Commit Graph

26700 Commits

Author SHA1 Message Date
yangguo
912314be27 Correctly handlify Dictionary::CollectKeysTo.
'this' is a raw pointer and can be invalidated through GC, even
though the rest of the code is correctly handlified.

R=cbruni@chromium.org, jkummerow@chromium.org
BUG=v8:4570
LOG=N

Review URL: https://codereview.chromium.org/1475633002

Cr-Commit-Position: refs/heads/master@{#32208}
2015-11-24 13:43:59 +00:00
bmeurer
68ce906134 [turbofan] Introduce proper CreateLiteralParameters.
Put the constant parts of the CreateLiteralArray and CreateLiteralObject
operators into CreateLiteralParameters and properly use them everywhere.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1475613002

Cr-Commit-Position: refs/heads/master@{#32207}
2015-11-24 13:42:30 +00:00
yangguo
085fed0fb5 Implement xorshift128+ for Math.random.
BUG=v8:4566
LOG=N

Committed: https://crrev.com/2755c5a1b1cf7fc4c5c614378e5231636e6dcff5
Cr-Commit-Position: refs/heads/master@{#32200}

Review URL: https://codereview.chromium.org/1464303002

Cr-Commit-Position: refs/heads/master@{#32206}
2015-11-24 13:18:44 +00:00
bmeurer
9846f386f0 [compiler] No need to push literal index in VisitArrayLiteral.
The literal index is being pushed onto the stack while evaluating
the non-constant subexpressions, but never used in fullcodegen (and
hence not used in the optimizing compilers).

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1471893003

Cr-Commit-Position: refs/heads/master@{#32205}
2015-11-24 13:04:36 +00:00
yangguo
a19f2d7eca Blacklist mjsunit/harmony/reflect-own-keys for gc-stress.
TBR=ulan@chromium.org
BUG=v8:4570
LOG=N
NOTRY=true

Review URL: https://codereview.chromium.org/1466373003

Cr-Commit-Position: refs/heads/master@{#32204}
2015-11-24 12:21:22 +00:00
mstarzinger
7c45b00529 [turbofan] Switch passing of new.target to register.
This passes the new.target value in a register instead of through a
side-channel via the construct stub. Note that only TurboFan code uses
the register value so far, but unoptimized code will be switched soon.

R=bmeurer@chromium.org
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1460503008

Cr-Commit-Position: refs/heads/master@{#32203}
2015-11-24 11:39:23 +00:00
yangguo
be22cdafc2 Revert of Implement xorshift128+ for Math.random. (patchset #6 id:100001 of https://codereview.chromium.org/1464303002/ )
Reason for revert:
Test failure: http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20gc%20stress/builds/491/steps/Mjsunit/logs/reflect-own-keys

Original issue's description:
> Implement xorshift128+ for Math.random.
>
> BUG=v8:4566
> LOG=N
>
> Committed: https://crrev.com/2755c5a1b1cf7fc4c5c614378e5231636e6dcff5
> Cr-Commit-Position: refs/heads/master@{#32200}

TBR=bmeurer@chromium.org,jkummerow@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4566

Review URL: https://codereview.chromium.org/1475493003

Cr-Commit-Position: refs/heads/master@{#32202}
2015-11-24 11:32:43 +00:00
machenbach
8cd3cf2972 [release] Add monitoring state to auto-roller json output.
The option --json-output will make the auto-roller dump a
json file with a monitoring_state key. This can be one of:
started, up_to_date, success.

BUG=chromium:559141
LOG=n
NOTRY=true

Review URL: https://codereview.chromium.org/1465413002

Cr-Commit-Position: refs/heads/master@{#32201}
2015-11-24 11:00:16 +00:00
yangguo
2755c5a1b1 Implement xorshift128+ for Math.random.
BUG=v8:4566
LOG=N

Review URL: https://codereview.chromium.org/1464303002

Cr-Commit-Position: refs/heads/master@{#32200}
2015-11-24 10:59:31 +00:00
machenbach
86bd2b3c23 Revert of Disable non-standard Promise functions in staging (patchset #5 id:80001 of https://codereview.chromium.org/1469543003/ )
Reason for revert:
[Sheriff] This breaks ignition on arm sim debug:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm%20-%20sim%20-%20debug/builds/5317

Seems to not be caught by the cq bot that builds release with dchecks.

Original issue's description:
> Disable non-standard Promise functions in staging
>
> This patch removes Promise functions and methods which are absent
> from the ES2015 specification when the --es-staging flag is on.
>
> BUG=v8:3237
> R=rossberg
> LOG=Y
>
> Committed: https://crrev.com/941251af7e04d50ac2243da2870249a42111221a
> Cr-Commit-Position: refs/heads/master@{#32194}

TBR=rossberg@chromium.org,littledan@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3237

Review URL: https://codereview.chromium.org/1473603002

Cr-Commit-Position: refs/heads/master@{#32199}
2015-11-24 10:58:03 +00:00
bmeurer
09fb5686e6 [turbofan] Properly recognize and optimize comparisons with the_hole.
We use comparisons with the_hole to implement temporal dead zones, so we
should also optimize those, as they currently turn into CompareIC calls.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1473593002

Cr-Commit-Position: refs/heads/master@{#32198}
2015-11-24 10:15:53 +00:00
zhengxing.li
4620a235bf X87: [builtins] Sanitize the machinery around Construct calls.
port 374b6ea210 (r32172)

  original commit message:
  There's no point in collecting feedback for super constructor calls,
  because in all (interesting) cases we can gather (better) feedback from
  other sources (i.e. via inlining or via using a LOAD_IC to get to the
  [[Prototype]] of the target).  So CallConstructStub is now only used
  for new Foo(...args) sites where we want to collect feedback in the
  baseline compiler.  The optimizing compilers, Reflect.construct and
  super constructor calls use the Construct builtin directly, which allows
  us to remove some weird code from the CallConstructStub (and opens the
  possibility for more code sharing with the CallICStub, maybe even going
  for a ConstructICStub).

  Also remove the 100% redundant HCallNew instruction, which is just a
  wrapper for the Construct builtin anyway (indirectly via the
  CallConstructStub).

  Drive-by-fix: Drop unused has_function_cache bit on Code objects.

BUG=

Review URL: https://codereview.chromium.org/1471193002

Cr-Commit-Position: refs/heads/master@{#32197}
2015-11-24 09:53:46 +00:00
neis
e3c1cd84a4 [proxies] Use internalized strings for trap names.
R=rossberg
BUG=

Review URL: https://codereview.chromium.org/1468373002

Cr-Commit-Position: refs/heads/master@{#32196}
2015-11-24 09:45:00 +00:00
ishell
4dcba71de7 Allow in-object properties in JSFunctions.
This CL also fixes HeapObject::IterateFast() and HeapObject::IterateBodyFast().

BUG=v8:4531
LOG=Y

Review URL: https://codereview.chromium.org/1469883002

Cr-Commit-Position: refs/heads/master@{#32195}
2015-11-24 08:55:25 +00:00
littledan
941251af7e Disable non-standard Promise functions in staging
This patch removes Promise functions and methods which are absent
from the ES2015 specification when the --es-staging flag is on.

BUG=v8:3237
R=rossberg
LOG=Y

Review URL: https://codereview.chromium.org/1469543003

Cr-Commit-Position: refs/heads/master@{#32194}
2015-11-24 08:51:54 +00:00
machenbach
5aff14adfd [release] Merge auto-roll and wrapped chromium-roll scripts.
This replaces chromium_roll and the wrapper auto_roll with
just auto_roll. The arguments for the revision to roll and
the last rolled revision are optional and will be
auto-detected (this feature is from the wrapper).

Checking the cq box is default now (as in the wrapper).

BUG=chromium:559141
LOG=n
NOTRY=true

Review URL: https://codereview.chromium.org/1468973002

Cr-Commit-Position: refs/heads/master@{#32193}
2015-11-24 08:39:34 +00:00
zhengxing.li
84010cb2c7 X87: Make arguments adaptor not clobber new.target.
port c1e7c8d972 (r32171)

  original commit message:
  This ensures that the ArgumentsAdaptorTrampoline does not clobber the
  new.target value, but rather passes it through to the callee unaltered.
  Note that callees do not yet use the new.target value so far.

  This is a preparatory CL to allows us passing new.target in a register
  instead of via a side-channel through the construct stub frame.

BUG=

Review URL: https://codereview.chromium.org/1475523002

Cr-Commit-Position: refs/heads/master@{#32192}
2015-11-24 07:03:45 +00:00
bmeurer
e39050473f [turbofan] Initial support for inline allocations of arrays.
Add support for using inline allocations for arrays in lowering of
JSCreateArray when target equals new.target.  Currently we are only
concerend with the straight-forward Array() and Array(length) cases,
but at some point TurboFan should also be able to support the more
complex initializing cases.

R=mvstanton@chromium.org
BUG=v8:4470
LOG=n

Review URL: https://codereview.chromium.org/1465203002

Cr-Commit-Position: refs/heads/master@{#32191}
2015-11-24 07:02:55 +00:00
v8-autoroll
d705e1abc7 Update V8 DEPS.
Rolling v8/tools/clang to 71b766acbd4f2dbe860bcb57c003eba006244ae9

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review URL: https://codereview.chromium.org/1468333002

Cr-Commit-Position: refs/heads/master@{#32190}
2015-11-24 06:33:44 +00:00
littledan
70177a817c Revert of [Intl] create new instances when new.target is undefined (patchset #2 id:20001 of https://codereview.chromium.org/1440593003/ )
Reason for revert:
This breaks backwards compatibility by disallowing call. Web application authors have noticed the breakage. https://github.com/tc39/ecma402/issues/57

Original issue's description:
> [Intl] create new instances when new.target is undefined
>
> BUG=v8:4360
> LOG=N
> R=littledan@chromium.org
>
> Committed: https://crrev.com/fa9c39eeadd8e692af03b024fe2fdcf94ad0da6b
> Cr-Commit-Position: refs/heads/master@{#31971}

TBR=caitpotter88@gmail.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4360

Review URL: https://codereview.chromium.org/1473493003

Cr-Commit-Position: refs/heads/master@{#32189}
2015-11-24 01:54:59 +00:00
adamk
2ea7f3c869 [es6] Fix parsing of 'yield' in function and generator expressions
In a function expression, 'yield' is allowed, even if the expression
occurs inside a generator. Similarly, even in a non-generator,
a generator expression's name must not be 'yield'.

BUG=v8:3983
LOG=n

Review URL: https://codereview.chromium.org/1460393003

Cr-Commit-Position: refs/heads/master@{#32188}
2015-11-23 21:34:30 +00:00
gdeepti
21a7a1069f Implement type check and error raising semantics in SIMD runtime functions.
- Throw type errors instead of runtime asserts.
 - Also required for SIMD tests ported to Test262 to work with V8

BUG=4501

LOG=N

Review URL: https://codereview.chromium.org/1461823003

Cr-Commit-Position: refs/heads/master@{#32187}
2015-11-23 21:25:04 +00:00
mbrandy
fe14ba45d6 PPC: [builtins] Sanitize the machinery around Construct calls.
Port 374b6ea210

Original commit message:
    There's no point in collecting feedback for super constructor calls,
    because in all (interesting) cases we can gather (better) feedback from
    other sources (i.e. via inlining or via using a LOAD_IC to get to the
    [[Prototype]] of the target).  So CallConstructStub is now only used
    for new Foo(...args) sites where we want to collect feedback in the
    baseline compiler.  The optimizing compilers, Reflect.construct and
    super constructor calls use the Construct builtin directly, which allows
    us to remove some weird code from the CallConstructStub (and opens the
    possibility for more code sharing with the CallICStub, maybe even going
    for a ConstructICStub).

    Also remove the 100% redundant HCallNew instruction, which is just a
    wrapper for the Construct builtin anyway (indirectly via the
    CallConstructStub).

    Drive-by-fix: Drop unused has_function_cache bit on Code objects.

R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:4413, v8:4430
LOG=n

Review URL: https://codereview.chromium.org/1471623005

Cr-Commit-Position: refs/heads/master@{#32186}
2015-11-23 20:05:28 +00:00
mbrandy
ee72c4079c PPC: [stubs] Change CallICStub to utilize the ConvertReceiverMode.
Port d80fd48e5d

Original commit message:
    The CallICStub has call-site specific knowledge about the receiver,
    which we did not utilize; plus the CallICStub does in some case know
    whether it is about to [[Call]] a function or potentially some other
    callable. In the common case we actually know that the target is a
    function and so we can use the CallFunction builtin directly instead
    of redispatching in the Call builtin.

R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=chromium:555127, v8:4413
LOG=n

Review URL: https://codereview.chromium.org/1471823002

Cr-Commit-Position: refs/heads/master@{#32185}
2015-11-23 20:01:22 +00:00
mbrandy
395884deb7 PPC: Make arguments adaptor not clobber new.target.
Port c1e7c8d972

Original commit message:
    This ensures that the ArgumentsAdaptorTrampoline does not clobber the
    new.target value, but rather passes it through to the callee unaltered.
    Note that callees do not yet use the new.target value so far.

    This is a preparatory CL to allows us passing new.target in a register
    instead of via a side-channel through the construct stub frame.

R=mstarzinger@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1467923004

Cr-Commit-Position: refs/heads/master@{#32184}
2015-11-23 18:45:28 +00:00
mbrandy
1d1557d8fd PPC: [turbofan]: Implement tail calls with more callee than caller parameters
Port c6d310da4d

Original commit message:
    * Adds a PrepareForTailCall instruction that bumps the stack in the case that
      the number of parameters passed to the callee causes the stack to exceed the
      calleer's frame size.
    * Uses the gap resolver to move the saved caller return address and frame
      pointer to the approprate location in the tail-called frame.

R=danno@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:4076
LOG=n

Review URL: https://codereview.chromium.org/1460183003

Cr-Commit-Position: refs/heads/master@{#32183}
2015-11-23 15:32:18 +00:00
mbrandy
07b5084962 PPC: Fix object initialization when slack tracking for it's map is still enabled.
Port 2fc2cb99f5

Original commit message:
    The old code was not ready for properly initialize objects with non
    standard headers and non zero in-object properties number.

    MacroAssembler::Allocate() implementations now return both start and
    end addresses of the new object (done by parameter renaming).

R=ishell@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1472473003

Cr-Commit-Position: refs/heads/master@{#32182}
2015-11-23 15:09:57 +00:00
mbrandy
bc5e7fc335 PPC: [turbofan] Implemented the TruncateFloat64ToUint64 TurboFan operator.
Port f6e689cebb

Original commit message:
    The TruncateFloat64ToUint64 operator converts a float64 to an uint64 using
    round-to-zero rounding mode (truncate). If the input value is outside uint64
    range, then the result depends on the architecture.

R=ahaas@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1460093002

Cr-Commit-Position: refs/heads/master@{#32181}
2015-11-23 15:04:00 +00:00
mbrandy
8ced019a59 PPC: [runtime] Introduce a proper %NewArray runtime entry.
Port ceade6cf23

Original commit message:
    This adds a new %NewArray runtime entry, which constructs a new JSArray
    and does the subclassing correctly (to the same degree that %NewObject
    does currently), and also deals properly with the AllocationSite
    feedback mechanism. This runtime entry will be used by TurboFan and is
    also used as a fallback in the subclassing case in the stub currently.

R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:3101, v8:3330
LOG=n

Review URL: https://codereview.chromium.org/1466943002

Cr-Commit-Position: refs/heads/master@{#32180}
2015-11-23 15:00:01 +00:00
bmeurer
902f264a57 [turbofan] Teach ad-hoc load elimination about atomic regions.
The LoadElimination in TurboFan can look into the atomic regions and
elimination subsequent loads based on stores/allocations in that atomic
regions.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1472703005

Cr-Commit-Position: refs/heads/master@{#32179}
2015-11-23 14:43:58 +00:00
jochen
3b3413442f Some missed three Isolate::Current calls... delete them anyway
BUG=2487
R=yangguo@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1466323002

Cr-Commit-Position: refs/heads/master@{#32178}
2015-11-23 13:48:26 +00:00
bmeurer
a61a6f9998 [turbofan] Allow to consume feedback on CallConstruct.
Add an eager deoptimization location for JSCallConstruct and adapt the
JSCallReducer to consume target feedback for construction sites (only
applies to explicit new F(...args) not the super constructor calls).
Also recognize the new Array(...args) constructs with only target
feedback.

R=jarin@chromium.org
BUG=v8:4470
LOG=n

Review URL: https://codereview.chromium.org/1467173002

Cr-Commit-Position: refs/heads/master@{#32177}
2015-11-23 13:34:29 +00:00
jochen
0da1a0c068 Remove v8::i::Isolate::Current from cctests
BUG=2487
R=yangguo@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1468943002

Cr-Commit-Position: refs/heads/master@{#32176}
2015-11-23 12:38:33 +00:00
jarin
6fb0f56351 [turbofan] Simplify representations selection for phi.
Review URL: https://codereview.chromium.org/1467193002

Cr-Commit-Position: refs/heads/master@{#32175}
2015-11-23 12:31:57 +00:00
jarin
134869fd24 [turbofan] Further simplify representation inference for NumberTo(U)int32.
Review URL: https://codereview.chromium.org/1471723002

Cr-Commit-Position: refs/heads/master@{#32174}
2015-11-23 12:30:24 +00:00
hpayer
78174a426d Revert of [heap] Preserve optimized code maps accross GCs. (patchset #1 id:1 of https://codereview.chromium.org/1430293002/ )
Reason for revert:
Janks finalization of full GC.

Original issue's description:
> [heap] Preserve optimized code maps accross GCs.
>
> This disables the eager flushing of optimized code maps during full GCs
> and instead treats entries in those tables weakly by default. Note that
> for now entries are removed when one of its components dies.
>
> R=mvstanton@chromium.org
>
> Committed: https://crrev.com/7a1377aab2ba4e2c9a7d422b51f645cbbaec10c7
> Cr-Commit-Position: refs/heads/master@{#32045}

TBR=mvstanton@chromium.org,mstarzinger@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1467213002

Cr-Commit-Position: refs/heads/master@{#32173}
2015-11-23 12:07:44 +00:00
bmeurer
374b6ea210 [builtins] Sanitize the machinery around Construct calls.
There's no point in collecting feedback for super constructor calls,
because in all (interesting) cases we can gather (better) feedback from
other sources (i.e. via inlining or via using a LOAD_IC to get to the
[[Prototype]] of the target).  So CallConstructStub is now only used
for new Foo(...args) sites where we want to collect feedback in the
baseline compiler.  The optimizing compilers, Reflect.construct and
super constructor calls use the Construct builtin directly, which allows
us to remove some weird code from the CallConstructStub (and opens the
possibility for more code sharing with the CallICStub, maybe even going
for a ConstructICStub).

Also remove the 100% redundant HCallNew instruction, which is just a
wrapper for the Construct builtin anyway (indirectly via the
CallConstructStub).

Drive-by-fix: Drop unused has_function_cache bit on Code objects.

R=mstarzinger@chromium.org, yangguo@chromium.org
BUG=v8:4413, v8:4430
LOG=n

Review URL: https://codereview.chromium.org/1469793002

Cr-Commit-Position: refs/heads/master@{#32172}
2015-11-23 10:34:42 +00:00
mstarzinger
c1e7c8d972 Make arguments adaptor not clobber new.target.
This ensures that the ArgumentsAdaptorTrampoline does not clobber the
new.target value, but rather passes it through to the callee unaltered.
Note that callees do not yet use the new.target value so far.

This is a preparatory CL to allows us passing new.target in a register
instead of via a side-channel through the construct stub frame.

R=mvstanton@chromium.org
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1458103003

Cr-Commit-Position: refs/heads/master@{#32171}
2015-11-23 09:55:31 +00:00
ulan
4ef29b1adf Refactor dependent code.
This simplifies the layout of dependent code array and optimizes it for sparse dependency groups.

BUG=chromium:554488
LOG=NO

Review URL: https://codereview.chromium.org/1435313002

Cr-Commit-Position: refs/heads/master@{#32170}
2015-11-23 09:30:27 +00:00
machenbach
71962e8c8a [release] Remove unused sheriff feature from auto-roller.
BUG=chromium:559141
LOG=n
NOTRY=true

Review URL: https://codereview.chromium.org/1466233002

Cr-Commit-Position: refs/heads/master@{#32169}
2015-11-23 09:19:49 +00:00
machenbach
f39d1cd4aa [test] Switch off perf data feature on swarming.
The feature sometimes prevents subsequent swarming bots to
delete the work directory on windows.

The data file is not kept on swarming bots anyways, therefore
this switches off the feature completely.

BUG=chromium:535160
LOG=n

Review URL: https://codereview.chromium.org/1468933002

Cr-Commit-Position: refs/heads/master@{#32168}
2015-11-23 09:11:17 +00:00
zhengxing.li
a0ce839241 X87: [stubs] Change CallICStub to utilize the ConvertReceiverMode.
port d80fd48e5d (r32163)

  original commit message:
  The CallICStub has call-site specific knowledge about the receiver,
  which we did not utilize; plus the CallICStub does in some case know
  whether it is about to [[Call]] a function or potentially some other
  callable. In the common case we actually know that the target is a
  function and so we can use the CallFunction builtin directly instead
  of redispatching in the Call builtin.

BUG=

Review URL: https://codereview.chromium.org/1467123002

Cr-Commit-Position: refs/heads/master@{#32167}
2015-11-23 08:57:55 +00:00
zhengxing.li
fb633b0cc4 X87: Adopt the fix of the sqrt precision issue from TurboFan to CrankShaft.
port 4e00456471 (r31625)

  original commit message:
  X87: Fix the sqrt precision issue.

    In order to resolve the sqrt precision issue described in https://codereview.chromium.org/1425763002/.
    we change the implementation of CreateSqrtFunction() implementation of X87 so that the optimize compiler
    and full-compiler implementation are unified.

BUG=

Review URL: https://codereview.chromium.org/1470793004

Cr-Commit-Position: refs/heads/master@{#32166}
2015-11-23 08:51:17 +00:00
jochen
d9d603c556 Inline Isolate::UncheckedCurrent into isolate.cc
BUG=2487
R=yangguo@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1467973002

Cr-Commit-Position: refs/heads/master@{#32165}
2015-11-23 08:45:07 +00:00
jochen
c7aace4d43 Remove a bunch of Isolate::Current() callsites from simulators
BUG=2487
R=ulan@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1457223005

Cr-Commit-Position: refs/heads/master@{#32164}
2015-11-23 08:10:06 +00:00
bmeurer
d80fd48e5d [stubs] Change CallICStub to utilize the ConvertReceiverMode.
The CallICStub has call-site specific knowledge about the receiver,
which we did not utilize; plus the CallICStub does in some case know
whether it is about to [[Call]] a function or potentially some other
callable. In the common case we actually know that the target is a
function and so we can use the CallFunction builtin directly instead
of redispatching in the Call builtin.

BUG=chromium:555127, v8:4413
LOG=n

Review URL: https://codereview.chromium.org/1470803002

Cr-Commit-Position: refs/heads/master@{#32163}
2015-11-23 06:42:27 +00:00
zhengxing.li
8dda6ee726 X87: [turbofan]: Implement tail calls with more callee than caller parameters.
port c6d310da4d (r32151)

  original commit message:
  * Adds a PrepareForTailCall instruction that bumps the stack in the case that
    the number of parameters passed to the callee causes the stack to exceed the
    calleer's frame size.
  * Uses the gap resolver to move the saved caller return address and frame
    pointer to the approprate location in the tail-called frame.

BUG=

Review URL: https://codereview.chromium.org/1472703002

Cr-Commit-Position: refs/heads/master@{#32162}
2015-11-23 03:30:45 +00:00
zhengxing.li
d23330d496 X87: Fix object initialization when slack tracking for it's map is still enabled.
port 2fc2cb99f5 (r32144)

  original commit message:
  The old code was not ready for properly initialize objects with non standard headers and non zero in-object properties number.

  MacroAssembler::Allocate() implementations now return both start and end addresses of the new object (done by parameter renaming).

BUG=

Review URL: https://codereview.chromium.org/1467923002

Cr-Commit-Position: refs/heads/master@{#32161}
2015-11-23 03:17:28 +00:00
zhengxing.li
ea1d0a61be X87: [runtime] Introduce a proper %NewArray runtime entry.
port ceade6cf23 (r32131)

  original commit message:
  This adds a new %NewArray runtime entry, which constructs a new JSArray
  and does the subclassing correctly (to the same degree that %NewObject
  does currently), and also deals properly with the AllocationSite
  feedback mechanism. This runtime entry will be used by TurboFan and is
  also used as a fallback in the subclassing case in the stub currently.

BUG=

Review URL: https://codereview.chromium.org/1462283003

Cr-Commit-Position: refs/heads/master@{#32160}
2015-11-23 03:16:00 +00:00
jarin
9ea551aa45 [turbofan] Simplify lowering of number addition.
Review URL: https://codereview.chromium.org/1471533002

Cr-Commit-Position: refs/heads/master@{#32159}
2015-11-22 13:45:52 +00:00