The ES2015 spec is missing an extension of sloppy-mode block-scoped function
behavior to the global scope in scripts, as well as to eval. This patch
brings that hoisting to those two areas. The behavior is not perfectly
spec-compliant since properties created on the global scope should be
set as enumerable even if they are non-enumerable previously, but the
attributes will not be modified if the property already exists under
this patch.
BUG=v8:4441
LOG=Y
R=adamk
TEST=reddit comment functionality seems to be fixed
Review URL: https://codereview.chromium.org/1376623002
Cr-Commit-Position: refs/heads/master@{#31037}
Arrow functions have been enabled by default since the 4.5 branch.
Review URL: https://codereview.chromium.org/1373633002
Cr-Commit-Position: refs/heads/master@{#31031}
Added ScopeDetails.name field for closure scopes. It contains function's debug name of current context of scope.
BUG=493156
LOG=Y
R=yurys@chromium.org,yangguo@chromium.org
Review URL: https://codereview.chromium.org/1375813002
Cr-Commit-Position: refs/heads/master@{#31028}
This name makes it clear that the flag (also the variant in the Compiler)
is talking about specializing to the function context instead of i.e. the
native context.
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/1372513003
Cr-Commit-Position: refs/heads/master@{#30934}
The actual Function.prototype.toMethod was removed some time already,
but there were some stuff (esp. %ToMethod) left in the tree, including
tests for %ToMethod. This code (and esp. the tests) cause trouble in
the process of moving bound functions away from JSFunction; so since
the code is unused anyway, we can as well remove it.
The original removal of Function.prototype.toMethod was in February
2015 in 68e4897586.
R=jarin@chromium.org
BUG=v8:3330
LOG=n
Review URL: https://codereview.chromium.org/1366063002
Cr-Commit-Position: refs/heads/master@{#30925}
Since https://codereview.chromium.org/366103005 the promise tests null out
various globals, to ensure the promise implementation doesn’t itself rely
on functions patchable by monkeys.
Unfortunately, doing so breaks test assertion failures which rely on
those globals.
This isn’t the ideal solution, but does improve the current state.
R=littledan@chromium.org,domenic@chromium.org
LOG=N
BUG=
Review URL: https://codereview.chromium.org/1370583002
Cr-Commit-Position: refs/heads/master@{#30922}
Introduce a new macro TO_STRING that maps to %_ToString and use that
instead of calling into any of the ToString/NonStringToString JavaScript
builtins. Also remove the TO_STRING_INLINE macro, which is basically
obsolete with %_ToString. We still have a few uses of ToString left (via
the utils export mechanism), where we need to investigate whether we
will tank badly if we replace them with TO_STRING as well.
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg,v8_linux_nosnap_dbg
R=yangguo@chromium.org
BUG=v8:4307
LOG=n
Review URL: https://codereview.chromium.org/1323543002
Cr-Commit-Position: refs/heads/master@{#30895}
Whenever a generalization is computed, the inputs must be checked for being cleared, and if they are, the generalization must be Type::Any.
Hopefully this fixes Chromium issue 527994 as well.
BUG=v8:4325,chromium:527994
LOG=n
Review URL: https://codereview.chromium.org/1361103002
Cr-Commit-Position: refs/heads/master@{#30887}
This CL also renames wrongly named test for v8:4173.
BUG=v8:4121
LOG=Y
Review URL: https://codereview.chromium.org/1353363002
Cr-Commit-Position: refs/heads/master@{#30879}
This adds the materialized literal count accumulated while parsing the
parameters (in the parser proper) to that accumulated by the preparser.
This should have been caught in cctest/test-parsing, but it's not covered
because the parsing tests call directly into the preparser rather than
using Parser::ParseFunctionLiteral (which fully-parses the parameters
and then calls into the preparser to skip over the function body).
Note that this further-inflates the materialized literal count for
functions with destructured arguments, since some of the counted
literals are actually binding patterns. But that's not specific to
binding patterns in formal parameters: it happens in function bodies, too.
BUG=v8:4400,v8:4407
LOG=n
Review URL: https://codereview.chromium.org/1350913005
Cr-Commit-Position: refs/heads/master@{#30868}
Weak classes can inherit from strong ones again, a strong base class makes
instances strong.
BUG=v8:3956
LOG=N
Review URL: https://codereview.chromium.org/1347243004
Cr-Commit-Position: refs/heads/master@{#30867}
If @@toStringTag is an accessor property, we cannot assume that the result
of calling Object.prototype.toString() for objects with the same map.
R=adamk@chromium.org
BUG=chromium:534200
LOG=n
Review URL: https://codereview.chromium.org/1360723002
Cr-Commit-Position: refs/heads/master@{#30856}
Previously we only collected the known map for equality comparisons. But
if we also collect it for relational comparisons, we can inline a fast
path of ToPrimitive on the objects, which is especially interesting
since both sides have the same map.
For now we only inline a very limited subset of ToPrimitive in
Crankshaft, which is when the receiver map (and its prototype chain)
doesn't have @@toPrimitive, and both valueOf and toString are the
default versions on the %ObjectPrototype%. In this case the relational
comparison would reduce to a string comparison of "[object CLASS]" with
itself and so we can reduce that to a boolean constant plus map checks
on both left and right hand side, plus code dependencies on the
prototype chain. This repairs the regression on box2d.
R=jkummerow@chromium.org
BUG=chromium:534200
LOG=n
Review URL: https://codereview.chromium.org/1355113002
Cr-Commit-Position: refs/heads/master@{#30852}
ES2015 specifies very particular semantics for functions defined in blocks.
In strict mode, it is simply a lexical binding scoped to that block. In sloppy
mode, in addition to that lexical binding, there is a var-style binding in
the outer scope, which is overwritten with the local binding when the function
declaration is evaluated, *as long as* introducing ths var binding would not
create a var/let conflict in the outer scope.
This patch implements the semantics by introducing a DelegateStatement, which
is initially filled in with the EmptyStatement and overwritten with the
assignment when the scope is closed out and it can be checked that there is
no conflict.
This patch is tested with a new mjsunit test, and I tried staging it and running
test262, finding that the tests that we have disabled due to lack of Annex B
support now pass.
R=adamk,rossberg
LOG=Y
BUG=v8:4285
Review URL: https://codereview.chromium.org/1332873003
Cr-Commit-Position: refs/heads/master@{#30842}
It's been enabled since M45, which is now well into its stable period,
with no problems reported.
Review URL: https://codereview.chromium.org/1356793002
Cr-Commit-Position: refs/heads/master@{#30835}
Typed arrays from the snapshot start out in the young space but they
all seem to end up in the old space sooner or later anyway. Let's
expedite that by allocating them in the old space right away.
Review URL: https://codereview.chromium.org/1347263003
Cr-Commit-Position: refs/heads/master@{#30804}
Now run-tests.py understands "suite/foo/bar" with forward slashes for
command-line test selection on all test suites on all platforms.
Previously, file-based suites like mjsunit also accepted "mjsunit/foo\bar";
that behavior is sacrificed here in favor of unification. For the cctest
suite, OTOH, it wasn't possible on Windows to select specific tests at all.
Original review: https://codereview.chromium.org/1348653003/
This reverts commit 5f44a91059.
NOTRY=true
Review URL: https://codereview.chromium.org/1356613002
Cr-Commit-Position: refs/heads/master@{#30798}
Reason for revert:
mozilla tests are failing on Windows
Original issue's description:
> [test] Fix cctest path separators on Windows
>
> Now run-tests.py understands "suite/foo/bar" with forward slashes for
> command-line test selection on all test suites on all platforms.
>
> Previously, file-based suites like mjsunit also accepted "mjsunit/foo\bar";
> that behavior is sacrificed here in favor of unification. For the cctest
> suite, OTOH, it wasn't possible on Windows to select specific tests at all.
>
> Committed: https://crrev.com/b36cfdb39ae648b49a1396c4f669df9b1f57996c
> Cr-Commit-Position: refs/heads/master@{#30794}
TBR=machenbach@google.com,machenbach@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review URL: https://codereview.chromium.org/1349163002
Cr-Commit-Position: refs/heads/master@{#30795}
Now run-tests.py understands "suite/foo/bar" with forward slashes for
command-line test selection on all test suites on all platforms.
Previously, file-based suites like mjsunit also accepted "mjsunit/foo\bar";
that behavior is sacrificed here in favor of unification. For the cctest
suite, OTOH, it wasn't possible on Windows to select specific tests at all.
Review URL: https://codereview.chromium.org/1348653003
Cr-Commit-Position: refs/heads/master@{#30794}
Defines a new --harmony-tolength flag, and a ToLengthFlagged() runtime function,
that is used where ES6 requires ToLength(), but a pre-ES6 conversion existed
before. When the flag is disabled, the function uses TO_UINT32(), which is
the pre-ES6 behaviour. When the flag enabled, the ES6-compliant ToLength()
conversion is used.
Based on a patch initially from Diego Pino <dpino@igalia.com>
BUG=v8:3087
LOG=Y
Review URL: https://codereview.chromium.org/1309243003
Cr-Commit-Position: refs/heads/master@{#30772}
Add support for `get` and `set` as shorthand properties. Also
supports them for CoverInitializedName in BindingPatterns and (once implemented)
AssignmentPatterns.
BUG=v8:4412, v8:3584
LOG=N
R=adamk, aperez, wingo, rossberg
Review URL: https://codereview.chromium.org/1328083002
Cr-Commit-Position: refs/heads/master@{#30769}
Mark ArrayLiterals utilizing the spread operator as non-simple.
This causes them to return false for IsCompileTimeValue, and thus
causes spread to work as expected in nested literals.
BUG=v8:4417
LOG=y
Review URL: https://codereview.chromium.org/1336123002
Cr-Commit-Position: refs/heads/master@{#30754}
The ES6 specification says that "Built-in functions that are ECMAScript
function objects must be strict mode functions", which in particular
means that you can never test for them using the "caller" field of a
sloppy mode function.
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg,v8_linux_nosnap_dbg
R=mstarzinger@chromium.org
BUG=v8:105
LOG=n
Review URL: https://codereview.chromium.org/1347663002
Cr-Commit-Position: refs/heads/master@{#30750}
The assumption that every function body produces a value does not hold
for functions that e.g. unconditionally throw or endlessly loop. This
fixes the inlining logic to handle such cases.
R=bmeurer@chromium.org
TEST=mjsunit/regress/regress-crbug-530598
BUG=chromium:530598
LOG=n
Review URL: https://codereview.chromium.org/1333193005
Cr-Commit-Position: refs/heads/master@{#30738}
In certiain cases the ArgumentsIteratorSetter would trigger an invalid
state in the LookupIterator when being overridden. This is now solved
by bypassing the SetDataProperty and directly using
DefinePropertyOrElementIgnoringAttributes since we know exactly which
property we're going to install
LOG=N
BUG=chromium:521484
Review URL: https://codereview.chromium.org/1332873002
Cr-Commit-Position: refs/heads/master@{#30705}
Inner functions must be eagerly parsed for scope analysis, but the full AST is
also kept around even though it's not needed.
This CL mitigates this problem by allocating some AstNodes of the inner function
to a temporary Zone which is deallocated once the scope information has been
built. The remaining nodes (such as VariableProxy) must persist until scope
analysis actually happens, and have to be allocated to a parser-persistent Zone.
BUG=417697
LOG=N
Review URL: https://codereview.chromium.org/1304923004
Cr-Commit-Position: refs/heads/master@{#30685}
Replace the ADD, SUB, etc. builtins with proper runtime implementations,
and expose them as runtime calls that can be used by the code stubs and
the interpreter (for now).
Also remove all the support runtime functions for ADD, SUB and friends,
namely %NumberAdd, %NumberSub, and so on.
R=mstarzinger@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg,v8_linux_nosnap_dbg
Review URL: https://codereview.chromium.org/1333843002
Cr-Commit-Position: refs/heads/master@{#30680}
When looking up a special accessor for known TypedArray fields
("length", "byteLength", "byteOffset"), consider the entire prototype
chain, not only the direct prototype.
This allows subclasses of TypedArrays to benefit from fast specialized
accesses.
Review URL: https://codereview.chromium.org/1313493005
Cr-Commit-Position: refs/heads/master@{#30678}
The two tests in question got a lot slower and started to timeout now
that the C++ fallback implementation of the %Arguments intrinsics is
composable with respect to inlining.
R=bmeurer@chromium.org,machenbach@chromium.org
Review URL: https://codereview.chromium.org/1330203003
Cr-Commit-Position: refs/heads/master@{#30674}
Update the consolidated load case to carefully chose the load mode
based on the consolidated elements kind.
BUG=v8:4380
LOG=N
Review URL: https://codereview.chromium.org/1329793003
Cr-Commit-Position: refs/heads/master@{#30659}
This makes the C++ fallback implementations for the two intrinsics,
%Arguments and %ArgumentsLength composable with respect to inlining.
Using deoptimization information gives us accurate data here.
R=bmeurer@chromium.org
TEST=mjsunit/regress/regress-4374
BUG=v8:4374
LOG=n
Review URL: https://codereview.chromium.org/1328363002
Cr-Commit-Position: refs/heads/master@{#30654}
This switches Isolate::ComputeLocation to use baseline code when
computing message locations. This unifies locations between optimized
and non-optimized code by always going through the FrameSummary for
location computation.
R=bmeurer@chromium.org
TEST=message/regress/regress-4266
BUG=v8:4266
LOG=n
Review URL: https://codereview.chromium.org/1331603002
Cr-Commit-Position: refs/heads/master@{#30635}
The semantics of the %_CallFunction intrinsic seem to be very unclear,
which resulted in a lot of bugs. Especially the combination with
%IsSloppyModeFunction is always a bug, because the receiver would be
wrapped in the wrong context. So the %IsSloppyModeFunction helper is
gone now, and many of the buggy uses of %_CallFunction are also
eliminated.
If you ever need to call something with a different receiver, then
%_Call is your friend now. It does what you want and implements the
call sequence fully (and correct).
BUG=v8:4413
LOG=n
Review URL: https://codereview.chromium.org/1325573004
Cr-Commit-Position: refs/heads/master@{#30634}
- Moving parts of ArrayConcat from builtins.cc to the ElementsAccessor
- Removing ArrayConcat Runtime Function
BUG=v8:4317
LOG=N
Review URL: https://codereview.chromium.org/1330483003
Cr-Commit-Position: refs/heads/master@{#30619}
Wasm mjsunit tests aren't being detected when symlinked into
test/mjsunit/wasm. This causes symlinked directories in that
directory to be included.
BUG=None
TEST=local
R=dehrenberg@chromium.org
LOG=N
Review URL: https://codereview.chromium.org/1332463002
Cr-Commit-Position: refs/heads/master@{#30600}
Uses the lower byte with memchr which is
significantly faster than a naive compare
Performance difference with bench (http://hastebin.com/xuxexataso.js):
old new
single character single character
Κ found at 922 Κ found at 922
3324 616
㎡ found at 13217 ㎡ found at 13217
42366 4931
က found at 4096 က found at 4096
13369 9836
found at 65280 found at 65280
207472 36149
ᆬ found at 65445 ᆬ found at 65445
209344 36666
found at 8197 found at 8197
26731 11757
倂 found at 20482 倂 found at 20482
66071 17193
linear search linear search
ΚΛ found at 922 ΚΛ found at 922
4112 504
㎡㎢ found at 13217 ㎡㎢ found at 13217
55105 5119
ᆬᆭ found at 65445 ᆬᆭ found at 65445
268016 35496
linear + bmh search linear + bmh search
ΚΛΜΝΞΟΠΡ found at 922 ΚΛΜΝΞΟΠΡ found at 922
2897 522
ᆬᆭᄃᄄᄅᆰᆱᆲ found at 65445 ᆬᆭᄃᄄᄅᆰᆱᆲ found at 65445
167687 35283
BUG=
Review URL: https://codereview.chromium.org/1324453007
Cr-Commit-Position: refs/heads/master@{#30597}
Reason for revert:
[Sheriff] Breaks fuzzer and msan:
http://build.chromium.org/p/client.v8/builders/V8%20Fuzzer/builds/4773
Repro with:
tools/fuzz-harness.sh out/Debug/d8
(in a ninja Debug build)
Msan:
http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/builds/4097
Original issue's description:
> Speedup stringsearch for two byte strings
>
> Uses the lower byte with memchr which is
> significantly faster than a naive compare
>
> Performance difference with bench (http://hastebin.com/xuxexataso.js):
>
> old new
>
> single character single character
> Κ found at 922 Κ found at 922
> 3324 616
> ㎡ found at 13217 ㎡ found at 13217
> 42366 4931
> က found at 4096 က found at 4096
> 13369 9836
> found at 65280 found at 65280
> 207472 36149
> ᆬ found at 65445 ᆬ found at 65445
> 209344 36666
> found at 8197 found at 8197
> 26731 11757
> 倂 found at 20482 倂 found at 20482
> 66071 17193
>
> linear search linear search
> ΚΛ found at 922 ΚΛ found at 922
> 4112 504
> ㎡㎢ found at 13217 ㎡㎢ found at 13217
> 55105 5119
> ᆬᆭ found at 65445 ᆬᆭ found at 65445
> 268016 35496
>
> linear + bmh search linear + bmh search
> ΚΛΜΝΞΟΠΡ found at 922 ΚΛΜΝΞΟΠΡ found at 922
> 2897 522
> ᆬᆭᄃᄄᄅᆰᆱᆲ found at 65445 ᆬᆭᄃᄄᄅᆰᆱᆲ found at 65445
> 167687 158465
>
> Committed: https://crrev.com/fced280f37588f8a232a414201276e053117e9ea
> Cr-Commit-Position: refs/heads/master@{#30587}
TBR=danno@chromium.org,mstarzinger@chromium.org,jkummerow@chromium.org,karl@skomski.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review URL: https://codereview.chromium.org/1331433002
Cr-Commit-Position: refs/heads/master@{#30588}
Uses the lower byte with memchr which is
significantly faster than a naive compare
Performance difference with bench (http://hastebin.com/xuxexataso.js):
old new
single character single character
Κ found at 922 Κ found at 922
3324 616
㎡ found at 13217 ㎡ found at 13217
42366 4931
က found at 4096 က found at 4096
13369 9836
found at 65280 found at 65280
207472 36149
ᆬ found at 65445 ᆬ found at 65445
209344 36666
found at 8197 found at 8197
26731 11757
倂 found at 20482 倂 found at 20482
66071 17193
linear search linear search
ΚΛ found at 922 ΚΛ found at 922
4112 504
㎡㎢ found at 13217 ㎡㎢ found at 13217
55105 5119
ᆬᆭ found at 65445 ᆬᆭ found at 65445
268016 35496
linear + bmh search linear + bmh search
ΚΛΜΝΞΟΠΡ found at 922 ΚΛΜΝΞΟΠΡ found at 922
2897 522
ᆬᆭᄃᄄᄅᆰᆱᆲ found at 65445 ᆬᆭᄃᄄᄅᆰᆱᆲ found at 65445
167687 158465
Review URL: https://codereview.chromium.org/1303033012
Cr-Commit-Position: refs/heads/master@{#30587}
- Use the new ElementsAccessor methods
- improve test coverage
BUG=
Review URL: https://codereview.chromium.org/1317053006
Cr-Commit-Position: refs/heads/master@{#30546}
