Commit Graph

38722 Commits

Author SHA1 Message Date
Igor Sheludko
e06c719794 [builtins] Define interface descriptors for builtins with JSFunction linkage.
This is a first bulk of changes.

BUG=v8:6116

Change-Id: I9308129bd032c0bf5b60c8e0413ee2cb710891ea
Reviewed-on: https://chromium-review.googlesource.com/456556
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43930}
2017-03-20 12:21:30 +00:00
franzih
3e0aabb62f [runtime] Add function for printing type profile.
Separate the function that prints type profile with
--type-profile from the one that collects type profile.

The name needs to be stored in the feedback vector as well. I'll make a
follow up CL that stores the relevant information, so it can
be printed later.

BUG=v8:5935
R=yangguo@chromium.org

Review-Url: https://codereview.chromium.org/2757993002
Cr-Commit-Position: refs/heads/master@{#43929}
2017-03-20 12:10:14 +00:00
ahaas
ab97fd76ef [wasm][arm] Emit MaybeCheckConstPool in the trap code generation
Without the check it happened that the builtin call in the trap code
was too far away from the constant pool and therefore crashed.

BUG=v8:6054
R=bmeurer@chromium.org, v8-arm-ports@googlegroups.com

Review-Url: https://codereview.chromium.org/2738683003
Cr-Commit-Position: refs/heads/master@{#43928}
2017-03-20 09:52:04 +00:00
ahaas
086ec2bd8d [arm64] The ubfx instruction can be used with a mask-width=64
The code-generator used i.InputInt6 to get the mask-width from the
instruction. However, thereby 64 got wrapped to 0, which is an invalid
mask width. I changed the i.InputInt6 to an i.InputInt32, which should
be okay because the mask-width comes from base::bits::CountPopulation64.

BUG=v8:6122
R=bmeurer@chromium.org, v8-arm-ports@googlegroups.com

Review-Url: https://codereview.chromium.org/2755373002
Cr-Commit-Position: refs/heads/master@{#43927}
2017-03-20 09:42:37 +00:00
Jochen Eisinger
515c7a4ea0 Relax conditions in compiler dispatcher test
Just ensure that all background and foreground tasks finished, then we
should be in a defined state

BUG=v8:6069
R=rmcilroy@chromium.org

Change-Id: Ie5bd11c61402dccb2c65cb8fe57fd1c0f550e9a7
Reviewed-on: https://chromium-review.googlesource.com/456418
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43926}
2017-03-20 09:06:45 +00:00
bmeurer
a93e5221d8 [turbofan] Properly handle IfException projections on JSForInNext.
Don't ignore IfException (and IfSuccess) projections on JSForInNext
nodes during JSTypedLowering::ReduceJSForInNext, but instead rewrire
the IfException projection to the ForInFilter stub call, which can
throw exceptions in case of proxies.

R=yangguo@chromium.org
BUG=v8:6121

Review-Url: https://codereview.chromium.org/2761703002
Cr-Commit-Position: refs/heads/master@{#43925}
2017-03-20 06:32:28 +00:00
v8-autoroll
a2588a5ada Update V8 DEPS.
Rolling v8/third_party/catapult: 73f2994..2d86f95

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Change-Id: I011f9e13d444ef796e236fb06e6e2de82b2413ae
Reviewed-on: https://chromium-review.googlesource.com/456802
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43924}
2017-03-19 04:11:37 +00:00
Leszek Swirski
2498ea9123 [deserializer] Dump the disassembly of deserialized code
Prints the disassembly of code objects on the heap after
deserialization, if --print-builtin-code is on. This allows us to
annotate the disassembly of builtins in the same way as we do optimised
code now, for example using `perf report --objdump=v8/tools/objdump`.

Change-Id: I1781302de6fca035ea9bd4c4f7d58796a957f4af
Reviewed-on: https://chromium-review.googlesource.com/456340
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43923}
2017-03-18 12:13:40 +00:00
Yang Guo
6803fd9ff6 [debug] extend debug-evaluate to Date, Boolean, global functions.
Also add tests for operators.

BUG=v8:5821

Change-Id: I76cfde94324c7f05de61cb60f26d5168da0a9aa5
Reviewed-on: https://chromium-review.googlesource.com/456500
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43922}
2017-03-18 08:45:57 +00:00
v8-autoroll
55d269c7b5 Update V8 DEPS.
Rolling v8/build: 72004d5..4c534d4

Rolling v8/third_party/catapult: 7b2dc0f..73f2994

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Change-Id: I05e77392da0d8f99750c6a6755d44ff1fa0b209c
Reviewed-on: https://chromium-review.googlesource.com/456801
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43921}
2017-03-18 03:22:28 +00:00
Jakob Kummerow
f89db5d24a Fix LoadGlobalIC for cleared WeakCells
BUG=chromium:702793

Change-Id: Ia52823968a757f8f7fc8802deab60f570ffdb58c
Reviewed-on: https://chromium-review.googlesource.com/456280
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43920}
2017-03-18 00:52:09 +00:00
aseemgarg
2bcd3cbb63 Revert of [wasm] re-enable simd-scalar-lowering tests (patchset #1 id:1 of https://codereview.chromium.org/2754393002/ )
Reason for revert:
Seems like this is breaking V8 Linux - arm64 - sim - MSAN

Original issue's description:
> [wasm] re-enable simd-scalar-lowering tests
>
> R=bbudge@chromium.org
> BUG=v8:6020
>
> Review-Url: https://codereview.chromium.org/2754393002
> Cr-Commit-Position: refs/heads/master@{#43918}
> Committed: 931714675b

TBR=bbudge@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:6020

Review-Url: https://codereview.chromium.org/2749023010
Cr-Commit-Position: refs/heads/master@{#43919}
2017-03-17 22:06:25 +00:00
aseemgarg
931714675b [wasm] re-enable simd-scalar-lowering tests
R=bbudge@chromium.org
BUG=v8:6020

Review-Url: https://codereview.chromium.org/2754393002
Cr-Commit-Position: refs/heads/master@{#43918}
2017-03-17 20:46:04 +00:00
sampsong
6fa1db1e2e AIX/SOLARIS/CYGWIN: Fix build failure due in PosixTimezoneCache
R=littledan@chromium.org, ulan@chromium.org, bjaideep@ca.ibm.com

BUG=

Review-Url: https://codereview.chromium.org/2740353002
Cr-Commit-Position: refs/heads/master@{#43917}
2017-03-17 20:06:25 +00:00
neis
42487a8410 [compiler] Add even more tests for monotonicity of typing.
BUG=

Review-Url: https://codereview.chromium.org/2754003007
Cr-Commit-Position: refs/heads/master@{#43916}
2017-03-17 19:14:21 +00:00
dusan.simicic
9c1a081d4c [wasm] Fix typo in F32x4Mul wasm SIMD test
BUG=

Review-Url: https://codereview.chromium.org/2759673002
Cr-Commit-Position: refs/heads/master@{#43915}
2017-03-17 18:57:39 +00:00
neis
1b696f3cec [compiler] Fix typing of ToLength.
Typer::Visitor::ToLength was unsound (and non-monotonic).  For instance,
if the input type was Range(2^53, 2^53+1), the result type was
Constant(2^53).  Now the result is type Constant(2^53-1).  (The result
of ToLength is guaranteed to be between 0 and 2^53-1.)

BUG=

Review-Url: https://codereview.chromium.org/2753773010
Cr-Commit-Position: refs/heads/master@{#43914}
2017-03-17 18:45:17 +00:00
bbudge
771e86fdf2 Remove Factory::NewStringFromASCII method.
BUG=none

Review-Url: https://codereview.chromium.org/2759513002
Cr-Commit-Position: refs/heads/master@{#43913}
2017-03-17 17:52:50 +00:00
jbroman
4acdb5eec2 Give v8::Eternal a direct reference to the handle.
This makes it more similar to other handle types (like PersistentBase),
by simply storing an i::Object** cast to T*. This means that it is not
necessary to look up the handle in the eternal handles table to access
the underlying value.

Like the built-in roots (null, etc.), an eternal handle can never be
destroyed, so we don't even need to allocate a separate local handle.
Instead, the Local<T> can point directly at the eternal reference.
This makes Eternal<T>::Get trivial.

Review-Url: https://codereview.chromium.org/2751263003
Cr-Commit-Position: refs/heads/master@{#43912}
2017-03-17 17:23:34 +00:00
Jochen Eisinger
7bd0c1d5bb Next attempt to deflake CompilerDispatcherTest
BUG=v8:6069
R=rmcilroy@chromium.org

Change-Id: I0e1096e20fa96af0a4875704f3f90e8458750356
Reviewed-on: https://chromium-review.googlesource.com/456557
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43911}
2017-03-17 16:23:03 +00:00
jgruber
5050640cfa [arm64] USE unused variables in simulator
NOTREECHECKS=true
TBR=machenbach@chromium.org

Review-Url: https://codereview.chromium.org/2754283002
Cr-Commit-Position: refs/heads/master@{#43910}
2017-03-17 16:12:06 +00:00
jgruber
542b41a7cc [gn] Enable stricter build flags
Default to the chromium-internal build config (instead of the more
permissive no_chromium_code config).

BUG=v8:5878

Review-Url: https://codereview.chromium.org/2758563002
Cr-Commit-Position: refs/heads/master@{#43909}
2017-03-17 15:18:18 +00:00
Marja Hölttä
1191e6f6ef [parser] Skipping inner funcs: store and use the inner function data.
The data needed to be modified a bit to actually allow skipping over functions
based on it. In particular, we need to allow skipping over an unknown inner
scope structure (in the previous stage, we just had tests comparing the data
against some baseline truth, so it wasn't needed).

also removing the current "skip functions based on preparse data" logic,
since preparser data is not used any more. At a later stage, I'll consider
plugging the preparser-scope-analysis-data into that pipeline (so I don't want
to remove the full code yet).

Integration to the various forms of compilation is still incomplete; this CL
integrates just enough to get the minimal example to pass:

(function foo() {
  function preparsed() {
    var var1 = 10;
    function skip_me() {
      print(var1);
    }
    return skip_me;
  }
  return preparsed;
})()()();

BUG=v8:5516

Change-Id: I0d24b4c3b338f7e6b6c3bf7cf2c1ceb29608e2f2
Reviewed-on: https://chromium-review.googlesource.com/446336
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43908}
2017-03-17 14:54:52 +00:00
jbroman
3700a01c82 Make v8::Eternal::Get and IsEmpty const.
They do not modify the state of the handle.

Review-Url: https://codereview.chromium.org/2753973002
Cr-Commit-Position: refs/heads/master@{#43907}
2017-03-17 14:48:20 +00:00
Toon Verwaest
9f720a686e [ic] Drop check_global from PropertyCellStore handler
We don't invalidate the map of the global object anymore.

BUG=v8:5561

Change-Id: I006066e9b675dd3d118efc8d00687b97419c427b
Reviewed-on: https://chromium-review.googlesource.com/456417
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43906}
2017-03-17 14:40:35 +00:00
georgia.kouveli
9e07494509 [turbofan] Try to allocate preferred register after splitting range.
This shows an improvement in the code size of the bytecode handlers.
When a range is split (because for example the preferred register gets
clobbered by a call and is not available for the whole range), trying
to allocate the preferred register for the first range that results
from the split avoids some extra register moves.

BUG=

Review-Url: https://codereview.chromium.org/2749023005
Cr-Commit-Position: refs/heads/master@{#43905}
2017-03-17 14:37:59 +00:00
jkummerow
94efcfe01b [tools] gm.py: start goma when it isn't running
NOTRY=true

Review-Url: https://codereview.chromium.org/2754253002
Cr-Commit-Position: refs/heads/master@{#43904}
2017-03-17 14:10:23 +00:00
Wiktor Garbacz
54db0236ce [parser] Parse tasks: make them pass all tests.
Parse tasks are still WIP so there is really no benefit turning them on.

Turn off irrelevant tests.
Fix duplicate parameters inverted logic.
Fix use_counts tracking.
Fix language mode, super_property, evals.
Fix modules and stack overflow.

BUG=v8:6093

Change-Id: I8567b36eef7b9de6799789e7520810bde9c86e5b
Reviewed-on: https://chromium-review.googlesource.com/455916
Commit-Queue: Wiktor Garbacz <wiktorg@google.com>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43903}
2017-03-17 14:06:24 +00:00
Michael Starzinger
ac4a77cc87 [turbofan] Remove obsolete helpers from graph builder.
R=jarin@chromium.org

Change-Id: Ib8f657957895f703189f2347f5d8017e16de05ae
Reviewed-on: https://chromium-review.googlesource.com/455798
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43902}
2017-03-17 14:04:07 +00:00
Leszek Swirski
65f25e1c3c [tools/logreader] Print overflow drops to stderr
Don't trash stdout with "dropped: overflow" messages (or other errors)
in the log reader, which then cause generated json files to fail to be
read by other tools.

Change-Id: Ie27639dbbee6fc9e8da0bc6901667c3a2835fbef
Reviewed-on: https://chromium-review.googlesource.com/456499
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43901}
2017-03-17 13:42:14 +00:00
titzer
72e539360e [rename] Rename internal field to embedder field.
This CL renames all occurrences of "internal field" to "embedder field"
to prevent confusion. As it turns out, these fields are not internal to
V8, but are actually embedder provided fields that should not be mucked
with by the internal implementation of V8.

Note that WASM does use these fields, and it should not.

BUG=v8:6058

Review-Url: https://codereview.chromium.org/2741683004
Cr-Commit-Position: refs/heads/master@{#43900}
2017-03-17 13:26:05 +00:00
Michael Starzinger
22372f5aa8 [turbofan] Prototype of property access early lowering.
This is a first stab at extending the existing early lowering approach
to property access operations. Currently we only handle the case where
named property loads are lowered to a soft deoptimize operation, due to
insufficient type feedback.

R=jarin@chromium.org

Change-Id: I779ffb99978023237da5ad9eaf0241fe74243882
Reviewed-on: https://chromium-review.googlesource.com/456316
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43899}
2017-03-17 13:21:41 +00:00
Yang Guo
76abde14d9 Fix code dependency change assertion.
During bootstapping installing native functions may cause
map transitions. There are no dependent code groups, but
the assertion still triggers.

BUG=chromium:617892

Change-Id: Id7cb87575a0fe176e7aff785d4dd249db44deec8
Reviewed-on: https://chromium-review.googlesource.com/457036
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43898}
2017-03-17 12:24:34 +00:00
jgruber
338257509d [string] Optimize ToDirectStringAssembler for sequential strings
ToDirectStringAssembler is used in StringCharCodeAt and SubString
(which uses StringCharCodeAt internally). SubString is used all over the
place (e.g. RegExp result construction), and is critical for benchmark
performance.

The CL introducing ToDirectStringAssembler caused a couple of
regressions which this is intended to fix by adding a fast path for
sequential strings.

BUG=chromium:702246

Review-Url: https://codereview.chromium.org/2754933003
Cr-Commit-Position: refs/heads/master@{#43897}
2017-03-17 12:19:29 +00:00
Toon Verwaest
50e1019dce [ic] Support data-driven accessor pairs
The ForDeopt stub isn't actually necessary anymore; but I don't want to fix the deoptimizer in the same CL.

BUG=v8:5561

Change-Id: I7101cec4b783949bcfbf1ebdb80541d1b558e2e2
Reviewed-on: https://chromium-review.googlesource.com/455858
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43896}
2017-03-17 12:14:32 +00:00
Marja Hölttä
ab4233e38a [parser|cleanup] Add tests for duplicate parameters.
There are at least 3 mechanisms for detecting duplicate parameters.
- ExpressionClassifier
- Scope::DeclareParameter checking IsDeclaredParameter
- PatternRewriter::VisitVariableProxy failing to declare a duplicate parameter

The conditions for when duplicate parameters are allowed and when not are pretty
involved too. They are allowed when
- the function is not an arrow function and not a concise method *and*
- when the parameter list is simple *and*
- we're in sloppy mode (incl. the function doesn't declare itself strict).

In addition, we don't recognize some of the early errors, and it's 
non-trivial to see which ones are recognized and which not (see bug
v8:6108). E.g., (dup, dup) => {}; is recognized but (dup, [dup]) => {} is
not. And (dup, [dup]) => 1; is.

We do have tests for some aspects of duplicate parameters (e.g., arrow function
duplicate parameters are included in arrow function tests), but it's hard to see
whether all combinations of the relevant conditions are tested.

This CL adds more structured tests which hopefully enables reducing the
duplicate parameter detection mechanisms to 2 or maybe even to 1.

BUG=v8:6092

Change-Id: Idd3db43b380aae4b9a89be5f1ed0755d39bfb36d
Reviewed-on: https://chromium-review.googlesource.com/456336
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43895}
2017-03-17 12:10:35 +00:00
Leszek Swirski
64746e5fed [profview] Show all variants of a function in the timeline
When displaying a single function's timeline, display all its variants
(colour-coded by kind) instead of just the ones with the same code-id.
This allows us to see all optimised versions of a function, as well as
changes between optimised and unoptimised.

Drive-by -- Do some rounding to get rendering pixel-perfect.

Change-Id: I385c83b39414ac5e59208b7a25b488d6a283e2b0

NOTRY=true

Change-Id: I385c83b39414ac5e59208b7a25b488d6a283e2b0
Reviewed-on: https://chromium-review.googlesource.com/455833
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43894}
2017-03-17 12:09:32 +00:00
clemensh
29877f5ae0 Revert of MIPS[64]: Fix unaligned arguments storage in Wasm-to-interpreter entry (patchset #3 id:40001 of https://codereview.chromium.org/2705293011/ )
Reason for revert:
Did not fix the issue.

Original issue's description:
> MIPS[64]: Fix unaligned arguments storage in Wasm-to-interpreter entry
>
> In Wasm-to-interpeter entry creation, arguments for the interpreter
> are stored in an argument buffer. Depending on the order of the
> arguments some arguments may be misaligned and this causes crashes
> on those architectures that do not support unaligned memory access.
>
> TEST=cctest/test-wasm-interpreter-entry/TestArgumentPassing_AllTypes
> BUG=
>
> Review-Url: https://codereview.chromium.org/2705293011
> Cr-Commit-Position: refs/heads/master@{#43476}
> Committed: 84ff6e4c19

TBR=titzer@chromium.org,ivica.bogosavljevic@imgtec.com
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=

Review-Url: https://codereview.chromium.org/2760603002
Cr-Commit-Position: refs/heads/master@{#43893}
2017-03-17 12:07:31 +00:00
Jochen Eisinger
876725d5d5 Enable the embedder to provide stack trace printing
BUG=none
R=yangguo@chromium.org

Change-Id: I53811859efacee9126ba1bdbe5690793833c96e1
Reviewed-on: https://chromium-review.googlesource.com/456338
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43892}
2017-03-17 12:07:25 +00:00
bmeurer
6934d92220 Revert of [ignition] Decrease code size multiiplier to 24. (patchset #1 id:1 of https://codereview.chromium.org/2758503002/ )
Reason for revert:
Doesn't seem to help with peak performance, and seems to hurt startup performance a bit, so reverting for now

Original issue's description:
> [ignition] Decrease code size multiplier to 24.
>
> BUG=
>
> Review-Url: https://codereview.chromium.org/2758503002
> Cr-Commit-Position: refs/heads/master@{#43861}
> Committed: b880309bc7

TBR=rmcilroy@chromium.org,jarin@chromium.org,danno@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review-Url: https://codereview.chromium.org/2751913007
Cr-Commit-Position: refs/heads/master@{#43891}
2017-03-17 11:20:13 +00:00
neis
94b088ca3c Disentangle assembler from isolate.
This is a first step towards moving Turbofan code generation off the main thread.

Summary of the changes:
- AssemblerBase no longer has a pointer to the isolate. Instead, its
  constructor receives the few things that it needs from the isolate (on most
  architectures this is just the serializer_enabled flag).
- RelocInfo no longer has a pointer to the isolate. Instead, the functions
  that need it take it as an argument.  (There are currently still a few that
  implicitly access the isolate through a HeapObject.)
- The MacroAssembler now explicitly holds a pointer to the isolate (before, it
  used to get it from the Assembler).
- The jit_cookie also moved from AssemblerBase to the MacroAssemblers, since
  it's not used at all in the Assemblers.
- A few architectures implemented parts of the Assembler with the help
  of a Codepatcher that is based on MacroAssembler.  Since the Assembler no
  longer has the isolate, but the MacroAssembler still needs it, this doesn't
  work anymore.  Instead, these Assemblers now use a new PatchingAssembler.

BUG=v8:6048

Review-Url: https://codereview.chromium.org/2732273003
Cr-Commit-Position: refs/heads/master@{#43890}
2017-03-17 11:18:06 +00:00
jgruber
10f7b7ecc6 [regexp] Add slow exec stub to reduce code size
CSA builtins can become very large, and the RegExp builtins are currently the
main offender (e.g. @@match's code size is over 50k). This is due to the fact
that most RegExp builtins rely on RegExpBuiltinExec (fairly large itself),
which is then inlined multiple times in many builtins.

This CL reduces the snapshot size for an x64 release build by 80k by turning
slow-path RegExpBuiltinExec calls into stub calls (i.e. removing code
duplication through inlining) and completely removing the code path for fast
RegExp instances in RegExpExec (it is never taken).

BUG=v8:5339,v8:5737

Review-Url: https://codereview.chromium.org/2745053003
Cr-Commit-Position: refs/heads/master@{#43889}
2017-03-17 10:48:47 +00:00
Toon Verwaest
162553a12a [ic] Support js accessors on slow-mode objects
BUG=v8:5561

Change-Id: Ib344479dac691bc418fbedffffbfbc1380ddd369
Reviewed-on: https://chromium-review.googlesource.com/455937
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43888}
2017-03-17 10:31:49 +00:00
Andreas Haas
87354ade6b [wasm] Remove the WasmTrapHelper
Since TrapIf has been implemented on all platforms, there is no need
anymore for the old WasmTrapHelper code. This CL also removes
TrapIf-specific tests.

R=titzer@chromium.org, clemensh@chromium.org

Change-Id: Ic069598441b7bd63bde2e66f4e536abea5ecebe6
Reviewed-on: https://chromium-review.googlesource.com/452380
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43887}
2017-03-17 10:30:31 +00:00
jgruber
ad75ded221 [cctest] Fix invalid assumption in test-unboxed-doubles
test-unboxed-doubles/WriteBarrierObjectShiftFieldsRight recently started
failing on arm64-nosnapshot builds due to a broken CHECK.

# Fatal error in ../../test/cctest/test-unboxed-doubles.cc, line 1417
# Check failed: heap->InNewSpace(*obj_value).

It expects the result of Factory::NewJSArray() to be in new
space; but NewJSArray encapsulates two allocations so the return value can
actually be in old space. Fix it by ensuring only one allocation occurs.

BUG=v8:5339

Review-Url: https://codereview.chromium.org/2759433002
Cr-Commit-Position: refs/heads/master@{#43886}
2017-03-17 10:16:54 +00:00
neis
877d9758eb [compiler] Add more tests for monotonicity of typing.
R=jarin@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2753543009
Cr-Commit-Position: refs/heads/master@{#43885}
2017-03-17 09:17:10 +00:00
Clemens Hammacher
86fa01c74a Add code flag for non-tagged parameters
The WasmCompileLazy builtin creates an internal frame, thus the garbage
collector will visit all pointers in the stack frame.
However, we will call this builtin from compiled wasm code, and it
receives raw (untagged) arguments. This is because this builtin is
later exchanged by compiled wasm code, so the ABI needs to be
compatible.

This CL introduces the has_tagged_params code flag, which is true by
default and false for each WASM_FUNCTION, JS_TO_WASM_FUNCTION and
the WasmCompileLazy builtin.
The gargabe collector just ignores the parameters for each frame
whose code object has this flag set to false. For internal frames,
all pointers in the whole stack frame are ignored if the flag is set.

R=titzer@chromium.org, mstarzinger@chromium.org
BUG=v8:5991

Change-Id: I12a15157db344725bcc280e2041fd5bcad2ba700
Reviewed-on: https://chromium-review.googlesource.com/451400
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43884}
2017-03-17 09:15:35 +00:00
Jochen Eisinger
215a2fa4d0 Correctly annotate v8::Message API methods
Retrieving information from a message should never execute script or
throw exceptions.

BUG=v8:5830
R=mmoroz@chromium.org,yangguo@chromium.org

Change-Id: Ie8a84ca2cc14eb41ceaf4162d8a5381a20d559bc
Reviewed-on: https://chromium-review.googlesource.com/455740
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43883}
2017-03-17 08:39:25 +00:00
littledan
3fa2633841 [intl] Fix debug-evaluate-no-side-effect-builtins test
String case conversion is known to debug-evaluate to not have a side
effect in noi18n mode, but debug-evaluate thinks it has a side effect
in i18n mode. Update the tests accordingly.

Verified locally that the test passes in i18n and noi18n mode (not sure
whether the noi18n trybot executes this test).

CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_noi18n_rel_ng

Review-Url: https://codereview.chromium.org/2750403004
Cr-Commit-Position: refs/heads/master@{#43882}
2017-03-17 07:18:07 +00:00
v8-autoroll
266ca8215b Update V8 DEPS.
Rolling v8/build: 81c2772..72004d5

Rolling v8/third_party/catapult: d49bf81..7b2dc0f

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Change-Id: I4a4903fd29b31585e184d9a5ccb5a4a941e7756c
Reviewed-on: https://chromium-review.googlesource.com/456461
Reviewed-by: v8 autoroll <v8-autoroll@chromium.org>
Commit-Queue: v8 autoroll <v8-autoroll@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43881}
2017-03-17 03:21:14 +00:00