Commit Graph

37301 Commits

Author SHA1 Message Date
bmeurer
68ae57ce1e [turbofan] Introduce ChangeTaggedToTaggedSigned operator.
We were missing a case for Tagged->TaggedSigned conversions when the
input type is known to be Type::SignedSmall.

BUG=chromium:687029
R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2666863002
Cr-Commit-Position: refs/heads/master@{#42809}
2017-01-31 08:55:56 +00:00
mstarzinger
418c9eca79 [turbofan] Remove escape analysis stats counters.
These counters were used during the initial implementation to gather
statistics about comparative effectiveness of the two escape analysis
approaches in practice. The counters are not thread-safe and cannot be
used for the analysis any longer as it is now running off main thread.
We deprecate the counters in question in favor of maintaining deferred
statistics until the need for such statistics arises again.

R=bmeurer@chromium.org
BUG=chromium:685942

Review-Url: https://codereview.chromium.org/2667453003
Cr-Commit-Position: refs/heads/master@{#42808}
2017-01-31 08:52:16 +00:00
clemensh
8bc60063ef [wasm] Add timer to measure asm->wasm translation
This will be used for perf tests:
https://chromereviews.googleplex.com/565327014/

R=titzer@chromium.org, bradnelson@chromium.org

Review-Url: https://codereview.chromium.org/2663713003
Cr-Commit-Position: refs/heads/master@{#42807}
2017-01-31 08:34:36 +00:00
bmeurer
b8df954993 [turbofan] Don't eliminate unused CheckFloat64Hole.
We cannot eliminate unused CheckFloat64Hole nodes, since loading from a
holey array can have side-effects, i.e. triggering getters in the
prototype chain.

R=mvstanton@chromium.org
BUG=chromium:686737

Review-Url: https://codereview.chromium.org/2665123002
Cr-Commit-Position: refs/heads/master@{#42806}
2017-01-31 08:30:55 +00:00
bmeurer
a14f228188 [turbofan] Support fast access to the current global object.
This is essentially a port of http://crrev.com/2403003002 to TurboFan,
adding support for fast access to JSGlobalObject properties through the
current native contexts' JSGlobalProxy.

It's a slightly bigger change, since JSNativeContextSpecialization and
JSGlobalObjectSpecialization needs merging for this to work, as due to
different type feedback layout we cannot just turn a JSLoadNamed into
JSLoadGlobal operator (and same for JSStoreNamed vs. JSStoreGlobal).
This part of the change is mostly mechanical.

CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_rel_ng
R=ishell@chromium.org, jochen@chromium.org
BUG=chromium:634276,v8:5267

Review-Url: https://codereview.chromium.org/2664853002
Cr-Commit-Position: refs/heads/master@{#42805}
2017-01-31 06:47:01 +00:00
jkummerow
daad4319c9 Put ThinStrings behind a flag (off by default)
Review-Url: https://codereview.chromium.org/2663713002
Cr-Commit-Position: refs/heads/master@{#42804}
2017-01-31 06:41:14 +00:00
v8-autoroll
ebe9aa253c Update V8 DEPS.
Rolling v8/build: 3dada45..02f71fd

Rolling v8/third_party/catapult: c3f2575..986b4e8

Rolling v8/tools/clang: 0b3a445..960cc3e

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://codereview.chromium.org/2661143002
Cr-Commit-Position: refs/heads/master@{#42803}
2017-01-31 04:31:51 +00:00
eholk
91f8a063cc [wasm] Move protected instruction info to RelocInfo
Previously this information was encoded in a FixedArray dangling off the
Code object. This extra field seems to be responsible for increased memory
usage, as seen in the linked bugs. In this change, we instead encode this
in the RelocInfo and remove the field from the Code object.

BUG= https://bugs.chromium.org/p/chromium/issues/detail?id=678583
BUG= https://bugs.chromium.org/p/chromium/issues/detail?id=671180
BUG= https://bugs.chromium.org/p/chromium/issues/detail?id=670733

Review-Url: https://codereview.chromium.org/2651833003
Cr-Commit-Position: refs/heads/master@{#42802}
2017-01-31 02:25:57 +00:00
gdeepti
bc57081795 [wasm] Enable grow_memory tests on gc_stress
R=bradnelson@chromium.org, ahaas@chromium.org

BUG=5553

Review-Url: https://codereview.chromium.org/2662153002
Cr-Commit-Position: refs/heads/master@{#42801}
2017-01-31 02:12:45 +00:00
jbroman
6f1639ed16 ValueSerializer: Distinguish between 'undefined' and an absent property.
Dealing with this case requires a wire format change. It is possible that an
element can be absent even in an array where the dense format was chosen
(because the array initially had no holes), if the elements are modified while
they are being serialized. In this case, a new tag for the "hole" is emitted.

The logic to treat undefined in dense arrays as an absent property is restricted
to versions of the wire format that this tag did not exist.

BUG=chromium:686159,chromium:665820

Review-Url: https://codereview.chromium.org/2660093002
Cr-Original-Commit-Position: refs/heads/master@{#42784}
Committed: dc85f4c833
Review-Url: https://codereview.chromium.org/2660093002
Cr-Commit-Position: refs/heads/master@{#42800}
2017-01-31 01:54:26 +00:00
bbudge
c0b1bcba2f [ARM] Macro-ize SIMD visitors in InstructionSelector.
- Uses macros for splat, extract lane, replace lane, unary
ops and binary ops.
- Renames ARM SIMD instruction codes to match machine
operator names.

LOG=N
BUG=v8:4124

Review-Url: https://codereview.chromium.org/2652893013
Cr-Commit-Position: refs/heads/master@{#42799}
2017-01-31 01:34:04 +00:00
gsathya
93c65bbffb [runtime] Create macro for promise runtime functions
This groups together all the promise related runtime functions.

BUG=v8:5343

Review-Url: https://codereview.chromium.org/2665983002
Cr-Commit-Position: refs/heads/master@{#42798}
2017-01-31 01:22:30 +00:00
jkummerow
06df8affc6 [stubs] KeyedLoadGeneric: support loading properties from strings
The spec for String.split() requires loading "separator[@@split]".
The KeyedLoadIC for this goes generic right away, but still requires
a runtime call. To avoid that, reshuffle checks in the generic stub
and do the primitive-string -> String-function translation inline.

Review-Url: https://codereview.chromium.org/2654893003
Cr-Commit-Position: refs/heads/master@{#42797}
2017-01-31 01:19:46 +00:00
kozyatinskiy
d6db11fd18 [inspector] added test infrastructure and test for es6 modules
Test just checks that all basic features are working correctly with modules.

BUG=v8:1569
R=dgozman@chromium.org,alph@chromium.org,adamk@chromium.org

Review-Url: https://codereview.chromium.org/2663743002
Cr-Commit-Position: refs/heads/master@{#42796}
2017-01-31 00:19:41 +00:00
gdeepti
3901e247b3 [wasm] Enable wasm imported memory tests on gc_stress
Issues with instance wrapper allocation and JS Api errata have been fixed over the last few weeks, test in the bug no longer fails - enabling tests for imported memory.

BUG=5683

R=bradnelson@chromium.org, ahaas@chromium.org

Review-Url: https://codereview.chromium.org/2666763002
Cr-Commit-Position: refs/heads/master@{#42795}
2017-01-30 23:48:52 +00:00
vogelheim
10bb974ec3 [scanner] Regression test for Utf-8 BOM handling (crbug.com/685618).
The existing unit test explicitly checked for this case, but was - under
the right circumstances - defeated by the optimization to not re-run the
whole position search if we were close enough.

BUG=chromium:685618

Review-Url: https://codereview.chromium.org/2663883002
Cr-Commit-Position: refs/heads/master@{#42794}
2017-01-30 23:21:03 +00:00
bjaideep
544308b8f7 PPC/s390: [wasm] TrapIf and TrapUnless TurboFan operators implemented on arm.
Port ca8d3ba718

Original Commit Message:

    Original commit message:
    [wasm] Introduce the TrapIf and TrapUnless operators to generate trap code.

    Some instructions in WebAssembly trap for some inputs, which means that the
    execution is terminated and (at least at the moment) a JavaScript exception is
    thrown. Examples for traps are out-of-bounds memory accesses, or integer
    divisions by zero.

    Without the TrapIf and TrapUnless operators trap check in WebAssembly introduces 5
    TurboFan nodes (branch, if_true, if_false, trap-reason constant, trap-position
    constant), in addition to the trap condition itself. Additionally, each
    WebAssembly function has four TurboFan nodes (merge, effect_phi, 2 phis) whose
    number of inputs is linear to the number of trap checks in the function.
    Especially for functions with high numbers of trap checks we observe a
    significant slowdown in compilation time, down to 0.22 MiB/s in the sqlite
    benchmark instead of the average of 3 MiB/s in other benchmarks. By introducing
    a TrapIf common operator only a single node is necessary per trap check, in
    addition to the trap condition. Also the nodes which are shared between trap
    checks (merge, effect_phi, 2 phis) would disappear. First measurements suggest a
    speedup of 30-50% on average.

    This CL only implements TrapIf and TrapUnless on x64. The implementation is also
    hidden behind the --wasm-trap-if flag.

    Please take a special look at how the source position is transfered from the
    instruction selector to the code generator, and at the context that is used for
    the runtime call.

R=ahaas@chromium.org, titzer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Review-Url: https://codereview.chromium.org/2666433002
Cr-Commit-Position: refs/heads/master@{#42793}
2017-01-30 21:41:46 +00:00
Aaron Gable
735739bfa4 Enable gerrit-based CQ for v8
BUG=685318

Change-Id: I6654410beaca18f5d8e0791ed18d0daa46edcae0
Reviewed-on: https://chromium-review.googlesource.com/434177
Reviewed-by: Aaron Gable <agable@chromium.org>
Cr-Commit-Position: refs/heads/master@{#42792}
2017-01-30 21:24:35 +00:00
jyan
0d9b0dcf43 s390: TF Optimize 32-bit Mul/Div/Mod/Popcnt
R=joransiu@ca.ibm.com, bjaideep@ca.ibm.com
BUG=

Review-Url: https://codereview.chromium.org/2662963002
Cr-Commit-Position: refs/heads/master@{#42791}
2017-01-30 21:13:18 +00:00
marja
d293656481 [scanner] Fix bom handling
The bug used to show up when
- we were streaming a script starting with 0xef 0xbb 0xbf
- we aborted preparsing a function (and reset to a bookmark)

BUG=chromium:685618

Review-Url: https://codereview.chromium.org/2663773002
Cr-Commit-Position: refs/heads/master@{#42790}
2017-01-30 20:18:26 +00:00
machenbach
6c84b93ad8 Whitespace change to check CQ
BUG=chromium:685318
TBR=tandrii@chromium.org

Review-Url: https://codereview.chromium.org/2666563002
Cr-Commit-Position: refs/heads/master@{#42789}
2017-01-30 19:45:47 +00:00
machenbach
b861a84009 Revert of ValueSerializer: Distinguish between 'undefined' and an absent property. (patchset #2 id:20001 of https://codereview.chromium.org/2660093002/ )
Reason for revert:
Seems to break layout tests:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/13146

https://github.com/v8/v8/wiki/Blink-layout-tests

Original issue's description:
> ValueSerializer: Distinguish between 'undefined' and an absent property.
>
> Dealing with this case requires a wire format change. It is possible that an
> element can be absent even in an array where the dense format was chosen
> (because the array initially had no holes), if the elements are modified while
> they are being serialized. In this case, a new tag for the "hole" is emitted.
>
> The logic to treat undefined in dense arrays as an absent property is restricted
> to versions of the wire format that this tag did not exist.
>
> BUG=chromium:686159,chromium:665820
>
> Review-Url: https://codereview.chromium.org/2660093002
> Cr-Commit-Position: refs/heads/master@{#42784}
> Committed: dc85f4c833

TBR=jkummerow@chromium.org,jbroman@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:686159,chromium:665820

Review-Url: https://codereview.chromium.org/2667553003
Cr-Commit-Position: refs/heads/master@{#42788}
2017-01-30 19:35:28 +00:00
jochen
d651ce314c Add a test for OptimizingCompileDispatcher::Flush's non-blocking behavior
R=mtrofin@chromium.org,verwaest@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2662883003
Cr-Commit-Position: refs/heads/master@{#42787}
2017-01-30 19:27:00 +00:00
bjaideep
c0f255f075 PPC: Work-around to preserve sNan bit
On ia32/x64 when casting a sNan to double, the signalling
bit is flipped to qNan.

R=joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Review-Url: https://codereview.chromium.org/2660873003
Cr-Commit-Position: refs/heads/master@{#42786}
2017-01-30 19:02:23 +00:00
jkummerow
e42da75c9e [stubs] KeyedLoadIC_Generic: prototype chain lookup support (reland)
Performing lookups on the prototype chain in the stub avoids a
bunch of slow-path runtime calls. For now, only receivers with
dictionary-mode properties do this; fast-mode receivers will follow
if it's beneficial.

(previously landed as r42751 / 82e10f5fba)

Review-Url: https://codereview.chromium.org/2652213003
Cr-Commit-Position: refs/heads/master@{#42785}
2017-01-30 18:56:19 +00:00
jbroman
dc85f4c833 ValueSerializer: Distinguish between 'undefined' and an absent property.
Dealing with this case requires a wire format change. It is possible that an
element can be absent even in an array where the dense format was chosen
(because the array initially had no holes), if the elements are modified while
they are being serialized. In this case, a new tag for the "hole" is emitted.

The logic to treat undefined in dense arrays as an absent property is restricted
to versions of the wire format that this tag did not exist.

BUG=chromium:686159,chromium:665820

Review-Url: https://codereview.chromium.org/2660093002
Cr-Commit-Position: refs/heads/master@{#42784}
2017-01-30 18:43:38 +00:00
jkummerow
7438304229 ThinStrings: fix Factory::NewProperSubString
BUG=chromium:685504

Review-Url: https://codereview.chromium.org/2660823002
Cr-Commit-Position: refs/heads/master@{#42783}
2017-01-30 18:24:16 +00:00
jkummerow
9ea3e56bd9 ThinStrings: fix CodeStubAssembler::SubString
BUG=chromium:685965

Review-Url: https://codereview.chromium.org/2660123002
Cr-Commit-Position: refs/heads/master@{#42782}
2017-01-30 18:17:52 +00:00
gdeepti
930142e877 [wasm] Update table bounds when module is instantiated with a table import
When WebAssembly.Table initial size is greater than the declared initial size, table size references should be updated on instantiate for functions to be called at indices greater than the declared initial size.

R=bradnelson@chromium.org, titzer@chromium.org

Review-Url: https://codereview.chromium.org/2661773002
Cr-Commit-Position: refs/heads/master@{#42781}
2017-01-30 18:10:32 +00:00
kozyatinskiy
3903817e0e [inspector] introduced memory size limit for console message storage
Without this CL we have only limit for amount of console messages and if user are dumping a huge messages we pretty soon run out of memory.
So let's introduce limit for memory consumption it would help chromium and Node.js as well.

BUG=chromium:671489
R=dgozman@chomium.org,alph@chromium.org, hpayer@chromium.org, ulan@chromium.org

Review-Url: https://codereview.chromium.org/2653293003
Cr-Commit-Position: refs/heads/master@{#42780}
2017-01-30 17:05:58 +00:00
mvstanton
475b455b6f [Turbofan] don't optimize from bytecode > 250K in size.
Compiles simply take too long, and such functions are liable to deopt
quickly.

BUG=chromium:686153

Review-Url: https://codereview.chromium.org/2667573002
Cr-Commit-Position: refs/heads/master@{#42779}
2017-01-30 15:28:23 +00:00
bjaideep
626b95e37e PPC/s390: [TypeFeedbackVector] Combine the literals array and the feedback vector.
Port 93f05b64ae

Original Commit Message:

    They have the same lifetime. It's a match!

    Both structures are native context dependent and dealt with (creation,
    clearing, gathering feedback) at the same time. By treating the spaces used
    for literal boilerplates as feedback vector slots, we no longer have to keep
    track of the materialized literal count elsewhere.

    A follow-on CL removes even more parser infrastructure related to this count.

R=mvstanton@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:5456
LOG=N

Review-Url: https://codereview.chromium.org/2659413002
Cr-Commit-Position: refs/heads/master@{#42778}
2017-01-30 15:25:54 +00:00
jochen
1fc5ca85fc Fix --noopt to not optimize
BUG=v8:5904,chromium:639217
R=mstarzinger@chromium.org

Review-Url: https://codereview.chromium.org/2660103002
Cr-Commit-Position: refs/heads/master@{#42777}
2017-01-30 14:41:29 +00:00
petermarshall
f87ce44f52 [Test] Perform warmup first on SixSpeed super_spread benchmarks.
The graphs don't show any performance bump for
https://codereview.chromium.org/2659623002, which I do see a much better result for
locally. I suspect the function isn't being optimized in turbofan when the
benchmarks run. Maybe this warmup flag will trigger that.

BUG=v8:5895

Review-Url: https://codereview.chromium.org/2664783002
Cr-Commit-Position: refs/heads/master@{#42776}
2017-01-30 13:58:57 +00:00
bmeurer
0b1b8c77a0 [turbofan] Optimize ReferenceEqual based on input types.
We can constant-fold ReferenceEqual(a,b) to false, if the intersection
of the types of a and b is empty. This also repairs a regression in the
RestParameter performance test.

R=petermarshall@chromium.org
BUG=chromium:686668

Review-Url: https://codereview.chromium.org/2666543002
Cr-Commit-Position: refs/heads/master@{#42775}
2017-01-30 13:14:34 +00:00
danno
db57a11979 [csa] Return last value from BuildFastLoop to allow chaining sequential loops
Review-Url: https://codereview.chromium.org/2657293002
Cr-Commit-Position: refs/heads/master@{#42774}
2017-01-30 13:06:11 +00:00
danno
dedc8a2f51 [csa] Allow passing VariableList to BuildFastFixedArrayForEach
Review-Url: https://codereview.chromium.org/2655023009
Cr-Commit-Position: refs/heads/master@{#42773}
2017-01-30 13:05:00 +00:00
machenbach
2ef6983426 [foozzie] Remove obsolete suppressions
BUG=chromium:681236
NOTRY=true
TBR=bradnelson@chromium.org, titzer@chromium.org

Review-Url: https://codereview.chromium.org/2662823002
Cr-Commit-Position: refs/heads/master@{#42772}
2017-01-30 12:37:40 +00:00
mvstanton
93f05b64ae [TypeFeedbackVector] Combine the literals array and the feedback vector.
They have the same lifetime. It's a match!

Both structures are native context dependent and dealt with (creation,
clearing, gathering feedback) at the same time. By treating the spaces used
for literal boilerplates as feedback vector slots, we no longer have to keep
track of the materialized literal count elsewhere.

A follow-on CL removes even more parser infrastructure related to this count.

BUG=v8:5456

Review-Url: https://codereview.chromium.org/2655853010
Cr-Commit-Position: refs/heads/master@{#42771}
2017-01-30 12:31:35 +00:00
jarin
a15e9bfd30 [turbofan] Enable escape analysis.
Review-Url: https://codereview.chromium.org/2626013002
Cr-Original-Commit-Position: refs/heads/master@{#42229}
Committed: 30176976e8
Review-Url: https://codereview.chromium.org/2626013002
Cr-Commit-Position: refs/heads/master@{#42770}
2017-01-30 11:56:26 +00:00
tebbi
8b6fa9d519 [turbofan] escape analysis reducer no longer confused by TypeGuards it introduced itself
R=bmeurer@chromium.org

BUG=chromium:682570

Review-Url: https://codereview.chromium.org/2664683003
Cr-Commit-Position: refs/heads/master@{#42769}
2017-01-30 11:51:22 +00:00
bmeurer
2c51ca8fa3 [turbofan] for-in only enumerates Strings.
Update type of JSForInNext to say String\/Undefined.

R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2660543003
Cr-Commit-Position: refs/heads/master@{#42768}
2017-01-30 11:23:21 +00:00
bmeurer
b912851650 [turbofan] Don't constant-fold ACCESSOR properties.
R=ishell@chromium.org
BUG=chromium:686102

Review-Url: https://codereview.chromium.org/2662793002
Cr-Commit-Position: refs/heads/master@{#42767}
2017-01-30 11:15:02 +00:00
danno
753a2b5578 [csa] Add IsIntPtrOrSmiConstantZero to detect and optimize constant zero values
Review-Url: https://codereview.chromium.org/2658253002
Cr-Commit-Position: refs/heads/master@{#42766}
2017-01-30 10:57:48 +00:00
petermarshall
409d018005 [turbofan] Reduce CallConstructWithSpread where iteration is not observable.
Where the arguments have already been inlined, we can replace these calls with a
direct call to construct. We have to make sure that the iteration over the arguments is not observable.

BUG=v8:5895

Review-Url: https://codereview.chromium.org/2659623002
Cr-Commit-Position: refs/heads/master@{#42765}
2017-01-30 10:29:05 +00:00
petermarshall
ccf428bb04 Convert the array iterator protector to a PropertyCell.
We need it to be a PropertyCell so that we can list it as a dependency for
optimised code.

Also drive-by clean up some variable names in src/isolate-inl.h.

BUG=v8:5895

Review-Url: https://codereview.chromium.org/2658573008
Cr-Commit-Position: refs/heads/master@{#42764}
2017-01-30 09:55:21 +00:00
neis
5ed733737e [modules] Update a test and status file to reflect recent spec changes.
R=adamk@chromium.org
BUG=v8:1569

Review-Url: https://codereview.chromium.org/2657773006
Cr-Commit-Position: refs/heads/master@{#42763}
2017-01-30 09:41:15 +00:00
marja
0307bbb2a0 [parser] Skipping inner funcs: add tests for variables called "arguments"
These tests pass without further changes.

BUG=v8:5516

Review-Url: https://codereview.chromium.org/2654163008
Cr-Commit-Position: refs/heads/master@{#42762}
2017-01-30 09:09:38 +00:00
jochen
22858cb0d4 Only flush not yet started and finished compile jobs from gc
We shouldn't block during GC for arbitrarily long intervals.

BUG=chromium:686153,chromium:642532
R=verwaest@chromium.org,hpayer@chromium.org

Review-Url: https://codereview.chromium.org/2658313002
Cr-Commit-Position: refs/heads/master@{#42761}
2017-01-30 02:27:17 +00:00
caitp
82204eac7c [csa] fix CallRuntime() call in CSA::Print(Node* tagged_value)
emit %DebugPrint(tagged_value) instead of %GlobalPrint(tagged_value) to
avoid a CONVERT_ARG_CHECKED() failure when tagged value is not a string.

BUG=v8:5268
R=ishell@chromium.org, bmeurer@chromium.org

Review-Url: https://codereview.chromium.org/2663633002
Cr-Commit-Position: refs/heads/master@{#42760}
2017-01-29 22:26:43 +00:00