Commit Graph

34849 Commits

Author SHA1 Message Date
rossberg
4a90e7220c [wasm] Implement Table#set and Table#grow
R=ahaas@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2414053002
Cr-Commit-Position: refs/heads/master@{#40357}
2016-10-17 11:39:34 +00:00
verwaest
fbef7e1485 Take the scope info of the direct outer scope as outer scope info
BUG=v8:5209

Review-Url: https://codereview.chromium.org/2424693003
Cr-Commit-Position: refs/heads/master@{#40356}
2016-10-17 11:25:41 +00:00
cbruni
f8654ce9f6 Do not inline object-stats functions to reduce binary size.
BUG=chromium:645378

Review-Url: https://codereview.chromium.org/2422143002
Cr-Commit-Position: refs/heads/master@{#40355}
2016-10-17 11:10:08 +00:00
jkummerow
3f6e0a4ef9 [ic] Delete old KeyedLoadIC code
RIP, handwritten KeyedLoadICStub, handwritten KeyedLoadIC_Megamorphic,
and hydrogenized KeyedLoadGeneric!

Review-Url: https://codereview.chromium.org/2424433002
Cr-Commit-Position: refs/heads/master@{#40354}
2016-10-17 10:31:18 +00:00
mstarzinger
ab5379074d [parser] Deprecate ParseInfo constructor taking closure.
This removes the {ParseInfo} constructor consuming a closure, replacing
all uses to pass only the shared function info. The goal is to make the
fact that parsing is independent of a concrete closure explicit.

R=jochen@chromium.org
BUG=v8:2206

Committed: https://crrev.com/3de42b3f224217ec88e4c609d3cf23fe06806dca
Review-Url: https://codereview.chromium.org/2396963003
Cr-Original-Commit-Position: refs/heads/master@{#40083}
Cr-Commit-Position: refs/heads/master@{#40353}
2016-10-17 10:27:29 +00:00
bmeurer
4386dfeee0 [turbofan] Eliminate redundant ChangeTaggedSignedToInt32.
Apply the same strength reduction to the ChangeTaggedSignedToInt32
operator that we already have for ChangeTaggedToInt32.

R=epertoso@chromium.org

Review-Url: https://codereview.chromium.org/2428493002
Cr-Commit-Position: refs/heads/master@{#40352}
2016-10-17 10:15:07 +00:00
bmeurer
201e53fbe9 [turbofan] Run load elimination prior to escape analysis.
Once the escape analysis ran, it'll be harder to eliminate a bunch of
checks (for example map checks, which would currently block escape
analysis, but that's about to be fixed). Also the escape analysis will
have a lot less stress after the load elimination, which takes care of
redundant loads and checks already.

R=mstarzinger@chromium.org
BUG=v8:5448

Review-Url: https://codereview.chromium.org/2427533002
Cr-Commit-Position: refs/heads/master@{#40351}
2016-10-17 10:13:41 +00:00
jochen
6755b55a74 Make unittests work in component build
R=machenbach@chromium.org,titzer@chromium.org,bmeurer@chromium.org,jgruber@chromium.org
BUG=
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_win_dbg,v8_mac_dbg;master.tryserver.chromium.android:android_arm64_dbg_recipe

Review-Url: https://codereview.chromium.org/2416243002
Cr-Commit-Position: refs/heads/master@{#40350}
2016-10-17 10:02:06 +00:00
verwaest
b7a163257b Separate scope info allocation for the debugger from regular allocation
BUG=

Review-Url: https://codereview.chromium.org/2425633002
Cr-Commit-Position: refs/heads/master@{#40349}
2016-10-17 09:45:01 +00:00
clemensh
ce32e2ffd8 [debug] Consistently use script from FrameMirror
... instead of getting it from the FunctionMirror. For WASM frames
(including asm.js -> WASM), the function is either unresolved or does
not contain the script.

The added test case failed before this CL.

R=kozyatinskiy@chromium.org, yangguo@chromium.org, titzer@chromium.org
BUG=v8:4203

Review-Url: https://codereview.chromium.org/2415073003
Cr-Commit-Position: refs/heads/master@{#40348}
2016-10-17 09:41:44 +00:00
marja
e27ef0a603 Fix mjsunit oddities (new try).
1) assertInstanceOf(o, Foo, Bar) used to produce this error message:

Failure: expected <o> is not an instance of <Foo> but of < Bar>> found <undefined>

Fixed:

Failure: <o> is not an instance of <Foo> but of <Bar>

2) assertDoesNotThrow("throw 1") used to produce this error message:

Failure: expected <threw an exception: > found <1>

Fixed:

Failure: threw an exception: 1

3) assertDoesNotThrow("...", SomeError) was not doing what you'd
think it does, so removed the last parameter.

BUG=

Review-Url: https://codereview.chromium.org/2424743003
Cr-Commit-Position: refs/heads/master@{#40347}
2016-10-17 09:34:58 +00:00
titzer
6d266f0088 [wasm] Add a Managed<T> wrapper class for allocating C++ classes that are deleted when the wrapper is garbage collected.
Use sparingly!

This doesn't add any really new functionality, other than making it more
convenient to do this.

This will primarily be used to wrap a WasmModule to be referenced from a
JSObject that represents an instance. There is one WasmModule C++ object
per parsed WasmModule, so this should not be more than a handful or a few
dozen in well-behaved programs.

R=rossberg@chromium.org,mlippautz@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2409173005
Cr-Commit-Position: refs/heads/master@{#40346}
2016-10-17 09:28:40 +00:00
sander
f87d19c42e [crankshaft] Eliminate unnecessary ToNumber call
This is a fix for a regression that started ~6 months ago when
https://codereview.chromium.org/1757013002 landed. This patch will remove the
unnecessary Change/CallWithDescriptor/Change opcodes causing the regression.

BUG=v8:5373
R=bmeurer@chromium.org

Review-Url: https://codereview.chromium.org/2423923002
Cr-Commit-Position: refs/heads/master@{#40345}
2016-10-17 09:27:39 +00:00
bmeurer
e0b4b1b63f [turbofan] Manually smash the type on literal allocation.
Currently JSCreateLowering drops the type information for object
literals, when inlining the JSCreateLiteralArray/Object nodes,
which means we will not eliminate a couple of checks after the
lowering.

R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2423913002
Cr-Commit-Position: refs/heads/master@{#40344}
2016-10-17 09:13:54 +00:00
verwaest
9768ff47e7 Move should_eager_compile and is_lazily_parsed to DeclarationScope
BUG=v8:5209

Review-Url: https://codereview.chromium.org/2423883002
Cr-Commit-Position: refs/heads/master@{#40343}
2016-10-17 09:04:46 +00:00
mstarzinger
3c6bbe07e8 [turbofan] Funnel class constructors through TurboFan.
This makes optimization of all class constructors (i.e. both base and
derived) go through TurboFan. Note some class constructors containing
Harmony language features (e.g. super constructor calls or accesses to
the new.target value) were already going through TurboFan before.

R=bmeurer@chromium.org
BUG=v8:5458

Review-Url: https://codereview.chromium.org/2397723002
Cr-Commit-Position: refs/heads/master@{#40342}
2016-10-17 08:58:25 +00:00
danno
87ae05c7c4 [turbofan]: Micro optimizations to lea[l/q] on ia32/x64
Utilize all opportunities to turn leas into adds.

Review-Url: https://codereview.chromium.org/2418803002
Cr-Commit-Position: refs/heads/master@{#40341}
2016-10-17 08:57:44 +00:00
clemensh
8bb1e6d06b Add option to print all exceptions
When DevTools calls to JavaScript, it often ignores exceptions and just
fails since no value was returned.
The new --print-all-exceptions flag makes it easy to spot the location
and the reason for the thrown exception.

R=titzer@chromium.org

Review-Url: https://codereview.chromium.org/2417743004
Cr-Commit-Position: refs/heads/master@{#40340}
2016-10-17 08:37:41 +00:00
bmeurer
a40be67bbd [turbofan] Eliminate CheckHeapObject if the input cannot be in SignedSmall range.
R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2425613002
Cr-Commit-Position: refs/heads/master@{#40339}
2016-10-17 08:36:35 +00:00
verwaest
9126cb8d2a Also mark the script-scope for eager compilation upon ForceEagerCompilation
BUG=v8:5424

Review-Url: https://codereview.chromium.org/2427503002
Cr-Commit-Position: refs/heads/master@{#40338}
2016-10-17 08:32:06 +00:00
bmeurer
8791f01bb1 [ignition] Collect feedback for super constructor calls.
In order to optimize super constructor calls with ES6 classes, we need
some feedback for both the JSCallConstruct and the resulting JSCreate
nodes in TurboFan. Both already optimize perfectly when the see nodes
with JSFunction constants, so utilizing the existing CallIC machinery
here, enables us to optimize the super constructor calls right now w/o
a lot of effort.

Note that there are probably better ways to track this information,
for example we could do some tracking on the constructor functions;
this will however require serious changes in TurboFan and the runtime,
and would block progress on more important tasks.

R=mythria@chromium.org
BUG=v8:5517

Review-Url: https://codereview.chromium.org/2419423002
Cr-Commit-Position: refs/heads/master@{#40337}
2016-10-17 07:57:42 +00:00
neis
4c364e63af [modules] Don't unnecessarily keep function alive after evaluation.
Also hide some implementation details behind abstract predicates and clean up the heap verifier functions.

R=adamk@chromium.org
BUG=v8:1569

Review-Url: https://codereview.chromium.org/2407183002
Cr-Commit-Position: refs/heads/master@{#40336}
2016-10-17 07:37:03 +00:00
bmeurer
0f4a4ae026 [turbofan] Inline Object.prototype.__proto__ getter.
In the JSCallReducer, recognize and inline calls to the __proto__ getter
on the %ObjectPrototype%.

R=yangguo@chromium.org
BUG=chromium:655963

Review-Url: https://codereview.chromium.org/2421923002
Cr-Commit-Position: refs/heads/master@{#40335}
2016-10-17 06:29:24 +00:00
bmeurer
96f1327a93 [turbofan] Add missing Float32 -> TaggedSigned conversion.
There are a couple of operators that can indeed produce Float32
representation, which we might end up using in a TaggedSigned
context, so add the missing conversion (indirectly via Float64).

BUG=chromium:656275
R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2421193002
Cr-Commit-Position: refs/heads/master@{#40334}
2016-10-17 05:41:09 +00:00
v8-autoroll
5445fe66ad Update V8 DEPS.
Rolling v8/build: 08e8c31..5e4af51

Rolling v8/third_party/android_tools: https://chromium.googlesource.com/android_tools/+log/3d6ba29..25d57ea

Rolling v8/third_party/catapult: 07c81af..6087117

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://codereview.chromium.org/2421183002
Cr-Commit-Position: refs/heads/master@{#40333}
2016-10-17 03:36:55 +00:00
v8-autoroll
aef590867b Update V8 DEPS.
Rolling v8/third_party/catapult: c1cc028..07c81af

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://codereview.chromium.org/2423743002
Cr-Commit-Position: refs/heads/master@{#40332}
2016-10-16 03:34:49 +00:00
marja
7d1a7df120 Revert of mjsunit: Fix the error message produced by assertInstanceof. (patchset #1 id:1 of https://codereview.chromium.org/2413153004/ )
Reason for revert:
This is probably not working for falsey values. I cannot JavaScript :P

Original issue's description:
> mjsunit: Fix the error message produced by assertInstanceof.
>
> Used to be:
>
> Failure: expected <foo> is not an instance of <Bar> but of < Baz>> found <undefined>
>
> Should be:
>
> Failure: <foo> is not an instance of <Bar> but of <Baz>
>
> BUG=
>
> Committed: https://crrev.com/2a480eff395756f36eb0ae2fc0a573454b394268
> Cr-Commit-Position: refs/heads/master@{#40319}

TBR=verwaest@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review-Url: https://codereview.chromium.org/2421033003
Cr-Commit-Position: refs/heads/master@{#40331}
2016-10-15 06:34:19 +00:00
v8-autoroll
bca9690372 Update V8 DEPS.
Rolling v8/build: ee1c1b5..08e8c31

Rolling v8/third_party/android_tools: https://chromium.googlesource.com/android_tools/+log/25d57ea..3d6ba29

Rolling v8/third_party/catapult: c73d4a1..c1cc028

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://codereview.chromium.org/2414363003
Cr-Commit-Position: refs/heads/master@{#40330}
2016-10-15 03:37:58 +00:00
gdeepti
3d6f774352 [wasm] Fix bounds check for zero initial memory.
Currently when memory size references are updated with zero initial memory during GrowMemory/Relocation of Instance objects, the bounds check does not take into account the size of memtype.

R=titzer@chromium.org, bradnelson@chromium.org

Committed: https://crrev.com/70416a2b360c0d993cffb48284b143d484d1e290
Review-Url: https://codereview.chromium.org/2416543002
Cr-Original-Commit-Position: refs/heads/master@{#40326}
Cr-Commit-Position: refs/heads/master@{#40329}
2016-10-14 23:54:50 +00:00
gdeepti
2c4563003c Revert of [wasm] Fix bounds check for zero initial memory. (patchset #11 id:200001 of https://codereview.chromium.org/2416543002/ )
Reason for revert:
Reverting because of failure on V8 Linux64 GC Stress

http://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/8572

Original issue's description:
> [wasm] Fix bounds check for zero initial memory.
>
> Currently when memory size references are updated with zero initial memory during GrowMemory/Relocation of Instance objects, the bounds check does not take into account the size of memtype.
>
> R=titzer@chromium.org, bradnelson@chromium.org
>
> Committed: https://crrev.com/70416a2b360c0d993cffb48284b143d484d1e290
> Cr-Commit-Position: refs/heads/master@{#40326}

TBR=bradnelson@chromium.org,titzer@chromium.org,bradnelson@google.com,mtrofin@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review-Url: https://codereview.chromium.org/2416393002
Cr-Commit-Position: refs/heads/master@{#40328}
2016-10-14 22:43:24 +00:00
gsathya
b122da39d0 [async await] Fix debug async task event
If the catch prediction machinery in the middle of some async op, we
shouldn't send invalid events to the debugger.

Instead of sending events with an undefined id, we don't send them at
all.

Review-Url: https://codereview.chromium.org/2417093003
Cr-Commit-Position: refs/heads/master@{#40327}
2016-10-14 21:16:58 +00:00
gdeepti
70416a2b36 [wasm] Fix bounds check for zero initial memory.
Currently when memory size references are updated with zero initial memory during GrowMemory/Relocation of Instance objects, the bounds check does not take into account the size of memtype.

R=titzer@chromium.org, bradnelson@chromium.org

Review-Url: https://codereview.chromium.org/2416543002
Cr-Commit-Position: refs/heads/master@{#40326}
2016-10-14 21:01:55 +00:00
ishell
5acc31d863 [ic] Support data handlers that represent loads of constants from prototypes.
BUG=

Review-Url: https://codereview.chromium.org/2421883002
Cr-Commit-Position: refs/heads/master@{#40325}
2016-10-14 19:25:03 +00:00
ishell
d4a47fe6cc [ic] Smi-handlers are now able to represent loads of constants from descriptor array.
BUG=

Review-Url: https://codereview.chromium.org/2418063003
Cr-Commit-Position: refs/heads/master@{#40324}
2016-10-14 19:17:04 +00:00
alph
74a392cc88 [inspector] Record EvaluateScript trace event upon console evaluation
It will allow timeline to show JS profile on code evaluated from console.

BUG=chromium:655430

Committed: https://crrev.com/6882c91ecd222f3ee2feb42ad73fbc796d5c8172
Review-Url: https://codereview.chromium.org/2413943002
Cr-Original-Commit-Position: refs/heads/master@{#40289}
Cr-Commit-Position: refs/heads/master@{#40323}
2016-10-14 19:05:10 +00:00
danno
2f95265238 [Reland]: Improve CodeStubAssembler assert functionality
Introduce CSA_ASSERT macro that outputs a message, file name and line number to
console before calling DebugBreak.

Committed: https://crrev.com/23836e9c14f3df9b675fe02e2c23bb11e728b83d
Review-Url: https://codereview.chromium.org/2419433008
Cr-Original-Commit-Position: refs/heads/master@{#40307}
Cr-Commit-Position: refs/heads/master@{#40322}
2016-10-14 15:16:15 +00:00
mtrofin
80caaac31b [wasm] test deserialization when header is invalid
A test where the deserialization data has a header, but the
header is invalid. This is in addition to the current test
where we have empty deserialization data.

BUG=

Review-Url: https://codereview.chromium.org/2418483002
Cr-Commit-Position: refs/heads/master@{#40321}
2016-10-14 14:25:25 +00:00
epertoso
3653261931 [turbofan] Modifies the --turbo-verify-machine-graph flag to act as a filter.
This allows people writing code stubs to just verify the graph of the stub they're working on, at least until we fix all of the issues we have and enable the verification by default.

Also fixes representations in CodeStubAssembler::SmiOr and InterpreterAssembler::StarDispatchLookahead.

R=bmeurer@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2413653006
Cr-Commit-Position: refs/heads/master@{#40320}
2016-10-14 14:22:36 +00:00
marja
2a480eff39 mjsunit: Fix the error message produced by assertInstanceof.
Used to be:

Failure: expected <foo> is not an instance of <Bar> but of < Baz>> found <undefined>

Should be:

Failure: <foo> is not an instance of <Bar> but of <Baz>

BUG=

Review-Url: https://codereview.chromium.org/2413153004
Cr-Commit-Position: refs/heads/master@{#40319}
2016-10-14 14:12:04 +00:00
verwaest
7899fcc524 Drop Lazy from parser method names and events
BUG=

Review-Url: https://codereview.chromium.org/2414383002
Cr-Commit-Position: refs/heads/master@{#40318}
2016-10-14 14:09:27 +00:00
ziyang
cb0958e657 S390: Change printf format specifier for promoted and semi_space_copied in GcTracer
promoted and semi_space_copied are still int type, so it is needed to use V8PRIdPTR
as their printf format specifier.

R=mlippautz@chromium.org, ulan@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2415183003
Cr-Commit-Position: refs/heads/master@{#40317}
2016-10-14 13:46:10 +00:00
yangguo
b3852ab3b4 Remove --log-regexp.
There is no user for this log entry, and a large part of regexp log
output has long been removed already.

R=jgruber@chromium.org

Review-Url: https://codereview.chromium.org/2422593003
Cr-Commit-Position: refs/heads/master@{#40316}
2016-10-14 13:26:33 +00:00
marja
97fe83c78f Remove "is function lazy" logic from Preparser + tiny error reporting refactoring.
It doesn't need to have this logic.

ParseLazyFunctionLiteralBody is basically just ParseStatementList
+ log the function position. But PreParser doesn't need to have
the "which functions to log" logic, since logging the function is
always done exactly when Parser falls back to PreParser. (See
PreParseLazyFunction.)

So in the current state, PreParser would log several functions in
a SingletonLogger, and only the last one would take
effect (that's the one Parser also logs in SkipLazyFunctionBody).

Also updated test-parsing/Regress928 to produce the preparse data
the way we do now (i.e., not running the PreParser directly, but
running the Parser).

Error reporting: when PreParser finds an error, it doesn't need
to ReportUnexpectedToken in PreParseLazyFunction, since it
already has reported the error whenever it found it.

BUG=v8:5515

Review-Url: https://codereview.chromium.org/2421833002
Cr-Commit-Position: refs/heads/master@{#40315}
2016-10-14 13:21:12 +00:00
ishell
ac886b0c1c [ic] Move Smi-handler creation code to SmiHandler class.
... to keep all the pieces in one place for easier modifications.

This CL also adds a new runtime call stats bucket: KeyedLoadIC_LoadElementDH.

BUG=

Review-Url: https://codereview.chromium.org/2412983008
Cr-Commit-Position: refs/heads/master@{#40314}
2016-10-14 12:37:32 +00:00
machenbach
0b260995c6 Revert of Improve CodeStubAssembler assert functionality (patchset #3 id:40001 of https://codereview.chromium.org/2419433008/ )
Reason for revert:
[Sheriff] Fails leak checker:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20-%20debug/builds/12393

Original issue's description:
> Improve CodeStubAssembler assert functionality
>
> Introduce CSA_ASSERT macro that outputs a message, file name and line number to
> console before calling DebugBreak.
>
> Committed: https://crrev.com/23836e9c14f3df9b675fe02e2c23bb11e728b83d
> Cr-Commit-Position: refs/heads/master@{#40307}

TBR=epertoso@chromium.org,ishell@google.com,ishell@chromium.org,danno@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review-Url: https://codereview.chromium.org/2414373002
Cr-Commit-Position: refs/heads/master@{#40313}
2016-10-14 12:32:34 +00:00
yangguo
859eb7bdbc Fix interpreted regexp build wrt tracing.
R=jgruber@chromium.org

Review-Url: https://codereview.chromium.org/2418123002
Cr-Commit-Position: refs/heads/master@{#40312}
2016-10-14 12:23:50 +00:00
yangguo
92efd8f112 Clean up builtins export whitelist.
R=bmeurer@chromium.org

Review-Url: https://codereview.chromium.org/2410303009
Cr-Commit-Position: refs/heads/master@{#40311}
2016-10-14 11:52:03 +00:00
jgruber
fa28281266 [regexp] Match spec semantics in AdvanceStringIndex
Let AdvanceStringIndex return the incremented index instead of the
increment, and adjust all use sites.

BUG=v8:5339

Review-Url: https://codereview.chromium.org/2415383002
Cr-Commit-Position: refs/heads/master@{#40310}
2016-10-14 11:49:30 +00:00
jgruber
b182ab8302 [regexp] Simplify GetCapture
GetCapture can reuse the bool pointer argument of GenericCaptureGetter
instead of duplicating that logic with additional checks.

The check also incorrectly checks for undefined while
GenericCaptureGetter returns the empty string on failure.

BUG=v8:5339

Review-Url: https://codereview.chromium.org/2422563002
Cr-Commit-Position: refs/heads/master@{#40309}
2016-10-14 11:48:10 +00:00
jgruber
f60a7c4f61 [regexp] Turn last match info into a simple FixedArray
Now that all accesses to the last match info are in C++ and TF code, we can
finally turn the last match info into a FixedArray. Similar to the ArrayList,
it uses its first field to store its length and grows dynamically in amortized
O(1) time.

Unlike previously, this means that the last match info pointer stored on the
context can actually change (in case the FixedArray needs to grow).

BUG=v8:5339

Review-Url: https://codereview.chromium.org/2415103002
Cr-Commit-Position: refs/heads/master@{#40308}
2016-10-14 11:47:09 +00:00