Commit Graph

9994 Commits

Author SHA1 Message Date
danno
c6d310da4d [turbofan]: Implement tail calls with more callee than caller parameters
* Adds a PrepareForTailCall instruction that bumps the stack in the case that
  the number of parameters passed to the callee causes the stack to exceed the
  calleer's frame size.
* Uses the gap resolver to move the saved caller return address and frame
  pointer to the approprate location in the tail-called frame.

BUG=v8:4076
LOG=n

Review URL: https://codereview.chromium.org/1455833004

Cr-Commit-Position: refs/heads/master@{#32151}
2015-11-20 15:04:30 +00:00
dusan.m.milosavljevic
40a501a26a MIPS: [turbofan] Add matching rule to use Nor instruction.
TEST=unittests/InstructionSelectorTest.Word32XorMinusOneWithWord32Or,
     Word64XorMinusOneWithWord64Or
BUG=

Review URL: https://codereview.chromium.org/1459723002

Cr-Commit-Position: refs/heads/master@{#32149}
2015-11-20 14:00:29 +00:00
jochen
9951a617d5 Remove usage of deprecated APIs from compiler/deopt test
BUG=4134
R=epertoso@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1458003006

Cr-Commit-Position: refs/heads/master@{#32146}
2015-11-20 12:56:26 +00:00
pan.deng
154ddde42b Support offset-TypedArray in futex API
BUG=v8:4555
LOG=N

Review URL: https://codereview.chromium.org/1462833002

Cr-Commit-Position: refs/heads/master@{#32142}
2015-11-20 11:40:00 +00:00
oth
a1ba971cd8 [Interpreter] Enable assignments in expressions.
This change introduces register re-mapping to avoid assignment hazards
in binary expressions. Expressions that cause problems typically have
the form y = x + (x = 4);. The problem occurs because the lhs value
evaluates to the register holding x. The rhs updates that register and
then applying the operation would use the new value as the lhs.

By tracking loads and stores in binary expressions the generator is now
able to detect when condition occurs and uses a temporary register for
the rhs value. When the binary expression evaluation is complete the
variable is updated with the latest temporary.

A new bytecode Mov performs this update without touching the
accumulator.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1412683011

Cr-Commit-Position: refs/heads/master@{#32141}
2015-11-20 11:17:54 +00:00
ahaas
a2449d4985 [turbofan] Renamed the ChangeFloat64ToInt64 operator to TruncateFloat64ToInt64.
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1458423002

Cr-Commit-Position: refs/heads/master@{#32139}
2015-11-20 09:47:31 +00:00
akos.palfi
76af78e412 MIPS: Fix disassembler test failures.
Don't generate FP64 mode specific instructions in FP32 mode.

TEST=cctest/test-disasm-mips/Type1,
     cctest/test-disasm-mips/CVT_DISSASM

BUG=

Review URL: https://codereview.chromium.org/1462803003

Cr-Commit-Position: refs/heads/master@{#32138}
2015-11-20 09:43:37 +00:00
jochen
6e13300c19 Remove usage of deprecated APIs from assembler tests
BUG=4134
R=epertoso@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1460193002

Cr-Commit-Position: refs/heads/master@{#32137}
2015-11-20 09:30:22 +00:00
oth
8cfa73ac38 [Interpreter] Add New, CallRuntime and CallJSRuntime support to BytecodeGraphBuilder.
Adds support for the New, CallRuntime and CallJSRuntime bytecodes in
BytecodeGraphBuilder. Also adds BuildLoadObjectField,
BuildLoadGlobalObject and BuildLoadNativeContextField helpers.

Landed on behalf of rmcilroy.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1456483002

Cr-Commit-Position: refs/heads/master@{#32136}
2015-11-20 09:25:41 +00:00
ahaas
f6e689cebb [turbofan] Implemented the TruncateFloat64ToUint64 TurboFan operator.
The TruncateFloat64ToUint64 operator converts a float64 to an uint64 using
round-to-zero rounding mode (truncate). If the input value is outside uint64
range, then the result depends on the architecture. I provide an implementation for x64 and arm64.

@v8-ppc-ports and @v8-mips-ports, can you do the implementations for ppc64 and mips64?

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1457373002

Cr-Commit-Position: refs/heads/master@{#32127}
2015-11-19 20:42:27 +00:00
kozyatinskiy
89e859fb2b [V8] Unify get function name for debugging purpose
Following logic is using for getting function name in JSFunction::GetDebugName:
1. if function has displayName and its type is string then use it
2. if function has defined property Function.name as value and its type string then use it
3. otherwise use SharedFunctionInfo::DebugName as functionName.

JSFunction::GetDebugName is exposed in V8 API and in FunctionMirror interface.

BUG=chromium:17356
R=yangguo@chromium.org,mstarzinger@chromium.org
LOG=Y

Review URL: https://codereview.chromium.org/1449473005

Cr-Commit-Position: refs/heads/master@{#32124}
2015-11-19 19:32:38 +00:00
ivica.bogosavljevic
ed600e5556 MIPS: Fixing failures in cctest/test-assembler-mips/CVT
Fixing failures in cctest/test-assembler-mips/CVT on Mips32R2 without
FP64 support

BUG=

Review URL: https://codereview.chromium.org/1459763003

Cr-Commit-Position: refs/heads/master@{#32121}
2015-11-19 16:39:58 +00:00
verwaest
469d9bfa8d Introduce a BuiltinsConstructStub that sets up new.target and does a [[call]] per ES6 9.3.2
BUG=

Review URL: https://codereview.chromium.org/1448933002

Cr-Commit-Position: refs/heads/master@{#32120}
2015-11-19 16:11:09 +00:00
mythria
4bb6e7c8c0 [Interpreter] Add support for keyed load / store ICs and named store IC to
bytecode graph builder

Adds implementation and tests for KeyedLoadIC, KeyedStoreIC and StoreIC to
bytecode graph builder.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1448913002

Cr-Commit-Position: refs/heads/master@{#32116}
2015-11-19 14:16:53 +00:00
yangguo
6980f1957d Do not use deprecated API in cctest/test-debug.
R=jochen@chromium.org

Review URL: https://codereview.chromium.org/1459783005

Cr-Commit-Position: refs/heads/master@{#32115}
2015-11-19 13:46:16 +00:00
mstarzinger
0227857d26 [turbofan] Make new.target explicit in JSCallDescriptor.
This adds an explicit parameter to the call descriptor having kind
kJSCallFunction representing the new.target value. Note that for now
this parameter is not yet passed in and hence cannot be used yet. Also
contains some refactoring of how parameter index value are calculated,
establishing Linkage as the central point for such index computations.

This is a preparatory CL to allows us passing new.target in a register
instead of via a side-channel through the construct stub frame.

R=bmeurer@chromium.org
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1461973002

Cr-Commit-Position: refs/heads/master@{#32112}
2015-11-19 12:48:25 +00:00
yangguo
eb25b8c54b Correctly parse new regexp flags in v8::RegExp::New.
R=ishell@chromium.org, verwaest@chromium.org

Review URL: https://codereview.chromium.org/1457883003

Cr-Commit-Position: refs/heads/master@{#32106}
2015-11-19 10:33:16 +00:00
mythria
a8e86c49ec [Interpreter] Add support for unary operators to bytecode graph builder.
Adds implementation and tests for LogicalNot, TypeOf and Delete operators
to bytecode graph builder.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1459543003

Cr-Commit-Position: refs/heads/master@{#32104}
2015-11-19 09:39:11 +00:00
jkummerow
6f0850c63d [proxies] Update Object.defineProperty/ies for JSProxies
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1456613002

Cr-Commit-Position: refs/heads/master@{#32103}
2015-11-19 09:21:46 +00:00
ahaas
ed570fac44 [turbofan] Implemented the ChangeFloat64ToInt64 TurboFan operator.
The ChangeFloat64ToInt64 operator changes the representation of a
float64 input value to int64 if the input value can be represented
exactly on int64. Otherwise the result is currently undefined.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1455983002

Cr-Commit-Position: refs/heads/master@{#32102}
2015-11-19 08:27:27 +00:00
bmeurer
3c9ac974f2 [turbofan] Unstable prototype maps are not supported currently.
We currently assume that all prototype maps are stable, which is
not guaranteed for certain keyed access patterns. So we explicitly
disallow optimizing the element access there for now.

BUG=chromium:557807, v8:4470
R=jarin@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1456973004

Cr-Commit-Position: refs/heads/master@{#32101}
2015-11-19 06:21:06 +00:00
adamk
7d1d978654 Rename destructuring flag to "--harmony-destructuring-bind"
This is in preparation for the addition of --harmony-destructuring-assignment.

BUG=v8:811
LOG=n

Review URL: https://codereview.chromium.org/1450193002

Cr-Commit-Position: refs/heads/master@{#32098}
2015-11-18 23:30:09 +00:00
bradnelson
0acb70baaf Fix multiple return statements in typing-asm, cleanup.
The last change to typing-asm broke non-final return statements.
Fixing this.

Finishing out a partially completed test that landed by mistake.

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-asm-validator
R=titzer@chromium.org,aseemgarg@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1453343003

Cr-Commit-Position: refs/heads/master@{#32096}
2015-11-18 19:48:00 +00:00
balazs.kilvady
c91bcf7192 MIPS: Fix trampoline pool handling in MacroAssembler::BranchShort() for r6.
BUG=chromium:555543
LOG=N

Review URL: https://codereview.chromium.org/1446343002

Cr-Commit-Position: refs/heads/master@{#32094}
2015-11-18 17:43:34 +00:00
ofrobots
0514fa204a [heap] make inline-allocation-observers precise
Now that we no longer require AllocationInfo::limit to be aligned [1], we can do
more accurate inline-allocation-observation. This lets us get notified when the
next allocation that crosses the step-size boundary is allocated.

Fixed the test-cases. They make significantly more sense now given the step
sizes and the number of times we get notifications. For example, with a step
size of 512, an allocation of 16kb results in 32 notifications instead of 30
now.

[1] https://codereview.chromium.org/1444883003

R=hpayer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1448913003

Cr-Commit-Position: refs/heads/master@{#32091}
2015-11-18 15:55:02 +00:00
mstarzinger
8a57c81b3a [turbofan] Fix CFI failures in BytecodeGraphBuilder unit test.
This fixes undefined behavior with the OpParameter helper in some of our
node matchers. There was a constness mismatch of the template parameter.

R=oth@chromium.org,mythria@chromium.org

Review URL: https://codereview.chromium.org/1453973004

Cr-Commit-Position: refs/heads/master@{#32087}
2015-11-18 14:16:10 +00:00
jkummerow
107699483d Fix PropertyDescriptor::ToObject
When adding properties to the result object, that object's prototype chain should be ignored.

Review URL: https://codereview.chromium.org/1458873002

Cr-Commit-Position: refs/heads/master@{#32085}
2015-11-18 13:56:51 +00:00
yangguo
5bcddae76f [crankshaft] only compile string index access with element key.
R=bmeurer@chromium.org
BUG=chromium:554831
LOG=N

Review URL: https://codereview.chromium.org/1455883004

Cr-Commit-Position: refs/heads/master@{#32084}
2015-11-18 13:53:34 +00:00
mstarzinger
279f2aad93 [turbofan] Fix deoptimization from array literal spread.
This fixes the array literal expression stack tracking in the presence
of spread expressions. Deoptimization within a spread expression was
borked.

R=bmeurer@chromium.org
TEST=mjsunit/regress/regress-deopt-in-array-literal-spread

Review URL: https://codereview.chromium.org/1455953002

Cr-Commit-Position: refs/heads/master@{#32079}
2015-11-18 11:45:41 +00:00
mlippautz
6c85c14845 Add lock-based unbounded queue
...based on the 2-lock algorithm by M. Scott and M. Michael (1992).

BUG=chromium:524425
LOG=N

Review URL: https://codereview.chromium.org/1448283004

Cr-Commit-Position: refs/heads/master@{#32078}
2015-11-18 10:54:13 +00:00
jarin
a9fa0498e1 [turbofan] Only infer signedness for Float64->Word32 representation change from the input type.
If the input type does not help us, we are conservative and truncate (rather than guessing signed).

Review URL: https://codereview.chromium.org/1455103002

Cr-Commit-Position: refs/heads/master@{#32075}
2015-11-18 10:02:33 +00:00
jochen
3e882ff1ea Remove deprecated APIs from two more tests
BUG=4134
R=epertoso@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1455603002

Cr-Commit-Position: refs/heads/master@{#32072}
2015-11-18 08:22:30 +00:00
neis
b270813388 [es6] Partially implement Reflect.ownKeys.
Proxies are not properly supported yet.

This is a reland of 1405243006.

TBR=rossberg@chromium.org

Review URL: https://codereview.chromium.org/1460563002

Cr-Commit-Position: refs/heads/master@{#32065}
2015-11-18 00:52:50 +00:00
pan.deng
81fe5b3c45 Support SAB atomics for offset-TypedArray
BUG=497295
LOG=n

Review URL: https://codereview.chromium.org/1422533009

Cr-Commit-Position: refs/heads/master@{#32064}
2015-11-18 00:19:54 +00:00
dusan.m.milosavljevic
74145470dd MIPS: Enable logical shift right and bitwise And matching to Ext, Dext.
TEST=unittests/InstructionSelectorTest/Word32ShrWithWord32AndWithImmediate,
     Word32AndWithImmediateWithWord32Shr, Word64AndWithImmediateWithWord64Shr,
     Word64AndWithImmediateWithWord64Shr
BUG=

Review URL: https://codereview.chromium.org/1457523002

Cr-Commit-Position: refs/heads/master@{#32062}
2015-11-17 23:10:59 +00:00
dusan.m.milosavljevic
5d843f26a9 MIPS64: [turbofan] Combine untagging shifts with Mul, Div and Mod.
TEST=unittests/InstructionSelectorTest.CombineShiftsWithMul,
     InstructionSelectorTest.CombineShiftsWithDivMod
BUG=

Review URL: https://codereview.chromium.org/1444423002

Cr-Commit-Position: refs/heads/master@{#32061}
2015-11-17 22:52:54 +00:00
bradnelson
c1da268e5d Use asm style type names and improve asm typer.
The current typing-asm mishandles the relationship between
unsigned numbers and int. Restructuring and using type shortcuts
that approximate asm types.

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-asm-validator
R=titzer@chromium.org,aseemgarg@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1447133002

Cr-Commit-Position: refs/heads/master@{#32057}
2015-11-17 19:42:30 +00:00
akos.palfi
0403fd860c Fix gcc 4.9.2 signed-compare error.
BUG=

Review URL: https://codereview.chromium.org/1456543003

Cr-Commit-Position: refs/heads/master@{#32053}
2015-11-17 16:07:33 +00:00
caitpotter88
5bf360ef57 [es6] early error when Identifier is an escaped reserved word
Per http://tc39.github.io/ecma262/#sec-identifiers-static-semantics-early-errors (13.2.2),
make it a SyntaxError if an Identifier has the same StringValue as a ReservedWord.

BUG=v8:2222, v8:1972
LOG=N
R=adamk@chromium.org, rossberg@chromium.org, wingo@chromium.org

Review URL: https://codereview.chromium.org/1429983002

Cr-Commit-Position: refs/heads/master@{#32052}
2015-11-17 16:00:11 +00:00
mstarzinger
1321075391 [turbofan] Fix several OSR entries within literals.
With do-expressions any expression used within literals can turn into an
OSR entry-point. This means the literal object being constructed is then
renamed to an OSR value and needs to be reloaded from the environment.

R=rossberg@chromium.org
TEST=mjsunit/regress/regress-osr-in-literal

Review URL: https://codereview.chromium.org/1453733002

Cr-Commit-Position: refs/heads/master@{#32050}
2015-11-17 15:25:30 +00:00
oth
519df935a3 [Interpreter] Add support for global loads / stores / calls to BytecodeGraphBuilder.
Adds support for the LdaGlobal and StaGlobal bytecodes to the
BytecodeGraphBuilder. Also fixes a bug in the context node's parameter
index and start node inputs.

Landed on behalf of rmcilroy.

TBR=bmeuer@chromium.org,mythria@chromium.org
BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1449373002

Cr-Commit-Position: refs/heads/master@{#32049}
2015-11-17 15:07:15 +00:00
mstarzinger
0c1c80b2af [turbofan] Fix several OSR entries within class literals.
With do-expressions any expression used within literals can turn into an
OSR entry-point. This means the literal object being constructed is then
renamed to an OSR value and needs to be reloaded from the environment.

R=rossberg@chromium.org
TEST=mjsunit/regress/regress-osr-in-literal

Review URL: https://codereview.chromium.org/1452193003

Cr-Commit-Position: refs/heads/master@{#32048}
2015-11-17 14:51:35 +00:00
mstarzinger
f8a7236119 [turbofan] Fix several OSR entries within literals.
With do-expressions any expression used within literals can turn into an
OSR entry-point. This means the literal object being constructed is then
renamed to an OSR value and needs to be reloaded from the environment.

R=rossberg@chromium.org
TEST=mjsunit/regress/regress-osr-in-literal

Review URL: https://codereview.chromium.org/1451423002

Cr-Commit-Position: refs/heads/master@{#32047}
2015-11-17 14:25:30 +00:00
caitpotter88
24ff30b740 [es6] refactor Promise resolution
Several changes are included here:

1. Each resolution callback references shared data indicating whether
it has already been resolved or not, as described in 25.4.1.3
http://tc39.github.io/ecma262/#sec-createresolvingfunctions.
Previously this was handled exclusively by the Promise's status,
which does not work correctly with the current chaining behaviour.

2. During fulfillment, When a Promise is resolved with a thenable, the
spec chains the promises together by invoking the thenable's `then`
function with the original Promise's resolve and reject methods (per
section 25.4.2.2, or
http://tc39.github.io/ecma262/#sec-promiseresolvethenablejob, on the
next tick, regardless of whether or not there are pending tasks.

3. Adds a spec compliance fix to ensure that the Promise constructor
is only loaded once when `then()` is called, solving v8:4539 as well.
This involves refactoring PromiseChain to accept a constructor
argument. PromiseChain/PromiseDeferred will hopefully be removed soon,
simplifying the process.

BUG=v8:4162, v8:4539, v8:3237
LOG=N
R=rossberg@chromium.org, littledan@chromium.org, adamk@chromium.org

Review URL: https://codereview.chromium.org/1394463003

Cr-Commit-Position: refs/heads/master@{#32046}
2015-11-17 14:24:09 +00:00
yangguo
906903acb5 Experimental support for RegExp lookbehind.
R=erikcorry@chromium.org, littledan@chromium.org
BUG=v8:4545
LOG=N

Committed: https://crrev.com/37632606bbce1418238b13fd90cb6ef6705871cd
Cr-Commit-Position: refs/heads/master@{#32029}

Review URL: https://codereview.chromium.org/1418963009

Cr-Commit-Position: refs/heads/master@{#32043}
2015-11-17 13:33:34 +00:00
mvstanton
e75e625453 VectorICs: Remove --vector-stores flag.
BUG=

Review URL: https://codereview.chromium.org/1424153003

Cr-Commit-Position: refs/heads/master@{#32040}
2015-11-17 13:15:52 +00:00
jkummerow
9c35e4b23c [proxies] Wire up Object.getOwnPropertyDescriptor
using the new JSReceiver::GetOwnPropertyDescriptor implementation.

BUG=v8:1543
LOG=n
R=cbruni@chromium.org

Review URL: https://codereview.chromium.org/1451703003

Cr-Commit-Position: refs/heads/master@{#32037}
2015-11-17 13:08:51 +00:00
ahaas
914e221451 [tests] Cleanup of the RunRoundUint64ToFloat64 test.
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1450353002

Cr-Commit-Position: refs/heads/master@{#32036}
2015-11-17 13:07:31 +00:00
jochen
91769a6a96 Remove deprecated functions the smaller half of the remaing tests
BUG=4134
R=epertoso@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1449393002

Cr-Commit-Position: refs/heads/master@{#32035}
2015-11-17 12:42:44 +00:00
oth
e8ae8b34a5 [Interpreter] Add support for Call bytecode to bytecode graph builder.
Adds support for visiting the Call bytecode to the bytecode graph builder.
This change also adds the call type feedback slot to the Call bytecode.
This is not currently used by the interpreter, but is used by the
graph builder.

Also adds a CallWide varient of the Call bytecode, and adds the kCount16
operand type.

Landed on behalf of rmcilroy.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1456453002

Cr-Commit-Position: refs/heads/master@{#32033}
2015-11-17 12:18:53 +00:00
yangguo
5b2ae9d908 Revert of Experimental support for RegExp lookbehind. (patchset #18 id:340001 of https://codereview.chromium.org/1418963009/ )
Reason for revert:
gc stress breaks due to string_start_minus_one not being set correctly.

Original issue's description:
> Experimental support for RegExp lookbehind.
>
> R=erikcorry@chromium.org, littledan@chromium.org
> BUG=v8:4545
> LOG=N
>
> Committed: https://crrev.com/37632606bbce1418238b13fd90cb6ef6705871cd
> Cr-Commit-Position: refs/heads/master@{#32029}

TBR=littledan@chromium.org,erikcorry@chromium.org,erikcorry@google.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4545

Review URL: https://codereview.chromium.org/1451373003

Cr-Commit-Position: refs/heads/master@{#32032}
2015-11-17 11:55:21 +00:00
ahaas
2f7d6b46d0 Implemented the RoundUint64ToFloat32 TurboFan operator for x64, arm64,
and ppc64.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1438013003

Cr-Commit-Position: refs/heads/master@{#32031}
2015-11-17 11:52:05 +00:00
yangguo
37632606bb Experimental support for RegExp lookbehind.
R=erikcorry@chromium.org, littledan@chromium.org
BUG=v8:4545
LOG=N

Review URL: https://codereview.chromium.org/1418963009

Cr-Commit-Position: refs/heads/master@{#32029}
2015-11-17 11:15:06 +00:00
mythria
2acc2bc2a1 [Interpreter] Adds implementation of bytecode graph builder for LoadICSloppy/Strict.
Adds implementation and tests for following operators in bytecode graph builder:
-VisitLoadICSloppy
-VisitLoadICStrict
-VisitLoadICSloppyWide
-VisitLoadICStrictWide

The current implementation introduces empty frame states for frame state inputs expected by these operations.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1419373007

Cr-Commit-Position: refs/heads/master@{#32026}
2015-11-17 09:06:17 +00:00
jarin
a77f9179e0 [turbofan] Check for dead node in the common operator reducer.
BUG=chromium:556543
LOG=n

Review URL: https://codereview.chromium.org/1450883003

Cr-Commit-Position: refs/heads/master@{#32025}
2015-11-17 09:03:10 +00:00
bmeurer
e5edd66d07 [turbofan] Move JSCallFunction specialization to JSCallReducer.
This is the first part to refactoring the JSNativeContextSpecialization
class, which has grown way too big recently.

Also don't collect cross context feedback for the CallIC in general.
Neither TurboFan nor Crankshaft can make any use of cross context
JSFunction feedback that is collected by the CallIC, so there's no
point in gathering that feedback at all (it just complicates the
checking that is necessary in the compilers). What we should do
instead at some point (when Crankshaft becomes less important) is
to collect the SharedFunctionInfo as feedback for those cases.

R=yangguo@chromium.org
BUG=v8:4470
LOG=n

Review URL: https://codereview.chromium.org/1451273002

Cr-Commit-Position: refs/heads/master@{#32022}
2015-11-17 07:15:25 +00:00
adamk
20c0986f7b A few cleanups in test262.status
- Removed PASS/FAIL line for arrow/rest params test which should now pass.
- Moved soon-to-be-changed tests about built-in prototypes as plain objects
  to INVALID section (and noted that they'll be fixed with the
  next test262 roll).

R=littledan@chromium.org

Review URL: https://codereview.chromium.org/1450243002

Cr-Commit-Position: refs/heads/master@{#32020}
2015-11-17 05:44:12 +00:00
dusan.m.milosavljevic
9717fff12d MIPS64: Improve UInt32 to Double conversion.
TEST=
BUG=

Review URL: https://codereview.chromium.org/1446363002

Cr-Commit-Position: refs/heads/master@{#32018}
2015-11-16 23:24:19 +00:00
jochen
6ce7f90aba Map v8::Object to v8::internal::JSReceiver
BUG=none
R=verwaest@chromium.org,rossberg@chromium.org,bmeurer@chromium.org,neis@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/1413463006

Cr-Commit-Position: refs/heads/master@{#32014}
2015-11-16 16:48:54 +00:00
jochen
3cf6e040c4 Mark cctests that don't use deprecated APIs as such
BUG=4134
R=epertoso@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1451733002

Cr-Commit-Position: refs/heads/master@{#32011}
2015-11-16 16:45:31 +00:00
yangguo
436103e077 Skip test-heap/TestSizeOfRegExpCode on mips64.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/1448803003

Cr-Commit-Position: refs/heads/master@{#32008}
2015-11-16 14:36:32 +00:00
ahaas
dffecf31fc [turbofan] Added the optional Float64RoundTiesEven operator to turbofan.
The TiesEven rounding mode rounds float64 numbers to the nearest
integer. If there are two nearest integers, then the number is rounded
to the even one.  This is the default rounding mode according to
IEEE~754.

I implemented the operator on ia32, x64, arm, arm64, mips, and mips64.

I think there is a bug in the current implementation of the ppc
simulator, which kept me from implementing the operator on ppc.
According to my understanding of the ppc instruction manual, the FRIN
instruction provides the right behavior for Float64RoundTiesEven. In the
simulator, however, FRIN provides a different semantics. If there are
two nearest integers, then the simulator returns the one which is
further away form 0.

Review URL: https://codereview.chromium.org/1440293002

Cr-Commit-Position: refs/heads/master@{#32005}
2015-11-16 11:31:40 +00:00
ahaas
1389b9f53c [turbofan] Added the optional Float64RoundUp operator to turbofan.
I implemented it on x64, ia32, arm, arm64, mips, mips64, and ppc.

Review URL: https://codereview.chromium.org/1444583002

Cr-Commit-Position: refs/heads/master@{#32004}
2015-11-16 10:37:44 +00:00
paul.lind
2058991122 Fix gcc 4.9.2 signed-compare error.
From 60e7ea8a99 / https://codereview.chromium.org/1409993012

BUG=

Review URL: https://codereview.chromium.org/1442143003

Cr-Commit-Position: refs/heads/master@{#31999}
2015-11-15 12:48:19 +00:00
mlippautz
60e7ea8a99 Add {CancelableTaskManager} to handle {Cancelable} concurrent tasks.
This change binds each {Cancelable} task to a so-called {CancelableTaskManager},
which is then used to handle concurrent cancelation as well as synchronizing
shutdown for already running tasks.  Since ownership of tasks is transferred to
the platform executing a task (destructor), handling in the manager uses integer
ids. Note that this also mitigates (modulo integer size) the ABA problem.

All handling of {Cancelable} tasks is now encapsulated into the corresponding
manager, which is instantiated for each isolate.

R=hpayer@chromium.org
BUG=chromium:524425
LOG=N
CQ_EXTRA_TRYBOTS=tryserver.v8:v8_linux_arm64_gc_stress_dbg;tryserver.v8:v8_linux_gc_stress_dbg;tryserver.v8:v8_mac_gc_stress_dbg;tryserver.v8:v8_linux64_msan_rel;tryserver.v8:v8_linux64_tsan_rel;tryserver.v8:v8_mac64_asan_rel

Review URL: https://codereview.chromium.org/1409993012

Cr-Commit-Position: refs/heads/master@{#31997}
2015-11-14 01:20:14 +00:00
adamk
fd3ff03da2 Fix harmony sloppy block scoping dynamic redeclaration check
The previous code did not properly check for harmony const when
doing the dynamic redeclaration check. This was masked in the
test because each eval had an initializer, and the initializer was what
triggered the exception.

This patch tightens the test by removing initializers and fixes the bug in
DeclareLookupSlot.

Also change the test to use assertThrows where possible.

BUG=v8:4550
LOG=n

Review URL: https://codereview.chromium.org/1437003006

Cr-Commit-Position: refs/heads/master@{#31995}
2015-11-13 21:04:15 +00:00
adamk
e971005638 Run the materialized literal reindexer on default parameter initializers
R=rossberg@chromium.org
BUG=chromium:554865
LOG=n

Review URL: https://codereview.chromium.org/1442653004

Cr-Commit-Position: refs/heads/master@{#31989}
2015-11-13 17:11:05 +00:00
danno
ff283f7ded [turbofan] Better and more sane support for tail calls
* Limit triggering of tail calls to explicit use of a new inline runtime
  function %_TailCall. %_TailCall works just like %_Call except for using
  tail-calling mechanics (currently only in TF).
* Remove hack that recognized some specific usages of %_Call and converted them
  into tail calls.
* Support tail calls for all calls where the number of callee stack parameters
  is less than or equal to the number of caller stack parameters.
* Use the gap resolver to swizzle parameters and registers to tail calls.

BUG=v8:4076
LOG=n

Review URL: https://codereview.chromium.org/1439613003

Cr-Commit-Position: refs/heads/master@{#31987}
2015-11-13 16:08:30 +00:00
mstarzinger
c42f188ce2 [turbofan] Fix OSR entry in case label.
With do-expressions any expression used as a case label can turn into an
OSR entry-point. This means the value being switched over is renamed to
an OSR value and needs to be reloaded from the environment at each case.

R=rossberg@chromium.org
TEST=mjsunit/regress/regress-osr-in-case-label

Review URL: https://codereview.chromium.org/1438123007

Cr-Commit-Position: refs/heads/master@{#31986}
2015-11-13 16:05:28 +00:00
mythria
f665c823dd [Interpreter] Adds an optimization to remove redundant Ldar/Star.
Adds an optimization to omit generating Ldar/Star if the same register
is loaded or stored from the accumulator in the earlier instruction.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1435283002

Cr-Commit-Position: refs/heads/master@{#31984}
2015-11-13 14:15:35 +00:00
cbruni
24e058d0ed [runtime] support new Proxy() instead of Proxy.create and install getPrototypeOf trap
LOG=N
BUG=v8:1543

Review URL: https://codereview.chromium.org/1417063011

Cr-Commit-Position: refs/heads/master@{#31983}
2015-11-13 14:14:07 +00:00
mstarzinger
83e9ea1e49 [turbofan] Ensure inlined constructor calls still throw.
This makes sure that inlining a constructor call to a function which
cannot be used as a constructor (e.g. strong mode function) still does
throw correctly when the implicit receiver is created.

R=bmeurer@chromium.org
TEST=mjsunit/regress/regress-inline-strong-as-construct
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1447443002

Cr-Commit-Position: refs/heads/master@{#31982}
2015-11-13 14:05:48 +00:00
mstarzinger
83a6ab85cc [turbofan] Rename "original constructor" to "new target".
This aligns the naming of "new target" with the spec text throughout
TurboFan and the stack frame walker. The goal is to avoid unnecessary
confusion for people familiar with the spec.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/1442643002

Cr-Commit-Position: refs/heads/master@{#31978}
2015-11-13 11:53:38 +00:00
yangguo
a7e50a5e06 [JSON stringifier] Reintroduce fast path with bail out to slow path.
R=verwaest@chromium.org
BUG=chromium:554946
LOG=N

Review URL: https://codereview.chromium.org/1442963002

Cr-Commit-Position: refs/heads/master@{#31977}
2015-11-13 10:09:47 +00:00
jarin
95cb324adb [turbofan] Move simplified alloc, load and store lowering to change lowering.
This is necessary to allow more optimizations to take place between
the representation inference and change lowering. Perhaps we want
to rename SimplifiedLowering -> RepresentationInference and
ChangeLowering -> SimplifiedLowering.

Review URL: https://codereview.chromium.org/1439473003

Cr-Commit-Position: refs/heads/master@{#31976}
2015-11-13 08:12:14 +00:00
neis
69d218c03f [proxies] Remove "fix" functionality, add (still unused) target property.
BUG=

Review URL: https://codereview.chromium.org/1427743011

Cr-Commit-Position: refs/heads/master@{#31972}
2015-11-12 22:12:06 +00:00
caitpotter88
fa9c39eead [Intl] create new instances when new.target is undefined
BUG=v8:4360
LOG=N
R=littledan@chromium.org

Review URL: https://codereview.chromium.org/1440593003

Cr-Commit-Position: refs/heads/master@{#31971}
2015-11-12 21:46:24 +00:00
ahaas
71348aa2a0 [x64] Fixed a rounding error on x64 for the Uint64ToF64 conversion.
The least significant bit of the input value may affect the result of
the conversion through rounding. We OR the least significant with the
second least significant bit to preserve it over the SHR instruction.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1435203003

Cr-Commit-Position: refs/heads/master@{#31969}
2015-11-12 19:36:16 +00:00
yangguo
6df9a1db8c [JSON stringifier] Correctly load array elements.
BUG=chromium:554946
LOG=y
R=jkummerow@chromium.org, jochen@chromium.org

Review URL: https://codereview.chromium.org/1435083003

Cr-Commit-Position: refs/heads/master@{#31968}
2015-11-12 19:30:58 +00:00
mbrandy
f83b8a61cf Skip test-run-machops/RunComputedCodeObject on AIX and PPC64BE.
This test, as written, is invalid on platforms which use function
descriptors.

See https://codereview.chromium.org/1377423002/ for background.

R=mstarzinger@chromium.org, titzer@chromium.org, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1438803002

Cr-Commit-Position: refs/heads/master@{#31967}
2015-11-12 19:10:32 +00:00
mbrandy
59a0641820 Fix test-heap/LargeObjectSlotRecording.
Remove hard-coded assumption of large object size threshold.

This test fails on PPC in version 4.7 where the threshold is derived
directly from the allocator's pagesize.

R=hpayer@chromium.org, mstarzinger@chromium.org, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1440723002

Cr-Commit-Position: refs/heads/master@{#31963}
2015-11-12 14:33:19 +00:00
bmeurer
c55161bf16 [turbofan] Add support for %_IsSpecObject intrinsic lowering.
Now JSIntrinsicLowering can also lower %_IsSpecObject intrinsics to a
diamond.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1436943005

Cr-Commit-Position: refs/heads/master@{#31960}
2015-11-12 14:05:49 +00:00
bmeurer
c4e19c7d8d [turbofan] Lower JSCreate to an inline allocation in JSTypedLowering.
This adds initial support for fast inline allocations of JSObject
instances. It currently has exactly the same limitations as Crankshaft.

R=mstarzinger@chromium.org
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1441573004

Cr-Commit-Position: refs/heads/master@{#31957}
2015-11-12 12:57:32 +00:00
yangguo
ee9020ddd9 Serializer: attach alignment to deferred objects.
R=jkummerow@chromium.org
BUG=chromium:523919
LOG=N

Review URL: https://codereview.chromium.org/1440983002

Cr-Commit-Position: refs/heads/master@{#31956}
2015-11-12 11:28:31 +00:00
mstarzinger
bae4492a3e [turbofan] Pass new target to JSCreate nodes.
This passes both, the actual constructor and the original constructor,
to nodes having the {JSCreate} operator. This is required for allocating
properly subclassed implicit receiver objects.

R=verwaest@chromium.org
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1434873004

Cr-Commit-Position: refs/heads/master@{#31955}
2015-11-12 09:33:37 +00:00
mstarzinger
11d5d09ce1 [turbofan] Initial support for constructor call inlining.
This implements a first version of support for constructor call inlining
in the inlining machinery. For now we can only inline calls where the
actual constructor and the original constructor coincide (i.e. no super
constructor calls). Note that the target of a super constructor call is
loaded with a runtime call, so there is no way for it to be constant
promoted at the moment.

R=bmeurer@chromium.org
BUG=v8:4544
LOG=n

Review URL: https://codereview.chromium.org/1435873002

Cr-Commit-Position: refs/heads/master@{#31954}
2015-11-12 08:51:28 +00:00
bradnelson
ab1165fb1a Fix ~ operator in asm typer, add more operator tests.
The ~ operator is de-sugared into true^x, which was
being improperly handled.

Adding tests of most bitwise operators and several error cases.

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-asm-validator
R=titzer@chromium.org,aseemgarg@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1432423003

Cr-Commit-Position: refs/heads/master@{#31951}
2015-11-11 22:34:24 +00:00
ofrobots
f583661784 [heap] make inline allocation step size dynamic
Presently the inline allocation step is a static value defined to be the minimum
of the step sizes over all the observers. The step occur every (approx.) step
byte. This is unfair to observers whose steps are not evenly divisible by the
min step size. For example, consider two observers with steps sizes of 512 and
576 bytes. Across 16kb allocated, you would expect the first observer to be hit
approximately 32 times, and the second observer to be hit approximately 28
times.

In reality, the observers get notified 30 and 15 times respectively. The reason
is that each step is 512 bytes, and since 576 is not evenly divisible by 512,
it gets notified much less frequently.

This CL fixes the problem by making the next step size be the minimum (over all
observers) of the remaining bytes to get to the step, making the steps fair.

BUG=
R=hpayer@chromium.org,ulan@chromium.org

Review URL: https://codereview.chromium.org/1427973006

Cr-Commit-Position: refs/heads/master@{#31948}
2015-11-11 20:55:48 +00:00
ahaas
857cd4c1f0 Implemented the RoundUint64ToFloat64 TurboFan operator for x64 and arm64.
I don't see obvious implementations for mips64 and ppc64, so I would need
help for these two platforms.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1436943002

Cr-Commit-Position: refs/heads/master@{#31946}
2015-11-11 19:12:37 +00:00
verwaest
2ebd5fc7c9 Fix Array.prototype.slice with arguments object with negative length.
BUG=

Review URL: https://codereview.chromium.org/1436813002

Cr-Commit-Position: refs/heads/master@{#31941}
2015-11-11 11:50:38 +00:00
machenbach
392d1469d3 [Interpreter] Disable another flaky test262 test.
This is for disabling 9.2.2. for release on arm64
(approximating a bit).

BUG=v8:4280
LOG=N
NOTRY=True
TBR=rmcilroy@chromium.org

Review URL: https://codereview.chromium.org/1432183002

Cr-Commit-Position: refs/heads/master@{#31939}
2015-11-11 08:09:59 +00:00
epertoso
56c7a053e9 Revert changes introduced in http://crrev.com/1367953002.
This CL is in preparation for the API change introduced in http://crrev.com/1407313004.

BUG=

Review URL: https://codereview.chromium.org/1434693008

Cr-Commit-Position: refs/heads/master@{#31930}
2015-11-10 21:00:18 +00:00
ahaas
1b535ca075 Implemented the RoundInt64ToFloat32 TurboFan operator for x64, arm64, and mips64.
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1435603003

Cr-Commit-Position: refs/heads/master@{#31929}
2015-11-10 20:39:57 +00:00
ahaas
01fd8e05dc Implemented the Word64Popcnt TurboFan operator for x64.
Popcnt is implemented as an optional operator, which is only implementd by x64
at the moment.

Review URL: https://codereview.chromium.org/1424173006

Cr-Commit-Position: refs/heads/master@{#31928}
2015-11-10 20:38:40 +00:00
rmcilroy
0609ed27a0 [Interpreter] Disable Arm/Arm64 tests on release as well as debug for ignition.
BUG=v8:4280
LOG=N
NOTRY=True
TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1423803009

Cr-Commit-Position: refs/heads/master@{#31923}
2015-11-10 17:39:48 +00:00
balazs.kilvady
6993cd0de5 MIPS: Fix 'MIPS:r6 compact branch optimization.'
Jic and jialc compact branch ops are fixed as they does not have 'forbidden slot' restriction. Also COP1 branches (CTI instructions) added to IsForbiddenAfterBranchInstr().

TEST=cctest/test-disasm-mips/Type0
BUG=

Review URL: https://codereview.chromium.org/1423493006

Cr-Commit-Position: refs/heads/master@{#31922}
2015-11-10 17:16:09 +00:00
rmcilroy
6e599ce9d8 [Interpreter] Disable mjsunit/array-sort on Arm/Arm64
BUG=v8:4280
LOG=N
NOTRY=true
TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1410883009

Cr-Commit-Position: refs/heads/master@{#31920}
2015-11-10 16:55:50 +00:00
rmcilroy
1820acb9c9 [Interpreter] Skip some more tests on Arm64 for Ignition.
Skips some more tests which started failing after https://codereview.chromium.org/1414183006 landed.

BUG=v8:4280
LOG=N
NOTRY=True

Review URL: https://codereview.chromium.org/1412343009

Cr-Commit-Position: refs/heads/master@{#31919}
2015-11-10 15:21:57 +00:00
mbrandy
40eeb69b94 PPC: Disable gcc generation of fmadd/fmsub in cctests.
Generated code performs distinct floating multiply and add/subtract
operations.  Tests fail when GCC uses fmadd/fmsub to calculate the
expected result since these instructions provide higher accuracy due
to the lack of an intermediate round.

R=machenbach@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1416123007

Cr-Commit-Position: refs/heads/master@{#31918}
2015-11-10 14:31:28 +00:00
sigurds
45787501e5 [turbofan] Pseudo-inline 'instanceof'
This patch extends the typed lowering with a specialized version of 'instanceof' that is used if the "class", i.e. the constructor function, is a known constant.

Unittests check that replacement occurs as intended. Functional correctness is ensured by extensive unit tests covering instanceof already in the testsuite.

TESTS=unittests/JSTypedLoweringTest.{JSInstanceOfSpecializationWithSmiCheck,JSInstanceOfSpecializationWithoutSmiCheck,JSInstanceOfNoSpecialization}

Review URL: https://codereview.chromium.org/1407413014

Cr-Commit-Position: refs/heads/master@{#31916}
2015-11-10 12:20:11 +00:00