port 7ceed92ac0 (r36914)
original commit message:
Import base::ieee754::log1p() from fdlibm and introduce a Float64Log1p
TurboFan operator based on that, similar to what we do for Float64Log.
Rewrite Math.log1p() as TurboFan builtin and use that operator to also
inline Math.log1p() into optimized TurboFan functions.
Also unify the handling of the special IEEE 754 functions somewhat in
the TurboFan backends. At some point we can hopefully express this
completely in the InstructionSelector (once we have an idea what to do
with the ST(0) return issue on IA-32/X87).
BUG=
Drive-by-fix: Add some more test coverage for the log function.
Review-Url: https://codereview.chromium.org/2094953002
Cr-Commit-Position: refs/heads/master@{#37255}
This simplifies the calling convention of LoadGlobalIC.
Currently we do a linear search to get the name but I'll address this in a follow-up CL.
BUG=chromium:576312
TBR=rossberg@chromium.org
Review-Url: https://codereview.chromium.org/2084913006
Cr-Commit-Position: refs/heads/master@{#37253}
- Adds the concept of FP register aliasing to RegisterConfiguration.
- Changes RegisterAllocator to distinguish between FP representations
when allocating.
- Changes LinearScanAllocator to detect interference when FP register
aliasing is combining, as on ARM.
- Changes ARM code generation to allow all registers s0 - s31 to be
accessed.
- Adds unit tests for RegisterConfiguration, mostly to test aliasing
calculations.
LOG=N
BUG=v8:4124
Review-Url: https://codereview.chromium.org/2086653003
Cr-Commit-Position: refs/heads/master@{#37251}
Maintain the parent frame pointer in a variable after loading it to avoid
having to reload it each time it is required.
BUG=v8:4280
Review-Url: https://codereview.chromium.org/2085353005
Cr-Commit-Position: refs/heads/master@{#37247}
port 8c1ba59aee (r36911)
original commit message:
RelocInfo modes were not propagated when computing
MemoryOperands, on IA32. This needed to be fixed so that we can
compile wasm code before creating instances, since the compiled code
needs to be patched up for memory and globals references.
This surfaces in asm-to-wasm scenarios.
Added testing (rather, enhanced existing tests).
Note patch#1 where we fail on ia32, and patch#2 with the fix.
BUG=
Review-Url: https://codereview.chromium.org/2097583003
Cr-Commit-Position: refs/heads/master@{#37245}
port c8ac0d8693f559795eeb3f3aaf386dde166fb2ab(r36888)
original commit message:
Instead, always tail call to the runtime. Also, cleanup the various versions
of the runtime call that is used for Array construction fallback. There can be
only one.
BUG=
Review-Url: https://codereview.chromium.org/2080223009
Cr-Commit-Position: refs/heads/master@{#37243}
port d0c7775d7cfec5ae628ab9f3f00cff09b01930ac(r36880)
original commit message:
This switches Math.log to use an fdlibm based version of log, imported
as base::ieee754::log, and use that consistently everywhere, i.e. change
the Float64Log TurboFan operators on Intel to use the C++ implementation
as well (same for Crankshaft).
BUG=
Review-Url: https://codereview.chromium.org/2081653005
Cr-Commit-Position: refs/heads/master@{#37242}
Port fc59eb8a7a
Original commit message:
Moves between operands with different representations shouldn't happen,
so don't test them. This makes it easier to modify canonicalization to
differentiate between floating point types, which is needed to support
floating point register aliasing for ARM and MIPS.
This change also expands tests to include explicit FP moves (both register and stack slot).
LOG=N
BUG=v8:4124
BUG=chromium:622619
Review-Url: https://codereview.chromium.org/2090993002
Cr-Commit-Position: refs/heads/master@{#37241}
Signature indices are encoded as SMIs in the function table of a wasm
module. To compare a signature index with the index parameter that is
passed to an indirect function call, we now change the signature index
to an int32 instead of encoding the index parameter as a SmiConstant.
SmiConstants get encoded as NumberConstant nodes in the TF graph, which
can cause the allocation of heap numbers. Heap allocation has to be
avoided for parallel compilation.
R=bradnelson@chromium.org, titzer@chromium.org
Review-Url: https://codereview.chromium.org/2090923002
Cr-Commit-Position: refs/heads/master@{#37240}
Rolling v8/build to eef98eaf4956bbe8d24e5172acd1ffb44d0089a5
Rolling v8/tools/clang to cff206a88b16f784285391dcc4c444206f967024
Rolling v8/tools/mb to 8687d262d22fb2907b3be774c2643f27200aec62
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2099593002
Cr-Commit-Position: refs/heads/master@{#37238}
We have a lot of long-encoded root list items in type feedback vectors.
Review-Url: https://codereview.chromium.org/2090563002
Cr-Commit-Position: refs/heads/master@{#37237}
Reason for revert:
[Sheriff] Breaks layout tests. Please rebase upstream if intended:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/7691
Original issue's description:
> Amends the TypedArray constructor to use the path for primitives for all
> types of primitives, not just undefined, booleans, numbers, and strings.
> (The missing cases were null and Symbol.) This is required by the
> specification, and there are test262 tests which we were failing due to
> this bug.
>
> BUG=v8:5124
>
> Committed: https://crrev.com/f788bd9cce19815cba746e47bb65abfe25c16208
> Cr-Commit-Position: refs/heads/master@{#37234}
TBR=littledan@chromium.org,bakkot@google.com
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5124
Review-Url: https://codereview.chromium.org/2091693004
Cr-Commit-Position: refs/heads/master@{#37236}
types of primitives, not just undefined, booleans, numbers, and strings.
(The missing cases were null and Symbol.) This is required by the
specification, and there are test262 tests which we were failing due to
this bug.
BUG=v8:5124
Review-Url: https://codereview.chromium.org/2096873002
Cr-Commit-Position: refs/heads/master@{#37234}
Merge branch 'master' of https://chromium.googlesource.com/v7/v8 into unused_variables
Removed unused variables "length" from the signature "consume_u32v". The variable length (passed in as a parameter) is not read from the function, rather it set based on the pc_ offset. However, the value set is also not used in the main line of control flow during decoding. This seems to be some dead code.
BUG=
Review-Url: https://codereview.chromium.org/2093823003
Cr-Commit-Position: refs/heads/master@{#37233}
TypedArrays store their true length in an internal slot. This is
normally reflected in the .length property, but that property is
configurable. Algorithms which need the length of a typed array are to
use the internal slot, not the property; TypedArray.prototype.set was
not doing this.
BUG=v8:5133
Review-Url: https://codereview.chromium.org/2091153002
Cr-Commit-Position: refs/heads/master@{#37232}
Cleaning up the code to replace all instances of "i++" in for loops with the more efficient "++i".
The latter foregoes an extra intermediate variable.
BUG=v8:5044
Review-Url: https://codereview.chromium.org/2094573002
Cr-Commit-Position: refs/heads/master@{#37230}
It appears to have been dropped accidentally as part of 1150092b29's
removal of strong mode for binary ops.
Review-Url: https://codereview.chromium.org/2092493002
Cr-Commit-Position: refs/heads/master@{#37229}
While we properly handled scopes of initializers in destructured parameters,
we never did the right thing for computed properties. This patch fixes that
by factoring out PatternRewriter's scope rewriting logic and calls it
for the computed property case.
BUG=chromium:620119
Review-Url: https://codereview.chromium.org/2084103002
Cr-Commit-Position: refs/heads/master@{#37228}
Reason for revert:
Reland fixing msan and tsan
Original issue's description:
> Revert of Test262 roll (patchset #15 id:280001 of https://codereview.chromium.org/2068263002/ )
>
> Reason for revert:
> Broke msan and tsan; need to add an extra skip
>
> Original issue's description:
> > Test262 roll
> >
> > This roll does not include a test harness change; infrastructure issues
> > still need to be worked out.
> >
> > Committed: https://crrev.com/d3a95b8a78eefabf884a60bc3d6aac5830b44eb3
> > Cr-Commit-Position: refs/heads/master@{#37225}
>
> TBR=adamk@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
>
> Committed: https://crrev.com/8ea2cbea2e65dc506d50a25a81e610f37bc751ec
> Cr-Commit-Position: refs/heads/master@{#37226}
TBR=adamk@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review-Url: https://codereview.chromium.org/2097573003
Cr-Commit-Position: refs/heads/master@{#37227}
Reason for revert:
Broke msan and tsan; need to add an extra skip
Original issue's description:
> Test262 roll
>
> This roll does not include a test harness change; infrastructure issues
> still need to be worked out.
>
> Committed: https://crrev.com/d3a95b8a78eefabf884a60bc3d6aac5830b44eb3
> Cr-Commit-Position: refs/heads/master@{#37225}
TBR=adamk@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review-Url: https://codereview.chromium.org/2094613004
Cr-Commit-Position: refs/heads/master@{#37226}
This roll does not include a test harness change; infrastructure issues
still need to be worked out.
Review-Url: https://codereview.chromium.org/2068263002
Cr-Commit-Position: refs/heads/master@{#37225}
Since [1], Logger does not dispatch anymore to the other loggers. This is
now the task of the CodeEventDispatcher, and Logger is just a client.
One use of the Logger as dispatcher wasn't caught in the refactoring, which
caused the entries for bytecode handlers loaded from the snapshot to be
missing from the symbols mapping written by PerfBasicLogger.
[1] https://crrev.com/9df23510eaa12eb5c298cf68a92e90c6e992855c
BUG=v8:4899
LOG=N
Review-Url: https://codereview.chromium.org/2085143003
Cr-Commit-Position: refs/heads/master@{#37224}
As a result LoadGlobalIC requires different slow stubs for each TypeofMode.
This CL is a prerequisite for not passing variable name to LoadGlobalIC:
the interceptor handler is the only kind of handler that requires a name
and therefore LoadGlobalIC dispatcher does not need a variable name as well.
BUG=chromium:576312
Review-Url: https://codereview.chromium.org/2081143002
Cr-Commit-Position: refs/heads/master@{#37222}
Reason for revert:
This breaks gc-stress bot: https://chromegw.corp.google.com/i/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot
#
# Fatal error in ../../src/heap/mark-compact.cc, line 3715
# Check failed: Page::FromAddress(reinterpret_cast<HeapObject*>(*slot)->address()) ->IsFlagSet(Page::PAGE_NEW_NEW_PROMOTION).
#
I can reproduce locally, and local revert also fixes it -> revert.
Reproduce with:
out/Debug/d8 --test --random-seed=2140216864 --nohard-abort --nodead-code-elimination --nofold-constants --enable-slow-asserts --debug-code --verify-heap --allow-natives-syntax --harmony-tailcalls test/mjsunit/mjsunit.js test/mjsunit/es6/tail-call-megatest-shard2.js --gc-interval=500 --stress-compaction --concurrent-recompilation-queue-length=64 --concurrent-recompilation-delay=500 --concurrent-recompilation
(Maybe run in loop; it's flaky when broken; but passes reliably w/ revert.)
Original issue's description:
> Reland [heap] Avoid the use of cells to point from code to new-space objects.
>
> The reason for reverting was: [Sheriff] Breaks arm debug:
> https://build.chromium.org/p/client.v8.ports/builders/V8%20Linux%20-%20arm%20-%20sim%20-%20debug/builds/1038.
>
> The problem was the dereferencing of handles for smi checks. It turned out
> that these smi checks can be removed anyways, both on arm and on mips.
>
> Additionally some rebasing was necessary.
>
> Original issue's description:
>
> Cells were needed originally because there was no typed remembered set to
> record direct pointers from code space to new space. A previous
> CL (https://codereview.chromium.org/2003553002/) already introduced
> the remembered set, this CL uses it.
>
> This CL
> * stores direct pointers in code objects, even if the target is in new space,
> * records the slot of the pointer in typed-old-to-new remembered set,
> * adds a list which stores weak code-to-new-space references,
> * adds a test to test-heap.cc for weak code-to-new-space references,
> * removes prints in tail-call-megatest.js
>
> R=mlippautz@chromium.org
>
> Committed: https://crrev.com/5508e16592522658587da71ba6743c8e832fe4d1
> Cr-Commit-Position: refs/heads/master@{#37217}
TBR=mlippautz@chromium.org,ahaas@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review-Url: https://codereview.chromium.org/2090983002
Cr-Commit-Position: refs/heads/master@{#37221}
Now we can turn it into a turbofan stub.
Create new instance types JS_ARGUMENTS_TYPE and JS_ERROR_TYPE.
Review-Url: https://codereview.chromium.org/2080243003
Cr-Commit-Position: refs/heads/master@{#37219}
ES2017 draft 19.1.3.6: If @@toStringTag is not a string, Object.prototype.toString()
returns [object Object], except in the following cases:
- Array
- String
- Arguments
- Function
- Error
- Boolean
- Number
- Date
- RegExp.
For anything else, e.g., Maps, Sets, TypedArrays, or the global object, toString() returns
[object Object] if @@toStringTag is absent or not a string. In order to be able to
easily identify the global object in d8, we set @@toStringTag to "global"
for d8.
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
BUG=
Review-Url: https://codereview.chromium.org/2071343002
Cr-Commit-Position: refs/heads/master@{#37218}
The reason for reverting was: [Sheriff] Breaks arm debug:
https://build.chromium.org/p/client.v8.ports/builders/V8%20Linux%20-%20arm%20-%20sim%20-%20debug/builds/1038.
The problem was the dereferencing of handles for smi checks. It turned out
that these smi checks can be removed anyways, both on arm and on mips.
Additionally some rebasing was necessary.
Original issue's description:
Cells were needed originally because there was no typed remembered set to
record direct pointers from code space to new space. A previous
CL (https://codereview.chromium.org/2003553002/) already introduced
the remembered set, this CL uses it.
This CL
* stores direct pointers in code objects, even if the target is in new space,
* records the slot of the pointer in typed-old-to-new remembered set,
* adds a list which stores weak code-to-new-space references,
* adds a test to test-heap.cc for weak code-to-new-space references,
* removes prints in tail-call-megatest.js
R=mlippautz@chromium.org
Review-Url: https://codereview.chromium.org/2091733002
Cr-Commit-Position: refs/heads/master@{#37217}
Lowering of Int64Load, Int64Store, BitcastInt64ToFloat64 and
BitcastFloat64ToInt64 was using LE word ordering in memory,
causing failures on some tests.
BUG=mjsunit/regress/regress-599719,mjsunit/regress/regress-599717
Review-Url: https://codereview.chromium.org/2080213004
Cr-Commit-Position: refs/heads/master@{#37213}
CMN is a flag-setting add operation, and therefore is commutative.
{Add,Sub}WithOverflow generate ADD/SUB instructions that cannot
support a ROR shift.
BUG=
Review-Url: https://codereview.chromium.org/2087233005
Cr-Commit-Position: refs/heads/master@{#37212}
As part of the page type unification also unify page iterators. Iterating
over a space works the same for all spaces now (new, old, lo).
Iterating over pages of a space follows now the regular C++ iterator pattern:
- for (auto it = space->begin(); it != space->end(); ++it) {}
- for (Page* p : *space) {}
GC only: Loop supporting unlinking/freeing of a Page on the fly:
for (auto it = space->begin(); != space->end();) {
Page* p = *(it++);
p->Unlink();
}
For iteration of a range of new space pages use NewSpacePageRange which
also verifies that the range is actually a proper new space page range.
BUG=chromium:581412
LOG=N
Review-Url: https://codereview.chromium.org/2088223002
Cr-Commit-Position: refs/heads/master@{#37210}
The redundancy elimination is currently a graph reducer that tries to
combine redundant checks in the effect chain. It does this by
propagating the checks that happened along effect paths, which is pretty
similar to what the BranchElimination does on the control chain. We run
this reducer together with the other optimizations right after the
representation selection.
An upcoming CL will extend the redundancy elimination to also eliminate
redundant loads (and eventually map checks).
R=jarin@chromium.org
BUG=v8:5141
Review-Url: https://codereview.chromium.org/2091503003
Cr-Commit-Position: refs/heads/master@{#37208}
