Crankshaft can't track operand/environment changes between arbitrary statements.
We need that to fully support do-expressions. Instead, a subset is supported
by bailing out on break statements, continue statements, and if we've made an
OSR entry within a do-expression.
This partial support is a good idea because do-expressions are a useful tool
for desugaring during parsing.
BUG=
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/1769463002
Cr-Commit-Position: refs/heads/master@{#34491}
Typo in implementation of FastNewObjectStub::Generate for MIPS32
cause unnecessary calls to slow Runtime::kNewObject
TEST=cctest/test-heap-profiler/TrackBumpPointerAllocations
BUG=
Review URL: https://codereview.chromium.org/1762263002
Cr-Commit-Position: refs/heads/master@{#34490}
This removes the entry point to the compiler API which allows requesting
lazily compiled full-codegen code. The aim is to eventually allow the
decisions of which baseline compiler should be used (e.g. Ignition or
full-codegen) be centralized within the compiler pipeline.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/1764963002
Cr-Commit-Position: refs/heads/master@{#34489}
This is the equivalent of the fast-path in
ApplyTransitionToDataProperty.
BUG=588893, 325923
LOG=n
Review URL: https://codereview.chromium.org/1765633003
Cr-Commit-Position: refs/heads/master@{#34488}
On 32-bit systems FXXXConvertI64 instructions are compiled to calls to
C functions. The TF node for the function call is already generated in
the wasm compiler, the lowering of the I64 parameter is done in the
Int64Lowering.
R=titzer@chromium.org, yangguo@chromium.org
Review URL: https://codereview.chromium.org/1738623003
Cr-Commit-Position: refs/heads/master@{#34487}
Add StringLessThanStub, StringLessThanOrEqualStub, StringGreaterThanStub
and StringGreaterThanOrEqualStub, based on the CodeStubAssembler, and
hook them up with TurboFan (and Ignition). The stubs are currently
essentially comparable with the StringCompareStub, which is now
obsolete. We can later extend these stubs to cover more interesting
cases (i.e. two byte sequential string comparisons, etc.).
R=epertoso@chromium.org
Review URL: https://codereview.chromium.org/1765823002
Cr-Commit-Position: refs/heads/master@{#34485}
This CL also disables inlining of calls at tail position.
This is a preparational step. Tail call elimination itself is neither enabled nor supported yet.
BUG=v8:4698
LOG=N
Review URL: https://codereview.chromium.org/1761023003
Cr-Commit-Position: refs/heads/master@{#34484}
According to https://www.w3.org/TR/html5/obsolete.html#dom-document-all
the undetectable bit (for document.all) only affects comparisons with
undefined and null. In particular comparisons with other values are not
affected, so we can actually simplify the handling of undetectable a
lot by only checking it when null or undefined might be involved (this
is actually in line with what the CompareIC does).
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
R=verwaest@chromium.org
Review URL: https://codereview.chromium.org/1764613004
Cr-Commit-Position: refs/heads/master@{#34483}
Reason for revert:
[Sheriff] Speculative. Seems to break a bunch of webkit tests and causes timeouts:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/5103
Please rebase upstream if intended.
Original issue's description:
> Introduce v8::MicrotasksScope.
>
> This scope is used to control microtasks execution when MicrotasksPolicy::kScoped is engaged.
>
> BUG=chromium:585949
> LOG=Y
> TEST=ScopedMicrotasks
>
> Committed: https://crrev.com/db77cec242dbdf8ee26da8232fa930270429f253
> Cr-Commit-Position: refs/heads/master@{#34472}
TBR=jochen@chromium.org,adamk@chromium.org,dgozman@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:585949
Review URL: https://codereview.chromium.org/1762943002
Cr-Commit-Position: refs/heads/master@{#34480}
port 2689548e38 (r34459)
original commit message:
These new stubs perform exactly the same job as the string equality case
for the CompareIC, but are platform independent and usable outside of
fullcodegen and Crankshaft. We use them in the StrictEqualStub and the
StrictNotEqualStub instead of falling back to the runtime immediately
for String comparisons, and we also use them in TurboFan to perform
String equality or inequality comparisons.
These stubs currently handle only internalized and one byte strings w/o
going to C++, but it should be easy to add support for more string cases
later, i.e. utilizing already flattened cons strings or comparing two
byte strings as well.
BUG=
Review URL: https://codereview.chromium.org/1760343002
Cr-Commit-Position: refs/heads/master@{#34479}
Frames entering of inside wasm don't have a function or context argument.
Adding distinct wasm frame and function types to express this.
Fixes a GC issue on several embenchen wasm tests, reenabling them.
BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=mjsunit/wasm/embenchen
R=titzer@chromium.org,aseemgarg@chromium.org,jfb@chromium.org,yangguo@chromium.org
LOG=N
Review URL: https://codereview.chromium.org/1764603003
Cr-Commit-Position: refs/heads/master@{#34476}
This scope is used to control microtasks execution when MicrotasksPolicy::kScoped is engaged.
BUG=chromium:585949
LOG=Y
TEST=ScopedMicrotasks
Review URL: https://codereview.chromium.org/1741893003
Cr-Commit-Position: refs/heads/master@{#34472}
ES2015 generally bans FunctionDeclarations in positions which expect a Statement,
as opposed to a StatementListItem, such as a FunctionDeclaration which constitutes
the body of a for loop. However, Annex B 3.2 and 3.4 make exceptions for labeled
function declarations and function declarations as the body of an if statement in
sloppy mode, in the latter case specifying that the semantics are as if the
function declaration occurred in a block. Chrome has historically permitted
further extensions, for the body of any flow control construct.
This patch addresses both the syntactic and semantic mismatches between V8 and
the spec. For the semantic mismatch, function declarations as the body of if
statements change from unconditionally hoisting in certain cases to acquiring
the sloppy mode function in block semantics (based on Annex B 3.3). For the
extra syntax permitted, this patch adds a flag,
--harmony-restrictive-declarations, which excludes disallowed function declaration
cases. A new UseCounter, LegacyFunctionDeclaration, is added to count how often
function declarations occur as the body of other constructs in sloppy mode. With
this patch, the code generally follows the form of the specification with respect
to parsing FunctionDeclarations, rather than allowing them in arbitrary Statement
positions, and makes it more clear where our extensions occur.
BUG=v8:4647
R=adamk
LOG=Y
Review URL: https://codereview.chromium.org/1757543003
Cr-Commit-Position: refs/heads/master@{#34470}
CallSite depends on using the function name to get ahold of the property
name from which an exception was thrown. This fix properly handles the
ES2015 names for getters and setters. The new tests pass both with
--harmony-function-name off and on.
BUG=v8:3699
LOG=n
Review URL: https://codereview.chromium.org/1751403004
Cr-Commit-Position: refs/heads/master@{#34469}
This CL fixes the bugs caused by the following CL:
50a394d -- MIPS64: Fix 'MIPS: use DAHI/DATH for li macro on mips64r6.'
Port 1f5b84e467
MIPS: use DAHI/DATH for li macro on mips64r6.
LUI instruction would sign extend into higher 32bits, in that case we might need to use DAHI, DATI to overwrite the extension.
The bug will occur when we are loading some addresses such as 0x00007fffffffxxxx.
BUG=
TEST=test-run-native-calls/Run_Int32_Select_*, test-run-native-calls/Run_Int32_WeightedSum_*, test-run-native-calls/Run_Int32_WeightedSum_*, test-run-native-calls/Run_Int32_Select_*
Review URL: https://codereview.chromium.org/1763733002
Cr-Commit-Position: refs/heads/master@{#34467}
Sets the code up so it'll be easier to have section names as strings instead of
hard-coded numbers. Using strings will require synchronizing with sexpr-wasm.
Mostly NFC (besides now skipping *all* unknown sections).
R=titzer@chromium.org
Review URL: https://codereview.chromium.org/1743773002
Cr-Commit-Position: refs/heads/master@{#34464}
This adds new code stubs for abstract relational comparison,
namely LessThanStub, LessThanOrEqualStub, GreaterThanStub and
GreaterThanOrEqualStub, and hooks them up for Ignition and TurboFan.
These stubs implement the full compare operation without any
unpredictable bailouts. Currently they still go to C++ for string
comparisons, and also use the %ToPrimitive_Number runtime entry, as
we still lack a stub for the ToPrimitive operation. These issues
will be addressed separately in follow-up CLs.
Drive-by-fix: Add support for deferred code in the RawMachineAssembler
and CodeStubAssembler. A block can be marked as deferred by marking its
Label as deferred, which will then make the register allocator penalize
this block and prefer better register assignments for the other blocks.
R=epertoso@chromium.org
Review URL: https://codereview.chromium.org/1759133002
Cr-Commit-Position: refs/heads/master@{#34463}
Port 2689548e38
Original commit message:
These new stubs perform exactly the same job as the string equality case
for the CompareIC, but are platform independent and usable outside of
fullcodegen and Crankshaft. We use them in the StrictEqualStub and the
StrictNotEqualStub instead of falling back to the runtime immediately
for String comparisons, and we also use them in TurboFan to perform
String equality or inequality comparisons.
These stubs currently handle only internalized and one byte strings w/o
going to C++, but it should be easy to add support for more string cases
later, i.e. utilizing already flattened cons strings or comparing two
byte strings as well.
R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1763723002
Cr-Commit-Position: refs/heads/master@{#34462}
Changes MacroAssembler::GenerateSwitchTable to make sure that 'ra' is properly restored.
BUG=
Review URL: https://codereview.chromium.org/1761863002
Cr-Commit-Position: refs/heads/master@{#34460}
These new stubs perform exactly the same job as the string equality case
for the CompareIC, but are platform independent and usable outside of
fullcodegen and Crankshaft. We use them in the StrictEqualStub and the
StrictNotEqualStub instead of falling back to the runtime immediately
for String comparisons, and we also use them in TurboFan to perform
String equality or inequality comparisons.
These stubs currently handle only internalized and one byte strings w/o
going to C++, but it should be easy to add support for more string cases
later, i.e. utilizing already flattened cons strings or comparing two
byte strings as well.
Review URL: https://codereview.chromium.org/1761823002
Cr-Commit-Position: refs/heads/master@{#34459}
This is more consistent with the current naming scheme (i.e. IsCallable
for callable bit on map, IsConstructor for constructor bit on map, and
now IsUndetectable for undetectable bit on map).
Also simplify the fallthrough case for Object::Equals, because we don't
need to check for Null or Undefined or Undetectable, as both Null and
Undefined already have the undetectable bit set on their maps.
R=machenbach@chromium.org
Review URL: https://codereview.chromium.org/1756413003
Cr-Commit-Position: refs/heads/master@{#34458}
The support was already removed from the Crankshaft and this CL removes the last piece.
Review URL: https://codereview.chromium.org/1764593002
Cr-Commit-Position: refs/heads/master@{#34456}
port 4acb492e14 (r34423)
original commit message:
Initial version of a new StrictEqualStub written as TurboFan code stub,
that implements the full strict equality comparison and is usable for
both TurboFan and Ignition (and soon for the generic CompareIC case
too). The stub is not fully optimized yet, i.e. we still go to the
runtime for string comparisons, but that'll be addressed in a follow-up
CL.
BUG=
Review URL: https://codereview.chromium.org/1762533002
Cr-Commit-Position: refs/heads/master@{#34454}
port c129aa4d39 (r34239)
original commit message:
These macro operators represent a conditional eager deoptimization exit
without explicit branching, which greatly reduces overhead of both
scheduling and register allocation, and thereby greatly reduces overall
compilation time, esp. when there are a lot of eager deoptimization
exits.
BUG=
Review URL: https://codereview.chromium.org/1762483003
Cr-Commit-Position: refs/heads/master@{#34453}
We cannot optimize away ToNumber conversions based on the Type that we
see in Crankshaft, as this might be the (unchecked or even pretruncated)
lower bound. We can only use the HType, which is based on the definition.
R=jkummerow@chromium.org
BUG=chromium:590989
LOG=n
Review URL: https://codereview.chromium.org/1757013002
Cr-Commit-Position: refs/heads/master@{#34445}
Port 4acb492e14
Original commit message:
Initial version of a new StrictEqualStub written as TurboFan code stub,
that implements the full strict equality comparison and is usable for
both TurboFan and Ignition (and soon for the generic CompareIC case
too). The stub is not fully optimized yet, i.e. we still go to the
runtime for string comparisons, but that'll be addressed in a follow-up
CL.
R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1756243002
Cr-Commit-Position: refs/heads/master@{#34444}
The ES2016 draft spec defines a sort of fast path for constructing
a TypedArray based on another TypedArray. This patch implements that
alternative path in TypedArray construction. It is verified by
test262 tests, which now pass. This patch also has a slight cleanup
of TypedArray code by using a macro for TypedArray type checks, as
is done for other types.
This patch includes a minor spec violation: In the same-type case, the
spec indicates that the underlying ArrayBuffer should be copied until
the end, and this is fixed up by making the [[ArrayLength]] shorter.
This is observable with the buffer getter. This patch just copies the
used part of the underlying ArrayBuffer.
R=adamk
BUG=v8:4726
LOG=Y
Review URL: https://codereview.chromium.org/1754593003
Cr-Commit-Position: refs/heads/master@{#34443}
The CompilationPhase helper class is only used in Crankshaft and is not
suitable for use in other compilers. This factors is out into a separate
file and moves it into the "crankshaft" directory.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/1758773002
Cr-Commit-Position: refs/heads/master@{#34441}
There is no reason to keep around the HOptimizedGraphBuilder after the
graph has successfully been built. Later phases in OptimizedCompileJob
should not rely on it anymore.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/1756183002
Cr-Commit-Position: refs/heads/master@{#34440}
Otherwise e.g.,
"use strict";
class C { static f() { super.location = "http://bla.com" }}
C.f.call(this);
will mask location on the hidden prototype of the JSGlobalObject.
BUG=
Review URL: https://codereview.chromium.org/1757933002
Cr-Commit-Position: refs/heads/master@{#34432}
This introduces a new instance type and reorders the JSObject types so any type requiring special LookupIterator support can be identified with a single range check.
In addition, it restructures the Next for better performance, avoiding unnecessary calls.
BUG=
Review URL: https://codereview.chromium.org/1751043002
Cr-Commit-Position: refs/heads/master@{#34429}
This relaxes the constraints of the optimized code map in order to be
able to update existing entries. It also simplifies the interface a
little bit. We can now insert an entry for a newly allocated literals
array together with previously cached context-independent code.
R=mvstanton@chromium.org
Review URL: https://codereview.chromium.org/1753213002
Cr-Commit-Position: refs/heads/master@{#34427}
Generalize the code that we have for StrictEqualStub to also general a
StrictNotEqualStub and hook that up with TurboFan and Ignition. It's
still falling back to the runtime for every String (in)equality check.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1756793002
Cr-Commit-Position: refs/heads/master@{#34426}
The macro is currently used by AllocateHeapNumberStub and AllocateMutableHeapNumberStub, which are now turbofan code stubs.
It can be used to allocate objects in the new or old space, optionally with double alignment.
BUG=588692
LOG=y
Review URL: https://codereview.chromium.org/1735803003
Cr-Commit-Position: refs/heads/master@{#34424}
Initial version of a new StrictEqualStub written as TurboFan code stub,
that implements the full strict equality comparison and is usable for
both TurboFan and Ignition (and soon for the generic CompareIC case
too). The stub is not fully optimized yet, i.e. we still go to the
runtime for string comparisons, but that'll be addressed in a follow-up
CL.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1753173003
Cr-Commit-Position: refs/heads/master@{#34423}
The function literal consists of a list of statements. Each statement
is associated with a statement position including break location. The
only exception to this rule is when the function immediately throws if
scope resolution found an illegal redeclaration. Make sure that we add a
break location for this case as well. The debugger relies on this.
R=bmeurer@chromium.org, vogelheim@chromium.org
BUG=v8:4690
LOG=N
Review URL: https://codereview.chromium.org/1759603002
Cr-Commit-Position: refs/heads/master@{#34422}
port dbf5fffd2d (r34397)
original commit message:
In ia32 PushArgsAndConstruct builtin, we run out of registers and need to
temporarily store the data in the stack. In the earlier implementation,
a location outside the esp was used. This causes a problem if there is a
interrupt/signals which would use the same stack and corrupt the data that
is above the esp. This cl fixes it by pushing it onto the stack so that
the stack pointer is updated and hence the corruption will not happen. We
reuse the slot meant for receiver as a temporary store.
BUG=
Review URL: https://codereview.chromium.org/1756743002
Cr-Commit-Position: refs/heads/master@{#34420}
Add support to log source position offsets to the profiler. As part of
this change PositionsRecorder is split into two, with the subset needed
by log.cc moved into log.h and the remainder kept in assembler.h as
AssemblerPositionsRecorder. The interpreter's source position table
builder is updated to log positions when the profiler is active.
BUG=v8:4766
LOG=N
Review URL: https://codereview.chromium.org/1737043002
Cr-Commit-Position: refs/heads/master@{#34416}
Fixes a bug in the constant pool padding calculation.
BUG=v8:4680
LOG=N
Review URL: https://codereview.chromium.org/1749853002
Cr-Commit-Position: refs/heads/master@{#34403}
Runtime asserts are were previously a bit annoying to debug, due to
the lack of a useful error message, even in debug mode. This patch
prints out some more information in debug mode for runtime assert
failures while preserving their exception-throwing semantics. While
we're at it, it requires a semicolon after RUNTIME_ASSERT macro
invocations.
```
$ rlwrap out/Debug/d8 --allow-natives-syntax
V8 version 5.1.0 (candidate)
d8> %ArrayBufferNeuter(1)
#
# Runtime error in ../../src/runtime/runtime-typedarray.cc, line 52
#
# args[0]->IsJSArrayBuffer()
==== C stack trace ===============================
1: 0xf70ab5
2: 0xadeebf
3: 0xadedd4
4: 0x2ef17630693b
(d8):1: illegal access
%ArrayBufferNeuter(1)
^
d8>
```
Also give the other 'illegal access' case (a special SyntaxError type) a more
descriptive error message for its sole usage.
R=adamk
Review URL: https://codereview.chromium.org/1748183002
Cr-Commit-Position: refs/heads/master@{#34401}
Initial implementation of S390 specific debug and IC functions.
R=danno@chromium.org,jkummerow@chromium.org,jochen@chromium.org,jyan@ca.ibm.com,michael_dawson@ca.ibm.com,mbrandy@us.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1743263003
Cr-Commit-Position: refs/heads/master@{#34400}
In ia32 PushArgsAndConstruct builtin, we run out of registers and need to
temporarily store the data in the stack. In the earlier implementation,
a location outside the esp was used. This causes a problem if there is a
interrupt/signals which would use the same stack and corrupt the data that
is above the esp. This cl fixes it by pushing it onto the stack so that
the stack pointer is updated and hence the corruption will not happen. We
reuse the slot meant for receiver as a temporary store.
TBR=rmcilroy@chromium.org
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1750373002
Cr-Commit-Position: refs/heads/master@{#34397}
When we try to optimize a function with Crankshaft, but compilation
bails out, don't disable optimization for that function entirely,
just disable Crankshaft, so TurboFan will be used for the next attempt.
Thereby this widens the TurboFan intake valve.
Review URL: https://codereview.chromium.org/1751873002
Cr-Commit-Position: refs/heads/master@{#34396}
Adds the translation from optimized frame to bytecode offset
in FrameSummary. For interpreter, the bailout id represents the bytecode
array offset. So we can directly use the bailout id as the code offset
in the FrameSummary. Also updates mjsunit.status with more information
about failing tests.
BUG=v8:4280, v8:4689
LOG=N
Review URL: https://codereview.chromium.org/1740753002
Cr-Commit-Position: refs/heads/master@{#34393}
The preparser should ignore "use strong" if the --strong_mode flag
is not turned on, but this should not stop processing subsequent
directives.
R=rossberg@chromium.org
BUG=
LOG=N
Review URL: https://codereview.chromium.org/1752753002
Cr-Commit-Position: refs/heads/master@{#34392}
Similar to fullcodegen, Ignition now also marks a for-in statement as
slow (via the TypeFeedbackVector) when we have to call %ForInFilter,
i.e. we either have no enumeration cache or the receiver map changes
during an iteration of the for-in map.
R=mstarzinger@chromium.org
BUG=v8:3650
LOG=n
Review URL: https://codereview.chromium.org/1755563002
Cr-Commit-Position: refs/heads/master@{#34391}
We used to emit debug break location on block entry. This cannot be
ported to the interpreted as we do not emit bytecode for block entry.
This made no sense to begin with though, but accidentally added
break locations for var declarations.
With this change, the debugger no longer breaks at var declarations
without initialization. This is in accordance with the fact that the
interpreter does not emit bytecode for uninitialized var declarations.
Also fix the bytecode to match full-codegen's behavior wrt return
positions:
- there is a break location before the return statement, with the source
position of the return statement.
- right before the actual return, there is another break location. The
source position points to the end of the function.
R=rmcilroy@chromium.org, vogelheim@chromium.orgTBR=rossberg@chromium.org
BUG=v8:4690
LOG=N
Review URL: https://codereview.chromium.org/1744123003
Cr-Commit-Position: refs/heads/master@{#34388}
ArrayIteratorPrototype must not provide Symbol.iterator.
R=rossberg
BUG=
Review URL: https://codereview.chromium.org/1749093002
Cr-Commit-Position: refs/heads/master@{#34386}
The for-of-finalization CL incorrectly removed the input argument from
BuildIteratorClose. I'm reverting this, adding a regression test, and fixing an
existing test that was wrong.
BUG=
R=rossberg
Review URL: https://codereview.chromium.org/1750543002
Cr-Commit-Position: refs/heads/master@{#34384}
The code used to [[Get]] the first element twice instead of once, which can be
observed (one of the kangax tests does so).
R=rossberg
BUG=
Review URL: https://codereview.chromium.org/1747933002
Cr-Commit-Position: refs/heads/master@{#34383}
Reason for revert:
ARM64 GCStress failure
Original issue's description:
> [crankshaft] Inline hasOwnProperty when used in fast-case for-in
>
> e.g.,
>
> for (var k in o) {
> if (!o.hasOwnProperty(k)) continue;
> ...
> }
>
> without enumerable properties on the prototype chain of o.
>
> BUG=
>
> Committed: https://crrev.com/dec80752eb344dfeb85588e61ac0afd22b11aadb
> Cr-Commit-Position: refs/heads/master@{#34379}
TBR=bmeurer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review URL: https://codereview.chromium.org/1748143004
Cr-Commit-Position: refs/heads/master@{#34380}
e.g.,
for (var k in o) {
if (!o.hasOwnProperty(k)) continue;
...
}
without enumerable properties on the prototype chain of o.
BUG=
Review URL: https://codereview.chromium.org/1742253002
Cr-Commit-Position: refs/heads/master@{#34379}
Operations on word size data must be word sized, and not word32.
Currently this only generates worse code, but in the future, it
might even generate wrong code, so we should better get this right
from the beginning.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1748953004
Cr-Commit-Position: refs/heads/master@{#34378}
