Commit Graph

36943 Commits

Author SHA1 Message Date
clemensh
3c89788373 [wasm] Skip serialization of breakpoints and certion stubs
Breakpoints are always re-set by the embedder after compilation, so we
don't want to store the corresponding breakpoint objects.
Also don't serialize WASM_INTERPRETER_ENTRY stubs as they are replaced
by ordinary WASM_FUNCTION code at instantiation anyway, and skip
WASM_TO_JS wrappers which are recompiled on each instantiation.
Instead, we serialize the Illegal builtin, and also use that one
instead of the placeholder when compiling the wasm code initially.

R=titzer@chromium.org, yangguo@chromium.org
BUG=v8:5822

Review-Url: https://codereview.chromium.org/2629853004
Cr-Commit-Position: refs/heads/master@{#42451}
2017-01-18 11:44:58 +00:00
clemensh
4f91cee321 [wasm] Improve pimpl implementation in WasmInterpreter::Thread
As no one will ever try to allocate a Thread directly, we can just make
Thread a proxy of ThreadImpl by reinterpret_casting between both types.
This allows to not mention ThreadImpl in the header at all, and to
define it in an anonymous namespace in the implementation, allowing for
more optimizations.
It also saves runtime, as no memory load is needed to forward from
Thread to ThreadImpl, and we do not need to allocate ThreadImpl objects
on the heap.

R=titzer@chromium.org

Review-Url: https://codereview.chromium.org/2643443002
Cr-Commit-Position: refs/heads/master@{#42450}
2017-01-18 11:40:29 +00:00
bmeurer
977038516b [turbofan] Properly assign types to Array/String iterators.
When inlining allocations for Array and String iterators, make sure the
allocations have proper types on it (rather than just Type::Any). This
allows us to escape analyze the iterators in a couple of more cases,
i.e. in this very simple case:

  function f(a) {
    const it = a[Symbol.iterator]();
    return it.next().value;
  }

R=jarin@chromium.org
BUG=v8:4586,v8:5448

Review-Url: https://codereview.chromium.org/2640743003
Cr-Commit-Position: refs/heads/master@{#42449}
2017-01-18 11:24:00 +00:00
clemensh
a45fa2d856 [wasm] Remove unused variable
TBR=titzer@chromium.org
NOTRY=true

Review-Url: https://codereview.chromium.org/2639903003
Cr-Commit-Position: refs/heads/master@{#42448}
2017-01-18 10:56:29 +00:00
jarin
9091eb19be [deoptimizer] Materialize array iterators in the deoptimizer.
This also introduces exhaustive switch-cases for instance types.

BUG=chromium:681383

Review-Url: https://codereview.chromium.org/2646433002
Cr-Commit-Position: refs/heads/master@{#42447}
2017-01-18 10:55:22 +00:00
machenbach
e1fbcce8af [foozzie] Fix suppressions and add one for crbug.com/681241
BUG=chromium:681241
NOTRY=true
TBR=bradnelson@chromium.org,titzer@chromium.org

Review-Url: https://codereview.chromium.org/2644503002
Cr-Commit-Position: refs/heads/master@{#42446}
2017-01-18 10:49:39 +00:00
petermarshall
4064c41eaa [MIPS64] Fix tagged vs. untagged SMI comparison in Apply builtin.
This fast path check compared a tagged smi and an untagged one, meaning that the slow path was always taken.

Review-Url: https://codereview.chromium.org/2641823002
Cr-Commit-Position: refs/heads/master@{#42445}
2017-01-18 10:43:47 +00:00
petermarshall
0b8200c766 [Turbofan] Implement super calls with spread bytecode in assembly code.
BUG=v8:5659

Review-Url: https://codereview.chromium.org/2571563004
Cr-Commit-Position: refs/heads/master@{#42444}
2017-01-18 10:34:24 +00:00
clemensh
2f3de27e11 [wasm] Set and store breakpoints in wasm
Store breakpoint positions in the WasmSharedModuleData in order to set
them on new instantiations. Also redirect them to all live instances at
the time the breakpoint is set.

Inside the WasmDebugInfo, we store the BreakPointInfo objects to find
hit breakpoints.

R=titzer@chromium.org, yangguo@chromium.org
BUG=v8:5822

Review-Url: https://codereview.chromium.org/2626253002
Cr-Commit-Position: refs/heads/master@{#42443}
2017-01-18 10:28:40 +00:00
clemensh
7634b0eb13 [wasm] Use pimpl idiom for interpreter thread implementation
We used dynamic dispatch before, which has considerable runtime
overhead. Pimpl (a.k.a. opaque pointer) has the same memory overhead
of one additional pointer, but less runtime overhead.

R=titzer@chromium.org

Review-Url: https://codereview.chromium.org/2639013002
Cr-Commit-Position: refs/heads/master@{#42442}
2017-01-18 10:23:20 +00:00
machenbach
c5caaf8921 [foozzie] Add stronger failures suppression for crbug.com/681088
BUG=chromium:681088
NOTRY=true
TBR=bradnelson@chromium.org

Review-Url: https://codereview.chromium.org/2637423002
Cr-Commit-Position: refs/heads/master@{#42441}
2017-01-18 09:37:43 +00:00
bradnelson
5c8022e638 [wasm][asm.js] Cancel exception and rethrow on parse failure.
BUG=674089
R=marja@chromium.org

Review-Url: https://codereview.chromium.org/2614563002
Cr-Commit-Position: refs/heads/master@{#42440}
2017-01-18 09:23:13 +00:00
epertoso
48eabdcf72 [turbofan] Refactor IsSame into NodeProperties.
BUG=

Review-Url: https://codereview.chromium.org/2635243002
Cr-Commit-Position: refs/heads/master@{#42439}
2017-01-18 09:19:53 +00:00
neis
98dbae7903 [parsing] Fix a comment.
R=adamk@chromium.org
BUG=
NOTRY=true
NOTREECHECKS=true

Review-Url: https://codereview.chromium.org/2634313002
Cr-Commit-Position: refs/heads/master@{#42438}
2017-01-18 09:06:15 +00:00
yangguo
cbb7145221 [debugger] temporarily re-implement --expose-debug-as.
This is done out of courtesy for Node.js and will be
removed as soon as we branch for version 5.8.

R=jgruber@chromium.org

Review-Url: https://codereview.chromium.org/2636423002
Cr-Commit-Position: refs/heads/master@{#42437}
2017-01-18 08:58:58 +00:00
yangguo
92acec568c [regexp] Implement regexp groups as wrapper.
Non-capturing groups so far did not have any effect, so we elided
them in the regexp parser. However, they do affect how lookarounds
are parsed: in unicode mode, lookarounds are not quantifiable. They
are however if wrapped in a group.

BUG=v8:5845

Review-Url: https://codereview.chromium.org/2636883002
Cr-Commit-Position: refs/heads/master@{#42436}
2017-01-18 08:14:59 +00:00
bmeurer
2851866cfe [turbofan] Add Receiver feedback for abstract/strict equality.
Collect Receiver feedback for abstract/strict equality in Ignition and
use it in TurboFan to optimize JSEqual and JSStrictEqual operations to
pointer equality instead of having to call Equal/StrictEqual builtins.

R=jarin@chromium.org
BUG=v8:5267,v8:5400

Review-Url: https://codereview.chromium.org/2639883002
Cr-Commit-Position: refs/heads/master@{#42435}
2017-01-18 07:10:51 +00:00
bmeurer
ca20218ef2 [turbofan] Unify Smi checking for Check(Internalized)String.
Use the representation selector to insert appropriate Smi checks for
CheckString and CheckInternalizedString when necessary.

R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2637363002
Cr-Commit-Position: refs/heads/master@{#42434}
2017-01-18 07:06:22 +00:00
bradnelson
2f0891977e [wasm][asm.js] Check if a property key is a PropertyName before assumming it.
BUG=681707
R=aseemgarg@chromium.org,titzer@chromium.org

Review-Url: https://codereview.chromium.org/2641513003
Cr-Commit-Position: refs/heads/master@{#42433}
2017-01-18 06:49:21 +00:00
gdeepti
6934db7ca7 [wasm] WebAssembly.Memory.grow() should handle the no instance case
- Currently WebAssembly.Memory.grow() assumes that it always has an instance associated with it,
 fix to grow and reflect new size when no instance is associated with memory object.
 - Correctness fixes for the js api, throw range errors instead of generic errors

BUG=chromium:680938

R=bradnelson@chromium.org, titzer@chromium.org

Review-Url: https://codereview.chromium.org/2638243002
Cr-Commit-Position: refs/heads/master@{#42432}
2017-01-18 04:45:07 +00:00
v8-autoroll
d6a103d29d Update V8 DEPS.
Rolling v8/build: f55127d..c94e6d2

Rolling v8/third_party/catapult: 143ba4d..cfcae9b

Rolling v8/tools/clang: f7ce1a5..3a41cc3

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://codereview.chromium.org/2636323003
Cr-Commit-Position: refs/heads/master@{#42431}
2017-01-18 04:21:04 +00:00
gsathya
54b5c4b853 [ESnext] Implement Object Rest
This rewrites the rest property into a runtime call which sets up the
correct properties in the newly created object.

- Changes flag to --harmony-object-rest-spread
- Changes pattern rewriter to desugar rest property
- Adds new runtime function CopyDataPropertiesWithExcludedProperties

BUG=v8:5549

Review-Url: https://codereview.chromium.org/2620943002
Cr-Commit-Position: refs/heads/master@{#42430}
2017-01-18 01:05:17 +00:00
tandrii
c236fe1459 Whitespace test of CQ.
TBR=machenbach@chromium.org
NOPRESUBMIT=True
NOTRY=True
BUG=664915

Review-Url: https://codereview.chromium.org/2643563002
Cr-Commit-Position: refs/heads/master@{#42429}
2017-01-17 23:00:38 +00:00
tandrii
0dc9afefbc Infra CQ config: remove deprecated target_ref.
BUG=644915
R=sergiyb@chromium.org,machenbach@chromium.org
NOTRY=True

Review-Url: https://codereview.chromium.org/2641523003
Cr-Commit-Position: refs/heads/master@{#42428}
2017-01-17 21:42:28 +00:00
kozyatinskiy
5d95b0a9b3 [inspector] console.timeEnd formats ms in the same way as JS formats double
BUG=chromium:680801
R=dgozman@chromium.org,pfeldman@chromium.org,alph@chromium.org

Review-Url: https://codereview.chromium.org/2631553003
Cr-Commit-Position: refs/heads/master@{#42427}
2017-01-17 20:21:38 +00:00
titzer
8d76f0e346 [wasm] Enforce memory and table limits during instantiation.
R=rossberg@chromium.org
BUG=chromium:575167

Review-Url: https://codereview.chromium.org/2636173002
Cr-Commit-Position: refs/heads/master@{#42426}
2017-01-17 19:15:59 +00:00
ahaas
cfa6ce3232 [turbofan] Do not reduce Return nodes with multiple value inputs.
The existing implementation assumes that return nodes have exactly one
real value input. This assumption does not hold for WebAssembly. To
avoid incorrect behavior, this CL turns of the reduction of returns
with a value input count != 1.

R=titzer@chromium.org, mstarzinger@chromium.org

Review-Url: https://codereview.chromium.org/2638053002
Cr-Commit-Position: refs/heads/master@{#42425}
2017-01-17 19:01:32 +00:00
petermarshall
5e31df230c [MIPS] Fix Apply builtin always taking the slow path.
There were multiple bugs in the apply builtins on mips and mips64 which
caused them to always take the slow path by calling into the runtime to
create the array. The other bugs went undiscovered because those paths
were never taken.

Review-Url: https://codereview.chromium.org/2634393002
Cr-Commit-Position: refs/heads/master@{#42424}
2017-01-17 19:00:24 +00:00
gsathya
875165ea17 [promises] Clean up promise utils and remove dead code
BUG=v8:5343

Review-Url: https://codereview.chromium.org/2637523002
Cr-Commit-Position: refs/heads/master@{#42423}
2017-01-17 17:09:51 +00:00
bjaideep
bb89869a51 PPC/s390: [builtins] CompileLazy bailed out to the runtime entirely too often.
Port 743fdb25b3

Original Commit Message:

    This is just a bug. CompileLazy knows how to look in the
    SharedFunctionInfo for code (or bytecode, essentially) if it
    finds nothing in the OptimizedCodeMap. Ensure that behavior.

R=mvstanton@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=681543
LOG=N

Review-Url: https://codereview.chromium.org/2641473002
Cr-Commit-Position: refs/heads/master@{#42422}
2017-01-17 17:08:42 +00:00
bjaideep
6555a3c1c2 PPC/s390: [TypeFeedbackVector] DeclareGlobals needs a literals array
Port b83c3d29a9

Original Commit Message:

    When a function is declared in global scope, the closure is created
    by the DeclareGlobals runtime service. It needs a pointer to the
    literals array, already allocated in the feedback vector. This
    fixes a bug where it's behavior wasn't in sync with CreateClosure,
    which accepts the literals from the vector.

    This enables a follow-on performance improvement in the CompileLazy
    builtin.

R=mvstanton@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=680637
LOG=N

Review-Url: https://codereview.chromium.org/2634423002
Cr-Commit-Position: refs/heads/master@{#42421}
2017-01-17 17:04:07 +00:00
leszeks
5dbc1ba0f9 [conversions] Make "DoubleToUint32IfEqualToSelf" use bit magic
Uses the structure of an IEEE float to speed up
DoubleToUint32IfEqualToSelf, similar to FastD2UI. Micro-benchmarks show
a ~1.2x-2x speed-up, depending on the input.

Review-Url: https://codereview.chromium.org/2636453003
Cr-Commit-Position: refs/heads/master@{#42420}
2017-01-17 16:38:49 +00:00
ishell
23fb6cf07d [runtime] Remove redundant StoreMode enum.
BUG=v8:5495

Review-Url: https://codereview.chromium.org/2639583002
Cr-Commit-Position: refs/heads/master@{#42419}
2017-01-17 15:41:45 +00:00
ishell
322a37856a [runtime] Add DescriptorArray::GeneralizeAllFields().
... and rename [Copy]GeneralizeAllRepresentations() -> [Copy]GeneralizeAllFields().

BUG=v8:5495

Review-Url: https://codereview.chromium.org/2632373002
Cr-Commit-Position: refs/heads/master@{#42418}
2017-01-17 15:39:06 +00:00
gsathya
2fd434160a [promises] Remove runtime call from PromiseReject
Also moves some functions to prologue.js

BUG=v8:5343

Review-Url: https://codereview.chromium.org/2630593004
Cr-Commit-Position: refs/heads/master@{#42417}
2017-01-17 15:31:50 +00:00
machenbach
6715439932 Revert of [complier] Enable parallel eager inner function compilation with compiler dispatcher. (patchset #11 id:260001 of https://codereview.chromium.org/2611313002/ )
Reason for revert:
Some crashes on mac:
https://build.chromium.org/p/client.v8/builders/V8%20Mac%20-%20debug/builds/11982/steps/Ignition%20-%20turbofan/logs/regress-crbug-429159
https://build.chromium.org/p/client.v8/builders/V8%20Mac%20GC%20Stress/builds/10966

Original issue's description:
> [complier] Enable parallel eager inner function compilation with compiler dispatcher.
>
> Enable enqueueing of eager inner function compilation onto the compiler
> dispatcher. This enables these tasks to be performed in parallel to
> compilation of the outer functio (only for Ignition functions).
> We currently synchronize to ensure all inner function compilations
>  are complete before executing the outer function - future work will
> allow outer function execution to happenin parallel to inner function
> compilation.
>
> BUG=v8:5203,v8:5215
>
> Review-Url: https://codereview.chromium.org/2611313002
> Cr-Commit-Position: refs/heads/master@{#42413}
> Committed: f12661a1ec

TBR=jochen@chromium.org,marja@chromium.org,mstarzinger@chromium.org,rmcilroy@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5203,v8:5215

Review-Url: https://codereview.chromium.org/2637123002
Cr-Commit-Position: refs/heads/master@{#42416}
2017-01-17 15:28:42 +00:00
jochen
29aaefa16a Annotate template and factory methods as not executing script
BUG=v8:5830
R=yangguo@chromium.org

Review-Url: https://codereview.chromium.org/2637873002
Cr-Commit-Position: refs/heads/master@{#42415}
2017-01-17 15:22:34 +00:00
sreten.kovacevic
6c389cef5a MIPS64: Port [turbofan] ARM64: Faster checked ops for PoT arrays
Port 95f210d562

Original commit message:
Improve CheckedLoad and Store bounds checking for arrays with power of two
length.

BUG=

Review-Url: https://codereview.chromium.org/2632213002
Cr-Commit-Position: refs/heads/master@{#42414}
2017-01-17 15:03:25 +00:00
rmcilroy
f12661a1ec [complier] Enable parallel eager inner function compilation with compiler dispatcher.
Enable enqueueing of eager inner function compilation onto the compiler
dispatcher. This enables these tasks to be performed in parallel to
compilation of the outer functio (only for Ignition functions).
We currently synchronize to ensure all inner function compilations
 are complete before executing the outer function - future work will
allow outer function execution to happenin parallel to inner function
compilation.

BUG=v8:5203,v8:5215

Review-Url: https://codereview.chromium.org/2611313002
Cr-Commit-Position: refs/heads/master@{#42413}
2017-01-17 14:56:47 +00:00
marja
9e6691fb2f Preparsing inner funcs: simplify test-parsing/NoPessimisticContextAllocation.
Reduce duplication of the inner function declaration + now we get the
test for inner arrow functions for free (if we later implement lazy
inner arrow functions).

BUG=v8:5501, v8:5516

Review-Url: https://codereview.chromium.org/2637003005
Cr-Commit-Position: refs/heads/master@{#42412}
2017-01-17 14:25:38 +00:00
jgruber
47684fe852 [heap] Don't allocate immovable code in LO space during serialization
Background: the first page of each space is implicitly immovable.
Recently, our builtin code objects have reached a size at which we
fill up the first page of code space during initialization. Once
that occurs, newly requested allocations of immovable code are
allocated in a large object space page of 512K.

This CL mitigates these effects by simply marking pages as immovable
during snapshot creation instead of going into LO space.

On snapshot builds, this should just work: deserialized pages are
trimmed and marked immovable when deserialization finishes.

However, non-snapshot builds and allocations of immovable CEntryStub
code at runtime are still affected.

BUG=v8:5831

Review-Url: https://codereview.chromium.org/2635973002
Cr-Commit-Position: refs/heads/master@{#42411}
2017-01-17 14:19:58 +00:00
machenbach
c2e8cb195a [foozzie] Suppress crbug.com/681806
BUG=chromium:681806
NOTRY=true
TBR=titzer@chromium.org,bradnelson@chromium.org

Review-Url: https://codereview.chromium.org/2638913002
Cr-Commit-Position: refs/heads/master@{#42410}
2017-01-17 14:18:20 +00:00
mvstanton
743fdb25b3 [builtins] CompileLazy bailed out to the runtime entirely too often.
This is just a bug. CompileLazy knows how to look in the
SharedFunctionInfo for code (or bytecode, essentially) if it
finds nothing in the OptimizedCodeMap. Ensure that behavior.

BUG=681543
R=leszeks@chromium.org

Review-Url: https://codereview.chromium.org/2636143002
Cr-Commit-Position: refs/heads/master@{#42409}
2017-01-17 13:54:49 +00:00
mvstanton
b83c3d29a9 [TypeFeedbackVector] DeclareGlobals needs a literals array
When a function is declared in global scope, the closure is created
by the DeclareGlobals runtime service. It needs a pointer to the
literals array, already allocated in the feedback vector. This
fixes a bug where it's behavior wasn't in sync with CreateClosure,
which accepts the literals from the vector.

This enables a follow-on performance improvement in the CompileLazy
builtin.

BUG=680637

Review-Url: https://codereview.chromium.org/2634283003
Cr-Commit-Position: refs/heads/master@{#42408}
2017-01-17 13:47:00 +00:00
neis
c5948b9897 [generators] Always call function with closure context when resuming.
The resume trampolin used to call the generator function with the context of the
last suspension rather than the closure's context.  While that was fine for
Ignition, Turbofan got utterly confused.  With this CL, the resume trampolin
always passes in the closure's context (like in the very first call of the
generator function).  The generator function itself then restores its previously
current context by reading it from the generator object and doing a
PushContext.

BUG=chromium:681171

Review-Url: https://codereview.chromium.org/2639533002
Cr-Commit-Position: refs/heads/master@{#42407}
2017-01-17 13:44:10 +00:00
rossberg
8863f9f258 [wasm] Check for malformed mutability
Fixes failure on spec test globals.wast.

Review-Url: https://codereview.chromium.org/2638003002
Cr-Commit-Position: refs/heads/master@{#42406}
2017-01-17 13:35:20 +00:00
marja
bc35251f5e objects.h splitting: Move ModuleInfoEntry
BUG=v8:5402

Review-Url: https://codereview.chromium.org/2638893002
Cr-Commit-Position: refs/heads/master@{#42405}
2017-01-17 13:28:54 +00:00
jochen
0389df514d Assert that context creation doesn't throw
Instead, it is supposed to just return an empty context if it failed.
Also don't invoke interceptors (we don't for the parts that deserialize
from the snapshot anyways).

BUG=v8:5830
R=yangguo@chromium.org

Review-Url: https://codereview.chromium.org/2636903002
Cr-Commit-Position: refs/heads/master@{#42404}
2017-01-17 13:01:03 +00:00
leszeks
bb71555e2e [ast] Remove internalization before AST rewriting
This internalization was not necessary, since the rewriting does not use
the .result name string.

The subsequent internalization is still needed, so to simplify later
refactoring, this CL also adds "releasing" of the disallow scopes and
uses them here immediately before the second internalize. Notably, this
means that the rewriting is now also in the disallow scopes.

Driveby: Remove isolate from the rewriter's processor constructor.

BUG=v8:5832

Review-Url: https://codereview.chromium.org/2635913002
Cr-Commit-Position: refs/heads/master@{#42403}
2017-01-17 12:46:02 +00:00
machenbach
e9981e076a [foozzie] Add test suppressions
BUG=chromium:681088,chromium:681236
NOTRY=true
TBR=bradnelson@chromium.org, titzer@chromium.org

Review-Url: https://codereview.chromium.org/2632223002
Cr-Commit-Position: refs/heads/master@{#42402}
2017-01-17 12:25:15 +00:00