Commit Graph

26864 Commits

Author SHA1 Message Date
bmeurer
374b6ea210 [builtins] Sanitize the machinery around Construct calls.
There's no point in collecting feedback for super constructor calls,
because in all (interesting) cases we can gather (better) feedback from
other sources (i.e. via inlining or via using a LOAD_IC to get to the
[[Prototype]] of the target).  So CallConstructStub is now only used
for new Foo(...args) sites where we want to collect feedback in the
baseline compiler.  The optimizing compilers, Reflect.construct and
super constructor calls use the Construct builtin directly, which allows
us to remove some weird code from the CallConstructStub (and opens the
possibility for more code sharing with the CallICStub, maybe even going
for a ConstructICStub).

Also remove the 100% redundant HCallNew instruction, which is just a
wrapper for the Construct builtin anyway (indirectly via the
CallConstructStub).

Drive-by-fix: Drop unused has_function_cache bit on Code objects.

R=mstarzinger@chromium.org, yangguo@chromium.org
BUG=v8:4413, v8:4430
LOG=n

Review URL: https://codereview.chromium.org/1469793002

Cr-Commit-Position: refs/heads/master@{#32172}
2015-11-23 10:34:42 +00:00
mstarzinger
c1e7c8d972 Make arguments adaptor not clobber new.target.
This ensures that the ArgumentsAdaptorTrampoline does not clobber the
new.target value, but rather passes it through to the callee unaltered.
Note that callees do not yet use the new.target value so far.

This is a preparatory CL to allows us passing new.target in a register
instead of via a side-channel through the construct stub frame.

R=mvstanton@chromium.org
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1458103003

Cr-Commit-Position: refs/heads/master@{#32171}
2015-11-23 09:55:31 +00:00
ulan
4ef29b1adf Refactor dependent code.
This simplifies the layout of dependent code array and optimizes it for sparse dependency groups.

BUG=chromium:554488
LOG=NO

Review URL: https://codereview.chromium.org/1435313002

Cr-Commit-Position: refs/heads/master@{#32170}
2015-11-23 09:30:27 +00:00
machenbach
71962e8c8a [release] Remove unused sheriff feature from auto-roller.
BUG=chromium:559141
LOG=n
NOTRY=true

Review URL: https://codereview.chromium.org/1466233002

Cr-Commit-Position: refs/heads/master@{#32169}
2015-11-23 09:19:49 +00:00
machenbach
f39d1cd4aa [test] Switch off perf data feature on swarming.
The feature sometimes prevents subsequent swarming bots to
delete the work directory on windows.

The data file is not kept on swarming bots anyways, therefore
this switches off the feature completely.

BUG=chromium:535160
LOG=n

Review URL: https://codereview.chromium.org/1468933002

Cr-Commit-Position: refs/heads/master@{#32168}
2015-11-23 09:11:17 +00:00
zhengxing.li
a0ce839241 X87: [stubs] Change CallICStub to utilize the ConvertReceiverMode.
port d80fd48e5d (r32163)

  original commit message:
  The CallICStub has call-site specific knowledge about the receiver,
  which we did not utilize; plus the CallICStub does in some case know
  whether it is about to [[Call]] a function or potentially some other
  callable. In the common case we actually know that the target is a
  function and so we can use the CallFunction builtin directly instead
  of redispatching in the Call builtin.

BUG=

Review URL: https://codereview.chromium.org/1467123002

Cr-Commit-Position: refs/heads/master@{#32167}
2015-11-23 08:57:55 +00:00
zhengxing.li
fb633b0cc4 X87: Adopt the fix of the sqrt precision issue from TurboFan to CrankShaft.
port 4e00456471 (r31625)

  original commit message:
  X87: Fix the sqrt precision issue.

    In order to resolve the sqrt precision issue described in https://codereview.chromium.org/1425763002/.
    we change the implementation of CreateSqrtFunction() implementation of X87 so that the optimize compiler
    and full-compiler implementation are unified.

BUG=

Review URL: https://codereview.chromium.org/1470793004

Cr-Commit-Position: refs/heads/master@{#32166}
2015-11-23 08:51:17 +00:00
jochen
d9d603c556 Inline Isolate::UncheckedCurrent into isolate.cc
BUG=2487
R=yangguo@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1467973002

Cr-Commit-Position: refs/heads/master@{#32165}
2015-11-23 08:45:07 +00:00
jochen
c7aace4d43 Remove a bunch of Isolate::Current() callsites from simulators
BUG=2487
R=ulan@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1457223005

Cr-Commit-Position: refs/heads/master@{#32164}
2015-11-23 08:10:06 +00:00
bmeurer
d80fd48e5d [stubs] Change CallICStub to utilize the ConvertReceiverMode.
The CallICStub has call-site specific knowledge about the receiver,
which we did not utilize; plus the CallICStub does in some case know
whether it is about to [[Call]] a function or potentially some other
callable. In the common case we actually know that the target is a
function and so we can use the CallFunction builtin directly instead
of redispatching in the Call builtin.

BUG=chromium:555127, v8:4413
LOG=n

Review URL: https://codereview.chromium.org/1470803002

Cr-Commit-Position: refs/heads/master@{#32163}
2015-11-23 06:42:27 +00:00
zhengxing.li
8dda6ee726 X87: [turbofan]: Implement tail calls with more callee than caller parameters.
port c6d310da4d (r32151)

  original commit message:
  * Adds a PrepareForTailCall instruction that bumps the stack in the case that
    the number of parameters passed to the callee causes the stack to exceed the
    calleer's frame size.
  * Uses the gap resolver to move the saved caller return address and frame
    pointer to the approprate location in the tail-called frame.

BUG=

Review URL: https://codereview.chromium.org/1472703002

Cr-Commit-Position: refs/heads/master@{#32162}
2015-11-23 03:30:45 +00:00
zhengxing.li
d23330d496 X87: Fix object initialization when slack tracking for it's map is still enabled.
port 2fc2cb99f5 (r32144)

  original commit message:
  The old code was not ready for properly initialize objects with non standard headers and non zero in-object properties number.

  MacroAssembler::Allocate() implementations now return both start and end addresses of the new object (done by parameter renaming).

BUG=

Review URL: https://codereview.chromium.org/1467923002

Cr-Commit-Position: refs/heads/master@{#32161}
2015-11-23 03:17:28 +00:00
zhengxing.li
ea1d0a61be X87: [runtime] Introduce a proper %NewArray runtime entry.
port ceade6cf23 (r32131)

  original commit message:
  This adds a new %NewArray runtime entry, which constructs a new JSArray
  and does the subclassing correctly (to the same degree that %NewObject
  does currently), and also deals properly with the AllocationSite
  feedback mechanism. This runtime entry will be used by TurboFan and is
  also used as a fallback in the subclassing case in the stub currently.

BUG=

Review URL: https://codereview.chromium.org/1462283003

Cr-Commit-Position: refs/heads/master@{#32160}
2015-11-23 03:16:00 +00:00
jarin
9ea551aa45 [turbofan] Simplify lowering of number addition.
Review URL: https://codereview.chromium.org/1471533002

Cr-Commit-Position: refs/heads/master@{#32159}
2015-11-22 13:45:52 +00:00
v8-autoroll
b5e258aba5 Update V8 DEPS.
Rolling v8/tools/clang to f1ac92b46273db6ba0286cc1fe214d1aaa788f6d

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review URL: https://codereview.chromium.org/1466073003

Cr-Commit-Position: refs/heads/master@{#32158}
2015-11-21 09:24:23 +00:00
v8-autoroll
f9035fffdb Update V8 DEPS.
Rolling v8/tools/clang to c37aa129283791664a03189e495e5ff2a4077288

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review URL: https://codereview.chromium.org/1464063002

Cr-Commit-Position: refs/heads/master@{#32157}
2015-11-21 04:23:28 +00:00
adamk
47920a472f [tests] Fix webkit class syntax tests to handle destructuring binding
R=littledan@chromium.org

Review URL: https://codereview.chromium.org/1448183002

Cr-Commit-Position: refs/heads/master@{#32156}
2015-11-21 00:24:01 +00:00
adamk
8e2e69a4b5 [es6] Allow any valid repeat of empty string in String.prototype.repeat
This lets us pass one test262 test (and seems to match what other
implementations do to handle this case).

R=littledan@chromium.org
BUG=v8:4362
LOG=n

Review URL: https://codereview.chromium.org/1454543003

Cr-Commit-Position: refs/heads/master@{#32155}
2015-11-20 23:57:39 +00:00
ishell
cf7614d5fe Remove unused descriptor slack from strict functions to avoid breaking initial map descriptor sharing invariant.
BUG=chromium:555542
LOG=N

Review URL: https://codereview.chromium.org/1457223004

Cr-Commit-Position: refs/heads/master@{#32154}
2015-11-20 16:48:11 +00:00
ofrobots
cd81dd6d74 [heap] pause/resume inline allocation observers around scavenge
We should not be counting the bump pointer allocations done during scavenge as
the objects are copied. The inline allocation observers were getting unnecessary
notifications.

R=hpayer@chromium.org, ulan@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1465633002

Cr-Commit-Position: refs/heads/master@{#32153}
2015-11-20 16:20:12 +00:00
yangguo
b7ab5ba4fb Fix typo in MathRandomRaw.
TBR=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1461133003

Cr-Commit-Position: refs/heads/master@{#32152}
2015-11-20 15:44:56 +00:00
danno
c6d310da4d [turbofan]: Implement tail calls with more callee than caller parameters
* Adds a PrepareForTailCall instruction that bumps the stack in the case that
  the number of parameters passed to the callee causes the stack to exceed the
  calleer's frame size.
* Uses the gap resolver to move the saved caller return address and frame
  pointer to the approprate location in the tail-called frame.

BUG=v8:4076
LOG=n

Review URL: https://codereview.chromium.org/1455833004

Cr-Commit-Position: refs/heads/master@{#32151}
2015-11-20 15:04:30 +00:00
machenbach
cded3ea64f [release] Add json output to release tools.
This will allow callers (e.g. the infra recipe) to check
which steps have been executed and monitor success/failure.

BUG=chromium:559141
LOG=n
NOTRY=true

Review URL: https://codereview.chromium.org/1463143004

Cr-Commit-Position: refs/heads/master@{#32150}
2015-11-20 14:50:10 +00:00
dusan.m.milosavljevic
40a501a26a MIPS: [turbofan] Add matching rule to use Nor instruction.
TEST=unittests/InstructionSelectorTest.Word32XorMinusOneWithWord32Or,
     Word64XorMinusOneWithWord64Or
BUG=

Review URL: https://codereview.chromium.org/1459723002

Cr-Commit-Position: refs/heads/master@{#32149}
2015-11-20 14:00:29 +00:00
ishell
71be443430 Reland "Prepare to enable in-object properties in subclasses on a case by case basis."
Original issue's description:
> Prepare to enable in-object properties in subclasses on a case by case basis.
>
> Minor cleanup in VisitorId selection.
>
> Committed: https://crrev.com/7c449a62edfc03aed84d94da323dcfe2b51a3600
> Cr-Commit-Position: refs/heads/master@{#32030}

This is a mostly clean reland.

Review URL: https://codereview.chromium.org/1459133002

Cr-Commit-Position: refs/heads/master@{#32148}
2015-11-20 13:35:37 +00:00
akos.palfi
05f01e69c3 MIPS64: [turbofan] Implemented the TruncateFloat64ToUint64 TurboFan operator.
Port f6e689cebb

BUG=

Review URL: https://codereview.chromium.org/1463193002

Cr-Commit-Position: refs/heads/master@{#32147}
2015-11-20 13:11:29 +00:00
jochen
9951a617d5 Remove usage of deprecated APIs from compiler/deopt test
BUG=4134
R=epertoso@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1458003006

Cr-Commit-Position: refs/heads/master@{#32146}
2015-11-20 12:56:26 +00:00
bmeurer
aeb41de0e6 [turbofan] Initial support for Array constructor specialization.
Introduce a JSCreateArray operator that represents the Array
constructor, and lower call and construct calls to the Array
constructor to JSCreateArray. Currently we don't yet replace
that with an inline allocation, but always use the specialized
stubs for the Array constructor.

This saves a lot of unnecessary deopts and elements transitions
because now we can actually consume the allocation site feedback
for the transitions.

R=mstarzinger@chromium.org
BUG=v8:4470
LOG=n

Review URL: https://codereview.chromium.org/1466643002

Cr-Commit-Position: refs/heads/master@{#32145}
2015-11-20 12:50:13 +00:00
ishell
2fc2cb99f5 Fix object initialization when slack tracking for it's map is still enabled.
The old code was not ready for properly initialize objects with non standard headers and non zero in-object properties number.

MacroAssembler::Allocate() implementations now return both start and end addresses of the new object (done by parameter renaming).

Review URL: https://codereview.chromium.org/1459083003

Cr-Commit-Position: refs/heads/master@{#32144}
2015-11-20 12:04:25 +00:00
verwaest
ea6cf20757 Change IS_OBJECT back to typeof == "object" and use IS_SPEC_OBJECT in Array.from and RegExp
BUG=

Review URL: https://codereview.chromium.org/1463083004

Cr-Commit-Position: refs/heads/master@{#32143}
2015-11-20 11:57:44 +00:00
pan.deng
154ddde42b Support offset-TypedArray in futex API
BUG=v8:4555
LOG=N

Review URL: https://codereview.chromium.org/1462833002

Cr-Commit-Position: refs/heads/master@{#32142}
2015-11-20 11:40:00 +00:00
oth
a1ba971cd8 [Interpreter] Enable assignments in expressions.
This change introduces register re-mapping to avoid assignment hazards
in binary expressions. Expressions that cause problems typically have
the form y = x + (x = 4);. The problem occurs because the lhs value
evaluates to the register holding x. The rhs updates that register and
then applying the operation would use the new value as the lhs.

By tracking loads and stores in binary expressions the generator is now
able to detect when condition occurs and uses a temporary register for
the rhs value. When the binary expression evaluation is complete the
variable is updated with the latest temporary.

A new bytecode Mov performs this update without touching the
accumulator.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1412683011

Cr-Commit-Position: refs/heads/master@{#32141}
2015-11-20 11:17:54 +00:00
sigurds
0ec6db4750 [turbofan] Fix argument allocation dangling effect chains
Argument allocation in typed lowering was producing
dangling effect chains. This patch fixes three sources
of dangling effect chains.

BUG=

Review URL: https://codereview.chromium.org/1447323005

Cr-Commit-Position: refs/heads/master@{#32140}
2015-11-20 10:50:25 +00:00
ahaas
a2449d4985 [turbofan] Renamed the ChangeFloat64ToInt64 operator to TruncateFloat64ToInt64.
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1458423002

Cr-Commit-Position: refs/heads/master@{#32139}
2015-11-20 09:47:31 +00:00
akos.palfi
76af78e412 MIPS: Fix disassembler test failures.
Don't generate FP64 mode specific instructions in FP32 mode.

TEST=cctest/test-disasm-mips/Type1,
     cctest/test-disasm-mips/CVT_DISSASM

BUG=

Review URL: https://codereview.chromium.org/1462803003

Cr-Commit-Position: refs/heads/master@{#32138}
2015-11-20 09:43:37 +00:00
jochen
6e13300c19 Remove usage of deprecated APIs from assembler tests
BUG=4134
R=epertoso@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1460193002

Cr-Commit-Position: refs/heads/master@{#32137}
2015-11-20 09:30:22 +00:00
oth
8cfa73ac38 [Interpreter] Add New, CallRuntime and CallJSRuntime support to BytecodeGraphBuilder.
Adds support for the New, CallRuntime and CallJSRuntime bytecodes in
BytecodeGraphBuilder. Also adds BuildLoadObjectField,
BuildLoadGlobalObject and BuildLoadNativeContextField helpers.

Landed on behalf of rmcilroy.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1456483002

Cr-Commit-Position: refs/heads/master@{#32136}
2015-11-20 09:25:41 +00:00
Michael Achenbach
1e03334e76 Whitespace change to test swarming.
Cr-Commit-Position: refs/heads/master@{#32135}
2015-11-20 09:13:48 +00:00
yangguo
b154e8d7a0 Provide an RNG seed for creating snapshot.
If Math.random is called when creating the snapshot, we need seeds to
work with. Those seeds are going to be overwritten after deserializing
from the snapshot.

NOTRY=true
NOTREECHECKS=true
TBR=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1458003005

Cr-Commit-Position: refs/heads/master@{#32134}
2015-11-20 08:49:23 +00:00
machenbach
321c4ace97 Prepare switching arm cross-compile to ninja.
BUG=chromium:534332
LOG=n
TBR=jochen@chromium.org
NOTREECHECKS=true

Review URL: https://codereview.chromium.org/1464583004

Cr-Commit-Position: refs/heads/master@{#32133}
2015-11-20 08:46:04 +00:00
yangguo
623cbdc543 Tweak RNG.
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1462293002

Cr-Commit-Position: refs/heads/master@{#32132}
2015-11-20 07:55:46 +00:00
bmeurer
ceade6cf23 [runtime] Introduce a proper %NewArray runtime entry.
This adds a new %NewArray runtime entry, which constructs a new JSArray
and does the subclassing correctly (to the same degree that %NewObject
does currently), and also deals properly with the AllocationSite
feedback mechanism. This runtime entry will be used by TurboFan and is
also used as a fallback in the subclassing case in the stub currently.

BUG=v8:3101, v8:3330
LOG=n

Review URL: https://codereview.chromium.org/1456423003

Cr-Commit-Position: refs/heads/master@{#32131}
2015-11-20 06:21:29 +00:00
v8-autoroll
ce3d04cff4 Update V8 DEPS.
Rolling v8/tools/swarming_client to 05e17879accce360bee999cd9ec891d761056bc2

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review URL: https://codereview.chromium.org/1460103003

Cr-Commit-Position: refs/heads/master@{#32130}
2015-11-20 04:25:04 +00:00
zhengxing.li
313ff5c87f X87: Introduce a BuiltinsConstructStub that sets up new.target and does a [[call]] per ES6 9.3.2.
port 469d9bfa8d (r32120)

  original commit message:

BUG=

Review URL: https://codereview.chromium.org/1459843004

Cr-Commit-Position: refs/heads/master@{#32129}
2015-11-20 03:08:32 +00:00
mbrandy
289c54cff9 PPC: Introduce a BuiltinsConstructStub that sets up new.target and does a [[call]] per ES6 9.3.2
Port 469d9bfa8d

R=verwaest@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1465643002

Cr-Commit-Position: refs/heads/master@{#32128}
2015-11-19 23:08:29 +00:00
ahaas
f6e689cebb [turbofan] Implemented the TruncateFloat64ToUint64 TurboFan operator.
The TruncateFloat64ToUint64 operator converts a float64 to an uint64 using
round-to-zero rounding mode (truncate). If the input value is outside uint64
range, then the result depends on the architecture. I provide an implementation for x64 and arm64.

@v8-ppc-ports and @v8-mips-ports, can you do the implementations for ppc64 and mips64?

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1457373002

Cr-Commit-Position: refs/heads/master@{#32127}
2015-11-19 20:42:27 +00:00
mstarzinger
adec263860 Simplify MacroAssembler::InvokePrologue a bit.
This removes some dead code from the function invocation code when the
arguments adaptor trampoline is called. This seems to be leftover code
from when we used to support calling code objects directly.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1455293004

Cr-Commit-Position: refs/heads/master@{#32126}
2015-11-19 19:45:06 +00:00
mstarzinger
e2bce9d392 [crankshaft] Pass new.target to direct function calls.
This changes all direct function calls in Crankshaft to pass undefined
via the register expected to hold the new.target value. Note that the
register is still ignored by all callees for now.

This is a preparatory CL to allows us passing new.target in a register
instead of via a side-channel through the construct stub frame.

R=bmeurer@chromium.org
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1459183002

Cr-Commit-Position: refs/heads/master@{#32125}
2015-11-19 19:34:04 +00:00
kozyatinskiy
89e859fb2b [V8] Unify get function name for debugging purpose
Following logic is using for getting function name in JSFunction::GetDebugName:
1. if function has displayName and its type is string then use it
2. if function has defined property Function.name as value and its type string then use it
3. otherwise use SharedFunctionInfo::DebugName as functionName.

JSFunction::GetDebugName is exposed in V8 API and in FunctionMirror interface.

BUG=chromium:17356
R=yangguo@chromium.org,mstarzinger@chromium.org
LOG=Y

Review URL: https://codereview.chromium.org/1449473005

Cr-Commit-Position: refs/heads/master@{#32124}
2015-11-19 19:32:38 +00:00
mvstanton
f7b6e3815c Maintain a FixedArray for the optimized code map.
This simplifies follow-on changes to the FastNewClosureStub.

BUG=

Review URL: https://codereview.chromium.org/1433923002

Cr-Commit-Position: refs/heads/master@{#32123}
2015-11-19 19:31:51 +00:00