platform/upstream/v8.git
9 years agoElementsAccessor Array Builtins Cleanup
cbruni [Wed, 2 Sep 2015 06:41:56 +0000 (23:41 -0700)]
ElementsAccessor Array Builtins Cleanup
Repeat the same signatures for future refactoring

BUG=

Review URL: https://codereview.chromium.org/1302413006

Cr-Commit-Position: refs/heads/master@{#30532}

9 years agoFix type errors in unit test utilities.
pcc [Wed, 2 Sep 2015 04:55:07 +0000 (21:55 -0700)]
Fix type errors in unit test utilities.

Fixes all bad casts associated with operands of call and select operators
in the test suite.

Cleanup for cfi_vptr=1; see https://www.chromium.org/developers/testing/control-flow-integrity

BUG=chromium:457523
R=bmeurer@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1329643002

Cr-Commit-Position: refs/heads/master@{#30531}

9 years agoUpdate V8 DEPS.
v8-autoroll [Wed, 2 Sep 2015 03:27:43 +0000 (20:27 -0700)]
Update V8 DEPS.

Rolling v8/build/gyp to 121d89dfcd4f6ebe1c89524b3f9ca11ddd437e77

Rolling v8/tools/clang to a09a5fee59be457e0d7213d86f8bac72d232860d

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review URL: https://codereview.chromium.org/1322933004

Cr-Commit-Position: refs/heads/master@{#30530}

9 years agoEliminate use of CompilationInfo in several AstVisitor descendants.
bradnelson [Tue, 1 Sep 2015 23:06:29 +0000 (16:06 -0700)]
Eliminate use of CompilationInfo in several AstVisitor descendants.

We're moving away from using CompilationInfo as a big bag o' stuff.
Passing in just what we need to several AstVisitors to avoid
increasing the problem.

BUG=None
TEST=trybots
R=titzer@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1318823010

Cr-Commit-Position: refs/heads/master@{#30529}

9 years agoFix GN arm64 build, add msan support.
brettw [Tue, 1 Sep 2015 23:05:20 +0000 (16:05 -0700)]
Fix GN arm64 build, add msan support.

The arm64 build is missing a few recently-added files.

Compiling with msan requires that v8 be compiled in arm64 mode. Hook this up.

Review URL: https://codereview.chromium.org/1316233005

Cr-Commit-Position: refs/heads/master@{#30528}

9 years ago[simd.js] Disable SIMD polyfill.
gdeepti [Tue, 1 Sep 2015 22:24:49 +0000 (15:24 -0700)]
[simd.js] Disable SIMD polyfill.

Disable the polyfill in simd.js tests as the functions for Phase 1 have been implemented.

BUG=v8:4124
LOG=N

R=bbudge@chromium.org, bmeurer@chromium.org, littledan@chromium.org

Committed: https://crrev.com/749ba3a13558cb018a2ec783e5dfb56d2f8528d8
Cr-Commit-Position: refs/heads/master@{#30452}

Review URL: https://codereview.chromium.org/1305923005

Cr-Commit-Position: refs/heads/master@{#30527}

9 years agoAdding ElementsAccessor::Unshift
cbruni [Tue, 1 Sep 2015 21:19:44 +0000 (14:19 -0700)]
Adding ElementsAccessor::Unshift
Move BackingStore specific implementation from builtins.cc tp ElementsAccessor

BUG=

Review URL: https://codereview.chromium.org/1322803002

Cr-Commit-Position: refs/heads/master@{#30526}

9 years agoStage sloppy let
littledan [Tue, 1 Sep 2015 20:03:14 +0000 (13:03 -0700)]
Stage sloppy let

Move the --harmony-sloppy-let flag to staging for further testing, and
update test262 for the new passing tests. Also increase the strictness
of the parser, even in sloppy mode, to disallow "new legacy compat" for

  for (let x = 5 in {}) {}

which is now a SyntaxError.

BUG=v8:3305
LOG=Y
R=adamk

Review URL: https://codereview.chromium.org/1321013005

Cr-Commit-Position: refs/heads/master@{#30525}

9 years ago[heap,cctest] Fix CodeRange tests that use AllocateRawMemory directly.
mlippautz [Tue, 1 Sep 2015 18:39:13 +0000 (11:39 -0700)]
[heap,cctest] Fix CodeRange tests that use AllocateRawMemory directly.

* Enforce invariants on the way.
* Unmark flaky CodeRange test.

BUG=v8:4141
BUG=v8:3005
LOG=N

Review URL: https://codereview.chromium.org/1325853003

Cr-Commit-Position: refs/heads/master@{#30524}

9 years agoRemove harmony-atomics flag and collapse it into sharedarraybuffer flag
binji [Tue, 1 Sep 2015 18:33:51 +0000 (11:33 -0700)]
Remove harmony-atomics flag and collapse it into sharedarraybuffer flag

Having both flags is tedious, and it is unlikely you'd ever want them
separately.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1304163010

Cr-Commit-Position: refs/heads/master@{#30523}

9 years agoFix CPU profiler deadlock on Windows + AMD CPU.
alph [Tue, 1 Sep 2015 18:32:39 +0000 (11:32 -0700)]
Fix CPU profiler deadlock on Windows + AMD CPU.

Implement a lock free version of RolloverProtectedTickClock::Now
to eliminate a deadlock.

BUG=chromium:521420
LOG=Y

Committed: https://crrev.com/d6db8e5902af1f067f0f149844f4e92824ee93f3
Cr-Commit-Position: refs/heads/master@{#30489}

Review URL: https://codereview.chromium.org/1304873011

Cr-Commit-Position: refs/heads/master@{#30522}

9 years ago[Release] Stop prepending "r" to commit hashes
hablich [Tue, 1 Sep 2015 18:31:41 +0000 (11:31 -0700)]
[Release] Stop prepending "r" to commit hashes

Follow-up of https://codereview.chromium.org/1298973007/

Fix syntax

R=adamk@chromium.org, machenbach@chromium.org

Review URL: https://codereview.chromium.org/1324813003

Cr-Commit-Position: refs/heads/master@{#30521}

9 years agoAdd asm.js typer / validator.
bradnelson [Tue, 1 Sep 2015 18:30:34 +0000 (11:30 -0700)]
Add asm.js typer / validator.

Walk asm.js module ASTs, attach concrete type information
in preparation for generating a WASM module.

cctest test coverage (mjsunit coming in later CL).
Expressions, function tables, and foreign functions have coverage.
Statement coverage to be expanded in a later CL.

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-asm-validator
R=rossberg@chromium.org,titzer@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1322773002

Cr-Commit-Position: refs/heads/master@{#30520}

9 years ago[strong] Class constructor bodies cannot contain "use strong" directive
conradw [Tue, 1 Sep 2015 18:29:23 +0000 (11:29 -0700)]
[strong] Class constructor bodies cannot contain "use strong" directive

Since the constructor is also the class object itself, allowing it to
retroactively become a strong object would have unintuitive consequences
wrt the strength of the other functions of the class, and whether instances
would be considered instances of a strong class.

BUG=v8:3956
LOG=N

Review URL: https://codereview.chromium.org/1314203002

Cr-Commit-Position: refs/heads/master@{#30519}

9 years agoRevert of Stage sloppy let (patchset #7 id:120001 of https://codereview.chromium...
littledan [Tue, 1 Sep 2015 17:36:49 +0000 (10:36 -0700)]
Revert of Stage sloppy let (patchset #7 id:120001 of https://codereview.chromium.org/1327483002/ )

Reason for revert:
Fails a test262 test with --always-opt.

Original issue's description:
> Stage sloppy let
>
> Move the --harmony-sloppy-let flag to staging for further testing, and
> update test262 for the new passing tests. Also increase the strictness
> of the parser, even in sloppy mode, to disallow "new legacy compat" for
>
>   for (let x = 5 in {}) {}
>
> which is now a SyntaxError.
>
> BUG=v8:3305
> LOG=Y
> R=adamk
>
> Committed: https://crrev.com/07bc0117be8dc9e63ec14d5f9645c483d60a1bec
> Cr-Commit-Position: refs/heads/master@{#30515}

TBR=adamk@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3305

Review URL: https://codereview.chromium.org/1324033002

Cr-Commit-Position: refs/heads/master@{#30518}

9 years agoExtract common debugger code for processing compile events
yurys [Tue, 1 Sep 2015 16:36:14 +0000 (09:36 -0700)]
Extract common debugger code for processing compile events

BUG=chromium:520702
LOG=N

Review URL: https://codereview.chromium.org/1316213005

Cr-Commit-Position: refs/heads/master@{#30517}

9 years agoPPC: Crankshaft is now able to compile top level code even if there is a ScriptContext.
mbrandy [Tue, 1 Sep 2015 16:18:09 +0000 (09:18 -0700)]
PPC: Crankshaft is now able to compile top level code even if there is a ScriptContext.

Port 29ebcc32052d486cbc1933ac4738aa5cb68aa851

Original commit message:
    This CL introduces HPrologue instruction which does the context allocation work and supports deoptimization.

R=ishell@chromium.org, jyan@ca.ibm.com, dstence@us.ibm.com, joransiu@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1324023002

Cr-Commit-Position: refs/heads/master@{#30516}

9 years agoStage sloppy let
littledan [Tue, 1 Sep 2015 15:57:33 +0000 (08:57 -0700)]
Stage sloppy let

Move the --harmony-sloppy-let flag to staging for further testing, and
update test262 for the new passing tests. Also increase the strictness
of the parser, even in sloppy mode, to disallow "new legacy compat" for

  for (let x = 5 in {}) {}

which is now a SyntaxError.

BUG=v8:3305
LOG=Y
R=adamk

Review URL: https://codereview.chromium.org/1327483002

Cr-Commit-Position: refs/heads/master@{#30515}

9 years ago[presubmit] Fix runtime/indentation_namespace linter violations.
mstarzinger [Tue, 1 Sep 2015 15:19:57 +0000 (08:19 -0700)]
[presubmit] Fix runtime/indentation_namespace linter violations.

R=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1302413007

Cr-Commit-Position: refs/heads/master@{#30514}

9 years agoMake presubmit.py rules differential.
mstarzinger [Tue, 1 Sep 2015 14:28:21 +0000 (07:28 -0700)]
Make presubmit.py rules differential.

This turns the absolute list of linter rules within the presubmit.py
wrapper into a list relative to the default of the cpplint.py script.
This has the advantage that new rules are picked up when the script is
updated and that allowed violations are visible from the list.

R=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1325833005

Cr-Commit-Position: refs/heads/master@{#30513}

9 years agoVector ICs: Adapting store ic classes for vectors.
mvstanton [Tue, 1 Sep 2015 14:09:07 +0000 (07:09 -0700)]
Vector ICs: Adapting store ic classes for vectors.

BUG=

Review URL: https://codereview.chromium.org/1326483002

Cr-Commit-Position: refs/heads/master@{#30512}

9 years ago[test] Fix skipping slow tests.
machenbach [Tue, 1 Sep 2015 12:56:25 +0000 (05:56 -0700)]
[test] Fix skipping slow tests.

TBR=hablich@chromium.org
NOTRY=true

Review URL: https://codereview.chromium.org/1320443008

Cr-Commit-Position: refs/heads/master@{#30511}

9 years agoMIPS: Fix QuietSignalingNaNs on mips32r6.
akos.palfi [Tue, 1 Sep 2015 12:44:13 +0000 (05:44 -0700)]
MIPS: Fix QuietSignalingNaNs on mips32r6.

Use the correct sNaN value on mips32r6 also.

TEST=test-api/QuietSignalingNaNs,test-api/Threading1
BUG=

Review URL: https://codereview.chromium.org/1311473007

Cr-Commit-Position: refs/heads/master@{#30510}

9 years agoRevert "Revert of [turbofan] greedy: heuristic for memory operands
mtrofin [Tue, 1 Sep 2015 12:33:03 +0000 (05:33 -0700)]
Revert "Revert of [turbofan] greedy: heuristic for memory operands
(patchset #2 id:40001 of https://codereview.chromium.org/1306823005/ )"

This reverts commit f68cd33bdd342819abd5b091591ac78383c2e79d.

BUG=

Review URL: https://codereview.chromium.org/1314423006

Cr-Commit-Position: refs/heads/master@{#30509}

9 years agoMake type-feedback-vector.h usable without objects-inl.h header (and others).
mvstanton [Tue, 1 Sep 2015 12:28:09 +0000 (05:28 -0700)]
Make type-feedback-vector.h usable without objects-inl.h header (and others).

Pure refactoring to further reduce the header dependency tangle.

BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1309303008

Cr-Commit-Position: refs/heads/master@{#30508}

9 years ago[runtime] Remove unused TO_NUMBER and TO_STRING functions.
bmeurer [Tue, 1 Sep 2015 11:27:49 +0000 (04:27 -0700)]
[runtime] Remove unused TO_NUMBER and TO_STRING functions.

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/1304363012

Cr-Commit-Position: refs/heads/master@{#30507}

9 years ago[crankshaft] Cleanup representation calculation for Phis.
jarin [Tue, 1 Sep 2015 11:15:59 +0000 (04:15 -0700)]
[crankshaft] Cleanup representation calculation for Phis.

This replaces the counters for use representations with
simple tracking of most-general representation seen so far.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1315193010

Cr-Commit-Position: refs/heads/master@{#30506}

9 years agoRevert of Stop prepending "r" to commit hashes in merge_to_branch.py (patchset #1...
hablich [Tue, 1 Sep 2015 11:11:03 +0000 (04:11 -0700)]
Revert of Stop prepending "r" to commit hashes in merge_to_branch.py (patchset #1 id:1 of https://codereview.chromium.org/1298973007/ )

Reason for revert:
Result when using the script:

tools/release/merge_to_branch.py
  File "tools/release/merge_to_branch.py", line 108
    self["revision_list"] = ", ".join(self["full_revision_list"]))
                                                                 ^
SyntaxError: invalid syntax

Original issue's description:
> Stop prepending "r" to commit hashes in merge_to_branch.py
>
> R=machenbach@chromium.org
>
> Committed: https://crrev.com/e5dbfd06c3dab5934e846c40af2a8b7fb5cdf0d6
> Cr-Commit-Position: refs/heads/master@{#30483}

TBR=machenbach@chromium.org,adamk@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1321343002

Cr-Commit-Position: refs/heads/master@{#30505}

9 years ago[test] Increase simdjs test timeout on arm.
machenbach [Tue, 1 Sep 2015 11:02:30 +0000 (04:02 -0700)]
[test] Increase simdjs test timeout on arm.

TBR=bmeurer@chromium.org
NOTRY=true

Review URL: https://codereview.chromium.org/1308563010

Cr-Commit-Position: refs/heads/master@{#30504}

9 years ago[turbofan] Remove obsolete unique.h includes in TurboFan.
mstarzinger [Tue, 1 Sep 2015 10:30:40 +0000 (03:30 -0700)]
[turbofan] Remove obsolete unique.h includes in TurboFan.

Now that it is no longer needed, this also removes the invalid inclusion
of "object-inl.h" within the "unique.h" header file.

Note that this change still leaves 2 violations of that rule in the
code, checked with the "tools/check-inline-includes.sh" tool.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1321223002

Cr-Commit-Position: refs/heads/master@{#30503}

9 years agoRevert of heap: make array buffer maps disjoint (patchset #8 id:140001 of https:...
mlippautz [Tue, 1 Sep 2015 09:58:27 +0000 (02:58 -0700)]
Revert of heap: make array buffer maps disjoint (patchset #8 id:140001 of https://codereview.chromium.org/1316873004/ )

Reason for revert:
Precautionary revert. The change is incomplete.

Original issue's description:
> heap: make array buffer maps disjoint
>
> Remove intersection from the `std::map`s representing current live
> ArrayBuffers. While being simpler to understand, it poses significant
> performance issue for the active ArrayBuffer users (like node.js).
>
> Store buffers separately, and process them together during mark-sweep phase.
>
> The results of benchmarks are:
>
> $ ./node-slow bench && ./node-fast bench
> 4997.4 ns/op
> 4685.7 ns/op
>
> NOTE: `fast` - was a patched node.js, `slow` - unpatched node.js with vanilla v8.
>
> BUG=
>
> Committed: https://crrev.com/9e3676da9ab1aaf7de3e8582cb3fdefcc3dbaf33
> Cr-Commit-Position: refs/heads/master@{#30495}

TBR=hpayer@chromium.org,fedor@indutny.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1302233007

Cr-Commit-Position: refs/heads/master@{#30502}

9 years agoRevert of [turbofan] greedy: heuristic for memory operands (patchset #2 id:40001...
machenbach [Tue, 1 Sep 2015 09:37:23 +0000 (02:37 -0700)]
Revert of [turbofan] greedy: heuristic for memory operands (patchset #2 id:40001 of https://codereview.chromium.org/1306823005/ )

Reason for revert:
[Sheriff] Breaks test with greedy allocator:
http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20debug%20-%20greedy%20allocator/builds/1318

Original issue's description:
> [turbofan] greedy: heuristic for memory operands
>
> When we have a memory operand (HasSpillOperand() == true), and it
> doesn't need a register immediately, split in an optimal position, which
> is outside the outermost possible loop - just like Linear does.
>
> This results in some modest improvements in perf, when compared
> to baseline greedy. In particular Jetstream zlib x64: 4.66%, Life
> (Emscripten x64) 11%; largest regression is in AreWeFastYet x64: 8%
> and Corrections (Emsccripten x32) 10%
>
> BUG=
>
> Committed: https://crrev.com/8937bfc1d165ff6d72dede1b0ce6f7c1ab9fb260
> Cr-Commit-Position: refs/heads/master@{#30498}

TBR=jarin@chromium.org,bmeurer@chromium.org,mtrofin@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1311813005

Cr-Commit-Position: refs/heads/master@{#30501}

9 years agoMake isolate.h usable without objects-inl.h header.
mstarzinger [Tue, 1 Sep 2015 09:25:19 +0000 (02:25 -0700)]
Make isolate.h usable without objects-inl.h header.

This CL us a pure refactoring that makes an empty compilation unit
including just "isolate.h" or "contexts.h" but not "objects-inl.h"
compile without warnings or errors. This is needed to further reduce
the header dependency tangle.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1322883002

Cr-Commit-Position: refs/heads/master@{#30500}

9 years agoRead all integer op parameters using a signed integer type.
pcc [Tue, 1 Sep 2015 09:10:54 +0000 (02:10 -0700)]
Read all integer op parameters using a signed integer type.

The code was previously reading unsigned integers by performing an invalid cast
of Operator1<intNN_t> objects to Operator1<uintNN_t> and reading the integer
directly. To fix the invalid cast, we cast to the correct type and static_cast
the integer to uintNN_t, which is a no-op on every reasonable target.

Cleanup for cfi_vptr=1; see https://www.chromium.org/developers/testing/control-flow-integrity

BUG=chromium:457523
R=bmeurer@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1310633004

Cr-Commit-Position: refs/heads/master@{#30499}

9 years ago[turbofan] greedy: heuristic for memory operands
mtrofin [Tue, 1 Sep 2015 08:54:34 +0000 (01:54 -0700)]
[turbofan] greedy: heuristic for memory operands

When we have a memory operand (HasSpillOperand() == true), and it
doesn't need a register immediately, split in an optimal position, which
is outside the outermost possible loop - just like Linear does.

This results in some modest improvements in perf, when compared
to baseline greedy. In particular Jetstream zlib x64: 4.66%, Life
(Emscripten x64) 11%; largest regression is in AreWeFastYet x64: 8%
and Corrections (Emsccripten x32) 10%

BUG=

Review URL: https://codereview.chromium.org/1306823005

Cr-Commit-Position: refs/heads/master@{#30498}

9 years agoPort enabling rtti for cfi.
machenbach [Tue, 1 Sep 2015 08:02:56 +0000 (01:02 -0700)]
Port enabling rtti for cfi.

Partially port https://codereview.chromium.org/1243373003/

BUG=chromium:515782
LOG=n
NOTRY=true

Review URL: https://codereview.chromium.org/1329553002

Cr-Commit-Position: refs/heads/master@{#30497}

9 years agoCrankshaft is now able to compile top level code even if there is a ScriptContext.
ishell [Tue, 1 Sep 2015 07:06:49 +0000 (00:06 -0700)]
Crankshaft is now able to compile top level code even if there is a ScriptContext.

This CL introduces HPrologue instruction which does the context allocation work and supports deoptimization.

Review URL: https://codereview.chromium.org/1317383002

Cr-Commit-Position: refs/heads/master@{#30496}

9 years agoheap: make array buffer maps disjoint
fedor [Tue, 1 Sep 2015 06:51:51 +0000 (23:51 -0700)]
heap: make array buffer maps disjoint

Remove intersection from the `std::map`s representing current live
ArrayBuffers. While being simpler to understand, it poses significant
performance issue for the active ArrayBuffer users (like node.js).

Store buffers separately, and process them together during mark-sweep phase.

The results of benchmarks are:

$ ./node-slow bench && ./node-fast bench
4997.4 ns/op
4685.7 ns/op

NOTE: `fast` - was a patched node.js, `slow` - unpatched node.js with vanilla v8.

BUG=

Review URL: https://codereview.chromium.org/1316873004

Cr-Commit-Position: refs/heads/master@{#30495}

9 years ago[test] Skip slow tests.
machenbach [Tue, 1 Sep 2015 06:23:09 +0000 (23:23 -0700)]
[test] Skip slow tests.

TBR=hablich@chromium.org
NOTRY=true

Review URL: https://codereview.chromium.org/1307123003

Cr-Commit-Position: refs/heads/master@{#30494}

9 years agoFix invalid read of language mode from StorePropertyParameters.
pcc [Tue, 1 Sep 2015 05:04:59 +0000 (22:04 -0700)]
Fix invalid read of language mode from StorePropertyParameters.

Fixes an invalid cast of an Operator1<StorePropertyParameters> object
to Operator1<LanguageMode> by reading the language mode from
StorePropertyParameters. This code happened to work before because
StorePropertyParameters's first field has type LanguageMode.

Cleanup for cfi_vptr=1; see https://www.chromium.org/developers/testing/control-flow-integrity

BUG=chromium:457523
R=bmeurer@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1311393008

Cr-Commit-Position: refs/heads/master@{#30493}

9 years ago[turbofan] Re-wire greedy.
mtrofin [Tue, 1 Sep 2015 04:42:35 +0000 (21:42 -0700)]
[turbofan] Re-wire greedy.

We completely un-wired the greedy allocator to focus on the
stackchecks in loops (splintering) work. This change re-wires greedy,
still behind its flag. For now, enabling the greedy allocator disables
the stackchecks in loops feature (and range splintering), so that we are
at the baseline we left it at.

The main contribution in this change is adapting the codebase after
the live range model refactoring, whereby RegisterAllocationData's
live_ranges() contains just top-level ranges, and children are accessed
via their parents.

BUG=

Review URL: https://codereview.chromium.org/1320363002

Cr-Commit-Position: refs/heads/master@{#30492}

9 years agoDo not attempt to read language mode from {,Strict}{,Not}Equal nodes.
pcc [Tue, 1 Sep 2015 04:41:25 +0000 (21:41 -0700)]
Do not attempt to read language mode from {,Strict}{,Not}Equal nodes.

We were previously reading a language mode from all comparison nodes
in JSGenericLowering::ReplaceWithCompareIC. This read was invalid for
{,Strict}{,Not}Equal nodes, as these nodes do not have a language mode, as they
derive from Operator rather than from Operator1<LanguageMode>. Because these
nodes are not language mode dependent, we arbitrarily pass Strength::WEAK
to CodeFactory::CompareIC.

Cleanup for cfi_vptr=1; see https://www.chromium.org/developers/testing/control-flow-integrity

BUG=chromium:457523
R=bmeurer@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1319463003

Cr-Commit-Position: refs/heads/master@{#30491}

9 years agoRevert of Fix CPU profiler deadlock on Windows + AMD CPU. (patchset #1 id:1 of https...
alph [Tue, 1 Sep 2015 04:10:58 +0000 (21:10 -0700)]
Revert of Fix CPU profiler deadlock on Windows + AMD CPU. (patchset #1 id:1 of https://codereview.chromium.org/1304873011/ )

Reason for revert:
Broke a test

Original issue's description:
> Fix CPU profiler deadlock on Windows + AMD CPU.
>
> Implement a lock free version of RolloverProtectedTickClock::Now
> to eliminate a deadlock.
>
> BUG=chromium:521420
> LOG=Y
>
> Committed: https://crrev.com/d6db8e5902af1f067f0f149844f4e92824ee93f3
> Cr-Commit-Position: refs/heads/master@{#30489}

TBR=yurys@chromium.org,caseq@chromium.org,bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:521420

Review URL: https://codereview.chromium.org/1303423006

Cr-Commit-Position: refs/heads/master@{#30490}

9 years agoFix CPU profiler deadlock on Windows + AMD CPU.
alph [Tue, 1 Sep 2015 04:02:31 +0000 (21:02 -0700)]
Fix CPU profiler deadlock on Windows + AMD CPU.

Implement a lock free version of RolloverProtectedTickClock::Now
to eliminate a deadlock.

BUG=chromium:521420
LOG=Y

Review URL: https://codereview.chromium.org/1304873011

Cr-Commit-Position: refs/heads/master@{#30489}

9 years agoPostpone interrupts while dipatching debugger events to listeners
yurys [Mon, 31 Aug 2015 22:32:46 +0000 (15:32 -0700)]
Postpone interrupts while dipatching debugger events to listeners

The interrupts are already postponed in message handlers [1]. This CL aligns debug event listener (the mechanism that is actually used in Chrome DevTools) implementation with that. Handling interrupts on events like v8::AfterCompile leads to crashes like the one in the lined bug. This happens because in the interrupt handler we may change debugger state.

[1] https://codereview.chromium.org/309533009/diff/40001/src/debug.cc

BUG=chromium:520702
LOG=Y

Review URL: https://codereview.chromium.org/1321263002

Cr-Commit-Position: refs/heads/master@{#30488}

9 years ago[heap] Properly decrement amount of externally allocated memory
Michael Lippautz [Mon, 31 Aug 2015 21:11:15 +0000 (23:11 +0200)]
[heap] Properly decrement amount of externally allocated memory

TBR=mstarzinger@chromium.org
BUG=chromium:526244
LOG=N

Review URL: https://codereview.chromium.org/1329493002 .

Cr-Commit-Position: refs/heads/master@{#30487}

9 years agoMake Date.prototype an ordinary object
littledan [Mon, 31 Aug 2015 20:45:35 +0000 (13:45 -0700)]
Make Date.prototype an ordinary object

This is a change for ES2015. Date objects have mutable state, so having
a mutable prototype is bad for SES requirements, and it is an
inconsistency from the typical ES2015 class style of objects

BUG=v8:4004
LOG=Y
R=adamk

Review URL: https://codereview.chromium.org/1317403002

Cr-Commit-Position: refs/heads/master@{#30486}

9 years agoMIPS: [builtins] Pass correct number of arguments after adapting arguments.
akos.palfi [Mon, 31 Aug 2015 20:11:12 +0000 (13:11 -0700)]
MIPS: [builtins] Pass correct number of arguments after adapting arguments.

Port fbad63669e309e8c5c3f2ecf503df2fefaac79bb

Original commit message:
The call protocol requires that the register dedicated to the number of
actual arguments (i.e. rax on x64) always contains the actual arguments.
That means after adapting arguments it should match the number of
expected arguments.  But currently we pass some semi-random value
(usually some stack address) after adapting arguments.

It looks like this is currently not observable anywhere, because our
builtins and functions either don't look at the number of arguments and
just make hard coded (unchecked) assumptions, or are marked as "don't
adapt arguments", which bypasses the broken code in the trampoline for
arguments adaption.  Nevertheless this should be fixed.

BUG=

Review URL: https://codereview.chromium.org/1322953002

Cr-Commit-Position: refs/heads/master@{#30485}

9 years agoRefactor type collector testing macros.
bradnelson [Mon, 31 Aug 2015 19:16:51 +0000 (12:16 -0700)]
Refactor type collector testing macros.

Assume a zone is in scope instead of a handles object.
Move INT32_TYPE into test-typing-reset.
Provide a CHECK_SKIP() macro to allow skipping
sections of an ast expression walk.

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-typing-reset, test-ast-expression-visitor
R=rossberg@chromium.org,titzer@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1319983004

Cr-Commit-Position: refs/heads/master@{#30484}

9 years agoStop prepending "r" to commit hashes in merge_to_branch.py
adamk [Mon, 31 Aug 2015 17:46:11 +0000 (10:46 -0700)]
Stop prepending "r" to commit hashes in merge_to_branch.py

R=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1298973007

Cr-Commit-Position: refs/heads/master@{#30483}

9 years agoDrop region parameter to Unbounded, as it can be done without.
bradnelson [Mon, 31 Aug 2015 17:36:54 +0000 (10:36 -0700)]
Drop region parameter to Unbounded, as it can be done without.

Unbounded is defined in terms of None any Any,
which don't require an explicit zone.
Switching Unbounded to be the same.

BUG= None
TEST= trybots
R= titzer@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1322003002

Cr-Commit-Position: refs/heads/master@{#30482}

9 years agoTreat the x*1 generated by parsing a unary + as containing a dot.
bradnelson [Mon, 31 Aug 2015 16:35:51 +0000 (09:35 -0700)]
Treat the x*1 generated by parsing a unary + as containing a dot.

Since we convert +x to x*1, we loose information about whether
the 1 was intended to be a floating point value for asm.js or not.

Mark the generated 1 as containing a dot (i.e. 1.0).

BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-parser
R=rossberg@chromium.org,titzer@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1306683003

Cr-Commit-Position: refs/heads/master@{#30481}

9 years agoPPC: [builtins] Pass correct number of arguments after adapting arguments.
mbrandy [Mon, 31 Aug 2015 16:32:33 +0000 (09:32 -0700)]
PPC: [builtins] Pass correct number of arguments after adapting arguments.

Port fbad63669e309e8c5c3f2ecf503df2fefaac79bb

Original commit message:
    The call protocol requires that the register dedicated to the number of
    actual arguments (i.e. rax on x64) always contains the actual arguments.
    That means after adapting arguments it should match the number of
    expected arguments.  But currently we pass some semi-random value
    (usually some stack address) after adapting arguments.

    It looks like this is currently not observable anywhere, because our
    builtins and functions either don't look at the number of arguments and
    just make hard coded (unchecked) assumptions, or are marked as "don't
    adapt arguments", which bypasses the broken code in the trampoline for
    arguments adaption.  Nevertheless this should be fixed.

R=bmeurer@chromium.org, jyan@ca.ibm.com, dstence@us.ibm.com, joransiu@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1306953005

Cr-Commit-Position: refs/heads/master@{#30480}

9 years agoMIPS64: Fix alignment issue in test-run-native-calls.
paul.lind [Mon, 31 Aug 2015 15:45:02 +0000 (08:45 -0700)]
MIPS64: Fix alignment issue in test-run-native-calls.

BUG=

Review URL: https://codereview.chromium.org/1323663003

Cr-Commit-Position: refs/heads/master@{#30479}

9 years ago[heap] Fix recursive GCs caused by adjusting externally allocated memory
mlippautz [Mon, 31 Aug 2015 15:36:24 +0000 (08:36 -0700)]
[heap] Fix recursive GCs caused by adjusting externally allocated memory

R=mstarzinger@chromium.org
BUG=chromium:526244
LOG=N

Review URL: https://codereview.chromium.org/1325643002

Cr-Commit-Position: refs/heads/master@{#30478}

9 years agoAdding ElementsAccessor::Pop
cbruni [Mon, 31 Aug 2015 15:18:01 +0000 (08:18 -0700)]
Adding ElementsAccessor::Pop
Moving FastElements path to ElementsAccessor.

BUG=

Review URL: https://codereview.chromium.org/1325483002

Cr-Commit-Position: refs/heads/master@{#30477}

9 years agoMake frames.h usable without handles-inl.h header.
mstarzinger [Mon, 31 Aug 2015 15:04:22 +0000 (08:04 -0700)]
Make frames.h usable without handles-inl.h header.

This CL us a pure refactoring that makes an empty compilation unit
including just "frames.h" but not "handles-inl.h" compile without
warnings or errors. This is needed to further reduce the header
dependency tangle.

R=ishell@chromium.org

Review URL: https://codereview.chromium.org/1319423003

Cr-Commit-Position: refs/heads/master@{#30476}

9 years ago[turbofan] Live Range unit tests.
mtrofin [Mon, 31 Aug 2015 13:26:57 +0000 (06:26 -0700)]
[turbofan] Live Range unit tests.

Unit tests for split/splinter/merge.

BUG=

Review URL: https://codereview.chromium.org/1315113003

Cr-Commit-Position: refs/heads/master@{#30475}

9 years ago[runtime] Use utils.InstallFunctions for Symbol.prototype[@@toPrimitive].
bmeurer [Mon, 31 Aug 2015 12:57:38 +0000 (05:57 -0700)]
[runtime] Use utils.InstallFunctions for Symbol.prototype[@@toPrimitive].

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1310163004

Cr-Commit-Position: refs/heads/master@{#30474}

9 years ago[es6] Implement Date.prototype[@@toPrimitive] as C++ builtin.
bmeurer [Mon, 31 Aug 2015 12:52:59 +0000 (05:52 -0700)]
[es6] Implement Date.prototype[@@toPrimitive] as C++ builtin.

This way we don't need to expose JSReceiver::OrdinaryToPrimitive
as runtime function, and we don't need the separate JS trampoline.

This also adds tests for ToPrimitive on date objects, which are
special.

R=mstarzinger@chromium.org
BUG=v8:4307
LOG=n

Review URL: https://codereview.chromium.org/1324713002

Cr-Commit-Position: refs/heads/master@{#30473}

9 years agoUpdate V8 DEPS.
v8-autoroll [Mon, 31 Aug 2015 12:20:22 +0000 (05:20 -0700)]
Update V8 DEPS.

Rolling v8/tools/clang to 64370e74764d1fa9f50151d0e6025b0399370100

TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1320293002

Cr-Commit-Position: refs/heads/master@{#30472}

9 years agoAdding ElementsAccessor::Slice
cbruni [Mon, 31 Aug 2015 12:19:16 +0000 (05:19 -0700)]
Adding ElementsAccessor::Slice

- Move fast paths from builtins.cc ArraySlice to ElementsAccessor
- Handle more argument types in the fast path

BUG=

Review URL: https://codereview.chromium.org/1321773002

Cr-Commit-Position: refs/heads/master@{#30471}

9 years agoRevert of [simd.js] Disable SIMD polyfill. (patchset #2 id:20001 of https://coderevie...
machenbach [Mon, 31 Aug 2015 11:59:09 +0000 (04:59 -0700)]
Revert of [simd.js] Disable SIMD polyfill. (patchset #2 id:20001 of https://codereview.chromium.org/1305923005/ )

Reason for revert:
Breaks simdjs performance tests. See:
https://paste.googleplex.com/5883927122149376

Original issue's description:
> [simd.js] Disable SIMD polyfill.
>
> Disable the polyfill in simd.js tests as the functions for Phase 1 have been implemented.
>
> BUG=v8:4124
> LOG=N
>
> R=bbudge@chromium.org, bmeurer@chromium.org, littledan@chromium.org
>
> Committed: https://crrev.com/749ba3a13558cb018a2ec783e5dfb56d2f8528d8
> Cr-Commit-Position: refs/heads/master@{#30452}

TBR=littledan@chromium.org,bmeurer@chromium.org,bradnelson@chromium.org,bbudge@chromium.org,gdeepti@google.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4124

Review URL: https://codereview.chromium.org/1308003003

Cr-Commit-Position: refs/heads/master@{#30470}

9 years ago[test] Remove unused code.
machenbach [Mon, 31 Aug 2015 11:52:17 +0000 (04:52 -0700)]
[test] Remove unused code.

BUG=

Review URL: https://codereview.chromium.org/1313213007

Cr-Commit-Position: refs/heads/master@{#30469}

9 years agoDrop ambiguous MaybeHandle comparison and hashing ops.
mstarzinger [Mon, 31 Aug 2015 11:37:35 +0000 (04:37 -0700)]
Drop ambiguous MaybeHandle comparison and hashing ops.

The default equality comparison operators and hashing functions for
Handles are ambiguous. The intended semantics might have either been
based on Handle locations or on object identity. This is why such
operators do not exist on Handle. The same argument applies to the
MaybeHandle class as well. Comments in that regard were also added.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1319383002

Cr-Commit-Position: refs/heads/master@{#30468}

9 years ago[builtins] Pass correct number of arguments after adapting arguments.
bmeurer [Mon, 31 Aug 2015 11:28:51 +0000 (04:28 -0700)]
[builtins] Pass correct number of arguments after adapting arguments.

The call protocol requires that the register dedicated to the number of
actual arguments (i.e. rax on x64) always contains the actual arguments.
That means after adapting arguments it should match the number of
expected arguments.  But currently we pass some semi-random value
(usually some stack address) after adapting arguments.

It looks like this is currently not observable anywhere, because our
builtins and functions either don't look at the number of arguments and
just make hard coded (unchecked) assumptions, or are marked as "don't
adapt arguments", which bypasses the broken code in the trampoline for
arguments adaption.  Nevertheless this should be fixed.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1306423003

Cr-Commit-Position: refs/heads/master@{#30467}

9 years ago[test] Skip slow test on no18n bot.
machenbach [Mon, 31 Aug 2015 11:14:57 +0000 (04:14 -0700)]
[test] Skip slow test on no18n bot.

TBR=hablich@chromium.org
NOTRY=true

Review URL: https://codereview.chromium.org/1321063004

Cr-Commit-Position: refs/heads/master@{#30466}

9 years ago[turbofan] Break dependency on RegisterAllocationData from Merge.
mtrofin [Mon, 31 Aug 2015 10:45:13 +0000 (03:45 -0700)]
[turbofan] Break dependency on RegisterAllocationData from Merge.

Found this while working on the unit tests for split/splinter/merge. The
dependency is unnecessary and hinders testability.

BUG=

Review URL: https://codereview.chromium.org/1325453005

Cr-Commit-Position: refs/heads/master@{#30465}

9 years agoMake unsafe Unique<T> constructor private.
mstarzinger [Mon, 31 Aug 2015 10:44:05 +0000 (03:44 -0700)]
Make unsafe Unique<T> constructor private.

The constructor taking an artificial raw address was only used as a
workaround in TurboFan. It should only be accessible by constructor
functions internal to Unique<T>.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1326493002

Cr-Commit-Position: refs/heads/master@{#30464}

9 years agoRevert of [heap] More flag cleanup. (patchset #8 id:140001 of https://codereview...
hablich [Mon, 31 Aug 2015 10:23:26 +0000 (03:23 -0700)]
Revert of [heap] More flag cleanup. (patchset #8 id:140001 of https://codereview.chromium.org/1314863003/ )

Reason for revert:
Breaks http://build.chromium.org/p/client.v8/builders/V8%20Arm%20-%20debug%20-%202/builds/2372

Original issue's description:
> [heap] GC flag cleanup/restructuring.
>
> * GC's flags are now proper flags and not int.
> * Callback flags are not threaded through but only set once like gc flags
> * Callers of methods that trigger GCs need to pass a reason when not using
>   the default parameters.
>
> Furthermore, each GC invocation can be passed the GC and GCCallback flags. We
> usually override the currently set flags upon finishing a GC cylce, but are able
> to restore the previously set if desired. This is useful for explicitely
> triggered scavenges or external requests that interrupt the current behaviour.
>
> BUG=
>
> Committed: https://crrev.com/f4f3b431b9ce0778d926acf03c0d36dae5c0cba4
> Cr-Commit-Position: refs/heads/master@{#30457}

TBR=hpayer@chromium.org,yangguo@chromium.org,mlippautz@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1303393004

Cr-Commit-Position: refs/heads/master@{#30463}

9 years agoRevert of Native context: install array methods via runtime import. (patchset #1...
machenbach [Mon, 31 Aug 2015 10:09:52 +0000 (03:09 -0700)]
Revert of Native context: install array methods via runtime import. (patchset #1 id:1 of https://codereview.chromium.org/1324483002/ )

Reason for revert:
This breaks builds without i18n support. Bisected locally. See builder:

http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20noi18n%20-%20debug/builds/4285

http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20noi18n%20-%20debug/builds/4285/steps/Check/logs/Threading1

# Fatal error in .././src/objects-inl.h, line 1381
# Check failed: READ_FIELD(this, offset)->IsSmi().

Original issue's description:
> Native context: install array methods via runtime import.
>
> R=cbruni@chromium.org
>
> Committed: https://crrev.com/08ee2132a818a0178038afa521ca06c297195cc9
> Cr-Commit-Position: refs/heads/master@{#30446}

TBR=cbruni@chromium.org,yangguo@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1314193003

Cr-Commit-Position: refs/heads/master@{#30462}

9 years ago[turbofan] Factored out the test live range builder.
mtrofin [Mon, 31 Aug 2015 09:57:33 +0000 (02:57 -0700)]
[turbofan] Factored out the test live range builder.

I plan to reuse this for live range splitting/splintering/merging tests.

BUG=

Review URL: https://codereview.chromium.org/1305313008

Cr-Commit-Position: refs/heads/master@{#30461}

9 years agoX87: [runtime] Add %ToString and %_ToString and remove the TO_STRING builtin.
chunyang.dai [Mon, 31 Aug 2015 09:23:16 +0000 (02:23 -0700)]
X87: [runtime] Add %ToString and %_ToString and remove the TO_STRING builtin.

port 09de997b3504368d40644afa7310b90faff5d09c (r30442).

original commit message:

    This adds a new ToString runtime function and a fast-path ToStringStub
    (which is just a simple dispatcher for existing functionality), and also
    implements %_ToName using the ToStringStub.

R=weiliang.lin@intel.com
BUG=

Review URL: https://codereview.chromium.org/1326473002

Cr-Commit-Position: refs/heads/master@{#30460}

9 years agoTest that "yield" expressions are disallowed in arrow formal parameter initializers
wingo [Mon, 31 Aug 2015 08:47:47 +0000 (01:47 -0700)]
Test that "yield" expressions are disallowed in arrow formal parameter initializers

R=adamk@chromium.org
LOG=N
BUG=v8:4397,v8:4394

Review URL: https://codereview.chromium.org/1318253002

Cr-Commit-Position: refs/heads/master@{#30459}

9 years ago[turbofan] Remove usage of Unique<T> from graph.
mstarzinger [Mon, 31 Aug 2015 08:24:52 +0000 (01:24 -0700)]
[turbofan] Remove usage of Unique<T> from graph.

The usage of Unique<T> throughout the TurboFan IR does not have any
advantage. There is no single point in time when they are initialized
and most use-sites looked through to the underlying Handle<T> anyways.
Also there already was a mixture of Handle<T> versus Unique<T> in the
graph and this unifies the situation to use Handle<T> everywhere.

R=bmeurer@chromium.org,titzer@chromium.org

Review URL: https://codereview.chromium.org/1314473007

Cr-Commit-Position: refs/heads/master@{#30458}

9 years ago[heap] GC flag cleanup/restructuring.
mlippautz [Mon, 31 Aug 2015 07:58:41 +0000 (00:58 -0700)]
[heap] GC flag cleanup/restructuring.

* GC's flags are now proper flags and not int.
* Callback flags are not threaded through but only set once like gc flags
* Callers of methods that trigger GCs need to pass a reason when not using
  the default parameters.

Furthermore, each GC invocation can be passed the GC and GCCallback flags. We
usually override the currently set flags upon finishing a GC cylce, but are able
to restore the previously set if desired. This is useful for explicitely
triggered scavenges or external requests that interrupt the current behaviour.

BUG=

Review URL: https://codereview.chromium.org/1314863003

Cr-Commit-Position: refs/heads/master@{#30457}

9 years ago[turbofan] Optimize Splinter by remembering where it left off.
mtrofin [Mon, 31 Aug 2015 07:06:08 +0000 (00:06 -0700)]
[turbofan] Optimize Splinter by remembering where it left off.

Splintering relies on DetachAt, which in turn relies on
FirstSearchIntervalForPosition to find the first UseInterval
to split, given a position. The later API (Find...) has an
optimization for linear traversals. Splintering traverses
linearly (block by block), so we leverage the same
optimization by moving current_interval_ forward.

(Also added an unrelated TODO.)

BUG=chromium:524880
LOG=n

Review URL: https://codereview.chromium.org/1322623007

Cr-Commit-Position: refs/heads/master@{#30456}

9 years agoRe-enable LLVM LTO for ARM.
pcc [Fri, 28 Aug 2015 23:05:31 +0000 (16:05 -0700)]
Re-enable LLVM LTO for ARM.

v8 is optimized for speed. Because GCC LTO merges flags at link time,
we disable LTO to prevent any -O2 flags from taking precedence over v8's
-Os flag. However, LLVM LTO does not work this way so we keep LTO enabled
under LLVM.

This fixes the ARM build in the cfi_vptr==1 configuration, which requires
LLVM LTO.

R=adamk@chromium.org
BUG=chromium:469376
LOG=N

Review URL: https://codereview.chromium.org/1295673002

Cr-Commit-Position: refs/heads/master@{#30455}

9 years agoPropagate switch statement value for 'eval'
littledan [Fri, 28 Aug 2015 22:43:00 +0000 (15:43 -0700)]
Propagate switch statement value for 'eval'

This patch changes the switch scope desugaring to create blocks which
propagate their 'return value' for eval.

BUG=v8:4399
R=adamk
LOG=Y

Review URL: https://codereview.chromium.org/1309303006

Cr-Commit-Position: refs/heads/master@{#30454}

9 years agoEnsure hole checks take place in switch statement scopes
littledan [Fri, 28 Aug 2015 18:49:48 +0000 (11:49 -0700)]
Ensure hole checks take place in switch statement scopes

Switch statements introduce their own scope for cases, but this scope
is not necessarily executed in order, as the following function shows:

  switch (x) {
    case 1:
      let y = 1;
    case 2:
      y = 2;
    case 3:
      print(y);
  }

If x = 2 or x = 3, the code should throw a ReferenceError. However,
FullCodeGen's hole check elimination used the simple algorithm of
assuming that if the initializer was in the same scope, then it was
reached before the use, and therefore the hole check could be
eliminated.

This patch adds an extra bit to scopes, to track if they may
nonlinearly. The parser marks the scope that switch introduces as
nonlinear. FullCodeGen does not eliminate the hole check from
a scope which is nonlinear. This patch refactors FullCodeGen to
put the hole check elimination in one place, rather than in each
backend.

BUG=v8:3926
LOG=Y
R=adamk

Review URL: https://codereview.chromium.org/1312613003

Cr-Commit-Position: refs/heads/master@{#30453}

9 years ago[simd.js] Disable SIMD polyfill.
gdeepti [Fri, 28 Aug 2015 18:48:39 +0000 (11:48 -0700)]
[simd.js] Disable SIMD polyfill.

Disable the polyfill in simd.js tests as the functions for Phase 1 have been implemented.

BUG=v8:4124
LOG=N

R=bbudge@chromium.org, bmeurer@chromium.org, littledan@chromium.org

Review URL: https://codereview.chromium.org/1305923005

Cr-Commit-Position: refs/heads/master@{#30452}

9 years agoSloppy-mode let parsing
littledan [Fri, 28 Aug 2015 18:47:30 +0000 (11:47 -0700)]
Sloppy-mode let parsing

This patch makes 'let' a contextual keyword in both strict and sloppy mode.
It behaves as a keyword when used at the beginning of a StatementListItem
or lexical declaration at the beginning of a for statement, if it is followed
by an identifier, [ or {. Implementing this change requires an extra token
look-ahead by the parser which is only invoked in certain cases (so as to
avoid parsing RegExps as ECMAScript tokens). This might result in a slowdown
of the scanner, but performance testing of this patch hasn't yet found much
of a regression.

BUG=v8:3305
LOG=Y
R=adamk,vogelheim

Review URL: https://codereview.chromium.org/1315673009

Cr-Commit-Position: refs/heads/master@{#30451}

9 years ago[Interpreter] Add support for loading literals from the constant pool.
rmcilroy [Fri, 28 Aug 2015 15:40:52 +0000 (08:40 -0700)]
[Interpreter] Add support for loading literals from the constant pool.

Adds support to the interpreter for loading literals from the constant pool.
Adds the LoadConstant bytecode and makes use of it for loading large Smis and
HeapObject literals.

Also removes unused HandleVector from utils.h.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1321663003

Cr-Commit-Position: refs/heads/master@{#30450}

9 years agoPPC: [runtime] Add %ToString and %_ToString and remove the TO_STRING builtin.
mbrandy [Fri, 28 Aug 2015 15:34:07 +0000 (08:34 -0700)]
PPC: [runtime] Add %ToString and %_ToString and remove the TO_STRING builtin.

Port 09de997b3504368d40644afa7310b90faff5d09c

Original commit message:
    This adds a new ToString runtime function and a fast-path ToStringStub
    (which is just a simple dispatcher for existing functionality), and also
    implements %_ToName using the ToStringStub.

R=bmeurer@chromium.org, jyan@ca.ibm.com, dstence@us.ibm.com, joransiu@ca.ibm.com
BUG=v8:4307
LOG=n

Review URL: https://codereview.chromium.org/1310493004

Cr-Commit-Position: refs/heads/master@{#30449}

9 years agoAdd test-run-native-calls tests for mixed parameters.
titzer [Fri, 28 Aug 2015 15:30:03 +0000 (08:30 -0700)]
Add test-run-native-calls tests for mixed parameters.

R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1314973004

Cr-Commit-Position: refs/heads/master@{#30448}

9 years ago[turbofan] Splintering: special case deoptimizing blocks.
mtrofin [Fri, 28 Aug 2015 15:07:35 +0000 (08:07 -0700)]
[turbofan] Splintering: special case deoptimizing blocks.

This avoids a whole range traversal each time we encounter a deferred
block (or a succession of them). The traversal (in the removed
IsIntervalAlreadyExcluded) is unnecessary - an interval with a hole
where deferred blocks are shouldn't be listed in the in/out sets of
those blocks in the first place.

It turns out the root cause (that appeared like we had to special
case ranges with holes, as the comment described) was deferred
blocks with a deoptimization call. That would place the live range
in the in_set of the block, but then splitting would fail because the start
and split position would be the same - this is because everywhere else,
the deferred block would have at least a second instruction, other
than the use - like a jump - ahead of which we'd perform the lower
part of the splintering. In the usual case, this choice of a position
avoids moves on the hot path (because any moves will be before the
jump, but still in the deferred block).

With deoptimization calls, that's not the case, there is just one
instruction, the deoptimization call. So we perform the second cut of
the splintering right after the block. Since there is no control flow from
the deoptimization block to any functional block - the control flow
goes to the exit block - the range connector won't insert moves on the
hot path - although we may want to see what happens for the exit
block, and maybe teach the range connector to ignore control flow
appearing to come from blocks with deoptimization calls.

Review URL: https://codereview.chromium.org/1323473003

Cr-Commit-Position: refs/heads/master@{#30447}

9 years agoNative context: install array methods via runtime import.
yangguo [Fri, 28 Aug 2015 13:39:34 +0000 (06:39 -0700)]
Native context: install array methods via runtime import.

R=cbruni@chromium.org

Review URL: https://codereview.chromium.org/1324483002

Cr-Commit-Position: refs/heads/master@{#30446}

9 years ago[turbofan] Use the SharedInfo only if we have it in the code generator.
titzer [Fri, 28 Aug 2015 13:17:07 +0000 (06:17 -0700)]
[turbofan] Use the SharedInfo only if we have it in the code generator.

R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1303953007

Cr-Commit-Position: refs/heads/master@{#30445}

9 years agoReorder KeyedStoreIC MISS code to avoid unnecessary compilation.
mvstanton [Fri, 28 Aug 2015 13:13:11 +0000 (06:13 -0700)]
Reorder KeyedStoreIC MISS code to avoid unnecessary compilation.

We can set the property in the MISS handler before organizing our handlers
for element-based keyed stores. Since the property set may fail with an
exception, this saves work.

BUG=

Review URL: https://codereview.chromium.org/1308073010

Cr-Commit-Position: refs/heads/master@{#30444}

9 years ago[heap] Move IdentityMap data structure out of heap.
mstarzinger [Fri, 28 Aug 2015 13:00:59 +0000 (06:00 -0700)]
[heap] Move IdentityMap data structure out of heap.

This data structure uses the public heap API only and is not specific
to any heap internals. It should be usable throughout V8 and inclusion
of the header file should not be restricted.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1320503004

Cr-Commit-Position: refs/heads/master@{#30443}

9 years ago[runtime] Add %ToString and %_ToString and remove the TO_STRING builtin.
bmeurer [Fri, 28 Aug 2015 12:59:51 +0000 (05:59 -0700)]
[runtime] Add %ToString and %_ToString and remove the TO_STRING builtin.

This adds a new ToString runtime function and a fast-path ToStringStub
(which is just a simple dispatcher for existing functionality), and also
implements %_ToName using the ToStringStub.

R=mstarzinger@chromium.org, yangguo@chromium.org
BUG=v8:4307
LOG=n

Review URL: https://codereview.chromium.org/1319973007

Cr-Commit-Position: refs/heads/master@{#30442}

9 years agoImprove handling of debug name in CompilationInfo.
titzer [Fri, 28 Aug 2015 12:46:12 +0000 (05:46 -0700)]
Improve handling of debug name in CompilationInfo.

R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1320103002

Cr-Commit-Position: refs/heads/master@{#30441}

9 years agoX87: [Interpreter] Add support for parameter variables.
chunyang.dai [Fri, 28 Aug 2015 11:00:35 +0000 (04:00 -0700)]
X87:  [Interpreter] Add support for parameter variables.

port 5d975694e4d3ecf66716cc5395d4d10c9730f9dd (r30403)

original commit message:

    Adds support for parameters to the BytecodeArrayBuilder and BytecodeGenerator.
    Parameters are accessed as negative interpreter registers.

R=weiliang.lin@intel.com
BUG=

Review URL: https://codereview.chromium.org/1324453003

Cr-Commit-Position: refs/heads/master@{#30440}

9 years agoUse ShouldEnsureSpaceForLazyDeopt more.
titzer [Fri, 28 Aug 2015 10:46:42 +0000 (03:46 -0700)]
Use ShouldEnsureSpaceForLazyDeopt more.

R=mcilroy@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1310283005

Cr-Commit-Position: refs/heads/master@{#30439}

9 years agoNative context: do not put public symbols and flags on the js builtins object.
yangguo [Fri, 28 Aug 2015 10:22:31 +0000 (03:22 -0700)]
Native context: do not put public symbols and flags on the js builtins object.

R=cbruni@chromium.org,mlippautz@chromium.org

Review URL: https://codereview.chromium.org/1318043002

Cr-Commit-Position: refs/heads/master@{#30438}

9 years ago[test] Fix wrong mjsunit.status line.
Benedikt Meurer [Fri, 28 Aug 2015 10:22:00 +0000 (12:22 +0200)]
[test] Fix wrong mjsunit.status line.

TBR=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1325453002 .

Cr-Commit-Position: refs/heads/master@{#30437}

9 years ago[test] Properly disable test that doesn't work in GC stress.
Benedikt Meurer [Fri, 28 Aug 2015 10:20:29 +0000 (12:20 +0200)]
[test] Properly disable test that doesn't work in GC stress.

The magic "print(i)" work-around was no longer work-arounding correctly,
so we do the right thing instead now.

TBR=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1306843004 .

Cr-Commit-Position: refs/heads/master@{#30436}

9 years ago[es6] Implement spec compliant ToName (actually ToPropertyKey).
bmeurer [Fri, 28 Aug 2015 09:46:41 +0000 (02:46 -0700)]
[es6] Implement spec compliant ToName (actually ToPropertyKey).

This adds a %ToName runtime entry that uses the previously introduced
Object::ToName, which is based on the new Object::ToPrimitive method.
Also removes the need to expose ToName in various way via the builtins
and/or context.

Drive-by-fix: Let %HasProperty do the ToName conversion implicitly as
required.

BUG=v8:4307
LOG=n

Review URL: https://codereview.chromium.org/1319133002

Cr-Commit-Position: refs/heads/master@{#30435}

9 years ago[es6] Implement spec compliant ToPrimitive in the runtime.
bmeurer [Fri, 28 Aug 2015 09:21:23 +0000 (02:21 -0700)]
[es6] Implement spec compliant ToPrimitive in the runtime.

This is the first step towards a spec compliant ToPrimitive
implementation (and therefore spec compliant ToNumber, ToString,
ToName, and friends).  It adds support for the @@toPrimitive
symbol that was introduced with ES2015, and also adds the new
Symbol.prototype[@@toPrimitive] and Date.prototype[@@toPrimitive]
initial properties.

There are now runtime functions for %ToPrimitive, %ToNumber and
%ToString, which do the right thing and should be used as fallbacks
instead of the hairy runtime.js implementations.  I will do the
same for the other conversion operations mentioned by the spec in
follow up CLs.  Once everything is in place we can look into
optimizing things further, so that we don't always call into the
runtime.

Also fixed Date.prototype.toJSON to be spec compliant.

R=mstarzinger@chromium.org, yangguo@chromium.org
BUG=v8:4307
LOG=y

Review URL: https://codereview.chromium.org/1306303003

Cr-Commit-Position: refs/heads/master@{#30434}

9 years agoReduce the number of entrypoints to the compiler pipeline by one. Always require...
titzer [Fri, 28 Aug 2015 09:02:09 +0000 (02:02 -0700)]
Reduce the number of entrypoints to the compiler pipeline by one. Always require caller to provide a CompilationInfo.

R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1317113004

Cr-Commit-Position: refs/heads/master@{#30433}