1. 06 Jul, 2016 6 commits
  2. 05 Jul, 2016 32 commits
    • bjaideep's avatar
      PPC/s390: [builtins] Unify most of the remaining Math builtins. · 305d42c0
      bjaideep authored
      Port 0a0fe8fb
      
      Original commit message:
      
      Import fdlibm versions of acos, acosh, asin and asinh, which are more
          precise and produce the same result across platforms (we were using
          libm versions for asin and acos so far, where both speed and precision
          depended on the operating system so far). Introduce appropriate TurboFan
          operators for these functions and use them both for inlining and for the
          generic builtin.
      
          Also migrate the Math.imul and Math.fround builtins to TurboFan builtins
          to ensure that their behavior is always exactly the same as the inlined
          TurboFan version (i.e. C++ truncation semantics for double to float
          don't necessarily meet the JavaScript semantics).
      
          For completeness, also migrate Math.sign, which can even get some nice
          love in TurboFan.
      
          Drive-by-fix: Some alpha-sorting on the Math related functions, and
          cleanup the list of Math intrinsics that we have to export via the
          native context currently.
      
      R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com
      
      BUG=v8:3266,v8:3496,v8:3509,v8:3952,v8:5169,v8:5170,v8:5171,v8:5172
      LOG=N
      
      Review-Url: https://codereview.chromium.org/2125723002
      Cr-Commit-Position: refs/heads/master@{#37539}
      305d42c0
    • mlippautz's avatar
      [heap] Clear slots for map space when writing zap values · 9a4132aa
      mlippautz authored
      Pointer updating requires the all slots to be valid. If we write zap values in
      the sweeper we need to filter out invalid slots before.
      
      BUG=chromium:625748
      LOG=N
      R=ulan@chromium.org
      
      Review-Url: https://codereview.chromium.org/2122963002
      Cr-Commit-Position: refs/heads/master@{#37538}
      9a4132aa
    • mlippautz's avatar
      Reland "[heap] Track length for array buffers to avoid free-ing dependency" · da3745d8
      mlippautz authored
      The dependency would only happen if we have a smi overflow for the length and
      have create a heap number. In this case the heap number would've to survive
      until the array buffer is collected.
      
      To avoid this dependency we track the length (as we previously used to).
      
      BUG=chromium:625752
      LOG=N
      TEST=test/mjsunit/regress/regress-625752.js
      R=hpayer@chromium.org
      
      This reverts commit 1791d7bb.
      
      Review-Url: https://codereview.chromium.org/2127643002
      Cr-Commit-Position: refs/heads/master@{#37537}
      da3745d8
    • verwaest's avatar
      Cleanup array constructor inlining in crankshaft · 71eabf5c
      verwaest authored
      This CL removes unnecessary complexity from crankshaft, possible due to the
      move of ArrayConstructor to code-stub-assembler. Making the code easier
      hopefully helps us find bugs.
      
      BUG=
      
      Review-Url: https://codereview.chromium.org/2117383002
      Cr-Commit-Position: refs/heads/master@{#37536}
      71eabf5c
    • verwaest's avatar
      Abort if we ever allocate a non-0-sized packed array · c2eb0750
      verwaest authored
      BUG=chromium:621147
      
      Review-Url: https://codereview.chromium.org/2122943002
      Cr-Commit-Position: refs/heads/master@{#37535}
      c2eb0750
    • jochen's avatar
      Remove obsolete patching step from runtime callstats.html · 9d66b3f3
      jochen authored
      BUG=
      R=cbruni@chromium.org
      
      Review-Url: https://codereview.chromium.org/2119823002
      Cr-Commit-Position: refs/heads/master@{#37534}
      9d66b3f3
    • machenbach's avatar
      Revert of [heap] Track length for array buffers to avoid free-ing dependency... · 1791d7bb
      machenbach authored
      Revert of [heap] Track length for array buffers to avoid free-ing dependency (patchset #2 id:20001 of https://codereview.chromium.org/2122603004/ )
      
      Reason for revert:
      [Sheriff] This makes mjsunit/regress/regress-625752 extremely slow on all gc stress bots and leads to timeouts with custom snapshot:
      https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/6602
      
      Original issue's description:
      > [heap] Track length for array buffers to avoid free-ing dependency
      >
      > The dependency would only happen if we have a smi overflow for the length and
      > have create a heap number. In this case the heap number would've to survive
      > until the array buffer is collected.
      >
      > To avoid this dependency we track the length (as we previously used to).
      >
      > BUG=chromium:625748,chromium:625752
      > LOG=N
      > TEST=test/mjsunit/regress/regress-625752.js
      > R=hpayer@chromium.org
      >
      > Committed: https://crrev.com/ddc75cc1356a58b6cfd63f9da0586e1150496b3d
      > Cr-Commit-Position: refs/heads/master@{#37530}
      
      TBR=hpayer@chromium.org,mlippautz@chromium.org
      # Skipping CQ checks because original CL landed less than 1 days ago.
      NOPRESUBMIT=true
      NOTREECHECKS=true
      NOTRY=true
      BUG=chromium:625748,chromium:625752
      
      Review-Url: https://codereview.chromium.org/2127483003
      Cr-Commit-Position: refs/heads/master@{#37533}
      1791d7bb
    • honggyu.kp's avatar
      Strictly disable instantiation of AllStatic class · 446232f1
      honggyu.kp authored
      Since the intention of using AllStatic class is to provide classes that
      only contain static method functions without member variables so it
      doesn't have to be instantiated at all.
      
      However, current implementation only disables dynamic instantiation, and
      it can be detected at runtime by reaching UNREACHABLE().  And it can
      still have instances allocated inside stack.
      
      This blocks all those cases by deleting default constructor of AllStatic
      class to prevent undesirable usage of it.
      
      BUG=
      R=jochen@chromium.org
      
      Review-Url: https://codereview.chromium.org/2108273003
      Cr-Commit-Position: refs/heads/master@{#37532}
      446232f1
    • oth's avatar
      [interpreter] Introduce binary op bytecodes for Smi operand. · 40511877
      oth authored
      Introduces fused bytecodes for fusing LdaSmi followed by a binary op bytecode.
      The chosen bytecodes are used frequently in Octane: AddSmi, SubSmi,
      BitwiseOrSmi, BitwiseAndSmi, ShiftLeftSmi, ShiftRightSmi.
      
      There are additional code stubs for these operations that are biased towards
      both the left hand and right hand operands being Smis.
      
      BUG=v8:4280
      LOG=N
      
      Review-Url: https://codereview.chromium.org/2111923002
      Cr-Commit-Position: refs/heads/master@{#37531}
      40511877
    • mlippautz's avatar
      [heap] Track length for array buffers to avoid free-ing dependency · ddc75cc1
      mlippautz authored
      The dependency would only happen if we have a smi overflow for the length and
      have create a heap number. In this case the heap number would've to survive
      until the array buffer is collected.
      
      To avoid this dependency we track the length (as we previously used to).
      
      BUG=chromium:625748,chromium:625752
      LOG=N
      TEST=test/mjsunit/regress/regress-625752.js
      R=hpayer@chromium.org
      
      Review-Url: https://codereview.chromium.org/2122603004
      Cr-Commit-Position: refs/heads/master@{#37530}
      ddc75cc1
    • mstarzinger's avatar
      [turbofan] Remove obsolete frame-state from count op. · e0dd3119
      mstarzinger authored
      This removes the usage of {FrameStateBeforeAndAfter} from the graph
      building for count operations. The {JSAdd} or {JSSubtract} node in
      question no longer needs the frame-state attached.
      
      R=bmeurer@chromium.org
      
      Review-Url: https://codereview.chromium.org/2127523002
      Cr-Commit-Position: refs/heads/master@{#37529}
      e0dd3119
    • bmeurer's avatar
      [turbofan] Initial version of the new LoadElimination. · d70dc1ac
      bmeurer authored
      This adds a new optimization phase to the TurboFan pipeline, which walks
      over the effect chain and tries to eliminate redundant loads (and even
      some stores) of object fields. We currently ignore element access, but
      that will probably need to be handled as well at some point. We also
      don't have any special treatment to properly track object maps, which is
      also on the list of things that will happen afterwards.
      
      The implementation is pretty simple currently, and probably way to
      inefficient. It's meant to be a proof-of-concept to iterate on.
      
      R=jarin@chromium.org
      BUG=v8:4930,v8:5141
      
      Review-Url: https://codereview.chromium.org/2120253002
      Cr-Commit-Position: refs/heads/master@{#37528}
      d70dc1ac
    • ahaas's avatar
      [wasm] Copy the signature when compiling an imported function. · 65415ca7
      ahaas authored
      The signature of an imported function is needed to compile a wrapper in
      wasm to call the imported function. The signature is stored in a heap
      object which is created when the wasm module is compiled. With this CL
      we do not use a pointer to the signature in the heap object but instead
      copy the signature and then use a pointer to the copy. A pointer into
      a heap object causes problems when a GC is happening.
      
      R=titzer@chromium.org, mtrofin@chromium.org
      
      Review-Url: https://codereview.chromium.org/2124743002
      Cr-Commit-Position: refs/heads/master@{#37527}
      65415ca7
    • mstarzinger's avatar
      [unittests] Remove spurious language mode test dimension. · ee2d06e6
      mstarzinger authored
      This just removes some left-overs from when the {JSTypedLoweringTest}
      covered strong mode and an iteration over all language modes was used
      for testing all binary operations. The language mode in question has
      been removed since then.
      
      R=bmeurer@chromium.org
      
      Review-Url: https://codereview.chromium.org/2121113002
      Cr-Commit-Position: refs/heads/master@{#37526}
      ee2d06e6
    • machenbach's avatar
      [build] Switch x87 to swarming. · 84124ce2
      machenbach authored
      BUG=chromium:625793
      NOTRY=true
      TBR=vogelheim@chromium.org, zhengxing.li@intel.com
      
      Review-Url: https://codereview.chromium.org/2124763002
      Cr-Commit-Position: refs/heads/master@{#37525}
      84124ce2
    • Miran.Karic's avatar
      MIPS: [turbofan] Fix addition for deoptimization. · 99385e8e
      Miran.Karic authored
      In turbofan, after an addition operation where the same register is the
      output and both inputs, if deoptimization is performed the input is
      overwritten with the output value and the final result is not correct.
      This is fixed by restoring the original value of the input before
      deoptimization.
      
      BUG=
      TEST=mjsunit/regress/regress-int32-truncation
      
      Review-Url: https://codereview.chromium.org/2102063002
      Cr-Commit-Position: refs/heads/master@{#37524}
      99385e8e
    • bmeurer's avatar
      [turbofan] Run value numbering as part of typed lowering. · b18b3877
      bmeurer authored
      We can already benefit from value numbering (pure) nodes at this point
      in the graph, because it makes some later passes more efficient and
      reduces the graph size early.
      
      R=jarin@chromium.org
      
      Review-Url: https://codereview.chromium.org/2125613002
      Cr-Commit-Position: refs/heads/master@{#37523}
      b18b3877
    • mstarzinger's avatar
      [turbofan] Remove eager frame state from add and subtract. · 2620c426
      mstarzinger authored
      This removes the frame state input representing the before-state from
      nodes having the {JSAdd} or the {JSSubtract} operator. Lowering that
      inserts number conversions of the inputs has to be disabled when
      deoptimization is enabled, because the frame state layout is no longer
      known.
      
      R=jarin@chromium.org
      BUG=v8:5021
      
      Review-Url: https://codereview.chromium.org/2125593002
      Cr-Commit-Position: refs/heads/master@{#37522}
      2620c426
    • ssanfilippo's avatar
      Broaden the condition under which gold is used as linker. · 8465244e
      ssanfilippo authored
      LOG=N
      
      Review-Url: https://codereview.chromium.org/2121123002
      Cr-Commit-Position: refs/heads/master@{#37521}
      8465244e
    • yangguo's avatar
      [debugger] add test case for throwing in generators. · 7a834e8b
      yangguo authored
      R=neis@chromium.org
      
      Review-Url: https://codereview.chromium.org/2117303003
      Cr-Commit-Position: refs/heads/master@{#37520}
      7a834e8b
    • bmeurer's avatar
      [intrinsic] Drop the %_ValueOf intrinsic. · 72275e66
      bmeurer authored
      This drops the %_ValueOf intrinsic, but keeps the runtime entry
      %ValueOf for now, by either migrating the functionality (mostly
      Debug mirror or toString/valueOf methods) to C++ or TurboFan
      builtins, or switching to the %ValueOf runtime call when it's
      not performance critical anyways.
      
      The %_ValueOf intrinsic was one of the last blockers for fixing
      the unsound machine operator typing in TurboFan.
      
      R=yangguo@chromium.org
      BUG=v8:5049
      
      Committed: https://crrev.com/293bd7882987f00e465710ce468bfb1eaa7d3fa2
      Review-Url: https://codereview.chromium.org/2126453002
      Cr-Original-Commit-Position: refs/heads/master@{#37512}
      Cr-Commit-Position: refs/heads/master@{#37519}
      72275e66
    • bmeurer's avatar
      [turbofan] Recognize fast path for Number.parseInt. · f50721d5
      bmeurer authored
      The Number.parseInt (and therefore the parseInt function on the global
      object) are often used instead of Math.floor or just plain int32
      truncation, and we can easily recognize those cases and provide a fast
      path in TurboFan.
      
      R=jarin@chromium.org
      
      Review-Url: https://codereview.chromium.org/2125583002
      Cr-Commit-Position: refs/heads/master@{#37518}
      f50721d5
    • mstarzinger's avatar
      [turbofan] Remove eager frame state from JSMultiply. · 277fac44
      mstarzinger authored
      This removes the frame state input representing the before-state from
      nodes having the {JSMultiply} operator. Lowering that inserts number
      conversions of the inputs has to be disabled when deoptimization is
      enabled, because the frame state layout is no longer known.
      
      R=jarin@chromium.org
      BUG=v8:5021
      
      Review-Url: https://codereview.chromium.org/2111193002
      Cr-Commit-Position: refs/heads/master@{#37517}
      277fac44
    • zhengxing.li's avatar
      X87: disable Acosh/ASinh test cases for x87. · f310a829
      zhengxing.li authored
          The reason:
          same as the CL #37371 (Issue 2111493002: X87: disable some sin/cos/expm1/tan test cases for x87.), please
          refer https://codereview.chromium.org/2111493002 for more details.
      
          For Acosh/ASinh test cases, the expected values are pre-defined double precision values, the results
          generated by C++ function are extended double precision as the extended double precision is default for x87
          Gcc compiler and std lib on linux platform. The comparison of different precisons caused some of those test
          cases failed.
      
          This CL disables Acosh/ASinh test cases for x87.
      
      BUG=
      
      Review-Url: https://codereview.chromium.org/2122593002
      Cr-Commit-Position: refs/heads/master@{#37516}
      f310a829
    • zhengxing.li's avatar
      X87: disable test-gap-resolver/FuzzResolver test case for x87. · bf4ef548
      zhengxing.li authored
        The reason:
        In CreateRandomOperand(), It used the register index 1 for ExplicitOperand(LocationOperand::REGISTER, rep,
        GetRegisterCode(rep, 1)).
      
        For x87 turbofan compiler, there's only 1 allocatable Float/Double register, i.e.: register index 0. the
        GetRegisterCode(rep, 1) in ExplicitOperand() always return false when rep is MachineRepresentation::kFloat32/kFloat64.
      
        It caused the test-gap-resolver/FuzzResolver failed at DCHECK_IMPLIES(kind == REGISTER && rep == MachineRepresentation::kFloat32,
        FloatRegister::from_code(index).IsAllocatable(RegisterConfiguration::TURBOFAN)), src/compiler/instruction.cc, line 259, under
        debug mode.
      
        This CL disable test-gap-resolver/FuzzResolver test case for x87.
      
      BUG=
      
      Review-Url: https://codereview.chromium.org/2120203002
      Cr-Commit-Position: refs/heads/master@{#37515}
      bf4ef548
    • machenbach's avatar
      Revert of [intrinsic] Drop the %_ValueOf intrinsic. (patchset #2 id:20001 of... · 0960beb0
      machenbach authored
      Revert of [intrinsic] Drop the %_ValueOf intrinsic. (patchset #2 id:20001 of https://codereview.chromium.org/2126453002/ )
      
      Reason for revert:
      [Sheriff] Breaks without i18n:
      https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20noi18n%20-%20debug/builds/8466
      
      Original issue's description:
      > [intrinsic] Drop the %_ValueOf intrinsic.
      >
      > This drops the %_ValueOf intrinsic, but keeps the runtime entry
      > %ValueOf for now, by either migrating the functionality (mostly
      > Debug mirror or toString/valueOf methods) to C++ or TurboFan
      > builtins, or switching to the %ValueOf runtime call when it's
      > not performance critical anyways.
      >
      > The %_ValueOf intrinsic was one of the last blockers for fixing
      > the unsound machine operator typing in TurboFan.
      >
      > R=yangguo@chromium.org
      > BUG=v8:5049
      >
      > Committed: https://crrev.com/293bd7882987f00e465710ce468bfb1eaa7d3fa2
      > Cr-Commit-Position: refs/heads/master@{#37512}
      
      TBR=yangguo@chromium.org,bmeurer@chromium.org
      # Skipping CQ checks because original CL landed less than 1 days ago.
      NOPRESUBMIT=true
      NOTREECHECKS=true
      NOTRY=true
      BUG=v8:5049
      
      Review-Url: https://codereview.chromium.org/2117273002
      Cr-Commit-Position: refs/heads/master@{#37514}
      0960beb0
    • jgruber's avatar
      Use toString tag to format receiver in stack traces · 97146803
      jgruber authored
      This concerns formatting of calls to, e.g., Math.acos in stack traces,
      in which the receiver is an object with an attached toString tag. If
      such a tag exists, use it to format the receiver typename to ensure that
      the stack trace includes 'Math.acos' instead of 'Object.acos'.
      
      R=yangguo@chromium.org
      BUG=
      
      Review-Url: https://codereview.chromium.org/2110683007
      Cr-Commit-Position: refs/heads/master@{#37513}
      97146803
    • bmeurer's avatar
      [intrinsic] Drop the %_ValueOf intrinsic. · 293bd788
      bmeurer authored
      This drops the %_ValueOf intrinsic, but keeps the runtime entry
      %ValueOf for now, by either migrating the functionality (mostly
      Debug mirror or toString/valueOf methods) to C++ or TurboFan
      builtins, or switching to the %ValueOf runtime call when it's
      not performance critical anyways.
      
      The %_ValueOf intrinsic was one of the last blockers for fixing
      the unsound machine operator typing in TurboFan.
      
      R=yangguo@chromium.org
      BUG=v8:5049
      
      Review-Url: https://codereview.chromium.org/2126453002
      Cr-Commit-Position: refs/heads/master@{#37512}
      293bd788
    • zhengxing.li's avatar
      X87: [builtins] Add receiver to builtin exit frames. · e043dcb5
      zhengxing.li authored
        port f59a2335 (r37500)
      
        original commit message:
        Stack trace generation requires access to the receiver; and while the
        receiver is already on the stack, we cannot determine its position
        during stack trace generation (it's stored in argv[0], and argc is only
        stored in a callee-saved register).
      
        This patch grants access to the receiver by pushing argc onto builtin
        exit frames as an extra argument. Compared to simply pushing the
        receiver, this requires an additional dereference during stack trace
        generation, but one fewer during builtin calls.
      
      BUG=
      
      Review-Url: https://codereview.chromium.org/2118413002
      Cr-Commit-Position: refs/heads/master@{#37511}
      e043dcb5
    • mvstanton's avatar
      Removed fdlibm.js, as it is now an empty shell. · 47f54330
      mvstanton authored
      BUG=
      
      Review-Url: https://codereview.chromium.org/2106413002
      Cr-Commit-Position: refs/heads/master@{#37510}
      47f54330
    • v8-autoroll's avatar
      Update V8 DEPS. · 12291c54
      v8-autoroll authored
      Rolling v8/build to 536d6fe8a0df34c0c412da483375d71b9b931afa
      
      Rolling v8/buildtools to d2664782a3855d5be8cbbfd3c23b6652926de8cc
      
      TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
      
      Review-Url: https://codereview.chromium.org/2124673002
      Cr-Commit-Position: refs/heads/master@{#37509}
      12291c54
    • zhengxing.li's avatar
      X87: [turbofan]: Support using push instructions for setting up tail call parameters. · c140a90c
      zhengxing.li authored
        port bd0d9e7d (r37477)
      
        original commit message:
        This optimizes the passing of stack parameters in function calls.
      
        For some architectures (ia32/x64), using pushes when possible instead
        of bumping the stack and then storing parameters generates much
        smaller code, and in some cases is faster (e.g. when a push of a memory
        location can implement a memory-to-memory copy and thus elide an
        intermediate load. On others (e.g. ARM), the benefit is smaller, where
        it's only possible to elide direct stack pointer adjustment in certain cases
        or combine multiple register stores into a single instruction in other limited
        situations. On yet other platforms (ARM64, MIPS), there are no push instructions,
        and this optimization isn't used at all.
      
        Ideally, this mechanism would be used for both tail calls and normal calls,
        but "normal" calls are currently pretty efficient, and tail calls are very
        inefficient, so this CL sets the bar low for building a new mechanism to
        handle parameter pushing that only needs to raise the bar on tail calls for now.
      
        The key aspect of this change is that adjustment to the stack pointer
        for tail calls (and perhaps later real calls) is an explicit step separate from
        instruction selection and gap resolution, but aware of both, making it possible
        to safely recognize gap moves that are actually pushes.
      
      BUG=
      
      Review-Url: https://codereview.chromium.org/2120413002
      Cr-Commit-Position: refs/heads/master@{#37508}
      c140a90c
  3. 04 Jul, 2016 2 commits
    • mtrofin's avatar
      [wasm] Fix possible gc-ing of wasm code objects · 462d57ae
      mtrofin authored
      If incremental GC starts before imports linking, and sees a wasm
      function, it won't revisit that after the imports that function are linked.
      As a result, the import code objects may be GC-ed. This change
      addresses this issue.
      
      BUG=
      
      Review-Url: https://codereview.chromium.org/2113183002
      Cr-Commit-Position: refs/heads/master@{#37507}
      462d57ae
    • lpy's avatar
      Split Ticker into two samplers. · 3ca49d9a
      lpy authored
      Currently there are two logic in Ticker, one is to try to request a
      pre-allocated TickSample from CpuProfiler and then initialize it, and if the
      request fails, it will initialize a local TickSample. The other is it will pass
      an initialized TickSample to Profiler to log into v8.log.
      
      This patch splits Ticker into two samplers, the first one remains in log.cc to
      collect samples and pass to Profiler for logging, the second one will be called
      by ProfilerEventsProcessor, and only use the circular queue only.
      
      BUG=v8:4789
      LOG=N
      
      Review-Url: https://codereview.chromium.org/2108393002
      Cr-Commit-Position: refs/heads/master@{#37506}
      3ca49d9a