Before this we were using + which calls valueOf which is not correct
for these methods.
BUG=v8:4222
LOG=N
R=adamk, littledan
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Review URL: https://codereview.chromium.org/1194173004
Cr-Commit-Position: refs/heads/master@{#29202}
This test appears to trigger some bug in either ASAN or V8 when
accompanied by an increase in JS code size. Disabling the test
on ASAN runs to unblock adding new JS code.
BUG=v8:4236
LOG=N
R=adamk
Review URL: https://codereview.chromium.org/1203523002
Cr-Commit-Position: refs/heads/master@{#29201}
Port 882055ff6a
Original commit message:
- fix truthfulness of comments
- use InitializeFieldsWithFiller more consistently
- use unsigned comparisons for pointers
No change in functionality intended.
Bonus: improve JavaScriptFrame::Print() for an enhanced debugging experience:
- print PC of each frame
- print the function's source also for optimized frames
R=dstence@us.ibm.com, michael_dawson@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1193363004
Cr-Commit-Position: refs/heads/master@{#29197}
This API closely matches the Worker API. The differences:
1) The argument to the Worker constructor is a function to run, not a script.
2) Receiving a message from a worker is a synchronous API (as there is no event
loop).
The serialization done here is not robust as the real DOM implementation. For
example, recursive data structures or otherwise duplicated objects are not
allowed.
BUG=chromium:497295
LOG=n
Review URL: https://codereview.chromium.org/1192923002
Cr-Commit-Position: refs/heads/master@{#29195}
Since Mark/Compact also collects garbage in the new space, we can't just
free old space ArrayBuffers during MC - otherwise we run the risk of
never freeing new array buffers
BUG=v8:4201
R=hpayer@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/1199913002
Cr-Commit-Position: refs/heads/master@{#29190}
The merge makes it possible to reuse variables from the
android configuration in standalone.gypi.
BUG=chromium:502176
LOG=n
Review URL: https://codereview.chromium.org/1196253002
Cr-Commit-Position: refs/heads/master@{#29189}
Without this change, V8 won't build on RHEL/CentOS 6 because the distro
python is too old to know about the argparse module.
Can this commit be cherry-picked to the 4.4 branch? It should apply
cleanly.
BUG=
Review URL: https://codereview.chromium.org/1192973004
Cr-Commit-Position: refs/heads/master@{#29186}
We resurrect the VectorSlotPair in order to be able to separate the
feedback input for the compiler from the actual type feedback vector
that is required to meet the IC requirements at runtime. This will allow
us to for example use feedback from a different context or divide the
type feedback vector into two separate vectors, without having to touch
the compiler. It'll allow use to load the vector from the shared
function info at runtime, while still consuming feedback in the
compiler (i.e. we don't rely on the feedback vector node to be a heap
constant).
R=mvstanton@chromium.org
Review URL: https://codereview.chromium.org/1198983002
Cr-Commit-Position: refs/heads/master@{#29185}
This change does the following:
a.) Remove unused fields from the Typer.
b.) Move some interesting unions to types.h.
c.) Reduce Typer constructor overhead.
d.) Avoid heap allocation in the Typer.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1199903002
Cr-Commit-Position: refs/heads/master@{#29178}
This fixes a terrible interaction of code flushing and the clearing of
optimized code maps hanging off a SharedFunctionInfo. The following is
what happened:
1) Incremental marking cleared map in SharedFunctionInfo s, however it
was not enqueued as a flushing candidate because one JSFunction f1
still had optimized code.
2) Deoptimization of f1 made s eligible for code flushing.
3) Optimization of f2 added new entry to optimized code map of s.
4) The JSFunction f2 became unreachable and hence is never marked.
5) Incremental marking now visits f1, finds it eligible for flushing,
also s is eligible for flushing, both are enqueued.
6) Marking finishes, code flusher clears f1 and s, but the optimized
code map of s still contains an entry.
7) Boom!
R=ulan@chromium.org,hpayer@chromium.org
TEST=mjsunit/es6/generators-iteration
BUG=v8:3803
LOG=N
Review URL: https://codereview.chromium.org/1197713004
Cr-Commit-Position: refs/heads/master@{#29177}
This is another missing piece in the puzzle towards general inlining.
The fact that we can combine this with context specialization is a nice
bonus, and not necessarily a requirement.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1198193002.
Cr-Commit-Position: refs/heads/master@{#29176}
This way we don't need the separate late control reduction pass over the
graph, plus we can also reduce dead code recognized by generic lowering.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1198923002
Cr-Commit-Position: refs/heads/master@{#29174}
Turbofan needs to pass vector slots around for named and keyed stores.
Also, the CL addresses a missing slot for ClassLiterals.
BUG=
Review URL: https://codereview.chromium.org/1178363002
Cr-Commit-Position: refs/heads/master@{#29173}
Object.setPrototypeOf() throws a TypeError if value would create a
cycle. Previously a plain Error was thrown rather than a TypeError.
BUG=v8:4197
R=mike@bocoup.com
LOG=N
Review URL: https://codereview.chromium.org/1198523002
Cr-Commit-Position: refs/heads/master@{#29169}
Reason:
Regressions in various benchmarks.
Revert "Revert of Revert of [strong] Implement strong mode restrictions on property access (patchset #1 id:1 of https://codereview.chromium.org/1189153002/)"
This reverts commit 41405c0470.
Revert "X87: Revert of Revert of [strong] Implement strong mode restrictions on property access."
This reverts commit 48de5f4d6b.
Revert "Fix overlapping KeyedLoadIC bitfield."
This reverts commit 4e6c956abf.
Revert "MIPS64: Fix 'Revert of Revert of [strong] Implement strong mode restrictions on property access'."
This reverts commit 74f97b0d2a.
BUG=
Review URL: https://codereview.chromium.org/1199493002
Cr-Commit-Position: refs/heads/master@{#29166}
Reason for revert:
Fails on V8 Linux - isolates (http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20isolates/builds/4128)
Original issue's description:
> Add d8 API for spawning function on a new thread (Second try)
>
> This API closely matches the Worker API. The differences:
>
> 1) The argument to the Worker constructor is a function to run, not a script.
> 2) Receiving a message from a worker is a synchronous API (as there is no event
> loop).
>
> The serialization done here is not robust as the real DOM implementation. For
> example, recursive data structures or otherwise duplicated objects are not
> allowed.
>
> BUG=chromium:497295
> R=jochen@chromium.org
> LOG=n
>
> Review URL: https://codereview.chromium.org/1185643004
>
> Cr-Commit-Position: refs/heads/master@{#29126}
>
> Committed: https://crrev.com/ec2eaf712ecee6b4891c0458f2397e04a1f9b339
> Cr-Commit-Position: refs/heads/master@{#29158}
TBR=jochen@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:497295
Review URL: https://codereview.chromium.org/1191373005
Cr-Commit-Position: refs/heads/master@{#29161}
This API closely matches the Worker API. The differences:
1) The argument to the Worker constructor is a function to run, not a script.
2) Receiving a message from a worker is a synchronous API (as there is no event
loop).
The serialization done here is not robust as the real DOM implementation. For
example, recursive data structures or otherwise duplicated objects are not
allowed.
BUG=chromium:497295
R=jochen@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/1185643004
Cr-Commit-Position: refs/heads/master@{#29126}
Review URL: https://codereview.chromium.org/1195613003
Cr-Commit-Position: refs/heads/master@{#29158}
