Commit Graph

6879 Commits

Author SHA1 Message Date
mvstanton@chromium.org
6b68824a46 Fix ASAN warning.
BUG=
TBR=ishell@chromium.org

Review URL: https://codereview.chromium.org/683033002

Cr-Commit-Position: refs/heads/master@{#24920}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24920 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-28 08:34:40 +00:00
bmeurer@chromium.org
95095af57f [turbofan] Improve typed lowering for JSToBoolean.
- JSToBoolean(x:string) => BooleanNot(NumberEqual(x.length, #0))
- JSToBoolean(phi(x1,...,xn):primitive) => phi(JSToBoolean(x1),...,JSToBoolean(xn))

TEST=cctest,mjsunit/asm/do-while,mjsunit/boolean,unittests
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/681223002

Cr-Commit-Position: refs/heads/master@{#24919}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24919 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-28 08:34:15 +00:00
bmeurer@chromium.org
1e96221bbb [turbofan] Minor cleanups to lowering of typed array loads/stores.
TEST=unittests
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/680063004

Cr-Commit-Position: refs/heads/master@{#24917}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24917 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-28 08:29:19 +00:00
jarin@chromium.org
167fa99716 Revert "[turbofan] Merge GenericNode with Node."
This reverts commit a238443c00 (r24915)
for tanking benchmarks.

TBR=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/684693002

Cr-Commit-Position: refs/heads/master@{#24916}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24916 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-27 22:34:44 +00:00
jarin@chromium.org
a238443c00 [turbofan] Merge GenericNode with Node.
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/676353002

Cr-Commit-Position: refs/heads/master@{#24915}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24915 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-27 20:37:47 +00:00
ishell@chromium.org
3a26fc111b Fix for the cctest compilation issue on Mac after r24911.
TBR=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/667153005

Cr-Commit-Position: refs/heads/master@{#24913}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24913 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-27 16:59:15 +00:00
yangguo@chromium.org
8680952d93 Add serializer test case to bug fix in r24871.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/680883003

Cr-Commit-Position: refs/heads/master@{#24912}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24912 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-27 16:40:16 +00:00
mvstanton@chromium.org
15c5c9d530 A type vector with multiple IC types needs metadata.
This CL adds a bitset to describe the type of IC in each IC slot.
This is necessary for clearing ICs of different types.

With FLAG_vector_ics off (the current state), it's not required because
CALL_IC is the only type of IC in the vector.

R=ishell@chromium.org

Review URL: https://codereview.chromium.org/679073002

Cr-Commit-Position: refs/heads/master@{#24911}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24911 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-27 16:34:39 +00:00
wingo@igalia.com
0755160e28 Revert "Move AST node counting to post-pass"
This reverts commit 698356720824559a6bd81c24be707b44ac277526 for
breaking regress-96526-002 among other things.

TBR=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/678033002

Cr-Commit-Position: refs/heads/master@{#24910}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24910 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-27 16:25:40 +00:00
wingo@igalia.com
88e0c38c9a Move AST node counting to post-pass
R=mstarzinger@chromium.org, svenpanne@chromium.org
BUG=

Review URL: https://codereview.chromium.org/675493002

Cr-Commit-Position: refs/heads/master@{#24909}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24909 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-27 15:00:43 +00:00
jarin@chromium.org
abefd29161 Revert "Enable turbofan deoptimization by default."
This reverts commit 866032692f for breaking
tests.

TBR=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/681713004

Cr-Commit-Position: refs/heads/master@{#24908}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24908 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-27 14:37:10 +00:00
adamk@chromium.org
f1954232b0 SimpleMove now calls [[Has]] before [[Get]] when moving elements
BUG=v8:3643
LOG=n
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/678753002

Cr-Commit-Position: refs/heads/master@{#24907}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24907 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-27 13:05:13 +00:00
jarin@chromium.org
866032692f Enable turbofan deoptimization by default.
BUG=
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/638833004

Cr-Commit-Position: refs/heads/master@{#24905}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24905 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-27 12:47:16 +00:00
dcarney@chromium.org
91f4962343 [turbofan] reduce allocations outside of pipeline
BUG=
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/679793003

Cr-Commit-Position: refs/heads/master@{#24904}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24904 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-27 12:40:13 +00:00
erikcorry@chromium.org
716648065a Revert 'Introduce phantom weak handles in the API and use them internally for debug info'
Revert of https://codereview.chromium.org/649563006/ due to layout test
failures.
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/677403002

Cr-Commit-Position: refs/heads/master@{#24901}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24901 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-27 12:03:39 +00:00
verwaest@chromium.org
d83acdf9a0 Revert "Limit the number of transitions allowed per hidden class." Due to crashes in ClearMapTransitions
BUG=
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/661583004

Cr-Commit-Position: refs/heads/master@{#24900}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24900 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-27 11:58:18 +00:00
erikcorry@chromium.org
891e289d0f Introduce phantom weak handles in the API and use them internally for debug info
R=jochen@chromium.org, ulan@chromium.org
BUG=

Review URL: https://codereview.chromium.org/649563006

Cr-Commit-Position: refs/heads/master@{#24899}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24899 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-27 11:05:11 +00:00
danno@chromium.org
16928e28d7 [turbofan] Reduce memory consumption of graph building
Allow reservation of additional input capacity when creating nodes to prevent switching to deque representation when adding well-known additional inputs.

Also ensure that only a single temporary buffer is used to create temporary input arrays before allocating nodes.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/644083003

Cr-Commit-Position: refs/heads/master@{#24896}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24896 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-27 10:12:40 +00:00
titzer@chromium.org
82581534ae Implement control reducer, which reduces branches and phis together in a single fixpoint.
R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/665223006

Cr-Commit-Position: refs/heads/master@{#24891}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24891 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-27 08:42:16 +00:00
bmeurer@chromium.org
f535763763 [turbofan] Implement the correct semantics for integer division/modulus.
Also fix the sdiv/udiv instructions on ARM as a nice side effect.

TEST=cctest,unittests
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/677483005

Cr-Commit-Position: refs/heads/master@{#24888}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24888 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-26 12:50:46 +00:00
jarin@chromium.org
23df66ee24 Add more missing deopts
BUG=
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/639883002

Cr-Commit-Position: refs/heads/master@{#24886}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24886 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-26 10:25:48 +00:00
dslomov@chromium.org
08ee4d3a5c Add remaining @@toStringTag symbols to builtins
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/664333003

Patch from Caitlin Potter <caitpotter88@gmail.com>.

Cr-Commit-Position: refs/heads/master@{#24885}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24885 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-24 19:29:10 +00:00
adamk@chromium.org
c9ea8d6512 SimpleSlice now calls [[Get]] before [[Has]] when generating copy
SparseSlice does not need this (non-optimal) reordering since its
callers guarantee that [[Get]] has no side effects on the passed-in array.

BUG=v8:3643
LOG=n
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/674003002

Cr-Commit-Position: refs/heads/master@{#24884}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24884 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-24 18:08:13 +00:00
adamk@chromium.org
02d37b8f10 Widen definition of %HasComplexElements() to include non-enumerability
This avoids using the Sparse methods on objects with non-enumerable elements,
which can cause the 'enumerable: false' bit to get lost in the operation.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/672323003

Cr-Commit-Position: refs/heads/master@{#24883}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24883 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-24 18:04:13 +00:00
baptiste.afsa@arm.com
878ff91c8f [arm64] Use logical immediates when matching tst instructions.
R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/668633003

Cr-Commit-Position: refs/heads/master@{#24882}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24882 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-24 15:29:44 +00:00
dslomov@chromium.org
9b74675e0d Check string literals with escapes in PreParserTraits::GetSymbol()
LOG=Y
BUG=v8:3606
R=arv@chromium.org, marja@chromium.org

Review URL: https://codereview.chromium.org/615813004

Patch from Caitlin Potter <caitpotter88@gmail.com>.

Cr-Commit-Position: refs/heads/master@{#24880}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24880 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-24 15:02:41 +00:00
titzer@chromium.org
21013d2641 Fix bugs in Scheduler hoisting and RPO loop bounds computations.
R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/677683002

Cr-Commit-Position: refs/heads/master@{#24877}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24877 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-24 13:57:39 +00:00
mstarzinger@chromium.org
a9a7979e9e Add Schedule::InsertBranch to fuse control flow graphs.
R=jarin@chromium.org
TEST=cctest/test-schedule/TestScheduleInsertBranch

Review URL: https://codereview.chromium.org/675983002

Cr-Commit-Position: refs/heads/master@{#24876}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24876 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-24 13:48:18 +00:00
sigurds@chromium.org
df9ac2c165 Add Float64Floor, Float64Ceil, Float64RoundTruncate, Float64RoundTiesAway operators.
These operators are not supported by any backends yet, and a backend is free to not support them.

R=bmeurer@chromium.org
TEST=unittest/machine-operator

Review URL: https://codereview.chromium.org/668173002

Cr-Commit-Position: refs/heads/master@{#24874}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24874 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-24 13:12:12 +00:00
yangguo@chromium.org
0e1124842a Tweaks to the code serializer.
- consider the source string as a special sort of back reference.
- use repeat op code for more root members.

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/674883002

Cr-Commit-Position: refs/heads/master@{#24871}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24871 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-24 13:12:09 +00:00
bmeurer@chromium.org
548fb46331 [x86] Fix register constraints for multiply-high.
TEST=mjsunit/compiler,unittests
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/671393002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24862 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-24 09:36:40 +00:00
yangguo@chromium.org
e6ac285bd3 Log code event for deserialized code.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/663453005

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24861 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-24 08:37:03 +00:00
yangguo@chromium.org
518ddc9317 Make block writes in the serializer more efficient.
And also fix a OOB read in SerializeExternalString.

R=vogelheim@chromium.org

Review URL: https://codereview.chromium.org/671633004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24858 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-24 07:29:39 +00:00
verwaest@chromium.org
8189922e1e Limit the number of transitions allowed per hidden class.
Each time a transition is added to a hidden class, the whole
transitions array must be copied, which causes poor performance
in some circumstances.  This change limits the maximum size of
the transition array, avoiding this behavior in the pathological
case.  For example, this improves the performance of the EtchMark
benchmark by nearly 60%.

BUG=v8:3616
LOG=
R=verwaest@chromium.org, svenpanne@chromium.org

Review URL: https://codereview.chromium.org/635883003

Patch from Kevin M. McCormick <mckev@amazon.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24857 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-24 05:29:54 +00:00
adamk@chromium.org
0ef073d556 Fix sparse versions of Array slice/splice to use [[DefineOwnProperty]] to generate return value
BUG=chromium:423633
LOG=n
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/673893002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24856 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-23 21:13:29 +00:00
adamk@chromium.org
5f1ae66d56 Narrow cases where Sparse/Smart versions of Array methods are used
Added a new %HasComplexElements runtime function (meaning elements that are
non-writable, non-configurable, or have getters and setters) and use it
in UseSparseVariant to filter out cases where the sparse optimizations
can cause V8 to fall out of spec compliance.

Renamed SmartMove/SmartSlice to SparseMove/SparseSlice and guarded them
with the new and improved UseSparseVariant.

These two changes combine let us pass nearly every test in bug-2615.js,
as well as fixing reverse and join on sparse arrays.

Note that there are various test changes in this patch that correct existing
tests to match the correct-by-spec behavior.

This patch depends on https://codereview.chromium.org/666883009, which
better-aligns the behavior of SmartMove with SimpleMove.

BUG=v8:2615,v8:3612,v8:3621
LOG=y
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/656423004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24855 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-23 18:21:50 +00:00
adamk@chromium.org
f3c3697521 Change SmartMove no-op behavior to match SimpleMove (and ES6 spec)
The previous behavior, which caused Array.prototype.unshift() (with no args)
to have side-effects, no longer matches the spec (ES6 changed the no-arg behavior
in April 2014). The new SmartMove behavior is also compatible with current
versions of Firefox.

This is a baby step towards getting rid of SmartMove; it isolates the test
change in this patch, instead of lumping it in confusingly with all the
other test updates necessary for moving away from SmartMove.

R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/666883009

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24854 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-23 17:46:34 +00:00
ishell@chromium.org
5509cc2c07 Fixed mutable heap numbers leak in JSON parser.
BUG=chromium:423687
LOG=N
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/669403002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24849 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-23 14:41:39 +00:00
jarin@chromium.org
c7685a59f0 [turbofan] Use range types to type and lower arithmetic ops.
This is based on Georg's work on typing arithmetic operations (https://codereview.chromium.org/658743002/).

Instead of weakening to bitset types, we weaken to the closest 2^n
limit if we see that we are re-typing a node with a range type (which
means that the node can be part of a cycle, so we might need
to speed up the fixpoint there).

BUG=
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/636283009

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24848 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-23 14:40:43 +00:00
dslomov@chromium.org
96105a90fc harmony-scoping: Allow 'const' iteration variables in strict mode.
R=rossberg@chromium.org
BUG=v8:2506
LOG=N

Committed: https://code.google.com/p/v8/source/detail?r=24834

Review URL: https://codereview.chromium.org/671913002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24842 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-23 12:30:20 +00:00
dslomov@chromium.org
707ed29a51 Revert "harmony-scoping: Allow 'const' iteration variables in strict mode."
This reverts commit r24834 for breaking debug tests.

TBR=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/672193002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24839 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-23 11:55:19 +00:00
yangguo@chromium.org
aaa104c8da De-virtualize snapshot sink.
R=vogelheim@chromium.org

Review URL: https://codereview.chromium.org/669133003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24836 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-23 11:23:57 +00:00
dslomov@chromium.org
b54f7d3c46 harmony-scoping: Allow 'const' iteration variables in strict mode.
R=rossberg@chromium.org
BUG=v8:2506
LOG=N

Review URL: https://codereview.chromium.org/671913002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24834 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-23 11:18:50 +00:00
bmeurer@chromium.org
80836787a3 [turbofan] Improve code generation for inline comparisons with zero.
TEST=cctest,unittests
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/669133004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24832 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-23 10:22:06 +00:00
dcarney@chromium.org
5f83dabb60 [turbofan] split compilation stats off from HStatistics and track high water marks
R=jarin@chromium.org

BUG=

Review URL: https://codereview.chromium.org/669053002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24830 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-23 09:14:35 +00:00
dslomov@chromium.org
98c208447d Classes: implement 'new super'.
R=ishell@chromium.org, arv@chromium.org
BUG=v8:3330
LOG=N

Committed: https://code.google.com/p/v8/source/detail?r=24822

Review URL: https://codereview.chromium.org/665773003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24825 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-23 08:32:23 +00:00
dslomov@chromium.org
6442348d6e Revert "Classes: implement 'new super'."
This reverts commit r24822 for breaking debug compilation.

TBR=ishell@chromium.org

Review URL: https://codereview.chromium.org/662253003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24823 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-23 08:21:30 +00:00
dslomov@chromium.org
99cafa0d5a Classes: implement 'new super'.
R=ishell@chromium.org, arv@chromium.org
BUG=v8:3330
LOG=N

Review URL: https://codereview.chromium.org/665773003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24822 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-23 08:11:51 +00:00
dcarney@chromium.org
887b3ca079 Cleanup ConsStringIteratorOp.
R=yangguo@chromium.org

BUG=

Review URL: https://codereview.chromium.org/663313003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24818 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-23 05:57:01 +00:00
bmeurer@chromium.org
c5b00bf6df Skip webkit/array-iterate-backwards for TF.
TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/672113002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24817 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-23 04:18:17 +00:00
bmeurer@chromium.org
85e86ad745 Skip webkit/dfg-int-overflow-in-loop for TF.
TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/652183005

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24816 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-23 04:16:22 +00:00
rodolph.perfetta@arm.com
ecbfc43f37 ARM64: Fix stack manipulation.
Builtins::Generate_StringConstructCode was claiming stack space instead of
giving it back.

BUG=chromium:425585
LOG=Y
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/672623003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24815 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-22 18:24:20 +00:00
adamk@chromium.org
98e0eac76f Speed up creation of Objects whose prototype has dictionary elements
This speeds up both the case from the bug (using Object.create) but also
takes care ofthe "{ __proto__: obj  }" syntax, which was previously (and
erroneously) being treated the same as setting the prototype dynamically
from script using the __proto__ setter or Object.setPrototypeOf.

BUG=chromium:422754
LOG=y
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/667253002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24814 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-22 18:16:35 +00:00
adamk@chromium.org
04db7c8793 Fix {get,set}ter-on-elements tests to run through all creation functions
setter-on-elements had the wrong length hardcoded in a for loop over the
creation functions (getter-on-elements had the right length, but seemed
worth future-proofing).

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/643143005

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24813 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-22 17:21:53 +00:00
titzer@chromium.org
5a1774268a Add Terminate operator.
Terminate is need for non-terminating loops (NTLs) that can appear after optimizing control flow. It gathers the control and effect(s) from a NTL and connects them to end so that they are not dead-code removed.

R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/651843004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24812 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-22 17:15:38 +00:00
wingo@igalia.com
6c9bab5c74 Array.prototype.{reduce, reduceRight}: Wrong order of operations when determining initial value.
BUG=v8:3534
LOG=
R=svenpanne@chromium.org, wingo@igalia.com

Review URL: https://codereview.chromium.org/614733002

Patch from Diego Pino <dpino@igalia.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24807 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-22 13:13:19 +00:00
machenbach@chromium.org
5680786c21 Move js perf tests to a common root on the perf dashboard.
BUG=
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/667373004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24806 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-22 13:04:08 +00:00
bmeurer@chromium.org
6619a7975d [turbofan] Add support for deferred code.
Branch can now have an optional hint, when the condition is
likely true or false, and if such a hint is present the other
basic block will be marked as deferred and placed at the end
of the function.

We currently use this feature for tagging int32/uint32 in
change lowering, and for load/store bounds checks in simplified
lowering.

TEST=cctest,unittests
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/642883003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24802 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-22 11:24:55 +00:00
dslomov@chromium.org
1efcf09375 Perf tests for fromCodePoint and codePointAt.
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/670463005

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24801 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-22 11:08:42 +00:00
sigurds@chromium.org
81420f003b Add FRINTP (round towards positive infinity) instruction.
Macro Assember, assembler and simulator for ARM64 were missing FRINTP.

R=rodolph.perfetta@arm.com, ulan@chromium.org

Review URL: https://codereview.chromium.org/669923002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24800 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-22 11:06:22 +00:00
dslomov@chromium.org
b664c12235 Flatten the string in StringToDouble function.
R=yangguo@chromium.org
BUG=chromium:425551
LOG=N

Review URL: https://codereview.chromium.org/654763003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24796 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-22 08:19:05 +00:00
jochen@chromium.org
4669a5cfb9 Really disable test when running with optimize for size
R=bmeurer@chromium.org
TBR=bmeurer@chromium.org
LOG=n
BUG=none

Review URL: https://codereview.chromium.org/652903008

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24795 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-22 08:15:47 +00:00
jochen@chromium.org
b57976051b Fix newly added test to not run with optimize-for-size
TBR=ulan@chromium.org
BUG=none
LOG=n

Review URL: https://codereview.chromium.org/673593002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24792 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-22 07:36:12 +00:00
jochen@chromium.org
8f7a455fe2 Add support for a target new space size
When this flag is set, we will commit additional pages up until the
target size before doing a scavenge.

I made sure that all tests pass when a target size of 16MB is set.

BUG=v8:3626
R=ulan@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/652543007

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24790 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-22 06:58:38 +00:00
adamk@chromium.org
b6d0113abc Array.prototype.{slice,splice} should use [[DefineOwnProperty]] to generate return value
BUG=chromium:423633
LOG=N
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/649063003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24784 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-21 17:46:42 +00:00
dslomov@chromium.org
37bd114925 Update ObjectToString to Harmony-draft algorithm
Updates Object.prototype.toString() to use algorithm described in harmony drafts.

Currently, the behaviour is essentially the same as ES262's version, however this changes when internal structures
such as Promise make use of symbolToStringTag (as they are supposed to, see v8:3241), and changes further once
Symbol.toStringTag is exposed publicly.

BUG=v8:3241, v8:3502
LOG=N
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/546803003

Patch from Caitlin Potter <caitpotter88@gmail.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24783 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-21 17:21:32 +00:00
dcarney@chromium.org
1c5fafe890 [turbofan] use ZonePool in most places in the compiler pipeline a temp zone is used.
R=jarin@chromium.org, bmeurer@chromium.org

BUG=

Review URL: https://codereview.chromium.org/663333003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24779 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-21 14:44:50 +00:00
titzer@chromium.org
12a82ef32c Fix AstGraphBuilder for loops like for(;;).
R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/640203004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24777 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-21 14:17:08 +00:00
mvstanton@chromium.org
8330178b4c The issue is that by handling strings with map/handler pairs instead of a special
version of the keyed load stub (https://code.google.com/p/v8/source/detail?r=24661),
I allowed polymorphism between string and non-string types in the IC. Before, the
IC would go generic.

Then, at crankshaft time, we special case when we only saw strings. The error
here is that crankshaft can't emit code that handles polymorphism between string
and non-string types. The choice is either to get that to happen (I don't deem
this necessary from a performance point of view, an IC with such type feedback
before would have gone generic), or simply check for the case of "polymorphic
with some string maps" and require crankshaft to go generic. I'll do the latter.

BUG=425519
LOG=N
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/667923004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24775 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-21 13:04:51 +00:00
jochen@chromium.org
2147d5a145 Use an idle notification of 0ms as hint that a GC after context disposal is triggerd
BUG=none
R=ulan@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/671513006

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24773 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-21 12:56:52 +00:00
dcarney@chromium.org
54fef44df3 [turbofan] add ZonePool to correctly track compiler phase memory usage
R=bmeurer@chromium.org

BUG=

Review URL: https://codereview.chromium.org/665893006

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24771 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-21 12:38:46 +00:00
bmeurer@chromium.org
1efc572fe7 [turbofan] Reduce ~~x to x.
TEST=unittests
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/666723005

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24770 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-21 12:24:01 +00:00
wingo@igalia.com
4eddbacabf Assign bailout and type feedback IDs in a post-pass
This will allow us to move expressions from one function to another, for
example when the parser determines that a given cover grammar instance
is actually the default value initializer for an arrow function.

This is a re-land of https://codereview.chromium.org/636403003/ with a
fix for the arm64 code generator.

R=svenpanne@chromium.org
BUG=

Review URL: https://codereview.chromium.org/663373003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24769 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-21 12:16:37 +00:00
dslomov@chromium.org
b830c2741c Handle property name "-0" correctly for typed arrays.
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/670623003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24768 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-21 11:54:10 +00:00
dslomov@chromium.org
ac8b70cf2b Perf tests for harmony string functions.
R=yangguo@chromium.org

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24765 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-21 11:05:32 +00:00
svenpanne@chromium.org
d66d302b00 Revert "Assign bailout and type feedback IDs in a post-pass"
This reverts r24757, which breaks the ARM64 simulator build.
Simple repro:

   out/arm64.debug/d8 -e 'eval("(function(){ const x; var x; })")'

TBR=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/652543006

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24762 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-21 10:55:12 +00:00
ulan@chromium.org
e777fc4126 Use smi zero instead of undefine_value to zap dead weak cells.
It is faster to test for smi zero from generated code.

BUG=
R=erikcorry@chromium.org

Review URL: https://codereview.chromium.org/637253004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24758 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-21 09:42:16 +00:00
svenpanne@chromium.org
2b8d734037 Assign bailout and type feedback IDs in a post-pass
This will allow us to move expressions from one function to another, for
example when the parser determines that a given cover grammar instance
is actually the default value initializer for an arrow function.

R=svenpanne@chromium.org, marja@chromium.org
BUG=

Review URL: https://codereview.chromium.org/636403003

Patch from Andy Wingo <wingo@igalia.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24757 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-21 08:52:32 +00:00
svenpanne@chromium.org
3de17c6950 Remove v8stdint.h, it doesn't serve a purpose anymore.
Basically a follow-up to https://codereview.chromium.org/667573005/.

LOG=y
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/670673002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24755 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-21 08:25:14 +00:00
dcarney@chromium.org
6c1e4f08d1 [turbofan] cleanup InstructionSequence
R=bmeurer@chromium.org

BUG=

Review URL: https://codereview.chromium.org/664123002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24753 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-21 06:59:50 +00:00
mvstanton@chromium.org
8a54a9a4f0 Fix gc mole test failure.
TBR=ulan@chromium.org

Review URL: https://codereview.chromium.org/651683003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24745 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-20 17:32:06 +00:00
dslomov@chromium.org
6ae42d9171 Simplify language feature management.
R=rossberg@chromium.org
BUG=v8:3640
LOG=N

Review URL: https://codereview.chromium.org/642233003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24743 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-20 13:33:34 +00:00
rossberg@chromium.org
d7b5cd0817 Upgrade test262-es6
R=dslomov@chromium.org
BUG=

Review URL: https://codereview.chromium.org/639373005

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24740 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-20 12:17:12 +00:00
yangguo@chromium.org
7ebe9d820a Remove fuzz-natives tests.
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/663043003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24739 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-20 12:14:26 +00:00
yangguo@chromium.org
b1d4bf4158 Move some Runtime:: functions and remove runtime.h as include when unnecessary.
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/662413002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24736 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-20 12:07:45 +00:00
bmeurer@chromium.org
010f089971 Remove (untested) code for unsupported compilers.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/656143004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24735 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-20 12:04:22 +00:00
mvstanton@chromium.org
c688ebd858 vector-based ICs did not update type feedback counts correctly.
BUG=v8:3605
LOG=N
R=jkummerow@chromium.org, ulan@chromium.org

Review URL: https://codereview.chromium.org/650073002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24732 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-20 11:42:56 +00:00
bmeurer@chromium.org
cc60a45d78 [turbofan] Move node matchers to separate file.
TEST=unittests
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/639293006

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24729 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-20 11:26:23 +00:00
dcarney@chromium.org
32161089da [turbofan] pass zone to InstructionSequence
R=bmeurer@chromium.org

BUG=

Review URL: https://codereview.chromium.org/663073002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24728 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-20 11:18:07 +00:00
dcarney@chromium.org
4e191e782e [turbofan] remove schedule from InstructionSequence
R=bmeurer@chromium.org

BUG=

Review URL: https://codereview.chromium.org/669613002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24726 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-20 10:19:15 +00:00
marja@chromium.org
394af55a8c Script streaming: more UTF-8 handing fixes (again).
1) Since we fill the output buffer both from the chunks and the conversion
buffer, it's possible that we run out of space and call CopyCharsHelper with 0
length. The underlying functions don't handle it gracefully, so check there.

2) There was a bug where we used to try to copy too many characters from the
beginning of the data chunk into the conversion buffer. Continuation bytes in
UTF-8 are of the form 0b10XXXXXX. If a byte is bigger than that, it's the first
byte of a new UTF-8 character and we should ignore it.

These two together (or maybe in combination with surrogates) are a probable
reason for crbug.com/420932.

3) The test data was off; \uc481 is \xec\x92\x81.

BUG=420932
LOG=N
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/662003003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24725 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-20 09:23:43 +00:00
bmeurer@chromium.org
7cfd0ed4d6 [arm64] Skip TF tests that time out in simulator debug runs.
TBR=dcarney@chromium.org

Review URL: https://codereview.chromium.org/642293005

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24724 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-20 09:01:14 +00:00
yangguo@chromium.org
8cc5d418ee Special handling for inline caches in code serializer.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/656533003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24722 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-20 08:46:11 +00:00
sigurds@chromium.org
bc475b4a6b Add inlining for intrinsics.
This issue is for discussion on how to proceed.

I think the implementation of ValueOf shows that directly creating the IR does not scale.

BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/612043003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24719 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-20 07:56:50 +00:00
bmeurer@chromium.org
d029d76120 [turbofan] Skip bounds checks for positive indices only.
TEST=unittests,mjsunit/asm/int32array-constant-key
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/647773004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24716 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-20 06:25:41 +00:00
adamk@chromium.org
9d4b3d278c Fix webkit getOwnPropertyNames test after r24706 removed Array.prototype.values
TBR=danno@chromium.org

Review URL: https://codereview.chromium.org/664613004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24708 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 20:27:24 +00:00
adamk@chromium.org
730c3fa3e0 Don't expose Array.prototype.values as it breaks webcompat
Some versions of Outlook Web Access test for the existence of a 'values'
property on Array instances, so adding the 'values' iterator to the prototype
(even with @@unscopeables) causes breakage.

This matches Gecko: they ship Array.prototype.{keys,entries} but not 'values'.

BUG=409858
LOG=Y
R=arv@chromium.org, danno@chromium.org

Review URL: https://codereview.chromium.org/647703003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24706 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 20:11:47 +00:00
dslomov@chromium.org
e3ad693020 Correct semantics for numerically indexed stores to typed arrays.
R=verwaest@chromium.org, ishell@chromium.org

Committed: https://code.google.com/p/v8/source/detail?r=24691

Review URL: https://codereview.chromium.org/652303002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24705 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 16:33:38 +00:00
jkummerow@chromium.org
c186399e5f Tick processor: Print C++ entry points
R=loislo@chromium.org, yangguo@chromium.org, yurys@chromium.org

Review URL: https://codereview.chromium.org/638633002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24700 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 15:44:02 +00:00
dcarney@chromium.org
1d31e89c6b skip some gc stress tests for tf
TBR=mstarzinger@chromium.org

BUG=

Review URL: https://codereview.chromium.org/659333002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24698 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 14:28:00 +00:00
yangguo@chromium.org
83ddaa0df7 Fix break location calculation.
R=ulan@chromium.org
BUG=chromium:419663
LOG=Y

Review URL: https://codereview.chromium.org/658723005

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24697 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 14:11:01 +00:00
dslomov@chromium.org
e149f81eba Keyed stores to super with numeric keys.
R=verwaest@chromium.org, arv@chromium.org, ishell@chromium.org
BUG=v8:3330
LOG=N

Review URL: https://codereview.chromium.org/649603003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24696 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 13:19:45 +00:00
dslomov@chromium.org
8854589c79 Revert "Correct semantics for numerically indexed stores to typed arrays."
This reverts commit r24691 because win64 release build breaks.

TBR=verwaest@chromium.org

Review URL: https://codereview.chromium.org/659313002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24695 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 13:01:54 +00:00
titzer@chromium.org
e4c6f9488e Implement graph trimming in ControlReducer.
Trimming the graph consists of breaking links from nodes that are not reachable from end to nodes that are reachable from end. Such dead nodes show up in the use lists of the live nodes and though mostly harmless, just clutter up the graph. They also can limit instruction selection opportunities, so it is good to get rid of them.

This CL is one half of the ControlReducer functionality, the other half
being branch folding.

R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/661923002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24694 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 11:51:57 +00:00
neis@chromium.org
7f7354f3fd Test monotonicity of expression typings.
R=rossberg@chromium.org
BUG=

Review URL: https://codereview.chromium.org/653093002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24693 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 11:46:06 +00:00
dslomov@chromium.org
3154c4a5f2 Correct semantics for numerically indexed stores to typed arrays.
R=verwaest@chromium.org, ishell@chromium.org

Review URL: https://codereview.chromium.org/652303002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24691 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 11:40:40 +00:00
titzer@chromium.org
8c5f9b6bb0 Fix InstructionSelector to handle calls with no (used) output values.
R=jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/664693002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24689 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 11:26:26 +00:00
yangguo@chromium.org
66170eaa52 test-serialize/Bug3628 is expected to fail, not crash.
TBR=jochen@chromium.org
BUG=v8:3628
LOG=N

Review URL: https://codereview.chromium.org/663483003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24688 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 10:22:47 +00:00
yangguo@chromium.org
d913faaf6d Improve String.repeat.
Adapted from patch contributed by Isiah Meadows <impinball@gmail.com>.

R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/657863002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24687 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 10:01:38 +00:00
yangguo@chromium.org
f0e3ae8e24 Prohibit serializing with --harmony-scoping.
R=jochen@chromium.org
BUG=v8:3628
LOG=N

Review URL: https://codereview.chromium.org/650423005

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24686 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 09:54:48 +00:00
bmeurer@chromium.org
a779150260 [turbofan] Eliminate typed array bounds checks if both key and length are constant.
TEST=mjsunit,unittests
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/638853004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24685 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 09:35:45 +00:00
dslomov@chromium.org
2c6b3f5b81 Initial set of perf tests for classes.
R=arv@chromium.org, machenbach@chromium.org, rossberg@chromium.org

Review URL: https://codereview.chromium.org/645933003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24684 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 09:26:55 +00:00
dslomov@chromium.org
d4cbcfce6e Implement the new semantics for 'super(...)'
Per the latest ES6 draft, super(...) translates into a call
to function's prototype.

R=arv@chromium.org, ishell@chromium.org, verwaest@chromium.org
BUG=v8:3330
LOG=N

Review URL: https://codereview.chromium.org/661433002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24683 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 09:16:03 +00:00
dslomov@chromium.org
27b1c823ce Share test framework between js-perf-tests.
Also small reformat in Iterators/forof.js

R=machenbach@chromium.org

Review URL: https://codereview.chromium.org/662723006

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24682 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 09:11:21 +00:00
dslomov@chromium.org
7cf9d1c807 Share code between Factory::NewJSTypedArray and API
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/641343005

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24681 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 09:04:58 +00:00
bmeurer@chromium.org
fe6656fbfe [arm] Prefer BIC over BFC.
BFC requires same register for input and output and causes introduction
of some unneccesary gap moves.

TEST=unittests,mjsunit
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/658283003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24678 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 07:07:54 +00:00
bmeurer@chromium.org
e918a842c9 Blacklist tests that are too slow with TurboFan in debug mode.
R=jochen@chromium.org

Review URL: https://codereview.chromium.org/660653008

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24677 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 06:59:02 +00:00
dslomov@chromium.org
5c3831b421 Performance tests for iterators.
R=wingo@igalia.com

Review URL: https://codereview.chromium.org/641123003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24675 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 06:58:08 +00:00
bmeurer@chromium.org
0854ee289b [x64] simply tweak materialization of float/double constants
port 24485
Fixed a bug of "psllq" instruction in x64

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/658813003

Patch from Weiliang Lin <weiliang.lin@intel.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24673 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 04:18:38 +00:00
haraken@chromium.org
f3bfd04bcf Pass an Isolate to v8::VisitHandlesWithClassIds
The Isolate version of v8::VisitHandlesWithClassIds is needed
for https://codereview.chromium.org/651713002/

R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/664473002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24671 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 00:46:18 +00:00
mvstanton@chromium.org
e8c3708825 Fix ASAN warning.
Missing line in a test to dispose of a string.

TBR=yangguo@chromium.org

Review URL: https://codereview.chromium.org/643873004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24665 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-16 13:26:28 +00:00
wingo@igalia.com
0841f7241b Track usage of "this" and "arguments" in Scope
This adds flags in Scope to track wheter a Scope uses "this" and,
"arguments". The information is exposed via Scope::uses_this(),
and Scope::uses_arguments(), respectively. Flags for tracking
usage on any inner scope uses are available as well via
Scope::inner_uses_this(), and Scope::inner_uses_arguments().

Knowing whether scopes use "this" and "arguments" will be handy
to generate the code needed to capture their values when generating
the code for arrow functions.

BUG=v8:2700
LOG=
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/422923004

Patch from Adrian Perez de Castro <aperez@igalia.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24663 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-16 13:19:36 +00:00
bmeurer@chromium.org
fe3a8845f0 [turbofan] Correctify typed lowering.
We cannot add new JSToNumber nodes here in general, because:

 a) The inserted ToNumber operation screws up observability of valueOf.
 b) Deoptimization at ToNumber doesn't have corresponding bailout id.

TEST=cctest,mjsunit
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/649543004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24660 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-16 11:31:00 +00:00
wingo@igalia.com
04c17602a4 Object.is should use SameValue
BUG=v8:3576
LOG=
R=arv@chromium.org, svenpanne@chromium.org, wingo@igalia.com

Review URL: https://codereview.chromium.org/626323002

Patch from Diego Pino <dpino@igalia.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24658 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-16 11:24:45 +00:00
wingo@igalia.com
ee64a14b24 Implement .forEach() on typed arrays
BUG=v8:3578
LOG=Y
R=dslomov@chromium.org, wingo@igalia.com

Review URL: https://codereview.chromium.org/583723002

Patch from Adrian Perez de Castro <aperez@igalia.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24657 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-16 10:55:26 +00:00
aandrey@chromium.org
b96b570628 Introduce v8::Exception::GetStackTrace API method.
This will be needed to get a stack trace from a DOMException.

API=v8::Exception::GetStackTrace
R=yangguo@chromium.org
LOG=Y

Review URL: https://codereview.chromium.org/655243002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24655 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-16 10:42:08 +00:00
adamk@chromium.org
ae7161e4cb Revert "Remove SmartMove, bringing Array methods further into spec compliance"
This reverts https://code.google.com/p/v8/source/detail?r=24647

It caused test failures in Array methods in Linux64 OptimizeForSize.

BUG=v8:2615
TBR=verwaest@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/656683003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24648 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 23:53:02 +00:00
adamk@chromium.org
bb885a79db Remove SmartMove, bringing Array methods further into spec compliance
This is one step towards a single codepath for each method in array.js.

This patch is based on rafaelw's https://codereview.chromium.org/349073002

BUG=v8:2615
LOG=Y
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/455933002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24647 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 23:36:58 +00:00
adamk@chromium.org
a6ff3f7f4a Handle exceptions thrown by Array.observe machinery
BUG=chromium:417709
LOG=N
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/651323003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24646 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 18:22:20 +00:00
sigurds@chromium.org
2577d6c261 Fix compilation after r24639
TBR=yangguo@chromium.org

Review URL: https://codereview.chromium.org/653353003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24643 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 14:42:32 +00:00
yangguo@chromium.org
4f9fd83d85 Break deserializer reservations into chunks that fit onto a page.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/653033002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24639 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 14:04:53 +00:00
dslomov@chromium.org
461a2f403e Convert argument toObject() in Object.getOwnPropertyNames/Descriptors
BUG=v8:3443
LOG=Y
R=arv@chromium.org, dslomov@chromium.org

Review URL: https://codereview.chromium.org/613283002

Patch from Caitlin Potter <caitpotter88@gmail.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24638 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 14:01:20 +00:00
titzer@chromium.org
ad80a80a8b Fix bug in NodeCache::GetCachedNodes
TBR=dcarney@chromium.org
BUG=

Review URL: https://codereview.chromium.org/656033003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24635 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 13:07:18 +00:00
titzer@chromium.org
754abff699 Add JSGraph::GetCachedNodes and NodeCache::GetCachedNodes. These routines are necessary in the dead code elimination phase to trim away uses from unreachable nodes.
R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/656103002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24632 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 12:29:39 +00:00
verwaest@chromium.org
23868b419c Optimize Function.prototype.call
BUG=
R=verwaest@chromium.org, jarin@chromium.org, jkummerow@chromium.org

Review URL: https://codereview.chromium.org/588573002

Patch from Petka Antonov <p.antonov@partner.samsung.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24631 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 12:22:15 +00:00
dcarney@chromium.org
37f1645023 [turbofan] more verification of rpo
R=titzer@chromium.org

BUG=

Review URL: https://codereview.chromium.org/603533002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24630 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 12:15:38 +00:00
rossberg@chromium.org
0e16150d33 Better typing and type verification
- Extend verifier to check types of JS and Simplified nodes.
- Untyped nodes now contain NULL as types, enforcing hard failure.
- Typer immediately installs itself as a decorator; remove explicit decorator installation.
- Decorator eagerly types all nodes that have typed inputs
  (subsumes typing of constant cache, removing its typing
  side-channel and various spurious dependencies on the typer).
- Cut down typer interface to prevent inconsistently typed graphs.
- Remove verification from start, since it caused too much trouble
  with semi-wellformed nodes.
- Fix a couple of bugs on the way that got uncovered.

To do: verifying machine operators. Also, various conditions in the
verifier are currently commented out, because they don't yet hold.

BUG=
R=jarin@chromium.org,titzer@chromium.org

Review URL: https://codereview.chromium.org/658543002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24626 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 11:38:04 +00:00
svenpanne@chromium.org
e216ab1d40 Array.prototype.{every, filter, find, findIndex, forEach, map, some}: Use fresh primitive wrapper for calls.
When the receiver is a primitive value, it's cast to an Object before entering the loop. Instead, it should be cast to an Object for each function call while in the loop.

BUG=v8:3536
LOG=Y
R=arv@chromium.org, svenpanne@chromium.org, wingo@igalia.com

Review URL: https://codereview.chromium.org/553413002

Patch from Diego Pino <dpino@igalia.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24620 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 09:11:32 +00:00
ulan@chromium.org
ac1f429689 Remove test-api/Regress2107 since it doesn't test what Chrome does.
BUG=v8:3625
LOG=N
R=jochen@chromium.org

Review URL: https://codereview.chromium.org/657033003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24617 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 08:44:00 +00:00
neis@chromium.org
93d0e79d6e Again reland "Refine expression typing, esp. by propagating range information."
This relands commit 24552.

TBR=rossberg@chromium.org
BUG=

Review URL: https://codereview.chromium.org/650513003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24615 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 08:21:46 +00:00
bmeurer@chromium.org
f574d93e51 Revert "Reland "Refine expression typing, esp. by propagating range information.""
This reverts commit r24609 for breaking the
cctest/test-js-typed-lowering/Int32BitwiseBinops test.

TBR=rossberg@chromium.org,neis@chromium.org

Review URL: https://codereview.chromium.org/656003002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24614 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 03:50:13 +00:00
neis@chromium.org
a7eb593147 Reland "Refine expression typing, esp. by propagating range information."
This relands commit 24552.

R=rossberg@chromium.org
BUG=

Review URL: https://codereview.chromium.org/653693002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24609 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-14 16:27:26 +00:00
yangguo@chromium.org
9a21ba499c Catch exceptions thrown when enqueuing change records.
R=ishell@chromium.org
BUG=chromium:417709
LOG=N

Review URL: https://codereview.chromium.org/653593002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24608 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-14 14:46:11 +00:00
ulan@chromium.org
dd49272c00 Weak Cells
Introduce an object that holds a weak reference.
Design document: http://goo.gl/9dSvvy.

BUG=
R=erik.corry@gmail.com

Review URL: https://codereview.chromium.org/640303006

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24606 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-14 14:43:45 +00:00
jkummerow@chromium.org
d7482818a6 Fix de/serialization tests after r24592
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/654853002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24600 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-14 12:21:18 +00:00
sigurds@chromium.org
4dc4b40925 Reland "Fix scheduler to correctly schedule nested diamonds".
Reland fix: Consume less memory.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/636233006

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24597 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-14 12:08:55 +00:00
bmeurer@chromium.org
81877a6440 [turbofan] Optimize division/modulus by constant.
TEST=cctest,mjsunit,unittests
R=dcarney@chromium.org, svenpanne@chromium.org

Review URL: https://codereview.chromium.org/654833002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24595 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-14 11:57:06 +00:00
baptiste.afsa@arm.com
573ca15f48 [turbofan] Add support for shifted and rotated operands on ARM64.
R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/642923003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24591 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-14 09:28:53 +00:00
dcarney@chromium.org
75d15894f6 [turbofan] remove some of the dependency of Instruction on Schedule
R=bmeurer@chromium.org

BUG=

Review URL: https://codereview.chromium.org/646393002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24584 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-14 08:51:22 +00:00
hpayer@chromium.org
2c18a51c72 Increase final idle time in idle notifcation of test test-api/Regress2107.
BUG=
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/653863002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24579 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-14 08:10:41 +00:00