Commit Graph

32726 Commits

Author SHA1 Message Date
jgruber
8135caef32 Make CallSite constructor inaccessible from JS
This type is not supposed to be constructable by users. Internally, we
use CallSiteUtils::Construct to create CallSite objects; and we simply
map a thrower builtin as the public CallSite constructor.

R=yangguo@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2201823002
Cr-Commit-Position: refs/heads/master@{#38234}
2016-08-02 09:33:38 +00:00
mstarzinger
962fd4ae4b [interpreter] Elide OSR polling from fake loops.
This makes sure we are not inserting {OsrPoll} instructions for any
statements that are not actually loops and have no back edges. Without
back edges the {BytecodeGraphBuilder} is unable to deduce loop ranges
and hence cannot construct a graph for OSR entry.

R=neis@chromium.org
TEST=mjsunit/regress/regress-5252
BUG=v8:5252

Review-Url: https://codereview.chromium.org/2200733002
Cr-Commit-Position: refs/heads/master@{#38233}
2016-08-02 09:16:59 +00:00
marja
eaebdd858b Put Scopes into temporary Zone
When parsing a eagerly-parsed-but-lazily-compiled function, we
used to put some of its AST nodes into a discardable Zone. This
CL puts the function Scope, its inner Scopes and the related AST
nodes (Declarations, VariableProxys) into the temporary Zone
too. This reduces peak memory usage and enables future work to
keep the temporary Zone around for later compilation.

BUG=

Review-Url: https://codereview.chromium.org/2193793002
Cr-Commit-Position: refs/heads/master@{#38232}
2016-08-02 08:08:35 +00:00
bmeurer
a758144329 [turbofan] Fix invalid comparison operator narrowing.
When we narrow a signed32 comparison to uint8 or uint16 representation,
we also need to change the condition to unsigned comparisons otherwise
the comparison will be done on int16/int8 which interprets the narrowed
bits wrong.

R=epertoso@chromium.org
BUG=v8:5254

Review-Url: https://codereview.chromium.org/2202803003
Cr-Commit-Position: refs/heads/master@{#38231}
2016-08-02 07:46:15 +00:00
hpayer
1575072c06 [heap] Give marking functions for incremental marking more precise names.
BUG=

Review-Url: https://codereview.chromium.org/2195313003
Cr-Commit-Position: refs/heads/master@{#38230}
2016-08-02 07:46:14 +00:00
franzih
26c902ec8c [turbofan] Minor refactoring.
Use CodeStubAssembler functions instead of LoadObjectField with
the offset.

BUG=

Review-Url: https://codereview.chromium.org/2198133002
Cr-Commit-Position: refs/heads/master@{#38229}
2016-08-02 07:13:00 +00:00
franzih
4c482bc57e [turbofan] Use assembler->LoadMap().
BUG=

Review-Url: https://codereview.chromium.org/2200713002
Cr-Commit-Position: refs/heads/master@{#38228}
2016-08-02 07:08:58 +00:00
franzih
4602d98ea4 [turbofan] Stub for typeof operator.
Replace hydrogen stub for typeof with TurboFan stub.

BUG=chromium:608675

Review-Url: https://codereview.chromium.org/2195863002
Cr-Commit-Position: refs/heads/master@{#38227}
2016-08-02 07:05:10 +00:00
machenbach
c98f3a98d7 Revert of [builtins] implement Array.prototype.includes in TurboFan (patchset #20 id:380001 of https://codereview.chromium.org/2146293003/ )
Reason for revert:
[Sheriff] Breaks:
https://build.chromium.org/p/client.v8.ports/builders/V8%20Arm%20-%20builder/builds/2592

Original issue's description:
> [builtins] implement Array.prototype.includes in TurboFan
>
> BUG=v8:5162
> R=bmeurer@chromium.org, ishell@chromium.org
>
> Committed: https://crrev.com/a488b5d8eb111a4883dc400bd826d079420edd68
> Cr-Commit-Position: refs/heads/master@{#38223}

TBR=adamk@chromium.org,bmeurer@chromium.org,cbruni@chromium.org,danno@chromium.org,ishell@chromium.org,littledan@chromium.org,caitp@igalia.com
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5162

Review-Url: https://codereview.chromium.org/2202163002
Cr-Commit-Position: refs/heads/master@{#38226}
2016-08-02 06:53:57 +00:00
Michael Achenbach
a9d51f9e97 Whitespace change to test infra change.
Cr-Commit-Position: refs/heads/master@{#38225}
2016-08-02 06:46:24 +00:00
v8-autoroll
994da5d715 Update V8 DEPS.
Rolling v8/build to a3a00fec14304015b590b283ba8ef6227aad4f53

Rolling v8/tools/mb to 65caad70eb36f22f3fcac6daa2f82365c0521657

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://codereview.chromium.org/2199203003
Cr-Commit-Position: refs/heads/master@{#38224}
2016-08-02 03:24:37 +00:00
caitp
a488b5d8eb [builtins] implement Array.prototype.includes in TurboFan
BUG=v8:5162
R=bmeurer@chromium.org, ishell@chromium.org

Review-Url: https://codereview.chromium.org/2146293003
Cr-Commit-Position: refs/heads/master@{#38223}
2016-08-01 22:19:57 +00:00
alph
1fe8207071 [heap profiler] Use internal type links for bound this and target function.
These are internal fields of the JSBoundFunction class.

Review-Url: https://codereview.chromium.org/2193993002
Cr-Commit-Position: refs/heads/master@{#38222}
2016-08-01 22:16:01 +00:00
ahaas
282cdf28ae [wasm] Use a LazyInstance in wasm-linkage.cc to avoid a data race.
The initialization of static variables that were used originally caused
a data race because multiple threads tried to initialize the variables
at the same time. The use of a LazyInstance guarantees that the
variables get initialized exactly once.

The same problem also existed in c-linkage.cc. There I fixed the problem
by using a local variable instead of a static variable.

BUG=v8:5242
R=titzer@chromium.org

Review-Url: https://codereview.chromium.org/2202433003
Cr-Commit-Position: refs/heads/master@{#38221}
2016-08-01 21:06:13 +00:00
hpayer
9005b5845a [heap] Drop filler objects on marking deque.
BUG=

Review-Url: https://codereview.chromium.org/2202633002
Cr-Commit-Position: refs/heads/master@{#38220}
2016-08-01 19:29:18 +00:00
klaasb
5bc2439783 Make FastNewFunctionContextStub take slots parameter
This will enable the interpreter to add a bytecode and use the stub.

BUG=v8:4280
LOG=n

Review-Url: https://codereview.chromium.org/2177273002
Cr-Commit-Position: refs/heads/master@{#38219}
2016-08-01 19:29:17 +00:00
hpayer
c1ea41645b [heap] Add more left and right trimming test cases for black areas.
BUG=

Review-Url: https://codereview.chromium.org/2185383002
Cr-Commit-Position: refs/heads/master@{#38218}
2016-08-01 17:10:31 +00:00
mattloring
292cebc58b Add libplatform deps file
Add deps file allowing libplatform.h to include v8-tracing.h.

Additionally removes redundant include/ that was causing build errors
for node-lkgr.

BUG=

Review-Url: https://codereview.chromium.org/2195403002
Cr-Commit-Position: refs/heads/master@{#38217}
2016-08-01 16:20:54 +00:00
jgruber
df4196db97 CHECK invalid arguments to CallSite constructor
This is a temporary measure to ensure clusterfuzz crashes at two
dedicated sites until the CallSite constructor is made inaccessible from
JS.

R=yangguo@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2196263002
Cr-Commit-Position: refs/heads/master@{#38216}
2016-08-01 15:27:28 +00:00
jgruber
e3d1061454 Remove GetStackTraceLine
BUG=

Review-Url: https://codereview.chromium.org/2194883002
Cr-Commit-Position: refs/heads/master@{#38215}
2016-08-01 15:10:13 +00:00
machenbach
6c1d6c9f81 [test] Add testing variant aliases.
This introduces aliases for testing variants that can be
combined with other variant names. E.g. --variants=dev,foo
would run the three developer default variants and variant
foo.

We'll have three stages: "dev" for variants to be run by
default on developer workstations, "more" for additional
variants, executed on all bots, "extra" for additional
variants executed on a subset of bots (e.g. not on very slow
or otherwise resource-limited bots).

BUG=v8:5238
NOTRY=true

Review-Url: https://codereview.chromium.org/2196223002
Cr-Commit-Position: refs/heads/master@{#38214}
2016-08-01 14:42:24 +00:00
cbruni
9aa4496278 [api] Cleaning up: Replace NeanderArray with FixedArray implementation
BUG=chromium:630217

Review-Url: https://codereview.chromium.org/2196533003
Cr-Commit-Position: refs/heads/master@{#38213}
2016-08-01 14:28:34 +00:00
jgruber
6c53efc7c4 Move FormatStackTrace to C++
BUG=

Review-Url: https://codereview.chromium.org/2191293002
Cr-Commit-Position: refs/heads/master@{#38212}
2016-08-01 14:28:33 +00:00
ulan
ea45a210a6 Fix performance regression of heap snapshot generator that was
introduced in https://crrev.com/72f884a19fa4434bba6fc0e013ec4ea0a2366893

The regression comes from adding the next weak field of AllocationSite
as a hidden reference into the snapshot.

Before 72f884 the reference was implicitly ignored because the body
descriptor of AllocationSite did not include it.

This patch explicitly skip the next weak field of AllocationSite.

BUG=chromium:630027

Review-Url: https://codereview.chromium.org/2189643004
Cr-Commit-Position: refs/heads/master@{#38211}
2016-08-01 13:34:26 +00:00
verwaest
d454e6cc59 Shuffle fields around in Scope to save more zone memory
This makes the debug-only scope-name actually debug-only-allocated, replaces num_vars_ usages by variables_.occupancy, and shuffles fields around in the scope class for better packing.

This reduces sizeof(i::Scope) from 360 to 328 bytes on x64.

BUG=v8:5209

Review-Url: https://codereview.chromium.org/2201763004
Cr-Commit-Position: refs/heads/master@{#38210}
2016-08-01 13:27:24 +00:00
mstarzinger
9ee6ca75d3 [turbofan] Switch inlining tests to global scope.
This switches our inlining tests (i.e. cctest/test-run-inlining) to rely
on global object instead of function context specialization, which is
more in sync with what we are actually shipping. It will also allow us
to test inlining with the BytecodeGraphBuilder without having to add
support for function context specialization just for testing purposes.

R=bmeurer@chromium.org
TEST=cctest/test-run-inlining
BUG=v8:5251

Review-Url: https://codereview.chromium.org/2200673002
Cr-Commit-Position: refs/heads/master@{#38209}
2016-08-01 12:59:58 +00:00
jgruber
061d082dd3 Properly set function index in CallSite constructor
BUG=632965
R=yangguo@chromium.org

Review-Url: https://codereview.chromium.org/2199673002
Cr-Commit-Position: refs/heads/master@{#38208}
2016-08-01 12:59:57 +00:00
machenbach
45d0c051e2 [gn] Switch msan bots to gn
BUG=chromium:631979
NOTRY=true

Review-Url: https://codereview.chromium.org/2194823002
Cr-Commit-Position: refs/heads/master@{#38207}
2016-08-01 12:35:44 +00:00
machenbach
a23a74a7be [test] Remove deprecated --ignition test-runner flag
The flag was introduced for ignition development. It can only
be used when running ignition tests in isolation on the bots.

The bots only use ignition_turbo in isolation since a while
and don't pass the --ignition flag anymore.

BUG=v8:5238

Review-Url: https://codereview.chromium.org/2197123002
Cr-Commit-Position: refs/heads/master@{#38206}
2016-08-01 12:11:43 +00:00
mstarzinger
df61ffeab3 [turbofan] Remove dead JSTypedLowering::EmptyFrameState.
R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2197163002
Cr-Commit-Position: refs/heads/master@{#38205}
2016-08-01 12:01:12 +00:00
jochen
95cae2eb35 Move ContextSlotCache to its own file
Also remove unnecessary includes of scopeinfo.h all over the place

R=marja@chromium.org
TBR=verwaest@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2197973002
Cr-Commit-Position: refs/heads/master@{#38204}
2016-08-01 11:33:46 +00:00
jochen
f22ef1207d Add parser finalization step
BUG=v8:5215
R=vogelheim@chromium.org,marja@chromium.org

Review-Url: https://codereview.chromium.org/2193813002
Cr-Commit-Position: refs/heads/master@{#38203}
2016-08-01 11:30:18 +00:00
machenbach
1acc2f536c [test] Use all test suites with the ignition alias
First step of deprecating the dedicated ignition alias.
Next it will be changed on the bots to use the bot_default
suite. Then we'll delete it.

BUG=v8:5238

Review-Url: https://codereview.chromium.org/2194153002
Cr-Commit-Position: refs/heads/master@{#38202}
2016-08-01 11:19:55 +00:00
mstarzinger
de79665c72 [heap] No leakage of store-buffer.h outside of heap.
This prevents the internal store-buffer.h header to be usable outisde of
the "heap" directory. The logic inside that component is only useful
within the GC and is now properly encapsulated.

R=hpayer@chromium.org

Review-Url: https://codereview.chromium.org/2194793005
Cr-Commit-Position: refs/heads/master@{#38201}
2016-08-01 11:12:43 +00:00
bmeurer
a085b8a2c7 [turbofan] Inline bunch of ArrayBuffer view accessors.
This adds initial support to inline a couple of the ArrayBuffer view
accessors like %TypeArray%.prototype.length and.
DataView.prototype.byteLength.

R=epertoso@chromium.org

Review-Url: https://codereview.chromium.org/2199753002
Cr-Commit-Position: refs/heads/master@{#38200}
2016-08-01 11:05:41 +00:00
cbruni
f4f06c5029 [keys] Trigger [[getOwnPropertyDescriptor]] trap on proxies for Object.keys
This CL fixes a long-standing bug with Object.keys where the enumerability
check was omitted if the [ownKeys] trap is not present. The only distinction the
KeyAccumulator needs is whether it collects keys for for-in (is_for_in_) or not.
ForInFilter performs a separate step to filter out non-enumerable keys later-on
while in all the other use-cases we have to filter keys.

BUG=v8:1543, v8:5250

Review-Url: https://codereview.chromium.org/2176113009
Cr-Commit-Position: refs/heads/master@{#38199}
2016-08-01 10:10:52 +00:00
yangguo
5d49286c69 [inspector] add test configuration for the parser test.
BUG=chromium:580337

R=machenbach@chromium.org

Review-Url: https://codereview.chromium.org/2189023002
Cr-Commit-Position: refs/heads/master@{#38198}
2016-08-01 09:50:14 +00:00
machenbach
5ef69e93a2 [build] Port using prebuilt instrumented libraries for msan
BUG=chromium:631979
NOTRY=true

Review-Url: https://codereview.chromium.org/2189343002
Cr-Commit-Position: refs/heads/master@{#38197}
2016-08-01 09:43:12 +00:00
verwaest
e9887b6aad Allocate block scopes in block states when possible
This is another step towards lazily allocating them in the block state.
ClassLiteral should also have a lazy block-scope for the outermost scope,
but currently that doesn't work due to the parameter initializer rewriter
and minor implementation details in ignition and turbofan.

BUG=v8:5209

Review-Url: https://codereview.chromium.org/2166843003
Cr-Commit-Position: refs/heads/master@{#38196}
2016-08-01 09:05:05 +00:00
hpayer
205457b1aa [heap] Reland "Remove black pages and use black areas instead."
BUG=chromium:630969,chromium:630386

Review-Url: https://codereview.chromium.org/2186863005
Cr-Commit-Position: refs/heads/master@{#38195}
2016-08-01 09:05:04 +00:00
mstarzinger
dc505196e6 [turbofan] Remove eager frame state from shift operations.
This removes the frame state input representing the before-state from
nodes having any shift operator. Any lowering that woult insert number
conversions of the inputs has already been disabled when deoptimization
is enabled, because the frame state layout is no longer known.

R=epertoso@chromium.org
BUG=v8:5021

Review-Url: https://codereview.chromium.org/2190743003
Cr-Commit-Position: refs/heads/master@{#38194}
2016-08-01 08:33:53 +00:00
verwaest
f02018cee0 Always finalize blocks after parsing, also for do-expressions
Rather than finalizing after rewriting do-expressions, we rewrite in the
outer scope if the block scope was finalized. Rewriting do expressions
cannot introduce any new nodes that requires the block to stay around,
so finalizing before and after is equivalent. (Only a temporary is
introduced which always ends up in a ClosureScope)

BUG=v8:5209
R=rossberg@chromium.org, caitpotter88@gmail.com, adamk@chromium.org

Review-Url: https://codereview.chromium.org/2167713004
Cr-Commit-Position: refs/heads/master@{#38193}
2016-08-01 08:30:17 +00:00
bmeurer
35a195e109 [turbofan] Add support for accessor inlining.
Allow inlining of getters and setters into TurboFan optimized code.
This just adds the basic machinery required to essentially inline
the setter and getter dispatch code for the (keyed) load/store ICs.
There'll be follow up CLs to also actually inline some of the interesting
accessor functions itself, like the byteLength and friends for the
TypedArrays.

R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2198473002
Cr-Commit-Position: refs/heads/master@{#38192}
2016-08-01 06:59:54 +00:00
bmeurer
986b04a62a [turbofan] Fix various bailout points for AstGraphBuilder.
This introduces a bunch of new tests that test various aspects of
accessor inlining in TurboFan (without the actual inlining), and does
the appropriate fixes to the AstGraphBuilder. The actual inlining CL
will land separately (so we don't need to revert the tests and fixes
if the accessor CL has to be reverted).

R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2197913002
Cr-Commit-Position: refs/heads/master@{#38191}
2016-08-01 06:18:48 +00:00
yangguo
3e3ff89d4b Reland [inspector] add inspector protocol parser test build target.
BUG=chromium:580337

Committed: https://crrev.com/b8229434c9fd3bfef81fb77d88779d0e78d06662
Review-Url: https://codereview.chromium.org/2190833004
Cr-Original-Commit-Position: refs/heads/master@{#38135}
Cr-Commit-Position: refs/heads/master@{#38190}
2016-08-01 05:42:37 +00:00
v8-autoroll
ab8236ebaa Update V8 DEPS.
Rolling v8/build to 94ae8edf4860b0dfa8ac200d36bcbf11bdd72763

Rolling v8/tools/mb to d1d562a498b7b48a283d168df902007f33ac1413

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://codereview.chromium.org/2194113002
Cr-Commit-Position: refs/heads/master@{#38189}
2016-08-01 03:27:59 +00:00
v8-autoroll
78ebc92bba Update V8 DEPS.
Rolling v8/build to 1054b60d5e758646a073b0363f3629fa2d953de8

Rolling v8/tools/mb to 0bee3440355ce5cf573b41999b2cbc0e1bcdc415

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://codereview.chromium.org/2195743006
Cr-Commit-Position: refs/heads/master@{#38188}
2016-07-31 03:22:17 +00:00
bmeurer
b418b2c419 [turbofan] Optimize CheckedInt32Mod with unknown power of 2 right hand side.
We have a similar optimization for unchecked integer modulus, which
already boosted some asm.js use cases. Now this optimization is almost
as effcient as Crankshafts known power of 2 right hand side optimization
for modulus, but it can still deal with any rhs (except 0), and doesn't
require the interpreter to also collect known power of two rhs feedback.

R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2200453002
Cr-Commit-Position: refs/heads/master@{#38187}
2016-07-30 20:11:56 +00:00
v8-autoroll
b9e7b63d43 Update V8 DEPS.
Rolling v8/build to 452f5acf78e953dc1829c334ee06d38a05e2ef18

Rolling v8/buildtools to 1b96e1a41d3d22b24ee8da769c20849e9a002ed2

Rolling v8/third_party/icu to ef5c735307d0f86c7622f69620994c9468beba99

Rolling v8/tools/mb to 6594b0cbcc2fb1da0ca90e9e5f2b01fc6e576a99

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://codereview.chromium.org/2197593003
Cr-Commit-Position: refs/heads/master@{#38186}
2016-07-30 03:24:34 +00:00
adamk
717e245f00 [cleanup] Remove unused ExpressionClassifier args in ParserBase
R=littledan@chromium.org

Review-Url: https://codereview.chromium.org/2175033002
Cr-Commit-Position: refs/heads/master@{#38185}
2016-07-29 23:05:51 +00:00