Commit Graph

24327 Commits

Author SHA1 Message Date
littledan
b22b258874 ES2015 web compat workaround: RegExp.prototype.flags => ""
It turns out that some old polyfill library uses
RegExp.prototype.flags as a way of feature testing. It's not clear
how widespread this is. For now, as a minimal workaround, we can
return undefined from getters like RegExp.prototype.global when
the receiver is RegExp.prototype. This patch implements that strategy
but omits a UseCounter to make backports easier.

R=adamk
CC=yangguo@chromium.org
BUG=chromium:581577
LOG=Y
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel

Review URL: https://codereview.chromium.org/1640803003

Cr-Commit-Position: refs/heads/master@{#34201}
2016-02-23 01:49:03 +00:00
littledan
579c01072d Remove the Proxy enumerate trap
In ES2016, the Proxy enumerate trap is removed. This patch changes
for-in iteration on Proxies to use the ownKeys trap. Due to the clean
organization of that code, the patch basically consists of deletions.

R=adamk
LOG=Y
BUG=v8:4768

Review URL: https://codereview.chromium.org/1717893002

Cr-Commit-Position: refs/heads/master@{#34200}
2016-02-22 21:11:36 +00:00
littledan
7033ae511f Optimize @@species based on a global 'protector' cell
This patch makes ArraySpeciesCreate fast in V8 by avoiding two property reads
when the following conditions are met:
- No Array instance has had its __proto__ reset
- No Array instance has had a constructor property defined
- Array.prototype has not had its constructor changed
- Array[Symbol.species] has not been reset

For subclasses of Array, or for conditions where one of these assumptions is
violated, the full lookup of species is done according to the ArraySpeciesCreate
algorithm. Although this is a "performance cliff", it does not come up in the
expected typical use case of @@species (Array subclassing), so it is hoped that
this can form a good start. Array subclasses will incur the slowness of looking
up @@species, but their use won't slow down invocations of, for example,
Array.prototype.slice on Array base class instances.

Possible future optimizations:
- For the fallback case where the assumptions don't hold, optimize the two
  property lookups.
- For Array.prototype.slice and Array.prototype.splice, even if the full lookup
  of @@species needs to take place, we still could take the rest of the C++
  fastpath. However, to do this correctly requires changing the calling convention
  from C++ to JS to pass the @@species out, so it is not attempted in this patch.

With this patch, microbenchmarks of Array.prototype.slice do not suffer a
noticeable performance regression, unlike their previous 2.5x penalty.

TBR=hpayer@chromium.org

Review URL: https://codereview.chromium.org/1689733002

Cr-Commit-Position: refs/heads/master@{#34199}
2016-02-22 21:02:48 +00:00
mbrandy
d15d2cf227 PPC: [interpreter, debugger] support debug breaks via bytecode array copy
Port e032a98d3d

R=yangguo@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:4690
LOG=N

Review URL: https://codereview.chromium.org/1721673003

Cr-Commit-Position: refs/heads/master@{#34198}
2016-02-22 20:46:45 +00:00
mbrandy
aadd792d7a PPC: Cleanup CRegister definition.
R=joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1716293002

Cr-Commit-Position: refs/heads/master@{#34197}
2016-02-22 20:45:12 +00:00
littledan
0b53b7d36b Remove Reflect.enumerate
The Proxy enumerate trap and Reflect.enumerate are removed from the
ES2016 draft specification. This patch removes the Reflect.enumerate
function, and a follow-on patch will be responsible for the Proxy
trap changes.

R=adamk
LOG=Y
BUG=v8:4768

Review URL: https://codereview.chromium.org/1721453002

Cr-Commit-Position: refs/heads/master@{#34196}
2016-02-22 19:10:43 +00:00
littledan
a686f4f97c Remove code optimizing for TypedArrays being @@isConcatSpreadable
In theory, a user could define the Symbol.isConcatSpreadable property
somewhere in the TypedArray class hierarchy. Array.prototype.concat
optimizes for this case and has templated code for fast concat over
TypedArrays. However, the default environment doesn't have this
property set (it would probably not be web-compatible) and there isn't
clear demand for this optimization. This patch removes that
special-case code.

R=adamk

Review URL: https://codereview.chromium.org/1720533003

Cr-Commit-Position: refs/heads/master@{#34195}
2016-02-22 18:59:13 +00:00
mbrandy
edff6e91e9 [wasm] Fix linkage for PPC.
Floating point param and return registers should be within the
compiler's allocatable set.

TEST=cctest/test-run-wasm-js/Run_Float64Add_jswrapped
R=titzer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1714223002

Cr-Commit-Position: refs/heads/master@{#34194}
2016-02-22 15:21:33 +00:00
ulan
72f884a19f Fix AllocationSite body descriptor to include all pointer slots.
Currently AllocationSite skips the weak_next pointer in IterateBody and IsValidSlot.

This is not correct because the weak_next is a valid slot in AllocationSite.

BUG=

Review URL: https://codereview.chromium.org/1719903002

Cr-Commit-Position: refs/heads/master@{#34192}
2016-02-22 13:48:26 +00:00
mstarzinger
119a23e113 [turbofan] Pick remembered set action for write barrier.
This picks the record-write stub depending on the correct remembered set
action parameter. For values known to be maps we can guarantee that they
never reside in new-space, hence store buffer recording can be skipped.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1716163003

Cr-Commit-Position: refs/heads/master@{#34191}
2016-02-22 13:23:32 +00:00
yangguo
e032a98d3d [interpreter, debugger] support debug breaks via bytecode array copy
R=mstarzinger@chromium.org, rmcilroy@chromium.org
BUG=v8:4690
LOG=N

Review URL: https://codereview.chromium.org/1703453002

Cr-Commit-Position: refs/heads/master@{#34190}
2016-02-22 13:17:52 +00:00
mstarzinger
0427abf364 [fullcodegen] Lift restriction on --debug-code flag.
This removes a restriction from full-codegen that limited the usability
of the --debug-code flag to only no-snap configurations. The reasoning
for the restriction would still hold, if we ever put full-codegen code
into the snapshot, which we don't. Also there already are several places
in full-codegen that queried the FLAG_debug_code directly, a more
reliable mechanism will be needed if we snapshot full code.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1722593002

Cr-Commit-Position: refs/heads/master@{#34189}
2016-02-22 12:41:23 +00:00
ulan
b238864d0e Activate memory reducer for small heaps in background tabs.
BUG=chromium:587574
LOG=NO

Review URL: https://codereview.chromium.org/1705183003

Cr-Commit-Position: refs/heads/master@{#34188}
2016-02-22 10:52:36 +00:00
epertoso
0e43ff5632 Emit memory operands for cmp and test on ia32 and x64 when it makes sense.
The InstructionSelector now associates an effect level to every node in a block.

The effect level of a node is the number of non-eliminatable nodes encountered from the beginning of the block to the node itself.

With this change, on ia32 and x64, a load from memory into a register can be replaced by a memory operand if all of the following conditions hold:

1. The only use of the load is in a 32 or 64 bit word comparison.
2. The user node and the load node belong to the same block.
3. The values of the operands have the same size (i.e., no need to zero-extend or sign-extend the result of the load).

BUG=

Review URL: https://codereview.chromium.org/1706763002

Cr-Commit-Position: refs/heads/master@{#34187}
2016-02-22 09:46:21 +00:00
bradnelson
37fc16ece4 Allow bitwise-or aside from type annotations in asm->wasm conversion.
BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=mjsunit/asm-wasm
R=aseemgarg@chromium.org,titzer@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1720773002

Cr-Commit-Position: refs/heads/master@{#34185}
2016-02-22 05:56:25 +00:00
zhengxing.li
ebb0f57e9a [crankshaft][X87] Fix Math.min(-0, -0)
The CL #33996 (https://codereview.chromium.org/1695283002) exposed one hidden bug in x87 crankshaft code generation for LCodeGen::DoMathMinMax().

  This CL fixed this bug.

BUG=

Review URL: https://codereview.chromium.org/1715263002

Cr-Commit-Position: refs/heads/master@{#34183}
2016-02-22 03:43:15 +00:00
zhengxing.li
4453164df7 X87: [stubs] Introduce a dedicated FastNewObjectStub.
port ba2077aac3 (r34136)

  original commit message:
  Move the already existing fast case for %NewObject into a dedicated
  FastNewObjectStub that we can utilize in places where we would otherwise
  fallback to %NewObject immediately, which is rather expensive.

  Also use FastNewObjectStub as the generic implementation of JSCreate,
  which should make constructor inlining based on SharedFunctionInfo (w/o
  specializing to a concrete closure) viable soon.

BUG=

Review URL: https://codereview.chromium.org/1717203002

Cr-Commit-Position: refs/heads/master@{#34182}
2016-02-22 02:47:19 +00:00
titzer
4e316c38c5 [wasm] Fix bug in CallImport.
R=binji@chromium.org,bradnelson@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1717993002

Cr-Commit-Position: refs/heads/master@{#34181}
2016-02-22 00:47:02 +00:00
ben
aea56e0e30 Unbreak --gdbjit for embedders.
Embedders don't use d8.cc.  Move gdbjit initialization to api.cc.

BUG=

Review URL: https://codereview.chromium.org/1710253002

Cr-Commit-Position: refs/heads/master@{#34180}
2016-02-21 22:04:06 +00:00
bmeurer
bda527b5ff [turbofan] Add support for SOFT deopts and use that for property access.
Up until now we were unable to (re)optimize code when we hit
uninitialized (Keyed)Load/StoreICs in the code. We always put an IC
there (sharing the feedback vector with fullcodegen at least) and called
it a day. But we never deoptimized the code object when we gathered more
feedback. This doesn't work very well in practice, esp. with hot code
relying on this. So until we have a proper mechanism to express the need
to reoptimize after we gathered additional feedback from optimized code,
we follow the Crankshaft approach instead and install a SOFT deopt, so
we can not only learn but also utilize the new feedback.

R=mstarzinger@chromium.org
BUG=v8:4470
LOG=n

Review URL: https://codereview.chromium.org/1518013002

Cr-Commit-Position: refs/heads/master@{#34178}
2016-02-20 19:06:20 +00:00
ulan
be4597a29a Skip two-pointer fillers when processing marking deque.
Slots filtering of left-trimmed arrays assume that two-pointer fillers are not marked.

BUG=chromium:585787
LOG=NO
TBR=hpayer@chromium.org

Review URL: https://codereview.chromium.org/1720623002

Cr-Commit-Position: refs/heads/master@{#34177}
2016-02-20 18:03:41 +00:00
alan.li
1f5b84e467 MIPS: use DAHI/DATH for li macro on mips64r6.
BUG=

Review URL: https://codereview.chromium.org/1522573002

Cr-Commit-Position: refs/heads/master@{#34176}
2016-02-20 16:24:37 +00:00
alan.li
4efc32ea3e Fix a WASM compiler test failure (invalid instructions).
WASM compiler test will sometimes generate invalid instructions for
DINS/INS.

BUG=

Review URL: https://codereview.chromium.org/1709633004

Cr-Commit-Position: refs/heads/master@{#34175}
2016-02-20 14:21:35 +00:00
demoneaux
26f617f1bc Optimize JSON stringifying when replacer and space are falsey.
Most libraries use `JSON.stringify` with all three arguments [1] to allow for
configuration, even if `replacer` and `space` are falsey, causing the
optimized native stringifying to be missed. This commit allows for the common
case where `replacer` and `space` are not used to be fast.

[1]: https://github.com/hapijs/hapi/pull/3014

BUG=v8:4730
LOG=N

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1710933002

Cr-Commit-Position: refs/heads/master@{#34174}
2016-02-20 07:55:57 +00:00
adamk
cdec6d2bc5 Return undefined from RegExp.prototype.compile
This was changed to match Annex B.2.5.1 of ES2015 and Firefox in
https://chromium.googlesource.com/v8/v8/+/469d9bfa, but website
breakage was seen in M49 Beta. JSC still returns undefined here.

BUG=chromium:585775
LOG=y
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel

Review URL: https://codereview.chromium.org/1714903004

Cr-Commit-Position: refs/heads/master@{#34172}
2016-02-20 00:35:57 +00:00
adamk
9f42c69396 Disable --harmony-object-observe
This was previously reverted due to breakage in devtools, but that has
been worked around in https://codereview.chromium.org/1666573002.

The feature has been publicly-announced as deprecated for several months,
and Chrome 49 will emit deprecation warnings in the console for
uses of the API. This CL aims to remove it from M50 (which is what the
message warns of).

BUG=chromium:552100
LOG=y
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel

Review URL: https://codereview.chromium.org/1711863003

Cr-Commit-Position: refs/heads/master@{#34171}
2016-02-19 21:25:03 +00:00
mvstanton
deb7d5b090 ES6: Desugaring of instanceof to support @@hasInstance
This is a rework of the instanceof operator to support ES6 semantics
(as per section 12.10.4 of the spec:
https://tc39.github.io/ecma262/#sec-instanceofoperator).

It's behind flag --harmony-instanceof for now, which is turned on for staging.

BUG=v8:4447
LOG=N

Review URL: https://codereview.chromium.org/1692713005

Cr-Commit-Position: refs/heads/master@{#34170}
2016-02-19 19:20:38 +00:00
mbrandy
a509b105d8 PPC: [stubs] Introduce a dedicated FastNewObjectStub.
Port ba2077aac3

Original commit message:
    Move the already existing fast case for %NewObject into a dedicated
    FastNewObjectStub that we can utilize in places where we would otherwise
    fallback to %NewObject immediately, which is rather expensive.

    Also use FastNewObjectStub as the generic implementation of JSCreate,
    which should make constructor inlining based on SharedFunctionInfo (w/o
    specializing to a concrete closure) viable soon.

R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1714123002

Cr-Commit-Position: refs/heads/master@{#34169}
2016-02-19 18:58:09 +00:00
alph
c1f653be8d Do not record CPU profile samples when stack collection is failed.
BUG=559304
LOG=N

Review URL: https://codereview.chromium.org/1709873002

Cr-Commit-Position: refs/heads/master@{#34168}
2016-02-19 18:49:37 +00:00
dgozman
0e9ea48c46 Introduce BeforeCallEnteredCallback.
This new callback is similar to CallCompletedCallback, but is executed before the call has been made.
Added Isolate* parameter to CallCompletedCallback, marking previous one as deprecated.

BUG=chromium:585949
LOG=Y

Review URL: https://codereview.chromium.org/1689863002

Cr-Commit-Position: refs/heads/master@{#34167}
2016-02-19 18:48:46 +00:00
rmcilroy
b62bf1e6fb [Interpreter] Enable runtime profiler support for Ignition.
Adds a profiling counter to each BytecodeArray object, and adds
code to Jump and Return bytecode handlers to update this
counter by the size of the jump or the distance from the return
to the start of the function. This is more accurate than fullcodegen's
approach since it takes forward jumps into account as well as back-edges.

Modifies RuntimeProfiler to track ticks for interpreted frames.
Currently we use the SharedFunctionInfo::profiler_ticks() instead
of adding another to tick field to avoid adding another field to
BytecodeArray since SharedFunctionInfo::profiler_ticks() is only
used by Crankshaft otherwise so we shouldn't need both for

BUG=v8:4689
LOG=N

Review URL: https://codereview.chromium.org/1707693003

Cr-Commit-Position: refs/heads/master@{#34166}
2016-02-19 18:47:12 +00:00
ulan
5d06548208 [turbofan] Fix write barrier handling of map values.
We cannot omit flag check with kPointersToHereAreInterestingMask for maps because incremental marker dynamically sets and clears the flag.

BUG=chromium:587004
LOG=NO

Review URL: https://codereview.chromium.org/1714513003

Cr-Commit-Position: refs/heads/master@{#34165}
2016-02-19 18:46:22 +00:00
verwaest
77e30f013a [classes] Support AccessorInfo-style data properties in super property stores.
BUG=

Review URL: https://codereview.chromium.org/1711813003

Cr-Commit-Position: refs/heads/master@{#34163}
2016-02-19 16:04:43 +00:00
nikolaos
ed66588041 This patch implements an alternative approach to the rewriting
of non-pattern expressions, according to the (internally circulated)
design document.  Details to be provided here.

1.  RewritableAssignmentExpression has been renamed to RewritableExpression.
    It is a wrapper for AST nodes that wait for some potential rewriting
    (that may or may not happen).  Also, Is... and As... macros now see
    through RewritableExpressions.

2.  The function state keeps a list of rewritable expressions that must be
    rewritten only if they are used as non-pattern expressions.

3.  Expression classifiers are now templates, parameterized by parser
    traits.  They keep some additional state: a pointer to the list of
    non-pattern rewritable expressions.  It is important that expression
    classifiers be used strictly in a stack fashion, from now on.

4.  The RewriteNonPattern function has been simplified.

BUG=chromium:579913
LOG=N

Committed: https://crrev.com/7f5c864a6faf2b957b7273891e143b9bde35487c
Cr-Commit-Position: refs/heads/master@{#34154}

Review URL: https://codereview.chromium.org/1702063002

Cr-Commit-Position: refs/heads/master@{#34162}
2016-02-19 15:59:33 +00:00
mattloring
6997220817 Preallocate sample buffer to avoid resizes
R=ofrobots@google.com
BUG=

Review URL: https://codereview.chromium.org/1712893002

Cr-Commit-Position: refs/heads/master@{#34161}
2016-02-19 15:58:06 +00:00
jarin
bd6ddb8340 Ship Turbofan try-catch.
Another attempt, after the failing test (flushed bug) has been disabled
in chromium (https://codereview.chromium.org/1710353002).

Review URL: https://codereview.chromium.org/1713033002

Cr-Commit-Position: refs/heads/master@{#34159}
2016-02-19 15:20:49 +00:00
machenbach
5bb6b47bd5 Revert of Non-pattern rewriting revisited (patchset #3 id:40001 of https://codereview.chromium.org/1702063002/ )
Reason for revert:
[Sheriff] This makes jsfunfuzz unhappy:
https://build.chromium.org/p/client.v8/builders/V8%20Fuzzer/builds/7681

Original issue's description:
> This patch implements an alternative approach to the rewriting
> of non-pattern expressions, according to the (internally circulated)
> design document.  Details to be provided here.
>
> 1.  RewritableAssignmentExpression has been renamed to RewritableExpression.
>     It is a wrapper for AST nodes that wait for some potential rewriting
>     (that may or may not happen).  Also, Is... and As... macros now see
>     through RewritableExpressions.
>
> 2.  The function state keeps a list of rewritable expressions that must be
>     rewritten only if they are used as non-pattern expressions.
>
> 3.  Expression classifiers are now templates, parameterized by parser
>     traits.  They keep some additional state: a pointer to the list of
>     non-pattern rewritable expressions.  It is important that expression
>     classifiers be used strictly in a stack fashion, from now on.
>
> 4.  The RewriteNonPattern function has been simplified.
>
> BUG=chromium:579913
> LOG=N
>
> Committed: https://crrev.com/7f5c864a6faf2b957b7273891e143b9bde35487c
> Cr-Commit-Position: refs/heads/master@{#34154}

TBR=rossberg@chromium.org,bmeurer@chromium.org,titzer@chromium.org,nikolaos@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:579913

Review URL: https://codereview.chromium.org/1712203002

Cr-Commit-Position: refs/heads/master@{#34158}
2016-02-19 15:06:31 +00:00
titzer
915ae08dd5 [wasm] Add support for import section.
This CL introduces an import section that names functions to be imported
as well as a CallImport bytecode to call imports from this table.

R=binji@chromium.org,bradnelson@chromium.org
LOG=Y
BUG=chromium:575167

Review URL: https://codereview.chromium.org/1709653002

Cr-Commit-Position: refs/heads/master@{#34157}
2016-02-19 14:58:43 +00:00
baptiste.afsa
a2ceaa2390 [turbofan] Refactoring around the instruction scheduler.
Extract the logic to find out the best candidate out of the core of the
scheduler. It allows more flexibility and make it easy to change the
policy use to schedule the basic blocks.

This patch also provide a new algorithm to randomly schedule the code
in order to perform stress tests on the scheduler.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1714753004

Cr-Commit-Position: refs/heads/master@{#34156}
2016-02-19 14:53:47 +00:00
nikolaos
7f5c864a6f This patch implements an alternative approach to the rewriting
of non-pattern expressions, according to the (internally circulated)
design document.  Details to be provided here.

1.  RewritableAssignmentExpression has been renamed to RewritableExpression.
    It is a wrapper for AST nodes that wait for some potential rewriting
    (that may or may not happen).  Also, Is... and As... macros now see
    through RewritableExpressions.

2.  The function state keeps a list of rewritable expressions that must be
    rewritten only if they are used as non-pattern expressions.

3.  Expression classifiers are now templates, parameterized by parser
    traits.  They keep some additional state: a pointer to the list of
    non-pattern rewritable expressions.  It is important that expression
    classifiers be used strictly in a stack fashion, from now on.

4.  The RewriteNonPattern function has been simplified.

BUG=chromium:579913
LOG=N

Review URL: https://codereview.chromium.org/1702063002

Cr-Commit-Position: refs/heads/master@{#34154}
2016-02-19 14:04:23 +00:00
verwaest
0fbe943e31 Track whether the Object.assign source is stable with a bool rather than map-check on each iteration.
BUG=

Review URL: https://codereview.chromium.org/1704363004

Cr-Commit-Position: refs/heads/master@{#34153}
2016-02-19 13:53:19 +00:00
baptiste.afsa
a33abf0bd8 [turbofan] Fix ArchStackPointer properties for instruction scheduling.
ArchStackPointer operation should not be reordered with respect to instructions
which can modify the stack layout.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1716543004

Cr-Commit-Position: refs/heads/master@{#34151}
2016-02-19 12:30:59 +00:00
verwaest
3fa6a3caf2 [runtime] cleanup handling of private symbol + proxy
BUG=

Review URL: https://codereview.chromium.org/1715543003

Cr-Commit-Position: refs/heads/master@{#34150}
2016-02-19 11:44:08 +00:00
verwaest
6aaa49fb1b [LookupIterator] Optimize the path that writes to fields.
Review URL: https://codereview.chromium.org/1717603002

Cr-Commit-Position: refs/heads/master@{#34149}
2016-02-19 10:41:43 +00:00
jarin
2ae5894da6 Revert of [turbofan] Connect ObjectIsNumber to effect and control chains. (patchset #1 id:1 of https://codereview.chromium.org/1709093002/ )
Reason for revert:
Tanks benchmarks (e.g., Octane box2d TF).

Original issue's description:
> [turbofan] Connect ObjectIsNumber to effect and control chains.
>
> In theory, we could connect the nodes when doing
> the schedule-in-the-middle pass, but that would require creating two
> versions of the operator (effectful and pure). I believe we do not
> lose anything by wiring the node up eagerly.
>
> Committed: https://crrev.com/2894e80a0a4a51a0d72e72aa48fcd01968f7949f
> Cr-Commit-Position: refs/heads/master@{#34141}

TBR=bmeurer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1718483002

Cr-Commit-Position: refs/heads/master@{#34147}
2016-02-19 10:13:56 +00:00
bmeurer
3b1211ac2f [fullcodegen] Remove the hacky %_FastOneByteArrayJoin intrinsic.
This intrinsic was only supported in fullcodegen, and is actually no
longer relevant for SunSpider peak performance it seems, so let's get
rid of it and maybe just implement Array.prototype.join with a fast
path at some point instead.

R=mstarzinger@chromium.org

Committed: https://crrev.com/ccf12b4bede3f1ce3ce14fb33bcc4041525a40af
Cr-Commit-Position: refs/heads/master@{#34084}

Review URL: https://codereview.chromium.org/1708523002

Cr-Commit-Position: refs/heads/master@{#34146}
2016-02-19 09:13:15 +00:00
bmeurer
be23438170 [builtins] Migrate the DataView constructor to C++.
The DataView constructor calls into C++ anyway, and is easier to deal
with this way, especially since we don't have the half initialized
object floating through JavaScript.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1712163002

Cr-Commit-Position: refs/heads/master@{#34145}
2016-02-19 08:59:19 +00:00
verwaest
e22f046f7d Don't internalize names that are array indexes since they aren't used for lookup (the index is)
This should restore the splay regression.

BUG=

Review URL: https://codereview.chromium.org/1714753003

Cr-Commit-Position: refs/heads/master@{#34144}
2016-02-19 08:45:22 +00:00
ishell
7624465b61 [es6] Fixed POSSIBLY_EVAL_CALL tail calls handling in Full codegen.
This CL also enhances a "tail-call-megatest" which now tests product of the following cases:
1) tail caller is inlined/not-inlined
2) tail callee is inlined/not-inlined
3) tail caller has an arguments adaptor frame above or not
4) tail callee has an arguments adaptor frame above or not
5) tail callee is a sloppy/strict/possibly eval/bound/proxy function
6) tail calling via normal call/function.apply/function.call

BUG=v8:4698
LOG=N

Review URL: https://codereview.chromium.org/1711863002

Cr-Commit-Position: refs/heads/master@{#34143}
2016-02-19 08:39:59 +00:00
jarin
2894e80a0a [turbofan] Connect ObjectIsNumber to effect and control chains.
In theory, we could connect the nodes when doing
the schedule-in-the-middle pass, but that would require creating two
versions of the operator (effectful and pure). I believe we do not
lose anything by wiring the node up eagerly.

Review URL: https://codereview.chromium.org/1709093002

Cr-Commit-Position: refs/heads/master@{#34141}
2016-02-19 08:03:34 +00:00
machenbach
cf7839cbec Reland of Sampling heap profiler data structure changes (patchset #1 id:1 of https://codereview.chromium.org/1708363002/ )
Reason for revert:
Failure keeps lurking around after the revert. I'll reland, sorry for the inconvenience!

Original issue's description:
> Revert of Sampling heap profiler data structure changes (patchset #10 id:180001 of https://codereview.chromium.org/1697903002/ )
>
> Reason for revert:
> [Sheriff] Speculative revert for cpu profiler crashes on chromebooks:
> https://build.chromium.org/p/client.v8/builders/V8%20Arm%20-%20debug/builds/549
> https://build.chromium.org/p/client.v8/builders/V8%20Arm%20-%20debug/builds/550
>
> Original issue's description:
> > Sampling heap profiler data structure changes
> >
> > Previously, the sampling heap profiler stored a list of samples and then
> > built a tree representation when the profile was queried by calling
> > GetAllocationProfile. This change reduces duplication by removing stacks
> > from all samples. Also, less information is stored in the tree
> > maintained by the profiler and remaining information (script name, line
> > no, etc) is resolved when a profile is requested.
> >
> > BUG=
> >
> > Committed: https://crrev.com/cdd55e2a3717723492d76f66810bf56b8de7f198
> > Cr-Commit-Position: refs/heads/master@{#34119}
>
> TBR=ofrobots@google.com,ulan@chromium.org,hpayer@chromium.org,mattloring@google.com
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=
>
> Committed: https://crrev.com/4578e52aefb8c4727742ce2e254613e482fdad1f
> Cr-Commit-Position: refs/heads/master@{#34128}

TBR=ofrobots@google.com,ulan@chromium.org,hpayer@chromium.org,mattloring@google.com
# Skipping CQ checks because original CL landed less than 1 days ago.

Review URL: https://codereview.chromium.org/1714493003

Cr-Commit-Position: refs/heads/master@{#34140}
2016-02-19 08:02:05 +00:00
bmeurer
8a7186b87a [turbofan] Remove the JSContextRelaxation reducer.
This reducer doesn't really add value, because:

 (a) it is only concerned with JSCallFunction and JSToNumber, but when
     we get to it, all JSCallFunction nodes will have been replaced by
     Call nodes, and in the not so far future, we will also have
     replaced almost all JSToNumber nodes with better code,
 (b) and the reducer tries to be smart and use one of the outermost
     contexts, but that might not be beneficial always; actually it
     might even create longer live ranges and lead to more spilling
     in some cases.

But most importantly, the JSContextRelaxation currently blocks inlining
based on SharedFunctionInfo, because it requires the inliner to check
the native context, which in turn requires JSFunction knowledge. So I'm
removing this reducer for now to unblock the more important inliner
changes.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1715633002

Cr-Commit-Position: refs/heads/master@{#34139}
2016-02-19 07:55:48 +00:00
bmeurer
24c8f0b056 [turbofan] Relax restrictions on JSCreate inlining.
No need to limit JSCreate inlining to JS_OBJECT_TYPE, since we can
handle everything that the FastNewObjectStub can deal with. Also we
don't need to restrict the number of inobject properties, as that is
already taken care of by the runtime anyways (limited by the initial
slack for the constructor).

And last but not least, we can of course inline allocations for
subclasses as long as the new.target is a JSFunction and it's initial
map's constructor points back to the target (same condition as for
the FastNewObjectStub fast case).

R=jarin@chromium.org
BUG=v8:4493
LOG=n

Review URL: https://codereview.chromium.org/1711883003

Cr-Commit-Position: refs/heads/master@{#34138}
2016-02-19 07:41:33 +00:00
jarin
a56af88942 [turbofan] Move lowering of ObjectIs* nodes to ChangeLowering.
Review URL: https://codereview.chromium.org/1712563002

Cr-Commit-Position: refs/heads/master@{#34137}
2016-02-19 07:19:11 +00:00
bmeurer
ba2077aac3 [stubs] Introduce a dedicated FastNewObjectStub.
Move the already existing fast case for %NewObject into a dedicated
FastNewObjectStub that we can utilize in places where we would otherwise
fallback to %NewObject immediately, which is rather expensive.

Also use FastNewObjectStub as the generic implementation of JSCreate,
which should make constructor inlining based on SharedFunctionInfo (w/o
specializing to a concrete closure) viable soon.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1708313002

Cr-Commit-Position: refs/heads/master@{#34136}
2016-02-19 07:12:50 +00:00
bmeurer
c6433cb058 [turbofan] Reduce JSInliner dependencies on JSFunction.
Ideally the JSInliner should not be concerned with JSFunction's at all,
but only look at the SharedFunctionInfo. This reduces the uses of the
concrete closure to two remaining cases, which we plan to fix soonish
too.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1714803002

Cr-Commit-Position: refs/heads/master@{#34135}
2016-02-19 07:02:21 +00:00
zhengxing.li
b5dc3dd2c1 X87: More simplification and unification of frame handling.
port 55071954bc (r34114)

  original commit message:
  Frame slots indexes numbers are used more consistently for
  computation in both TurboFan and Crankshaft. Specifically,
  Crankshaft now uses frame slot indexes in LChunk, removing
  the need for some special-case maths when building the
  deoptimization translation table.

BUG=

Review URL: https://codereview.chromium.org/1714763002

Cr-Commit-Position: refs/heads/master@{#34134}
2016-02-19 05:55:40 +00:00
adamk
cc2ea25747 Don't reflect ES2015 Function name inference in Function.prototype.toString
Various syntactic forms now cause functions to have names where they
didn't before. Per the upcoming changes to the toString spec, only
a name that was literally part of a function's expression or declaration
is meant to be reflected in toString. This also happens to be the same
set of names that V8 currently outputs (without the --harmony-function-name
flag).

This required distinguishing anonymous FunctionExpressions from other sorts
of function definitions (like methods and getters/setters) in the AST, parser,
and at runtime.

The patch also takes the opportunity to remove one more argument (and enum)
from FunctionLiteral, as well as adding a special factory method for the
case of a FunctionLiteral representing toplevel or eval'd code.

BUG=v8:4760
LOG=n

Review URL: https://codereview.chromium.org/1712833002

Cr-Commit-Position: refs/heads/master@{#34132}
2016-02-19 02:51:10 +00:00
littledan
44f9c6a638 Make Date.prototype.toGMTString an alias for Date.prototype.toUTCString
In ES2015, Date.prototype.toGMTString is simply an alias of
Date.prototype.toUTCString, so it has the same identity as a function and
doesn't have its own name. Firefox has already shipped this behavior.
Previously, we copied JSC behavior by making it a separate function.
This change makes an addition test262 test pass.

BUG=v8:4708
LOG=Y
R=adamk

Review URL: https://codereview.chromium.org/1709373002

Cr-Commit-Position: refs/heads/master@{#34131}
2016-02-19 02:18:54 +00:00
akos.palfi
3cf56fe019 MIPS: [turbofan] Add RoundUint32ToFloat32 operator to Turbofan.
Port 187b3f2845

BUG=

Review URL: https://codereview.chromium.org/1709793002

Cr-Commit-Position: refs/heads/master@{#34130}
2016-02-18 23:24:43 +00:00
verwaest
594a1e1de3 Revert of Use displayName in Error.stack rendering if present. (patchset #1 id:1 of https://codereview.chromium.org/1706823003/ )
Reason for revert:
See Domenic's comment on the V8 bug.

Original issue's description:
> Use displayName in Error.stack rendering if present.
>
> BUG=v8:4761
> LOG=y
>
> Committed: https://crrev.com/953874e974037e7e96ef282a7078760ccc905878
> Cr-Commit-Position: refs/heads/master@{#34105}

TBR=jochen@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4761

Review URL: https://codereview.chromium.org/1713663002

Cr-Commit-Position: refs/heads/master@{#34129}
2016-02-18 19:19:12 +00:00
machenbach
4578e52aef Revert of Sampling heap profiler data structure changes (patchset #10 id:180001 of https://codereview.chromium.org/1697903002/ )
Reason for revert:
[Sheriff] Speculative revert for cpu profiler crashes on chromebooks:
https://build.chromium.org/p/client.v8/builders/V8%20Arm%20-%20debug/builds/549
https://build.chromium.org/p/client.v8/builders/V8%20Arm%20-%20debug/builds/550

Original issue's description:
> Sampling heap profiler data structure changes
>
> Previously, the sampling heap profiler stored a list of samples and then
> built a tree representation when the profile was queried by calling
> GetAllocationProfile. This change reduces duplication by removing stacks
> from all samples. Also, less information is stored in the tree
> maintained by the profiler and remaining information (script name, line
> no, etc) is resolved when a profile is requested.
>
> BUG=
>
> Committed: https://crrev.com/cdd55e2a3717723492d76f66810bf56b8de7f198
> Cr-Commit-Position: refs/heads/master@{#34119}

TBR=ofrobots@google.com,ulan@chromium.org,hpayer@chromium.org,mattloring@google.com
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1708363002

Cr-Commit-Position: refs/heads/master@{#34128}
2016-02-18 19:05:33 +00:00
mbrandy
557adc2c1d PPC: Refine '[Interpreter] Fix deopt when accumulator needs to be materialized.'
Fix comment.

R=joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:4678
LOG=N

Review URL: https://codereview.chromium.org/1714503002

Cr-Commit-Position: refs/heads/master@{#34127}
2016-02-18 18:36:18 +00:00
mbrandy
6cd74a7efe PPC: More simplification and unification of frame handling
Port 55071954bc

Original commit message:
    Frame slots indexes numbers are used more consistently for
    computation in both TurboFan and Crankshaft. Specifically,
    Crankshaft now uses frame slot indexes in LChunk, removing
    the need for some special-case maths when building the
    deoptimization translation table.

R=danno@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1710073002

Cr-Commit-Position: refs/heads/master@{#34126}
2016-02-18 18:34:46 +00:00
adamk
63efda35b3 Remove strong mode support from Scope and Variable
This frees up one bit in FunctionKind, which I plan to make slightly
more syntactic info about functions available in SharedFunctionInfo
(needed for ES2015 Function.name support).

BUG=v8:3956, v8:4760
LOG=n

Review URL: https://codereview.chromium.org/1704223002

Cr-Commit-Position: refs/heads/master@{#34125}
2016-02-18 17:20:13 +00:00
mtrofin
5a92a1709c Names for wasm stubs.
Synthetic names for wasm-to-js functions, for debug scenarios.

BUG=

Review URL: https://codereview.chromium.org/1709893002

Cr-Commit-Position: refs/heads/master@{#34124}
2016-02-18 16:52:34 +00:00
ahaas
545943db15 [wasm] WasmRunner can run tests with I64 parameters and return value.
I extended the Int64Lowering to lower calls, loads, stores, returns, and
parameters and apply the lowering on both the test function TF graph and
the WasmRunner TF graph.

The lowering of calls also requires an adjustment of the call descriptor.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1704033002

Cr-Commit-Position: refs/heads/master@{#34121}
2016-02-18 15:19:18 +00:00
Toon Verwaest
5363486d8e Fix GCMole issue. Iternalize name before dereferencing the accessor-info.
BUG=
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1704373002 .

Cr-Commit-Position: refs/heads/master@{#34120}
2016-02-18 15:01:20 +00:00
mattloring
cdd55e2a37 Sampling heap profiler data structure changes
Previously, the sampling heap profiler stored a list of samples and then
built a tree representation when the profile was queried by calling
GetAllocationProfile. This change reduces duplication by removing stacks
from all samples. Also, less information is stored in the tree
maintained by the profiler and remaining information (script name, line
no, etc) is resolved when a profile is requested.

BUG=

Review URL: https://codereview.chromium.org/1697903002

Cr-Commit-Position: refs/heads/master@{#34119}
2016-02-18 14:48:05 +00:00
verwaest
9bebb028a0 [runtime] Force internalize names used before lookup in in DescriptorArray and TransitionArray
BUG=

Review URL: https://codereview.chromium.org/1704353002

Cr-Commit-Position: refs/heads/master@{#34118}
2016-02-18 14:33:44 +00:00
ishell
e8201e6cc4 [es6] Enable tail call optimization on clusterfuzz.
BUG=v8:4698
LOG=N

Review URL: https://codereview.chromium.org/1710883002

Cr-Commit-Position: refs/heads/master@{#34117}
2016-02-18 14:16:42 +00:00
ishell
1d420199bf [es6] Disable tail call optimization in optimizing compilers for now.
BUG=v8:4698
LOG=N

Review URL: https://codereview.chromium.org/1713533002

Cr-Commit-Position: refs/heads/master@{#34115}
2016-02-18 13:46:43 +00:00
danno
55071954bc More simplification and unification of frame handling
Frame slots indexes numbers are used more consistently for
computation in both TurboFan and Crankshaft. Specifically,
Crankshaft now uses frame slot indexes in LChunk, removing
the need for some special-case maths when building the
deoptimization translation table.

LOG=N
R=mstarzinger@chromium.org

Committed: https://crrev.com/81423b84dbb2eaf7e1a57b0f6029fc8e643b4755
Cr-Commit-Position: refs/heads/master@{#34078}

Review URL: https://codereview.chromium.org/1702593002

Cr-Commit-Position: refs/heads/master@{#34114}
2016-02-18 12:52:03 +00:00
rmcilroy
9a26c1aee2 [Interpreter] Fix deopt when accumulator needs to be materialized.
Moves the accumulator value on-heap to be restored in the
InterpreterNotifyDeopt handler rather than explicitly
setting the accumulator register. This allows it to be
materialized correctly if required.

BUG=v8:4678
LOG=N

Review URL: https://codereview.chromium.org/1707133003

Cr-Commit-Position: refs/heads/master@{#34113}
2016-02-18 12:50:38 +00:00
akos.palfi
57b983ec5b MIPS: [turbofan] Add TruncateFloat32ToUint32 operator to Turbofan.
Port 2166bd8ce5

BUG=

Review URL: https://codereview.chromium.org/1708853002

Cr-Commit-Position: refs/heads/master@{#34112}
2016-02-18 12:49:10 +00:00
rossberg
cb1bf4af3c [es6] Implement for-of iterator finalization
Implements iterator finalisation by desugaring for-of loops with an additional try-finally wrapper. See comment in parser.cc for details.

Also improved some AST printing facilities while there.

@Ross, I had to disable the bytecode generation test for for-of, because it got completely out of hand after this change (the new bytecode has 150+ lines). See the TODO that I assigned to you.

Patch set 1 is WIP patch by Georg (http://crrev.com/1695583003), patch set 2 relative changes.

@Georg, FYI, I changed the following:

- Moved try-finally out of the loop body, for performance, and in order to be able to handle `continue` correctly.
- Fixed scope management in ParseForStatement, which was the cause for the variable allocation failure.
- Fixed pre-existing zone initialisation bug in rewriter, which caused the crashes.
- Enabled all tests, adjusted a few others, added a couple more.

BUG=v8:2214
LOG=Y

Review URL: https://codereview.chromium.org/1695393003

Cr-Commit-Position: refs/heads/master@{#34111}
2016-02-18 10:49:55 +00:00
zhengxing.li
582ea68151 x87: fix x87 FPU stack depth check fail issue in TurboFan's exception handler
Unstructured control flow caused by excpetion leads to a wrong x87 FPU stack
  state in TurboFan's exception handler.

  This patch is to reset the x87 FPU stack state when calling the TurboFan's exception
  handler from the CEntryStub.

BUG=

Review URL: https://codereview.chromium.org/1702383005

Cr-Commit-Position: refs/heads/master@{#34109}
2016-02-18 10:37:03 +00:00
ishell
c67b5096cd [turbofan] Fixing ES6 tail calls in Turbofan.
In case when F inlined normal call to G which tail calls H we should not write translation for G for the tail call site.
Otherwise we will see G in a stack trace inside H.

This CL also adds a "megatest" which tests product of the following cases:
1) tail caller is inlined/not-inlined
2) tail callee is inlined/not-inlined
3) tail caller has an arguments adaptor frame above or not
4) tail callee has an arguments adaptor frame above or not
5) tail callee is a normal/bound/proxy function

Note that tests for not yet supported cases are not run for now.

BUG=v8:4698
LOG=N

Review URL: https://codereview.chromium.org/1709583002

Cr-Commit-Position: refs/heads/master@{#34108}
2016-02-18 10:13:20 +00:00
ahaas
f8e068e926 [wasm] Replace the BufferedRawMachineAssemblerTester in the WasmRunner.
The BufferedRawMachineAssemblerTester caused problems for the
Int64Lowering. Instead we construct a TF graph now which is compiled by
Pipeline::GenerateCodeForTesting.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1702023002

Cr-Commit-Position: refs/heads/master@{#34107}
2016-02-18 09:55:49 +00:00
verwaest
953874e974 Use displayName in Error.stack rendering if present.
BUG=v8:4761
LOG=y

Review URL: https://codereview.chromium.org/1706823003

Cr-Commit-Position: refs/heads/master@{#34105}
2016-02-18 09:43:06 +00:00
jochen
7320830db3 Attempt to speed up v8::Object::SetPrivate
By short-cutting the DefineOwnProperty machinery similar to how ForceSet
does it, we should get a few cycles out of this heavily used API.

BUG=chromium:569668
R=verwaest@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1702353002

Cr-Commit-Position: refs/heads/master@{#34102}
2016-02-18 08:49:15 +00:00
zhengxing.li
d9b1dbbee1 X87: [es6] [interpreter] Add tail calls support to Ignition.
port 32b4bc1382 (r34083)

  original commit message:
  This CL introduces two new bytecodes TailCall and TailCallWide.

BUG=

Review URL: https://codereview.chromium.org/1703233003

Cr-Commit-Position: refs/heads/master@{#34100}
2016-02-18 07:58:27 +00:00
fmeawad
c6279388c7 Split the TRACE_EVENTs from the LOG/HistogramTimers/TimerEvents functionality.
This CL adds a TRACE_EVENT where there is an isolated LOG, a HistogramTimer
or a TimerEvent.

Once we have a d8 tracing controller, all TimerEvents will be removed since
they do not provide an added value over TRACE_EVENTs. HistogramTimers will
remain, but their functionality will be limited to Histograms only.

BUG=v8:4562
LOG=N

Review URL: https://codereview.chromium.org/1707563002

Cr-Commit-Position: refs/heads/master@{#34099}
2016-02-18 06:13:33 +00:00
mbrandy
c94a3d44bd PPC: [es6] [interpreter] Add tail calls support to Ignition.
Port 32b4bc1382

Original commit message:
    This CL introduces two new bytecodes TailCall and TailCallWide.

R=ishell@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:4698,v8:4687
LOG=N

Review URL: https://codereview.chromium.org/1705913002

Cr-Commit-Position: refs/heads/master@{#34096}
2016-02-17 21:28:21 +00:00
machenbach
8934994e36 Revert of Add Scoped Context Info (Isolate) to V8 Traces (patchset #5 id:80001 of https://codereview.chromium.org/1686233002/ )
Reason for revert:
[Sheriff] Breaks arm cross-compile:
https://build.chromium.org/p/client.v8/builders/V8%20Arm%20-%20debug%20builder/builds/7825/

Original issue's description:
> Add Scoped Context Info (Isolate) to V8 Traces
>
> This patch adds the newly added support for contexts in V8 Tracing, as well
> as use it to mark all the entry points for a V8 Isolate.
>
> BUG=v8:4565
> LOG=N
>
> Committed: https://crrev.com/44823c3c6965966c63b7e2e2361d0f2a58d196ea
> Cr-Commit-Position: refs/heads/master@{#34092}

TBR=jochen@chromium.org,fmeawad@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4565

Review URL: https://codereview.chromium.org/1710573002

Cr-Commit-Position: refs/heads/master@{#34095}
2016-02-17 20:30:44 +00:00
bmeurer
528bb4b960 [builtins] Use JSObject::New in C++ builtins.
We already have a proper abstraction for dealing with subclassable
builtins, namely JSObject::New, so we should use that instead of
inlining this rather complex code sequence multiple times.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/1709563003

Cr-Commit-Position: refs/heads/master@{#34094}
2016-02-17 19:58:54 +00:00
binji
2869071588 [Atomics] Add dmb/dsb/isb instructions to ARM
This is not currently implemented in the simulator, just the assembler and
disassembler.

BUG=v8:4614
LOG=y

Review URL: https://codereview.chromium.org/1699173003

Cr-Commit-Position: refs/heads/master@{#34093}
2016-02-17 19:58:04 +00:00
fmeawad
44823c3c69 Add Scoped Context Info (Isolate) to V8 Traces
This patch adds the newly added support for contexts in V8 Tracing, as well
as use it to mark all the entry points for a V8 Isolate.

BUG=v8:4565
LOG=N

Review URL: https://codereview.chromium.org/1686233002

Cr-Commit-Position: refs/heads/master@{#34092}
2016-02-17 19:56:33 +00:00
machenbach
0f94e0d38f Revert of [fullcodegen] Remove the hacky %_FastOneByteArrayJoin intrinsic. (patchset #1 id:1 of https://codereview.chromium.org/1708523002/ )
Reason for revert:
[Sheriff] Speculative revert for adding arm flakes:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm%20-%20sim/builds/5756
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm%20-%20sim%20-%20novfp3/builds/3375/

And some more...

Original issue's description:
> [fullcodegen] Remove the hacky %_FastOneByteArrayJoin intrinsic.
>
> This intrinsic was only supported in fullcodegen, and is actually no
> longer relevant for SunSpider peak performance it seems, so let's get
> rid of it and maybe just implement Array.prototype.join with a fast
> path at some point instead.
>
> R=mstarzinger@chromium.org
>
> Committed: https://crrev.com/ccf12b4bede3f1ce3ce14fb33bcc4041525a40af
> Cr-Commit-Position: refs/heads/master@{#34084}

TBR=mstarzinger@chromium.org,bmeurer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1709693002

Cr-Commit-Position: refs/heads/master@{#34091}
2016-02-17 19:42:57 +00:00
mbrandy
789ad2f4a9 PPC: [turbofan] Support for CPU models lacking isel.
R=joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1710453002

Cr-Commit-Position: refs/heads/master@{#34090}
2016-02-17 19:14:45 +00:00
bbudge
6b6b005feb Add a kSimd128 machine type for Turbofan.
Adds kSimd128 to MachineRepresentation.
Adds a Simd128Register concept that's platform independent.
Adds UntaggedSimd128 to types.h.

LOG=N
BUG=v8:4124

Review URL: https://codereview.chromium.org/1693963004

Cr-Commit-Position: refs/heads/master@{#34089}
2016-02-17 19:04:29 +00:00
verwaest
d81fd6213b [runtime] Only muck with prototype dependencies for prototypes
BUG=

Review URL: https://codereview.chromium.org/1703083002

Cr-Commit-Position: refs/heads/master@{#34088}
2016-02-17 17:22:27 +00:00
verwaest
f3f6b03a75 [runtime] pass in the Isolate into SearchWithCache
BUG=

Review URL: https://codereview.chromium.org/1706833002

Cr-Commit-Position: refs/heads/master@{#34087}
2016-02-17 16:24:12 +00:00
verwaest
c383fc20ca [runtime] Don't compute the hash for linear search in descriptor array
I replaced the hidden string with hidden_properties_symbol, so we don't
need the extra hash-check anymore. This is slightly faster anyway.

BUG=

Review URL: https://codereview.chromium.org/1707653003

Cr-Commit-Position: refs/heads/master@{#34086}
2016-02-17 16:18:48 +00:00
mbrandy
56e08dfaf6 PPC: [intrinsics] Remove the %_IsDate intrinsic.
Port 0d595bb001

Original commit message:
    It's fine to only have the runtime call here, as it's only used in the
    debug mirror.

R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1707683002

Cr-Commit-Position: refs/heads/master@{#34085}
2016-02-17 15:58:35 +00:00
bmeurer
ccf12b4bed [fullcodegen] Remove the hacky %_FastOneByteArrayJoin intrinsic.
This intrinsic was only supported in fullcodegen, and is actually no
longer relevant for SunSpider peak performance it seems, so let's get
rid of it and maybe just implement Array.prototype.join with a fast
path at some point instead.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1708523002

Cr-Commit-Position: refs/heads/master@{#34084}
2016-02-17 15:51:09 +00:00
ishell
32b4bc1382 [es6] [interpreter] Add tail calls support to Ignition.
This CL introduces two new bytecodes TailCall and TailCallWide.

BUG=v8:4698,v8:4687
LOG=N

Review URL: https://codereview.chromium.org/1698273003

Cr-Commit-Position: refs/heads/master@{#34083}
2016-02-17 15:19:50 +00:00
machenbach
c8117f2fd9 Revert of More simplification and unification of frame handling (patchset #5 id:80001 of https://codereview.chromium.org/1702593002/ )
Reason for revert:
[Sheriff] Breaks nosnap debug:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap%20-%20debug/builds/5329

Original issue's description:
> More simplification and unification of frame handling
>
> Frame slots indexes numbers are used more consistently for
> computation in both TurboFan and Crankshaft. Specifically,
> Crankshaft now uses frame slot indexes in LChunk, removing
> the need for some special-case maths when building the
> deoptimization translation table.
>
> LOG=N
> R=mstarzinger@chromium.org
>
> Committed: https://crrev.com/81423b84dbb2eaf7e1a57b0f6029fc8e643b4755
> Cr-Commit-Position: refs/heads/master@{#34078}

TBR=mstarzinger@chromium.org,jarin@chromium.org,danno@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1708583002

Cr-Commit-Position: refs/heads/master@{#34082}
2016-02-17 14:49:50 +00:00
mstarzinger
0dc896c4ef [interpreter] Remove CompilationInfo from graph builder.
This removes the CompilationInfo field from the BytecodeGraphBuilder
class. The intention is to reduce the risk of using uninitialized or
unavailable values from the CompilationInfo (e.g. values that are only
available after parsing).

R=rmcilroy@chromium.org

Review URL: https://codereview.chromium.org/1704913002

Cr-Commit-Position: refs/heads/master@{#34081}
2016-02-17 14:10:54 +00:00
bmeurer
0200dd5621 [intrinsics] Remove the %_IsSimdValue intrinsic.
There's no need to have inline platform code for this intrinsic, which
is only used when generating a descriptive string for an error, the
runtime call is just fine here.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1706743002

Cr-Commit-Position: refs/heads/master@{#34080}
2016-02-17 13:54:51 +00:00
danno
81423b84db More simplification and unification of frame handling
Frame slots indexes numbers are used more consistently for
computation in both TurboFan and Crankshaft. Specifically,
Crankshaft now uses frame slot indexes in LChunk, removing
the need for some special-case maths when building the
deoptimization translation table.

LOG=N
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1702593002

Cr-Commit-Position: refs/heads/master@{#34078}
2016-02-17 13:19:30 +00:00
bmeurer
e80279c02b [crankshaft] Remove the useless HAllocateBlockContext instruction.
It's dead^Wa runtime call Jim!

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1702313002

Cr-Commit-Position: refs/heads/master@{#34077}
2016-02-17 13:09:15 +00:00
mstarzinger
ef5ee8e1fd [turbofan] Remove language mode from JSCall operator.
This removes the language mode parameter from all JSCall operators. The
information is no longer used anywhere and is not threaded through the
interpreter bytecode. We should only thread it through the bytecode if
it has a semantic impact on the compilation.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1709493002

Cr-Commit-Position: refs/heads/master@{#34073}
2016-02-17 12:04:27 +00:00
bmeurer
76c054b1df [crankshaft] Remove the useless HCallStub instruction.
Everything that HCallStub does can easily be done using the more general
HCallWithDescriptor, so there's no need to have this dedicated
instruction around.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1705633004

Cr-Commit-Position: refs/heads/master@{#34072}
2016-02-17 11:58:56 +00:00
ulan
017d128b6e Filter invalid slots after array trimming.
If sweeping is in progress then we need to filter out slots in free space after
array trimming, because the sweeper will add the free space into free list.

This CL also fixes a bug in SlotSet::RemoveRange.

BUG=chromium:587004
LOG=NO
TBR=hpayer@chromium.org

Review URL: https://codereview.chromium.org/1701963003

Cr-Commit-Position: refs/heads/master@{#34071}
2016-02-17 11:53:06 +00:00
verwaest
9eb4929502 [runtime] Replace hidden_string with a 0-hash-code private symbol
BUG=

Review URL: https://codereview.chromium.org/1705713002

Cr-Commit-Position: refs/heads/master@{#34070}
2016-02-17 11:10:41 +00:00
bmeurer
1e79bd5cc8 [builtins] Support SameValue and SameValueZero via runtime functions.
Also move Object.is implementation to C++ builtin, which is faster
than the current implementation.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1695743003

Cr-Commit-Position: refs/heads/master@{#34069}
2016-02-17 10:54:25 +00:00
bmeurer
6de9b9ce5b [builtins] Migrate the leftover Boolean setup to C++.
There's no point in having the setup or the toString/valueOf methods in
JavaScript. The full setup can be done during bootstrapping when the
Boolean constructor is created, and the prototype methods don't benefit
from JS + %_ at all.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1701273003

Cr-Commit-Position: refs/heads/master@{#34068}
2016-02-17 10:36:49 +00:00
mstarzinger
305a36e0d4 Remove strong mode support from property loads.
R=rossberg@chromium.org,bmeurer@chromium.org,verwaest@chromium.org
BUG=v8:3956
LOG=n

Review URL: https://codereview.chromium.org/1700993002

Cr-Commit-Position: refs/heads/master@{#34067}
2016-02-17 10:30:47 +00:00
balazs.kilvady
a7b315b50c MIPS64: Fix '[turbofan] Add an operator to access the parent frame pointer'.
Port fd8fd05cc5

Original commit message:
This functionality is useful for stubs that need to walk the stack. The new
machine operator, LoadParentFramePointer doesn't force the currently compiling
method to have a frame in contrast to LoadFramePointer. Instead, it adapts
accordingly when frame elision is possible, making efficient stack walks
possible without incurring a performance penalty for small stubs that can
benefit from frame elision.

BUG=

Review URL: https://codereview.chromium.org/1701933003

Cr-Commit-Position: refs/heads/master@{#34066}
2016-02-17 10:10:16 +00:00
zhengxing.li
9727ab7e28 X87: [turbofan] Add an operator to access the parent frame pointer.
port fd8fd05cc5 (r34014)

  original commit message:
  This functionality is useful for stubs that need to walk the stack. The new
  machine operator, LoadParentFramePointer dosn't force the currently compiling
  method to have a frame in contrast to LoadFramePointer. Instead, it adapts
  accordingly when frame elision is possible, making efficient stack walks
  possible without incurring a performance penalty for small stubs that can
  benefit from frame elision.

BUG=

Review URL: https://codereview.chromium.org/1705673002

Cr-Commit-Position: refs/heads/master@{#34064}
2016-02-17 09:48:29 +00:00
verwaest
f9cdf9d4ed [runtime] Don't cache the holder_map_ in the LookupIterator, it's faster.
BUG=

Review URL: https://codereview.chromium.org/1702623002

Cr-Commit-Position: refs/heads/master@{#34063}
2016-02-17 09:47:01 +00:00
zhengxing.li
ede69c4978 X87: [runtime] Turn ArgumentAccessStub into FastNewSloppyArgumentsStub.
port e0129d0f87 (r33986)

  original commit message:
  Turn the fast case of ArgumentsAccessStub into a new stub
  FastNewSloppyArgumentsStub, which is similar to the existing
  FastNewStrictArgumentsStub, although not polished yet, and the slow
  case always went to the runtime anyway, so we can just directly emit
  a runtime call there.

BUG=

Review URL: https://codereview.chromium.org/1701983004

Cr-Commit-Position: refs/heads/master@{#34062}
2016-02-17 09:35:41 +00:00
alph
c2abfe75ea Fix MSAN warning on simulator during cpu profiling.
CPU profiler probes stack frame to find if it's in a valid
state. Under simulator it might happen the frame is not
initialized and MSAN repors that. That's totally ok.
Suppress the warning.

BUG=v8:4751
LOG=N

Review URL: https://codereview.chromium.org/1700533003

Cr-Commit-Position: refs/heads/master@{#34061}
2016-02-17 09:08:15 +00:00
verwaest
d198717714 [runtime] More LookupIterator / Transition related performance tweaks
Minor improvements measured through by https://github.com/kpdecker/six-speed/blob/master/tests/object-assign/object-assign.es6. Mostly due to inlining of NowContains on the FieldType

Review URL: https://codereview.chromium.org/1703513002

Cr-Commit-Position: refs/heads/master@{#34060}
2016-02-17 09:07:28 +00:00
rmcilroy
8218fc4686 [Interpreter] Add support for getting inlined functions from interpreted frames.
BUG=v8:4680
LOG=N

Review URL: https://codereview.chromium.org/1700143002

Cr-Commit-Position: refs/heads/master@{#34058}
2016-02-17 08:26:07 +00:00
bmeurer
159ffcc080 [crankshaft] Make sure +x is as fast as Number(x).
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1704833002

Cr-Commit-Position: refs/heads/master@{#34057}
2016-02-17 07:42:00 +00:00
bmeurer
0d595bb001 [intrinsics] Remove the %_IsDate intrinsic.
It's fine to only have the runtime call here, as it's only used in the
debug mirror.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1699133002

Cr-Commit-Position: refs/heads/master@{#34056}
2016-02-17 07:27:01 +00:00
zhengxing.li
82289a989d X87: [runtime] Introduce FastNewStrictArgumentsStub to optimize strict arguments.
port 09d845354742a90fc0596262eb5cbaac169e5ed9(r33925)

  original commit message:
  The FastNewStrictArgumentsStub is very similar to the recently added
  FastNewRestParameterStub, it's actually almost a copy of it, except that
  it doesn't have the fast case we have for the empty rest parameter. This
  patch improves strict arguments in TurboFan and fullcodegen by up to 10x
  compared to the previous version.

  Also introduce proper JSSloppyArgumentsObject and JSStrictArgumentsObject
  for the in-object properties instead of having them as constants in the
  Heap class.

  Drive-by-fix: Use this stub and the FastNewRestParameterStub in the
  interpreter to avoid the runtime call overhead for strict arguments
  and rest parameter creation.

BUG=

Review URL: https://codereview.chromium.org/1706703002

Cr-Commit-Position: refs/heads/master@{#34055}
2016-02-17 07:23:28 +00:00
zhengxing.li
3ada8da360 X87: [es6] Further fixing of tail Calls.
port e519e6fadfaf7242231f4dcb45910f60304e26fc(r33886)

  original commit message:
  1) Update profiling counters in Full codegen.
  2) Call Runtime::kTraceTailCall when tracing is on

  test/mjsunit/es6/tail-call-simple.js is disabled for now, because Turbofan does not fully support TCO yet.

BUG=

Review URL: https://codereview.chromium.org/1706673002

Cr-Commit-Position: refs/heads/master@{#34054}
2016-02-17 06:56:50 +00:00
mtrofin
985f67911c Produce debug name in debug builds.
BUG=

Review URL: https://codereview.chromium.org/1700043004

Cr-Commit-Position: refs/heads/master@{#34052}
2016-02-17 03:52:01 +00:00
caitpotter88
3649170259 [cleanup] add Parser accessors for FLAG_harmony_function_sent
BUG=
LOG=N
R=adamk@chromium.org, littledan@chromium.org

Review URL: https://codereview.chromium.org/1702853002

Cr-Commit-Position: refs/heads/master@{#34051}
2016-02-17 00:19:21 +00:00
caitpotter88
fd2edb0ea2 [parser] unify metaproperty parsing and require unescaped property name
BUG=v8:4756
LOG=N
R=adamk@chromium.org, littledan@chromium.org, wingo@igalia.com

Review URL: https://codereview.chromium.org/1700123003

Cr-Commit-Position: refs/heads/master@{#34050}
2016-02-16 23:38:09 +00:00
mbrandy
163ef0991a PPC: [turbofan] Add an operator to access the parent frame pointer
Port fd8fd05cc5

Original commit message:
    This functionality is useful for stubs that need to walk the stack. The new
    machine operator, LoadParentFramePointer dosn't force the currently compiling
    method to have a frame in contrast to LoadFramePointer. Instead, it adapts
    accordingly when frame elision is possible, making efficient stack walks
    possible without incurring a performance penalty for small stubs that can
    benefit from frame elision.

R=danno@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1700323002

Cr-Commit-Position: refs/heads/master@{#34049}
2016-02-16 22:21:42 +00:00
bradnelson
6357ad847b Support blocks in asm->wasm global section.
The parser can fold together comma separated declarations
into a single block. The AsmWasmBuilder needs to support
this case in order to handle asm.js modules that use this form.

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=mjsunit/asm-wasm
R=aseemgarg@chromium.org,titzer@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1697423003

Cr-Commit-Position: refs/heads/master@{#34048}
2016-02-16 19:33:53 +00:00
adamk
f4f1940848 Eagerly declare variables in ParseVariableDeclarations where possible
This avoids spending lots of time in Scope::RemoveUnresolved for very long
variable declaration lists.

BUG=v8:4699
LOG=n

Review URL: https://codereview.chromium.org/1655313003

Cr-Commit-Position: refs/heads/master@{#34047}
2016-02-16 19:09:45 +00:00
bradnelson
f0d7c7a83b Implementing comma operator for asm->wasm.
BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=mjsunit/asm-wasm
R=aseemgarg@chromium.org,titzer@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1704553002

Cr-Commit-Position: refs/heads/master@{#34044}
2016-02-16 18:34:17 +00:00
balazs.kilvady
f739088baa MIPS64: Fix2 '[runtime] Introduce FastNewStrictArgumentsStub to optimize strict arguments.'
Port 09d8453547

More fix after 3b980234c8

Original commit message:
The FastNewStrictArgumentsStub is very similar to the recently added
FastNewRestParameterStub, it's actually almost a copy of it, except that
it doesn't have the fast case we have for the empty rest parameter. This
patch improves strict arguments in TurboFan and fullcodegen by up to 10x
compared to the previous version.

Also introduce proper JSSloppyArgumentsObject and JSStrictArgumentsObject
for the in-object properties instead of having them as constants in the
Heap class.

Drive-by-fix: Use this stub and the FastNewRestParameterStub in the
interpreter to avoid the runtime call overhead for strict arguments
and rest parameter creation.

BUG=

Review URL: https://codereview.chromium.org/1699183002

Cr-Commit-Position: refs/heads/master@{#34043}
2016-02-16 18:30:48 +00:00
fmeawad
5579153777 Remove Monitoring mode in tracing, and mark unimplemented for another macro
BUG=559117
LOG=N

Review URL: https://codereview.chromium.org/1684963002

Cr-Commit-Position: refs/heads/master@{#34042}
2016-02-16 18:00:09 +00:00
hpayer
1d4628fb02 [heap] Refactor free list counters in Page.
BUG=chromium:587026
LOG=n

Review URL: https://codereview.chromium.org/1696413002

Cr-Commit-Position: refs/heads/master@{#34041}
2016-02-16 17:00:59 +00:00
rmcilroy
c0c5d1310c [Interpreter] GetExpression(0) in InterpretedFrames gets first local.
Various places assume that GetExpression returns the locals for a frame.
Modify InterpretedFrames such that GetExpression(0) returns the first
local, not the fixed parts of the interpreter frame.

BUG=v8:4690,v8:4680
LOG=N

Review URL: https://codereview.chromium.org/1697223003

Cr-Commit-Position: refs/heads/master@{#34040}
2016-02-16 15:34:08 +00:00
rmcilroy
c68f7194c2 Use a better hash function in IdentityMap.
Reduces time for ConstantArrayBuilderTest.AllocateAllEntries from 21000ms to 106ms in
debug mode.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1696363002

Cr-Commit-Position: refs/heads/master@{#34038}
2016-02-16 14:09:06 +00:00
bmeurer
8f87c0acb7 [builtins] Move the Boolean constructor to C++.
Drive-by-fix: Remove the (now) unused %_SetValueOf and %_JSValueGetValue
intrinsics from the various compilers and the runtime.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1698343002

Cr-Commit-Position: refs/heads/master@{#34037}
2016-02-16 14:03:07 +00:00
mstarzinger
1150092b29 Remove strong mode support from binary operations.
R=bmeurer@chromium.org
BUG=v8:3956
LOG=n

Review URL: https://codereview.chromium.org/1693833002

Cr-Commit-Position: refs/heads/master@{#34036}
2016-02-16 13:55:29 +00:00
verwaest
036d23ec73 Don't include field-type.h/field-index.h into property.h
BUG=

Review URL: https://codereview.chromium.org/1696333002

Cr-Commit-Position: refs/heads/master@{#34035}
2016-02-16 13:28:47 +00:00
verwaest
099271a189 [runtime] Move heap-object type check helpers to HeapObject with wrapper on Object
BUG=

Review URL: https://codereview.chromium.org/1694403002

Cr-Commit-Position: refs/heads/master@{#34034}
2016-02-16 12:57:45 +00:00
rmcilroy
27204d6e05 [Interpreter] Push BytecodeArray onto interpreted stack frames.
Replaces the push of the dispatch table on the interpreted stack frame with a
push of the bytecode array. This enables the debugger to replace the bytecode
array with a patched version containing breakpoints.

BUG=v8:4690
LOG=N

Review URL: https://codereview.chromium.org/1699013002

Cr-Commit-Position: refs/heads/master@{#34032}
2016-02-16 12:36:16 +00:00
ulan
4fdc19ae33 Add a generic remembered set class.
This new class provides a unified interface for recording and iterating slots in store and slots buffers:

RememberedSet<OLD_TO_NEW>::Insert(page, slot);
RememberedSet<OLD_TO_OLD>::Insert(page, slot);

RememberedSet<OLD_TO_NEW>::Iterate(heap, callback);
RememberedSet<OLD_TO_OLD>::Iterate(heap, callback);

After this change the store buffer is responsible only for collecting slots from the generated code.

Subsequent CLs will remove the slots buffer.

BUG=chromium:578883
LOG=NO

Review URL: https://codereview.chromium.org/1683653002

Cr-Commit-Position: refs/heads/master@{#34031}
2016-02-16 12:34:38 +00:00
danno
3aa2dd34f7 Use explicit context translation in CodeStub deoptimization
Before this CL, the context of the parent frame was used when deoptimizing a
stub failure rather than the context value passed to the stub itself. In order
to guarantee that the right context is passed to the runtime upon stub failure,
this CL adds the context explicitly to the stub's environment that's used to
compute the failure deoptimizing translations. The context can then be extracted
during deoptimization translation to ensure that the precise context that was
passed to the stub is also passed to the runtime.

R=jarin@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1694183003

Cr-Commit-Position: refs/heads/master@{#34030}
2016-02-16 11:48:13 +00:00
martyn.capewell
14a5c18cc3 [turbofan] ARM: Use SBFX in instruction selector.
Support SBFX in the instruction selector for sign-extension patterns like
Sar(Shl(x, a), b), where a and b are immediate values.

BUG=

Review URL: https://codereview.chromium.org/1695293002

Cr-Commit-Position: refs/heads/master@{#34029}
2016-02-16 11:29:48 +00:00
rodolph.perfetta
0dfd7bcdaf Added a ReverseBits operator and used it to implement Ctz.
Let me know if this is not the right approach

Review URL: https://codereview.chromium.org/1698483002

Cr-Commit-Position: refs/heads/master@{#34028}
2016-02-16 11:14:28 +00:00
jkummerow
00b919cb11 Revert of Tweak type info threshold. (patchset #1 id:1 of https://codereview.chromium.org/1684093002/ )
Reason for revert:
Tanks Mandreel-latency.

Original issue's description:
> Tweak type info threshold.
>
> Let the world know (if it cares) that this is the kind of
> silliness that JS engines have to partake in if they want
> to look good on Sunspider (this should give 5% overall).
>
> Committed: https://crrev.com/4f62af4234e8ad74abd8e4cd3e492f7727efc768
> Cr-Commit-Position: refs/heads/master@{#33866}

TBR=yangguo@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.

Review URL: https://codereview.chromium.org/1699063002

Cr-Commit-Position: refs/heads/master@{#34027}
2016-02-16 11:00:06 +00:00
jarin
75cdb91366 Move FieldType to separate h/cc files.
Review URL: https://codereview.chromium.org/1700923002

Cr-Commit-Position: refs/heads/master@{#34026}
2016-02-16 10:22:34 +00:00
epertoso
7091075239 Make NamedLoadHandlerCompiler::CompileLoadInterceptor behave correcly with lazy accessors.
Before this fix, we always ended up calling Runtime_LoadPropertyWithInterceptor, which caused the performance regression reported in http://crbug.com/585764.

BUG=585764
LOG=y

Review URL: https://codereview.chromium.org/1699913002

Cr-Commit-Position: refs/heads/master@{#34025}
2016-02-16 10:08:04 +00:00
verwaest
7b59e3d7cb [runtime] Minor tweaks to LookupIterator for performance
BUG=

Review URL: https://codereview.chromium.org/1702443002

Cr-Commit-Position: refs/heads/master@{#34024}
2016-02-16 09:53:20 +00:00
cbruni
6dd16e8eb1 [left-trimming] Avoid creating duplicate handles in builtins.cc
EnsureJSArrayWithWritableFastElements

Having several handles pointing to the backing store of an array that gets
left-trimmed might cause the gc to start marking a stale-handle still pointing
to the old backing-store start. By introducing a separate handle scope for
EnsureJSArrayWithWritableFastElements we avoid this issue. Additionally a
SLOW_DCHECK in Heap::LeftTrimFixedArray ensurse that there are no more than one
active handle pointing to the backing store.

BUG=chr:585787
LOG=n

Review URL: https://codereview.chromium.org/1699733003

Cr-Commit-Position: refs/heads/master@{#34022}
2016-02-16 09:51:09 +00:00
hpayer
b6a86e7725 [heap] Refactor FreeListCategory.
BUG=chromium:587026
LOG=n

Review URL: https://codereview.chromium.org/1698983002

Cr-Commit-Position: refs/heads/master@{#34021}
2016-02-16 09:49:43 +00:00
mstarzinger
aa31ff31a8 [turbofan] Remove support for LazyBailout operators.
The LazyBailout operator (modelled as a nop-call) was introduced for
placing a deoptimization point into exception handlers. Now that we are
no longer re-entering lazy deoptimized code, the support can be removed.

R=jarin@chromium.org
BUG=v8:4195
LOG=n

Review URL: https://codereview.chromium.org/1697503002

Cr-Commit-Position: refs/heads/master@{#34020}
2016-02-16 09:48:57 +00:00
bmeurer
d057adc83e Revert of [turbofan] Combine GenericLoweringPhase and ChangeLoweringPhase. (patchset #1 id:1 of https://codereview.chromium.org/1697133002/ )
Reason for revert:
Seems to tank stuff.

Original issue's description:
> [turbofan] Combine GenericLoweringPhase and ChangeLoweringPhase.
>
> There's no need to use a dedicated ChangeLoweringPhase before we go to
> GenericLoweringPhase; instead that change lowering (which is really
> simplified lowering by now) should run together with generic lowering.
>
> R=jarin@chromium.org
>
> Committed: https://crrev.com/0835ed9caf44427755065eb45f9187678ec9844c
> Cr-Commit-Position: refs/heads/master@{#34008}

TBR=jarin@chromium.org,bmeurer@google.com
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1698273002

Cr-Commit-Position: refs/heads/master@{#34019}
2016-02-16 08:25:38 +00:00
verwaest
77751e93a6 [runtime] Avoid prefix PrepareForDataProperty in TransitionToDataProperty
BUG=

Review URL: https://codereview.chromium.org/1700903002

Cr-Commit-Position: refs/heads/master@{#34018}
2016-02-16 08:21:36 +00:00
rmcilroy
84a225d1e4 [Turbofan] Save and restore lr in OutOfLineRecordWrite when frame is elided.
Fixes a bug in Ignition on Arm64 where lr gets trashed in StaContextSlot
which causes the stack walker to get confused and crash.

BUG=v8:4680
LOG=N

Review URL: https://codereview.chromium.org/1694263002

Cr-Commit-Position: refs/heads/master@{#34016}
2016-02-16 07:49:16 +00:00
bmeurer
242404923d [crankshaft] Remove the global arguments object from the HGraph.
This was actually only necessary for dealing with %_Arguments and
%_ArgumentsLength in Crankshaft, which have been removed recently,
so there's no need to keep this piece of awesomeness around any
longer.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1695193003

Cr-Commit-Position: refs/heads/master@{#34015}
2016-02-16 07:30:41 +00:00
danno
fd8fd05cc5 [turbofan] Add an operator to access the parent frame pointer
This functionality is useful for stubs that need to walk the stack. The new
machine operator, LoadParentFramePointer dosn't force the currently compiling
method to have a frame in contrast to LoadFramePointer. Instead, it adapts
accordingly when frame elision is possible, making efficient stack walks
possible without incurring a performance penalty for small stubs that can
benefit from frame elision.

R=bmeurer@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1695313002

Cr-Commit-Position: refs/heads/master@{#34014}
2016-02-16 07:29:16 +00:00
verwaest
d99cbb7a74 [runtime] Turn MigrateFastTo* into static helpers
BUG=

Review URL: https://codereview.chromium.org/1697283002

Cr-Commit-Position: refs/heads/master@{#34013}
2016-02-16 05:57:26 +00:00
zhengxing.li
b8162581bd X87: [compiler] Sanitize entry points to LookupSlot access.
port 4ff159bd28be36a39a1f8416cdf8fccafd3c2f95(r33880)

  original commit message:
  Add dedicated %LoadLookupSlot, %LoadLookupSlotInsideTypeof,
  %LoadLookupSlotForCall, %StoreLookupSlot_Sloppy and
  %StoreLookupSlot_Strict runtime entry points and use them
  appropriately in the various compilers. This way we can
  finally drop the machine operators from the JS graph level
  completely in TurboFan.

  Also drop the funky JSLoadDynamic operator from TurboFan,
  which was by now just a small wrapper around the runtime
  call to %LoadLookupSlot.

BUG=

Review URL: https://codereview.chromium.org/1694343002

Cr-Commit-Position: refs/heads/master@{#34012}
2016-02-16 05:06:59 +00:00
zhengxing.li
8c3a00ad43 X87: [Interpreter] Make InterpreterAssembler a subclass of CodeStubAssembler.
port d1c28849c77892ec74e58891aba44d5bfda8c0ba(r33873)

  original commit message:
  Moves InterpreterAssembler out of the compiler directory and into the
  interpreter directory. Makes InterpreterAssembler as subclass of
  CodeStubAssembler.

  As part of this change, the special bytecode dispatch linkage type
  is removed and instead we use a InterfaceDispatchDescriptor and
  a normal CodeStub linkage type.

  Removes a bunch of duplicated logic in InterpreterAssembler and
  instead uses the CodeStubAssembler logic. Refactors Interpreter
  with these changes.

  Modifies CodeStubAssembler to add the extra operations required
  by the Interpreter (extra call types, raw memory access and some extra
  binary ops). Also adds the ability for subclasses to add extra
  prologue and epilogue operations around calls, which is required
  for the Interpreter.

BUG=

Review URL: https://codereview.chromium.org/1696263002

Cr-Commit-Position: refs/heads/master@{#34011}
2016-02-16 04:52:12 +00:00
bradnelson
a26d0ac676 Add command line flags to dump asm.js -> wasm conversion data.
BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=manual
R=titzer@chromium.org,aseemgarg@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1697723002

Cr-Commit-Position: refs/heads/master@{#34009}
2016-02-16 03:03:22 +00:00
bmeurer
0835ed9caf [turbofan] Combine GenericLoweringPhase and ChangeLoweringPhase.
There's no need to use a dedicated ChangeLoweringPhase before we go to
GenericLoweringPhase; instead that change lowering (which is really
simplified lowering by now) should run together with generic lowering.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1697133002

Cr-Commit-Position: refs/heads/master@{#34008}
2016-02-15 19:16:50 +00:00
verwaest
8a286ecee2 [runtime] Optimize MigrateFastToFast for the transition case
This avoids quite expensive computation further downstream.

Review URL: https://codereview.chromium.org/1697173002

Cr-Commit-Position: refs/heads/master@{#34007}
2016-02-15 19:03:08 +00:00
mbrandy
5ca122a120 PPC: Support immediate indices for StoreWriteBarrier.
Port 4eff883bce
     c72b49bddc

Original commit message:
    Ideally we would not need the StoreWriteBarrier instructions at all,
    but represent the RecordWrite functionality as machine subgraph, but
    that'll take some time to get there. In the mean time we can have a
    shorter instruction sequence by recognizing immediate indices here.

R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1695333002

Cr-Commit-Position: refs/heads/master@{#34006}
2016-02-15 19:01:02 +00:00
mbrandy
ea08453c7f PPC: [runtime] Turn ArgumentAccessStub into FastNewSloppyArgumentsStub.
Port e0129d0f87

Original commit message:
    Turn the fast case of ArgumentsAccessStub into a new stub
    FastNewSloppyArgumentsStub, which is similar to the existing
    FastNewStrictArgumentsStub, although not polished yet, and the slow
    case always went to the runtime anyway, so we can just directly emit
    a runtime call there.

R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1699923002

Cr-Commit-Position: refs/heads/master@{#34005}
2016-02-15 19:00:12 +00:00
mbrandy
dd23044a60 PPC: [crankshaft] Fix Math.min(0, 0)
Port 0d59772b2b

Original commit message:
    for the special case where the same register is used as both left and
    right input.

R=jkummerow@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1698903002

Cr-Commit-Position: refs/heads/master@{#34004}
2016-02-15 18:58:47 +00:00
balazs.kilvady
3b980234c8 MIPS64: Fix '[runtime] Introduce FastNewStrictArgumentsStub to optimize strict arguments.'
Port 09d8453547

Original commit message:
The FastNewStrictArgumentsStub is very similar to the recently added
FastNewRestParameterStub, it's actually almost a copy of it, except that
it doesn't have the fast case we have for the empty rest parameter. This
patch improves strict arguments in TurboFan and fullcodegen by up to 10x
compared to the previous version.

Also introduce proper JSSloppyArgumentsObject and JSStrictArgumentsObject
for the in-object properties instead of having them as constants in the
Heap class.

Drive-by-fix: Use this stub and the FastNewRestParameterStub in the
interpreter to avoid the runtime call overhead for strict arguments
and rest parameter creation.

BUG=

Review URL: https://codereview.chromium.org/1698173002

Cr-Commit-Position: refs/heads/master@{#34003}
2016-02-15 17:30:59 +00:00
cbruni
8eb09facb5 [counters] adding more counters and trace-events
V8 tracks already most useful information, but lacks proper tracing scopes
that make it possible to distinguish certain events from each other.
- add trace-scope to track lazy-parsing due to optimization
- add trace-scope to track code optimization

BUG=

Review URL: https://codereview.chromium.org/1661883003

Cr-Commit-Position: refs/heads/master@{#34002}
2016-02-15 17:29:32 +00:00
bmeurer
86d1b7e83d [turbofan] Robustify the GraphTrimmer.
The GraphTrimmer should not ever see a dead node, except for the roots
that are explicitly fed into it. To defend against this, turn the
condition into a DCHECK.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1698883003

Cr-Commit-Position: refs/heads/master@{#34001}
2016-02-15 17:28:46 +00:00
bmeurer
73eae4c26a [turbofan] Make pipeline.h independent of compiler.h.
Eventually compiler.h might need to depend on the Pipeline to manage its
life cycle for concurrent recompilation, so we should not have the
cyclic include dependency here.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1698113002

Cr-Commit-Position: refs/heads/master@{#34000}
2016-02-15 17:27:21 +00:00
titzer
3a0377a48d [wasm] Clean up handling of function names.
R=ahaas@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1698133002

Cr-Commit-Position: refs/heads/master@{#33999}
2016-02-15 16:00:19 +00:00
jkummerow
5aa2cb3bcc [crankshaft] Replace stub cache harvesting with a bit of type propagation
Harvesting maps from the stub cache for megamorphic ICs is both slow
(linear in the size of the stub cache) and imprecise (as it finds all
maps that have a cached handler for the given property name).
In the canonical megamorphic situation, this type feedback is useless
anyway. The interesting case is when we can filter it down to a single
map; however in these cases it is often possible to derive this map
just by looking at the HGraph, which is both faster and more reliable.

Review URL: https://codereview.chromium.org/1669213003

Cr-Commit-Position: refs/heads/master@{#33998}
2016-02-15 15:22:00 +00:00
jkummerow
0d59772b2b [crankshaft][arm][mips][mips64] Fix Math.min(0, 0)
for the special case where the same register is used as both left and
right input.

Review URL: https://codereview.chromium.org/1695283002

Cr-Commit-Position: refs/heads/master@{#33996}
2016-02-15 14:43:02 +00:00
verwaest
4c41d007d9 [runtime] Add fast path to update LookupIterator in simple cases
By not calling ReloadPropertyInformation, we avoid expensive descriptor array lookup.

BUG=

Review URL: https://codereview.chromium.org/1697153002

Cr-Commit-Position: refs/heads/master@{#33995}
2016-02-15 14:14:25 +00:00
jacob.bramley
c72b49bddc [arm] Allow immediate-index write barriers.
This is effectively a port of 4eff883b (r27731).

BUG=

Review URL: https://codereview.chromium.org/1692253002

Cr-Commit-Position: refs/heads/master@{#33994}
2016-02-15 13:46:30 +00:00
titzer
e2f3003f2c [turbofan] Enforce that C calls do not use floating point params.
Passing floating point params to/from C has never quite worked correctly,
but we've never enforced the restriction early in the CallDescriptor
creation process because of unittests. Fix unittests to make their own
simple call descriptors and not rely on the C ones.

R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1701593003

Cr-Commit-Position: refs/heads/master@{#33993}
2016-02-15 13:25:23 +00:00
bmeurer
1d9e9c830b [turbofan] Assign better types to various String builtins.
Properly type String.prototype.concat, String.prototype.charCodeAt,
and String.prototype.toLowerCase/toUpperCase in TurboFan. Also assign
better type to %_StringCharFromCode.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1701673002

Cr-Commit-Position: refs/heads/master@{#33991}
2016-02-15 11:57:28 +00:00
titzer
232b97dd10 [test] Clean up a couple TODOs.
R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1698063002

Cr-Commit-Position: refs/heads/master@{#33990}
2016-02-15 11:18:43 +00:00
martyn.capewell
357e014329 Reland of [turbofan] ARM: Improve AND instruction selection
Improve instruction selector for mask and shift operations by using cheaper
instructions where possible, in preference to UBFX.

Reverted because it was suspected of causing a couple of flaky tests to fail,
but investigation suggests this is unlikely.

Original review: https://codereview.chromium.org/1677023002

BUG=

Review URL: https://codereview.chromium.org/1684073006

Cr-Commit-Position: refs/heads/master@{#33988}
2016-02-15 11:10:12 +00:00
bmeurer
e0129d0f87 [runtime] Turn ArgumentAccessStub into FastNewSloppyArgumentsStub.
Turn the fast case of ArgumentsAccessStub into a new stub
FastNewSloppyArgumentsStub, which is similar to the existing
FastNewStrictArgumentsStub, although not polished yet, and the slow
case always went to the runtime anyway, so we can just directly emit
a runtime call there.

R=mstarzinger@chromium.org

Committed: https://crrev.com/55b0b4f6d572531eec00ab6ebd8f6feb7c584e04
Cr-Commit-Position: refs/heads/master@{#33973}

Review URL: https://codereview.chromium.org/1695633003

Cr-Commit-Position: refs/heads/master@{#33986}
2016-02-15 10:39:41 +00:00
zhengxing.li
63a59fa341 X87: Preserve argument count for calls.
port 5de27c343bbf898ca87246caa1e83e533ec44561(r33865)

  original commit message:
  Calls use registers for target, new_target and argument count.
  We don't always respect argument count. It didn't bite us in the past
  because the code paths where we clobbered it never used it, though
  in future it could be an issue.

BUG=

Review URL: https://codereview.chromium.org/1698823002

Cr-Commit-Position: refs/heads/master@{#33984}
2016-02-15 09:46:22 +00:00
yangguo
125ac66bf6 [debugger] fix debug command processor wrt restart frame.
R=jkummerow@chromium.org
BUG=v8:4757
LOG=N

Review URL: https://codereview.chromium.org/1700693002

Cr-Commit-Position: refs/heads/master@{#33983}
2016-02-15 09:37:21 +00:00
titzer
14296d642f [crankshaft] TODO bankruptcy.
R=verwaest@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1694643004

Cr-Commit-Position: refs/heads/master@{#33982}
2016-02-15 09:26:09 +00:00
titzer
bc1d408535 [turbofan] Delete empty ir-operations.txt file.
R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1695083002

Cr-Commit-Position: refs/heads/master@{#33980}
2016-02-15 09:20:31 +00:00
titzer
4bce03b69c [wasm] Clean up some DCHECKS in asm->wasm.
R=ahaas@chromium.org,aseemgarg@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1699793002

Cr-Commit-Position: refs/heads/master@{#33979}
2016-02-15 09:08:50 +00:00
titzer
5c5c6e38e2 [wasm] Add support for a start function.
Add a section identifier for declaring a start function as an index into
the function table. (This could also be done as a decl flag on the
function, but don't feel strongly here, since we probably want to redo
this when adding an import/export section.)

The start function must accept no parameters. Its return value is
currently ignored.

R=binji@chromium.org,bradnelson@chromium.org
BUG=chromium:575167
LOG=Y

Review URL: https://codereview.chromium.org/1692173002

Cr-Commit-Position: refs/heads/master@{#33978}
2016-02-15 08:59:16 +00:00
oth
e768bcca24 [interpreter] Support for ES6 super keyword.
Adds support for ES6 super keyword and performing loads, stores, and
calls to super class members.

Implements SetHomeObject and enables ThisFunctionVariable.

BUG=v8:4280,v8:4682
LOG=N

Review URL: https://codereview.chromium.org/1689573004

Cr-Commit-Position: refs/heads/master@{#33977}
2016-02-15 08:19:07 +00:00
machenbach
f0561ac5d9 Revert of [runtime] Turn ArgumentAccessStub into FastNewSloppyArgumentsStub. (patchset #2 id:20001 of https://codereview.chromium.org/1695633003/ )
Reason for revert:
[Sheriff] Breaks ASAN with mipsel compile:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20ASAN%20mipsel%20-%20debug%20builder/builds/4558/

Original issue's description:
> [runtime] Turn ArgumentAccessStub into FastNewSloppyArgumentsStub.
>
> Turn the fast case of ArgumentsAccessStub into a new stub
> FastNewSloppyArgumentsStub, which is similar to the existing
> FastNewStrictArgumentsStub, although not polished yet, and the slow
> case always went to the runtime anyway, so we can just directly emit
> a runtime call there.
>
> R=mstarzinger@chromium.org
>
> Committed: https://crrev.com/55b0b4f6d572531eec00ab6ebd8f6feb7c584e04
> Cr-Commit-Position: refs/heads/master@{#33973}

TBR=mstarzinger@chromium.org,jarin@chromium.org,bmeurer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1701653002

Cr-Commit-Position: refs/heads/master@{#33976}
2016-02-15 08:03:14 +00:00
jarin
5418896400 Make the frame inspector use TranslatedState rather than the full deoptimizer.
This is mostly preparation for allowing the function closure to be materialized.

As a drive-by fix, I have added ignition source position support to the frame inspector (this fixed some ignition test failures).

Review URL: https://codereview.chromium.org/1698743002

Cr-Commit-Position: refs/heads/master@{#33975}
2016-02-15 07:36:57 +00:00
bmeurer
359ba8e0df [turbofan] Remove the function reload hack for OSR.
Initially we were unable to address certain stack slots in the callee
part of the frame, including the function marker, therefore we had to
hack a reload of the function register into the OSR prologue. Now that
we are able to address all stack slots, we no longer need this hack.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1666073002

Cr-Commit-Position: refs/heads/master@{#33974}
2016-02-15 07:31:38 +00:00
bmeurer
55b0b4f6d5 [runtime] Turn ArgumentAccessStub into FastNewSloppyArgumentsStub.
Turn the fast case of ArgumentsAccessStub into a new stub
FastNewSloppyArgumentsStub, which is similar to the existing
FastNewStrictArgumentsStub, although not polished yet, and the slow
case always went to the runtime anyway, so we can just directly emit
a runtime call there.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1695633003

Cr-Commit-Position: refs/heads/master@{#33973}
2016-02-15 07:05:14 +00:00
bmeurer
052dc9e019 [turbofan] Lower object and array literals in JSCreateLowering.
This adds initial support for inline allocation of object and array
literals to the JSCreateLowering pass. It's basically identical to
what Crankshaft does.

This also unstages the TurboFan escape analysis, as the lowering seems
to trigger a bunch of bugs in it; those bugs will be fixed separately,
and we will re-enable escape analysis afterwards.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1698783002

Cr-Commit-Position: refs/heads/master@{#33972}
2016-02-15 06:43:10 +00:00
zhengxing.li
e59af013f7 X87: [runtime] Optimize and unify rest parameters.
port 3ef573e9f127345cd9d04d7f9f5e51bf169ae103(r33809)

  original commit message:
  Replace the somewhat awkward RestParamAccessStub, which would always
  call into the runtime anyway with a proper FastNewRestParameterStub,
  which is basically based on the code that was already there for strict
  arguments object materialization. But for rest parameters we could
  optimize even further (leading to 8-10x improvements for functions with
  rest parameters), by fixing the internal formal parameter count:

  Every SharedFunctionInfo has a formal_parameter_count field, which
  specifies the number of formal parameters, and is used to decide whether
  we need to create an arguments adaptor frame when calling a function
  (i.e. if there's a mismatch between the actual and expected parameters).
  Previously the formal_parameter_count included the rest parameter, which
  was sort of unfortunate, as that meant that calling a function with only
  the non-rest parameters still required an arguments adaptor (plus some
  other oddities). Now with this CL we fix, so that we do no longer
  include the rest parameter in that count. Thereby checking for rest
  parameters is very efficient, as we only need to check whether there is
  an arguments adaptor frame, and if not create an empty array, otherwise
  check whether the arguments adaptor frame has more parameters than
  specified by the formal_parameter_count.

  The FastNewRestParameterStub is written in a way that it can be directly
  used by Ignition as well, and with some tweaks to the TurboFan backends
  and the CodeStubAssembler, we should be able to rewrite it as
  TurboFanCodeStub in the near future.

  Drive-by-fix: Refactor and unify the CreateArgumentsType which was
  different in TurboFan and Ignition; now we have a single enum class
  which is used in both TurboFan and Ignition.

BUG=

Review URL: https://codereview.chromium.org/1696063002

Cr-Commit-Position: refs/heads/master@{#33971}
2016-02-15 06:40:48 +00:00
zhengxing.li
d72bd65499 X87: [heap] Move to page lookups for SemiSpace, NewSpace, and Heap containment methods.
port cfbd25617cfb8177bbb6377280e23ec356eb2373(r33857)

  original commit message:
  Preparing the young generation for (real) non-contiguous backing memory, this
  change removes object masks that are used to compute containment in semi and new
  space. The masks are replaced by lookups for object tags and page headers, where
  possible.

  Details:
  - Use the fast checks (page header lookups) for containment in regular code.
  - Use the slow version that masks out the page start adress and iterates all
    pages of a space for debugging/verification.
  - The slow version works for off-heap/unmapped memory.
  - Encapsulate all checks for the old->new barrier in Heap::RecordWrite().

BUG=

Review URL: https://codereview.chromium.org/1698803002

Cr-Commit-Position: refs/heads/master@{#33970}
2016-02-15 06:37:52 +00:00
zhengxing.li
7c37571c39 X87: [turbofan] Add TruncateFloat32ToUint32 operator to Turbofan.
port 2166bd8ce5 (r33797)

  original commit message:

BUG=

Review URL: https://codereview.chromium.org/1697953002

Cr-Commit-Position: refs/heads/master@{#33969}
2016-02-15 06:37:02 +00:00
zhengxing.li
d75ddc588e X87: [turbofan] Add RoundUint32ToFloat32 operator to Turbofan.
port 187b3f2845 (r33796)

  original commit message:

BUG=

Review URL: https://codereview.chromium.org/1700583002

Cr-Commit-Position: refs/heads/master@{#33967}
2016-02-15 01:30:38 +00:00
bmeurer
d0c503667e [turbofan] Specialize loads of the native context.
When we specialize to the native context, we can replace loads of the
NATIVE_CONTEXT_INDEX in any known context with the appropriate native
context for that context. This allows us to constant-fold and further
optimize things like %reflect_construct, which are inserted by the
parser.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1697513003

Cr-Commit-Position: refs/heads/master@{#33965}
2016-02-14 10:43:16 +00:00
bradnelson
f9ee14e519 Allow looser heap accesses historically emitted by Emscripten.
Older versions of Emscripten appear to emit Asm.js containing:
HEAP8[x] with x in int
As opposed to the spec legal construct:
HEAP8[x>>0] with x in int

As older programs and even benchmarks such as Embenchen
include these constructs, support them for compatibility.

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-asm-validator,mjsunit/asm-wasm
R=aseemgarg@chromium.org,titzer@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1692713006

Cr-Commit-Position: refs/heads/master@{#33964}
2016-02-13 06:21:35 +00:00
mbrandy
fb10f8fafd PPC: [runtime] Introduce FastNewStrictArgumentsStub to optimize strict arguments.
Port 09d8453547

Original commit message:
    The FastNewStrictArgumentsStub is very similar to the recently added
    FastNewRestParameterStub, it's actually almost a copy of it, except that
    it doesn't have the fast case we have for the empty rest parameter. This
    patch improves strict arguments in TurboFan and fullcodegen by up to 10x
    compared to the previous version.

    Also introduce proper JSSloppyArgumentsObject and JSStrictArgumentsObject
    for the in-object properties instead of having them as constants in the
    Heap class.

    Drive-by-fix: Use this stub and the FastNewRestParameterStub in the
    interpreter to avoid the runtime call overhead for strict arguments
    and rest parameter creation.

R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1696743002

Cr-Commit-Position: refs/heads/master@{#33963}
2016-02-12 23:13:45 +00:00
mbrandy
c8257c4c79 PPC: [Interpreter] Save and restore dispatch table pointer during calls.
Port a2935d63df

Original commmit message:
    Saves and restores the dispatch pointer during calls to enable the debugger to
    switch the dispatch table used by a function during it's execution.

    Also moves the accumulator and context nodes to be Variables so that they will
    be properly merged across branches.

R=rmcilroy@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:4280,v8:4690
LOG=N

Review URL: https://codereview.chromium.org/1688373002

Cr-Commit-Position: refs/heads/master@{#33962}
2016-02-12 23:12:53 +00:00
adamk
1003785ced Remove AssignmentExpressionFlags enum, handle error checking in callers
This is hopefully the last in a series of cleanup patches around
destructuring assignment. It simplifies the ParseAssignmentExpression
API, making the callers call CheckDestructuringElement() where appropriate.
CheckDestructuringElement has been further simplified to only emit the
errors that the parser depends on it emitting.

I've also beefed up the test coverage in test-parsing.cc to
handling all the destructuring flags being on, which caught an oddity
in how we disallow initializers in spreads in patterns (we need to treat
RewritableAssignmentExpressions as Assignments for the purpose of
error checking).

Finally, I added a few helper methods to ParserBase to handle a few
classes of expressions (assignments and literals-as-patterns).

Review URL: https://codereview.chromium.org/1696603002

Cr-Commit-Position: refs/heads/master@{#33961}
2016-02-12 22:38:46 +00:00
kozyatinskiy
4b54c07dd1 Ignore pause on debugger statement when breakpoints are disabled
This behavior was changed in https://codereview.chromium.org/1402913002.
It's pretty usefull to have ability to disable debugger statement for our users.

BUG=chromium:583515
LOG=N
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1690173002

Cr-Commit-Position: refs/heads/master@{#33960}
2016-02-12 20:55:36 +00:00
mattloring
f3cdf8a9f0 Allocation sampling for paged/large object spaces
This change expands allocation sampling to include old, map, code, and large object spaces. This involved refactoring much of the observation logic out of NewSpace into Space and overriding as needed in sub-classes.

Additionally, the sampling heap profiler now maintains a pair of heap observers. One observer is used for observing new space and resetting the inline allocation limit to be periodically notified of allocations. The other observes allocation across the other spaces where there is no additional work required to observe allocations.

Tests have been updated to ensure that allocations are observed correctly for Paged and LargeObject spaces.

R=ofrobots@google.com, hpayer@chromium.org, ulan@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1625753002

Cr-Commit-Position: refs/heads/master@{#33959}
2016-02-12 19:50:41 +00:00
titzer
92b9424ff3 [turbofan] Fix small redundancy in register allocator per TODO.
R=mtrofin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1690863006

Cr-Commit-Position: refs/heads/master@{#33957}
2016-02-12 18:17:45 +00:00
bradnelson
821c603e0c Adding support for asm.js foreign globals.
Since wasm has no direct notion of foreign globals,
pass the ffi object on to the AsmWasmBuilder
so that foreign globals can be extracted at module
instantiation time.

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=mjsunit/asm-wasm
R=titzer@chromium.org,aseemgarg@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1677373002

Cr-Commit-Position: refs/heads/master@{#33956}
2016-02-12 17:31:48 +00:00
titzer
54404c4731 Clean up some random TODO(titzer)s and spelling mistakes.
R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1698473003

Cr-Commit-Position: refs/heads/master@{#33955}
2016-02-12 17:30:20 +00:00
alph
14a1dec8d0 Unflake SampleWhenFrameIsNotSetup
Recent flake happened bacause all the samples landed into native code.
The patch makes sure we collect enough JS samples.

BUG=v8:4751
LOG=N

Review URL: https://codereview.chromium.org/1695663002

Cr-Commit-Position: refs/heads/master@{#33953}
2016-02-12 16:02:46 +00:00
oth
47c08f5f71 [interpreter] Add bytecodes for JumpIfNotHole with constant
Adds JumpIfNotHoleConstant and JumpIfNotHoleConstantWide bytecodes
and removes JumpIfHole bytecode.

In situations with large numbers of constants, the generator would
fail because an 8-bit constant could not be reserved for
JumpIfHole/JumpIfNotHole and so a 16-bit constant would be reserved.
Then when patching the bytecode the patcher would discover there was
no wide constant variant of the emitted jump.

BUG=v8:4280,v8:4680
LOG=N

Review URL: https://codereview.chromium.org/1697473002

Cr-Commit-Position: refs/heads/master@{#33952}
2016-02-12 15:24:43 +00:00
mbrandy
d00644a011 PPC: [es6] Further fixing of tail Calls.
Port e519e6fadf

Original commit message:
    1) Update profiling counters in Full codegen.
    2) Call Runtime::kTraceTailCall when tracing is on

    test/mjsunit/es6/tail-call-simple.js is disabled for now, because Turbofan does not fully support TCO yet.

R=ishell@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:4698
LOG=N

Review URL: https://codereview.chromium.org/1690953003

Cr-Commit-Position: refs/heads/master@{#33951}
2016-02-12 15:12:48 +00:00
verwaest
2649611109 [runtime] Speed up Object::ToObject with JSReceiver argument.
This avoids having to read the context and call through from the inlined
path in the JSReceiver case.

BUG=

Review URL: https://codereview.chromium.org/1698463002

Cr-Commit-Position: refs/heads/master@{#33949}
2016-02-12 14:15:04 +00:00
bmeurer
c67262d4ea [runtime] Remove obsolete %ObjectEquals runtime entry.
There are only two uses of %_ObjectEquals left, which should actually
use strict equality instead, so there's no need to keep this special
logic at all.

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/1692193002

Cr-Commit-Position: refs/heads/master@{#33948}
2016-02-12 14:07:59 +00:00
machenbach
5ad177b1a7 Revert of [turbofan] Ship turbofan try-catch. (patchset #1 id:1 of https://codereview.chromium.org/1694743003/ )
Reason for revert:
[Sheriff] Might break layout tests unintended.

Original issue's description:
> [turbofan]  Ship turbofan try-catch.
>
> Committed: https://crrev.com/5bb459ba4daa34e5ed2fca0dd146aa18f9b6b036
> Cr-Commit-Position: refs/heads/master@{#33938}

TBR=mstarzinger@chromium.org,bmeurer@chromium.org,jarin@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1688403003

Cr-Commit-Position: refs/heads/master@{#33947}
2016-02-12 14:07:09 +00:00
verwaest
eb6d46de9f [builtins] Remove superfluous fixed array allocation
Speeds up Object.keys by another ~10-20% :)

Review URL: https://codereview.chromium.org/1697533002

Cr-Commit-Position: refs/heads/master@{#33945}
2016-02-12 13:43:24 +00:00
bmeurer
98aec4a719 [runtime] Kill %Arguments and %ArgumentsLength.
This removes support for the %Arguments and %ArgumentsLength runtime
entries and their intrinsic counterparts. If you need variable arguments
in any builtin, either use (strict) arguments object or rest parameters,
which are both compositional across inlining (in TurboFan), and not that
much slower compared to the %_Arguments hackery.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1688163004

Cr-Commit-Position: refs/heads/master@{#33943}
2016-02-12 12:25:23 +00:00
ulan
ea39270193 Make all GCs from memory reducer incremental.
BUG=

Review URL: https://codereview.chromium.org/1693813002

Cr-Commit-Position: refs/heads/master@{#33940}
2016-02-12 11:40:04 +00:00
bmeurer
fd940f5c6b [builtins] Rewrite String.fromCharCode w/o %_Arguments.
This is the very last use of %_Arguments and %_ArgumentsLength,
and also the main blocker for not inlining builtins.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1681403006

Cr-Commit-Position: refs/heads/master@{#33939}
2016-02-12 11:23:40 +00:00
jarin
5bb459ba4d [turbofan] Ship turbofan try-catch.
Review URL: https://codereview.chromium.org/1694743003

Cr-Commit-Position: refs/heads/master@{#33938}
2016-02-12 11:22:53 +00:00
jarin
ab3b3bec86 [turbofan] Unwind and jump to the catch handler in the deoptimizer.
The idea here is to perform the handler lookup in the deoptimizer, and then take the information from the handler table to build the catch handler frame in the deoptimizer. Specifically, we use the pc offset, context location and stack height (in full-code) to tweak the output frame.

Sadly, this still requires nasty voodoo for the liveness analyzer so that it keeps variables alive if they are used in the catch handler.

Review URL: https://codereview.chromium.org/1416543006

Cr-Commit-Position: refs/heads/master@{#33936}
2016-02-12 10:15:32 +00:00
bmeurer
0e79d8c71f [builtins] Remove almost all remaining uses of %_Arguments and %_ArgumentsLength.
There's only one last user of %_Arguments and %_ArgumentsLength left,
the rest was updated to either strict mode arguments object or to not
use arguments at all.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1692003003

Cr-Commit-Position: refs/heads/master@{#33935}
2016-02-12 10:07:59 +00:00
epertoso
61a4c528b7 [turbofan] Fix a bug in the RawMachineAssembler
This was causing code like:

REX.W cmpq r9,r8
setzl r8l
movzxbl r8,r8
REX.W cmpq r8,0x0
jz 185

(note the cmpq instead of cmpl above) on x64 instead of:

REX.W cmpq r9,r8
jnz 149

http://crrev.com/1677503002 is now obsolete and has been reverted.

Review URL: https://codereview.chromium.org/1685183003

Cr-Commit-Position: refs/heads/master@{#33934}
2016-02-12 10:03:14 +00:00
mstarzinger
5bbcdfe680 Reland of [interpreter] Correctly thread through catch prediction. (patchset #1 id:1 of https://codereview.chromium.org/1695613002/ )
Reason for revert:
No fix needed, original CL was perfectly fine!

Original issue's description:
> Revert of [interpreter] Correctly thread through catch prediction. (patchset #1 id:1 of https://codereview.chromium.org/1690973002/ )
>
> Reason for revert:
> Depends on the reverted https://codereview.chromium.org/1691723002
>
> Original issue's description:
> > [interpreter] Correctly thread through catch prediction.
> >
> > This change correctly sets the {CatchPrediction} field in exception
> > handler tables for bytecode and optimized code. It also adds tests
> > independent of promise handling for this prediction, to ensure all our
> > backends are in sync on their prediction.
> >
> > R=rmcilroy@chromium.org,yangguo@chromium.org
> > TEST=mjsunit/compiler/debug-catch-prediction
> > BUG=v8:4674
> > LOG=n
> >
> > Committed: https://crrev.com/ba55f5594cb0b4a1a1e9b35d87fe54afe2d93f3b
> > Cr-Commit-Position: refs/heads/master@{#33906}
>
> TBR=rmcilroy@chromium.org,yangguo@chromium.org,mstarzinger@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:4674
>
> Committed: https://crrev.com/c5229b311968fd638a6cd537c341b1055eb7be97
> Cr-Commit-Position: refs/heads/master@{#33922}

TBR=rmcilroy@chromium.org,yangguo@chromium.org,adamk@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4674

Review URL: https://codereview.chromium.org/1689113004

Cr-Commit-Position: refs/heads/master@{#33933}
2016-02-12 09:52:23 +00:00
mstarzinger
a5941ae424 Reland of [interpreter] Make d8's TryCatch block be verbose. (patchset #1 id:1 of https://codereview.chromium.org/1694523003/ )
Reason for revert:
No fix needed, original CL was perfectly fine!

Original issue's description:
> Revert of [interpreter] Make d8's TryCatch block be verbose. (patchset #3 id:40001 of https://codereview.chromium.org/1691723002/ )
>
> Reason for revert:
> [Sheriff] Speculative revert. Breaks
> https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/3944
>
> Somehow 3a2fbc3a4e seems to hide it again and then 699e1081a6 lets it show up again.
>
> Reproduced locally.
>
> Original issue's description:
> > [interpreter] Make d8's TryCatch block be verbose.
> >
> > This changes "d8" to no longer report exceptions as being "caught" when
> > it comes to the catch prediction mechanism in our debugger. This treats
> > scripts as being truly top-level when it comes to exception handling and
> > will allow us to properly test the catch prediction mechanism using just
> > mjsunit tests alone.
> >
> > R=yangguo@chromium.org
> > BUG=v8:4674
> > LOG=n
> >
> > Committed: https://crrev.com/fb1de271a6bc2c89a1682db8c151cf5fcda86c45
> > Cr-Commit-Position: refs/heads/master@{#33898}
>
> TBR=yangguo@chromium.org,mstarzinger@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:4674
>
> Committed: https://crrev.com/f9eef1f33d2e5cde8cb948424e7ebf509090aa59
> Cr-Commit-Position: refs/heads/master@{#33921}

TBR=yangguo@chromium.org,machenbach@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4674

Review URL: https://codereview.chromium.org/1692133002

Cr-Commit-Position: refs/heads/master@{#33931}
2016-02-12 09:12:59 +00:00
yangguo
e1c645d1f4 [regexp] ship unicode regexps.
R=rossberg@chromium.org
BUG=v8:2952
LOG=N

Committed: https://crrev.com/3a2fbc3a4ed2802b52659df2209b930200d63b29
Cr-Commit-Position: refs/heads/master@{#33899}

Review URL: https://codereview.chromium.org/1689113002

Cr-Commit-Position: refs/heads/master@{#33927}
2016-02-12 06:45:09 +00:00
jarin
c0198937d8 Handlify DeoptimizedFrameInfo, remove custom GC iteration.
TBR=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1695433002

Cr-Commit-Position: refs/heads/master@{#33926}
2016-02-12 05:50:23 +00:00
bmeurer
09d8453547 [runtime] Introduce FastNewStrictArgumentsStub to optimize strict arguments.
The FastNewStrictArgumentsStub is very similar to the recently added
FastNewRestParameterStub, it's actually almost a copy of it, except that
it doesn't have the fast case we have for the empty rest parameter. This
patch improves strict arguments in TurboFan and fullcodegen by up to 10x
compared to the previous version.

Also introduce proper JSSloppyArgumentsObject and JSStrictArgumentsObject
for the in-object properties instead of having them as constants in the
Heap class.

Drive-by-fix: Use this stub and the FastNewRestParameterStub in the
interpreter to avoid the runtime call overhead for strict arguments
and rest parameter creation.

R=jarin@chromium.org
TBR=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1693513002

Cr-Commit-Position: refs/heads/master@{#33925}
2016-02-12 05:11:03 +00:00
bradnelson
413c266817 Only allow |0 and *1.0 for asm validator foreign variables.
Require that foreign variable imports have a correct type annotation,
_including_ checking the value of the multiplier is 0 or 1.0 as appropriate.

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-asm-validator
R=aseemgarg@chromium.org,titzer@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1691723004

Cr-Commit-Position: refs/heads/master@{#33923}
2016-02-12 01:50:44 +00:00
adamk
c5229b3119 Revert of [interpreter] Correctly thread through catch prediction. (patchset #1 id:1 of https://codereview.chromium.org/1690973002/ )
Reason for revert:
Depends on the reverted https://codereview.chromium.org/1691723002

Original issue's description:
> [interpreter] Correctly thread through catch prediction.
>
> This change correctly sets the {CatchPrediction} field in exception
> handler tables for bytecode and optimized code. It also adds tests
> independent of promise handling for this prediction, to ensure all our
> backends are in sync on their prediction.
>
> R=rmcilroy@chromium.org,yangguo@chromium.org
> TEST=mjsunit/compiler/debug-catch-prediction
> BUG=v8:4674
> LOG=n
>
> Committed: https://crrev.com/ba55f5594cb0b4a1a1e9b35d87fe54afe2d93f3b
> Cr-Commit-Position: refs/heads/master@{#33906}

TBR=rmcilroy@chromium.org,yangguo@chromium.org,mstarzinger@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4674

Review URL: https://codereview.chromium.org/1695613002

Cr-Commit-Position: refs/heads/master@{#33922}
2016-02-12 00:43:13 +00:00
machenbach
f9eef1f33d Revert of [interpreter] Make d8's TryCatch block be verbose. (patchset #3 id:40001 of https://codereview.chromium.org/1691723002/ )
Reason for revert:
[Sheriff] Speculative revert. Breaks
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/3944

Somehow 3a2fbc3a4e seems to hide it again and then 699e1081a6 lets it show up again.

Reproduced locally.

Original issue's description:
> [interpreter] Make d8's TryCatch block be verbose.
>
> This changes "d8" to no longer report exceptions as being "caught" when
> it comes to the catch prediction mechanism in our debugger. This treats
> scripts as being truly top-level when it comes to exception handling and
> will allow us to properly test the catch prediction mechanism using just
> mjsunit tests alone.
>
> R=yangguo@chromium.org
> BUG=v8:4674
> LOG=n
>
> Committed: https://crrev.com/fb1de271a6bc2c89a1682db8c151cf5fcda86c45
> Cr-Commit-Position: refs/heads/master@{#33898}

TBR=yangguo@chromium.org,mstarzinger@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4674

Review URL: https://codereview.chromium.org/1694523003

Cr-Commit-Position: refs/heads/master@{#33921}
2016-02-11 23:11:08 +00:00
Adam Klein
7332d10617 Fix SharedFunctionInfo::name flattening nosnap failures
The name must be flattened before allocating the SFI to avoid the GC
seeing the uninitialized state.

BUG=v8:4659
LOG=n
TBR=rossberg@chromium.org

Review URL: https://codereview.chromium.org/1688043005 .

Cr-Commit-Position: refs/heads/master@{#33920}
2016-02-11 19:55:09 +00:00
adamk
f539f5c88b Stage --harmony-function-name
BUG=v8:3699
LOG=y

Review URL: https://codereview.chromium.org/1674443004

Cr-Commit-Position: refs/heads/master@{#33919}
2016-02-11 19:13:12 +00:00
adamk
b8a4aeaee0 Remove kIsPossibleArrowFormals option from ParseAssignmentExpression
The path used by that option only comes into play when default parameters
are allowed but destructuring assignment is disallowed. Removing it
allows the removal of one implementation of ParseExpression, and makes
it clearer which code will be dead once all the destructuring flags
are removed.

Also made the |flags| param strongly typed instead of an int.

Review URL: https://codereview.chromium.org/1691653002

Cr-Commit-Position: refs/heads/master@{#33918}
2016-02-11 19:10:57 +00:00
verwaest
c2aa8f38b0 [runtime] Speed up allocating instances in the runtime by having a quick-check for inobject slack tracking.
This speeds up
https://github.com/kpdecker/six-speed/blob/master/tests/object-assign/object-assign.es5
by over 5%.

Review URL: https://codereview.chromium.org/1690923002

Cr-Commit-Position: refs/heads/master@{#33917}
2016-02-11 19:06:43 +00:00
verwaest
2646b62a5c [runtime/heap] Introduce CopyFixedArrayUpTo to match CopyFixedArrayAndGrow, copying to a smaller array.
This allows the helper to avoid write barriers while copying, speeding up Object.keys by 5-10%.

BUG=

Review URL: https://codereview.chromium.org/1690953002

Cr-Commit-Position: refs/heads/master@{#33916}
2016-02-11 18:59:19 +00:00
adamk
0b271defa5 Cleanup destructuring-related error reporting in ParserBase
Several minor cleanups to error handling in expression parsing:
  - Remove duplication of binding and assignment error reporting.
  - RecordBindingPatternError calls are changed to shorter BindingPatternUnexpectedToken
    calls where possible.
  - No-op error recording calls are removed.

Review URL: https://codereview.chromium.org/1688833004

Cr-Commit-Position: refs/heads/master@{#33915}
2016-02-11 18:57:12 +00:00
adamk
58a9bc5b53 Force SharedFunctionInfo::name() to be a flat string
This fact is depended upon by, at least, Parser::ParseLazy, and quite
likely by other code. There was already code in %FunctionSetName
enforcing this invariant. This patch adds similar code to
Factory::NewSharedFunctionInfo().

BUG=v8:4659
LOG=n

Review URL: https://codereview.chromium.org/1686193003

Cr-Commit-Position: refs/heads/master@{#33914}
2016-02-11 18:53:02 +00:00
balazs.kilvady
8eaf90b82c MIPS: Refine 'MIPS: Fix FPU min, max, mina, maxa in simulator.'
BUG=

Review URL: https://codereview.chromium.org/1691763002

Cr-Commit-Position: refs/heads/master@{#33913}
2016-02-11 18:23:44 +00:00
akos.palfi
b44bea94f9 MIPS: Fix '[runtime] Optimize and unify rest parameters.'
Fixes a register-clobbering problem. The Branch() instruction can overwrite the 'at' register, so it can't be used as scratch in Allocate(). Added DCHECK to avoid this in the future.

BUG=

Review URL: https://codereview.chromium.org/1687173006

Cr-Commit-Position: refs/heads/master@{#33912}
2016-02-11 17:42:29 +00:00
ishell
d12dbab466 [es6] More efficient way of marking AST call expressions in tail positions.
Instead of doing a full function body traversal we collect return expressions and mark them after function parsing.

And since we rewrite do-expressions so that the result is explicitly assigned to a result variable the statements marking will never hit so I removed it from the AST.

BUG=v8:4698
LOG=N

Review URL: https://codereview.chromium.org/1693523002

Cr-Commit-Position: refs/heads/master@{#33911}
2016-02-11 17:40:16 +00:00
ssanfilippo
2f0ac9a2cd Reland of [Interpreter] Rename GetCountOperand to GetRegisterCountOperand.
Apparently, this BytecodeArrayIterator method was missed during the
previous refactor. No other (collateral) change was done.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1691433002

Cr-Commit-Position: refs/heads/master@{#33909}
2016-02-11 16:43:00 +00:00
mlippautz
ffcff3a0f2 [heap] Cleanup MemoryChunk's declarations
- Remove unused methods that we should never actually use like SetArea() or
  set_size().
- Live bytes are now reported with --trace-live-bytes and not gc-verbose.

BUG=chromium:581076
LOG=N

Review URL: https://codereview.chromium.org/1686413002

Cr-Commit-Position: refs/heads/master@{#33908}
2016-02-11 16:39:21 +00:00
mstarzinger
2749ebba33 [interpreter] Deprecate DeleteLookupSlot bytecode.
This replaces the bytecode in question with a runtime call within the
bytecode stream. The tradeoff is to safe one bytecode opcode for more
expensive encoding of lookup slot deletion.

R=rmcilroy@chromium.org

Review URL: https://codereview.chromium.org/1690913002

Cr-Commit-Position: refs/heads/master@{#33907}
2016-02-11 16:16:51 +00:00
mstarzinger
ba55f5594c [interpreter] Correctly thread through catch prediction.
This change correctly sets the {CatchPrediction} field in exception
handler tables for bytecode and optimized code. It also adds tests
independent of promise handling for this prediction, to ensure all our
backends are in sync on their prediction.

R=rmcilroy@chromium.org,yangguo@chromium.org
TEST=mjsunit/compiler/debug-catch-prediction
BUG=v8:4674
LOG=n

Review URL: https://codereview.chromium.org/1690973002

Cr-Commit-Position: refs/heads/master@{#33906}
2016-02-11 16:14:42 +00:00
yangguo
9249890124 [interpreter, debugger] implement bytecode break location iterator.
R=rmcilroy@chromium.org, vogelheim@chromium.org
BUG=v8:4690
LOG=N

Review URL: https://codereview.chromium.org/1682853004

Cr-Commit-Position: refs/heads/master@{#33904}
2016-02-11 15:31:20 +00:00
machenbach
699e1081a6 Revert of [regexp] ship unicode regexps. (patchset #1 id:1 of https://codereview.chromium.org/1689113002/ )
Reason for revert:
[Sheriff] Speculative revert for gc stress failures:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20gc%20stress/builds/1726

Blamelists are screwed up currently...

Original issue's description:
> [regexp] ship unicode regexps.
>
> R=rossberg@chromium.org
> BUG=v8:2952
> LOG=N
>
> Committed: https://crrev.com/3a2fbc3a4ed2802b52659df2209b930200d63b29
> Cr-Commit-Position: refs/heads/master@{#33899}

TBR=rossberg@chromium.org,yangguo@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:2952

Review URL: https://codereview.chromium.org/1688803005

Cr-Commit-Position: refs/heads/master@{#33902}
2016-02-11 15:14:21 +00:00
cbruni
0949bce524 [counter] Properly measure own-time of runtime counters.
By keeping track of the stack of counters we can properly subtract the
subcounter times and properly measure the own-time spent in each runtime
function. This is useful to get more details for builtins like HandleApiCall
which are typical top-level entries for chome which previously prevent
measurements of sub-calls to builtins/runtime functions.

BUG=

Review URL: https://codereview.chromium.org/1681943002

Cr-Commit-Position: refs/heads/master@{#33901}
2016-02-11 14:49:27 +00:00
machenbach
4e95426ae6 Revert of [Interpreter] Rename GetCountOperand to GetRegisterCountOperand. (patchset #1 id:20001 of https://codereview.chromium.org/1691433002/ )
Reason for revert:
[Sheriff] Breaks the tree:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20builder/builds/13892

Blamelists are wrong because of overloaded master. The trybots on this CL might have been outdated by the time of commit... Please rebase and retry.

Original issue's description:
> [Interpreter] Rename GetCountOperand to GetRegisterCountOperand.
>
> Apparently, this BytecodeArrayIterator method was missed during the
> previous refactor. No other (collateral) change was done.
>
> BUG=v8:4280
> LOG=N
>
> Committed: https://crrev.com/3781ca79f5c48b55d7f0bf6df370ec11515a1466
> Cr-Commit-Position: refs/heads/master@{#33897}

TBR=oth@chromium.org,rmcilroy@chromium.org,mstarzinger@chromium.org,ssanfilippo@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4280

Review URL: https://codereview.chromium.org/1690963002

Cr-Commit-Position: refs/heads/master@{#33900}
2016-02-11 14:14:12 +00:00
yangguo
3a2fbc3a4e [regexp] ship unicode regexps.
R=rossberg@chromium.org
BUG=v8:2952
LOG=N

Review URL: https://codereview.chromium.org/1689113002

Cr-Commit-Position: refs/heads/master@{#33899}
2016-02-11 14:06:33 +00:00
mstarzinger
fb1de271a6 [interpreter] Make d8's TryCatch block be verbose.
This changes "d8" to no longer report exceptions as being "caught" when
it comes to the catch prediction mechanism in our debugger. This treats
scripts as being truly top-level when it comes to exception handling and
will allow us to properly test the catch prediction mechanism using just
mjsunit tests alone.

R=yangguo@chromium.org
BUG=v8:4674
LOG=n

Review URL: https://codereview.chromium.org/1691723002

Cr-Commit-Position: refs/heads/master@{#33898}
2016-02-11 14:05:24 +00:00
ssanfilippo
3781ca79f5 [Interpreter] Rename GetCountOperand to GetRegisterCountOperand.
Apparently, this BytecodeArrayIterator method was missed during the
previous refactor. No other (collateral) change was done.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1691433002

Cr-Commit-Position: refs/heads/master@{#33897}
2016-02-11 14:03:50 +00:00
yangguo
269840c496 [regexp] Fix RegExp.prototype.toString.
Initial fix was simply wrong.

R=verwaest@chromium.org
BUG=v8:4524
LOG=N

Review URL: https://codereview.chromium.org/1688163003

Cr-Commit-Position: refs/heads/master@{#33896}
2016-02-11 13:23:20 +00:00
verwaest
6b89c6941b [builtins] Add an initial fast-path to Object.assign.
In the case of a simple fast-mode receiver without fancy properties, we
can just walk over the descriptor array to find all its initial property
names. As long as the map stays the same, we can also use that
descriptor array to figure out how to handle the properties.

This speeds up
https://github.com/kpdecker/six-speed/tree/master/tests/object-assign by
~2x.

BUG=

Review URL: https://codereview.chromium.org/1688953004

Cr-Commit-Position: refs/heads/master@{#33895}
2016-02-11 13:17:49 +00:00
rmcilroy
a2935d63df [Interpreter] Save and restore dispatch table pointer during calls.
Saves and restores the dispatch pointer during calls to enable the debugger to
switch the dispatch table used by a function during it's execution.

Also moves the accumulator and context nodes to be Variables so that they will
be properly merged across branches.

BUG=v8:4280,v8:4690
LOG=N

Review URL: https://codereview.chromium.org/1684073002

Cr-Commit-Position: refs/heads/master@{#33894}
2016-02-11 13:11:07 +00:00
cbruni
e355542149 [counters] moving runtime counters to counter.h
Additionally list C++ builtins as well under --runtime_call_stats.
Let's try to keep all counters in one place, that makes it a bit
easier to maintain and especially discard unused ones.

BUG=

Committed: https://crrev.com/6bc71431995d49d4ca4a2ea9c75e5add5f345225
Cr-Commit-Position: refs/heads/master@{#33847}

Review URL: https://codereview.chromium.org/1678973002

Cr-Commit-Position: refs/heads/master@{#33893}
2016-02-11 12:30:30 +00:00
yangguo
42309697c1 [regexp] parse RegExpUnicodeEscapeSequence according to spec.
See http://tc39.github.io/ecma262/#prod-RegExpUnicodeEscapeSequence

R=erik.corry@gmail.com, erikcorry@chromium.org
BUG=v8:2952
LOG=N

Review URL: https://codereview.chromium.org/1681893002

Cr-Commit-Position: refs/heads/master@{#33892}
2016-02-11 12:29:29 +00:00