Port ccbb4ff00f
Original commit message:
The new Call and CallFunction builtins supersede the current
CallFunctionStub (and CallIC magic) and will be the single bottleneck
for all calling, including the currently special Function.prototype.call
and Function.prototype.apply builtins, which had handwritten (and
not fully compliant) versions of CallFunctionStub, and also the
CallIC(s), which where also slightly different.
This also reduces the overhead for API function calls, which is still
unnecessary high, but let's do that step-by-step.
This also fixes a bunch of cases where the implicit ToObject for
sloppy receivers was done in the wrong context (in the caller
context instead of the callee context), which basically meant
that we allowed cross context access to %ObjectPrototype%.
MIPS and MIPS64 ports contributed by akos.palfi@imgtec.com.
R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, dstence@us.ibm.com
BUG=v8:4413
LOG=n
Review URL: https://codereview.chromium.org/1327093002
Cr-Commit-Position: refs/heads/master@{#30656}
Port db2ba190db
Original commit message:
The semantics of the %_CallFunction intrinsic seem to be very unclear,
which resulted in a lot of bugs. Especially the combination with
%IsSloppyModeFunction is always a bug, because the receiver would be
wrapped in the wrong context. So the %IsSloppyModeFunction helper is
gone now, and many of the buggy uses of %_CallFunction are also
eliminated.
If you ever need to call something with a different receiver, then
%_Call is your friend now. It does what you want and implements the
call sequence fully (and correct).
R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, dstence@us.ibm.com
BUG=v8:4413
LOG=n
Review URL: https://codereview.chromium.org/1310303008
Cr-Commit-Position: refs/heads/master@{#30655}
This makes the C++ fallback implementations for the two intrinsics,
%Arguments and %ArgumentsLength composable with respect to inlining.
Using deoptimization information gives us accurate data here.
R=bmeurer@chromium.org
TEST=mjsunit/regress/regress-4374
BUG=v8:4374
LOG=n
Review URL: https://codereview.chromium.org/1328363002
Cr-Commit-Position: refs/heads/master@{#30654}
Port ba7b641398
Original commit message:
This CL makes do with a single dispatcher which inlines the special handling for the Array() call case, loading the allocation site found in the vector and calling the array constructor stub appropriately.
BUG=
Review URL: https://codereview.chromium.org/1324093005
Cr-Commit-Position: refs/heads/master@{#30653}
The number of actual arguments should always be available, there's no
point in trying to optimize away a simple assignment of an immediate to
a register before some calls.
The main motivation is to have a consistent state at the beginning of every
function. Currently the arguments register (i.e. rax or eax) either contains
the number of arguments or some random garbage depending on whether
the callsite decided that the callee might need the information or not.
This causes trouble with runtime implementations of functions that
do not set internal_formal_parameter_count to the DontAdaptArguments
sentinel (we don't have any of those yet), but also makes it impossible
to sanity check the arguments in the callee, because the callee doesn't
know whether the caller decided to pass the number of arguments or
random garbage.
BUG=v8:4413
LOG=n
Review URL: https://codereview.chromium.org/1330033002
Cr-Commit-Position: refs/heads/master@{#30648}
For simulator optimization we modified Instruction::InstructionType() function so a simpler but less complete InstructionType() function used by default. This fix enables the full InstructionType checking to properly decode a dd-constant label as unsupported opcode, rather than aborting.
BUG=chromium:528875
LOG=NO
Review URL: https://codereview.chromium.org/1314673010
Cr-Commit-Position: refs/heads/master@{#30644}
Porting mistake in ccbb4ff0 '[builtins] Unify the various versions of [[Call]]
with a Call builtin.', which only showed as debug assertion in later commit
db2ba190 '[runtime] Replace many buggy uses of %_CallFunction with %_Call.'
Use temporary register rather than push/pop of 'object' register.
BUG=
TEST=cctest/test-api/SetFunctionEntryHook, cctest/test-serialize/PerIsolateSnapshotBlobs, ...
Review URL: https://codereview.chromium.org/1309163006
Cr-Commit-Position: refs/heads/master@{#30643}
This moves incremental marking steps from gc-idle-time-handler and heap to the new incremental marking task.
BUG=chromium:490559
LOG=NO
Review URL: https://codereview.chromium.org/1265423002
Cr-Commit-Position: refs/heads/master@{#30641}
- Modify js2c to accept --js and --nojs,
- modify mksnapshot to accept --startup_src
(instead of a positional parameter, so that it can be omitted),
- modify v8.gyp to use the above so that no target has multiple
output dependencies, and
- update GN to use the switches above.
(I have not succeeded in fixing the GYP->make translator to properly map
multi-output rules, so that they work as expected in all edge cases.
This CL signals defeat on that front, and instead I rewrite the GYP
file to avoid that situation in the first place.)
R=jochen@chromium.org
BUG=v8:4382
LOG=N
Review URL: https://codereview.chromium.org/1310273009
Cr-Commit-Position: refs/heads/master@{#30640}
When there is no explicit return we need to generate an implicit
return undefined.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1308693014
Cr-Commit-Position: refs/heads/master@{#30639}
This removes the DisallowAllocationFailure assertion scope which mostly
coincided with the AlwaysAllocateScope anyways. Access to the bitfield
in the Isolate was not synchronized and hence the AlwaysAllocateScope
was not thread-safe in debug mode, now it is.
R=mlippautz@chromium.org
Review URL: https://codereview.chromium.org/1319153006
Cr-Commit-Position: refs/heads/master@{#30637}
By using an InternArray for the pivot calculation we can get rid of yet
another %_CallFunction.
Review URL: https://codereview.chromium.org/1316673008
Cr-Commit-Position: refs/heads/master@{#30636}
This switches Isolate::ComputeLocation to use baseline code when
computing message locations. This unifies locations between optimized
and non-optimized code by always going through the FrameSummary for
location computation.
R=bmeurer@chromium.org
TEST=message/regress/regress-4266
BUG=v8:4266
LOG=n
Review URL: https://codereview.chromium.org/1331603002
Cr-Commit-Position: refs/heads/master@{#30635}
The semantics of the %_CallFunction intrinsic seem to be very unclear,
which resulted in a lot of bugs. Especially the combination with
%IsSloppyModeFunction is always a bug, because the receiver would be
wrapped in the wrong context. So the %IsSloppyModeFunction helper is
gone now, and many of the buggy uses of %_CallFunction are also
eliminated.
If you ever need to call something with a different receiver, then
%_Call is your friend now. It does what you want and implements the
call sequence fully (and correct).
BUG=v8:4413
LOG=n
Review URL: https://codereview.chromium.org/1325573004
Cr-Commit-Position: refs/heads/master@{#30634}
Before String.split only cached results if the seperator was found
BUG=v8:4191
LOG=N
Review URL: https://codereview.chromium.org/1308373005
Cr-Commit-Position: refs/heads/master@{#30632}
The new Call and CallFunction builtins supersede the current
CallFunctionStub (and CallIC magic) and will be the single bottleneck
for all calling, including the currently special Function.prototype.call
and Function.prototype.apply builtins, which had handwritten (and
not fully compliant) versions of CallFunctionStub, and also the
CallIC(s), which where also slightly different.
This also reduces the overhead for API function calls, which is still
unnecessary high, but let's do that step-by-step.
This also fixes a bunch of cases where the implicit ToObject for
sloppy receivers was done in the wrong context (in the caller
context instead of the callee context), which basically meant
that we allowed cross context access to %ObjectPrototype%.
MIPS and MIPS64 ports contributed by akos.palfi@imgtec.com.
R=mstarzinger@chromium.org, jarin@chromium.org, mvstanton@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg,v8_linux_nosnap_dbg
BUG=v8:4413
LOG=n
Committed: https://crrev.com/ef268a83be4dead004047c25b702319ea4be7277
Cr-Commit-Position: refs/heads/master@{#30627}
Review URL: https://codereview.chromium.org/1311013008
Cr-Commit-Position: refs/heads/master@{#30629}
Reason for revert:
Breaks nosnap, needs investigation
Original issue's description:
> [builtins] Unify the various versions of [[Call]] with a Call builtin.
>
> The new Call and CallFunction builtins supersede the current
> CallFunctionStub (and CallIC magic) and will be the single bottleneck
> for all calling, including the currently special Function.prototype.call
> and Function.prototype.apply builtins, which had handwritten (and
> not fully compliant) versions of CallFunctionStub, and also the
> CallIC(s), which where also slightly different.
>
> This also reduces the overhead for API function calls, which is still
> unnecessary high, but let's do that step-by-step.
>
> This also fixes a bunch of cases where the implicit ToObject for
> sloppy receivers was done in the wrong context (in the caller
> context instead of the callee context), which basically meant
> that we allowed cross context access to %ObjectPrototype%.
>
> MIPS and MIPS64 ports contributed by akos.palfi@imgtec.com.
>
> R=mstarzinger@chromium.org, jarin@chromium.org, mvstanton@chromium.org
> CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg
> BUG=v8:4413
> LOG=n
>
> Committed: https://crrev.com/ef268a83be4dead004047c25b702319ea4be7277
> Cr-Commit-Position: refs/heads/master@{#30627}
TBR=rmcilroy@chromium.org,jarin@chromium.org,mstarzinger@chromium.org,mvstanton@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4413
Review URL: https://codereview.chromium.org/1328963004
Cr-Commit-Position: refs/heads/master@{#30628}
The new Call and CallFunction builtins supersede the current
CallFunctionStub (and CallIC magic) and will be the single bottleneck
for all calling, including the currently special Function.prototype.call
and Function.prototype.apply builtins, which had handwritten (and
not fully compliant) versions of CallFunctionStub, and also the
CallIC(s), which where also slightly different.
This also reduces the overhead for API function calls, which is still
unnecessary high, but let's do that step-by-step.
This also fixes a bunch of cases where the implicit ToObject for
sloppy receivers was done in the wrong context (in the caller
context instead of the callee context), which basically meant
that we allowed cross context access to %ObjectPrototype%.
MIPS and MIPS64 ports contributed by akos.palfi@imgtec.com.
R=mstarzinger@chromium.org, jarin@chromium.org, mvstanton@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg
BUG=v8:4413
LOG=n
Review URL: https://codereview.chromium.org/1311013008
Cr-Commit-Position: refs/heads/master@{#30627}
This CL is a fix for c0c3d866fb (r30606).
In r30606, initialization of FPU implementation is not moved to prologue
generation correctly.
BUG=
Review URL: https://codereview.chromium.org/1317643009
Cr-Commit-Position: refs/heads/master@{#30626}
The is_*san flags are moving from the master build config file into this
.gni file. This patch will allow V8 to continue compiling when that change
is landed.
Review URL: https://codereview.chromium.org/1330713003
Cr-Commit-Position: refs/heads/master@{#30623}
This enables the general linter checking for "build/c++11" violations
during presubmit and instead marks the few known exceptions that we
allow explicitly.
R=jochen@chromium.org
Review URL: https://codereview.chromium.org/1317463007
Cr-Commit-Position: refs/heads/master@{#30621}
- Moving parts of ArrayConcat from builtins.cc to the ElementsAccessor
- Removing ArrayConcat Runtime Function
BUG=v8:4317
LOG=N
Review URL: https://codereview.chromium.org/1330483003
Cr-Commit-Position: refs/heads/master@{#30619}
This information can be used on the buildbot side to only
rebuild the failing target for bisection.
BUG=chromium:511215
LOG=n
NOTRY=true
Review URL: https://codereview.chromium.org/1313353006
Cr-Commit-Position: refs/heads/master@{#30617}
This clarifies a comments in the AstGraphBuilder that has led to
confusion about what "parameter index" refers to. The off-by-one is
confusing and a terribly phrased comment doesn't make it any better.
R=rmcilroy@chromium.org,oth@chromium.org
Review URL: https://codereview.chromium.org/1329043002
Cr-Commit-Position: refs/heads/master@{#30616}
Use AlignDown instead of IsAligned to avoid false negatives
on big endian platforms
Use byte with highest value to speedup search
BUG=
Review URL: https://codereview.chromium.org/1324803003
Cr-Commit-Position: refs/heads/master@{#30615}
port 3dc9b122fa (r30582).
original commit message:
Similar to DELETE, the IN builtin is just a thin wrapper for %HasElement
and %HasProperty anyway, and cannot be optimized, plus it had a weird
special fast case (which also involved at least one LOAD_IC plus some
intrinsic magic).
BUG=
Review URL: https://codereview.chromium.org/1325183003
Cr-Commit-Position: refs/heads/master@{#30613}
port 40fbed0609 (r30581)
original commit message:
The last changes for vector store functionality, they are in 3 areas:
1) The new vector [keyed] store code stubs - implementation.
2) IC and handler compiler adjustments
3) Odds and ends. A change in ast.cc, a test update, a small Oracle fix.
BUG=
Review URL: https://codereview.chromium.org/1311413007
Cr-Commit-Position: refs/heads/master@{#30612}
port 72bc4b5c8a (r30557)
original commit message:
Use a single JSIteratorResult type for all implementation provided
iterator results (i.e. the String, Array and collection iterators,
and also for generators). This removes one source of unnecessary
polymorphism in for-of loops. It is accomplished by a new intrinsic
%_CreateIterResultObject() that should be used to create iterator
result objects from JavaScript builtins (there's a matching factory
method for C++ code).
Also restructure the %StringIteratorPrototype%.next() and
%ArrayIteratorPrototype%.next() functions to be a bit more friendly
to optimizing compilers.
BUG=
Review URL: https://codereview.chromium.org/1331523002
Cr-Commit-Position: refs/heads/master@{#30610}
port 8a378f46d5 (r30552)
original commit message:
This turns the has_instance_call_handler bit on Map into an is_callable
bit, that matches the spec definition of IsCallable (i.e. instances have
[[Call]] internal methods).
Also fix the typeof operator to properly say "function" for everything
that is callable.
Also remove the (unused) premature %_GetPrototype optimization from
Crankshaft, which just complicated the Map bit swap.
BUG=
Review URL: https://codereview.chromium.org/1310653004
Cr-Commit-Position: refs/heads/master@{#30609}
