This CL exposes IteratorBuiltinsAssembler::IterableToList as a builtin
to reduce generated code duplication. This follows up on CL 1201882.
Change-Id: I848e17bd1b6756de9e898e9d2f8c93d99699df07
Reviewed-on: https://chromium-review.googlesource.com/1206470
Commit-Queue: Hai Dang <dhai@google.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55641}
This is a reland of 1c48d52bb1.
It turned out that IterableToList doesn't always behave according to
the ES operation with the same name. Specifically, it allows holey arrays
to take its fast path, which produces an output array with holes where
actually "undefined" elements should appear.
This CL changes the version of IterableToList that is used for spreads
(IterableToListWithSymbolLookup) such that holey arrays take the slow path.
It also includes tests for such situations.
Original change's description:
> [interpreter] Add bytecode for leading array spreads.
>
> This CL improves the performance of creating [...a, b] or [...a].
> If the array literal has a leading spread, this CL emits the bytecode
> [CreateArrayFromIterable] to create the literal. CreateArrayFromIterable
> is implemented by [IterableToListDefault] builtin to create the initial
> array for the leading spread. IterableToListDefault has a fast path to
> clone efficiently if the spread is an actual array.
>
> The bytecode generated is now shorter. Bytecode generation is refactored
> into to BuildCreateArrayLiteral, which allows VisitCallSuper to benefit
> from this optimization also.
> For now, turbofan also lowers the bytecode to the builtin.
>
> The idiomatic use of [...a] to clone the array a now performs better
> than a simple for-loop, but still does not match the performance of slice.
>
> Bug: v8:7980
>
> Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
> Change-Id: Ibde659c82d3c7aa1b1777a3d2f6426ac8cc15e35
> Reviewed-on: https://chromium-review.googlesource.com/1181024
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Georg Neis <neis@chromium.org>
> Commit-Queue: Hai Dang <dhai@google.com>
> Cr-Commit-Position: refs/heads/master@{#55520}
Bug: v8:7980
Change-Id: I0b5603a12d2b588327658bf0a9b214bd0f22e237
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/1201882
Commit-Queue: Hai Dang <dhai@google.com>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55639}
Port CreateBreakIterator and BreakIterator.prototype.resolvedOptions to
C++, refactoring the entire class into another one called
JSV8BreakIterator that would be a subclass of JSObject.
TBR: benedikt@chromium.org
Bug: v8:8111
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I9bd1d82ec34b210c8ed59ea6576548d45a34b8d5
Reviewed-on: https://chromium-review.googlesource.com/1198946
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55627}
Before, splice was implemented with a C++ fast path and a
comprehensive JavaScript version.
This impl. is entirely in Torque with a fastpath for SMI,
DOUBLE and OBJECT arrays, and a comprehensive slow path.
The same level of "sparse" array support as given by the
array.js implementation is included.
This reland addresses several issues:
* Removed "sparse" array support from splice.
* Addressed ClusterFuzz issue 876443:
The test and code that uses the fix is in this CL.
The fix in isolation can be seen here:
https://chromium-review.googlesource.com/c/v8/v8/+/1199403
* Removed dead code in elements.cc
BUG=chromium:876443, v8:8131, v8:1956, v8:7221
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I2d4a66c24ba1edabeca34e27e6ff8ee6136ed5f1
Reviewed-on: https://chromium-review.googlesource.com/1201783
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55610}
This reverts commit 1c48d52bb1.
Reason for revert: Clusterfuzz found something.
Original change's description:
> [interpreter] Add bytecode for leading array spreads.
>
> This CL improves the performance of creating [...a, b] or [...a].
> If the array literal has a leading spread, this CL emits the bytecode
> [CreateArrayFromIterable] to create the literal. CreateArrayFromIterable
> is implemented by [IterableToListDefault] builtin to create the initial
> array for the leading spread. IterableToListDefault has a fast path to
> clone efficiently if the spread is an actual array.
>
> The bytecode generated is now shorter. Bytecode generation is refactored
> into to BuildCreateArrayLiteral, which allows VisitCallSuper to benefit
> from this optimization also.
> For now, turbofan also lowers the bytecode to the builtin.
>
> The idiomatic use of [...a] to clone the array a now performs better
> than a simple for-loop, but still does not match the performance of slice.
>
> Bug: v8:7980
>
> Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
> Change-Id: Ibde659c82d3c7aa1b1777a3d2f6426ac8cc15e35
> Reviewed-on: https://chromium-review.googlesource.com/1181024
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Georg Neis <neis@chromium.org>
> Commit-Queue: Hai Dang <dhai@google.com>
> Cr-Commit-Position: refs/heads/master@{#55520}
TBR=rmcilroy@chromium.org,neis@chromium.org,sigurds@chromium.org,gsathya@chromium.org,jgruber@chromium.org,dhai@google.com
Change-Id: I1c86ddcc24274da9f5a8dd3d8bf8d869cbb55cb6
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7980
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/1199303
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55544}
This CL improves the performance of creating [...a, b] or [...a].
If the array literal has a leading spread, this CL emits the bytecode
[CreateArrayFromIterable] to create the literal. CreateArrayFromIterable
is implemented by [IterableToListDefault] builtin to create the initial
array for the leading spread. IterableToListDefault has a fast path to
clone efficiently if the spread is an actual array.
The bytecode generated is now shorter. Bytecode generation is refactored
into to BuildCreateArrayLiteral, which allows VisitCallSuper to benefit
from this optimization also.
For now, turbofan also lowers the bytecode to the builtin.
The idiomatic use of [...a] to clone the array a now performs better
than a simple for-loop, but still does not match the performance of slice.
Bug: v8:7980
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ibde659c82d3c7aa1b1777a3d2f6426ac8cc15e35
Reviewed-on: https://chromium-review.googlesource.com/1181024
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Commit-Queue: Hai Dang <dhai@google.com>
Cr-Commit-Position: refs/heads/master@{#55520}
This increases the size of a V8BreakIterator instance by a word to store
the breakType function.
The instance to be bound is stored on the context of this builtin function.
This CL removes the AddBoundMethod helper from intl.js
Bug: v8:5751
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I4e4df2632990300b91eafda680d414e0b373825b
Reviewed-on: https://chromium-review.googlesource.com/1194803
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55501}
This replaces ebx usage in several more interface descriptors.
- IC descriptors already passed most arguments on the stack (updated
their Register accessors to reflect that).
- The allocation site argument appears to be unused in the
ConstructStub descriptor. It can probably be removed in a follow-up.
Drive-by: Rename ArgumentAdaptorDescriptor to
ArgumentsAdaptorDescriptor to match the builtin name.
Bug: v8:6666
Change-Id: I4cdf1775a5b4b74491d6d303c49a8af9b6cd3c03
Reviewed-on: https://chromium-review.googlesource.com/1195367
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55495}
This increases the size of a V8BreakIterator instance by a word to store
the current function.
The instance to be bound is stored on the context of this builtin function.
Bug: v8:5751
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I1bdf3d3cd9db5ab16abb644b33b44705ca58684e
Reviewed-on: https://chromium-review.googlesource.com/1194802
Commit-Queue: Ujjwal Sharma <usharma1998@gmail.com>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55471}
This increases the size of a V8BreakIterator instance by a word to store
the next function.
The instance to be bound is stored on the context of this builtin function.
Bug: v8:5751
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ibdfabe53c7d0790c1ba44d5de8d1c8fc8de517c9
Reviewed-on: https://chromium-review.googlesource.com/1193502
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55463}
This increases the size of a V8BreakIterator instance by a word to store
the first function.
The instance to be bound is stored on the context of this builtin function.
Bug: v8:5751
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ib1e8cb8353d0885e0d9bcfdc5fe558c1de0a0738
Reviewed-on: https://chromium-review.googlesource.com/1192823
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55459}
This increases the size of a V8BreakIterator instance by a word to store
the adopt text function.
The instance to be bound is stored on the context of this builtin function.
Bug: v8:5751
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I466ead6c8fc9d531d2213cfdd488fa1484496f69
Reviewed-on: https://chromium-review.googlesource.com/1186925
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55418}
This reverts commit f4ca3fc56e.
Reason for revert: Since TF (js-call-reducer) calls into the C++ builtin, it is easier (cleaner for now) to implement the baseline version in C++ instead of Torque.
Original change's description:
> [array] Prepare Array.p.shift for removal of the JavaScript fall-back
>
> This CL changes the ArrayPrototypeShift builtin to a CSA macro which
> is used in a newly created Torque builtin.
>
> This is in preparation for removing the JavaScript fall-back, which
> will be replaced by a baseline Torque implementation.
>
> R=cbruni@chromium.org, jgruber@chromium.org
>
> Bug: v8:7624
> Change-Id: I9b7898beea2802cc02d394e040a1e500387cf108
> Reviewed-on: https://chromium-review.googlesource.com/1169172
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Commit-Queue: Simon Zünd <szuend@google.com>
> Cr-Commit-Position: refs/heads/master@{#55036}
TBR=cbruni@chromium.org,jgruber@chromium.org,szuend@google.com
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:7624
Change-Id: I4929eefaa90ff8681bc8ae20e3ea3fe84ee7f1e8
Reviewed-on: https://chromium-review.googlesource.com/1186342
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#55345}
Some builtins, so-called wasm runtime stubs, are copied off-heap to
ensure reachability through near jumps. These builtins must be
individually position-independent. In particular, they may not contain
pc-relative calls to other builtins.
Drive-by: Set hard_abort mode for all wasm runtime stubs to avoid Abort
calls.
Bug: v8:6666
Change-Id: Ie5bc9fc539d6a043dcf7dff66c3b4643baec69ab
Reviewed-on: https://chromium-review.googlesource.com/1183236
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55296}
This reverts commit cdaaa31151.
Reason for revert: chromium:876445 chromium:876453 chromium:876443
Original change's description:
> [builtins] Reland Array.prototype.splice() Torque implementation.
>
> Before, splice was implemented with a C++ fast path and a
> comprehensive JavaScript version.
>
> This impl. is entirely in Torque with a fastpath for SMI,
> DOUBLE and OBJECT arrays, and a comprehensive slow path.
> The same level of "sparse" array support as given by the
> array.js implementation is included.
>
> Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
> Change-Id: Ia7334a30b401988309e9909cfa0069da0bb6fb9f
> Reviewed-on: https://chromium-review.googlesource.com/1169466
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55263}
TBR=mvstanton@chromium.org,jgruber@chromium.org,tebbi@chromium.org
Change-Id: I5b750a98e671b7284474ffcabc6b4d37a9d1219e
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/1184741
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55289}
Before, splice was implemented with a C++ fast path and a
comprehensive JavaScript version.
This impl. is entirely in Torque with a fastpath for SMI,
DOUBLE and OBJECT arrays, and a comprehensive slow path.
The same level of "sparse" array support as given by the
array.js implementation is included.
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ia7334a30b401988309e9909cfa0069da0bb6fb9f
Reviewed-on: https://chromium-review.googlesource.com/1169466
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55263}
This is a reland of 041ae1f879
The clashing method has been fixed.
Original change's description:
> [builtins] Start adding byte code handlers to builtins
>
> Adds a new build flag, v8_enable_embedded_bytecode_handlers, that adds
> the bytecode handlers to the BUILTIN_LIST macros.
>
> Currently it's not connected up to the code-generation so it actually
> does nothing except expand the builtins table.
>
> Bug: v8:8068
> Change-Id: Iaecc3982cf22d04e6c46169b86c9d694952fd091
> Reviewed-on: https://chromium-review.googlesource.com/1179887
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55215}
Bug: v8:8068
Change-Id: Ibc98929a9ad464e9d4c9fc7d43401f0fb0df9a00
Reviewed-on: https://chromium-review.googlesource.com/1181981
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55244}
This increases the size of a DateFormat instance by a word to store
the bound format function.
The instance to be bound is stored on the context of this builtin function.
Bug: v8:7800
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I05968251d3411f5126dba3ce9b5b6b29836fd5dc
Reviewed-on: https://chromium-review.googlesource.com/1178763
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55240}
This reverts commit 041ae1f879.
Reason for revert: Causes jumbo builds to fail because of duplicate GenerateBytecodeHandler definitions.
Original change's description:
> [builtins] Start adding byte code handlers to builtins
>
> Adds a new build flag, v8_enable_embedded_bytecode_handlers, that adds
> the bytecode handlers to the BUILTIN_LIST macros.
>
> Currently it's not connected up to the code-generation so it actually
> does nothing except expand the builtins table.
>
> Bug: v8:8068
> Change-Id: Iaecc3982cf22d04e6c46169b86c9d694952fd091
> Reviewed-on: https://chromium-review.googlesource.com/1179887
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55215}
TBR=rmcilroy@chromium.org,jgruber@chromium.org,delphick@chromium.org
Change-Id: I860b3ecf543944fd0f4fdcb8de09d21a4b784150
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8068
Reviewed-on: https://chromium-review.googlesource.com/1181301
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55225}
Adds a new build flag, v8_enable_embedded_bytecode_handlers, that adds
the bytecode handlers to the BUILTIN_LIST macros.
Currently it's not connected up to the code-generation so it actually
does nothing except expand the builtins table.
Bug: v8:8068
Change-Id: Iaecc3982cf22d04e6c46169b86c9d694952fd091
Reviewed-on: https://chromium-review.googlesource.com/1179887
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55215}
Small clean up to create a BUILTIN_LIST_INTL to include in BUILTIN_LIST
rather than having two definitions of BUILTIN_LIST depending on whether
V8_INTL_SUPPORT is enabled.
Change-Id: I05ce83fe478049398392c5204b22961d29eb3622
Reviewed-on: https://chromium-review.googlesource.com/1180967
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55209}
This increases the size of a Collator instance by a word to store
the bound compare function.
The instance to be bound is stored on the context of this builtin function.
Bug: v8:7800
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ie7581ab59fdfe4efff6d960e07ed2164fa6d9959
Reviewed-on: https://chromium-review.googlesource.com/1171967
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55130}
This CL changes the ArrayPrototypeShift builtin to a CSA macro which
is used in a newly created Torque builtin.
This is in preparation for removing the JavaScript fall-back, which
will be replaced by a baseline Torque implementation.
R=cbruni@chromium.org, jgruber@chromium.org
Bug: v8:7624
Change-Id: I9b7898beea2802cc02d394e040a1e500387cf108
Reviewed-on: https://chromium-review.googlesource.com/1169172
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#55036}
The HasProperty builtin differed in its expected argument order from
the HasProperty runtime function. Like all other related spec
primitives (e.g.: GetProperty, SetProperty, DeleteProperty), it should
take {object} as the first argument and {key} as the second.
This CL changes the builtin and all related spots to use the correct
order.
There was also a tricky bug in interpreter intrinsic rewriting, which
assumes (but does not verify) that the argument order between runtime
function and builtin is identical. Besides cctests, HasProperty
intrinsic rewriting seems to be dead code.
Bug: v8:8036
Change-Id: Ia669fd6f5c73a30df4e4607064603be759ced392
Reviewed-on: https://chromium-review.googlesource.com/1167297
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55022}
This reverts commit ff4fa92e88.
Reason for revert: blocks roll: https://chromium-review.googlesource.com/c/chromium/src/+/1167969 ... see https://chromium-swarm.appspot.com/task?id=3f344f7ada4e0110&refresh=10&show_raw=1 for stacktrace.
Original change's description:
> [builtins] Enable Torque Array.prototype.splice
>
> Before, splice was implemented with a C++ fast path and a
> comprehensive JavaScript version.
>
> This impl. is entirely in Torque with a fastpath for SMI,
> DOUBLE and OBJECT arrays, and a comprehensive slow path.
> The same level of "sparse" array support as given by the
> array.js implementation is included.
>
> Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
> Change-Id: Ibfa3407ed75b9ad15ac54cce446b3952e38f90a9
> Reviewed-on: https://chromium-review.googlesource.com/1039190
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54974}
TBR=danno@chromium.org,yangguo@chromium.org,mvstanton@chromium.org,tebbi@chromium.org,szuend@google.com
Change-Id: I900f667b30a0cf673ead9621618a9988cf85ffdf
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/1168902
Commit-Queue: Michael Hablich <hablich@chromium.org>
Reviewed-by: Michael Hablich <hablich@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54998}
Before, splice was implemented with a C++ fast path and a
comprehensive JavaScript version.
This impl. is entirely in Torque with a fastpath for SMI,
DOUBLE and OBJECT arrays, and a comprehensive slow path.
The same level of "sparse" array support as given by the
array.js implementation is included.
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ibfa3407ed75b9ad15ac54cce446b3952e38f90a9
Reviewed-on: https://chromium-review.googlesource.com/1039190
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54974}
This patch ports most of the Intl.Collator from JS to C++.
The Intl.Collator object no longer stores all the resolved
values. Instead these are looked up on demand as part of
Intl.Collator.prototype.resolvedOptions(), saving several words. In
the future, we can cache the result of the resolvedOptions as well.
In this patch, we use ICU to do parsing of the unicode extension in
the bcp47 language tag instead of using a custom extension parser.
This patch also fixes several spec compliance bugs as well.
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Iaaa7be4a628404da1bd83d882e04a2c6de70ebd9
Bug: v8:5751, v8:7480
Reviewed-on: https://chromium-review.googlesource.com/1165084
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54965}
This CL is the first step towards a SetProperty stub, by adding a
stub that redirects to the runtime and replacing every runtime
call-site with a call to this stub.
A followup CL will then add an implementation to the stub similar
to KeyedStoreGenericAssembler::KeyedStoreGeneric().
R=cbruni@chromium.org, jgruber@chromium.org
Change-Id: Iff2f913988cada6220d54817d94d011ad6de2b77
Reviewed-on: https://chromium-review.googlesource.com/1163519
Commit-Queue: Simon Zünd <szuend@google.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54926}
Previously, Intl.PluralRules was mostly implemented in JavaScript. This
patch moves most of the constructor and parts of other methods to C++.
The size of the Intl.PluralRules object is reduced by not storing
MinimumIntegerDigits, MinimumFractionDigits, MaximumFractionDigits,
MinimumSignificantDigits, MaximumSignificantDigits. Instead these are
looked up from icu::DecimalFormat as required.
Another optimziation is that we don't create the result of
resolvedOptions when the Intl.PluralRules object is constructed, but
instead defer until this method is called. In the future, we may want
to cache the result.
This patch also cleans up several error handling paths that shouldn't
happen with ICU and instead just crashes should it ever happen.
Bug: v8:5751
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I84c5aa6c25c35fe2d336693dee1b36bf3dcd4a79
Reviewed-on: https://chromium-review.googlesource.com/1158701
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jungshik Shin <jshin@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54917}
This also move the function body of Runtime_StringLocaleConvertCase
into IntlFunc::StringLocaleConvertCase
Bug: v8:7958
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ibc081150babdd7d50043383b0f7375d46cfcf4a5
Reviewed-on: https://chromium-review.googlesource.com/1144525
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Jungshik Shin <jshin@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54737}
This is a reland of 9eca23e9ed
Adds a deopt continuation, which fixes JavaScript stack traces
to contain the number constructor after inlining.
Original change's description:
> [turbofan] Inline Number constructor in certain cases
>
> This CL adds inlining for the Number constructor if new.target is not
> present. The lowering is BigInt compatible, i.e. it converts BigInts to
> numbers.
>
> Bug: v8:7904
> Change-Id: If03b9f872d82e50b6ded7709069181c33dc44e82
> Reviewed-on: https://chromium-review.googlesource.com/1118557
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54454}
Bug: v8:7904
Change-Id: Ic416e5ba81fa3a0f59ae4afa80df83c46a759487
Reviewed-on: https://chromium-review.googlesource.com/1146581
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54609}
As discussed in
https://docs.google.com/document/d/1sBdGe8RHgeYP850cKSSgGABTyfMdvaEWLy-vertuTCo/edit?ts=5b3ba5cc#,
this CL introduces a new bytecode (CloneObject), and a new IC type.
In this prototype implementation, the type feedback looks like the
following:
Uninitialized case:
{ uninitialized_sentinel, uninitialized_sentinel }
Monomorphic case:
{ weak 'source' map, strong 'result' map }
Polymorphic case:
{ WeakFixedArray with { weak 'source' map, strong 'result' map }, cleared value }
Megamorphic case:
{ megamorphic_sentinel, cleared_Value }
In the fast case, Object cloning is done by allocating an object with
the saved result map, and a shallow clone of the fast properties from
the source object, as well as cloned fast elements from the source object.
If at any point the fast case can't be taken, the IC transitions to the
slow case and remains there.
This prototype CL does not include any TurboFan optimization, and the
CloneObject operation is merely reduced to a stub call.
It may still be possible to get some further improvements by somehow
incorporating compile-time boilerplate elements into the cloned object,
or simplifying how the boilerplate elements are inserted into the
object.
In terms of performance, we improve the ObjectSpread score in JSTests/ObjectLiteralSpread/
by about 8x, with substantial improvements over the Babel and ObjectAssign scores.
R=gsathya@chromium.org, mvstanton@chromium.org, rmcilroy@chromium.org, neis@chromium.org, bmeurer@chromium.org
BUG=v8:7611
Change-Id: I79e1796eb77016fb4feba0e1d3bb9abb348c183e
Reviewed-on: https://chromium-review.googlesource.com/1127472
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54595}
This reverts commit 9eca23e9ed.
Reason for revert: Clusterfuzz correctness issue
Original change's description:
> [turbofan] Inline Number constructor in certain cases
>
> This CL adds inlining for the Number constructor if new.target is not
> present. The lowering is BigInt compatible, i.e. it converts BigInts to
> numbers.
>
> Bug: v8:7904
> Change-Id: If03b9f872d82e50b6ded7709069181c33dc44e82
> Reviewed-on: https://chromium-review.googlesource.com/1118557
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54454}
TBR=jarin@chromium.org,neis@chromium.org,sigurds@chromium.org,bmeurer@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:7904
Change-Id: Ie5fa6c1262b8acc33edb672a0124f4458fcded86
Reviewed-on: https://chromium-review.googlesource.com/1142777
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54544}
This CL moves Array.p.fill from JavaScript to a C++ builtin. It has
a generic slow-path and fast-paths implemented via ElementsAccessor in
elements.cc.
R=cbruni@chromium.org
Bug: v8:7624
Change-Id: I8820e1195d2cd9b41c254058923ad9875aab067c
Reviewed-on: https://chromium-review.googlesource.com/1131130
Commit-Queue: Simon Zünd <szuend@google.com>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54522}
This CL adds inlining for the Number constructor if new.target is not
present. The lowering is BigInt compatible, i.e. it converts BigInts to
numbers.
Bug: v8:7904
Change-Id: If03b9f872d82e50b6ded7709069181c33dc44e82
Reviewed-on: https://chromium-review.googlesource.com/1118557
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54454}
This increases the size of a NumberFormat instance by a word to store
the bound format function.
The instance to be bound is stored on the context of this builtin function.
Bug: v8:5751, v8:7800
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ie85d8db7d10aabb5c40e77687e6f7112a84f3ebd
Reviewed-on: https://chromium-review.googlesource.com/1122153
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54353}
RegExp builtins were the first to be ported to CSA roughly two years
ago. Back then, we weren't really aware of issues surrounding code
size and CSA inlining, and thus some of these builtins were bigger
than they should be.
This CL adds a few new helper builtins and removes inlined calls to
SubString, RegExpExecInternal, and StringAdd. It significantly
reduces the size of affected builtins. Minor performance regressions
due to call overhead are expected.
Before:
TFS Builtin, RegExpReplace, 20008
TFS Builtin, RegExpSplit, 17340
TFS Builtin, RegExpMatchFast, 17064
TFJ Builtin, RegExpStringIteratorPrototypeNext, 12862
After:
TFS Builtin, RegExpReplace, 5067
TFS Builtin, RegExpSplit, 6329
TFS Builtin, RegExpMatchFast, 8164
TFJ Builtin, RegExpStringIteratorPrototypeNext, 6652
Bug: v8:5737
Change-Id: I1c077a084da85bb73c0c5adb7118b941f488e0ec
Reviewed-on: https://chromium-review.googlesource.com/1127796
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54293}
* Rename BoilerplateDescription to ObjectBoilerplateDescription
* Add literal_type flag to ObjectBoilerplateDescription,
which is stored as zeroth element of Fixed array
* Create ArrayBoilerplateDescription with elements_kind and
constant_elements field
* Replace CompileTimeValue and ConstantElementPair with
ArrayBoilerplateDescription
* Kill ConstantElementPair and CompileTimeValue
Change-Id: Icb42dcfd575a27e2b64ffd5e2e61f9d703d5e986
Bug: v8:7787, chromium:818642
Reviewed-on: https://chromium-review.googlesource.com/1122411
Commit-Queue: Chandan Reddy <chandanreddy@google.com>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54272}
Fixes V8 correctness failure when there's a proxy in the global object
prototype chain and unsuccessful attempt is made to access a property.
Bug: chromium:849024
Change-Id: I829e1a6c038982b7c7a77f8bdefb61facb4614f0
Reviewed-on: https://chromium-review.googlesource.com/1124446
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54237}
Adds the builtin Trace and IsTraceCategoryEnabled functions
exposed via extra bindings. These are intended to use by
embedders to allow basic trace event support from JavaScript.
```js
isTraceCategoryEnabled('v8.some-category')
trace('e'.charCodeAt(0), 'v8.some-category',
'Foo', 0, { abc: 'xyz'})
```
Bug: v8:7851
Change-Id: I7bfb9bb059efdf87d92a56a0aae326650730c250
Reviewed-on: https://chromium-review.googlesource.com/1103294
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Fadi Meawad <fmeawad@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54121}
Currently we perform the full iteration protocol even when we don't need
to. When IterableToListCanBeElided is true, we still need to create a
copy of the array (from a spec correctness point of view, in case there
are user-JS side-effects that would modify the original).
This CL copies the array directly, skipping the iteration protocol.
This recovers the JSTests/TypedArrays/ConstructArrayLike benchmark
almost completely.
Change-Id: I7f1593dd9af6e4a0485bd654e6c02186c5ae99d0
Reviewed-on: https://chromium-review.googlesource.com/1105995
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53996}
Migrate the Object.getOwnPropertyNames to the CodeStubAssembler and use the enum cache backing store when
1) the enum cache is avaible
2) the {object} has no elements
3) all own properties are enumerable
This makes a speedup of 10x when using Object.getOwnPropertyNames with fast-path. It improves Speedometer2.0 Inferno case by ~9% on ATOM platform.
Change-Id: I05e1df0e7d9d53d97664c322248cedb106a7b1d0
Reviewed-on: https://chromium-review.googlesource.com/1004434
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Shiyu Zhang <shiyu.zhang@intel.com>
Cr-Commit-Position: refs/heads/master@{#53992}
This CL adds a builtin which receives an int32 argument and returns the
int32 result. Internally, it checks whether the argument is in the
valid smi range, then calls the runtime function with the smi argument
and converts the return value back from smi to int32.
This saves a lot of code in the wasm TF builder and in Liftoff.
R=mstarzinger@chromium.org
Bug: v8:6600
Change-Id: Icddcb020eae74c767a75090feb4939275432c007
Reviewed-on: https://chromium-review.googlesource.com/1107711
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53946}
This makes sure we use WebAssembly runtime stubs when performing value
coercions in wrapper code that is compiled into {WasmCode}. It hence
removes the last {RelocInfo::CODE_TARGET} references in {WasmCode}.
R=clemensh@chromium.org
BUG=v8:7424
Change-Id: Ic96e541abe98f90796a6506b09ff99557743b6f7
Reviewed-on: https://chromium-review.googlesource.com/1104462
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53846}
Now TFJ builtins can use their own descriptors so there's no need to
keep the hacky BuiltinDescriptor around.
Bug: v8:7754
Change-Id: Ia7f23a21fb979370fd2149fef13186b83a3d5d30
Reviewed-on: https://chromium-review.googlesource.com/1104428
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53806}
This CL also adds macros for defining JS-compatible interface descriptors that
has additional parameters.
ArrayConstructorDescriptor is redefined using the new macros.
Bug: v8:7754
Change-Id: Id39cac9f234666576f35de755d11aba198248bea
Reviewed-on: https://chromium-review.googlesource.com/1100833
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53796}
This allows WebAssembly runtime stubs implemented as {WasmCode} to be
called with regular stub linkage. So far we have only been able to call
such stubs with WebAssembly linkage.
Also switch two more on-heap builtins over to WebAssembly runtime stubs.
R=clemensh@chromium.org
BUG=v8:7424
Change-Id: Ifa553b5908ee27a1be780c325a114449d7fe7001
Reviewed-on: https://chromium-review.googlesource.com/1100882
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53734}
No need to have a separately defined CallDescriptor.
R=titzer@chromium.org
Change-Id: Ic7c0ee87d458fa8e55bef4d750aa7f61a763237f
Reviewed-on: https://chromium-review.googlesource.com/1098927
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53699}
This CL adds a TFS stub for RegExp#test and moves several checks to
the JSCallReducer. In particular, the JSCallReducer checks that
- property {exec} on the regexp is still the original exec
- property {lastIndex} on the regexp is a non-negative smi
The stub does not repeat these checks in release mode.
This effectively means that if the regexp is known, we can perform these
checks at compile time, and get away with a map dependency.
Bug: v8:7779, v8:7200
Change-Id: I0c6d711d4f1d2f6f325a1c02855b0e1b62e014c8
Reviewed-on: https://chromium-review.googlesource.com/1074654
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53630}
New intstrumentation consists of:
- kAsyncFunctionSuspended when async function is suspended on await
(called on each await),
- kAsyncFunctionFinished when async function is finished.
Old instrumentation was based on reusing async function promise.
Using this promise produces couple side effects:
- for any promise instrumentation we first need to check if it is
special case for async function promise or not - it requires
expensive reading from promise object.
- we capture stack for async functions even if it does not contain
awaits.
- we do not properly cancel async task created for async function.
New intsrumntation resolved all these problems as well as provide
clear mapping between async task and generator which we can use later
to fetch scope information for async functions on pause.
R=dgozman@chromium.org,yangguo@chromium.org
Bug: v8:7078
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ifdcec947d91e6e3d4d5f9029bc080a19b8e23d41
Reviewed-on: https://chromium-review.googlesource.com/1043096
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53445}
Calls from embedded builtins to stubs are expensive due to the
indirection through the builtins constants table. This moves
all remaining Array constructor stubs to builtins.
Bug: v8:6666
Change-Id: I5989a7480697a506a1bae1929ddd2e3f1d655048
Reviewed-on: https://chromium-review.googlesource.com/1074759
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53399}
Calls from embedded builtins to stubs are expensive due to the
indirection through the builtins constants table. This moves
the InternalArrayConstructorStub to a builtin.
Bug: v8:6666
Change-Id: I8cd801bd9218ca9ef0853ed99c7a69090af5c9f9
Reviewed-on: https://chromium-review.googlesource.com/1072608
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53360}
Calls from embedded builtins to stubs are expensive due to the
indirection through the builtins constants table. This moves
the ArrayConstructorStub to a builtin.
Bug: v8:6666
Change-Id: Iff4bff99cd911a7f5f138819801c7812b75ea969
Reviewed-on: https://chromium-review.googlesource.com/1071519
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53357}
Calls from embedded builtins to stubs are expensive due to the
indirection through the builtins constants table. This moves
the ArrayNArgumentsConstructorStub to a builtin.
Bug: v8:6666
Change-Id: Ied303334874251415a9057abf612d76dd8330aa6
Reviewed-on: https://chromium-review.googlesource.com/1071450
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53356}
Calls from embedded builtins to stubs are expensive due to the
indirection through the builtins constants table. This moves
CallApiGetter and the 0/1 argument case of CallApiCallback to
builtins.
Bug: v8:6666
Change-Id: I49c4917253f790a3b947f42c50d6308a1ab99d91
Reviewed-on: https://chromium-review.googlesource.com/1070980
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53355}
This CL completely removes the C++ builtin implementation of the
DataView.prototype.buffer, DataView.prototype.byteLength, and
DataView.prototype.byteOffset getters, and moves them to
a Torque implementation (that still relies on a bit of CSA).
Change-Id: Id46678ae709c3787b7b93d0f78bd2a6e16e00f7b
Reviewed-on: https://chromium-review.googlesource.com/1070369
Commit-Queue: Théotime Grohens <theotime@google.com>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53339}
This CL uses the new function pointers and generic features of Torque
to improve the performance of TypedArray.p.sort.
Instead of one Load/Store builtin that dispatches at runtime based on
the element kind, there are now many small builtins (one for each
element kind). The sorting algorithm then uses function pointers to
those small builtins, which get set once.
Changes in the relevant benchmarks:
Benchmark Original (JS) Current This CL
IntTypes 83.9 202.3 240.7
BigIntTypes 32.1 47.2 53.3
FloatTypes 99.3 109.3 129.3
Bug: v8:7382
Change-Id: I8684410524d546615b19f6edcbfdc615068196aa
Reviewed-on: https://chromium-review.googlesource.com/1070069
Commit-Queue: Simon Zünd <szuend@google.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53322}
This CL adds a baseline Torque implementation of the DataView getters
and setters.
Right now, the Torque code just calls the C++ implementation, which
has moved to runtime.
Change-Id: Ic96fde7ea908c628af9586e84511037c237c4d3b
Reviewed-on: https://chromium-review.googlesource.com/1061520
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Théotime Grohens <theotime@google.com>
Cr-Commit-Position: refs/heads/master@{#53312}
The TC39 committee reached consensus to rename `flatten` to `flat`
during the May 22nd meeting. The corresponding patch to the proposal
is here:
093eacc7fe
Bug: v8:7220
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ie8049ae4d4589a4ae7fe3d203053cef798c135e4
Reviewed-on: https://chromium-review.googlesource.com/1069467
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53294}
This is not web compatible, so let's delete the code.
Bug: v8:5536
Change-Id: I50506d37dcdff1f7f95577c47adcec653cc1f06e
Reviewed-on: https://chromium-review.googlesource.com/1064740
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53264}
https://github.com/tc39/proposal-intl-locale
Rename locale property to baseName to better reflect the intented use case and the change in spec.
TBR: bmeurer@chromium.org
Bug: v8:7684
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I91b630b49ce73abcebd6040ec968c91d75cff879
Reviewed-on: https://chromium-review.googlesource.com/1014411
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53193}
