Commit Graph

34297 Commits

Author SHA1 Message Date
bmeurer
50f18b8332 [stubs] Fix invalid IntPtrMul in DivideStub.
R=jarin@chromium.org
BUG=v8:5268

Review-Url: https://codereview.chromium.org/2375863002
Cr-Commit-Position: refs/heads/master@{#39805}
2016-09-28 07:14:03 +00:00
bmeurer
06eef6e6d8 [stubs] Don't unconditionally canonicalize in ChangeFloat64ToTagged.
Add a CanonicalizationMode to CodeStubAssembler::ChangeFloat64ToTagged,
so clients can request Smi canonicalization when desired, but otherwise
get Crankshaft/Fullcodegen compatible behavior of just boxing the double
into a HeapNumber.

R=verwaest@chromium.org
BUG=v8:5268

Review-Url: https://codereview.chromium.org/2380543002
Cr-Commit-Position: refs/heads/master@{#39804}
2016-09-28 06:42:57 +00:00
bmeurer
19b3943607 [turbofan] ChangeFloat64ToTagged shouldn't canonicalize.
This matches current Crankshaft/fullcodegen behavior more closely and
thus reduces the chances that we run into unnecessary polymorphism due
to the field representation tracking in our object model.

Drive-by-fixes: Make sure the JSRegExp::lastIndex field stays Smi
if possible (otherwise we tank the regexp benchmark in Octane).

CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_mac64_rel,v8_mac64_dbg
R=jarin@chromium.org
BUG=v8:5267

Committed: 6a939714e9
Committed: https://crrev.com/ee158e6c4cc896479a32245432a3c2fdd31bcb73
Committed: https://crrev.com/ddf792beb3a72f6dba83e94fc8ada03ebf1630bd
Review-Url: https://codereview.chromium.org/2367593003
Cr-Original-Original-Commit-Position: refs/heads/master@{#39692}
Cr-Original-Commit-Position: refs/heads/master@{#39748}
Cr-Commit-Position: refs/heads/master@{#39803}
2016-09-28 06:07:57 +00:00
bmeurer
15a449b141 [typedarray] Properly initialize JSTypedArray::length with Smi.
Even after https://codereview.chromium.org/2371963002 we still did not
always store a Smi into the JSTypedArray::length field, the runtime
function %TypedArrayInitializeFromArrayLike was still storing whatever
it got from the JavaScript code, which is highly dependent on internal
decisions of the ICs and the representation selection in the optimizing
compilers, so that's pretty fragile.

R=verwaest@chromium.org
BUG=chromium:650933

Review-Url: https://codereview.chromium.org/2377943002
Cr-Commit-Position: refs/heads/master@{#39802}
2016-09-28 05:49:37 +00:00
v8-autoroll
9a7678a049 Update V8 DEPS.
Rolling v8/build to 5e4ffb5c8928fe5afacd1b1b0f2bb732cdc0d77c

Rolling v8/third_party/WebKit/Source/platform/inspector_protocol to 5258fd5cfb62ec917c9258ce9089c62e17aee5dc

Rolling v8/tools/clang to f991b268a2441c4bc09b9cafdb3af797a13729fe

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://codereview.chromium.org/2380523002
Cr-Commit-Position: refs/heads/master@{#39801}
2016-09-28 04:06:01 +00:00
verwaest
f41e7ebd62 Don't use different function scopes when parsing with temp zones
Previously we'd have a scope in the main zone, and another in the temp zone. Then we carefully copied back data to the main zone. This CL changes it so that the scope is just fixed up to only contain data from the main zone. That avoids additional copies and additional allocations; while not increasing the care that needs to be taken. This will also make it easier to abort preparsing while parsing using a temp zone.

BUG=

Review-Url: https://codereview.chromium.org/2368313002
Cr-Commit-Position: refs/heads/master@{#39800}
2016-09-28 02:42:28 +00:00
adamk
841b82a408 [ast] Make FunctionLiteral delegate to its Scope for FunctionKind
As a side-effect, this lets us remove bit_field_2_ from FunctionLiteral.

R=verwaest@chromium.org
BUG=v8:5209

Review-Url: https://codereview.chromium.org/2369293003
Cr-Commit-Position: refs/heads/master@{#39799}
2016-09-28 01:20:59 +00:00
bradnelson
53b228239e [wasm] asm.js: Work around parser converting !0 and !1 to boolean.
!0 -> true and !1 -> false etc in the parser.
This clashes with some of the typing logic in asm.js,
and can show up in some real programs in the wild (at least in past asm.js
versions).

BUG= https://bugs.chromium.org/p/v8/issues/detail?id=4203
R=aseemgarg@chromium.org,jpp@chromium.org

Review-Url: https://codereview.chromium.org/2372823004
Cr-Commit-Position: refs/heads/master@{#39798}
2016-09-27 23:20:21 +00:00
neis
7beb149f47 [bootstrapper] Remove some redundant calls to set_native.
R=adamk@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2378483002
Cr-Commit-Position: refs/heads/master@{#39797}
2016-09-27 22:30:00 +00:00
mtrofin
fa071284ed [wasm] resolve mips build error post 0xC land
BUG=

Review-Url: https://codereview.chromium.org/2377683003
Cr-Commit-Position: refs/heads/master@{#39796}
2016-09-27 22:09:51 +00:00
titzer
28392ab196 [wasm] Master CL for Binary 0xC changes.
[0xC] Convert to stack machine semantics.
[0xC] Use section codes instead of names.
[0xC] Add elements section decoding.
[0xC] Decoding of globals section.
[0xC] Decoding of memory section.
[0xC] Decoding of imports section.
[0xC] Decoding of exports section.
[0xC] Decoding of data section.
[0xC] Remove CallImport bytecode.
[0xC] Function bodies have an implicit block.
[0xC] Remove the bottom label from loops.
[0xC] Add signatures to blocks.
[0xC] Remove arities from branches.
Add tests for init expression decoding.
Rework compilation of import wrappers and how they are patched.
Rework function indices in debugging.
Fix ASM->WASM builder for stack machine.
Reorganize asm.js foreign functions due to import indices change.

R=ahaas@chromium.org,rossberg@chromium.org,bradnelson@chromium.org
BUG=chromium:575167
LOG=Y

Committed: https://crrev.com/76eb976a67273b8c03c744f64ad850b0432554b9
Review-Url: https://codereview.chromium.org/2345593003
Cr-Original-Commit-Position: refs/heads/master@{#39678}
Cr-Commit-Position: refs/heads/master@{#39795}
2016-09-27 20:46:30 +00:00
alph
fcf1bac99a [tracing] Implement Add/RemoveTraceStateObserver for default platform.
BUG=chromium:406277

Review-Url: https://codereview.chromium.org/2369073003
Cr-Commit-Position: refs/heads/master@{#39794}
2016-09-27 20:12:55 +00:00
kozyatinskiy
ff135975b0 [inspector] run microtasks after async Runtime.evaluate
If promise was resolved before adding handler in Runtime.evaluate method then this callback won't be called. We need to run microtasks after adding handlers.

R=dgozman@chromium.org,alph@chromium.org

Review-Url: https://codereview.chromium.org/2371773004
Cr-Commit-Position: refs/heads/master@{#39793}
2016-09-27 19:42:30 +00:00
adamk
34922e8d77 Remove empty SNPrintF call to make mips build happy
TBR=klaasb@google.com

Review-Url: https://codereview.chromium.org/2370033004
Cr-Commit-Position: refs/heads/master@{#39792}
2016-09-27 19:28:51 +00:00
gsathya
1f89abcb9a [promises] Don't create resolving functions for PromiseCreate
Previously passing in the PromiseNopResolver function to the Promise
constructor would result in creating the resolving functions to be in
passed in to the executor, but the PromiseNopResolver does not use
these resolving functions resulting in wastefully creating these closures.

Instead we pass in the promiseRawSymbol to the promise constructor
so that these unnecessary resolving functions are not created.

BUG=v8:5046

Review-Url: https://codereview.chromium.org/2353303003
Cr-Commit-Position: refs/heads/master@{#39791}
2016-09-27 18:46:18 +00:00
adamk
01824e5e96 [modules] Move Evaluate from api.cc into internal Module implementation
R=neis@chromium.org
BUG=v8:1569

Review-Url: https://codereview.chromium.org/2376693003
Cr-Commit-Position: refs/heads/master@{#39790}
2016-09-27 18:32:24 +00:00
alph
4810f41a52 [tracing] Support ConvertableToTraceFormat argument type.
Drive-by: Use perfect forwarding for AddTraceEvent arguments.

BUG=406277

Committed: https://crrev.com/dcac49af485fe5d4c0027f153901435dbb29c232
Review-Url: https://codereview.chromium.org/2367603002
Cr-Original-Commit-Position: refs/heads/master@{#39742}
Cr-Commit-Position: refs/heads/master@{#39789}
2016-09-27 18:08:53 +00:00
nikolaos
dfb90f7c62 [parser] Refactor of (Parse|Desugar)*(Async|Arrow)*
This patch moves the following parsing method to ParserBase:

- DesugarAsyncFunctionBody, renamed to ParseAsyncFunctionBody
- ParseAsyncFunctionExpression, renamed to ParseAsyncFunctionLiteral
- ParseAsyncFunctionDeclaration

It renames the parser implementation methods:

- ParseArrowFunctionFormalParameterList -> DeclareArrowFunctionFormalParameters
- ParseArrowFunctionFormalParameters -> AddArrowFunctionFormalParameters

It also eliminates method ParseAsyncArrowSingleExpressionBody.

R=adamk@chromium.org, marja@chromium.org
BUG=
LOG=N

Review-Url: https://codereview.chromium.org/2372733002
Cr-Commit-Position: refs/heads/master@{#39788}
2016-09-27 18:02:24 +00:00
neis
b7913f33a3 [modules] Don't throw when detecting cycle while processing star exports.
We must not throw when seeing a cycle while trying to resolve a name through
star exports.  (It may be surprising that we do have to throw when seeing an
ambiguity, but this is what the spec says.)

R=adamk@chromium.org
BUG=v8:1569

Review-Url: https://codereview.chromium.org/2376563002
Cr-Commit-Position: refs/heads/master@{#39787}
2016-09-27 17:31:37 +00:00
kozyatinskiy
4dffc8a700 [inspector] fixed console.count with empty stack
BUG=chromium:644629
R=dgozman@chromium.org

Review-Url: https://codereview.chromium.org/2372093002
Cr-Commit-Position: refs/heads/master@{#39786}
2016-09-27 17:11:36 +00:00
mlippautz
263c20d36c [heap] Cleanup Heap::SetUp
BUG=

Review-Url: https://codereview.chromium.org/2371173002
Cr-Commit-Position: refs/heads/master@{#39785}
2016-09-27 17:06:34 +00:00
mvstanton
7abb0c69fb --turbo-cache-shared-code shouldn't control lookup in optimized code map.
This flag is meant to control whether we add a special context-free
entry to the optimized code map or not. A usage of the flag was
bogus.

BUG=

Review-Url: https://codereview.chromium.org/2374723002
Cr-Commit-Position: refs/heads/master@{#39784}
2016-09-27 16:44:28 +00:00
jgruber
f26c4d2d55 [stubs] Add SmiMax and refactor SmiMin to use Select
SmiMax will be used in a follow-up commit.

BUG=

Review-Url: https://codereview.chromium.org/2372543002
Cr-Commit-Position: refs/heads/master@{#39783}
2016-09-27 16:36:28 +00:00
klaasb
0d1e15d6e5 Remove decision by Turbofan OSR to optimize on next call
When we OSR using Turbofan, we would set the function to be optimized
on the next call, irrespective of the runtime profiler's previous
decisions - such as compiling for baseline. It seems more prudent to
always make these decisions in the runtime profiler where the data is
available.

Review-Url: https://codereview.chromium.org/2369043002
Cr-Commit-Position: refs/heads/master@{#39782}
2016-09-27 16:27:42 +00:00
ulan
55dd687a43 [heap] Decouple SpaceIterator from ObjectIterator.
BUG=

Review-Url: https://codereview.chromium.org/2377513007
Cr-Commit-Position: refs/heads/master@{#39781}
2016-09-27 16:23:50 +00:00
ulan
74145159af [heap] Remove --print-cumulative-gc-stat flag.
The same information can be obtained by processing --trace-gc-nvp output
or using trace event and GC metric of catapult in Chrome.

BUG=

Review-Url: https://codereview.chromium.org/2361073002
Cr-Commit-Position: refs/heads/master@{#39780}
2016-09-27 15:27:34 +00:00
machenbach
4f02ff7ee5 [test] Make test runner more rubust on startup.
The test driver fails once in a while with no output when
listing the tests on windows, causing the testing to not
even start.

This should make that less likely if there's a flaky crash
when listing the tests.

BUG=v8:5438

Review-Url: https://codereview.chromium.org/2373043002
Cr-Commit-Position: refs/heads/master@{#39779}
2016-09-27 15:14:01 +00:00
mlippautz
42ece47446 [heap] Remove border page
A page now belongs either the nursery *or* the intermediate gen. The page that
contained objects of both spaces is removed in this change.

BUG=chromium:636331

Review-Url: https://codereview.chromium.org/2209583002
Cr-Commit-Position: refs/heads/master@{#39778}
2016-09-27 15:02:22 +00:00
epertoso
0fb486fe44 [interpreter] Fix the interface descriptor for interpreter dispatch.
The bytecode offset parameter was Int32, but everywhere else it's an IntPtr.

BUG=

Review-Url: https://codereview.chromium.org/2369033003
Cr-Commit-Position: refs/heads/master@{#39777}
2016-09-27 15:00:09 +00:00
mstarzinger
437a33efd2 [turbofan] Fix indirect escapes in escape analysis.
This makes sure we only replace load operations for fields on virtual
objects. Even though data flow information for non-virtual (escaping)
allocations is available, it might be inaccurate in certain situations
where object state hasn't been cleared.

R=jarin@chromium.org
TEST=mjsunit/compiler/regress-escape-analysis-indirect

Review-Url: https://codereview.chromium.org/2369953002
Cr-Commit-Position: refs/heads/master@{#39776}
2016-09-27 14:53:17 +00:00
haraken
9285e66630 Add v8::Object::CreationContext that works for a persistent handle
I need this API for https://codereview.chromium.org/1609343002/.

BUG=483722

Review-Url: https://codereview.chromium.org/1627233002
Cr-Commit-Position: refs/heads/master@{#39775}
2016-09-27 14:19:46 +00:00
jgruber
515994b8ca [regexp] Don't cache exec method in Regexp.proto[@@split]
The call to RegExpSubclassExec may refer to a different exec method
since splitter is newly constructed previously to the call.

BUG=v8:5351

Review-Url: https://codereview.chromium.org/2370733003
Cr-Commit-Position: refs/heads/master@{#39774}
2016-09-27 14:02:33 +00:00
mstarzinger
66e73b3a1b [turbofan] Remove unsafe JSToBoolean lowering.
The lowering of {JSToBoolean} operators in {JSTypedLowering} inserts
loads that are not part of the effect chain. This does not play well
with effect-sensitive data flow analysis (e.g. escape analysis). This
removes the lowering in question, we can implement it using a dedicated
simplified operator eventually if needed.

R=bmeurer@chromium.org
TEST=mjsunit/wasm/embenchen/lua_binarytrees

Review-Url: https://codereview.chromium.org/2366363003
Cr-Commit-Position: refs/heads/master@{#39773}
2016-09-27 13:55:25 +00:00
jgruber
0ce95e0878 [stubs] Add a test for canary crashes in SubStringStub
These crashes were caused by an invalid pointer stored in a tagged
variable in SubStringStub. This can be reproduced by calling the stub on
an external string and ensuring GC kicks in on the subsequent
allocation.

Only the TurboFan implementation of SubStringStub is affected, the current
PlatformStub implementation handles this case just fine.

BUG=chromium:649967

Review-Url: https://codereview.chromium.org/2374603003
Cr-Commit-Position: refs/heads/master@{#39772}
2016-09-27 13:53:15 +00:00
bmeurer
bda4774c37 [typedarray] Really check that the JSTypedArray::length is always a Smi.
Even after https://codereview.chromium.org/2371963002 we might still
create JSTypedArray instances where the length field is a HeapNumber,
especially when TurboFan no longer canonicalizes all values in Smi
range to Smis (which we try to achieve currently). This adds strict
checking for this fact now.

R=mstarzinger@chromium.org

Review-Url: https://codereview.chromium.org/2373013002
Cr-Commit-Position: refs/heads/master@{#39771}
2016-09-27 13:23:26 +00:00
hpayer
d32d7e3211 Revert of [heap] Always use the passed-in collector in CollectGarbage. (patchset #1 id:1 of https://codereview.chromium.org/2336943003/ )
Reason for revert:
Regresses jank and memory. Revert for offline analysis.

Original issue's description:
> [heap] Always use the passed-in collector in CollectGarbage.
>
> Do not overwrite a collector decision.
>
> BUG=
>
> Committed: https://crrev.com/c19abaddafb5ede5e0d5efbe608b7fc5d7c7fcd0
> Cr-Commit-Position: refs/heads/master@{#39585}

TBR=ulan@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=

Review-Url: https://codereview.chromium.org/2369933004
Cr-Commit-Position: refs/heads/master@{#39770}
2016-09-27 13:15:49 +00:00
verwaest
c0ded71713 Don't reset parameters if we aborted preparsing, rebuild them from the params_ list
BUG=

Review-Url: https://codereview.chromium.org/2372703004
Cr-Commit-Position: refs/heads/master@{#39769}
2016-09-27 13:05:32 +00:00
marja
cbb3d91f30 Turn off FLAG_lazy_inner_functions
1) To get proper test coverage for the flag turned off

2) We need more scope analysis in the PreParser to not disable
optimizations for some common cases (inner function "var i" shadowing
outer function vars).

R=verwaest@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2365263005
Cr-Commit-Position: refs/heads/master@{#39768}
2016-09-27 12:48:13 +00:00
hpayer
b3a46ea45f [heap] Call FreeToBeFreedChunks in TypedSlotSet destructor.
BUG=chromium:650577,chromium:648568

Review-Url: https://codereview.chromium.org/2372933003
Cr-Commit-Position: refs/heads/master@{#39767}
2016-09-27 12:40:25 +00:00
caitp
ccdfa302ba [stubs] remove unused BranchIfSameValueZero from CodeStubAssembler
BUG=v8:5268, v8:5162
R=ishell@chromium.org

Review-Url: https://codereview.chromium.org/2374703002
Cr-Commit-Position: refs/heads/master@{#39766}
2016-09-27 12:34:41 +00:00
caitp
f9a2c8b111 [builtins] migrate C++ String Iterator builtins to baseline TurboFan
Migrate newly added C++ String Iterator builtins to TFJ builtins, per
step 4. of the String Iterator Baseline Implementation section of the design doc

BUG=v8:5388
R=bmeurer@chromium.org, mstarzinger@chromium.org

Review-Url: https://codereview.chromium.org/2358263002
Cr-Commit-Position: refs/heads/master@{#39765}
2016-09-27 12:04:32 +00:00
ishell
86bda7dd3b [stubs] Enable TurboFan StoreIC dispatcher stub.
BUG=chromium:576312

Review-Url: https://codereview.chromium.org/2166843002
Cr-Commit-Position: refs/heads/master@{#39764}
2016-09-27 11:42:23 +00:00
verwaest
1c758066f1 Don't track function-kind through FunctionState, always read from underlying scope
BUG=

Review-Url: https://codereview.chromium.org/2367383002
Cr-Commit-Position: refs/heads/master@{#39763}
2016-09-27 11:41:16 +00:00
bmeurer
c176b26fee [turbofan] Lower StringEqual and friends in EffectControlLinearizer.
Turn the StringEqualStub and friends into proper TurboFan builtins,
which means that we don't need to do on-demand compilation for those
stubs, and use those to defer lowering of the StringEqual, etc.
simplified operators to effect/control linearization (i.e. move it to
the concurrent recompilation part).

BUG=v8:5428
R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2363333003
Cr-Commit-Position: refs/heads/master@{#39762}
2016-09-27 11:24:27 +00:00
mvstanton
c9cc3d164d [turbofan] Remove the representation dimension from Type.
Adding this back in because it's not part of the stability issue.

BUG=chromium:649967
TBR=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2365373004
Cr-Commit-Position: refs/heads/master@{#39761}
2016-09-27 11:12:43 +00:00
caitp
8fea775784 [builtins] adapt arguments for Builtins::kIteratorPrototypeIterator
BUG=chromium:650172
R=mstarzinger@chromium.org, bmeurer@chromium.org

Review-Url: https://codereview.chromium.org/2368323002
Cr-Commit-Position: refs/heads/master@{#39760}
2016-09-27 11:05:42 +00:00
ishell
8c3cfa3a20 [ic] Properly initialize dummy feedback vector.
Review-Url: https://codereview.chromium.org/2372173002
Cr-Commit-Position: refs/heads/master@{#39759}
2016-09-27 11:01:51 +00:00
epertoso
e25b264957 [turbofan] Introduces the BitcastWordToTaggedSigned and BitcastTaggedToWord opcodes.
They are nops, but will be used when verifying the machine graph.

BUG=

Review-Url: https://codereview.chromium.org/2367413002
Cr-Commit-Position: refs/heads/master@{#39758}
2016-09-27 10:26:24 +00:00
epertoso
2db734df39 [turbofan] Reduces x << y ^ x >>> (32 - y) to x ror (32 - y).
The MachineOperatorReducer was only reducing word32 expressions of the type x << y | x >>> (32 - y) (and variants) to the equivalent Word32Ror. This CL applies the same pattern-matching logic to Word32Xor.

BUG=

Committed: https://crrev.com/a86397d890d3caa01a947e2a6e71beb1f58e6e6b
Review-Url: https://codereview.chromium.org/2199323003
Cr-Original-Commit-Position: refs/heads/master@{#38284}
Cr-Commit-Position: refs/heads/master@{#39757}
2016-09-27 10:15:44 +00:00
cbruni
47f303b66b Reland of Preparse functions in the scope that was created when parsing of the function was started (patchset #1 id:1 of https://codereview.chromium.org/2365393002/ )
Reason for revert:
Stability thief found, relanding speculative reverts.

Original issue's description:
> Revert of Preparse functions in the scope that was created when parsing of the function was started (patchset #2 id:20001 of https://codereview.chromium.org/2370713003/ )
>
> Reason for revert:
> Needed for https://codereview.chromium.org/2373443003/
>
> Original issue's description:
> > Preparse functions in the scope that was created when parsing of the function was started
> >
> > This reduces the number of scopes for lazily parsed top-level functions from 3 to 1
> >
> > BUG=v8:5209
> >
> > Committed: https://crrev.com/9618d095903c604a032b33792c068f4a6169503c
> > Cr-Commit-Position: refs/heads/master@{#39725}
>
> TBR=marja@chromium.org,verwaest@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:5209
>
> Committed: https://crrev.com/0cef7100da0b609403c9026fb7307192a898a390
> Cr-Commit-Position: refs/heads/master@{#39729}

TBR=marja@chromium.org,verwaest@chromium.org,hablich@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5209

Review-Url: https://codereview.chromium.org/2377593002
Cr-Commit-Position: refs/heads/master@{#39756}
2016-09-27 09:49:43 +00:00