As luck would have it, there doesn't seem to be a way to trigger
observable misbehavior currently (only with special flags).
BUG=chromium:380671
LOG=n
R=mvstanton@chromium.org
Review URL: https://codereview.chromium.org/1588013002
Cr-Commit-Position: refs/heads/master@{#33305}
This is the first of several commits to contribute Linux on z Systems
(s390/s390x) port of V8. We will be breaking up the changes into several
(hopefully) logical commits.
This commit contains the changes to V8 Makefile and build toolchains to
introduce S390 macros and compiler options. Just for awareness for reviewers
is that s390 is 31-bit (not 32!) big-endian platform on Linux on z. (MSB of address
is used to distinguish between 24-bit vs 31-bit addressing!) s390x is
64-bit Linux on z. Names follow the general linux convention on the platform.
A quick roadmap on upcoming commits:
- Add \#include of S390 header files in common files
- S390 related tests + tooling changes
- printf macro for printing size_t values.
- S390 platform-specific code generation code (bulk of changes!)
R=danno@chromium.org,svenpanne@chromium.org,michael_dawson@ca.ibm.com,jyan@ca.ibm.com,mtbrandyberry@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1585813002
Cr-Commit-Position: refs/heads/master@{#33304}
We were sometimes losing a splintering opportunity when a range was
ending at the beginning of a hot (==non-deferred) block, when giving
its value to some fixed range - i.e. a fixed operand of the first instruction
in that hot block.
Renamed 2 APIs to better reflect what their intent is.
Added self-checking when introducing moves connecting ranges, to
ensure we don't spill/fill in hot blocks ranges spilled only in deferred
blocks. Verified locally that these checks would have tripped in a few
cases before this change.
BUG=
Review URL: https://codereview.chromium.org/1564583002
Cr-Commit-Position: refs/heads/master@{#33301}
This patch implements eager expression rewriting when parsing. It will
be used for desugaring spreads but may have other uses in the future.
We call Traits::RewriteExpression as soon as we realise that something
parsed as an expression is actually used as an expression (and not as
a pattern). This patch adds a dummy implementation for this function,
doing no rewriting at all, and adds the trigers in the right places of
the parser.
R=rossberg@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1567603005
Cr-Commit-Position: refs/heads/master@{#33300}
When reserving a stack slot for the receiver, push an Immediate(0)
rather than a register that contains an untagged integer.
All other platforms push zero already.
Review URL: https://codereview.chromium.org/1585183002
Cr-Commit-Position: refs/heads/master@{#33299}
Split RegisterAllocationScope out of ExpressionResult and allocate one
for each statement. This ensures that we always have an outer register
allocation scope for statement code (used in CountOperation and
RegisterExecutionResult). Also refactored the register allocator code to
move it to it's own file and rename from TemporaryRegisterScope to
BytecodeRegisterAllocator.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1587033002
Cr-Commit-Position: refs/heads/master@{#33296}
CompatibleReceiverCheck used by the HandleFastApiCall builtin was terminating with failure upon encountering a hidden prototype.
It should actually stop iterating on the first non-hidden prototype.
BUG=
Review URL: https://codereview.chromium.org/1576423003
Cr-Commit-Position: refs/heads/master@{#33294}
This restores the case that was removed by
commit f0e41175fd
Author: jarin <jarin@chromium.org>
Date: Tue Jan 5 03:56:04 2016 -0800
[turbofan] Bidirectional representation inference.
BUG=v8:4667
LOG=n
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/1584913003
Cr-Commit-Position: refs/heads/master@{#33292}
This solves a bug discovered with fast accessors, where a pre-age prologue
was written into a stub. Since StaticMarkingVisitor<.>::IsFlushable will
only flush Code::FUNCTION [1], we'll restrict GeneratePreagedPrologue to
functions, too, instead of adding a Code::STUB restriction.
Also, generalize api accessor test cases to --optimize-for-size.
Also, fix CompilationCacheCachingBehavior for --optimize-for-size.
[1] https://code.google.com/p/chromium/codesearch#chromium/src/v8/src/heap/objects-visiting-inl.h&l=629-632
R=epertoso
BUG=
Review URL: https://codereview.chromium.org/1580323003
Cr-Commit-Position: refs/heads/master@{#33291}
- Use valgrind from v8/third_party/valgrind fetched as custom
deps. This will make the check more portable on buildbot
slaves without the need to install valgrind.
- Build path to checked executable to be ready for swarming.
BUG=chromium:535160
LOG=n
NOTRY=true
Review URL: https://codereview.chromium.org/1585093002
Cr-Commit-Position: refs/heads/master@{#33287}
Apparently, some StateValues have other StateValues as input. This
CL makes escape analysis transformation phase aware of it.
R=mstarzinger@chromium.org
BUG=v8:4586
LOG=n
Review URL: https://codereview.chromium.org/1581183004
Cr-Commit-Position: refs/heads/master@{#33285}
Reason for revert:
Doesn't work with triggered bots. Waiting for this fix: https://codereview.chromium.org/1587893003/
Original issue's description:
> [cq] Keep presubmit trybots and cq automatically in sync.
>
> Code copied 1:1 from chromium.
>
> BUG=chromium:565952
> LOG=n
> NOTRY=true
>
> Committed: https://crrev.com/039dce1e355be6422c672badef5f3895f3b16ead
> Cr-Commit-Position: refs/heads/master@{#33264}
TBR=tandrii@chromium.org,kjellander@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:565952
Review URL: https://codereview.chromium.org/1579223004
Cr-Commit-Position: refs/heads/master@{#33284}
Support inlining across bound functions in the JSCallReducer when we
specialize to the native context. This basically removes all overhead
from bound functions in TurboFan and gives another speed of 10x on my
microbenchmark.
BUG=chromium:535408, chromium:571299, v8:4629
R=jarin@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/1581343002
Cr-Commit-Position: refs/heads/master@{#33283}
On Intel, xchg stalls the pipeline. We use xchg to implement swap
moves. In a separate exploration, the presence of xchg in a very hot
loop, due to a change in register allocation, lead to over 20% regression.
Simply changing that instruction with push/mov/pop (almost) eliminated
the regression.
In light of that, I removed uses of xchg. This leads to more instructions,
though. That is particularly problematic for long cycles, which, today,
we translate to successions of swaps.
I plan to address this cycle issue in a separate change. For now, the
goal is to unblock the initial work that lead here.
Review URL: https://codereview.chromium.org/1580233003
Cr-Commit-Position: refs/heads/master@{#33282}
port 322ffda30d (r33265)
original commit message:
Also migrate the Number constructor to a native builtin, using the
same mechanism already used by the String constructor. Otherwise just
parsing and compiling the Number constructor to optimized code already
eats 2ms on desktop for no good reason, and the resulting optimized
code is not even close to awesome.
Drive-by-fix: Use correct context for the [[Construct]] case of the
String constructor as well, and share some code with it.
BUG=
Review URL: https://codereview.chromium.org/1581313002
Cr-Commit-Position: refs/heads/master@{#33280}
port 12bcba1543 (r33258)
original commit message:
The API functions are always in sloppy mode, so receiver is always a
JSReceiver once the actual call trampoline runs, no need to check again
in various places.
BUG=
Review URL: https://codereview.chromium.org/1582173002
Cr-Commit-Position: refs/heads/master@{#33278}
The bulk of these were marked simply '[PASS]', while one was marked
'[PASS, FAIL]' but seems to always pass.
BUG=v8:3305, v8:4405
LOG=n
Review URL: https://codereview.chromium.org/1584863003
Cr-Commit-Position: refs/heads/master@{#33277}
Port 322ffda30d
Original commit message:
Also migrate the Number constructor to a native builtin, using the
same mechanism already used by the String constructor. Otherwise just
parsing and compiling the Number constructor to optimized code already
eats 2ms on desktop for no good reason, and the resulting optimized
code is not even close to awesome.
Drive-by-fix: Use correct context for the [[Construct]] case of the
String constructor as well, and share some code with it.
R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1583903002
Cr-Commit-Position: refs/heads/master@{#33272}
exception operand in a handler block. This avoids confusing
unrelated ranges, which may happen if escape analysis elides
the exception operand.
BUG=chromium:576195
LOG=N
Review URL: https://codereview.chromium.org/1579603005
Cr-Commit-Position: refs/heads/master@{#33271}
Removes assignment hazard scope. Reverts back to the naive scheme of
allocating a temporary for every variable load. It was decided to revert it
because the current implementation does not handle logical expressions,
ternary operators, visiting objects in named/keyed loads. Also, we wanted
to evaluate alternate approaches and choose one when we have a mechanism
to measure performance.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1576403004
Cr-Commit-Position: refs/heads/master@{#33269}
Once we use type feedback, we need to reflect the feedback in the types, propagate
the new narrower types forward and use them in the subsequent
representation inference. This CL propagates and uses the recomputed types
for Phi and Select nodes (rather than using the types from the typer).
Review URL: https://codereview.chromium.org/1580353003
Cr-Commit-Position: refs/heads/master@{#33268}
This bug improves performance of escape analysis.
* A allocation discovery phase (EscapeAnalysis::AssignAliases)
ensures compact representation of virtual state
* Node revisiting in EscapeStatusAnalysis has been improved
* Escape analysis no longer requires a trimmed graph
BUG=v8:4586
LOG=n
Review URL: https://codereview.chromium.org/1559123003
Cr-Commit-Position: refs/heads/master@{#33267}
Also migrate the Number constructor to a native builtin, using the
same mechanism already used by the String constructor. Otherwise just
parsing and compiling the Number constructor to optimized code already
eats 2ms on desktop for no good reason, and the resulting optimized
code is not even close to awesome.
Drive-by-fix: Use correct context for the [[Construct]] case of the
String constructor as well, and share some code with it.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1573243009
Cr-Commit-Position: refs/heads/master@{#33265}
ReportFailedAccessCheck() sometimes doesn't throw an exception (it's up
to the embedder). Pretend that OrdinaryDefineOwnProperty() succeeded in
that case. This is consistent with existing behavior of other methods:
- JSObject::DefineOwnPropertyIgnoreAttributes
- JSObject::SetPropertyWithFailedAccessCheck
- Object::SetPropertyWithAccessor
See also commit f66c3f5c35.
BUG=chromium:574217
LOG=n
R=neis@chromium.org
Review URL: https://codereview.chromium.org/1580823002
Cr-Commit-Position: refs/heads/master@{#33262}
The API functions are always in sloppy mode, so receiver is always a
JSReceiver once the actual call trampoline runs, no need to check again
in various places.
R=verwaest@chromium.org
Review URL: https://codereview.chromium.org/1575973006
Cr-Commit-Position: refs/heads/master@{#33258}
