Commit Graph

24517 Commits

Author SHA1 Message Date
rossberg
4273f66e98 [es6] Implement proper TDZ for parameters
Previously, examples like (({a = x}, x) => {})({}, 0) did not throw a ReferenceError like they should. This CL

- Splits up DeclareFormalParameters such that the formals can be recorded first and declared later.

- Declaration then takes the complete parameter list into account. If it is not simple, temporaries are introduced for all parameters.

- BuildParameterInitializationBlock desugars all parameters from non-simple lists into let-bindings.

- Refactored Pre/ParserFormalParameters, so that the arity information is no longer duplicated in Parser.

- Rest is currently handled specially, until rest-via-destructuring has landed.

R=adamk@chromium.org, littledan@chromium.org
BUG=v8:811
LOG=N

Review URL: https://codereview.chromium.org/1259283002

Cr-Commit-Position: refs/heads/master@{#30025}
2015-08-05 12:02:23 +00:00
yangguo
41fad8dbe0 Revert of Remove serializer-specific hash table size heuristic. (patchset #1 id:1 of https://codereview.chromium.org/1265983006/ )
Reason for revert:
This still breaks: https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/1296/steps/Mjsunit/logs/load-proxy

Test: mjsunit/strong/load-proxy
Flags: --stress-opt --always-opt
Command: out/Debug/d8 --test --random-seed=2021532800 --stress-opt --always-opt --nohard-abort --nodead-code-elimination --nofold-constants --enable-slow-asserts --debug-code --verify-heap --harmony-proxies --strong-mode test/mjsunit/strong/load-proxy.js --gc-interval=500 --stress-compaction --concurrent-recompilation-queue-length=64 --concurrent-recompilation-delay=500 --concurrent-recompilation

Run #1
Exit code: -11
Result: CRASH
Expected outcomes: PASS
Duration: 00:00:553

Run #2
Exit code: -11
Result: CRASH
Expected outcomes: PASS
Duration: 00:00:520

Run #3
Exit code: -11
Result: CRASH
Expected outcomes: PASS
Duration: 00:00:572

Original issue's description:
> Remove serializer-specific hash table size heuristic.
>
> The heuristic can cause weird behavior when bootstrapping.
> The memory savings is not worth this hassle.
>
> Committed: https://crrev.com/fc80f29a582b758d14aae864232624ca45e47ddc
> Cr-Commit-Position: refs/heads/master@{#30019}

TBR=ulan@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1268413002

Cr-Commit-Position: refs/heads/master@{#30024}
2015-08-05 11:45:59 +00:00
mstarzinger
899c4284d5 Cleanup unnecessary duplication of runtime functions.
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1269323003

Cr-Commit-Position: refs/heads/master@{#30023}
2015-08-05 11:22:21 +00:00
yangguo
d261c79064 Revert of Revert part of "Remove serializer-specific hash table size heuristic." (patchset #1 id:1 of https://codereview.chromium.org/1272123002/ )
Reason for revert:
Did not fix issue it was intended to fix.

Original issue's description:
> Revert part of "Remove serializer-specific hash table size heuristic."
>
> TBR=machenbach@chromium.org
> NOTRY=true
> NOTREECHECKS=true
>
> Committed: https://crrev.com/68e5ae5282f3ba787c27ffa6e92fed6e5ff725e4
> Cr-Commit-Position: refs/heads/master@{#30021}

TBR=machenbach@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1276443002

Cr-Commit-Position: refs/heads/master@{#30022}
2015-08-05 10:28:10 +00:00
yangguo
68e5ae5282 Revert part of "Remove serializer-specific hash table size heuristic."
TBR=machenbach@chromium.org
NOTRY=true
NOTREECHECKS=true

Review URL: https://codereview.chromium.org/1272123002

Cr-Commit-Position: refs/heads/master@{#30021}
2015-08-05 08:57:02 +00:00
mstarzinger
b04171ad02 Fully deprecate FixedArray::CopySize method.
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/1256283003

Cr-Commit-Position: refs/heads/master@{#30020}
2015-08-05 08:55:16 +00:00
yangguo
fc80f29a58 Remove serializer-specific hash table size heuristic.
The heuristic can cause weird behavior when bootstrapping.
The memory savings is not worth this hassle.

Review URL: https://codereview.chromium.org/1265983006

Cr-Commit-Position: refs/heads/master@{#30019}
2015-08-05 07:35:44 +00:00
v8-autoroll
accf0c5cf3 Update V8 DEPS.
Rolling v8/tools/clang to c9a343c6a8065127989a05fe2a3fc76c26ad8102

TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1274553002

Cr-Commit-Position: refs/heads/master@{#30018}
2015-08-05 03:29:35 +00:00
adamk
2e4efcfac2 Add a --harmony-object-observe runtime flag (on by default)
To avoid tanking context startup performance, only the actual installation of the
JS-exposed API is flag-guarded. The remainder of the implementation still
resides in the snapshot.

Review URL: https://codereview.chromium.org/1257063003

Cr-Commit-Position: refs/heads/master@{#30017}
2015-08-04 20:53:32 +00:00
binji
890c4d9dc6 [d8 Workers] Throw when calling Worker constructor without new
BUG=4399
R=jarin@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1260813008

Cr-Commit-Position: refs/heads/master@{#30016}
2015-08-04 20:40:12 +00:00
hpayer
53be2063cc Retire ShortCircuitConsString.
BUG=

Review URL: https://codereview.chromium.org/1267313002

Cr-Commit-Position: refs/heads/master@{#30015}
2015-08-04 19:20:10 +00:00
mlippautz
9d7ebcf7f5 Reland: GC: Refactor public incremental marking interface in heap
Combines:
* https://codereview.chromium.org/1273483002/
* https://codereview.chromium.org/1266793003/

This reverts commit 0215fb56f4.

BUG=

Review URL: https://codereview.chromium.org/1265273002

Cr-Commit-Position: refs/heads/master@{#30014}
2015-08-04 19:01:18 +00:00
adamk
61805178c2 Ship --harmony-new-target
BUG=v8:3887
LOG=y

Review URL: https://codereview.chromium.org/1267773009

Cr-Commit-Position: refs/heads/master@{#30013}
2015-08-04 18:02:05 +00:00
mstarzinger
bcad9b547d Introduce safe interface to "copy and grow" FixedArray.
This introduces a CopyFixedArrayAndGrow method on Factory that takes
the "grow amount" instead of the "new size" as an argument. The new
interface is safer because it allows for mutations by the GC that
potentially trim the source array.

This also fixes a bug in SharedFunctionInfo::AddToOptimizedCodeMap
where the aformentioned scenario led to unused entries within the
optimized code map.

Note that FixedArray::CopySize is hereby deprecated because it is
considered unsafe and should no longer be used.

R=hpayer@chromium.org
TEST=mjsunit/regress/regress-crbug-513507
BUG=chromium:513507
LOG=n

Review URL: https://codereview.chromium.org/1255173006

Cr-Commit-Position: refs/heads/master@{#30012}
2015-08-04 17:49:42 +00:00
adamk
0215fb56f4 Revert of GC: Refactor public incremental marking interface in heap (patchset #6 id:100001 of https://codereview.chromium.org/1273483002/ )
Reason for revert:
Fails on the MSAN builder:

http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/builds/3580/steps/Check/logs/RegExpInterruption

Likely due to lack of initialization of IncrementalMarking::gc_callback_flags_.

Original issue's description:
> GC: Refactor incremental marking interface from heap
>
> BUG=
>
> Committed: https://crrev.com/c9fcaeb336919ce4b76fded8c8059457e9820250
> Cr-Commit-Position: refs/heads/master@{#30009}

TBR=ulan@chromium.org,hpayer@chromium.org,mlippautz@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1271823006

Cr-Commit-Position: refs/heads/master@{#30011}
2015-08-04 17:47:51 +00:00
adamk
c4247c1bc2 [es6] new.target should not be shadowable in a with scope
BUG=v8:3887
LOG=n

Review URL: https://codereview.chromium.org/1259183005

Cr-Commit-Position: refs/heads/master@{#30010}
2015-08-04 17:15:40 +00:00
mlippautz
c9fcaeb336 GC: Refactor incremental marking interface from heap
BUG=

Review URL: https://codereview.chromium.org/1273483002

Cr-Commit-Position: refs/heads/master@{#30009}
2015-08-04 16:57:14 +00:00
ulan
a88475c059 Revert d5419b for regressing v8.top_25_smooth benchmark.
BUG=chromium:516425
LOG=NO

Review URL: https://codereview.chromium.org/1271973002

Cr-Commit-Position: refs/heads/master@{#30008}
2015-08-04 16:50:38 +00:00
hpayer
c7456abf46 Change RecordSlot interface. Make it more robust by replacing anchor slot with actual object.
BUG=

Review URL: https://codereview.chromium.org/1259613006

Cr-Commit-Position: refs/heads/master@{#30007}
2015-08-04 16:43:07 +00:00
rossberg
1813f80d73 Fix another instance of the previous build issue
TBR=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1264233005

Cr-Commit-Position: refs/heads/master@{#30006}
2015-08-04 15:52:36 +00:00
mtrofin
c11ab6f7e5 Setting up the stage for heuristics that preprocess live ranges before register allocation, and are independent of register allocation - e.g. the deferred blocks heuristic, or the split at call sites heuristic.
Added a separate flag for this, since we intend to enable it for the linear allocator as well. Currently, the option is "on" for greedy, as a point in time to enable its testing (through the greedy allocator bots).

BUG=

Review URL: https://codereview.chromium.org/1256313003

Cr-Commit-Position: refs/heads/master@{#30005}
2015-08-04 14:50:05 +00:00
bbudge
34bd773eb6 Rename IsSimdObject assembly intrinsic.
Change IS_SIMD_OBJECT to IS_SIMD_VALUE, and IsSimdObject to IsSimdValue.

R=rossberg
LOG=N
BUG=v8:4124

Review URL: https://codereview.chromium.org/1253103006

Cr-Commit-Position: refs/heads/master@{#30004}
2015-08-04 14:37:07 +00:00
vogelheim
e045b78d8e Avoid data race when writing Shell::options.script_executed.
The race occurred when Workers were used. Since Workers call
Shell::ExecuteString from a different thread, TSAN (correctly) flags
this as a racy write. Solution would be to either synchronize the writes,
or to 'lift' the write higher up in the call stack and only write the flag
from the main thread. This implements this latter solution.

These methods call Shell::ExecuteString, but do *not* set script_executed:
- ExecuteInThread: Can only occur is JS has already been executed.
- Shell::Load: Callback for JS; so JS has already been executed when
               we get there.
- Shell::RunShell: Interactive shell. We no longer need script_executed once
                   we're here.

BUG=v8:4330
LOG=N

Review URL: https://codereview.chromium.org/1258303004

Cr-Commit-Position: refs/heads/master@{#30003}
2015-08-04 14:32:34 +00:00
rossberg
56bd11a11a [es6] Refactor FormalParameter
Store arity in FormalParameters; store name (instead of var) and is_rest flag in individual parameters. Ensure that the arity is always maintained consistently.

This is preparation for more parameter destructuring adjustments. In particular, a follow-up CL will separate parameter recording from declaring the variables.

R=adamk@chromium.org, littledan@chromium.org
BUG=v8:811
LOG=N

Review URL: https://codereview.chromium.org/1259013003

Cr-Commit-Position: refs/heads/master@{#30002}
2015-08-04 14:24:58 +00:00
rossberg
479e0c0347 Fix build error (missing cast to void*)
TBR=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1263043004

Cr-Commit-Position: refs/heads/master@{#30001}
2015-08-04 14:24:38 +00:00
yangguo
186841f0a0 Revert of Remove serializer-specific hash table size heuristic. (patchset #1 id:1 of https://codereview.chromium.org/1265983006/ )
Reason for revert:
https://chromegw.corp.google.com/i/client.v8/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20gc%20stress/builds/3088/steps/Mjsunit/logs/load-proxy

Original issue's description:
> Remove serializer-specific hash table size heuristic.
>
> The heuristic can cause weird behavior when bootstrapping.
> The memory savings is not worth this hassle.
>
> Committed: https://crrev.com/a246e296c6366dcd0a2d8aa0df973d57093178f6
> Cr-Commit-Position: refs/heads/master@{#29992}

TBR=ulan@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1257873006

Cr-Commit-Position: refs/heads/master@{#30000}
2015-08-04 14:09:04 +00:00
titzer
6b63aa06d3 [turbofan] Handle void returns in instruction selector.
R=jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1269183002

Cr-Commit-Position: refs/heads/master@{#29999}
2015-08-04 13:14:16 +00:00
rossberg
222b70d10f Correct handling of temporaries as parameters.
They need to be properly recorded in the scope's temps set, otherwise allocation doesn't know about them and can break. (Not observable right now, but necessary for follow-up changes to parameter destructuring.)

Also, print temporary variables in a useful manner.

R=adamk@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1263563002

Cr-Commit-Position: refs/heads/master@{#29998}
2015-08-04 13:03:53 +00:00
yangguo
117650bb08 Remove some outdated/unused declarations.
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1265243003

Cr-Commit-Position: refs/heads/master@{#29997}
2015-08-04 12:44:42 +00:00
ulan
9aff1d352d Perform full GC in background idle notification.
BUG=chromium:515873
LOG=NO

Review URL: https://codereview.chromium.org/1263373002

Cr-Commit-Position: refs/heads/master@{#29996}
2015-08-04 12:42:10 +00:00
yangguo
4e036f3042 Debugger: refactor ScopeIterator, FrameInspector and DebugEvaluate.
This is a pure refactor and does not change functionality.

R=ulan@chromium.org

Review URL: https://codereview.chromium.org/1264993002

Cr-Commit-Position: refs/heads/master@{#29995}
2015-08-04 12:10:13 +00:00
ulan
0cf86bd2c8 Use conservative heap growing factor for background tab.
BUG=chromium:515873
LOG=NO

Review URL: https://codereview.chromium.org/1257833005

Cr-Commit-Position: refs/heads/master@{#29994}
2015-08-04 12:05:22 +00:00
paul.lind
880a648954 MIPS: Fix reg use in SIMD.js Add the other SIMD Phase 1 types.
Port 7b9670b63b

Only fails in debug builds.

TEST=mjsunit/harmony/simd
BUG=

Review URL: https://codereview.chromium.org/1264103005

Cr-Commit-Position: refs/heads/master@{#29993}
2015-08-04 11:09:32 +00:00
yangguo
a246e296c6 Remove serializer-specific hash table size heuristic.
The heuristic can cause weird behavior when bootstrapping.
The memory savings is not worth this hassle.

Review URL: https://codereview.chromium.org/1265983006

Cr-Commit-Position: refs/heads/master@{#29992}
2015-08-04 10:57:12 +00:00
hpayer
8548ea5d1a AdjustLiveBytes and friends takes a heap object pointer instead of an address.
That makes going to the page safe. Addresses can be in arbitrary locations of an object, e.g. in a large object but not on the first 1M page.
BUG=

Review URL: https://codereview.chromium.org/1256203004

Cr-Commit-Position: refs/heads/master@{#29991}
2015-08-04 07:02:57 +00:00
v8-autoroll
5ee3176909 Update V8 DEPS.
Rolling v8/buildtools to 565d04e8741429fb1b4f26d102f2c6c3b849edeb

TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1267173003

Cr-Commit-Position: refs/heads/master@{#29990}
2015-08-04 03:25:44 +00:00
ofrobots
7f2dc889d4 remove recursion from NewSpace::AllocateRaw*
The recursion between AllocateRaw* and SlowAllocateRaw makes incremental
stepping very complicated. This patch removes the recursion. Follow-on
patches will improve accounting of allocations done by incremental mark.

See: https://codereview.chromium.org/1252053003/#msg5

BUG=
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/1265443003

Cr-Commit-Position: refs/heads/master@{#29989}
2015-08-03 20:43:51 +00:00
oth
d689c7a7be [Interpreter] Consistency fixes.
Change minimum BytecodeArray frame size to zero now return value is in
the accumulator.

Fix inconsistent checks in bytecode-array-builder.cc.

Simplify bytecode disassembly by adding Bytecodes::Decode to
disassemble one bytecode and operands.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1259193004

Cr-Commit-Position: refs/heads/master@{#29988}
2015-08-03 20:39:36 +00:00
ulan
d8ad147944 Grow heap slowly after running memory reducer.
BUG=

Review URL: https://codereview.chromium.org/1261373006

Cr-Commit-Position: refs/heads/master@{#29987}
2015-08-03 18:45:53 +00:00
mlippautz
869ab06ea5 GC: Refactor incremental marking steps w/ deadline into a separate call
BUG=

Review URL: https://codereview.chromium.org/1270873002

Cr-Commit-Position: refs/heads/master@{#29986}
2015-08-03 18:25:21 +00:00
yangguo
4a2e4420b8 Remove JSFunctionResultCache.
There is only one use case for it: String.prototype.search converts a
string argument into a RegExp. The cache is used to avoid repeating that
conversion. However, this does not make the added complexity worthwhile.

Review URL: https://codereview.chromium.org/1267493006

Cr-Commit-Position: refs/heads/master@{#29985}
2015-08-03 18:14:17 +00:00
dstence
8d2eec506f Enable gdb-jit for PPC64 on Linux (both big-endian and little-endian).
R=danno@chromium.org, mbrandy@us.ibm.com, michael_dawson@ca.ibm.com

BUG=

Review URL: https://codereview.chromium.org/1252913007

Cr-Commit-Position: refs/heads/master@{#29984}
2015-08-03 18:02:33 +00:00
mlippautz
40bb3a58a0 Remove high promotion mode
High promotion mode limits new space size in the case where many objects (high
rate) are promoted.  The result is frequent scavenger runs with low pause times. The
approach conflicts with pretenuring which requires a larger new space size to
collect enough feedback to be usable.

Ultimately the goal is to have pretenuring catch allocation sites that have high
promotion rates.

Revert "Bring back high promotion mode to shrink young generation size when scavenging latency is high."

This reverts commit 37be1d5e9e.

Revert "GC. Delay/avoid entering high promotion mode"

This reverts commit a5221d0779.

BUG=chromium:499507,chromium:506910
LOG=n

Review URL: https://codereview.chromium.org/1247723003

Cr-Commit-Position: refs/heads/master@{#29983}
2015-08-03 17:29:50 +00:00
binji
df1f72bbf1 [d8 worker] Fix regression when serializing very large arraybuffer
BUG=chromium:514081
R=jarin@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1264723002

Cr-Commit-Position: refs/heads/master@{#29982}
2015-08-03 17:08:00 +00:00
jochen
ed3e5d1f3a Check whether a typed array was neutered before writing to it
As demanded by the spec.

BUG=chromium:516251
R=jkummerow@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1261453004

Cr-Commit-Position: refs/heads/master@{#29981}
2015-08-03 16:11:29 +00:00
bbudge
565fe3f017 SIMD.js Fix x87 build.
Rename method EmitIsSpecObject -> EmitIsSimdObject.

LOG=N
BUG=v8:4124

Review URL: https://codereview.chromium.org/1263473008

Cr-Commit-Position: refs/heads/master@{#29980}
2015-08-03 15:32:49 +00:00
hpayer
82e1069330 Add support for large object IsSlotInBlackObject to filter out all dead slots correctly.
BUG=chromium:454297
LOG=n

Review URL: https://codereview.chromium.org/1268663004

Cr-Commit-Position: refs/heads/master@{#29979}
2015-08-03 15:24:17 +00:00
mbrandy
e16cfe562d PPC: Clean up register save/restore logic.
NOPRESUBMIT=true
R=titzer@chromium.org, michael_dawson@ca.ibm.com, jyan@ca.ibm.com, joransiu@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1271583002

Cr-Commit-Position: refs/heads/master@{#29978}
2015-08-03 14:36:56 +00:00
titzer
80efc9d2fb Fix presubmit errors in runtime-simd.cc.
R=mstarzinger@chromium.org
BUG=
NOTREECHECKS=true

Review URL: https://codereview.chromium.org/1263363002

Cr-Commit-Position: refs/heads/master@{#29977}
2015-08-03 14:28:06 +00:00
hpayer
0924d6d542 Reland of land concurrent sweeping of code space. (patchset #1 id:1 of https://codereview.chromium.org/1263343002/)
Reason for revert:
Bogus revert.

Original issue's description:
> Revert of Reland concurrent sweeping of code space. (patchset #6 id:100001 of https://codereview.chromium.org/1242333002/)
>
> Reason for revert:
> Reverted because 507840 came back on recent Chromecrash. Should not have committed this Cl.
>
> Original issue's description:
> > Reland concurrent sweeping of code space.
> >
> > BUG=
> >
> > Committed: https://crrev.com/8516dccf6a561020441773c93c564dd4aa6ee59e
> > Cr-Commit-Position: refs/heads/master@{#29967}
>
> TBR=jochen@chromium.org
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=
>
> Committed: https://crrev.com/5c6e7d00438cc82a5584e3178d7dadf36e4a34f8
> Cr-Commit-Position: refs/heads/master@{#29975}

TBR=jochen@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1271773002

Cr-Commit-Position: refs/heads/master@{#29976}
2015-08-03 14:12:34 +00:00