This adds a utils object meant specifically for V8 extras, presenting a limited
API surface for doing things that would otherwise require %-functions.
BUG=v8:4276
LOG=Y
R=jochen@chromium.org,yangguo@chromium.org
Review URL: https://codereview.chromium.org/1343113003
Cr-Commit-Position: refs/heads/master@{#30773}
Defines a new --harmony-tolength flag, and a ToLengthFlagged() runtime function,
that is used where ES6 requires ToLength(), but a pre-ES6 conversion existed
before. When the flag is disabled, the function uses TO_UINT32(), which is
the pre-ES6 behaviour. When the flag enabled, the ES6-compliant ToLength()
conversion is used.
Based on a patch initially from Diego Pino <dpino@igalia.com>
BUG=v8:3087
LOG=Y
Review URL: https://codereview.chromium.org/1309243003
Cr-Commit-Position: refs/heads/master@{#30772}
Add support for `get` and `set` as shorthand properties. Also
supports them for CoverInitializedName in BindingPatterns and (once implemented)
AssignmentPatterns.
BUG=v8:4412, v8:3584
LOG=N
R=adamk, aperez, wingo, rossberg
Review URL: https://codereview.chromium.org/1328083002
Cr-Commit-Position: refs/heads/master@{#30769}
There isn't a plan to turn it on soon, so we'll take it out in favor of cleaner code.
BUG=
Review URL: https://codereview.chromium.org/1202173002
Cr-Commit-Position: refs/heads/master@{#30767}
This makes sure that the arguments object materialization in the method
prologue is composable with respect to inlining. The generic runtime
functions materializing those objects now respect the deoptimization
information when reconstructing the original arguments.
R=mvstanton@chromium.org
Review URL: https://codereview.chromium.org/1340313003
Cr-Commit-Position: refs/heads/master@{#30766}
Mark ArrayLiterals utilizing the spread operator as non-simple.
This causes them to return false for IsCompileTimeValue, and thus
causes spread to work as expected in nested literals.
BUG=v8:4417
LOG=y
Review URL: https://codereview.chromium.org/1336123002
Cr-Commit-Position: refs/heads/master@{#30754}
The ES6 specification says that "Built-in functions that are ECMAScript
function objects must be strict mode functions", which in particular
means that you can never test for them using the "caller" field of a
sloppy mode function.
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg,v8_linux_nosnap_dbg
R=mstarzinger@chromium.org
BUG=v8:105
LOG=n
Review URL: https://codereview.chromium.org/1347663002
Cr-Commit-Position: refs/heads/master@{#30750}
The assumption that every function body produces a value does not hold
for functions that e.g. unconditionally throw or endlessly loop. This
fixes the inlining logic to handle such cases.
R=bmeurer@chromium.org
TEST=mjsunit/regress/regress-crbug-530598
BUG=chromium:530598
LOG=n
Review URL: https://codereview.chromium.org/1333193005
Cr-Commit-Position: refs/heads/master@{#30738}
This models the materialization of arguments objects in the prologue
within the IR graph. It will in turn allow us to optimize access to
these objects and also correctly handle them with inlining.
R=bmeurer@chromium.org,mvstanton@chromium.org
TEST=cctest/test-run-jsobjects/Arguments*
Review URL: https://codereview.chromium.org/1344553003
Cr-Commit-Position: refs/heads/master@{#30735}
Remove incorrect usage of callee-saved FPU regs (f20 and above).
Also remove unnecessary push/pop which were occasionally unpaired,
and caused crash.
TEST=cctest/test-assembler-mips[64]
BUG=
Review URL: https://codereview.chromium.org/1338713004
Cr-Commit-Position: refs/heads/master@{#30729}
Adds support for JS calls to the interpreter. In order to support
calls from the interpreter, the PushArgsAndCall builtin is added
which pushes a sequence of arguments onto the stack and calls
builtin::Call.
Adds the Call bytecode.
MIPS port contributed by akos.palfi@imgtec.com in https://codereview.chromium.org/1334873002/
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1323463005
Cr-Commit-Position: refs/heads/master@{#30710}
In certiain cases the ArgumentsIteratorSetter would trigger an invalid
state in the LookupIterator when being overridden. This is now solved
by bypassing the SetDataProperty and directly using
DefinePropertyOrElementIgnoringAttributes since we know exactly which
property we're going to install
LOG=N
BUG=chromium:521484
Review URL: https://codereview.chromium.org/1332873002
Cr-Commit-Position: refs/heads/master@{#30705}
Correctly save and restore FP registers in cctest/ConvertDToI to
avoid accidental register overwriting by the generated code.
Note: This failure is manifested only in R6 mode.
TEST=test/cctest/interpreter/test-interpreter
BUG=
Review URL: https://codereview.chromium.org/1337023002
Cr-Commit-Position: refs/heads/master@{#30700}
Inner functions must be eagerly parsed for scope analysis, but the full AST is
also kept around even though it's not needed.
This CL mitigates this problem by allocating some AstNodes of the inner function
to a temporary Zone which is deallocated once the scope information has been
built. The remaining nodes (such as VariableProxy) must persist until scope
analysis actually happens, and have to be allocated to a parser-persistent Zone.
BUG=417697
LOG=N
Review URL: https://codereview.chromium.org/1304923004
Cr-Commit-Position: refs/heads/master@{#30685}
Replace the ADD, SUB, etc. builtins with proper runtime implementations,
and expose them as runtime calls that can be used by the code stubs and
the interpreter (for now).
Also remove all the support runtime functions for ADD, SUB and friends,
namely %NumberAdd, %NumberSub, and so on.
R=mstarzinger@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg,v8_linux_nosnap_dbg
Review URL: https://codereview.chromium.org/1333843002
Cr-Commit-Position: refs/heads/master@{#30680}
When looking up a special accessor for known TypedArray fields
("length", "byteLength", "byteOffset"), consider the entire prototype
chain, not only the direct prototype.
This allows subclasses of TypedArrays to benefit from fast specialized
accesses.
Review URL: https://codereview.chromium.org/1313493005
Cr-Commit-Position: refs/heads/master@{#30678}
The two tests in question got a lot slower and started to timeout now
that the C++ fallback implementation of the %Arguments intrinsics is
composable with respect to inlining.
R=bmeurer@chromium.org,machenbach@chromium.org
Review URL: https://codereview.chromium.org/1330203003
Cr-Commit-Position: refs/heads/master@{#30674}
This removes the aforementioned flag which has been on by default for a
while now. Note that this does not control optimization decisions, only
the last-resort bailout in the graph builder.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/1335543002
Cr-Commit-Position: refs/heads/master@{#30673}
There are now two runtime entries %NewClosure and %NewClosure_Tenured,
with the same signature (one parameter, the SharedFunctionInfo, and the
context of the caller).
Also remove the HFunctionLiteral special case instruction from Crankshaft,
as HCallWithDescriptor with FastNewClosureStub or HCallRuntime with
either %NewClosure or %NewClosure_Tenured can easily do that for you.
Also remove the redundant context parameter from the JSCreateClosure
operator, because every JS operator already takes a context input.
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_nosnap_dbg
Review URL: https://codereview.chromium.org/1329293003
Cr-Commit-Position: refs/heads/master@{#30671}
A LiveRange is identified by 2 integers: the vreg() of its TopLevel,
which is the virtual register (operand) ID; and a relative_id(), which has
no meaning in the program, but is valuable in debugging or tracing
scenarios.
This change ensures that relative_id is unique even in cases of splinter
ranges and their children.
Review URL: https://codereview.chromium.org/1318493005
Cr-Commit-Position: refs/heads/master@{#30665}
Adds support for property store operations via Store/KeyedStore ICs. Adds the
following bytecodes:
- StoreIC
- KeyedStoreIC
The --vector_store flag is now required for --ignition.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1319833004
Cr-Commit-Position: refs/heads/master@{#30660}
Update the consolidated load case to carefully chose the load mode
based on the consolidated elements kind.
BUG=v8:4380
LOG=N
Review URL: https://codereview.chromium.org/1329793003
Cr-Commit-Position: refs/heads/master@{#30659}
This makes the C++ fallback implementations for the two intrinsics,
%Arguments and %ArgumentsLength composable with respect to inlining.
Using deoptimization information gives us accurate data here.
R=bmeurer@chromium.org
TEST=mjsunit/regress/regress-4374
BUG=v8:4374
LOG=n
Review URL: https://codereview.chromium.org/1328363002
Cr-Commit-Position: refs/heads/master@{#30654}
This moves incremental marking steps from gc-idle-time-handler and heap to the new incremental marking task.
BUG=chromium:490559
LOG=NO
Review URL: https://codereview.chromium.org/1265423002
Cr-Commit-Position: refs/heads/master@{#30641}
When there is no explicit return we need to generate an implicit
return undefined.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1308693014
Cr-Commit-Position: refs/heads/master@{#30639}
This switches Isolate::ComputeLocation to use baseline code when
computing message locations. This unifies locations between optimized
and non-optimized code by always going through the FrameSummary for
location computation.
R=bmeurer@chromium.org
TEST=message/regress/regress-4266
BUG=v8:4266
LOG=n
Review URL: https://codereview.chromium.org/1331603002
Cr-Commit-Position: refs/heads/master@{#30635}
The semantics of the %_CallFunction intrinsic seem to be very unclear,
which resulted in a lot of bugs. Especially the combination with
%IsSloppyModeFunction is always a bug, because the receiver would be
wrapped in the wrong context. So the %IsSloppyModeFunction helper is
gone now, and many of the buggy uses of %_CallFunction are also
eliminated.
If you ever need to call something with a different receiver, then
%_Call is your friend now. It does what you want and implements the
call sequence fully (and correct).
BUG=v8:4413
LOG=n
Review URL: https://codereview.chromium.org/1325573004
Cr-Commit-Position: refs/heads/master@{#30634}
- Moving parts of ArrayConcat from builtins.cc to the ElementsAccessor
- Removing ArrayConcat Runtime Function
BUG=v8:4317
LOG=N
Review URL: https://codereview.chromium.org/1330483003
Cr-Commit-Position: refs/heads/master@{#30619}
Wasm mjsunit tests aren't being detected when symlinked into
test/mjsunit/wasm. This causes symlinked directories in that
directory to be included.
BUG=None
TEST=local
R=dehrenberg@chromium.org
LOG=N
Review URL: https://codereview.chromium.org/1332463002
Cr-Commit-Position: refs/heads/master@{#30600}
Uses the lower byte with memchr which is
significantly faster than a naive compare
Performance difference with bench (http://hastebin.com/xuxexataso.js):
old new
single character single character
Κ found at 922 Κ found at 922
3324 616
㎡ found at 13217 ㎡ found at 13217
42366 4931
က found at 4096 က found at 4096
13369 9836
found at 65280 found at 65280
207472 36149
ᆬ found at 65445 ᆬ found at 65445
209344 36666
found at 8197 found at 8197
26731 11757
倂 found at 20482 倂 found at 20482
66071 17193
linear search linear search
ΚΛ found at 922 ΚΛ found at 922
4112 504
㎡㎢ found at 13217 ㎡㎢ found at 13217
55105 5119
ᆬᆭ found at 65445 ᆬᆭ found at 65445
268016 35496
linear + bmh search linear + bmh search
ΚΛΜΝΞΟΠΡ found at 922 ΚΛΜΝΞΟΠΡ found at 922
2897 522
ᆬᆭᄃᄄᄅᆰᆱᆲ found at 65445 ᆬᆭᄃᄄᄅᆰᆱᆲ found at 65445
167687 35283
BUG=
Review URL: https://codereview.chromium.org/1324453007
Cr-Commit-Position: refs/heads/master@{#30597}
Reason for revert:
[Sheriff] Breaks fuzzer and msan:
http://build.chromium.org/p/client.v8/builders/V8%20Fuzzer/builds/4773
Repro with:
tools/fuzz-harness.sh out/Debug/d8
(in a ninja Debug build)
Msan:
http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/builds/4097
Original issue's description:
> Speedup stringsearch for two byte strings
>
> Uses the lower byte with memchr which is
> significantly faster than a naive compare
>
> Performance difference with bench (http://hastebin.com/xuxexataso.js):
>
> old new
>
> single character single character
> Κ found at 922 Κ found at 922
> 3324 616
> ㎡ found at 13217 ㎡ found at 13217
> 42366 4931
> က found at 4096 က found at 4096
> 13369 9836
> found at 65280 found at 65280
> 207472 36149
> ᆬ found at 65445 ᆬ found at 65445
> 209344 36666
> found at 8197 found at 8197
> 26731 11757
> 倂 found at 20482 倂 found at 20482
> 66071 17193
>
> linear search linear search
> ΚΛ found at 922 ΚΛ found at 922
> 4112 504
> ㎡㎢ found at 13217 ㎡㎢ found at 13217
> 55105 5119
> ᆬᆭ found at 65445 ᆬᆭ found at 65445
> 268016 35496
>
> linear + bmh search linear + bmh search
> ΚΛΜΝΞΟΠΡ found at 922 ΚΛΜΝΞΟΠΡ found at 922
> 2897 522
> ᆬᆭᄃᄄᄅᆰᆱᆲ found at 65445 ᆬᆭᄃᄄᄅᆰᆱᆲ found at 65445
> 167687 158465
>
> Committed: https://crrev.com/fced280f37588f8a232a414201276e053117e9ea
> Cr-Commit-Position: refs/heads/master@{#30587}
TBR=danno@chromium.org,mstarzinger@chromium.org,jkummerow@chromium.org,karl@skomski.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review URL: https://codereview.chromium.org/1331433002
Cr-Commit-Position: refs/heads/master@{#30588}
