Commit Graph

3463 Commits

Author SHA1 Message Date
marja@chromium.org
394af55a8c Script streaming: more UTF-8 handing fixes (again).
1) Since we fill the output buffer both from the chunks and the conversion
buffer, it's possible that we run out of space and call CopyCharsHelper with 0
length. The underlying functions don't handle it gracefully, so check there.

2) There was a bug where we used to try to copy too many characters from the
beginning of the data chunk into the conversion buffer. Continuation bytes in
UTF-8 are of the form 0b10XXXXXX. If a byte is bigger than that, it's the first
byte of a new UTF-8 character and we should ignore it.

These two together (or maybe in combination with surrogates) are a probable
reason for crbug.com/420932.

3) The test data was off; \uc481 is \xec\x92\x81.

BUG=420932
LOG=N
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/662003003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24725 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-20 09:23:43 +00:00
sigurds@chromium.org
bc475b4a6b Add inlining for intrinsics.
This issue is for discussion on how to proceed.

I think the implementation of ValueOf shows that directly creating the IR does not scale.

BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/612043003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24719 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-20 07:56:50 +00:00
jkummerow@chromium.org
c186399e5f Tick processor: Print C++ entry points
R=loislo@chromium.org, yangguo@chromium.org, yurys@chromium.org

Review URL: https://codereview.chromium.org/638633002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24700 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 15:44:02 +00:00
titzer@chromium.org
e4c6f9488e Implement graph trimming in ControlReducer.
Trimming the graph consists of breaking links from nodes that are not reachable from end to nodes that are reachable from end. Such dead nodes show up in the use lists of the live nodes and though mostly harmless, just clutter up the graph. They also can limit instruction selection opportunities, so it is good to get rid of them.

This CL is one half of the ControlReducer functionality, the other half
being branch folding.

R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/661923002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24694 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 11:51:57 +00:00
neis@chromium.org
7f7354f3fd Test monotonicity of expression typings.
R=rossberg@chromium.org
BUG=

Review URL: https://codereview.chromium.org/653093002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24693 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 11:46:06 +00:00
yangguo@chromium.org
66170eaa52 test-serialize/Bug3628 is expected to fail, not crash.
TBR=jochen@chromium.org
BUG=v8:3628
LOG=N

Review URL: https://codereview.chromium.org/663483003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24688 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 10:22:47 +00:00
yangguo@chromium.org
f0e3ae8e24 Prohibit serializing with --harmony-scoping.
R=jochen@chromium.org
BUG=v8:3628
LOG=N

Review URL: https://codereview.chromium.org/650423005

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24686 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 09:54:48 +00:00
bmeurer@chromium.org
0854ee289b [x64] simply tweak materialization of float/double constants
port 24485
Fixed a bug of "psllq" instruction in x64

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/658813003

Patch from Weiliang Lin <weiliang.lin@intel.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24673 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 04:18:38 +00:00
haraken@chromium.org
f3bfd04bcf Pass an Isolate to v8::VisitHandlesWithClassIds
The Isolate version of v8::VisitHandlesWithClassIds is needed
for https://codereview.chromium.org/651713002/

R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/664473002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24671 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 00:46:18 +00:00
mvstanton@chromium.org
e8c3708825 Fix ASAN warning.
Missing line in a test to dispose of a string.

TBR=yangguo@chromium.org

Review URL: https://codereview.chromium.org/643873004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24665 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-16 13:26:28 +00:00
wingo@igalia.com
0841f7241b Track usage of "this" and "arguments" in Scope
This adds flags in Scope to track wheter a Scope uses "this" and,
"arguments". The information is exposed via Scope::uses_this(),
and Scope::uses_arguments(), respectively. Flags for tracking
usage on any inner scope uses are available as well via
Scope::inner_uses_this(), and Scope::inner_uses_arguments().

Knowing whether scopes use "this" and "arguments" will be handy
to generate the code needed to capture their values when generating
the code for arrow functions.

BUG=v8:2700
LOG=
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/422923004

Patch from Adrian Perez de Castro <aperez@igalia.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24663 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-16 13:19:36 +00:00
bmeurer@chromium.org
fe3a8845f0 [turbofan] Correctify typed lowering.
We cannot add new JSToNumber nodes here in general, because:

 a) The inserted ToNumber operation screws up observability of valueOf.
 b) Deoptimization at ToNumber doesn't have corresponding bailout id.

TEST=cctest,mjsunit
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/649543004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24660 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-16 11:31:00 +00:00
aandrey@chromium.org
b96b570628 Introduce v8::Exception::GetStackTrace API method.
This will be needed to get a stack trace from a DOMException.

API=v8::Exception::GetStackTrace
R=yangguo@chromium.org
LOG=Y

Review URL: https://codereview.chromium.org/655243002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24655 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-16 10:42:08 +00:00
sigurds@chromium.org
2577d6c261 Fix compilation after r24639
TBR=yangguo@chromium.org

Review URL: https://codereview.chromium.org/653353003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24643 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 14:42:32 +00:00
yangguo@chromium.org
4f9fd83d85 Break deserializer reservations into chunks that fit onto a page.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/653033002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24639 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 14:04:53 +00:00
titzer@chromium.org
ad80a80a8b Fix bug in NodeCache::GetCachedNodes
TBR=dcarney@chromium.org
BUG=

Review URL: https://codereview.chromium.org/656033003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24635 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 13:07:18 +00:00
titzer@chromium.org
754abff699 Add JSGraph::GetCachedNodes and NodeCache::GetCachedNodes. These routines are necessary in the dead code elimination phase to trim away uses from unreachable nodes.
R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/656103002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24632 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 12:29:39 +00:00
dcarney@chromium.org
37f1645023 [turbofan] more verification of rpo
R=titzer@chromium.org

BUG=

Review URL: https://codereview.chromium.org/603533002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24630 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 12:15:38 +00:00
rossberg@chromium.org
0e16150d33 Better typing and type verification
- Extend verifier to check types of JS and Simplified nodes.
- Untyped nodes now contain NULL as types, enforcing hard failure.
- Typer immediately installs itself as a decorator; remove explicit decorator installation.
- Decorator eagerly types all nodes that have typed inputs
  (subsumes typing of constant cache, removing its typing
  side-channel and various spurious dependencies on the typer).
- Cut down typer interface to prevent inconsistently typed graphs.
- Remove verification from start, since it caused too much trouble
  with semi-wellformed nodes.
- Fix a couple of bugs on the way that got uncovered.

To do: verifying machine operators. Also, various conditions in the
verifier are currently commented out, because they don't yet hold.

BUG=
R=jarin@chromium.org,titzer@chromium.org

Review URL: https://codereview.chromium.org/658543002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24626 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 11:38:04 +00:00
ulan@chromium.org
ac1f429689 Remove test-api/Regress2107 since it doesn't test what Chrome does.
BUG=v8:3625
LOG=N
R=jochen@chromium.org

Review URL: https://codereview.chromium.org/657033003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24617 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 08:44:00 +00:00
neis@chromium.org
93d0e79d6e Again reland "Refine expression typing, esp. by propagating range information."
This relands commit 24552.

TBR=rossberg@chromium.org
BUG=

Review URL: https://codereview.chromium.org/650513003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24615 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 08:21:46 +00:00
bmeurer@chromium.org
f574d93e51 Revert "Reland "Refine expression typing, esp. by propagating range information.""
This reverts commit r24609 for breaking the
cctest/test-js-typed-lowering/Int32BitwiseBinops test.

TBR=rossberg@chromium.org,neis@chromium.org

Review URL: https://codereview.chromium.org/656003002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24614 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 03:50:13 +00:00
neis@chromium.org
a7eb593147 Reland "Refine expression typing, esp. by propagating range information."
This relands commit 24552.

R=rossberg@chromium.org
BUG=

Review URL: https://codereview.chromium.org/653693002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24609 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-14 16:27:26 +00:00
ulan@chromium.org
dd49272c00 Weak Cells
Introduce an object that holds a weak reference.
Design document: http://goo.gl/9dSvvy.

BUG=
R=erik.corry@gmail.com

Review URL: https://codereview.chromium.org/640303006

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24606 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-14 14:43:45 +00:00
jkummerow@chromium.org
d7482818a6 Fix de/serialization tests after r24592
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/654853002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24600 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-14 12:21:18 +00:00
sigurds@chromium.org
4dc4b40925 Reland "Fix scheduler to correctly schedule nested diamonds".
Reland fix: Consume less memory.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/636233006

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24597 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-14 12:08:55 +00:00
bmeurer@chromium.org
81877a6440 [turbofan] Optimize division/modulus by constant.
TEST=cctest,mjsunit,unittests
R=dcarney@chromium.org, svenpanne@chromium.org

Review URL: https://codereview.chromium.org/654833002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24595 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-14 11:57:06 +00:00
dcarney@chromium.org
75d15894f6 [turbofan] remove some of the dependency of Instruction on Schedule
R=bmeurer@chromium.org

BUG=

Review URL: https://codereview.chromium.org/646393002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24584 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-14 08:51:22 +00:00
hpayer@chromium.org
2c18a51c72 Increase final idle time in idle notifcation of test test-api/Regress2107.
BUG=
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/653863002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24579 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-14 08:10:41 +00:00
bmeurer@chromium.org
8a00950303 [arm] Drop SMMLS support.
Apparently

 SMMLS r, b, c, a

computes

 r = ((a << 32) - b * c) >> 32

while the documentation is kinda misleading and states that it should
compute

 r = a - ((b * c) >> 32)

The actual behavior is kinda useless, so we drop the instruction again.

TEST=cctest,unittests
TBR=dcarney@chromium.org

Review URL: https://codereview.chromium.org/654653004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24577 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-14 07:47:27 +00:00
bmeurer@chromium.org
8950e0a3de [arm] Add support for SMMLA, SMMLS and SMMUL.
TEST=cctest,unittests
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/648283002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24575 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-14 05:03:04 +00:00
hpayer@chromium.org
c7149e50a3 Fix IdleNotificationFinishMarking test on slow devices.
BUG=
TBR=ulan@chromium.org

Review URL: https://codereview.chromium.org/641533004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24569 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-13 18:54:20 +00:00
hpayer@chromium.org
d1e693a43a Check if there is still time before finalizing an incremental collection.
BUG=
R=erik.corry@gmail.com, ulan@chromium.org

Review URL: https://codereview.chromium.org/629903003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24567 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-13 16:27:55 +00:00
sigurds@chromium.org
aa67d12f09 Revert "Fix scheduler to correctly schedule nested diamonds."
This reverts commit 0ab306041a6eba99fe5e2ef78251de137321f559.

"Fix" make scheduler run out of memory.

TBR=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/656473002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24566 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-13 16:08:29 +00:00
sigurds@chromium.org
0f5949d605 Fix scheduler to correctly schedule nested diamonds.
The scheduler rewires control based on the last *control*
node that appears in the schedule of a block. This is not
sufficient to account for dependencies.

This patch adds additional dependencies to floating control
nodes. Given a floating control node A, every non-control
dependency of every node B that depends on A is introduces
as an additional dependency of A.

This allows the scheduler to correctly schedule two
diamonds A, B, if their only correct schedule is to
schedule B into the ifTrue successor in A.

TEST=cctest/test-scheduler/NestedFloatingDiamonds
R=mstarzinger@chromium.org, titzer@chromium.org

Review URL: https://codereview.chromium.org/602083003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24561 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-13 13:07:49 +00:00
neis@chromium.org
a2f4963abd Revert "Refine expression typing, esp. by propagating range information."
This reverts commit 24552.

TBR=rossberg@chromium.org
BUG=

Review URL: https://codereview.chromium.org/648163002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24553 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-13 10:48:01 +00:00
neis@chromium.org
5a0ff8e656 Refine expression typing, esp. by propagating range information.
R=rossberg@chromium.org
BUG=

Review URL: https://codereview.chromium.org/618803003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24552 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-13 10:40:29 +00:00
marja@chromium.org
363ac55a5d Script streaming: UTF-8 handling fix.
The problem was that there can be several multi-byte UTF-8 characters near the
splitting point of the data chunks, and the code didn't handle it properly.

This was also the source of crbug.com/417891 - I thought the crash can only
happen when V8 is passed invalid UTF-8 data, but it can also happen in the
abovementioned case. After the fix, we handle the valid UTF-8 case and also
guard against invalid UTF-8 data.

R=yangguo@chromium.org
BUG=chromium:417891
LOG=N

Review URL: https://codereview.chromium.org/654503002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24547 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-13 09:01:54 +00:00
dcarney@chromium.org
657052e87f [turbofan] remove graph from InstructionSequence
R=bmeurer@chromium.org

BUG=

Review URL: https://codereview.chromium.org/652643002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24545 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-13 08:09:27 +00:00
dcarney@chromium.org
907ad65dce [turbofan]IA: ChangeFloat32ToFloat64 supports mem operand
BUG=
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/641153003

Patch from Jing Bao <jing.bao@intel.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24542 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-13 07:42:35 +00:00
dcarney@chromium.org
3396c2badd [turbofan] IA: TruncateFloat64ToFloat32 supports mem operand
BUG=
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/639283003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24541 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-13 07:12:57 +00:00
dslomov@chromium.org
c9049c0325 Keyed loads from super with numeric keys.
R=ishell@chromium.org, arv@chromium.org
BUG=v8:3330
LOG=N

Review URL: https://codereview.chromium.org/638193004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24522 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-10 10:40:29 +00:00
yangguo@chromium.org
8659e50723 Update unicode to 7.0.0.
And do not use code points with PATTERN_* property for identifier start.
Maintain that \u180E is a white space character.

BUG=v8:2892
LOG=Y
R=dpino@igalia.com, mathias@qiwi.be

Review URL: https://codereview.chromium.org/638643002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24473 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-08 14:55:03 +00:00
bmeurer@chromium.org
9b306893a3 [turbofan] Properly emit bounds checks for typed array element loads.
Also fix an awfull bug in simplified lowering.

TEST=cctest,mjsunit/asm
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/640603003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24463 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-08 11:16:45 +00:00
titzer@chromium.org
015f963e8f Lower NumberMultiply, NumberDivide, and NumberModulus to Int32Mul, Int32[U]Div, and Int32[U]Mod when possible in simplified-lowering.
R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/620553008

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24462 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-08 10:53:46 +00:00
jochen@chromium.org
e1fe5da318 CcTest::isolate_used_ is used from multiple threads, make it atomic
BUG=none
R=svenpanne@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/637263003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24460 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-08 09:34:40 +00:00
titzer@chromium.org
42365d429c The empty husk of a JSFunction is useful to us.
We hollow out the rotting core and with evil intent repurpose its dry carcass to empower ourselves; with such a shell we can test.

R=mstarzinger@chromium.org

BUG=

Review URL: https://codereview.chromium.org/637873002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24459 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-08 09:23:33 +00:00
jochen@chromium.org
c5c02d3bd4 Fix race in debugger threads in cctest/test-debug
BUG=none
R=svenpanne@chromium.org, ishell@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/637283002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24455 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-08 08:56:57 +00:00
jochen@chromium.org
73733bb3eb Fix data races and leaks related to v8::Lockers
BUG=v8:3618
R=ishell@chromium.org, svenpanne@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/637263002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24453 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-08 08:17:04 +00:00
jochen@chromium.org
d78fab455a Fix data race in cctest/test-api/RegExpInterruption
BUG=v8:3615
R=yangguo@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/634523003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24451 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-08 07:41:28 +00:00