Commit Graph

20347 Commits

Author SHA1 Message Date
caitpotter88
525385ab50 Fix ArrayConcat for JSValues/JSFunctions/JSRegExps with @@isConcatSpreadable
LOG=N
BUG=v8:3764, v8:3765
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/799803003

Cr-Commit-Position: refs/heads/master@{#25855}
2014-12-16 21:08:27 +00:00
arv
2639bfe993 ES6: Update unscopables to match spec
The spec ended up using Get(unscopables, propertyName) and
comparing the result to undefined instead of using Has.

BUG=v8:3632
LOG=Y
R=adamk, dslomov@chromium.org

Review URL: https://codereview.chromium.org/807893002

Cr-Commit-Position: refs/heads/master@{#25854}
2014-12-16 20:07:41 +00:00
arv
5f22fdd5ae Revert of ES6 computed property names (patchset #1 id:1 of https://codereview.chromium.org/807173002/)
Reason for revert:
Crashes Win32. It was not flake.

Original issue's description:
> ES6 computed property names
>
> This adds support for computed property names, under the flag
> --harmony-computed-property-names, for both object literals and
> classes.
>
> This is a revert of the revert, a76419f0f4 with
> no changes. I cannot reproduce the issue on Win8.1 or WinXP. Letting the bots
> try again.
>
> BUG=v8:3754
> LOG=Y
> TBR=dslomov@chromium.org

TBR=dslomov@chromium.org
NOTREECHECKS=true
NOTRY=true
BUG=v8:3754

Review URL: https://codereview.chromium.org/807033003

Cr-Commit-Position: refs/heads/master@{#25853}
2014-12-16 19:38:59 +00:00
erikcorry
7de5933759 Speed up ARM64 debug assembler more
R=ulan@chromium.org
BUG=

Review URL: https://codereview.chromium.org/810473004

Cr-Commit-Position: refs/heads/master@{#25852}
2014-12-16 17:46:41 +00:00
arv
a235b1076a ES6 computed property names
This adds support for computed property names, under the flag
--harmony-computed-property-names, for both object literals and
classes.

This is a revert of the revert, a76419f0f4 with
no changes. I cannot reproduce the issue on Win8.1 or WinXP. Letting the bots
try again.

BUG=v8:3754
LOG=Y
TBR=dslomov@chromium.org

Review URL: https://codereview.chromium.org/807173002

Cr-Commit-Position: refs/heads/master@{#25851}
2014-12-16 17:30:05 +00:00
hpayer
37f9bb72b9 Shrink initial old generation size based on new space survival rate.
BUG=

Review URL: https://codereview.chromium.org/785593002

Cr-Commit-Position: refs/heads/master@{#25850}
2014-12-16 16:26:34 +00:00
ulan
13449b6623 ARM: check immediate overflow in branch and mov_label_offset in release mode to catch crashes earlier.
BUG=chromium:440913
LOG=N

Review URL: https://codereview.chromium.org/810763002

Cr-Commit-Position: refs/heads/master@{#25849}
2014-12-16 15:35:38 +00:00
erik.corry
0e1b46ba31 Fix quadratic test in debug-mode ARM64 assembler
R=jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/812593002

Cr-Commit-Position: refs/heads/master@{#25848}
2014-12-16 15:17:22 +00:00
dslomov
52e487d7a2 Make sure FunctionToMethod is lazily compiled.
R=arv@chromium.org
BUG=v8:3330
LOG=N

Review URL: https://codereview.chromium.org/808723002

Cr-Commit-Position: refs/heads/master@{#25847}
2014-12-16 15:09:56 +00:00
Jakob Kummerow
d5e6462d86 Bump the limit for test-heap/TestSizeOfRegExpCode
R=erik.corry@gmail.com

Review URL: https://codereview.chromium.org/808773003

Cr-Commit-Position: refs/heads/master@{#25846}
2014-12-16 14:29:06 +00:00
jkummerow
01a0931728 Add tools/find-commit-for-patch.py
It searches for a commit that a given patch can cleanly be applied to.

Review URL: https://codereview.chromium.org/799273003

Cr-Commit-Position: refs/heads/master@{#25845}
2014-12-16 14:25:00 +00:00
jkummerow
028425916f Follow-up to r25822: only internalize short strings optimistically
BUG=chromium:442703
LOG=n
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/809723002

Cr-Commit-Position: refs/heads/master@{#25844}
2014-12-16 14:21:32 +00:00
svenpanne
cbf3b0bcc7 More -fsanitize=vptr fixes.
This actually fixes 3 different issues when accessing Operand1:

   * Object vs. HeapObject

   * Wrong defaults for equals/hash

   * silently dropping const

TEST=test/mjsunit/regress/regress-441099.js
BUG=chromium:441099
LOG=y

Review URL: https://codereview.chromium.org/812563002

Cr-Commit-Position: refs/heads/master@{#25843}
2014-12-16 14:20:28 +00:00
ishell
08146dc023 Introduced PropertyType ACCESSOR_FIELD.
Review URL: https://codereview.chromium.org/805453002

Cr-Commit-Position: refs/heads/master@{#25842}
2014-12-16 13:22:31 +00:00
dcarney
0349f7b71f [turbofan] enable stack slot reuse
BUG=

Review URL: https://codereview.chromium.org/793683002

Cr-Commit-Position: refs/heads/master@{#25841}
2014-12-16 13:09:23 +00:00
Benedikt Meurer
2b4eb88cdd [turbofan] Cache conversions inserted during typed lowering.
This greatly reduces the number of nodes in the graph (by more than 20x in
some extreme cases) for the Emscripten python interpreter main function.

BUG=v8:3763
LOG=y
TEST=cctest,mjsunit,unittests
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/802353003

Cr-Commit-Position: refs/heads/master@{#25840}
2014-12-16 12:59:16 +00:00
erik.corry
d287f225a3 Limit code size generated for very large regexps
R=jkummerow@chromium.org, yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/799403003

Cr-Commit-Position: refs/heads/master@{#25839}
2014-12-16 12:33:32 +00:00
marja
978f41a1da RegExpParser: Fix Reset()ting to the end.
The bug would occur when we try to Reset() to a position already at the end.

This happens e.g., when the regexp ends with \u. What used to happen in that
case: 1) Advance past \ and u (to the end) (which wouldn't increase next_pos_
enough) 2) Try to parse 4 hex digits 3) When that failed, Reset() to the
position which should've been at the end but wasn't.

To be able to properly Reset() to a position at the end, we need to allow
next_pos_ to move beyond the end (since position() is next_pos_ - 1).

Minimal repro case:

var r = /foo\u/
r.test("foou") // should be true, was false.

(Note that \u not followed by 4 hex didits should be interpreted as an identity
escape. It already worked unless \u was at the end of the regexp.)

BUG=v8:3756
LOG=NO

Review URL: https://codereview.chromium.org/802313003

Cr-Commit-Position: refs/heads/master@{#25838}
2014-12-16 12:14:19 +00:00
titzer
0f619463f2 [turbofan] First version of loop analysis: loop finder on the soup of nodes.
R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/803993002

Cr-Commit-Position: refs/heads/master@{#25837}
2014-12-16 09:36:40 +00:00
Benedikt Meurer
9754c38573 [turbofan] Always align loop headers at 16-byte boundaries.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/811713002

Cr-Commit-Position: refs/heads/master@{#25836}
2014-12-16 07:56:18 +00:00
Sven Panne
1ee700c45a Log V8 version in profiler log file
Patch from issue 800293002 authored by ben@strongloop.com

TBR=yangguo@chromium.org

Review URL: https://codereview.chromium.org/806143002

Cr-Commit-Position: refs/heads/master@{#25835}
2014-12-16 07:40:13 +00:00
Benedikt Meurer
54a31b628d [base] Add iterator_range helper class.
TEST=unittests
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/810683003

Cr-Commit-Position: refs/heads/master@{#25834}
2014-12-16 07:32:03 +00:00
chunyang.dai
ab7622a094 X87: [turbofan] Remove the no-context hack for JSToNumber.
port d211608a3e

original commit message:
  [turbofan] Remove the no-context hack for JSToNumber.

  The ToNumberStub is now able to handle all plain primitives (Numbers,
  Booleans, Null, Undefined and Strings) without context access.

BUG=

Review URL: https://codereview.chromium.org/810683002

Cr-Commit-Position: refs/heads/master@{#25833}
2014-12-16 07:14:00 +00:00
Benedikt Meurer
283175d984 [turbofan] Relax effects and context for JSToNumber(x:plain-primitive).
Relanded with fix for always returning Change for PlainPrimitive even
if there was no change. The performance regression on primes.js and
corrections.js is due to unlucky loop header alignment; will be addressed
separately.

TEST=unittests
R=svenpanne@chromium.org

Committed: 75484e8d16

Review URL: https://codereview.chromium.org/799413002

Cr-Commit-Position: refs/heads/master@{#25832}
2014-12-16 05:39:46 +00:00
bmeurer
2c30ab6616 Revert of [turbofan] Relax effects and context for JSToNumber(x:plain-primitive). (patchset #1 id:1 of https://codereview.chromium.org/799413002/)
Reason for revert:
Performance regressions on primes and corrections benchmarks.

Original issue's description:
> [turbofan] Relax effects and context for JSToNumber(x:plain-primitive).
>
> TEST=unittests
> R=svenpanne@chromium.org
>
> Committed: 75484e8d16

TBR=svenpanne@chromium.org
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/806103002

Cr-Commit-Position: refs/heads/master@{#25831}
2014-12-16 04:45:09 +00:00
v8-autoroll
8e7b7daefc Update V8 DEPS.
Rolling v8/tools/clang to 6538d768c1dd43ad3942574cfc5ba90a8e1e0517

TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/803183005

Cr-Commit-Position: refs/heads/master@{#25830}
2014-12-16 04:28:50 +00:00
jkummerow
60dafcaab2 Add infrastructure to keep track of references to prototypes.
There are no users of this infrastructure yet, so it's behind an off-by-default flag.

Review URL: https://codereview.chromium.org/768633002

Cr-Commit-Position: refs/heads/master@{#25829}
2014-12-15 19:57:54 +00:00
caitpotter88
aed5d734e6 Use proper ToLength() operation in %ArrayConcat()
LOG=N
R=dslomov@chromium.org
BUG=

Review URL: https://codereview.chromium.org/799853003

Cr-Commit-Position: refs/heads/master@{#25828}
2014-12-15 19:08:41 +00:00
rmcilroy
94071011ac [GN] Output external snapshot blobs in out directory.
The snapshot and natives blob files should be output in the out directory
instead of the gen directory so that they can be picked up by the
executable.

BUG=421063
LOG=N

Review URL: https://codereview.chromium.org/805813004

Cr-Commit-Position: refs/heads/master@{#25827}
2014-12-15 17:01:08 +00:00
dslomov
6d35dedf6e Ship ES6 classes.
R=arv@chromium.org
BUG=v8:3330
LOG=Y

Review URL: https://codereview.chromium.org/808433002

Cr-Commit-Position: refs/heads/master@{#25826}
2014-12-15 16:44:00 +00:00
arv
a76419f0f4 Revert of ES6 computed property names (patchset #9 id:160001 of https://codereview.chromium.org/795573005/)
Reason for revert:
Crashes on Win32

http://build.chromium.org/p/client.v8/builders/V8%20Win32%20-%201/builds/1357

Test: mjsunit/harmony/computed-property-names
Flags: --stress-opt --always-opt
Command: build\Release\d8.exe --test --random-seed=-233815021 --stress-opt --always-opt --nohard-abort --nodead-code-elimination --nofold-constants --harmony-computed-property-names test\mjsunit\mjsunit.js test\mjsunit\harmony\computed-property-names.js

Run #1
Exit code: -1073741819
Result: CRASH
Expected outcomes: PASS

Run #2
Exit code: -1073741819
Result: CRASH
Expected outcomes: PASS

Run #3
Exit code: -1073741819
Result: CRASH
Expected outcomes: PASS

Original issue's description:
> ES6 computed property names
>
> This adds support for computed property names, under the flag
> --harmony-computed-property-names, for both object literals and
> classes.
>
> BUG=v8:3754
> LOG=Y

TBR=dslomov@chromium.org,wingo@igalia.com
NOTREECHECKS=true
NOTRY=true
BUG=v8:3754

Review URL: https://codereview.chromium.org/809433002

Cr-Commit-Position: refs/heads/master@{#25825}
2014-12-15 16:38:42 +00:00
balazs.kilvady
9167c996d3 MIPS: [turbofan] Remove the no-context hack for JSToNumber.
Port d211608a3e

Original commit message:
The ToNumberStub is now able to handle all plain primitives (Numbers,
Booleans, Null, Undefined and Strings) without context access.

TEST=cctest,mjsunit,unittests
BUG=

Review URL: https://codereview.chromium.org/803973002

Cr-Commit-Position: refs/heads/master@{#25824}
2014-12-15 16:02:05 +00:00
jkummerow
ed6e1735b6 Add fast path for array indices to Runtime_HasOwnProperty
Review URL: https://codereview.chromium.org/803833004

Cr-Commit-Position: refs/heads/master@{#25823}
2014-12-15 15:57:55 +00:00
jkummerow
c060f4e26c Internalize strings being stored into uninitialized property cells
Review URL: https://codereview.chromium.org/804993002

Cr-Commit-Position: refs/heads/master@{#25822}
2014-12-15 15:46:11 +00:00
arv
6e38caf8d3 ES6 computed property names
This adds support for computed property names, under the flag
--harmony-computed-property-names, for both object literals and
classes.

BUG=v8:3754
LOG=Y

Review URL: https://codereview.chromium.org/795573005

Cr-Commit-Position: refs/heads/master@{#25821}
2014-12-15 15:27:19 +00:00
jochen
a8045635cb Take the build level into account for the version hash
build is the third number of the V8 version, and very likely to change
(in contrast to the patch level which typically is zero on canaries).

BUG=chromium:440984
R=mvstanton@chromium.org,yangguo@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/802363002

Cr-Commit-Position: refs/heads/master@{#25820}
2014-12-15 14:28:33 +00:00
hpayer
e3479c553c Reland Call DisableInlineAllocation() in heap setup when flag inline_new is off.
BUG=

Review URL: https://codereview.chromium.org/806783002

Cr-Commit-Position: refs/heads/master@{#25819}
2014-12-15 14:02:06 +00:00
Benedikt Meurer
75484e8d16 [turbofan] Relax effects and context for JSToNumber(x:plain-primitive).
TEST=unittests
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/799413002

Cr-Commit-Position: refs/heads/master@{#25818}
2014-12-15 13:42:54 +00:00
fedor.indutny
f6e68d2c2c Hydrogen: fix keyed loads with string keys
Keyed loads should not unconditionally be compiled to element loads. Update KeyedLoadICs to keep track of the key type, so that Hydrogen can emit ICs for string-keyed loads it doesn't have inline support for.

BUG=v8:3167
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/755513003

Cr-Commit-Position: refs/heads/master@{#25817}
2014-12-15 13:36:23 +00:00
ishell
b74cfe4a8f LayoutDescriptorHelper is now able to calculate the length of contiguous regions of tagged/non-tagged fields.
This functionality is now used by both object visitor and store buffer.

TEST=cctest/test-unboxed-doubles

Review URL: https://codereview.chromium.org/726713003

Cr-Commit-Position: refs/heads/master@{#25816}
2014-12-15 12:13:21 +00:00
hpayer
286748c97b Revert of Call DisableInlineAllocation() in heap setup when flag inline_new is off. (patchset #1 id:1 of https://codereview.chromium.org/790353006/)
Reason for revert:
Fix Windows nosnap.

Original issue's description:
> Call DisableInlineAllocation() in heap setup when flag inline_new is off.
>
> BUG=

TBR=ulan@chromium.org,mstarzinger@chromium.org
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/794053003

Cr-Commit-Position: refs/heads/master@{#25815}
2014-12-15 11:39:27 +00:00
bmeurer
d211608a3e [turbofan] Remove the no-context hack for JSToNumber.
The ToNumberStub is now able to handle all plain primitives (Numbers,
Booleans, Null, Undefined and Strings) without context access.

TEST=cctest,mjsunit,unittests

Review URL: https://codereview.chromium.org/801333002

Cr-Commit-Position: refs/heads/master@{#25814}
2014-12-15 11:14:16 +00:00
hpayer
3c30f6e1f6 Call DisableInlineAllocation() in heap setup when flag inline_new is off.
BUG=

Review URL: https://codereview.chromium.org/790353006

Cr-Commit-Position: refs/heads/master@{#25813}
2014-12-15 11:13:05 +00:00
Benedikt Meurer
6e7ceee4d0 [turbofan] Correctify TruncateFloat64ToInt32 reduction in MachineOperatorReducer.
TEST=unittests
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/801263002

Cr-Commit-Position: refs/heads/master@{#25812}
2014-12-15 07:46:21 +00:00
Benedikt Meurer
c0bd56a510 [turbofan] Remove obsolete contains_js_nodes_ field.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/806653003

Cr-Commit-Position: refs/heads/master@{#25811}
2014-12-15 07:37:38 +00:00
adamk
4fb4d75db6 Use C++11 nullptr in Hydrogen to replace static_cast<HValue*>(NULL)
Review URL: https://codereview.chromium.org/805523002

Cr-Commit-Position: refs/heads/master@{#25810}
2014-12-15 04:33:15 +00:00
mathiasb
b24f04d4c3 Make RegExp.prototype.flags getter configurable
TEST=mjsunit/harmony
BUG=v8:3751
LOG=N

Review URL: https://codereview.chromium.org/788053003

Cr-Commit-Position: refs/heads/master@{#25809}
2014-12-13 22:36:29 +00:00
caitpotter88
48054170e9 Implement ES6 @@isConcatSpreadable / Array.prototype.concat
Add support for Symbol.isConcatSpreadable in Array.prototype.concat. This enables spreading non-Array objects with the symbol.

LOG=N
R=dslomov@chromium.org
BUG=

Review URL: https://codereview.chromium.org/771483002

Cr-Commit-Position: refs/heads/master@{#25808}
2014-12-12 18:38:48 +00:00
danno
10b38df268 [turbofan]: Fix x64 regression during ia32 lea port
Review URL: https://codereview.chromium.org/795353008

Cr-Commit-Position: refs/heads/master@{#25807}
2014-12-12 18:17:01 +00:00
adamk
a32291fa1f Stop sending Object.observe notifications for API accessor properties
Such properties never notified prior to r21558, but the combination of
that change and r23163 led to sending notifications when they were
set via Object.defineProperty (but not when set via other means).

This also allows some cleanup in v8natives.js and objects.cc,
both of which were doing unnecessary contortions to produce the right
change records.

BUG=v8:3745
LOG=n

Review URL: https://codereview.chromium.org/791243002

Cr-Commit-Position: refs/heads/master@{#25806}
2014-12-12 18:15:52 +00:00