This CL adds support for builtins with JavaScript linkage written using
the TurboFan CodeStubAssembler, but with a JSCall descriptor (which was
already supported thanks to a previous patch by Ben Smith). As a first
example, we convert the Math.sqrt builtin and thereby get rid of the
%_MathSqrt intrinsic, which causes trouble for the representation
selection pass in the JavaScript pipeline.
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/1824993002
Cr-Commit-Position: refs/heads/master@{#34989}
Introduces a bytecode whose handler executes the equivalent of %_IsArray and %_IsJSReceiver without a runtime call.
BUG=v8:4822
LOG=y
Review URL: https://codereview.chromium.org/1645763003
Cr-Commit-Position: refs/heads/master@{#34983}
Fixes CopyBytecodeArray to set the interrupt_budget field.
BUG=v8:4280,v8:4690
LOG=N
Review URL: https://codereview.chromium.org/1809123003
Cr-Commit-Position: refs/heads/master@{#34982}
The CL also add guard nodes to places where we assume that certain
values are numbers.
Review URL: https://codereview.chromium.org/1821133002
Cr-Commit-Position: refs/heads/master@{#34977}
This was once meant to be used for JavaScript code stubs, but since we
found a better way to do code stubs using TurboFan, we don't need this
runtime entry and intrinsic anymore.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1821123002
Cr-Commit-Position: refs/heads/master@{#34976}
Add missing conversions from other types to f32 in fround.
Restrict fround() to only float, double, signed, unsigned (no unions / intish).
Restrict Bitwise operations to intish, particularly |0, when not applied to a foreign function.
Adding more exhaustive tests of stdlib Math, move to a separate file.
Adding tests of interesting values for the stdlib asm.js functions.
BUG= https://bugs.chromium.org/p/v8/issues/detail?id=4203
TEST=test-asm-validator,asm-wasm
R=titzer@chromium.org,rossberg@chromium.org
LOG=N
Review URL: https://codereview.chromium.org/1804243003
Cr-Commit-Position: refs/heads/master@{#34967}
Both of them shipped in Chrome 49 without incident.
Also move relevant tests from harmony/ to es6/.
Review URL: https://codereview.chromium.org/1815773002
Cr-Commit-Position: refs/heads/master@{#34964}
This is necessary to ensure that "Called non callable" exception will get a proper message and stack trace even for calls at tail position.
BUG=chromium:595615, v8:4698
LOG=N
Review URL: https://codereview.chromium.org/1818003002
Cr-Commit-Position: refs/heads/master@{#34962}
Reason for revert:
Violates ES6 spec (crbug.com/4850), and implementation was over-eager. Will revert for now.
Original issue's description:
> Parser: Make skipping HTML comments optional.
>
> API change: This adds a new flag skip_html_comments to v8::ScriptOriginOptions. This flag controls whether V8 will attempt to honour HTML-style comments in JS sources.
>
> (That is: Gracefully ignore <!-- ... ---> in JS sources, which was a popular technique in the early days of JavaScript, to prevent non-JS-enabled browsers from displaying script sources to uses.)
>
> The flag defaults to 'true' when using v8::ScriptOrigin constructor, which preserves the existing behaviour. Embedders which are happy with the existing behaviour will thus not need any changes.
>
> BUG=chromium:573887
> LOG=Y
>
> Committed: https://crrev.com/91d344288aa51ed03eaaa1cb3e368ac1e82f0173
> Cr-Commit-Position: refs/heads/master@{#34904}
TBR=jochen@chromium.org,rossberg@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=chromium:573887, v8:4850
LOG=Y
Review URL: https://codereview.chromium.org/1817163003
Cr-Commit-Position: refs/heads/master@{#34958}
We don't want them to disappear from the stack traces.
BUG=v8:4698
LOG=N
Review URL: https://codereview.chromium.org/1818063002
Cr-Commit-Position: refs/heads/master@{#34957}
This change introduces wide prefix bytecodes to support wide (16-bit)
and extra-wide (32-bit) operands. It retires the previous
wide-bytecodes and reduces the number of operand types.
Operands are now either scalable or fixed size. Scalable operands
increase in width when a bytecode is prefixed with wide or extra-wide.
The bytecode handler table is extended to 256*3 entries. The
first 256 entries are used for bytecodes with 8-bit operands,
the second 256 entries are used for bytecodes with operands that
scale to 16-bits, and the third group of 256 entries are used for
bytecodes with operands that scale to 32-bits.
LOG=N
BUG=v8:4747,v8:4280
Review URL: https://codereview.chromium.org/1783483002
Cr-Commit-Position: refs/heads/master@{#34955}
Now that we have page-local remembered sets (due to refilling in page
granularity) we can perform all updates on the sets during compaction in
parallel without caching slots locally.
BUG=chromium:524425
LOG=N
NOTRY=true
Review URL: https://codereview.chromium.org/1811573002
Cr-Commit-Position: refs/heads/master@{#34952}
This rebaselines all our internal tests for error messages thrown by the
implementation of 'instanceof' to the new ES6 semantics. It also applies
a minor rephrasing to the messages in question.
R=rossberg@chromium.org
BUG=v8:4447
LOG=n
Review URL: https://codereview.chromium.org/1822663002
Cr-Commit-Position: refs/heads/master@{#34940}
Split ToNumberStub into the entry ToNumberStub, and two new stubs,
StringToNumberStub and NonNumberToNumberStub, which can be used when we
already know something about the input (i.e. in various branches of the
code stubs, or in TurboFan graphs).
Also introduce an appropriate StringToNumber simplified operator for
TurboFan, that is pure and is lowered to an invocation of the newly
added StringToNumberStub.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1818923002
Cr-Commit-Position: refs/heads/master@{#34922}
In case when F inlined normal call to G which tail calls H we should not write translation for G for the tail call site.
Otherwise we will see G in a stack trace inside H.
This CL also enables all existing tests related to ES6 tail call elimination and adds more combinations.
TBR=bmeurer@chromium.org
BUG=v8:4698
LOG=N
Committed: https://crrev.com/689980f7d4dfd4c29492f616d7b616b86ec9af91
Cr-Commit-Position: refs/heads/master@{#34830}
Review URL: https://codereview.chromium.org/1780043004
Cr-Commit-Position: refs/heads/master@{#34920}
Previously only JSFunctions seemed to be valid for toJSON, which doesn't
match the ES6 specification that allows any object with [[Call]]
internal method (i.e. any Callable in V8 terminology), including bound
functions and proxies.
BUG=chromium:595738, chromium:535408
R=yangguo@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/1824533002
Cr-Commit-Position: refs/heads/master@{#34913}
This revealed one Mozilla test that depended upon a lack
of early error for "with ({}) function ...". The test
has been marked as failing.
R=littledan@chromium.org
Review URL: https://codereview.chromium.org/1814863005
Cr-Commit-Position: refs/heads/master@{#34910}
Reason for revert:
This patch actually seemed to cause a further GameBoy regression! Reverting it seems to address the regression.
Original issue's description:
> Restore per-TypedArray-class length accessors as a perf workaround
>
> This patch is a workaround to the performance regression caused by
> implementing the ES2015 TypedArray prototype chain: Include a
> per-TypedArray-subclass length getter so that the superclass getter does
> not become polymorphic. The patch appears to fix a regression in the
> Gameboy Octane benchmark.
>
> BUG=chromium:579905
> R=adamk
> LOG=Y
>
> Committed: https://crrev.com/03ce7711e474a0ef74f723b30ae1527c89dec010
> Cr-Commit-Position: refs/heads/master@{#33501}
R=adamk@chromium.org
BUG=chromium:579905,chromium:593634
LOG=Y
Review URL: https://codereview.chromium.org/1812143004
Cr-Commit-Position: refs/heads/master@{#34906}
API change: This adds a new flag skip_html_comments to v8::ScriptOriginOptions. This flag controls whether V8 will attempt to honour HTML-style comments in JS sources.
(That is: Gracefully ignore <!-- ... ---> in JS sources, which was a popular technique in the early days of JavaScript, to prevent non-JS-enabled browsers from displaying script sources to uses.)
The flag defaults to 'true' when using v8::ScriptOrigin constructor, which preserves the existing behaviour. Embedders which are happy with the existing behaviour will thus not need any changes.
BUG=chromium:573887
LOG=Y
Review URL: https://codereview.chromium.org/1801203002
Cr-Commit-Position: refs/heads/master@{#34904}
The higher word (bits 32 - 63) of FPU register is set on zero before
storing result.
TEST=cctest/test-macro-assembler-mips64/Cvt_s_uw_Trunc_uw_s
BUG=
Review URL: https://codereview.chromium.org/1812193003
Cr-Commit-Position: refs/heads/master@{#34889}
The trigger point in question is by now obsolete. The optimized compile
job will itself ensure that deoptimization support is present on the
incoming SharedFunctionInfo, this will make sure to produce baseline
code when necessary. The ScopeInfo is also installed at that point in
time.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1816513002
Cr-Commit-Position: refs/heads/master@{#34887}
It was never being set to false in production (though it was in test-parsing.cc,
due to that test having its own flag-setting logic).
Review URL: https://codereview.chromium.org/1815033002
Cr-Commit-Position: refs/heads/master@{#34878}
This patch fixes two bugs in Array.prototype.concat in conjunction with
subclassing Arrays:
- Create a new property rather than calling Set when adding elements to
the output array. This means setters are not called.
- If there is an exception thrown from DefineProperty, propagate it
outwards properly, rather than swallowing it. This can occur, e.g., with
a Proxy as the new output array.
R=adamk
LOG=Y
BUG=chromium:595319
Review URL: https://codereview.chromium.org/1814933002
Cr-Commit-Position: refs/heads/master@{#34876}
This new intrinsic is used by the desugared ES6 instanceof implementation for
the cases when the F[@@hasInstance] property is null or undefined.
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/1809993002
Cr-Commit-Position: refs/heads/master@{#34866}
Repair this to match what the runtime correctly does, by first checking if the
function is a constructor before we access the prototype.
R=verwaest@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1810953002
Cr-Commit-Position: refs/heads/master@{#34863}
Immortal immovable roots must be allocated on the first page of the space.
If serializing the root list exceeds the first page, immortal immovable root
objects might end up outside of the first page. That could cause missing
write barriers.
We now iterate the root list twice. The first time we only serialize immortal
immovable root objects. The second time we serialize the rest.
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/1811913002
Cr-Commit-Position: refs/heads/master@{#34859}
The way desugared instanceof called OrdinaryHasInstance if the lookup of
@@hasInstance failed was incorrect.
BUG=v8:4774
LOG=N
Review URL: https://codereview.chromium.org/1812793002
Cr-Commit-Position: refs/heads/master@{#34855}
Before this CL, free memory (FreeSpace) has been managed through a global free
list that contains single-linked lists of FreeSpace nodes for each size class.
We move away from this approach to a global two-level doubly-linked list that
refers to singly-linked lists of FreeSpace nodes on the corresponding pages.
This way we can refill on a page-level granularity. Furthermore, it also enables
constant-time eviction of pages from the free list.
BUG=chromium:524425
LOG=N
Review URL: https://codereview.chromium.org/1772733002
Cr-Commit-Position: refs/heads/master@{#34853}
A startup snapshot is considered cold when it does not contain any
function code. We can now create a warm startup snapshot from a cold one
by running a warm-up script. Functions exercised by the warm-up script
are compiled and its code included in the warm startup snapshot. Side
effects caused by the warm-up script does not persist.
R=vogelheim@chromium.org
BUG=v8:4836
LOG=Y
Review URL: https://codereview.chromium.org/1805903002
Cr-Commit-Position: refs/heads/master@{#34849}
port e1a7c1e76c (r34836)
original commit message:
- New RelocInfo mode WASM_MEMORY_REFERENCE as a marker for wasm code objects that need to be relocated on a heap change
- RelocInfo mode recorded for immediates that use the memory buffer as base
- Tests to verify address patching works
BUG=
Review URL: https://codereview.chromium.org/1809973002
Cr-Commit-Position: refs/heads/master@{#34845}
- New RelocInfo mode WASM_MEMORY_REFERENCE as a marker for wasm code objects that need to be relocated on a heap change
- RelocInfo mode recorded for immediates that use the memory buffer as base
- Tests to verify address patching works
BUG=
Committed: https://crrev.com/cc815b69c17da368107ed77306a5bb161170c834
Cr-Commit-Position: refs/heads/master@{#34831}
Review URL: https://codereview.chromium.org/1759873002
Cr-Commit-Position: refs/heads/master@{#34836}
Reason for revert:
Breaks compile:
https://build.chromium.org/p/client.v8/builders/V8%20Mac64/builds/7740
Probably had outdated tryjobs
Original issue's description:
> Assembler changes for enabling GrowHeap in Wasm
> - New RelocInfo mode WASM_MEMORY_REFERENCE as a marker for wasm code objects that need to be relocated on a heap change
> - RelocInfo mode recorded for immediates that use the memory buffer as base
> - Tests to verify address patching works
>
> BUG=
>
> Committed: https://crrev.com/cc815b69c17da368107ed77306a5bb161170c834
> Cr-Commit-Position: refs/heads/master@{#34831}
TBR=titzer@chromium.org,yangguo@chromium.org,bradnelson@chromium.org,bradnelson@google.com,marija.antic@imgtec.com,gdeepti@google.com
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review URL: https://codereview.chromium.org/1808823002
Cr-Commit-Position: refs/heads/master@{#34832}
- New RelocInfo mode WASM_MEMORY_REFERENCE as a marker for wasm code objects that need to be relocated on a heap change
- RelocInfo mode recorded for immediates that use the memory buffer as base
- Tests to verify address patching works
BUG=
Review URL: https://codereview.chromium.org/1759873002
Cr-Commit-Position: refs/heads/master@{#34831}
In case when F inlined normal call to G which tail calls H we should not write translation for G for the tail call site.
Otherwise we will see G in a stack trace inside H.
This CL also enables all existing tests related to ES6 tail call elimination.
TBR=bmeurer@chromium.org
BUG=v8:4698
LOG=N
Review URL: https://codereview.chromium.org/1780043004
Cr-Commit-Position: refs/heads/master@{#34830}
Function declarations were previously permitted by V8 in many locations
which no ECMAScript specification allowed; the ECMAScript 2015 spec
enumerates a few locations (in blocks, as well as after labels and in
conditionals when in sloppy mode). This patch ships the flag to restrict
the usage of function declarations to those contexts.
R=adamk
LOG=Y
BUG=v8:4824
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Review URL: https://codereview.chromium.org/1799233003
Cr-Commit-Position: refs/heads/master@{#34828}
We need to pop the context to correct level on return as well. This was incorrectly
removed in this cl: https://codereview.chromium.org/1768123002/. For example
when we have a try-catch-finally block and catch does a return, the return
does not happen immediately. It should execute finally block before it
returns. Return statement should pop the context to the correct level as
expected by finally block.
BUG=594369,v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1796893002
Cr-Commit-Position: refs/heads/master@{#34822}
Port 33c08596e1
Original commit message:
Int64Sub is lowered to a new turbofan operator, Int32SubPair. The new
operator takes 4 inputs an generates 2 outputs. The inputs are the low
word of the left input, high word of the left input, the low word of the
right input, and high word of the right input. The ouputs are the low
and high word of the result of the subtraction.
The implementation is very similar to the implementation of Int64Add.
R=ahaas@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1812473002
Cr-Commit-Position: refs/heads/master@{#34821}
The CL #34701 (https://codereview.chromium.org/1779123002/) added the Run_WasmF32SConvertI64/Run_WasmF64SConvertI64 test cases and X87 failed at them.
The reason is same as the CL #33630 (Issue 1649323002: X87: Change the test case for X87 RunRoundInt32ToFloat32), please refer: https://codereview.chromium.org/1649323002.
Here is the key comments from CL #33630:
Some new test cases use CheckFloatEq(...) and CheckDoubleEq(...) function for result check. When GCC compiling the CheckFloatEq() and CheckDoubleEq() function,
those inlined functions has different behavior comparing with GCC ia32 build and x87 build.
The major difference is sse float register still has single precision rounding semantic. While X87 register has no such rounding precsion semantic when directly use register value.
The V8 turbofan JITTed has exactly same result in both X87 and IA32 port.
For CHECK_EQ(a, b) function, if a and b are double or float, it will has similar behaviors like CheckFloatEq(...) and CheckDoubleEq(...) function when compiled by GCC and causes the test case fail.
So we add the following sentence to do type case to keep the same precision for Run_WasmF32SConvertI64/Run_WasmF64SConvertI64. Such as: volatile double expect = static_cast<float>(*i).
ahaas put those codes in CHECK_FLOAT_EQ and CHECK_DOUBLE_EQ macros in CL #34534 (https://codereview.chromium.org/1773513002 ).
So this CL replaced the CHECK_EQ in Run_WasmF32SConvertI64/Run_WasmF64SConvertI64 to CHECK_FLOAT_EQ/CHECK_DOUBLE_EQ for x87 can pass Run_WasmF32SConvertI64/Run_WasmF64SConvertI64 tests.
BUG=
Review URL: https://codereview.chromium.org/1784813004
Cr-Commit-Position: refs/heads/master@{#34813}
Int64Sub is lowered to a new turbofan operator, Int32SubPair. The new
operator takes 4 inputs an generates 2 outputs. The inputs are the low
word of the left input, high word of the left input, the low word of the
right input, and high word of the right input. The ouputs are the low
and high word of the result of the subtraction.
The implementation is very similar to the implementation of Int64Add.
@v8-arm-ports: please take a careful look at the implementation of sbc
in the simulator.
R=titzer@chromium.org, v8-arm-ports@googlegroups.com
Review URL: https://codereview.chromium.org/1778893005
Cr-Commit-Position: refs/heads/master@{#34808}
The monomorphic case already carefully ensures that we don't try to use
a regular elements load stub on string wrapper elements. The polymorphic
path must perform an equivalent check.
BUG=chromium:594955
LOG=n
R=verwaest@chromium.org
Review URL: https://codereview.chromium.org/1806543002
Cr-Commit-Position: refs/heads/master@{#34807}
The feature was removed from the bots a while ago. It was
superseeded by the flaky-test detection which reruns tests.
Remaining tests still marked as flaky most certainly pass
since a while.
Referencing all the bugs whose expectations lines get
removed by this.
BUG=v8:3838,v8:3525,v8:3125
LOG=n
Review URL: https://codereview.chromium.org/1802983002
Cr-Commit-Position: refs/heads/master@{#34804}
port 1b23079936 (r34747)
original commit message:
Int64Add is lowered to a new turbofan operator, Int32AddPair. The new
operator takes 4 inputs an generates 2 outputs. The inputs are the low
word of the left input, high word of the left input, the low word of the
right input, and high word of the right input. The ouputs are the low
and high word of the result of the addition.
BUG=
Review URL: https://codereview.chromium.org/1806833002
Cr-Commit-Position: refs/heads/master@{#34803}
This part of Scope has existed since V8's initial check in, but from what
I can tell it's not required to implement "with". The only tests that
depend upon it are tests of the debugger and the Scope mirrors, but the
resulting test behavior after removing the bit still seems perfectly
reasonable to me. In fact, with the included fix for scope name collection,
the scope mirror is actually improved with this change.
As a bi-product, this fixes the attached bug, about the contains_with
bit having inconsistent values in some arrow function compilation
scenarios.
BUG=chromium:592353
LOG=n
CQ_INCLUDE_TRYBOTS=tryserver.blink:linux_blink_rel
Review URL: https://codereview.chromium.org/1804783002
Cr-Commit-Position: refs/heads/master@{#34802}
src/js/regexp.js was one of the few files that was left in sloppy
mode. The ES2017 draft specification requires that writes to
lastIndex throw when the property is non-writable, and test262
tests enforce this behavior. This patch puts that file in strict
mode.
BUG=v8:4504
R=yangguo@chromium.org
LOG=Y
Review URL: https://codereview.chromium.org/1776883005
Cr-Commit-Position: refs/heads/master@{#34801}
Array.prototype.concat did not work correct with complex elements on the
receiver or the prototype chain.
BUG=chromium:594574
LOG=y
Review URL: https://codereview.chromium.org/1804963002
Cr-Commit-Position: refs/heads/master@{#34798}
Updates InlineTwice to declare a function and then return a function
instead of using function expressions by wrapping a function with '('
and ')'. The earlier implementation would cause the function to
compile immediately instead of lazy compile. Also updates cctest.status
BUG=v8:4280,v8:4837,v8:4680
LOG=N
Review URL: https://codereview.chromium.org/1800073002
Cr-Commit-Position: refs/heads/master@{#34790}
Word64Popcnt is lowered to Word32Popcnt(low-word) + Word32Popcnt(high_word).
Since the optional Word64Popcnt operator does not exist on 32 bit platforms,
I introduced a new operator "Word64PopcntPlaceholder" which is generated
in the WasmCompiler and then lowered in the Int64Lowering.
R=titzer@chromium.org
Review URL: https://codereview.chromium.org/1803453003
Cr-Commit-Position: refs/heads/master@{#34777}
We may not emit bytecode for the evaluation of the to-be-returned
expression. In that case we cannot set two return positions for a return
statement (one before and one after the expression evaluation). This
sets the interpreter apart from full-codegen.
Make sure that we always have the second of the two return positions.
Note that we end up with separate test cases for ignition and FCG.
R=rmcilroy@chromium.org, vogelheim@chromium.org
BUG=v8:4690
LOG=N
Review URL: https://codereview.chromium.org/1801473003
Cr-Commit-Position: refs/heads/master@{#34771}
On 32-bit systems these instructions are compiled to calls to
C functions. The TF node for the function call is already generated in
the wasm compiler, the lowering of the I64 parameters is done in the
Int64Lowering. We use the return value of the C function to determine
whether the calculation should trap or not.
R=titzer@chromium.org
Review URL: https://codereview.chromium.org/1804513002
Cr-Commit-Position: refs/heads/master@{#34768}
Modules already have a separate entrypoint into the engine (at the moment,
this is v8::ScriptCompiler::CompileModule, though that will change to
something like ParseModule). This meant that requiring a commandline flag
simply added an extra complexity burden on embedders. By removing the v8
flag, this lets embedders use their own flagging mechanism (such as d8's
"--module", or Blink's RuntimeEnabledFeatures) to control whether
modules are to be used.
Also remove old modules tests that were being skipped (since they test
very old, pre-ES2015 modules syntax).
R=littledan@chromium.org
BUG=v8:1569, chromium:594639
LOG=y
Review URL: https://codereview.chromium.org/1804693002
Cr-Commit-Position: refs/heads/master@{#34764}
test262 "negative" test expectations list which exception is thrown. The ES2017
draft specification is very specific about which exception class is thrown
from which path, and V8 works hard to be correct with respect to that spec.
Previously, the test262 test runner would accept any nonzero status code,
such as from a crash, or a FAIL printed out, for a negative test. This
patch makes negative tests check for the right answer using a quick-and-dirty
parsing of the exception printing from d8 to find the exception class.
It invokes d8 in a way to get a status code of 0 from thrown exceptions
so that 'negative' tests aren't actually implemented by negating the output.
Amazingly, this didn't catch any test262 failures, but I verified the extra
checking interactively by changing a negative test to expect a different type
and saw it fail.
BUG=v8:4803
R=machenbach
LOG=Y
Review URL: https://codereview.chromium.org/1766503002
Cr-Commit-Position: refs/heads/master@{#34763}
This fixes the label binding mechanism that forwards a label to another
already bound target label. For source labels that are not being reached
by a jump, we should not try to patch jump sites. We still bind the
source label to reflect the target position though, just in case this
binding method will be used for backwards branches in the future.
R=rmcilroy@chromium.org
TEST=webkit/fast/js/parser-syntax-check
Review URL: https://codereview.chromium.org/1804643002
Cr-Commit-Position: refs/heads/master@{#34759}
The previous register allocation allowed invalid register aliasing in
cases where in the TF graph the node was used for multiple inputs of the
Word32PairShl node.
Additionally I renamed PairLsl to LslPair in the code generation for
consistency.
R=titzer@chromium.org, v8-arm-ports@googlegroups.com
Review URL: https://codereview.chromium.org/1776393004
Cr-Commit-Position: refs/heads/master@{#34755}
This moves the last remaining JS file based tests out of the "preparser"
suite. The tests in question all are expected to parse normally and not
throw any exception. This also deprecates the ability of the test suite
to run anything else outside Python templated tests.
R=adamk@chromium.org
TEST=preparser
Review URL: https://codereview.chromium.org/1782173005
Cr-Commit-Position: refs/heads/master@{#34753}
Int64Add is lowered to a new turbofan operator, Int32AddPair. The new
operator takes 4 inputs an generates 2 outputs. The inputs are the low
word of the left input, high word of the left input, the low word of the
right input, and high word of the right input. The ouputs are the low
and high word of the result of the addition.
R=titzer@chromium.org, v8-arm-ports@googlegroups.com
Review URL: https://codereview.chromium.org/1778493004
Cr-Commit-Position: refs/heads/master@{#34747}
Reduce the amount of code generated for OutOfLineLoadFloat* by computing
sqrt(-1) rather than move the NaN as an immediate. Add support for single
precision floating point immediate moves to enable this.
BUG=
Review URL: https://codereview.chromium.org/1758003003
Cr-Commit-Position: refs/heads/master@{#34746}
When black allocation is active, all objects allocated in old space are allocated black. Important: With that change, you cannot assume anymore that new objects are white right after their allocation. Currently, black allocation is enabled when incremental marking is started.
This feature can be turned off via flag: --noblack-allocation
BUG=chromium:561449
LOG=n
Review URL: https://codereview.chromium.org/1420423009
Cr-Commit-Position: refs/heads/master@{#34743}
Move all tests that use i64 values into test-run-wasm-64.cc. Introduce
macros that enable tests as they are implemented on 32 bit platforms.
R=ahaas@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1784343004
Cr-Commit-Position: refs/heads/master@{#34742}
On 32-bit systems I64XConvertFXX instructions are compiled to calls to
C functions. The TF node for the function call is already generated in
the wasm compiler, the lowering of the I64 parameter is done in the
Int64Lowering. We use the return value of the C function to determine
whether the conversion should trap or not.
R=titzer@chromium.org
Review URL: https://codereview.chromium.org/1775903002
Cr-Commit-Position: refs/heads/master@{#34738}
This patch removes some [PASS, FAIL_OK] lines which consistently pass,
and it declares some tests to be test bugs as appropriate.
R=adamk
Review URL: https://codereview.chromium.org/1784063002
Cr-Commit-Position: refs/heads/master@{#34733}
ES2015 Object.prototype.toString semantics were enabled in version 4.9,
which has been in stable Chrome for nearly two weeks at this point.
R=littledan@chromium.org
Review URL: https://codereview.chromium.org/1784033002
Cr-Commit-Position: refs/heads/master@{#34732}
Updates cctest.status and also updates the test
cctest/test-serialize/SerializeInternalReference to return success when
FLAG_ignition is true. This test tests for internal references and is not
relevant for interpreter.
BUG=v8:4280,v8:4680
LOG=N
Review URL: https://codereview.chromium.org/1782893002
Cr-Commit-Position: refs/heads/master@{#34723}
FullCodegen generates 2 statement positions for the loop init block, like so:
for(var i = 0; i....
^ ^
This change removes the first of those, updates unit tests,
and removes text expectations for Ignition.
---
An alternative would be to emulate the existing behaviour in Ignition, but:
- The new behaviour seems more logical,
- Ignition generates no bytecodes for the 'var', meaning there is no code position to attach the break position to.
BUG=v8:4690
LOG=Y
Review URL: https://codereview.chromium.org/1784883002
Cr-Commit-Position: refs/heads/master@{#34717}
This converts another test case that is expected to throw a TypeError
but no SyntaxError to have better test coverage (exact message is being
checked now).
R=machenbach@chromium.org
TEST=message,preparser
Review URL: https://codereview.chromium.org/1786623002
Cr-Commit-Position: refs/heads/master@{#34715}
This converts existing "preparser" tests that expect a certain exception
message to be produced into "message" tests. Thereby we get much better
coverage because the former test suite degraded by now to just check
whether each test case threw or not, the exception message was not being
checked at all.
This also deprecates the ability of "preparser" to specify that single
test cases based on JS files are expected to throw, "messages" is far
superior, use that test suite instead.
R=machenbach@chromium.org
TEST=message,preparser
Review URL: https://codereview.chromium.org/1784013003
Cr-Commit-Position: refs/heads/master@{#34713}
After histrogram timer added time recaling functionality,
some events, e.g. parse, histogram timer generates event log ending with 'MicroSeconds'.
Since ProfViz can't recorgnize it, this patch cuts off 'MicroSeconds' postfix.
R=vogelheim@chromium.org, yangguo@chromium.org
BUG=chromium:
LOG=N
Review URL: https://codereview.chromium.org/1771293002
Cr-Commit-Position: refs/heads/master@{#34710}
This also runs the message test suite against Ignition. By now most of
the source positions (and exception messages) are accurate, the failing
ones have been blacklisted.
R=machenbach@chromium.org
Review URL: https://codereview.chromium.org/1783773003
Cr-Commit-Position: refs/heads/master@{#34708}
- Make separate iterator functions for TypedArrays which do a type check
(and in the future should check for detached TypedArrays)
- Share the toString method with Arrays
BUG=v8:4785
R=adamk
LOG=Y
Review URL: https://codereview.chromium.org/1780113002
Cr-Commit-Position: refs/heads/master@{#34698}
This check is guaranteed by the Promise spec and tested by test262
tests. It only has to run for subclasses. This patch adds the check
to the Promise code.
BUG=v8:4633
R=adamk
LOG=Y
Review URL: https://codereview.chromium.org/1780823003
Cr-Commit-Position: refs/heads/master@{#34693}
These flags have been on by default since version 4.9, which has been
in stable Chrome for over a week now, demonstrating that they're
here to stay.
Also moved the tests out of harmony/ and into es6/.
Review URL: https://codereview.chromium.org/1776683003
Cr-Commit-Position: refs/heads/master@{#34692}
This is because compiler.cc is awesome. There are cases where we do not
yet have a SharedFunctionInfo that can tell us whether we are compiling
a generator function, we query the FunctionLiteral instead.
R=rmcilroy@chromium.org
BUG=v8:4681
LOG=n
Review URL: https://codereview.chromium.org/1780193002
Cr-Commit-Position: refs/heads/master@{#34677}
This ensures our optimizing compilers as well as the interpreter are
never tasked with compiling the generator-resuming builtin methods. The
corresponding intrinsics for those methods are not supported and it is
not possible to provide a C++ reference implementation for them. We do
this by assigning builtin function ids to them that we can recognize
during the compiler dispatch.
Note that this also affects the interpreter, because methods having a
builtin function id assigned are not interpreted ({function_data} field
is overlapping). If this ever changes we can still do an early check in
the compiler dispatch (similar to the optimizing compilers) easily.
This applies to the following methods:
- Generator.prototype.next (calls Runtime_GeneratorNext).
- Generator.prototype.return (calls Runtime_GeneratorReturn).
- Generator.prototype.throw (calls Runtime_GeneratorThrow).
R=neis@chromium.org
BUG=v8:4681
LOG=n
Review URL: https://codereview.chromium.org/1779123003
Cr-Commit-Position: refs/heads/master@{#34675}
Make the low level assembler implementation exact and protected to disallow explicit usage.
BUG=
Review URL: https://codereview.chromium.org/1749263002
Cr-Commit-Position: refs/heads/master@{#34673}
This ensures the interpreter is not tasked with compiling generator
functions. It currently does not support suspending activations at
yielding points, but we still want to be able to activate it for the
rest of JavaScript in the meantime.
R=rmcilroy@chromium.org
BUG=v8:4681
LOG=n
Review URL: https://codereview.chromium.org/1782013002
Cr-Commit-Position: refs/heads/master@{#34672}
Only CPSR_f is supported, and then only for the flags that we actually
simulate (NZCV). This isn't currently used, but will be useful for some
tests.
BUG=
Review URL: https://codereview.chromium.org/1776933003
Cr-Commit-Position: refs/heads/master@{#34662}
Previously, optimization has been disabled because of an assertion
failure, which requires the context to be linked into the weak native
context list of the heap.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/1777883003
Cr-Commit-Position: refs/heads/master@{#34661}
Changes include:
- better test coverage for builds with snapshot
- write snapshot blobs to buffer instead of test serialization files
- renamed tests
R=machenbach@chromium.org
Review URL: https://codereview.chromium.org/1777213002
Cr-Commit-Position: refs/heads/master@{#34657}
We must close the iterator whenever the destructuring didn't exhaust it, unless an iterator operation (eg. next) threw. We do this by wrapping the iterator use in a try-catch-finally similar to the desugaring of for-of.
This is behind --harmony-iterator-close.
R=adamk@chromium.org
BUG=v8:3566
LOG=Y
Review URL: https://codereview.chromium.org/1772793002
Cr-Commit-Position: refs/heads/master@{#34654}
When an Array subclass is used as the receiver for concat, or with
certain usages of @@species, the output that's constructed is of
a different type with new slow path logic. This slow path still
made references to elements, so it's important that bounds checking
for a too-long result still be done. This patch repairs that bounds
checking.
R=cbruni
LOG=Y
BUG=chromium:592340
Review URL: https://codereview.chromium.org/1782443002
Cr-Commit-Position: refs/heads/master@{#34636}
Reading the registers' values back from the FrameDescription
should use the same offset computation as storing them into it.
The offsets must also match what the deoptimizer expects, which
is rx at offset rx.code() * kDoubleSize, even if some registers
are not saved (leaving gaps).
BUG=v8:4800
LOG=n
R=danno@chromium.org
Review URL: https://codereview.chromium.org/1769833006
Cr-Commit-Position: refs/heads/master@{#34633}
The CharacterRange constructor checks the input for validity. However,
CharacterRange::Singleton also uses the constructor and may have
kEndMarker as input, causing the check to fail.
The solution is to move the check to CharacterRange::Range and
consistently use it across the code base.
R=jkummerow@chromium.org
BUG=chromium:593282
LOG=N
Review URL: https://codereview.chromium.org/1776013003
Cr-Commit-Position: refs/heads/master@{#34626}
In case when F was called with incompatible number of arguments (and therefore
the arguments adator frame was created), F inlines a tail call of G which then
deopts the deoptimizer should also remove the arguments adaptor frame for F.
This CL adds required machinery to the deoptimizer.
BUG=v8:4698
LOG=N
Review URL: https://codereview.chromium.org/1768263004
Cr-Commit-Position: refs/heads/master@{#34610}
The current implementation does not consider the case when the context of
the control scope and the current context differ. It is possible that they are
different in some cases for example: with statements. This cl fixes this.
BUG=v8:4280,v8:4680
LOG=N
Review URL: https://codereview.chromium.org/1768123002
Cr-Commit-Position: refs/heads/master@{#34609}
After fixing the memory barrier for maps (https://codereview.chromium.org/1714513003), we are using a temp register for the map case. The temp register should not be aliased with the stored value (otherwise we perform the mem barrier check with a wrong value). This CL makes sure it is not aliased.
BUG=chromium:590074
LOG=n
Review URL: https://codereview.chromium.org/1775083002
Cr-Commit-Position: refs/heads/master@{#34607}
This CL modifies the following to be LEB128:
* Function table indices
* Import table signature indices
* Export table function indices
* Function signature param count
* br/br_if break depth
* br_table target count
* block/loop expression count
Still to do:
* Import/export names (LEB128 count + inline data)
* Data segments (LEB128 offset + size + inline data)
* Function header stuff (should seperate into function sig and body sections)
* Memory access alignment + offset (still discussing)
BUG=
R=titzer@chromium.org
Review URL: https://codereview.chromium.org/1775873002
Cr-Commit-Position: refs/heads/master@{#34603}
This mechanism was used to ensure that functions ended up as constants on the map of prototypes defined using object literals, e.g.,:
function.prototype = {
method: function() { ... }
}
Nowadays we treat prototypes specially, and make all their functions constants when an object turns prototype. Hence this special custom code isn't necessary anymore.
This also affects boilerplates that do not become prototypes. Their functions will not be constants but fields instead. Calling their methods will slow down. However, multiple instances of the same boilerplate will stay monomorphic. We'll have to see what the impact is for such objects, but preliminary benchmarks do not show this as an important regression.
BUG=chromium:593008
LOG=n
Review URL: https://codereview.chromium.org/1772423002
Cr-Commit-Position: refs/heads/master@{#34602}
The initial species protector hooked into property declaration in an
incomplete place, and missed definitions of accessors. This patch repairs
them by calling out to update the protector from an additional location.
R=adamk
CC=verwaest,cbruni
BUG=v8:4093
LOG=Y
Review URL: https://codereview.chromium.org/1746323002
Cr-Commit-Position: refs/heads/master@{#34599}
port ddc626e1cf (r34546)
original commit message:
I64Shl is lowered to a new turbofan operator, WasmWord64Shl. The new
operator takes 3 inputs, the low-word input, the high-word input, and
the shift, and produces 2 output, the low-word output and the high-word
output.
At the moment I implemented the lowering only for ia32, but I think the
CL is already big enough. I will add the other platforms in separate
CLs.
BUG=
Review URL: https://codereview.chromium.org/1773083002
Cr-Commit-Position: refs/heads/master@{#34591}
BailoutId points to the next bytecode in the bytecode array. Code offset
is set to one less than the bail out id. This would point to the end of the
current instruction. Since we use it only for summarizing the frame and to
compute the source position, it should be safe to set it to the end of current
instruction.
BUG=v8:4280, v8:4689
LOG=N
Review URL: https://codereview.chromium.org/1763783003
Cr-Commit-Position: refs/heads/master@{#34580}
This is a pure refactoring and renaming of methods in the compiler API
with the goal to increase readability. Also the compiler API is moved to
the top of the file, as it is the central piece in that file.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1766623004
Cr-Commit-Position: refs/heads/master@{#34579}
In case when F tail calls G we should also remove the potential arguments adaptor frame for F.
This CL introduces two new machine instructions ArchTailCallCodeObjectFromJSFunction and ArchTailCallJSFunctionFromJSFunction which (unlike existing ArchTailCallCodeObject and ArchTailCallJSFunction) also drop arguments adaptor frame if it exists right before jumping to the target function.
BUG=v8:4698
LOG=N
Review URL: https://codereview.chromium.org/1702423002
Cr-Commit-Position: refs/heads/master@{#34566}
Local declarations were previously encoded as an optional set of
4 uint16 values as part of the function declaration. This CL
implements the current design of moving these declarations to
a list of pairs of (type, count) that is part of the body.
R=bradnelson@chromium.org,binji@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1763433002
Cr-Commit-Position: refs/heads/master@{#34564}
The ES2015 specification requires that String.prototype.startsWith,
String.prototype.endsWith and String.prototype.includes use the IsRegExp
internal algorithm to determine whether to throw a TypeError to prevent
a RegExp from being accidentally cast to a String for those methods.
That internal algorithm checks the presence/truthiness of Symbol.match
to make its determination. This patch switches the builtins to use
this correct test, rather than checking for the [[RegExpMatcher]]
internal slot as the builtins previously did.
R=yangguo
Review URL: https://codereview.chromium.org/1762183002
Cr-Commit-Position: refs/heads/master@{#34547}
I64Shl is lowered to a new turbofan operator, WasmWord64Shl. The new
operator takes 3 inputs, the low-word input, the high-word input, and
the shift, and produces 2 output, the low-word output and the high-word
output.
At the moment I implemented the lowering only for ia32, but I think the
CL is already big enough. I will add the other platforms in separate
CLs.
R=titzer@chromium.org
Review URL: https://codereview.chromium.org/1756863002
Cr-Commit-Position: refs/heads/master@{#34546}
The CL #34376 (https://codereview.chromium.org/1740073002 ) added the Inlining test case and X87 failed at it.
The reason is:
For TEST(Inlining) test case, when level3 function is inlined, the key optimized crankshaft code will like below code normally:
............
0x21d53b7f 63 ff571b call [edi+0x1b] <----------- should call action() here
;;; <@32,#27> lazy-bailout
;;; <@36,#31> ---- B3 ----
;;; <@37,#31> gap
0x21d53b82 66 89c1 mov ecx,eax <----------- Both the inlined function’s pc_offset from DeoptimizationInputData and the pc_offset from sample stack points to here, the same pc address
............
So the TEST(Inlining) test case can get the expected inlined code entry and pass..
In fact, the exact code sequence should like the following in crankshaft:
............
0x21d53b7f 63 ff571b call [edi+0x1b] <----------- should call action()
0xxxxxxxxx xxxx GenerateBodyInstructionPost() <----------- the pc_offset from sample stack points to here
;;; <@32,#27> lazy-bailout
;;; <@36,#31> ---- B3 ----
;;; <@37,#31> gap
0x21d53b82 66 89c1 mov ecx,eax <----------- the inlined function’s pc_offset from DeoptimizationInputData points to here.
............
For most of architectures in V8, the GenerateBodyInstructionPost() is empty, so both the inlined function’s pc_offset from DeoptimizationInputData and the pc_offset from sample stack points to the same pc address .
But if some architecture has special requirement and need to put some instruction after call instruction, the GenerateBodyInstructionPost() will do that work and generate instructions, the inlined function’s pc_offset from DeoptimizationInputData and The pc_offset from sample stack will points to the different pc address, the TEST(Inlining) test case can’t get the expected inlined code entry and failed.
For all current architectures in v8, only x87 have this requirement.
After communicated with Alexei Filippov <alph@chromium.org> in E-mail, we decided to disable the Inlining test case for x87 now and try to find a solution.
BUG=
Review URL: https://codereview.chromium.org/1766263002
Cr-Commit-Position: refs/heads/master@{#34544}
HInvokeFunction and HApplyArguments instructions now support tail calling.
Inlining of calls at tail position is not supported yet and therefore still disabled.
The tail-call-megatest was modified so that the usages of "arguments" object do not disable Crankshaft.
TBR=bmeurer@chromium.org
BUG=v8:4698
LOG=N
Review URL: https://codereview.chromium.org/1760253003
Cr-Commit-Position: refs/heads/master@{#34542}
Instead of using CheckFloatEq and CheckDoubleEq directly, I introduced
a macro which first stores the expected result in a volatile variable.
Here are some comments of previous CLs:
The reason is same as the CL #31808 (issue 1430943002, X87: Change the test case for X87 float operations), please refer: https://codereview.chromium.org/1430943002/.
Here is the key comments from CL #31808
Some new test cases use CheckFloatEq(...) and CheckDoubleEq(...) function for result check. When GCC compiling the CheckFloatEq() and CheckDoubleEq() function,
those inlined functions has different behavior comparing with GCC ia32 build and x87 build.
The major difference is sse float register still has single precision rounding semantic. While X87 register has no such rounding precsion semantic when directly use register value.
The V8 turbofan JITTed has exactly same result in both X87 and IA32 port.
So we add the following sentence to do type cast to keep the same precision for RunCallInt64ToFloat32/RunCallInt64ToFloat64. Such as: volatile double expect = static_cast<float>(*i).
R=titzer@chromium.org, weiliang.lin@intel.com
Review URL: https://codereview.chromium.org/1773513002
Cr-Commit-Position: refs/heads/master@{#34534}
Introducing the KeyAccumulator accidentally removed some crucial fast-paths.
This CL starts rewriting the KeyAccumulator, step-by-step introducing the
special cases again.
BUG=chromium:545503, v8:4758
LOG=y
Review URL: https://codereview.chromium.org/1707743002
Cr-Commit-Position: refs/heads/master@{#34532}
TestNotEqualsStrict is converted to a TestEqualsStrict and logical not
by the parser. Also, CompareIC does not have an implementation for
TestNotEqualsStrict. Hence, removing this bytecode.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1768593002
Cr-Commit-Position: refs/heads/master@{#34527}
Now there is just one kind, corresponding to what was called "initial" before.
Replacement for "suspend": when the parser sees a yield in JS code, it
will turn it into a Yield node but wrap its argument in an iterator result
object. Replacement for "final": the parser simply inserts a return statement
instead.
R=littledan@chromium.org, mstarzinger@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1751613004
Cr-Commit-Position: refs/heads/master@{#34515}
For platforms that use function descriptors (currently AIX and
PPC64BE), log an external callback's entrypoint address rather than
its function descriptor address.
R=jkummerow@chromium.org, michael_dawson@ca.ibm.com
TEST=cctest/test-cpu-profiler/JsNativeJsSample
BUG=
Review URL: https://codereview.chromium.org/1752173003
Cr-Commit-Position: refs/heads/master@{#34505}
This scope is used to control microtasks execution when MicrotasksPolicy::kScoped is engaged.
Attempt #2. First one was reverted due to chromium breakage: SetAutorunMicrotasks(false) was broken.
BUG=chromium:585949
LOG=Y
TEST=ScopedMicrotasks
Review URL: https://codereview.chromium.org/1741893003
Cr-Commit-Position: refs/heads/master@{#34504}
On 32-bit systems FXXXConvertI64 instructions are compiled to calls to
C functions. The TF node for the function call is already generated in
the wasm compiler, the lowering of the I64 parameter is done in the
Int64Lowering.
R=titzer@chromium.org, yangguo@chromium.org
Review URL: https://codereview.chromium.org/1738623003
Cr-Commit-Position: refs/heads/master@{#34487}
Add StringLessThanStub, StringLessThanOrEqualStub, StringGreaterThanStub
and StringGreaterThanOrEqualStub, based on the CodeStubAssembler, and
hook them up with TurboFan (and Ignition). The stubs are currently
essentially comparable with the StringCompareStub, which is now
obsolete. We can later extend these stubs to cover more interesting
cases (i.e. two byte sequential string comparisons, etc.).
R=epertoso@chromium.org
Review URL: https://codereview.chromium.org/1765823002
Cr-Commit-Position: refs/heads/master@{#34485}
Reason for revert:
[Sheriff] Speculative. Seems to break a bunch of webkit tests and causes timeouts:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/5103
Please rebase upstream if intended.
Original issue's description:
> Introduce v8::MicrotasksScope.
>
> This scope is used to control microtasks execution when MicrotasksPolicy::kScoped is engaged.
>
> BUG=chromium:585949
> LOG=Y
> TEST=ScopedMicrotasks
>
> Committed: https://crrev.com/db77cec242dbdf8ee26da8232fa930270429f253
> Cr-Commit-Position: refs/heads/master@{#34472}
TBR=jochen@chromium.org,adamk@chromium.org,dgozman@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:585949
Review URL: https://codereview.chromium.org/1762943002
Cr-Commit-Position: refs/heads/master@{#34480}
Frames entering of inside wasm don't have a function or context argument.
Adding distinct wasm frame and function types to express this.
Fixes a GC issue on several embenchen wasm tests, reenabling them.
BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=mjsunit/wasm/embenchen
R=titzer@chromium.org,aseemgarg@chromium.org,jfb@chromium.org,yangguo@chromium.org
LOG=N
Review URL: https://codereview.chromium.org/1764603003
Cr-Commit-Position: refs/heads/master@{#34476}
This scope is used to control microtasks execution when MicrotasksPolicy::kScoped is engaged.
BUG=chromium:585949
LOG=Y
TEST=ScopedMicrotasks
Review URL: https://codereview.chromium.org/1741893003
Cr-Commit-Position: refs/heads/master@{#34472}
ES2015 generally bans FunctionDeclarations in positions which expect a Statement,
as opposed to a StatementListItem, such as a FunctionDeclaration which constitutes
the body of a for loop. However, Annex B 3.2 and 3.4 make exceptions for labeled
function declarations and function declarations as the body of an if statement in
sloppy mode, in the latter case specifying that the semantics are as if the
function declaration occurred in a block. Chrome has historically permitted
further extensions, for the body of any flow control construct.
This patch addresses both the syntactic and semantic mismatches between V8 and
the spec. For the semantic mismatch, function declarations as the body of if
statements change from unconditionally hoisting in certain cases to acquiring
the sloppy mode function in block semantics (based on Annex B 3.3). For the
extra syntax permitted, this patch adds a flag,
--harmony-restrictive-declarations, which excludes disallowed function declaration
cases. A new UseCounter, LegacyFunctionDeclaration, is added to count how often
function declarations occur as the body of other constructs in sloppy mode. With
this patch, the code generally follows the form of the specification with respect
to parsing FunctionDeclarations, rather than allowing them in arbitrary Statement
positions, and makes it more clear where our extensions occur.
BUG=v8:4647
R=adamk
LOG=Y
Review URL: https://codereview.chromium.org/1757543003
Cr-Commit-Position: refs/heads/master@{#34470}
CallSite depends on using the function name to get ahold of the property
name from which an exception was thrown. This fix properly handles the
ES2015 names for getters and setters. The new tests pass both with
--harmony-function-name off and on.
BUG=v8:3699
LOG=n
Review URL: https://codereview.chromium.org/1751403004
Cr-Commit-Position: refs/heads/master@{#34469}
This CL fixes the bugs caused by the following CL:
50a394d -- MIPS64: Fix 'MIPS: use DAHI/DATH for li macro on mips64r6.'
Port 1f5b84e467
MIPS: use DAHI/DATH for li macro on mips64r6.
LUI instruction would sign extend into higher 32bits, in that case we might need to use DAHI, DATI to overwrite the extension.
The bug will occur when we are loading some addresses such as 0x00007fffffffxxxx.
BUG=
TEST=test-run-native-calls/Run_Int32_Select_*, test-run-native-calls/Run_Int32_WeightedSum_*, test-run-native-calls/Run_Int32_WeightedSum_*, test-run-native-calls/Run_Int32_Select_*
Review URL: https://codereview.chromium.org/1763733002
Cr-Commit-Position: refs/heads/master@{#34467}
Sets the code up so it'll be easier to have section names as strings instead of
hard-coded numbers. Using strings will require synchronizing with sexpr-wasm.
Mostly NFC (besides now skipping *all* unknown sections).
R=titzer@chromium.org
Review URL: https://codereview.chromium.org/1743773002
Cr-Commit-Position: refs/heads/master@{#34464}
These new stubs perform exactly the same job as the string equality case
for the CompareIC, but are platform independent and usable outside of
fullcodegen and Crankshaft. We use them in the StrictEqualStub and the
StrictNotEqualStub instead of falling back to the runtime immediately
for String comparisons, and we also use them in TurboFan to perform
String equality or inequality comparisons.
These stubs currently handle only internalized and one byte strings w/o
going to C++, but it should be easy to add support for more string cases
later, i.e. utilizing already flattened cons strings or comparing two
byte strings as well.
Review URL: https://codereview.chromium.org/1761823002
Cr-Commit-Position: refs/heads/master@{#34459}
