Commit Graph

18820 Commits

Author SHA1 Message Date
titzer
125d31ecfd [turbofan] Address minor TODOs in instruction selector.
R=dcarney@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1029383002

Cr-Commit-Position: refs/heads/master@{#27410}
2015-03-24 14:09:39 +00:00
titzer
9ac4ab799c [turbofan] Remove Instruction::IsControl() and Instruction::MarkAsControl()
R=dcarney@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1031803004

Cr-Commit-Position: refs/heads/master@{#27409}
2015-03-24 14:05:35 +00:00
dcarney
97eb0a0059 run phantom handle callbacks first
BUG=

Review URL: https://codereview.chromium.org/1034473002

Cr-Commit-Position: refs/heads/master@{#27408}
2015-03-24 13:36:58 +00:00
dcarney
adeb82ef23 fix disposal of phantom handles in GlobalValueMap
additionally, add a drive by fix to WeakCallbackInfo

R=jochen@chromium.org, erikcorry@chromium.org

BUG=

Review URL: https://codereview.chromium.org/1026283004

Cr-Commit-Position: refs/heads/master@{#27407}
2015-03-24 13:22:15 +00:00
titzer
01269228b8 [turbofan] Add RegisterAllocator::NewLiveRange() utility method.
R=dcarney@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1036433002

Cr-Commit-Position: refs/heads/master@{#27405}
2015-03-24 13:17:37 +00:00
aperez
00844d466b Cleanups needed for this-scoping in arrow functions
Remove Variable::IsValidReference(), and the Variable::is_valid_ref_
member: This was "false" only for "this", and for internal variables.
For the first, VariableProxy::is_this() can be used for the check
instead; and for internal variables, it is guaranteed they they will
not be written to (because the V8 code does not do it, and they are
not accessible from JavaScript).

The "bool is_this" parameter of VariableProxy() constructor is
changed to use Variable::Kind. This will allow to later on adding
a parameter to create unresolved variables of any kind, which in
turn will be used to make references to "this" initially unresolved,
and use the existing variable resolution mechanics for "this".

BUG=v8:2700
LOG=N

Review URL: https://codereview.chromium.org/1024703004

Cr-Commit-Position: refs/heads/master@{#27404}
2015-03-24 13:08:34 +00:00
loislo
ae461b9ed0 CpuProfiler: push the collected information about deopts to cpu profiler
it is the last patch of https://codereview.chromium.org/1012633002

All that we need here is to push the collected info to the profiler
and convert it into actionable information about deopt.

On the Next: get the info accessible by embedder.

BUG=chromium:452067
LOG=n
TEST=DeoptAtFirstLevelInlinedSource, DeoptAtSecondLevelInlinedSource, DeoptUntrackedFunction

Review URL: https://codereview.chromium.org/1013143003

Cr-Commit-Position: refs/heads/master@{#27403}
2015-03-24 12:46:26 +00:00
caitpotter88
6fcc22dce1 [es6] call ToString() on template substitutions
BUG=v8:3980
R=arv@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1027183002

Cr-Commit-Position: refs/heads/master@{#27402}
2015-03-24 12:44:01 +00:00
titzer
e62f754de7 [turbofan] Rename Node::RemoveAllInputs() to Node::NullAllInputs().
R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1032553006

Cr-Commit-Position: refs/heads/master@{#27401}
2015-03-24 12:40:13 +00:00
erikcorry
36d7aa6817 Fix out of date assert after PropertyCell enterbung
R=verwaest@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1028393002

Cr-Commit-Position: refs/heads/master@{#27400}
2015-03-24 12:16:20 +00:00
verwaest
c46a937220 If CallNew targets a constant global, set its state to monomorphic
BUG=

Review URL: https://codereview.chromium.org/1023103003

Cr-Commit-Position: refs/heads/master@{#27399}
2015-03-24 12:05:55 +00:00
machenbach
310d75218e Revert of [V8] Removed SourceLocationRestrict (patchset #3 id:40001 of https://codereview.chromium.org/1022333004/)
Reason for revert:
[Sheriff] This seems to change layout test expectations of some tests, e.g.:
http://build.chromium.org/p/client.v8/builders/V8-Blink%20Linux%2064%20%28dbg%29/builds/2317

Expectation example:
https://storage.googleapis.com/chromium-layout-test-archives/V8-Blink_Linux_64__dbg_/2317/layout-test-results/fast/events/window-onerror-11-pretty-diff.html

Please add a needsmanualrebaseline expectation to the tests affected by this change on the blink side first before relanding.

Original issue's description:
> [V8] Removed SourceLocationRestrict
>
> This method uses in messages.js in GetSourceLine and GetPositionInLine. This methods uses in v8::Message API methods and there is no documentation about it.
> Method looks obsolete.
> One of the strange side effect is shown by attached issue.
>
> BUG=chromium:468781
> R=yangguo@chromium.org
> LOG=Y
>
> Committed: https://crrev.com/b563ceac0f95551a128a1403cdbacc7aefcdabaf
> Cr-Commit-Position: refs/heads/master@{#27374}

TBR=yangguo@chromium.org,kozyatinskiy@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:468781

Review URL: https://codereview.chromium.org/1028413002

Cr-Commit-Position: refs/heads/master@{#27398}
2015-03-24 12:04:43 +00:00
chunyang.dai
c9db590d3b X87: [stubs] Add missing interface descriptor for the CompareIC.
port e18e3cd4d8 (r27305)

original commit message:

  [stubs] Add missing interface descriptor for the CompareIC.

BUG=

Review URL: https://codereview.chromium.org/1024553007

Cr-Commit-Position: refs/heads/master@{#27397}
2015-03-24 10:23:46 +00:00
chunyang.dai
10cd7247a3 X87: Serializer: serialize internal references via object visitor.
port 7c149afb6c (r27275).

original commit message:

 Serializer: serialize internal references via object visitor.

BUG=

Review URL: https://codereview.chromium.org/1029793002

Cr-Commit-Position: refs/heads/master@{#27396}
2015-03-24 10:17:35 +00:00
chunyang.dai
62c546517f X87: Remove PropertyCell space
port 16c8485a35 (r27269).

original commit message:

  Replaces StoreGlobalCell / LoadGlobalCell with NamedField variants that use write barriers.

BUG=

Review URL: https://codereview.chromium.org/1013543004

Cr-Commit-Position: refs/heads/master@{#27395}
2015-03-24 10:10:59 +00:00
chunyang.dai
40de9c3f02 X87: Use platform specific stubs for vector-based Load/KeyedLoad.
port 34a1a76ddf (r27235)

original commit message:

  A hydrogen code stub is not the best approach because it builds a frame
  and doesn't have the technology to discard roots at tail call exits.
  Platform-specific stubs provide much better performance at this point.

BUG=

Review URL: https://codereview.chromium.org/1025073005

Cr-Commit-Position: refs/heads/master@{#27394}
2015-03-24 10:06:21 +00:00
jacob.bramley
a5ce9994a5 Revert "ARM64: use jssp for stack slots"
This reverts r21101. r21101 appears to be at fault for the ARM64
failures here: https://codereview.chromium.org/1023103003

BUG=

Review URL: https://codereview.chromium.org/1019393003

Cr-Commit-Position: refs/heads/master@{#27393}
2015-03-24 09:51:35 +00:00
michael_dawson
f8183277c1 PPC: [es6] implement Reflect.apply() & Reflect.construct()
Port d21fd15467

Original commit message:
BUG=v8:3900
LOG=N

R=mbrandy@us.ibm.com, svenpanne@chromium.org, danno@chromium.org, jkummerow@chromium.org, dslomov@chromium.org

Review URL: https://codereview.chromium.org/999613004

Cr-Commit-Position: refs/heads/master@{#27392}
2015-03-24 09:37:59 +00:00
michael_dawson
b051c7aabe PPC: [turbofan] Turn Math.clz32 into an inlinable builtin.
Port 3aa206b865

Original commit message:
R=dcarney@chromium.org, yangguo@chromium.org
BUG=v8:3952
LOG=n

R=mbrandy@us.ibm.com, svenpanne@chromium.org, danno@chromium.org, jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1028313003

Cr-Commit-Position: refs/heads/master@{#27391}
2015-03-24 09:31:45 +00:00
michael_dawson
833364a7de PPC: [es6] generate rest parameters correctly for subclass constructors
commit bef80fcfd7

Original commit message:
BUG=v8:3977
R=dslomov@chromium.org, arv@chromium.org
LOG=N

R=mbrandy@us.ibm.com, svenpanne@chromium.org, danno@chromium.org, jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1018043008

Cr-Commit-Position: refs/heads/master@{#27390}
2015-03-24 09:27:29 +00:00
yangguo
992751d0dc Revert of [es6] Object.getPrototypeOf should work with values (patchset #3 id:40001 of https://codereview.chromium.org/1014813003/)
Reason for revert:
Layout test failures. Please update layout test expectations before landing this, in order to not block the roll.

Original issue's description:
> [es6] Object.getPrototypeOf should work with values
>
> The final spec for Object.getPrototypeOf calls ToObject on the
> parameter, which means that it should only throw for null and
> undefined. For other non object values the prototype of the wrapper
> should be used.
>
> BUG=v8:3964
> LOG=N
> R=adamk, rossberg@chromium.org
>
> Committed: https://crrev.com/ea463a916bbe5994b0d2d04e8075058b373b2e2c
> Cr-Commit-Position: refs/heads/master@{#27354}

TBR=adamk@chromium.org,rossberg@chromium.org,arv@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3964

Review URL: https://codereview.chromium.org/1033623002

Cr-Commit-Position: refs/heads/master@{#27389}
2015-03-24 09:19:26 +00:00
michael_dawson
cff4fb97dc PPC: Serializer: serialize internal references via object visitor.
Port 7c149afb6c

Original commit message:

R=mbrandy@us.ibm.com, svenpanne@chromium.org, danno@chromium.org, jkummerow@chromium.org

BUG=

Review URL: https://codereview.chromium.org/1029723002

Cr-Commit-Position: refs/heads/master@{#27388}
2015-03-24 09:16:54 +00:00
michael_dawson
0fe88cb04d PPC: Load from PropertyCells using PropertyCell::kValueOffset rather than Cell::kValueOffset
Port dda2bd6f4f

Original commit message:

R=mbrandy@us.ibm.com, svenpanne@chromium.org, danno@chromium.org, jkummerow@chromium.org

BUG=

Review URL: https://codereview.chromium.org/1028323002

Cr-Commit-Position: refs/heads/master@{#27387}
2015-03-24 09:15:52 +00:00
jochen
d19d0be8a0 Remove calls to IdleNotification()
All users should use IdleNotificationDeadline() instead

BUG=none
R=hpayer@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/1028163003

Cr-Commit-Position: refs/heads/master@{#27386}
2015-03-24 08:30:02 +00:00
chunyang.dai
5703794412 X87: Remove kind field from StackHandler.
port 15f8213809 (r27263)

original commit message:

 This relands commit 96f79568a9.

 This makes the Isolate::Throw logic not depend on a prediction of
 whether an exception is caught or uncaught. Such a prediction is
 inherently undecidable because a finally block can decide between
 consuming or re-throwing an exception depending on arbitray control
 flow.

 There still is a conservative prediction mechanism in place that
 components like the debugger or tracing can use for reporting.

 With this change we can get rid of the StackHandler::kind field, a
 pre-requisite to do table-based lookups of exception handlers.

BUG=

Review URL: https://codereview.chromium.org/1027413002

Cr-Commit-Position: refs/heads/master@{#27385}
2015-03-24 08:08:19 +00:00
yurys
aca7895353 Save heap object tracking data in heap snapshot
Every time embedder calls v8::HeapProfiler::GetHeapStats we store next unuassigned heap object id and timestamp of the request. This patch serializes all that data into heap snapshot so that embedder can restore allocation timeline.

BUG=chromium:467222
LOG=Y

Review URL: https://codereview.chromium.org/1019813004

Cr-Commit-Position: refs/heads/master@{#27384}
2015-03-24 05:50:04 +00:00
akos.palfi
fe0d860ba8 MIPS64: VectorICs: keyed element loads were kicking out non-smi keys unnecessarily
Port 6689cc27eb

Original commit message:
Handlers should be in charge of this work. The change uncovered a bug in
vector-ics related to keyed loads into strings. It's important for
StringCharCodeAtGenerator, a helper used in full code and in
LoadIndexedStringStub (a handler) to protect the vector and slot registers
when it makes a runtime call to convert a HeapNumber to a Smi.

It's still possible for the handler to MISS after this call, perhaps due
to out of bounds access. In that case, the vector and slot registers need
to be delivered safely to the MISS handler.

BUG=

Review URL: https://codereview.chromium.org/1025303005

Cr-Commit-Position: refs/heads/master@{#27383}
2015-03-23 22:45:17 +00:00
michael_dawson
8d4c7fea0d PPC: Disinherit PropertyCell from Cell
Port 8c0d289772

Original commit message:

R=mbrandy@us.ibm.com, svenpanne@chromium.org

BUG=

Review URL: https://codereview.chromium.org/1019843003

Cr-Commit-Position: refs/heads/master@{#27382}
2015-03-23 21:41:55 +00:00
michael_dawson
890c0eac21 PPC: Remove kind field from StackHandler.
Port 15f8213809

Original commit message:
This relands commit 96f79568a9.

This makes the Isolate::Throw logic not depend on a prediction of
whether an exception is caught or uncaught. Such a prediction is
inherently undecidable because a finally block can decide between
consuming or re-throwing an exception depending on arbitray control
flow.

There still is a conservative prediction mechanism in place that
components like the debugger or tracing can use for reporting.

With this change we can get rid of the StackHandler::kind field, a
pre-requisite to do table-based lookups of exception handlers.

R=mbrandy@us.ibm.com, yangguo@chromium.org, svenpanne@chromium.org

BUG=

Review URL: https://codereview.chromium.org/1016333002

Cr-Commit-Position: refs/heads/master@{#27381}
2015-03-23 21:32:56 +00:00
michael_dawson
c277e7efad PPC: Remove PropertyCell space
Port 16c8485a35

Original commit message:
Replaces StoreGlobalCell / LoadGlobalCell with NamedField variants that use write barriers.

R=mbrandy@us.ibm.com, svenpanne@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1018333003

Cr-Commit-Position: refs/heads/master@{#27380}
2015-03-23 21:31:43 +00:00
verwaest
1b16678f25 Properly handle non-JSFunction constructors in CanRetainOtherContext
BUG=

Review URL: https://codereview.chromium.org/1017263003

Cr-Commit-Position: refs/heads/master@{#27379}
2015-03-23 19:24:58 +00:00
mstarzinger
11fb202f96 Move CompilationInfo::this_has_uses to HGraph::this_has_uses.
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1029643002

Cr-Commit-Position: refs/heads/master@{#27378}
2015-03-23 19:11:29 +00:00
mvstanton
6689cc27eb VectorICs: keyed element loads were kicking out non-smi keys unnecessarily
Handlers should be in charge of this work. The change uncovered a bug in
vector-ics related to keyed loads into strings. It's important for
StringCharCodeAtGenerator, a helper used in full code and in
LoadIndexedStringStub (a handler) to protect the vector and slot registers
when it makes a runtime call to convert a HeapNumber to a Smi.

It's still possible for the handler to MISS after this call, perhaps due
to out of bounds access. In that case, the vector and slot registers need
to be delivered safely to the MISS handler.

BUG=

Review URL: https://codereview.chromium.org/1028093002

Cr-Commit-Position: refs/heads/master@{#27377}
2015-03-23 18:50:23 +00:00
mstarzinger
7421c7f598 Remove dangerous constructor from CompilationInfoWithZone.
This removes the stub-based constructor from CompilationInfoWithZone
as this class is more than a pure convenience class and only by chance
doesn't have an effect in the destructor.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1026513004

Cr-Commit-Position: refs/heads/master@{#27376}
2015-03-23 17:30:45 +00:00
ulan
f42e09aef2 Acquire a lock before checking for GC interrupt in JSON parser.
BUG=

Review URL: https://codereview.chromium.org/1025333002

Cr-Commit-Position: refs/heads/master@{#27375}
2015-03-23 17:16:14 +00:00
kozyatinskiy
b563ceac0f [V8] Removed SourceLocationRestrict
This method uses in messages.js in GetSourceLine and GetPositionInLine. This methods uses in v8::Message API methods and there is no documentation about it.
Method looks obsolete.
One of the strange side effect is shown by attached issue.

BUG=chromium:468781
R=yangguo@chromium.org
LOG=Y

Review URL: https://codereview.chromium.org/1022333004

Cr-Commit-Position: refs/heads/master@{#27374}
2015-03-23 16:33:19 +00:00
dcarney
0a835afb29 [turbofan] add non fixed slot constraint to register allocator
R=jarin@chromium.org

BUG=

Review URL: https://codereview.chromium.org/1018853003

Cr-Commit-Position: refs/heads/master@{#27373}
2015-03-23 16:03:21 +00:00
caitpotter88
24a9b8815e [es5] call ToString() on argument in String.prototype.concat() fast case
15.5.4.6 5.b requires each part to be converted using ToString(). This also needs to occur in the single argument fast-case.

BUG=v8:3981
R=arv@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1029103002

Cr-Commit-Position: refs/heads/master@{#27372}
2015-03-23 15:07:46 +00:00
titzer
0389c28ddf Move this_has_uses from ParseInfo back into CompilationInfo and renumber CompilationInfo flags.
R=svenpanne@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1028973002

Cr-Commit-Position: refs/heads/master@{#27369}
2015-03-23 14:48:23 +00:00
mstarzinger
d6085f277c Make compiler more acceptive wrt Isolate::use_crankshaft.
This allows using %OptimizeFunctionOnNextCall and friends even when
Crankshaft is disabled. Note that this should only affect code paths
that are not relevant to performance. By now we have a single bailout
point in place within OptimizedCompileJob::CreateGraph that ensures
Crankshaft is only used when enabled and supported.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/999173007

Cr-Commit-Position: refs/heads/master@{#27367}
2015-03-23 14:25:53 +00:00
titzer
d931700b81 [turbofan] Fix control reducer bug with walking non-control edges during ConnectNTL phase.
R=jarin@chromium.org
BUG=chromium:469605
LOG=Y

Review URL: https://codereview.chromium.org/1030623003

Cr-Commit-Position: refs/heads/master@{#27366}
2015-03-23 14:08:25 +00:00
michael_dawson
8977d6c973 PPC: Use platform specific stubs for vector-based Load/KeyedLoad.
Port 34a1a76ddf

Original commit message:
A hydrogen code stub is not the best approach because it builds a frame
and doesn't have the technology to discard roots at tail call exits.
Platform-specific stubs provide much better performance at this point.

R=verwaest@chromium.org, mbrandy@us.ibm.com

BUG=

Review URL: https://codereview.chromium.org/1019003002

Cr-Commit-Position: refs/heads/master@{#27365}
2015-03-23 13:25:22 +00:00
ulan
fdc1745e33 Respect old space allocation limit in PagedSpace::AllocateRaw.
BUG=v8:3976
LOG=NO

Review URL: https://codereview.chromium.org/1025643002

Cr-Commit-Position: refs/heads/master@{#27364}
2015-03-23 13:24:12 +00:00
aperez
9cbf6c7d7b Fix unintentional typo in Parser::ParseLazy() comments
BUG=
LOG=N
NOTRY=true

Review URL: https://codereview.chromium.org/1022413003

Cr-Commit-Position: refs/heads/master@{#27363}
2015-03-23 11:38:12 +00:00
ulan
c56fa73699 Reland "Fix memory leak caused by field type in descriptor array."
BUG=v8:3877
LOG=NO

Review URL: https://codereview.chromium.org/1018283002

Cr-Commit-Position: refs/heads/master@{#27362}
2015-03-23 11:20:50 +00:00
jacob.bramley
b9ef7d4267 [ARM64] [turbofan] Support Float64Min and Float64Max.
ARM64 support for Float64Min and Float64Max machine operators
(https://codereview.chromium.org/998283002/) using fmin and fmax.

BUG=

Review URL: https://codereview.chromium.org/1024093002

Cr-Commit-Position: refs/heads/master@{#27361}
2015-03-23 10:25:23 +00:00
chunyang.dai
f8c4c12728 X87: Simplify pending message object handling.
port d4696c4841 (r27150)

original commit message:

  This moves the decision whether to report a message or not to when
  the pending exception is propagated instead of trying to preserve the
  decision in a ThreadLocalTop field.

BUG=

Review URL: https://codereview.chromium.org/1028073002

Cr-Commit-Position: refs/heads/master@{#27360}
2015-03-23 10:21:19 +00:00
cdai2
01f1348614 X87: Simplify pending message script handling.
port f71e262683 (r27127)

original commit message:

  Simplify pending message script handling.

  This removes the separate tracking of the pending message script,
  because that script is already stored in the message object and
  duplicating it in the ThreadLocalTop makes it more brittle.

BUG=
R=weiliang.lin@intel.com

Review URL: https://codereview.chromium.org/1028993003

Cr-Commit-Position: refs/heads/master@{#27358}
2015-03-23 09:27:50 +00:00
chunyang.dai
c1cf472f8c X87: Remove frame pointer from StackHandler.
port 36e69a916f (r27115)

original commit message:

 This reduces the size of the StackHandler by yet another word. We no
 longer need to keep track of the frame pointer, as the stack walk will
 be able to recalculate it.

BUG=

Review URL: https://codereview.chromium.org/1030563002

Cr-Commit-Position: refs/heads/master@{#27357}
2015-03-23 09:23:15 +00:00
chunyang.dai
113037d9f3 X87: [es6] Throw TypeError for computed static prototype property name
port 8d946b9c3f (r27106).

original commit message:

  [es6] Throw TypeError for computed static prototype property name

  The prototype of a class constructor function is read only. When we set
  computed property names we were ignoring this and we were overriding the
  property.

  Since the prototype is the only possible own read only property on the
  constructor function object we special case this so we do not have to
  check this for every property in the class literal.

BUG=

Review URL: https://codereview.chromium.org/1028983002

Cr-Commit-Position: refs/heads/master@{#27356}
2015-03-23 08:50:28 +00:00
arv
2184431f4c Use TO_OBJECT_INLINE a bit more
We were using ToObject in a lot of places where the common case is that
we already have an object. By changing to TO_OBJECT_INLINE we don't
have to go through 5 different if statements before falling through.

We were also calling ToObject too many times in DefineObjectProperty
where we already know that obj is an object.

BUG=None
LOG=N

Review URL: https://codereview.chromium.org/1019413002

Cr-Commit-Position: refs/heads/master@{#27355}
2015-03-23 08:41:58 +00:00
arv
ea463a916b [es6] Object.getPrototypeOf should work with values
The final spec for Object.getPrototypeOf calls ToObject on the
parameter, which means that it should only throw for null and
undefined. For other non object values the prototype of the wrapper
should be used.

BUG=v8:3964
LOG=N
R=adamk, rossberg@chromium.org

Review URL: https://codereview.chromium.org/1014813003

Cr-Commit-Position: refs/heads/master@{#27354}
2015-03-23 08:40:47 +00:00
cdai2
289ee15307 X87: Remove code object from StackHandler.
port e0aa8ebf93 (r27103).

original commit message:

  This reduces the size of the StackHandler by one word. We no longer
  need to keep track of the code object, as the stack walk finds it.

BUG=
R=weiliang.lin@intel.com

Review URL: https://codereview.chromium.org/1022403002

Cr-Commit-Position: refs/heads/master@{#27353}
2015-03-23 08:27:16 +00:00
caitpotter88
fd51f615eb [es6] remove --harmony-templates flag
BUG=v8:3230
R=dslomov@chromium.org, arv@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1027593005

Cr-Commit-Position: refs/heads/master@{#27352}
2015-03-23 07:01:48 +00:00
balazs.kilvady
56d2ee0310 MIPS: Fix 'MIPS: Serializer: serialize internal references via object visitor.'
BUG=

Review URL: https://codereview.chromium.org/1025453003

Cr-Commit-Position: refs/heads/master@{#27351}
2015-03-23 07:00:22 +00:00
balazs.kilvady
a5750db65e MIPS: [es6] generate rest parameters correctly for subclass constructors
Port bef80fcfd7

BUG=v8:3977
LOG=N

Review URL: https://codereview.chromium.org/1028703002

Cr-Commit-Position: refs/heads/master@{#27349}
2015-03-23 06:58:09 +00:00
johan
a87e1dc343 MAP_NORESERVE was never implemented in FreeBSD as has been retired
as of https://reviews.freebsd.org/D848. This makes V8 build on
FreeBSD-current (and the forthcoming 11).

BUG=none
LOG=n

Review URL: https://codereview.chromium.org/1025823003

Cr-Commit-Position: refs/heads/master@{#27348}
2015-03-23 06:57:05 +00:00
akos.palfi
4f53c5b7f6 MIPS: Fix 'MIPS: [es6] implement Reflect.apply() & Reflect.construct()'
Port d21fd15467

TEST=mjsunit/harmony/reflect-construct
BUG=

Review URL: https://codereview.chromium.org/1022053002

Cr-Commit-Position: refs/heads/master@{#27347}
2015-03-20 17:07:37 +00:00
Toon Verwaest
0f573464e6 Ensure we don't overflow in BCE
BUG=chromium:469148
LOG=y
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/1023123003

Cr-Commit-Position: refs/heads/master@{#27346}
2015-03-20 16:43:05 +00:00
ishell
371ae8c7ad Revert of Allow compaction when incremental marking is on. (patchset #1 id:1 of https://codereview.chromium.org/1014263002/)
Reason for revert:
It seems to cause crbug/469146.

Original issue's description:
> Allow compaction when incremental marking is on.
>
> BUG=chromium:450824
> LOG=NO
>
> Committed: https://crrev.com/92f96e4e9a527fcb085b68f81ee14b26acdd4719
> Cr-Commit-Position: refs/heads/master@{#27267}

TBR=hpayer@chromium.org,ulan@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:450824

Review URL: https://codereview.chromium.org/1026813002

Cr-Commit-Position: refs/heads/master@{#27345}
2015-03-20 16:07:15 +00:00
caitpotter88
bef80fcfd7 [es6] generate rest parameters correctly for subclass constructors
BUG=v8:3977
R=dslomov@chromium.org, arv@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1018043003

Cr-Commit-Position: refs/heads/master@{#27344}
2015-03-20 14:07:16 +00:00
balazs.kilvady
86a6b6ff91 MIPS: [turbofan] Turn Math.clz32 into an inlinable builtin.
Port 3aa206b865

BUG=v8:3952
LOG=n

Review URL: https://codereview.chromium.org/1020223002

Cr-Commit-Position: refs/heads/master@{#27343}
2015-03-20 14:05:36 +00:00
chunyang.dai
f395ccd6db X87: [turbofan] Implement throwing exceptions into TurboFan code.
port 1382879f29 (r27016).

oringinal commit message:

    [turbofan] Implement throwing exceptions into TurboFan code.

    This extends the stack unwinding logic to respect optimized frames
    and perform a lookup in the handler table to find handlers. It also
    contains fixes to the API call stubs to allow a stack walk while
    promoting scheduled exceptions.

BUG=

Review URL: https://codereview.chromium.org/1023943002

Cr-Commit-Position: refs/heads/master@{#27342}
2015-03-20 13:45:08 +00:00
bmeurer
ff89876bb9 [turbofan] Fix lowering of Math.max for integral inputs.
R=jarin@chromium.org
BUG=chromium:468162
LOG=y

Review URL: https://codereview.chromium.org/1027753002

Cr-Commit-Position: refs/heads/master@{#27341}
2015-03-20 12:05:19 +00:00
yangguo
2a440ef46a Serializer: cache hashmaps on the isolate.
This speeds up multiple uses of the serializer quite a bit.

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/1003363003

Cr-Commit-Position: refs/heads/master@{#27340}
2015-03-20 11:17:20 +00:00
rossberg
490378ba15 [strong] Less pleading error messages
R=dslomov@chromium.org
BUG=v8:3956
LOG=N

Review URL: https://codereview.chromium.org/1021213002

Cr-Commit-Position: refs/heads/master@{#27338}
2015-03-20 10:50:24 +00:00
dslomov
af04fdfec8 Remove harmony-strings flag.
String functions are shipping since 4.1/Chrome M41, it is time to unflag.

R=yanngguo@chromium.org,rossberg@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1024813002

Cr-Commit-Position: refs/heads/master@{#27337}
2015-03-20 10:43:38 +00:00
bmeurer
3072ac5349 [turbofan] More inlinable Math builtins.
Turn Math.acos, Math.asin, Math.atan, Math.atan2, Math.sign and Math.trunc
into inlinable builtins.

R=yangguo@chromium.org
BUG=v8:3952
LOG=n

Review URL: https://codereview.chromium.org/1027713002

Cr-Commit-Position: refs/heads/master@{#27336}
2015-03-20 10:23:47 +00:00
jochen
877c99f781 Don't DCHECK that the weak closure wasn't yet overapproximated
Maybe it was overapproximated via the idle notification already, so just
don't retry in that case

BUG=chromium:469023
R=hpayer@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1025603003

Cr-Commit-Position: refs/heads/master@{#27335}
2015-03-20 10:17:37 +00:00
ulan
16ff37db4a Check for GC interrupt in JSON parser.
BUG=v8:3974
LOG=NO

Review URL: https://codereview.chromium.org/1021523002

Cr-Commit-Position: refs/heads/master@{#27334}
2015-03-20 09:52:25 +00:00
bmeurer
d5893cad6b [turbofan] Work-around untagged result of CompareIC in pointer maps.
BUG=chromium:469089
LOG=n
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1026683002

Cr-Commit-Position: refs/heads/master@{#27333}
2015-03-20 09:45:12 +00:00
chunyang.dai
386dee8552 X87: Fix exception for assignment to uninitialised const.
port 2ecdf736cf (r27014).

original commit message:

  Fix exception for assignment to uninitialised const.

BUG=

Review URL: https://codereview.chromium.org/1028533002

Cr-Commit-Position: refs/heads/master@{#27332}
2015-03-20 09:35:49 +00:00
jarin
adb8867337 [turbofan] Add explicit set for nodes with weakened types.
To ensure termination, we need to be sure that once we start weakening
a node, we keep weakening that node in subsequent re-typings. Until now,
we were guessing that we previously weakened from the type. This
change introduces a set of nodes that have already be weakened, so
that we have a reliable way to detect previous weakening.

BUG=chromium:468799
LOG=n
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1019883002

Cr-Commit-Position: refs/heads/master@{#27331}
2015-03-20 09:12:59 +00:00
Benedikt Meurer
b99f17a26f [turbofan] Improve typing for string::length property.
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/1028563002

Cr-Commit-Position: refs/heads/master@{#27330}
2015-03-20 08:40:45 +00:00
Benedikt Meurer
3aa206b865 [turbofan] Turn Math.clz32 into an inlinable builtin.
R=dcarney@chromium.org, yangguo@chromium.org
BUG=v8:3952
LOG=n

Review URL: https://codereview.chromium.org/1021183002

Cr-Commit-Position: refs/heads/master@{#27329}
2015-03-20 08:37:34 +00:00
akos.palfi
05fcaa37cc MIPS: [es6] implement Reflect.apply() & Reflect.construct()
Port d21fd15467

Known issue: the mjsunit/harmony/reflect-construct test fails, it will be addressed in a follow-up CL.

BUG=

Review URL: https://codereview.chromium.org/1021863002

Cr-Commit-Position: refs/heads/master@{#27326}
2015-03-20 00:34:45 +00:00
aperez
3c3ce1bca8 Parser: Fix crash on stack overflow when lazy-parsing arrow functions
The problem manifests itself when parsing manages to return something
meaningful in the presence of a stack overflow. This happens because
calling ParserBase::Next() will still return one valid token on stack
overflow, before starting to return invalid tokens.

Take the following input as example:

        a.map(v => v + 1);
              | |
       already   next token
        parsed   (which will be an invalid token
  (identifier)   because of a stack overflow)

The "v" may have been already parsed into a VariableProxy, then if a
stack overflow occurs, next token will be an invalid token (instead
of Token::ARROW), but the parser will return the VariableProxy.

This always happens when lazy-parsing arrow functions, so the position
in the input stream where the the arrow function code ends is known.
This fix adds a check that ensures that parsing ended at the end
position of the arrow function.

BUG=465671
LOG=N

Review URL: https://codereview.chromium.org/1023483003

Cr-Commit-Position: refs/heads/master@{#27325}
2015-03-20 00:17:50 +00:00
verwaest
bac0853dfb Cannot use Handle<T>::cast in Unique<T>::cast since it will try to do a T::cast (and its typecheck) concurrently, which is unsafe concurrently on moving values
BUG=

Review URL: https://codereview.chromium.org/1022943002

Cr-Commit-Position: refs/heads/master@{#27324}
2015-03-19 23:54:15 +00:00
hpayer
cbfcee5575 Revert "Merge old data and pointer space."
TBR=verwaest@chromium.org,ulan@chromium.org,ishell@chromium.org
NOTRY=true

Review URL: https://codereview.chromium.org/1027463002

Cr-Commit-Position: refs/heads/master@{#27323}
2015-03-19 22:03:32 +00:00
ulan
3a79259c0d [turbofan] Emit constant pool before blocking it in AssembleArchTableSwitch.
BUG=chromium:468749
LOG=NO
TEST=Emscripten/NBodyJava

Review URL: https://codereview.chromium.org/1014093005

Cr-Commit-Position: refs/heads/master@{#27322}
2015-03-19 19:42:23 +00:00
hpayer
597992522d Rename kMaxFrameRenderingIdleTime to kMaxActiveIdleTime and adjust it to the currently maximum value of 50ms passed in by the Blink scheduler.
BUG=468692
LOG=n

Review URL: https://codereview.chromium.org/1024543002

Cr-Commit-Position: refs/heads/master@{#27321}
2015-03-19 19:41:19 +00:00
rossberg
74cf8e0122 [strong] Check constructor returns
R=dslomov@chromium.org
BUG=v8:3956
LOG=N

Review URL: https://codereview.chromium.org/1019283002

Cr-Commit-Position: refs/heads/master@{#27320}
2015-03-19 19:40:04 +00:00
titzer
cd33978480 [turbofan] Remove last_use_ field from Node.
R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1022783002

Cr-Commit-Position: refs/heads/master@{#27319}
2015-03-19 15:44:35 +00:00
jochen
843634994f Use libdl to get symbols for backtraces
With this patch, it'll look like this:

$ out/x64.optdebug/d8 --expose-trigger-failure test/mjsunit/mjsunit.js test/mjsunit/verify-assert-false.js

==== C stack trace ===============================

 1: V8_Fatal
 2: v8::internal::FunctionCallbackArguments::Call(void (*)(v8::FunctionCallbackInfo<v8::Value> const&))
 3: 0x727ced
 4: 0x72b6ba
 5: 0x188c7f607f9b

BUG=none
R=svenpanne@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/1018313003

Cr-Commit-Position: refs/heads/master@{#27318}
2015-03-19 15:43:35 +00:00
hpayer
22d62cea4d Remove early bail-out in VisitWeakList to investigate chrasher.
BUG=468601
LOG=n

Review URL: https://codereview.chromium.org/1016353002

Cr-Commit-Position: refs/heads/master@{#27317}
2015-03-19 15:04:54 +00:00
caitpotter88
d21fd15467 [es6] implement Reflect.apply() & Reflect.construct()
BUG=v8:3900
LOG=N
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/913073003

Cr-Commit-Position: refs/heads/master@{#27316}
2015-03-19 14:47:27 +00:00
weiliang.lin
1ecc161cc8 [x86] Atom check includes AMT
BUG=

Review URL: https://codereview.chromium.org/998883002

Cr-Commit-Position: refs/heads/master@{#27315}
2015-03-19 14:32:55 +00:00
ulan
9b77e8677b Add debug checks to catch crashes with WeakCell::cast().
BUG=

Review URL: https://codereview.chromium.org/1009603003

Cr-Commit-Position: refs/heads/master@{#27314}
2015-03-19 14:22:36 +00:00
yangguo
7ccdbcf40c Serializer: another small reorder of root objects.
I was mistaken, cons strings only occur a lot for custom heap snapshots,
not for the default start-up snapshot.

R=erik.corry@gmail.com, mvstanton@chromium.org

Review URL: https://codereview.chromium.org/1023673003

Cr-Commit-Position: refs/heads/master@{#27312}
2015-03-19 14:07:50 +00:00
rodolph.perfetta
a7cdc10f15 [arm64] serialize internal references via object visitor
BUG=

Review URL: https://codereview.chromium.org/1020863003

Cr-Commit-Position: refs/heads/master@{#27311}
2015-03-19 14:01:52 +00:00
jarin
b7dc9c580a [turbofan] Remember types for deoptimization during simplified lowering.
With this change, we remember the types of frame state inputs (in a new
operator, called TypedStateValues). Instead of inferring the value types
when building translations, we used the recorded types.

The original approach was not reliable because the passes after
simplified lowering can change node types, and this in turn confuses
the translation builder.

BUG=chromium:468727
LOG=n
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1015423002

Cr-Commit-Position: refs/heads/master@{#27310}
2015-03-19 14:00:33 +00:00
yangguo
87af601824 Add debug checks to catch PropertyCell::cast failures.
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/1025433002

Cr-Commit-Position: refs/heads/master@{#27309}
2015-03-19 13:59:17 +00:00
bmeurer
fb966fd666 [turbofan] Use proper parameter representation for stub calls.
The CallInterfaceDescriptor already provides information about the
expected representation of parameters, so we can use that instead of
hardcoding tagged representation for all parameters.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1019293002

Cr-Commit-Position: refs/heads/master@{#27308}
2015-03-19 13:58:19 +00:00
dusan.milosavljevic
b37c0890d4 MIPS: Tweak constants to be in favor of table switch.
In prevous set-up table switch is rarely generated.

TEST=cctest/test-serialize/SerializeInternalReference
BUG=

Review URL: https://codereview.chromium.org/1019463003

Cr-Commit-Position: refs/heads/master@{#27307}
2015-03-19 13:57:10 +00:00
mstarzinger
0819ed9f33 Revert of Cleanup and unify Isolate::ReportPendingMessages. (patchset #4 id:60001 of https://codereview.chromium.org/999923004/)
Reason for revert:
Failing Blink tests on Win and Mac:
- plugins/netscape-plugin-property-access-exception.html
- http/tests/plugins/cross-frame-object-access.html

Original issue's description:
> Cleanup and unify Isolate::ReportPendingMessages.
>
> Note that this is a pure cleanup CL and shouldn't have an observable
> impact on the functional behavior of message reporting.
>
> R=yangguo@chromium.org

TBR=yangguo@chromium.org,machenbach@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1016323002

Cr-Commit-Position: refs/heads/master@{#27306}
2015-03-19 13:22:51 +00:00
bmeurer
e18e3cd4d8 [stubs] Add missing interface descriptor for the CompareIC.
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1006173003

Cr-Commit-Position: refs/heads/master@{#27305}
2015-03-19 13:09:37 +00:00
titzer
de2a225a82 [turbofan] Fix GVN of projections and add verification for projection uniqueness.
R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1020873002

Cr-Commit-Position: refs/heads/master@{#27304}
2015-03-19 13:04:06 +00:00
jacob.bramley
3fdfe613f8 [ARM64] [turbofan] Support uxtb/uxth for add/sub.
Add support for appending extend modes uxtb or uxth to add and subtract
instructions, and using them in the instruction selector.

BUG=

Review URL: https://codereview.chromium.org/1021533002

Cr-Commit-Position: refs/heads/master@{#27303}
2015-03-19 12:44:23 +00:00
svenpanne
e396f538d0 Some CompilationInfo-related cleanup.
Use a delegating constructor for CompilationInfo, reducing duplicated
code. Simplified handling of InlinedFunctionInfos on the way: When we
start compiling, we have bigger things to worry about than a default
vector.

Reduced the usage of a SharedFunctionInfo for compiling, this is a
slighty strange concept.

Review URL: https://codereview.chromium.org/1018853004

Cr-Commit-Position: refs/heads/master@{#27299}
2015-03-19 12:40:00 +00:00
Benedikt Meurer
a9da8a333a [turbofan] Turn weaken min/max limits for typer into constants.
The weaken limits are constants, there's no point in having a separate
copy of those constants per typer that is initialized per Typer
instance.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1008923004

Cr-Commit-Position: refs/heads/master@{#27297}
2015-03-19 11:45:59 +00:00
rodolph.perfetta
abf78583b9 [arm64] Assembler support for internal references.
BUG=

Review URL: https://codereview.chromium.org/1016073002

Cr-Commit-Position: refs/heads/master@{#27296}
2015-03-19 10:24:54 +00:00
Benedikt Meurer
a75e4cea8f [turbofan] Remove indirection in JSToBoolean/JSUnaryNot lowering.
This reduces the overhead of typed lowering, because we lower
JSToBoolean/JSUnaryNot directly if possible, instead of first lowering
to AnyToBoolean, and then letting the SimplifiedOperatorReducer do the
further lowering.

Also remove some obsolete tests from the cctest suite that have since
been removed by proper unittests. And improve unitttest coverage for the
typed lowering cases.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/999173003

Cr-Commit-Position: refs/heads/master@{#27295}
2015-03-19 10:13:12 +00:00
yangguo
4ddeac6cd7 Serializer: reorder root list items.
The first 32 root list items can be encoded very efficiently.
By reordering, we can better encode some often referenced root objects.

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/1019243002

Cr-Commit-Position: refs/heads/master@{#27293}
2015-03-19 09:33:59 +00:00
yangguo
f4fabd59a3 Serializer: clean up opcodes.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/1018263002

Cr-Commit-Position: refs/heads/master@{#27292}
2015-03-19 09:26:49 +00:00
yurys
c622cb637a Introduce explicit constant for per Context debug data set by embedder
It's value is hardwired in gin[1] and is referenced in Blink[2]. Since it is treated specially by v8 debugger it should be defined in v8 API and referenced in gin and blink..

[1] https://src.chromium.org/viewvc/chrome/trunk/src/gin/public/context_holder.h?r1=239099&r2=239098&pathrev=239099
[2] https://code.google.com/p/chromium/codesearch#chromium/src/third_party/WebKit/Source/bindings/core/v8/V8PerContextData.cpp&q=kDebugIdIndex%20f:V8PerContextData&sq=package:chromium&type=cs

BUG=chromium:466631
LOG=Y

Review URL: https://codereview.chromium.org/1020453002

Cr-Commit-Position: refs/heads/master@{#27290}
2015-03-19 08:18:44 +00:00
mvstanton
35c3d47e88 Vector ICs: Clear the vector ic slots appropriately during debugging.
When the debugger is active, a host of connected functions get an associated
DebugInfo structure, and their code is copied. The debugger uses the original
code to occasionally patch ICs with their initial value. Although IC learning
can occur, it's thrown away often, depending on the constellation of
breakpoints active or deactivating. Finally, feedback is discarded when the
debugger is turned off.

The type feedback vector needs to be brought into line with this behavior, so
now the debugger clears it's IC slots at appropriate bottlenecks in debug.cc.

R=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1014373002

Cr-Commit-Position: refs/heads/master@{#27289}
2015-03-19 08:04:06 +00:00
bmeurer
ed082f2adc [turbofan] Eliminatable JS/call nodes should not have a control input.
The control input is only relevant for operations that may "write" (to
prevent hoisting) or "throw" (because they are part of the control chain).

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1015353004

Cr-Commit-Position: refs/heads/master@{#27288}
2015-03-19 07:47:55 +00:00
yangguo
3f10f409c8 Revert of Reland of "Fix memory leak caused by field type in descriptor array."
TBR=ulan@chromium.org
BUG=v8:3969
LOG=N

Review URL: https://codereview.chromium.org/1020843002

Cr-Commit-Position: refs/heads/master@{#27286}
2015-03-19 07:43:37 +00:00
jarin
0cde253c9e [turbofan] Support lazy deopt for truncating store to a typed array.
The change introduces a second frame state (for the state before
the operation) for the StoreProperty nodes. If the store writes
into a typed array, the frame state is used for lazy deopt from
the to-number conversion that is performed by the store.

BUG=v8:3963
LOG=n
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/997983004

Cr-Commit-Position: refs/heads/master@{#27285}
2015-03-19 05:46:30 +00:00
balazs.kilvady
bd885aa0f9 MIPS: Serializer: serialize internal references via object visitor.
Port 7c149afb6c

BUG=

Review URL: https://codereview.chromium.org/1019083002

Cr-Commit-Position: refs/heads/master@{#27283}
2015-03-18 21:41:36 +00:00
paul.lind
f5f7a39100 MIPS: Load from PropertyCells using PropertyCell::kValueOffset rather than Cell::kValueOffset
Port dda2bd6f4f

BUG=

Review URL: https://codereview.chromium.org/1015613003

Cr-Commit-Position: refs/heads/master@{#27282}
2015-03-18 21:40:28 +00:00
balazs.kilvady
4ba84f0b7c MIPS: Disinherit PropertyCell from Cell.
Port 8c0d289772

BUG=

Review URL: https://codereview.chromium.org/1017103003

Cr-Commit-Position: refs/heads/master@{#27281}
2015-03-18 21:39:28 +00:00
verwaest
dda2bd6f4f Load from PropertyCells using PropertyCell::kValueOffset rather than Cell::kValueOffset
BUG=

Review URL: https://codereview.chromium.org/1019563002

Cr-Commit-Position: refs/heads/master@{#27280}
2015-03-18 19:53:58 +00:00
svenpanne
736fa1d21e Add IBM people to PPC owners.
Review URL: https://codereview.chromium.org/1014063002

Cr-Commit-Position: refs/heads/master@{#27278}
2015-03-18 16:12:14 +00:00
balazs.kilvady
6142c7f872 MIPS: Remove PropertyCell space.
Port 16c8485a35

Original commit message:
Replaces StoreGlobalCell / LoadGlobalCell with NamedField variants that use write barriers.

BUG=

Review URL: https://codereview.chromium.org/1014293002

Cr-Commit-Position: refs/heads/master@{#27277}
2015-03-18 16:05:34 +00:00
mstarzinger
a8865b3bb1 Cleanup and unify Isolate::ReportPendingMessages.
Note that this is a pure cleanup CL and shouldn't have an observable
impact on the functional behavior of message reporting.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/999923004

Cr-Commit-Position: refs/heads/master@{#27276}
2015-03-18 15:59:50 +00:00
yangguo
7c149afb6c Serializer: serialize internal references via object visitor.
Review URL: https://codereview.chromium.org/1005183006

Cr-Commit-Position: refs/heads/master@{#27275}
2015-03-18 13:38:45 +00:00
verwaest
8c0d289772 Disinherit PropertyCell from Cell
BUG=

Review URL: https://codereview.chromium.org/1015983003

Cr-Commit-Position: refs/heads/master@{#27274}
2015-03-18 12:54:17 +00:00
balazs.kilvady
fb5dc79983 MIPS: Remove kind field from StackHandler.
Port 15f8213809

Original commit message:
This relands commit 96f79568a9.

This makes the Isolate::Throw logic not depend on a prediction of
whether an exception is caught or uncaught. Such a prediction is
inherently undecidable because a finally block can decide between
consuming or re-throwing an exception depending on arbitray control
flow.

There still is a conservative prediction mechanism in place that
components like the debugger or tracing can use for reporting.

With this change we can get rid of the StackHandler::kind field, a
pre-requisite to do table-based lookups of exception handlers.

BUG=

Review URL: https://codereview.chromium.org/1015993002

Cr-Commit-Position: refs/heads/master@{#27273}
2015-03-18 12:53:05 +00:00
rossberg
7875a89122 Adjust key behaviour for weak collections
R=dslomov@chromium.org
BUG=460083,v8:3970,v8:3971
LOG=Y

Review URL: https://codereview.chromium.org/1018923002

Cr-Commit-Position: refs/heads/master@{#27272}
2015-03-18 12:51:58 +00:00
dcarney
0880d4da26 add interceptors which do not mask existing properties
R=verwaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/962613002

Cr-Commit-Position: refs/heads/master@{#27271}
2015-03-18 12:50:48 +00:00
dcarney
7f38011a04 convert last api functions which try to handle exceptions to maybes
BUG=v8:3929
LOG=n

Review URL: https://codereview.chromium.org/1015083002

Cr-Commit-Position: refs/heads/master@{#27270}
2015-03-18 12:50:28 +00:00
verwaest
16c8485a35 Remove PropertyCell space
Replaces StoreGlobalCell / LoadGlobalCell with NamedField variants that use write barriers.
BUG=

Review URL: https://codereview.chromium.org/1016803002

Cr-Commit-Position: refs/heads/master@{#27269}
2015-03-18 11:43:58 +00:00
svenpanne
9118b2fa87 Tweak the TurboFan pipeline for stub compilation.
Review URL: https://codereview.chromium.org/1010673004

Cr-Commit-Position: refs/heads/master@{#27268}
2015-03-18 11:42:44 +00:00
ulan
92f96e4e9a Allow compaction when incremental marking is on.
BUG=chromium:450824
LOG=NO

Review URL: https://codereview.chromium.org/1014263002

Cr-Commit-Position: refs/heads/master@{#27267}
2015-03-18 11:41:33 +00:00
bmeurer
9312024a8d [turbofan] Don't run value numbering with typed lowering.
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1019443002

Cr-Commit-Position: refs/heads/master@{#27266}
2015-03-18 10:43:26 +00:00
jochen
4764b133e3 Turn on overapproximation of the weak closure
BUG=v8:3862
R=hpayer@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/1013133002

Cr-Commit-Position: refs/heads/master@{#27265}
2015-03-18 10:37:01 +00:00
loislo
9f91fde045 CodeCleanup: eliminate unnecessary base class and make the children unvirtual.
I found some strange split in deopt entry points generator.
The code for table entry generator had two classes.
It is safe to join these classes together and drop virtual.

BUG=
LOG=n

Review URL: https://codereview.chromium.org/1010413003

Cr-Commit-Position: refs/heads/master@{#27264}
2015-03-18 10:34:18 +00:00
mstarzinger
15f8213809 Remove kind field from StackHandler.
This relands commit 96f79568a9.

This makes the Isolate::Throw logic not depend on a prediction of
whether an exception is caught or uncaught. Such a prediction is
inherently undecidable because a finally block can decide between
consuming or re-throwing an exception depending on arbitray control
flow.

There still is a conservative prediction mechanism in place that
components like the debugger or tracing can use for reporting.

With this change we can get rid of the StackHandler::kind field, a
pre-requisite to do table-based lookups of exception handlers.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/997213003

Cr-Commit-Position: refs/heads/master@{#27263}
2015-03-18 10:19:16 +00:00
vegorov
0e024449b8 Make counter and histogram related callbacks part of the Isolate::CreateParams.
Some native counters (e.g. KeyedLoadGenericSlow) are referenced from stubs that are generated very early in the Isolate lifecycle before v8::Isolate::New returns. Thus counter lookup callback also needs to be installed early prior to v8::internal::Isolate::Init call. Otherwise assembler will just assume that the counter is not enabled and produce no code from IncrementCounter - because address of the counter is not yet available.

Histogram related callbacks are moved for consistency to make them able to collect samples which occur at isolate initialization time.

BUG=

Review URL: https://codereview.chromium.org/1010233002

Cr-Commit-Position: refs/heads/master@{#27262}
2015-03-18 10:15:04 +00:00
jochen
fe3544b370 Make tests pass with weak closure overapproximation enabled
BUG=v8:3862
R=hpayer@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1014873002

Cr-Commit-Position: refs/heads/master@{#27261}
2015-03-18 10:01:36 +00:00
bmeurer
e093b6d34a [turbofan] Cache more common operators.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/1015053002

Cr-Commit-Position: refs/heads/master@{#27260}
2015-03-18 09:46:11 +00:00
hpayer
257ff48931 Merge old data and pointer space.
BUG=

Review URL: https://codereview.chromium.org/1012023002

Cr-Commit-Position: refs/heads/master@{#27259}
2015-03-18 09:39:03 +00:00
loislo
7fef610d72 CpuProfiler: log pc offset for deopts.
This is the fifth part of https://codereview.chromium.org/1012633002
In this part we collect the offsets of deopt calls and save it into
an inlined function info.

On the Next:
Later when deopt happens we will get the offset of deopt call and
search it among inlined infos.

BUG=chromium:452067
LOG=n

Review URL: https://codereview.chromium.org/1011113004

Cr-Commit-Position: refs/heads/master@{#27258}
2015-03-18 09:30:36 +00:00
jarin
46d6ffeddd [Turbofan] Only weaken types for Phi nodes.
We also need to fix the weakening to weaken unions with ranges in them.

BUG=

Review URL: https://codereview.chromium.org/1011103003

Cr-Commit-Position: refs/heads/master@{#27257}
2015-03-18 09:25:55 +00:00
bmeurer
1f6c284a6c [turbofan] Cache Call operator for AllocateHeapNumberStub in change lowering.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/1015953002

Cr-Commit-Position: refs/heads/master@{#27256}
2015-03-18 08:45:52 +00:00
michael_dawson
8685219066 PPC: Changes to allow AIX to compile with gcc 4.8.3
We were able to remove most of our changes needed to compile
on AIX with an earlier compiler level.  These changes are the
remaining ones.

The changes in heap/heap.cc are needed because otherwise the
compiler complains that result is potentially used before
it is initialized.

The changes in heap/mark-compact.cc are required because
AIX supports the full 64 bit address range so the check
being guarded is invalid.

The changes in build/toolchain.gypi and
test/cctest/cctest/gyp are aix only and are adjust the
compile/link options to allow the AIX build to succeed.

	modified:   build/toolchain.gypi
	modified:   src/heap/heap.cc
	modified:   src/heap/mark-compact.cc
	modified:   test/cctest/cctest.gyp

R=danno@chromium.org, svenpanne@chromium.org

BUG=

Review URL: https://codereview.chromium.org/1013833002

Cr-Commit-Position: refs/heads/master@{#27255}
2015-03-18 08:43:28 +00:00
loislo
cc3337c1c2 CpuProfiler: x64. put right address to the stack, so the callee would be able to resolve it into the right deopt_info.
'from' is using for Code object lookup and will be used for
inline_id lookup. see https://codereview.chromium.org/1012633002
So we should be able to map it.

BUG=chromium:452067
LOG=n

Review URL: https://codereview.chromium.org/1012743002

Cr-Commit-Position: refs/heads/master@{#27253}
2015-03-18 08:31:34 +00:00
loislo
bcf51d25aa CpuProfiler: ia32. put right address to the stack, so the callee would be able to resolve it into the right deopt_info.
'from' is using for Code object lookup and will be used for
inline_id lookup. see https://codereview.chromium.org/1012633002
So we should be able to map it.

BUG=chromium:452067
LOG=n

Review URL: https://codereview.chromium.org/1014783002

Cr-Commit-Position: refs/heads/master@{#27252}
2015-03-18 08:09:46 +00:00
loislo
549d5dde6a CpuProfiler: x87. put right address to the stack, so the callee would be able to resolve it into the right deopt_info.
'from' is using for Code object lookup and will be used for
inline_id lookup. see https://codereview.chromium.org/1012633002
So we should be able to map it.

BUG=chromium:452067
LOG=n

Review URL: https://codereview.chromium.org/1013243002

Cr-Commit-Position: refs/heads/master@{#27251}
2015-03-18 08:08:38 +00:00
bmeurer
45434d575e [turbofan] Improve ChangeLowering.
- Use representation information provided by the type system to skip SMI
  checks.
- Fix combining of ChangeTaggedToFloat64 with JSToNumber now that JS
  operators can produce control.
- Remove the unnecessary abstraction of smi/field offsets.
- Improve unit test coverage.
- Various cosmetic fixes.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/1018873002

Cr-Commit-Position: refs/heads/master@{#27250}
2015-03-18 07:27:44 +00:00
titzer
c6004a3211 [turbofan] Clean up TRACE macros and use variadic macros.
R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1014853002

Cr-Commit-Position: refs/heads/master@{#27248}
2015-03-17 18:51:19 +00:00
loislo
33514ec25d CpuProfiler: collect deopt pc offset for further usage in the inlined functions stack resolver.
this is a fourth part of https://codereview.chromium.org/1012633002

In another patch I'll collect the inlining tree in cpu-profiler CodeEntry
Each leaf for an inlined function will have a list of deopts and their pc offsets.
So when deopt happens I'll be able to map the deopt pc_offset into
inlined function id and point the web developer to the exact place
where deopt has happened even if it was in the inlined function.

BUG=chromium:452067
LOG=n

Review URL: https://codereview.chromium.org/1013753007

Cr-Commit-Position: refs/heads/master@{#27247}
2015-03-17 18:50:10 +00:00
titzer
434d1ad014 [turbofan] Fix bug in OSR deconstruction.
In constructing the transfer between loop copies, we need to merge the backedges from all the previous copies of the given loop. The control reduction will work out which ones are really reachable.

R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1004993004

Cr-Commit-Position: refs/heads/master@{#27246}
2015-03-17 17:55:29 +00:00
dusan.milosavljevic
d5986f7f00 MIPS64: Fix bugs in branches for unsigned conditions.
TEST=cctest/test-branch-combine
BUG=

Review URL: https://codereview.chromium.org/1017733002

Cr-Commit-Position: refs/heads/master@{#27245}
2015-03-17 17:05:17 +00:00
paul.lind
cd9b6ec224 MIPS: Support INTERNAL_REFERENCE_ENCODED in serializer.
Add mips support for the changes in https://codereview.chromium.org/1000373003. On mips, these support the long-branch mechanism.

TEST=test-serialize/SerializeToplevelLargeCodeObject
BUG=

Review URL: https://codereview.chromium.org/1014763003

Cr-Commit-Position: refs/heads/master@{#27244}
2015-03-17 17:00:23 +00:00
mstarzinger
86b391ecad Delegate throwing in RegExpExecStub to CEntryStub.
This ensures that there is only one stub that deals with unwinding the
stack. Having more than one place containing that logic is brittle and
error prone, especially when it is a corner case only for RangeErrors.

R=titzer@chromium.org
TEST=mjsunit/regress/regress-crbug-467047
BUG=chromium:467047
LOG=N

Review URL: https://codereview.chromium.org/1012103002

Cr-Commit-Position: refs/heads/master@{#27243}
2015-03-17 15:49:40 +00:00
mvstanton
7478c5a0cc Feedback vector: ASAN found memory leaks during AST Numbering pass.
The cause was dynamic allocation of an accounting structure used to
create/initialize the type feedback vector, done at the end of the
numbering pass. The solution is to Zone-allocate the structure to
bring it's lifetime in line with the compilation unit.

BUG=

Review URL: https://codereview.chromium.org/1014793003

Cr-Commit-Position: refs/heads/master@{#27241}
2015-03-17 15:16:36 +00:00
mstarzinger
7f7cff33f3 [turbofan] Follow-up to evaluation order in AstGraphBuilder.
The evaluation order of receiver versus arguments is not properly
defined by C++. This caused issues with Clang where the environment
changed after the receiveing environment was already loaded.

R=jarin@chromium.org
BUG=chromium:467531
LOG=N

Review URL: https://codereview.chromium.org/1011123002

Cr-Commit-Position: refs/heads/master@{#27240}
2015-03-17 14:08:17 +00:00
dcarney
d3fb7bf809 correctly invalidate global cells
additionally, remove unnecessary deopts when transitioning to global accessor properties from data properties

R=verwaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/996133002

Cr-Commit-Position: refs/heads/master@{#27239}
2015-03-17 13:27:41 +00:00
mstarzinger
7e8a62e34a [turbofan] Fix C++ evaluation order in AstGraphBuilder.
The evaluation order of receiver versus arguments is not properly
defined by C++. This caused issues with Clang where the environment
changed after the receiveing environment was already loaded.

R=jarin@chromium.org
BUG=chromium:467531
TEST=mjsunit/regress/regress-crbug-467531
LOG=N

Review URL: https://codereview.chromium.org/1015683002

Cr-Commit-Position: refs/heads/master@{#27238}
2015-03-17 12:37:07 +00:00
bmeurer
77b6a076f3 [turbofan] Fix obsolete workaround for type system in simplified lowering.
Ranges and bitset types now work together, so we don't need these weird
hacks anymore.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/994283005

Cr-Commit-Position: refs/heads/master@{#27237}
2015-03-17 12:36:06 +00:00
dcarney
85a0e8075f convert String::New functions to maybe
R=svenpanne@chromium.org
BUG=v8:3929
LOG=n

Review URL: https://codereview.chromium.org/1010803008

Cr-Commit-Position: refs/heads/master@{#27236}
2015-03-17 11:45:50 +00:00
mvstanton
34a1a76ddf Use platform specific stubs for vector-based Load/KeyedLoad.
A hydrogen code stub is not the best approach because it builds a frame
and doesn't have the technology to discard roots at tail call exits.
Platform-specific stubs provide much better performance at this point.

R=verwaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/988653003

Cr-Commit-Position: refs/heads/master@{#27235}
2015-03-17 11:28:21 +00:00
yangguo
d74f5c6f09 Serializer: Cache FlagList::Hash result.
R=vogelheim@chromium.org

Review URL: https://codereview.chromium.org/1011703003

Cr-Commit-Position: refs/heads/master@{#27234}
2015-03-17 11:04:29 +00:00
ulan
d4cd05e6df Retain maps that have live prototypes.
BUG=v8:3664
LOG=NO

Review URL: https://codereview.chromium.org/1009343002

Cr-Commit-Position: refs/heads/master@{#27233}
2015-03-17 10:52:12 +00:00
jarin
ca3abde2fa [turbofan] Variable liveness analysis for deopt.
This change introduces a liveness analyzer for local variables in frame states.

The main idea is to use the AstGraphBuilder::Environment class to build the control flow graph, and record local variable loads, stores and checkpoints in the CFG basic blocks (LivenessAnalyzerBlock class).

After the graph building finishes, we run a simple data flow analysis over the CFG to figure out liveness of each local variable at each checkpoint. Finally, we run a pass over all the checkpoints and replace dead local variables in the frame states with the 'undefined' value.

Performance numbers for Embenchen are below.

----------- box2d.js
Current --turbo-deoptimization: EmbenchenBox2d(RunTime): 11265 ms.
d8-master --turbo-deoptimization: EmbenchenBox2d(RunTime): 11768 ms.
d8-master: EmbenchenBox2d(RunTime): 10996 ms.
----------- bullet.js
Current --turbo-deoptimization: EmbenchenBullet(RunTime): 17049 ms.
d8-master --turbo-deoptimization: EmbenchenBullet(RunTime): 17384 ms.
d8-master: EmbenchenBullet(RunTime): 16153 ms.
----------- copy.js
Current --turbo-deoptimization: EmbenchenCopy(RunTime): 4877 ms.
d8-master --turbo-deoptimization: EmbenchenCopy(RunTime): 4938 ms.
d8-master: EmbenchenCopy(RunTime): 4940 ms.
----------- corrections.js
Current --turbo-deoptimization: EmbenchenCorrections(RunTime): 7068 ms.
d8-master --turbo-deoptimization: EmbenchenCorrections(RunTime): 6718 ms.
d8-master: EmbenchenCorrections(RunTime): 6858 ms.
----------- fannkuch.js
Current --turbo-deoptimization: EmbenchenFannkuch(RunTime): 4167 ms.
d8-master --turbo-deoptimization: EmbenchenFannkuch(RunTime): 4608 ms.
d8-master: EmbenchenFannkuch(RunTime): 4149 ms.
----------- fasta.js
Current --turbo-deoptimization: EmbenchenFasta(RunTime): 9981 ms.
d8-master --turbo-deoptimization: EmbenchenFasta(RunTime): 9848 ms.
d8-master: EmbenchenFasta(RunTime): 9640 ms.
----------- lua_binarytrees.js
Current --turbo-deoptimization: EmbenchenLuaBinaryTrees(RunTime): 11571 ms.
d8-master --turbo-deoptimization: EmbenchenLuaBinaryTrees(RunTime): 13089 ms.
d8-master: EmbenchenLuaBinaryTrees(RunTime): 10957 ms.
----------- memops.js
Current --turbo-deoptimization: EmbenchenMemOps(RunTime): 7766 ms.
d8-master --turbo-deoptimization: EmbenchenMemOps(RunTime): 7346 ms.
d8-master: EmbenchenMemOps(RunTime): 7738 ms.
----------- primes.js
Current --turbo-deoptimization: EmbenchenPrimes(RunTime): 7459 ms.
d8-master --turbo-deoptimization: EmbenchenPrimes(RunTime): 7453 ms.
d8-master: EmbenchenPrimes(RunTime): 7451 ms.
----------- skinning.js
Current --turbo-deoptimization: EmbenchenSkinning(RunTime): 15564 ms.
d8-master --turbo-deoptimization: EmbenchenSkinning(RunTime): 15611 ms.
d8-master: EmbenchenSkinning(RunTime): 15583 ms.
----------- zlib.js
Current --turbo-deoptimization: EmbenchenZLib(RunTime): 10825 ms.
d8-master --turbo-deoptimization: EmbenchenZLib(RunTime): 11180 ms.
d8-master: EmbenchenZLib(RunTime): 10823 ms.

BUG=

Review URL: https://codereview.chromium.org/949743002

Cr-Commit-Position: refs/heads/master@{#27232}
2015-03-17 09:38:43 +00:00
loislo
55d05404b7 CpuProfiler: extract DeoptInfo fill in code into a static function.
the third part of the patch https://codereview.chromium.org/1012633002

this patch
1) moves DeoptInfo builder code to platform independent file lithium-codegen.cc
2) adds inlining_id property to HEnterInlined so we can use it on lithium level.

BUG=chromium:452067
LOG=n

Review URL: https://codereview.chromium.org/1011733005

Cr-Commit-Position: refs/heads/master@{#27231}
2015-03-17 09:37:41 +00:00
yangguo
773f297738 Serializer: micro-optimizations for the deserializer.
R=vogelheim@chromium.org

Review URL: https://codereview.chromium.org/1008923003

Cr-Commit-Position: refs/heads/master@{#27230}
2015-03-17 09:23:42 +00:00
dcarney
4a99e6f493 add missing dcheck to ToLocalChecked
R=svenpanne@chromium.org
BUG=v8:3929
LOG=n

Review URL: https://codereview.chromium.org/1017663002

Cr-Commit-Position: refs/heads/master@{#27229}
2015-03-17 09:03:50 +00:00
jacob.bramley
1299363711 [ARM64] [turbofan] Improve construction of doubles.
Improve the code generated for construction of a 64-bit floating point
number from two 32-bit integers.

Previously, this moved FP->core, inserted, then moved core->FP for each
half. Now, we construct the double in an X register and move core->FP.
Typically, the temporary register aliases the input register, so the
sequence improves from six to two instructions.

Patch from Martyn Capewell <m.m.capewell@googlemail.com>.

BUG=

Review URL: https://codereview.chromium.org/1008003004

Cr-Commit-Position: refs/heads/master@{#27227}
2015-03-16 17:15:28 +00:00
svenpanne
e059be3347 Make valgrind a bit more happy by zero-terminating/initializing strings.
Tiny cleanup on the way...

Review URL: https://codereview.chromium.org/1007283006

Cr-Commit-Position: refs/heads/master@{#27226}
2015-03-16 15:34:13 +00:00
jochen
dde730ff50 Hook up over approximating the weak closure to the idle time handler
The feature itself is still behind a flag.

BUG=v8:3862
R=hpayer@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1014503003

Cr-Commit-Position: refs/heads/master@{#27225}
2015-03-16 14:51:15 +00:00
loislo
dc3f240e53 CpuProfiler: replace FLAG_hydrogen_track_positions with is_tracking_positions method on CompilationInfo
this is the second part of https://codereview.chromium.org/1012633002.

almost mechanical change.
I'd like to enable positions tracking when cpu profiler is working.
But I'll switch it on for cpu-profiler in another patch.

BUG=chromium:452067
LOG=n

Review URL: https://codereview.chromium.org/995183005

Cr-Commit-Position: refs/heads/master@{#27224}
2015-03-16 14:17:17 +00:00
ishell
ddfca2b069 Bugfix in hydrogen GVN.
BUG=chromium:467481
LOG=Y

Review URL: https://codereview.chromium.org/1009933002

Cr-Commit-Position: refs/heads/master@{#27223}
2015-03-16 13:46:20 +00:00
jarin
cd67e97a7e [turbofan] Cache for reusing parts of value vector nodes in frame states.
Instead of the current approach of storing flat vectors in frame states (and possibly reusing the last vector in AST graph builder), this change list builds a tree for the values and tries to reuse the nodes for different frame states. At the moment, we only use this for the local variable part of frame state, but nothing prevents us from using this for all parts.

This change provides two new classes: one for creating the tree (StateValuesCache) and one for iterating the trees (StateValuesAccess).

BUG=

Review URL: https://codereview.chromium.org/1008213002

Cr-Commit-Position: refs/heads/master@{#27222}
2015-03-16 13:43:13 +00:00
loislo
3e29f36ba4 CpuProfiler: convert List<InlinedFunctionInfo> into std::vector<InlinedFunctionInfo>
this is the first part of https://codereview.chromium.org/1012633002.
mechanical change.

The motivation: the original patch needs to use List of List but list is not copiable.

BUG=chromium:452067
LOG=n

Review URL: https://codereview.chromium.org/1011733002

Cr-Commit-Position: refs/heads/master@{#27221}
2015-03-16 13:41:56 +00:00
yangguo
567e45a192 Promote code from code cache to compilation cache.
The per-isolate compilation cache is a lot faster still than
the serialized code cache. Promote code to compilation cache
after deserialization.

R=vogelheim@chromium.org
BUG=chromium:399580
LOG=N

Review URL: https://codereview.chromium.org/1008363002

Cr-Commit-Position: refs/heads/master@{#27220}
2015-03-16 13:19:20 +00:00
svenpanne
cf1c4911b9 Remove BLACKLIST from check-name-clashes.py, it's wrong nowadays.
Fix the resulting warnings by renaming things apart.

BUG=v8:3947
LOG=n

Review URL: https://codereview.chromium.org/1009373002

Cr-Commit-Position: refs/heads/master@{#27219}
2015-03-16 13:08:49 +00:00
jochen
82fe1adfed Repeatedly overapproximate the weak closure as long as we make progress
Also, include the time for building object groups in the tracing scope
for the overapproximation.

BUG=v8:3862
R=hpayer@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1012593004

Cr-Commit-Position: refs/heads/master@{#27218}
2015-03-16 12:51:54 +00:00
hpayer
4979279271 Remove all atomic access from store buffer.
Store buffer does not contain stale pointers anymore. Hence, sweeper threads and store buffer processing does not collide.

BUG=

Review URL: https://codereview.chromium.org/1007273002

Cr-Commit-Position: refs/heads/master@{#27217}
2015-03-16 12:22:17 +00:00
yangguo
5095a6f501 Fix RelocInfo::Mode enum wrt LAST_STANDARD_NONCOMPACT_ENUM.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/1011613003

Cr-Commit-Position: refs/heads/master@{#27216}
2015-03-16 11:43:35 +00:00
mstarzinger
5977ed0203 Revert of Remove kind field from StackHandler. (patchset #4 id:60001 of https://codereview.chromium.org/1002203002/)
Reason for revert:
Layout test failure in inspector/sources/debugger/debugger-pause-on-promise-rejection.html

Original issue's description:
> Remove kind field from StackHandler.
>
> This makes the Isolate::Throw logic not depend on a prediction of
> whether an exception is caught or uncaught. Such a prediction is
> inherently undecidable because a finally block can decide between
> consuming or re-throwing an exception depending on arbitray control
> flow.
>
> There still is a conservative prediction mechanism in place that
> components like the debugger or tracing can use for reporting.
>
> With this change we can get rid of the StackHandler::kind field, a
> pre-requisite to do table-based lookups of exception handlers.
>
> R=yangguo@chromium.org
>
> Committed: https://crrev.com/96f79568a926966ebcf0685bf9adc947f4e1fbff
> Cr-Commit-Position: refs/heads/master@{#27210}

TBR=yangguo@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1009903002

Cr-Commit-Position: refs/heads/master@{#27215}
2015-03-16 11:41:39 +00:00
hpayer
3e924dd067 Delete dead store buffer verification code and code that changes the store buffer in debug mode.
BUG=

Review URL: https://codereview.chromium.org/1009323002

Cr-Commit-Position: refs/heads/master@{#27214}
2015-03-16 11:40:20 +00:00
dusan.milosavljevic
17ada20c17 MIPS64: Unify and improve Word32 compares to use same instructions as Word64 compares.
The CL enables the same instructions are selected for Word32 and Word64 compare
operations which is possible due to a fact 32-bit inputs and produced values
are always sign-extended.

TEST=
BUG=

Review URL: https://codereview.chromium.org/1005123002

Cr-Commit-Position: refs/heads/master@{#27212}
2015-03-16 11:00:12 +00:00
ulan
41d74f21f1 Fix data race in Isolate::CheckDetachedContextsAfterGC
BUG=chromium:462908
LOG=NO

Review URL: https://codereview.chromium.org/1010713002

Cr-Commit-Position: refs/heads/master@{#27211}
2015-03-16 10:17:05 +00:00
mstarzinger
96f79568a9 Remove kind field from StackHandler.
This makes the Isolate::Throw logic not depend on a prediction of
whether an exception is caught or uncaught. Such a prediction is
inherently undecidable because a finally block can decide between
consuming or re-throwing an exception depending on arbitray control
flow.

There still is a conservative prediction mechanism in place that
components like the debugger or tracing can use for reporting.

With this change we can get rid of the StackHandler::kind field, a
pre-requisite to do table-based lookups of exception handlers.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1002203002

Cr-Commit-Position: refs/heads/master@{#27210}
2015-03-16 10:06:24 +00:00
yurys
f92c8a3670 Remove obsolete TakeHeapSnapshot method from API
BUG=chromium:465651
LOG=Y

Review URL: https://codereview.chromium.org/997583004

Cr-Commit-Position: refs/heads/master@{#27208}
2015-03-16 09:49:28 +00:00
ishell
52cb51fb8d Revert of Reland of Remove slots that point to unboxed doubles from the StoreBuffer/SlotsBuffer. (patchset #3 id:40001 of https://codereview.chromium.org/988363002/)
Reason for revert:
Increased rate of Chrome crashes. Requires further investigation.

Original issue's description:
> Reland of Remove slots that point to unboxed doubles from the StoreBuffer/SlotsBuffer.
>
> The problem is that tagged slot could become a double slot after migrating of an object to another map with "shifted" fields (for example as a result of generalizing immutable data property to a data field).
> This CL also adds useful machinery that helps triggering incremental write barriers.
>
> BUG=chromium:454297, chromium:465273
> LOG=Y
>
> Committed: https://crrev.com/6d0677d845c47ab9fa297de61d0e3d8e5480a02a
> Cr-Commit-Position: refs/heads/master@{#27141}

TBR=hpayer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:454297, chromium:465273

Review URL: https://codereview.chromium.org/1004623003

Cr-Commit-Position: refs/heads/master@{#27207}
2015-03-16 09:40:47 +00:00
yurys
cb50b0dfe7 Beautify syntax error for unterminated argument list
BUG=chromium:339474
LOG=Y

Review URL: https://codereview.chromium.org/1002263004

Cr-Commit-Position: refs/heads/master@{#27205}
2015-03-16 09:16:26 +00:00
michael_dawson
b74b0a8b16 PPC: Further leverage internal references.
Enable code dependent on the newly provided common code support for
encoded internal references.

	modified:   src/ppc/code-stubs-ppc.cc
	modified:   test/cctest/cctest.status

R=danno@chromium.org, svenpanne@chromium.org

BUG=

Review URL: https://codereview.chromium.org/1008963002

Cr-Commit-Position: refs/heads/master@{#27204}
2015-03-16 08:40:19 +00:00
michael_dawson
f9cceb90f1 PPC: Implement turbofan Float64Min and Float64Max machine operators.
R=danno@chromium.org, svenpanne@chromium.org

BUG=

Review URL: https://codereview.chromium.org/1006913002

Cr-Commit-Position: refs/heads/master@{#27202}
2015-03-16 08:01:55 +00:00
bmeurer
523dec1234 [turbofan] Fix typo in ControlReducer.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/1001063003

Cr-Commit-Position: refs/heads/master@{#27201}
2015-03-16 07:28:06 +00:00
mstarzinger
5cec9403dd Remove some dead code from the Isolate.
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1009453004

Cr-Commit-Position: refs/heads/master@{#27191}
2015-03-13 17:58:12 +00:00
arv
e625844648 [es6] Function length property should be configurable
ES6 specs the function length property (it was not part of ES5) and
it makes it configurable.

BUG=v8:3045
LOG=N
R=mstarzinger@chromium.org, adamk@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel

Review URL: https://codereview.chromium.org/993073002

Cr-Commit-Position: refs/heads/master@{#27190}
2015-03-13 17:19:53 +00:00
dslomov
a8289230a3 Fix test for function declarations syntax error.
Also fix parsing of declarations after case labels.

R=waldron.rick@gmail.com,rossberg@chromium.org
BUG=v8:3939
LOG=N

Review URL: https://codereview.chromium.org/964063003

Cr-Commit-Position: refs/heads/master@{#27189}
2015-03-13 16:57:35 +00:00
rossberg
3fcb38f772 [strong] Check super constructor calls
R=marja@chromium.org
BUG=v8:3956
LOG=N

Review URL: https://codereview.chromium.org/1002253002

Cr-Commit-Position: refs/heads/master@{#27188}
2015-03-13 16:26:52 +00:00
dslomov
92138c73a7 Remove --harmony-scoping flag.
We have been shipping harmony scoping for 2 Chrome releases now (M41
and M42). Time to remove the flag.

R=rossberg@chromium.org
LOG=Y

Review URL: https://codereview.chromium.org/1007783002

Cr-Commit-Position: refs/heads/master@{#27187}
2015-03-13 15:15:57 +00:00
kozyatinskiy
ec73e08860 [V8] Use Function.name in Error.stack
Error.stack contains function.name if its type is string.
Otherwise if function have inferred name then .stack contains it.
For functions from eval .stack property contains "eval".

LOG=N
BUG=chromium:17356
R=yurys@chromium.org

Review URL: https://codereview.chromium.org/919653002

Cr-Commit-Position: refs/heads/master@{#27186}
2015-03-13 15:11:57 +00:00
yangguo
c67521794a Hide Symbol implementation in a closure.
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1009443002

Cr-Commit-Position: refs/heads/master@{#27185}
2015-03-13 15:08:28 +00:00
jochen
31f6142a7f Use the incremental root marking visitor for overapproximating the weak closure
Since incremental marking hasn't completed yet at this point, we can't
use the MC's root visitor.

Also, we shouldn't hurry with incremental marking while
overapproximating

BUG=v8:3862
R=hpayer@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/997423002

Cr-Commit-Position: refs/heads/master@{#27184}
2015-03-13 14:51:32 +00:00
yangguo
cc2c902fa5 Encode RelocInfo extra tag to fit changed RelocInfo kind enum.
This fixes some failures on MIPS. Though not all of them, since
MIPS does not correctly implement set_target_internal_reference.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/1008823002

Cr-Commit-Position: refs/heads/master@{#27183}
2015-03-13 13:39:26 +00:00
dslomov
de8e2be875 Implement TDZ in StoreIC for top-level lexicals.
StoreIC::Store was missing a check present in LoadIC::Load.

R=rossberg@chromium.org
BUG=v8:3941
LOG=Y

Review URL: https://codereview.chromium.org/1001323002

Cr-Commit-Position: refs/heads/master@{#27182}
2015-03-13 13:28:18 +00:00
jochen
a6a887d083 Extract code to mark an object during incremental marking
Not only does this remove code duplication, I also plan to use this for
unifying reference group marking later

BUG=none
R=hpayer@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1007793002

Cr-Commit-Position: refs/heads/master@{#27180}
2015-03-13 12:14:11 +00:00
yangguo
057857ef06 PPC: fix allocation issues for PPC64.
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/1009433002

Cr-Commit-Position: refs/heads/master@{#27179}
2015-03-13 11:18:31 +00:00
titzer
3ff0e6f023 Speed up FastElementsAccessor::ValidContents by removing redundant handle scope.
R=jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1002203003

Cr-Commit-Position: refs/heads/master@{#27178}
2015-03-13 10:47:42 +00:00
yangguo
a873c9f336 Serializer: prepare support for INTERNAL_REFERENCE_ENCODED.
Platform ports that use this RelocInfo kind need to implement
set_target_internal_reference accordingly to distinguish between
INTERNAL_REFERENCE and INTERNAL_REFERENCE_ENCODED.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/1000373003

Cr-Commit-Position: refs/heads/master@{#27177}
2015-03-13 10:08:04 +00:00
marja
0c56d7e809 Remove duplicate script scope.
We previously had two nested SCRIPT_SCOPEs (used to be GLOBAL_SCOPES), but as
the lexical variable implementation changed, the inner one is no longer needed.
BUG=

Review URL: https://codereview.chromium.org/1002193002

Cr-Commit-Position: refs/heads/master@{#27176}
2015-03-13 09:46:14 +00:00
jochen
0a1e272f9c Turn on job-based optimizing compiler
BUG=v8:3608
R=yangguo@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/1001313002

Cr-Commit-Position: refs/heads/master@{#27175}
2015-03-13 09:14:00 +00:00
michael_dawson
0697e92952 PPC: [turbofan] Introduce optional Float64Min and Float64Max machine operators.
Port 99f8d57f3c

Original commit message:
Basically recognize certain x < y ? x : y constructs and turn that into
Float64Min/Float64Max operations, if the target machine supports that.
On x86 we lower to (v)minsd/(v)maxsd.

R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/998283002

Cr-Commit-Position: refs/heads/master@{#27160}

R=danno@chromium.org, svenpanne@chromium.org

BUG=

Review URL: https://codereview.chromium.org/1005693002

Cr-Commit-Position: refs/heads/master@{#27174}
2015-03-13 07:40:07 +00:00
michael_dawson
ae78a9702a PPC: Simplify pending message object handling.
Port d4696c4841

Original commit message:
This moves the decision whether to report a message or not to when
the pending exception is propagated instead of trying to preserve the
decision in a ThreadLocalTop field.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/998943003

Cr-Commit-Position: refs/heads/master@{#27150}

R=danno@chromium.org, svenpanne@chromium.org, titzer@chromium.org

BUG=

Review URL: https://codereview.chromium.org/1000963002

Cr-Commit-Position: refs/heads/master@{#27173}
2015-03-13 07:34:57 +00:00
bmeurer
83f157bc18 [turbofan] Use builtin inlining mechanism for Math.abs and Math.sqrt.
Reduces the amount of custom support code for Math functions in TurboFan
and allows for more general inlining (i.e. independent of parameter
types).

BUG=v8:3952
LOG=n
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1004083002

Cr-Commit-Position: refs/heads/master@{#27172}
2015-03-13 07:06:15 +00:00
adamk
0c305e0b1b Fix error message for Object.observe accept argument
BUG=chromium:464695
LOG=n

Review URL: https://codereview.chromium.org/1005553003

Cr-Commit-Position: refs/heads/master@{#27171}
2015-03-12 19:04:38 +00:00
balazs.kilvady
7290d15e71 MIPS: Improve naming of turbofan ops for %_DoubleHi, %_DoubleLo and %_ConstructDouble.
BUG=

Review URL: https://codereview.chromium.org/1006523002

Cr-Commit-Position: refs/heads/master@{#27169}
2015-03-12 17:29:16 +00:00
balazs.kilvady
323ec9e8bd MIPS: [turbofan] Introduce optional Float64Min and Float64Max machine operators.
Port 99f8d57f3c

Original commit message:
Basically recognize certain x < y ? x : y constructs and turn that into
Float64Min/Float64Max operations, if the target machine supports that.
On x86 we lower to (v)minsd/(v)maxsd.

BUG=

Review URL: https://codereview.chromium.org/1006513002

Cr-Commit-Position: refs/heads/master@{#27168}
2015-03-12 16:43:51 +00:00
dcarney
2d3311b82f remove DeletedField from PropertyDetails
R=verwaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/1002703002

Cr-Commit-Position: refs/heads/master@{#27166}
2015-03-12 16:03:27 +00:00
dslomov
c071af5ae3 Switch the order of experimental global initialization and running natives.
The order should match the one for normal natives.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/988513003

Cr-Commit-Position: refs/heads/master@{#27165}
2015-03-12 15:44:38 +00:00
johan
68d5f916d8 Fix build on solaris platforms
e8b9f2d7 introduced a different cast which broke building on Illumos.
Revert to previous behavior for V8_OS_SOLARIS only.

Found on SmartOS while building with gcc 4.9.0.

edit1: adding jochen to reviewers since he was assigned through the issue tracker and danno since he seems to do a fair amount of cross-platform work

edit2: removing BUG reference because I don't understand what LOG needs to contain (and it seems to link to chromium and not the v8 repo). Please edit commit message as appropriate.

BUG=3935
LOG=n

Review URL: https://codereview.chromium.org/990063002

Cr-Commit-Position: refs/heads/master@{#27163}
2015-03-12 15:12:45 +00:00
mstarzinger
1a37a4cc39 [turbofan] Bring back long lost comment to AstGraphBuilder.
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1004673002

Cr-Commit-Position: refs/heads/master@{#27162}
2015-03-12 15:04:38 +00:00
yangguo
4e9daf4e3d Hide RegExp and String initialization in a closure.
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1000063002

Cr-Commit-Position: refs/heads/master@{#27161}
2015-03-12 14:47:49 +00:00
bmeurer
99f8d57f3c [turbofan] Introduce optional Float64Min and Float64Max machine operators.
Basically recognize certain x < y ? x : y constructs and turn that into
Float64Min/Float64Max operations, if the target machine supports that.
On x86 we lower to (v)minsd/(v)maxsd.

R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/998283002

Cr-Commit-Position: refs/heads/master@{#27160}
2015-03-12 14:07:39 +00:00
caitpotter88
1aae3a1c89 [es6] support template literals after MemberExpression
BUG=v8:3958, 450942
LOG=N
R=arv@chromium.org

Review URL: https://codereview.chromium.org/996223003

Cr-Commit-Position: refs/heads/master@{#27159}
2015-03-12 14:02:04 +00:00
balazs.kilvady
811caee0e0 MIPS: Simplify pending message object handling.
Port d4696c4841

Original commit message:
This moves the decision whether to report a message or not to when
the pending exception is propagated instead of trying to preserve the
decision in a ThreadLocalTop field.

BUG=

Review URL: https://codereview.chromium.org/1004623002

Cr-Commit-Position: refs/heads/master@{#27158}
2015-03-12 13:54:45 +00:00
mstarzinger
4dfff4abbd [turbofan] Introduce builders for property access.
This introduces a choke point in the AstGraphBuilder for property
access creation. This makes it easier to enrich all such nodes with
additional side-table or debugging information.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1002713002

Cr-Commit-Position: refs/heads/master@{#27157}
2015-03-12 13:50:05 +00:00
bashi
83245abb6b Add Cast() for Int32 and Uint32
It should be possible to cast a Value to Int32 without throwing an exception
when IsInt32() is true. Same for Uint32.

BUG=chromium:462402
LOG=Y

Review URL: https://codereview.chromium.org/1003663002

Cr-Commit-Position: refs/heads/master@{#27156}
2015-03-12 12:27:46 +00:00
Sven Panne
40567349df Remove funky 2-stage initialization of ParserInfo and an adventurous memset.
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1002673002

Cr-Commit-Position: refs/heads/master@{#27155}
2015-03-12 11:46:32 +00:00
ishell
0902b5f4df Incorrect handling of HTransitionElementsKind in hydrogen check elimination phase fixed.
BUG=chromium:460917
LOG=Y

Review URL: https://codereview.chromium.org/1000893003

Cr-Commit-Position: refs/heads/master@{#27154}
2015-03-12 11:44:29 +00:00
dcarney
317ce1170d add 0 length guard in IsNonArrayIndexInteger
TBR=verwaest@chromium.org

BUG=466086
LOG=N

Review URL: https://codereview.chromium.org/998213002

Cr-Commit-Position: refs/heads/master@{#27151}
2015-03-12 10:44:38 +00:00
mstarzinger
d4696c4841 Simplify pending message object handling.
This moves the decision whether to report a message or not to when
the pending exception is propagated instead of trying to preserve the
decision in a ThreadLocalTop field.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/998943003

Cr-Commit-Position: refs/heads/master@{#27150}
2015-03-12 09:50:44 +00:00
mvstanton
4ededa8694 Vector-ICs: Implement slot sharing for global loads.
We can reduce the number of type feedback vector slots required, and
also reduce IC misses.

Review URL: https://codereview.chromium.org/1001533002

Cr-Commit-Position: refs/heads/master@{#27149}
2015-03-12 09:23:01 +00:00
bmeurer
b5197ea478 [turbofan] Remove unused diamonds during control reduction.
A diamond is unused if the Merge node has no Phi/EffectPhi uses, exactly
two inputs, one IfTrue and one IfFalse, which have the same Branch
control input and no other uses except for the Merge. In this case the
diamond can safely be removed.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1000883003

Cr-Commit-Position: refs/heads/master@{#27148}
2015-03-12 09:02:22 +00:00
michael_dawson
be2e9199cb PPC: simplify delta calculation in DoDeferredInstanceOfKnownGlobal.
... and improve protection against trampoline table generation in this
sequence.

R=danno@chromium.org, svenpanne@chromium.org

BUG=

Review URL: https://codereview.chromium.org/985933003

Cr-Commit-Position: refs/heads/master@{#27146}
2015-03-12 08:14:51 +00:00
michael_dawson
c67dab62c7 PPC: Simplify pending message script handling.
Port f71e262683

Original commit message:
This removes the separate tracking of the pending message script,
because that script is already stored in the message object and
duplicating it in the ThreadLocalTop makes it more brittle.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/995013005

Cr-Commit-Position: refs/heads/master@{#27127}

R=danno@chromium.org, svenpanne@chromium.org

BUG=

Review URL: https://codereview.chromium.org/999093002

Cr-Commit-Position: refs/heads/master@{#27144}
2015-03-12 04:27:18 +00:00
adamk
9703c057c5 Modules: simplify logic around allocation of module internal variables
Since recursive modules are gone, only the top-level scope can have
module inner scopes. Rename Scope::AllocateModulesRecursively to
Scope::AllocateModules, and add test showing the module Variables
are still allocated appropriately in the top level scope.

BUG=v8:1569,v8:3940
LOG=n

Review URL: https://codereview.chromium.org/999893003

Cr-Commit-Position: refs/heads/master@{#27143}
2015-03-11 23:19:57 +00:00
ishell
6d0677d845 Reland of Remove slots that point to unboxed doubles from the StoreBuffer/SlotsBuffer.
The problem is that tagged slot could become a double slot after migrating of an object to another map with "shifted" fields (for example as a result of generalizing immutable data property to a data field).
This CL also adds useful machinery that helps triggering incremental write barriers.

BUG=chromium:454297, chromium:465273
LOG=Y

Review URL: https://codereview.chromium.org/988363002

Cr-Commit-Position: refs/heads/master@{#27141}
2015-03-11 19:29:57 +00:00
balazs.kilvady
2bd426cdd5 MIPS: Simplify pending message script handling.
Port f71e262683

Original commit message:
This removes the separate tracking of the pending message script,
because that script is already stored in the message object and
duplicating it in the ThreadLocalTop makes it more brittle.

BUG=

Review URL: https://codereview.chromium.org/999763003

Cr-Commit-Position: refs/heads/master@{#27140}
2015-03-11 17:25:11 +00:00
balazs.kilvady
94d49b1150 MIPS64: CpuProfiler: fix for CollectDeoptEvents test.
Port a925f3f478

Original commit message:
The same idea as in https://codereview.chromium.org/984893003/

BUG=chromium:452067
LOG=n

Review URL: https://codereview.chromium.org/993233003

Cr-Commit-Position: refs/heads/master@{#27139}
2015-03-11 16:52:29 +00:00
yangguo
9333e7e135 Hide native Date implementation in function context.
This further reduces the context size.

R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/996213003

Cr-Commit-Position: refs/heads/master@{#27138}
2015-03-11 15:53:37 +00:00
svenpanne
a69cfac182 Re-arranged intrinsic macros a bit.
Outside of runtime.h, only the distinction between intrinsics
returning pairs and those returning pairs is really meaningful, not
the internal traditional partitioning of them.

BUG=v8:3947
LOG=n

Review URL: https://codereview.chromium.org/997933003

Cr-Commit-Position: refs/heads/master@{#27137}
2015-03-11 15:18:52 +00:00
michael_dawson
d88656af9f cctest/test-deoptimization/DeoptimizeCompare was failing on PPC because the path that is optimized for isel incorrectly used integer values instead of Smi's
BUG=

Review URL: https://codereview.chromium.org/996223002

Cr-Commit-Position: refs/heads/master@{#27136}
2015-03-11 14:58:03 +00:00
svenpanne
611eb25894 Converted FullCode to have its own list of known intrinsics.
Combined the various lists, the only slightly ugly thing is now the
distinction between intrinsics returning pairs and the rest, but
that's no big deal.

BUG=v8:3947
LOG=n

Review URL: https://codereview.chromium.org/989273003

Cr-Commit-Position: refs/heads/master@{#27135}
2015-03-11 14:03:29 +00:00
loislo
df9e6fe329 CpuProfiler: simplify inlined function info magic.
I did some investigation and found that in the most cases
the old schema with the separate List for functions and inlines
gives us no memory benefits because more frequently we inlines
different functions into parent function. So the plain schema
wins a tens or even hundreds bytes a few thousand times.

The only drawback is that we will print the inlined body
the each time when we inline it. But is not a problem
because it happens only under FLAG_hydrogen_track_positions.

Also I added script_id to the structure, so it could be used later
by cpu-profiler.

BUG=chromium:452067
LOG=n

Review URL: https://codereview.chromium.org/996153003

Cr-Commit-Position: refs/heads/master@{#27134}
2015-03-11 13:51:25 +00:00
balazs.kilvady
ee4f1bd81d MIPS: CpuProfiler: fix for CollectDeoptEvents test.
Port a925f3f478

Original commit message:
The same idea as in https://codereview.chromium.org/984893003/

BUG=chromium:452067
LOG=n

Review URL: https://codereview.chromium.org/996883002

Cr-Commit-Position: refs/heads/master@{#27133}
2015-03-11 13:42:51 +00:00
mstarzinger
61e4b6028b Remove superfluous ThreadLocalTop::catcher field.
The external v8::TryCatch handler was computed eagerly and kept in
intact. This changes it to be computed lazily for simplicity and
readability of the code.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/997863003

Cr-Commit-Position: refs/heads/master@{#27132}
2015-03-11 13:36:15 +00:00
svenpanne
88a7f24f46 Bailout for %_FastOneByteArrayJoin again.
This recovers the performance loss for some ancient benchmarks.
Added some comments/UNIMPLEMENTED on the way.

BUG=v8:3947
LOG=n

Review URL: https://codereview.chromium.org/996153002

Cr-Commit-Position: refs/heads/master@{#27131}
2015-03-11 13:28:46 +00:00
dcarney
b1a5812203 the IsPromise function should not execute js
BUG=v8:3929
LOG=n

Review URL: https://codereview.chromium.org/998943002

Cr-Commit-Position: refs/heads/master@{#27130}
2015-03-11 12:14:18 +00:00
verwaest
e77d0abd4a [scanner] Extend fast-smi parsing to the entire range minus Smi::kMinValue
BUG=

Review URL: https://codereview.chromium.org/998893002

Cr-Commit-Position: refs/heads/master@{#27129}
2015-03-11 11:33:33 +00:00
hpayer
aab76eff43 Just visit young array buffers during scavenge. Additionally keep the views in new space in a separate global list and move them to the corresponding array buffers when they get promoted.
BUG=

Review URL: https://codereview.chromium.org/990423004

Cr-Commit-Position: refs/heads/master@{#27128}
2015-03-11 10:58:03 +00:00
mstarzinger
f71e262683 Simplify pending message script handling.
This removes the separate tracking of the pending message script,
because that script is already stored in the message object and
duplicating it in the ThreadLocalTop makes it more brittle.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/995013005

Cr-Commit-Position: refs/heads/master@{#27127}
2015-03-11 10:02:48 +00:00
dcarney
5234d9977d convert most remaining api functions needing context to maybes
BUG=

Review URL: https://codereview.chromium.org/993223003

Cr-Commit-Position: refs/heads/master@{#27126}
2015-03-11 09:33:04 +00:00
michael_dawson
45e4a78911 Contribution of PowerPC port (continuation of 422063005) - uplevel
Contribution of PowerPC port (continuation of 422063005,
817143002,866843003, and 901083004). This patch updates
the ppc directories to make them current with changes in
common code as of today.

We had to exclude the test test-serialize/SerializeInternalReference
until we agree on the right way to add those changes for PPC as
outlined in the description in the google doc provided earlier.

We also had to exclude a couple of other tests due to new
failures seen since the last uplevel.  We excluded as opposed
to waiting until we could investigate to maximize the chance
of getting PPC compiling in the google repos before new
breaking changes are made.

I'll note that before applying any of our changes the
mozilla part of quickcheck was already broken when using
the lastest repo content so I had to run without that

	modified:   src/compiler/ppc/code-generator-ppc.cc
	modified:   src/compiler/ppc/instruction-codes-ppc.h
	modified:   src/compiler/ppc/instruction-selector-ppc.cc
	modified:   src/ic/ppc/handler-compiler-ppc.cc
	modified:   src/ic/ppc/ic-compiler-ppc.cc
	modified:   src/ppc/assembler-ppc-inl.h
	modified:   src/ppc/assembler-ppc.cc
	modified:   src/ppc/assembler-ppc.h
	modified:   src/ppc/builtins-ppc.cc
	modified:   src/ppc/code-stubs-ppc.cc
	modified:   src/ppc/codegen-ppc.cc
	modified:   src/ppc/full-codegen-ppc.cc
	modified:   src/ppc/lithium-codegen-ppc.cc
	modified:   src/ppc/macro-assembler-ppc.cc
	modified:   src/ppc/macro-assembler-ppc.h
	modified:   test/cctest/cctest.status

R=danno@chromium.org, svenpanne@chromium.org

BUG=

Review URL: https://codereview.chromium.org/994533004

Cr-Commit-Position: refs/heads/master@{#27125}
2015-03-11 08:49:33 +00:00
bashi
8bdac10631 Add Cast() to Boolean
We should be able to cast a Value to Boolean when IsBoolean() is true.

Review URL: https://codereview.chromium.org/990943003

Cr-Commit-Position: refs/heads/master@{#27124}
2015-03-10 23:40:20 +00:00
paul.lind
0c12ff2db4 MIPS: Remove frame pointer from StackHandler.
Port 36e69a916f

Original commit message:
This reduces the size of the StackHandler by yet another word. We no
longer need to keep track of the frame pointer, as the stack walk will
be able to recalculate it.

BUG=

Review URL: https://codereview.chromium.org/997663002

Cr-Commit-Position: refs/heads/master@{#27123}
2015-03-10 20:43:54 +00:00
caitpotter88
f950ddf581 [parser] parse arrow function only if no linefeed before =>
BUG=v8:3954
LOG=N
R=arv@chromium.org

Review URL: https://codereview.chromium.org/987203003

Cr-Commit-Position: refs/heads/master@{#27122}
2015-03-10 19:25:03 +00:00
dcarney
040225a315 handle the special snowflakes that are Integer Indexed Exotic objects
the implementation doesn't yet throw on strict mode assignment

BUG=

Review URL: https://codereview.chromium.org/992913002

Cr-Commit-Position: refs/heads/master@{#27121}
2015-03-10 19:11:20 +00:00
balazs.kilvady
fd012f1080 MIPS: Remove code object from StackHandler.
Port e0aa8ebf93

Original commit message:
This reduces the size of the StackHandler by one word. We no longer
need to keep track of the code object, as the stack walk finds it.

BUG=

Review URL: https://codereview.chromium.org/990903008

Cr-Commit-Position: refs/heads/master@{#27120}
2015-03-10 19:07:25 +00:00
balazs.kilvady
99e0f1a8db MIPS: [es6] Throw TypeError for computed static prototype property name
Port 8d946b9c3f

Original commit message:
The prototype of a class constructor function is read only. When we set
computed property names we were ignoring this and we were overriding the
property.

Since the prototype is the only possible own read only property on the
constructor function object we special case this so we do not have to
check this for every property in the class literal.

BUG=v8:3945
LOG=N

Review URL: https://codereview.chromium.org/993963003

Cr-Commit-Position: refs/heads/master@{#27119}
2015-03-10 19:06:20 +00:00
marja
6ad87e4f86 [strong] More scoping related errors: object literal methods.
This CL adds errors for illegal references which occur inside object literal
methods inside computed properrty names.

BUG=v8:3948,v8:3956
LOG=N

Review URL: https://codereview.chromium.org/994043003

Cr-Commit-Position: refs/heads/master@{#27118}
2015-03-10 16:48:07 +00:00
balazs.kilvady
9c8bead966 MIPS: [turbofan] Unify Math.floor / Math.ceil optimization.
Port 022ea7e057

Original commit message:
Provide an intrinsic %MathFloor / %_MathFloor that is used to optimize
both Math.ceil and Math.floor, and use the JS inlining mechanism to
inline Math.ceil into TurboFan code. Although we need to touch code
outside of TurboFan to make this work, this does not affect the way we
handle Math.ceil and/or Math.floor in CrankShaft, because for CrankShaft
the old-style builtin function id based inlining still kicks in first.

Once this solution is stabilized, we can use it for Math.floor as well.
And once that is settled, we can establish it as the unified way to
inline builtins, and get rid of the specialized builtin function id
based inlining at some point.

Note that "builtin" applies to basically every piece of internal
JavaScript/intrinsics based code, so this also applies to the yet to be
defined JavaScript based code stubs and handlers.

BUG=v8:3953
LOG=n

Review URL: https://codereview.chromium.org/998503002

Cr-Commit-Position: refs/heads/master@{#27117}
2015-03-10 16:34:51 +00:00
mstarzinger
36e69a916f Remove frame pointer from StackHandler.
This reduces the size of the StackHandler by yet another word. We no
longer need to keep track of the frame pointer, as the stack walk will
be able to recalculate it.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/991893003

Cr-Commit-Position: refs/heads/master@{#27115}
2015-03-10 15:56:27 +00:00
loislo
a925f3f478 CpuProfiler: fix for CollectDeoptEvents test on arm
The same idea as in https://codereview.chromium.org/984893003/

BUG=chromium:452067
LOG=n

Review URL: https://codereview.chromium.org/997513003

Cr-Commit-Position: refs/heads/master@{#27114}
2015-03-10 15:15:24 +00:00
yurys
619d4535cc Remove uid and title from HeapSnapshot
None of these fields is used in Blink. Embedder always can implement them using existing API.

BUG=chromium:465651
LOG=Y

Review URL: https://codereview.chromium.org/983833006

Cr-Commit-Position: refs/heads/master@{#27113}
2015-03-10 15:14:07 +00:00
loislo
0fcebccd7e CpuProfiler: slightly reduce the size of JumpTable code on arm64.
BUG=chromium:452067
LOG=n
R=svenpanne@chromium.org, jacob.bramley@arm.com, yurys@chromium.org

Review URL: https://codereview.chromium.org/995813002

Cr-Commit-Position: refs/heads/master@{#27112}
2015-03-10 15:13:05 +00:00
Ben L. Titzer
c1d0f845a9 Refactor TypeFeedbackOracle to accept Handle<Name> instead of Handle<String>.
R=verwaest@chromium.org
BUG=

Review URL: https://codereview.chromium.org/979323005

Cr-Commit-Position: refs/heads/master@{#27111}
2015-03-10 15:06:24 +00:00
svenpanne
db2d31ab3b Removed bailout-only 'implementations' of intrinsics in Crankshaft.
Doing a runtime call should always be better than totally giving up
(unless we have fullcode-only intrinsics, which we'll probably never
have).

BUG=v8:3947
LOG=n

Review URL: https://codereview.chromium.org/997543002

Cr-Commit-Position: refs/heads/master@{#27110}
2015-03-10 15:00:18 +00:00
mstarzinger
37729a52fd Simplify and correctify pending message location handling.
This makes sure that the pending message location is only tracked by
the message object, as only this is saved for finally-blocks. The
location information is duplicated and becomes stale.

R=titzer@chromium.org
TEST=maeh, not so much.

Review URL: https://codereview.chromium.org/987353002

Cr-Commit-Position: refs/heads/master@{#27109}
2015-03-10 14:45:26 +00:00
jarin
a3e06f5489 [turbofan] Do not generate any framestates with --noturbo-deoptimization.
BUG=chromium:465701
LOG=n
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/993773004

Cr-Commit-Position: refs/heads/master@{#27108}
2015-03-10 14:40:21 +00:00
hpayer
d49657edd7 Remove unnecessary NoBarrier_load instructions in store buffer.
There are no stale store buffer pointers anymore. The sweeper thread can not be in conflict with store buffer processing.

BUG=

Review URL: https://codereview.chromium.org/993983002

Cr-Commit-Position: refs/heads/master@{#27107}
2015-03-10 14:19:25 +00:00
arv
8d946b9c3f [es6] Throw TypeError for computed static prototype property name
The prototype of a class constructor function is read only. When we set
computed property names we were ignoring this and we were overriding the
property.

Since the prototype is the only possible own read only property on the
constructor function object we special case this so we do not have to
check this for every property in the class literal.

BUG=v8:3945
LOG=N
R=mstarzinger@chromium.org, dslomov@chromium.org

Review URL: https://codereview.chromium.org/985643003

Cr-Commit-Position: refs/heads/master@{#27106}
2015-03-10 14:14:38 +00:00
hpayer
02ce445394 Remove lazy sweeping of new space and corresponding complicated pointer updating logic.
We can do that now since we have the invariant that the store buffer always has valid slots after marking.

BUG=

Review URL: https://codereview.chromium.org/991853002

Cr-Commit-Position: refs/heads/master@{#27105}
2015-03-10 13:42:21 +00:00
hpayer
0fd9bf8f14 Reland Fix old space check in IsSlotInBlackObject.
BUG=

Review URL: https://codereview.chromium.org/978983003

Cr-Commit-Position: refs/heads/master@{#27104}
2015-03-10 13:26:10 +00:00
mstarzinger
e0aa8ebf93 Remove code object from StackHandler.
This reduces the size of the StackHandler by one word. We no longer
need to keep track of the code object, as the stack walk finds it.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/985803002

Cr-Commit-Position: refs/heads/master@{#27103}
2015-03-10 13:20:23 +00:00
svenpanne
507c11a026 Converted Crankshaft to have its own list of known intrinsics.
We can remove a few of them now (those which unconditionally bailout),
but this will be done in a separate CL to see any impact separately.

BUG=v8:3947
LOG=n

Review URL: https://codereview.chromium.org/993963002

Cr-Commit-Position: refs/heads/master@{#27102}
2015-03-10 13:18:06 +00:00
Sven Panne
49c3864b4b Added a workaround for undefined behavior.
Note that this patch is not really a *solution*, it is just enough to
make the undefined behavior unobservable. The real fix would be being
much more correct about sizes and signedness in our code base...

BUG=chromium:464657
LOG=n
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/995743002

Cr-Commit-Position: refs/heads/master@{#27100}
2015-03-10 12:13:01 +00:00
jarin
00f4350403 In PrintCode, keep the debug_name string alive for all uses.
BUG=chromium:465645
LOG=n
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/996663002

Cr-Commit-Position: refs/heads/master@{#27099}
2015-03-10 12:02:53 +00:00
bmeurer
1982186b6f [turbofan] Use builtin inlining mechanism for Math.floor.
BUG=v8:3952
LOG=n
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/997513002

Cr-Commit-Position: refs/heads/master@{#27098}
2015-03-10 11:59:31 +00:00
yurys
39d329103f Remove deprecated CpuProfiler methods
BUG=None
LOG=Y

Review URL: https://codereview.chromium.org/992193002

Cr-Commit-Position: refs/heads/master@{#27097}
2015-03-10 11:58:24 +00:00
marja
3ff7da93d8 Fix CompilerHints flag order to match FunctionKind.
The bits in CompilerHints are accessed via FunctionKindBits, and on the other
hand, with accessors defined by BOOL_ACCESSORS(SharedFunctionInfo,
compiler_hints, is_accessor_function, kIsAccessorFunction) etc.

So the bit order in FunctionKind must match CompilerHints.

This is not causing problems (yet) because there's no accessor for these two
bits, but if somebody adds one, things will go wrong.

R=dslomov@chromium.org
BUG=

Review URL: https://codereview.chromium.org/988413002

Cr-Commit-Position: refs/heads/master@{#27096}
2015-03-10 11:57:20 +00:00
hpayer
d484d5bc49 Revert of Fix old space check in IsSlotInBlackObject. (patchset #1 id:1 of https://codereview.chromium.org/993513009/)
Reason for revert:
Breaks arm.debug.

Original issue's description:
> Fix old space check in IsSlotInBlackObject.
>
> BUG=
>
> Committed: https://crrev.com/4f865389bcecdff6aa56512fab3a147507a95a51
> Cr-Commit-Position: refs/heads/master@{#27090}

TBR=ulan@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/987303003

Cr-Commit-Position: refs/heads/master@{#27095}
2015-03-10 11:56:04 +00:00
loislo
82e6824eb7 CpuProfiler: fix for CollectDeoptEvents test on arm64
We use slightly different schema for JumpTable on arm64 than for x64.

We do a branch (B) to the JumpTable from the code,
then a branch (B) to the end of jump table code
and then branch to the deoptimizer code with putting
the return address into lr register (Call which is actually Blr).

As a result the 'from' address in Deoptimizer always points to
the end of JumpTable code and we can get nothing from this information.

0) I moved save_doubles and needs_frame code out of for_loop.

1) I replaced B commands with Bl so we put different return addresses
to lr register for the different jump table entries and replaced
the final Call with Br which do not touch lr register.

Also I removed the last_entry check so we will always do the Bl
even for the last entry because we need the right address in lr.
I don't think that this will affect the performance because it
just one more branch for entire deopt mechanics.

BUG=chromium:452067
LOG=n

Review URL: https://codereview.chromium.org/984893003

Cr-Commit-Position: refs/heads/master@{#27094}
2015-03-10 10:45:21 +00:00
hpayer
8baa5a087d Don't scan on scavenge dead large objects.
BUG=

Review URL: https://codereview.chromium.org/994893002

Cr-Commit-Position: refs/heads/master@{#27092}
2015-03-10 10:34:20 +00:00
ulan
3f5ff276f3 Make sweeper threads respect the max_available_threads constraint.
BUG=

Review URL: https://codereview.chromium.org/916103005

Cr-Commit-Position: refs/heads/master@{#27091}
2015-03-10 09:58:31 +00:00
hpayer
4f865389bc Fix old space check in IsSlotInBlackObject.
BUG=

Review URL: https://codereview.chromium.org/993513009

Cr-Commit-Position: refs/heads/master@{#27090}
2015-03-10 09:49:50 +00:00
mstarzinger
8fb6660e76 Fix runtime assert in %LiveEditCheckAndDropActivations.
R=jarin@chromium.org
BUG=chromium:465663
LOG=n

Review URL: https://codereview.chromium.org/989743004

Cr-Commit-Position: refs/heads/master@{#27089}
2015-03-10 09:48:18 +00:00
titzer
0b3f4af12c [turbofan] Fix --turbo-osr for OSRing into inner loop inside for-in.
R=mstarzinger@chromium.org
BUG=chromium:462775
LOG=Y

Review URL: https://codereview.chromium.org/988423003

Cr-Commit-Position: refs/heads/master@{#27088}
2015-03-10 09:27:40 +00:00
dcarney
66969fb2ad convert Function and Promise to maybe
BUG=

Review URL: https://codereview.chromium.org/993883002

Cr-Commit-Position: refs/heads/master@{#27087}
2015-03-10 09:15:59 +00:00
bmeurer
022ea7e057 [turbofan] Unify Math.floor / Math.ceil optimization.
Provide an intrinsic %MathFloor / %_MathFloor that is used to optimize
both Math.ceil and Math.floor, and use the JS inlining mechanism to
inline Math.ceil into TurboFan code. Although we need to touch code
outside of TurboFan to make this work, this does not affect the way we
handle Math.ceil and/or Math.floor in CrankShaft, because for CrankShaft
the old-style builtin function id based inlining still kicks in first.

Once this solution is stabilized, we can use it for Math.floor as well.
And once that is settled, we can establish it as the unified way to
inline builtins, and get rid of the specialized builtin function id
based inlining at some point.

Note that "builtin" applies to basically every piece of internal
JavaScript/intrinsics based code, so this also applies to the yet to be
defined JavaScript based code stubs and handlers.

BUG=v8:3953
LOG=n
R=yangguo@chromium.org,svenpanne@chromium.org

Review URL: https://codereview.chromium.org/990963003

Cr-Commit-Position: refs/heads/master@{#27086}
2015-03-10 08:42:53 +00:00
bmeurer
a556a104c0 [turbofan] Context specialize during inlining.
Context specialization enables inlining (at least currently it is the
only enabler for inlining), but inlining enables more possibilities for
context specialization. So we really need to run them together.

This is especially important with the "module based builtins" that we're
working towards.

BUG=v8:3952
LOG=n

Review URL: https://codereview.chromium.org/988423004

Cr-Commit-Position: refs/heads/master@{#27085}
2015-03-10 08:37:26 +00:00
dcarney
60c1ad026d remove phantom naming from the api
since the old style weakness is slated for removal, we might as well reuse the name to limit confusion.  additionally I simplified the callback type to a enum to either get internal field values or not

this should be a non-breaking change with the exception of PhantomPersistentValueMap, which is unused.

R=jochen@chromium.org, erikcorry@chromium.org

BUG=

Review URL: https://codereview.chromium.org/989153003

Cr-Commit-Position: refs/heads/master@{#27084}
2015-03-09 21:48:09 +00:00
balazs.kilvady
18bf4c27b5 Fix 'MIPS: [turbofan] Support for %_DoubleHi, %_DoubleLo and %_ConstructDouble.'
BUG=

Review URL: https://codereview.chromium.org/988243004

Cr-Commit-Position: refs/heads/master@{#27083}
2015-03-09 17:47:04 +00:00
svenpanne
ea2f15e2a9 Handle *all* runtime versions of intrinsics in the serializer.
Note that this is done only for consistency at this point in time.
The change should probably have been in
https://codereview.chromium.org/984963002/ already.

BUG=v8:3947
LOG=n

Review URL: https://codereview.chromium.org/992683002

Cr-Commit-Position: refs/heads/master@{#27080}
2015-03-09 15:11:46 +00:00
jochen
34c43513a3 Make VerifyMarking work in the presence of grey objects
R=hpayer@chromium.org
LOG=n
BUG=none

Review URL: https://codereview.chromium.org/990203002

Cr-Commit-Position: refs/heads/master@{#27079}
2015-03-09 15:01:42 +00:00
titzer
0f6702562e Extract ParseInfo from CompilationInfo.
Rationale: separate the inputs and outputs of parsing + analysis from the business of compiling (i.e. generating machine code).

BUG=

Review URL: https://codereview.chromium.org/974213002

Cr-Commit-Position: refs/heads/master@{#27078}
2015-03-09 14:51:24 +00:00
loislo
66ab309e73 CpuProfiler: fix for GetDeoptReason code.
The original code always returned the first entry from RelocInfo that matched with
bailout_id. But we may have a few different deopt reasons for one bailout_id.
So we need to get the one which matches with a particular call from JumpTable.

We can do this by checking not 'target_address' (it maps to bailout_id)
but 'from' address which maps to a particular JumpTable entry.

The test was reworked so it tests identical functions against different reasons.

BUG=chromium:452067
LOG=n

Review URL: https://codereview.chromium.org/984773003

Cr-Commit-Position: refs/heads/master@{#27076}
2015-03-09 14:43:40 +00:00
marja
4a709dd658 [strong] Fix scoping related errors for methods.
Methods can refer to the class name.

BUG=v8:3927
LOG=N

Review URL: https://codereview.chromium.org/968263002

Cr-Commit-Position: refs/heads/master@{#27075}
2015-03-09 14:30:40 +00:00
yangguo
9dedcc3dfc Simplify promise event on throw handling.
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/991833002

Cr-Commit-Position: refs/heads/master@{#27074}
2015-03-09 13:41:55 +00:00
hpayer
ded6ffbb2a Recorded slots in store buffer are never in free space. Remove migration consistency check.
After establishing the invariant that the store buffer always has valid slots after marking, the store buffer integrity check is not needed anymore.

BUG=454157
LOG=n

Review URL: https://codereview.chromium.org/990173002

Cr-Commit-Position: refs/heads/master@{#27073}
2015-03-09 13:33:16 +00:00
yangguo
67bc45c278 Hide Math function implementations in a closure.
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/990883002

Cr-Commit-Position: refs/heads/master@{#27072}
2015-03-09 13:25:44 +00:00
jarin
6f559b7ec3 [turbofan] Fix lazy deopt for JSToNumber conversions in binary operations.
This slightly hacky change provides lazy deopt points for to-number conversions in binops: When we deopt from a to-number conversion, we create a frame state with the already-converted value(s) so that we do not repeat the side effect of the conversion.

Embenchen numbers are below. It is not quite clear what happened to fasta - the hot code looks nearly identical.

Current: EmbenchenBox2d(RunTime): 12746 ms.
d8-master: EmbenchenBox2d(RunTime): 13861 ms.
----------- bullet.js
Current: EmbenchenBullet(RunTime): 17680 ms.
d8-master: EmbenchenBullet(RunTime): 19170 ms.
----------- copy.js
Current: EmbenchenCopy(RunTime): 4939 ms.
d8-master: EmbenchenCopy(RunTime): 4943 ms.
----------- corrections.js
Current: EmbenchenCorrections(RunTime): 6639 ms.
d8-master: EmbenchenCorrections(RunTime): 6728 ms.
----------- fannkuch.js
Current: EmbenchenFannkuch(RunTime): 4630 ms.
d8-master: EmbenchenFannkuch(RunTime): 4872 ms.
----------- fasta.js
Current: EmbenchenFasta(RunTime): 10209 ms.
d8-master: EmbenchenFasta(RunTime): 9673 ms.
----------- lua_binarytrees.js
Current: EmbenchenLuaBinaryTrees(RunTime): 12936 ms.
d8-master: EmbenchenLuaBinaryTrees(RunTime): 15529 ms.
----------- memops.js
Current: EmbenchenMemOps(RunTime): 7357 ms.
d8-master: EmbenchenMemOps(RunTime): 7340 ms.
----------- primes.js
Current: EmbenchenPrimes(RunTime): 7530 ms.
d8-master: EmbenchenPrimes(RunTime): 7457 ms.
----------- skinning.js
Current: EmbenchenSkinning(RunTime): 15832 ms.
d8-master: EmbenchenSkinning(RunTime): 15630 ms.
----------- zlib.js
Current: EmbenchenZLib(RunTime): 11176 ms.
d8-master: EmbenchenZLib(RunTime): 11324 ms.

BUG=

Review URL: https://codereview.chromium.org/985713003

Cr-Commit-Position: refs/heads/master@{#27071}
2015-03-09 13:24:42 +00:00
mstarzinger
dcb502a4ee [turbofan] Only reduce inline %DeoptimizeNow.
This makes sure only the %_DeoptimizeNow intrinsic is inlined, and
not the %DeoptimizeNow one. It hence re-establishes the invariant
that JSIntrinsicLowering only deals with inline intrinsics.

R=jarin@chromium.org
TEST=mjsunit/compiler/eager-deopt-simple

Review URL: https://codereview.chromium.org/988333003

Cr-Commit-Position: refs/heads/master@{#27070}
2015-03-09 13:20:26 +00:00
Benedikt Meurer
eacd6d8b7d [turbofan] Make inlining independent of typing.
The JSInliner used to load the context from the JSFunction node at
runtime, which introduced a HeapConstant (because we had to materialize
the JSFunction after context specialization) and a LoadField operation,
independent whether the inlinee actually uses the context. This is
rather cumbersome currently, and therefore this is now changed to just
embed the context constant instead. Once we do inlining based on
SharedFunctionInfo rather than JSFunction, we should reconsider this
decision and come up with a proper heuristic.

BUG=v8:3952
LOG=n
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/994523002

Cr-Commit-Position: refs/heads/master@{#27069}
2015-03-09 13:01:44 +00:00
hpayer
aee169ec65 Eliminate invalid pointers in store buffer after marking.
The store buffer can contain stale store buffer entries, i.e., slot in dead objects pointing to new space objects. These slots are treaded as live slots which cause problems with non-pointer fields and makes concurrent sweeping complicated. Removing these pointers from the store buffer before it is used makes life easier.

BUG=

Review URL: https://codereview.chromium.org/985453003

Cr-Commit-Position: refs/heads/master@{#27068}
2015-03-09 12:49:58 +00:00
verwaest
a9a3623604 Revert of Store the next serial number in the function cache rather than in the isolate.Don't overwrite existi (patchset #4 id:60001 of https://codereview.chromium.org/988693003/)
Reason for revert:
This doesn't do what it's supposed to do. The problem seems to lie on the blink side, people aren't reusing their FunctionTemplates (or creating them when not necessary).

Original issue's description:
> Don't overwrite existing serial numbers on the function template, otherwise instantiating the function for a new context causes the serial number to bump.
>
> Committed: https://crrev.com/1e638c3610ec6938e5fb16c42018642195782fb2
> Cr-Commit-Position: refs/heads/master@{#27048}

TBR=yangguo@chromium.org,dcarney@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/993533003

Cr-Commit-Position: refs/heads/master@{#27067}
2015-03-09 12:30:16 +00:00
dcarney
d7f25f557c use a hash table for the function cache as blink is leaking functiontemplates
BUG=

Review URL: https://codereview.chromium.org/988283003

Cr-Commit-Position: refs/heads/master@{#27066}
2015-03-09 12:26:28 +00:00
Benedikt Meurer
d18bfa1130 [x86] Faster/shorter code for stack checks.
Avoid loading the stack pointer and the stack limit into allocatable
registers first, but generate a cmp rsp,[limit] instead.

R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/989203002

Cr-Commit-Position: refs/heads/master@{#27065}
2015-03-09 11:06:45 +00:00
Jaroslav Sevcik
82a28adf05 Do not set target in deoptimized code in keyed store IC.
BUG=chromium:460937
R=ishell@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/989093002

Cr-Commit-Position: refs/heads/master@{#27064}
2015-03-09 10:11:13 +00:00
ishell@chromium.org
67a02321c2 Revert of Remove slots that point to unboxed doubles from the StoreBuffer/SlotsBuffer. (patchset #4 id:230001 of https://codereview.chromium.org/957273002/)
Reason for revert:
It caused a lot of Canary crashes.

Original issue's description:
> Remove slots that point to unboxed doubles from the StoreBuffer/SlotsBuffer.
>
> The problem is that tagged slot could become a double slot after migrating of an object to another map with "shifted" fields (for example as a result of generalizing immutable data property to a data field).
> This CL also adds useful machinery that helps triggering incremental write barriers.
>
> BUG=chromium:454297
> LOG=Y
>
> Committed: https://crrev.com/9633ebabd405c264d33f603f8798c31f59418dcd
> Cr-Commit-Position: refs/heads/master@{#27054}

TBR=verwaest@chromium.org,hpayer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:454297

Review URL: https://codereview.chromium.org/991793002

Cr-Commit-Position: refs/heads/master@{#27063}
2015-03-09 10:10:46 +00:00
Benedikt Meurer
5abc724e82 [turbofan] Minor cleanup for JSGenericLowering.
Include what you use, and move implementation details to .cc file.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/986243002

Cr-Commit-Position: refs/heads/master@{#27062}
2015-03-09 10:08:06 +00:00
Jaroslav Sevcik
02e318517f [turbofan] Add an extra frame state for deoptimization before binary op.
BUG=
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/983153002

Cr-Commit-Position: refs/heads/master@{#27060}
2015-03-09 08:37:17 +00:00
Benedikt Meurer
25895aeeaf [turbofan] Add support for inlining of builtins.
We mark certain builtins for inlining, and those should always be
inlined into optimized code (CrankShaft already handles it this way), so
we should support that in TurboFan as well. Currently this mainly
affects a certain set of Math functions, but once have the basics in
place we can extend this to any kind of builtin/code stub/accessor.

This adds a new flag --turbo_builtin_inlining (enabled by default), that
forces the inliner to always inline builtins marked for inlining, but
does not affect inlining of other functions (this is still controlled by
the --turbo-inlining flag).

BUG=v8:3952
LOG=n
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/993473002

Cr-Commit-Position: refs/heads/master@{#27059}
2015-03-09 08:05:45 +00:00