bmeurer [Mon, 31 Aug 2015 12:52:59 +0000 (05:52 -0700)]
[es6] Implement Date.prototype[@@toPrimitive] as C++ builtin.
This way we don't need to expose JSReceiver::OrdinaryToPrimitive
as runtime function, and we don't need the separate JS trampoline.
This also adds tests for ToPrimitive on date objects, which are
special.
R=mstarzinger@chromium.org
BUG=v8:4307
LOG=n
Review URL: https://codereview.chromium.org/
1324713002
Cr-Commit-Position: refs/heads/master@{#30473}
v8-autoroll [Mon, 31 Aug 2015 12:20:22 +0000 (05:20 -0700)]
Update V8 DEPS.
Rolling v8/tools/clang to
64370e74764d1fa9f50151d0e6025b0399370100
TBR=machenbach@chromium.org
Review URL: https://codereview.chromium.org/
1320293002
Cr-Commit-Position: refs/heads/master@{#30472}
cbruni [Mon, 31 Aug 2015 12:19:16 +0000 (05:19 -0700)]
Adding ElementsAccessor::Slice
- Move fast paths from builtins.cc ArraySlice to ElementsAccessor
- Handle more argument types in the fast path
BUG=
Review URL: https://codereview.chromium.org/
1321773002
Cr-Commit-Position: refs/heads/master@{#30471}
machenbach [Mon, 31 Aug 2015 11:59:09 +0000 (04:59 -0700)]
Revert of [simd.js] Disable SIMD polyfill. (patchset #2 id:20001 of https://codereview.chromium.org/
1305923005/ )
Reason for revert:
Breaks simdjs performance tests. See:
https://paste.googleplex.com/
5883927122149376
Original issue's description:
> [simd.js] Disable SIMD polyfill.
>
> Disable the polyfill in simd.js tests as the functions for Phase 1 have been implemented.
>
> BUG=v8:4124
> LOG=N
>
> R=bbudge@chromium.org, bmeurer@chromium.org, littledan@chromium.org
>
> Committed: https://crrev.com/
749ba3a13558cb018a2ec783e5dfb56d2f8528d8
> Cr-Commit-Position: refs/heads/master@{#30452}
TBR=littledan@chromium.org,bmeurer@chromium.org,bradnelson@chromium.org,bbudge@chromium.org,gdeepti@google.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4124
Review URL: https://codereview.chromium.org/
1308003003
Cr-Commit-Position: refs/heads/master@{#30470}
machenbach [Mon, 31 Aug 2015 11:52:17 +0000 (04:52 -0700)]
[test] Remove unused code.
BUG=
Review URL: https://codereview.chromium.org/
1313213007
Cr-Commit-Position: refs/heads/master@{#30469}
mstarzinger [Mon, 31 Aug 2015 11:37:35 +0000 (04:37 -0700)]
Drop ambiguous MaybeHandle comparison and hashing ops.
The default equality comparison operators and hashing functions for
Handles are ambiguous. The intended semantics might have either been
based on Handle locations or on object identity. This is why such
operators do not exist on Handle. The same argument applies to the
MaybeHandle class as well. Comments in that regard were also added.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
1319383002
Cr-Commit-Position: refs/heads/master@{#30468}
bmeurer [Mon, 31 Aug 2015 11:28:51 +0000 (04:28 -0700)]
[builtins] Pass correct number of arguments after adapting arguments.
The call protocol requires that the register dedicated to the number of
actual arguments (i.e. rax on x64) always contains the actual arguments.
That means after adapting arguments it should match the number of
expected arguments. But currently we pass some semi-random value
(usually some stack address) after adapting arguments.
It looks like this is currently not observable anywhere, because our
builtins and functions either don't look at the number of arguments and
just make hard coded (unchecked) assumptions, or are marked as "don't
adapt arguments", which bypasses the broken code in the trampoline for
arguments adaption. Nevertheless this should be fixed.
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/
1306423003
Cr-Commit-Position: refs/heads/master@{#30467}
machenbach [Mon, 31 Aug 2015 11:14:57 +0000 (04:14 -0700)]
[test] Skip slow test on no18n bot.
TBR=hablich@chromium.org
NOTRY=true
Review URL: https://codereview.chromium.org/
1321063004
Cr-Commit-Position: refs/heads/master@{#30466}
mtrofin [Mon, 31 Aug 2015 10:45:13 +0000 (03:45 -0700)]
[turbofan] Break dependency on RegisterAllocationData from Merge.
Found this while working on the unit tests for split/splinter/merge. The
dependency is unnecessary and hinders testability.
BUG=
Review URL: https://codereview.chromium.org/
1325453005
Cr-Commit-Position: refs/heads/master@{#30465}
mstarzinger [Mon, 31 Aug 2015 10:44:05 +0000 (03:44 -0700)]
Make unsafe Unique<T> constructor private.
The constructor taking an artificial raw address was only used as a
workaround in TurboFan. It should only be accessible by constructor
functions internal to Unique<T>.
R=titzer@chromium.org
Review URL: https://codereview.chromium.org/
1326493002
Cr-Commit-Position: refs/heads/master@{#30464}
hablich [Mon, 31 Aug 2015 10:23:26 +0000 (03:23 -0700)]
Revert of [heap] More flag cleanup. (patchset #8 id:140001 of https://codereview.chromium.org/
1314863003/ )
Reason for revert:
Breaks http://build.chromium.org/p/client.v8/builders/V8%20Arm%20-%20debug%20-%202/builds/2372
Original issue's description:
> [heap] GC flag cleanup/restructuring.
>
> * GC's flags are now proper flags and not int.
> * Callback flags are not threaded through but only set once like gc flags
> * Callers of methods that trigger GCs need to pass a reason when not using
> the default parameters.
>
> Furthermore, each GC invocation can be passed the GC and GCCallback flags. We
> usually override the currently set flags upon finishing a GC cylce, but are able
> to restore the previously set if desired. This is useful for explicitely
> triggered scavenges or external requests that interrupt the current behaviour.
>
> BUG=
>
> Committed: https://crrev.com/
f4f3b431b9ce0778d926acf03c0d36dae5c0cba4
> Cr-Commit-Position: refs/heads/master@{#30457}
TBR=hpayer@chromium.org,yangguo@chromium.org,mlippautz@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review URL: https://codereview.chromium.org/
1303393004
Cr-Commit-Position: refs/heads/master@{#30463}
machenbach [Mon, 31 Aug 2015 10:09:52 +0000 (03:09 -0700)]
Revert of Native context: install array methods via runtime import. (patchset #1 id:1 of https://codereview.chromium.org/
1324483002/ )
Reason for revert:
This breaks builds without i18n support. Bisected locally. See builder:
http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20noi18n%20-%20debug/builds/4285
http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20noi18n%20-%20debug/builds/4285/steps/Check/logs/Threading1
# Fatal error in .././src/objects-inl.h, line 1381
# Check failed: READ_FIELD(this, offset)->IsSmi().
Original issue's description:
> Native context: install array methods via runtime import.
>
> R=cbruni@chromium.org
>
> Committed: https://crrev.com/
08ee2132a818a0178038afa521ca06c297195cc9
> Cr-Commit-Position: refs/heads/master@{#30446}
TBR=cbruni@chromium.org,yangguo@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review URL: https://codereview.chromium.org/
1314193003
Cr-Commit-Position: refs/heads/master@{#30462}
mtrofin [Mon, 31 Aug 2015 09:57:33 +0000 (02:57 -0700)]
[turbofan] Factored out the test live range builder.
I plan to reuse this for live range splitting/splintering/merging tests.
BUG=
Review URL: https://codereview.chromium.org/
1305313008
Cr-Commit-Position: refs/heads/master@{#30461}
chunyang.dai [Mon, 31 Aug 2015 09:23:16 +0000 (02:23 -0700)]
X87: [runtime] Add %ToString and %_ToString and remove the TO_STRING builtin.
port
09de997b3504368d40644afa7310b90faff5d09c (r30442).
original commit message:
This adds a new ToString runtime function and a fast-path ToStringStub
(which is just a simple dispatcher for existing functionality), and also
implements %_ToName using the ToStringStub.
R=weiliang.lin@intel.com
BUG=
Review URL: https://codereview.chromium.org/
1326473002
Cr-Commit-Position: refs/heads/master@{#30460}
wingo [Mon, 31 Aug 2015 08:47:47 +0000 (01:47 -0700)]
Test that "yield" expressions are disallowed in arrow formal parameter initializers
R=adamk@chromium.org
LOG=N
BUG=v8:4397,v8:4394
Review URL: https://codereview.chromium.org/
1318253002
Cr-Commit-Position: refs/heads/master@{#30459}
mstarzinger [Mon, 31 Aug 2015 08:24:52 +0000 (01:24 -0700)]
[turbofan] Remove usage of Unique<T> from graph.
The usage of Unique<T> throughout the TurboFan IR does not have any
advantage. There is no single point in time when they are initialized
and most use-sites looked through to the underlying Handle<T> anyways.
Also there already was a mixture of Handle<T> versus Unique<T> in the
graph and this unifies the situation to use Handle<T> everywhere.
R=bmeurer@chromium.org,titzer@chromium.org
Review URL: https://codereview.chromium.org/
1314473007
Cr-Commit-Position: refs/heads/master@{#30458}
mlippautz [Mon, 31 Aug 2015 07:58:41 +0000 (00:58 -0700)]
[heap] GC flag cleanup/restructuring.
* GC's flags are now proper flags and not int.
* Callback flags are not threaded through but only set once like gc flags
* Callers of methods that trigger GCs need to pass a reason when not using
the default parameters.
Furthermore, each GC invocation can be passed the GC and GCCallback flags. We
usually override the currently set flags upon finishing a GC cylce, but are able
to restore the previously set if desired. This is useful for explicitely
triggered scavenges or external requests that interrupt the current behaviour.
BUG=
Review URL: https://codereview.chromium.org/
1314863003
Cr-Commit-Position: refs/heads/master@{#30457}
mtrofin [Mon, 31 Aug 2015 07:06:08 +0000 (00:06 -0700)]
[turbofan] Optimize Splinter by remembering where it left off.
Splintering relies on DetachAt, which in turn relies on
FirstSearchIntervalForPosition to find the first UseInterval
to split, given a position. The later API (Find...) has an
optimization for linear traversals. Splintering traverses
linearly (block by block), so we leverage the same
optimization by moving current_interval_ forward.
(Also added an unrelated TODO.)
BUG=chromium:524880
LOG=n
Review URL: https://codereview.chromium.org/
1322623007
Cr-Commit-Position: refs/heads/master@{#30456}
pcc [Fri, 28 Aug 2015 23:05:31 +0000 (16:05 -0700)]
Re-enable LLVM LTO for ARM.
v8 is optimized for speed. Because GCC LTO merges flags at link time,
we disable LTO to prevent any -O2 flags from taking precedence over v8's
-Os flag. However, LLVM LTO does not work this way so we keep LTO enabled
under LLVM.
This fixes the ARM build in the cfi_vptr==1 configuration, which requires
LLVM LTO.
R=adamk@chromium.org
BUG=chromium:469376
LOG=N
Review URL: https://codereview.chromium.org/
1295673002
Cr-Commit-Position: refs/heads/master@{#30455}
littledan [Fri, 28 Aug 2015 22:43:00 +0000 (15:43 -0700)]
Propagate switch statement value for 'eval'
This patch changes the switch scope desugaring to create blocks which
propagate their 'return value' for eval.
BUG=v8:4399
R=adamk
LOG=Y
Review URL: https://codereview.chromium.org/
1309303006
Cr-Commit-Position: refs/heads/master@{#30454}
littledan [Fri, 28 Aug 2015 18:49:48 +0000 (11:49 -0700)]
Ensure hole checks take place in switch statement scopes
Switch statements introduce their own scope for cases, but this scope
is not necessarily executed in order, as the following function shows:
switch (x) {
case 1:
let y = 1;
case 2:
y = 2;
case 3:
print(y);
}
If x = 2 or x = 3, the code should throw a ReferenceError. However,
FullCodeGen's hole check elimination used the simple algorithm of
assuming that if the initializer was in the same scope, then it was
reached before the use, and therefore the hole check could be
eliminated.
This patch adds an extra bit to scopes, to track if they may
nonlinearly. The parser marks the scope that switch introduces as
nonlinear. FullCodeGen does not eliminate the hole check from
a scope which is nonlinear. This patch refactors FullCodeGen to
put the hole check elimination in one place, rather than in each
backend.
BUG=v8:3926
LOG=Y
R=adamk
Review URL: https://codereview.chromium.org/
1312613003
Cr-Commit-Position: refs/heads/master@{#30453}
gdeepti [Fri, 28 Aug 2015 18:48:39 +0000 (11:48 -0700)]
[simd.js] Disable SIMD polyfill.
Disable the polyfill in simd.js tests as the functions for Phase 1 have been implemented.
BUG=v8:4124
LOG=N
R=bbudge@chromium.org, bmeurer@chromium.org, littledan@chromium.org
Review URL: https://codereview.chromium.org/
1305923005
Cr-Commit-Position: refs/heads/master@{#30452}
littledan [Fri, 28 Aug 2015 18:47:30 +0000 (11:47 -0700)]
Sloppy-mode let parsing
This patch makes 'let' a contextual keyword in both strict and sloppy mode.
It behaves as a keyword when used at the beginning of a StatementListItem
or lexical declaration at the beginning of a for statement, if it is followed
by an identifier, [ or {. Implementing this change requires an extra token
look-ahead by the parser which is only invoked in certain cases (so as to
avoid parsing RegExps as ECMAScript tokens). This might result in a slowdown
of the scanner, but performance testing of this patch hasn't yet found much
of a regression.
BUG=v8:3305
LOG=Y
R=adamk,vogelheim
Review URL: https://codereview.chromium.org/
1315673009
Cr-Commit-Position: refs/heads/master@{#30451}
rmcilroy [Fri, 28 Aug 2015 15:40:52 +0000 (08:40 -0700)]
[Interpreter] Add support for loading literals from the constant pool.
Adds support to the interpreter for loading literals from the constant pool.
Adds the LoadConstant bytecode and makes use of it for loading large Smis and
HeapObject literals.
Also removes unused HandleVector from utils.h.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/
1321663003
Cr-Commit-Position: refs/heads/master@{#30450}
mbrandy [Fri, 28 Aug 2015 15:34:07 +0000 (08:34 -0700)]
PPC: [runtime] Add %ToString and %_ToString and remove the TO_STRING builtin.
Port
09de997b3504368d40644afa7310b90faff5d09c
Original commit message:
This adds a new ToString runtime function and a fast-path ToStringStub
(which is just a simple dispatcher for existing functionality), and also
implements %_ToName using the ToStringStub.
R=bmeurer@chromium.org, jyan@ca.ibm.com, dstence@us.ibm.com, joransiu@ca.ibm.com
BUG=v8:4307
LOG=n
Review URL: https://codereview.chromium.org/
1310493004
Cr-Commit-Position: refs/heads/master@{#30449}
titzer [Fri, 28 Aug 2015 15:30:03 +0000 (08:30 -0700)]
Add test-run-native-calls tests for mixed parameters.
R=mstarzinger@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
1314973004
Cr-Commit-Position: refs/heads/master@{#30448}
mtrofin [Fri, 28 Aug 2015 15:07:35 +0000 (08:07 -0700)]
[turbofan] Splintering: special case deoptimizing blocks.
This avoids a whole range traversal each time we encounter a deferred
block (or a succession of them). The traversal (in the removed
IsIntervalAlreadyExcluded) is unnecessary - an interval with a hole
where deferred blocks are shouldn't be listed in the in/out sets of
those blocks in the first place.
It turns out the root cause (that appeared like we had to special
case ranges with holes, as the comment described) was deferred
blocks with a deoptimization call. That would place the live range
in the in_set of the block, but then splitting would fail because the start
and split position would be the same - this is because everywhere else,
the deferred block would have at least a second instruction, other
than the use - like a jump - ahead of which we'd perform the lower
part of the splintering. In the usual case, this choice of a position
avoids moves on the hot path (because any moves will be before the
jump, but still in the deferred block).
With deoptimization calls, that's not the case, there is just one
instruction, the deoptimization call. So we perform the second cut of
the splintering right after the block. Since there is no control flow from
the deoptimization block to any functional block - the control flow
goes to the exit block - the range connector won't insert moves on the
hot path - although we may want to see what happens for the exit
block, and maybe teach the range connector to ignore control flow
appearing to come from blocks with deoptimization calls.
Review URL: https://codereview.chromium.org/
1323473003
Cr-Commit-Position: refs/heads/master@{#30447}
yangguo [Fri, 28 Aug 2015 13:39:34 +0000 (06:39 -0700)]
Native context: install array methods via runtime import.
R=cbruni@chromium.org
Review URL: https://codereview.chromium.org/
1324483002
Cr-Commit-Position: refs/heads/master@{#30446}
titzer [Fri, 28 Aug 2015 13:17:07 +0000 (06:17 -0700)]
[turbofan] Use the SharedInfo only if we have it in the code generator.
R=bmeurer@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
1303953007
Cr-Commit-Position: refs/heads/master@{#30445}
mvstanton [Fri, 28 Aug 2015 13:13:11 +0000 (06:13 -0700)]
Reorder KeyedStoreIC MISS code to avoid unnecessary compilation.
We can set the property in the MISS handler before organizing our handlers
for element-based keyed stores. Since the property set may fail with an
exception, this saves work.
BUG=
Review URL: https://codereview.chromium.org/
1308073010
Cr-Commit-Position: refs/heads/master@{#30444}
mstarzinger [Fri, 28 Aug 2015 13:00:59 +0000 (06:00 -0700)]
[heap] Move IdentityMap data structure out of heap.
This data structure uses the public heap API only and is not specific
to any heap internals. It should be usable throughout V8 and inclusion
of the header file should not be restricted.
R=titzer@chromium.org
Review URL: https://codereview.chromium.org/
1320503004
Cr-Commit-Position: refs/heads/master@{#30443}
bmeurer [Fri, 28 Aug 2015 12:59:51 +0000 (05:59 -0700)]
[runtime] Add %ToString and %_ToString and remove the TO_STRING builtin.
This adds a new ToString runtime function and a fast-path ToStringStub
(which is just a simple dispatcher for existing functionality), and also
implements %_ToName using the ToStringStub.
R=mstarzinger@chromium.org, yangguo@chromium.org
BUG=v8:4307
LOG=n
Review URL: https://codereview.chromium.org/
1319973007
Cr-Commit-Position: refs/heads/master@{#30442}
titzer [Fri, 28 Aug 2015 12:46:12 +0000 (05:46 -0700)]
Improve handling of debug name in CompilationInfo.
R=mstarzinger@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
1320103002
Cr-Commit-Position: refs/heads/master@{#30441}
chunyang.dai [Fri, 28 Aug 2015 11:00:35 +0000 (04:00 -0700)]
X87: [Interpreter] Add support for parameter variables.
port
5d975694e4d3ecf66716cc5395d4d10c9730f9dd (r30403)
original commit message:
Adds support for parameters to the BytecodeArrayBuilder and BytecodeGenerator.
Parameters are accessed as negative interpreter registers.
R=weiliang.lin@intel.com
BUG=
Review URL: https://codereview.chromium.org/
1324453003
Cr-Commit-Position: refs/heads/master@{#30440}
titzer [Fri, 28 Aug 2015 10:46:42 +0000 (03:46 -0700)]
Use ShouldEnsureSpaceForLazyDeopt more.
R=mcilroy@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
1310283005
Cr-Commit-Position: refs/heads/master@{#30439}
yangguo [Fri, 28 Aug 2015 10:22:31 +0000 (03:22 -0700)]
Native context: do not put public symbols and flags on the js builtins object.
R=cbruni@chromium.org,mlippautz@chromium.org
Review URL: https://codereview.chromium.org/
1318043002
Cr-Commit-Position: refs/heads/master@{#30438}
Benedikt Meurer [Fri, 28 Aug 2015 10:22:00 +0000 (12:22 +0200)]
[test] Fix wrong mjsunit.status line.
TBR=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
1325453002 .
Cr-Commit-Position: refs/heads/master@{#30437}
Benedikt Meurer [Fri, 28 Aug 2015 10:20:29 +0000 (12:20 +0200)]
[test] Properly disable test that doesn't work in GC stress.
The magic "print(i)" work-around was no longer work-arounding correctly,
so we do the right thing instead now.
TBR=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
1306843004 .
Cr-Commit-Position: refs/heads/master@{#30436}
bmeurer [Fri, 28 Aug 2015 09:46:41 +0000 (02:46 -0700)]
[es6] Implement spec compliant ToName (actually ToPropertyKey).
This adds a %ToName runtime entry that uses the previously introduced
Object::ToName, which is based on the new Object::ToPrimitive method.
Also removes the need to expose ToName in various way via the builtins
and/or context.
Drive-by-fix: Let %HasProperty do the ToName conversion implicitly as
required.
BUG=v8:4307
LOG=n
Review URL: https://codereview.chromium.org/
1319133002
Cr-Commit-Position: refs/heads/master@{#30435}
bmeurer [Fri, 28 Aug 2015 09:21:23 +0000 (02:21 -0700)]
[es6] Implement spec compliant ToPrimitive in the runtime.
This is the first step towards a spec compliant ToPrimitive
implementation (and therefore spec compliant ToNumber, ToString,
ToName, and friends). It adds support for the @@toPrimitive
symbol that was introduced with ES2015, and also adds the new
Symbol.prototype[@@toPrimitive] and Date.prototype[@@toPrimitive]
initial properties.
There are now runtime functions for %ToPrimitive, %ToNumber and
%ToString, which do the right thing and should be used as fallbacks
instead of the hairy runtime.js implementations. I will do the
same for the other conversion operations mentioned by the spec in
follow up CLs. Once everything is in place we can look into
optimizing things further, so that we don't always call into the
runtime.
Also fixed Date.prototype.toJSON to be spec compliant.
R=mstarzinger@chromium.org, yangguo@chromium.org
BUG=v8:4307
LOG=y
Review URL: https://codereview.chromium.org/
1306303003
Cr-Commit-Position: refs/heads/master@{#30434}
titzer [Fri, 28 Aug 2015 09:02:09 +0000 (02:02 -0700)]
Reduce the number of entrypoints to the compiler pipeline by one. Always require caller to provide a CompilationInfo.
R=mstarzinger@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
1317113004
Cr-Commit-Position: refs/heads/master@{#30433}
mvstanton [Fri, 28 Aug 2015 09:01:22 +0000 (02:01 -0700)]
Vector ICs: Make the Oracle gather feedback for vector stores.
Also, polymorphic element stores have a slightly different shape for the array
attached to a vector slot. It's of the form [map, map, handler], where the 2nd
map is either a transition map or undefined (the maps are actually in
WeakCells).
Review URL: https://codereview.chromium.org/
1316953003
Cr-Commit-Position: refs/heads/master@{#30432}
wingo [Fri, 28 Aug 2015 08:44:17 +0000 (01:44 -0700)]
Disallow yield in default parameter initializers
R=adamk@chromium.org
LOG=N
BUG=v8:4397
Review URL: https://codereview.chromium.org/
1320673007
Cr-Commit-Position: refs/heads/master@{#30431}
mbrandy [Fri, 28 Aug 2015 06:34:55 +0000 (23:34 -0700)]
[turbofan] Fix unified stack slots for embedded constant pools.
Account for the constant pool pointer slot during register allocation
data initialization.
R=danno@chromium.org, titzer@chromium.org, bmeurer@chromium.org, mcilroy@chromium.org,
TEST=cctest/test-run-machops/RunSpillConstantsAndParameters
BUG=
Review URL: https://codereview.chromium.org/
1317123003
Cr-Commit-Position: refs/heads/master@{#30430}
gdeepti [Thu, 27 Aug 2015 20:33:30 +0000 (13:33 -0700)]
[simd.js] Add SIMD store functions for Phase 1.
Float32x4, Int32x4, Uint32x4:
store, store1, store2, store3
Int16x8, Int8x16, Uint16x8, Uint8x16:
store
BUG=v8:4124
LOG=N
R=bbudge@chromium.org, littledan@chromium.org, jarin@chromium.org
Review URL: https://codereview.chromium.org/
1304183004
Cr-Commit-Position: refs/heads/master@{#30429}
mlippautz [Thu, 27 Aug 2015 20:31:54 +0000 (13:31 -0700)]
[heap] Make compaction space accept external memory.
BUG=chromium:524425
LOG=N
Review URL: https://codereview.chromium.org/
1322523004
Cr-Commit-Position: refs/heads/master@{#30428}
titzer [Thu, 27 Aug 2015 20:31:25 +0000 (13:31 -0700)]
Remove CompilationInfo::MayUseThis() and replace it with what we really want to know: MustReplaceUndefinedReceiverWithGlobalProxy.
R=mstarzinger@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
1312713004
Cr-Commit-Position: refs/heads/master@{#30427}
kozyatinskiy [Thu, 27 Aug 2015 19:01:03 +0000 (12:01 -0700)]
[V8] Report JSON parser script to DevTools
If JSON contains SyntaxError then V8 will report exception and won't report compile error.
LOG=Y
BUG=chromium:515382
R=yangguo@chromium.org,yurys@chromium.org
Review URL: https://codereview.chromium.org/
1308123006
Cr-Commit-Position: refs/heads/master@{#30426}
mtrofin [Thu, 27 Aug 2015 18:28:21 +0000 (11:28 -0700)]
[turbofan] LiveRange splintering optimizations.
Related to
1318893002 - another source of regressions in
benchmarks sensitive to compile time is the splintering
logic. This change addresses some, but not all, of that. In
particular, there are still some places (figuring out if a
range has a hole right where a deferred set of blocks is)
that need another look.
BUG=chromium:
1318893002
LOG=n
Review URL: https://codereview.chromium.org/
1319843002
Cr-Commit-Position: refs/heads/master@{#30425}
mbrandy [Thu, 27 Aug 2015 17:12:42 +0000 (10:12 -0700)]
PPC: [Interpreter] Add support for parameter variables.
Port
5d975694e4d3ecf66716cc5395d4d10c9730f9dd
Original commit message:
Adds support for parameters to the BytecodeArrayBuilder and BytecodeGenerator.
Parameters are accessed as negative interpreter registers.
R=rmcilroy@chromium.org, jyan@ca.ibm.com, dstence@us.ibm.com, joransiu@ca.ibm.com
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/
1308373003
Cr-Commit-Position: refs/heads/master@{#30424}
hpayer [Thu, 27 Aug 2015 16:54:05 +0000 (09:54 -0700)]
Synchronize on concurrent slot buffer entries during migration.
BUG=chromium:524425
LOG=n
Review URL: https://codereview.chromium.org/
1314133004
Cr-Commit-Position: refs/heads/master@{#30423}
gdeepti [Thu, 27 Aug 2015 16:35:37 +0000 (09:35 -0700)]
[simd.js] Add SIMD load functions for Phase 1.
Float32x4, Int32x4, Uint32x4:
load, load1, load2, load3
Int16x8, Int8x16, Uint16x8, Uint8x16:
load
BUG=v8:4124
LOG=N
Review URL: https://codereview.chromium.org/
1302133002
Cr-Commit-Position: refs/heads/master@{#30422}
sergiyb [Thu, 27 Aug 2015 16:10:08 +0000 (09:10 -0700)]
Use committer list from chrome-infra-auth group project-v8-committers
R=machenbach@chromium.org
BUG=chromium:511311
LOG=N
Review URL: https://codereview.chromium.org/
1312953002
Cr-Commit-Position: refs/heads/master@{#30421}
mbrandy [Thu, 27 Aug 2015 15:54:33 +0000 (08:54 -0700)]
PPC: Fix "Correctify instanceof and make it optimizable."
R=jyan@ca.ibm.com, dstence@us.ibm.com, joransiu@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/
1318823006
Cr-Commit-Position: refs/heads/master@{#30420}
mbrandy [Thu, 27 Aug 2015 15:10:50 +0000 (08:10 -0700)]
PPC: Correctify instanceof and make it optimizable.
Port
5d875a57fa2e65c1a4a6b50aeb23c38299c3cfbc
Original commit message:
The previous hack with HInstanceOfKnownGlobal was not only slower,
but also very brittle and required a lot of weird hacks to support it. And
what's even more important it wasn't even correct (because a map check
on the lhs is never enough for instanceof).
The new implementation provides a sane runtime implementation
for InstanceOf plus a fast case in the InstanceOfStub, combined with
a proper specialization in the case of a known global in CrankShaft,
which does only the prototype chain walk (coupled with a code
dependency on the known global).
As a drive-by-fix: Also fix the incorrect Object.prototype.isPrototypeOf
implementation.
R=bmeurer@chromium.org, jyan@ca.ibm.com, dstence@us.ibm.com, joransiu@ca.ibm.com
BUG=v8:4376
LOG=n
Review URL: https://codereview.chromium.org/
1314263002
Cr-Commit-Position: refs/heads/master@{#30419}
mlippautz [Thu, 27 Aug 2015 14:56:05 +0000 (07:56 -0700)]
[heap] Get rid of dead code in HeapIterator.
BUG=
Review URL: https://codereview.chromium.org/
1319953003
Cr-Commit-Position: refs/heads/master@{#30418}
yangguo [Thu, 27 Aug 2015 14:45:10 +0000 (07:45 -0700)]
[turbofan] Remove obsolete BuildLoadBuiltinsObject.
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/
1305163008
Cr-Commit-Position: refs/heads/master@{#30417}
titzer [Thu, 27 Aug 2015 14:42:36 +0000 (07:42 -0700)]
[wasm] Move the (conditional) installation of the WASM api into bootstrapper.cc.
R=mstarzinger@chromium.org,yangguo@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
1319003002
Cr-Commit-Position: refs/heads/master@{#30416}
hpayer [Thu, 27 Aug 2015 14:30:44 +0000 (07:30 -0700)]
Clear SMI and non-evacuation candidate entries when filtering the slots buffer.
BUG=
Review URL: https://codereview.chromium.org/
1313383005
Cr-Commit-Position: refs/heads/master@{#30415}
mbrandy [Thu, 27 Aug 2015 14:23:21 +0000 (07:23 -0700)]
PPC: [interpreter]: Changes to interpreter builtins for accumulator and register file registers.
Port
00df60d1c6943a10fb5ca84fce2c017dcd2001f5
Original commit message:
Makes the following modifications to the interpreter builtins and
InterpreterAssembler:
- Adds an accumulator register and initializes it to undefined()
- Adds a register file pointer register and use it instead of FramePointer to
access registers
- Modifies builtin to support functions with 0 regiters in the register file
- Modifies builtin to Call rather than TailCall to first bytecode handler.
R=rmcilroy@chromium.org, jyan@ca.ibm.com, dstence@us.ibm.com, joransiu@ca.ibm.com
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/
1309113003
Cr-Commit-Position: refs/heads/master@{#30414}
mbrandy [Thu, 27 Aug 2015 14:01:50 +0000 (07:01 -0700)]
PPC: Make Simulator respect C stack limits as well.
Port
7fb31bdba4f2a0320507956a085f083d76bce48c
Original commit message:
The simulator uses a separate JS stack, exhaustion of the C stack
however is not caught by JS limit checks. This change now lowers the
limit of the JS stack accordingly on function calls.
R=mstarzinger@chromium.org, jyan@ca.ibm.com, dstence@us.ibm.com, joransiu@ca.ibm.com
BUG=chromium:522380
LOG=n
Review URL: https://codereview.chromium.org/
1309303005
Cr-Commit-Position: refs/heads/master@{#30413}
mstarzinger [Thu, 27 Aug 2015 13:57:38 +0000 (06:57 -0700)]
[heap] Remove raw unchecked root set accessors.
R=hpayer@chromium.org
BUG=v8:1490
LOG=n
Review URL: https://codereview.chromium.org/
1305163007
Cr-Commit-Position: refs/heads/master@{#30412}
hpayer [Thu, 27 Aug 2015 13:28:52 +0000 (06:28 -0700)]
Wait for concurrent unmapping tasks in GC prologue.
BUG=chromium:525372
LOG=n
Review URL: https://codereview.chromium.org/
1320893002
Cr-Commit-Position: refs/heads/master@{#30411}
cbruni [Thu, 27 Aug 2015 13:05:50 +0000 (06:05 -0700)]
Adding ElementsAccessor Splice
- remove the Backing-Store specific code from builtins.cc and put it in elements.cc.
- adding tests to improve coverage of the splice method
BUG=
Review URL: https://codereview.chromium.org/
1312033003
Cr-Commit-Position: refs/heads/master@{#30410}
mstarzinger [Thu, 27 Aug 2015 12:50:31 +0000 (05:50 -0700)]
Move runtime helper for ToName conversion onto Object.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
1306043003
Cr-Commit-Position: refs/heads/master@{#30409}
mstarzinger [Thu, 27 Aug 2015 12:30:03 +0000 (05:30 -0700)]
[heap] Limit friendship of the Heap class to essentials.
This makes it clear that only components within the "heap" directory
should be friends with the Heap class. The two notable exceptions are
Factory and Isolate which represent external interfaces into the heap.
R=mlippautz@chromium.org
Review URL: https://codereview.chromium.org/
1320843002
Cr-Commit-Position: refs/heads/master@{#30408}
mlippautz [Thu, 27 Aug 2015 12:16:00 +0000 (05:16 -0700)]
[heap] Add compaction space.
The CompactionSpace is temporarily used during compaction to hold migrated
objects. The payload is merged back into the corresponding space after
compaction.
Note the this is not the complete implementation and it is currently only used in a test.
BUG=chromium:524425
LOG=N
Review URL: https://codereview.chromium.org/
1314493007
Cr-Commit-Position: refs/heads/master@{#30407}
rmcilroy [Thu, 27 Aug 2015 12:13:23 +0000 (05:13 -0700)]
[interpreter] Fix gcmole error after r30404.
BUG=v8:4280
LOG=N
TBR=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/
1319943002
Cr-Commit-Position: refs/heads/master@{#30406}
yangguo [Thu, 27 Aug 2015 11:13:56 +0000 (04:13 -0700)]
Remove builtin/runtime name clash presubmit check.
It has become obsolete since we do the name lookup at compile time.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
1319893004
Cr-Commit-Position: refs/heads/master@{#30405}
rmcilroy [Thu, 27 Aug 2015 11:11:09 +0000 (04:11 -0700)]
[interpreter] Add constant_pool() to BytecodeArray.
Adds a (currently unused) constant_pool() field to BytecodeArray objects.
This field points to a FixedArray object which will be used to hold constants.
The BytecodeArray is now a mixed values object type, with the
kConstantPoolOffset object holding a tagged pointer, but the remainder of the
object holding raw bytes (which could look like tagged pointers but are not).
Modify the BytecodeArray GC visitors to deal with this and test that the
field is migrated properly when evacuated.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/
1314953004
Cr-Commit-Position: refs/heads/master@{#30404}
rmcilroy [Thu, 27 Aug 2015 10:32:26 +0000 (03:32 -0700)]
[Interpreter] Add support for parameter variables.
Adds support for parameters to the BytecodeArrayBuilder and BytecodeGenerator.
Parameters are accessed as negative interpreter registers.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/
1303403004
Cr-Commit-Position: refs/heads/master@{#30403}
yangguo [Thu, 27 Aug 2015 10:18:21 +0000 (03:18 -0700)]
Move (uppercase) JS builtins from js builtins object to native context.
R=bmeurer@chromium.org, mstarzinger@chromium.org, rmcilroy@chromium.org
Review URL: https://codereview.chromium.org/
1316943002
Cr-Commit-Position: refs/heads/master@{#30402}
mvstanton [Thu, 27 Aug 2015 08:52:06 +0000 (01:52 -0700)]
Vector ICs: Stop iterating the heap to clear keyed store ics.
When vector based stores are on, we don't need to do this anymore.
BUG=
Review URL: https://codereview.chromium.org/
1314433004
Cr-Commit-Position: refs/heads/master@{#30401}
mtrofin [Thu, 27 Aug 2015 04:44:33 +0000 (21:44 -0700)]
[turbofan] LiveRange splinter merging optimizations.
A few benchmarks, e.g. Massive/SQLite, turn out to be
sensitive to compile time. Upon analysis, splinter merging
and then splinter creation (splitting) appear to be the main
contributors to such regressions. This change tackles main
sources of regression in Merging. Profiling SQLite shows,
after this change, Merging as noise (down from main C++
contributor of samples)
BUG=chromium:
1318893002
LOG=n
Review URL: https://codereview.chromium.org/
1318893002
Cr-Commit-Position: refs/heads/master@{#30400}
mtrofin [Thu, 27 Aug 2015 04:41:21 +0000 (21:41 -0700)]
[turbofan] Ensure stackcheck flags do something.
While the intention is to eventually do away with
FLAG_turbo_loop_stackcheck and FLAG_turbo_preprocess_range,
they are useful for the interim we are still testing and
benchmarking the feature.
Review URL: https://codereview.chromium.org/
1314163003
Cr-Commit-Position: refs/heads/master@{#30399}
bradnelson [Wed, 26 Aug 2015 21:40:52 +0000 (14:40 -0700)]
Spliting out TyperCache into ZoneTypeCache to share with AsmTyper.
The zone type cache would be handy inside the asm.js typer.
Pulling it out into a seperate inlinable header to allow sharing.
BUG=https://code.google.com/p/v8/issues/detail?id=4203
TEST=None
R=andreas@chromium.org,titzer@chromium.org
LOG=N
Review URL: https://codereview.chromium.org/
1307093006
Cr-Commit-Position: refs/heads/master@{#30398}
mbrandy [Wed, 26 Aug 2015 21:33:10 +0000 (14:33 -0700)]
PPC: Fix InterpreterEntryTrampoline().
R=jyan@ca.ibm.com, dstence@us.ibm.com, joransiu@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/
1315173004
Cr-Commit-Position: refs/heads/master@{#30397}
mbrandy [Wed, 26 Aug 2015 21:29:23 +0000 (14:29 -0700)]
PPC: [turbofan] Unify referencing of stack slots
Port
cbbaf9ea6abbc0417ee5765a4c58f1dda939ead0
Note that the above commit breaks embedded constant pools and will need to
be revised in a future CL.
Original commit message:
Previously, it was not possible to specify StackSlotOperands for all
slots in both the caller and callee stacks. Specifically, the region
of the callee's stack including the saved return address, frame
pointer, function pointer and context pointer could not be addressed
by the register allocator/gap resolver.
In preparation for better tail call support, which will use the gap
resolver to reconcile outgoing parameters, this change makes it
possible to address all slots on the stack, because slots in the
previously inaccessible dead zone may become parameter slots for
outgoing tail calls. All caller stack slots are accessible as they
were before, with slot -1 corresponding to the last stack
parameter. Stack slot indices >= 0 access the callee stack, with slot
0 corresponding to the callee's saved return address, 1 corresponding
to the saved frame pointer, 2 corresponding to the current function
context, 3 corresponding to the frame marker/JSFunction, and slots 4
and above corresponding to spill slots.
The following changes were specifically needed:
* Frame has been changed to explicitly manage three areas of the
callee frame, the fixed header, the spill slot area, and the
callee-saved register area.
* Conversions from stack slot indices to fp offsets all now go through
a common bottleneck: OptimizedFrame::StackSlotOffsetRelativeToFp
* The generation of deoptimization translation tables has been changed
to support the new stack slot indexing scheme. Crankshaft, which
doesn't support the new slot numbering in its register allocator,
must adapt the indexes when creating translation tables.
* Callee-saved parameters are now kept below spill slots, not above,
to support saving only the optimal set of used registers, which is
only known after register allocation is finished and spill slots
have been allocated.
R=danno@chromium.org, titzer@chromium.org, jyan@ca.ibm.com, dstence@us.ibm.com, joransiu@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/
1321553002
Cr-Commit-Position: refs/heads/master@{#30396}
mbrandy [Wed, 26 Aug 2015 20:13:56 +0000 (13:13 -0700)]
PPC: Fix "[turbofan] Support unboxed float and double stack parameters."
R=titzer@chromium.org, jyan@ca.ibm.com, dstence@us.ibm.com, joransiu@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/
1315183002
Cr-Commit-Position: refs/heads/master@{#30395}
mbrandy [Wed, 26 Aug 2015 20:08:25 +0000 (13:08 -0700)]
PPC: Cleanup: Remove unncessary leave_frame parameter from stub cache.
Port
fe432e1ace48c345c659c0bcb6a84798bca0b15e
R=mvstanton@chromium.org, jyan@ca.ibm.com, dstence@us.ibm.com, joransiu@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/
1321483003
Cr-Commit-Position: refs/heads/master@{#30394}
mbrandy [Wed, 26 Aug 2015 19:57:02 +0000 (12:57 -0700)]
PPC: VectorICs: New interface descriptor for vector transitioning stores.
Port
cd35155918f8f1a081a208721a878deba00a252b
R=mvstanton@chromium.org, jyan@ca.ibm.com, dstence@us.ibm.com, joransiu@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/
1319763004
Cr-Commit-Position: refs/heads/master@{#30393}
mbrandy [Wed, 26 Aug 2015 19:50:31 +0000 (12:50 -0700)]
PPC: [simd.js] Single SIMD128_VALUE_TYPE for all Simd128Values.
Port
f4c079d450a5990639b295d40a3d1663d70412d6
Original commit message:
There's no need to have one InstanceType per SIMD primitive type (this
will not scale long-term). Also reduce the amount of code duplication
and make it more robust wrt adding new SIMD types.
R=bmeurer@chromium.org, jyan@ca.ibm.com, dstence@us.ibm.com, joransiu@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/
1312513004
Cr-Commit-Position: refs/heads/master@{#30392}
mbrandy [Wed, 26 Aug 2015 19:46:39 +0000 (12:46 -0700)]
PPC: Fix "Move regexp implementation into its own folder."
R=yangguo@chromium.org, jyan@ca.ibm.com, dstence@us.ibm.com, joransiu@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/
1319783002
Cr-Commit-Position: refs/heads/master@{#30391}
mbrandy [Wed, 26 Aug 2015 19:45:28 +0000 (12:45 -0700)]
PPC: [compiler] Remove broken support for undetectable strings.
Port
b62dbf1efdec68ae709b0e91d3b7c13171b720c9
Original commit message:
Support for undetectable strings was officially dropped in
https://codereview.chromium.org/
916753002, but the compilers
weren't fixed properly.
R=bmeurer@chromium.org, jyan@ca.ibm.com, dstence@us.ibm.com, joransiu@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/
1312473012
Cr-Commit-Position: refs/heads/master@{#30390}
mstarzinger [Wed, 26 Aug 2015 15:33:25 +0000 (08:33 -0700)]
Remove named load from builtin in default super call.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/
1314493006
Cr-Commit-Position: refs/heads/master@{#30389}
conradw [Wed, 26 Aug 2015 14:59:05 +0000 (07:59 -0700)]
[parser] disallow language mode directive in body of function with non-simple parameters
TC39 agreed to disallow "use strict" directives in function body when
non-simple parameter lists are used.
This is a continuation of caitp's CL https://codereview.chromium.org/
1281163002/
with some refactorings removed for now.
Still TODO: there is a lot of duplication between the is_simple field of
FormalParametersBase and the NonSimpleParameter property ExpressionClassifier
keeps track of. It should be possible to remove the former with a minor
refactoring of arrow function parsing. This will be attempted in a follow-up CL.
BUG=
LOG=N
Review URL: https://codereview.chromium.org/
1300103005
Cr-Commit-Position: refs/heads/master@{#30388}
mstarzinger [Wed, 26 Aug 2015 13:59:35 +0000 (06:59 -0700)]
Move runtime helper for JSArrayBuffer onto objects.
R=rossberg@chromium.org
Review URL: https://codereview.chromium.org/
1305383003
Cr-Commit-Position: refs/heads/master@{#30387}
conradw [Wed, 26 Aug 2015 13:39:31 +0000 (06:39 -0700)]
[es6] Make harmony_destructuring imply harmony_default_parameters
When encountering a "=" token in ParseAssignmentExpression, the default
parameter case is not locally distinguishable from the destructuring case.
BUG=
Review URL: https://codereview.chromium.org/
1317843002
Cr-Commit-Position: refs/heads/master@{#30386}
mstarzinger [Wed, 26 Aug 2015 13:18:46 +0000 (06:18 -0700)]
Move runtime helper for JSWeakCollection onto objects.
R=rossberg@chromium.org
Review URL: https://codereview.chromium.org/
1314053003
Cr-Commit-Position: refs/heads/master@{#30385}
mstarzinger [Wed, 26 Aug 2015 12:46:10 +0000 (05:46 -0700)]
Move runtime helper for JSSet and JSMap onto objects.
R=rossberg@chromium.org
Review URL: https://codereview.chromium.org/
1312413002
Cr-Commit-Position: refs/heads/master@{#30384}
hpayer [Wed, 26 Aug 2015 12:13:16 +0000 (05:13 -0700)]
Synchronize on concurrent store buffer entries.
BUG=chromium:524425
LOG=n
Review URL: https://codereview.chromium.org/
1313313002
Cr-Commit-Position: refs/heads/master@{#30383}
yangguo [Wed, 26 Aug 2015 12:03:56 +0000 (05:03 -0700)]
Install js intrinsic fallbacks for array functions on the native context.
R=cbruni@chromium.org
Review URL: https://codereview.chromium.org/
1309503003
Cr-Commit-Position: refs/heads/master@{#30382}
wingo [Wed, 26 Aug 2015 11:59:34 +0000 (04:59 -0700)]
In generators, "yield" cannot be an arrow formal parameter name
Thanks to André Bargull for the report.
BUG=v8:4212
LOG=N
R=rossberg@chromium.org
Review URL: https://codereview.chromium.org/
1309523005
Cr-Commit-Position: refs/heads/master@{#30381}
bmeurer [Wed, 26 Aug 2015 11:27:58 +0000 (04:27 -0700)]
[runtime] Remove the redundant %_IsObject intrinsic.
%_IsObject(foo) is equivalent to typeof foo === 'object' and has
exactly the same optimizations, so there's zero need for %_IsObject
in our code base.
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/
1313903003
Cr-Commit-Position: refs/heads/master@{#30380}
yangguo [Wed, 26 Aug 2015 11:16:38 +0000 (04:16 -0700)]
Call JS functions via native context instead of js builtins object.
We look up %-functions in the context if not found in the runtime.
R=bmeurer@chromium.org, mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/
1306993003
Cr-Commit-Position: refs/heads/master@{#30379}
mvstanton [Wed, 26 Aug 2015 10:47:49 +0000 (03:47 -0700)]
Vector ICs: Ensure KeyedAccessStore mode is encoded in all handlers.
For vector-based keyed store ics, we need to know the current
KeyedAccessStore mode on ic MISS, and to produce optimized code.
We can't store this mode, which can change on any MISS in the IC
without patching. Therefore, this CL makes sure that the information is
redundantly available in the handlers embedded in the IC. This way,
when --vector-stores is turned on, we'll be able to extract that
information from the vector which maintains a list of these handlers.
BUG=
Review URL: https://codereview.chromium.org/
1312693004
Cr-Commit-Position: refs/heads/master@{#30378}
mstarzinger [Wed, 26 Aug 2015 10:25:19 +0000 (03:25 -0700)]
[heap] User safer root set accessor when possible.
R=mlippautz@chromium.org
Review URL: https://codereview.chromium.org/
1312763006
Cr-Commit-Position: refs/heads/master@{#30377}
chunyang.dai [Wed, 26 Aug 2015 09:56:37 +0000 (02:56 -0700)]
X87: Correctify instanceof and make it optimizable.
port
5d875a57fa2e65c1a4a6b50aeb23c38299c3cfbc (r30342).
original commit message:
The previous hack with HInstanceOfKnownGlobal was not only slower,
but also very brittle and required a lot of weird hacks to support it. And
what's even more important it wasn't even correct (because a map check
on the lhs is never enough for instanceof).
The new implementation provides a sane runtime implementation
for InstanceOf plus a fast case in the InstanceOfStub, combined with
a proper specialization in the case of a known global in CrankShaft,
which does only the prototype chain walk (coupled with a code
dependency on the known global).
As a drive-by-fix: Also fix the incorrect Object.prototype.isPrototypeOf
implementation.
R=weiliang.lin@intel.com
BUG=
Review URL: https://codereview.chromium.org/
1318663003
Cr-Commit-Position: refs/heads/master@{#30376}
mstarzinger [Wed, 26 Aug 2015 09:52:59 +0000 (02:52 -0700)]
[turbofan] Fix broken dynamic TDZ check for let and const.
This fixes broken dynamic hole-checks for the temporal dead zone of
non-initializing assignments to {let} and {const} declared variables.
Also note that this exemplifies a case where the dynamic check for such
assignments to {let} declared variables can no longer be elided as the
comment suggested.
R=rossberg@chromium.org
TEST=mjsunit/regress/regress-4388
BUG=v8:4388
LOG=n
Review URL: https://codereview.chromium.org/
1318693002
Cr-Commit-Position: refs/heads/master@{#30375}
ishell [Wed, 26 Aug 2015 09:37:46 +0000 (02:37 -0700)]
Do not inline array resize operations for outdated prototype maps.
BUG=chromium:523213
LOG=N
Review URL: https://codereview.chromium.org/
1313303002
Cr-Commit-Position: refs/heads/master@{#30374}