platform/upstream/v8.git
9 years ago[runtime] Sanitize %NewClosure runtime entries.
bmeurer [Thu, 10 Sep 2015 08:35:55 +0000 (01:35 -0700)]
[runtime] Sanitize %NewClosure runtime entries.

There are now two runtime entries %NewClosure and %NewClosure_Tenured,
with the same signature (one parameter, the SharedFunctionInfo, and the
context of the caller).

Also remove the HFunctionLiteral special case instruction from Crankshaft,
as HCallWithDescriptor with FastNewClosureStub or HCallRuntime with
either %NewClosure or %NewClosure_Tenured can easily do that for you.

Also remove the redundant context parameter from the JSCreateClosure
operator, because every JS operator already takes a context input.

CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_nosnap_dbg

Review URL: https://codereview.chromium.org/1329293003

Cr-Commit-Position: refs/heads/master@{#30671}

9 years agoMIPS: Fix illegal use of at register
Djordje.Pesic [Thu, 10 Sep 2015 06:02:25 +0000 (23:02 -0700)]
MIPS: Fix illegal use of at register

Fix illegal use of at register when ldc1 and sdc1 are called. Added dchecks to prevent such a usage.

TEST=mjsunit/asm/float64array-negative-offset(r6), mjsunit/asm/float64array-outofbounds(r6)

Review URL: https://codereview.chromium.org/1323763002

Cr-Commit-Position: refs/heads/master@{#30670}

9 years agoX87: [calls] Consistent call protocol for calls.
chunyang.dai [Thu, 10 Sep 2015 05:42:39 +0000 (22:42 -0700)]
X87: [calls] Consistent call protocol for calls.

port b37907ff7f866873ddfbfc97670b43c19a5fc7f9 (r30648).

original commit message:

    The number of actual arguments should always be available, there's no
    point in trying to optimize away a simple assignment of an immediate to
    a register before some calls.

    The main motivation is to have a consistent state at the beginning of every
    function. Currently the arguments register (i.e. rax or eax) either contains
    the number of arguments or some random garbage depending on whether
    the callsite decided that the callee might need the information or not.
    This causes trouble with runtime implementations of functions that
    do not set internal_formal_parameter_count to the DontAdaptArguments
    sentinel (we don't have any of those yet), but also makes it impossible
    to sanity check the arguments in the callee, because the callee doesn't
    know whether the caller decided to pass the number of arguments or
    random garbage.

BUG=

Review URL: https://codereview.chromium.org/1335453002

Cr-Commit-Position: refs/heads/master@{#30669}

9 years agoX87: [builtins] Unify the various versions of [[Call]] with a Call builtin.
chunyang.dai [Thu, 10 Sep 2015 05:41:33 +0000 (22:41 -0700)]
X87: [builtins] Unify the various versions of [[Call]] with a Call builtin.

port ccbb4ff00f1d8f32fd9227cd7aba1723791e5744 (r30629)

original commit message:

    The new Call and CallFunction builtins supersede the current
    CallFunctionStub (and CallIC magic) and will be the single bottleneck
    for all calling, including the currently special Function.prototype.call
    and Function.prototype.apply builtins, which had handwritten (and
    not fully compliant) versions of CallFunctionStub, and also the
    CallIC(s), which where also slightly different.

    This also reduces the overhead for API function calls, which is still
    unnecessary high, but let's do that step-by-step.

    This also fixes a bunch of cases where the implicit ToObject for
    sloppy receivers was done in the wrong context (in the caller
    context instead of the callee context), which basically meant
    that we allowed cross context access to %ObjectPrototype%.

BUG=

Review URL: https://codereview.chromium.org/1332703002

Cr-Commit-Position: refs/heads/master@{#30668}

9 years agoX87: [runtime] Replace many buggy uses of %_CallFunction with %_Call.
chunyang.dai [Thu, 10 Sep 2015 05:40:25 +0000 (22:40 -0700)]
X87: [runtime] Replace many buggy uses of %_CallFunction with %_Call.

port db2ba190dba6983b94eae36e111b0feebb97587e (r30634).

original commit message:

    The semantics of the %_CallFunction intrinsic seem to be very unclear,
    which resulted in a lot of bugs. Especially the combination with
    %IsSloppyModeFunction is always a bug, because the receiver would be
    wrapped in the wrong context. So the %IsSloppyModeFunction helper is
    gone now, and many of the buggy uses of %_CallFunction are also
    eliminated.

    If you ever need to call something with a different receiver, then
    %_Call is your friend now. It does what you want and implements the
    call sequence fully (and correct).

Review URL: https://codereview.chromium.org/1336443002

Cr-Commit-Position: refs/heads/master@{#30667}

9 years agoPPC: Fix "Desugar %DefaultConstructorCallSuper partially in parser."
mbrandy [Wed, 9 Sep 2015 20:34:37 +0000 (13:34 -0700)]
PPC: Fix "Desugar %DefaultConstructorCallSuper partially in parser."

R=mstarzinger@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, dstence@us.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1303333009

Cr-Commit-Position: refs/heads/master@{#30666}

9 years ago[turbofan] relative_id of splinters and their children.
mtrofin [Wed, 9 Sep 2015 19:33:56 +0000 (12:33 -0700)]
[turbofan] relative_id of splinters and their children.

A LiveRange is identified by 2 integers: the vreg() of its TopLevel,
which is the virtual register (operand) ID; and a relative_id(), which has
no meaning in the program, but is valuable in debugging or tracing
scenarios.

This change ensures that relative_id is unique even in cases of splinter
ranges and their children.

Review URL: https://codereview.chromium.org/1318493005

Cr-Commit-Position: refs/heads/master@{#30665}

9 years agoDesugar %DefaultConstructorCallSuper partially in parser.
mstarzinger [Wed, 9 Sep 2015 17:45:43 +0000 (10:45 -0700)]
Desugar %DefaultConstructorCallSuper partially in parser.

This desugars the loading of the super constructor function using the
%GetPrototype runtime function in the parser. The produced code remains
the same while fewer parts need to be glued together.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1321343004

Cr-Commit-Position: refs/heads/master@{#30664}

9 years ago[runtime] Move AtomicIsLockFree out of Runtime class.
mstarzinger [Wed, 9 Sep 2015 17:13:20 +0000 (10:13 -0700)]
[runtime] Move AtomicIsLockFree out of Runtime class.

R=binji@chromium.org

Review URL: https://codereview.chromium.org/1327743004

Cr-Commit-Position: refs/heads/master@{#30663}

9 years agoPPC: [calls] Consistent call protocol for calls.
mbrandy [Wed, 9 Sep 2015 16:09:18 +0000 (09:09 -0700)]
PPC: [calls] Consistent call protocol for calls.

Port b37907ff7f866873ddfbfc97670b43c19a5fc7f9

Original commit message:
    The number of actual arguments should always be available, there's no
    point in trying to optimize away a simple assignment of an immediate to
    a register before some calls.

    The main motivation is to have a consistent state at the beginning of every
    function. Currently the arguments register (i.e. rax or eax) either contains
    the number of arguments or some random garbage depending on whether
    the callsite decided that the callee might need the information or not.
    This causes trouble with runtime implementations of functions that
    do not set internal_formal_parameter_count to the DontAdaptArguments
    sentinel (we don't have any of those yet), but also makes it impossible
    to sanity check the arguments in the callee, because the callee doesn't
    know whether the caller decided to pass the number of arguments or
    random garbage.

R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, dstence@us.ibm.com
BUG=v8:4413
LOG=n

Review URL: https://codereview.chromium.org/1314353007

Cr-Commit-Position: refs/heads/master@{#30662}

9 years agoPPC: On a call to Array(), we patched a call ic. This CL makes do with a single dispa...
mbrandy [Wed, 9 Sep 2015 15:58:52 +0000 (08:58 -0700)]
PPC: On a call to Array(), we patched a call ic. This CL makes do with a single dispatcher which inlines the special handling for the Array() call case, loading the allocation site found in the vector and calling the array constructor stub appropriately.

Port ba7b64139886ab7987406a92bf0e801b807c9fe4

R=mvstanton@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, dstence@us.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1322103005

Cr-Commit-Position: refs/heads/master@{#30661}

9 years ago[Interpreter] Add support for property store operations.
rmcilroy [Wed, 9 Sep 2015 15:46:04 +0000 (08:46 -0700)]
[Interpreter] Add support for property store operations.

Adds support for property store operations via Store/KeyedStore ICs. Adds the
following bytecodes:
 - StoreIC
 - KeyedStoreIC

The --vector_store flag is now required for --ignition.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1319833004

Cr-Commit-Position: refs/heads/master@{#30660}

9 years agoCrankshaft: consolidated element loads always deopted on seeing the hole
mvstanton [Wed, 9 Sep 2015 15:15:20 +0000 (08:15 -0700)]
Crankshaft: consolidated element loads always deopted on seeing the hole

Update the consolidated load case to carefully chose the load mode
based on the consolidated elements kind.

BUG=v8:4380
LOG=N

Review URL: https://codereview.chromium.org/1329793003

Cr-Commit-Position: refs/heads/master@{#30659}

9 years agoAIX: Fix 'may be used uninitialized' compiler errors
mbrandy [Wed, 9 Sep 2015 14:55:23 +0000 (07:55 -0700)]
AIX: Fix 'may be used uninitialized' compiler errors

Fix additional cases where the AIX compiler reports that a variable
may be used uninitialized.

R=danno@chromium.org, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1323313003

Cr-Commit-Position: refs/heads/master@{#30658}

9 years agoPPC: Reland Vector ICs: platform support for vector-based stores.
mbrandy [Wed, 9 Sep 2015 14:42:50 +0000 (07:42 -0700)]
PPC: Reland Vector ICs: platform support for vector-based stores.

Port 40fbed0609ddb3e4ee4338049383004b62d13853

Original commit message:
    The last changes for vector store functionality, they are in 3 areas:

    1) The new vector [keyed] store code stubs - implementation.
    2) IC and handler compiler adjustments
    3) Odds and ends. A change in ast.cc, a test update, a small Oracle fix.

R=mvstanton@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, dstence@us.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1330883002

Cr-Commit-Position: refs/heads/master@{#30657}

9 years agoPPC: [builtins] Unify the various versions of [[Call]] with a Call builtin.
mbrandy [Wed, 9 Sep 2015 14:39:51 +0000 (07:39 -0700)]
PPC: [builtins] Unify the various versions of [[Call]] with a Call builtin.

Port ccbb4ff00f1d8f32fd9227cd7aba1723791e5744

Original commit message:
    The new Call and CallFunction builtins supersede the current
    CallFunctionStub (and CallIC magic) and will be the single bottleneck
    for all calling, including the currently special Function.prototype.call
    and Function.prototype.apply builtins, which had handwritten (and
    not fully compliant) versions of CallFunctionStub, and also the
    CallIC(s), which where also slightly different.

    This also reduces the overhead for API function calls, which is still
    unnecessary high, but let's do that step-by-step.

    This also fixes a bunch of cases where the implicit ToObject for
    sloppy receivers was done in the wrong context (in the caller
    context instead of the callee context), which basically meant
    that we allowed cross context access to %ObjectPrototype%.

    MIPS and MIPS64 ports contributed by akos.palfi@imgtec.com.

R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, dstence@us.ibm.com
BUG=v8:4413
LOG=n

Review URL: https://codereview.chromium.org/1327093002

Cr-Commit-Position: refs/heads/master@{#30656}

9 years agoPPC: [runtime] Replace many buggy uses of %_CallFunction with %_Call.
mbrandy [Wed, 9 Sep 2015 14:27:20 +0000 (07:27 -0700)]
PPC: [runtime] Replace many buggy uses of %_CallFunction with %_Call.

Port db2ba190dba6983b94eae36e111b0feebb97587e

Original commit message:
    The semantics of the %_CallFunction intrinsic seem to be very unclear,
    which resulted in a lot of bugs. Especially the combination with
    %IsSloppyModeFunction is always a bug, because the receiver would be
    wrapped in the wrong context. So the %IsSloppyModeFunction helper is
    gone now, and many of the buggy uses of %_CallFunction are also
    eliminated.

    If you ever need to call something with a different receiver, then
    %_Call is your friend now. It does what you want and implements the
    call sequence fully (and correct).

R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, dstence@us.ibm.com
BUG=v8:4413
LOG=n

Review URL: https://codereview.chromium.org/1310303008

Cr-Commit-Position: refs/heads/master@{#30655}

9 years ago[turbofan] Make %Arguments composable with inlining.
mstarzinger [Wed, 9 Sep 2015 14:14:01 +0000 (07:14 -0700)]
[turbofan] Make %Arguments composable with inlining.

This makes the C++ fallback implementations for the two intrinsics,
%Arguments and %ArgumentsLength composable with respect to inlining.
Using deoptimization information gives us accurate data here.

R=bmeurer@chromium.org
TEST=mjsunit/regress/regress-4374
BUG=v8:4374
LOG=n

Review URL: https://codereview.chromium.org/1328363002

Cr-Commit-Position: refs/heads/master@{#30654}

9 years agoMIPS64: Fix 'On a call to Array(), we patched a call ic.'
balazs.kilvady [Wed, 9 Sep 2015 13:57:50 +0000 (06:57 -0700)]
MIPS64: Fix 'On a call to Array(), we patched a call ic.'

Port ba7b64139886ab7987406a92bf0e801b807c9fe4

Original commit message:
This CL makes do with a single dispatcher which inlines the special handling for the Array() call case, loading the allocation site found in the vector and calling the array constructor stub appropriately.

BUG=

Review URL: https://codereview.chromium.org/1324093005

Cr-Commit-Position: refs/heads/master@{#30653}

9 years ago[runtime] Remove unused %NumberUnaryMinus runtime function.
bmeurer [Wed, 9 Sep 2015 13:55:11 +0000 (06:55 -0700)]
[runtime] Remove unused %NumberUnaryMinus runtime function.

This has been dead code for quite a while now.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1314353006

Cr-Commit-Position: refs/heads/master@{#30652}

9 years ago[turbofan] Handle stack overflow exceptions in JSInliner.
mstarzinger [Wed, 9 Sep 2015 10:24:17 +0000 (03:24 -0700)]
[turbofan] Handle stack overflow exceptions in JSInliner.

R=bmeurer@chromium.org
BUG=chromium:527364
LOG=n

Review URL: https://codereview.chromium.org/1322203005

Cr-Commit-Position: refs/heads/master@{#30651}

9 years agoUse v8-reviews@ for review mail, so v8-dev@ is free for dev discussions
jochen [Wed, 9 Sep 2015 08:13:57 +0000 (01:13 -0700)]
Use v8-reviews@ for review mail, so v8-dev@ is free for dev discussions

BUG=none
R=danno@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/1308953011

Cr-Commit-Position: refs/heads/master@{#30650}

9 years agoOn a call to Array(), we patched a call ic. This CL makes do with a single dispatcher...
mvstanton [Wed, 9 Sep 2015 08:05:25 +0000 (01:05 -0700)]
On a call to Array(), we patched a call ic. This CL makes do with a single dispatcher which inlines the special handling for the Array() call case, loading the allocation site found in the vector and calling the array constructor stub appropriately.

BUG=

Review URL: https://codereview.chromium.org/1332563003

Cr-Commit-Position: refs/heads/master@{#30649}

9 years ago[calls] Consistent call protocol for calls.
bmeurer [Wed, 9 Sep 2015 05:01:01 +0000 (22:01 -0700)]
[calls] Consistent call protocol for calls.

The number of actual arguments should always be available, there's no
point in trying to optimize away a simple assignment of an immediate to
a register before some calls.

The main motivation is to have a consistent state at the beginning of every
function. Currently the arguments register (i.e. rax or eax) either contains
the number of arguments or some random garbage depending on whether
the callsite decided that the callee might need the information or not.
This causes trouble with runtime implementations of functions that
do not set internal_formal_parameter_count to the DontAdaptArguments
sentinel (we don't have any of those yet), but also makes it impossible
to sanity check the arguments in the callee, because the callee doesn't
know whether the caller decided to pass the number of arguments or
random garbage.

BUG=v8:4413
LOG=n

Review URL: https://codereview.chromium.org/1330033002

Cr-Commit-Position: refs/heads/master@{#30648}

9 years ago[es6] add js-perf-test for rest parameters
caitpotter88 [Tue, 8 Sep 2015 23:17:00 +0000 (16:17 -0700)]
[es6] add js-perf-test for rest parameters

BUG=v8:2160
LOG=N
R=adamk, rossberg, wingo

Review URL: https://codereview.chromium.org/1317113007

Cr-Commit-Position: refs/heads/master@{#30647}

9 years agoMIPS: minor cleanup in macro-assembler.
paul.lind [Tue, 8 Sep 2015 21:58:40 +0000 (14:58 -0700)]
MIPS: minor cleanup in macro-assembler.

Fix some dodgy temp-register usage and remove some unnecessary
push/pop's.

BUG=

Review URL: https://codereview.chromium.org/1324553004

Cr-Commit-Position: refs/heads/master@{#30646}

9 years agoMIPS64: [turbofan] Improve changes from and to Smi.
dusan.m.milosavljevic [Tue, 8 Sep 2015 21:54:52 +0000 (14:54 -0700)]
MIPS64: [turbofan] Improve changes from and to Smi.

The instruction selection for following sequences is
improved:

  113: Word64Sar(107, 91) : Internal/Any
  114: TruncateInt64ToInt32(113) : Signed32/UntaggedSigned32
  115: ChangeInt32ToFloat64(114) : Signed32/UntaggedFloat64

TEST=unittests/InstructionSelectorTest.ChangesFromToSmi
BUG=

Review URL: https://codereview.chromium.org/1318153006

Cr-Commit-Position: refs/heads/master@{#30645}

9 years agoMIPS: Fix 'Optimize simulator.'
balazs.kilvady [Tue, 8 Sep 2015 19:32:06 +0000 (12:32 -0700)]
MIPS: Fix 'Optimize simulator.'

For simulator optimization we modified Instruction::InstructionType() function so a simpler but less complete InstructionType() function used by default. This fix enables the full InstructionType checking to properly decode a dd-constant label as unsupported opcode, rather than aborting.

BUG=chromium:528875
LOG=NO

Review URL: https://codereview.chromium.org/1314673010

Cr-Commit-Position: refs/heads/master@{#30644}

9 years agoMIPS: Fix MacroAssembler::AssertFunction()
paul.lind [Tue, 8 Sep 2015 19:29:22 +0000 (12:29 -0700)]
MIPS: Fix MacroAssembler::AssertFunction()

Porting mistake in ccbb4ff0 '[builtins] Unify the various versions of [[Call]]
with a Call builtin.', which only showed as debug assertion in later commit
db2ba190 '[runtime] Replace many buggy uses of %_CallFunction with %_Call.'

Use temporary register rather than push/pop of 'object' register.

BUG=
TEST=cctest/test-api/SetFunctionEntryHook, cctest/test-serialize/PerIsolateSnapshotBlobs, ...

Review URL: https://codereview.chromium.org/1309163006

Cr-Commit-Position: refs/heads/master@{#30643}

9 years ago[heap] Prevent leakage of GCCallbacksScope outside of heap.
mstarzinger [Tue, 8 Sep 2015 17:14:12 +0000 (10:14 -0700)]
[heap] Prevent leakage of GCCallbacksScope outside of heap.

R=mlippautz@chromium.org

Review URL: https://codereview.chromium.org/1314543014

Cr-Commit-Position: refs/heads/master@{#30642}

9 years agoUse idle task to perform incremental marking steps.
ulan [Tue, 8 Sep 2015 15:54:24 +0000 (08:54 -0700)]
Use idle task to perform incremental marking steps.

This moves incremental marking steps from gc-idle-time-handler and heap to the new incremental marking task.

BUG=chromium:490559
LOG=NO

Review URL: https://codereview.chromium.org/1265423002

Cr-Commit-Position: refs/heads/master@{#30641}

9 years agoRemove all gyp BUILD rules with multiple outputs.
vogelheim [Tue, 8 Sep 2015 15:24:45 +0000 (08:24 -0700)]
Remove all gyp BUILD rules with multiple outputs.

- Modify js2c to accept --js and --nojs,
- modify mksnapshot to accept --startup_src
  (instead of a positional parameter, so that it can be omitted),
- modify v8.gyp to use the above so that no target has multiple
  output dependencies, and
- update GN to use the switches above.

(I have not succeeded in fixing the GYP->make translator to properly map
 multi-output rules, so that they work as expected in all edge cases.
 This CL signals defeat on that front, and instead I rewrite the GYP
 file to avoid that situation in the first place.)

R=jochen@chromium.org
BUG=v8:4382
LOG=N

Review URL: https://codereview.chromium.org/1310273009

Cr-Commit-Position: refs/heads/master@{#30640}

9 years ago[Interpreter] Ensure that implicit return undefined is generated.
rmcilroy [Tue, 8 Sep 2015 15:02:44 +0000 (08:02 -0700)]
[Interpreter] Ensure that implicit return undefined is generated.

When there is no explicit return we need to generate an implicit
return undefined.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1308693014

Cr-Commit-Position: refs/heads/master@{#30639}

9 years agoFix a potential overflow of binary search
jianghua.yjh [Tue, 8 Sep 2015 14:50:27 +0000 (07:50 -0700)]
Fix a potential overflow of binary search

BUG=

Review URL: https://codereview.chromium.org/1314253006

Cr-Commit-Position: refs/heads/master@{#30638}

9 years ago[heap] Remove obsolete DisallowAllocationFailure scope.
mstarzinger [Tue, 8 Sep 2015 14:42:27 +0000 (07:42 -0700)]
[heap] Remove obsolete DisallowAllocationFailure scope.

This removes the DisallowAllocationFailure assertion scope which mostly
coincided with the AlwaysAllocateScope anyways. Access to the bitfield
in the Isolate was not synchronized and hence the AlwaysAllocateScope
was not thread-safe in debug mode, now it is.

R=mlippautz@chromium.org

Review URL: https://codereview.chromium.org/1319153006

Cr-Commit-Position: refs/heads/master@{#30637}

9 years ago[builtins] Removing %_CallFunction in GetThirdIndex.
cbruni [Tue, 8 Sep 2015 14:22:19 +0000 (07:22 -0700)]
[builtins] Removing %_CallFunction in GetThirdIndex.

By using an InternArray for the pivot calculation we can get rid of yet
another %_CallFunction.

Review URL: https://codereview.chromium.org/1316673008

Cr-Commit-Position: refs/heads/master@{#30636}

9 years agoUse baseline code to compute message locations.
mstarzinger [Tue, 8 Sep 2015 14:14:48 +0000 (07:14 -0700)]
Use baseline code to compute message locations.

This switches Isolate::ComputeLocation to use baseline code when
computing message locations. This unifies locations between optimized
and non-optimized code by always going through the FrameSummary for
location computation.

R=bmeurer@chromium.org
TEST=message/regress/regress-4266
BUG=v8:4266
LOG=n

Review URL: https://codereview.chromium.org/1331603002

Cr-Commit-Position: refs/heads/master@{#30635}

9 years ago[runtime] Replace many buggy uses of %_CallFunction with %_Call.
bmeurer [Tue, 8 Sep 2015 13:35:20 +0000 (06:35 -0700)]
[runtime] Replace many buggy uses of %_CallFunction with %_Call.

The semantics of the %_CallFunction intrinsic seem to be very unclear,
which resulted in a lot of bugs. Especially the combination with
%IsSloppyModeFunction is always a bug, because the receiver would be
wrapped in the wrong context. So the %IsSloppyModeFunction helper is
gone now, and many of the buggy uses of %_CallFunction are also
eliminated.

If you ever need to call something with a different receiver, then
%_Call is your friend now. It does what you want and implements the
call sequence fully (and correct).

BUG=v8:4413
LOG=n

Review URL: https://codereview.chromium.org/1325573004

Cr-Commit-Position: refs/heads/master@{#30634}

9 years agoFix AstPrinter::VisitCallRuntime to not print garbage.
mstarzinger [Tue, 8 Sep 2015 12:39:26 +0000 (05:39 -0700)]
Fix AstPrinter::VisitCallRuntime to not print garbage.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1329133002

Cr-Commit-Position: refs/heads/master@{#30633}

9 years agoCache String.split not found results as well
karl [Tue, 8 Sep 2015 10:30:07 +0000 (03:30 -0700)]
Cache String.split not found results as well

Before String.split only cached results if the seperator was found

BUG=v8:4191
LOG=N

Review URL: https://codereview.chromium.org/1308373005

Cr-Commit-Position: refs/heads/master@{#30632}

9 years ago[es6] Optimize String{Starts, Ends}With
karl [Tue, 8 Sep 2015 10:20:29 +0000 (03:20 -0700)]
[es6] Optimize String{Starts, Ends}With

Replace Math{Min,Max}
Direct string comparison

Compared to https://codereview.chromium.org/1321853006/
single character
 found at true
77
P found at false
70
က found at false
70

BUG=v8:4384
LOG=N

Review URL: https://codereview.chromium.org/1324353002

Cr-Commit-Position: refs/heads/master@{#30631}

9 years ago[heap] Fix MemoryChunk::kHeaderSize computation and add some assertions.
mlippautz [Tue, 8 Sep 2015 08:36:18 +0000 (01:36 -0700)]
[heap] Fix MemoryChunk::kHeaderSize computation and add some assertions.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1302423007

Cr-Commit-Position: refs/heads/master@{#30630}

9 years ago[builtins] Unify the various versions of [[Call]] with a Call builtin.
bmeurer [Tue, 8 Sep 2015 07:50:22 +0000 (00:50 -0700)]
[builtins] Unify the various versions of [[Call]] with a Call builtin.

The new Call and CallFunction builtins supersede the current
CallFunctionStub (and CallIC magic) and will be the single bottleneck
for all calling, including the currently special Function.prototype.call
and Function.prototype.apply builtins, which had handwritten (and
not fully compliant) versions of CallFunctionStub, and also the
CallIC(s), which where also slightly different.

This also reduces the overhead for API function calls, which is still
unnecessary high, but let's do that step-by-step.

This also fixes a bunch of cases where the implicit ToObject for
sloppy receivers was done in the wrong context (in the caller
context instead of the callee context), which basically meant
that we allowed cross context access to %ObjectPrototype%.

MIPS and MIPS64 ports contributed by akos.palfi@imgtec.com.

R=mstarzinger@chromium.org, jarin@chromium.org, mvstanton@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg,v8_linux_nosnap_dbg
BUG=v8:4413
LOG=n

Committed: https://crrev.com/ef268a83be4dead004047c25b702319ea4be7277
Cr-Commit-Position: refs/heads/master@{#30627}

Review URL: https://codereview.chromium.org/1311013008

Cr-Commit-Position: refs/heads/master@{#30629}

9 years agoRevert of [builtins] Unify the various versions of [[Call]] with a Call builtin....
bmeurer [Tue, 8 Sep 2015 06:12:17 +0000 (23:12 -0700)]
Revert of [builtins] Unify the various versions of [[Call]] with a Call builtin. (patchset #10 id:260001 of https://codereview.chromium.org/1311013008/ )

Reason for revert:
Breaks nosnap, needs investigation

Original issue's description:
> [builtins] Unify the various versions of [[Call]] with a Call builtin.
>
> The new Call and CallFunction builtins supersede the current
> CallFunctionStub (and CallIC magic) and will be the single bottleneck
> for all calling, including the currently special Function.prototype.call
> and Function.prototype.apply builtins, which had handwritten (and
> not fully compliant) versions of CallFunctionStub, and also the
> CallIC(s), which where also slightly different.
>
> This also reduces the overhead for API function calls, which is still
> unnecessary high, but let's do that step-by-step.
>
> This also fixes a bunch of cases where the implicit ToObject for
> sloppy receivers was done in the wrong context (in the caller
> context instead of the callee context), which basically meant
> that we allowed cross context access to %ObjectPrototype%.
>
> MIPS and MIPS64 ports contributed by akos.palfi@imgtec.com.
>
> R=mstarzinger@chromium.org, jarin@chromium.org, mvstanton@chromium.org
> CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg
> BUG=v8:4413
> LOG=n
>
> Committed: https://crrev.com/ef268a83be4dead004047c25b702319ea4be7277
> Cr-Commit-Position: refs/heads/master@{#30627}

TBR=rmcilroy@chromium.org,jarin@chromium.org,mstarzinger@chromium.org,mvstanton@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4413

Review URL: https://codereview.chromium.org/1328963004

Cr-Commit-Position: refs/heads/master@{#30628}

9 years ago[builtins] Unify the various versions of [[Call]] with a Call builtin.
bmeurer [Tue, 8 Sep 2015 05:06:27 +0000 (22:06 -0700)]
[builtins] Unify the various versions of [[Call]] with a Call builtin.

The new Call and CallFunction builtins supersede the current
CallFunctionStub (and CallIC magic) and will be the single bottleneck
for all calling, including the currently special Function.prototype.call
and Function.prototype.apply builtins, which had handwritten (and
not fully compliant) versions of CallFunctionStub, and also the
CallIC(s), which where also slightly different.

This also reduces the overhead for API function calls, which is still
unnecessary high, but let's do that step-by-step.

This also fixes a bunch of cases where the implicit ToObject for
sloppy receivers was done in the wrong context (in the caller
context instead of the callee context), which basically meant
that we allowed cross context access to %ObjectPrototype%.

MIPS and MIPS64 ports contributed by akos.palfi@imgtec.com.

R=mstarzinger@chromium.org, jarin@chromium.org, mvstanton@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg
BUG=v8:4413
LOG=n

Review URL: https://codereview.chromium.org/1311013008

Cr-Commit-Position: refs/heads/master@{#30627}

9 years agoX87: initialize the FPU state for X87 in prologue.
chunyang.dai [Tue, 8 Sep 2015 03:27:11 +0000 (20:27 -0700)]
X87: initialize the FPU state for X87 in prologue.

   This CL is a fix for c0c3d866fb824290c24d4c2a14414019d844515f (r30606).
   In r30606, initialization of FPU implementation is not moved to prologue
   generation correctly.

BUG=

Review URL: https://codereview.chromium.org/1317643009

Cr-Commit-Position: refs/heads/master@{#30626}

9 years agoUpdate V8 DEPS.
v8-autoroll [Tue, 8 Sep 2015 03:25:13 +0000 (20:25 -0700)]
Update V8 DEPS.

Rolling v8/build/gyp to 5d01a8cda53bfa23f1dcbe0c31c33aa30f50cf4c

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review URL: https://codereview.chromium.org/1330793002

Cr-Commit-Position: refs/heads/master@{#30625}

9 years ago[heap] introduce ArrayBufferTracker
fedor [Mon, 7 Sep 2015 19:38:12 +0000 (12:38 -0700)]
[heap] introduce ArrayBufferTracker

Move various ArrayBuffer-related methods from Heap class to the newly
created ArrayBufferTracker. Consolidate and simplify things!

BUG=
R=mlippautz@chromium.org

Review URL: https://codereview.chromium.org/1324023007

Cr-Commit-Position: refs/heads/master@{#30624}

9 years agoAdd a GN import for sanitizers.gni.
brettw [Mon, 7 Sep 2015 15:22:42 +0000 (08:22 -0700)]
Add a GN import for sanitizers.gni.

The is_*san flags are moving from the master build config file into this
.gni file. This patch will allow V8 to continue compiling when that change
is landed.

Review URL: https://codereview.chromium.org/1330713003

Cr-Commit-Position: refs/heads/master@{#30623}

9 years agoStart removing deprecated APIs from cctest
jochen [Mon, 7 Sep 2015 14:44:46 +0000 (07:44 -0700)]
Start removing deprecated APIs from cctest

BUG=4134
R=vogelheim@chromium.org,rmcilroy@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1333463002

Cr-Commit-Position: refs/heads/master@{#30622}

9 years ago[presubmit] Enable build/c++11 linter checking.
mstarzinger [Mon, 7 Sep 2015 14:24:05 +0000 (07:24 -0700)]
[presubmit] Enable build/c++11 linter checking.

This enables the general linter checking for "build/c++11" violations
during presubmit and instead marks the few known exceptions that we
allow explicitly.

R=jochen@chromium.org

Review URL: https://codereview.chromium.org/1317463007

Cr-Commit-Position: refs/heads/master@{#30621}

9 years agoAdding js2c.py "Too many arguments" for Macros Error
cbruni [Mon, 7 Sep 2015 14:03:50 +0000 (07:03 -0700)]
Adding js2c.py "Too many arguments" for Macros Error

BUG=

Review URL: https://codereview.chromium.org/1324103003

Cr-Commit-Position: refs/heads/master@{#30620}

9 years agoAdding ElementsAccessor::Concat
cbruni [Mon, 7 Sep 2015 13:44:44 +0000 (06:44 -0700)]
Adding ElementsAccessor::Concat
- Moving parts of ArrayConcat from builtins.cc to the ElementsAccessor
- Removing ArrayConcat Runtime Function

BUG=v8:4317
LOG=N

Review URL: https://codereview.chromium.org/1330483003

Cr-Commit-Position: refs/heads/master@{#30619}

9 years agoAvoid using %_CallFunction if the receiver doesn't change.
cbruni [Mon, 7 Sep 2015 12:45:20 +0000 (05:45 -0700)]
Avoid using %_CallFunction if the receiver doesn't change.

Review URL: https://codereview.chromium.org/1326263002

Cr-Commit-Position: refs/heads/master@{#30618}

9 years ago[test] Return target name on failures.
machenbach [Mon, 7 Sep 2015 10:11:30 +0000 (03:11 -0700)]
[test] Return target name on failures.

This information can be used on the buildbot side to only
rebuild the failing target for bisection.

BUG=chromium:511215
LOG=n
NOTRY=true

Review URL: https://codereview.chromium.org/1313353006

Cr-Commit-Position: refs/heads/master@{#30617}

9 years ago[turbofan] Clarify comment about Parameter indexing.
mstarzinger [Mon, 7 Sep 2015 09:37:00 +0000 (02:37 -0700)]
[turbofan] Clarify comment about Parameter indexing.

This clarifies a comments in the AstGraphBuilder that has led to
confusion about what "parameter index" refers to. The off-by-one is
confusing and a terribly phrased comment doesn't make it any better.

R=rmcilroy@chromium.org,oth@chromium.org

Review URL: https://codereview.chromium.org/1329043002

Cr-Commit-Position: refs/heads/master@{#30616}

9 years agoFix two byte string-search on big endian platforms
karl [Mon, 7 Sep 2015 09:07:46 +0000 (02:07 -0700)]
Fix two byte string-search on big endian platforms

Use AlignDown instead of IsAligned to avoid false negatives
on big endian platforms
Use byte with highest value to speedup search

BUG=

Review URL: https://codereview.chromium.org/1324803003

Cr-Commit-Position: refs/heads/master@{#30615}

9 years agoAdding GetMoreGeneralElementsKind in elements-kind.h
cbruni [Mon, 7 Sep 2015 08:37:18 +0000 (01:37 -0700)]
Adding GetMoreGeneralElementsKind in elements-kind.h

BUG=

Review URL: https://codereview.chromium.org/1307743011

Cr-Commit-Position: refs/heads/master@{#30614}

9 years agoX87: [runtime] Remove useless IN builtin.
chunyang.dai [Mon, 7 Sep 2015 08:25:58 +0000 (01:25 -0700)]
X87: [runtime] Remove useless IN builtin.

port 3dc9b122fa9f7d551e05f5b9d7415bcfdcac92db (r30582).

original commit message:

    Similar to DELETE, the IN builtin is just a thin wrapper for %HasElement
    and %HasProperty anyway, and cannot be optimized, plus it had a weird
    special fast case (which also involved at least one LOAD_IC plus some
    intrinsic magic).

BUG=

Review URL: https://codereview.chromium.org/1325183003

Cr-Commit-Position: refs/heads/master@{#30613}

9 years agoX87: Reland Vector ICs: platform support for vector-based stores.
chunyang.dai [Mon, 7 Sep 2015 08:19:40 +0000 (01:19 -0700)]
X87: Reland Vector ICs: platform support for vector-based stores.

port 40fbed0609ddb3e4ee4338049383004b62d13853 (r30581)

original commit message:

    The last changes for vector store functionality, they are in 3 areas:

    1) The new vector [keyed] store code stubs - implementation.
    2) IC and handler compiler adjustments
    3) Odds and ends. A change in ast.cc, a test update, a small Oracle fix.

BUG=

Review URL: https://codereview.chromium.org/1311413007

Cr-Commit-Position: refs/heads/master@{#30612}

9 years agoX87: Remove obsolete functionality from the MacroAssemblers.
chunyang.dai [Mon, 7 Sep 2015 08:14:37 +0000 (01:14 -0700)]
X87: Remove obsolete functionality from the MacroAssemblers.

port 64e3bad3677d01d70ddcedd541619216b973e90d (r30577)

original commit message:

    This is uncontroversial the dead code removal part of
    https://codereview.chromium.org/1307943013, which was
    previously landed, but got reverted because of DOM
    breakage that requires more investigation.

BUG=

Review URL: https://codereview.chromium.org/1321653004

Cr-Commit-Position: refs/heads/master@{#30611}

9 years agoX87: [es6] Introduce a dedicated JSIteratorResult type.
chunyang.dai [Mon, 7 Sep 2015 08:10:22 +0000 (01:10 -0700)]
X87: [es6] Introduce a dedicated JSIteratorResult type.

port 72bc4b5c8a5c4279bcb8b340edbc8aa1c46d75a1 (r30557)

original commit message:

    Use a single JSIteratorResult type for all implementation provided
    iterator results (i.e. the String, Array and collection iterators,
    and also for generators).  This removes one source of unnecessary
    polymorphism in for-of loops.  It is accomplished by a new intrinsic
    %_CreateIterResultObject() that should be used to create iterator
    result objects from JavaScript builtins (there's a matching factory
    method for C++ code).

    Also restructure the %StringIteratorPrototype%.next() and
    %ArrayIteratorPrototype%.next() functions to be a bit more friendly
    to optimizing compilers.

BUG=

Review URL: https://codereview.chromium.org/1331523002

Cr-Commit-Position: refs/heads/master@{#30610}

9 years agoX87: [es6] Initial steps towards a correct implementation of IsCallable.
chunyang.dai [Mon, 7 Sep 2015 08:00:40 +0000 (01:00 -0700)]
X87: [es6] Initial steps towards a correct implementation of IsCallable.

port 8a378f46d52ce64578c71313ed76a67592fbf63c (r30552)

original commit message:

    This turns the has_instance_call_handler bit on Map into an is_callable
    bit, that matches the spec definition of IsCallable (i.e. instances have
    [[Call]] internal methods).

    Also fix the typeof operator to properly say "function" for everything
    that is callable.

    Also remove the (unused) premature %_GetPrototype optimization from
    Crankshaft, which just complicated the Map bit swap.

BUG=

Review URL: https://codereview.chromium.org/1310653004

Cr-Commit-Position: refs/heads/master@{#30609}

9 years agoX87: [es6] Re-implement rest parameters via desugaring.
chunyang.dai [Mon, 7 Sep 2015 07:51:28 +0000 (00:51 -0700)]
X87: [es6] Re-implement rest parameters via desugaring.

port 510baeacbab311798d5e8795800ff773d00d062c (r30550)

original commit message:

    Kills the kRestParameter bailout/disabled optimization, and fixes
    lazily parsed arrow functions with rest parameters.

    Supercedes https://crrev.com/1235153006/

BUG=

Review URL: https://codereview.chromium.org/1305943008

Cr-Commit-Position: refs/heads/master@{#30608}

9 years agoRevert of Deactivate Parser Bookmarks (patchset #1 id:1 of https://codereview.chromiu...
hablich [Mon, 7 Sep 2015 07:49:56 +0000 (00:49 -0700)]
Revert of Deactivate Parser Bookmarks (patchset #1 id:1 of https://codereview.chromium.org/1315173007/ )

Reason for revert:
Tanks performance (Mandreel latency). A simple deactivation will not work.

Original issue's description:
> Deactivate Parser Bookmarks.
>
> Bookmarks may create a race condition which
> results in syntax errors. The more files are parsed
> in parallel the higher the probability that the error
> occurs.
> Unfortunately it is not possible to simply revert the
> CLs related to Bookmarks.
>
> BUG=chromium:527930,chromium:510825
> LOG=Y
>
> Committed: https://crrev.com/129593b40eb69d93ba626601bfda046a95cda0e7
> Cr-Commit-Position: refs/heads/master@{#30594}

TBR=vogelheim@chromium.org,jkummerow@chromium.org,mstarzinger@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:527930,chromium:510825

Review URL: https://codereview.chromium.org/1304413007

Cr-Commit-Position: refs/heads/master@{#30607}

9 years agoX87: Crankshaft is now able to compile top level code even if there is a ScriptContext.
chunyang.dai [Mon, 7 Sep 2015 07:48:48 +0000 (00:48 -0700)]
X87: Crankshaft is now able to compile top level code even if there is a ScriptContext.

port 29ebcc32052d486cbc1933ac4738aa5cb68aa851 (r30496).

original commit message:

    This CL introduces HPrologue instruction which does the context allocation work and supports deoptimization.

BUG=

Review URL: https://codereview.chromium.org/1308743005

Cr-Commit-Position: refs/heads/master@{#30606}

9 years agoX87: [builtins] Pass correct number of arguments after adapting arguments.
chunyang.dai [Mon, 7 Sep 2015 07:42:49 +0000 (00:42 -0700)]
X87: [builtins] Pass correct number of arguments after adapting arguments.

port fbad63669e309e8c5c3f2ecf503df2fefaac79bb (r30467)

original commit message:

    The call protocol requires that the register dedicated to the number of
    actual arguments (i.e. rax on x64) always contains the actual arguments.
    That means after adapting arguments it should match the number of
    expected arguments.  But currently we pass some semi-random value
    (usually some stack address) after adapting arguments.

    It looks like this is currently not observable anywhere, because our
    builtins and functions either don't look at the number of arguments and
    just make hard coded (unchecked) assumptions, or are marked as "don't
    adapt arguments", which bypasses the broken code in the trampoline for
    arguments adaption.  Nevertheless this should be fixed.

BUG=

Review URL: https://codereview.chromium.org/1304893010

Cr-Commit-Position: refs/heads/master@{#30605}

9 years agoMIPS:[turbofan] Improve boolean materialization compares.
dusan.m.milosavljevic [Sun, 6 Sep 2015 12:01:23 +0000 (05:01 -0700)]
MIPS:[turbofan] Improve boolean materialization compares.

Additionally, improve immediate operand matching for branches
to avoid duplicated constant loading.

Review URL: https://codereview.chromium.org/1326173002

Cr-Commit-Position: refs/heads/master@{#30604}

9 years agoFix a -Wsign-compare error under GCC 4.9.2.
paul.lind [Sat, 5 Sep 2015 11:42:51 +0000 (04:42 -0700)]
Fix a -Wsign-compare error under GCC 4.9.2.

BUG=

Review URL: https://codereview.chromium.org/1322693004

Cr-Commit-Position: refs/heads/master@{#30603}

9 years ago[arm] Decrease the size of the assembler class by allocating buffers of pending const...
ishell [Sat, 5 Sep 2015 08:53:43 +0000 (01:53 -0700)]
[arm] Decrease the size of the assembler class by allocating buffers of pending constants on the heap.

BUG=chromium:521828
LOG=N

Review URL: https://codereview.chromium.org/1310863005

Cr-Commit-Position: refs/heads/master@{#30602}

9 years agoUpdate V8 DEPS.
v8-autoroll [Sat, 5 Sep 2015 03:25:55 +0000 (20:25 -0700)]
Update V8 DEPS.

Rolling v8/build/gyp to 2b17e0b26a93e8c9758c23aec6c554da4ca8f0a9

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review URL: https://codereview.chromium.org/1324213006

Cr-Commit-Position: refs/heads/master@{#30601}

9 years agoFollow symlinks in test/mjsunit to allow linked test directories.
bradnelson [Fri, 4 Sep 2015 23:15:52 +0000 (16:15 -0700)]
Follow symlinks in test/mjsunit to allow linked test directories.

Wasm mjsunit tests aren't being detected when symlinked into
test/mjsunit/wasm. This causes symlinked directories in that
directory to be included.

BUG=None
TEST=local
R=dehrenberg@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1332463002

Cr-Commit-Position: refs/heads/master@{#30600}

9 years ago[es6] Use SubString in String{Starts,Ends}With
karl [Fri, 4 Sep 2015 21:34:23 +0000 (14:34 -0700)]
[es6] Use SubString in String{Starts,Ends}With

Much faster and constant than always searching the whole string

````
var allCodePoints = [];
for (var i = 0; i < 65536; i++) allCodePoints[i] = i;
var allCharsString = String.fromCharCode.apply(String, allCodePoints);

function bench(search) {
  var counter = 0;
  print(search + " found at " + allCharsString.startsWith(search));
  var start = Date.now();
  while (counter++ < 5000000) {
    allCharsString.startsWith(search);
  }
  var end = Date.now();
  print(end - start);
  return counter;
}

print("single character");
bench("\u0000");
bench("\u0050");
bench("\u1000");
````

OLD

single character
 found at true
374
P found at false
559
က found at false
13492

NEW

single character
 found at true
261
P found at false
146
က found at false
146

BUG=v8:4384
LOG=N

Review URL: https://codereview.chromium.org/1321853006

Cr-Commit-Position: refs/heads/master@{#30599}

9 years agoPulling in a gyp fix for wasm.
bradnelson [Fri, 4 Sep 2015 20:28:07 +0000 (13:28 -0700)]
Pulling in a gyp fix for wasm.

BUG= https://github.com/WebAssembly/v8-native-prototype/issues/10
TEST=manual check of wasm=on
R=dehrenberg@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1306753007

Cr-Commit-Position: refs/heads/master@{#30598}

9 years agoReland: Speedup stringsearch for two byte strings
karl [Fri, 4 Sep 2015 19:58:35 +0000 (12:58 -0700)]
Reland: Speedup stringsearch for two byte strings

Uses the lower byte with memchr which is
significantly faster than a naive compare

Performance difference with bench (http://hastebin.com/xuxexataso.js):

old                             new

single character                single character
Κ found at 922                  Κ found at 922
3324                            616
㎡ found at 13217               ㎡ found at 13217
42366                           4931
က found at 4096                 က found at 4096
13369                           9836
＀ found at 65280                ＀ found at 65280
207472                          36149
ᆬ found at 65445                ᆬ found at 65445
209344                          36666
  found at 8197                   found at 8197
26731                           11757
倂 found at 20482               倂 found at 20482
66071                           17193

linear search                   linear search
ΚΛ found at 922                 ΚΛ found at 922
4112                            504
㎡㎢ found at 13217             ㎡㎢ found at 13217
55105                           5119
ᆬᆭ found at 65445               ᆬᆭ found at 65445
268016                          35496

linear + bmh search             linear + bmh search
ΚΛΜΝΞΟΠΡ found at 922           ΚΛΜΝΞΟΠΡ found at 922
2897                            522
ᆬᆭᄃᄄᄅᆰᆱᆲ found at 65445         ᆬᆭᄃᄄᄅᆰᆱᆲ found at 65445
167687                          35283

BUG=

Review URL: https://codereview.chromium.org/1324453007

Cr-Commit-Position: refs/heads/master@{#30597}

9 years agoMIPS: Optimize simulator.
balazs.kilvady [Fri, 4 Sep 2015 17:39:53 +0000 (10:39 -0700)]
MIPS: Optimize simulator.

The patch decreases the calls of huge switch instructions making the DecodeType*() functions to work in one phase and optimizing Instruction::InstructionType(). Speed gain in release full check is about 33% (6:13 s -> 4:09 s) and in optdebug full test is about 50% (12:29 -> 6:17)

BUG=

Review URL: https://codereview.chromium.org/1310883005

Cr-Commit-Position: refs/heads/master@{#30596}

9 years agoEnsure we have some space on the stack for compilation.
ishell [Fri, 4 Sep 2015 16:39:55 +0000 (09:39 -0700)]
Ensure we have some space on the stack for compilation.

BUG=chromium:527345, chromium:522289
LOG=N

Review URL: https://codereview.chromium.org/1323243005

Cr-Commit-Position: refs/heads/master@{#30595}

9 years agoDeactivate Parser Bookmarks.
hablich [Fri, 4 Sep 2015 16:15:36 +0000 (09:15 -0700)]
Deactivate Parser Bookmarks.

Bookmarks may create a race condition which
results in syntax errors. The more files are parsed
in parallel the higher the probability that the error
occurs.
Unfortunately it is not possible to simply revert the
CLs related to Bookmarks.

BUG=chromium:527930,chromium:510825
LOG=Y

Review URL: https://codereview.chromium.org/1315173007

Cr-Commit-Position: refs/heads/master@{#30594}

9 years agoRevert of [arm] Decrease the size of the assembler class by allocating buffers of...
ishell [Fri, 4 Sep 2015 16:10:01 +0000 (09:10 -0700)]
Revert of [arm] Decrease the size of the assembler class by allocating buffers of pending constants on the he… (patchset #2 id:20001 of https://codereview.chromium.org/1309903009/ )

Reason for revert:
Static assert failed on ARM64

Original issue's description:
> [arm] Decrease the size of the assembler class by allocating buffers of pending constants on the heap.
>
> BUG=chromium:521828
> LOG=N
>
> Committed: https://crrev.com/033af3fa511c52bc4049cd278d0623a6c6f9f9c3
> Cr-Commit-Position: refs/heads/master@{#30592}

TBR=jkummerow@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:521828

Review URL: https://codereview.chromium.org/1307863007

Cr-Commit-Position: refs/heads/master@{#30593}

9 years ago[arm] Decrease the size of the assembler class by allocating buffers of pending const...
ishell [Fri, 4 Sep 2015 15:50:40 +0000 (08:50 -0700)]
[arm] Decrease the size of the assembler class by allocating buffers of pending constants on the heap.

BUG=chromium:521828
LOG=N

Review URL: https://codereview.chromium.org/1309903009

Cr-Commit-Position: refs/heads/master@{#30592}

9 years agoRemove obsolete DEBUG and NDEBUG macro dance.
mstarzinger [Fri, 4 Sep 2015 14:24:02 +0000 (07:24 -0700)]
Remove obsolete DEBUG and NDEBUG macro dance.

The original intention of this seemed to have been to enable DEBUG when
NDEBUG was not defined within Google3. Everything since then was just
added to avoid the "#error" below checking for consistency from firing.
Semantics have also shifted along the way. I vote for dropping this.

R=ulan@chromium.org

Review URL: https://codereview.chromium.org/1315063007

Cr-Commit-Position: refs/heads/master@{#30591}

9 years agoPPC: Remove obsolete functionality from the MacroAssemblers.
mbrandy [Fri, 4 Sep 2015 14:03:20 +0000 (07:03 -0700)]
PPC: Remove obsolete functionality from the MacroAssemblers.

Port 64e3bad3677d01d70ddcedd541619216b973e90d

Original commit message:
    This is uncontroversial the dead code removal part of
    https://codereview.chromium.org/1307943013, which was
    previously landed, but got reverted because of DOM
    breakage that requires more investigation.

R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, dstence@us.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1311123004

Cr-Commit-Position: refs/heads/master@{#30590}

9 years agoAdd template parameter and unittests to atomic utils.
mlippautz [Fri, 4 Sep 2015 14:02:13 +0000 (07:02 -0700)]
Add template parameter and unittests to atomic utils.

BUG=

Review URL: https://codereview.chromium.org/1324153003

Cr-Commit-Position: refs/heads/master@{#30589}

9 years agoRevert of Speedup stringsearch for two byte strings (patchset #3 id:40001 of https...
machenbach [Fri, 4 Sep 2015 13:00:28 +0000 (06:00 -0700)]
Revert of Speedup stringsearch for two byte strings (patchset #3 id:40001 of https://codereview.chromium.org/1303033012/ )

Reason for revert:
[Sheriff] Breaks fuzzer and msan:
http://build.chromium.org/p/client.v8/builders/V8%20Fuzzer/builds/4773

Repro with:
tools/fuzz-harness.sh out/Debug/d8
(in a ninja Debug build)

Msan:
http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/builds/4097

Original issue's description:
> Speedup stringsearch for two byte strings
>
> Uses the lower byte with memchr which is
> significantly faster than a naive compare
>
> Performance difference with bench (http://hastebin.com/xuxexataso.js):
>
> old                             new
>
> single character                single character
> Κ found at 922                  Κ found at 922
> 3324                            616
> ㎡ found at 13217               ㎡ found at 13217
> 42366                           4931
> က found at 4096                 က found at 4096
> 13369                           9836
> ＀ found at 65280                ＀ found at 65280
> 207472                          36149
> ᆬ found at 65445                ᆬ found at 65445
> 209344                          36666
>   found at 8197                   found at 8197
> 26731                           11757
> 倂 found at 20482               倂 found at 20482
> 66071                           17193
>
> linear search                   linear search
> ΚΛ found at 922                 ΚΛ found at 922
> 4112                            504
> ㎡㎢ found at 13217             ㎡㎢ found at 13217
> 55105                           5119
> ᆬᆭ found at 65445               ᆬᆭ found at 65445
> 268016                          35496
>
> linear + bmh search             linear + bmh search
> ΚΛΜΝΞΟΠΡ found at 922           ΚΛΜΝΞΟΠΡ found at 922
> 2897                            522
> ᆬᆭᄃᄄᄅᆰᆱᆲ found at 65445         ᆬᆭᄃᄄᄅᆰᆱᆲ found at 65445
> 167687                          158465
>
> Committed: https://crrev.com/fced280f37588f8a232a414201276e053117e9ea
> Cr-Commit-Position: refs/heads/master@{#30587}

TBR=danno@chromium.org,mstarzinger@chromium.org,jkummerow@chromium.org,karl@skomski.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1331433002

Cr-Commit-Position: refs/heads/master@{#30588}

9 years agoSpeedup stringsearch for two byte strings
karl [Fri, 4 Sep 2015 12:37:39 +0000 (05:37 -0700)]
Speedup stringsearch for two byte strings

Uses the lower byte with memchr which is
significantly faster than a naive compare

Performance difference with bench (http://hastebin.com/xuxexataso.js):

old                             new

single character                single character
Κ found at 922                  Κ found at 922
3324                            616
㎡ found at 13217               ㎡ found at 13217
42366                           4931
က found at 4096                 က found at 4096
13369                           9836
＀ found at 65280                ＀ found at 65280
207472                          36149
ᆬ found at 65445                ᆬ found at 65445
209344                          36666
  found at 8197                   found at 8197
26731                           11757
倂 found at 20482               倂 found at 20482
66071                           17193

linear search                   linear search
ΚΛ found at 922                 ΚΛ found at 922
4112                            504
㎡㎢ found at 13217             ㎡㎢ found at 13217
55105                           5119
ᆬᆭ found at 65445               ᆬᆭ found at 65445
268016                          35496

linear + bmh search             linear + bmh search
ΚΛΜΝΞΟΠΡ found at 922           ΚΛΜΝΞΟΠΡ found at 922
2897                            522
ᆬᆭᄃᄄᄅᆰᆱᆲ found at 65445         ᆬᆭᄃᄄᄅᆰᆱᆲ found at 65445
167687                          158465

Review URL: https://codereview.chromium.org/1303033012

Cr-Commit-Position: refs/heads/master@{#30587}

9 years agoHandle all InstanceTypes in BitsetType::Lub().
jkummerow [Fri, 4 Sep 2015 11:46:40 +0000 (04:46 -0700)]
Handle all InstanceTypes in BitsetType::Lub().

JS_ITERATOR_RESULT_TYPE was missing but required (repro: load inbox.google.com with a Debug build).

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1302313013

Cr-Commit-Position: refs/heads/master@{#30586}

9 years agoIsolate::PrintStack: restore default verbose object printing
jkummerow [Fri, 4 Sep 2015 11:30:00 +0000 (04:30 -0700)]
Isolate::PrintStack: restore default verbose object printing

Review URL: https://codereview.chromium.org/1311123005

Cr-Commit-Position: refs/heads/master@{#30585}

9 years ago[turbofan] Fix segfault when using --trace-turbo.
mtrofin [Fri, 4 Sep 2015 09:21:22 +0000 (02:21 -0700)]
[turbofan] Fix segfault when using --trace-turbo.

BUG=

Review URL: https://codereview.chromium.org/1314703005

Cr-Commit-Position: refs/heads/master@{#30584}

9 years agoMake gold plugin download more robust.
machenbach [Fri, 4 Sep 2015 08:52:12 +0000 (01:52 -0700)]
Make gold plugin download more robust.

BUG=chromium:515782
LOG=n

Review URL: https://codereview.chromium.org/1321943004

Cr-Commit-Position: refs/heads/master@{#30583}

9 years ago[runtime] Remove useless IN builtin.
bmeurer [Fri, 4 Sep 2015 08:44:27 +0000 (01:44 -0700)]
[runtime] Remove useless IN builtin.

Similar to DELETE, the IN builtin is just a thin wrapper for %HasElement
and %HasProperty anyway, and cannot be optimized, plus it had a weird
special fast case (which also involved at least one LOAD_IC plus some
intrinsic magic).

R=yangguo@chromium.org,jarin@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_win_nosnap_shared_rel

Committed: https://crrev.com/72d60a1e80e81e2e68ca402665e2acbc46c5e471
Cr-Commit-Position: refs/heads/master@{#30154}

Review URL: https://codereview.chromium.org/1295433002

Cr-Commit-Position: refs/heads/master@{#30582}

9 years agoReland Vector ICs: platform support for vector-based stores.
mvstanton [Fri, 4 Sep 2015 08:36:29 +0000 (01:36 -0700)]
Reland Vector ICs: platform support for vector-based stores.

The last changes for vector store functionality, they are in 3 areas:

1) The new vector [keyed] store code stubs - implementation.
2) IC and handler compiler adjustments
3) Odds and ends. A change in ast.cc, a test update, a small Oracle fix.

TBR=bmeurer@chromium.org, jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1319123004

Cr-Commit-Position: refs/heads/master@{#30581}

9 years ago[turbofan] Split before loops.
mtrofin [Fri, 4 Sep 2015 08:28:00 +0000 (01:28 -0700)]
[turbofan] Split before loops.

If the range doesn't have calls, but still fails to allocate, try and find a split
position outside a loop.

BUG=

Review URL: https://codereview.chromium.org/1301393012

Cr-Commit-Position: refs/heads/master@{#30580}

9 years ago[turbofan] Greedy: split around calls heuristic.
mtrofin [Fri, 4 Sep 2015 06:50:16 +0000 (23:50 -0700)]
[turbofan] Greedy: split around calls heuristic.

Once  a range is found to have a conflict, split around all the calls it
crosses over, since it will anyway have conflicts there, too.

Incrementally, from the last change to greedy, this change brings
overall improvement in benchmarks. In fact, except for 2 regressions
in Jetstream (splay-latency and date-format-xparb, at 6 and 7%
respectivelly), everything else is in the green or noise. Quite a few
benchmarks are over 3%, with a few (zlib, for example) in the double
digits.

Review URL: https://codereview.chromium.org/1328783002

Cr-Commit-Position: refs/heads/master@{#30579}

9 years agoUpdate V8 DEPS.
v8-autoroll [Fri, 4 Sep 2015 03:28:09 +0000 (20:28 -0700)]
Update V8 DEPS.

Rolling v8/build/gyp to 2b17e0b26a93e8c9758c23aec6c554da4ca8f0a9

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review URL: https://codereview.chromium.org/1305273008

Cr-Commit-Position: refs/heads/master@{#30578}

9 years agoRemove obsolete functionality from the MacroAssemblers.
bmeurer [Thu, 3 Sep 2015 20:11:16 +0000 (13:11 -0700)]
Remove obsolete functionality from the MacroAssemblers.

This is uncontroversial the dead code removal part of
https://codereview.chromium.org/1307943013, which was
previously landed, but got reverted because of DOM
breakage that requires more investigation.

TBR=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1322843005

Cr-Commit-Position: refs/heads/master@{#30577}

9 years agoPPC: [es6] Initial steps towards a correct implementation of IsCallable.
mbrandy [Thu, 3 Sep 2015 18:44:40 +0000 (11:44 -0700)]
PPC: [es6] Initial steps towards a correct implementation of IsCallable.

Port 8a378f46d52ce64578c71313ed76a67592fbf63c

Original commit message:
    This turns the has_instance_call_handler bit on Map into an is_callable
    bit, that matches the spec definition of IsCallable (i.e. instances have
    [[Call]] internal methods).

    Also fix the typeof operator to properly say "function" for everything
    that is callable.

    Also remove the (unused) premature %_GetPrototype optimization from
    Crankshaft, which just complicated the Map bit swap.

R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, dstence@us.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1330613005

Cr-Commit-Position: refs/heads/master@{#30576}

9 years agoPPC: [es6] Introduce a dedicated JSIteratorResult type.
mbrandy [Thu, 3 Sep 2015 18:41:22 +0000 (11:41 -0700)]
PPC: [es6] Introduce a dedicated JSIteratorResult type.

Port 72bc4b5c8a5c4279bcb8b340edbc8aa1c46d75a1

Original commit message:
    Use a single JSIteratorResult type for all implementation provided
    iterator results (i.e. the String, Array and collection iterators,
    and also for generators).  This removes one source of unnecessary
    polymorphism in for-of loops.  It is accomplished by a new intrinsic
    %_CreateIterResultObject() that should be used to create iterator
    result objects from JavaScript builtins (there's a matching factory
    method for C++ code).

    Also restructure the %StringIteratorPrototype%.next() and
    %ArrayIteratorPrototype%.next() functions to be a bit more friendly
    to optimizing compilers.

R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, dstence@us.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1325203004

Cr-Commit-Position: refs/heads/master@{#30575}

9 years agoPPC: [es6] Re-implement rest parameters via desugaring.
mbrandy [Thu, 3 Sep 2015 18:40:09 +0000 (11:40 -0700)]
PPC: [es6] Re-implement rest parameters via desugaring.

Port 510baeacbab311798d5e8795800ff773d00d062c

Original commit message:
    Kills the kRestParameter bailout/disabled optimization, and fixes
    lazily parsed arrow functions with rest parameters.

    Supercedes https://crrev.com/1235153006/

R=caitpotter88@gmail.com, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, dstence@us.ibm.com
BUG=chromium:508074, v8:2160, v8:2700
LOG=N

Review URL: https://codereview.chromium.org/1318523006

Cr-Commit-Position: refs/heads/master@{#30574}

9 years ago[Tick processor] Add an option to the tick-processor to print the summary.
gdeepti [Thu, 3 Sep 2015 18:01:40 +0000 (11:01 -0700)]
[Tick processor] Add an option to the tick-processor to print the summary.
 - Print the summary excluding other tick information
 - Add test to verify that summary is printed correctly.

BUG=None
LOG=N

R=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1318933004

Cr-Commit-Position: refs/heads/master@{#30573}

9 years agoMIPS: Refine '[es6] Introduce a dedicated JSIteratorResult type.'
balazs.kilvady [Thu, 3 Sep 2015 17:51:15 +0000 (10:51 -0700)]
MIPS: Refine '[es6] Introduce a dedicated JSIteratorResult type.'

Port 72bc4b5c8a5c4279bcb8b340edbc8aa1c46d75a1

Original commit message:
Use a single JSIteratorResult type for all implementation provided
iterator results (i.e. the String, Array and collection iterators,
and also for generators).  This removes one source of unnecessary
polymorphism in for-of loops.  It is accomplished by a new intrinsic
%_CreateIterResultObject() that should be used to create iterator
result objects from JavaScript builtins (there's a matching factory
method for C++ code).

Also restructure the %StringIteratorPrototype%.next() and
%ArrayIteratorPrototype%.next() functions to be a bit more friendly
to optimizing compilers.

BUG=

Review URL: https://codereview.chromium.org/1315903005

Cr-Commit-Position: refs/heads/master@{#30572}