Shifts of integer values are in some contexts collapsed by the parser into single literal AST nodes, rather than a direct representation of the parse tree. Confirming this behavior in tests.
Integer TypedArrays are assumed to load and store "intish" values rather than more fine-grained type information. Reducing the precision of the typing information to match the spec and simplify the wasm generator.
The asm spec requires load and store values of various "float?", "floatish", "double?" and "intish" types to ensure undefined values are not visible and that float32 rounding occurs at the right time. More closely matching this.
Adding additional testing around unsigned / signed comparisons, loads and stores.
Adding addition debug mode printing when asserting about types fail.
BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-asm-validator, wasm side tests
R=titzer@chromium.org,aseemgarg@chromium.org
LOG=N
Review URL: https://codereview.chromium.org/1471073003
Cr-Commit-Position: refs/heads/master@{#32419}
This disregards the code age heuristic when deciding whether to flush
code so that GC stress mode is more likely to flush out potential races
between our various "invariants".
R=hpayer@chromium.org
Review URL: https://codereview.chromium.org/1483993002
Cr-Commit-Position: refs/heads/master@{#32414}
This removes an overly complex predicate from the IsFlushable check
within the marking visitor. By now all JSFunction objects reference a
valid Context object, also builtin functions can be recognized without
looking at the JSFunction object.
R=hpayer@chromium.org
Review URL: https://codereview.chromium.org/1482363002
Cr-Commit-Position: refs/heads/master@{#32412}
Restore frame pointer directly from stack rather than copying it and
restoring. Also restore return address register directly on platforms that
support it.
BUG=v8:4076
LOG=n
Review URL: https://codereview.chromium.org/1488553002
Cr-Commit-Position: refs/heads/master@{#32410}
an optomization to remove redundant cast operations.
1. Adds an optimization to remove redundant ToBoolean and ToName operations.
2. Adds implementation and tests for cast operatorts to bytecode graph builder.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1468003002
Cr-Commit-Position: refs/heads/master@{#32408}
This way we avoid the %_IsSmi magic that is required in TurboFan to
(efficiently) check abitrary context slots for smi 0. Checking against
"the hole" is common in the AstGraphBuilder and "the hole" is also used
to mark other context slots as not initialized.
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/1484723003
Cr-Commit-Position: refs/heads/master@{#32407}
Reason for revert:
Broken canary. Trying to find out root cause.
Original issue's description:
> Do not remove write barriers for stores of old space references in most recent old space allocation.
>
> BUG=chromium:561449
> LOG=n
>
> Committed: https://crrev.com/369778ec55a63ebe51e8fa8497edb5b681069b9b
> Cr-Commit-Position: refs/heads/master@{#32368}
TBR=ulan@chromium.org,bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:561449
Review URL: https://codereview.chromium.org/1482973003
Cr-Commit-Position: refs/heads/master@{#32406}
Reason for revert:
Broken canary. Trying to find out root cause.
Original issue's description:
> Introduce instance type for transition arrays.
>
> The motivation is to allow specialized marking visitor for transition arrays and collect all transition array in a list for post-processing in ClearNonLiveReferences.
>
> BUG=chromium:554488
> LOG=NO
>
> Committed: https://crrev.com/026095a3c7932573e1810b8064ec3008ed696601
> Cr-Commit-Position: refs/heads/master@{#32396}
TBR=mlippautz@chromium.org,jkummerow@chromium.org,ulan@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:554488
Review URL: https://codereview.chromium.org/1483003002
Cr-Commit-Position: refs/heads/master@{#32404}
Adds support and tests for throw to bytecode graph builder.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1481763002
Cr-Commit-Position: refs/heads/master@{#32399}
This switches several builtin methods to use the ES6 new.target value
when determined whether being called as a constructor or not. This is
prepatory work for fully deprecating the aforementioned intrinsic.
R=rossberg@chromium.org
Review URL: https://codereview.chromium.org/1477073005
Cr-Commit-Position: refs/heads/master@{#32397}
The motivation is to allow specialized marking visitor for transition arrays and collect all transition array in a list for post-processing in ClearNonLiveReferences.
BUG=chromium:554488
LOG=NO
Review URL: https://codereview.chromium.org/1480873003
Cr-Commit-Position: refs/heads/master@{#32396}
Monotonicity is not required at the current setup, where we do backward pass through
the graph. However, for bidirectinal analysis, we'd better be sure that all the
input/use information is monotone.
The checker here is quite strict - it requires monotonicity in each of: use
representations, use truncation, output representation and output type. In future, we can
lower the requirements and use lexicographic ordering (e.g., on use truncation and
representation).
Review URL: https://codereview.chromium.org/1473733007
Cr-Commit-Position: refs/heads/master@{#32392}
Add initial support to optimize certain "prototype" loads from known
JSFunctions which have a prototype. This includes an appropriate typing
rule plus a matching rule for typed lowering.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1482213002
Cr-Commit-Position: refs/heads/master@{#32390}
port 47502a238b (r32381)
original commit message:
Previously all contexts had a link to the global object, but what is
required in most cases (except for the global load, store and delete
case) is the native context.
This also removes the second dummy global object that was still linked
to every native context. We will add a different mechanism to ensure
that builtins do not pollute the actual global object during
bootstrapping.
Drive-by-fix: Unify some MacroAssembler magic and drop obsolete stuff.
BUG=
Review URL: https://codereview.chromium.org/1481353002
Cr-Commit-Position: refs/heads/master@{#32387}
Both are integrated into JSReceiver::GetKeys().
For now, the implementation ignores Symbol/DONT_ENUM filtering.
BUG=v8:1543
LOG=n
Review URL: https://codereview.chromium.org/1474083003
Cr-Commit-Position: refs/heads/master@{#32384}
Port 68cc0be2ad
Original commit message:
The TruncateFloat32ToUint64 operator converts a float32 to an uint64 using
round-to-zero rounding mode. If the input value is outside uint64 range, then
the result depends on the architecture. I provide an implementation for x64 and
arm64.
BUG=
Review URL: https://codereview.chromium.org/1481093003
Cr-Commit-Position: refs/heads/master@{#32383}
This makes sure that proxy + Function/Array works
Makes sure that new.target can be a generator
Makes sure that if new.target is not a subclass, but does not have a prototype, that we'll get that same prototype back the next time we look at new.target.prototype.
BUG=v8:1543, v8:3330, v8:3931
LOG=n
Review URL: https://codereview.chromium.org/1484473002
Cr-Commit-Position: refs/heads/master@{#32382}
Previously all contexts had a link to the global object, but what is
required in most cases (except for the global load, store and delete
case) is the native context.
This also removes the second dummy global object that was still linked
to every native context. We will add a different mechanism to ensure
that builtins do not pollute the actual global object during
bootstrapping.
Drive-by-fix: Unify some MacroAssembler magic and drop obsolete stuff.
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_nosnap_rel
R=yangguo@chromium.org,mstarzinger@chromium.org
Committed: https://crrev.com/d290f204938295bfecc5c8e645ccfcff6e80ddb8
Cr-Commit-Position: refs/heads/master@{#32375}
Review URL: https://codereview.chromium.org/1480003002
Cr-Commit-Position: refs/heads/master@{#32381}
The TruncateFloat32ToUint64 operator converts a float32 to an uint64 using
round-to-zero rounding mode. If the input value is outside uint64 range, then
the result depends on the architecture. I provide an implementation for x64 and
arm64.
R=titzer@chromium.org
Review URL: https://codereview.chromium.org/1479713003
Cr-Commit-Position: refs/heads/master@{#32379}
Reason for revert:
[Sheriff] Breaks:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap/builds/5472
Original issue's description:
> [runtime] Replace global object link with native context link in all contexts.
>
> Previously all contexts had a link to the global object, but what is
> required in most cases (except for the global load, store and delete
> case) is the native context.
>
> This also removes the second dummy global object that was still linked
> to every native context. We will add a different mechanism to ensure
> that builtins do not pollute the actual global object during
> bootstrapping.
>
> Drive-by-fix: Unify some MacroAssembler magic and drop obsolete stuff.
>
> R=yangguo@chromium.org
>
> Committed: https://crrev.com/d290f204938295bfecc5c8e645ccfcff6e80ddb8
> Cr-Commit-Position: refs/heads/master@{#32375}
TBR=yangguo@chromium.org,mstarzinger@chromium.org,bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review URL: https://codereview.chromium.org/1478303002
Cr-Commit-Position: refs/heads/master@{#32377}
Previously all contexts had a link to the global object, but what is
required in most cases (except for the global load, store and delete
case) is the native context.
This also removes the second dummy global object that was still linked
to every native context. We will add a different mechanism to ensure
that builtins do not pollute the actual global object during
bootstrapping.
Drive-by-fix: Unify some MacroAssembler magic and drop obsolete stuff.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1480003002
Cr-Commit-Position: refs/heads/master@{#32375}
This replaces internal GetConstructorName with toStringTag, .constructor's name
and class_name. This entirely changes how the name is computed for use in
devtools.
BUG=chromium:529177
LOG=n
Review URL: https://codereview.chromium.org/1435273002
Cr-Commit-Position: refs/heads/master@{#32374}
This will allow moving the test outcome check beyond the
multi-process boundary in a follow up. It'll allow wrapping
more complex test jobs like predicable mode on the multi-
process side, which will make the code easier to maintain.
BUG=
Review URL: https://codereview.chromium.org/1469833002
Cr-Commit-Position: refs/heads/master@{#32373}
