/2322453002
Cr-Commit-Position: refs/heads/master@{#39250}
2016-09-07 13:30:55 +00:00
Alexander.Gilday2
5e6a1abf54 [builtins] Create StringToNumber helper.
Move StringToNumber builtin implementation to helper function in
CodeStubAssembler.

BUG=

Review-Url: https://codereview.chromium.org/2293943002
Cr-Commit-Position: refs/heads/master@{#39249}
2016-09-07 13:20:27 +00:00
epertoso
65128ab230 [turbofan] Add liveness analysis to the BytecodeGraphBuilder.
This is analogous to the variable liveness analysis we do in the AstGraphBuilder, but on the bytecode registers.

BUG=

Review-Url: https://codereview.chromium.org/2307863002
Cr-Commit-Position: refs/heads/master@{#39248}
2016-09-07 13:00:28 +00:00
ishell
c20e02e34a [stubs] Turn CSA::FillFixedArrayWithHole() to CSA::FillFixedArrayWithValue().
Review-Url: https://codereview.chromium.org/2319563002
Cr-Commit-Position: refs/heads/master@{#39247}
2016-09-07 12:58:11 +00:00
georgia.kouveli
fdb0f07887 [arm64] Use CMN for cmp(a,sub(0,b)) only when checking equality/inequality.
We were previously incorrectly changing:
  sub r0, 0, r1
  cmp r2, r0
  b.cond <addr>
to:
  cmn r2, r1
  b.cond <addr>

for all conditions. This is incorrect for conditions involving the C (carry)
and V (overflow) flags, and in particular in the case where r1 = INT_MIN.
The optimization is still safe to perform for Equal and NotEqual since they
do not depend on the C and V flags.

BUG=

Review-Url: https://codereview.chromium.org/2318043002
Cr-Commit-Position: refs/heads/master@{#39246}
2016-09-07 12:43:00 +00:00