ArrayIteratorPrototype must not provide Symbol.iterator.
R=rossberg
BUG=
Review URL: https://codereview.chromium.org/1749093002
Cr-Commit-Position: refs/heads/master@{#34386}
Runtime errors will be suppressed in --rebaseline mode, unless the
--verbose flag is passed.
The reasoning behind (rebaseline && !verbose) and not just (verbose)
is to suppress harmless noise while updating the expectation for
existing, known good snippets, without hiding actually relevant
errors when the tool is used to write new expectation files.
In fact, some tests are supposed to produce a runtime error, which
might nevertheless alarm a developer who is just --rebaseline'ing.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1742723003
Cr-Commit-Position: refs/heads/master@{#34385}
The for-of-finalization CL incorrectly removed the input argument from
BuildIteratorClose. I'm reverting this, adding a regression test, and fixing an
existing test that was wrong.
BUG=
R=rossberg
Review URL: https://codereview.chromium.org/1750543002
Cr-Commit-Position: refs/heads/master@{#34384}
The code used to [[Get]] the first element twice instead of once, which can be
observed (one of the kangax tests does so).
R=rossberg
BUG=
Review URL: https://codereview.chromium.org/1747933002
Cr-Commit-Position: refs/heads/master@{#34383}
Reason for revert:
ARM64 GCStress failure
Original issue's description:
> [crankshaft] Inline hasOwnProperty when used in fast-case for-in
>
> e.g.,
>
> for (var k in o) {
> if (!o.hasOwnProperty(k)) continue;
> ...
> }
>
> without enumerable properties on the prototype chain of o.
>
> BUG=
>
> Committed: https://crrev.com/dec80752eb344dfeb85588e61ac0afd22b11aadb
> Cr-Commit-Position: refs/heads/master@{#34379}
TBR=bmeurer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review URL: https://codereview.chromium.org/1748143004
Cr-Commit-Position: refs/heads/master@{#34380}
e.g.,
for (var k in o) {
if (!o.hasOwnProperty(k)) continue;
...
}
without enumerable properties on the prototype chain of o.
BUG=
Review URL: https://codereview.chromium.org/1742253002
Cr-Commit-Position: refs/heads/master@{#34379}
Operations on word size data must be word sized, and not word32.
Currently this only generates worse code, but in the future, it
might even generate wrong code, so we should better get this right
from the beginning.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1748953004
Cr-Commit-Position: refs/heads/master@{#34378}
The only place in fullcodegen, where we know for sure that a for-in loop
entered the slow-path is right before the potential call to %ForInFilter.
So there's no point in also updating the mode eagerly during ForInPrepare.
R=yangguo@chromium.org
BUG=v8:3650
LOG=n
Review URL: https://codereview.chromium.org/1749033002
Cr-Commit-Position: refs/heads/master@{#34377}
Rolling v8/base/trace_event/common to e40c41030f44cbd5b6f54081436620f43c3bb08a
Rolling v8/tools/clang to d53e60b4f31f03a6f719b13ed2de7389a4d89be4
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review URL: https://codereview.chromium.org/1748313002
Cr-Commit-Position: refs/heads/master@{#34374}
This patch fixes %TypedArray%.from to follow the ES2016 draft spec
more precisely. Specifically, the input is first converted to an
ArrayLike, and then afterwards, the mapping function is run and the
results written into the TypedArray. This fixes a test262 test.
R=adamk
LOG=Y
BUG=v8:4782
Review URL: https://codereview.chromium.org/1743463004
Cr-Commit-Position: refs/heads/master@{#34373}
port d00da47b61462681b48e48bdff4a80a33da1a6d6(r34335)
original commit message:
The CompareICStub produces an untagged raw word value, which has to be
translated to true or false manually in the TurboFan code. But for lazy
bailout after the CompareIC, we immediately go back to fullcodegen or
Ignition with the raw value, to a location where both fullcodegen and
Ignition expect a boolean value, which might crash or in the worst case
(depending on the exact computation inside the CompareIC) could lead to
arbitrary memory access.
Short-term fix is to use the proper runtime functions (unified with the
interpreter now) for comparisons. Next task is to provide optimized
versions of these based on the CodeStubAssembler, which can then be used
via code stubs in TurboFan or directly in handlers in the interpreter.
BUG=
Review URL: https://codereview.chromium.org/1744923002
Cr-Commit-Position: refs/heads/master@{#34372}
Port fb59ea3334
Original commit message:
Since both null and undefined are also marked as undetectable now, we
can just test that bit instead of having the CompareNilIC try to collect
feedback to speed up the general case (without the undetectable bit
being used).
Drive-by-fix: Update the type system to match the new handling of
undetectable in the runtime.
R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1742333002
Cr-Commit-Position: refs/heads/master@{#34371}
The "each" slot is only actually used by ForIn, so this simply cleans
up a TODO of mine and removes an IsForOfStatement() call.
Review URL: https://codereview.chromium.org/1742013002
Cr-Commit-Position: refs/heads/master@{#34369}
This caused a runtime crash for Chrome built with clang on all
ChromeOs
arm32 platforms - ChromeOs chrome is using hardfp while this routine
returns false.
The fix is straightforward.
BUG=chromium:586219
TEST=built arm32 hardfp using clang and passed all tests.
LOG=N
Review URL: https://codereview.chromium.org/1733863002
Cr-Commit-Position: refs/heads/master@{#34367}
This is done by ensuring that the Arm64ClaimCSP instruction calls
AlignAndSetCSPForFrame when it's generated when the StackPointer() is set to
jssp.
LOG=N
Review URL: https://codereview.chromium.org/1746053002
Cr-Commit-Position: refs/heads/master@{#34365}
In order to track certain critical code-patters we will start adding
micro-benchmarks that reflect common requests on http://jsperf.com.
In this first CL a number of property enumeration methods are added,
in the hope to get a clearer picture on future regressions.
BUG=
Review URL: https://codereview.chromium.org/1702613002
Cr-Commit-Position: refs/heads/master@{#34364}
Rename the existing (patching) ToBooleanStub to ToBooleanICStub to match
our naming convention, and add a new TurboFan-powered ToBooleanStub,
which just does the ToBoolean conversion without any runtime call or
code patching, so we can use it for Ignition (and TurboFan).
Drive-by-fix: Add an Oddball::to_boolean field similar to the ones we
already have for to_string and to_number, so we don't need to actually
dispatch on the concrete Oddball at all.
R=epertoso@chromium.org, rmcilroy@chromium.org, yangguo@chromium.org
Review URL: https://codereview.chromium.org/1744163002
Cr-Commit-Position: refs/heads/master@{#34361}
Given that an additional map-check is inserted for function, we need to
check the underlying value.
BUG=
Review URL: https://codereview.chromium.org/1747753003
Cr-Commit-Position: refs/heads/master@{#34359}
This gets rid of the JavaScript wrapper. That way we can more quickly handle non-JSReceivers and indexed properties; and don't need to optimize the JavaScript wrapper either.
BUG=
Review URL: https://codereview.chromium.org/1742283002
Cr-Commit-Position: refs/heads/master@{#34356}
This ensures that the generated code output will match the reference code output
and fixes some failures when running tests natively.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/1744493003
Cr-Commit-Position: refs/heads/master@{#34354}
port fcb83f2015afe63449f7ab070558e0c7f2accb47(r34273)
original commit message:
This optimization does not give us much (see perf try bot results associated with this CL) but complicates things a lot. The main motivation is to avoid additional complexity in tail call optim
There are some pieces left in the deoptimizer, but I'll address this in a separate CL.
BUG=
Review URL: https://codereview.chromium.org/1750433002
Cr-Commit-Position: refs/heads/master@{#34353}
port 55b4df7357557eb16377ad9227e4e0a4224b7885(r34303)
original commit message:
Only use one set of %StrictEquals/%StrictNotEquals and
%Equals/%NotEquals runtime entries for both the interpreter
and the old-style CompareICStub. The long-term plan is to
update the CompareICStub to also return boolean values, and
even allow some more code sharing with the interpreter there.
BUG=
Review URL: https://codereview.chromium.org/1743123002
Cr-Commit-Position: refs/heads/master@{#34352}
Since both null and undefined are also marked as undetectable now, we
can just test that bit instead of having the CompareNilIC try to collect
feedback to speed up the general case (without the undetectable bit
being used).
Drive-by-fix: Update the type system to match the new handling of
undetectable in the runtime.
R=danno@chromium.org
Committed: https://crrev.com/666aec0348c8793e61c8633dee7ad29a514239ba
Cr-Commit-Position: refs/heads/master@{#34237}
Review URL: https://codereview.chromium.org/1722193002
Cr-Commit-Position: refs/heads/master@{#34344}
Port d00da47b61
Original commit message:
The CompareICStub produces an untagged raw word value, which has to be
translated to true or false manually in the TurboFan code. But for lazy
bailout after the CompareIC, we immediately go back to fullcodegen or
Ignition with the raw value, to a location where both fullcodegen and
Ignition expect a boolean value, which might crash or in the worst case
(depending on the exact computation inside the CompareIC) could lead to
arbitrary memory access.
Short-term fix is to use the proper runtime functions (unified with the
interpreter now) for comparisons. Next task is to provide optimized
versions of these based on the CodeStubAssembler, which can then be used
via code stubs in TurboFan or directly in handlers in the interpreter.
R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:4788
LOG=n
Review URL: https://codereview.chromium.org/1745643002
Cr-Commit-Position: refs/heads/master@{#34341}
Reason for revert:
Original commit reverted.
Original issue's description:
> PPC: [compiler] Drop the CompareNilIC.
>
> Port 666aec0348
>
> Original commit message:
> Since both null and undefined are also marked as undetectable now, we
> can just test that bit instead of having the CompareNilIC try to collect
> feedback to speed up the general case (without the undetectable bit
> being used).
>
> Drive-by-fix: Update the type system to match the new handling of
> undetectable in the runtime.
>
> R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
> BUG=
>
> Committed: https://crrev.com/546ea6b8393a894f07597ade5ec1c7db02c1e425
> Cr-Commit-Position: refs/heads/master@{#34266}
TBR=bmeurer@chromium.org,joransiu@ca.ibm.com,jyan@ca.ibm.com,michael_dawson@ca.ibm.com
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=
Review URL: https://codereview.chromium.org/1736253003
Cr-Commit-Position: refs/heads/master@{#34340}
