The dead code elimination in SimplifiedLowering can eliminate pure nodes
if they don't have value uses. But some of those can indeed have control
inputs, i.e. Phi nodes do of course have a control input.
R=jarin@chromium.org
BUG=chromium:630923
Review-Url: https://codereview.chromium.org/2177133002
Cr-Commit-Position: refs/heads/master@{#37995}
In PrependElementIndicesImpl we sort a FixedArray of indices potentially
containing HeapNumbers. During the string conversion we might trigger a GC.
This in turn might try to read a slot where we previously had a HeapNumber
but the sort sneaked a SMI in there which is not a valid pointer.
BUG=chromium:630561
Review-Url: https://codereview.chromium.org/2173653003
Cr-Commit-Position: refs/heads/master@{#37993}
Rolling v8/build to 2c67d4d74b6b3673228fab191918500a582ef3b0
Rolling v8/third_party/android_tools to e4d61eb8f463e6cb8d1e1269a15c22f7c9bbd122
Rolling v8/tools/clang to 496622ab4aaa5be7e5a9b80617013cb02f45dc87
Rolling v8/tools/mb to 0c4dc43c454f26936ddf3074ab8e9a41e3dc03a3
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2173293002
Cr-Commit-Position: refs/heads/master@{#37992}
Port ba092fb09a
Original commit message:
So far we don't have a useful way to inline Math.max or Math.min in
TurboFan optimized code. This adds new operators NumberMax and NumberMin
and changes the Float64Max/Float64Min operators to have JavaScript
semantics instead of the C++ semantics that it had previously.
This also removes support for recognizing the tenary case in the
CommonOperatorReducer, since that doesn't seem to have any positive
impact (and actually doesn't show up in regular JavaScript, where
people use Math.max/Math.min instead).
Drive-by-fix: Also nuke the unused Float32Max/Float32Min operators.
R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com
BUG=
LOG=N
Review-Url: https://codereview.chromium.org/2179503003
Cr-Commit-Position: refs/heads/master@{#37991}
The uses_arguments() bool is not needed for correct
behavior, since that same information is available after scope analysis
based on whether we allocated the Scope::arguments_ var.
BUG=v8:5209
Review-Url: https://codereview.chromium.org/2168293002
Cr-Commit-Position: refs/heads/master@{#37990}
This replaces the AstVisitor approach for scope rewriting with a Scope-only
solution, using a new Scope::Snapshot object that keeps track of inner scopes,
unresolved variables, and temps.
The only use of the AstVisitor is now for parameter varblock scopes introduced
due to sloppy eval in parameters, which greatly simplifies the rewriter
as it no longer needs to handle temps. A future CL may be able to
eliminate it altogether by taking a snapshot per function argument.
Based on verwaest's https://codereview.chromium.org/2166023002/.
BUG=v8:5226
Review-Url: https://codereview.chromium.org/2171703004
Cr-Commit-Position: refs/heads/master@{#37989}
Implement UnalignedLoad and UnalignedStore optional
turbofan operators and use them in WasmCompiler for unaligned
memory access.
BUG=
Review-Url: https://codereview.chromium.org/2122853002
Cr-Commit-Position: refs/heads/master@{#37988}
TC-39 recently decided to remove the Python-based testing harness from the
Test262 project [1]. The code has been duplicated in a standalone project;
update V8's dependencies to fetch from that new location. This is based on
an earlier patch by Mike Pennisi.
[1] 2b9722db9b/es7/2016-05/may-25.md
BUG=v8:5078
Review-Url: https://codereview.chromium.org/2131743002
Cr-Commit-Position: refs/heads/master@{#37985}
Reason for revert:
Reverted, because it breaks some funky android build.
Can reproduce breakage locally, w/ args.gn as follows:
disable_brotli_filter = true
disable_file_support = true
disable_ftp_support = true
enable_websockets = false
ffmpeg_branding = "Chrome"
is_component_build = false
is_debug = true
proprietary_codecs = true
symbol_level = 1
target_cpu = "x86"
target_os = "android"
use_goma = true
use_platform_icu_alternatives = true
This ends up building the mkpeephole tool w/ an architecture that won't run on the build machine.
Original issue's description:
> Re-land "Fix double-building of v8 in GN builds"
>
> This re-lands r37926 w/ the needed fix for cross-compiles; we
> can only re-use the default toolchain when the host can actually
> run it.
>
> R=machenbach@chromium.org
> BUG=629825
>
> Committed: https://crrev.com/5b762044b53f988fa9a534fe1a84f9938b3abd75
> Cr-Commit-Position: refs/heads/master@{#37970}
TBR=machenbach@chromium.org,dpranke@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=629825
Review-Url: https://codereview.chromium.org/2175693003
Cr-Commit-Position: refs/heads/master@{#37984}
ToNumber's result is always directly stored to a register using a Star
bytecode. Fuse it into ToNumber.
BUG=v8:4280
LOG=n
Review-Url: https://codereview.chromium.org/2165953002
Cr-Commit-Position: refs/heads/master@{#37976}
This will get a new call site in an upcoming commit, move it to String
so it's accessible from without runtime-strings.cc.
BUG=
Review-Url: https://codereview.chromium.org/2176553002
Cr-Commit-Position: refs/heads/master@{#37974}
The effect control linearizer runs off-thread and needs the ToNumber
call descriptor. Add a hack to create this on the main thread to
ensure off-thread's don't race on it's construction. Also add a
DCHEK to the CallInterfaceDescriptor to ensure they are always
initilaized on the main thread.
Review-Url: https://codereview.chromium.org/2168843003
Cr-Commit-Position: refs/heads/master@{#37973}
The auto-tag bot removes the need to handle version changes
in each merge individually. As a result this 'feature' is
removed.
BUG=v8:4408
R=machenbach@chromium.org
LOG=N
NOTRY=true
Review-Url: https://codereview.chromium.org/1398033003
Cr-Commit-Position: refs/heads/master@{#37972}
So far we don't have a useful way to inline Math.max or Math.min in
TurboFan optimized code. This adds new operators NumberMax and NumberMin
and changes the Float64Max/Float64Min operators to have JavaScript
semantics instead of the C++ semantics that it had previously.
This also removes support for recognizing the tenary case in the
CommonOperatorReducer, since that doesn't seem to have any positive
impact (and actually doesn't show up in regular JavaScript, where
people use Math.max/Math.min instead).
Drive-by-fix: Also nuke the unused Float32Max/Float32Min operators.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2170343002
Cr-Commit-Position: refs/heads/master@{#37971}
This re-lands r37926 w/ the needed fix for cross-compiles; we
can only re-use the default toolchain when the host can actually
run it.
R=machenbach@chromium.org
BUG=629825
Review-Url: https://codereview.chromium.org/2171083003
Cr-Commit-Position: refs/heads/master@{#37970}
This allows us to skip complicated logic for setting the accessors.
BUG=
Review-Url: https://codereview.chromium.org/2164903004
Cr-Commit-Position: refs/heads/master@{#37969}
This is in preparation to implementing exception prediction for async
functions. Each handler table entry can now predict "caught", "uncaught", or
"promise". The latter indicates that the exception will lead to a promise
rejection.
To mark the relevant try-catch blocks, we add a new native syntax.
try { } %catch (e) { } indicates a TryCatchStatement with the "promise"
prediction.
The previous implementation of using the function to tell the relevant
try-catch apart from inner try-catch blocks will not work for async functions
since these can have inner try-catch blocks inside the same function.
BUG=v8:5167
Review-Url: https://codereview.chromium.org/2161263003
Cr-Commit-Position: refs/heads/master@{#37966}
We can compute the absolute integer value w/o any conditional execution
by using the bit trick formula
let sign = input >> 31 in
(input ^ sign) - sign
which generates fairly decent code on all supported architectures.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2169293002
Cr-Commit-Position: refs/heads/master@{#37965}
Rolling v8/build to 5782f1c84fc41934d265f69e5bd61badbf61e5c5
Rolling v8/tools/mb to c0f2da01e7e7e530fcbbf3823b7c7655632f05b1
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2171153002
Cr-Commit-Position: refs/heads/master@{#37964}
port 4b59bf5313 (r37934)
original commit message:
Use the ForInFilterStub directly. Hence we will only jump to the runtime for
special receivers (instance_type <= LAST_SPECIAL_RECEIVER_TYPE) and for
converting element indices which are not in the string cache.
BUG=
Review-Url: https://codereview.chromium.org/2176473002
Cr-Commit-Position: refs/heads/master@{#37963}
port 66cb026f4a (r37929)
original commit message:
Original message:
Calling Runtime::kAbort through a builtin instead of the c-entry stub
will allow to generate the call in a background thread, because a
builtin provides its own handle, whereas a code stub does not.
@v8-mips-ports: Could you take a special look at the padding that is
done in MacroAssembler::Abort()?
Reason for revert:
The reason for reverting is: Blocks roll:
https://build.chromium.org/p/client.v8.ports/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20debug/builds/1622
The problem was that on arm64 the builtin for Abort() contained a call to
Abort(). The problem is fixed by using a NoUseRealAbortsScope in the
code generation of Abort().
BUG=
Review-Url: https://codereview.chromium.org/2172093002
Cr-Commit-Position: refs/heads/master@{#37962}
See discussion in https://codereview.chromium.org/2156303002/#msg8
With the new --harmony-function-tostring behavior, these tests would
fail without this change. This change makes the tests pass regardless
of whether or not --harmony-function-tostring is used.
All of these changes are simply inserting a space after the "function"
keyword to match the current function toString behavior. When
--harmony-function-tostring is enabled, the toString behavior matches
the spacing used in the function declaration. With the declaration
matching the current formatting, the toString behavior becomes
unaffected by --harmony-function-tostring.
BUG=v8:4958
LOG=n
Review-Url: https://codereview.chromium.org/2161413002
Cr-Commit-Position: refs/heads/master@{#37959}
This cl also fixes two bugs in the previous code:
1) JITed functions were not allowed access to the heap because the module instance wasn't correctly synthesized. This wasn't discovered in the previous test.
2) Decoding of functions with the JITSingleFunction opcode was off by 1 as the length of the opcode wasn't computed correctly.
BUG=5044
Review-Url: https://codereview.chromium.org/2168183002
Cr-Commit-Position: refs/heads/master@{#37957}
Update the custom objdump script to handle inline comments starting
with '--' or ';;'.
Load d8 code.asm file if present.
BUG=
Review-Url: https://codereview.chromium.org/2159103007
Cr-Commit-Position: refs/heads/master@{#37953}
Helper script to generate gn arguments based on common
developer defaults or builder configurations.
BUG=chromium:625791
NOTRY=true
Review-Url: https://codereview.chromium.org/2138693002
Cr-Commit-Position: refs/heads/master@{#37947}
