Handles stack overflow in interpreter.
1. When visiting function literal, if the shared function
info cannot be found we should return a stack overflow.
2. When visiting the ast graph, if stack overflow happens
then all the ast nodes are not visited, so we need to have
appropriate handling in the AccumulatorResultScope and
RegisterResultScope.
3. MakeBytecode should not return a suceess unconditionally.
If there is a stack overflow, it should return false, so
RangeError can be thrown.
BUG=v8:4280,v8:4680
LOG=N
Review URL: https://codereview.chromium.org/1721983005
Cr-Commit-Position: refs/heads/master@{#34282}
I turn the test off for now. The problem is that mips does not deal with
signalling NaNs as expected.
@v8-mips-ports: Could it be that the mips simulator deals differently
with signalling NaNs than the actual hardware? The implementation that
is tested in these tests assumes that sNaN * 1.0 = qNaN, where the bits
of sNaN and qNaN are equal except for the most significant mantissa bit.
This assumption holds for the simulator, but seems not to hold for actual
mips hardware. Do you know more about that?
R=mstarzinger@chromium.org, titzer@chromium.org, v8-mips-ports@googlegroups.com
Review URL: https://codereview.chromium.org/1735673003
Cr-Commit-Position: refs/heads/master@{#34278}
port ee8108b71c (r34246)
original commit message:
This implements proper handling of local control flow (i.e. break and
continue) that spans the boundary of a do-expression. We can no longer
determine the number of operands to be dropped from the nesting of
statements alone, instead we use the new precise operand stack depth
tracking.
BUG=
Review URL: https://codereview.chromium.org/1735853002
Cr-Commit-Position: refs/heads/master@{#34277}
Migrate Math.imul, Math.fround, Math.acos, Math.asin and Math.atan to
C++ builtins, as these ones call into C++ anyway and so there's no
need to have this extra wrapper around it.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1731543004
Cr-Commit-Position: refs/heads/master@{#34274}
This optimization does not give us much (see perf try bot results associated with this CL) but complicates things a lot. The main motivation is to avoid additional complexity in tail call optimization.
There are some pieces left in the deoptimizer, but I'll address this in a separate CL.
Review URL: https://codereview.chromium.org/1731273003
Cr-Commit-Position: refs/heads/master@{#34273}
port 666aec0348 (r34237)
original commit message:
Since both null and undefined are also marked as undetectable now, we
can just test that bit instead of having the CompareNilIC try to collect
feedback to speed up the general case (without the undetectable bit
being used).
Drive-by-fix: Update the type system to match the new handling of
undetectable in the runtime.
BUG=
Review URL: https://codereview.chromium.org/1731383003
Cr-Commit-Position: refs/heads/master@{#34270}
When there is no receiver object, plain function calls are a few
percent faster than %_Call().
This patch also fixes the HAS_INDEX macro used in a bunch of
Array.prototype functions to properly check for elements inherited
from prototypes.
Review URL: https://codereview.chromium.org/1706213002
Cr-Commit-Position: refs/heads/master@{#34269}
Mostly by avoiding unnecessary Handle/HandleScope creation,
"length" property lookups, and length conversions.
This yields about 60% speedup on the microbenchmark I tested with.
Note that the C++ builtin is the middle performance tier of three,
so not every Array.push use case will be affected by this patch.
Review URL: https://codereview.chromium.org/1716833002
Cr-Commit-Position: refs/heads/master@{#34268}
Port 666aec0348
Original commit message:
Since both null and undefined are also marked as undetectable now, we
can just test that bit instead of having the CompareNilIC try to collect
feedback to speed up the general case (without the undetectable bit
being used).
Drive-by-fix: Update the type system to match the new handling of
undetectable in the runtime.
R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1733663003
Cr-Commit-Position: refs/heads/master@{#34266}
Rolling v8/tools/clang to 8598a726360f2722f4db0eab732a5f6b4cb41eb9
Rolling v8/tools/swarming_client to 71c61c858bb2c2deda83781978fe65e94171f58f
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review URL: https://codereview.chromium.org/1729263004
Cr-Commit-Position: refs/heads/master@{#34265}
Port ee8108b71c
Original commit message:
This implements proper handling of local control flow (i.e. break and
continue) that spans the boundary of a do-expression. We can no longer
determine the number of operands to be dropped from the nesting of
statements alone, instead we use the new precise operand stack depth
tracking.
R=mstarzinger@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
TEST=mjsunit/harmony/do-expressions-control
BUG=v8:4488
LOG=n
Review URL: https://codereview.chromium.org/1735623002
Cr-Commit-Position: refs/heads/master@{#34264}
There was a bug in for-of loops without newly declared variables: If,
in performing the assignment, an exception were thrown, then
IteratorClose would not be called. The problem was that the assignment
is done as part of assign_each, which happens before the loop is put
back in the state which is recognized to be breaking/throwing/returning
early.
This patch modifies the for-of desugaring by setting the loop state
before, rather than after, evaluating the assign_each portion, which is
responsible for evaluating the assignment in for-of loops which do not
have a declaration.
This patch, together with https://codereview.chromium.org/1728973002 ,
allow all test262 iterator return-related tests to pass.
R=rossberg
BUG=v8:4776
LOG=Y
Review URL: https://codereview.chromium.org/1731773003
Cr-Commit-Position: refs/heads/master@{#34262}
In the for-of desugaring, IteratorClose is a subtle thing to get right.
When return exists, the logic for which exception to throw is as follows:
1. Get the 'return' property and property any exception that might come from
the property read
2. Call return, not yet propagating an exception if it's thrown.
3. If we are closing the iterator due to an exception, propagate that error.
4. If return threw, propagate that error.
5. Check if return's return value was not an object, and throw if so
Previously, we were effectively doing step 5 even if an exception "had already
been thrown" by step 3. Because this took place in a finally block, the exception
"won the race" and was the one propagated to the user. The fix is a simple change
to the desugaring to do step 5 only if step 3 didn't happen.
R=rossberg
BUG=v8:4775
LOG=Y
Review URL: https://codereview.chromium.org/1728973002
Cr-Commit-Position: refs/heads/master@{#34261}
Per MIPS O32 ABI the first four arguments must be passed via
the a0-a3 registers and they must be on the stack as well.
TEST=cctest/test-run-wasm/*
BUG=
Review URL: https://codereview.chromium.org/1730763002
Cr-Commit-Position: refs/heads/master@{#34260}
Reason for revert:
This breaks `gclient sync` because v8_target_arch isn't defined.
gyp: name 'v8_target_arch' is not defined while evaluating condition
'(OS=="linux" or OS=="mac") and (target_arch=="ia32" or target_arch=="x64") and
(v8_target_arch!="x87" and v8_target_arch!="x32") and coverage==0' in
/media/jfb/ssd/v8/v8/build/all.gyp
Error: Command '/usr/bin/python v8/build/gyp_v8' returned non-zero exit status 1
in /media/jfb/ssd/v8
Original issue's description:
> [coverage] Filter some files from instrumentation.
>
> This filters test and third_party files to get a speed-up
> when running tests and when collecting profile data.
>
> BUG=chromium:568949
> LOG=n
>
> Committed: https://crrev.com/761ee31be5ab4fde05c294e5d632608fbaea8ad4
> Cr-Commit-Position: refs/heads/master@{#34216}
>
> Committed: https://crrev.com/906db7448702a6ac9fab2a445c57cc85f6dd1b1a
> Cr-Commit-Position: refs/heads/master@{#34253}
TBR=tandrii@chromium.org,kjellander@chromium.org,machenbach@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:568949
Review URL: https://codereview.chromium.org/1737433002
Cr-Commit-Position: refs/heads/master@{#34258}
Everything that HCallFunction does can be easily done using more general HCallWithDescriptor, so there's no need to have this dedicated instruction around.
Review URL: https://codereview.chromium.org/1731303002
Cr-Commit-Position: refs/heads/master@{#34257}
This fixes a corner case that triggered an assert in full-codegens
operand stack depth tracking. We stop pushing operands if we overflow
the C-stack while iterating the AST. This makes the tracking go out of
sync before we fully returned from the tree traversal, at which point
the thrown RangeError will abort compilation.
R=ishell@chromium.org
TEST=mjsunit/regress/regress-crbug-589472
BUG=chromium:589472
LOG=n
Review URL: https://codereview.chromium.org/1732903002
Cr-Commit-Position: refs/heads/master@{#34255}
This patch moves for-of closing to staging. There are a couple of
minor semantics bugs remaining in finalization along edge cases, but
we don't know of any stability issues.
BUG=v8:3566
R=rossberg
LOG=Y
Review URL: https://codereview.chromium.org/1725203002
Cr-Commit-Position: refs/heads/master@{#34254}
Reason for revert:
It is not a good idea to call CallICStub from the builtin. It might be sensitive to the frame structure. Constructing a internal frame might cause problems. It is much better to inline the code related to the type feedback vector into the builtin.
Original issue's description:
> [Interpreter] Implements calls through CallICStub in the interpreter.
>
> Calls are implemented through CallICStub to collect type feedback. Adds
> a new builtin called InterpreterPushArgsAndCallIC that pushes the
> arguments onto stack and calls CallICStub.
>
> Also adds two new bytecodes CallIC and CallICWide to indicate calls have to
> go through CallICStub.
>
> MIPS port contributed by balazs.kilvady.
>
> BUG=v8:4280, v8:4680
> LOG=N
>
> Committed: https://crrev.com/20362a2214c11a0f2ea5141b6a79e09458939cec
> Cr-Commit-Position: refs/heads/master@{#34244}
TBR=rmcilroy@chromium.org,mvstanton@chromium.org,mstarzinger@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4280, v8:4680
Review URL: https://codereview.chromium.org/1731253003
Cr-Commit-Position: refs/heads/master@{#34252}
Reason for revert:
Build failure on Linux64 arm64 ASAN:
http://build.chromium.org/p/client.v8/builders/V8%20Linux64%20ASAN%20arm64%20-%20debug%20builder/builds/4829
(Leaks memory, somehow.)
Original issue's description:
> Encode interpreter::SourcePositionTable as variable-length ints.
>
> This reduces the memory consumption of SourcePositionTable by ca. 2/3.
> Over Octane, this reduces the source position table memory consumption
> from ~370kB to ~115kB, which makes it ca. 10% of the total bytecode size
> (~1.1MB)
>
> BUG=
>
> Committed: https://crrev.com/a6f41f7b8226555c5900440f6e3092b3545ee0f6
> Cr-Commit-Position: refs/heads/master@{#34250}
TBR=jochen@chromium.org,rmcilroy@chromium.org,yangguo@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review URL: https://codereview.chromium.org/1728193003
Cr-Commit-Position: refs/heads/master@{#34251}
This reduces the memory consumption of SourcePositionTable by ca. 2/3.
Over Octane, this reduces the source position table memory consumption
from ~370kB to ~115kB, which makes it ca. 10% of the total bytecode size
(~1.1MB)
BUG=
Review URL: https://codereview.chromium.org/1704943002
Cr-Commit-Position: refs/heads/master@{#34250}
There was an eval inside the array_natives_test() which prevented
Crankshaft, even tho it's unrelated, and so we always went to TurboFan
now, which both decreased test coverage and increased time for stress
opt runs.
R=machenbach@chromium.org
Review URL: https://codereview.chromium.org/1725383002
Cr-Commit-Position: refs/heads/master@{#34248}
Reason for revert:
[Sheriff] Breaks local make builds.
Original issue's description:
> [coverage] Filter some files from instrumentation.
>
> This filters test and third_party files to get a speed-up
> when running tests and when collecting profile data.
>
> BUG=chromium:568949
> LOG=n
> NOTRY=true
>
> Committed: https://crrev.com/761ee31be5ab4fde05c294e5d632608fbaea8ad4
> Cr-Commit-Position: refs/heads/master@{#34216}
TBR=tandrii@chromium.org,kjellander@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:568949
Review URL: https://codereview.chromium.org/1727383002
Cr-Commit-Position: refs/heads/master@{#34247}
This implements proper handling of local control flow (i.e. break and
continue) that spans the boundary of a do-expression. We can no longer
determine the number of operands to be dropped from the nesting of
statements alone, instead we use the new precise operand stack depth
tracking.
R=jarin@chromium.org
TEST=mjsunit/harmony/do-expressions-control
BUG=v8:4488
LOG=n
Review URL: https://codereview.chromium.org/1724753002
Cr-Commit-Position: refs/heads/master@{#34246}
Apparently, the tarfile Python module spends a lot of time in
grp.getgrid for retrieving a piece information (the name of the
primary group) which we don't need anyway. There is no
proper way to disable these slow calls, but there's a workaround
which relies on the way in which grp (and pwd) is used.
In fact, pwd and grp are imported in this fashion:
try:
import grp, pwd
except ImportError:
grp = pwd = None
and then used with the following pattern [2]:
if grp:
try:
tarinfo.gname = grp.getgrgid(tarinfo.gid)[0]
except KeyError:
pass
By setting grp and pwd to None, thus skipping the calls, I was
able to achieve a 35x speedup on my workstation.
The user and group names are set to test262 when building the tar.
The downside to this approach is that we are relying on an
implementation detail, which is not in the public API.
However, the blamelist shows that the relevant bits of the module
have not been updated since 2003 [3], so we might as well assume
that the workaround will keep working, on cPython 2.x at least.
---
[1] https://hg.python.org/cpython/file/2.7/Lib/tarfile.py#l56
[2] https://hg.python.org/cpython/file/2.7/Lib/tarfile.py#l1933
[3] https://hg.python.org/cpython/rev/f9a5ed092660
BUG=chromium:535160
LOG=N
Review URL: https://codereview.chromium.org/1727773002
Cr-Commit-Position: refs/heads/master@{#34245}
Calls are implemented through CallICStub to collect type feedback. Adds
a new builtin called InterpreterPushArgsAndCallIC that pushes the
arguments onto stack and calls CallICStub.
Also adds two new bytecodes CallIC and CallICWide to indicate calls have to
go through CallICStub.
MIPS port contributed by balazs.kilvady.
BUG=v8:4280, v8:4680
LOG=N
Review URL: https://codereview.chromium.org/1688283003
Cr-Commit-Position: refs/heads/master@{#34244}
The Crankshaft fast case for String.fromCharCode() unconditionally
deoptimizes on all non-int32 inputs, even tho it would be perfectly
valid to just truncate the index to an int32.
R=ishell@chromium.org
BUG=chromium:587068
LOG=n
Review URL: https://codereview.chromium.org/1727873003
Cr-Commit-Position: refs/heads/master@{#34243}
The InstructionSelector::CanCover() heuristic was not correctly set to
match loads that are wired into the effect chain (i.e. when the input
comes from the JavaScript pipeline instead of the RawMachineAssembler).
Also the InstructionSelector on x64 was confused by the
CanBeBetterLeftOperand heuristic, which prevented proper covering for
map checks generated by the JavaScript pipeline.
R=epertoso@chromium.org
Review URL: https://codereview.chromium.org/1734503002
Cr-Commit-Position: refs/heads/master@{#34242}
These macro operators represent a conditional eager deoptimization exit
without explicit branching, which greatly reduces overhead of both
scheduling and register allocation, and thereby greatly reduces overall
compilation time, esp. when there are a lot of eager deoptimization
exits.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1721103003
Cr-Commit-Position: refs/heads/master@{#34239}
Reason for revert:
Revert because of canary crashes: crbug.com/589413
Original issue's description:
> Replace slots buffer with remembered set.
>
> Slots pointing to evacuation candidates are now recorded in the new RememberedSet<OLD_TO_OLD>.
>
> The remembered set is extended to support typed slots.
>
> During parallel evacuation all migration slots are recorded in local slots buffers.
> After evacuation all local slots are added to the remembered set.
>
> BUG=chromium:578883
> LOG=NO
>
> Committed: https://crrev.com/2285a99ef6f7d52f4f0c4d88a7db4224443ee152
> Cr-Commit-Position: refs/heads/master@{#34212}
TBR=jochen@chromium.org,hpayer@chromium.org,mlippautz@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:578883
Review URL: https://codereview.chromium.org/1725073003
Cr-Commit-Position: refs/heads/master@{#34238}
Since both null and undefined are also marked as undetectable now, we
can just test that bit instead of having the CompareNilIC try to collect
feedback to speed up the general case (without the undetectable bit
being used).
Drive-by-fix: Update the type system to match the new handling of
undetectable in the runtime.
R=danno@chromium.org
Review URL: https://codereview.chromium.org/1722193002
Cr-Commit-Position: refs/heads/master@{#34237}
This is the first step in process of replacing JR and JALR instructions
with JIC and JIALC for r6. Trampoline in r6 now uses JIC. Also
BranchLong and BranchAndLinkLong MacroAssembler functions now use JIC
and JIALC in r6 if branch delay slot is not used.
BUG=
Review URL: https://codereview.chromium.org/1573983002
Cr-Commit-Position: refs/heads/master@{#34236}
Now that JALR to JAL optimization is removed, the value of the constant
kInstructionsFor32BitConstant and comments are adjusted accordingly.
BUG=
Review URL: https://codereview.chromium.org/1690133004
Cr-Commit-Position: refs/heads/master@{#34235}
Implements poisson unsampling. A poisson process is used to determine
which samples to collect based on a sample rate. Unsampling will
approximate the true number of allocations at each site taking into
account that smaller allocations are less likley to be sampled.
This work was originally being done in the agent that
consumes profiles but it is more efficient to do it here
and individual consumers of the API should not have to
worry about the mathematical details of the sampling
process.
R=ofrobots@google.com
BUG=
Review URL: https://codereview.chromium.org/1706343002
Cr-Commit-Position: refs/heads/master@{#34234}
We previously supported use of bitwise operations to convert
from intish to int, but use of kAsmInt in some places and kAsmIntQ
in others prevents this from working with heap accesses.
Switch to use kAsmIntQ where appropriate (even though intish_ != 0
in principle captures the superset of these cases),
as it's more conservative (and uses types.h better).
BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=mjsunit/asm-wasm
R=aseemgarg@chromium.org,titzer@chromium.org
LOG=N
Review URL: https://codereview.chromium.org/1731603002
Cr-Commit-Position: refs/heads/master@{#34233}
