Split ToNumberStub into the entry ToNumberStub, and two new stubs,
StringToNumberStub and NonNumberToNumberStub, which can be used when we
already know something about the input (i.e. in various branches of the
code stubs, or in TurboFan graphs).
Also introduce an appropriate StringToNumber simplified operator for
TurboFan, that is pure and is lowered to an invocation of the newly
added StringToNumberStub.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1818923002
Cr-Commit-Position: refs/heads/master@{#34922}
In case when F inlined normal call to G which tail calls H we should not write translation for G for the tail call site.
Otherwise we will see G in a stack trace inside H.
This CL also enables all existing tests related to ES6 tail call elimination and adds more combinations.
TBR=bmeurer@chromium.org
BUG=v8:4698
LOG=N
Committed: https://crrev.com/689980f7d4dfd4c29492f616d7b616b86ec9af91
Cr-Commit-Position: refs/heads/master@{#34830}
Review URL: https://codereview.chromium.org/1780043004
Cr-Commit-Position: refs/heads/master@{#34920}
I first need to figure out what to do about window.document before we
can deprecate this: window.document is a regular accessor, however, once
the window navigated from about:blank, its value will never change.
Blink uses ForceSet to then replace the accessor with a data constant
which has way better performance than invoking the accessor all the
time.
Since the accessor, however, is installed as read only &
non-configurable, there is no spec compliant way to pull this off right
now
BUG=chromium:595601
R=verwaest@chromium.org
LOG=y
Review URL: https://codereview.chromium.org/1816033002
Cr-Commit-Position: refs/heads/master@{#34919}
Up until now all type conversions (i.e. ToNumber, ToString and friends)
had their own specific call interface descriptors, where some of them
had to match (i.e. ToString and NumberToString have to use the same
argument register). Instead of all the different descriptors, it's
sufficient to have a single TypeConversionDescriptor instead.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1823523002
Cr-Commit-Position: refs/heads/master@{#34916}
Rolling v8/build/gyp to 133eaf70b3720b7413017ef3f9c42f6811ef9347
Rolling v8/third_party/icu to 0d572d65aae621e13d6863fe470c9c8cee71043d
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review URL: https://codereview.chromium.org/1824563002
Cr-Commit-Position: refs/heads/master@{#34914}
Previously only JSFunctions seemed to be valid for toJSON, which doesn't
match the ES6 specification that allows any object with [[Call]]
internal method (i.e. any Callable in V8 terminology), including bound
functions and proxies.
BUG=chromium:595738, chromium:535408
R=yangguo@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/1824533002
Cr-Commit-Position: refs/heads/master@{#34913}
This revealed one Mozilla test that depended upon a lack
of early error for "with ({}) function ...". The test
has been marked as failing.
R=littledan@chromium.org
Review URL: https://codereview.chromium.org/1814863005
Cr-Commit-Position: refs/heads/master@{#34910}
Reason for revert:
This patch actually seemed to cause a further GameBoy regression! Reverting it seems to address the regression.
Original issue's description:
> Restore per-TypedArray-class length accessors as a perf workaround
>
> This patch is a workaround to the performance regression caused by
> implementing the ES2015 TypedArray prototype chain: Include a
> per-TypedArray-subclass length getter so that the superclass getter does
> not become polymorphic. The patch appears to fix a regression in the
> Gameboy Octane benchmark.
>
> BUG=chromium:579905
> R=adamk
> LOG=Y
>
> Committed: https://crrev.com/03ce7711e474a0ef74f723b30ae1527c89dec010
> Cr-Commit-Position: refs/heads/master@{#33501}
R=adamk@chromium.org
BUG=chromium:579905,chromium:593634
LOG=Y
Review URL: https://codereview.chromium.org/1812143004
Cr-Commit-Position: refs/heads/master@{#34906}
API change: This adds a new flag skip_html_comments to v8::ScriptOriginOptions. This flag controls whether V8 will attempt to honour HTML-style comments in JS sources.
(That is: Gracefully ignore <!-- ... ---> in JS sources, which was a popular technique in the early days of JavaScript, to prevent non-JS-enabled browsers from displaying script sources to uses.)
The flag defaults to 'true' when using v8::ScriptOrigin constructor, which preserves the existing behaviour. Embedders which are happy with the existing behaviour will thus not need any changes.
BUG=chromium:573887
LOG=Y
Review URL: https://codereview.chromium.org/1801203002
Cr-Commit-Position: refs/heads/master@{#34904}
There are multiple ways we may construct an instruction sequence.
Moved the split edge form validation where they must all eventually
chokepoint to - the register allocation pipeline, which is also the main
and first consumer of this property.
BUG=
Review URL: https://codereview.chromium.org/1810293003
Cr-Commit-Position: refs/heads/master@{#34903}
This moves the call-sites that ensure we have a feedback vector present
before kicking off a compiler into the actual compilation pipeline. The
backends no longer need to worry about the feedback vector.
R=mvstanton@chromium.org
Review URL: https://codereview.chromium.org/1811973006
Cr-Commit-Position: refs/heads/master@{#34900}
Since we clear invalid slots eagerly, there is no need to check if a slot is a valid slot.
BUG=chromium:578883
LOG=NO
Review URL: https://codereview.chromium.org/1817523002
Cr-Commit-Position: refs/heads/master@{#34898}
This is an experiment to see if it affects crash rates on Nexus 9 devices.
A small performance impact (3-4% on Octane) is expected.
BUG=chromium:524337
LOG=n
R=hablich@chromium.org
Review URL: https://codereview.chromium.org/1808243002
Cr-Commit-Position: refs/heads/master@{#34896}
This is a pure refactoring CL and should not contain any functional
changes to the code. The following has been done:
- Group compiler.cc into sections for each component.
- Surround local helper methods by anonymous namespace.
- Move implementation of Compiler (API class) together.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1809403002
Cr-Commit-Position: refs/heads/master@{#34891}
The higher word (bits 32 - 63) of FPU register is set on zero before
storing result.
TEST=cctest/test-macro-assembler-mips64/Cvt_s_uw_Trunc_uw_s
BUG=
Review URL: https://codereview.chromium.org/1812193003
Cr-Commit-Position: refs/heads/master@{#34889}
Using std::sort on a FixedArray with HeapNumbers is not very GC friendly.
Adding a separate step to properly record possible HeapNumbers.
BUG=chromium:594954
LOG=N
Review URL: https://codereview.chromium.org/1807173002
Cr-Commit-Position: refs/heads/master@{#34888}
The trigger point in question is by now obsolete. The optimized compile
job will itself ensure that deoptimization support is present on the
incoming SharedFunctionInfo, this will make sure to produce baseline
code when necessary. The ScopeInfo is also installed at that point in
time.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1816513002
Cr-Commit-Position: refs/heads/master@{#34887}
This changes the compilation pipeline so that SharedFunctionInfo objects
are always allocated before the various compilers are invoked. It is a
preparation towards having that object available during compile time and
hence reducing the dependency on FunctionLiteral and the need to copy a
lot of the information into the CompilationInfo.
Optimizing compilers already assume the SharedFunctionInfo is present
and the baseline compilers have other heap accesses sprinkled throughout
the compilation process. Duplicating statically available information
from the SharedFunctionInfo within the CompilationInfo has no benefit.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1813803002
Cr-Commit-Position: refs/heads/master@{#34885}
port 2aa070be4f (r34863)
original commit message:
Repair this to match what the runtime correctly does, by first checking if the
function is a constructor before we access the prototype.
BUG=
Review URL: https://codereview.chromium.org/1809333002
Cr-Commit-Position: refs/heads/master@{#34880}
port 992ae64de0 (r34866)
original commit message:
This new intrinsic is used by the desugared ES6 instanceof implementation for
the cases when the F[@@hasInstance] property is null or undefined.
BUG=
Review URL: https://codereview.chromium.org/1815623002
Cr-Commit-Position: refs/heads/master@{#34879}
It was never being set to false in production (though it was in test-parsing.cc,
due to that test having its own flag-setting logic).
Review URL: https://codereview.chromium.org/1815033002
Cr-Commit-Position: refs/heads/master@{#34878}
This patch fixes two bugs in Array.prototype.concat in conjunction with
subclassing Arrays:
- Create a new property rather than calling Set when adding elements to
the output array. This means setters are not called.
- If there is an exception thrown from DefineProperty, propagate it
outwards properly, rather than swallowing it. This can occur, e.g., with
a Proxy as the new output array.
R=adamk
LOG=Y
BUG=chromium:595319
Review URL: https://codereview.chromium.org/1814933002
Cr-Commit-Position: refs/heads/master@{#34876}
