Commit Graph

10385 Commits

Author SHA1 Message Date
machenbach
0f2ed07f45 Revert of Clean up promises and fix an edge case bug (patchset #4 id:60001 of https://codereview.chromium.org/1488783002/ )
Reason for revert:
[Sheriff] Breaks layout tests:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/3266

Please request rebase upstream first.

Original issue's description:
> Clean up promises and fix an edge case bug
>
> This patch builds on previous Promise spec compliance work by
> cleaning out some old code which existed to support
> Promise.prototype.chain, rephrasing some code to correspond more
> closely to the specification, and removing some incorrect brand
> checking. A test is added for a bug in an edge case which was fixed.
>
> R=rossberg
> BUG=v8:3641
> LOG=Y
>
> Committed: https://crrev.com/1deb89c8fd3cb69714ae0a24e3b5a4e78f6b73b4
> Cr-Commit-Position: refs/heads/master@{#32627}

TBR=rossberg@chromium.org,caitpotter88@gmail.com,littledan@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3641

Review URL: https://codereview.chromium.org/1501763004

Cr-Commit-Position: refs/heads/master@{#32629}
2015-12-05 08:51:20 +00:00
littledan
1deb89c8fd Clean up promises and fix an edge case bug
This patch builds on previous Promise spec compliance work by
cleaning out some old code which existed to support
Promise.prototype.chain, rephrasing some code to correspond more
closely to the specification, and removing some incorrect brand
checking. A test is added for a bug in an edge case which was fixed.

R=rossberg
BUG=v8:3641
LOG=Y

Review URL: https://codereview.chromium.org/1488783002

Cr-Commit-Position: refs/heads/master@{#32627}
2015-12-04 18:56:17 +00:00
caitpotter88
b634a61d84 [es6] implement destructuring assignment
Attempt #<really big number>

Parses, and lazily rewrites Destructuring Assignment expressions. The rewriting strategy involves inserting a placeholder RewritableAssignmentExpression into the AST, whose content expression can be completely rewritten at a later time.

Lazy rewriting ensures that errors do not occur due to eagerly rewriting nodes which form part of a binding pattern, thus breaking the meaning of the pattern --- or by eagerly rewriting ambiguous constructs that are not immediately known

BUG=v8:811
LOG=Y
R=adamk@chromium.org, bmeurer@chromium.org, rossberg@chromium.org

Review URL: https://codereview.chromium.org/1309813007

Cr-Commit-Position: refs/heads/master@{#32623}
2015-12-04 17:20:24 +00:00
jkummerow
7d1263db47 [proxies] Use JSReceiver::GetKeys() for more purposes
Having beefed up GetKeys() to support everything, use it for everything now.

This fixes Object.getOwnPropertyNames and Object.getOwnPropertySymbols for
Proxies, and gets rid of a bunch of code duplication.

BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1498593006

Cr-Commit-Position: refs/heads/master@{#32620}
2015-12-04 15:20:57 +00:00
ivica.bogosavljevic
171fb5caa1 MIPS: Fixing CLANG compilation warnings
Fixing warnings which cause compilation to fail when compiling
using CLANG for MIPS

BUG=

Review URL: https://codereview.chromium.org/1493793002

Cr-Commit-Position: refs/heads/master@{#32619}
2015-12-04 14:44:04 +00:00
cbruni
747f455b07 [runtime] [proxy] removing JSFunctionProxy and related code.
BUG=v8:1543
LOG=N

Review URL: https://codereview.chromium.org/1496503002

Cr-Commit-Position: refs/heads/master@{#32616}
2015-12-04 13:49:24 +00:00
neis
eb9407c6f5 [es6] Set correct length for Reflect.get (should be 2, not 3).
R=rossberg
BUG=

Review URL: https://codereview.chromium.org/1498983003

Cr-Commit-Position: refs/heads/master@{#32615}
2015-12-04 13:40:43 +00:00
dusan.m.milosavljevic
472e2ba9b9 MIPS:[turbofan] Match shift left and bitwise And with mask when possible.
TEST=unittests/InstructionSelectorTest.Word(32|64)ShlWithWord(32|64)And
BUG=

Review URL: https://codereview.chromium.org/1496013003

Cr-Commit-Position: refs/heads/master@{#32612}
2015-12-04 13:13:04 +00:00
neis
62127d00ae [proxies] Implement Proxy.revocable.
For now, we revoke a proxy by setting its handler to null (as in the spec).

Change the "target" field from Object to JSReceiver as there's no point in
allowing more.

R=jkummerow@chromium.org, rossberg
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1496243003

Cr-Commit-Position: refs/heads/master@{#32608}
2015-12-04 10:56:01 +00:00
machenbach
154a493cb7 Revert of [es6] Correctify and unify ArrayBuffer and SharedArrayBuffer constructors. (patchset #2 id:20001 of https://codereview.chromium.org/1500543002/ )
Reason for revert:
Blocks the roll:
https://codereview.chromium.org/1497763004/

Original issue's description:
> [es6] Correctify and unify ArrayBuffer and SharedArrayBuffer constructors.
>
> The ArrayBuffer and SharedArrayBuffer constructors should raise an
> exception when called with no arguments or undefined length.  Also
> unified the ArrayBuffer and SharedArrayBuffer implementations as C++
> builtins, and removed some (now) obsolete runtime entries.
>
> R=yangguo@chromium.org
>
> Committed: https://crrev.com/3235ccbb7826ceec2188f6ebab98fc851b54f60e
> Cr-Commit-Position: refs/heads/master@{#32590}

TBR=yangguo@chromium.org,cbruni@chromium.org,adamk@chromium.org,bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1501673002

Cr-Commit-Position: refs/heads/master@{#32606}
2015-12-04 10:38:48 +00:00
bmeurer
e89e08ca14 Revert of Provide call counts for constructor calls, surface them as a vector IC. (patchset #4 id:60001 of https://codereview.chromium.org/1476413003/ )
Reason for revert:
Seems to be (mostly) responsible for the most recent Speedometer regression, not 100% sure. Let's see what the bots have to say.

Original issue's description:
> Provide call counts for constructor calls, surface them as a vector IC.
>
> CallIC and CallConstructStub look so alike, at least in the feedback they gather even if the implementation differs...and CallIC has such a nice way of surfacing the feedback (CallICNexus), that there is a request to make CallConstructStub look analogous. Enter ConstructICStub.
>
> BUG=
>
> Committed: https://crrev.com/66d5a9df62da458a51e8c7ed1811dc9660f4f418
> Cr-Commit-Position: refs/heads/master@{#32452}

TBR=mvstanton@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1489413006

Cr-Commit-Position: refs/heads/master@{#32599}
2015-12-04 07:34:31 +00:00
machenbach
2cb40dc722 Reland of [proxies] Make Object.prototype.isPrototypeOf work with proxies. (patchset #1 id:1 of https://codereview.chromium.org/1494283002/ )
Reason for revert:
Did not help...

Original issue's description:
> Revert of [proxies] Make Object.prototype.isPrototypeOf work with proxies. (patchset #2 id:20001 of https://codereview.chromium.org/1492863002/ )
>
> Reason for revert:
> [Sheriff] Speculative revert for:
> https://uberchromegw.corp.google.com/i/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/3225
>
> Can just be relanded if it doesn't get green.
>
> Original issue's description:
> > [proxies] Make Object.prototype.isPrototypeOf step into proxies.
> >
> > R=rossberg, verwaest@chromium.org
> > BUG=v8:1543
> > LOG=n
> >
> > Committed: https://crrev.com/4ca1180d2e7c409312ae0761cb12843989466573
> > Cr-Commit-Position: refs/heads/master@{#32569}
>
> TBR=rossberg@chromium.org,verwaest@chromium.org,neis@chromium.org
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:1543
>
> Committed: https://crrev.com/48fba9439f291edd5929e19951262dc7e8a09609
> Cr-Commit-Position: refs/heads/master@{#32588}

TBR=rossberg@chromium.org,verwaest@chromium.org,neis@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:1543

Review URL: https://codereview.chromium.org/1491743010

Cr-Commit-Position: refs/heads/master@{#32598}
2015-12-04 06:39:16 +00:00
bmeurer
3235ccbb78 [es6] Correctify and unify ArrayBuffer and SharedArrayBuffer constructors.
The ArrayBuffer and SharedArrayBuffer constructors should raise an
exception when called with no arguments or undefined length.  Also
unified the ArrayBuffer and SharedArrayBuffer implementations as C++
builtins, and removed some (now) obsolete runtime entries.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1500543002

Cr-Commit-Position: refs/heads/master@{#32590}
2015-12-03 21:16:31 +00:00
machenbach
48fba9439f Revert of [proxies] Make Object.prototype.isPrototypeOf work with proxies. (patchset #2 id:20001 of https://codereview.chromium.org/1492863002/ )
Reason for revert:
[Sheriff] Speculative revert for:
https://uberchromegw.corp.google.com/i/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/3225

Can just be relanded if it doesn't get green.

Original issue's description:
> [proxies] Make Object.prototype.isPrototypeOf step into proxies.
>
> R=rossberg, verwaest@chromium.org
> BUG=v8:1543
> LOG=n
>
> Committed: https://crrev.com/4ca1180d2e7c409312ae0761cb12843989466573
> Cr-Commit-Position: refs/heads/master@{#32569}

TBR=rossberg@chromium.org,verwaest@chromium.org,neis@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:1543

Review URL: https://codereview.chromium.org/1494283002

Cr-Commit-Position: refs/heads/master@{#32588}
2015-12-03 20:24:46 +00:00
machenbach
15cb3fde7d Reland of [debugger] do not restart frames that reference new.target for liveedit. (patchset #1 id:1 of https://codereview.chromium.org/1493863004/ )
Reason for revert:
Didn't help...

Original issue's description:
> Revert of [debugger] do not restart frames that reference new.target for liveedit. (patchset #1 id:1 of https://codereview.chromium.org/1493363002/ )
>
> Reason for revert:
> [Sheriff] Speculative revert for https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/3225
>
> Original issue's description:
> > [debugger] do not restart frames that reference new.target for liveedit.
> >
> > R=mstarzinger@chromium.org
> >
> > Committed: https://crrev.com/6fca870240bdbb07a365189b5eb0c98fa65b3682
> > Cr-Commit-Position: refs/heads/master@{#32572}
>
> TBR=mstarzinger@chromium.org,yangguo@chromium.org
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
>
> Committed: https://crrev.com/1a61dab34b9849f3f70a42ce69317e22758c53a1
> Cr-Commit-Position: refs/heads/master@{#32582}

TBR=mstarzinger@chromium.org,yangguo@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1492393003

Cr-Commit-Position: refs/heads/master@{#32587}
2015-12-03 20:21:36 +00:00
machenbach
1a61dab34b Revert of [debugger] do not restart frames that reference new.target for liveedit. (patchset #1 id:1 of https://codereview.chromium.org/1493363002/ )
Reason for revert:
[Sheriff] Speculative revert for https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/3225

Original issue's description:
> [debugger] do not restart frames that reference new.target for liveedit.
>
> R=mstarzinger@chromium.org
>
> Committed: https://crrev.com/6fca870240bdbb07a365189b5eb0c98fa65b3682
> Cr-Commit-Position: refs/heads/master@{#32572}

TBR=mstarzinger@chromium.org,yangguo@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1493863004

Cr-Commit-Position: refs/heads/master@{#32582}
2015-12-03 18:39:16 +00:00
bradnelson
1e4681c33f Preserve information about dots in numbers across parser rewriting.
Fix several operations in the parser that rewrite constant expressions
to preserve knowledge regarding whether a value originally contained a ".".
This information is required to accurately validate Asm.js typing.

Making the assumption that if either side of a binary operation contains
a dot, that the rewritten expression should be treated as a double for
Asm.js purposes. This is a slight deviation from the spec (which
would forbid mix type operations).

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-asm-validator, test-parsing
R=titzer@chromium.org,marja@chromium.org,aseemgarg@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1492123002

Cr-Commit-Position: refs/heads/master@{#32581}
2015-12-03 18:14:42 +00:00
neis
384ec6dc92 [proxies] Adapt and reenable harmony/proxies-for.js test.
R=rossberg
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1491863002

Cr-Commit-Position: refs/heads/master@{#32579}
2015-12-03 17:41:40 +00:00
ahaas
282e9411f2 [turbofan, arm64] Fix native stack parameters on arm64.
I added a flag to the CallDescriptor which indicates that the native
stack should be used for a CallObject instead of the js stack on arm64.

Additionally I removed the use of EmitPrepareArguments because the
current implementation does not work when float and int parameters are
mixed. I plan to fix it in a future CL, because currently I have a
problem figuring out the type of a parameter.

R=titzer@chromium.org, v8-arm-ports@googlegroups.com

Review URL: https://codereview.chromium.org/1494123002

Cr-Commit-Position: refs/heads/master@{#32577}
2015-12-03 16:49:57 +00:00
bmeurer
9298b43029 [turbofan] Introduce ToBooleanHints on ToBoolean operators.
Extract ToBoolean hints from the fullcodegen code object and put them
into the ToBoolean nodes created by the AstGraphBuilder.  We currently
do not yet consume this feedback, that will be done in a followup CL.

R=mstarzinger@chromium.org
BUG=v8:4583
LOG=n

Review URL: https://codereview.chromium.org/1494973002

Cr-Commit-Position: refs/heads/master@{#32576}
2015-12-03 16:48:19 +00:00
ivica.bogosavljevic
e667ae4ba9 Fixing gcc warning 'variable tracking size limit exceeded'
Warning in test-asm-validator.cc fixed by splitting the function causing the warning into two functions. This
is how it has been done earlier this way, e.g. https://codereview.chromium.org/1164893003

BUG=

Review URL: https://codereview.chromium.org/1491583002

Cr-Commit-Position: refs/heads/master@{#32575}
2015-12-03 16:47:24 +00:00
yangguo
6fca870240 [debugger] do not restart frames that reference new.target for liveedit.
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1493363002

Cr-Commit-Position: refs/heads/master@{#32572}
2015-12-03 15:19:17 +00:00
caitpotter88
3ed71daff4 [proxies] do not leak private symbols to proxy traps
BUG=v8:4537
LOG=N
R=neis@chromium.org, rossberg@chromium.org, jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1492923002

Cr-Commit-Position: refs/heads/master@{#32570}
2015-12-03 15:05:00 +00:00
neis
4ca1180d2e [proxies] Make Object.prototype.isPrototypeOf step into proxies.
R=rossberg, verwaest@chromium.org
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1492863002

Cr-Commit-Position: refs/heads/master@{#32569}
2015-12-03 15:03:24 +00:00
ofrobots
471dd3acdf [heap] pause observers during mark-compact
Inline allocations performed during mark compact aren't real allocations. They
should not trigger inline-allocation-observer notifications.

R=hpayer@chromium.org, ulan@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1465223009

Cr-Commit-Position: refs/heads/master@{#32566}
2015-12-03 14:20:52 +00:00
titzer
27433918f5 Move machine-type.h from src/compiler to src/.
R=bmeurer@chromium.org,jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1498833002

Cr-Commit-Position: refs/heads/master@{#32564}
2015-12-03 13:34:02 +00:00
mstarzinger
33142c120d [turbofan] Make RawMachineAssembler handle the end node.
This moves the proper handling for the end node withing the constructed
graph into the RawMachineAssembler. This simplifies all assemblers and
makes the handling of {Start} and {End} symmetrical.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1493963003

Cr-Commit-Position: refs/heads/master@{#32563}
2015-12-03 13:30:06 +00:00
mythria
75f1102129 [Interpreter] Adds support for Increment and Decrement to BytecodeGraphBuilder.
Adds implementation and tests for Inc and Dec to bytecode graph builder.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1499593002

Cr-Commit-Position: refs/heads/master@{#32562}
2015-12-03 13:21:12 +00:00
neis
82d974799b [proxies] Make Array.isArray respect proxies.
An array is either a JSArray or a proxy whose target is an array.

R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1497483004

Cr-Commit-Position: refs/heads/master@{#32558}
2015-12-03 12:51:43 +00:00
verwaest
324ab7076c For non-prototype objects constructed using base==new.target, use the cached constructor to render the name.
BUG=chromium:563791
LOG=y

Review URL: https://codereview.chromium.org/1494673004

Cr-Commit-Position: refs/heads/master@{#32556}
2015-12-03 12:41:27 +00:00
mstarzinger
440a42b741 [fullcode] Switch passing of new.target to register.
This passes the new.target value in a register instead of through a
side-channel via the construct stub. Note that this marks the last
consumer of said side-channel and the special slot in the construct
stub frame can be removed as a follow-up.

R=bmeurer@chromium.org,yangguo@chromium.org
TEST=mjsunit/es6/regress/regress-new-target-context

Review URL: https://codereview.chromium.org/1492793002

Cr-Commit-Position: refs/heads/master@{#32548}
2015-12-03 10:04:35 +00:00
ishell
5d38d6819c Fix inobject slack tracking for both subclassing and non-subclassing cases.
It didn't support subclassing case at all and in non-subclassing case the runtime
allocation didn't do the slack tracking step.

BUG=chromium:563339
LOG=Y

Review URL: https://codereview.chromium.org/1488023002

Cr-Commit-Position: refs/heads/master@{#32547}
2015-12-03 10:03:00 +00:00
machenbach
3e021da8f8 [test] Disable flaky test.
BUG=v8:4588
LOG=n
TBR=yangguo@chromium.org
NOTRY=true

Review URL: https://codereview.chromium.org/1496863002

Cr-Commit-Position: refs/heads/master@{#32541}
2015-12-03 08:24:41 +00:00
adamk
b2ad33c2d2 [cleanup] Remove modules-related cruft from Scope
These bits were relevant back when we had nested lexical modules, but
I don't think they'll be of any use for ES2015 modules.

Review URL: https://codereview.chromium.org/1485053002

Cr-Commit-Position: refs/heads/master@{#32534}
2015-12-02 23:28:56 +00:00
littledan
c63236328e Revert of Disable non-standard Promise functions in staging (patchset #1 id:1 of https://codereview.chromium.org/1478533002/ )
Reason for revert:
Will test better; there seems to be a bug related to this.

Original issue's description:
> Reland of Disable non-standard Promise functions in staging (patchset #1 id:1 of https://codereview.chromium.org/1473603002/ )
>
> Reason for revert:
> Breakage in Ignition seems unrelated; relanding.
>
> Original issue's description:
> > Revert of Disable non-standard Promise functions in staging (patchset #5 id:80001 of https://codereview.chromium.org/1469543003/ )
> >
> > Reason for revert:
> > [Sheriff] This breaks ignition on arm sim debug:
> > https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm%20-%20sim%20-%20debug/builds/5317
> >
> > Seems to not be caught by the cq bot that builds release with dchecks.
> >
> > Original issue's description:
> > > Disable non-standard Promise functions in staging
> > >
> > > This patch removes Promise functions and methods which are absent
> > > from the ES2015 specification when the --es-staging flag is on.
> > >
> > > BUG=v8:3237
> > > R=rossberg
> > > LOG=Y
> > >
> > > Committed: https://crrev.com/941251af7e04d50ac2243da2870249a42111221a
> > > Cr-Commit-Position: refs/heads/master@{#32194}
> >
> > TBR=rossberg@chromium.org,littledan@chromium.org
> > NOPRESUBMIT=true
> > NOTREECHECKS=true
> > NOTRY=true
> > BUG=v8:3237
> >
> > Committed: https://crrev.com/86bd2b3c23b562213d5af158849dcd65f347a827
> > Cr-Commit-Position: refs/heads/master@{#32199}
>
> TBR=rossberg@chromium.org,rmcilroy@chromium.org,machenbach@chromium.org
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:3237
>
> Committed: https://crrev.com/9278b7b05a45c2089007e8b61822af96b5d0c8df
> Cr-Commit-Position: refs/heads/master@{#32235}

TBR=rossberg@chromium.org,rmcilroy@chromium.org,machenbach@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3237

Review URL: https://codereview.chromium.org/1493713004

Cr-Commit-Position: refs/heads/master@{#32530}
2015-12-02 20:35:40 +00:00
kozyatinskiy
cab2512a5e Removed support deprecated (//@|/*@) source(URL|MappingURL)=
LOG=Y
BUG=chromium:558998
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1495633002

Cr-Commit-Position: refs/heads/master@{#32528}
2015-12-02 19:53:47 +00:00
verwaest
a6ed24d61c Improve rendering of callsite with non-function target.
This hackily disambiguates multiple calls for the iterator protocols in ForOf / Yield* by adding -2 / -1 to the pos.

BUG=v8:3953
LOG=y

Review URL: https://codereview.chromium.org/1491923003

Cr-Commit-Position: refs/heads/master@{#32527}
2015-12-02 18:37:29 +00:00
jkummerow
4a246c1fff [cleanup] Introduce PropertyFilter
Split out of PropertyAttributes, and used for all filtering purposes.
Also moved PropertyAttributes into the v8::internal:: namespace.

No change in behavior intended.

Review URL: https://codereview.chromium.org/1492653004

Cr-Commit-Position: refs/heads/master@{#32525}
2015-12-02 16:30:24 +00:00
bmeurer
411c5b7fb0 [turbofan] Desugar JSUnaryNot(x) to Select(x, false, true).
Also remove the ResultMode from ToBooleanStub and always return true or
false and use the same mechanism in fullcodegen.  This is in preparation
for adding ToBoolean hints to TurboFan.

Drive-by-fix: We can use the power of the ToBooleanIC in TurboFan now
that the ResultMode is gone (and the runtime always returns true or
false from the miss handler).

R=mstarzinger@chromium.org
BUG=v8:4583
LOG=n

Review URL: https://codereview.chromium.org/1491223002

Cr-Commit-Position: refs/heads/master@{#32524}
2015-12-02 15:22:13 +00:00
sigurds
6095d0af30 [turbofan] Refactor escape analysis to only expose one class.
R=mstarzinger@chromium.org
BUG=v8:4586
LOG=n

Review URL: https://codereview.chromium.org/1491903002

Cr-Commit-Position: refs/heads/master@{#32523}
2015-12-02 15:21:21 +00:00
bmeurer
ddb9f461f1 [turbofan] Optimize %_IsJSReceiver based on input type.
We can constant fold %_IsJSReceiver(x) based on whether x is always a
receiver or can never be a receiver.  This is important as
%_IsJSReceiver is inserted by the JSInliner.

R=jarin@chromium.org
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1486383003

Cr-Commit-Position: refs/heads/master@{#32519}
2015-12-02 14:35:54 +00:00
yangguo
e1866c8f6f [debugger] fix liveedit in combination with step in.
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/1493733002

Cr-Commit-Position: refs/heads/master@{#32517}
2015-12-02 14:27:09 +00:00
cbruni
535e221d4f [runtime] Rename IsPropertyEnumerable to PropertyIsEnumerable conforming to the spec.
BUG=

Review URL: https://codereview.chromium.org/1491613002

Cr-Commit-Position: refs/heads/master@{#32513}
2015-12-02 14:03:49 +00:00
jochen
6c0d1a1100 Pass explicit Isolate parameter to v8::Debug methods that need it
BUG=v8:2487
LOG=n
R=vogelheim@chromium.org

Review URL: https://codereview.chromium.org/1496493002

Cr-Commit-Position: refs/heads/master@{#32509}
2015-12-02 12:47:41 +00:00
danno
3e7e3ed726 [stubs] A new approach to TF stubs
* Add a sibling interface to InterpreterAssembler called
  CodeStubAssembler which provides a wrapper around the
  RawMachineAssembler and is intented to make it easy to build
  efficient cross-platform code stubs. Much of the implementation
  of CodeStubAssembler is shamelessly stolen from the
  InterpreterAssembler, and the idea is to eventually merge the
  two interfaces somehow, probably moving the
  InterpreterAssembler interface over to use the
  CodeStubAssembler. Short-term, however, the two interfaces
  shall remain decoupled to increase our velocity developing the
  two systems in parallel.
* Implement the StringLength stub in TurboFan with the new
  CodeStubAssembler. Replace and remove the old Hydrogen-stub
  version.
* Remove a whole slew of machinery to support JavaScript-style
  code stub generation, since it ultimately proved unwieldy,
  brittle and baroque. This cleanup includes removing the shared
  code stub context, several example stubs and a tangle of build
  file changes.

BUG=v8:4587
LOG=n

Review URL: https://codereview.chromium.org/1475953002

Cr-Commit-Position: refs/heads/master@{#32508}
2015-12-02 12:35:20 +00:00
cbruni
9cffd0d2ce [runtime] Adding more detailed error message for Object::GetMethod.
BUG=

Review URL: https://codereview.chromium.org/1484393002

Cr-Commit-Position: refs/heads/master@{#32506}
2015-12-02 12:25:51 +00:00
ivica.bogosavljevic
60d77c8a43 MIPS: Correct handling of Nan values on MIPS R6
MIPS R6 introduced new behavior for handling of NaN values
for TRUNC, FLOOR, CEIL and CVT instructions. Adding support for
the new behavior in MIPS and MIPS64 simulators. Fixing tests
for MIPS and MIPS64 to align them with the new behavior.

BUG=

Review URL: https://codereview.chromium.org/1488613007

Cr-Commit-Position: refs/heads/master@{#32499}
2015-12-02 10:55:23 +00:00
sigurds
aa0ddf7db4 [turbofan] Initial support for escape analysis.
This is the first part of escape analysis for turbofan.
At the moment, there is no deopt support, and support
for loops is partial (only binary Phis are handled).

The CL includes 4 unittests.

There are also 8 new mjsunit tests, some of which are
skiped as they require features not yet implemented.

BUG=v8:4586
LOG=n

Review URL: https://codereview.chromium.org/1457683003

Cr-Commit-Position: refs/heads/master@{#32498}
2015-12-02 10:53:50 +00:00
verwaest
9bee67509c Don't EnsureHasInitialMap on non-constructors.
non-constructors are not allowed to have initial maps. The optimizing compilers used to add initial maps unconditionally to functions used as right-hand-side in instanceof.

BUG=

Review URL: https://codereview.chromium.org/1490003003

Cr-Commit-Position: refs/heads/master@{#32497}
2015-12-02 10:39:46 +00:00
jkummerow
e478a8ac39 [proxies] Implement Symbol/DONT_ENUM filtering for GetKeys()
And use it to fix Object.keys() for proxies.

BUG=v8:1543
LOG=n
R=cbruni@chromium.org

Review URL: https://codereview.chromium.org/1488873003

Cr-Commit-Position: refs/heads/master@{#32496}
2015-12-02 10:19:59 +00:00
yangguo
62dcf2fab6 [es6] correctly handle object wrappers in JSON.stringify.
R=bmeurer@chromium.org
BUG=v8:4581
LOG=N

Review URL: https://codereview.chromium.org/1495473002

Cr-Commit-Position: refs/heads/master@{#32494}
2015-12-02 08:44:03 +00:00
bmeurer
f618401a8e [builtins] Remove some (now) unused code from C++ builtin adaptor.
Sanitize ConstructStub handling and add a test case to ensure that the
Symbol constructor is using the correct context.

R=jarin@chromium.org
BUG=v8:4413
LOG=n

Review URL: https://codereview.chromium.org/1489323002

Cr-Commit-Position: refs/heads/master@{#32491}
2015-12-02 07:32:10 +00:00
yangguo
564a208676 [bootstrapper] no longer use outdated contexts list.
We currently use the outdated contexts list provided by the serializer
to update the receiver (the global proxy) in script contexts. However,
this is not actually necessary, since the global proxy is passed to the
deserializer and replaced as we deserialize.

Originally, the outdated contexts list is to update the global object
field in contexts. This was necessary since at the time the deserializer
creates the native context, the global object has not yet been created.
But the global proxy already exists.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1488873004

Cr-Commit-Position: refs/heads/master@{#32483}
2015-12-01 23:42:02 +00:00
dusan.m.milosavljevic
2d0e9abebf MIPS:[turbofan] Use Ins, Dins to clear bits instead of And with inverted immediate.
TEST=unittests/InstructionSelectorTest.Word(32|64)AndToClearBits
BUG=

Review URL: https://codereview.chromium.org/1485023004

Cr-Commit-Position: refs/heads/master@{#32479}
2015-12-01 22:16:48 +00:00
dusan.m.milosavljevic
6b11cc830b MIPS:[turbofan] Use Nor instruction for bit negation instead of xori.
Xori instruction can only have unisgned 16-bit immediates for right input,
as such it is not suitable for bit negation on mips.

TEST=unittests/InstructionSecetorTest.Word(32|64)XorMinusOneWithParameter
BUG=

Review URL: https://codereview.chromium.org/1485833003

Cr-Commit-Position: refs/heads/master@{#32478}
2015-12-01 21:58:43 +00:00
caitpotter88
5058f68596 [parser] treat MethodDefinitions in ObjectPatterns as SyntaxErrors
BUG=v8:4585
LOG=N
R=adamk@chromium.org, rossberg@chromium.org

Review URL: https://codereview.chromium.org/1488043002

Cr-Commit-Position: refs/heads/master@{#32477}
2015-12-01 20:33:11 +00:00
mvstanton
d2f78c6b79 Array constructor failed to enter it's function execution context.
This becomes visible if an exception is thrown by the constructor.
We do this on "new Array(3.5)", throwing a RangeError.

BUG=

Review URL: https://codereview.chromium.org/1483053004

Cr-Commit-Position: refs/heads/master@{#32476}
2015-12-01 18:43:03 +00:00
cbruni
f4d4051521 [runtime] [proxy] Runtime_HasOwnProperty and thus
Object.prototype.hasOwnProperty should use JSReceiver::HasOwnProperty for
proxies.

BUG=v8:1543
LOG=N

Review URL: https://codereview.chromium.org/1480213004

Cr-Commit-Position: refs/heads/master@{#32475}
2015-12-01 17:33:04 +00:00
mythria
128e75cbd9 [Interpreter] Add support for context slot loads / stores to BytecodeGraphBuilder.
Adds implementation and tests for LdaContextSlot, StaeContextSlot, PushContext,
and PopContext to bytecode graph builder

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1489863002

Cr-Commit-Position: refs/heads/master@{#32474}
2015-12-01 17:33:03 +00:00
cbruni
df36d046a4 [runtime] [proxy] Fix Object.prototype.PropertyIsEnumerable to support
proxies.

BUG=v8:1543
LOG=N

Review URL: https://codereview.chromium.org/1484313003

Cr-Commit-Position: refs/heads/master@{#32473}
2015-12-01 17:12:08 +00:00
cbruni
d9e0a5a9ad [runtime] [proxy] Adding [[SetPrototypeOf]] trap.
LOG=N
BUG=v8:1543

Review URL: https://codereview.chromium.org/1481383003

Cr-Commit-Position: refs/heads/master@{#32471}
2015-12-01 15:59:44 +00:00
mstarzinger
82e6bed4db Deprecate the %IsConstructCall intrinsic completely.
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1479233002

Cr-Commit-Position: refs/heads/master@{#32470}
2015-12-01 15:58:55 +00:00
mstarzinger
8c793fed78 [crankshaft] Prevent inlining of new.target functions.
This moves the bailout for functions containing new.target variable to
the correct place so that Crankshaft doesn't accidentally inline such
functions, yielding an "undefined" new.target value all the time.

R=bmeurer@chromium.org
TEST=mjsunit/es6/regress/regress-inlined-new-target

Review URL: https://codereview.chromium.org/1484163003

Cr-Commit-Position: refs/heads/master@{#32468}
2015-12-01 14:19:43 +00:00
cbruni
7e8fa4b96a [runtime] [proxy] implementing [[Get]] trap.
BUG=v8:1543
LOG=N

Review URL: https://codereview.chromium.org/1482283002

Cr-Commit-Position: refs/heads/master@{#32466}
2015-12-01 14:04:43 +00:00
neis
031751d5c4 [proxies] Implement [[Set]].
R=rossberg
BUG=v8:1543
LOG=N

Review URL: https://codereview.chromium.org/1481103002

Cr-Commit-Position: refs/heads/master@{#32457}
2015-12-01 12:27:09 +00:00
bmeurer
c83db2d071 [x86] Sane default for Label::Distance on JumpIfRoot/JumpIfNotRoot.
R=jarin@chromium.org
BUG=chromium:563929
LOG=n

Review URL: https://codereview.chromium.org/1483343002

Cr-Commit-Position: refs/heads/master@{#32456}
2015-12-01 12:23:25 +00:00
jkummerow
3cb3a6fe4a [crankshaft] Fix crash when case labels inline endless loops
The fix is to bail out of compilation in that case.

BUG=chromium:551287
LOG=n
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1483373002

Cr-Commit-Position: refs/heads/master@{#32454}
2015-12-01 12:17:31 +00:00
mvstanton
66d5a9df62 Provide call counts for constructor calls, surface them as a vector IC.
CallIC and CallConstructStub look so alike, at least in the feedback they gather even if the implementation differs...and CallIC has such a nice way of surfacing the feedback (CallICNexus), that there is a request to make CallConstructStub look analogous. Enter ConstructICStub.

BUG=

Review URL: https://codereview.chromium.org/1476413003

Cr-Commit-Position: refs/heads/master@{#32452}
2015-12-01 11:06:40 +00:00
jochen
17b4e7450d Mark soon-to-be-deprecated TryCatch ctor as deprecated
BUG=none
R=vogelheim@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1488563002

Cr-Commit-Position: refs/heads/master@{#32451}
2015-12-01 10:58:46 +00:00
mstarzinger
9090c6b012 Use new.target in favor of %_IsConstructCall intrinsic (2).
This switches all remaining builtin methods to use the ES6 new.target
value when determined whether being called as a constructor or not. This
is prepatory work for fully deprecating the aforementioned intrinsic.

R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/1474343002

Cr-Commit-Position: refs/heads/master@{#32447}
2015-12-01 10:50:30 +00:00
bmeurer
5af6017d4b [turbofan] Add binary operation hints for javascript operators.
This is the initial support for binary operation hints on javascript
binary operators, i.e. JSAdd, JSSubtract and so on. The hints are
extracted from the fullcodegen code object before graph building and the
AstGraphBuilder puts those hints on the operators if available.

R=jarin@chromium.org
BUG=v8:4583
LOG=n

Review URL: https://codereview.chromium.org/1487973002

Cr-Commit-Position: refs/heads/master@{#32443}
2015-12-01 09:03:32 +00:00
bradnelson
493fba88b2 Refactor VisitProperty, add starting point for SIMD.js support.
SIMD.js potentially adds to the standard library passed into
asm.js modules. Splitting off the point where the SIMD object
would be referenced to allow work on SIMD typing to occur orthogonally.

Adding VariableInfo to allow tracking of simd constructors / check functions. Using this for fround.

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-asm-validator
R=titzer@chromium.org,aseemgarg@chromium.org
LOG=N

Looking at simd.js

Review URL: https://codereview.chromium.org/1473513004

Cr-Commit-Position: refs/heads/master@{#32431}
2015-12-01 02:28:15 +00:00
adamk
6c6dd449c3 Defer CONST_LEGACY redeclaration errors until runtime in harmony mode
This fixes a corner-case in redeclaration handling, where the ES2015
early error case got mixed up with legacy const handling in the parser.

Redeclaration using ES2015 'let' and 'const' should be early errors,
but legacy 'const' redeclaration has historically been a runtime error,
and should stay that way until legacy 'const' is gone.

The fix here is uglier than it might be due to
https://code.google.com/p/v8/issues/detail?id=4577, which keeps us
from simplifying the mess of if/else-if in the current code.

BUG=v8:4576
LOG=n

Review URL: https://codereview.chromium.org/1485943002

Cr-Commit-Position: refs/heads/master@{#32429}
2015-12-01 01:19:59 +00:00
bradnelson
a63023206f Passing zone to type objects so printing macros work in arm debug mode.
The Type::Print method requires an explict zone, even for basic types
on arm debug.

This change introduced debug mode printing when types don't match:
https://codereview.chromium.org/1471073003/

Adding the zone parameter to make the arm build go green.

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=local arm build
TBR=bbudge@chromium.org,titzer@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1490593002

Cr-Commit-Position: refs/heads/master@{#32424}
2015-11-30 22:48:46 +00:00
bradnelson
cf5546baad Make typing-asm match spec more closely around load/store, add more tests.
Shifts of integer values are in some contexts collapsed by the parser into single literal AST nodes, rather than a direct representation of the parse tree. Confirming this behavior in tests.

Integer TypedArrays are assumed to load and store "intish" values rather than more fine-grained type information. Reducing the precision of the typing information to match the spec and simplify the wasm generator.

The asm spec requires load and store values of various "float?", "floatish", "double?" and "intish" types to ensure undefined values are not visible and that float32 rounding occurs at the right time. More closely matching this.

Adding additional testing around unsigned / signed comparisons, loads and stores.

Adding addition debug mode printing when asserting about types fail.

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-asm-validator, wasm side tests
R=titzer@chromium.org,aseemgarg@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1471073003

Cr-Commit-Position: refs/heads/master@{#32419}
2015-11-30 21:11:47 +00:00
alan.li
000baddfd3 MIPS: Improve Cvt_d_uw on mips32.
BUG=

Review URL: https://codereview.chromium.org/1453373002

Cr-Commit-Position: refs/heads/master@{#32418}
2015-11-30 21:00:04 +00:00
alan.li
cfd9beeced MIPS: Adding simulator support for AUI/DAUI/DAHI/DATI.
BUG=

Review URL: https://codereview.chromium.org/1481493002

Cr-Commit-Position: refs/heads/master@{#32417}
2015-11-30 20:30:23 +00:00
mythria
b587aa2bc7 [Interpreter] Add support for cast operators to bytecode graph builder and
an optomization to remove redundant cast operations.

1. Adds an optimization to remove redundant ToBoolean and ToName operations.
2. Adds implementation and tests for cast operatorts to bytecode graph builder.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1468003002

Cr-Commit-Position: refs/heads/master@{#32408}
2015-11-30 13:50:20 +00:00
mstarzinger
269ff36d9f Deprecate unused RelocInfo::CONSTRUCT_CALL mode.
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1483933002

Cr-Commit-Position: refs/heads/master@{#32403}
2015-11-30 12:39:34 +00:00
neis
9334308a12 Rename %_IsSpecObject to %_IsJSReceiver.
This depends on issue 1476403004.

R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1479293002

Cr-Commit-Position: refs/heads/master@{#32401}
2015-11-30 11:56:45 +00:00
vogelheim
d3ba9afee2 Move RMA::Label out of the class, so it can be forward declared.
R=bmeurer@chromium.org, mstarzinger@chromium.org
BUG=chromium:508898
LOG=Y

Review URL: https://codereview.chromium.org/1477413002

Cr-Commit-Position: refs/heads/master@{#32400}
2015-11-30 11:29:23 +00:00
mythria
c11e7bc219 [Interpreter] Adds support for throw to bytecode graph builder.
Adds support and tests for throw to bytecode graph builder.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1481763002

Cr-Commit-Position: refs/heads/master@{#32399}
2015-11-30 11:14:40 +00:00
jkummerow
2ba464e11c [proxies] [[HasProperty]]: fix trap call.
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1479143002

Cr-Commit-Position: refs/heads/master@{#32391}
2015-11-30 09:21:10 +00:00
bmeurer
f7226a798a [turbofan] Support for typed lowering of "prototype" load from functions.
Add initial support to optimize certain "prototype" loads from known
JSFunctions which have a prototype. This includes an appropriate typing
rule plus a matching rule for typed lowering.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1482213002

Cr-Commit-Position: refs/heads/master@{#32390}
2015-11-30 08:42:11 +00:00
jochen
7730edcc12 Remove easy to remove calls to Isolate::Current() from api.cc
R=vogelheim@chromium.org
LOG=n
BUG=v8:2487

Review URL: https://codereview.chromium.org/1474353002

Cr-Commit-Position: refs/heads/master@{#32389}
2015-11-30 08:16:59 +00:00
jkummerow
2fee8a0f1d [proxies] Implement [[Enumerate]] and [[OwnPropertyKeys]]
Both are integrated into JSReceiver::GetKeys().

For now, the implementation ignores Symbol/DONT_ENUM filtering.

BUG=v8:1543
LOG=n

Committed: https://crrev.com/42c6056e6f247724d14dc887f6619a6bf5867a97
Cr-Commit-Position: refs/heads/master@{#32384}

Review URL: https://codereview.chromium.org/1474083003

Cr-Commit-Position: refs/heads/master@{#32386}
2015-11-28 15:03:13 +00:00
machenbach
97def40dc0 Revert of [proxies] Implement [[Enumerate]] and [[OwnPropertyKeys]] (patchset #3 id:40001 of https://codereview.chromium.org/1474083003/ )
Reason for revert:
[Sheriff] Speculative revert for gc mole:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20gcmole/builds/5164

Original issue's description:
> [proxies] Implement [[Enumerate]] and [[OwnPropertyKeys]]
>
> Both are integrated into JSReceiver::GetKeys().
>
> For now, the implementation ignores Symbol/DONT_ENUM filtering.
>
> BUG=v8:1543
> LOG=n
>
> Committed: https://crrev.com/42c6056e6f247724d14dc887f6619a6bf5867a97
> Cr-Commit-Position: refs/heads/master@{#32384}

TBR=verwaest@chromium.org,bmeurer@chromium.org,jkummerow@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:1543

Review URL: https://codereview.chromium.org/1482113002

Cr-Commit-Position: refs/heads/master@{#32385}
2015-11-28 14:16:29 +00:00
jkummerow
42c6056e6f [proxies] Implement [[Enumerate]] and [[OwnPropertyKeys]]
Both are integrated into JSReceiver::GetKeys().

For now, the implementation ignores Symbol/DONT_ENUM filtering.

BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1474083003

Cr-Commit-Position: refs/heads/master@{#32384}
2015-11-28 10:48:43 +00:00
verwaest
970a7ad758 Fix Reflect.construct wrt proxy, generator, and non-subclass new.target
This makes sure that proxy + Function/Array works
Makes sure that new.target can be a generator
Makes sure that if new.target is not a subclass, but does not have a prototype, that we'll get that same prototype back the next time we look at new.target.prototype.

BUG=v8:1543, v8:3330, v8:3931
LOG=n

Review URL: https://codereview.chromium.org/1484473002

Cr-Commit-Position: refs/heads/master@{#32382}
2015-11-27 21:44:48 +00:00
bmeurer
47502a238b [runtime] Replace global object link with native context link in all contexts.
Previously all contexts had a link to the global object, but what is
required in most cases (except for the global load, store and delete
case) is the native context.

This also removes the second dummy global object that was still linked
to every native context. We will add a different mechanism to ensure
that builtins do not pollute the actual global object during
bootstrapping.

Drive-by-fix: Unify some MacroAssembler magic and drop obsolete stuff.

CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_nosnap_rel
R=yangguo@chromium.org,mstarzinger@chromium.org

Committed: https://crrev.com/d290f204938295bfecc5c8e645ccfcff6e80ddb8
Cr-Commit-Position: refs/heads/master@{#32375}

Review URL: https://codereview.chromium.org/1480003002

Cr-Commit-Position: refs/heads/master@{#32381}
2015-11-27 17:00:11 +00:00
jkummerow
f7a0ecb0ca [test+presubmit] Remove duplicate test status file entries
And add a presubmit check to guard against future duplicates.

R=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1477403002

Cr-Commit-Position: refs/heads/master@{#32380}
2015-11-27 15:04:49 +00:00
ahaas
68cc0be2ad [turbofan] Implemented the TruncateFloat32ToUint64 TurboFan operator.
The TruncateFloat32ToUint64 operator converts a float32 to an uint64 using
round-to-zero rounding mode. If the input value is outside uint64 range, then
the result depends on the architecture. I provide an implementation for x64 and
arm64.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1479713003

Cr-Commit-Position: refs/heads/master@{#32379}
2015-11-27 15:01:51 +00:00
machenbach
673108d000 Revert of [runtime] Replace global object link with native context link in all contexts. (patchset #3 id:40001 of https://codereview.chromium.org/1480003002/ )
Reason for revert:
[Sheriff] Breaks:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap/builds/5472

Original issue's description:
> [runtime] Replace global object link with native context link in all contexts.
>
> Previously all contexts had a link to the global object, but what is
> required in most cases (except for the global load, store and delete
> case) is the native context.
>
> This also removes the second dummy global object that was still linked
> to every native context. We will add a different mechanism to ensure
> that builtins do not pollute the actual global object during
> bootstrapping.
>
> Drive-by-fix: Unify some MacroAssembler magic and drop obsolete stuff.
>
> R=yangguo@chromium.org
>
> Committed: https://crrev.com/d290f204938295bfecc5c8e645ccfcff6e80ddb8
> Cr-Commit-Position: refs/heads/master@{#32375}

TBR=yangguo@chromium.org,mstarzinger@chromium.org,bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1478303002

Cr-Commit-Position: refs/heads/master@{#32377}
2015-11-27 14:30:23 +00:00
bmeurer
d290f20493 [runtime] Replace global object link with native context link in all contexts.
Previously all contexts had a link to the global object, but what is
required in most cases (except for the global load, store and delete
case) is the native context.

This also removes the second dummy global object that was still linked
to every native context. We will add a different mechanism to ensure
that builtins do not pollute the actual global object during
bootstrapping.

Drive-by-fix: Unify some MacroAssembler magic and drop obsolete stuff.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1480003002

Cr-Commit-Position: refs/heads/master@{#32375}
2015-11-27 13:32:20 +00:00
verwaest
469675ee3f Fix name shown by devtools for subclasses.
This replaces internal GetConstructorName with toStringTag, .constructor's name
and class_name. This entirely changes how the name is computed for use in
devtools.

BUG=chromium:529177
LOG=n

Review URL: https://codereview.chromium.org/1435273002

Cr-Commit-Position: refs/heads/master@{#32374}
2015-11-27 13:10:25 +00:00
machenbach
780077f6d1 [test-runner] Move test case processing beyond the multi-process boundary.
This will allow moving the test outcome check beyond the
multi-process boundary in a follow up. It'll allow wrapping
more complex test jobs like predicable mode on the multi-
process side, which will make the code easier to maintain.

BUG=

Review URL: https://codereview.chromium.org/1469833002

Cr-Commit-Position: refs/heads/master@{#32373}
2015-11-27 12:52:25 +00:00
jochen
508f122dec Pass an isolate to RelocInfo
It needs ot to flush icaches all over the place

BUG=v8:2487
LOG=n
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1477343002

Cr-Commit-Position: refs/heads/master@{#32371}
2015-11-27 12:19:23 +00:00
verwaest
7ceaf72708 [Proxies] Support constructable proxy as new.target (reland)
BUG=v8:1543, v8:3330, v8:3931
LOG=n

Review URL: https://codereview.chromium.org/1481773003

Cr-Commit-Position: refs/heads/master@{#32370}
2015-11-27 12:17:16 +00:00
Djordje.Pesic
b287c74308 MIPS: Fixup disasembler for ctc1 and cfc1
These instructions now show FCSR in disassembly, instead f31

BUG=

Review URL: https://codereview.chromium.org/1481023002

Cr-Commit-Position: refs/heads/master@{#32366}
2015-11-27 11:38:18 +00:00
bmeurer
e3ecfdfecc [turbofan] Properly wire effects for JSLoadContext and JSStoreContext.
The effect chain should be respected for context loads and stores.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1479793003

Cr-Commit-Position: refs/heads/master@{#32363}
2015-11-27 09:22:56 +00:00
rossberg
199bbdb40f Create ast/ and parsing/ subdirectories and move appropriate files
Moves all files related to AST and scopes into ast/,
and all files related to scanner & parser to parsing/.

Also eliminates a couple of spurious dependencies.

R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1481613002

Cr-Commit-Position: refs/heads/master@{#32351}
2015-11-26 16:23:07 +00:00
machenbach
87f7dc61fa Revert of [Proxies] Support constructable proxy as new.target (patchset #3 id:40001 of https://codereview.chromium.org/1481613003/ )
Reason for revert:
[Sheriff] Breaks:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap%20-%20debug/builds/3977

Original issue's description:
> [Proxies] Support constructable proxy as new.target
>
> BUG=v8:1543, v8:3330, v8:3931
> LOG=n
>
> Committed: https://crrev.com/88ac8aa5236195137d4a7aa18bcc5650a3bdca5a
> Cr-Commit-Position: refs/heads/master@{#32346}

TBR=ishell@chromium.org,verwaest@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:1543, v8:3330, v8:3931

Review URL: https://codereview.chromium.org/1480673004

Cr-Commit-Position: refs/heads/master@{#32350}
2015-11-26 16:21:00 +00:00
verwaest
88ac8aa523 [Proxies] Support constructable proxy as new.target
BUG=v8:1543, v8:3330, v8:3931
LOG=n

Review URL: https://codereview.chromium.org/1481613003

Cr-Commit-Position: refs/heads/master@{#32346}
2015-11-26 15:23:19 +00:00
jkummerow
27d1c008ee [proxies] Refactor JSReceiver::GetKeys()
In preparation for implementing proper Proxy support.

Review URL: https://codereview.chromium.org/1466243002

Cr-Commit-Position: refs/heads/master@{#32345}
2015-11-26 14:53:16 +00:00
yangguo
a9bdee1f90 [debugger] Remove obsolete stepping modes.
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1479843002

Cr-Commit-Position: refs/heads/master@{#32343}
2015-11-26 14:34:42 +00:00
oth
c19a29f8c5 Re-reland "[Interpreter] Add CreateClosure to BytecodeGraphBuilder."
Original issue's description:
> [Interpreter] Add CreateClosure to BytecodeGraphBuilder.
>
> Adds code and tests to support CreateClosure bytecode when building
> graphs.
>
> Committed: https://crrev.com/4cceb11b0929abcbc82bf0854554a9b66003335d
> Cr-Commit-Position: refs/heads/master@{#32224}

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1474103002

Cr-Commit-Position: refs/heads/master@{#32342}
2015-11-26 14:33:57 +00:00
bmeurer
e3a46bc766 [compiler] Decouple ToObject from CreateWithContext.
Decouple the implicit ToObject for with statements from the actual
creation of the with context. This way we can handle/optimize those
constructs separately.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1481753003

Cr-Commit-Position: refs/heads/master@{#32341}
2015-11-26 14:30:22 +00:00
yangguo
81e131ce48 [debugger] flood function for stepping before calling it.
R=verwaest@chromium.org

Committed: https://crrev.com/93eb633214e0f97bf70ae30d2a07b7fbbaa78266
Cr-Commit-Position: refs/heads/master@{#32285}

Review URL: https://codereview.chromium.org/1463803002

Cr-Commit-Position: refs/heads/master@{#32339}
2015-11-26 14:12:18 +00:00
mstarzinger
69227cc192 [turbofan] Test has been outsmarted by optimization.
The fast-prototype test has been outsmarted by constructor inlining
because the instantiation is been correctly optimized away. Internal
state introspection about prototype turning fast was upset by that.

R=bmeurer@chromium.org
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1474763007

Cr-Commit-Position: refs/heads/master@{#32338}
2015-11-26 14:04:09 +00:00
bmeurer
d3e5db0428 [compiler] Always pass closure argument to with, catch and block context creation.
Up until now we sometimes pass Smi 0 around as closure and expect the
runtime to translate that appropriately. But we need to be careful in
some places to not confuse the Smi 0 with a real closure. However, we
could instead just pass the correct closure extracted from the native
context.

This addresses three long-standing TODOs in the JSTypedLowering pass.

Drive-by-fix: Further unify error message reporting for ToObject (we had
a special message in case of ToObject error in with context creation).

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1475383002

Cr-Commit-Position: refs/heads/master@{#32336}
2015-11-26 13:35:26 +00:00
vogelheim
fd73cb191c Remove usage of deprecated APIs from test-api.cc.
No more deprecation warnings up to line 11k.

BUG=

Review URL: https://codereview.chromium.org/1427643005

Cr-Commit-Position: refs/heads/master@{#32334}
2015-11-26 12:44:39 +00:00
oth
c0bc19fc7f [Interpreter] Deprecate bytecode-graph-builder-unittest.
Removing bytecode graph builder tests as they are high maintenance and
have limited use, ie they track changes in the implementation rather
than behaviour.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1477783003

Cr-Commit-Position: refs/heads/master@{#32333}
2015-11-26 11:50:20 +00:00
jochen
c47ce4cc8e Add explicit Isolate parameter to Exception::CreateMessage()
This way, we can also capture a stack trace for SMIs

BUG=chromium:495801
R=yangguo@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/1472143006

Cr-Commit-Position: refs/heads/master@{#32331}
2015-11-26 11:21:39 +00:00
bmeurer
b5d50296ed [turbofan] Optimize truncated safe integer multiplications.
For a * b with only truncated word32 uses (or result known to be in
signed32 range), we can use Int32Mul if we know for sure that the
intermediate result is inside the safe integer range, and a and b are
in signed32 range.

Drive-by-fix: Also use TypeCache in SimplifiedLowering.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1478953002

Cr-Commit-Position: refs/heads/master@{#32330}
2015-11-26 11:01:44 +00:00
ahaas
2f0d6288c9 [turbofan] Implemented the TruncateFloat32ToInt64 TurboFan operator.
The TruncateFloat32ToInt64 operator converts a float32 to an int64 using
the round-to-zero rounding mode (truncate). If the input value is
outside the int64 range, then the result depends on the architecture. I
implemented the operator on x64, arm64, and mips64.

R=titzer@chromium.org, jacob.bramley@arm.com

Committed: https://crrev.com/1df1066c3c77464d2a68d7c8d501a5a0f3ad195a
Cr-Commit-Position: refs/heads/master@{#32315}

Review URL: https://codereview.chromium.org/1476063002

Cr-Commit-Position: refs/heads/master@{#32325}
2015-11-26 10:28:38 +00:00
ishell
5a3b4366cd Add test for Promises subclassing.
BUG=v8:3101, v8:3330
LOG=N

Review URL: https://codereview.chromium.org/1473323003

Cr-Commit-Position: refs/heads/master@{#32324}
2015-11-26 10:27:52 +00:00
ishell
05449f741b Allow in-object properties in JSArrayBuffer.
BUG=v8:4531
LOG=Y

Review URL: https://codereview.chromium.org/1479483004

Cr-Commit-Position: refs/heads/master@{#32321}
2015-11-26 09:46:01 +00:00
neis
39efa4348a [proxies] Implement [[Delete]].
LOG=N
BUG=v8:1543

Review URL: https://codereview.chromium.org/1479543002

Cr-Commit-Position: refs/heads/master@{#32320}
2015-11-26 09:34:28 +00:00
mstarzinger
45c52ddfdd [turbofan] Enable debugger tests that no longer fail.
R=yangguo@chromium.org
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1478683003

Cr-Commit-Position: refs/heads/master@{#32318}
2015-11-26 09:24:44 +00:00
ahaas
a336404f61 Revert of [turbofan] Implemented the TruncateFloat32ToInt64 TurboFan operator. (patchset #1 id:1 of https://codereview.chromium.org/1476063002/ )
Reason for revert:
Unexpected error occurred.

Original issue's description:
> [turbofan] Implemented the TruncateFloat32ToInt64 TurboFan operator.
>
> The TruncateFloat32ToInt64 operator converts a float32 to an int64 using
> the round-to-zero rounding mode (truncate). If the input value is
> outside the int64 range, then the result depends on the architecture. I
> implemented the operator on x64, arm64, and mips64.
>
> R=titzer@chromium.org, jacob.bramley@arm.com
>
> Committed: https://crrev.com/1df1066c3c77464d2a68d7c8d501a5a0f3ad195a
> Cr-Commit-Position: refs/heads/master@{#32315}

TBR=jacob.bramley@arm.com,titzer@chromium.org,v8-mips-ports@googlegroups.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1475343002

Cr-Commit-Position: refs/heads/master@{#32316}
2015-11-26 09:05:57 +00:00
ahaas
1df1066c3c [turbofan] Implemented the TruncateFloat32ToInt64 TurboFan operator.
The TruncateFloat32ToInt64 operator converts a float32 to an int64 using
the round-to-zero rounding mode (truncate). If the input value is
outside the int64 range, then the result depends on the architecture. I
implemented the operator on x64, arm64, and mips64.

R=titzer@chromium.org, jacob.bramley@arm.com

Review URL: https://codereview.chromium.org/1476063002

Cr-Commit-Position: refs/heads/master@{#32315}
2015-11-26 08:49:26 +00:00
bmeurer
8003db95cc [test] Reland test for 52bit multiplication and division.
Contributed by Fedor Indutny <fedor@indutny.com>.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1478933002

Cr-Commit-Position: refs/heads/master@{#32314}
2015-11-26 06:46:59 +00:00
bmeurer
5d18e93bd6 Revert of binary-operator-reducer: reduce mul+div(shift) (patchset #11 id:200001 of https://codereview.chromium.org/1350223006/ )
Reason for revert:
This is also unsound for the reasons outlined in
https://codereview.chromium.org/1473073004/
Will help Fedor to implement a solution based on simplified operators.

Original issue's description:
> binary-operator-reducer: reduce mul+div(shift)
>
> Reduction Input:
>
>     ChangeInt32ToFloat64=>          TruncateFloat64ToInt32
>                          Float64Mul=>
>     ChangeInt32ToFloat64=>          Float64Div=>TruncateFloat64ToInt32
>
> Output:
>
>          =>  TruncateInt64ToInt32
> Int64Mul
>          =>  Int64Shr => TruncateInt64ToInt32
>
> Test code:
>
>     function mul(a, b) {
>       var l = a & 0x3ffffff;
>       var h = b & 0x3ffffff;
>       var m = l * h;
>
>       var rl = m & 0x3ffffff;
>       var rh = (m / 0x4000000) | 0;
>
>       return rl | rh;
>     }
>
>     mul(1, 2);
>     var a0 = mul(0x3ffffff, 0x3ffffff);
>     mul(0x0, 0x0);
>     %OptimizeFunctionOnNextCall(mul);
>     var a1 = mul(0x3ffffff, 0x3ffffff);
>
>     print(a0 + ' == ' + a1);
>
> BUG=
> R=mstarzinger@chromium.org
>
> Committed: https://crrev.com/461e5b49d022335a7fc4e9d172397a4bd48b93d4
> Cr-Commit-Position: refs/heads/master@{#31899}

TBR=mstarzinger@chromium.org,danno@chromium.org,titzer@chromium.org,fedor@indutny.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1478923002

Cr-Commit-Position: refs/heads/master@{#32313}
2015-11-26 06:16:01 +00:00
bmeurer
dc55405992 Revert of [machine-operator-reducer] fix float truncation (patchset #8 id:140001 of https://codereview.chromium.org/1433353006/ )
Reason for revert:
This is also unsound for the reasons outlined in
https://codereview.chromium.org/1473073004/
Will reland the mjsunit test separately and help Fedor to implement a solution based on simplified operators.

Original issue's description:
> [machine-operator-reducer] fix float truncation
>
> Don't replace `TruncateFloat64ToInt32(RoundInt64ToFloat64(value))` with
> `value`. Generally, `value` may have a range bigger than the one that
> could fit into Int32. Replace it with `TruncateInt64ToInt32(value)`
> instead, and only if the `value` fits into Float64 without precision
> loss.
>
> Add missing mjsunit test for 52bit multiplication/division optimization
> that has landed in refs/heads/master@{#31899}.
>
> BUG=
> R=titzer@google.com
>
> Committed: https://crrev.com/64efa2a904773816968992628f0bf0f1b7ae82be
> Cr-Commit-Position: refs/heads/master@{#32227}

TBR=titzer@chromium.org,fedor@indutny.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1468313009

Cr-Commit-Position: refs/heads/master@{#32312}
2015-11-26 06:12:22 +00:00
bmeurer
b0c179daf6 Revert of [compiler] merge binary-operator-reducer (patchset #2 id:20001 of https://codereview.chromium.org/1473073004/ )
Reason for revert:
Unsound use of types in the MachineOperatorReducer. Will work on a sound solution with Fedor.

Original issue's description:
> [compiler] merge binary-operator-reducer
>
> Merge BinaryOperatorReducer into the MachineOperatorReducer class.
> It does not need `Revisit()` calls, because the newly inserted nodes are
> visited anyway, and there are no other methods that need AdvancedReducer
> there.
>
> BUG=
> R=titzer@chromium.org
>
> Committed: https://crrev.com/993ba9d2529a6401b3040b9263f8d06db7dbb4f1
> Cr-Commit-Position: refs/heads/master@{#32298}

TBR=titzer@chromium.org,fedor@indutny.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1476763006

Cr-Commit-Position: refs/heads/master@{#32310}
2015-11-26 03:52:30 +00:00
ahaas
57117b8339 [turbofan] Implemented the optional Float32RoundTiesEven operator.
The Float32RoundTiesEven operator rounds float32 numbers towards the nearest
integer. If the distance to two integers is the same, then the result is
the even integer. This is the default rounding mode of the ieee 754 floating
point standard.

I implemented the optional Float32RoundTiesEven operator on x64, ia32, arm, and arm64.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1477753002

Cr-Commit-Position: refs/heads/master@{#32308}
2015-11-25 21:13:20 +00:00
adamk
802ea71e7c Run all message tests with a variant that forces preparsing
This will make sure that message tests cover both the parser and preparser
paths, just as we do for parsing-related cctests.

BUG=v8:4372
LOG=n

Review URL: https://codereview.chromium.org/1469383004

Cr-Commit-Position: refs/heads/master@{#32307}
2015-11-25 21:02:17 +00:00
adamk
481bad1ff0 Reland shipping of --harmony-destructuring-bind
Also fix CheckConflictingVarDeclarations() to properly handle
legacy const bindings. Without that change enabling the flag
causes code like:

  function f() { const x; var x; }

to throw an early error, rather than wait to throw the error
until f is invoked.

The previous patch ran into problems with the fuzzer; that crash was fixed
(with test coverage added) in https://crrev.com/ceb92ebfdfb561d71038793c02b42aa973f55ec4

BUG=v8:811
LOG=y
TBR=rossberg@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel

Review URL: https://codereview.chromium.org/1473243006

Cr-Commit-Position: refs/heads/master@{#32306}
2015-11-25 20:54:01 +00:00
littledan
e5b56115a7 test262 roll
In this new version of test262, a number of known failing tests have
been changed to match the ES2016 semantics, which V8 implements.

R=adamk

Review URL: https://codereview.chromium.org/1475793004

Cr-Commit-Position: refs/heads/master@{#32303}
2015-11-25 20:09:35 +00:00
ahaas
19741ac977 [turbofan] Implemented the optional Float32RoundTruncate operator.
The Float32RoundTruncate operator rounds float32 numbers towards zero.
The operator is currently implemented on x64, ia32, arm, and arm64.

Additionally I added support for the float32 vrintz, vrintn, and vrinta
instructions to the arm simulator.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1468303005

Cr-Commit-Position: refs/heads/master@{#32301}
2015-11-25 19:29:02 +00:00
jochen
8d90b92737 Never call CpuFeatures::FlushICache directly
Always go through Assembler::FlushICache so we automatically use the
simulator when running with a simulator.

BUG=v8:2487
R=epertoso@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1480623002

Cr-Commit-Position: refs/heads/master@{#32300}
2015-11-25 19:27:34 +00:00
machenbach
df3dee87a7 Revert of [debugger] flood function for stepping before calling it. (patchset #7 id:120001 of https://codereview.chromium.org/1463803002/ )
Reason for revert:
[Sheriff] Breaks layout tests:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/3074

Original issue's description:
> [debugger] flood function for stepping before calling it.
>
> R=verwaest@chromium.org
>
> Committed: https://crrev.com/93eb633214e0f97bf70ae30d2a07b7fbbaa78266
> Cr-Commit-Position: refs/heads/master@{#32285}

TBR=verwaest@chromium.org,mstarzinger@chromium.org,yangguo@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1474943005

Cr-Commit-Position: refs/heads/master@{#32299}
2015-11-25 19:26:46 +00:00
fedor
993ba9d252 [compiler] merge binary-operator-reducer
Merge BinaryOperatorReducer into the MachineOperatorReducer class.
It does not need `Revisit()` calls, because the newly inserted nodes are
visited anyway, and there are no other methods that need AdvancedReducer
there.

BUG=
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1473073004

Cr-Commit-Position: refs/heads/master@{#32298}
2015-11-25 19:25:17 +00:00
yangguo
93eb633214 [debugger] flood function for stepping before calling it.
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/1463803002

Cr-Commit-Position: refs/heads/master@{#32285}
2015-11-25 15:45:47 +00:00
machenbach
8452a75315 [test] Skip flaky test.
BUG=v8:4358
LOG=n
TBR=yangguo@chromium.org, hablich@chromium.org
NOTRY=true

Review URL: https://codereview.chromium.org/1475053002

Cr-Commit-Position: refs/heads/master@{#32282}
2015-11-25 15:23:49 +00:00
mythria
46401fcb1c [Interpreter] Add support for compare operators to bytecode graph builder.
Adds implementation and tests for compare operators to bytecode graph builder.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1476473005

Cr-Commit-Position: refs/heads/master@{#32280}
2015-11-25 15:21:38 +00:00
jochen
aa9cfc8222 Make whether or not a Code object should be created by masm explicit
We always want to have an Isolate, so just use an extra ctor arg

BUG=2487
R=yangguo@chromium.org,mstarzinger@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1476763002

Cr-Commit-Position: refs/heads/master@{#32277}
2015-11-25 14:23:56 +00:00
machenbach
87177738ce [test] Skip flaky test for turbofan on windows.
BUG=v8:4573
LOG=n
TBR=mstarzinger@chromium.org
NOTRY=true

Review URL: https://codereview.chromium.org/1465193006

Cr-Commit-Position: refs/heads/master@{#32276}
2015-11-25 14:23:08 +00:00
bmeurer
2732a6ad44 [es6] Correct parsing of regular expression literal flags.
ES6 section 12.2.8.1 states that flags for regular expression literals
must be checked during parsing and invalid flags are early errors. This
change adapts the Scanner and (Pre)Parser to act according to the spec.

This is also a prerequisite to unify the handling of literal creation
(for Objects, Arrays, Regexps, and at some point Classes).

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1472323002

Cr-Commit-Position: refs/heads/master@{#32273}
2015-11-25 13:46:43 +00:00
ulan
7a21cdafaf Optimize ClearNonLiveReferences: do not compact prototype transitions in GC.
BUG=chromium:554488
LOG=NO

Review URL: https://codereview.chromium.org/1470773003

Cr-Commit-Position: refs/heads/master@{#32272}
2015-11-25 13:39:13 +00:00
machenbach
95f9f7732f [Ignition] Skip another test.
Started failing after https://codereview.chromium.org/1469313002

NOTRY=true
TBR=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1476603003

Cr-Commit-Position: refs/heads/master@{#32270}
2015-11-25 13:18:03 +00:00
ishell
ebf8ec5c51 Fix JSFunction's in-object properties initialization.
BUG=v8:4572
LOG=Y

Review URL: https://codereview.chromium.org/1481493003

Cr-Commit-Position: refs/heads/master@{#32268}
2015-11-25 12:42:14 +00:00
mstarzinger
3d004eeab2 [interpreter] Switch passing of new.target to register.
This passes the new.target value in a register instead of through a
side-channel via the construct stub. The interpreter entry trampoline
stores this value in a bytecode register so that it can be accessed
directly by the interpreter. The size of the interpreter stack frame
hence grows by one slot.

R=oth@chromium.org
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1469313002

Cr-Commit-Position: refs/heads/master@{#32264}
2015-11-25 11:37:28 +00:00
ahaas
4f4947898d [turbofan] Implemented the optional Float32RoundUp operator.
The Float32RoundUp operator rounds float32 numbers towards infinity.
The operator is currently implemented on x64, ia32, arm, and arm64.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1474963002

Cr-Commit-Position: refs/heads/master@{#32262}
2015-11-25 11:08:21 +00:00
ahaas
74434403f6 [turbofan] Implemented the optional Float32RoundDown operator.
I implemented the optional Float32RoundDown operator on x64, ia32, arm,
and arm64.

For arm I also had to adjust the simulator.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1471913006

Cr-Commit-Position: refs/heads/master@{#32261}
2015-11-25 11:06:13 +00:00
machenbach
b9d5126930 Revert of Reland "[Interpreter] Add CreateClosure to BytecodeGraphBuilder." (patchset #1 id:1 of https://codereview.chromium.org/1475793003/ )
Reason for revert:
[Sheriff] Breaks cfi:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20-%20cfi/builds/1209

Original issue's description:
> Reland "[Interpreter] Add CreateClosure to BytecodeGraphBuilder."
>
> Original issue's description:
> > [Interpreter] Add CreateClosure to BytecodeGraphBuilder.
> >
> > Adds code and tests to support CreateClosure bytecode when building
> > graphs.
> >
> > Committed: https://crrev.com/4cceb11b0929abcbc82bf0854554a9b66003335d
> > Cr-Commit-Position: refs/heads/master@{#32224}
>
> BUG=v8:4280
> LOG=N
>
> Committed: https://crrev.com/6a8db006e1f0a08a43446b62765bba39fdc6af10
> Cr-Commit-Position: refs/heads/master@{#32257}

TBR=bmeurer@chromium.org,oth@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4280

Review URL: https://codereview.chromium.org/1469303006

Cr-Commit-Position: refs/heads/master@{#32260}
2015-11-25 11:04:34 +00:00
yangguo
1db01d6d5d Revert of Removed support deprecated (//@|/*@) source(URL|MappingURL)= (patchset #1 id:1 of https://codereview.chromium.org/1474543005/ )
Reason for revert:
Failing layout tests:

inspector/tracing/timeline-event-causes.html
virtual/syncpaint/inspector/tracing/timeline-event-causes.html
inspector/animation/animation-timeline-fill.html
virtual/threaded/inspector/tracing/timeline-event-causes.html
inspector/tracing/timeline-script-id.html
inspector/sources/debugger-ui/source-url-comment.html
inspector/console/console-log-linkify-stack-in-errors.html
virtual/syncpaint/inspector/tracing/timeline-script-id.html
virtual/threaded/inspector/tracing/timeline-script-id.html

Original issue's description:
> Removed support deprecated (//@|/*@) source(URL|MappingURL)=
>
> LOG=Y
> BUG=chromium:558998
> R=yangguo@chromium.org
>
> Committed: https://crrev.com/c1e5f005d79c436d90f474f8bc6448c4555a619f
> Cr-Commit-Position: refs/heads/master@{#32249}

TBR=machenbach@chromium.org,kozyatinskiy@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:558998

Review URL: https://codereview.chromium.org/1481513002

Cr-Commit-Position: refs/heads/master@{#32259}
2015-11-25 10:28:02 +00:00
oth
6a8db006e1 Reland "[Interpreter] Add CreateClosure to BytecodeGraphBuilder."
Original issue's description:
> [Interpreter] Add CreateClosure to BytecodeGraphBuilder.
>
> Adds code and tests to support CreateClosure bytecode when building
> graphs.
>
> Committed: https://crrev.com/4cceb11b0929abcbc82bf0854554a9b66003335d
> Cr-Commit-Position: refs/heads/master@{#32224}

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1475793003

Cr-Commit-Position: refs/heads/master@{#32257}
2015-11-25 09:51:49 +00:00
bmeurer
09b44428e4 [runtime] First step to sanitize regexp literal creation.
This is the initial step towards refactoring the regexp literation
creation code to make it less obscure and more similar to the mechanism
we use to create array and object literals.  There's now a new runtime
entry %CreateRegExpLiteral with the same interface as the entries for
array and object literals, except that we still pass the flags as
string.

Instead of embedding the hand written native to clone JSRegExp instances
we now have a FastCloneRegExpStub, which behaves similar to the other
FastCloneShallowArrayStub and FastCloneShallowObjectStub that we already
had.

R=mlippautz@chromium.org, yangguo@chromium.org

Review URL: https://codereview.chromium.org/1475823003

Cr-Commit-Position: refs/heads/master@{#32255}
2015-11-25 09:23:28 +00:00
yangguo
713c3df41c Add test to check PRNG quality.
Credits go to Erik Corry. Taken from:
https://github.com/dart-lang/fletch/blob/master/src/shared/random_test.cc

R=jkummerow@chromium.org
BUG=v8:4566
LOG=N

Committed: https://crrev.com/1a90af55d1e9d7d84e813dc367d475457c7df1ff
Cr-Commit-Position: refs/heads/master@{#32211}

Committed: https://crrev.com/3d84f05cd77091ea8dde7821973f13f53dbaa730
Cr-Commit-Position: refs/heads/master@{#32238}

Committed: https://crrev.com/eeee7ab050013782704b5f89e49d06a30b3455c4
Cr-Commit-Position: refs/heads/master@{#32246}

Review URL: https://codereview.chromium.org/1467133006

Cr-Commit-Position: refs/heads/master@{#32254}
2015-11-25 08:56:19 +00:00
machenbach
ec3548aea7 [test] Skip flaky test.
BUG=v8:4572
LOG=n
NOTRY=true
TBR=rossberg@chromium.org, adamk@chromium.org

Review URL: https://codereview.chromium.org/1475943002

Cr-Commit-Position: refs/heads/master@{#32251}
2015-11-25 08:18:10 +00:00
machenbach
5686e48b96 [Ignition] Skip more tests.
Test failures after https://codereview.chromium.org/1478533002

TBR=rossberg@chromium.org, littledan@chromium.org, rmcilroy@chromium.org
NOTRY=true

Review URL: https://codereview.chromium.org/1470173004

Cr-Commit-Position: refs/heads/master@{#32250}
2015-11-25 08:06:37 +00:00
kozyatinskiy
c1e5f005d7 Removed support deprecated (//@|/*@) source(URL|MappingURL)=
LOG=Y
BUG=chromium:558998
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1474543005

Cr-Commit-Position: refs/heads/master@{#32249}
2015-11-25 08:02:27 +00:00
jarin
9564ffe9c1 [turbofan] Replace information about uses by explicit truncation in representation selection.
This change replaces the bitwise masking of uses by storing the most general truncation for all uses.

Review URL: https://codereview.chromium.org/1464763003

Cr-Commit-Position: refs/heads/master@{#32248}
2015-11-25 08:01:00 +00:00
yangguo
47e1ab78d7 Revert of Add test to check PRNG quality. (patchset #5 id:80001 of https://codereview.chromium.org/1467133006/ )
Reason for revert:
failure here https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosse4/builds/6842/steps/Check/logs/RandomBitCorrelations12

Original issue's description:
> Add test to check PRNG quality.
>
> Credits go to Erik Corry. Taken from:
> https://github.com/dart-lang/fletch/blob/master/src/shared/random_test.cc
>
> R=jkummerow@chromium.org
> BUG=v8:4566
> LOG=N
>
> Committed: https://crrev.com/1a90af55d1e9d7d84e813dc367d475457c7df1ff
> Cr-Commit-Position: refs/heads/master@{#32211}
>
> Committed: https://crrev.com/3d84f05cd77091ea8dde7821973f13f53dbaa730
> Cr-Commit-Position: refs/heads/master@{#32238}
>
> Committed: https://crrev.com/eeee7ab050013782704b5f89e49d06a30b3455c4
> Cr-Commit-Position: refs/heads/master@{#32246}

TBR=jkummerow@chromium.org,erikcorry@google.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4566

Review URL: https://codereview.chromium.org/1472833004

Cr-Commit-Position: refs/heads/master@{#32247}
2015-11-25 07:44:29 +00:00
yangguo
eeee7ab050 Add test to check PRNG quality.
Credits go to Erik Corry. Taken from:
https://github.com/dart-lang/fletch/blob/master/src/shared/random_test.cc

R=jkummerow@chromium.org
BUG=v8:4566
LOG=N

Committed: https://crrev.com/1a90af55d1e9d7d84e813dc367d475457c7df1ff
Cr-Commit-Position: refs/heads/master@{#32211}

Committed: https://crrev.com/3d84f05cd77091ea8dde7821973f13f53dbaa730
Cr-Commit-Position: refs/heads/master@{#32238}

Review URL: https://codereview.chromium.org/1467133006

Cr-Commit-Position: refs/heads/master@{#32246}
2015-11-25 07:36:15 +00:00
yangguo
4a472a035d Revert of Add test to check PRNG quality. (patchset #4 id:60001 of https://codereview.chromium.org/1467133006/ )
Reason for revert:
still timing out

Original issue's description:
> Add test to check PRNG quality.
>
> Credits go to Erik Corry. Taken from:
> https://github.com/dart-lang/fletch/blob/master/src/shared/random_test.cc
>
> R=jkummerow@chromium.org
> BUG=v8:4566
> LOG=N
>
> Committed: https://crrev.com/1a90af55d1e9d7d84e813dc367d475457c7df1ff
> Cr-Commit-Position: refs/heads/master@{#32211}
>
> Committed: https://crrev.com/3d84f05cd77091ea8dde7821973f13f53dbaa730
> Cr-Commit-Position: refs/heads/master@{#32238}

TBR=jkummerow@chromium.org,erikcorry@google.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4566

Review URL: https://codereview.chromium.org/1480533002

Cr-Commit-Position: refs/heads/master@{#32243}
2015-11-25 05:16:13 +00:00
yangguo
3d84f05cd7 Add test to check PRNG quality.
Credits go to Erik Corry. Taken from:
https://github.com/dart-lang/fletch/blob/master/src/shared/random_test.cc

R=jkummerow@chromium.org
BUG=v8:4566
LOG=N

Committed: https://crrev.com/1a90af55d1e9d7d84e813dc367d475457c7df1ff
Cr-Commit-Position: refs/heads/master@{#32211}

Review URL: https://codereview.chromium.org/1467133006

Cr-Commit-Position: refs/heads/master@{#32238}
2015-11-25 01:42:10 +00:00
adamk
b6e9f625c1 [es6] Self-assignment in a default parameter initializer should throw
The first bug was that there are two different "initialization positions"
passed into PatternRewriter::DeclareAndInitializeVariables, and we weren't
setting them all properly for this case.

After further code review, it became clear that we weren't even recording
the correct position (the end of the initializer expression).

The combination of those two bugs caused the hole check elimination code
in full-codegen to skip emitting a hole check.

This patch takes care of both of those things. A follow-up will try
to reduce the number of "initializer positions" we track in the
variable declaration code.

R=littledan@chromium.org
BUG=v8:4568
LOG=n

Review URL: https://codereview.chromium.org/1468143004

Cr-Commit-Position: refs/heads/master@{#32237}
2015-11-25 01:30:39 +00:00
adamk
ceb92ebfdf Disallow destructuring in legacy sloppy for-in loop parsing
For web compat reasons, we support an initializer in the declaration
part of a for-in loop. But we should disallow this for destructured
declarations (just as we do for lexical declarations). In fact, without
disallowing it, we crash.

Also fix up the PreParser to have the same restrictions here as the parser
(the lexical check was missing there), verified by running the message tests
with --min-preparse-length=0.

In fixing the logic I've also cleaned up the code a bit, removing the
only-called-once DeclarationParsingResult::SingleName method.

BUG=v8:811
LOG=n

Review URL: https://codereview.chromium.org/1471973003

Cr-Commit-Position: refs/heads/master@{#32236}
2015-11-25 01:15:28 +00:00
littledan
9278b7b05a Reland of Disable non-standard Promise functions in staging (patchset #1 id:1 of https://codereview.chromium.org/1473603002/ )
Reason for revert:
Breakage in Ignition seems unrelated; relanding.

Original issue's description:
> Revert of Disable non-standard Promise functions in staging (patchset #5 id:80001 of https://codereview.chromium.org/1469543003/ )
>
> Reason for revert:
> [Sheriff] This breaks ignition on arm sim debug:
> https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm%20-%20sim%20-%20debug/builds/5317
>
> Seems to not be caught by the cq bot that builds release with dchecks.
>
> Original issue's description:
> > Disable non-standard Promise functions in staging
> >
> > This patch removes Promise functions and methods which are absent
> > from the ES2015 specification when the --es-staging flag is on.
> >
> > BUG=v8:3237
> > R=rossberg
> > LOG=Y
> >
> > Committed: https://crrev.com/941251af7e04d50ac2243da2870249a42111221a
> > Cr-Commit-Position: refs/heads/master@{#32194}
>
> TBR=rossberg@chromium.org,littledan@chromium.org
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:3237
>
> Committed: https://crrev.com/86bd2b3c23b562213d5af158849dcd65f347a827
> Cr-Commit-Position: refs/heads/master@{#32199}

TBR=rossberg@chromium.org,rmcilroy@chromium.org,machenbach@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3237

Review URL: https://codereview.chromium.org/1478533002

Cr-Commit-Position: refs/heads/master@{#32235}
2015-11-24 23:18:30 +00:00
fedor
64efa2a904 [machine-operator-reducer] fix float truncation
Don't replace `TruncateFloat64ToInt32(RoundInt64ToFloat64(value))` with
`value`. Generally, `value` may have a range bigger than the one that
could fit into Int32. Replace it with `TruncateInt64ToInt32(value)`
instead, and only if the `value` fits into Float64 without precision
loss.

Add missing mjsunit test for 52bit multiplication/division optimization
that has landed in refs/heads/master@{#31899}.

BUG=
R=titzer@google.com

Review URL: https://codereview.chromium.org/1433353006

Cr-Commit-Position: refs/heads/master@{#32227}
2015-11-24 20:25:40 +00:00
adamk
d756c65382 Revert of Move --harmony-destructuring-bind to shipping (patchset #5 id:80001 of https://codereview.chromium.org/1451843002/ )
Reason for revert:
Fails on V8 Fuzzer: https://build.chromium.org/p/client.v8/builders/V8%20Fuzzer/builds/6028

Original issue's description:
> Move --harmony-destructuring-bind to shipping
>
> Also fix CheckConflictingVarDeclarations() to properly handle
> legacy const bindings. Without that change enabling the flag
> causes code like:
>
>   function f() { const x; var x; }
>
> to throw an early error, rather than wait to throw the error
> until f is invoked.
>
> BUG=v8:811
> LOG=y
> CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
>
> Committed: https://crrev.com/515093630a4a925a66d550561e38293d49633f10
> Cr-Commit-Position: refs/heads/master@{#32222}

TBR=rossberg@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:811

Review URL: https://codereview.chromium.org/1470333002

Cr-Commit-Position: refs/heads/master@{#32226}
2015-11-24 18:59:31 +00:00
oth
daf185b243 Revert of [Interpreter] Add CreateClosure to BytecodeGraphBuilder. (patchset #8 id:140001 of https://codereview.chromium.org/1458603012/ )
Reason for revert:
Build break.

Original issue's description:
> [Interpreter] Add CreateClosure to BytecodeGraphBuilder.
>
> Adds code and tests to support CreateClosure bytecode when building
> graphs.
>
> BUG=v8:4280
> LOG=N
>
> Committed: https://crrev.com/4cceb11b0929abcbc82bf0854554a9b66003335d
> Cr-Commit-Position: refs/heads/master@{#32224}

TBR=bmeurer@chromium.org,mythria@chromium.org,mstarzinger@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4280

Review URL: https://codereview.chromium.org/1471913004

Cr-Commit-Position: refs/heads/master@{#32225}
2015-11-24 18:11:00 +00:00
oth
4cceb11b09 [Interpreter] Add CreateClosure to BytecodeGraphBuilder.
Adds code and tests to support CreateClosure bytecode when building
graphs.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1458603012

Cr-Commit-Position: refs/heads/master@{#32224}
2015-11-24 17:51:54 +00:00
verwaest
8e28e851ee Install ConstructNonConstructable as construct stub for non-constructables.
BUG=

Review URL: https://codereview.chromium.org/1467473002

Cr-Commit-Position: refs/heads/master@{#32223}
2015-11-24 17:17:00 +00:00
adamk
515093630a Move --harmony-destructuring-bind to shipping
Also fix CheckConflictingVarDeclarations() to properly handle
legacy const bindings. Without that change enabling the flag
causes code like:

  function f() { const x; var x; }

to throw an early error, rather than wait to throw the error
until f is invoked.

BUG=v8:811
LOG=y
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel

Review URL: https://codereview.chromium.org/1451843002

Cr-Commit-Position: refs/heads/master@{#32222}
2015-11-24 16:50:16 +00:00
bmeurer
1b1db13549 [runtime] Pass closure to %CreateArrayLiteral and %CreateObjectLiteral.
Change the runtime entries and their associated code stubs for object
and array literal creation to take the closure instead of the raw
literals pointer. This is way easier to deal with (and cleaner) in
TurboFan.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1469833005

Cr-Commit-Position: refs/heads/master@{#32220}
2015-11-24 16:05:49 +00:00
machenbach
29f4515d61 Revert of Add test to check PRNG quality. (patchset #3 id:40001 of https://codereview.chromium.org/1467133006/ )
Reason for revert:
[Sheriff] Times out on arm:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm64%20-%20sim/builds/6202/steps/Check/logs/RandomBitCorrelations

Original issue's description:
> Add test to check PRNG quality.
>
> Credits go to Erik Corry. Taken from:
> https://github.com/dart-lang/fletch/blob/master/src/shared/random_test.cc
>
> R=jkummerow@chromium.org
> BUG=v8:4566
> LOG=N
>
> Committed: https://crrev.com/1a90af55d1e9d7d84e813dc367d475457c7df1ff
> Cr-Commit-Position: refs/heads/master@{#32211}

TBR=jkummerow@chromium.org,erikcorry@google.com,yangguo@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4566

Review URL: https://codereview.chromium.org/1473613002

Cr-Commit-Position: refs/heads/master@{#32215}
2015-11-24 14:50:05 +00:00
epertoso
4307e44899 Adds the possibility of setting a Code object as the callback of a FunctionTemplate.
BUG=

Review URL: https://codereview.chromium.org/1407313004

Cr-Commit-Position: refs/heads/master@{#32213}
2015-11-24 14:33:23 +00:00
neis
a25018905d [proxies] Implement [[PreventExtensions]] and [[IsExtensible]].
BUG=

Review URL: https://codereview.chromium.org/1441043002

Cr-Commit-Position: refs/heads/master@{#32212}
2015-11-24 14:16:24 +00:00
yangguo
1a90af55d1 Add test to check PRNG quality.
Credits go to Erik Corry. Taken from:
https://github.com/dart-lang/fletch/blob/master/src/shared/random_test.cc

R=jkummerow@chromium.org
BUG=v8:4566
LOG=N

Review URL: https://codereview.chromium.org/1467133006

Cr-Commit-Position: refs/heads/master@{#32211}
2015-11-24 14:14:59 +00:00
yangguo
eeb7c05558 [es6] Implement @@match subclassing.
BUG=v8:4305
LOG=N

Review URL: https://codereview.chromium.org/1434523002

Cr-Commit-Position: refs/heads/master@{#32210}
2015-11-24 13:57:31 +00:00
ofrobots
e7560013e3 [heap] report allocated object to the inline-allocation-observers
Makes it possible for the the inline allocation observers to be sample the
actual object allocation on which the notification triggers.

R=hpayer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1460063006

Cr-Commit-Position: refs/heads/master@{#32209}
2015-11-24 13:48:05 +00:00
yangguo
912314be27 Correctly handlify Dictionary::CollectKeysTo.
'this' is a raw pointer and can be invalidated through GC, even
though the rest of the code is correctly handlified.

R=cbruni@chromium.org, jkummerow@chromium.org
BUG=v8:4570
LOG=N

Review URL: https://codereview.chromium.org/1475633002

Cr-Commit-Position: refs/heads/master@{#32208}
2015-11-24 13:43:59 +00:00
bmeurer
68ce906134 [turbofan] Introduce proper CreateLiteralParameters.
Put the constant parts of the CreateLiteralArray and CreateLiteralObject
operators into CreateLiteralParameters and properly use them everywhere.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1475613002

Cr-Commit-Position: refs/heads/master@{#32207}
2015-11-24 13:42:30 +00:00
yangguo
085fed0fb5 Implement xorshift128+ for Math.random.
BUG=v8:4566
LOG=N

Committed: https://crrev.com/2755c5a1b1cf7fc4c5c614378e5231636e6dcff5
Cr-Commit-Position: refs/heads/master@{#32200}

Review URL: https://codereview.chromium.org/1464303002

Cr-Commit-Position: refs/heads/master@{#32206}
2015-11-24 13:18:44 +00:00
yangguo
a19f2d7eca Blacklist mjsunit/harmony/reflect-own-keys for gc-stress.
TBR=ulan@chromium.org
BUG=v8:4570
LOG=N
NOTRY=true

Review URL: https://codereview.chromium.org/1466373003

Cr-Commit-Position: refs/heads/master@{#32204}
2015-11-24 12:21:22 +00:00
machenbach
86bd2b3c23 Revert of Disable non-standard Promise functions in staging (patchset #5 id:80001 of https://codereview.chromium.org/1469543003/ )
Reason for revert:
[Sheriff] This breaks ignition on arm sim debug:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm%20-%20sim%20-%20debug/builds/5317

Seems to not be caught by the cq bot that builds release with dchecks.

Original issue's description:
> Disable non-standard Promise functions in staging
>
> This patch removes Promise functions and methods which are absent
> from the ES2015 specification when the --es-staging flag is on.
>
> BUG=v8:3237
> R=rossberg
> LOG=Y
>
> Committed: https://crrev.com/941251af7e04d50ac2243da2870249a42111221a
> Cr-Commit-Position: refs/heads/master@{#32194}

TBR=rossberg@chromium.org,littledan@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3237

Review URL: https://codereview.chromium.org/1473603002

Cr-Commit-Position: refs/heads/master@{#32199}
2015-11-24 10:58:03 +00:00
littledan
941251af7e Disable non-standard Promise functions in staging
This patch removes Promise functions and methods which are absent
from the ES2015 specification when the --es-staging flag is on.

BUG=v8:3237
R=rossberg
LOG=Y

Review URL: https://codereview.chromium.org/1469543003

Cr-Commit-Position: refs/heads/master@{#32194}
2015-11-24 08:51:54 +00:00
littledan
70177a817c Revert of [Intl] create new instances when new.target is undefined (patchset #2 id:20001 of https://codereview.chromium.org/1440593003/ )
Reason for revert:
This breaks backwards compatibility by disallowing call. Web application authors have noticed the breakage. https://github.com/tc39/ecma402/issues/57

Original issue's description:
> [Intl] create new instances when new.target is undefined
>
> BUG=v8:4360
> LOG=N
> R=littledan@chromium.org
>
> Committed: https://crrev.com/fa9c39eeadd8e692af03b024fe2fdcf94ad0da6b
> Cr-Commit-Position: refs/heads/master@{#31971}

TBR=caitpotter88@gmail.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4360

Review URL: https://codereview.chromium.org/1473493003

Cr-Commit-Position: refs/heads/master@{#32189}
2015-11-24 01:54:59 +00:00
adamk
2ea7f3c869 [es6] Fix parsing of 'yield' in function and generator expressions
In a function expression, 'yield' is allowed, even if the expression
occurs inside a generator. Similarly, even in a non-generator,
a generator expression's name must not be 'yield'.

BUG=v8:3983
LOG=n

Review URL: https://codereview.chromium.org/1460393003

Cr-Commit-Position: refs/heads/master@{#32188}
2015-11-23 21:34:30 +00:00
jochen
3b3413442f Some missed three Isolate::Current calls... delete them anyway
BUG=2487
R=yangguo@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1466323002

Cr-Commit-Position: refs/heads/master@{#32178}
2015-11-23 13:48:26 +00:00
jochen
0da1a0c068 Remove v8::i::Isolate::Current from cctests
BUG=2487
R=yangguo@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1468943002

Cr-Commit-Position: refs/heads/master@{#32176}
2015-11-23 12:38:33 +00:00
jarin
6fb0f56351 [turbofan] Simplify representations selection for phi.
Review URL: https://codereview.chromium.org/1467193002

Cr-Commit-Position: refs/heads/master@{#32175}
2015-11-23 12:31:57 +00:00
jarin
134869fd24 [turbofan] Further simplify representation inference for NumberTo(U)int32.
Review URL: https://codereview.chromium.org/1471723002

Cr-Commit-Position: refs/heads/master@{#32174}
2015-11-23 12:30:24 +00:00
ulan
4ef29b1adf Refactor dependent code.
This simplifies the layout of dependent code array and optimizes it for sparse dependency groups.

BUG=chromium:554488
LOG=NO

Review URL: https://codereview.chromium.org/1435313002

Cr-Commit-Position: refs/heads/master@{#32170}
2015-11-23 09:30:27 +00:00
jochen
c7aace4d43 Remove a bunch of Isolate::Current() callsites from simulators
BUG=2487
R=ulan@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1457223005

Cr-Commit-Position: refs/heads/master@{#32164}
2015-11-23 08:10:06 +00:00
adamk
47920a472f [tests] Fix webkit class syntax tests to handle destructuring binding
R=littledan@chromium.org

Review URL: https://codereview.chromium.org/1448183002

Cr-Commit-Position: refs/heads/master@{#32156}
2015-11-21 00:24:01 +00:00
adamk
8e2e69a4b5 [es6] Allow any valid repeat of empty string in String.prototype.repeat
This lets us pass one test262 test (and seems to match what other
implementations do to handle this case).

R=littledan@chromium.org
BUG=v8:4362
LOG=n

Review URL: https://codereview.chromium.org/1454543003

Cr-Commit-Position: refs/heads/master@{#32155}
2015-11-20 23:57:39 +00:00
ofrobots
cd81dd6d74 [heap] pause/resume inline allocation observers around scavenge
We should not be counting the bump pointer allocations done during scavenge as
the objects are copied. The inline allocation observers were getting unnecessary
notifications.

R=hpayer@chromium.org, ulan@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1465633002

Cr-Commit-Position: refs/heads/master@{#32153}
2015-11-20 16:20:12 +00:00
danno
c6d310da4d [turbofan]: Implement tail calls with more callee than caller parameters
* Adds a PrepareForTailCall instruction that bumps the stack in the case that
  the number of parameters passed to the callee causes the stack to exceed the
  calleer's frame size.
* Uses the gap resolver to move the saved caller return address and frame
  pointer to the approprate location in the tail-called frame.

BUG=v8:4076
LOG=n

Review URL: https://codereview.chromium.org/1455833004

Cr-Commit-Position: refs/heads/master@{#32151}
2015-11-20 15:04:30 +00:00
dusan.m.milosavljevic
40a501a26a MIPS: [turbofan] Add matching rule to use Nor instruction.
TEST=unittests/InstructionSelectorTest.Word32XorMinusOneWithWord32Or,
     Word64XorMinusOneWithWord64Or
BUG=

Review URL: https://codereview.chromium.org/1459723002

Cr-Commit-Position: refs/heads/master@{#32149}
2015-11-20 14:00:29 +00:00
jochen
9951a617d5 Remove usage of deprecated APIs from compiler/deopt test
BUG=4134
R=epertoso@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1458003006

Cr-Commit-Position: refs/heads/master@{#32146}
2015-11-20 12:56:26 +00:00
pan.deng
154ddde42b Support offset-TypedArray in futex API
BUG=v8:4555
LOG=N

Review URL: https://codereview.chromium.org/1462833002

Cr-Commit-Position: refs/heads/master@{#32142}
2015-11-20 11:40:00 +00:00
oth
a1ba971cd8 [Interpreter] Enable assignments in expressions.
This change introduces register re-mapping to avoid assignment hazards
in binary expressions. Expressions that cause problems typically have
the form y = x + (x = 4);. The problem occurs because the lhs value
evaluates to the register holding x. The rhs updates that register and
then applying the operation would use the new value as the lhs.

By tracking loads and stores in binary expressions the generator is now
able to detect when condition occurs and uses a temporary register for
the rhs value. When the binary expression evaluation is complete the
variable is updated with the latest temporary.

A new bytecode Mov performs this update without touching the
accumulator.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1412683011

Cr-Commit-Position: refs/heads/master@{#32141}
2015-11-20 11:17:54 +00:00
ahaas
a2449d4985 [turbofan] Renamed the ChangeFloat64ToInt64 operator to TruncateFloat64ToInt64.
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1458423002

Cr-Commit-Position: refs/heads/master@{#32139}
2015-11-20 09:47:31 +00:00
akos.palfi
76af78e412 MIPS: Fix disassembler test failures.
Don't generate FP64 mode specific instructions in FP32 mode.

TEST=cctest/test-disasm-mips/Type1,
     cctest/test-disasm-mips/CVT_DISSASM

BUG=

Review URL: https://codereview.chromium.org/1462803003

Cr-Commit-Position: refs/heads/master@{#32138}
2015-11-20 09:43:37 +00:00
jochen
6e13300c19 Remove usage of deprecated APIs from assembler tests
BUG=4134
R=epertoso@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1460193002

Cr-Commit-Position: refs/heads/master@{#32137}
2015-11-20 09:30:22 +00:00
oth
8cfa73ac38 [Interpreter] Add New, CallRuntime and CallJSRuntime support to BytecodeGraphBuilder.
Adds support for the New, CallRuntime and CallJSRuntime bytecodes in
BytecodeGraphBuilder. Also adds BuildLoadObjectField,
BuildLoadGlobalObject and BuildLoadNativeContextField helpers.

Landed on behalf of rmcilroy.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1456483002

Cr-Commit-Position: refs/heads/master@{#32136}
2015-11-20 09:25:41 +00:00
ahaas
f6e689cebb [turbofan] Implemented the TruncateFloat64ToUint64 TurboFan operator.
The TruncateFloat64ToUint64 operator converts a float64 to an uint64 using
round-to-zero rounding mode (truncate). If the input value is outside uint64
range, then the result depends on the architecture. I provide an implementation for x64 and arm64.

@v8-ppc-ports and @v8-mips-ports, can you do the implementations for ppc64 and mips64?

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1457373002

Cr-Commit-Position: refs/heads/master@{#32127}
2015-11-19 20:42:27 +00:00
kozyatinskiy
89e859fb2b [V8] Unify get function name for debugging purpose
Following logic is using for getting function name in JSFunction::GetDebugName:
1. if function has displayName and its type is string then use it
2. if function has defined property Function.name as value and its type string then use it
3. otherwise use SharedFunctionInfo::DebugName as functionName.

JSFunction::GetDebugName is exposed in V8 API and in FunctionMirror interface.

BUG=chromium:17356
R=yangguo@chromium.org,mstarzinger@chromium.org
LOG=Y

Review URL: https://codereview.chromium.org/1449473005

Cr-Commit-Position: refs/heads/master@{#32124}
2015-11-19 19:32:38 +00:00
ivica.bogosavljevic
ed600e5556 MIPS: Fixing failures in cctest/test-assembler-mips/CVT
Fixing failures in cctest/test-assembler-mips/CVT on Mips32R2 without
FP64 support

BUG=

Review URL: https://codereview.chromium.org/1459763003

Cr-Commit-Position: refs/heads/master@{#32121}
2015-11-19 16:39:58 +00:00
verwaest
469d9bfa8d Introduce a BuiltinsConstructStub that sets up new.target and does a [[call]] per ES6 9.3.2
BUG=

Review URL: https://codereview.chromium.org/1448933002

Cr-Commit-Position: refs/heads/master@{#32120}
2015-11-19 16:11:09 +00:00
mythria
4bb6e7c8c0 [Interpreter] Add support for keyed load / store ICs and named store IC to
bytecode graph builder

Adds implementation and tests for KeyedLoadIC, KeyedStoreIC and StoreIC to
bytecode graph builder.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1448913002

Cr-Commit-Position: refs/heads/master@{#32116}
2015-11-19 14:16:53 +00:00
yangguo
6980f1957d Do not use deprecated API in cctest/test-debug.
R=jochen@chromium.org

Review URL: https://codereview.chromium.org/1459783005

Cr-Commit-Position: refs/heads/master@{#32115}
2015-11-19 13:46:16 +00:00
mstarzinger
0227857d26 [turbofan] Make new.target explicit in JSCallDescriptor.
This adds an explicit parameter to the call descriptor having kind
kJSCallFunction representing the new.target value. Note that for now
this parameter is not yet passed in and hence cannot be used yet. Also
contains some refactoring of how parameter index value are calculated,
establishing Linkage as the central point for such index computations.

This is a preparatory CL to allows us passing new.target in a register
instead of via a side-channel through the construct stub frame.

R=bmeurer@chromium.org
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1461973002

Cr-Commit-Position: refs/heads/master@{#32112}
2015-11-19 12:48:25 +00:00
yangguo
eb25b8c54b Correctly parse new regexp flags in v8::RegExp::New.
R=ishell@chromium.org, verwaest@chromium.org

Review URL: https://codereview.chromium.org/1457883003

Cr-Commit-Position: refs/heads/master@{#32106}
2015-11-19 10:33:16 +00:00
mythria
a8e86c49ec [Interpreter] Add support for unary operators to bytecode graph builder.
Adds implementation and tests for LogicalNot, TypeOf and Delete operators
to bytecode graph builder.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1459543003

Cr-Commit-Position: refs/heads/master@{#32104}
2015-11-19 09:39:11 +00:00
jkummerow
6f0850c63d [proxies] Update Object.defineProperty/ies for JSProxies
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1456613002

Cr-Commit-Position: refs/heads/master@{#32103}
2015-11-19 09:21:46 +00:00
ahaas
ed570fac44 [turbofan] Implemented the ChangeFloat64ToInt64 TurboFan operator.
The ChangeFloat64ToInt64 operator changes the representation of a
float64 input value to int64 if the input value can be represented
exactly on int64. Otherwise the result is currently undefined.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1455983002

Cr-Commit-Position: refs/heads/master@{#32102}
2015-11-19 08:27:27 +00:00
bmeurer
3c9ac974f2 [turbofan] Unstable prototype maps are not supported currently.
We currently assume that all prototype maps are stable, which is
not guaranteed for certain keyed access patterns. So we explicitly
disallow optimizing the element access there for now.

BUG=chromium:557807, v8:4470
R=jarin@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1456973004

Cr-Commit-Position: refs/heads/master@{#32101}
2015-11-19 06:21:06 +00:00
adamk
7d1d978654 Rename destructuring flag to "--harmony-destructuring-bind"
This is in preparation for the addition of --harmony-destructuring-assignment.

BUG=v8:811
LOG=n

Review URL: https://codereview.chromium.org/1450193002

Cr-Commit-Position: refs/heads/master@{#32098}
2015-11-18 23:30:09 +00:00
bradnelson
0acb70baaf Fix multiple return statements in typing-asm, cleanup.
The last change to typing-asm broke non-final return statements.
Fixing this.

Finishing out a partially completed test that landed by mistake.

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-asm-validator
R=titzer@chromium.org,aseemgarg@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1453343003

Cr-Commit-Position: refs/heads/master@{#32096}
2015-11-18 19:48:00 +00:00
balazs.kilvady
c91bcf7192 MIPS: Fix trampoline pool handling in MacroAssembler::BranchShort() for r6.
BUG=chromium:555543
LOG=N

Review URL: https://codereview.chromium.org/1446343002

Cr-Commit-Position: refs/heads/master@{#32094}
2015-11-18 17:43:34 +00:00
ofrobots
0514fa204a [heap] make inline-allocation-observers precise
Now that we no longer require AllocationInfo::limit to be aligned [1], we can do
more accurate inline-allocation-observation. This lets us get notified when the
next allocation that crosses the step-size boundary is allocated.

Fixed the test-cases. They make significantly more sense now given the step
sizes and the number of times we get notifications. For example, with a step
size of 512, an allocation of 16kb results in 32 notifications instead of 30
now.

[1] https://codereview.chromium.org/1444883003

R=hpayer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1448913003

Cr-Commit-Position: refs/heads/master@{#32091}
2015-11-18 15:55:02 +00:00
mstarzinger
8a57c81b3a [turbofan] Fix CFI failures in BytecodeGraphBuilder unit test.
This fixes undefined behavior with the OpParameter helper in some of our
node matchers. There was a constness mismatch of the template parameter.

R=oth@chromium.org,mythria@chromium.org

Review URL: https://codereview.chromium.org/1453973004

Cr-Commit-Position: refs/heads/master@{#32087}
2015-11-18 14:16:10 +00:00
jkummerow
107699483d Fix PropertyDescriptor::ToObject
When adding properties to the result object, that object's prototype chain should be ignored.

Review URL: https://codereview.chromium.org/1458873002

Cr-Commit-Position: refs/heads/master@{#32085}
2015-11-18 13:56:51 +00:00
yangguo
5bcddae76f [crankshaft] only compile string index access with element key.
R=bmeurer@chromium.org
BUG=chromium:554831
LOG=N

Review URL: https://codereview.chromium.org/1455883004

Cr-Commit-Position: refs/heads/master@{#32084}
2015-11-18 13:53:34 +00:00
mstarzinger
279f2aad93 [turbofan] Fix deoptimization from array literal spread.
This fixes the array literal expression stack tracking in the presence
of spread expressions. Deoptimization within a spread expression was
borked.

R=bmeurer@chromium.org
TEST=mjsunit/regress/regress-deopt-in-array-literal-spread

Review URL: https://codereview.chromium.org/1455953002

Cr-Commit-Position: refs/heads/master@{#32079}
2015-11-18 11:45:41 +00:00
mlippautz
6c85c14845 Add lock-based unbounded queue
...based on the 2-lock algorithm by M. Scott and M. Michael (1992).

BUG=chromium:524425
LOG=N

Review URL: https://codereview.chromium.org/1448283004

Cr-Commit-Position: refs/heads/master@{#32078}
2015-11-18 10:54:13 +00:00
jarin
a9fa0498e1 [turbofan] Only infer signedness for Float64->Word32 representation change from the input type.
If the input type does not help us, we are conservative and truncate (rather than guessing signed).

Review URL: https://codereview.chromium.org/1455103002

Cr-Commit-Position: refs/heads/master@{#32075}
2015-11-18 10:02:33 +00:00
jochen
3e882ff1ea Remove deprecated APIs from two more tests
BUG=4134
R=epertoso@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1455603002

Cr-Commit-Position: refs/heads/master@{#32072}
2015-11-18 08:22:30 +00:00
neis
b270813388 [es6] Partially implement Reflect.ownKeys.
Proxies are not properly supported yet.

This is a reland of 1405243006.

TBR=rossberg@chromium.org

Review URL: https://codereview.chromium.org/1460563002

Cr-Commit-Position: refs/heads/master@{#32065}
2015-11-18 00:52:50 +00:00
pan.deng
81fe5b3c45 Support SAB atomics for offset-TypedArray
BUG=497295
LOG=n

Review URL: https://codereview.chromium.org/1422533009

Cr-Commit-Position: refs/heads/master@{#32064}
2015-11-18 00:19:54 +00:00
dusan.m.milosavljevic
74145470dd MIPS: Enable logical shift right and bitwise And matching to Ext, Dext.
TEST=unittests/InstructionSelectorTest/Word32ShrWithWord32AndWithImmediate,
     Word32AndWithImmediateWithWord32Shr, Word64AndWithImmediateWithWord64Shr,
     Word64AndWithImmediateWithWord64Shr
BUG=

Review URL: https://codereview.chromium.org/1457523002

Cr-Commit-Position: refs/heads/master@{#32062}
2015-11-17 23:10:59 +00:00
dusan.m.milosavljevic
5d843f26a9 MIPS64: [turbofan] Combine untagging shifts with Mul, Div and Mod.
TEST=unittests/InstructionSelectorTest.CombineShiftsWithMul,
     InstructionSelectorTest.CombineShiftsWithDivMod
BUG=

Review URL: https://codereview.chromium.org/1444423002

Cr-Commit-Position: refs/heads/master@{#32061}
2015-11-17 22:52:54 +00:00
bradnelson
c1da268e5d Use asm style type names and improve asm typer.
The current typing-asm mishandles the relationship between
unsigned numbers and int. Restructuring and using type shortcuts
that approximate asm types.

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-asm-validator
R=titzer@chromium.org,aseemgarg@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1447133002

Cr-Commit-Position: refs/heads/master@{#32057}
2015-11-17 19:42:30 +00:00
akos.palfi
0403fd860c Fix gcc 4.9.2 signed-compare error.
BUG=

Review URL: https://codereview.chromium.org/1456543003

Cr-Commit-Position: refs/heads/master@{#32053}
2015-11-17 16:07:33 +00:00
caitpotter88
5bf360ef57 [es6] early error when Identifier is an escaped reserved word
Per http://tc39.github.io/ecma262/#sec-identifiers-static-semantics-early-errors (13.2.2),
make it a SyntaxError if an Identifier has the same StringValue as a ReservedWord.

BUG=v8:2222, v8:1972
LOG=N
R=adamk@chromium.org, rossberg@chromium.org, wingo@chromium.org

Review URL: https://codereview.chromium.org/1429983002

Cr-Commit-Position: refs/heads/master@{#32052}
2015-11-17 16:00:11 +00:00
mstarzinger
1321075391 [turbofan] Fix several OSR entries within literals.
With do-expressions any expression used within literals can turn into an
OSR entry-point. This means the literal object being constructed is then
renamed to an OSR value and needs to be reloaded from the environment.

R=rossberg@chromium.org
TEST=mjsunit/regress/regress-osr-in-literal

Review URL: https://codereview.chromium.org/1453733002

Cr-Commit-Position: refs/heads/master@{#32050}
2015-11-17 15:25:30 +00:00
oth
519df935a3 [Interpreter] Add support for global loads / stores / calls to BytecodeGraphBuilder.
Adds support for the LdaGlobal and StaGlobal bytecodes to the
BytecodeGraphBuilder. Also fixes a bug in the context node's parameter
index and start node inputs.

Landed on behalf of rmcilroy.

TBR=bmeuer@chromium.org,mythria@chromium.org
BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1449373002

Cr-Commit-Position: refs/heads/master@{#32049}
2015-11-17 15:07:15 +00:00
mstarzinger
0c1c80b2af [turbofan] Fix several OSR entries within class literals.
With do-expressions any expression used within literals can turn into an
OSR entry-point. This means the literal object being constructed is then
renamed to an OSR value and needs to be reloaded from the environment.

R=rossberg@chromium.org
TEST=mjsunit/regress/regress-osr-in-literal

Review URL: https://codereview.chromium.org/1452193003

Cr-Commit-Position: refs/heads/master@{#32048}
2015-11-17 14:51:35 +00:00
mstarzinger
f8a7236119 [turbofan] Fix several OSR entries within literals.
With do-expressions any expression used within literals can turn into an
OSR entry-point. This means the literal object being constructed is then
renamed to an OSR value and needs to be reloaded from the environment.

R=rossberg@chromium.org
TEST=mjsunit/regress/regress-osr-in-literal

Review URL: https://codereview.chromium.org/1451423002

Cr-Commit-Position: refs/heads/master@{#32047}
2015-11-17 14:25:30 +00:00
caitpotter88
24ff30b740 [es6] refactor Promise resolution
Several changes are included here:

1. Each resolution callback references shared data indicating whether
it has already been resolved or not, as described in 25.4.1.3
http://tc39.github.io/ecma262/#sec-createresolvingfunctions.
Previously this was handled exclusively by the Promise's status,
which does not work correctly with the current chaining behaviour.

2. During fulfillment, When a Promise is resolved with a thenable, the
spec chains the promises together by invoking the thenable's `then`
function with the original Promise's resolve and reject methods (per
section 25.4.2.2, or
http://tc39.github.io/ecma262/#sec-promiseresolvethenablejob, on the
next tick, regardless of whether or not there are pending tasks.

3. Adds a spec compliance fix to ensure that the Promise constructor
is only loaded once when `then()` is called, solving v8:4539 as well.
This involves refactoring PromiseChain to accept a constructor
argument. PromiseChain/PromiseDeferred will hopefully be removed soon,
simplifying the process.

BUG=v8:4162, v8:4539, v8:3237
LOG=N
R=rossberg@chromium.org, littledan@chromium.org, adamk@chromium.org

Review URL: https://codereview.chromium.org/1394463003

Cr-Commit-Position: refs/heads/master@{#32046}
2015-11-17 14:24:09 +00:00
yangguo
906903acb5 Experimental support for RegExp lookbehind.
R=erikcorry@chromium.org, littledan@chromium.org
BUG=v8:4545
LOG=N

Committed: https://crrev.com/37632606bbce1418238b13fd90cb6ef6705871cd
Cr-Commit-Position: refs/heads/master@{#32029}

Review URL: https://codereview.chromium.org/1418963009

Cr-Commit-Position: refs/heads/master@{#32043}
2015-11-17 13:33:34 +00:00
mvstanton
e75e625453 VectorICs: Remove --vector-stores flag.
BUG=

Review URL: https://codereview.chromium.org/1424153003

Cr-Commit-Position: refs/heads/master@{#32040}
2015-11-17 13:15:52 +00:00
jkummerow
9c35e4b23c [proxies] Wire up Object.getOwnPropertyDescriptor
using the new JSReceiver::GetOwnPropertyDescriptor implementation.

BUG=v8:1543
LOG=n
R=cbruni@chromium.org

Review URL: https://codereview.chromium.org/1451703003

Cr-Commit-Position: refs/heads/master@{#32037}
2015-11-17 13:08:51 +00:00
ahaas
914e221451 [tests] Cleanup of the RunRoundUint64ToFloat64 test.
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1450353002

Cr-Commit-Position: refs/heads/master@{#32036}
2015-11-17 13:07:31 +00:00
jochen
91769a6a96 Remove deprecated functions the smaller half of the remaing tests
BUG=4134
R=epertoso@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1449393002

Cr-Commit-Position: refs/heads/master@{#32035}
2015-11-17 12:42:44 +00:00
oth
e8ae8b34a5 [Interpreter] Add support for Call bytecode to bytecode graph builder.
Adds support for visiting the Call bytecode to the bytecode graph builder.
This change also adds the call type feedback slot to the Call bytecode.
This is not currently used by the interpreter, but is used by the
graph builder.

Also adds a CallWide varient of the Call bytecode, and adds the kCount16
operand type.

Landed on behalf of rmcilroy.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1456453002

Cr-Commit-Position: refs/heads/master@{#32033}
2015-11-17 12:18:53 +00:00
yangguo
5b2ae9d908 Revert of Experimental support for RegExp lookbehind. (patchset #18 id:340001 of https://codereview.chromium.org/1418963009/ )
Reason for revert:
gc stress breaks due to string_start_minus_one not being set correctly.

Original issue's description:
> Experimental support for RegExp lookbehind.
>
> R=erikcorry@chromium.org, littledan@chromium.org
> BUG=v8:4545
> LOG=N
>
> Committed: https://crrev.com/37632606bbce1418238b13fd90cb6ef6705871cd
> Cr-Commit-Position: refs/heads/master@{#32029}

TBR=littledan@chromium.org,erikcorry@chromium.org,erikcorry@google.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4545

Review URL: https://codereview.chromium.org/1451373003

Cr-Commit-Position: refs/heads/master@{#32032}
2015-11-17 11:55:21 +00:00
ahaas
2f7d6b46d0 Implemented the RoundUint64ToFloat32 TurboFan operator for x64, arm64,
and ppc64.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1438013003

Cr-Commit-Position: refs/heads/master@{#32031}
2015-11-17 11:52:05 +00:00
yangguo
37632606bb Experimental support for RegExp lookbehind.
R=erikcorry@chromium.org, littledan@chromium.org
BUG=v8:4545
LOG=N

Review URL: https://codereview.chromium.org/1418963009

Cr-Commit-Position: refs/heads/master@{#32029}
2015-11-17 11:15:06 +00:00
mythria
2acc2bc2a1 [Interpreter] Adds implementation of bytecode graph builder for LoadICSloppy/Strict.
Adds implementation and tests for following operators in bytecode graph builder:
-VisitLoadICSloppy
-VisitLoadICStrict
-VisitLoadICSloppyWide
-VisitLoadICStrictWide

The current implementation introduces empty frame states for frame state inputs expected by these operations.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1419373007

Cr-Commit-Position: refs/heads/master@{#32026}
2015-11-17 09:06:17 +00:00
jarin
a77f9179e0 [turbofan] Check for dead node in the common operator reducer.
BUG=chromium:556543
LOG=n

Review URL: https://codereview.chromium.org/1450883003

Cr-Commit-Position: refs/heads/master@{#32025}
2015-11-17 09:03:10 +00:00
bmeurer
e5edd66d07 [turbofan] Move JSCallFunction specialization to JSCallReducer.
This is the first part to refactoring the JSNativeContextSpecialization
class, which has grown way too big recently.

Also don't collect cross context feedback for the CallIC in general.
Neither TurboFan nor Crankshaft can make any use of cross context
JSFunction feedback that is collected by the CallIC, so there's no
point in gathering that feedback at all (it just complicates the
checking that is necessary in the compilers). What we should do
instead at some point (when Crankshaft becomes less important) is
to collect the SharedFunctionInfo as feedback for those cases.

R=yangguo@chromium.org
BUG=v8:4470
LOG=n

Review URL: https://codereview.chromium.org/1451273002

Cr-Commit-Position: refs/heads/master@{#32022}
2015-11-17 07:15:25 +00:00
adamk
20c0986f7b A few cleanups in test262.status
- Removed PASS/FAIL line for arrow/rest params test which should now pass.
- Moved soon-to-be-changed tests about built-in prototypes as plain objects
  to INVALID section (and noted that they'll be fixed with the
  next test262 roll).

R=littledan@chromium.org

Review URL: https://codereview.chromium.org/1450243002

Cr-Commit-Position: refs/heads/master@{#32020}
2015-11-17 05:44:12 +00:00
dusan.m.milosavljevic
9717fff12d MIPS64: Improve UInt32 to Double conversion.
TEST=
BUG=

Review URL: https://codereview.chromium.org/1446363002

Cr-Commit-Position: refs/heads/master@{#32018}
2015-11-16 23:24:19 +00:00
jochen
6ce7f90aba Map v8::Object to v8::internal::JSReceiver
BUG=none
R=verwaest@chromium.org,rossberg@chromium.org,bmeurer@chromium.org,neis@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/1413463006

Cr-Commit-Position: refs/heads/master@{#32014}
2015-11-16 16:48:54 +00:00
jochen
3cf6e040c4 Mark cctests that don't use deprecated APIs as such
BUG=4134
R=epertoso@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1451733002

Cr-Commit-Position: refs/heads/master@{#32011}
2015-11-16 16:45:31 +00:00
yangguo
436103e077 Skip test-heap/TestSizeOfRegExpCode on mips64.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/1448803003

Cr-Commit-Position: refs/heads/master@{#32008}
2015-11-16 14:36:32 +00:00
ahaas
dffecf31fc [turbofan] Added the optional Float64RoundTiesEven operator to turbofan.
The TiesEven rounding mode rounds float64 numbers to the nearest
integer. If there are two nearest integers, then the number is rounded
to the even one.  This is the default rounding mode according to
IEEE~754.

I implemented the operator on ia32, x64, arm, arm64, mips, and mips64.

I think there is a bug in the current implementation of the ppc
simulator, which kept me from implementing the operator on ppc.
According to my understanding of the ppc instruction manual, the FRIN
instruction provides the right behavior for Float64RoundTiesEven. In the
simulator, however, FRIN provides a different semantics. If there are
two nearest integers, then the simulator returns the one which is
further away form 0.

Review URL: https://codereview.chromium.org/1440293002

Cr-Commit-Position: refs/heads/master@{#32005}
2015-11-16 11:31:40 +00:00
ahaas
1389b9f53c [turbofan] Added the optional Float64RoundUp operator to turbofan.
I implemented it on x64, ia32, arm, arm64, mips, mips64, and ppc.

Review URL: https://codereview.chromium.org/1444583002

Cr-Commit-Position: refs/heads/master@{#32004}
2015-11-16 10:37:44 +00:00
paul.lind
2058991122 Fix gcc 4.9.2 signed-compare error.
From 60e7ea8a99 / https://codereview.chromium.org/1409993012

BUG=

Review URL: https://codereview.chromium.org/1442143003

Cr-Commit-Position: refs/heads/master@{#31999}
2015-11-15 12:48:19 +00:00
mlippautz
60e7ea8a99 Add {CancelableTaskManager} to handle {Cancelable} concurrent tasks.
This change binds each {Cancelable} task to a so-called {CancelableTaskManager},
which is then used to handle concurrent cancelation as well as synchronizing
shutdown for already running tasks.  Since ownership of tasks is transferred to
the platform executing a task (destructor), handling in the manager uses integer
ids. Note that this also mitigates (modulo integer size) the ABA problem.

All handling of {Cancelable} tasks is now encapsulated into the corresponding
manager, which is instantiated for each isolate.

R=hpayer@chromium.org
BUG=chromium:524425
LOG=N
CQ_EXTRA_TRYBOTS=tryserver.v8:v8_linux_arm64_gc_stress_dbg;tryserver.v8:v8_linux_gc_stress_dbg;tryserver.v8:v8_mac_gc_stress_dbg;tryserver.v8:v8_linux64_msan_rel;tryserver.v8:v8_linux64_tsan_rel;tryserver.v8:v8_mac64_asan_rel

Review URL: https://codereview.chromium.org/1409993012

Cr-Commit-Position: refs/heads/master@{#31997}
2015-11-14 01:20:14 +00:00
adamk
fd3ff03da2 Fix harmony sloppy block scoping dynamic redeclaration check
The previous code did not properly check for harmony const when
doing the dynamic redeclaration check. This was masked in the
test because each eval had an initializer, and the initializer was what
triggered the exception.

This patch tightens the test by removing initializers and fixes the bug in
DeclareLookupSlot.

Also change the test to use assertThrows where possible.

BUG=v8:4550
LOG=n

Review URL: https://codereview.chromium.org/1437003006

Cr-Commit-Position: refs/heads/master@{#31995}
2015-11-13 21:04:15 +00:00
adamk
e971005638 Run the materialized literal reindexer on default parameter initializers
R=rossberg@chromium.org
BUG=chromium:554865
LOG=n

Review URL: https://codereview.chromium.org/1442653004

Cr-Commit-Position: refs/heads/master@{#31989}
2015-11-13 17:11:05 +00:00
danno
ff283f7ded [turbofan] Better and more sane support for tail calls
* Limit triggering of tail calls to explicit use of a new inline runtime
  function %_TailCall. %_TailCall works just like %_Call except for using
  tail-calling mechanics (currently only in TF).
* Remove hack that recognized some specific usages of %_Call and converted them
  into tail calls.
* Support tail calls for all calls where the number of callee stack parameters
  is less than or equal to the number of caller stack parameters.
* Use the gap resolver to swizzle parameters and registers to tail calls.

BUG=v8:4076
LOG=n

Review URL: https://codereview.chromium.org/1439613003

Cr-Commit-Position: refs/heads/master@{#31987}
2015-11-13 16:08:30 +00:00
mstarzinger
c42f188ce2 [turbofan] Fix OSR entry in case label.
With do-expressions any expression used as a case label can turn into an
OSR entry-point. This means the value being switched over is renamed to
an OSR value and needs to be reloaded from the environment at each case.

R=rossberg@chromium.org
TEST=mjsunit/regress/regress-osr-in-case-label

Review URL: https://codereview.chromium.org/1438123007

Cr-Commit-Position: refs/heads/master@{#31986}
2015-11-13 16:05:28 +00:00
mythria
f665c823dd [Interpreter] Adds an optimization to remove redundant Ldar/Star.
Adds an optimization to omit generating Ldar/Star if the same register
is loaded or stored from the accumulator in the earlier instruction.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1435283002

Cr-Commit-Position: refs/heads/master@{#31984}
2015-11-13 14:15:35 +00:00
cbruni
24e058d0ed [runtime] support new Proxy() instead of Proxy.create and install getPrototypeOf trap
LOG=N
BUG=v8:1543

Review URL: https://codereview.chromium.org/1417063011

Cr-Commit-Position: refs/heads/master@{#31983}
2015-11-13 14:14:07 +00:00
mstarzinger
83e9ea1e49 [turbofan] Ensure inlined constructor calls still throw.
This makes sure that inlining a constructor call to a function which
cannot be used as a constructor (e.g. strong mode function) still does
throw correctly when the implicit receiver is created.

R=bmeurer@chromium.org
TEST=mjsunit/regress/regress-inline-strong-as-construct
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1447443002

Cr-Commit-Position: refs/heads/master@{#31982}
2015-11-13 14:05:48 +00:00
mstarzinger
83a6ab85cc [turbofan] Rename "original constructor" to "new target".
This aligns the naming of "new target" with the spec text throughout
TurboFan and the stack frame walker. The goal is to avoid unnecessary
confusion for people familiar with the spec.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/1442643002

Cr-Commit-Position: refs/heads/master@{#31978}
2015-11-13 11:53:38 +00:00
yangguo
a7e50a5e06 [JSON stringifier] Reintroduce fast path with bail out to slow path.
R=verwaest@chromium.org
BUG=chromium:554946
LOG=N

Review URL: https://codereview.chromium.org/1442963002

Cr-Commit-Position: refs/heads/master@{#31977}
2015-11-13 10:09:47 +00:00
jarin
95cb324adb [turbofan] Move simplified alloc, load and store lowering to change lowering.
This is necessary to allow more optimizations to take place between
the representation inference and change lowering. Perhaps we want
to rename SimplifiedLowering -> RepresentationInference and
ChangeLowering -> SimplifiedLowering.

Review URL: https://codereview.chromium.org/1439473003

Cr-Commit-Position: refs/heads/master@{#31976}
2015-11-13 08:12:14 +00:00
neis
69d218c03f [proxies] Remove "fix" functionality, add (still unused) target property.
BUG=

Review URL: https://codereview.chromium.org/1427743011

Cr-Commit-Position: refs/heads/master@{#31972}
2015-11-12 22:12:06 +00:00
caitpotter88
fa9c39eead [Intl] create new instances when new.target is undefined
BUG=v8:4360
LOG=N
R=littledan@chromium.org

Review URL: https://codereview.chromium.org/1440593003

Cr-Commit-Position: refs/heads/master@{#31971}
2015-11-12 21:46:24 +00:00
ahaas
71348aa2a0 [x64] Fixed a rounding error on x64 for the Uint64ToF64 conversion.
The least significant bit of the input value may affect the result of
the conversion through rounding. We OR the least significant with the
second least significant bit to preserve it over the SHR instruction.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1435203003

Cr-Commit-Position: refs/heads/master@{#31969}
2015-11-12 19:36:16 +00:00
yangguo
6df9a1db8c [JSON stringifier] Correctly load array elements.
BUG=chromium:554946
LOG=y
R=jkummerow@chromium.org, jochen@chromium.org

Review URL: https://codereview.chromium.org/1435083003

Cr-Commit-Position: refs/heads/master@{#31968}
2015-11-12 19:30:58 +00:00
mbrandy
f83b8a61cf Skip test-run-machops/RunComputedCodeObject on AIX and PPC64BE.
This test, as written, is invalid on platforms which use function
descriptors.

See https://codereview.chromium.org/1377423002/ for background.

R=mstarzinger@chromium.org, titzer@chromium.org, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1438803002

Cr-Commit-Position: refs/heads/master@{#31967}
2015-11-12 19:10:32 +00:00
mbrandy
59a0641820 Fix test-heap/LargeObjectSlotRecording.
Remove hard-coded assumption of large object size threshold.

This test fails on PPC in version 4.7 where the threshold is derived
directly from the allocator's pagesize.

R=hpayer@chromium.org, mstarzinger@chromium.org, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1440723002

Cr-Commit-Position: refs/heads/master@{#31963}
2015-11-12 14:33:19 +00:00
bmeurer
c55161bf16 [turbofan] Add support for %_IsSpecObject intrinsic lowering.
Now JSIntrinsicLowering can also lower %_IsSpecObject intrinsics to a
diamond.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1436943005

Cr-Commit-Position: refs/heads/master@{#31960}
2015-11-12 14:05:49 +00:00
bmeurer
c4e19c7d8d [turbofan] Lower JSCreate to an inline allocation in JSTypedLowering.
This adds initial support for fast inline allocations of JSObject
instances. It currently has exactly the same limitations as Crankshaft.

R=mstarzinger@chromium.org
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1441573004

Cr-Commit-Position: refs/heads/master@{#31957}
2015-11-12 12:57:32 +00:00
yangguo
ee9020ddd9 Serializer: attach alignment to deferred objects.
R=jkummerow@chromium.org
BUG=chromium:523919
LOG=N

Review URL: https://codereview.chromium.org/1440983002

Cr-Commit-Position: refs/heads/master@{#31956}
2015-11-12 11:28:31 +00:00
mstarzinger
bae4492a3e [turbofan] Pass new target to JSCreate nodes.
This passes both, the actual constructor and the original constructor,
to nodes having the {JSCreate} operator. This is required for allocating
properly subclassed implicit receiver objects.

R=verwaest@chromium.org
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1434873004

Cr-Commit-Position: refs/heads/master@{#31955}
2015-11-12 09:33:37 +00:00
mstarzinger
11d5d09ce1 [turbofan] Initial support for constructor call inlining.
This implements a first version of support for constructor call inlining
in the inlining machinery. For now we can only inline calls where the
actual constructor and the original constructor coincide (i.e. no super
constructor calls). Note that the target of a super constructor call is
loaded with a runtime call, so there is no way for it to be constant
promoted at the moment.

R=bmeurer@chromium.org
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1435873002

Cr-Commit-Position: refs/heads/master@{#31954}
2015-11-12 08:51:28 +00:00
bradnelson
ab1165fb1a Fix ~ operator in asm typer, add more operator tests.
The ~ operator is de-sugared into true^x, which was
being improperly handled.

Adding tests of most bitwise operators and several error cases.

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-asm-validator
R=titzer@chromium.org,aseemgarg@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1432423003

Cr-Commit-Position: refs/heads/master@{#31951}
2015-11-11 22:34:24 +00:00
ofrobots
f583661784 [heap] make inline allocation step size dynamic
Presently the inline allocation step is a static value defined to be the minimum
of the step sizes over all the observers. The step occur every (approx.) step
byte. This is unfair to observers whose steps are not evenly divisible by the
min step size. For example, consider two observers with steps sizes of 512 and
576 bytes. Across 16kb allocated, you would expect the first observer to be hit
approximately 32 times, and the second observer to be hit approximately 28
times.

In reality, the observers get notified 30 and 15 times respectively. The reason
is that each step is 512 bytes, and since 576 is not evenly divisible by 512,
it gets notified much less frequently.

This CL fixes the problem by making the next step size be the minimum (over all
observers) of the remaining bytes to get to the step, making the steps fair.

BUG=
R=hpayer@chromium.org,ulan@chromium.org

Review URL: https://codereview.chromium.org/1427973006

Cr-Commit-Position: refs/heads/master@{#31948}
2015-11-11 20:55:48 +00:00
ahaas
857cd4c1f0 Implemented the RoundUint64ToFloat64 TurboFan operator for x64 and arm64.
I don't see obvious implementations for mips64 and ppc64, so I would need
help for these two platforms.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1436943002

Cr-Commit-Position: refs/heads/master@{#31946}
2015-11-11 19:12:37 +00:00
verwaest
2ebd5fc7c9 Fix Array.prototype.slice with arguments object with negative length.
BUG=

Review URL: https://codereview.chromium.org/1436813002

Cr-Commit-Position: refs/heads/master@{#31941}
2015-11-11 11:50:38 +00:00
machenbach
392d1469d3 [Interpreter] Disable another flaky test262 test.
This is for disabling 9.2.2. for release on arm64
(approximating a bit).

BUG=v8:4280
LOG=N
NOTRY=True
TBR=rmcilroy@chromium.org

Review URL: https://codereview.chromium.org/1432183002

Cr-Commit-Position: refs/heads/master@{#31939}
2015-11-11 08:09:59 +00:00
epertoso
56c7a053e9 Revert changes introduced in http://crrev.com/1367953002.
This CL is in preparation for the API change introduced in http://crrev.com/1407313004.

BUG=

Review URL: https://codereview.chromium.org/1434693008

Cr-Commit-Position: refs/heads/master@{#31930}
2015-11-10 21:00:18 +00:00
ahaas
1b535ca075 Implemented the RoundInt64ToFloat32 TurboFan operator for x64, arm64, and mips64.
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1435603003

Cr-Commit-Position: refs/heads/master@{#31929}
2015-11-10 20:39:57 +00:00
ahaas
01fd8e05dc Implemented the Word64Popcnt TurboFan operator for x64.
Popcnt is implemented as an optional operator, which is only implementd by x64
at the moment.

Review URL: https://codereview.chromium.org/1424173006

Cr-Commit-Position: refs/heads/master@{#31928}
2015-11-10 20:38:40 +00:00
rmcilroy
0609ed27a0 [Interpreter] Disable Arm/Arm64 tests on release as well as debug for ignition.
BUG=v8:4280
LOG=N
NOTRY=True
TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1423803009

Cr-Commit-Position: refs/heads/master@{#31923}
2015-11-10 17:39:48 +00:00
balazs.kilvady
6993cd0de5 MIPS: Fix 'MIPS:r6 compact branch optimization.'
Jic and jialc compact branch ops are fixed as they does not have 'forbidden slot' restriction. Also COP1 branches (CTI instructions) added to IsForbiddenAfterBranchInstr().

TEST=cctest/test-disasm-mips/Type0
BUG=

Review URL: https://codereview.chromium.org/1423493006

Cr-Commit-Position: refs/heads/master@{#31922}
2015-11-10 17:16:09 +00:00
rmcilroy
6e599ce9d8 [Interpreter] Disable mjsunit/array-sort on Arm/Arm64
BUG=v8:4280
LOG=N
NOTRY=true
TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1410883009

Cr-Commit-Position: refs/heads/master@{#31920}
2015-11-10 16:55:50 +00:00
rmcilroy
1820acb9c9 [Interpreter] Skip some more tests on Arm64 for Ignition.
Skips some more tests which started failing after https://codereview.chromium.org/1414183006 landed.

BUG=v8:4280
LOG=N
NOTRY=True

Review URL: https://codereview.chromium.org/1412343009

Cr-Commit-Position: refs/heads/master@{#31919}
2015-11-10 15:21:57 +00:00
mbrandy
40eeb69b94 PPC: Disable gcc generation of fmadd/fmsub in cctests.
Generated code performs distinct floating multiply and add/subtract
operations.  Tests fail when GCC uses fmadd/fmsub to calculate the
expected result since these instructions provide higher accuracy due
to the lack of an intermediate round.

R=machenbach@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1416123007

Cr-Commit-Position: refs/heads/master@{#31918}
2015-11-10 14:31:28 +00:00
sigurds
45787501e5 [turbofan] Pseudo-inline 'instanceof'
This patch extends the typed lowering with a specialized version of 'instanceof' that is used if the "class", i.e. the constructor function, is a known constant.

Unittests check that replacement occurs as intended. Functional correctness is ensured by extensive unit tests covering instanceof already in the testsuite.

TESTS=unittests/JSTypedLoweringTest.{JSInstanceOfSpecializationWithSmiCheck,JSInstanceOfSpecializationWithoutSmiCheck,JSInstanceOfNoSpecialization}

Review URL: https://codereview.chromium.org/1407413014

Cr-Commit-Position: refs/heads/master@{#31916}
2015-11-10 12:20:11 +00:00
ahaas
a594ff73a9 Implemented the ctz Turbo Fan operator for x64.
Ctz is implemented as an optional operator at the moment, which is only
implemented by x64 at the moment.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1421163005

Cr-Commit-Position: refs/heads/master@{#31912}
2015-11-10 08:43:00 +00:00
yangguo
9a569ec2c8 [es6] Implement @@split subclassing.
RegExp.prototye[@@split] is not yet implement to spec regarding creating
new RegExp object with the SpeciesConstructor.

R=littledan@chromium.org
BUG=v8:4345
LOG=N

Review URL: https://codereview.chromium.org/1427573005

Cr-Commit-Position: refs/heads/master@{#31911}
2015-11-10 07:00:44 +00:00
yangguo
483d8b9bd8 Unify setting accessor properties in native code.
R=cbruni@chromium.org

Review URL: https://codereview.chromium.org/1416093006

Cr-Commit-Position: refs/heads/master@{#31910}
2015-11-10 06:58:41 +00:00
bradnelson
318bcbee31 Allow constant heap accesses in asm typer.
BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-asm-validator
R=titzer@chromium.org,aseemgarg@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1405993009

Cr-Commit-Position: refs/heads/master@{#31908}
2015-11-10 02:00:03 +00:00
neis
ec0f891d1e Revert of "[es6] Partially implement Reflect.ownKeys."
Reason for revert: failed tests on a Windows build.

TBR=rossberg,cbruni,neis
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1426943007

Cr-Commit-Position: refs/heads/master@{#31907}
2015-11-10 00:05:21 +00:00
neis
4194d0ebad [es6] Partially implement Reflect.ownKeys.
Proxies are not properly supported yet.

R=cbruni, rossberg
BUG=

Review URL: https://codereview.chromium.org/1405243006

Cr-Commit-Position: refs/heads/master@{#31906}
2015-11-09 23:30:53 +00:00
rmcilroy
aca03dfca1 [Interpreter] Disable mjsunit/readonly test on ignition due to flakes.
BUG=v8:4280
LOG=N
NOTRY=True
TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1438463002

Cr-Commit-Position: refs/heads/master@{#31900}
2015-11-09 20:46:21 +00:00
fedor
461e5b49d0 binary-operator-reducer: reduce mul+div(shift)
Reduction Input:

    ChangeInt32ToFloat64=>          TruncateFloat64ToInt32
                         Float64Mul=>
    ChangeInt32ToFloat64=>          Float64Div=>TruncateFloat64ToInt32

Output:

         =>  TruncateInt64ToInt32
Int64Mul
         =>  Int64Shr => TruncateInt64ToInt32

Test code:

    function mul(a, b) {
      var l = a & 0x3ffffff;
      var h = b & 0x3ffffff;
      var m = l * h;

      var rl = m & 0x3ffffff;
      var rh = (m / 0x4000000) | 0;

      return rl | rh;
    }

    mul(1, 2);
    var a0 = mul(0x3ffffff, 0x3ffffff);
    mul(0x0, 0x0);
    %OptimizeFunctionOnNextCall(mul);
    var a1 = mul(0x3ffffff, 0x3ffffff);

    print(a0 + ' == ' + a1);

BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1350223006

Cr-Commit-Position: refs/heads/master@{#31899}
2015-11-09 20:42:39 +00:00
mlippautz
aecd084dd9 [test] Move away from deprecated API for heap-related tests.
Removed deprecated API usage in
 - test-heap.cc
 - test-incremental-marking.cc
 - test-alloc.cc

BUG=v8:4134
LOG=n

Review URL: https://codereview.chromium.org/1406393005

Cr-Commit-Position: refs/heads/master@{#31898}
2015-11-09 19:48:44 +00:00