Commit Graph

23032 Commits

Author SHA1 Message Date
chunyang.dai
6eea252463 X87: Resolve references to "this" the same way as normal variables
port bd56d279b6 (R28340).

original commit message:

    Make the parser handle references to "this" as unresolved variables, so the
    same logic as for the rest of function parameters is used for the receiver.
    Minor additions to the code generation handle copying the receiver to the
    context, along with the rest of the function parameters.

    Based on work by Adrian Perez de Castro <aperez@igalia.com>.

BUG=

Review URL: https://codereview.chromium.org/1136953010

Cr-Commit-Position: refs/heads/master@{#28390}
2015-05-13 11:18:38 +00:00
bmeurer
5494920a18 [turbofan] Use frame state before for shift operations as well.
This was already done for other binary operations, so it's basically
copying the existing functionality to shift left and shift right
logical/arithmetic.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1140883003

Cr-Commit-Position: refs/heads/master@{#28389}
2015-05-13 11:17:28 +00:00
chunyang.dai
3ba6783565 X87: New hydrogen instruction to reduce cost of growing an array on keyed stores.
port 3bce9c3afb (r28359).

original commit message:

    HMaybeGrowElements moves the situation where you actually have to grow
    into deferred code. This means crankshaft doesn't have to spill registers
    just to make the bounds comparison to see if it'll need to grow or not.

    It makes the growing case a bit more expensive, but reduces the cost of
    the general case.

BUG=

Review URL: https://codereview.chromium.org/1124093008

Cr-Commit-Position: refs/heads/master@{#28388}
2015-05-13 11:16:18 +00:00
chunyang.dai
fecaed531b X87: [strong] Check arity of functions
port 3226e98020 (28346).

original commit message:

    [strong] Check arity of functions

    In strong mode it is an error to call a function with too few
    arguments.

    This is enforced inside the ArgumentsAdaptorTrampoline.

    This does not yet handle rest parameter

BUG=

Review URL: https://codereview.chromium.org/1139913007

Cr-Commit-Position: refs/heads/master@{#28387}
2015-05-13 11:15:34 +00:00
chunyang.dai
6803006b2d X87: Add a MathFloor stub generated with TurboFan
port  abc35080b3 (r28339)

original commit message:

    This stub will be used as the basis of a Math.floor-specific CallIC to
    detect and track calls to floor that return -0.

    Along the way:
    - Create a TurboFanCodeStub super class from which the StringLength and
    MathRound TF stubs derive.
    - Fix the ugly hack that passes the first stub parameter as the "this"
    pointer in the the TF-compiled JS function.
    - Fix bugs in the ia32/x64 disassembler.

BUG=

Review URL: https://codereview.chromium.org/1134323002

Cr-Commit-Position: refs/heads/master@{#28386}
2015-05-13 11:14:26 +00:00
yangguo
36b4a498d6 Prevent stack overflow in the serializer/deserializer.
We keep an eye on the recursion depth. Once it exceeds a limit, we serialize
only the object header and size, but defer serializing the object body for
after we have unwound the stack.

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/1125073004

Cr-Commit-Position: refs/heads/master@{#28385}
2015-05-13 10:18:26 +00:00
machenbach
687e6ddf47 [test] Make perf runner able to pass extra flags to d8.
TEST=tools/run_perf.py --arch x64 --extra-flags="--turbo --turbo-verify-allocation --turbo-greedy-regalloc" /path/to/SunSpider.json
BUG=484208
LOG=n
TBR=tandrii@chromium.org
NOTRY=true

Review URL: https://codereview.chromium.org/1128933007

Cr-Commit-Position: refs/heads/master@{#28384}
2015-05-13 10:00:36 +00:00
bmeurer
2111d18dba [turbofan] Add frame state before JavaScript comparisons.
Use these check points to optimize comparisons where we already know
that one side cannot be a String (or turn into a string via
ToPrimitive).

Also remove bunch of useless DoNotCrash tests for the scheduler that are
painful to maintain and add almost no value.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1140583004

Cr-Commit-Position: refs/heads/master@{#28383}
2015-05-13 07:38:35 +00:00
dehrenberg
b57428e9ef Implement %TypedArray%.{fill,find,findIndex}
This patch adds three methods to TypedArrays which are already
implemented for arrays. The implementations are made by calling
out to the underlying code used by Arrays.

R=adamk@chromium.org
BUG=v8:3578
LOG=Y

Review URL: https://codereview.chromium.org/1136663005

Cr-Commit-Position: refs/heads/master@{#28382}
2015-05-13 04:32:08 +00:00
dehrenberg
a863c4d3d8 TypedArray.prototype.copyWithin method
This patch adds the copyWithin method to TypedArrays. For the first
pass, the internals of Array.copyWithin are used. Eventually, a more
efficient form based on memcpy could be used instead.

BUG=v8:3578
LOG=Y
R=adamk@chromium.org, arv@chromium.org, caitpotter88@gmail.com

Review URL: https://codereview.chromium.org/1131113002

Cr-Commit-Position: refs/heads/master@{#28381}
2015-05-12 19:20:56 +00:00
dslomov
0b620ad5e5 Fix test formatting
TBR=arv@chromium.org

Review URL: https://codereview.chromium.org/1129713004

Cr-Commit-Position: refs/heads/master@{#28380}
2015-05-12 18:12:54 +00:00
arv
547a641e2c [strong] Add more function arity tests
This is a follow up to https://codereview.chromium.org/1115263004/

BUG=v8:3956
LOG=N
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/1141603002

Cr-Commit-Position: refs/heads/master@{#28379}
2015-05-12 17:37:25 +00:00
ulan
bbca83c398 Make transition to reduce memory mode more conservative in idle time handler.
BUG=chromium:486005
LOG=NO

Review URL: https://codereview.chromium.org/1131943004

Cr-Commit-Position: refs/heads/master@{#28378}
2015-05-12 17:24:58 +00:00
dslomov
30b771a662 Fix the behavior of 'super.foo' assignment when receiver is not an object.
R=arv@chromium.org,verwaest@chromium.org
BUG=v8:4097
LOG=N

Review URL: https://codereview.chromium.org/1132203005

Cr-Commit-Position: refs/heads/master@{#28377}
2015-05-12 17:13:07 +00:00
mvstanton
91a8810556 Make LoadFastElementStub a HandlerStub.
BUG=

Review URL: https://codereview.chromium.org/1132493006

Cr-Commit-Position: refs/heads/master@{#28376}
2015-05-12 16:51:11 +00:00
mbrandy
483436219f PPC: Fix '[strong] Disallow implicit conversions for comparison'
Do not trash type register in kIsNotStringMask test.

R=conradw@chromium.org, dstence@us.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1124333013

Cr-Commit-Position: refs/heads/master@{#28375}
2015-05-12 16:48:14 +00:00
mbrandy
174242fbbe PPC: Fix '[strong] Disallow implicit conversions for comparison'
Fix build break.

R=conradw@chromium.org, dstence@us.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1130603004

Cr-Commit-Position: refs/heads/master@{#28374}
2015-05-12 16:43:19 +00:00
hpayer
9dc99e9cc8 Get more debugging data when crashing in Deoptimizer::GetOutputInfo.
BUG=

Review URL: https://codereview.chromium.org/1138493004

Cr-Commit-Position: refs/heads/master@{#28373}
2015-05-12 15:48:06 +00:00
mbrandy
09ecf6cef7 PPC: New hydrogen instruction to reduce cost of growing an array on keyed stores.
Port 3bce9c3afb

Original commit message:
HMaybeGrowElements moves the situation where you actually have to grow
into deferred code. This means crankshaft doesn't have to spill registers
just to make the bounds comparison to see if it'll need to grow or not.

It makes the growing case a bit more expensive, but reduces the cost of
the general case.

R=mvstanton@chromium.org, dstence@us.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1132743004

Cr-Commit-Position: refs/heads/master@{#28372}
2015-05-12 15:42:31 +00:00
yurys
ae6ec1861e Provide accessor for object internal properties that doesn't require debugger to be active
Some of the DevTools' clients need to inspect JS objects without enabling debugger. This CL allows to inspect object's internal properties without enabling debugger and instantiating debug context.

Note that now debug context can be created lazily if v8::Debug::GetDebugContext is called when there is no debug listener. This is fragile and has already resulted in some subtle error. I'm going to fix that in a separate CL.

BUG=chromium:481845
LOG=Y

Review URL: https://codereview.chromium.org/1134193002

Cr-Commit-Position: refs/heads/master@{#28371}
2015-05-12 15:40:27 +00:00
conradw
03ef40b46c [strong] Disallow implicit conversions for comparison
Implements the strong mode proposal's restrictions on implicit conversions
for the binary >, >=, <, and <= operators.

BUG=v8:3956
LOG=N

Review URL: https://codereview.chromium.org/1130283002

Cr-Commit-Position: refs/heads/master@{#28370}
2015-05-12 15:23:50 +00:00
verwaest
188297160d Mark internal AccessorInfo properties as "special data properties" to ensure correct strict-mode handling.
BUG=

Review URL: https://codereview.chromium.org/1123163005

Cr-Commit-Position: refs/heads/master@{#28369}
2015-05-12 15:11:13 +00:00
yangguo
c1f855ab16 Fix test-heap/BootstrapperExports on no-snap builds
NOTRY=true
NOTREECHECKS=true
TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1137143003

Cr-Commit-Position: refs/heads/master@{#28368}
2015-05-12 14:28:35 +00:00
yangguo
46f992ddd0 Reland "Use function wrapper argument to expose internal arrays to native scripts."
Review URL: https://codereview.chromium.org/1138173002

Cr-Commit-Position: refs/heads/master@{#28367}
2015-05-12 14:00:45 +00:00
yangguo
0bbe787448 Migrate error messages, part 10.
R=mvstanton@chromium.org

Committed: https://crrev.com/8608e619afe2b4514b0577bfb73a153b1550d41f
Cr-Commit-Position: refs/heads/master@{#28357}

Review URL: https://codereview.chromium.org/1126043004

Cr-Commit-Position: refs/heads/master@{#28366}
2015-05-12 13:52:23 +00:00
yangguo
396236bfa0 Revert of Provide accessor for object internal properties that doesn't require debugger to be active (patchset #3 id:40001 of https://codereview.chromium.org/1126103006/)
Reason for revert:
GC mole issues: https://chromegw.corp.google.com/i/client.v8/builders/V8%20Linux%20-%20gcmole/builds/1950/steps/GCMole%20ia32/logs/stdio

Original issue's description:
> Provide accessor for object internal properties that doesn't require debugger to be active
>
> Some of the DevTools' clients need to inspect JS objects without enabling debugger. This CL allows to inspect object's internal properties without enabling debugger and instantiating debug context.
>
> Note that now debug context can be created lazily if v8::Debug::GetDebugContext is called when there is no debug listener. This is fragile and has already resulted in some subtle error. I'm going to fix that in a separate CL.
>
> BUG=chromium:481845
> LOG=Y
>
> Committed: https://crrev.com/bdeb0de88c8cf5f2c78f261b45314138f525110d
> Cr-Commit-Position: refs/heads/master@{#28362}

TBR=pfeldman@chromium.org,kozyatinskiy@chromium.org,yurys@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:481845

Review URL: https://codereview.chromium.org/1133243002

Cr-Commit-Position: refs/heads/master@{#28365}
2015-05-12 13:03:52 +00:00
titzer
7f2636e067 [turbofan] Correctify FrameState before operations in JSTypeFeedbackSpecializer.
Handle missing or improper FrameStates more gracefully.
Uses the operator properties to determine if the node contains a FrameState
before, then checks if a valid bailout id exists.

R=jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1135243002

Cr-Commit-Position: refs/heads/master@{#28364}
2015-05-12 12:57:31 +00:00
titzer
e5d5cac7d9 [turbofan] Add AdvancedReducer::ReplaceWithValue() method and convert JSInlining to an AdvancedReducer.
Note that this is just a duplication for now. We'll want to get rid of the
NodeProperties::ReplaceWithValue() method in the long run.

R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1135483004

Cr-Commit-Position: refs/heads/master@{#28363}
2015-05-12 12:41:36 +00:00
yurys
bdeb0de88c Provide accessor for object internal properties that doesn't require debugger to be active
Some of the DevTools' clients need to inspect JS objects without enabling debugger. This CL allows to inspect object's internal properties without enabling debugger and instantiating debug context.

Note that now debug context can be created lazily if v8::Debug::GetDebugContext is called when there is no debug listener. This is fragile and has already resulted in some subtle error. I'm going to fix that in a separate CL.

BUG=chromium:481845
LOG=Y

Review URL: https://codereview.chromium.org/1126103006

Cr-Commit-Position: refs/heads/master@{#28362}
2015-05-12 12:38:15 +00:00
titzer
0c80fdc61e [turbofan] Use FrameStatesBeforeAndAfter to simplify handling of before/after frame states in AstGraphBuilder.
R=jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1128193005

Cr-Commit-Position: refs/heads/master@{#28361}
2015-05-12 12:30:27 +00:00
hpayer
7fcbeb289d Implement unaligned allocate and allocate heap numbers in runtime double unaligned.
In follow-up CLs the scavenger and the MC collector should also respect the unalignment of heap numbers.

BUG=

Review URL: https://codereview.chromium.org/1141523002

Cr-Commit-Position: refs/heads/master@{#28360}
2015-05-12 11:44:41 +00:00
mvstanton
3bce9c3afb New hydrogen instruction to reduce cost of growing an array on keyed stores.
HMaybeGrowElements moves the situation where you actually have to grow
into deferred code. This means crankshaft doesn't have to spill registers
just to make the bounds comparison to see if it'll need to grow or not.

It makes the growing case a bit more expensive, but reduces the cost of
the general case.

BUG=chromium:484025
LOG=N

Review URL: https://codereview.chromium.org/1124443004

Cr-Commit-Position: refs/heads/master@{#28359}
2015-05-12 08:47:16 +00:00
yangguo
26cb29b891 Revert of Migrate error messages, part 10. (patchset #2 id:20001 of https://codereview.chromium.org/1126043004/)
Reason for revert:
patch didn't apply correctly.

Original issue's description:
> Migrate error messages, part 10.
>
> R=mvstanton@chromium.org
>
> Committed: https://crrev.com/8608e619afe2b4514b0577bfb73a153b1550d41f
> Cr-Commit-Position: refs/heads/master@{#28357}

TBR=mvstanton@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1130073005

Cr-Commit-Position: refs/heads/master@{#28358}
2015-05-12 08:33:28 +00:00
yangguo
8608e619af Migrate error messages, part 10.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/1126043004

Cr-Commit-Position: refs/heads/master@{#28357}
2015-05-12 08:16:57 +00:00
yurys
cf07add227 Don't create debug context if debug listener is not set
If there had been no debug listener v8::Debug::GetDebugContext would have created new context and wouln't have kept reference to it. This way we may well end up with several debug contexts and disabled debugger.

As a side effect this change allows to efficiently distinguish debug context from blink contexts by simply comparing handles.

BUG=chromium:482290
LOG=Y

Review URL: https://codereview.chromium.org/1136733002

Cr-Commit-Position: refs/heads/master@{#28356}
2015-05-12 07:33:18 +00:00
yangguo
c39a0a75ad Revert of Use function wrapper argument to expose internal arrays to native scripts. (patchset #2 id:20001 of https://codereview.chromium.org/1127983003/)
Reason for revert:
custom snapshot builder failing.

Original issue's description:
> Use function wrapper argument to expose internal arrays to native scripts.
>
> R=jkummerow@chromium.org
>
> Committed: https://crrev.com/a9b5a1795449d94387218d25baed2c2b3c4fbadc
> Cr-Commit-Position: refs/heads/master@{#28354}

TBR=jkummerow@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1123353008

Cr-Commit-Position: refs/heads/master@{#28355}
2015-05-12 07:26:01 +00:00
yangguo
a9b5a17954 Use function wrapper argument to expose internal arrays to native scripts.
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1127983003

Cr-Commit-Position: refs/heads/master@{#28354}
2015-05-12 06:14:18 +00:00
jochen
ae87d088bc Deprecate Isolate::New
Embedders need to always pass CreateParams now

BUG=none
LOG=y
R=vogelheim@chromium.org

Review URL: https://codereview.chromium.org/1133723004

Cr-Commit-Position: refs/heads/master@{#28353}
2015-05-12 04:59:40 +00:00
v8-autoroll
3b7b05b4d1 Update V8 DEPS.
Rolling v8/buildtools to b73e5f70d7ac6be98fb2555461f631afc90216ce

Rolling v8/third_party/icu to ce41627e388fb46ab49671bd16a5db81dcd75a71

Rolling v8/tools/clang to 6e259b4afbbd784a775e47f37379e57f002bf0c2

TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1124083005

Cr-Commit-Position: refs/heads/master@{#28352}
2015-05-12 03:24:37 +00:00
dehrenberg
1ebbaaa036 Factor out core of Array.forEach and .every, for use in TypedArrays
The idea is to make this the model for future TypedArray methods.
A possible downside could be lower array method performance
if everything gets polymorhpic (but if enough inlining happens, it
should still be fast), but on the upside, this change means that
the TypedArray methods won't create as much code size bloat.

BUG=v8:3578
LOG=Y
R=adamk@chromium.org
CC=arv@chromium.org, caitpotter88@gmail.com

Review URL: https://codereview.chromium.org/1133503003

Cr-Commit-Position: refs/heads/master@{#28351}
2015-05-12 01:32:20 +00:00
akos.palfi
c50d9819c9 MIPS64: Improve '[strong] Check arity of functions'
Port 3226e98020

BUG=

Review URL: https://codereview.chromium.org/1129323007

Cr-Commit-Position: refs/heads/master@{#28350}
2015-05-11 23:07:41 +00:00
caitpotter88
2d43bd0537 [es6] stage Object.assign() / --harmony-object
BUG=v8:4007
LOG=N
R=

Review URL: https://codereview.chromium.org/1128873006

Cr-Commit-Position: refs/heads/master@{#28349}
2015-05-11 22:53:38 +00:00
mbrandy
08d83d651f PPC: [strong] Check arity of functions
Port 3226e98020

Original commit message:
In strong mode it is an error to call a function with too few
arguments.

This is enforced inside the ArgumentsAdaptorTrampoline.

This does not yet handle rest parameters

R=arv@chromium.org, dstence@us.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1132153003

Cr-Commit-Position: refs/heads/master@{#28348}
2015-05-11 19:08:47 +00:00
paul.lind
bc7cadd55b MIPS: Fix Add a MathFloor stub generated with TurboFan.
Port abc35080b3

BUG=

Review URL: https://codereview.chromium.org/1133103003

Cr-Commit-Position: refs/heads/master@{#28347}
2015-05-11 18:49:51 +00:00
arv
3226e98020 [strong] Check arity of functions
In strong mode it is an error to call a function with too few
arguments.

This is enforced inside the ArgumentsAdaptorTrampoline.

This does not yet handle rest parameters

BUG=v8:3956
LOG=N
R=rossberg@chromium.org, dslomov@chromium.org

Review URL: https://codereview.chromium.org/1115263004

Cr-Commit-Position: refs/heads/master@{#28346}
2015-05-11 17:20:45 +00:00
dslomov
5bbe7992db [destructuring] Implement basic binding destructuring infrastructure
This patch:
  - Refactors Parser::ParseVariableDeclarations
  - Introduces Parser::PatternMatcher class
  - Implements matching a single variable pattern
  - Implements rudimentary matching against object literal pattern
    as a proof of concept

R=arv@chromium.org,rossberg@chromium.org
BUG=v8:811
LOG=N

Review URL: https://codereview.chromium.org/1130623004

Cr-Commit-Position: refs/heads/master@{#28345}
2015-05-11 16:28:22 +00:00
titzer
694890790d Add a bailout id just before every variable load in fullcode.
R=jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1139733002

Cr-Commit-Position: refs/heads/master@{#28344}
2015-05-11 15:56:06 +00:00
wingo
aefba70586 Remove Scope::scope_uses_this_ flag
R=rossberg@chromium.org
LOG=N
BUG=

Review URL: https://codereview.chromium.org/1128963005

Cr-Commit-Position: refs/heads/master@{#28343}
2015-05-11 15:42:13 +00:00
mbrandy
1ac6e30dd0 PPC: Resolve references to "this" the same way as normal variables
Port bd56d279b6

Original commit message:
Make the parser handle references to "this" as unresolved variables, so the
same logic as for the rest of function parameters is used for the receiver.
Minor additions to the code generation handle copying the receiver to the
context, along with the rest of the function parameters.

Based on work by Adrian Perez de Castro <aperez@igalia.com>.

This is a reapplication of https://codereview.chromium.org/1130733003.

R=wingo@igalia.com, dstence@us.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1134073003

Cr-Commit-Position: refs/heads/master@{#28342}
2015-05-11 14:34:30 +00:00
mbrandy
58c40db255 PPC: Add a MathFloor stub generated with TurboFan
Port abc35080b3

Original commit message:
This stub will be used as the basis of a Math.floor-specific CallIC to
detect and track calls to floor that return -0.

Along the way:
- Create a TurboFanCodeStub super class from which the StringLength and
MathRound TF stubs derive.
- Fix the ugly hack that passes the first stub parameter as the "this"
pointer in the the TF-compiled JS function.
- Fix bugs in the ia32/x64 disassembler.

R=danno@chromium.org, dstence@us.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1137033002

Cr-Commit-Position: refs/heads/master@{#28341}
2015-05-11 14:33:28 +00:00