Commit Graph

22503 Commits

Author SHA1 Message Date
verwaest
c153a8437e [crankshaft] Fix property access with proxies in prototype chain
BUG=

Review URL: https://codereview.chromium.org/1090813003

Cr-Commit-Position: refs/heads/master@{#27911}
2015-04-17 09:25:13 +00:00
yangguo
7f994ee0a7 Disable always-opt for locker tests.
In no-snap mode, creating 100 contexts can take a while.
This becomes even worse with always-opt.

R=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1092003002

Cr-Commit-Position: refs/heads/master@{#27910}
2015-04-17 09:13:55 +00:00
yangguo
4e37bd0684 Fix DCHECK with unsigned int in zone.cc.
R=svenpanne@chromium.org
BUG=v8:4037
LOG=N

Review URL: https://codereview.chromium.org/1051213005

Cr-Commit-Position: refs/heads/master@{#27909}
2015-04-17 09:06:45 +00:00
jkummerow
14ec8077cc Re-enable an UNREACHABLE in JSObject::GetHeaderSize()
Review URL: https://codereview.chromium.org/1091553002

Cr-Commit-Position: refs/heads/master@{#27908}
2015-04-17 08:47:11 +00:00
yangguo
ae2057e81a Reland "Migrate error messages, part 2."
Review URL: https://codereview.chromium.org/1083083004

Cr-Commit-Position: refs/heads/master@{#27907}
2015-04-17 08:35:47 +00:00
chunyang.dai
548a0b3bbd X87: Reland "Add basic crankshaft support for slow-mode for-in to avoid disabling optimizations"
port 8098253562 (r27898)

original commit message:

BUG=

Review URL: https://codereview.chromium.org/1086813004

Cr-Commit-Position: refs/heads/master@{#27906}
2015-04-17 08:18:09 +00:00
machenbach
f61f521d70 Let asan imply clang and use_allocator=none.
BUG=

Review URL: https://codereview.chromium.org/1089393004

Cr-Commit-Position: refs/heads/master@{#27905}
2015-04-17 08:13:12 +00:00
machenbach
e3c2ba776a Revert of Refactor compilation dependency handling. (patchset #4 id:60001 of https://codereview.chromium.org/1095433002/)
Reason for revert:
[Sheriff] Causes crashes in laout tests:
http://build.chromium.org/p/client.v8/builders/V8-Blink%20Linux%2064%20%28dbg%29/builds/2543

Extra bisect run:
http://build.chromium.org/p/client.v8/builders/V8-Blink%20Linux%2064%20%28dbg%29/builds/2548

Original issue's description:
> Refactor compilation dependency handling.
>
> Extract a new data structure CompilationDependencies and move (most) logic there.
>
> R=mstarzinger@chromium.org,verwaest@chromium.org
> BUG=
>
> Committed: https://crrev.com/b882479f1c84a48961b8aec81fa1bb1225034784
> Cr-Commit-Position: refs/heads/master@{#27892}

TBR=mstarzinger@chromium.org,verwaest@chromium.org,titzer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1093783002

Cr-Commit-Position: refs/heads/master@{#27904}
2015-04-17 07:47:09 +00:00
v8-autoroll
2af87b3e7a Update V8 DEPS.
Rolling v8/tools/clang to 2afd19d64f7c67c73e2052e87fbe4e1bc2a671c9

TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1098623002

Cr-Commit-Position: refs/heads/master@{#27903}
2015-04-17 03:44:37 +00:00
jochen
fd7d881e2b Revert of Revert "Remove early bail-out in VisitWeakList to investigate chrasher." (patchset #1 id:1 of https://codereview.chromium.org/1080303002/)
Reason for revert:
Still doesn't work

Original issue's description:
> Revert "Remove early bail-out in VisitWeakList to investigate chrasher."
>
> >  BUG=468601
> >  LOG=n
> >
> >  Review URL: https://codereview.chromium.org/1016353002
> >
> >  Cr-Commit-Position: refs/heads/master@{#27317}
>
> R=hpayer@chromium.org
> BUG=v8:3996,chromium:468601
> LOG=n
>
> Committed: https://crrev.com/835eeafe32f442d7b43fe175237de2c70ed7ceef
> Cr-Commit-Position: refs/heads/master@{#27814}

TBR=hpayer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3996,chromium:468601

Review URL: https://codereview.chromium.org/1092783002

Cr-Commit-Position: refs/heads/master@{#27902}
2015-04-16 21:00:03 +00:00
yangguo
04b72aa09f Serializer: share executable accessor infos between native contexts.
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/1081443006

Cr-Commit-Position: refs/heads/master@{#27901}
2015-04-16 18:07:51 +00:00
erikcorry
db04a5ad6f Properly report OOM when deoptimizer allocation fails
R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1052823003

Cr-Commit-Position: refs/heads/master@{#27900}
2015-04-16 18:05:22 +00:00
jkummerow
6b59e1f155 Don't crash when reporting an access check failure for a detached global proxy
BUG=chromium:475884
LOG=y
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/1086403002

Cr-Commit-Position: refs/heads/master@{#27899}
2015-04-16 17:46:38 +00:00
verwaest
8098253562 Reland "Add basic crankshaft support for slow-mode for-in to avoid disabling optimizations"
BUG=chromium:476592
LOG=n

Review URL: https://codereview.chromium.org/1086333002

Cr-Commit-Position: refs/heads/master@{#27898}
2015-04-16 17:32:00 +00:00
hpayer
c96a2d3a74 Use smaller heap growing factor in idle notification to start incremental marking when there is idle time >16ms.
BUG=chromium:477323
LOG=y

Review URL: https://codereview.chromium.org/1090963002

Cr-Commit-Position: refs/heads/master@{#27897}
2015-04-16 16:31:32 +00:00
mstarzinger
8924a9e1b7 [turbofan] Add single --turbo flag.
This flag is intended as a staging flag for TurboFan. It serves as a
single flag that always enables a most recent configuration of TurboFan
for test suites and benchmarks, without needing to update test drivers.

R=titzer@chromium.org,machenbach@chromium.org

Review URL: https://codereview.chromium.org/1094573002

Cr-Commit-Position: refs/heads/master@{#27896}
2015-04-16 16:28:39 +00:00
mbrandy
cc01cd94ab PPC: Array() in optimized code can create with wrong ElementsKind in corner cases.
Port 13459c1ae3

Original commit message:
Calling new Array(JSObject::kInitialMaxFastElementArray) in optimized code
makes a stub call that bails out due to the length. Currently, the bailout
code a) doesn't have the allocation site, and b) wouldn't use it if it did
because the length is perceived to be too high.

This CL passes the allocation site to the stub call (rather than undefined),
and alters the bailout code to utilize the feedback.

R=mvstanton@chromium.org, michael_dawson@ca.ibm.com, dstence@us.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1089913002

Cr-Commit-Position: refs/heads/master@{#27895}
2015-04-16 16:13:12 +00:00
paul.lind
e8fe704921 MIPS: Fix for StringCharCodeAtGenerator for vector-ics.
Register pop order bug only surfaced after vector-ic optimization
in https://codereview.chromium.org/1053843003 was landed.

TEST=mjsunit/string-index.js
BUG=

Review URL: https://codereview.chromium.org/1074123004

Cr-Commit-Position: refs/heads/master@{#27894}
2015-04-16 16:06:48 +00:00
paul.lind
80f24f7a4c Reland MIPS: Vector-ICs - speed towards the monomorphic exit as quickly as possible.
Port 35a67b745d

Original commit message:
Thanks to some careful assumptions, we can examine the object found at
vector[slot] and trust it's a heap object where the second field is
either a map if it's a WeakCell, or definitely not a map if it's a
Symbol, String or FixedArray. Use this to save a memory read.

BUG=

Review URL: https://codereview.chromium.org/1053843003

Cr-Commit-Position: refs/heads/master@{#27757}

Review URL: https://codereview.chromium.org/1083413003

Cr-Commit-Position: refs/heads/master@{#27893}
2015-04-16 16:05:45 +00:00
titzer
b882479f1c Refactor compilation dependency handling.
Extract a new data structure CompilationDependencies and move (most) logic there.

R=mstarzinger@chromium.org,verwaest@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1095433002

Cr-Commit-Position: refs/heads/master@{#27892}
2015-04-16 16:04:34 +00:00
titzer
cb08656b6d Move GetRootListIndex into Heap.
R=hpayer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1095513003

Cr-Commit-Position: refs/heads/master@{#27891}
2015-04-16 15:08:09 +00:00
erikcorry
a0e2dd23ce Make test unthreaded so other tests don't interfere with heap size
R=hpayer@chromium.org
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1086423003

Cr-Commit-Position: refs/heads/master@{#27890}
2015-04-16 14:44:25 +00:00
machenbach
d881baaced Revert of Migrate error messages, part 2. (patchset #1 id:1 of https://codereview.chromium.org/1086313003/)
Reason for revert:
[Sheriff]: This changes layout test expectations e.g.
http://build.chromium.org/p/client.v8/builders/V8-Blink%20Win/builds/2964

Original issue's description:
> Migrate error messages, part 2.
>
> Motivation for this is reducing the size of the native context.
>
> Committed: https://crrev.com/d3b788df0a4ccfedbe6e1df5e214cb6ba2792a65
> Cr-Commit-Position: refs/heads/master@{#27878}

TBR=mvstanton@chromium.org,yangguo@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1095573002

Cr-Commit-Position: refs/heads/master@{#27889}
2015-04-16 14:33:26 +00:00
marja
2dc0f2ec01 [strong] Allow mutually recursive classes.
The previous restrictions were overshooting (didn't allow a class to refer to a
later class under any circumstances); after this CL we're undershooting (allow
referring to any class from inside a method).

Implementing the correct checks (allow referring only if the class declarations
are in a consecutive block and if there's no dependency cycle) will be
implemented as a follow up.

BUG=v8:3956
LOG=N

Review URL: https://codereview.chromium.org/1087543004

Cr-Commit-Position: refs/heads/master@{#27888}
2015-04-16 14:12:52 +00:00
yangguo
a2baf44bf6 Serializer: collect and output memory statistics.
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1086363002

Cr-Commit-Position: refs/heads/master@{#27887}
2015-04-16 13:39:16 +00:00
ulan
da12c7c7c7 Add a flag to trace heap object stats on GC.
BUG=

Review URL: https://codereview.chromium.org/1094613002

Cr-Commit-Position: refs/heads/master@{#27886}
2015-04-16 13:30:30 +00:00
conradw
d8bccfe974 [strong] Implement static restrictions on switch statement
Implements the strong mode proposal's restrictions on the syntax of the
switch statement. Also fixes a minor bug with empty statements in strong
mode and improves StrongUndefinedArrow parser synch tests.

BUG=v8:3956
LOG=N

Review URL: https://codereview.chromium.org/1084983002

Cr-Commit-Position: refs/heads/master@{#27885}
2015-04-16 13:29:20 +00:00
erikcorry
71a19439e8 If a code space commit partially succeeds, free the memory
R=hpayer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1086253004

Cr-Commit-Position: refs/heads/master@{#27884}
2015-04-16 13:28:14 +00:00
erikcorry
9716468ae6 Fix logic for doing incremental marking steps on tenured allocation.
R=hpayer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1040233003

Cr-Commit-Position: refs/heads/master@{#27883}
2015-04-16 13:20:38 +00:00
hablich
0bc1a1526f Store hashes of current and previous shipped V8 version
Will be used for calculating changes between versions

BUG=
NOTRY=true

Review URL: https://codereview.chromium.org/1095483002

Cr-Commit-Position: refs/heads/master@{#27882}
2015-04-16 12:51:42 +00:00
mstarzinger
54cb7b6ea3 Disable more failing tests after f3338dd3b0.
TBR=jkummerow@chromium.org
TEST=mjsunit/debug-ignore-breakpoints
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1087673003

Cr-Commit-Position: refs/heads/master@{#27881}
2015-04-16 12:46:28 +00:00
wingo
e0913eccfb Simplify DoParseProgram
DoParseProgram doesn't appear to need to receive toplevel scopes as
arguments; it can properly set the end_position of the scopes to the
scanner's position after parsing is complete.

R=marja@chromium.org
BUG=
LOG=N

Review URL: https://codereview.chromium.org/1091743002

Cr-Commit-Position: refs/heads/master@{#27880}
2015-04-16 12:42:37 +00:00
yangguo
05bfdd866a Wrap map and set implementation in functions.
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1094563002

Cr-Commit-Position: refs/heads/master@{#27879}
2015-04-16 12:17:35 +00:00
yangguo
d3b788df0a Migrate error messages, part 2.
Motivation for this is reducing the size of the native context.

Review URL: https://codereview.chromium.org/1086313003

Cr-Commit-Position: refs/heads/master@{#27878}
2015-04-16 11:34:47 +00:00
chunyang.dai
758c5e123b X87: Use Cells to check prototype chain validity (disabled by default).
port 0179ec5797 (r27846).

original commit message:

 The cells are stored on prototypes (in their map's PrototypeInfo). When a
 prototype object changes its map, then both its own validity cell and those
 of all "downsstream" prototypes are invalidated; handlers for a given receiver
 embed the currently valid cell for that receiver's prototype during their
 compilation and check it on execution.

BUG=

Review URL: https://codereview.chromium.org/1090803002

Cr-Commit-Position: refs/heads/master@{#27877}
2015-04-16 10:40:43 +00:00
erikcorry
a3f5e04c99 Make store buffer more robust to OOM.
R=hpayer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1086263002

Cr-Commit-Position: refs/heads/master@{#27876}
2015-04-16 10:39:38 +00:00
chunyang.dai
5729299752 X87: Array() in optimized code can create with wrong ElementsKind in corner cases
port 13459c1ae3 (r27857)

original commit message:

    Array() in optimized code can create with wrong ElementsKind in corner cases.

    Calling new Array(JSObject::kInitialMaxFastElementArray) in optimized code
    makes a stub call that bails out due to the length. Currently, the bailout
    code a) doesn't have the allocation site, and b) wouldn't use it if it did
    because the length is perceived to be too high.

    This CL passes the allocation site to the stub call (rather than undefined),
    and alters the bailout code to utilize the feedback.

BUG=

Review URL: https://codereview.chromium.org/1088423002

Cr-Commit-Position: refs/heads/master@{#27875}
2015-04-16 10:38:35 +00:00
jkummerow
e39d33d3df Add missing Handle to GetOrCreatePrototypeChainValidityCell
Follow-up to 333219a745.

NOTRY=true
NOTREECHECKS=true

Review URL: https://codereview.chromium.org/1095503002

Cr-Commit-Position: refs/heads/master@{#27874}
2015-04-16 10:37:23 +00:00
chunyang.dai
e481c91b64 X87: VectorICs: megamorphic keyed loads in crankshaft don't need a vector.
port 776770c0e4 (r27827).

original commit message:

  This needs "Pass load ic state through the Oracle"
  (https://codereview.chromium.org/1083933002/) to land first.

BUG=

Review URL: https://codereview.chromium.org/1093433004

Cr-Commit-Position: refs/heads/master@{#27873}
2015-04-16 10:02:41 +00:00
jkummerow
333219a745 Enable Cell-based prototype chain checks
Review URL: https://codereview.chromium.org/1070253004

Cr-Commit-Position: refs/heads/master@{#27872}
2015-04-16 09:31:54 +00:00
hpayer
bbd222f882 Revert of Experiment: reduce heap growing factor to investigate OOM impact. (patchset #4 id:60001 of https://codereview.chromium.org/1060533003/)
Reason for revert:
Experiment done.

Original issue's description:
> Experiment: reduce heap growing factor to investigate OOM impact.
>
> This CL will be reverted after getting sufficient data.
> BUG=
>
> Committed: https://crrev.com/8b737395c8fcde35cbfbed6607f767ed48eefc5b
> Cr-Commit-Position: refs/heads/master@{#27804}

TBR=ulan@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1085353003

Cr-Commit-Position: refs/heads/master@{#27871}
2015-04-16 09:06:40 +00:00
titzer
addb10633c [turbofan] Clean up cached nodes in JSGraph.
R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1080023002

Cr-Commit-Position: refs/heads/master@{#27870}
2015-04-16 08:41:34 +00:00
ulan
aae2c01740 Use atomic operation to read the length of a fixed array.
This fixes a race where
- mutator changes the fixed array length by trimming it,
- sweeper thread reads the length of the fixed array.

Also rename FROM_GC and FROM_MUTATOR to be more precise.

BUG=chromium:462908
LOG=NO

Review URL: https://codereview.chromium.org/1034163002

Cr-Commit-Position: refs/heads/master@{#27869}
2015-04-16 08:39:12 +00:00
ulan
63c6f7da34 Avoid evacuation of popular pages.
This breaks the (evacuation -> slots buffer overflow -> abort -> new GC -> evacuation) cycle for popular pages.

BUG=

Review URL: https://codereview.chromium.org/1037433002

Cr-Commit-Position: refs/heads/master@{#27868}
2015-04-16 08:34:03 +00:00
bmeurer
c66a2f7b46 Revert of [x64] Use xorl to materialize smi zero. (patchset #1 id:1 of https://codereview.chromium.org/1085153002/)
Reason for revert:
Seems to cause performance regressions.

Original issue's description:
> [x64] Use xorl to materialize smi zero.
>
> Before we always loaded smi zero via a movabs with a 64-bit immediate,
> which is pretty expensive compared to the xorl.
>
> R=jarin@chromium.org
>
> Committed: https://crrev.com/f236777bfe6e080ff1ead6baf847cc9b6bb4f9cb
> Cr-Commit-Position: refs/heads/master@{#27829}

TBR=jarin@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:477592
LOG=n

Review URL: https://codereview.chromium.org/1059543004

Cr-Commit-Position: refs/heads/master@{#27867}
2015-04-16 08:31:17 +00:00
dcarney
f89bea1e17 fix visiting of phantom handles that should be retained
BUG=

Review URL: https://codereview.chromium.org/1094473002

Cr-Commit-Position: refs/heads/master@{#27866}
2015-04-16 08:30:18 +00:00
yangguo
2e0cf57804 Fix signed/unsigned compare in messages.cc
R=machenbach@chromium.org
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1089363002

Cr-Commit-Position: refs/heads/master@{#27865}
2015-04-16 07:59:32 +00:00
yangguo
a5ac029058 Start migrating error message templates to the runtime.
Currently done with two templates, one used from native js, one from runtime.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/1087633005

Cr-Commit-Position: refs/heads/master@{#27864}
2015-04-16 07:01:16 +00:00
bmeurer
0e703bd34c [turbofan] Typed lowering requires typed nodes.
There's no point in checking whether a node is typed in JSTypedLowering.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1086303002

Cr-Commit-Position: refs/heads/master@{#27863}
2015-04-16 06:39:43 +00:00
bmeurer
d641cc457c [turbofan] Split ControlEquivalence implementation and add trace flag.
Split interface and implementation of ControlEquivalence and add a
dedicated trace flag --trace-turbo-ceq to make it reusable outside the
scheduler.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1056093005

Cr-Commit-Position: refs/heads/master@{#27862}
2015-04-16 06:04:36 +00:00