Only CPSR_f is supported, and then only for the flags that we actually
simulate (NZCV). This isn't currently used, but will be useful for some
tests.
BUG=
Review URL: https://codereview.chromium.org/1776933003
Cr-Commit-Position: refs/heads/master@{#34662}
Previously, optimization has been disabled because of an assertion
failure, which requires the context to be linked into the weak native
context list of the heap.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/1777883003
Cr-Commit-Position: refs/heads/master@{#34661}
This is highly performance sensitive as there is no faster path; it's
used directly by the IC.
BUG=chromium:592305
LOG=n
Review URL: https://codereview.chromium.org/1778493005
Cr-Commit-Position: refs/heads/master@{#34660}
Changes include:
- better test coverage for builds with snapshot
- write snapshot blobs to buffer instead of test serialization files
- renamed tests
R=machenbach@chromium.org
Review URL: https://codereview.chromium.org/1777213002
Cr-Commit-Position: refs/heads/master@{#34657}
We must close the iterator whenever the destructuring didn't exhaust it, unless an iterator operation (eg. next) threw. We do this by wrapping the iterator use in a try-catch-finally similar to the desugaring of for-of.
This is behind --harmony-iterator-close.
R=adamk@chromium.org
BUG=v8:3566
LOG=Y
Review URL: https://codereview.chromium.org/1772793002
Cr-Commit-Position: refs/heads/master@{#34654}
port 5096492f1b (r34627)
original commit message:
- Eliminate stubs with a variable number of arguments.
(That only worked due to their very limited use. These
stubs' interface descriptors were basically lying
about their number of args, which will fail when used
generically.)
- Fix all CallApi*Stubs' interface descriptors to no
longer lie about their arguments.
- Unify CallApi*Stub, for * in Function, Accessor,
FunctionWithFixedArgs.
(Since these are now all doing the same thing.)
- Rename the unified stub (and interface descriptors) to
*ApiCallback*, since that's really what they're doing.
- Refuse inlining an API callback if its number of
parameters exceeds the supported number of args.
BUG=
Review URL: https://codereview.chromium.org/1783713002
Cr-Commit-Position: refs/heads/master@{#34652}
port c29a4560bb548fa0ebeec8262f9d6fca9d50fe7a(r34610)
original commit message:
In case when F was called with incompatible number of arguments (and therefore
the arguments adator frame was created), F inlines a tail call of G which then
deopts the deoptimizer should also remove the arguments adaptor frame for F.
This CL adds required machinery to the deoptimizer.
BUG=
Review URL: https://codereview.chromium.org/1785593002
Cr-Commit-Position: refs/heads/master@{#34651}
port 679d9503cffe631cb3b938627274aea10893069c(r34608)
original commit message:
According to https://www.w3.org/TR/html5/obsolete.html#dom-document-all,
comparisons of document.all to other values such as strings or objects,
are unaffected. In fact document.all only gets special treatment in
comparisons with null or undefined according to HTML. Especially setting
the undetectable doesn't make two distinct JSReceivers equal.
BUG=
Review URL: https://codereview.chromium.org/1784763002
Cr-Commit-Position: refs/heads/master@{#34650}
port 9dcd0857d6 (r34571)
original commit message:
Before this CL, various code stubs used different techniques
for marking their frames to enable stack-crawling and other
access to data in the frame. All of them were based on a abuse
of the "standard" frame representation, e.g. storing the a
context pointer immediately below the frame's fp, and a
function pointer after that. Although functional, this approach
tends to make stubs and builtins do an awkward, unnecessary
dance to appear like standard frames, even if they have
nothing to do with JavaScript execution.
This CL attempts to improve this by:
* Ensuring that there are only two fundamentally different
types of frames, a "standard" frame and a "typed" frame.
Standard frames, as before, contain both a context and
function pointer. Typed frames contain only a minimum
of a smi marker in the position immediately below the fp
where the context is in standard frames.
* Only interpreted, full codegen, and optimized Crankshaft and
TurboFan JavaScript frames use the "standard" format. All
other frames use the type frame format with an explicit
marker.
* Typed frames can contain one or more values below the
type marker. There is new magic macro machinery in
frames.h that simplifies defining the offsets of these fields
in typed frames.
* A new flag in the CallDescriptor enables specifying whether
a frame is a standard frame or a typed frame. Secondary
register location spilling is now only enabled for standard
frames.
* A zillion places in the code have been updated to deal with
the fact that most code stubs and internal frames use the
typed frame format. This includes changes in the
deoptimizer, debugger, and liveedit.
* StandardFrameConstants::kMarkerOffset is deprecated,
(CommonFrameConstants::kContextOrFrameTypeOffset
and StandardFrameConstants::kFrameOffset are now used
in its stead).
BUG=
Review URL: https://codereview.chromium.org/1774353002
Cr-Commit-Position: refs/heads/master@{#34648}
This flag bans illegal (and likely useless) constructs like
for (;;) function f() {}
R=adamk
BUG=v8:4824
LOG=Y
Review URL: https://codereview.chromium.org/1781653005
Cr-Commit-Position: refs/heads/master@{#34646}
Port c29a4560bb
Original commit message:
In case when F was called with incompatible number of arguments (and therefore
the arguments adator frame was created), F inlines a tail call of G which then
deopts the deoptimizer should also remove the arguments adaptor frame for F.
This CL adds required machinery to the deoptimizer.
R=ishell@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:4698
LOG=N
Review URL: https://codereview.chromium.org/1775393004
Cr-Commit-Position: refs/heads/master@{#34644}
Port 9dcd0857d6
Original commit message:
Before this CL, various code stubs used different techniques
for marking their frames to enable stack-crawling and other
access to data in the frame. All of them were based on a abuse
of the "standard" frame representation, e.g. storing the a
context pointer immediately below the frame's fp, and a
function pointer after that. Although functional, this approach
tends to make stubs and builtins do an awkward, unnecessary
dance to appear like standard frames, even if they have
nothing to do with JavaScript execution.
This CL attempts to improve this by:
* Ensuring that there are only two fundamentally different
types of frames, a "standard" frame and a "typed" frame.
Standard frames, as before, contain both a context and
function pointer. Typed frames contain only a minimum
of a smi marker in the position immediately below the fp
where the context is in standard frames.
* Only interpreted, full codegen, and optimized Crankshaft and
TurboFan JavaScript frames use the "standard" format. All
other frames use the type frame format with an explicit
marker.
* Typed frames can contain one or more values below the
type marker. There is new magic macro machinery in
frames.h that simplifies defining the offsets of these fields
in typed frames.
* A new flag in the CallDescriptor enables specifying whether
a frame is a standard frame or a typed frame. Secondary
register location spilling is now only enabled for standard
frames.
* A zillion places in the code have been updated to deal with
the fact that most code stubs and internal frames use the
typed frame format. This includes changes in the
deoptimizer, debugger, and liveedit.
* StandardFrameConstants::kMarkerOffset is deprecated,
(CommonFrameConstants::kContextOrFrameTypeOffset
and StandardFrameConstants::kFrameOffset are now used
in its stead).
R=danno@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1778713002
Cr-Commit-Position: refs/heads/master@{#34643}
When an Array subclass is used as the receiver for concat, or with
certain usages of @@species, the output that's constructed is of
a different type with new slow path logic. This slow path still
made references to elements, so it's important that bounds checking
for a too-long result still be done. This patch repairs that bounds
checking.
R=cbruni
LOG=Y
BUG=chromium:592340
Review URL: https://codereview.chromium.org/1782443002
Cr-Commit-Position: refs/heads/master@{#34636}
Reading the registers' values back from the FrameDescription
should use the same offset computation as storing them into it.
The offsets must also match what the deoptimizer expects, which
is rx at offset rx.code() * kDoubleSize, even if some registers
are not saved (leaving gaps).
BUG=v8:4800
LOG=n
R=danno@chromium.org
Review URL: https://codereview.chromium.org/1769833006
Cr-Commit-Position: refs/heads/master@{#34633}
Port 9d0cf920bd
Bug Descriptions:
1. We are missing drotr32 instruction
2. Ror Macro should also handle values less than zero or bigger than 31, as WASM instruction kExprI32Rol will generate shifting operands beyond [0 .. 31] range.
3. Same as Dror.
4. drotrv instruction in simulator is incorrect.
BUG=
TEST=cctest/test-run-wasm/Run_WasmInt32Binops,cctest/test-run-wasm/Run_WasmInt64Binops
Review URL: https://codereview.chromium.org/1776623002
Cr-Commit-Position: refs/heads/master@{#34632}
- Eliminate stubs with a variable number of arguments.
(That only worked due to their very limited use. These
stubs' interface descriptors were basically lying
about their number of args, which will fail when used
generically.)
- Fix all CallApi*Stubs' interface descriptors to no
longer lie about their arguments.
- Unify CallApi*Stub, for * in Function, Accessor,
FunctionWithFixedArgs.
(Since these are now all doing the same thing.)
- Rename the unified stub (and interface descriptors) to
*ApiCallback*, since that's really what they're doing.
- Refuse inlining an API callback if its number of
parameters exceeds the supported number of args.
BUG=
Committed: https://crrev.com/d238b953a474272c0e3ea22ef6a9b63fa9729340
Cr-Commit-Position: refs/heads/master@{#34614}
Review URL: https://codereview.chromium.org/1748123003
Cr-Commit-Position: refs/heads/master@{#34627}
The CharacterRange constructor checks the input for validity. However,
CharacterRange::Singleton also uses the constructor and may have
kEndMarker as input, causing the check to fail.
The solution is to move the check to CharacterRange::Range and
consistently use it across the code base.
R=jkummerow@chromium.org
BUG=chromium:593282
LOG=N
Review URL: https://codereview.chromium.org/1776013003
Cr-Commit-Position: refs/heads/master@{#34626}
Reason for revert:
Breaks Chromium.
Original issue's description:
> Rework CallApi*Stubs.
>
> - Eliminate stubs with a variable number of arguments.
> (That only worked due to their very limited use. These
> stubs' interface descriptors were basically lying
> about their number of args, which will fail when used
> generically.)
> - Fix all CallApi*Stubs' interface descriptors to no
> longer lie about their arguments.
> - Unify CallApi*Stub, for * in Function, Accessor,
> FunctionWithFixedArgs.
> (Since these are now all doing the same thing.)
> - Rename the unified stub (and interface descriptors) to
> *ApiCallback*, since that's really what they're doing.
> - Refuse inlining an API callback if its number of
> parameters exceeds the supported number of args.
>
> BUG=
>
> Committed: https://crrev.com/d238b953a474272c0e3ea22ef6a9b63fa9729340
> Cr-Commit-Position: refs/heads/master@{#34614}
TBR=danno@chromium.org,jkummerow@chromium.org,mstarzinger@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review URL: https://codereview.chromium.org/1775933005
Cr-Commit-Position: refs/heads/master@{#34624}
I used a new category "v8.runtime" and all events are disabled by
default, so there shouldn't be any perf impact.
BUG=none
R=fmeawad@chromium.org,cbruni@chromium.org
Review URL: https://codereview.chromium.org/1770353002
Cr-Commit-Position: refs/heads/master@{#34620}
