Commit Graph

35178 Commits

Author SHA1 Message Date
clemensh
ef7e896d2a [wasm] Set externally passed memory non neuterable
If at instantiation we get an existing ArrayBuffer, set it non
neuterable, because we embed the backing memory address in wasm code.

With this fix, all tests pass if validate-asm is set to default=true.

R=titzer@chromium.org
BUG=v8:4203

Review-Url: https://codereview.chromium.org/2441353003
Cr-Commit-Position: refs/heads/master@{#40536}
2016-10-24 14:45:01 +00:00
bjaideep
f2d278a957 [builtins] fix load of surrogate pair for BE platform
Swaping the order when loading surrogate pairs on big endian
platform. This fixes testcase string-iterator.js on big
endian.

BUG=
R=bmeurer@chromium.org, mstarzinger@chromium.org, jkummerow@chromium.org

Review-Url: https://codereview.chromium.org/2431223010
Cr-Commit-Position: refs/heads/master@{#40535}
2016-10-24 14:28:55 +00:00
mstarzinger
6dd0587be3 Revert of [compiler] Prepare for partially shipping Ignition. (patchset #1 id:1 of https://codereview.chromium.org/2443573002/ )
Reason for revert:
Causes regressions: https://bugs.chromium.org/p/chromium/issues/detail?id=658711

Original issue's description:
> [compiler] Prepare for partially shipping Ignition.
>
> This prepares the code-base so that Ignition can be enabled on a certain
> subset of compilations without setting the {FLAG_ignition} flag (which
> enables Ignition on all compilations). We should not check the flag in
> question explicitly anywhere outside of the compiler heuristics.
>
> R=mvstanton@chromium.org

BUG=chromium:658711
TBR=mvstanton@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.

Review-Url: https://codereview.chromium.org/2448443002
Cr-Commit-Position: refs/heads/master@{#40534}
2016-10-24 13:02:29 +00:00
ahaas
cc448ff0f0 [wasm] Cleanup the wasm-call fuzzer
I committed https://codereview.chromium.org/2447643002 prematurely, this
is a cleanup.

R=titzer@chromium.org

Review-Url: https://codereview.chromium.org/2444863002
Cr-Commit-Position: refs/heads/master@{#40533}
2016-10-24 12:44:03 +00:00
jgruber
ae3357d216 [regexp] Move RegExp.prototype.test to TF
This results in a speedup of around 2x. RegExpExec is also ported in
this CL.

BUG=v8:5339

Review-Url: https://codereview.chromium.org/2441993002
Cr-Commit-Position: refs/heads/master@{#40532}
2016-10-24 12:41:29 +00:00
mstarzinger
65e68c66af [interpreter] Make --trace-codegen also trace bytecode.
This ensures that both --trace-codegen as well as --print-ast work for
Ignition and print traces for generated bytecode as well. Here we do
consider "bytecode" to be "code" as well for tracing purposes.

R=rmcilroy@chromium.org

Review-Url: https://codereview.chromium.org/2443003003
Cr-Commit-Position: refs/heads/master@{#40531}
2016-10-24 12:33:35 +00:00
ahaas
f8414ead48 [wasm] Add a new fuzzer which can also test wasm function calls.
Depending on the inputs the fuzzer creates multiple functions. These
functions can have signatures with an int32 return value and up to three
parameters of type int32, int64, float32, or float64.

R=titzer@chromium.org, clemensh@chromium.org

Review-Url: https://codereview.chromium.org/2447643002
Cr-Commit-Position: refs/heads/master@{#40530}
2016-10-24 11:15:00 +00:00
jgruber
fa907e1559 [regexp] Extract implementation of RE.prototype.exec
This will have additional use sites in TurboFan soon once RegExpExec is ported.

BUG=v8:5339

Review-Url: https://codereview.chromium.org/2440893003
Cr-Commit-Position: refs/heads/master@{#40529}
2016-10-24 11:01:53 +00:00
yangguo
8971b6b6c3 [inspector] conditionally copy files for inspector test.
R=machenbach@chromium.org

Review-Url: https://codereview.chromium.org/2424313004
Cr-Commit-Position: refs/heads/master@{#40528}
2016-10-24 10:57:37 +00:00
zhengxing.li
38939ff3e1 X87: [full-codegen] Eliminate unnecessary hole checks for stores.
port 231c8ac0a7 (r40522)

  original commit message:
  Loads already used source position elimination to avoid unnecessary hole checks,
  but for reasons unknown stores did not. This CL corrects that, making full-codegen's
  hole elimination equivalent to ignition's.

  Also introduced a HoleCheckMode enum class to avoid more bool flags and updated
  VariableProxy and BytecodeGenerator appropriately.

BUG=

Review-Url: https://codereview.chromium.org/2444823002
Cr-Commit-Position: refs/heads/master@{#40527}
2016-10-24 10:48:01 +00:00
jgruber
f87d73c7cf [regexp] Add regression test for v8:5434
The test ensures that in RegExp.prototype[@@split], exec is neither
accessed too early nor too often.

BUG=v8:5339,v8:5434

Review-Url: https://codereview.chromium.org/2440413002
Cr-Commit-Position: refs/heads/master@{#40526}
2016-10-24 10:39:01 +00:00
bmeurer
6c5fa8b49e [turbofan] Fix deopt loop in out-of-bounds string element access.
We need to check the KeyedLoadIC state to guard against potential
deoptimization loops due to out-of-bounds accesses, because the IC
system uses the MEGAMORPHIC state to also signal that there was an
out-of-bounds access already.

R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2443893002
Cr-Commit-Position: refs/heads/master@{#40525}
2016-10-24 10:32:36 +00:00
ishell
c2a5dc81c7 [ic] Support data handlers that represent simple field stores.
BUG=

Review-Url: https://codereview.chromium.org/2438553003
Review-Url: https://codereview.chromium.org/2438553003
Cr-Original-Original-Commit-Position: refs/heads/master@{#40503}
Cr-Original-Commit-Position: refs/heads/master@{#40511}
Cr-Commit-Position: refs/heads/master@{#40524}
2016-10-24 10:00:49 +00:00
ulan
ad815a7b9a [heap] Refactor marking deque.
This patch moves management of marking deque backing store into the
MarkingDeque class, which will simplify unmapping of backing store in
concurrent task.

BUG=

Review-Url: https://codereview.chromium.org/2439063002
Cr-Commit-Position: refs/heads/master@{#40523}
2016-10-24 09:07:28 +00:00
adamk
231c8ac0a7 [full-codegen] Eliminate unnecessary hole checks for stores
Loads already used source position elimination to avoid unnecessary hole checks,
but for reasons unknown stores did not. This CL corrects that, making full-codegen's
hole elimination equivalent to ignition's.

Also introduced a HoleCheckMode enum class to avoid more bool flags and updated
VariableProxy and BytecodeGenerator appropriately.

Review-Url: https://codereview.chromium.org/2441543005
Cr-Commit-Position: refs/heads/master@{#40522}
2016-10-24 08:09:01 +00:00
bmeurer
8e7426173b [turbofan] Also constant-fold String element access if possible.
When accessing elements of a compile-time constant String, we don't need
to check the receiver, and we can constant-fold the loading of the
length.

R=yangguo@chromium.org

Review-Url: https://codereview.chromium.org/2442243002
Cr-Commit-Position: refs/heads/master@{#40521}
2016-10-24 07:39:14 +00:00
zhengxing.li
ac8318e2e0 X87: [compiler] Mark shared functions for optimization.
port 4a31323e97 (r40506)

  original commit message:
  The current method of marking functions for optimization, which replaces
  the JSFunction's code object with one that triggers optimization, would
  never allow unnamed functions to be optimized. This is an issue for a
  style of programming which heavily relies on passing around closures.

  This patch sets a bit on the SharedFunctionInfo when a JSFunction is
  marked. When another JSFunction referring to the same SharedFunctionInfo
  is lazily compiled, it immediately triggers a non-concurrent optimize.

BUG=

Review-Url: https://codereview.chromium.org/2439393002
Cr-Commit-Position: refs/heads/master@{#40520}
2016-10-24 06:43:29 +00:00
bmeurer
a58d7907ea [turbofan] Fix typed lowering of JSToLength.
When lowering JSToLength, we cannot just smash arbitrary bounds on the
Select nodes, as that will confuse the representation selection later.
Instead properly rename the input using NumberMax and NumberMin.

R=jarin@chromium.org
BUG=chromium:657478

Review-Url: https://codereview.chromium.org/2440333002
Cr-Commit-Position: refs/heads/master@{#40519}
2016-10-24 06:37:22 +00:00
bmeurer
a2d4a7932e [turbofan] Constant-fold "length" property on strings.
When lowering loads of "length" on compile-time constant strings,
generate constant length instead of a load.

R=yangguo@chromium.org

Review-Url: https://codereview.chromium.org/2442233002
Cr-Commit-Position: refs/heads/master@{#40518}
2016-10-24 06:25:26 +00:00
v8-autoroll
caf6613c82 Update V8 DEPS.
Rolling v8/third_party/catapult: b7d8fe8..6962f5c

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://chromiumcodereview.appspot.com/2442173002
Cr-Commit-Position: refs/heads/master@{#40517}
2016-10-23 13:35:16 +00:00
mtrofin
91a5a219d4 [wasm] Avoid double-serializing the wire bytes
Since the public API for deserialization is now just DeserializeOrCompile,
we can trickle down the wire bytes to the deserialization logic, and
avoid the need for duplicating the wire bytes when serializing.

BUG=chromium:657316

Review-Url: https://chromiumcodereview.appspot.com/2433273002
Cr-Commit-Position: refs/heads/master@{#40516}
2016-10-22 15:15:04 +00:00
v8-autoroll
3a7b389879 Update V8 DEPS.
Rolling v8/build: ee7e988..a3b623a

Rolling v8/third_party/catapult: 147f2cf..b7d8fe8

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://chromiumcodereview.appspot.com/2445563002
Cr-Commit-Position: refs/heads/master@{#40515}
2016-10-22 03:44:25 +00:00
jkummerow
226d627829 [stubs] Fine-tune monomorphic IC dispatcher performance
BUG=chromium:657786

Review-Url: https://chromiumcodereview.appspot.com/2436423003
Cr-Commit-Position: refs/heads/master@{#40514}
2016-10-21 20:26:50 +00:00
titzer
71b63a95fa [wasm] Enable all WASM tests (experiment).
R=bradnelson@chromium.org
BUG=

Review-Url: https://chromiumcodereview.appspot.com/2436953004
Cr-Commit-Position: refs/heads/master@{#40513}
2016-10-21 18:16:11 +00:00
ishell
80f163ce34 Revert of [ic] Support data handlers that represent simple field stores. (patchset #2 id:40001 of https://codereview.chromium.org/2438553003/ )
Reason for revert:
http://build.chromium.org/p/client.v8/builders/V8%20Mac%20GC%20Stress/builds/9306 "V8 Mac GC Stress"

Original issue's description:
> [ic] Support data handlers that represent simple field stores.
>
> BUG=
>
> Review-Url: https://codereview.chromium.org/2438553003
> Cr-Commit-Position: refs/heads/master@{#40503}

TBR=jkummerow@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review-Url: https://chromiumcodereview.appspot.com/2442523003
Cr-Commit-Position: refs/heads/master@{#40512}
2016-10-21 17:54:27 +00:00
ishell
d2557f2e9d [ic] Support data handlers that represent simple field stores.
BUG=

Review-Url: https://codereview.chromium.org/2438553003
Review-Url: https://chromiumcodereview.appspot.com/2438553003
Cr-Original-Commit-Position: refs/heads/master@{#40503}
Cr-Commit-Position: refs/heads/master@{#40511}
2016-10-21 16:42:40 +00:00
neis
cadfe092a2 [modules] Fix bugs in assignments to exported variables.
- Add hole check if needed.
- Preserve the accumulator so that the result is the rhs.

R=adamk@chromium.org
BUG=v8:1569,v8:5547

Review-Url: https://chromiumcodereview.appspot.com/2438653003
Cr-Commit-Position: refs/heads/master@{#40510}
2016-10-21 14:24:31 +00:00
jgruber
44375382c1 [builtins] Update TFJ macro to take actual argc
Up until now, the TFJ macro would take 'argc + 1' for the implicitly
passed receiver. Decrease the cognitive load by making it take the
explicit argc.

BUG=

Review-Url: https://chromiumcodereview.appspot.com/2439013003
Cr-Commit-Position: refs/heads/master@{#40509}
2016-10-21 13:47:59 +00:00
neis
dd614f55ce [modules] Check more invariants for Module objects in heap verifier.
R=adamk@chromium.org
BUG=v8:1569

Review-Url: https://chromiumcodereview.appspot.com/2442723002
Cr-Commit-Position: refs/heads/master@{#40508}
2016-10-21 13:40:10 +00:00
mstarzinger
e31e5e91a5 [compiler] Prepare for partially shipping Ignition.
This prepares the code-base so that Ignition can be enabled on a certain
subset of compilations without setting the {FLAG_ignition} flag (which
enables Ignition on all compilations). We should not check the flag in
question explicitly anywhere outside of the compiler heuristics.

R=mvstanton@chromium.org

Review-Url: https://chromiumcodereview.appspot.com/2443573002
Cr-Commit-Position: refs/heads/master@{#40507}
2016-10-21 13:14:28 +00:00
leszeks
4a31323e97 [compiler] Mark shared functions for optimization
The current method of marking functions for optimization, which replaces
the JSFunction's code object with one that triggers optimization, would
never allow unnamed functions to be optimized. This is an issue for a
style of programming which heavily relies on passing around closures.

This patch sets a bit on the SharedFunctionInfo when a JSFunction is
marked. When another JSFunction referring to the same SharedFunctionInfo
is lazily compiled, it immediately triggers a non-concurrent optimize.

BUG=v8:5512

Review-Url: https://chromiumcodereview.appspot.com/2437043002
Cr-Commit-Position: refs/heads/master@{#40506}
2016-10-21 13:13:07 +00:00
jgruber
a4ff04ab13 Revert of [ic] Support data handlers that represent simple field stores. (patchset #1 id:20001 of https://chromiumcodereview.appspot.com/2438553003/ )
Reason for revert:
http://build.chromium.org/p/client.v8/builders/V8%20Mac%20GC%20Stress/builds/9299

Original issue's description:
> [ic] Support data handlers that represent simple field stores.
>
> BUG=

TBR=jkummerow@chromium.org,ishell@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review-Url: https://chromiumcodereview.appspot.com/2439053002
Cr-Commit-Position: refs/heads/master@{#40505}
2016-10-21 12:46:44 +00:00
jgruber
a8e30c0e68 [regexp] Add fast-path for global, callable replace
This adds a fast-path for calls to RegExp.prototype[@@replace] for cases in
which the given regexp is unmodified and global, and the given replace argument
is callable.

The fast-path implementation itself is almost identical to the original JS
implementation except that it currently does not reuse result_array.

SunSpider/unpack-code relies heavily on this codepath.

BUG=v8:5339

Review-Url: https://chromiumcodereview.appspot.com/2433923003
Cr-Commit-Position: refs/heads/master@{#40504}
2016-10-21 12:12:18 +00:00
ishell
1f697f4231 [ic] Support data handlers that represent simple field stores.
BUG=

Review-Url: https://chromiumcodereview.appspot.com/2438553003
Cr-Commit-Position: refs/heads/master@{#40503}
2016-10-21 12:09:12 +00:00
jgruber
0e76a9c369 [stubs] Add IsCallableMap predicate to CSA
Add an IsCallableMap predicate to code-stub-assembler which tests
whether the given map is callable, and adjust all use sites.

BUG=

Review-Url: https://chromiumcodereview.appspot.com/2435283002
Cr-Commit-Position: refs/heads/master@{#40502}
2016-10-21 12:01:26 +00:00
jgruber
eb10dc4c91 [regexp] Use consistent map checks for fast paths
These map checks were implemented for TF code already. This CL makes
sure that parts implemented in C++ follow the same logic, which is:

An object is an unmodified regexp if:
1) it's a receiver,
2) its map is the initial regexp map,
3) its prototype is a receiver,
4) and its prototype's map is the initial prototype's initial map.

We can now be smarter in @@replace and @@split since checking maps
(unlike the previous check of RegExp.prototype.exec) is not observable,
so we can perform fast-path checks at a time of our choosing.

BUG=v8:5339,v8:5434,v8:5123

Review-Url: https://chromiumcodereview.appspot.com/2434983002
Cr-Commit-Position: refs/heads/master@{#40501}
2016-10-21 11:58:50 +00:00
mlippautz
da2f61030c Add flag --single-threaded
BUG=

Review-Url: https://chromiumcodereview.appspot.com/2420063002
Cr-Commit-Position: refs/heads/master@{#40500}
2016-10-21 11:47:36 +00:00
machenbach
0b7e35ff16 Revert of [regexp] Use consistent map checks for fast paths (patchset #7 id:120001 of https://chromiumcodereview.appspot.com/2434983002/ )
Reason for revert:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/10853

Original issue's description:
> [regexp] Use consistent map checks for fast paths
>
> These map checks were implemented for TF code already. This CL makes
> sure that parts implemented in C++ follow the same logic, which is:
>
> An object is an unmodified regexp if:
> 1) it's a receiver,
> 2) its map is the initial regexp map,
> 3) its prototype is a receiver,
> 4) and its prototype's map is the initial prototype's initial map.
>
> We can now be smarter in @@replace and @@split since checking maps
> (unlike the previous check of RegExp.prototype.exec) is not observable,
> so we can perform fast-path checks at a time of our choosing.
>
> BUG=v8:5339,v8:5434,v8:5123

TBR=yangguo@chromium.org,jgruber@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5339,v8:5434,v8:5123

Review-Url: https://chromiumcodereview.appspot.com/2438283002
Cr-Commit-Position: refs/heads/master@{#40499}
2016-10-21 11:15:20 +00:00
jacob.bramley
2e360cd83f Improve phi hinting heuristics.
The basic intention is to try to remove unnecessary moves caused by
hints in otherwise empty blocks. Roughly:

Before                          After
-----------------------------------------------------------
B0: add   x1, ...               B0: add   x1, ...
    b.ne  B2                        b.eq  B3
B1: mov   x0, x1                B1: [empty]
    b     B3
B2: add   x0, x1, ...           B2: add   x1, x1, ...
B3: phi(B1,B2) in x0            B3: phi(B0,B1) in x1

Hinting is also improved in cases where one of the inputs is already
allocated. This occurs commonly on architectures with instructions which
write into fixed registers, for example.

BUG=

Review-Url: https://chromiumcodereview.appspot.com/2125463002
Cr-Commit-Position: refs/heads/master@{#40498}
2016-10-21 10:44:47 +00:00
ulan
14be3846bd [heap] Account mark-compact prologue and epilogue in GC tracer.
BUG=

Review-Url: https://chromiumcodereview.appspot.com/2442693002
Cr-Commit-Position: refs/heads/master@{#40497}
2016-10-21 10:14:35 +00:00
hpayer
726becfb49 Reland Update implementation of atomics with latest Chromium version but use compiler builtin atomics
BUG=

Review-Url: https://chromiumcodereview.appspot.com/2438273002
Cr-Commit-Position: refs/heads/master@{#40496}
2016-10-21 10:05:42 +00:00
jgruber
bac992a114 [regexp] Use consistent map checks for fast paths
These map checks were implemented for TF code already. This CL makes
sure that parts implemented in C++ follow the same logic, which is:

An object is an unmodified regexp if:
1) it's a receiver,
2) its map is the initial regexp map,
3) its prototype is a receiver,
4) and its prototype's map is the initial prototype's initial map.

We can now be smarter in @@replace and @@split since checking maps
(unlike the previous check of RegExp.prototype.exec) is not observable,
so we can perform fast-path checks at a time of our choosing.

BUG=v8:5339,v8:5434,v8:5123

Review-Url: https://chromiumcodereview.appspot.com/2434983002
Cr-Commit-Position: refs/heads/master@{#40495}
2016-10-21 09:58:38 +00:00
hpayer
a007dfc18e [heap] Move typed slot filtering logic into sweeper.
Additionally, remove all code related to the old-style slots filtering and black area end markers.

BUG=chromium:648568

Review-Url: https://chromiumcodereview.appspot.com/2440683002
Cr-Commit-Position: refs/heads/master@{#40494}
2016-10-21 09:05:00 +00:00
shiyu.zhang
1b08c7a777 Add basic instruction latency modeling for ia32 and x64 respectively.
The bigcore shares same instruction latency table as smallcore (ATOM).
The accurate latency modeling will benefit the instruction scheduler for
ia32 and x64 without introducing extra regression.

Review-Url: https://chromiumcodereview.appspot.com/2130153003
Cr-Commit-Position: refs/heads/master@{#40493}
2016-10-21 09:00:14 +00:00
verwaest
cc782c0a16 Only rewrite all statements in a block if we're in a breakable scope
BUG=

Review-Url: https://chromiumcodereview.appspot.com/2431273002
Cr-Commit-Position: refs/heads/master@{#40492}
2016-10-21 08:51:28 +00:00
machenbach
53aa05cdff [test] Skip flaky test.
BUG=v8:5553
NOTRY=true
TBR=hablich@chromium.org

Review-Url: https://chromiumcodereview.appspot.com/2440693003
Cr-Commit-Position: refs/heads/master@{#40491}
2016-10-21 08:40:12 +00:00
gdeepti
5afa8ed77a [wasm] GrowMemory should update imported memory objects.
When the instance has imported memory, calling GrowMemory should update the memory object to have a consistent view of the memory. This fixes the failing emscripten test case, added a reduced test that simulates the same behavior.

R=titzer@chromium.org, dschuff@chromium.org

Review-Url: https://chromiumcodereview.appspot.com/2438673006
Cr-Commit-Position: refs/heads/master@{#40490}
2016-10-21 08:38:52 +00:00
machenbach
6e162add3e Revert of Update implementation of atomics with latest Chromium version but use compiler builtin atomics (patchset #10 id:190001 of https://chromiumcodereview.appspot.com/2425963002/ )
Reason for revert:
https://build.chromium.org/p/client.v8.ports/builders/V8%20Android%20Arm64%20-%20builder/builds/4851

Original issue's description:
> Update implementation of atomics with latest Chromium version but use compiler builtin atomics
>
> Ideally, we would use the standard library. However, when we are compiling against an older version of the standard library the atomic implementation may be slow.
>
> BUG=

TBR=mlippautz@chromium.org,ulan@chromium.org,jarin@chromium.org,hpayer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review-Url: https://chromiumcodereview.appspot.com/2438983002
Cr-Commit-Position: refs/heads/master@{#40489}
2016-10-21 08:10:31 +00:00
hpayer
343c4ebdd1 Update implementation of atomics with latest Chromium version but use compiler builtin atomics
Ideally, we would use the standard library. However, when we are compiling against an older version of the standard library the atomic implementation may be slow.

BUG=

Review-Url: https://chromiumcodereview.appspot.com/2425963002
Cr-Commit-Position: refs/heads/master@{#40488}
2016-10-21 07:33:10 +00:00
yangguo
2f135d464c [debugger] basic test infrastructure for new debugger test api.
This introduces:
- a way in d8 to send messages to the inspector and receive responses.
- a new test suite where existing debugger tests should migrate to.

R=jgruber@chromium.org, kozyatinskiy@chromium.org, machenbach@chromium.org
BUG=v8:5530

Review-Url: https://chromiumcodereview.appspot.com/2425973002
Cr-Commit-Position: refs/heads/master@{#40487}
2016-10-21 06:38:05 +00:00