Commit Graph

35754 Commits

Author SHA1 Message Date
domenic
2f060955e8 Add markPromiseAsHandled V8 extra util
This will allow V8 extra consumers to mark a promise as handled without
adding redundant empty onRejected handlers. This is needed by streams as
discussed in https://github.com/whatwg/streams/issues/547.

BUG=chromium:654701

Review-Url: https://codereview.chromium.org/2498143002
Cr-Commit-Position: refs/heads/master@{#41012}
2016-11-15 21:25:52 +00:00
titzer
6e643f045c [wasm] Be more lenient on the names section.
R=clemensh@chromium.org,dschuff@chromium.org
BUG=v8:5632
LOG=Y

Review-Url: https://codereview.chromium.org/2501873003
Cr-Commit-Position: refs/heads/master@{#41011}
2016-11-15 20:55:55 +00:00
cbruni
14c6a651d1 [elements] Precisely estimate elements size as last resort
In case of an allocation failure in for-in over holey elements, use precise
number of elements to allocate a smaller buffer for the collected indices.

Drive-by-fix: make is_the_hole accept the isolate for faster checks.

BUG=chromium:609761

Review-Url: https://codereview.chromium.org/2041963003
Cr-Commit-Position: refs/heads/master@{#41010}
2016-11-15 18:31:19 +00:00
jshin
4f224b3995 Use a regular ICU API for el-Upper
ICU now supports uppercasing in Greek via its regular uppercasing API.
So, there's no need to use a slow transliteration API for uppercasing
in Greek.

This CL includes rolling ICU to ICU 58.1.

Besides, drop intl402/Intl/getCanonicalLocales/weird-cases from
test262.status because it passes now with ICU 58.1.

BUG=chromium:637001,v8:5012

Review-Url: https://codereview.chromium.org/2491333003
Cr-Commit-Position: refs/heads/master@{#41009}
2016-11-15 18:30:17 +00:00
mlippautz
9b5bdfeaeb [heap] Only visit strong links during scavenge of promoted objects
Previously, we also used to treat the link as strong, when iterating a promoted
JSFunction.

BUG=chromium:651354

Review-Url: https://codereview.chromium.org/2506633002
Cr-Commit-Position: refs/heads/master@{#41008}
2016-11-15 18:22:45 +00:00
clemensh
c9c6c1a393 [inspector] Fix and refactor String16
This CL defines move semantics for String16, and fixes issues with the
hash code not being set correctly on swap or copy.
It also extends the interface by a few handy templates.
All this functionality will be used for the wasm translations, where
String16s are often concatenated and used as keys in hash tables.

BUG=chromium:659715
R=yangguo@chromium.org, kozyatinskiy@chromium.org

Review-Url: https://codereview.chromium.org/2493723003
Cr-Commit-Position: refs/heads/master@{#41007}
2016-11-15 17:33:09 +00:00
caitp
45bd43b8af add object Printer for JSArrayIterator
BUG=v8:5635
R=mlippautz@chromium.org, bmeurer@chromium.org

Review-Url: https://codereview.chromium.org/2508433002
Cr-Commit-Position: refs/heads/master@{#41006}
2016-11-15 17:30:18 +00:00
verwaest
c3a60837c0 Reduce zone segment pool size on all devices to 8kb
BUG=chromium:655129

Review-Url: https://codereview.chromium.org/2504673002
Cr-Commit-Position: refs/heads/master@{#41005}
2016-11-15 17:29:18 +00:00
clemensh
32077e01fb [wasm] Allocate a single script per wasm module
Before, we allocated one script per function per instance, and each
script referenced the wasm instance and the function index. Now we only
allocate one script per compiled wasm module, so the script also only
references this WasmCompiledModule, which causes changes to many interfaces.

Instead of fixing the disassemble API only used via debug.js, I decided
to drop it for now. Some later CL will reintroduce it via
DebugInterface.

BUG=v8:5530,chromium:659715
R=yangguo@chromium.org, titzer@chromium.org
CC=jgruber@chromium.org

Review-Url: https://codereview.chromium.org/2493823003
Cr-Commit-Position: refs/heads/master@{#41004}
2016-11-15 17:05:39 +00:00
verwaest
244a049bfc Inline ParseFunctionWithPreParser into SkipFunction
BUG=

Review-Url: https://codereview.chromium.org/2505453003
Cr-Commit-Position: refs/heads/master@{#41003}
2016-11-15 16:50:44 +00:00
cbruni
3a91f8af1a [heap-verify] Allow for temporary invalid array length for slow elements
R=jkummerow@chromium.org
BUG=chromium:665112

Review-Url: https://codereview.chromium.org/2501303002
Cr-Commit-Position: refs/heads/master@{#41002}
2016-11-15 16:09:48 +00:00
cbruni
bb6a626b76 [counters] Implement off-isolate RuntimeCallStats for the Preparser
BUG=

Review-Url: https://codereview.chromium.org/2490643002
Cr-Commit-Position: refs/heads/master@{#41001}
2016-11-15 16:08:50 +00:00
jgruber
e29fcbee9c [regexp] Move RegExp.prototype[@@search] to TF
Implements upcoming changes to @@search according to
https://github.com/tc39/ecma262/pull/627.

This also adds SameValue to CodeStubAssembler and extracts a part of
CSA::TruncateTaggedToFloat64.

BUG=v8:5339

Review-Url: https://codereview.chromium.org/2438683005
Cr-Commit-Position: refs/heads/master@{#41000}
2016-11-15 16:06:20 +00:00
jbroman
054e17796d ValueSerializer: Don't throw an exception after SetPropertiesFromKeyValuePairs fails.
It always throws an exception in the cases that it fails, so throwing another
doesn't help things.

BUG=chromium:664416

Review-Url: https://codereview.chromium.org/2495393002
Cr-Commit-Position: refs/heads/master@{#40999}
2016-11-15 15:17:05 +00:00
petermarshall
a63eeb485a Fastpath some spread-call desugaring.
Avoid using the iterator for arrays with fast elements where the iterator has
not been modified.

Only deals with the case where there is a single spread argument.

Improves the six-speed "spread" benchmark to 1.5x slower than baseline es5 implementation, compared to 19x slower previously.

BUG=v8:5511

Review-Url: https://codereview.chromium.org/2465253011
Cr-Commit-Position: refs/heads/master@{#40998}
2016-11-15 14:42:00 +00:00
Miran.Karic
a18be72c8e Add v8_os_page_size flag for cross compilation
When generating snapshot on a machine with a different page size than
the target machine, we can run into problems as the v8 page area size
changes. This is because v8 has page guards which depend on os page
size, so if the target has larger os page, v8 page area is smaller and
may not fit the contents.

The solution proposed here is adding a flag, v8_os_page_size, that
would, if used, override local os page size and use the one specified
during snapshot generation.

BUG=

Review-Url: https://codereview.chromium.org/2488403003
Cr-Commit-Position: refs/heads/master@{#40997}
2016-11-15 14:41:03 +00:00
leszeks
4a660091ee [turbofan] Do not use the state value cache when building the tree
Since the liveness analysis's non-live value clearing rebuilds the state
value trees, we don't need to be smart when creating state values in the
initial graph building. This simplifies both the building and the
iteration over the state values by the liveness analyzer.

Review-Url: https://codereview.chromium.org/2495413003
Cr-Commit-Position: refs/heads/master@{#40996}
2016-11-15 14:23:40 +00:00
tebbi
f71260b298 [turbofan] Make escape analysis fail silently for cyclic object states
R=bmeurer@chromium.org
BUG=v8:5634

Review-Url: https://codereview.chromium.org/2500143003
Cr-Commit-Position: refs/heads/master@{#40995}
2016-11-15 14:05:37 +00:00
jarin
7ae7e84340 Reland of [turbofan] Fix deoptimization of boolean bit constants. (patchset #1 id:1 of https://codereview.chromium.org/2495243002)
This reverts commit 1c9528c4c4.

BUG=chromium:664490

Review-Url: https://codereview.chromium.org/2503763003
Cr-Commit-Position: refs/heads/master@{#40994}
2016-11-15 13:55:57 +00:00
mstarzinger
1a36eaea4b [ast] Change printing of {Variable::maybe_assigned}.
This reverses the printing scheme for the flag in question to make it
print the "positive" analysis results (i.e. variable never assigned)
instead of the "negative" results (i.e. variable maybe assigned). This
helps to spot false-positives which are much more dangerous in practice
compared to missed optimization opportunities.

R=neis@chromium.org

Review-Url: https://codereview.chromium.org/2498353002
Cr-Commit-Position: refs/heads/master@{#40993}
2016-11-15 13:51:08 +00:00
ivica.bogosavljevic
ecd166d5e8 MIPS[64]: Use immediates for kMips[64]Tst in code-generator-mips[64].cc
The patch optimizes the generation of code for kMips[64]Tst in code-generator-mips[64].cc.
We allow usage of immediate for kMips[64]Tst in VisitWordCompare in order to remove
an unnecessary immediate load to register. This fix is motivated by Richards benchark
in Octane benchmark suite, since it is used a lot there.

BUG=

Review-Url: https://codereview.chromium.org/2503833002
Cr-Commit-Position: refs/heads/master@{#40992}
2016-11-15 13:46:59 +00:00
mlippautz
4cf8e2f121 [heap] Enable incremental marking of wrappers
BUG=chromium:468240
NOTRY=true

Review-Url: https://codereview.chromium.org/2498343002
Cr-Commit-Position: refs/heads/master@{#40991}
2016-11-15 13:32:02 +00:00
jarin
1900760e8f [turbofan] Fix deopt check for storing into constant field.
BUG=chromium:626986

Review-Url: https://codereview.chromium.org/2503863002
Cr-Commit-Position: refs/heads/master@{#40990}
2016-11-15 13:17:13 +00:00
yukishiino
96ad91a657 Makes FunctionTemplate::HasInstance return true for a global proxy.
Makes FunctionTemplate::HasInstance follow the hidden prototype chain
for a global proxy object and return true if the global object passes
the test.

BUG=

Review-Url: https://codereview.chromium.org/2500363002
Cr-Commit-Position: refs/heads/master@{#40989}
2016-11-15 13:10:42 +00:00
dusan.simicic
961a45da69 Reland of "MIPS: Optimize load/store with large offset"
Currently, we are using the following sequence for load/store
with large offset (offset > 16b):
    lui at, 0x1234
    ori at, at, 0x5678
    add at, s0, at
    lw a0, 0(at)

This sequence can be optimized in the following way:
    lui at, 0x1234
    add at, s0, at
    lw a0, 0x5678(at)

BUG=

Review-Url: https://codereview.chromium.org/2503493002
Cr-Commit-Position: refs/heads/master@{#40988}
2016-11-15 12:00:45 +00:00
dusan.simicic
b725d5a797 MIPS[64]: Port '[turbofan] Use zr to store immediate zero'
Port 0322c20d17

Original commit message:
When storing an immediate integer or floating point zero, use the zero register
as the source value. This avoids the need to sometimes allocate a new register.

BUG=

Review-Url: https://codereview.chromium.org/2470133005
Cr-Commit-Position: refs/heads/master@{#40987}
2016-11-15 11:57:28 +00:00
ishell
815eca573a [ic] Extract load IC proto array handlers handling to a separate stub.
This is to fix the performance regression by avoiding creation of a frame
in LoadIC dispatcher caused by complicated logic of CSA::EmitLoadICProtoArrayCheck().

BUG=v8:5561, chromium:660795

Review-Url: https://codereview.chromium.org/2496333002
Cr-Commit-Position: refs/heads/master@{#40986}
2016-11-15 11:16:39 +00:00
georgia.kouveli
fa567a4980 [arm64] Change comparison to CBNZ in PropertyHandlerCompiler::CheckPrototypes.
BUG=

Review-Url: https://codereview.chromium.org/2503453002
Cr-Commit-Position: refs/heads/master@{#40985}
2016-11-15 10:49:42 +00:00
verwaest
8b649a41ec [parser] Only log messages using the pending error handling
This shares the pending_error_handler from the parser to the preparser, allowing the preparser to directly log errors to it. This removes LogMessage from the loggers. ParserLogger::LogMessage was already unused, so this also removes error info from the preparse data altogether.

BUG=

Review-Url: https://codereview.chromium.org/2502633002
Cr-Commit-Position: refs/heads/master@{#40984}
2016-11-15 10:16:28 +00:00
ishell
4a0e07a0cc [ic] Refactor LoadIC code.
Extract CSA::HandleLoadICSmiHandlerCase() from CSA::HandleLoadICHandlerCase() and
CSA::EmitLoadICProtoArrayCheck() from CSA::HandleLoadICProtoHandler().

This is a preliminary step for extracting LoadICProtoArrayCheck to a separate stub
which is necesary to fix the preformance regression caused by proto array
handlers support.

BUG=v8:5561, chromium:660795

Review-Url: https://codereview.chromium.org/2498013002
Cr-Commit-Position: refs/heads/master@{#40983}
2016-11-15 10:10:40 +00:00
ivica.bogosavljevic
e18b03e651 MIPS[64]: Optimize kMips[64]Tst in code-generator-mips[64].cc
A small change that brings a lot of benefit since it is used in a lot
of places.

BUG=

Review-Url: https://codereview.chromium.org/2477453005
Cr-Commit-Position: refs/heads/master@{#40982}
2016-11-15 09:41:46 +00:00
yangguo
f0b21ef72c [serializer] print use count of external references.
R=peria@chromium.org, vogelheim@chromium.org
BUG=chromium:617892
NOPRESUBMIT=true

Review-Url: https://codereview.chromium.org/2495213003
Cr-Commit-Position: refs/heads/master@{#40981}
2016-11-15 08:59:21 +00:00
machenbach
42d8a1d89b Revert of [serializer] print use count of external references. (patchset #2 id:20001 of https://codereview.chromium.org/2495213003/ )
Reason for revert:
Breaks https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20vtunejit/builds/14690 compile

Original issue's description:
> [serializer] print use count of external references.
>
> R=peria@chromium.org, vogelheim@chromium.org
> BUG=chromium:617892
> NOPRESUBMIT=true

TBR=peria@chromium.org,vogelheim@chromium.org,yangguo@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:617892

Review-Url: https://codereview.chromium.org/2498163003
Cr-Commit-Position: refs/heads/master@{#40980}
2016-11-15 07:43:19 +00:00
yangguo
e56bd9c332 [serializer] print use count of external references.
R=peria@chromium.org, vogelheim@chromium.org
BUG=chromium:617892
NOPRESUBMIT=true

Review-Url: https://codereview.chromium.org/2495213003
Cr-Commit-Position: refs/heads/master@{#40979}
2016-11-15 06:30:14 +00:00
rmcilroy
aed65cb45a [Interpreter] Fix runtime-profiler ticks for Interpreted functions.
Fix two bugs with the runtime-profiler optimization heuristics for
interpreted code:
 - Reset shared->tick_count for interpreted functions when optimizing
 - Update ticks after checking whether to optimize functions, to be the
   same as the FCG profiler checks (where updates are done to the code
   ticks after deciding whether to optimize).

BUG=chromium:662071

Review-Url: https://codereview.chromium.org/2497933002
Cr-Commit-Position: refs/heads/master@{#40978}
2016-11-15 05:46:18 +00:00
ahaas
1bde83046e [wasm] Reimplement function verification in the module decoder.
This CL adds the function verification option to the module decoder.
Therefore we can remove the verification in wasm-module-runner.cc

R=titzer@chromium.org

Review-Url: https://codereview.chromium.org/2496203002
Cr-Commit-Position: refs/heads/master@{#40977}
2016-11-14 19:46:19 +00:00
caitp
2a350ed457 [builtins] Take fast path in Array.prototype.keys() only if length is an Smi
Do not take the fast path for Array.prototype.keys() if the array length is not
guaranteed to be an Smi.

BUG=660925, v8:5388
R=bmeurer@chromium.org, mstarzinger@chromium.org

Review-Url: https://codereview.chromium.org/2496323002
Cr-Commit-Position: refs/heads/master@{#40976}
2016-11-14 18:52:25 +00:00
tebbi
c3a6ca68d0 This CL enables precise source positions for all V8 compilers. It merges compiler::SourcePosition and internal::SourcePosition to a single class used throughout the codebase. The new internal::SourcePosition instances store an id identifying an inlined function in addition to a script offset.
SourcePosition::InliningId() refers to a the new table DeoptimizationInputData::InliningPositions(), which provides the following data for every inlining id:
 - The inlined SharedFunctionInfo as an offset into DeoptimizationInfo::LiteralArray
 - The SourcePosition of the inlining. Recursively, this yields the full inlining stack.
Before the Code object is created, the same information can be found in CompilationInfo::inlined_functions().

If SourcePosition::InliningId() is SourcePosition::kNotInlined, it refers to the outer (non-inlined) function.
So every SourcePosition has full information about its inlining stack, as long as the corresponding Code object is known. The internal represenation of a source position is a positive 64bit integer.

All compilers create now appropriate source positions for inlined functions. In the case of Turbofan, this required using AstGraphBuilderWithPositions for inlined functions too. So this class is now moved to a header file.

At the moment, the additional information in source positions is only used in --trace-deopt and --code-comments. The profiler needs to be updated, at the moment it gets the correct script offsets from the deopt info, but the wrong script id from the reconstructed deopt stack, which can lead to wrong outputs. This should be resolved by making the profiler use the new inlining information for deopts.

I activated the inlined deoptimization tests in test-cpu-profiler.cc for Turbofan, changing them to a case where the deopt stack and the inlining position agree. It is currently still broken for other cases.

The following additional changes were necessary:
 - The source position table (internal::SourcePositionTableBuilder etc.) supports now 64bit source positions. Encoding source positions in a single 64bit int together with the difference encoding in the source position table results in very little overhead for the inlining id, since only 12% of the source positions in Octane have a changed inlining id.
 - The class HPositionInfo was effectively dead code and is now removed.
 - SourcePosition has new printing and information facilities, including computing a full inlining stack.
 - I had to rename compiler/source-position.{h,cc} to compiler/compiler-source-position-table.{h,cc} to avoid clashes with the new src/source-position.cc file.
 - I wrote the new wrapper PodArray for ByteArray. It is a template working with any POD-type. This is used in DeoptimizationInputData::InliningPositions().
 - I removed HInlinedFunctionInfo and HGraph::inlined_function_infos, because they were only used for the now obsolete Crankshaft inlining ids.
 - Crankshaft managed a list of inlined functions in Lithium: LChunk::inlined_functions. This is an analog structure to CompilationInfo::inlined_functions. So I removed LChunk::inlined_functions and made Crankshaft use CompilationInfo::inlined_functions instead, because this was necessary to register the offsets into the literal array in a uniform way. This is a safe change because LChunk::inlined_functions has no other uses and the functions in CompilationInfo::inlined_functions have a strictly longer lifespan, being created earlier (in Hydrogen already).

BUG=v8:5432

Review-Url: https://codereview.chromium.org/2451853002
Cr-Commit-Position: refs/heads/master@{#40975}
2016-11-14 17:22:32 +00:00
caitp
372d905d73 [tests] skip es6/array-iterator-turbo on deopt_fuzzer
BUG=v8:5388
R=bmeurer@chromium.org
NOTRY=true

Review-Url: https://codereview.chromium.org/2496063003
Cr-Commit-Position: refs/heads/master@{#40974}
2016-11-14 17:16:59 +00:00
franzih
c0291e122f [Interpreter] Add CallRuntime() for 5 arguments.
CodeAssembler::CallRuntime() with 5 arguments was declared but
not implemented.

BUG=

Review-Url: https://codereview.chromium.org/2503523002
Cr-Commit-Position: refs/heads/master@{#40973}
2016-11-14 17:16:02 +00:00
ulan
71a7bca990 [heap] Use size_t for heap and space counters.
BUG=chromium:652721

Review-Url: https://codereview.chromium.org/2490523003
Cr-Commit-Position: refs/heads/master@{#40972}
2016-11-14 16:47:18 +00:00
clemensh
0c6fa1724f [wasm] Make reported "lines" on stack frames 1-based
In captured stack traces, all lines and columns must be 1-based.
Even though this makes things a bit ugly, we have to comply also for
wasm locations, where line and column encode function index and byte
offset (both are originally 0-based).

If we don't comply, the frontend might complain, as e.g. DevTools does.

BUG=chromium:659715
R=yangguo@chromium.org, kozyatinskiy@chromium.org
CC=titzer@chromium.org

Review-Url: https://codereview.chromium.org/2493943002
Cr-Commit-Position: refs/heads/master@{#40971}
2016-11-14 16:00:54 +00:00
caitp
7f21e67b38 [builtins] implement JSBuiltinReducer for ArrayIteratorNext()
Adds a protector cell to prevent inlining (which will likely lead to deopt
loops) when a JSArrayIterator's array transitions from a fast JSArray to a
slow JSArray (such as, when the array is touched during iteration in a way
which triggers a map transition).

Also adds TODO comments relating to the spec update proposed by Dan at
https://github.com/tc39/ecma262/pull/724

BUG=v8:5388
R=bmeurer@chromium.org, mstarzinger@chromium.org
TBR=hpayer@chromium.org, ulan@chromium.org

Review-Url: https://codereview.chromium.org/2484003002
Cr-Commit-Position: refs/heads/master@{#40970}
2016-11-14 15:59:47 +00:00
cbruni
0909e5cccb Add more JSArray verification for --verify-heap
BUG=

Review-Url: https://codereview.chromium.org/2431133003
Cr-Commit-Position: refs/heads/master@{#40969}
2016-11-14 15:04:13 +00:00
jgruber
1c1edda7db Skip flaky debug-scopes test
BUG=v8:5619,chromium:664490

Review-Url: https://codereview.chromium.org/2503463002
Cr-Commit-Position: refs/heads/master@{#40968}
2016-11-14 15:02:30 +00:00
leszeks
3abfc33709 [base] Probe hashmap using indices rather than pointers
Using indices rather than pointers to probe the hashmap lets us
unconditionally mask the index to ensure it wraps around, rather than
branching on the pointer value. This produces slightly more optimal
code.

Review-Url: https://codereview.chromium.org/2488423003
Cr-Commit-Position: refs/heads/master@{#40967}
2016-11-14 15:01:31 +00:00
neis
4e32419be4 [debug] Extend a test and fix some typos.
R=jgruber@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2493533003
Cr-Commit-Position: refs/heads/master@{#40966}
2016-11-14 14:06:05 +00:00
rmcilroy
be9b820c44 Only treat possible eval calls going through 'with' as special.
This removes the POSSIBLY_EVAL_CALL call type, and instead uses OTHER_CALL
or WITH_CALL to decide whether to do the special LOOKUP_SLOT_CALL runtime
call to find the callee and possibly update the receiver with the with-object.
This means that eval calls out of 'with' blocks can now just do a normal
LdaLookupGlobalSlot operation, which can check the context chain for eval
extentions and fast-path the lookup if none exist.

BUG=661556

Review-Url: https://codereview.chromium.org/2487483004
Cr-Commit-Position: refs/heads/master@{#40965}
2016-11-14 13:35:04 +00:00
neis
8538143c61 Revert of [ast] Simplify FetchFreeVariables. (patchset #1 id:1 of https://codereview.chromium.org/2491373004/ )
Reason for revert:
It's probably needed after all but we're lacking tests.

Original issue's description:
> [ast] Simplify FetchFreeVariables.
>
> This CL removes the ParseInfo argument from FetchFreeVariables, since it seems
> to have become unnecessary.
>
> R=verwaest@chromium.org
> BUG=

TBR=verwaest@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=

Review-Url: https://codereview.chromium.org/2495293002
Cr-Commit-Position: refs/heads/master@{#40964}
2016-11-14 13:23:17 +00:00
mstarzinger
79aee39f24 [builtins] Fix pointer comparison in ToString builtin.
This fixes the bogus {Word32Equal} comparison in the ToString builtin
implementing Object.prototype.toString to be a pointer-size {WordEqual}
comparison instead. Comparing just the lower half-word is insufficient
on 64-bit architectures.

R=jgruber@chromium.org
TEST=mjsunit/regress/regress-crbug-664506
BUG=chromium:664506

Review-Url: https://codereview.chromium.org/2496043003
Cr-Commit-Position: refs/heads/master@{#40963}
2016-11-14 12:44:29 +00:00