Introduce a new Apply builtin that forms a correct and optimizable
foundation for the Function.prototype.apply, Reflect.construct and
Reflect.apply builtins (which properly does the PrepareForTailCall
as required by the ES2015 spec).
The new Apply builtin avoids going to the runtime if it is safe to
just access the backing store elements of the argArray, i.e. if you
pass a JSArray with no holes, or an unmapped, unmodified sloppy or
strict arguments object.
mips/mips64 ports by Balazs Kilvady <balazs.kilvady@imgtec.com>
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux64_tsan_rel
BUG=v8:4413, v8:4430
LOG=n
R=yangguo@chromium.org
Committed: e4d2538911
Review URL: https://codereview.chromium.org/1523753002 .
Cr-Commit-Position: refs/heads/master@{#32929}
Reason for revert:
Breaks TSAN somewhow: http://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/7000
Original issue's description:
> [es6] Correct Function.prototype.apply, Reflect.construct and Reflect.apply.
>
> Introduce a new Apply builtin that forms a correct and optimizable
> foundation for the Function.prototype.apply, Reflect.construct and
> Reflect.apply builtins (which properly does the PrepareForTailCall
> as required by the ES2015 spec).
>
> The new Apply builtin avoids going to the runtime if it is safe to
> just access the backing store elements of the argArray, i.e. if you
> pass a JSArray with no holes, or an unmapped, unmodified sloppy or
> strict arguments object.
>
> mips/mips64 ports by Balazs Kilvady <balazs.kilvady@imgtec.com>
>
> CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
> BUG=v8:4413, v8:4430
> LOG=n
> R=yangguo@chromium.org
>
> Committed: e4d2538911TBR=yangguo@chromium.org,paul.lind@imgtec.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4413, v8:4430
Review URL: https://codereview.chromium.org/1533803002 .
Cr-Commit-Position: refs/heads/master@{#32928}
Introduce a new Apply builtin that forms a correct and optimizable
foundation for the Function.prototype.apply, Reflect.construct and
Reflect.apply builtins (which properly does the PrepareForTailCall
as required by the ES2015 spec).
The new Apply builtin avoids going to the runtime if it is safe to
just access the backing store elements of the argArray, i.e. if you
pass a JSArray with no holes, or an unmapped, unmodified sloppy or
strict arguments object.
mips/mips64 ports by Balazs Kilvady <balazs.kilvady@imgtec.com>
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
BUG=v8:4413, v8:4430
LOG=n
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1523753002 .
Cr-Commit-Position: refs/heads/master@{#32927}
The FIRST-LAST_NONCALLABLE_SPEC_OBJECT_TYPE range was accidentially used
in field type tracking, where we should check for JSReceiver instead
(there's no need to exclude JSProxy or JSFunction from tracking).
And the use in %_ClassOf was actually wrong and didn't match the C++
implementation in JSReceiver::class_name() anymore. Now it's consistent
again.
R=yangguo@chromium.org
BUG=chromium:535408
LOG=n
Review URL: https://codereview.chromium.org/1535523003 .
Cr-Commit-Position: refs/heads/master@{#32926}
Adds support for loading and storing lookup variables.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1524803003
Cr-Commit-Position: refs/heads/master@{#32913}
This change adds support for local control flow when building graphs
from bytecode. The change ensures loop emitted from the bytecode
generator are in natural order so the only back branches are for loops.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1502243002
Cr-Commit-Position: refs/heads/master@{#32911}
If many threads use the same Isolate (or many Isolates) and then
terminate, their PerIsolateThreadData objects are never cleaned
up, resulting in a slow memory leak and, worse, the
PerIsolateThreadData chain getting larger and larger, adversely
affecting performance.
In this situation, embedders will now be encouraged to apply
DiscardThreadSpecificMetadata against any Isolate a thread is
done with, especially if the thread is about to terminate.
Note that it is harmless to run DiscardThreadSpecificMetadata
against an Isolate for which a thread has no thread data and
per-Isolate thread data can be reestablished if a thread starts
using an Isolate again after running DiscardThreadSpecificMetadata
against it.
It is, however, an embedder error to run
DiscardThreadSpecificMetadata against an Isolate in thread with a
Locker for the Isolate in the stack or against an Entered Isolate.
This change cannot cause any change in behavior in existing apps
as the only added coded can only be reached via the new
DiscardThreadSpecificMetadata method.
R=Jakob, jochen
BUG=
Review URL: https://codereview.chromium.org/1522703002
Cr-Commit-Position: refs/heads/master@{#32909}
Tests for
* aborting a full page.
* partially aborting a page.
* partially aborting a page with pointers between aborted pages.
* partially aborting a page with store buffer entries.
Also introduces force_oom() which prohibits a old space to
expand
BUG=chromium:524425
LOG=N
CQ_EXTRA_TRYBOTS=tryserver.v8:v8_linux_nosnap_rel,v8_linux_nosnap_dbg,v8_win_nosnap_shared_rel,v8_win_nosnap_shared_compile_rel
Review URL: https://codereview.chromium.org/1518803005
Cr-Commit-Position: refs/heads/master@{#32899}
The code generation for pushing call parameters on the stack does not
distinguish between float32 and float64 parameters because both are
stored in the same registers. Therefore float32 parameters require two
words on the stack. The wasm linkage, however, only considered one word
on the stack for float32 parameters, which caused the problem that
float32 parameters were not located correctly on the stack. I fixed the
problem by considering two words for float32 parameters on the stack.
R=bradnelson@chromium.org
Review URL: https://codereview.chromium.org/1529773003
Cr-Commit-Position: refs/heads/master@{#32893}
The TypeOfStub didn't test the undetectable bit properly if the instance
was also callable, and therefore returned "object" for document.all
(which is both undetectable and callable).
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
R=yangguo@chromium.org
BUG=chromium:567998
LOG=n
Committed: https://crrev.com/02cc310370df7e51ac4f705038820066fdfd0cdc
Cr-Commit-Position: refs/heads/master@{#32852}
Review URL: https://codereview.chromium.org/1527863003
Cr-Commit-Position: refs/heads/master@{#32883}
The third argument optionally specifies the frame from which to step.
This feature is not used and not well tested.
R=jkummerow@chromium.org
BUG=chromium:569835
LOG=N
Review URL: https://codereview.chromium.org/1525993002
Cr-Commit-Position: refs/heads/master@{#32865}
The TypeOfStub didn't test the undetectable bit properly if the instance
was also callable, and therefore returned "object" for document.all
(which is both undetectable and callable).
R=yangguo@chromium.org
BUG=chromium:567998
LOG=n
Review URL: https://codereview.chromium.org/1527863003
Cr-Commit-Position: refs/heads/master@{#32852}
The test Run_Wasm_StoreMem_offset_oob contained an I64STORE instruction,
which is not yet implemented on 32 bit platforms. I turned off those
parts of the test on 32 bit platforms which contain I64 instructions.
R=bradnelson@chromium.org
Review URL: https://codereview.chromium.org/1526573002
Cr-Commit-Position: refs/heads/master@{#32842}
Debug-evaluate used to resolve stack variables that shadow
context variables incorrectly, since the stack variable is
not visible in the context chain.
To fix this, we limit local variables accessible by debug-
evaluate to the ones directly referenced inside the function.
What is not referenced by the function itself, is considered
optimized out and not accessible by debug-evaluate.
To achieve this, we duplicate the entire context chain up to
the native context, and write back changes after debug-
evaluate. Changes to the original context chain will however
be overwritten. This already happens for catch and block
scopes though.
Also fix a crash caused by declaring variables inside debug-
evaluate.
R=mstarzinger@chromium.org
BUG=v8:4593
LOG=N
Review URL: https://codereview.chromium.org/1500933002
Cr-Commit-Position: refs/heads/master@{#32828}
This is necessary to guarantee that the whole descriptor would be marked, otherwise DescriptorArray pretenuring would cause crashes.
Review URL: https://codereview.chromium.org/1520613006
Cr-Commit-Position: refs/heads/master@{#32812}
Before this change traps always returned a 32 bit word in tests. With this
change traps return either a 32 bit word or a64 bit word, depending on the size
of the actual return value of the test.
Additionally this CL implements the wasm instructions I64SCONVERTF32,
I64UCONVERTF32, I64SCONVERTF64, and I64UCONVERTF64.
R=titzer@chromium.org
Review URL: https://codereview.chromium.org/1519013003
Cr-Commit-Position: refs/heads/master@{#32800}
TryTruncateFloat32ToUint64 converts a float32 to a uint64. Additionally it
provides an optional second return value which indicates whether the conversion
succeeded (i.e. float32 value was within uint64 range) or not.
I implemented the new operator on x64, arm64, and mips64. @v8-ppc-ports, can you
please take care of the ppc64 implementation of the second output?
Additionally I fixed a bug on x64 and mips64 in the implementation of
TryTruncateFloat64ToUint64. Cases where the input value was between -1 and 0
were handled incorrectly.
R=titzer@chromium.org, v8-arm-ports@googlegroups.com, v8-mips-ports@googlegroups.com
Review URL: https://codereview.chromium.org/1512023002
Cr-Commit-Position: refs/heads/master@{#32796}
As discussed in person, this adds the code from v8-native-prototype into
V8 proper, guarded by GYP flags that do not build the code by default.
Passing wasm=on to 'make' or setting v8_wasm as a GYP flag activates
building of this code.
An additional header file is added to and exported from the compiler
directory, src/compiler/wasm-compiler.h. This exposes a limited interface
with opaque Node and Graph types to the decoder to build TF graphs, as
well as functions to compile WASM graphs.
The mjsunit tests added are blacklisted because they fail without the
WASM object exposed to JS, which is also disabled by the build config
option.
This corresponds closely to 5981e06ebc, with some formatting fixes and moving some files into src/compiler.
R=mstarzinger@chromium.org, bradnelson@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1504713014
Cr-Commit-Position: refs/heads/master@{#32794}
Reason for revert:
Need to figure out a better solution for this.
Original issue's description:
> Removes the Callee parameter from FunctionCallbackInfo.
>
> This will help us to instantiate AccessorPair's getters and setters only when they are needed.
>
> BUG=
>
> Committed: https://crrev.com/2fe34ebdcdee0f21b88daa4098a7918e91abb8fb
> Cr-Commit-Position: refs/heads/master@{#32759}
TBR=jochen@chromium.org,verwaest@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review URL: https://codereview.chromium.org/1520843002
Cr-Commit-Position: refs/heads/master@{#32787}
Reason for revert:
Failing on Win 32bit nosnap:
https://chromegw.corp.google.com/i/client.v8/builders/V8%20Win32%20-%20nosnap%20-%20shared/builds/10602
Original issue's description:
> [cctest] Add tests for aborting compaction of pages
>
> Tests for
> * aborting a full page.
> * partially aborting a page.
> * partially aborting a page with pointers between aborted pages.
> * partially aborting a page with store buffer entries.
>
> Also introduces force_oom() which prohibits a old space to
> expand
>
> BUG=chromium:524425
> LOG=N
TBR=ulan@chromium.org,hpayer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:524425
Review URL: https://codereview.chromium.org/1514603008
Cr-Commit-Position: refs/heads/master@{#32785}
Tests for
* aborting a full page.
* partially aborting a page.
* partially aborting a page with pointers between aborted pages.
* partially aborting a page with store buffer entries.
Also introduces ShouldForceOOM() which prohibits a PagedSpace from expanding.
Compaction spaces refer to the corresponding actual space.
BUG=chromium:524425
LOG=N
Review URL: https://codereview.chromium.org/1511933002
Cr-Commit-Position: refs/heads/master@{#32783}
This will help us to instantiate AccessorPair's getters and setters only when they are needed.
BUG=
Review URL: https://codereview.chromium.org/1510483002
Cr-Commit-Position: refs/heads/master@{#32759}
Reason for revert:
Meeh. Now "V8 Linux - gcmole" bot has issues; apparently due to a somewhat exotic builder configuration.
Original issue's description:
> Re-land FastAccessorBuilder.
>
> ... using the RawMachineAssembler and the work in crrev.com/1407313004.
>
> The original change collided with crrev.com/1513543003.
>
> BUG=chromium:508898
> LOG=Y
>
> Committed: https://crrev.com/515d9ccd8e6df7bf2ca01e2a55aaad30226399e1
> Cr-Commit-Position: refs/heads/master@{#32742}
>
> patch from issue 1474543004 at patchset 260001 (http://crrev.com/1474543004#ps260001)
>
> Committed: https://crrev.com/ee5c38d7db907ff86dd4049721c0cb4bc90a6c4d
> Cr-Commit-Position: refs/heads/master@{#32753}
TBR=epertoso@chromium.org,mstarzinger@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:508898
Review URL: https://codereview.chromium.org/1517683002
Cr-Commit-Position: refs/heads/master@{#32754}
