Use the same mechanism that is already available for Crankshaft to not
leak all kinds of things in TurboFan generated code. Long-term we will
support weakness in a better way, but for now, just use the
infrastructure that is already in place to avoid memory leaks via
TurboFan generated code.
R=jarin@chromium.org, ulan@chromium.org
Review URL: https://codereview.chromium.org/1555743003
Cr-Commit-Position: refs/heads/master@{#33073}
Unify the constructors and isView methods for ArrayBuffer and
SharedArrayBuffer, moving them to C++ because there's no point
in having the JavaScript wrappers for them.
We choose to deliberately violate the ES2015 specification and
implement the ArrayBuffer constructor in a way that matches
Firefox and Safari instead.
CQ_INCLUDE_TRYBOTS=tryserver.blink:linux_blink_rel
BUG=chromium:565917, v8:4592
TBR=hpayer@chromium.orgR=cbruni@chromium.org
LOG=n
Committed: https://crrev.com/3235ccbb7826ceec2188f6ebab98fc851b54f60e
Cr-Commit-Position: refs/heads/master@{#32590}
Review URL: https://codereview.chromium.org/1500543002
Cr-Commit-Position: refs/heads/master@{#33072}
port b889d79de1e9af4719228536c736351c5680f25e(r33066)
original commit message:
In the vast majority of the cases when we call into the runtime we use
the default number of arguments. Hence, there is not need to specify it
again. This CL also removes TailCallExternalReference as there were no
users.
BUG=
Review URL: https://codereview.chromium.org/1559693002
Cr-Commit-Position: refs/heads/master@{#33070}
Rolling v8/buildtools to 6d0c448437825a1af0ad2ea28128dda474403cd7
Rolling v8/tools/clang to da84f132a581202117fb45bceec8327752c81283
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review URL: https://codereview.chromium.org/1554843002
Cr-Commit-Position: refs/heads/master@{#33069}
In a rare edge case, a difference in checks between C++ and
JavaScript lead to an 'illegal access' being thrown by the Date
constructor. This patch harmonizes the checks from both sides.
It's possible that slightly larger dates could be permitted,
as the ECMAScript 2015 specification indicates that +287396-10-12
would be a permissible date in the note in
http://tc39.github.io/ecma262/#sec-extended-years
This patch does not revisit the limit, only clears up the
inconsistency.
BUG=v8:4640
R=cbruni
LOG=Y
Review URL: https://codereview.chromium.org/1545883003
Cr-Commit-Position: refs/heads/master@{#33068}
Reason for revert:
Should be fixed again with this Blink change to add NeedsManualRebaseline
Original issue's description:
> Revert of Use ES2015-style TypedArray prototype chain (patchset #5 id:80001 of https://codereview.chromium.org/1541233002/ )
>
> Reason for revert:
> [Sheriff] Changes layout tests. Please fix upstream first if intended.
>
> https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/3689
>
> Original issue's description:
> > Use ES2015-style TypedArray prototype chain
> >
> > This patch switches TypedArrays to use the prototype chain described
> > in the ES2015 specification, which adds a %TypedArray% superclass above
> > all individual TypedArray types. Most methods are defined on the
> > superclass rather than the subclasses.
> >
> > In order to prevent a performance regression, a few methods are
> > marked as inline. Inlining might prevent code which was previously
> > monomorphic from becoming polymorphic, and it was specifically
> > applied in places where methods became more polymorphic than before.
> > Tests with realistic workloads would be nice to do before this
> > ships in stable.
> >
> > This patch does not bring TypedArrays up to full spec compliance. In
> > particular, @@species is not yet supported.
> >
> > R=cbruni
> > BUG=v8:4085
> > LOG=Y
> >
> > Committed: https://crrev.com/07c91dccbe55c7be3ec75857dee5ad59873330b7
> > Cr-Commit-Position: refs/heads/master@{#33050}
>
> TBR=caitpotter88@gmail.com,cbruni@chromium.org,littledan@chromium.org
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:4085
>
> Committed: https://crrev.com/28b55ffd1e32e09aaf42b8bbb407944d4808e07c
> Cr-Commit-Position: refs/heads/master@{#33053}
TBR=caitpotter88@gmail.com,cbruni@chromium.org,machenbach@chromium.org
BUG=v8:4085
LOG=Y
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Review URL: https://codereview.chromium.org/1558663002
Cr-Commit-Position: refs/heads/master@{#33067}
counts specified in runtime.h.
In the vast majority of the cases when we call into the runtime we use
the default number of arguments. Hence, there is not need to specify it
again. This CL also removes TailCallExternalReference as there were no
users.
BUG=
Review URL: https://codereview.chromium.org/1553703002
Cr-Commit-Position: refs/heads/master@{#33066}
This patch relands a change to ES2015 Promises which brings us closer to
spec compliance. In this new version, a bug which would lose async callstack
data was fixed.
R=adamk
CC=rossberg,caitp
LOG=Y
BUG=v8:3641
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Review URL: https://codereview.chromium.org/1538663002
Cr-Commit-Position: refs/heads/master@{#33065}
Port 97def8070c
Original commit message:
According to the ES2015 specification, bound functions are exotic
objects, and thus don't need to be implemented as JSFunctions. So
we introduce a new JSBoundFunction type to represent bound functions
and make them optimizable. This already improves the performance of
calling or constructing bound functions by 10-100x depending on the
use case because we avoid the crazy dance between JavaScript and C++
that was implemented in v8natives.js previously.
There's still room for improvement in the performance of actually
creating bound functions, which is also relevant in practice, but
we already have a plan how to accomplish that later.
R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=chromium:535408, chromium:571299, v8:4629
LOG=n
Review URL: https://codereview.chromium.org/1559473002
Cr-Commit-Position: refs/heads/master@{#33064}
There's no point in keeping the ObjectCreate JavaScript wrapper
function, which even does allocation site pretenuring for the
instances created via Object.create (where ObjectCreate itself is
the AllocationSite), and does not offer any sane way forward.
Instead introduce a new ObjectCreate C++ builtin, which currently
serves as a baseline implementation, on top of which we can think
about ways to optimize Object.create for the common case (i.e.
frameworks such as Ember.js make heavy use of Object.create).
R=cbruni@chromium.orgTBR=hpayer@chromium.org
Review URL: https://codereview.chromium.org/1558433002
Cr-Commit-Position: refs/heads/master@{#33061}
JumpToExternalReference ignored the passed-in result_size argument, which
defaulted to 1. This change updates all users to not use a result_size.
BUG=
Review URL: https://codereview.chromium.org/1550923002
Cr-Commit-Position: refs/heads/master@{#33059}
This matches the behavior of JSObject::JSObjectVerify() and seems to be
the current contract for --verify-heap.
BUG=chromium:572590
LOG=n
Review URL: https://codereview.chromium.org/1553463002
Cr-Commit-Position: refs/heads/master@{#33056}
Reason for revert:
[Sheriff] Changes layout tests. Please fix upstream first if intended.
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/3689
Original issue's description:
> Use ES2015-style TypedArray prototype chain
>
> This patch switches TypedArrays to use the prototype chain described
> in the ES2015 specification, which adds a %TypedArray% superclass above
> all individual TypedArray types. Most methods are defined on the
> superclass rather than the subclasses.
>
> In order to prevent a performance regression, a few methods are
> marked as inline. Inlining might prevent code which was previously
> monomorphic from becoming polymorphic, and it was specifically
> applied in places where methods became more polymorphic than before.
> Tests with realistic workloads would be nice to do before this
> ships in stable.
>
> This patch does not bring TypedArrays up to full spec compliance. In
> particular, @@species is not yet supported.
>
> R=cbruni
> BUG=v8:4085
> LOG=Y
>
> Committed: https://crrev.com/07c91dccbe55c7be3ec75857dee5ad59873330b7
> Cr-Commit-Position: refs/heads/master@{#33050}
TBR=caitpotter88@gmail.com,cbruni@chromium.org,littledan@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4085
Review URL: https://codereview.chromium.org/1554523002
Cr-Commit-Position: refs/heads/master@{#33053}
When calling into C++ for a ConstructStub, we need to enter the target
context manually currently, which seems to be too fragile and easy to
forget. So instead of doing that manually, we just always enter the
correct context in the trampoline.
Drive-by-fix: Trivial cleanups for some builtins.
R=cbruni@chromium.org
Review URL: https://codereview.chromium.org/1551473002
Cr-Commit-Position: refs/heads/master@{#33051}
This patch switches TypedArrays to use the prototype chain described
in the ES2015 specification, which adds a %TypedArray% superclass above
all individual TypedArray types. Most methods are defined on the
superclass rather than the subclasses.
In order to prevent a performance regression, a few methods are
marked as inline. Inlining might prevent code which was previously
monomorphic from becoming polymorphic, and it was specifically
applied in places where methods became more polymorphic than before.
Tests with realistic workloads would be nice to do before this
ships in stable.
This patch does not bring TypedArrays up to full spec compliance. In
particular, @@species is not yet supported.
R=cbruni
BUG=v8:4085
LOG=Y
Review URL: https://codereview.chromium.org/1541233002
Cr-Commit-Position: refs/heads/master@{#33050}
When the 'y' flag was shipped, the property RegExp.prototype.unicode was
accidentally also shipped. However, the existence of this property should
be a usable feature testing point. This patch adds the 'unicode' getter on
RegExp.prototype only if the --harmony-regexp-unicode flag is turned on.
R=cbruni
CC=yangguo
BUG=v8:4644
LOG=Y
Review URL: https://codereview.chromium.org/1550713002
Cr-Commit-Position: refs/heads/master@{#33049}
Fix 97def8070c
On MIPS64, the address of BoundTargetFunction was calculated badly
because instruction ADD was used for this instead of instruction DADD.
This caused flaky crashes of several tests.
TEST=mjsunit/es6/debug-step-into-constructor,mjsunit/es6/array-of,
mjsunit/function-bind,...
BUG=
Review URL: https://codereview.chromium.org/1549383002
Cr-Commit-Position: refs/heads/master@{#33048}
port 97def8070c (r33044)
original commit message:
According to the ES2015 specification, bound functions are exotic
objects, and thus don't need to be implemented as JSFunctions. So
we introduce a new JSBoundFunction type to represent bound functions
and make them optimizable. This already improves the performance of
calling or constructing bound functions by 10-100x depending on the
use case because we avoid the crazy dance between JavaScript and C++
that was implemented in v8natives.js previously.
There's still room for improvement in the performance of actually
creating bound functions, which is also relevant in practice, but
we already have a plan how to accomplish that later.
The mips/mips64 ports were contributed by akos.palfi@imgtec.com.
BUG=
Review URL: https://codereview.chromium.org/1548253002
Cr-Commit-Position: refs/heads/master@{#33046}
As the operand in double register is put into stack, the SP delta should be increased too similar to
the operand of kX87Push is in double slot of stack.
BUG=
Review URL: https://codereview.chromium.org/1549133002
Cr-Commit-Position: refs/heads/master@{#33045}
According to the ES2015 specification, bound functions are exotic
objects, and thus don't need to be implemented as JSFunctions. So
we introduce a new JSBoundFunction type to represent bound functions
and make them optimizable. This already improves the performance of
calling or constructing bound functions by 10-100x depending on the
use case because we avoid the crazy dance between JavaScript and C++
that was implemented in v8natives.js previously.
There's still room for improvement in the performance of actually
creating bound functions, which is also relevant in practice, but
we already have a plan how to accomplish that later.
The mips/mips64 ports were contributed by akos.palfi@imgtec.com.
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
BUG=chromium:535408, chromium:571299, v8:4629
LOG=n
Committed: https://crrev.com/ca8623eaa468cba65a5adafcdfb4615966f43ce2
Cr-Commit-Position: refs/heads/master@{#33042}
Review URL: https://codereview.chromium.org/1542963002
Cr-Commit-Position: refs/heads/master@{#33044}
Reason for revert:
Breaks arm64 sim nosnap: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20nosnap%20-%20debug/builds/805/steps/Check/logs/function-bind
Original issue's description:
> [runtime] Introduce dedicated JSBoundFunction to represent bound functions.
>
> According to the ES2015 specification, bound functions are exotic
> objects, and thus don't need to be implemented as JSFunctions. So
> we introduce a new JSBoundFunction type to represent bound functions
> and make them optimizable. This already improves the performance of
> calling or constructing bound functions by 10-100x depending on the
> use case because we avoid the crazy dance between JavaScript and C++
> that was implemented in v8natives.js previously.
>
> There's still room for improvement in the performance of actually
> creating bound functions, which is also relevant in practice, but
> we already have a plan how to accomplish that later.
>
> The mips/mips64 ports were contributed by akos.palfi@imgtec.com.
>
> CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
> BUG=chromium:535408, chromium:571299, v8:4629
> LOG=n
>
> Committed: https://crrev.com/ca8623eaa468cba65a5adafcdfb4615966f43ce2
> Cr-Commit-Position: refs/heads/master@{#33042}
TBR=cbruni@chromium.org,hpayer@chromium.org,yangguo@chromium.org,akos.palfi@imgtec.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:535408, chromium:571299, v8:4629
Review URL: https://codereview.chromium.org/1552473002
Cr-Commit-Position: refs/heads/master@{#33043}
According to the ES2015 specification, bound functions are exotic
objects, and thus don't need to be implemented as JSFunctions. So
we introduce a new JSBoundFunction type to represent bound functions
and make them optimizable. This already improves the performance of
calling or constructing bound functions by 10-100x depending on the
use case because we avoid the crazy dance between JavaScript and C++
that was implemented in v8natives.js previously.
There's still room for improvement in the performance of actually
creating bound functions, which is also relevant in practice, but
we already have a plan how to accomplish that later.
The mips/mips64 ports were contributed by akos.palfi@imgtec.com.
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
BUG=chromium:535408, chromium:571299, v8:4629
LOG=n
Review URL: https://codereview.chromium.org/1542963002
Cr-Commit-Position: refs/heads/master@{#33042}
Per request in https://codereview.chromium.org/1047213002/
These files will continue to have a lot of churn in next two months
as we finish support for MIPS r6 instruction set. When things settle
down, we will do a clang-format --full to clean them up. For now,
we'd prefer to be able to do easy diffs, and will do incremental
re-formats as we make changes.
BUG=
Review URL: https://codereview.chromium.org/1546973003
Cr-Commit-Position: refs/heads/master@{#33038}
In Builtins::Generate_Construct, the system was trying to
call ConstructProxy on a Proxy object without a constructor
because it was checking the wrong bit in the Proxy object's
supported operation mask.
TEST=test262/built-ins/Proxy/create-target-is-not-constructor
BUG=
Review URL: https://codereview.chromium.org/1545983002
Cr-Commit-Position: refs/heads/master@{#33036}
port d3f074b231 (r33024)
original commit message:
We'll be able to optimize rest parameters in TurboFan similarly to the arguments array. This CL restores the previous behavior, and a follow-on will enable TurboFan optimization.
(TBR for rossberg since we discussed the revert beforehand. The only changes are a few lines related to tests and rebasing.)
BUG=
Review URL: https://codereview.chromium.org/1545053002
Cr-Commit-Position: refs/heads/master@{#33034}
atOrUndefined() will return undefined if the index is >= length()
BUG=
Review URL: https://codereview.chromium.org/1541413002
Cr-Commit-Position: refs/heads/master@{#33033}
We'll be able to optimize rest parameters in TurboFan similarly to the arguments array. This CL restores the previous behavior, and a follow-on will enable TurboFan optimization.
(TBR for rossberg since we discussed the revert beforehand. The only changes are a few lines related to tests and rebasing.)
TBR=rossberg@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1537683002
Cr-Commit-Position: refs/heads/master@{#33024}