Commit Graph

32884 Commits

Author SHA1 Message Date
hablich
45b5019705 Revert of [gn] Don't use PIE for host executables (patchset #2 id:20001 of https://codereview.chromium.org/2179303003/ )
Reason for revert:
Breaks roll: https://codereview.chromium.org/2182043004/

Original issue's description:
> [gn] Don't use PIE for host executables
>
> Using PIE switches on ASLR. With mksnapshot, this can lead
> to non-deterministic snapshots.
>
> BUG=v8:5233
>
> Committed: https://crrev.com/4ca39b53245619d94a80a93939613774e68e4649
> Cr-Commit-Position: refs/heads/master@{#38084}

TBR=jochen@chromium.org,vogelheim@chromium.org,yangguo@chromium.org,machenbach@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5233

Review-Url: https://codereview.chromium.org/2187613003
Cr-Commit-Position: refs/heads/master@{#38092}
2016-07-27 11:44:56 +00:00
epertoso
43a86ff3b7 [turbofan] Add the CheckedTruncateTaggedToWord32 opcode.
This leads to a better handling of the Smi case when we introduce a checked truncation from a number or oddbal to a 32 bit word, which we were previously doing by concatenating a Smi to float64 conversion with a float64 to word32 truncation.

BUG=

Review-Url: https://codereview.chromium.org/2191503002
Cr-Commit-Position: refs/heads/master@{#38091}
2016-07-27 11:41:27 +00:00
balazs.kilvady
d30070d322 Fix 'Fix [turbofan] Prevent storing signalling NaNs into holey double arrays.'
Port 52f2ceb052

Original commit message:
On MIPS different signaling NaN values must be used for hardware and simulator targets, even at snapshot generation when always simulator is used.

This introduces SilenceNaN operator, which makes sure that we only
store quiet NaNs into holey arrays. We omit the NaN silencing code
at instruction selection time if the input is an operation that
cannot possibly produce signalling NaNs.

BUG=
TEST=mjsunit/compiler/regress-store-holey-double-array

Review-Url: https://codereview.chromium.org/2188433002
Cr-Commit-Position: refs/heads/master@{#38090}
2016-07-27 10:57:14 +00:00
machenbach
3dedc3e5ce [gn] Fix sanitizer configs
This prepares for https://codereview.chromium.org/2188693002/

With the current configuration, sanitizers wouldn't be used
at all. The clang configuration is automatically derived
in GN.

BUG=chromium:474921
NOTRY=true

Review-Url: https://codereview.chromium.org/2184683004
Cr-Commit-Position: refs/heads/master@{#38089}
2016-07-27 09:59:37 +00:00
bmeurer
14e2bcda85 [turbofan] Also eliminate branches during load elimination.
Also run the BranchElimination (plus CommonOperatorReducer and the
DeadCodeElimination) during the load elimination phase, so we can
elminate some Phi nodes early on that would otherwise confuse the
truncation analysis and/or representation selection, i.e. if there's a
branch that is never taken, that would yield undefined, we'd have to
choose tagged representation for the Phi, even if the always taken
branch yields an integer.

R=epertoso@chromium.org
BUG=v8:4930,v8:5141

Review-Url: https://codereview.chromium.org/2190543002
Cr-Commit-Position: refs/heads/master@{#38088}
2016-07-27 09:28:51 +00:00
yangguo
071b655fa9 [debugger] Scope iterator should not visit inner function literals.
R=marja@chromium.org
BUG=chromium:621361

Review-Url: https://codereview.chromium.org/2185913003
Cr-Commit-Position: refs/heads/master@{#38087}
2016-07-27 09:04:20 +00:00
epertoso
94ab292fba [turbofan] Adds handling of number or oddball type feedback to SpeculativeNumberShiftLeft.
This required the introduction of the CheckedNumberOrOddballAsWord32 use info, and a change in the RepresentationChanger to handle it.

BUG=

Review-Url: https://codereview.chromium.org/2184513003
Cr-Commit-Position: refs/heads/master@{#38086}
2016-07-27 09:04:19 +00:00
mstarzinger
908f355ecc [interpreter] Enable OSR test that no longer fails.
R=mythria@chromium.org
TEST=mjsunit/regress/regress-2618
BUG=v8:4764

Review-Url: https://codereview.chromium.org/2183463003
Cr-Commit-Position: refs/heads/master@{#38085}
2016-07-27 08:58:53 +00:00
machenbach
4ca39b5324 [gn] Don't use PIE for host executables
Using PIE switches on ASLR. With mksnapshot, this can lead
to non-deterministic snapshots.

BUG=v8:5233

Review-Url: https://codereview.chromium.org/2179303003
Cr-Commit-Position: refs/heads/master@{#38084}
2016-07-27 08:38:24 +00:00
mstarzinger
1314406c47 [interpreter] Implement OSR graph construction from bytecode.
This implements graph construction for entry via on-stack replacement
within the {BytecodeGraphBuilder}. Entry points are at loop headers
similar to previous OSR implementations. All interpreter registers are
addressable via {OsrValue} nodes in the graph. Currently we rely on
{OsrPoll} bytecodes to be placed right after loop headers (i.e. at the
targets of back edges).

R=jarin@chromium.org
BUG=v8:4764

Review-Url: https://codereview.chromium.org/2171083004
Cr-Commit-Position: refs/heads/master@{#38083}
2016-07-27 08:21:05 +00:00
machenbach
0bb05780b3 [gn] Switch arm64 bots to gn
BUG=chromium:474921
NOTRY=true

Review-Url: https://codereview.chromium.org/2182563003
Cr-Commit-Position: refs/heads/master@{#38082}
2016-07-27 08:21:04 +00:00
yangguo
43ab247f56 Remove NaCl support.
Review-Url: https://codereview.chromium.org/2175193003
Cr-Commit-Position: refs/heads/master@{#38081}
2016-07-27 07:50:31 +00:00
cbruni
d61eb0442d Reland of [debugging] print ranges for consecutive values with %DebugPrint (patchset #1 id:1 of https://codereview.chromium.org/2181093003/ )
Reason for revert:
Dummy initializing variables to make compilers happy.

Original issue's description:
> Revert of [debugging] print ranges for consecutive values with %DebugPrint (patchset #2 id:20001 of https://codereview.chromium.org/2169143003/ )
>
> Reason for revert:
> breaks android build due to uninitialized variable.
> https://build.chromium.org/p/client.v8.ports/builders/V8%20Arm%20-%20debug%20builder/builds/2034
>
> Original issue's description:
> > [debugging] print ranges for consecutive values with %DebugPrint
> >
> > With this CL repeated values in elements are combined into a single printout with a range.
> >
> > BEFORE:
> > - elements = {
> >   0: <undefined>
> >   1: <undefined>
> >   2: <the_hole>
> > }
> >
> > AFTER:
> >  - elements = {
> >        0-1: <undefined>
> >          2: <the_hole>
> > }
> >
> > BUG=
> >
> > Committed: https://crrev.com/ec4165742088043d8fede38db21a281e16682adb
> > Cr-Commit-Position: refs/heads/master@{#38069}
>
> TBR=yangguo@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=
>
> Committed: https://crrev.com/7b2cd8b988d257f22afc7c03cd2caf8ba2e2b3a3
> Cr-Commit-Position: refs/heads/master@{#38071}

TBR=yangguo@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review-Url: https://codereview.chromium.org/2182203004
Cr-Commit-Position: refs/heads/master@{#38080}
2016-07-27 07:50:30 +00:00
zhengxing.li
cfe1c594cf [X87] [crankshaft] Fix Math.max(-0, 0) bug.
This CL fixed one bug in crankshaft compiler for Math.max(-0, 0).

BUG=

Review-Url: https://codereview.chromium.org/2175243002
Cr-Commit-Position: refs/heads/master@{#38079}
2016-07-27 07:11:04 +00:00
jarin
e4ad0ff666 [turbofan] Remove dead code from representation changer.
Review-Url: https://codereview.chromium.org/2183373002
Cr-Commit-Position: refs/heads/master@{#38078}
2016-07-27 06:26:44 +00:00
jarin
398a114357 [turbofan] Induction variable bound analysis.
The new phase will detect loop variable, infer bounds and bake them into
the type.

Review-Url: https://codereview.chromium.org/2164263003
Cr-Commit-Position: refs/heads/master@{#38077}
2016-07-27 05:51:01 +00:00
bmeurer
3deb71fbad [turbofan] Introduce CheckString simplified operator.
Introduce the CheckString during native context specialization when we
have string map feedback on a LOAD_IC/STORE_IC. The CheckString
operator, just like its CheckNumber pendant, renames the input and
assigns a proper type, which we will use soon to lower access operations
on Strings, i.e. charCodeAt calls or keyed accesses.

R=jarin@chromium.org
BUG=v8:4930,v8:5141

Review-Url: https://codereview.chromium.org/2181943003
Cr-Commit-Position: refs/heads/master@{#38076}
2016-07-27 04:16:32 +00:00
v8-autoroll
9aca12a095 Update V8 DEPS.
Rolling v8/build to 603acacfd82e28d442da5e24bf22bbacbeefa589

Rolling v8/buildtools to 67bf0653b2eb9eabd4fc17c4bf2df828e904a558

Rolling v8/third_party/android_tools to af1c5a4cd6329ccdcf8c2bc93d9eea02f9d74869

Rolling v8/tools/clang to a98f7fa326ac2b7e1710e923c1287cde7f901d86

Rolling v8/tools/mb to 93a755bd710560a2db62300d69db0d8876c01442

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://codereview.chromium.org/2191433002
Cr-Commit-Position: refs/heads/master@{#38075}
2016-07-27 03:25:57 +00:00
lpy
13c3d06a31 Revert of [Tracing] V8 Tracing Controller (patchset #11 id:200001 of https://codereview.chromium.org/2137013006/ )
Reason for revert:
Revert this CL due to V8 Arm Builder failure and V8 Mips Builder failure.

https://build.chromium.org/p/client.v8.ports/builders/V8%20Arm%20-%20builder/builds/2456

https://build.chromium.org/p/client.v8.ports/builders/V8%20Mips%20-%20builder/builds/2506

Original issue's description:
> [Tracing] V8 Tracing Controller
>
> V8 has had a trace event macro interface for while, but without a tracing
> controller a standalone V8 would be unable to collect traces.
>
> This CL introduces a complete Tracing Controller system for V8.
> It is fully function except that it does not yet store trace event args.
>
> This CL has a few components,
> The tracing controller itself, contributed by the author of this CL
> The Trace config (including the parser), contributed by lpy@
> The Trace Object, Trace Writer, and Trace Buffer are all contributed by rksang@
>
> BUG=v8:4561
> LOG=N
>
> Committed: https://crrev.com/3d598452679ce208ad9b2f48e0fb3fae352ce375
> Cr-Commit-Position: refs/heads/master@{#38073}

TBR=jochen@chromium.org,mattloring@google.com,rskang@google.com,yangguo@chromium.org,fmeawad@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4561

Review-Url: https://codereview.chromium.org/2183943002
Cr-Commit-Position: refs/heads/master@{#38074}
2016-07-26 22:45:25 +00:00
fmeawad
3d59845267 [Tracing] V8 Tracing Controller
V8 has had a trace event macro interface for while, but without a tracing
controller a standalone V8 would be unable to collect traces.

This CL introduces a complete Tracing Controller system for V8.
It is fully function except that it does not yet store trace event args.

This CL has a few components,
The tracing controller itself, contributed by the author of this CL
The Trace config (including the parser), contributed by lpy@
The Trace Object, Trace Writer, and Trace Buffer are all contributed by rksang@

BUG=v8:4561
LOG=N

Review-Url: https://codereview.chromium.org/2137013006
Cr-Commit-Position: refs/heads/master@{#38073}
2016-07-26 22:15:39 +00:00
mlippautz
038bafcabf [heap] ObjectStats: Account for headers when computing HashTable overhead
BUG=chromium:631094
R=hpayer@chromium.org

Review-Url: https://codereview.chromium.org/2176393003
Cr-Commit-Position: refs/heads/master@{#38072}
2016-07-26 20:33:54 +00:00
cbruni
7b2cd8b988 Revert of [debugging] print ranges for consecutive values with %DebugPrint (patchset #2 id:20001 of https://codereview.chromium.org/2169143003/ )
Reason for revert:
breaks android build due to uninitialized variable.
https://build.chromium.org/p/client.v8.ports/builders/V8%20Arm%20-%20debug%20builder/builds/2034

Original issue's description:
> [debugging] print ranges for consecutive values with %DebugPrint
>
> With this CL repeated values in elements are combined into a single printout with a range.
>
> BEFORE:
> - elements = {
>   0: <undefined>
>   1: <undefined>
>   2: <the_hole>
> }
>
> AFTER:
>  - elements = {
>        0-1: <undefined>
>          2: <the_hole>
> }
>
> BUG=
>
> Committed: https://crrev.com/ec4165742088043d8fede38db21a281e16682adb
> Cr-Commit-Position: refs/heads/master@{#38069}

TBR=yangguo@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review-Url: https://codereview.chromium.org/2181093003
Cr-Commit-Position: refs/heads/master@{#38071}
2016-07-26 18:55:04 +00:00
jkummerow
9a6ee8d687 [KeyedLoadIC] Support Smi "handlers" for simple field loads
This ports 9c59539f2 / r37803 to KeyedLoadICs.

Review-Url: https://codereview.chromium.org/2182103002
Cr-Commit-Position: refs/heads/master@{#38070}
2016-07-26 17:54:32 +00:00
cbruni
ec41657420 [debugging] print ranges for consecutive values with %DebugPrint
With this CL repeated values in elements are combined into a single printout with a range.

BEFORE:
- elements = {
  0: <undefined>
  1: <undefined>
  2: <the_hole>
}

AFTER:
 - elements = {
       0-1: <undefined>
         2: <the_hole>
}

BUG=

Review-Url: https://codereview.chromium.org/2169143003
Cr-Commit-Position: refs/heads/master@{#38069}
2016-07-26 17:43:30 +00:00
cbruni
d9ceb017cc More inlineable Isolate functions
The showed up unnaturally high while profiling DOM node creation.

BUG=chromium:630217

Review-Url: https://codereview.chromium.org/2181323002
Cr-Commit-Position: refs/heads/master@{#38068}
2016-07-26 17:32:16 +00:00
mlippautz
77d6ef3877 [heap] ObjectStats: Fix off-by-one in histogram
BUG=chromium:631094
R=hpayer@chromium.org

Review-Url: https://codereview.chromium.org/2181373002
Cr-Commit-Position: refs/heads/master@{#38067}
2016-07-26 17:26:58 +00:00
mlippautz
f91727d152 Print malloc-ed memory when running with --trace-gc-object-stats.
BUG=chromium:631094

Review-Url: https://codereview.chromium.org/2181333002
Cr-Commit-Position: refs/heads/master@{#38066}
2016-07-26 16:54:25 +00:00
martyn.capewell
3a6440e48f ARM: Implement UnaligedLoad and UnaligedStore turbofan operators.
Port 580fdf3c05

This also reverses the MachineType stored for partial unaligned access support
such that it records the unsupported types, rather than supported types.

BUG=

Review-Url: https://codereview.chromium.org/2182493003
Cr-Commit-Position: refs/heads/master@{#38065}
2016-07-26 15:58:19 +00:00
mstarzinger
7bb24abe03 [interpreter] Implement static loop depth tracking.
This adds tracking of the loop depth to the {BytecodeGenerator} in order
to statically determine the loop nesting level for {OsrPoll} bytecodes.

R=rmcilroy@chromium.org
BUG=v8:4764

Review-Url: https://codereview.chromium.org/2176183002
Cr-Commit-Position: refs/heads/master@{#38064}
2016-07-26 15:44:50 +00:00
bjaideep
fbf04c3705 PPC/s390: Reland of [interpreter] Add explicit OSR polling bytecode. (patchset #1 id:1 of https://codereview.chromium.org/2184553003/ )
Port e1ad114ed2

Original commit message:

    Reason for revert:
    Fix has been landed.

    Original issue's description:
    > Revert of [interpreter] Add explicit OSR polling bytecode. (patchset #6 id:100001 of https://codereview.chromium.org/2172233002/ )
    >
    > Reason for revert:
    > Bunch of breakages. Maybe bad interaction with e520e5da55 ?
    >
    > E.g.:
    > https://build.chromium.org/p/client.v8/builders/V8%20Linux64/builds/11607
    >
    > Original issue's description:
    > > [interpreter] Add explicit OSR polling bytecode.
    > >
    > > This adds an explicit {OsrPoll} bytecode into every loop header which
    > > triggers on-stack replacement when armed. Note that each such bytecode
    > > stores the static loop depths as an operand, and hence can be armed for
    > > specific loop depths.
    > >
    > > This also adds builtin code that triggers OSR compilation and switches
    > > execution over to optimized code in case compilation succeeds. In case
    > > compilation fails, the bytecode dispatch just continues unhindered.
    > >
    > > R=rmcilroy@chromium.org
    > > TEST=mjsunit/ignition/osr-from-bytecode
    > > BUG=v8:4764
    > >
    > > Committed: https://crrev.com/a55beb68e0ededb3773affa294a71edc50621458
    > > Cr-Commit-Position: refs/heads/master@{#38043}
    >
    > TBR=rmcilroy@chromium.org,mstarzinger@chromium.org
    > # Skipping CQ checks because original CL landed less than 1 days ago.
    > NOPRESUBMIT=true
    > NOTREECHECKS=true
    > NOTRY=true
    > BUG=v8:4764
    >
    > Committed: https://crrev.com/439aa2c6d708bfd95db725bd6f97c4c49bbc51fc
    > Cr-Commit-Position: refs/heads/master@{#38044}

R=mstarzinger@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com

BUG=v8:4764
LOG=N

Review-Url: https://codereview.chromium.org/2182173002
Cr-Commit-Position: refs/heads/master@{#38063}
2016-07-26 15:41:17 +00:00
tandrii
7588e80314 Revert of [release] Change blink trybot name on v8 roll CLs (patchset #1 id:1 of https://codereview.chromium.org/2185513002/ )
Reason for revert:
Revert,  because blink tryserver bot rename is reverted.

BUG=chromium:631448

Original issue's description:
> [release] Change blink trybot name on v8 roll CLs
>
> BUG=chromium:590036
> NOTRY=true
>
> Committed: https://crrev.com/a5fae1039409864295b42a6f33cef85ca9396bda
> Cr-Commit-Position: refs/heads/master@{#38041}

TBR=hablich@chromium.org,machenbach@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:590036

Review-Url: https://codereview.chromium.org/2186593003
Cr-Commit-Position: refs/heads/master@{#38062}
2016-07-26 15:34:13 +00:00
cbruni
10474d18af [debugging] Show internal fields with %DebugPrint
BUG=

Review-Url: https://codereview.chromium.org/2178363003
Cr-Commit-Position: refs/heads/master@{#38061}
2016-07-26 15:27:27 +00:00
bjaideep
d05c2f02c5 PPC: Fixed RememberedSetRemoveRange to have chunk->size > PageSize
Increased array size in the testcase such that the chunk size is
greater that the page size on PPC (4MB). This fixes the case when
(start + Page::kPageSize) memory location is tested to be part of
the chunk.
The testcase was added as part of https://codereview.chromium.org/2110213003/

R=ulan@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com

BUG=
LOG=N

Review-Url: https://codereview.chromium.org/2182113002
Cr-Commit-Position: refs/heads/master@{#38060}
2016-07-26 15:10:20 +00:00
ishell
13aa1d0203 [stubs] Call interface descriptors cleanup.
This is a first step towards a perfect world where a call interface descriptor is the only place that defines calling convention for a particular code stub.

Review-Url: https://codereview.chromium.org/2172223002
Cr-Commit-Position: refs/heads/master@{#38059}
2016-07-26 14:56:35 +00:00
rmcilroy
ae752848c8 [Interpreter] Fix compiler.cc to consistently check for FLAG_ignition in ShouldUseIgnition.
BUG=chromium:631158

Review-Url: https://codereview.chromium.org/2185623002
Cr-Commit-Position: refs/heads/master@{#38058}
2016-07-26 14:49:38 +00:00
hpayer
9e37a07c8d [heap] Reland "Remove black pages and use black areas instead."
BUG=630969,630386
LOG=n

Review-Url: https://codereview.chromium.org/2185613002
Cr-Commit-Position: refs/heads/master@{#38057}
2016-07-26 14:42:48 +00:00
mstarzinger
e1ad114ed2 Reland of [interpreter] Add explicit OSR polling bytecode. (patchset #1 id:1 of https://codereview.chromium.org/2184553003/ )
Reason for revert:
Fix has been landed.

Original issue's description:
> Revert of [interpreter] Add explicit OSR polling bytecode. (patchset #6 id:100001 of https://codereview.chromium.org/2172233002/ )
>
> Reason for revert:
> Bunch of breakages. Maybe bad interaction with e520e5da55 ?
>
> E.g.:
> https://build.chromium.org/p/client.v8/builders/V8%20Linux64/builds/11607
>
> Original issue's description:
> > [interpreter] Add explicit OSR polling bytecode.
> >
> > This adds an explicit {OsrPoll} bytecode into every loop header which
> > triggers on-stack replacement when armed. Note that each such bytecode
> > stores the static loop depths as an operand, and hence can be armed for
> > specific loop depths.
> >
> > This also adds builtin code that triggers OSR compilation and switches
> > execution over to optimized code in case compilation succeeds. In case
> > compilation fails, the bytecode dispatch just continues unhindered.
> >
> > R=rmcilroy@chromium.org
> > TEST=mjsunit/ignition/osr-from-bytecode
> > BUG=v8:4764
> >
> > Committed: https://crrev.com/a55beb68e0ededb3773affa294a71edc50621458
> > Cr-Commit-Position: refs/heads/master@{#38043}
>
> TBR=rmcilroy@chromium.org,mstarzinger@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:4764
>
> Committed: https://crrev.com/439aa2c6d708bfd95db725bd6f97c4c49bbc51fc
> Cr-Commit-Position: refs/heads/master@{#38044}

TBR=rmcilroy@chromium.org,machenbach@chromium.org
BUG=v8:4764

Review-Url: https://codereview.chromium.org/2184713002
Cr-Commit-Position: refs/heads/master@{#38056}
2016-07-26 14:32:32 +00:00
bmeurer
968d3bce58 [x64] Apply leaq optimizations similar to leal.
So far we didn't really recognize leaq, but only leal instructions in
the x64 InstructionSelector. Now that we actually generate more of them,
we should also pay more attention to those.

R=epertoso@chromium.org

Review-Url: https://codereview.chromium.org/2186573002
Cr-Commit-Position: refs/heads/master@{#38055}
2016-07-26 14:19:07 +00:00
machenbach
a06f63a2d3 [gn] Switch off java targets for v8 standalone
BUG=chromium:629806

Review-Url: https://codereview.chromium.org/2187433002
Cr-Commit-Position: refs/heads/master@{#38054}
2016-07-26 14:15:31 +00:00
jpp
060d984c94 [wasm][asm2wasm] Fixes a bug in 8-bit heap view accesses.
The bug was caused when validating expressions

X >> 0

for indexing into 8-bit heap views. If X was not an intish, the 'normal'
validation path would fail. That, however, left the type of X registered
in the AsmTyper::node_types_ member.

Later, in the 'lenient' code path for 8-bit views, the entire X >> 0
expression would be validated, which would cause X to be validated
again, at which point AsmTyper::SetTypeOf() would DCHECK because the
supplied node already had a type associated with it.

The fix was to simply FAIL() when X is not an intish. This is safe
because if X is not an intish, then

Validate(>>, !intish, FixNum)

will also fail.

BUG= https://bugs.chromium.org/p/chromium/issues/detail?id=628803
BUG= https://bugs.chromium.org/p/v8/issues/detail?id=4203
TEST= cctest/asmjs/test-asm-typer.cc
LOG= N

Review-Url: https://codereview.chromium.org/2181723002
Cr-Commit-Position: refs/heads/master@{#38053}
2016-07-26 14:05:05 +00:00
mstarzinger
94606a88e2 [interpreter] Disable OSR for BytecodeGenerator tests.
R=rmcilroy@chromium.org
TEST=cctest/test-bytecode-generator
BUG=v8:4764

Review-Url: https://codereview.chromium.org/2184663002
Cr-Commit-Position: refs/heads/master@{#38052}
2016-07-26 13:48:11 +00:00
bmeurer
5d2d46e388 [turbofan] Perform element index computation in word64 on 64-bit platforms.
This allows us to fuse the address computation with the actual memory
access operation on x64, which reduces the register pressure and the
number of instructions. There's probably some follow up cleanup that has
to happen to make sure the machine operator optimizations that are
relevant to word64 computations are also available (similar to what is
already available for word32).

R=epertoso@chromium.org

Review-Url: https://codereview.chromium.org/2183043002
Cr-Commit-Position: refs/heads/master@{#38051}
2016-07-26 13:14:04 +00:00
bmeurer
5c2d13a1ed [turbofan] Track up to 32 fields for LoadElimination.
With the current approach we cannot eliminate context accesses in
mid-size function contexts, so let's bump the limit a bit to make
sure we can optimize those as well.

R=jarin@chromium.org
BUG=v8:4930,v8:5141

Review-Url: https://codereview.chromium.org/2182973004
Cr-Commit-Position: refs/heads/master@{#38050}
2016-07-26 12:43:05 +00:00
bmeurer
bec00d246c [turbofan] Run JSGenericLowering as separate phase.
This works around the problem that the lowering for JSStackCheck doesn't
play well with effect chain based state tracking, because it doesn't
report the correct changes (we will address this with a better handling
of stack checks soon).

It also allows us to run the EarlyOptimizationPhase concurrently, which
doesn't need to access the heap or generate code stubs.

R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2183033002
Cr-Commit-Position: refs/heads/master@{#38049}
2016-07-26 12:36:07 +00:00
machenbach
7e1867d664 [gn] Set reasonable defaults for debugging
BUG=chromium:474921

Review-Url: https://codereview.chromium.org/2182933002
Cr-Commit-Position: refs/heads/master@{#38048}
2016-07-26 12:01:39 +00:00
ishell
2fec36d9ad [ic] Avoid memory wasting when allocating names table of type feedback metadata.
BUG=chromium:625894

Review-Url: https://codereview.chromium.org/2181303002
Cr-Commit-Position: refs/heads/master@{#38047}
2016-07-26 12:01:38 +00:00
yangguo
1d2793f877 Remove dead code for generated code coverage.
This feature has not been used in the past few years and most likely does not
even work anymore.

R=ishell@chromium.org

Review-Url: https://codereview.chromium.org/2186533002
Cr-Commit-Position: refs/heads/master@{#38046}
2016-07-26 11:54:43 +00:00
bgeron
fbccad5c66 [turbolizer] Remember the last phase, search query, and pane expansions.
BUG=
R=danno

Review-Url: https://codereview.chromium.org/2171543004
Cr-Commit-Position: refs/heads/master@{#38045}
2016-07-26 11:47:24 +00:00
machenbach
439aa2c6d7 Revert of [interpreter] Add explicit OSR polling bytecode. (patchset #6 id:100001 of https://codereview.chromium.org/2172233002/ )
Reason for revert:
Bunch of breakages. Maybe bad interaction with e520e5da55 ?

E.g.:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64/builds/11607

Original issue's description:
> [interpreter] Add explicit OSR polling bytecode.
>
> This adds an explicit {OsrPoll} bytecode into every loop header which
> triggers on-stack replacement when armed. Note that each such bytecode
> stores the static loop depths as an operand, and hence can be armed for
> specific loop depths.
>
> This also adds builtin code that triggers OSR compilation and switches
> execution over to optimized code in case compilation succeeds. In case
> compilation fails, the bytecode dispatch just continues unhindered.
>
> R=rmcilroy@chromium.org
> TEST=mjsunit/ignition/osr-from-bytecode
> BUG=v8:4764
>
> Committed: https://crrev.com/a55beb68e0ededb3773affa294a71edc50621458
> Cr-Commit-Position: refs/heads/master@{#38043}

TBR=rmcilroy@chromium.org,mstarzinger@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4764

Review-Url: https://codereview.chromium.org/2184553003
Cr-Commit-Position: refs/heads/master@{#38044}
2016-07-26 11:07:20 +00:00
mstarzinger
a55beb68e0 [interpreter] Add explicit OSR polling bytecode.
This adds an explicit {OsrPoll} bytecode into every loop header which
triggers on-stack replacement when armed. Note that each such bytecode
stores the static loop depths as an operand, and hence can be armed for
specific loop depths.

This also adds builtin code that triggers OSR compilation and switches
execution over to optimized code in case compilation succeeds. In case
compilation fails, the bytecode dispatch just continues unhindered.

R=rmcilroy@chromium.org
TEST=mjsunit/ignition/osr-from-bytecode
BUG=v8:4764

Review-Url: https://codereview.chromium.org/2172233002
Cr-Commit-Position: refs/heads/master@{#38043}
2016-07-26 10:35:17 +00:00