When debugging Handle leaks in io.js we found it very convenient to be
able to Seal some specific (root in our case) scope to prevent Handle
allocations in it, and easily find leakage.
R=yangguo
BUG=
Review URL: https://codereview.chromium.org/1079713002
Cr-Commit-Position: refs/heads/master@{#27766}
Port 725cdc533c
Original commit message:
This reduces the overhead of recursive calls when context specialization
is enabled. Based on this it might be possible to further reduce the
overhead by also specializing the call itself.
As a drive-by-fix, port the fast context materialization optimization to
arm and arm64, that was previously only supported on x64 and ia32.
R=mbrandy@us.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1078183002
Cr-Commit-Position: refs/heads/master@{#27762}
Port 35a67b745d
Original commit message:
Thanks to some careful assumptions, we can examine the object found at
vector[slot] and trust it's a heap object where the second field is
either a map if it's a WeakCell, or definitely not a map if it's a
Symbol, String or FixedArray. Use this to save a memory read.
BUG=
Review URL: https://codereview.chromium.org/1053843003
Cr-Commit-Position: refs/heads/master@{#27757}
Implements the strong mode proposal's static restrictions on the use of the
identifier 'undefined', for arrow functions. Assumes these restrictions are
intended to be identical to the restrictions on the use of 'eval and 'arguments'
in strict mode. In addition, Location variables inconsistantly named (e.g.
dupe_error_loc vs dupe_loc) are now consistently named the shorter way.
Baseline: https://codereview.chromium.org/1070633002
BUG=v8:3956
LOG=N
Review URL: https://codereview.chromium.org/1060883004
Cr-Commit-Position: refs/heads/master@{#27756}
identifier. Delete unused (and now incorrect) function IsValidStrictVariable.
Implements the strong mode proposal's static restrictions on the use of the
identifier 'undefined'. Assumes these restrictions are intended to be identical
to the restrictions on the use of 'eval' and 'arguments' in strict mode. The
AllowEvalOrArgumentsAsIdentifier enum has been renamed to
AllowRestrictedIdentifiers as logic involving it is now also used for this case.
BUG=v8:3956
LOG=N
Review URL: https://codereview.chromium.org/1070633002
Cr-Commit-Position: refs/heads/master@{#27744}
I don't have a repro, but it seems that when we are close to the stack limit,
CollectEvacuationCandidates' local variables can blow the limit. To avoid
this, instead of always allocating a 2000-pointer-sizes array on the stack,
use a std::vector (which stores its elements on the heap), and while we're
at it, only allocate as many elements as we actually need.
Review URL: https://codereview.chromium.org/1073123002
Cr-Commit-Position: refs/heads/master@{#27742}
Currently we always generate a diamond in the graph builder for every
legacy const context slot, which we cannot get rid of until late control
reduction, even if we know after context specialization that the slot is
already initialized.
Now we generate a select instead, which the CommonOperatorReducer
happily removes during typed lowering. This greatly speeds up asm.js
code generated by Emscripten with the new POINTER_MASKING mode.
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/1072353002
Cr-Commit-Position: refs/heads/master@{#27739}
This makes sure Crankshaft respects interceptors in the global object
even when they shadow a constant global property.
R=verwaest@chromium.org
TEST=cctest/test-api-interceptors/PrePropertyHandler
Review URL: https://codereview.chromium.org/1070803002
Cr-Commit-Position: refs/heads/master@{#27733}
Ideally we would not need the StoreWriteBarrier instructions at all,
but represent the RecordWrite functionality as machine subgraph, but
that'll take some time to get there. In the mean time we can have a
shorter instruction sequence on Intel platforms by recognizing immediate
indices here.
R=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/1075103002
Cr-Commit-Position: refs/heads/master@{#27731}
Port 35a67b745d
Original commit message:
Thanks to some careful assumptions, we can examine the object found at
vector[slot] and trust it's a heap object where the second field is
either a map if it's a WeakCell, or definitely not a map if it's a
Symbol, String or FixedArray. Use this to save a memory read.
R=mbrandy@us.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1059133005
Cr-Commit-Position: refs/heads/master@{#27728}
Port 9af9f1d026
Original commit message:
These operators compute the absolute floating point value of some
arbitrary input, and are implemented without any branches (i.e. using
vabs on arm, and andps/andpd on x86).
R=mbrandy@us.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1072963002
Cr-Commit-Position: refs/heads/master@{#27727}
Port 2d281e71ac
Original commit message:
This enables eager optimization of top-level code with TurboFan and
extends test coverage by triggering it with the --always-opt flag.
Script contexts are now also properly allocated in TurboFan.
R=titzer@chromium.org, mstarzinger@chromium.org,mbrandy@us.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1052123005
Cr-Commit-Position: refs/heads/master@{#27726}
Always use the same branch name (the old version leaked
branches). Always try to delete a possibly existing branch
on start-up and also clean up in the end.
NOTRY=true
TBR=tandrii@chromium.org
Review URL: https://codereview.chromium.org/1077633002
Cr-Commit-Position: refs/heads/master@{#27722}
gcc rejects the following snippet, clang rejects it in -std=c++11 mode:
namespace A { template<class T> class C {}; }
namespace B { template class A::C<int>; }
Indeed, the C++ standard says in 14.7.2p2 "An explicit instantiation shall
appear in an enclosing namespace of its template", so cl.exe is incorrect to
allow this.
Just move the instantiation out of the v8 namespace to fix. No intended
behavior change. Fixes building with clang-cl on Windows.
BUG=chromium:475643
LOG=N
TBR=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/1073903002
Cr-Commit-Position: refs/heads/master@{#27721}
When ObjectToString is installed on Object.prototype twice (once in v8natives.js, and once in harmony-tostring.js), this pollutes old code spaces on some devices. To prevent this, the function is only installed once, preventing test failures when the --harmony-tostring flag is flipped on by default.
BUG=v8:3502
LOG=N
R=arv@chromium.org
Review URL: https://codereview.chromium.org/1072083002
Cr-Commit-Position: refs/heads/master@{#27720}
Port 146598f44a
Original commit message:
Optimistically pushing a lot of arguments can run into the stack limit of the process, at least on operating systems where this limit is close to the limit that V8 sets for itself.
R=mbrandy@us.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1073893002
Cr-Commit-Position: refs/heads/master@{#27719}
This is a workaround to make the debugger happy about TurboFan frames
when the debugger causes frame inspection. Note that this can happen
because the debugger can be activated while there still are optimized
TurboFan activations on the stack.
R=ishell@chromium.org
BUG=chromium:465298
TEST=mjsunit/regress/regress-crbug-465298
LOG=N
Review URL: https://codereview.chromium.org/1074793003
Cr-Commit-Position: refs/heads/master@{#27717}