Reason for revert:
Fails on V8 Fuzzer: https://build.chromium.org/p/client.v8/builders/V8%20Fuzzer/builds/6028
Original issue's description:
> Move --harmony-destructuring-bind to shipping
>
> Also fix CheckConflictingVarDeclarations() to properly handle
> legacy const bindings. Without that change enabling the flag
> causes code like:
>
> function f() { const x; var x; }
>
> to throw an early error, rather than wait to throw the error
> until f is invoked.
>
> BUG=v8:811
> LOG=y
> CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
>
> Committed: https://crrev.com/515093630a4a925a66d550561e38293d49633f10
> Cr-Commit-Position: refs/heads/master@{#32222}
TBR=rossberg@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:811
Review URL: https://codereview.chromium.org/1470333002
Cr-Commit-Position: refs/heads/master@{#32226}
Adds code and tests to support CreateClosure bytecode when building
graphs.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1458603012
Cr-Commit-Position: refs/heads/master@{#32224}
Also fix CheckConflictingVarDeclarations() to properly handle
legacy const bindings. Without that change enabling the flag
causes code like:
function f() { const x; var x; }
to throw an early error, rather than wait to throw the error
until f is invoked.
BUG=v8:811
LOG=y
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Review URL: https://codereview.chromium.org/1451843002
Cr-Commit-Position: refs/heads/master@{#32222}
sufficient physical registers for all the virtual registers.
This should come in handy for frame elision. There, I noticed that even
for very small functions (==very few virtual registers), because we spill
the context/function marker ranges, we lose the frame elision
opportunity.
There is a subsequent change needed to fully help frame elision -
decoupling spilling of context & function marker from prologue.
BUG=
Review URL: https://codereview.chromium.org/1469743002
Cr-Commit-Position: refs/heads/master@{#32221}
Change the runtime entries and their associated code stubs for object
and array literal creation to take the closure instead of the raw
literals pointer. This is way easier to deal with (and cleaner) in
TurboFan.
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/1469833005
Cr-Commit-Position: refs/heads/master@{#32220}
This CL also fixed register usages in MacroAssembler::Allocate() broken by 2fc2cb99 (r32144).
BUG=chromium:560239
LOG=Y
Review URL: https://codereview.chromium.org/1468073004
Cr-Commit-Position: refs/heads/master@{#32219}
We still share the code globally, but if we wanted, it would be easy to
make it per isolate now
BUG=v8:2487
R=yangguo@chromium.org,jkummerow@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/1468313004
Cr-Commit-Position: refs/heads/master@{#32217}
Having access to the unfinished schedule inside of raw machine assembler
turned out to be dangerous, because it cannot be used without exporting
which in turn computes the RPO of the schedule.
R=vogelheim@chromium.org
Review URL: https://codereview.chromium.org/1475643002
Cr-Commit-Position: refs/heads/master@{#32216}
Makes it possible for the the inline allocation observers to be sample the
actual object allocation on which the notification triggers.
R=hpayer@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1460063006
Cr-Commit-Position: refs/heads/master@{#32209}
Put the constant parts of the CreateLiteralArray and CreateLiteralObject
operators into CreateLiteralParameters and properly use them everywhere.
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/1475613002
Cr-Commit-Position: refs/heads/master@{#32207}
The literal index is being pushed onto the stack while evaluating
the non-constant subexpressions, but never used in fullcodegen (and
hence not used in the optimizing compilers).
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/1471893003
Cr-Commit-Position: refs/heads/master@{#32205}
This passes the new.target value in a register instead of through a
side-channel via the construct stub. Note that only TurboFan code uses
the register value so far, but unoptimized code will be switched soon.
R=bmeurer@chromium.org
BUG=v8:4544
LOG=n
Review URL: https://codereview.chromium.org/1460503008
Cr-Commit-Position: refs/heads/master@{#32203}
The option --json-output will make the auto-roller dump a
json file with a monitoring_state key. This can be one of:
started, up_to_date, success.
BUG=chromium:559141
LOG=n
NOTRY=true
Review URL: https://codereview.chromium.org/1465413002
Cr-Commit-Position: refs/heads/master@{#32201}
We use comparisons with the_hole to implement temporal dead zones, so we
should also optimize those, as they currently turn into CompareIC calls.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1473593002
Cr-Commit-Position: refs/heads/master@{#32198}
port 374b6ea210 (r32172)
original commit message:
There's no point in collecting feedback for super constructor calls,
because in all (interesting) cases we can gather (better) feedback from
other sources (i.e. via inlining or via using a LOAD_IC to get to the
[[Prototype]] of the target). So CallConstructStub is now only used
for new Foo(...args) sites where we want to collect feedback in the
baseline compiler. The optimizing compilers, Reflect.construct and
super constructor calls use the Construct builtin directly, which allows
us to remove some weird code from the CallConstructStub (and opens the
possibility for more code sharing with the CallICStub, maybe even going
for a ConstructICStub).
Also remove the 100% redundant HCallNew instruction, which is just a
wrapper for the Construct builtin anyway (indirectly via the
CallConstructStub).
Drive-by-fix: Drop unused has_function_cache bit on Code objects.
BUG=
Review URL: https://codereview.chromium.org/1471193002
Cr-Commit-Position: refs/heads/master@{#32197}
This CL also fixes HeapObject::IterateFast() and HeapObject::IterateBodyFast().
BUG=v8:4531
LOG=Y
Review URL: https://codereview.chromium.org/1469883002
Cr-Commit-Position: refs/heads/master@{#32195}
This patch removes Promise functions and methods which are absent
from the ES2015 specification when the --es-staging flag is on.
BUG=v8:3237
R=rossberg
LOG=Y
Review URL: https://codereview.chromium.org/1469543003
Cr-Commit-Position: refs/heads/master@{#32194}
This replaces chromium_roll and the wrapper auto_roll with
just auto_roll. The arguments for the revision to roll and
the last rolled revision are optional and will be
auto-detected (this feature is from the wrapper).
Checking the cq box is default now (as in the wrapper).
BUG=chromium:559141
LOG=n
NOTRY=true
Review URL: https://codereview.chromium.org/1468973002
Cr-Commit-Position: refs/heads/master@{#32193}
port c1e7c8d972 (r32171)
original commit message:
This ensures that the ArgumentsAdaptorTrampoline does not clobber the
new.target value, but rather passes it through to the callee unaltered.
Note that callees do not yet use the new.target value so far.
This is a preparatory CL to allows us passing new.target in a register
instead of via a side-channel through the construct stub frame.
BUG=
Review URL: https://codereview.chromium.org/1475523002
Cr-Commit-Position: refs/heads/master@{#32192}
Add support for using inline allocations for arrays in lowering of
JSCreateArray when target equals new.target. Currently we are only
concerend with the straight-forward Array() and Array(length) cases,
but at some point TurboFan should also be able to support the more
complex initializing cases.
R=mvstanton@chromium.org
BUG=v8:4470
LOG=n
Review URL: https://codereview.chromium.org/1465203002
Cr-Commit-Position: refs/heads/master@{#32191}
In a function expression, 'yield' is allowed, even if the expression
occurs inside a generator. Similarly, even in a non-generator,
a generator expression's name must not be 'yield'.
BUG=v8:3983
LOG=n
Review URL: https://codereview.chromium.org/1460393003
Cr-Commit-Position: refs/heads/master@{#32188}
- Throw type errors instead of runtime asserts.
- Also required for SIMD tests ported to Test262 to work with V8
BUG=4501
LOG=N
Review URL: https://codereview.chromium.org/1461823003
Cr-Commit-Position: refs/heads/master@{#32187}
Port 374b6ea210
Original commit message:
There's no point in collecting feedback for super constructor calls,
because in all (interesting) cases we can gather (better) feedback from
other sources (i.e. via inlining or via using a LOAD_IC to get to the
[[Prototype]] of the target). So CallConstructStub is now only used
for new Foo(...args) sites where we want to collect feedback in the
baseline compiler. The optimizing compilers, Reflect.construct and
super constructor calls use the Construct builtin directly, which allows
us to remove some weird code from the CallConstructStub (and opens the
possibility for more code sharing with the CallICStub, maybe even going
for a ConstructICStub).
Also remove the 100% redundant HCallNew instruction, which is just a
wrapper for the Construct builtin anyway (indirectly via the
CallConstructStub).
Drive-by-fix: Drop unused has_function_cache bit on Code objects.
R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:4413, v8:4430
LOG=n
Review URL: https://codereview.chromium.org/1471623005
Cr-Commit-Position: refs/heads/master@{#32186}
Port d80fd48e5d
Original commit message:
The CallICStub has call-site specific knowledge about the receiver,
which we did not utilize; plus the CallICStub does in some case know
whether it is about to [[Call]] a function or potentially some other
callable. In the common case we actually know that the target is a
function and so we can use the CallFunction builtin directly instead
of redispatching in the Call builtin.
R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=chromium:555127, v8:4413
LOG=n
Review URL: https://codereview.chromium.org/1471823002
Cr-Commit-Position: refs/heads/master@{#32185}
Port c1e7c8d972
Original commit message:
This ensures that the ArgumentsAdaptorTrampoline does not clobber the
new.target value, but rather passes it through to the callee unaltered.
Note that callees do not yet use the new.target value so far.
This is a preparatory CL to allows us passing new.target in a register
instead of via a side-channel through the construct stub frame.
R=mstarzinger@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:4544
LOG=n
Review URL: https://codereview.chromium.org/1467923004
Cr-Commit-Position: refs/heads/master@{#32184}
Port c6d310da4d
Original commit message:
* Adds a PrepareForTailCall instruction that bumps the stack in the case that
the number of parameters passed to the callee causes the stack to exceed the
calleer's frame size.
* Uses the gap resolver to move the saved caller return address and frame
pointer to the approprate location in the tail-called frame.
R=danno@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:4076
LOG=n
Review URL: https://codereview.chromium.org/1460183003
Cr-Commit-Position: refs/heads/master@{#32183}
Port ceade6cf23
Original commit message:
This adds a new %NewArray runtime entry, which constructs a new JSArray
and does the subclassing correctly (to the same degree that %NewObject
does currently), and also deals properly with the AllocationSite
feedback mechanism. This runtime entry will be used by TurboFan and is
also used as a fallback in the subclassing case in the stub currently.
R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:3101, v8:3330
LOG=n
Review URL: https://codereview.chromium.org/1466943002
Cr-Commit-Position: refs/heads/master@{#32180}
The LoadElimination in TurboFan can look into the atomic regions and
elimination subsequent loads based on stores/allocations in that atomic
regions.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1472703005
Cr-Commit-Position: refs/heads/master@{#32179}
Add an eager deoptimization location for JSCallConstruct and adapt the
JSCallReducer to consume target feedback for construction sites (only
applies to explicit new F(...args) not the super constructor calls).
Also recognize the new Array(...args) constructs with only target
feedback.
R=jarin@chromium.org
BUG=v8:4470
LOG=n
Review URL: https://codereview.chromium.org/1467173002
Cr-Commit-Position: refs/heads/master@{#32177}
