Commit Graph

5160 Commits

Author SHA1 Message Date
machenbach
8452a75315 [test] Skip flaky test.
BUG=v8:4358
LOG=n
TBR=yangguo@chromium.org, hablich@chromium.org
NOTRY=true

Review URL: https://codereview.chromium.org/1475053002

Cr-Commit-Position: refs/heads/master@{#32282}
2015-11-25 15:23:49 +00:00
mythria
46401fcb1c [Interpreter] Add support for compare operators to bytecode graph builder.
Adds implementation and tests for compare operators to bytecode graph builder.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1476473005

Cr-Commit-Position: refs/heads/master@{#32280}
2015-11-25 15:21:38 +00:00
jochen
aa9cfc8222 Make whether or not a Code object should be created by masm explicit
We always want to have an Isolate, so just use an extra ctor arg

BUG=2487
R=yangguo@chromium.org,mstarzinger@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1476763002

Cr-Commit-Position: refs/heads/master@{#32277}
2015-11-25 14:23:56 +00:00
machenbach
87177738ce [test] Skip flaky test for turbofan on windows.
BUG=v8:4573
LOG=n
TBR=mstarzinger@chromium.org
NOTRY=true

Review URL: https://codereview.chromium.org/1465193006

Cr-Commit-Position: refs/heads/master@{#32276}
2015-11-25 14:23:08 +00:00
bmeurer
2732a6ad44 [es6] Correct parsing of regular expression literal flags.
ES6 section 12.2.8.1 states that flags for regular expression literals
must be checked during parsing and invalid flags are early errors. This
change adapts the Scanner and (Pre)Parser to act according to the spec.

This is also a prerequisite to unify the handling of literal creation
(for Objects, Arrays, Regexps, and at some point Classes).

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1472323002

Cr-Commit-Position: refs/heads/master@{#32273}
2015-11-25 13:46:43 +00:00
ulan
7a21cdafaf Optimize ClearNonLiveReferences: do not compact prototype transitions in GC.
BUG=chromium:554488
LOG=NO

Review URL: https://codereview.chromium.org/1470773003

Cr-Commit-Position: refs/heads/master@{#32272}
2015-11-25 13:39:13 +00:00
mstarzinger
3d004eeab2 [interpreter] Switch passing of new.target to register.
This passes the new.target value in a register instead of through a
side-channel via the construct stub. The interpreter entry trampoline
stores this value in a bytecode register so that it can be accessed
directly by the interpreter. The size of the interpreter stack frame
hence grows by one slot.

R=oth@chromium.org
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1469313002

Cr-Commit-Position: refs/heads/master@{#32264}
2015-11-25 11:37:28 +00:00
ahaas
4f4947898d [turbofan] Implemented the optional Float32RoundUp operator.
The Float32RoundUp operator rounds float32 numbers towards infinity.
The operator is currently implemented on x64, ia32, arm, and arm64.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1474963002

Cr-Commit-Position: refs/heads/master@{#32262}
2015-11-25 11:08:21 +00:00
ahaas
74434403f6 [turbofan] Implemented the optional Float32RoundDown operator.
I implemented the optional Float32RoundDown operator on x64, ia32, arm,
and arm64.

For arm I also had to adjust the simulator.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1471913006

Cr-Commit-Position: refs/heads/master@{#32261}
2015-11-25 11:06:13 +00:00
machenbach
b9d5126930 Revert of Reland "[Interpreter] Add CreateClosure to BytecodeGraphBuilder." (patchset #1 id:1 of https://codereview.chromium.org/1475793003/ )
Reason for revert:
[Sheriff] Breaks cfi:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20-%20cfi/builds/1209

Original issue's description:
> Reland "[Interpreter] Add CreateClosure to BytecodeGraphBuilder."
>
> Original issue's description:
> > [Interpreter] Add CreateClosure to BytecodeGraphBuilder.
> >
> > Adds code and tests to support CreateClosure bytecode when building
> > graphs.
> >
> > Committed: https://crrev.com/4cceb11b0929abcbc82bf0854554a9b66003335d
> > Cr-Commit-Position: refs/heads/master@{#32224}
>
> BUG=v8:4280
> LOG=N
>
> Committed: https://crrev.com/6a8db006e1f0a08a43446b62765bba39fdc6af10
> Cr-Commit-Position: refs/heads/master@{#32257}

TBR=bmeurer@chromium.org,oth@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4280

Review URL: https://codereview.chromium.org/1469303006

Cr-Commit-Position: refs/heads/master@{#32260}
2015-11-25 11:04:34 +00:00
yangguo
1db01d6d5d Revert of Removed support deprecated (//@|/*@) source(URL|MappingURL)= (patchset #1 id:1 of https://codereview.chromium.org/1474543005/ )
Reason for revert:
Failing layout tests:

inspector/tracing/timeline-event-causes.html
virtual/syncpaint/inspector/tracing/timeline-event-causes.html
inspector/animation/animation-timeline-fill.html
virtual/threaded/inspector/tracing/timeline-event-causes.html
inspector/tracing/timeline-script-id.html
inspector/sources/debugger-ui/source-url-comment.html
inspector/console/console-log-linkify-stack-in-errors.html
virtual/syncpaint/inspector/tracing/timeline-script-id.html
virtual/threaded/inspector/tracing/timeline-script-id.html

Original issue's description:
> Removed support deprecated (//@|/*@) source(URL|MappingURL)=
>
> LOG=Y
> BUG=chromium:558998
> R=yangguo@chromium.org
>
> Committed: https://crrev.com/c1e5f005d79c436d90f474f8bc6448c4555a619f
> Cr-Commit-Position: refs/heads/master@{#32249}

TBR=machenbach@chromium.org,kozyatinskiy@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:558998

Review URL: https://codereview.chromium.org/1481513002

Cr-Commit-Position: refs/heads/master@{#32259}
2015-11-25 10:28:02 +00:00
oth
6a8db006e1 Reland "[Interpreter] Add CreateClosure to BytecodeGraphBuilder."
Original issue's description:
> [Interpreter] Add CreateClosure to BytecodeGraphBuilder.
>
> Adds code and tests to support CreateClosure bytecode when building
> graphs.
>
> Committed: https://crrev.com/4cceb11b0929abcbc82bf0854554a9b66003335d
> Cr-Commit-Position: refs/heads/master@{#32224}

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1475793003

Cr-Commit-Position: refs/heads/master@{#32257}
2015-11-25 09:51:49 +00:00
bmeurer
09b44428e4 [runtime] First step to sanitize regexp literal creation.
This is the initial step towards refactoring the regexp literation
creation code to make it less obscure and more similar to the mechanism
we use to create array and object literals.  There's now a new runtime
entry %CreateRegExpLiteral with the same interface as the entries for
array and object literals, except that we still pass the flags as
string.

Instead of embedding the hand written native to clone JSRegExp instances
we now have a FastCloneRegExpStub, which behaves similar to the other
FastCloneShallowArrayStub and FastCloneShallowObjectStub that we already
had.

R=mlippautz@chromium.org, yangguo@chromium.org

Review URL: https://codereview.chromium.org/1475823003

Cr-Commit-Position: refs/heads/master@{#32255}
2015-11-25 09:23:28 +00:00
yangguo
713c3df41c Add test to check PRNG quality.
Credits go to Erik Corry. Taken from:
https://github.com/dart-lang/fletch/blob/master/src/shared/random_test.cc

R=jkummerow@chromium.org
BUG=v8:4566
LOG=N

Committed: https://crrev.com/1a90af55d1e9d7d84e813dc367d475457c7df1ff
Cr-Commit-Position: refs/heads/master@{#32211}

Committed: https://crrev.com/3d84f05cd77091ea8dde7821973f13f53dbaa730
Cr-Commit-Position: refs/heads/master@{#32238}

Committed: https://crrev.com/eeee7ab050013782704b5f89e49d06a30b3455c4
Cr-Commit-Position: refs/heads/master@{#32246}

Review URL: https://codereview.chromium.org/1467133006

Cr-Commit-Position: refs/heads/master@{#32254}
2015-11-25 08:56:19 +00:00
kozyatinskiy
c1e5f005d7 Removed support deprecated (//@|/*@) source(URL|MappingURL)=
LOG=Y
BUG=chromium:558998
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1474543005

Cr-Commit-Position: refs/heads/master@{#32249}
2015-11-25 08:02:27 +00:00
jarin
9564ffe9c1 [turbofan] Replace information about uses by explicit truncation in representation selection.
This change replaces the bitwise masking of uses by storing the most general truncation for all uses.

Review URL: https://codereview.chromium.org/1464763003

Cr-Commit-Position: refs/heads/master@{#32248}
2015-11-25 08:01:00 +00:00
yangguo
47e1ab78d7 Revert of Add test to check PRNG quality. (patchset #5 id:80001 of https://codereview.chromium.org/1467133006/ )
Reason for revert:
failure here https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosse4/builds/6842/steps/Check/logs/RandomBitCorrelations12

Original issue's description:
> Add test to check PRNG quality.
>
> Credits go to Erik Corry. Taken from:
> https://github.com/dart-lang/fletch/blob/master/src/shared/random_test.cc
>
> R=jkummerow@chromium.org
> BUG=v8:4566
> LOG=N
>
> Committed: https://crrev.com/1a90af55d1e9d7d84e813dc367d475457c7df1ff
> Cr-Commit-Position: refs/heads/master@{#32211}
>
> Committed: https://crrev.com/3d84f05cd77091ea8dde7821973f13f53dbaa730
> Cr-Commit-Position: refs/heads/master@{#32238}
>
> Committed: https://crrev.com/eeee7ab050013782704b5f89e49d06a30b3455c4
> Cr-Commit-Position: refs/heads/master@{#32246}

TBR=jkummerow@chromium.org,erikcorry@google.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4566

Review URL: https://codereview.chromium.org/1472833004

Cr-Commit-Position: refs/heads/master@{#32247}
2015-11-25 07:44:29 +00:00
yangguo
eeee7ab050 Add test to check PRNG quality.
Credits go to Erik Corry. Taken from:
https://github.com/dart-lang/fletch/blob/master/src/shared/random_test.cc

R=jkummerow@chromium.org
BUG=v8:4566
LOG=N

Committed: https://crrev.com/1a90af55d1e9d7d84e813dc367d475457c7df1ff
Cr-Commit-Position: refs/heads/master@{#32211}

Committed: https://crrev.com/3d84f05cd77091ea8dde7821973f13f53dbaa730
Cr-Commit-Position: refs/heads/master@{#32238}

Review URL: https://codereview.chromium.org/1467133006

Cr-Commit-Position: refs/heads/master@{#32246}
2015-11-25 07:36:15 +00:00
yangguo
4a472a035d Revert of Add test to check PRNG quality. (patchset #4 id:60001 of https://codereview.chromium.org/1467133006/ )
Reason for revert:
still timing out

Original issue's description:
> Add test to check PRNG quality.
>
> Credits go to Erik Corry. Taken from:
> https://github.com/dart-lang/fletch/blob/master/src/shared/random_test.cc
>
> R=jkummerow@chromium.org
> BUG=v8:4566
> LOG=N
>
> Committed: https://crrev.com/1a90af55d1e9d7d84e813dc367d475457c7df1ff
> Cr-Commit-Position: refs/heads/master@{#32211}
>
> Committed: https://crrev.com/3d84f05cd77091ea8dde7821973f13f53dbaa730
> Cr-Commit-Position: refs/heads/master@{#32238}

TBR=jkummerow@chromium.org,erikcorry@google.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4566

Review URL: https://codereview.chromium.org/1480533002

Cr-Commit-Position: refs/heads/master@{#32243}
2015-11-25 05:16:13 +00:00
yangguo
3d84f05cd7 Add test to check PRNG quality.
Credits go to Erik Corry. Taken from:
https://github.com/dart-lang/fletch/blob/master/src/shared/random_test.cc

R=jkummerow@chromium.org
BUG=v8:4566
LOG=N

Committed: https://crrev.com/1a90af55d1e9d7d84e813dc367d475457c7df1ff
Cr-Commit-Position: refs/heads/master@{#32211}

Review URL: https://codereview.chromium.org/1467133006

Cr-Commit-Position: refs/heads/master@{#32238}
2015-11-25 01:42:10 +00:00
oth
daf185b243 Revert of [Interpreter] Add CreateClosure to BytecodeGraphBuilder. (patchset #8 id:140001 of https://codereview.chromium.org/1458603012/ )
Reason for revert:
Build break.

Original issue's description:
> [Interpreter] Add CreateClosure to BytecodeGraphBuilder.
>
> Adds code and tests to support CreateClosure bytecode when building
> graphs.
>
> BUG=v8:4280
> LOG=N
>
> Committed: https://crrev.com/4cceb11b0929abcbc82bf0854554a9b66003335d
> Cr-Commit-Position: refs/heads/master@{#32224}

TBR=bmeurer@chromium.org,mythria@chromium.org,mstarzinger@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4280

Review URL: https://codereview.chromium.org/1471913004

Cr-Commit-Position: refs/heads/master@{#32225}
2015-11-24 18:11:00 +00:00
oth
4cceb11b09 [Interpreter] Add CreateClosure to BytecodeGraphBuilder.
Adds code and tests to support CreateClosure bytecode when building
graphs.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1458603012

Cr-Commit-Position: refs/heads/master@{#32224}
2015-11-24 17:51:54 +00:00
verwaest
8e28e851ee Install ConstructNonConstructable as construct stub for non-constructables.
BUG=

Review URL: https://codereview.chromium.org/1467473002

Cr-Commit-Position: refs/heads/master@{#32223}
2015-11-24 17:17:00 +00:00
machenbach
29f4515d61 Revert of Add test to check PRNG quality. (patchset #3 id:40001 of https://codereview.chromium.org/1467133006/ )
Reason for revert:
[Sheriff] Times out on arm:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm64%20-%20sim/builds/6202/steps/Check/logs/RandomBitCorrelations

Original issue's description:
> Add test to check PRNG quality.
>
> Credits go to Erik Corry. Taken from:
> https://github.com/dart-lang/fletch/blob/master/src/shared/random_test.cc
>
> R=jkummerow@chromium.org
> BUG=v8:4566
> LOG=N
>
> Committed: https://crrev.com/1a90af55d1e9d7d84e813dc367d475457c7df1ff
> Cr-Commit-Position: refs/heads/master@{#32211}

TBR=jkummerow@chromium.org,erikcorry@google.com,yangguo@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4566

Review URL: https://codereview.chromium.org/1473613002

Cr-Commit-Position: refs/heads/master@{#32215}
2015-11-24 14:50:05 +00:00
epertoso
4307e44899 Adds the possibility of setting a Code object as the callback of a FunctionTemplate.
BUG=

Review URL: https://codereview.chromium.org/1407313004

Cr-Commit-Position: refs/heads/master@{#32213}
2015-11-24 14:33:23 +00:00
neis
a25018905d [proxies] Implement [[PreventExtensions]] and [[IsExtensible]].
BUG=

Review URL: https://codereview.chromium.org/1441043002

Cr-Commit-Position: refs/heads/master@{#32212}
2015-11-24 14:16:24 +00:00
yangguo
1a90af55d1 Add test to check PRNG quality.
Credits go to Erik Corry. Taken from:
https://github.com/dart-lang/fletch/blob/master/src/shared/random_test.cc

R=jkummerow@chromium.org
BUG=v8:4566
LOG=N

Review URL: https://codereview.chromium.org/1467133006

Cr-Commit-Position: refs/heads/master@{#32211}
2015-11-24 14:14:59 +00:00
ofrobots
e7560013e3 [heap] report allocated object to the inline-allocation-observers
Makes it possible for the the inline allocation observers to be sample the
actual object allocation on which the notification triggers.

R=hpayer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1460063006

Cr-Commit-Position: refs/heads/master@{#32209}
2015-11-24 13:48:05 +00:00
yangguo
085fed0fb5 Implement xorshift128+ for Math.random.
BUG=v8:4566
LOG=N

Committed: https://crrev.com/2755c5a1b1cf7fc4c5c614378e5231636e6dcff5
Cr-Commit-Position: refs/heads/master@{#32200}

Review URL: https://codereview.chromium.org/1464303002

Cr-Commit-Position: refs/heads/master@{#32206}
2015-11-24 13:18:44 +00:00
adamk
2ea7f3c869 [es6] Fix parsing of 'yield' in function and generator expressions
In a function expression, 'yield' is allowed, even if the expression
occurs inside a generator. Similarly, even in a non-generator,
a generator expression's name must not be 'yield'.

BUG=v8:3983
LOG=n

Review URL: https://codereview.chromium.org/1460393003

Cr-Commit-Position: refs/heads/master@{#32188}
2015-11-23 21:34:30 +00:00
jochen
3b3413442f Some missed three Isolate::Current calls... delete them anyway
BUG=2487
R=yangguo@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1466323002

Cr-Commit-Position: refs/heads/master@{#32178}
2015-11-23 13:48:26 +00:00
jochen
0da1a0c068 Remove v8::i::Isolate::Current from cctests
BUG=2487
R=yangguo@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1468943002

Cr-Commit-Position: refs/heads/master@{#32176}
2015-11-23 12:38:33 +00:00
jarin
6fb0f56351 [turbofan] Simplify representations selection for phi.
Review URL: https://codereview.chromium.org/1467193002

Cr-Commit-Position: refs/heads/master@{#32175}
2015-11-23 12:31:57 +00:00
jarin
134869fd24 [turbofan] Further simplify representation inference for NumberTo(U)int32.
Review URL: https://codereview.chromium.org/1471723002

Cr-Commit-Position: refs/heads/master@{#32174}
2015-11-23 12:30:24 +00:00
ulan
4ef29b1adf Refactor dependent code.
This simplifies the layout of dependent code array and optimizes it for sparse dependency groups.

BUG=chromium:554488
LOG=NO

Review URL: https://codereview.chromium.org/1435313002

Cr-Commit-Position: refs/heads/master@{#32170}
2015-11-23 09:30:27 +00:00
jochen
c7aace4d43 Remove a bunch of Isolate::Current() callsites from simulators
BUG=2487
R=ulan@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1457223005

Cr-Commit-Position: refs/heads/master@{#32164}
2015-11-23 08:10:06 +00:00
ofrobots
cd81dd6d74 [heap] pause/resume inline allocation observers around scavenge
We should not be counting the bump pointer allocations done during scavenge as
the objects are copied. The inline allocation observers were getting unnecessary
notifications.

R=hpayer@chromium.org, ulan@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1465633002

Cr-Commit-Position: refs/heads/master@{#32153}
2015-11-20 16:20:12 +00:00
jochen
9951a617d5 Remove usage of deprecated APIs from compiler/deopt test
BUG=4134
R=epertoso@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1458003006

Cr-Commit-Position: refs/heads/master@{#32146}
2015-11-20 12:56:26 +00:00
oth
a1ba971cd8 [Interpreter] Enable assignments in expressions.
This change introduces register re-mapping to avoid assignment hazards
in binary expressions. Expressions that cause problems typically have
the form y = x + (x = 4);. The problem occurs because the lhs value
evaluates to the register holding x. The rhs updates that register and
then applying the operation would use the new value as the lhs.

By tracking loads and stores in binary expressions the generator is now
able to detect when condition occurs and uses a temporary register for
the rhs value. When the binary expression evaluation is complete the
variable is updated with the latest temporary.

A new bytecode Mov performs this update without touching the
accumulator.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1412683011

Cr-Commit-Position: refs/heads/master@{#32141}
2015-11-20 11:17:54 +00:00
ahaas
a2449d4985 [turbofan] Renamed the ChangeFloat64ToInt64 operator to TruncateFloat64ToInt64.
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1458423002

Cr-Commit-Position: refs/heads/master@{#32139}
2015-11-20 09:47:31 +00:00
akos.palfi
76af78e412 MIPS: Fix disassembler test failures.
Don't generate FP64 mode specific instructions in FP32 mode.

TEST=cctest/test-disasm-mips/Type1,
     cctest/test-disasm-mips/CVT_DISSASM

BUG=

Review URL: https://codereview.chromium.org/1462803003

Cr-Commit-Position: refs/heads/master@{#32138}
2015-11-20 09:43:37 +00:00
jochen
6e13300c19 Remove usage of deprecated APIs from assembler tests
BUG=4134
R=epertoso@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1460193002

Cr-Commit-Position: refs/heads/master@{#32137}
2015-11-20 09:30:22 +00:00
oth
8cfa73ac38 [Interpreter] Add New, CallRuntime and CallJSRuntime support to BytecodeGraphBuilder.
Adds support for the New, CallRuntime and CallJSRuntime bytecodes in
BytecodeGraphBuilder. Also adds BuildLoadObjectField,
BuildLoadGlobalObject and BuildLoadNativeContextField helpers.

Landed on behalf of rmcilroy.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1456483002

Cr-Commit-Position: refs/heads/master@{#32136}
2015-11-20 09:25:41 +00:00
ahaas
f6e689cebb [turbofan] Implemented the TruncateFloat64ToUint64 TurboFan operator.
The TruncateFloat64ToUint64 operator converts a float64 to an uint64 using
round-to-zero rounding mode (truncate). If the input value is outside uint64
range, then the result depends on the architecture. I provide an implementation for x64 and arm64.

@v8-ppc-ports and @v8-mips-ports, can you do the implementations for ppc64 and mips64?

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1457373002

Cr-Commit-Position: refs/heads/master@{#32127}
2015-11-19 20:42:27 +00:00
kozyatinskiy
89e859fb2b [V8] Unify get function name for debugging purpose
Following logic is using for getting function name in JSFunction::GetDebugName:
1. if function has displayName and its type is string then use it
2. if function has defined property Function.name as value and its type string then use it
3. otherwise use SharedFunctionInfo::DebugName as functionName.

JSFunction::GetDebugName is exposed in V8 API and in FunctionMirror interface.

BUG=chromium:17356
R=yangguo@chromium.org,mstarzinger@chromium.org
LOG=Y

Review URL: https://codereview.chromium.org/1449473005

Cr-Commit-Position: refs/heads/master@{#32124}
2015-11-19 19:32:38 +00:00
ivica.bogosavljevic
ed600e5556 MIPS: Fixing failures in cctest/test-assembler-mips/CVT
Fixing failures in cctest/test-assembler-mips/CVT on Mips32R2 without
FP64 support

BUG=

Review URL: https://codereview.chromium.org/1459763003

Cr-Commit-Position: refs/heads/master@{#32121}
2015-11-19 16:39:58 +00:00
mythria
4bb6e7c8c0 [Interpreter] Add support for keyed load / store ICs and named store IC to
bytecode graph builder

Adds implementation and tests for KeyedLoadIC, KeyedStoreIC and StoreIC to
bytecode graph builder.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1448913002

Cr-Commit-Position: refs/heads/master@{#32116}
2015-11-19 14:16:53 +00:00
yangguo
6980f1957d Do not use deprecated API in cctest/test-debug.
R=jochen@chromium.org

Review URL: https://codereview.chromium.org/1459783005

Cr-Commit-Position: refs/heads/master@{#32115}
2015-11-19 13:46:16 +00:00
yangguo
eb25b8c54b Correctly parse new regexp flags in v8::RegExp::New.
R=ishell@chromium.org, verwaest@chromium.org

Review URL: https://codereview.chromium.org/1457883003

Cr-Commit-Position: refs/heads/master@{#32106}
2015-11-19 10:33:16 +00:00
mythria
a8e86c49ec [Interpreter] Add support for unary operators to bytecode graph builder.
Adds implementation and tests for LogicalNot, TypeOf and Delete operators
to bytecode graph builder.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1459543003

Cr-Commit-Position: refs/heads/master@{#32104}
2015-11-19 09:39:11 +00:00
ahaas
ed570fac44 [turbofan] Implemented the ChangeFloat64ToInt64 TurboFan operator.
The ChangeFloat64ToInt64 operator changes the representation of a
float64 input value to int64 if the input value can be represented
exactly on int64. Otherwise the result is currently undefined.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1455983002

Cr-Commit-Position: refs/heads/master@{#32102}
2015-11-19 08:27:27 +00:00
adamk
7d1d978654 Rename destructuring flag to "--harmony-destructuring-bind"
This is in preparation for the addition of --harmony-destructuring-assignment.

BUG=v8:811
LOG=n

Review URL: https://codereview.chromium.org/1450193002

Cr-Commit-Position: refs/heads/master@{#32098}
2015-11-18 23:30:09 +00:00
bradnelson
0acb70baaf Fix multiple return statements in typing-asm, cleanup.
The last change to typing-asm broke non-final return statements.
Fixing this.

Finishing out a partially completed test that landed by mistake.

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-asm-validator
R=titzer@chromium.org,aseemgarg@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1453343003

Cr-Commit-Position: refs/heads/master@{#32096}
2015-11-18 19:48:00 +00:00
balazs.kilvady
c91bcf7192 MIPS: Fix trampoline pool handling in MacroAssembler::BranchShort() for r6.
BUG=chromium:555543
LOG=N

Review URL: https://codereview.chromium.org/1446343002

Cr-Commit-Position: refs/heads/master@{#32094}
2015-11-18 17:43:34 +00:00
ofrobots
0514fa204a [heap] make inline-allocation-observers precise
Now that we no longer require AllocationInfo::limit to be aligned [1], we can do
more accurate inline-allocation-observation. This lets us get notified when the
next allocation that crosses the step-size boundary is allocated.

Fixed the test-cases. They make significantly more sense now given the step
sizes and the number of times we get notifications. For example, with a step
size of 512, an allocation of 16kb results in 32 notifications instead of 30
now.

[1] https://codereview.chromium.org/1444883003

R=hpayer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1448913003

Cr-Commit-Position: refs/heads/master@{#32091}
2015-11-18 15:55:02 +00:00
jarin
a9fa0498e1 [turbofan] Only infer signedness for Float64->Word32 representation change from the input type.
If the input type does not help us, we are conservative and truncate (rather than guessing signed).

Review URL: https://codereview.chromium.org/1455103002

Cr-Commit-Position: refs/heads/master@{#32075}
2015-11-18 10:02:33 +00:00
jochen
3e882ff1ea Remove deprecated APIs from two more tests
BUG=4134
R=epertoso@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1455603002

Cr-Commit-Position: refs/heads/master@{#32072}
2015-11-18 08:22:30 +00:00
bradnelson
c1da268e5d Use asm style type names and improve asm typer.
The current typing-asm mishandles the relationship between
unsigned numbers and int. Restructuring and using type shortcuts
that approximate asm types.

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-asm-validator
R=titzer@chromium.org,aseemgarg@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1447133002

Cr-Commit-Position: refs/heads/master@{#32057}
2015-11-17 19:42:30 +00:00
akos.palfi
0403fd860c Fix gcc 4.9.2 signed-compare error.
BUG=

Review URL: https://codereview.chromium.org/1456543003

Cr-Commit-Position: refs/heads/master@{#32053}
2015-11-17 16:07:33 +00:00
caitpotter88
5bf360ef57 [es6] early error when Identifier is an escaped reserved word
Per http://tc39.github.io/ecma262/#sec-identifiers-static-semantics-early-errors (13.2.2),
make it a SyntaxError if an Identifier has the same StringValue as a ReservedWord.

BUG=v8:2222, v8:1972
LOG=N
R=adamk@chromium.org, rossberg@chromium.org, wingo@chromium.org

Review URL: https://codereview.chromium.org/1429983002

Cr-Commit-Position: refs/heads/master@{#32052}
2015-11-17 16:00:11 +00:00
oth
519df935a3 [Interpreter] Add support for global loads / stores / calls to BytecodeGraphBuilder.
Adds support for the LdaGlobal and StaGlobal bytecodes to the
BytecodeGraphBuilder. Also fixes a bug in the context node's parameter
index and start node inputs.

Landed on behalf of rmcilroy.

TBR=bmeuer@chromium.org,mythria@chromium.org
BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1449373002

Cr-Commit-Position: refs/heads/master@{#32049}
2015-11-17 15:07:15 +00:00
caitpotter88
24ff30b740 [es6] refactor Promise resolution
Several changes are included here:

1. Each resolution callback references shared data indicating whether
it has already been resolved or not, as described in 25.4.1.3
http://tc39.github.io/ecma262/#sec-createresolvingfunctions.
Previously this was handled exclusively by the Promise's status,
which does not work correctly with the current chaining behaviour.

2. During fulfillment, When a Promise is resolved with a thenable, the
spec chains the promises together by invoking the thenable's `then`
function with the original Promise's resolve and reject methods (per
section 25.4.2.2, or
http://tc39.github.io/ecma262/#sec-promiseresolvethenablejob, on the
next tick, regardless of whether or not there are pending tasks.

3. Adds a spec compliance fix to ensure that the Promise constructor
is only loaded once when `then()` is called, solving v8:4539 as well.
This involves refactoring PromiseChain to accept a constructor
argument. PromiseChain/PromiseDeferred will hopefully be removed soon,
simplifying the process.

BUG=v8:4162, v8:4539, v8:3237
LOG=N
R=rossberg@chromium.org, littledan@chromium.org, adamk@chromium.org

Review URL: https://codereview.chromium.org/1394463003

Cr-Commit-Position: refs/heads/master@{#32046}
2015-11-17 14:24:09 +00:00
yangguo
906903acb5 Experimental support for RegExp lookbehind.
R=erikcorry@chromium.org, littledan@chromium.org
BUG=v8:4545
LOG=N

Committed: https://crrev.com/37632606bbce1418238b13fd90cb6ef6705871cd
Cr-Commit-Position: refs/heads/master@{#32029}

Review URL: https://codereview.chromium.org/1418963009

Cr-Commit-Position: refs/heads/master@{#32043}
2015-11-17 13:33:34 +00:00
mvstanton
e75e625453 VectorICs: Remove --vector-stores flag.
BUG=

Review URL: https://codereview.chromium.org/1424153003

Cr-Commit-Position: refs/heads/master@{#32040}
2015-11-17 13:15:52 +00:00
ahaas
914e221451 [tests] Cleanup of the RunRoundUint64ToFloat64 test.
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1450353002

Cr-Commit-Position: refs/heads/master@{#32036}
2015-11-17 13:07:31 +00:00
jochen
91769a6a96 Remove deprecated functions the smaller half of the remaing tests
BUG=4134
R=epertoso@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1449393002

Cr-Commit-Position: refs/heads/master@{#32035}
2015-11-17 12:42:44 +00:00
oth
e8ae8b34a5 [Interpreter] Add support for Call bytecode to bytecode graph builder.
Adds support for visiting the Call bytecode to the bytecode graph builder.
This change also adds the call type feedback slot to the Call bytecode.
This is not currently used by the interpreter, but is used by the
graph builder.

Also adds a CallWide varient of the Call bytecode, and adds the kCount16
operand type.

Landed on behalf of rmcilroy.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1456453002

Cr-Commit-Position: refs/heads/master@{#32033}
2015-11-17 12:18:53 +00:00
yangguo
5b2ae9d908 Revert of Experimental support for RegExp lookbehind. (patchset #18 id:340001 of https://codereview.chromium.org/1418963009/ )
Reason for revert:
gc stress breaks due to string_start_minus_one not being set correctly.

Original issue's description:
> Experimental support for RegExp lookbehind.
>
> R=erikcorry@chromium.org, littledan@chromium.org
> BUG=v8:4545
> LOG=N
>
> Committed: https://crrev.com/37632606bbce1418238b13fd90cb6ef6705871cd
> Cr-Commit-Position: refs/heads/master@{#32029}

TBR=littledan@chromium.org,erikcorry@chromium.org,erikcorry@google.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4545

Review URL: https://codereview.chromium.org/1451373003

Cr-Commit-Position: refs/heads/master@{#32032}
2015-11-17 11:55:21 +00:00
ahaas
2f7d6b46d0 Implemented the RoundUint64ToFloat32 TurboFan operator for x64, arm64,
and ppc64.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1438013003

Cr-Commit-Position: refs/heads/master@{#32031}
2015-11-17 11:52:05 +00:00
yangguo
37632606bb Experimental support for RegExp lookbehind.
R=erikcorry@chromium.org, littledan@chromium.org
BUG=v8:4545
LOG=N

Review URL: https://codereview.chromium.org/1418963009

Cr-Commit-Position: refs/heads/master@{#32029}
2015-11-17 11:15:06 +00:00
mythria
2acc2bc2a1 [Interpreter] Adds implementation of bytecode graph builder for LoadICSloppy/Strict.
Adds implementation and tests for following operators in bytecode graph builder:
-VisitLoadICSloppy
-VisitLoadICStrict
-VisitLoadICSloppyWide
-VisitLoadICStrictWide

The current implementation introduces empty frame states for frame state inputs expected by these operations.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1419373007

Cr-Commit-Position: refs/heads/master@{#32026}
2015-11-17 09:06:17 +00:00
bmeurer
e5edd66d07 [turbofan] Move JSCallFunction specialization to JSCallReducer.
This is the first part to refactoring the JSNativeContextSpecialization
class, which has grown way too big recently.

Also don't collect cross context feedback for the CallIC in general.
Neither TurboFan nor Crankshaft can make any use of cross context
JSFunction feedback that is collected by the CallIC, so there's no
point in gathering that feedback at all (it just complicates the
checking that is necessary in the compilers). What we should do
instead at some point (when Crankshaft becomes less important) is
to collect the SharedFunctionInfo as feedback for those cases.

R=yangguo@chromium.org
BUG=v8:4470
LOG=n

Review URL: https://codereview.chromium.org/1451273002

Cr-Commit-Position: refs/heads/master@{#32022}
2015-11-17 07:15:25 +00:00
dusan.m.milosavljevic
9717fff12d MIPS64: Improve UInt32 to Double conversion.
TEST=
BUG=

Review URL: https://codereview.chromium.org/1446363002

Cr-Commit-Position: refs/heads/master@{#32018}
2015-11-16 23:24:19 +00:00
jochen
6ce7f90aba Map v8::Object to v8::internal::JSReceiver
BUG=none
R=verwaest@chromium.org,rossberg@chromium.org,bmeurer@chromium.org,neis@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/1413463006

Cr-Commit-Position: refs/heads/master@{#32014}
2015-11-16 16:48:54 +00:00
jochen
3cf6e040c4 Mark cctests that don't use deprecated APIs as such
BUG=4134
R=epertoso@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1451733002

Cr-Commit-Position: refs/heads/master@{#32011}
2015-11-16 16:45:31 +00:00
yangguo
436103e077 Skip test-heap/TestSizeOfRegExpCode on mips64.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/1448803003

Cr-Commit-Position: refs/heads/master@{#32008}
2015-11-16 14:36:32 +00:00
ahaas
dffecf31fc [turbofan] Added the optional Float64RoundTiesEven operator to turbofan.
The TiesEven rounding mode rounds float64 numbers to the nearest
integer. If there are two nearest integers, then the number is rounded
to the even one.  This is the default rounding mode according to
IEEE~754.

I implemented the operator on ia32, x64, arm, arm64, mips, and mips64.

I think there is a bug in the current implementation of the ppc
simulator, which kept me from implementing the operator on ppc.
According to my understanding of the ppc instruction manual, the FRIN
instruction provides the right behavior for Float64RoundTiesEven. In the
simulator, however, FRIN provides a different semantics. If there are
two nearest integers, then the simulator returns the one which is
further away form 0.

Review URL: https://codereview.chromium.org/1440293002

Cr-Commit-Position: refs/heads/master@{#32005}
2015-11-16 11:31:40 +00:00
ahaas
1389b9f53c [turbofan] Added the optional Float64RoundUp operator to turbofan.
I implemented it on x64, ia32, arm, arm64, mips, mips64, and ppc.

Review URL: https://codereview.chromium.org/1444583002

Cr-Commit-Position: refs/heads/master@{#32004}
2015-11-16 10:37:44 +00:00
mythria
f665c823dd [Interpreter] Adds an optimization to remove redundant Ldar/Star.
Adds an optimization to omit generating Ldar/Star if the same register
is loaded or stored from the accumulator in the earlier instruction.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1435283002

Cr-Commit-Position: refs/heads/master@{#31984}
2015-11-13 14:15:35 +00:00
mstarzinger
83a6ab85cc [turbofan] Rename "original constructor" to "new target".
This aligns the naming of "new target" with the spec text throughout
TurboFan and the stack frame walker. The goal is to avoid unnecessary
confusion for people familiar with the spec.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/1442643002

Cr-Commit-Position: refs/heads/master@{#31978}
2015-11-13 11:53:38 +00:00
jarin
95cb324adb [turbofan] Move simplified alloc, load and store lowering to change lowering.
This is necessary to allow more optimizations to take place between
the representation inference and change lowering. Perhaps we want
to rename SimplifiedLowering -> RepresentationInference and
ChangeLowering -> SimplifiedLowering.

Review URL: https://codereview.chromium.org/1439473003

Cr-Commit-Position: refs/heads/master@{#31976}
2015-11-13 08:12:14 +00:00
ahaas
71348aa2a0 [x64] Fixed a rounding error on x64 for the Uint64ToF64 conversion.
The least significant bit of the input value may affect the result of
the conversion through rounding. We OR the least significant with the
second least significant bit to preserve it over the SHR instruction.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1435203003

Cr-Commit-Position: refs/heads/master@{#31969}
2015-11-12 19:36:16 +00:00
mbrandy
f83b8a61cf Skip test-run-machops/RunComputedCodeObject on AIX and PPC64BE.
This test, as written, is invalid on platforms which use function
descriptors.

See https://codereview.chromium.org/1377423002/ for background.

R=mstarzinger@chromium.org, titzer@chromium.org, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1438803002

Cr-Commit-Position: refs/heads/master@{#31967}
2015-11-12 19:10:32 +00:00
mbrandy
59a0641820 Fix test-heap/LargeObjectSlotRecording.
Remove hard-coded assumption of large object size threshold.

This test fails on PPC in version 4.7 where the threshold is derived
directly from the allocator's pagesize.

R=hpayer@chromium.org, mstarzinger@chromium.org, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1440723002

Cr-Commit-Position: refs/heads/master@{#31963}
2015-11-12 14:33:19 +00:00
bradnelson
ab1165fb1a Fix ~ operator in asm typer, add more operator tests.
The ~ operator is de-sugared into true^x, which was
being improperly handled.

Adding tests of most bitwise operators and several error cases.

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-asm-validator
R=titzer@chromium.org,aseemgarg@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1432423003

Cr-Commit-Position: refs/heads/master@{#31951}
2015-11-11 22:34:24 +00:00
ofrobots
f583661784 [heap] make inline allocation step size dynamic
Presently the inline allocation step is a static value defined to be the minimum
of the step sizes over all the observers. The step occur every (approx.) step
byte. This is unfair to observers whose steps are not evenly divisible by the
min step size. For example, consider two observers with steps sizes of 512 and
576 bytes. Across 16kb allocated, you would expect the first observer to be hit
approximately 32 times, and the second observer to be hit approximately 28
times.

In reality, the observers get notified 30 and 15 times respectively. The reason
is that each step is 512 bytes, and since 576 is not evenly divisible by 512,
it gets notified much less frequently.

This CL fixes the problem by making the next step size be the minimum (over all
observers) of the remaining bytes to get to the step, making the steps fair.

BUG=
R=hpayer@chromium.org,ulan@chromium.org

Review URL: https://codereview.chromium.org/1427973006

Cr-Commit-Position: refs/heads/master@{#31948}
2015-11-11 20:55:48 +00:00
ahaas
857cd4c1f0 Implemented the RoundUint64ToFloat64 TurboFan operator for x64 and arm64.
I don't see obvious implementations for mips64 and ppc64, so I would need
help for these two platforms.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1436943002

Cr-Commit-Position: refs/heads/master@{#31946}
2015-11-11 19:12:37 +00:00
epertoso
56c7a053e9 Revert changes introduced in http://crrev.com/1367953002.
This CL is in preparation for the API change introduced in http://crrev.com/1407313004.

BUG=

Review URL: https://codereview.chromium.org/1434693008

Cr-Commit-Position: refs/heads/master@{#31930}
2015-11-10 21:00:18 +00:00
ahaas
1b535ca075 Implemented the RoundInt64ToFloat32 TurboFan operator for x64, arm64, and mips64.
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1435603003

Cr-Commit-Position: refs/heads/master@{#31929}
2015-11-10 20:39:57 +00:00
ahaas
01fd8e05dc Implemented the Word64Popcnt TurboFan operator for x64.
Popcnt is implemented as an optional operator, which is only implementd by x64
at the moment.

Review URL: https://codereview.chromium.org/1424173006

Cr-Commit-Position: refs/heads/master@{#31928}
2015-11-10 20:38:40 +00:00
balazs.kilvady
6993cd0de5 MIPS: Fix 'MIPS:r6 compact branch optimization.'
Jic and jialc compact branch ops are fixed as they does not have 'forbidden slot' restriction. Also COP1 branches (CTI instructions) added to IsForbiddenAfterBranchInstr().

TEST=cctest/test-disasm-mips/Type0
BUG=

Review URL: https://codereview.chromium.org/1423493006

Cr-Commit-Position: refs/heads/master@{#31922}
2015-11-10 17:16:09 +00:00
mbrandy
40eeb69b94 PPC: Disable gcc generation of fmadd/fmsub in cctests.
Generated code performs distinct floating multiply and add/subtract
operations.  Tests fail when GCC uses fmadd/fmsub to calculate the
expected result since these instructions provide higher accuracy due
to the lack of an intermediate round.

R=machenbach@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1416123007

Cr-Commit-Position: refs/heads/master@{#31918}
2015-11-10 14:31:28 +00:00
sigurds
45787501e5 [turbofan] Pseudo-inline 'instanceof'
This patch extends the typed lowering with a specialized version of 'instanceof' that is used if the "class", i.e. the constructor function, is a known constant.

Unittests check that replacement occurs as intended. Functional correctness is ensured by extensive unit tests covering instanceof already in the testsuite.

TESTS=unittests/JSTypedLoweringTest.{JSInstanceOfSpecializationWithSmiCheck,JSInstanceOfSpecializationWithoutSmiCheck,JSInstanceOfNoSpecialization}

Review URL: https://codereview.chromium.org/1407413014

Cr-Commit-Position: refs/heads/master@{#31916}
2015-11-10 12:20:11 +00:00
ahaas
a594ff73a9 Implemented the ctz Turbo Fan operator for x64.
Ctz is implemented as an optional operator at the moment, which is only
implemented by x64 at the moment.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1421163005

Cr-Commit-Position: refs/heads/master@{#31912}
2015-11-10 08:43:00 +00:00
bradnelson
318bcbee31 Allow constant heap accesses in asm typer.
BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-asm-validator
R=titzer@chromium.org,aseemgarg@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1405993009

Cr-Commit-Position: refs/heads/master@{#31908}
2015-11-10 02:00:03 +00:00
mlippautz
aecd084dd9 [test] Move away from deprecated API for heap-related tests.
Removed deprecated API usage in
 - test-heap.cc
 - test-incremental-marking.cc
 - test-alloc.cc

BUG=v8:4134
LOG=n

Review URL: https://codereview.chromium.org/1406393005

Cr-Commit-Position: refs/heads/master@{#31898}
2015-11-09 19:48:44 +00:00
ahaas
7558e93347 Improved some tests in test-run-machops.
I improved the tests for Word32Clz, Word32Ctz, and Word32Popcnt, and ported
some tests to the BufferedRawMachineAssemblerTester.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1437493002

Cr-Commit-Position: refs/heads/master@{#31896}
2015-11-09 17:42:00 +00:00
mtrofin
ab1d270a72 [assembler] Introduce proper AssemblerBase::Print() for improved debuggability.
While working on frame elision, I wanted to disassemble codegen in the
debugger, as the code generation is progressing. I discovered we had a
 "Print" member on the x64 assembler, without any implementation. I
pulled it up to AssemblerBase and gave it an implementation that
should work for the other architectures.

Also checked that ia32, x87, arm and arm64 assemblers didn't have
such an implementation - free Print.

Arm64 has a naming conflict with the v8::internal::Disassembler. I
renamed the arm64 type with a more specific name.

Opportunistically fixed a bug in the name converter. This debug-time
printer doesn't provide a Code object, which should be OK with the
name converters, by the looks of other APIs there. All this means is that
when using the Print() API, we just get addresses dumped without any
context (like what this address may be - a stub maybe, etc). This seems
fine for the scenario.

There may be other places that assume a Code object. Since this is
a diagnostics-only scenario, for codegen developers, I feel it is
reasonable to fix such other places as we find them.

Review URL: https://codereview.chromium.org/1431933003

Cr-Commit-Position: refs/heads/master@{#31869}
2015-11-09 05:39:38 +00:00
rmcilroy
e5e1454bad [Interpreter] Add support for new.target
BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1419273008

Cr-Commit-Position: refs/heads/master@{#31862}
2015-11-06 15:46:10 +00:00
rmcilroy
8c32ef6ee8 [Interpreter] Add support for VisitThisFunction.
BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1406253008

Cr-Commit-Position: refs/heads/master@{#31859}
2015-11-06 15:01:03 +00:00