Script position calculation logic (i.e. line & column numbers for a
given code position) is now based on a single method
Script::GetPositionInfo(). Refactored related code in isolate.cc and
js/messages.js to use the new method and removed the line_ends JS
accessor.
R=yangguo@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/1986173002
Cr-Commit-Position: refs/heads/master@{#36359}
This adds back the instanceof operator support in the backends and
introduces a @@hasInstance protector cell on the isolate that guards the
fast path for the InstanceOfStub. This way we recover the ~10%
regression on Octane EarleyBoyer in Crankshaft and greatly improve
TurboFan and Ignition performance of instanceof.
R=ishell@chromium.orgTBR=hpayer@chromium.org,rossberg@chromium.org
BUG=chromium:597249, v8:4447
LOG=n
Review-Url: https://codereview.chromium.org/1980483003
Cr-Commit-Position: refs/heads/master@{#36275}
When I18N is enabled, use ICU's case conversion API and transliteration
API [1] to implement String.prototype.to{Upper,Lower}Case and
String.prototype.toLocale{Upper,Lower}Case.
* ICU-based case conversion was implemented in runtime-i18n.cc/i18n.js
* The above 4 functions are overridden with those in i18n.js when
--icu_case_mapping flag is turned on. To control the override by the flag,
they're overriden in icu-case-mapping.js
Previously, toLocale{U,L}Case just called to{U,L}Case so that they didn't
support locale-sensitive case conversion for Turkic languages (az, tr),
Greek (el) and Lithuanian (lt).
Before ICU APIs for the most general case are called, a fast-path for Latin-1
is tried. It's taken from Blink and adopted as necessary. This fast path
is always tried for to{U,L}Case. For toLocale{U,L}Case, it's only taken
when a locale (explicitly specified or default) is not in {az, el, lt, tr}.
With these changes, a build with --icu_case_mapping=true passes a bunch
of tests in test262/intl402/Strings/* and intl/* that failed before.
Handling of pure ASCII strings (aligned at word boundary) are not as fast
as Unibrow's implementation that uses word-by-word case conversion. OTOH,
Latin-1 input handling is faster than Unibrow. General Unicode input
handling is slower but more accurate.
See https://docs.google.com/spreadsheets/d/1KJCJxKc1FxFXjwmYqABS0_2cNdPetvnd8gY8_HGSbrg/edit?usp=sharing for the benchmark.
This CL started with http://crrev.com/1544023002#ps200001 by littledan@,
but has changed significantly since.
[1] See why transliteration API is needed for uppercasing in Greek.
http://bugs.icu-project.org/trac/ticket/10582
R=yangguo
BUG=v8:4476,v8:4477
LOG=Y
TEST=test262/{built-ins,intl402}/Strings/*, webkit/fast/js/*, mjsunit/string-case,
intl/general/case*
Review-Url: https://codereview.chromium.org/1812673005
Cr-Commit-Position: refs/heads/master@{#36187}
In the bytecode graphbuilder, translate the two generator-specific
bytecodes as a couple of runtime calls for now.
BUG=v8:4907
LOG=n
Review-Url: https://codereview.chromium.org/1957393004
Cr-Commit-Position: refs/heads/master@{#36134}
Add comments explaining how to iterate over an OrderedHashTable.
Use the correct strategy for iteration in Set::AsArray().
Add a DCHECK bounds check in OrderedHashTable::KeyAt().
BUG=v8:4946
LOG=y
Review-Url: https://codereview.chromium.org/1952093002
Cr-Commit-Position: refs/heads/master@{#36091}
Previously, the species protector was invalidated whenever the __proto__ of
an Array instance was manipulated. Then, if the map's new_target_is_base field
remained set, it was correct to conclude that GetPrototypeOf(array) was
%ArrayPrototype%. However, this choice caused the popular D3 framework to
invalidate the species protector, causing many functions to become slower.
This patch eliminates that aspect of the species protector. Instead, the check
is to look at the instance->map()->prototype(). It is valid to look directly
at the map's prototype slot, ignoring hidden prototypes and proxies, because
- This is only called on Array instances, so the receiver cannot be a Proxy.
- For hidden prototypes, any inaccuracy would only result in conservatively
taking the slow path.
Theoretically, this patch could make methods applied to arrays from other
contexts slower. However, the slowdown would only affect a particular array
instance and not have a global spill-over effect. Further, the slowdown could
be addressed by tracking, either in the instance's map or in the actual
prototype object, whether it is a %ArrayPrototype% from any context, in a way
which is cheap to query, and use that rather than comparing to the currently
executing native context.
In interactive testing, this patch led the OnShape CAD system to experience
faster load times (110+s -> 40s).
BUG=chromium:606207
LOG=Y
Review-Url: https://codereview.chromium.org/1936393002
Cr-Commit-Position: refs/heads/master@{#36033}
The predicate in question was a workaround for when the compilation
pipeline still kept bytecode and baseline code on the same shared
function info. It is not longer needed. In the long run we want a
predicate which can determine the exact tier for each function.
R=yangguo@chromium.org
Review-Url: https://codereview.chromium.org/1940913002
Cr-Commit-Position: refs/heads/master@{#36007}
The Great Keys Migration:
This is part of a bigger effort to centralize optimizations for key collections
in a central place. This necessary to avoid the penalty that would be introduced
by fixing shadowed property iteration.
BUG=v8:4758, v8:705
LOG=N
Review-Url: https://codereview.chromium.org/1938413002
Cr-Commit-Position: refs/heads/master@{#35991}
This moves __{define,lookup}{Getter,Setter}__ to builtins.cc.
Compared to the first attempt, this patch now preserves non-spec-compliant legacy behavior and does not throw on failure.
Original review: https://codereview.chromium.org/1904313004
Review-Url: https://codereview.chromium.org/1932163002
Cr-Commit-Position: refs/heads/master@{#35899}
Reason for revert:
[Sheriff] Looks like this breaks layout tests:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/6442
Original issue's description:
> Remove more dead code after Object.observe removal
>
> This moves __{define,lookup}{Getter,Setter}__ to builtins.cc to free up the JavaScript implementation of DefineOwnProperty for deletion.
TBR=verwaest@chromium.org,jkummerow@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review-Url: https://codereview.chromium.org/1929293002
Cr-Commit-Position: refs/heads/master@{#35886}
This moves __{define,lookup}{Getter,Setter}__ to builtins.cc to free up the JavaScript implementation of DefineOwnProperty for deletion.
Review-Url: https://codereview.chromium.org/1904313004
Cr-Commit-Position: refs/heads/master@{#35876}
Instead of replacing the array with an empty one after resuming, overwrite
contents with a new Oddball.
This will simplify the work to be done by the bytecode graphbuilder and
potentially allow for more optimization.
(For full-codegen generators, nothing changes.)
BUG=v8:4907
LOG=n
Review-Url: https://codereview.chromium.org/1923253002
Cr-Commit-Position: refs/heads/master@{#35872}
This adds a baseline tier to the compilation pipeline. Currently this
tier is used to model a path from the interpreter to optimized code via
full-codegen code (to ensure sufficient type feedback). Switching from
the unoptimized tier to the baseline tier is limited to happen only when
there are no activations of the given function on the stack.
R=rmcilroy@chromium.org,bmeurer@chromium.org
Review URL: https://codereview.chromium.org/1903273004
Cr-Commit-Position: refs/heads/master@{#35757}
Use the FastNewSloppyArgumentsStub in the interpreter when function doesn't have
duplicate parameters.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1909903003
Cr-Commit-Position: refs/heads/master@{#35754}
The Oddball::to_number_raw field contains the actual double value of the
Oddball converted to a number, and is located at the same offset as the
HeapNumber::value field, so for lowering changes we don't need to check
for undefined (or any other oddball explicitly).
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1922443002
Cr-Commit-Position: refs/heads/master@{#35753}
The feature was deprecated in M49 and flagged off in M50.
This patch removes it entirely from the codebase.
Review URL: https://codereview.chromium.org/1909433003
Cr-Commit-Position: refs/heads/master@{#35714}
Short external strings do not cache the resource data, and may be used
for compressible strings. The assumptions about their lengths is
invalid and may lead to oob reads.
R=jkummerow@chromium.org
BUG=v8:4923,chromium:604897
LOG=N
Review URL: https://codereview.chromium.org/1901573003
Cr-Commit-Position: refs/heads/master@{#35660}
Due to cross-compilation from simulator-builds into non-simulator with snapshot it's complicated to conditionally include an extra field. Given that the memory overhead should be minimal, just always include a separate field instead.
BUG=
Review URL: https://codereview.chromium.org/1901423002
Cr-Commit-Position: refs/heads/master@{#35652}
Prior to 89d7bfda we always just collected the code offset and computed the
source position lazily. However, for local eval we already have the source
position ready, so we can just store that. For global eval we still have to
compute from the code offset. This CL changes the computation to be done only
on demand.
R=mstarzinger@chromium.org
BUG=chromium:604646
LOG=N
Review URL: https://codereview.chromium.org/1903463002
Cr-Commit-Position: refs/heads/master@{#35630}
This avoids custom compilation of receiver handlers for api getters.
BUG=
Review URL: https://codereview.chromium.org/1895093002
Cr-Commit-Position: refs/heads/master@{#35616}
Reason for revert:
performance impact
Original issue's description:
> Correctly annotate eval origin.
>
> There were a couple of issues with it:
> - interpreter is not supported
> - the source position was just accidentally correct for full-codegen
> - the eval origin could have been cached
>
> Also fixes a few other places to use AbstractCode.
>
> R=mstarzinger@chromium.org
>
> Committed: https://crrev.com/2f3a171adc9e620c2235bf0562145b9d4eaba66d
> Cr-Commit-Position: refs/heads/master@{#35257}
>
> Committed: https://crrev.com/ad4e8a27963b704bb70ec8bac0991c57296b1d16
> Cr-Commit-Position: refs/heads/master@{#35481}
TBR=mstarzinger@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review URL: https://codereview.chromium.org/1888013002
Cr-Commit-Position: refs/heads/master@{#35491}
Reason for revert:
[Sheriff] Roll was reverted. Please fix unused methods, see:
https://codereview.chromium.org/1884913002/https://build.chromium.org/p/tryserver.chromium.win/builders/win_clang/builds/5585/steps/compile%20%28with%20patch%29/logs/stdio
Original issue's description:
> [Atomics] code stubs for atomic operations
>
> * New atomic code stubs for x64, ia32, arm, arm64
> * Add convenience functions JumpIfNotValidSmiValue, JumpIfUintNotValidSmiValue
> to macro-assembler-ia32 (API based on x64 macro assembler)
> * Remove runtime implementation of Atomics.load, the code stub should always be
> called instead
> * Add new test to mjsunit atomics test; check that Smi values of different
> sizes are supported when possible, else fall back to HeapNumbers
>
> These changes were needed to add another codestub:
> * Bump kStubMajorKeyBits from 7 to 8
> * Reduce ScriptContextFieldStub::kSlotIndexBits from 13 to 12
>
> BUG=v8:4614
> LOG=y
>
> Committed: https://crrev.com/10b5febe11b318cfef130abae343183ac862e60d
> Cr-Commit-Position: refs/heads/master@{#35427}
TBR=jarin@chromium.org,bmeurer@chromium.org,rodolph.perfetta@gmail.com,binji@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4614
Review URL: https://codereview.chromium.org/1884883003
Cr-Commit-Position: refs/heads/master@{#35443}
Visit the Optimized Code Map on first call rather than closure creation.
This is useful for escape analysis, and helps upcoming changes to
type feedback gathering.
Adding notry due to crashed builders:
NOTRY=true
BUG=
Committed: https://crrev.com/9336f4cc6d25d39a128176679a70dbd13a6d946e
Cr-Commit-Position: refs/heads/master@{#35395}
Review URL: https://codereview.chromium.org/1670143002
Cr-Commit-Position: refs/heads/master@{#35440}
* New atomic code stubs for x64, ia32, arm, arm64
* Add convenience functions JumpIfNotValidSmiValue, JumpIfUintNotValidSmiValue
to macro-assembler-ia32 (API based on x64 macro assembler)
* Remove runtime implementation of Atomics.load, the code stub should always be
called instead
* Add new test to mjsunit atomics test; check that Smi values of different
sizes are supported when possible, else fall back to HeapNumbers
These changes were needed to add another codestub:
* Bump kStubMajorKeyBits from 7 to 8
* Reduce ScriptContextFieldStub::kSlotIndexBits from 13 to 12
BUG=v8:4614
LOG=y
Review URL: https://codereview.chromium.org/1617503003
Cr-Commit-Position: refs/heads/master@{#35427}
When the embedder sets the heap tracer, V8, during marking, will collect all reachable wrappers, and then ask embedder to trace its heap. The embedder is expected to call PersistentBase::RegisterExternalReference with all wrappers reachable from the given ones. This fixed point iteration happens in MarkCompact::ProcessEphemeralMarking.
For more efficient object visiting during marking, we need a special JS_API_OBJECT_TYPE (in tandem with already existing JS_SPECIAL_API_OBJECT_TYPE) and corresponding visitor (JSApiObjectVisitor).
BUG=chromium:468240
LOG=no
Review URL: https://codereview.chromium.org/1844413002
Cr-Commit-Position: refs/heads/master@{#35412}
Reason for revert:
Blocks roll. See https://codereview.chromium.org/1877003002/ for detailed messages.
You should be able to repro this with Linux ASAN.
Original issue's description:
> Visit the Optimized Code Map on first call rather than closure creation.
>
> This is useful for escape analysis, and helps upcoming changes to
> type feedback gathering.
>
> BUG=
>
> Committed: https://crrev.com/9336f4cc6d25d39a128176679a70dbd13a6d946e
> Cr-Commit-Position: refs/heads/master@{#35395}
TBR=mstarzinger@chromium.org,bmeurer@chromium.org,mvstanton@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review URL: https://codereview.chromium.org/1878063004
Cr-Commit-Position: refs/heads/master@{#35404}
This is useful for escape analysis, and helps upcoming changes to
type feedback gathering.
BUG=
Review URL: https://codereview.chromium.org/1670143002
Cr-Commit-Position: refs/heads/master@{#35395}
The previous code cache system required stubs to be marked with a StubType, causing them to be inserted either into a fixed array or into a dictionary-mode code cache. This could cause names to be in both cases, and lookup would just find the "fast" one first. Given that we clear out the caches on each GC, the memory overhead shouldn't be too bad. Additionally, the dictionary itself should just stay linear for small arrays; that's faster anyway.
This CL additionally deletes some dead IC code.
BUG=
Review URL: https://codereview.chromium.org/1846963002
Cr-Commit-Position: refs/heads/master@{#35291}
Introduce a ResumeGeneratorTrampoline, which does the actual stack state
reconstruction (currently always restores a fullcodegen frame), and
introduce appropriate TurboFan builtins for %GeneratorPrototype%.next,
%GeneratorPrototype%.return and %GeneratorPrototype%.throw based on
this native builtin.
Also unify the flooding in case of step-in to always work based on
JSFunction and remove the special casing for JSGeneratorObject.
R=mstarzinger@chromium.org, neis@chromium.orgTBR=rossberg@chromium.org
BUG=chromium:513471
LOG=n
Review URL: https://codereview.chromium.org/1865833002
Cr-Commit-Position: refs/heads/master@{#35283}
There were a couple of issues with it:
- interpreter is not supported
- the source position was just accidentally correct for full-codegen
- the eval origin could have been cached
Also fixes a few other places to use AbstractCode.
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/1854713002
Cr-Commit-Position: refs/heads/master@{#35257}
IsKey is much slower compare to direct comparisons with undefined_value
and the_hole_value.
BUG=
Review URL: https://codereview.chromium.org/1847183004
Cr-Commit-Position: refs/heads/master@{#35209}
It for now only deals with fast-mode smi and object arrays with smi
keys and internalized strings; and fast-mode named properties with an internalized key or symbol.
BUG=v8:2472
LOG=n
Review URL: https://codereview.chromium.org/1843613002
Cr-Commit-Position: refs/heads/master@{#35152}
Migrate Math.ceil, Math.round and Math.trunc to TurboFan code stubs,
similar to what we did with Math.floor, and make these builtins properly
optimizable in TurboFan via appropriate simplified operators NumberCeil,
NumberRound and NumberTrunc, which are intended to be reusable for
ToInteger and ToLength optimizations that will be done in a followup CL.
Also allows us to kill the funky %RoundNumber runtime function, which
was quite heavy.
Improve test coverage for Math.ceil and Math.trunc a lot, especially
making sure that we also properly trigger the TurboFan builtin reducer
case.
R=jarin@chromium.org
BUG=v8:4059
LOG=n
Review URL: https://codereview.chromium.org/1841993002
Cr-Commit-Position: refs/heads/master@{#35135}
With the recent spec change removing the [[Enumerate]] internal method, we now
have to walk the complete prototype chain. This implies that we call the
[[GetPrototypeOf]] trap on proxies.
As a secondary change we now trigger the [[GetOwnProperty]] trap for the for-in
filter step to see whether the properties are still enumerable. Before we did this
in the key-accumulation phase. This way we slightly reduce the number of traps
invoked. Whilst this is not ideal, it comes closer to the Spec's example
implementation.
BUG=v8:1543, v8:4768
LOG=n
Review URL: https://codereview.chromium.org/1748923003
Cr-Commit-Position: refs/heads/master@{#35017}
This CL adds support for builtins with JavaScript linkage written using
the TurboFan CodeStubAssembler, but with a JSCall descriptor (which was
already supported thanks to a previous patch by Ben Smith). As a first
example, we convert the Math.sqrt builtin and thereby get rid of the
%_MathSqrt intrinsic, which causes trouble for the representation
selection pass in the JavaScript pipeline.
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/1824993002
Cr-Commit-Position: refs/heads/master@{#34989}
The JSFunction::PassesFilter predicate is not fine-grained enough to
actually distinguish different closures and hence can be changed into
SharedFunctionInfo::PassesFilter instead. This will allow the compiler
to use is more broadly.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/1823033002
Cr-Commit-Position: refs/heads/master@{#34981}
Reason for revert:
Violates ES6 spec (crbug.com/4850), and implementation was over-eager. Will revert for now.
Original issue's description:
> Parser: Make skipping HTML comments optional.
>
> API change: This adds a new flag skip_html_comments to v8::ScriptOriginOptions. This flag controls whether V8 will attempt to honour HTML-style comments in JS sources.
>
> (That is: Gracefully ignore <!-- ... ---> in JS sources, which was a popular technique in the early days of JavaScript, to prevent non-JS-enabled browsers from displaying script sources to uses.)
>
> The flag defaults to 'true' when using v8::ScriptOrigin constructor, which preserves the existing behaviour. Embedders which are happy with the existing behaviour will thus not need any changes.
>
> BUG=chromium:573887
> LOG=Y
>
> Committed: https://crrev.com/91d344288aa51ed03eaaa1cb3e368ac1e82f0173
> Cr-Commit-Position: refs/heads/master@{#34904}
TBR=jochen@chromium.org,rossberg@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=chromium:573887, v8:4850
LOG=Y
Review URL: https://codereview.chromium.org/1817163003
Cr-Commit-Position: refs/heads/master@{#34958}
API change: This adds a new flag skip_html_comments to v8::ScriptOriginOptions. This flag controls whether V8 will attempt to honour HTML-style comments in JS sources.
(That is: Gracefully ignore <!-- ... ---> in JS sources, which was a popular technique in the early days of JavaScript, to prevent non-JS-enabled browsers from displaying script sources to uses.)
The flag defaults to 'true' when using v8::ScriptOrigin constructor, which preserves the existing behaviour. Embedders which are happy with the existing behaviour will thus not need any changes.
BUG=chromium:573887
LOG=Y
Review URL: https://codereview.chromium.org/1801203002
Cr-Commit-Position: refs/heads/master@{#34904}
Previously, when a property was non-configurable or the object was
non-extensible, CreateDataProperty might just return false rather than
throwing, even if should_throw was on. This patch fixes that issue.
Tested by running the patch at https://codereview.chromium.org/1814933002
on top of this code and observing the tests to see an exception thrown.
R=adamk
BUG=chromium:595319
LOG=Y
Review URL: https://codereview.chromium.org/1809233002
Cr-Commit-Position: refs/heads/master@{#34875}
Functions with builtin ids can be compiled with Ignition, so it is no longer
an option to overlap the bytecode_array field with the builtin id on
the SharedFunctionInfo object. Instead overlap it with the
inferred_name, which is only used for debug and so shouldn't be required
for functions with builtin ids. This result in the inferred_name field
being renamed to function_identifier, and adding typed accessors for
inferred_name and builtin_function_id.
This is required to build the snapshot with --no-lazy.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1801023002
Cr-Commit-Position: refs/heads/master@{#34867}
This introduces {optimized_out} as another Oddball kind to be used by
optimizing compilers when values are being optimized away. The aim is
providing visibility when this value leaks into the application domain.
Currently this will lead to {undefined} values appearing which then
silently propagate through the application. The special oddball can be
identified easily as a bug and also the debugger can treat it specially
when needed.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1810483002
Cr-Commit-Position: refs/heads/master@{#34817}
This ensures our optimizing compilers as well as the interpreter are
never tasked with compiling the generator-resuming builtin methods. The
corresponding intrinsics for those methods are not supported and it is
not possible to provide a C++ reference implementation for them. We do
this by assigning builtin function ids to them that we can recognize
during the compiler dispatch.
Note that this also affects the interpreter, because methods having a
builtin function id assigned are not interpreted ({function_data} field
is overlapping). If this ever changes we can still do an early check in
the compiler dispatch (similar to the optimizing compilers) easily.
This applies to the following methods:
- Generator.prototype.next (calls Runtime_GeneratorNext).
- Generator.prototype.return (calls Runtime_GeneratorReturn).
- Generator.prototype.throw (calls Runtime_GeneratorThrow).
R=neis@chromium.org
BUG=v8:4681
LOG=n
Review URL: https://codereview.chromium.org/1779123003
Cr-Commit-Position: refs/heads/master@{#34675}
Add S390 platform specific \#includes across various common files.
Add S390 CPU features to enum.
Add S390 implementation to extract sp/fp/pc from signal context.
R=danno@chromium.org,jkummerow@chromium.org,jochen@chromium.org,jyan@ca.ibm.com,michael_dawson@ca.ibm.com,mbrandy@us.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1777593003
Cr-Commit-Position: refs/heads/master@{#34674}
This is highly performance sensitive as there is no faster path; it's
used directly by the IC.
BUG=chromium:592305
LOG=n
Review URL: https://codereview.chromium.org/1778493005
Cr-Commit-Position: refs/heads/master@{#34660}
Introducing the KeyAccumulator accidentally removed some crucial fast-paths.
This CL starts rewriting the KeyAccumulator, step-by-step introducing the
special cases again.
BUG=chromium:545503, v8:4758
LOG=y
Review URL: https://codereview.chromium.org/1707743002
Cr-Commit-Position: refs/heads/master@{#34532}
Frames entering of inside wasm don't have a function or context argument.
Adding distinct wasm frame and function types to express this.
Fixes a GC issue on several embenchen wasm tests, reenabling them.
BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=mjsunit/wasm/embenchen
R=titzer@chromium.org,aseemgarg@chromium.org,jfb@chromium.org,yangguo@chromium.org
LOG=N
Review URL: https://codereview.chromium.org/1764603003
Cr-Commit-Position: refs/heads/master@{#34476}
This is more consistent with the current naming scheme (i.e. IsCallable
for callable bit on map, IsConstructor for constructor bit on map, and
now IsUndetectable for undetectable bit on map).
Also simplify the fallthrough case for Object::Equals, because we don't
need to check for Null or Undefined or Undetectable, as both Null and
Undefined already have the undetectable bit set on their maps.
R=machenbach@chromium.org
Review URL: https://codereview.chromium.org/1756413003
Cr-Commit-Position: refs/heads/master@{#34458}
This introduces a new instance type and reorders the JSObject types so any type requiring special LookupIterator support can be identified with a single range check.
In addition, it restructures the Next for better performance, avoiding unnecessary calls.
BUG=
Review URL: https://codereview.chromium.org/1751043002
Cr-Commit-Position: refs/heads/master@{#34429}
This relaxes the constraints of the optimized code map in order to be
able to update existing entries. It also simplifies the interface a
little bit. We can now insert an entry for a newly allocated literals
array together with previously cached context-independent code.
R=mvstanton@chromium.org
Review URL: https://codereview.chromium.org/1753213002
Cr-Commit-Position: refs/heads/master@{#34427}
Reason for revert:
ARM64 GCStress failure
Original issue's description:
> [crankshaft] Inline hasOwnProperty when used in fast-case for-in
>
> e.g.,
>
> for (var k in o) {
> if (!o.hasOwnProperty(k)) continue;
> ...
> }
>
> without enumerable properties on the prototype chain of o.
>
> BUG=
>
> Committed: https://crrev.com/dec80752eb344dfeb85588e61ac0afd22b11aadb
> Cr-Commit-Position: refs/heads/master@{#34379}
TBR=bmeurer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review URL: https://codereview.chromium.org/1748143004
Cr-Commit-Position: refs/heads/master@{#34380}
e.g.,
for (var k in o) {
if (!o.hasOwnProperty(k)) continue;
...
}
without enumerable properties on the prototype chain of o.
BUG=
Review URL: https://codereview.chromium.org/1742253002
Cr-Commit-Position: refs/heads/master@{#34379}
Rename the existing (patching) ToBooleanStub to ToBooleanICStub to match
our naming convention, and add a new TurboFan-powered ToBooleanStub,
which just does the ToBoolean conversion without any runtime call or
code patching, so we can use it for Ignition (and TurboFan).
Drive-by-fix: Add an Oddball::to_boolean field similar to the ones we
already have for to_string and to_number, so we don't need to actually
dispatch on the concrete Oddball at all.
R=epertoso@chromium.org, rmcilroy@chromium.org, yangguo@chromium.org
Review URL: https://codereview.chromium.org/1744163002
Cr-Commit-Position: refs/heads/master@{#34361}
Since both null and undefined are also marked as undetectable now, we
can just test that bit instead of having the CompareNilIC try to collect
feedback to speed up the general case (without the undetectable bit
being used).
Drive-by-fix: Update the type system to match the new handling of
undetectable in the runtime.
R=danno@chromium.org
Committed: https://crrev.com/666aec0348c8793e61c8633dee7ad29a514239ba
Cr-Commit-Position: refs/heads/master@{#34237}
Review URL: https://codereview.chromium.org/1722193002
Cr-Commit-Position: refs/heads/master@{#34344}
Adds support for cpu profiler logging to the interpreter. Modifies the
the API to be passed AbstractCode objects instead of Code objects, and
adds extra functions to AbstractCode which is required by log.cc and
cpu-profiler.cc.
The main change in sampler.cc is to determine if a stack frame is an
interpreter stack frame, and if so, use the bytecode address as the pc
for that frame. This allows sampling of bytecode functions. This
requires adding support to SafeStackIterator to determine if a frame is
interpreted, which we do by checking the PC against pre-stored addresses
for the start and end of interpreter entry builtins.
Also removes CodeDeleteEvents which are dead code and haven't
been reported for some time.
Still to do is tracking source positions which will be done in a
followup CL.
BUG=v8:4766
LOG=N
Review URL: https://codereview.chromium.org/1728593002
Cr-Commit-Position: refs/heads/master@{#34321}
Reason for revert:
Speculative revert in attempt to fix#2 crasher on canary.
Original issue's description:
> [compiler] Drop the CompareNilIC.
>
> Since both null and undefined are also marked as undetectable now, we
> can just test that bit instead of having the CompareNilIC try to collect
> feedback to speed up the general case (without the undetectable bit
> being used).
>
> Drive-by-fix: Update the type system to match the new handling of
> undetectable in the runtime.
>
> R=danno@chromium.org
>
> Committed: https://crrev.com/666aec0348c8793e61c8633dee7ad29a514239ba
> Cr-Commit-Position: refs/heads/master@{#34237}
TBR=danno@chromium.org,verwaest@chromium.org,bmeurer@chromium.org
LOG=y
BUG=chromium:589897
NOTRY=true
Review URL: https://codereview.chromium.org/1743433002
Cr-Commit-Position: refs/heads/master@{#34308}
This adds explicit setters for the SharedFunctionInfo::function_data
field. Such setters are safer because they allow for explicit checking
of which values are allowed, and they improve readability because the
intended semantics become clear for each call-site. Also fix a cctest
case along the way.
R=rmcilroy@chromium.org
Review URL: https://codereview.chromium.org/1730853005
Cr-Commit-Position: refs/heads/master@{#34297}
