Commit Graph

37059 Commits

Author SHA1 Message Date
leszeks
064c584a11 [ast] Ensure that AST rewriting for non-top-level can be off-thread
Adds checks to ensure that AST rewriting only runs for top-level (or eval)
code, that for these cases it runs on the main thread, and that for
non-top-level code it can safely be called off-thread.

BUG=v8:5832

Review-Url: https://codereview.chromium.org/2630563002
Cr-Commit-Position: refs/heads/master@{#42367}
2017-01-16 12:03:14 +00:00
ishell
8f0bf07b50 [runtime] Remove PropertyType definition and use PropertyKind/PropertyLocation instead.
Now we can add a constness bit to the PropertyDetails.

BUG=v8:5495

Review-Url: https://codereview.chromium.org/2629423002
Cr-Commit-Position: refs/heads/master@{#42366}
2017-01-16 11:59:18 +00:00
bmeurer
64963e1b14 [turbofan] Don't merge PropertyAccessInfos with different field maps.
BUG=chromium:679378
R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2634953002
Cr-Commit-Position: refs/heads/master@{#42365}
2017-01-16 11:47:47 +00:00
yangguo
73de4f8f1e Fix overflow in Number.prototype.toString with custom radix.
R=tebbi@chromium.org
BUG=chromium:679841

Review-Url: https://codereview.chromium.org/2638733002
Cr-Commit-Position: refs/heads/master@{#42364}
2017-01-16 11:44:29 +00:00
ahaas
a686de07b1 [wasm] Add the 'end' opcode at the end of the fuzzer input
Without the end opcode at the end of a function nearly every fuzzer
input would be invalid and test nothing.

R=titzer@chromium.org

Review-Url: https://codereview.chromium.org/2634943002
Cr-Commit-Position: refs/heads/master@{#42363}
2017-01-16 11:27:20 +00:00
leszeks
b5b56e920a [ast] Remove heap accesses from AST numbering
Moves constant element/property array building to be deferred for
igition and on-demand for the other compilers, and splits off the
object/array literal depth/flag initialisation from the array building.

BUG=v8:5832

Review-Url: https://codereview.chromium.org/2625873009
Cr-Commit-Position: refs/heads/master@{#42362}
2017-01-16 11:25:05 +00:00
jochen
f40fdd1f3b [compiler-dispatcher] make it so that we can always parse on bg threads
BUG=v8:5215
R=rmcilroy@chromium.org,hpayer@chromium.org,vogelheim@chromium.org,marja@chromium.org

Review-Url: https://codereview.chromium.org/2625413004
Cr-Commit-Position: refs/heads/master@{#42361}
2017-01-16 10:49:16 +00:00
ishell
c6f0de8dd6 [debugger] Use PropertyKind instead of PropertyType.
BUG=v8:5495

Review-Url: https://codereview.chromium.org/2628323003
Cr-Commit-Position: refs/heads/master@{#42360}
2017-01-16 10:48:07 +00:00
ahaas
fec614151a [wasm] Remove special treatment of F(32|64)Sub in the interpreter.
The special treatment is not required anymore because the wasm spec
changed and NaNs do not have to be preserved anymore. In addition, it
may introduce non-determinism which confused the fuzzers.

R=titzer@chromium.org
BUG=chromium:681033

Review-Url: https://codereview.chromium.org/2630293002
Cr-Commit-Position: refs/heads/master@{#42359}
2017-01-16 10:43:03 +00:00
predrag.rudic
0d0d623b57 MIPS[64]: Implement Word[32|64]ReverseByte instruction selector unit tests
BUG=

Review-Url: https://codereview.chromium.org/2398993003
Cr-Commit-Position: refs/heads/master@{#42358}
2017-01-16 10:32:23 +00:00
marja
4fb60b2158 objects.h splitting side work: move scopeinfo.cc to its logical place.
src/ast/scopeinfo.cc -> src/objects/scope-info.cc

BUG=v8:5402

Review-Url: https://codereview.chromium.org/2637793002
Cr-Commit-Position: refs/heads/master@{#42357}
2017-01-16 10:30:59 +00:00
machenbach
c4a35ed7e8 [foozzie] Remove suppressions for fixed bugs
BUG=chromium:663750,chromium:662907,chromium:663340,chromium:666308,chromium:669017
NOTRY=true
TBR=jarin@chromium.org, bmeurer@chromium.org

Review-Url: https://codereview.chromium.org/2632153002
Cr-Commit-Position: refs/heads/master@{#42356}
2017-01-16 09:01:51 +00:00
gdeepti
ca03447cae [wasm] Internal Instantiate function should not take memory as an arg from wasm
BUG=5823

R=bradnelson@chromium.org

Review-Url: https://codereview.chromium.org/2636803002
Cr-Commit-Position: refs/heads/master@{#42355}
2017-01-16 08:58:25 +00:00
yangguo
11cf146610 [debugger] whitelist some builtins as side-effect free.
R=jgruber@chromium.org
BUG=v8:5821

Review-Url: https://codereview.chromium.org/2634523002
Cr-Commit-Position: refs/heads/master@{#42354}
2017-01-16 06:57:54 +00:00
v8-autoroll
c777b6e272 Update V8 DEPS.
Rolling v8/buildtools: 9a94713..cb12d6e

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://codereview.chromium.org/2638693002
Cr-Commit-Position: refs/heads/master@{#42353}
2017-01-16 04:21:56 +00:00
zhengxing.li
4a03e19fc1 X87: [debugger] infrastructure for side-effect-free debug-evaluate.
port aa75904e3c (r42270)

  original commit message:

BUG=

Review-Url: https://codereview.chromium.org/2626043005
Cr-Commit-Position: refs/heads/master@{#42352}
2017-01-16 03:15:15 +00:00
zhengxing.li
f9677ecf5f X87: [TypeFeedbackVector] Root literal arrays in function literals slots.
port b8294aaa97 (r42264)

  original commit message:
  Literal arrays and feedback vectors for a function can be garbage
  collected if we don't have a rooted closure for the function, which
  happens often. It's expensive to come back from this (recreating
  boilerplates and gathering feedback again), and the cost is
  disproportionate if the function was inlined into optimized code.

  To guard against losing these arrays when we need them, we'll now
  create literal arrays when creating the feedback vector for the outer
  closure, and root them strongly in that vector.

BUG=

Review-Url: https://codereview.chromium.org/2627973007
Cr-Commit-Position: refs/heads/master@{#42351}
2017-01-16 02:54:08 +00:00
titzer
7d42244a7e [wasm] Enforce that function bodies end with the \"end\" opcode.
R=rossberg@chromium.org
BUG=chromium:575167

Review-Url: https://codereview.chromium.org/2630553002
Cr-Original-Original-Commit-Position: refs/heads/master@{#42286}
Committed: fcc6e85ec6
Review-Url: https://codereview.chromium.org/2630553002
Cr-Original-Commit-Position: refs/heads/master@{#42315}
Committed: 74a2f9b7d3
Review-Url: https://codereview.chromium.org/2630553002
Cr-Commit-Position: refs/heads/master@{#42350}
2017-01-15 21:18:53 +00:00
gdeepti
ccf0998d63 [wasm] Table.Grow should grow dispatch tables
- Table.Grow updates function, signature table sizes
 - Updates generated code with new base addresses for function, signature tables
 - Relocates size references for correct bounds check

R=bradnelson@chromium.org, titzer@chromium.org

Review-Url: https://codereview.chromium.org/2637643002
Cr-Commit-Position: refs/heads/master@{#42349}
2017-01-15 07:46:08 +00:00
v8-autoroll
6fad1ad27d Update V8 DEPS.
Rolling v8/buildtools: 7e08d33..9a94713

Rolling v8/third_party/catapult: 1bcf49e..95b3e83

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://codereview.chromium.org/2638583002
Cr-Commit-Position: refs/heads/master@{#42348}
2017-01-15 04:24:32 +00:00
v8-autoroll
54d387aa38 Update V8 DEPS.
Rolling v8/build: 15635a4..9a3fba5

Rolling v8/third_party/catapult: fe8a3c8..1bcf49e

Rolling v8/tools/clang: 0147ef9..f7ce1a5

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://codereview.chromium.org/2628273005
Cr-Commit-Position: refs/heads/master@{#42347}
2017-01-14 04:20:41 +00:00
bjaideep
8b1303ab91 S390: fix to use the correct cmp macro function
This issue was exposed with snapshot=off

R=joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=n

Review-Url: https://codereview.chromium.org/2638473003
Cr-Commit-Position: refs/heads/master@{#42346}
2017-01-14 00:53:28 +00:00
kozyatinskiy
5a1ad6bd1f Revert of Temporarily skip debugger/debug/es8/async-function-debug-scopes test. (patchset #1 id:1 of https://codereview.chromium.org/2636473002/ )
Reason for revert:
Inspector doesn't call any JS on async event any more.

https://codereview.chromium.org/2623313005/

Original issue's description:
> Temporarily skip debugger/debug/es8/async-function-debug-scopes test.
>
> BUG=v8:5837
> NOTRY=true
>
> Review-Url: https://codereview.chromium.org/2636473002
> Cr-Commit-Position: refs/heads/master@{#42319}
> Committed: 93aca16937

TBR=machenbach@chromium.org,ishell@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5837

Review-Url: https://codereview.chromium.org/2637533002
Cr-Commit-Position: refs/heads/master@{#42345}
2017-01-13 23:37:06 +00:00
danno
95a9b76115 [turbofan] Improve codegen for 8- and 16-bit memory comparisons on Intel platforms (reland)
Recognize and emit in-memory comparisons of 8-bit and 16-bit values with
immediate values that fit.

LOG=N
R=epertoso@chromium.org

Review-Url: https://codereview.chromium.org/2605863002
Cr-Commit-Position: refs/heads/master@{#42344}
2017-01-13 23:34:36 +00:00
jshin
ac9e628539 Fix two DCHECK failures in ICU case mapping code
1.
DCHECK in runtime-i18n.cc for case mapping was wrong to
assume that the longest primary language tag is 3 characters.
BCP 47 actually allows up to 8 characters.

2. GetFlatContent() was called to a string without flattening it first.

BUG=680314,680464
TEST=intl/general/case-mapping (see also the bugs)

Review-Url: https://codereview.chromium.org/2629763003
Cr-Commit-Position: refs/heads/master@{#42343}
2017-01-13 23:12:43 +00:00
mtrofin
f8fd6ec3dd [wasm] JS-API: enable WebAssembly.instantiate tests; fix LinkError
We weren't throwing LinkError where appropriate

progress

BUG=v8:5835

Review-Url: https://codereview.chromium.org/2629523007
Cr-Commit-Position: refs/heads/master@{#42342}
2017-01-13 20:47:44 +00:00
bjaideep
8af80a0af9 PPC: Enable P9 and implement mod[s|u][d|w] instr
Enabled support for Power9 hardware and implemented P9 modulo
instruction.

R=joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, jochen@chromium.org
BUG=
LOG=n

Review-Url: https://codereview.chromium.org/2625013002
Cr-Commit-Position: refs/heads/master@{#42341}
2017-01-13 20:46:29 +00:00
kozyatinskiy
f9fbaec39a [inspector] introduced debug::SetAsyncTaskListener
If installed, this listener is called instead of general DebugEventListener.

BUG=v8:5510
R=yangguo@chromium.org,	jgruber@chromium.org, dgozman@chromium.org

Review-Url: https://codereview.chromium.org/2623313005
Cr-Commit-Position: refs/heads/master@{#42340}
2017-01-13 20:03:34 +00:00
kozyatinskiy
154cb8542a [inspector] merged type and name of async task event
Inspector uses event name only for enqueue* events and doesn't really need name for other events.

BUG=v8:5738
R=jgruber@chromium.org,gsathya@chromium.org
TBR=yangguo@chromium.org

Review-Url: https://codereview.chromium.org/2628173005
Cr-Commit-Position: refs/heads/master@{#42339}
2017-01-13 19:13:40 +00:00
ishell
b908229500 [build] Add more v8 build options and fix existing ones.
New options: v8_enable_trace_maps, v8_enable_v8_checks.
Renamed options for consistency: v8_object_print to v8_enable_object_print.
Fixed options: v8_enable_verify_heap, v8_enable_object_print.

BUG=

Review-Url: https://codereview.chromium.org/2625393003
Cr-Commit-Position: refs/heads/master@{#42338}
2017-01-13 17:28:51 +00:00
scottmg
57a87a5270 Don't qualify #include in include/
Followup to https://codereview.chromium.org/2621983002/ so that
v8-version-string.h is includeable with varying include search paths.
This seems to match the pattern of other #includes in the include/
directory.

R=machenbach@chromium.org
BUG=chromium:581766

Review-Url: https://codereview.chromium.org/2634443002
Cr-Commit-Position: refs/heads/master@{#42337}
2017-01-13 16:53:39 +00:00
cbruni
c60ec4e111 [compiler] Support Object.create(null) inlining in TF
In the ideal case, this will speed up Object.create(null) by ~10x.

Drive-by-fix: Spread usage of new IsSpecialReceiverMap() and
              IsSpecialReceiverInstanceType(InstanceType) helpers.

BUG=v8:5788

Review-Url: https://codereview.chromium.org/2622723003
Cr-Commit-Position: refs/heads/master@{#42336}
2017-01-13 16:47:12 +00:00
machenbach
936f79d924 [foozzie] Fix comparison baseline after asm switch
Now that validate asm is on by default, the comparison fullcode with
ignition_staging does nothing in regards to validate_asm.

BUG=chromium:673246
NOTRY=true
TBR=bradnelson@chromium.org, titzer@chromium.org

Review-Url: https://codereview.chromium.org/2634573002
Cr-Commit-Position: refs/heads/master@{#42335}
2017-01-13 15:04:24 +00:00
neis
fd8cebb1a6 [compiler] Generalize JSContextSpecialization.
With this CL, context loads and stores are "strengthened" by reducing
the incoming context chain and decreasing the depth accordingly,
whenever possible.  This enables more opportunities for specialization
and will let us easily add module context specialization later.

BUG=

Review-Url: https://codereview.chromium.org/2559173003
Cr-Commit-Position: refs/heads/master@{#42334}
2017-01-13 14:44:57 +00:00
ahaas
a6fe748d53 [wasm] Exporting i64 globals causes a link error.
R=titzer@chromium.org

Review-Url: https://codereview.chromium.org/2627723007
Cr-Commit-Position: refs/heads/master@{#42333}
2017-01-13 14:38:37 +00:00
bmeurer
cb80ef310f [turbofan] Fix deopt loop due to forgetting maps on Merge.
When we merge two NotFound access infos, we currently forgot to include
all the maps into the final PropertyAccessInfo, which results in a deopt
loop.

R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2625413003
Cr-Commit-Position: refs/heads/master@{#42332}
2017-01-13 14:17:27 +00:00
mstarzinger
83f19e7d97 [turbofan] Disable inline allocation of closures.
This puts lowering of {JSCreateClosure} operations behind a flag. For
now the benefit of inline allocating such closures is negligible, it
does increase code size, and breaks in combination with inlining based
on {SharedFunctionInfo}.

R=jarin@chromium.org
BUG=v8:2206

Review-Url: https://codereview.chromium.org/2636493002
Cr-Commit-Position: refs/heads/master@{#42331}
2017-01-13 14:07:02 +00:00
cbruni
aca17974f6 [printing] Improve FixedArray debug printing
- condense repeated elements
- print map

BUG=

Review-Url: https://codereview.chromium.org/2626023002
Cr-Commit-Position: refs/heads/master@{#42330}
2017-01-13 13:57:00 +00:00
ishell
4caeb1e9eb [runtime] Cleanup DescriptorArray interface, remove more PropertyType usages.
BUG=v8:5495

Review-Url: https://codereview.chromium.org/2633553002
Cr-Commit-Position: refs/heads/master@{#42329}
2017-01-13 13:23:27 +00:00
ishell
d4363986d7 [runtime] Remove further usages of PropertyType in favor of PropertyKind/PropertyLocation.
BUG=v8:5495

Review-Url: https://codereview.chromium.org/2622413004
Cr-Commit-Position: refs/heads/master@{#42328}
2017-01-13 13:16:56 +00:00
yangguo
391f1ac3f5 Add gdb macro for printing v8::Local content.
R=marja@chromium.org

Review-Url: https://codereview.chromium.org/2628293003
Cr-Commit-Position: refs/heads/master@{#42327}
2017-01-13 12:59:30 +00:00
cbruni
83d5b65ae0 Revert of [compiler] Support Object.create(null) inlining in TF (patchset #5 id:80001 of https://codereview.chromium.org/2622723003/ )
Reason for revert:
Breaks buildbot: https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20-%20avx2/builds/13399/steps/Benchmarks/logs/stdio

Original issue's description:
> [compiler] Support Object.create(null) inlining in TF
>
> In the ideal case, this will speed up Object.create(null) by ~10x.
>
> Drive-by-fix: Spread usage of new IsSpecialReceiverMap() and
>               IsSpecialReceiverInstanceType(InstanceType) helpers.
>
> BUG=v8:5788
>
> Review-Url: https://codereview.chromium.org/2622723003
> Cr-Commit-Position: refs/heads/master@{#42321}
> Committed: ff7063c7d5

TBR=jarin@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5788

Review-Url: https://codereview.chromium.org/2636493003
Cr-Commit-Position: refs/heads/master@{#42326}
2017-01-13 12:56:03 +00:00
neis
9eb8714262 [modules] Remove dead code.
TBR=adamk@chromium.org
BUG=v8:1569

Review-Url: https://codereview.chromium.org/2621413009
Cr-Commit-Position: refs/heads/master@{#42325}
2017-01-13 12:23:06 +00:00
mstarzinger
4408f8f1d9 [runtime] Change MessageLocation::function to SFI.
This changes the {MessageLocation} structure to no longer contain a
concrete {JSFunction} object but rather a {SharedFunctionInfo}. It is
much easier by now to determine, and also the concrete closure is never
actually being used.

R=yangguo@chromium.org

Review-Url: https://codereview.chromium.org/2628973005
Cr-Commit-Position: refs/heads/master@{#42324}
2017-01-13 12:14:56 +00:00
bmeurer
1ff4a8178e [turbofan] Add support for (deferred) instance migration.
Fix a deoptimization loop in TurboFan, where we'd constantly fail the
same map check due to not trying instance migration, when there are
migration targets in the map check list. This deoptimization loop
showed up on the React test in Speedometer.

R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2621423006
Cr-Commit-Position: refs/heads/master@{#42323}
2017-01-13 12:09:52 +00:00
cbruni
124fbe55ec [debugging] Add %Verify() helper and check verify a HeapObject has a Map.
R=jkummerow@chromium.org

Review-Url: https://codereview.chromium.org/2625053006
Cr-Commit-Position: refs/heads/master@{#42322}
2017-01-13 12:05:44 +00:00
cbruni
ff7063c7d5 [compiler] Support Object.create(null) inlining in TF
In the ideal case, this will speed up Object.create(null) by ~10x.

Drive-by-fix: Spread usage of new IsSpecialReceiverMap() and
              IsSpecialReceiverInstanceType(InstanceType) helpers.

BUG=v8:5788

Review-Url: https://codereview.chromium.org/2622723003
Cr-Commit-Position: refs/heads/master@{#42321}
2017-01-13 12:04:35 +00:00
bbudge
497a7e4254 [ARM] Add tolerance to vrecpe, vrsqrte instruction tests.
The simulator implements these exactly, but on ARM hardware,
the estimates are not exact, so CHECK_EQ will fail. This CL adds
a tolerance to the checks.

LOG=N
BUG=v8:4124

Review-Url: https://codereview.chromium.org/2628153003
Cr-Commit-Position: refs/heads/master@{#42320}
2017-01-13 12:03:23 +00:00
ishell
93aca16937 Temporarily skip debugger/debug/es8/async-function-debug-scopes test.
BUG=v8:5837
NOTRY=true

Review-Url: https://codereview.chromium.org/2636473002
Cr-Commit-Position: refs/heads/master@{#42319}
2017-01-13 11:49:21 +00:00
zhengxing.li
6c67cd1886 Fix gcc error for static_cast the parameters of DCHECK_GT macro to unsigned in list.h.
The CL #42279 (https://codereview.chromium.org/2619353006 ) caused a gcc error (-Werror=strict-overflow).

  Here is the error message:
  In file included from .././src/globals.h:15:0,
                   from .././src/allocation.h:9,
                   from .././src/profiler/profile-generator.h:9,
                   from ../src/profiler/profile-generator.cc:5:
  .././src/base/logging.h: In member function ‘void v8::internal::ProfileTree::TraverseDepthFirst(Callback*) [with Callback = v8::internal::DeleteNodesCallback]’:
  .././src/base/logging.h:179:70: error: assuming signed overflow does not occur when assuming that (X - c) > X is always false [-Werror=strict-overflow]
                             : MakeCheckOpString<Lhs, Rhs>(lhs, rhs, msg);        \
                                                                            ^
  .././src/base/logging.h:191:1: note: in expansion of macro ‘DEFINE_CHECK_OP_IMPL’
   DEFINE_CHECK_OP_IMPL(GT, > )
   ^
    CXX(target) /home/zxli/work/google-v8/v8/out/x87.optdebug/obj.target/v8_base/src/regexp/regexp-macro-assembler.o
  cc1plus: all warnings being treated as errors

  This CL fix it.

BUG=

Review-Url: https://codereview.chromium.org/2632633002
Cr-Commit-Position: refs/heads/master@{#42318}
2017-01-13 11:35:32 +00:00