We cannot optimize away ToNumber conversions based on the Type that we
see in Crankshaft, as this might be the (unchecked or even pretruncated)
lower bound. We can only use the HType, which is based on the definition.
R=jkummerow@chromium.org
BUG=chromium:590989
LOG=n
Review URL: https://codereview.chromium.org/1757013002
Cr-Commit-Position: refs/heads/master@{#34445}
Port 4acb492e14
Original commit message:
Initial version of a new StrictEqualStub written as TurboFan code stub,
that implements the full strict equality comparison and is usable for
both TurboFan and Ignition (and soon for the generic CompareIC case
too). The stub is not fully optimized yet, i.e. we still go to the
runtime for string comparisons, but that'll be addressed in a follow-up
CL.
R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1756243002
Cr-Commit-Position: refs/heads/master@{#34444}
The ES2016 draft spec defines a sort of fast path for constructing
a TypedArray based on another TypedArray. This patch implements that
alternative path in TypedArray construction. It is verified by
test262 tests, which now pass. This patch also has a slight cleanup
of TypedArray code by using a macro for TypedArray type checks, as
is done for other types.
This patch includes a minor spec violation: In the same-type case, the
spec indicates that the underlying ArrayBuffer should be copied until
the end, and this is fixed up by making the [[ArrayLength]] shorter.
This is observable with the buffer getter. This patch just copies the
used part of the underlying ArrayBuffer.
R=adamk
BUG=v8:4726
LOG=Y
Review URL: https://codereview.chromium.org/1754593003
Cr-Commit-Position: refs/heads/master@{#34443}
The CompilationPhase helper class is only used in Crankshaft and is not
suitable for use in other compilers. This factors is out into a separate
file and moves it into the "crankshaft" directory.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/1758773002
Cr-Commit-Position: refs/heads/master@{#34441}
There is no reason to keep around the HOptimizedGraphBuilder after the
graph has successfully been built. Later phases in OptimizedCompileJob
should not rely on it anymore.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/1756183002
Cr-Commit-Position: refs/heads/master@{#34440}
Otherwise e.g.,
"use strict";
class C { static f() { super.location = "http://bla.com" }}
C.f.call(this);
will mask location on the hidden prototype of the JSGlobalObject.
BUG=
Review URL: https://codereview.chromium.org/1757933002
Cr-Commit-Position: refs/heads/master@{#34432}
This introduces a new instance type and reorders the JSObject types so any type requiring special LookupIterator support can be identified with a single range check.
In addition, it restructures the Next for better performance, avoiding unnecessary calls.
BUG=
Review URL: https://codereview.chromium.org/1751043002
Cr-Commit-Position: refs/heads/master@{#34429}
This relaxes the constraints of the optimized code map in order to be
able to update existing entries. It also simplifies the interface a
little bit. We can now insert an entry for a newly allocated literals
array together with previously cached context-independent code.
R=mvstanton@chromium.org
Review URL: https://codereview.chromium.org/1753213002
Cr-Commit-Position: refs/heads/master@{#34427}
Generalize the code that we have for StrictEqualStub to also general a
StrictNotEqualStub and hook that up with TurboFan and Ignition. It's
still falling back to the runtime for every String (in)equality check.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1756793002
Cr-Commit-Position: refs/heads/master@{#34426}
The macro is currently used by AllocateHeapNumberStub and AllocateMutableHeapNumberStub, which are now turbofan code stubs.
It can be used to allocate objects in the new or old space, optionally with double alignment.
BUG=588692
LOG=y
Review URL: https://codereview.chromium.org/1735803003
Cr-Commit-Position: refs/heads/master@{#34424}
Initial version of a new StrictEqualStub written as TurboFan code stub,
that implements the full strict equality comparison and is usable for
both TurboFan and Ignition (and soon for the generic CompareIC case
too). The stub is not fully optimized yet, i.e. we still go to the
runtime for string comparisons, but that'll be addressed in a follow-up
CL.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1753173003
Cr-Commit-Position: refs/heads/master@{#34423}
The function literal consists of a list of statements. Each statement
is associated with a statement position including break location. The
only exception to this rule is when the function immediately throws if
scope resolution found an illegal redeclaration. Make sure that we add a
break location for this case as well. The debugger relies on this.
R=bmeurer@chromium.org, vogelheim@chromium.org
BUG=v8:4690
LOG=N
Review URL: https://codereview.chromium.org/1759603002
Cr-Commit-Position: refs/heads/master@{#34422}
port dbf5fffd2d (r34397)
original commit message:
In ia32 PushArgsAndConstruct builtin, we run out of registers and need to
temporarily store the data in the stack. In the earlier implementation,
a location outside the esp was used. This causes a problem if there is a
interrupt/signals which would use the same stack and corrupt the data that
is above the esp. This cl fixes it by pushing it onto the stack so that
the stack pointer is updated and hence the corruption will not happen. We
reuse the slot meant for receiver as a temporary store.
BUG=
Review URL: https://codereview.chromium.org/1756743002
Cr-Commit-Position: refs/heads/master@{#34420}
Add support to log source position offsets to the profiler. As part of
this change PositionsRecorder is split into two, with the subset needed
by log.cc moved into log.h and the remainder kept in assembler.h as
AssemblerPositionsRecorder. The interpreter's source position table
builder is updated to log positions when the profiler is active.
BUG=v8:4766
LOG=N
Review URL: https://codereview.chromium.org/1737043002
Cr-Commit-Position: refs/heads/master@{#34416}
Fixes a bug in the constant pool padding calculation.
BUG=v8:4680
LOG=N
Review URL: https://codereview.chromium.org/1749853002
Cr-Commit-Position: refs/heads/master@{#34403}
Runtime asserts are were previously a bit annoying to debug, due to
the lack of a useful error message, even in debug mode. This patch
prints out some more information in debug mode for runtime assert
failures while preserving their exception-throwing semantics. While
we're at it, it requires a semicolon after RUNTIME_ASSERT macro
invocations.
```
$ rlwrap out/Debug/d8 --allow-natives-syntax
V8 version 5.1.0 (candidate)
d8> %ArrayBufferNeuter(1)
#
# Runtime error in ../../src/runtime/runtime-typedarray.cc, line 52
#
# args[0]->IsJSArrayBuffer()
==== C stack trace ===============================
1: 0xf70ab5
2: 0xadeebf
3: 0xadedd4
4: 0x2ef17630693b
(d8):1: illegal access
%ArrayBufferNeuter(1)
^
d8>
```
Also give the other 'illegal access' case (a special SyntaxError type) a more
descriptive error message for its sole usage.
R=adamk
Review URL: https://codereview.chromium.org/1748183002
Cr-Commit-Position: refs/heads/master@{#34401}
Initial implementation of S390 specific debug and IC functions.
R=danno@chromium.org,jkummerow@chromium.org,jochen@chromium.org,jyan@ca.ibm.com,michael_dawson@ca.ibm.com,mbrandy@us.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1743263003
Cr-Commit-Position: refs/heads/master@{#34400}
In ia32 PushArgsAndConstruct builtin, we run out of registers and need to
temporarily store the data in the stack. In the earlier implementation,
a location outside the esp was used. This causes a problem if there is a
interrupt/signals which would use the same stack and corrupt the data that
is above the esp. This cl fixes it by pushing it onto the stack so that
the stack pointer is updated and hence the corruption will not happen. We
reuse the slot meant for receiver as a temporary store.
TBR=rmcilroy@chromium.org
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1750373002
Cr-Commit-Position: refs/heads/master@{#34397}
When we try to optimize a function with Crankshaft, but compilation
bails out, don't disable optimization for that function entirely,
just disable Crankshaft, so TurboFan will be used for the next attempt.
Thereby this widens the TurboFan intake valve.
Review URL: https://codereview.chromium.org/1751873002
Cr-Commit-Position: refs/heads/master@{#34396}
Adds the translation from optimized frame to bytecode offset
in FrameSummary. For interpreter, the bailout id represents the bytecode
array offset. So we can directly use the bailout id as the code offset
in the FrameSummary. Also updates mjsunit.status with more information
about failing tests.
BUG=v8:4280, v8:4689
LOG=N
Review URL: https://codereview.chromium.org/1740753002
Cr-Commit-Position: refs/heads/master@{#34393}