Commit Graph

24250 Commits

Author SHA1 Message Date
yangguo
35c28ce0a7 Debugger: prepare code for debugging on a per-function basis.
Prior to this patch, we enter a global debug mode whenever a break point
is set. By entering this mode, all code is deoptimized and activated
frames are recompiled and redirected to newly compiled debug code.

After this patch, we only deoptimize/redirect for functions we want to
debug. Trigger for this is Debug::EnsureDebugInfo, and having DebugInfo
object attached to the SFI prevents optimization/inlining.

The result is that we can have optimized code for functions without break
points alongside functions that do have break points, which are not
optimized.

R=mstarzinger@chromium.org, ulan@chromium.org
BUG=v8:4132
LOG=Y

Review URL: https://codereview.chromium.org/1233073005

Cr-Commit-Position: refs/heads/master@{#29758}
2015-07-20 14:53:37 +00:00
jochen
8019833da7 Fix stack trace printing in d8
R=yangguo@chromium.org
BUG=chromium:511988
LOG=n

Review URL: https://codereview.chromium.org/1246643002

Cr-Commit-Position: refs/heads/master@{#29757}
2015-07-20 14:49:38 +00:00
rossberg
2e040f54e9 [strong] Keep language mode consistent
R=mstarzinger@chromium.org
BUG=v8:4312
LOG=N

Review URL: https://codereview.chromium.org/1240273002

Cr-Commit-Position: refs/heads/master@{#29756}
2015-07-20 14:31:36 +00:00
mstarzinger
1a8776db25 Activate preserving of optimized code map accross GCs.
This enables --noflush-optimized-code-cache which allows preserving
entries in the optimized code map accross GCs. This only applies to
values being reachable through other paths.

R=hpayer@chromium.org,hablich@chromium.org

Review URL: https://codereview.chromium.org/1217863006

Cr-Commit-Position: refs/heads/master@{#29755}
2015-07-20 14:18:52 +00:00
mstarzinger
ce6d2241bc Add function literal variable to declaration list.
This adds the implicit function variable for a function literal to the
declarations list in scope analysis, instead of specially handling it
throughout all back-ends.

R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/1245603003

Cr-Commit-Position: refs/heads/master@{#29754}
2015-07-20 14:15:14 +00:00
mstarzinger
37c2094e8c [turbofan] Support handling of default super calls.
This implements the missing %DefaultConstructorCallSuper runtime
functionality, thereby allowing all compilers to fall-back to that
implementation when the appropriate intrinsic is missing.

R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/1240993002

Cr-Commit-Position: refs/heads/master@{#29753}
2015-07-20 13:50:26 +00:00
rossberg
fa94ca3ea4 [es6] Check declaration conflicts between non-simple parameters and the function body
Also, more tests for parameters containing functions or eval or both.

R=adamk@chromium.org, caitpotter88@gmail.com, littledan@chromium.org
BUG=v8:811
LOG=N

Review URL: https://codereview.chromium.org/1225413005

Cr-Commit-Position: refs/heads/master@{#29752}
2015-07-20 13:49:13 +00:00
hpayer
23ca3ec88f Revert of Reland concurrent sweeping of code space. (patchset #5 id:80001 of https://codereview.chromium.org/1225733002/)
Reason for revert:
Tests became flaky.

Original issue's description:
> Reland concurrent sweeping of code space.
>
> BUG=chromium:506778,chromium:506957,chromium:507211
> LOG=n
>
> Committed: https://crrev.com/806b81f11e3bfaef0d4330c7669e6934074be9cb
> Cr-Commit-Position: refs/heads/master@{#29748}

TBR=jochen@chromium.org,mvstanton@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:506778,chromium:506957,chromium:507211

Review URL: https://codereview.chromium.org/1242743002

Cr-Commit-Position: refs/heads/master@{#29751}
2015-07-20 12:07:25 +00:00
yangguo
d508345123 Do not expect verbatim JPY symbol in test.
The choice for the symbol seems to be locale-dependent.

R=jochen@chromium.org
BUG=v8:4314
LOG=N

Review URL: https://codereview.chromium.org/1238133003

Cr-Commit-Position: refs/heads/master@{#29750}
2015-07-20 10:52:51 +00:00
mstarzinger
d4cd3f5ef3 Fix installing of SIMD object on global object.
We should not install the SIMD object on the global object unless
support for SIMD is actually turned on by the flag. Otherwise calling
SIMD.Float32x4() will hit unreachable code. We accidentally SIMD.

R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/1240223002

Cr-Commit-Position: refs/heads/master@{#29749}
2015-07-20 10:37:58 +00:00
hpayer
806b81f11e Reland concurrent sweeping of code space.
BUG=chromium:506778,chromium:506957,chromium:507211
LOG=n

Review URL: https://codereview.chromium.org/1225733002

Cr-Commit-Position: refs/heads/master@{#29748}
2015-07-20 10:36:47 +00:00
ishell
9e6647c216 Speedup some slow running stack-overflow tests.
BUG=chromium:505007
LOG=N

Review URL: https://codereview.chromium.org/1238273003

Cr-Commit-Position: refs/heads/master@{#29747}
2015-07-20 09:50:53 +00:00
jacob.bramley
bfe700b8ed Use a label-branch in CheckConstPool.
This removes a dependency on the size of the pool. Whilst the size is
checked in debug mode, it is still more robust to use a label.

This should also be cherry-picked to fix 4.4.63.20. (At that time, the
size of the pool was _not_ checked, and was sometimes wrong.)

This partially reverts 879550c, "[arm] Don't call branch_offset within
CheckConstPool." However, branch_offset now only blocks the constant
pool if it is not already blocked.

BUG=

Review URL: https://codereview.chromium.org/1227403006

Cr-Commit-Position: refs/heads/master@{#29746}
2015-07-20 09:03:21 +00:00
adamk
e6cb6bb6b7 Fix element enumeration on String wrappers with dictionary elements
BUG=chromium:510426
LOG=n

Review URL: https://codereview.chromium.org/1246513002

Cr-Commit-Position: refs/heads/master@{#29745}
2015-07-20 09:01:06 +00:00
yangguo
01902e4eab Debugger: use FrameInspector in ScopeIterator to find context.
In optimized code, it's not guaranteed that the current context
is stored in its frame slot.

R=bmeurer@chromium.org
BUG=v8:4309
LOG=N

Committed: https://crrev.com/3a0ee39cbde6a9778cfc4e2a6a0a8ff68933ff38
Cr-Commit-Position: refs/heads/master@{#29697}

Review URL: https://codereview.chromium.org/1239033002

Cr-Commit-Position: refs/heads/master@{#29744}
2015-07-20 08:53:39 +00:00
ishell
cc66a1c64e Crankshaft part of the 'loads and stores to global vars through property cell shortcuts' feature.
BUG=chromium:510738
LOG=N

Review URL: https://codereview.chromium.org/1228113008

Cr-Commit-Position: refs/heads/master@{#29743}
2015-07-20 08:49:28 +00:00
jochen
d180390f7f Reland of "Make d8 stop using to-be-deprecated APIs"
Original issue's description:
> BUG=v8:4134
> LOG=n
> R=yangguo@chromium.org
>
> Review URL: https://codereview.chromium.org/1239053004

BUG=v8:4134
LOG=n
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1235603004

Cr-Commit-Position: refs/heads/master@{#29742}
2015-07-20 07:05:55 +00:00
jochen
b8a4978110 Unittests don't use deprecated APIs. Yay!
Make sure it stays that way

BUG=v8:4134
R=yangguo@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1242563003

Cr-Commit-Position: refs/heads/master@{#29741}
2015-07-20 06:55:06 +00:00
jochen
a84c788bb0 Make vtune-jit stop using deprecated APIs
BUG=v8:4134
R=yangguo@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1244433003

Cr-Commit-Position: refs/heads/master@{#29740}
2015-07-20 06:53:53 +00:00
v8-autoroll
002faf794e Update V8 DEPS.
Rolling v8/testing/gtest to 00a70a9667d92a4695d84e4fa36b64f611f147da

Rolling v8/tools/clang to 6ea730d39bf31911ccef92397dbc8d71136d3899

TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1228063006

Cr-Commit-Position: refs/heads/master@{#29739}
2015-07-19 03:26:40 +00:00
v8-autoroll
9dc9447975 Update V8 DEPS.
Rolling v8/third_party/icu to 508e9274baaa5caa8de9cf4c26a24e926a15ccf0

TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1236133007

Cr-Commit-Position: refs/heads/master@{#29738}
2015-07-18 03:29:27 +00:00
caitpotter88
c9007d8f7e [d8] bounds-check before getting Shell::Worker internal field
Prevents fatal error in debug builds

BUG=v8:4271, 506954
R=binji@chromium.org
LOG=N

Committed: https://crrev.com/43ce9c6f101c4224addd9a54e0c39963188dc7fa
Cr-Commit-Position: refs/heads/master@{#29524}

Review URL: https://codereview.chromium.org/1214053004

Cr-Commit-Position: refs/heads/master@{#29737}
2015-07-17 21:44:37 +00:00
binji
35b2114874 Atomics Futex API
BUG=chromium:497295
R=jarin@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1208933006

Cr-Commit-Position: refs/heads/master@{#29736}
2015-07-17 17:11:47 +00:00
dusan.milosavljevic
82339644b2 MIPS: Fix missing falthru handling for some branch cases in TF.
TEST=mjsunit/asm/embenchen/zlib
BUG=

Review URL: https://codereview.chromium.org/1232313007

Cr-Commit-Position: refs/heads/master@{#29735}
2015-07-17 15:59:40 +00:00
hichris123
ddb5c2d999 Make NumberFormat use the ICU currency data, fix bug in NumberFormat
NumberFormat previously just used a min of 0 digits after the decimal and a max of 3. This CL changes it so that we use the ICU currency data, and set the min and max to the number of numbers after the decimal point for each currency.

This CL also fixes a small bug where if the minimum fraction digits is above 3 but the maximum fraction digits isn't set, then it returns with only three numbers after the decimal point.

BUG=435465,473104,304722
LOG=Y

Review URL: https://codereview.chromium.org/1231613006

Cr-Commit-Position: refs/heads/master@{#29734}
2015-07-17 15:08:08 +00:00
verwaest
8c44880544 Properly fix enumerate / Object.keys wrt access checked objects
BUG=chromium:509936
LOG=y

Review URL: https://codereview.chromium.org/1241953010

Cr-Commit-Position: refs/heads/master@{#29733}
2015-07-17 14:11:57 +00:00
mbrandy
05078ede71 PPC: Fix memento initialization when constructing from new call
Port 3285e3bf07

Original commit message
    Additionally, push the allocation site or undefined independently
    of creating a memento to preserve a fixed size for the construct
    frames.

R=mlippautz@chromium.org, dstence@us.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1229163005

Cr-Commit-Position: refs/heads/master@{#29732}
2015-07-17 14:06:24 +00:00
paul.lind
88214f1bf8 MIPS64: Fix string stubs.
An innocent-looking change in 'c63e50ed Reland Update V8 DEPS.' exposed
latent bugs in SubStringStub and StringCharFromCodeGenerator.

TEST=mjsunit/string-replace, msjunit/string-split, others....
BUG=

Review URL: https://codereview.chromium.org/1233903003

Cr-Commit-Position: refs/heads/master@{#29731}
2015-07-17 13:56:59 +00:00
machenbach
8bde6b1920 Revert of Make d8 stop using to-be-deprecated APIs (patchset #3 id:40001 of https://codereview.chromium.org/1239053004/)
Reason for revert:
[Sheriff] Breaks:
http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20debug%20-%20code%20serializer/builds/3400

Original issue's description:
> Make d8 stop using to-be-deprecated APIs
>
> BUG=v8:4134
> LOG=n
> R=yangguo@chromium.org
>
> Committed: https://crrev.com/af82ef84b4f851411f00e69167ab29382c7499b8
> Cr-Commit-Position: refs/heads/master@{#29726}

TBR=yangguo@chromium.org,jochen@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4134

Review URL: https://codereview.chromium.org/1240993003

Cr-Commit-Position: refs/heads/master@{#29730}
2015-07-17 13:53:52 +00:00
ishell
362b378501 Revert of Reland "Enable loads and stores to global vars through property cell shortcuts installed into paren… (patchset #1 id:1 of https://codereview.chromium.org/1237043006/)
Reason for revert:
chromium:510738, chromium:510911

Original issue's description:
> Reland "Enable loads and stores to global vars through property cell shortcuts installed into parent script context."
>
> Committed: https://crrev.com/48584df5ed97e2cdec1b4900f783c47adc3a3d32
> Cr-Commit-Position: refs/heads/master@{#29670}

TBR=verwaest@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1238163002

Cr-Commit-Position: refs/heads/master@{#29729}
2015-07-17 13:31:05 +00:00
verwaest
08827f55fb Fix object enumeration wrt access checked objects
BUG=chromium:509936
LOG=y

Review URL: https://codereview.chromium.org/1228113007

Cr-Commit-Position: refs/heads/master@{#29728}
2015-07-17 12:57:39 +00:00
verwaest
c0d3c537eb Fix DefineOwnProperty for data properties wrt failed access checks
BUG=chromium:509936
LOG=y

Review URL: https://codereview.chromium.org/1241973003

Cr-Commit-Position: refs/heads/master@{#29727}
2015-07-17 12:55:33 +00:00
jochen
af82ef84b4 Make d8 stop using to-be-deprecated APIs
BUG=v8:4134
LOG=n
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1239053004

Cr-Commit-Position: refs/heads/master@{#29726}
2015-07-17 12:45:06 +00:00
verwaest
76b3b21cdc Fix GetOwnPropertyNames on access-checked objects
BUG=chromium:509936
LOG=y

Review URL: https://codereview.chromium.org/1242123002

Cr-Commit-Position: refs/heads/master@{#29725}
2015-07-17 12:30:15 +00:00
jochen
bea3791426 Improve presubmit check for BUG line
Don't chicken out on upload already, and ignore 'none' value

BUG=none
R=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1237353003

Cr-Commit-Position: refs/heads/master@{#29724}
2015-07-17 12:21:47 +00:00
chunyang.dai
3536562e18 X87: Fix memento initialization when constructing from new call
port 3285e3bf07 (r29719).

original commit message:

  Additionally, push the allocation site or undefined independently of creatin

BUG=

Review URL: https://codereview.chromium.org/1229023003

Cr-Commit-Position: refs/heads/master@{#29723}
2015-07-17 10:07:15 +00:00
yangguo
c062b28aeb Revert of Debugger: use FrameInspector in ScopeIterator to find context. (patchset #3 id:40001 of https://codereview.chromium.org/1239033002/)
Reason for revert:
breaks roll: http://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_rel_ng/builds/87292/steps/browser_tests%20%28with%20patch%29/logs/DevToolsSanityTest.TestPauseWhenScriptIsRunning

Original issue's description:
> Debugger: use FrameInspector in ScopeIterator to find context.
>
> In optimized code, it's not guaranteed that the current context
> is stored in its frame slot.
>
> R=bmeurer@chromium.org
> BUG=v8:4309
> LOG=N
>
> Committed: https://crrev.com/3a0ee39cbde6a9778cfc4e2a6a0a8ff68933ff38
> Cr-Commit-Position: refs/heads/master@{#29697}

TBR=bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4309

Review URL: https://codereview.chromium.org/1243553002

Cr-Commit-Position: refs/heads/master@{#29722}
2015-07-17 09:53:49 +00:00
verwaest
dc71c1b586 Fix getPrototypeOf for access checked objects
BUG=chromium:509936
LOG=y

Review URL: https://codereview.chromium.org/1242093002

Cr-Commit-Position: refs/heads/master@{#29721}
2015-07-17 09:37:37 +00:00
jochen
ac1c713646 Delete APIs deprecated since last release
BUG=none
R=verwaest@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/1114873002

Cr-Commit-Position: refs/heads/master@{#29720}
2015-07-17 09:27:00 +00:00
mlippautz
3285e3bf07 Fix memento initialization when constructing from new call
Additionally, push the allocation site or undefined independently of creating a memento to preserve a fixed size for the construct frames.

BUG=

Review URL: https://codereview.chromium.org/1239593003

Cr-Commit-Position: refs/heads/master@{#29719}
2015-07-17 08:51:41 +00:00
v8-autoroll
40f0df5c8e Update V8 DEPS.
Rolling v8/buildtools to 125d157607de4d7c95bf8b02dd580aae17962f19

Rolling v8/third_party/android_tools to 2abd22b08cd757f88362f44b02484de43e4b9611

Rolling v8/third_party/icu to ffeeae138703e692f07d2c438203f32b84e7a094

Rolling v8/tools/clang to f729011d84762dfae62bbf4218580367dbfc7451

TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1238783004

Cr-Commit-Position: refs/heads/master@{#29718}
2015-07-17 03:28:24 +00:00
littledan
8068b91d15 Additional TypedArray tests
- Test that TypedArray properties cannot be set in strict mode
  Properties like %TypedArray%.prototype.length have a getter and no
  setter. This test verifies that property, which was apparently not
  true in the past or had no test ensuring throwing in this case.
- Test that TypedArray integer indexed properties (array elements)
  are not configurable

Both of these have passed for some time, but there are open bugs against
them and apparently no tests verifying that they are fixed.

BUG=v8:3048, v8:3799
LOG=N
R=adamk

Review URL: https://codereview.chromium.org/1232843005

Cr-Commit-Position: refs/heads/master@{#29717}
2015-07-17 00:21:31 +00:00
littledan
f76dfee9df Array.prototype.reverse should call [[HasProperty]] on elements before [[Get]]
This is a change from ES5 to ES6: When reversing an array, first it is checked
whether the element exists, before the element is looked up. The order in ES6
is

[[HasElement]] lower
[[Get]] lower (if present)
[[HasElement]] upper
[[Get]] upper (if present)

In ES5, on the other hand, the order was

[[Get]] lower
[[Get]] upper
[[HasElement]] lower
[[HasElement]] upper

To mitigate the performance impact, this patch implements a new, third copy
of reversing arrays if %_HasPackedElements. This allows us to skip all
membership tests, and a quick and dirty benchmark shows that the new version
is faster:

Over 4 runs, the slowest for the new version:
d8> var start = Date.now(); for (var i = 0; i < 100000000; i++) [1, 2, 3, 4, 5].reverse(); Date.now() - start
4658

Over 3 runs, the fastest for the old version:
d8> var start = Date.now(); for (var i = 0; i < 100000000; i++) [1, 2, 3, 4, 5].reverse(); Date.now() - start
5176

BUG=v8:4223
R=adamk
LOG=Y

Review URL: https://codereview.chromium.org/1238593003

Cr-Commit-Position: refs/heads/master@{#29716}
2015-07-16 23:12:23 +00:00
littledan
1f61ac5033 In RegExp, lastIndex is read with ToLength, not ToInteger
ES2015 made a change vs ES5, where the "lastIndex" property of a
RegExp (which can be modified by a user to start the next search at
a different location) is cast to an integer with ToLength rather
than ToInteger. The main difference is on negative numbers, and
this is tested by test262. This patch implements that change on
RegExps and enables the test262 test now that it passes.

R=adamk
LOG=Y
BUG=v8:4244

Review URL: https://codereview.chromium.org/1241713004

Cr-Commit-Position: refs/heads/master@{#29715}
2015-07-16 21:55:41 +00:00
adamk
5906ce337c Stage --harmony-new-target
BUG=v8:3887
LOG=y

Review URL: https://codereview.chromium.org/1238693004

Cr-Commit-Position: refs/heads/master@{#29714}
2015-07-16 20:48:33 +00:00
adamk
bd389ec008 Re-ship harmony spread calls and spread arrays
The issue with spread arrays which caused us to turn it off was fixed in
https://chromium.googlesource.com/v8/v8/+/24e98281

BUG=v8:3018
LOG=y

Review URL: https://codereview.chromium.org/1239873002

Cr-Commit-Position: refs/heads/master@{#29713}
2015-07-16 19:44:39 +00:00
bbudge
6113058427 Expose SIMD.Float32x4 type to Javascript.
This CL exposes the constructor function, defines type related
information, and implements value type semantics.
It also refactors test/mjsunit/samevalue.js to test SameValue and SameValueZero.

TEST=test/mjsunit/harmony/simd.js, test/cctest/test-simd.cc

LOG=Y
BUG=v8:4124

Committed: https://crrev.com/e5ed3bee99807c502fa7d7a367ec401e16d3f773
Cr-Commit-Position: refs/heads/master@{#29689}

Review URL: https://codereview.chromium.org/1219943002

Cr-Commit-Position: refs/heads/master@{#29712}
2015-07-16 19:43:32 +00:00
adamk
843b0e29f6 Revert of [turbofan] Ship TF for try-catch statements. (patchset #1 id:1 of https://codereview.chromium.org/1216373002/)
Reason for revert:
Causes gbemu-part1 to time out on Linux dbg builders

http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20debug/builds/3867/
http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20debug%20-%20code%20serializer/builds/3386/
http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20debug%20-%20greedy%20allocator/builds/828/

Original issue's description:
> [turbofan] Ship TF for try-catch statements.
>
> R=hablich@chromium.org
> BUG=v8:4131
> LOG=N
>
> Committed: https://crrev.com/1251d02e7bb2a13ae5cf6fda5d3403730d2ae12f
> Cr-Commit-Position: refs/heads/master@{#29708}

TBR=hablich@chromium.org,mstarzinger@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4131

Review URL: https://codereview.chromium.org/1234363003

Cr-Commit-Position: refs/heads/master@{#29711}
2015-07-16 19:42:18 +00:00
caitpotter88
dfe2dd835a [parser] use-strict directives in function body affect init block
BUG=
LOG=N
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/1234213004

Cr-Commit-Position: refs/heads/master@{#29710}
2015-07-16 16:45:06 +00:00
binji
162f116a91 d8: Leak context_mutex_ so it will never be destroyed while locked
Calling quit() from d8 will call exit(), which will run static destructors. If
context_mutex_ is statically allocated, pthread_mutex_destroy will be called.

When running d8 in "isolates" mode, another thread may be running. If it calls
CreateEvaluationContext, it will lock the context_mutex_. If the mutex is
destroyed while it is locked, it will return an error.

This CL changes the Mutex to a LazyMutex, which will leak instead of being
destroyed.

BUG=v8:4279
R=jarin@chromium.org
R=machenbach@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1240553003

Cr-Commit-Position: refs/heads/master@{#29709}
2015-07-16 16:40:48 +00:00