hpayer [Mon, 17 Aug 2015 15:24:13 +0000 (08:24 -0700)]
Filter out slot buffer slots, that point to SMIs in dead objects.
The following situation may happen which reproduces this bug:
(1) We allocate JSObject A on an evacuation candidate.
(2) We allocate JSObject B on a non-evacuation candidate.
(3) Incremental marking starts and marks object A and B.
(4) We create a reference from B.field = A; which records the slot B.field since A is on an evacuation candidate.
(5) After that we write a SMI into B.field.
(6) After that B goes into dictionary mode and shrinks its original size. B.field is now outside of the JSObject, i.e B.field is in memory that will be freed by the sweeper threads.
(7) GC is triggered.
(8) BUG: Slots buffer filtering walks over the slots buffer, SMIs are not filtered out because we assumed that SMIs are just ignored when the slots get updated later. However, recorded SMI slots of dead objects may be overwritten by double values at evacuation time.
(9) During evacuation, a heap number that looks like a valid pointer is moved over B.field.
(10) The slots buffer is scanned for updates, follows B.field since it looks like a pointer (the double value looks like a pointer), and crashes.
BUG=chromium:519577,chromium:454297
LOG=y
Review URL: https://codereview.chromium.org/
1286343004
Cr-Commit-Position: refs/heads/master@{#30200}
yangguo [Mon, 17 Aug 2015 15:08:20 +0000 (08:08 -0700)]
Remove property loads from js builtins objects from runtime.
R=cbruni@chromium.org
Review URL: https://codereview.chromium.org/
1293113002
Cr-Commit-Position: refs/heads/master@{#30199}
vogelheim [Mon, 17 Aug 2015 13:59:40 +0000 (06:59 -0700)]
Default-enable external startup snapshot for, like, everywhere.
BUG=
Review URL: https://codereview.chromium.org/
1209223005
Cr-Commit-Position: refs/heads/master@{#30198}
titzer [Mon, 17 Aug 2015 13:56:11 +0000 (06:56 -0700)]
[turbofan] Handle void return in simplified-lowering.cc.
R=jarin@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
1296933002
Cr-Commit-Position: refs/heads/master@{#30197}
jkummerow [Mon, 17 Aug 2015 13:26:28 +0000 (06:26 -0700)]
[test] Remove FLAG_always_opt special case in NotifyDeoptimized
Always unlink optimized code on deopt, even when FLAG_always_opt is present, because assumptions that the code made could have become invalid.
BUG=v8:4375
LOG=n
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/
1284103006
Cr-Commit-Position: refs/heads/master@{#30196}
mstarzinger [Mon, 17 Aug 2015 13:13:32 +0000 (06:13 -0700)]
Remove grab-bag includes of v8.h from heap.
R=mlippautz@chromium.org
Review URL: https://codereview.chromium.org/
1291833003
Cr-Commit-Position: refs/heads/master@{#30195}
mstarzinger [Mon, 17 Aug 2015 13:09:29 +0000 (06:09 -0700)]
[heap] Simplify MarkingDeque implementation.
This removes the dependency of the MarkingDeque on the underlying
collector by moving out the live bytes accounting and object color
mutations into a wrapper. The MarkingDeque can now be split into a
separate file.
R=hpayer@chromium.org
Review URL: https://codereview.chromium.org/
1293773002
Cr-Commit-Position: refs/heads/master@{#30194}
danno [Mon, 17 Aug 2015 12:43:59 +0000 (05:43 -0700)]
[turbofan]: Fix bug in register hinting
Previously, UsePositions for Phis that are constant LiveRanges which are also used
as hints for other USePositions would always force-allocate the first register in
the allocatable register file to that range.
Review URL: https://codereview.chromium.org/
1289313003
Cr-Commit-Position: refs/heads/master@{#30193}
rossberg [Mon, 17 Aug 2015 12:01:55 +0000 (05:01 -0700)]
[es6] Implement default parameters
Based on caitp's https://codereview.chromium.org/
1127063003/
R=adamk@chromium.org, littledan@chromium.org
BUG=v8:2160
LOG=N
Review URL: https://codereview.chromium.org/
1287063004
Cr-Commit-Position: refs/heads/master@{#30192}
jianghua.yjh [Mon, 17 Aug 2015 11:30:30 +0000 (04:30 -0700)]
fix StrDup memory leak in CcTest
BUG=
Review URL: https://codereview.chromium.org/
1287023002
Cr-Commit-Position: refs/heads/master@{#30191}
rmcilroy [Mon, 17 Aug 2015 11:24:34 +0000 (04:24 -0700)]
[Interpreter] Move interpreter initialization until after snapshot deserialization.
The interpreter needs to be initialized after the snapshot has been deserialized.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/
1290883004
Cr-Commit-Position: refs/heads/master@{#30190}
yangguo [Mon, 17 Aug 2015 11:02:31 +0000 (04:02 -0700)]
Do not use js builtins object when constructing an error.
R=cbruni@chromium.org
Review URL: https://codereview.chromium.org/
1295093002
Cr-Commit-Position: refs/heads/master@{#30189}
yangguo [Mon, 17 Aug 2015 11:00:43 +0000 (04:00 -0700)]
Add DCHECK that the script context table do not contain native scripts.
This is to prevent unnecessary script contexts to be created for
native scripts, which could end up with a script context table
containing twenty script contexts for a newly created native context.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
1301533002
Cr-Commit-Position: refs/heads/master@{#30188}
mstarzinger [Mon, 17 Aug 2015 09:42:26 +0000 (02:42 -0700)]
Remove grab-bag includes of v8.h from architecture ports.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/
1299563003
Cr-Commit-Position: refs/heads/master@{#30187}
bmeurer [Mon, 17 Aug 2015 08:01:55 +0000 (01:01 -0700)]
[runtime] Unify and fix the strict equality comparison.
Add Object::StrictEquals to unify the implementation of strict equality
comparison in the runtime and the api (the api was already missing a
case for SIMD). Now we (almost) have a single bottleneck for strict
equality, we just need to reduce the amount of unnecessary complexity
for the code stub.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/
1298603002
Cr-Commit-Position: refs/heads/master@{#30186}
chunyang.dai [Mon, 17 Aug 2015 00:40:28 +0000 (17:40 -0700)]
X87: Realize IWYU pattern for frames-inl.h header.
port
19a49abf02dfac722dc8c5079aba9d73fcd60725 (r30127).
original commit message:
BUG=
Review URL: https://codereview.chromium.org/
1286143009
Cr-Commit-Position: refs/heads/master@{#30185}
caitpotter88 [Sat, 15 Aug 2015 17:57:01 +0000 (10:57 -0700)]
[parser] make kInvalidLhsInFor a SyntaxError
Second item in section 13.7.5.1 states that the error should be a
SyntaxError, when previously CheckAndRewriteReferenceExpression
would always emit a ReferenceError.
BUG=v8:4373
R=adamk, rossberg
LOG=N
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Review URL: https://codereview.chromium.org/
1292393002
Cr-Commit-Position: refs/heads/master@{#30184}
domenic [Fri, 14 Aug 2015 18:47:46 +0000 (11:47 -0700)]
Put V8 extras into the snapshot
Previously, all extras were "experimental" and left out of the snapshot. This
patch moves them to the snapshot, so now all extras are non-experimental. A
future patch will re-introduce experimental extras as part of the linked bug.
R=yangguo@chromium.org
BUG=https://code.google.com/p/chromium/issues/detail?id=507137
LOG=Y
Review URL: https://codereview.chromium.org/
1289603002
Cr-Commit-Position: refs/heads/master@{#30183}
chunyang.dai [Fri, 14 Aug 2015 16:02:22 +0000 (09:02 -0700)]
Add per-file OWNERS for x87-specific cctests.
BUG=
Review URL: https://codereview.chromium.org/
1290963005
Cr-Commit-Position: refs/heads/master@{#30182}
yangguo [Fri, 14 Aug 2015 15:12:34 +0000 (08:12 -0700)]
Clean up native context slots and add new ones.
Newly added native context slots are used to avoid accessing
the js builtins object to get native functions.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
1294583006
Cr-Commit-Position: refs/heads/master@{#30181}
mstarzinger [Fri, 14 Aug 2015 15:09:27 +0000 (08:09 -0700)]
Remove grab-bag includes of v8.h from regexp engine.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/
1294783002
Cr-Commit-Position: refs/heads/master@{#30180}
ofrobots [Fri, 14 Aug 2015 14:51:51 +0000 (07:51 -0700)]
New flag --perf_basic_prof_only_functions
Restricts linux perf-event code range reporting to functions only (i.e. on
stubs.) While this makes the gathered ticks less accurate, it reduces the
growth of the /tmp/perf-${pid}.map file.
BUG=v8:3453
R=hablich@chromium.org,danno@chromium.org
LOG=N
Review URL: https://codereview.chromium.org/
1292743002
Cr-Commit-Position: refs/heads/master@{#30179}
mstarzinger [Fri, 14 Aug 2015 13:33:32 +0000 (06:33 -0700)]
Remove grab-bag includes of v8.h from IC subsystem.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
1293793002
Cr-Commit-Position: refs/heads/master@{#30178}
jkummerow [Fri, 14 Aug 2015 13:09:36 +0000 (06:09 -0700)]
[serializer] Move WeakFixedArray compaction to separate heap walk phase
This avoids discovering and compacting the same array repeatedly. No change in resulting snapshots intended.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/
1290393002
Cr-Commit-Position: refs/heads/master@{#30177}
titzer [Fri, 14 Aug 2015 13:07:27 +0000 (06:07 -0700)]
[turbofan] Gracefully handle missing info()->context() in CodeGenerator::IsMaterializableFromFrame()
R=mstarzinger@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
1292233004
Cr-Commit-Position: refs/heads/master@{#30176}
yangguo [Fri, 14 Aug 2015 12:34:45 +0000 (05:34 -0700)]
Do not export natives to runtime via js builtins object.
Using a temporary container object instead.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
1293493003
Cr-Commit-Position: refs/heads/master@{#30175}
vogelheim [Fri, 14 Aug 2015 12:11:29 +0000 (05:11 -0700)]
Rework startup-data-util.
- Make the API look like v8::V8::InitializeICU.
(That is: A static method call, not an object to be created on the stack.)
- Fix path separator on Windows, by calling base::OS::isPathSeparator.
- Move into API, so that it can be called by hello-world & friends.
- Actually call it from hello-world and friends.
R=jochen@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
1292053002
Cr-Commit-Position: refs/heads/master@{#30174}
yangguo [Fri, 14 Aug 2015 10:22:16 +0000 (03:22 -0700)]
No longer use js builtins object as receiver for calls into JS.
This is no longer necessary. Everything the callee needs should
be in its context chain.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
1289203003
Cr-Commit-Position: refs/heads/master@{#30173}
mstarzinger [Fri, 14 Aug 2015 09:41:32 +0000 (02:41 -0700)]
Remove grab-bag includes of v8.h from several files.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/
1297583002
Cr-Commit-Position: refs/heads/master@{#30172}
mstarzinger [Fri, 14 Aug 2015 08:48:11 +0000 (01:48 -0700)]
Make some foo.h headers usable without foo-inl.h header.
This CL is a pure refactoring that makes an empty compilation unit
including just "foo.h" but not "foo-inl.h" compile without warnings or
errors. This is needed to further reduce the header dependency tangle.
This realizes above state for "spaces.h" and "mark-compact.h".
R=hpayer@chromium.org
Review URL: https://codereview.chromium.org/
1288413002
Cr-Commit-Position: refs/heads/master@{#30171}
yangguo [Fri, 14 Aug 2015 07:36:36 +0000 (00:36 -0700)]
Debugger: simplify calling into Javascript.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
1292533003
Cr-Commit-Position: refs/heads/master@{#30170}
v8-autoroll [Fri, 14 Aug 2015 03:25:40 +0000 (20:25 -0700)]
Update V8 DEPS.
Rolling v8/build/gyp to
6ee91ad8659871916f9aa840d42e1513befdf638
TBR=machenbach@chromium.org
Review URL: https://codereview.chromium.org/
1292633003
Cr-Commit-Position: refs/heads/master@{#30169}
adamk [Thu, 13 Aug 2015 19:10:59 +0000 (12:10 -0700)]
Align PreParser for loop early error-checking with Parser
R=rossberg@chromium.org
Review URL: https://codereview.chromium.org/
1290193003
Cr-Commit-Position: refs/heads/master@{#30168}
rossberg [Thu, 13 Aug 2015 18:36:34 +0000 (11:36 -0700)]
[es6] Remove redundant flag parameter
R=adamk@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
1286133003
Cr-Commit-Position: refs/heads/master@{#30167}
adamk [Thu, 13 Aug 2015 18:06:04 +0000 (11:06 -0700)]
[es6] Make assignment to new.target an early ReferenceError
In doing so, fix calls CheckAndRewriteReferenceExpression to take proper
start and end positions (instead of just pointing at the first token in
the LHS expression).
BUG=v8:4370
LOG=n
Review URL: https://codereview.chromium.org/
1290013002
Cr-Commit-Position: refs/heads/master@{#30166}
rmcilroy [Thu, 13 Aug 2015 17:39:21 +0000 (10:39 -0700)]
[interpreter]: Fix interpreter handler table initialization.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/
1288893003
Cr-Commit-Position: refs/heads/master@{#30165}
mlippautz [Thu, 13 Aug 2015 17:22:47 +0000 (10:22 -0700)]
[api] Do not force external GCs when only trying to synchronously process phantom callbacks
Improves on
aec8987b5ee55fa46b90b58927e957a4e5f19c09 by not forcing external GCs
(blink) through the GC epilogue callback.
BUG=chromium:515795
LOG=N
Review URL: https://codereview.chromium.org/
1287323002
Cr-Commit-Position: refs/heads/master@{#30164}
oth [Thu, 13 Aug 2015 17:11:25 +0000 (10:11 -0700)]
[Interpreter] Register conversion fix and test.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/
1294523002
Cr-Commit-Position: refs/heads/master@{#30163}
yangguo [Thu, 13 Aug 2015 16:26:02 +0000 (09:26 -0700)]
Debugger: remove duplicate heap iterations.
R=mlippautz@chromium.org
Review URL: https://codereview.chromium.org/
1291043002
Cr-Commit-Position: refs/heads/master@{#30162}
mstarzinger [Thu, 13 Aug 2015 15:30:04 +0000 (08:30 -0700)]
Remove inline header includes from non-inline headers (2).
This tries to remove includes of "-inl.h" headers from normal ".h"
headers, thereby reducing the chance of any cyclic dependencies and
decreasing the average size of our compilation units.
Note that this change still leaves 5 violations of that rule in the
code. It only tackles "node.h" including "types-inl.h".
R=titzer@chromium.org
Review URL: https://codereview.chromium.org/
1288053004
Cr-Commit-Position: refs/heads/master@{#30161}
adamk [Thu, 13 Aug 2015 15:24:30 +0000 (08:24 -0700)]
Remove old webkit Object-getOwnPropertyNames test
This test enumerates properties on all the builtins and makes sure that
they never change. In practice, this just generates busywork when trying
to add new language features; I've never seen it catch an
accidentally-exposed bit of API.
Review URL: https://codereview.chromium.org/
1275423006
Cr-Commit-Position: refs/heads/master@{#30160}
paul.lind [Thu, 13 Aug 2015 14:27:05 +0000 (07:27 -0700)]
MIPS64: Fix InterpreterEntryTrampoline().
Was incorrectly loading BytecodeArray::kFrameSizeOffset as 64-bit int.
TEST=cctest/test-interpreter/TestInterpreterReturn
BUG=
Review URL: https://codereview.chromium.org/
1286343002
Cr-Commit-Position: refs/heads/master@{#30159}
mstarzinger [Thu, 13 Aug 2015 14:02:22 +0000 (07:02 -0700)]
Make some foo.h headers usable without foo-inl.h header.
This CL us a pure refactoring that makes an empty compilation unit
including just "foo.h" but not "foo-inl.h" compile without warnings or
errors. This is needed to further reduce the header dependency tangle.
R=rossberg@chromium.org
Review URL: https://codereview.chromium.org/
1290743005
Cr-Commit-Position: refs/heads/master@{#30158}
titzer [Thu, 13 Aug 2015 13:33:04 +0000 (06:33 -0700)]
[turbofan] Propagate representation information from call descriptors in SimplifiedLowering.
R=jarin@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
1292033002
Cr-Commit-Position: refs/heads/master@{#30157}
chunyang.dai [Thu, 13 Aug 2015 13:31:55 +0000 (06:31 -0700)]
X87: [compiler] Remove broken support for undetectable strings.
port
b62dbf1efdec68ae709b0e91d3b7c13171b720c9 (r30132).
original commit messge:
Support for undetectable strings was officially dropped in
https://codereview.chromium.org/
916753002, but the compilers
weren't fixed properly.
BUG=
Review URL: https://codereview.chromium.org/
1287173002
Cr-Commit-Position: refs/heads/master@{#30156}
bmeurer [Thu, 13 Aug 2015 13:06:45 +0000 (06:06 -0700)]
Revert of [runtime] Remove useless IN builtin. (patchset #2 id:20001 of https://codereview.chromium.org/
1295433002/ )
Reason for revert:
Breaks win32 nosnap
Original issue's description:
> [runtime] Remove useless IN builtin.
>
> Similar to DELETE, the IN builtin is just a thin wrapper for %HasElement
> and %HasProperty anyway, and cannot be optimized, plus it had a weird
> special fast case (which also involved at least one LOAD_IC plus some
> intrinsic magic).
>
> R=yangguo@chromium.org,jarin@chromium.org
>
> Committed: https://crrev.com/
72d60a1e80e81e2e68ca402665e2acbc46c5e471
> Cr-Commit-Position: refs/heads/master@{#30154}
TBR=yangguo@chromium.org,jarin@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review URL: https://codereview.chromium.org/
1288923002
Cr-Commit-Position: refs/heads/master@{#30155}
bmeurer [Thu, 13 Aug 2015 12:39:03 +0000 (05:39 -0700)]
[runtime] Remove useless IN builtin.
Similar to DELETE, the IN builtin is just a thin wrapper for %HasElement
and %HasProperty anyway, and cannot be optimized, plus it had a weird
special fast case (which also involved at least one LOAD_IC plus some
intrinsic magic).
R=yangguo@chromium.org,jarin@chromium.org
Review URL: https://codereview.chromium.org/
1295433002
Cr-Commit-Position: refs/heads/master@{#30154}
yangguo [Thu, 13 Aug 2015 12:09:30 +0000 (05:09 -0700)]
Revert of Debugger: use a Map to cache mirrors. (patchset #1 id:1 of https://codereview.chromium.org/
1287243002/ )
Reason for revert:
Several nosnap and custom snapshot failures.
Original issue's description:
> Debugger: use a Map to cache mirrors.
>
> This makes mirror cache lookup O(1) instead of O(n).
> The downside is that the lookup via handle is O(n). This
> is fine because handles are only used in the JSON api,
> which is not used by Chrome and on death row.
>
> Committed: https://crrev.com/
890b1dfca84d9dfecdcfc56517ef541076c6eb1d
> Cr-Commit-Position: refs/heads/master@{#30150}
TBR=bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review URL: https://codereview.chromium.org/
1292023002
Cr-Commit-Position: refs/heads/master@{#30153}
mstarzinger [Thu, 13 Aug 2015 11:49:01 +0000 (04:49 -0700)]
Make object.h usable without object-inl.h header.
This CL us a pure refactoring that makes an empty compilation unit
including just "object.h" but not "object-inl.h" compile without
warnings or errors. This is needed to further reduce the header
dependency tangle.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
1286403002
Cr-Commit-Position: refs/heads/master@{#30152}
rmcilroy [Thu, 13 Aug 2015 11:27:54 +0000 (04:27 -0700)]
[interpreter]: Update BytecodeArrayBuilder register handling.
Modifies the BytecodeArrayBuilder to create register operands which are
negative. This reduces the number of instructions to access registers
by the interpreter and allows us to use positive register operands to
access parameter values.
Adds a Register class to keep register usage typesafe and simplify the
convertion to bytecode operand values.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/
1283313003
Cr-Commit-Position: refs/heads/master@{#30151}
yangguo [Thu, 13 Aug 2015 10:49:04 +0000 (03:49 -0700)]
Debugger: use a Map to cache mirrors.
This makes mirror cache lookup O(1) instead of O(n).
The downside is that the lookup via handle is O(n). This
is fine because handles are only used in the JSON api,
which is not used by Chrome and on death row.
Review URL: https://codereview.chromium.org/
1287243002
Cr-Commit-Position: refs/heads/master@{#30150}
yangguo [Thu, 13 Aug 2015 10:19:55 +0000 (03:19 -0700)]
Debugger: do not expose global object.
Review URL: https://codereview.chromium.org/
1290063002
Cr-Commit-Position: refs/heads/master@{#30149}
bmeurer [Thu, 13 Aug 2015 09:41:36 +0000 (02:41 -0700)]
[runtime] Remove useless DELETE builtin.
The DELETE builtin calls through to %DeleteProperty anyway, so we
can as well skip the builtin completely and always call into the
runtime directly. Also add different entries depending on whether
calling code is in sloppy or strict/strong mode.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/
1291973002
Cr-Commit-Position: refs/heads/master@{#30148}
Benedikt Meurer [Thu, 13 Aug 2015 07:35:25 +0000 (09:35 +0200)]
Add more OWNERS for components.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/
1293453002 .
Cr-Commit-Position: refs/heads/master@{#30147}
bmeurer [Thu, 13 Aug 2015 07:05:07 +0000 (00:05 -0700)]
[strong] Simplify (and sortof optimize) string addition for strong mode.
In strong mode, whenever either operand to an addition is a string, both
must be strings, so we can just use a simple string map check instead of
the STRING_ADD_LEFT / STRING_ADD_RIGHT machinery, which tries to do sloppy
and strict mode conversions before giving up.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/
1287203002
Cr-Commit-Position: refs/heads/master@{#30146}
yangguo [Thu, 13 Aug 2015 06:56:30 +0000 (23:56 -0700)]
Revert of Group lexical context variables for faster look up. (patchset #2 id:20001 of https://codereview.chromium.org/
1281883002/ )
Reason for revert:
This performance hack is no longer necessary.
Original issue's description:
> Group lexical context variables for faster look up.
>
> Currently, looking up a lexical context variable requires looking up
> the variable name and then checking its mode. This can be a bottleneck
> in Runtime_DeclareGlobals, even when no lexical context variables are
> declared.
>
> R=rossberg@chromium.org
> BUG=crbug:517778
> LOG=N
>
> Committed: https://crrev.com/
a45ed17bb6aca02e940f13bbf456d660cccc86ae
> Cr-Commit-Position: refs/heads/master@{#30075}
TBR=rossberg@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=crbug:517778
Review URL: https://codereview.chromium.org/
1290053002
Cr-Commit-Position: refs/heads/master@{#30145}
yangguo [Thu, 13 Aug 2015 06:55:21 +0000 (23:55 -0700)]
Move regexp implementation into its own folder.
Review URL: https://codereview.chromium.org/
1285163003
Cr-Commit-Position: refs/heads/master@{#30144}
titzer [Thu, 13 Aug 2015 05:29:51 +0000 (22:29 -0700)]
Add tests for float32/float64 parameters/returns passed in float32/float64 registers.
R=mstarzinger@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
1291553005
Cr-Commit-Position: refs/heads/master@{#30143}
v8-autoroll [Thu, 13 Aug 2015 03:26:41 +0000 (20:26 -0700)]
Update V8 DEPS.
Rolling v8/third_party/android_tools to
5722f90e94d02a8dc17b6edb93ead6839d5afcee
TBR=machenbach@chromium.org
Review URL: https://codereview.chromium.org/
1290773008
Cr-Commit-Position: refs/heads/master@{#30142}
littledan [Wed, 12 Aug 2015 23:42:07 +0000 (16:42 -0700)]
Stage sloppy classes
This patch puts --harmony-sloppy into staging. Now that let, lexically-scoped
functions and ES2015 sloppy mode const semantics have been split off into
separate flags, the change only enables classes in sloppy mode.
BUG=v8:3305
R=adamk
LOG=Y
Review URL: https://codereview.chromium.org/
1288153003
Cr-Commit-Position: refs/heads/master@{#30141}
littledan [Wed, 12 Aug 2015 18:42:48 +0000 (11:42 -0700)]
Add class to existing lexical scoping tests
This patch strengthens testing of classes by verifying that the binding
that they export externally follows block scoping, as opposed to var-style
scoping. The tests are based on existing tests for let and const.
R=adamk
LOG=N
BUG=v8:3305
Review URL: https://codereview.chromium.org/
1286923002
Cr-Commit-Position: refs/heads/master@{#30140}
jfb [Wed, 12 Aug 2015 16:57:52 +0000 (09:57 -0700)]
Security: disable nontemporals.
The operations were available on ARM64 and x86-32 but were unused.
It has been conjectured that nontemporals can be used for rowhammer-like bitflips more easily than regular load/store operations. It is therefore desirable to avoid generating these instructions in the future.
R= titzer, jochen, jln, Mark Seaborn, ruiq
Review URL: https://codereview.chromium.org/
1276113002
Cr-Commit-Position: refs/heads/master@{#30139}
binji [Wed, 12 Aug 2015 16:44:13 +0000 (09:44 -0700)]
[Atomics] Fix compile failure in clang/win build in runtime-atomics.cc
BUG=v8:4366
LOG=n
Review URL: https://codereview.chromium.org/
1287543004
Cr-Commit-Position: refs/heads/master@{#30138}
adamk [Wed, 12 Aug 2015 16:43:06 +0000 (09:43 -0700)]
[api] Delete non-maybe version of CompileModule
Also add a bigger warning to the header comment for the Maybe version.
R=jochen@chromium.org
Review URL: https://codereview.chromium.org/
1276353003
Cr-Commit-Position: refs/heads/master@{#30137}
yangguo [Wed, 12 Aug 2015 14:22:07 +0000 (07:22 -0700)]
Debugger: load debugger builtins as normal native JS.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
1282793002
Cr-Commit-Position: refs/heads/master@{#30136}
bmeurer [Wed, 12 Aug 2015 13:44:06 +0000 (06:44 -0700)]
[runtime] Remove useless %_IsUndetectableObject intrinsic.
Instead of using a sequence
if (something == null && !IS_UNDETECTABLE(something))) { ... }
which will be true if something is either null or undefined, it is
way simpler and way more efficient to just write
if (something === null || something === (void 0)) { ... }
instead, which allows the compiler(s) to generate pretty decent code
without any need to resort to type feedback from a CompareNil IC.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/
1288623003
Cr-Commit-Position: refs/heads/master@{#30135}
yangguo [Wed, 12 Aug 2015 13:06:03 +0000 (06:06 -0700)]
Do not save script object on the class constructor.
We don't need it, as we can grab it from the shared function info.
Having it triggers an assertion if we define classes in native JS.
R=bmeurer@chromium.org, rossberg@chromium.org
Review URL: https://codereview.chromium.org/
1290703002
Cr-Commit-Position: refs/heads/master@{#30134}
yangguo [Wed, 12 Aug 2015 12:26:30 +0000 (05:26 -0700)]
Add to full-codegen/OWNERS.
TBR=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
1287853004
Cr-Commit-Position: refs/heads/master@{#30133}
bmeurer [Wed, 12 Aug 2015 12:01:21 +0000 (05:01 -0700)]
[compiler] Remove broken support for undetectable strings.
Support for undetectable strings was officially dropped in
https://codereview.chromium.org/
916753002, but the compilers
weren't fixed properly.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/
1287983002
Cr-Commit-Position: refs/heads/master@{#30132}
mstarzinger [Wed, 12 Aug 2015 11:14:02 +0000 (04:14 -0700)]
Remove grab-bag includes of v8.h from debugger.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/
1283023002
Cr-Commit-Position: refs/heads/master@{#30131}
mstarzinger [Wed, 12 Aug 2015 11:12:53 +0000 (04:12 -0700)]
Remove grab-bag includes of v8.h from full codegen.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/
1283653004
Cr-Commit-Position: refs/heads/master@{#30130}
bmeurer [Wed, 12 Aug 2015 11:11:32 +0000 (04:11 -0700)]
[runtime] Simplify CHECK_OBJECT_COERCIBLE.
Don't use IS_NULL_OR_UNDEFINED() for CHECK_OBJECT_COERCIBLE() because it
will also return true for undetectable objects, but use IS_NULL() and
IS_UNDEFINED() directly, which will only return true for null or
undefined (which matches the semantics of the abstract operation
CheckObjectCoercible).
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/
1287033002
Cr-Commit-Position: refs/heads/master@{#30129}
yangguo [Wed, 12 Aug 2015 10:55:48 +0000 (03:55 -0700)]
Add more OWNERS and set noparent for some sub-directories.
R=danno@chromium.org
Review URL: https://codereview.chromium.org/
1285543002
Cr-Commit-Position: refs/heads/master@{#30128}
mstarzinger [Wed, 12 Aug 2015 10:28:34 +0000 (03:28 -0700)]
Realize IWYU pattern for frames-inl.h header.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
1283183002
Cr-Commit-Position: refs/heads/master@{#30127}
mstarzinger [Wed, 12 Aug 2015 08:00:08 +0000 (01:00 -0700)]
Make list constructor usable without list-inl.h header.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
1289553002
Cr-Commit-Position: refs/heads/master@{#30126}
mstarzinger [Wed, 12 Aug 2015 07:32:36 +0000 (00:32 -0700)]
Remove inline header includes from non-inline headers (1).
This tries to remove includes of "-inl.h" headers from normal ".h"
headers, thereby reducing the chance of any cyclic dependencies and
decreasing the average size of our compilation units.
Note that this change still leaves 7 violations of that rule in the
code. However there now is the "tools/check-inline-includes.sh" tool
detecting such violations.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
1283033003
Cr-Commit-Position: refs/heads/master@{#30125}
yangguo [Wed, 12 Aug 2015 07:30:24 +0000 (00:30 -0700)]
Debugger: correctly ensure debug info in Debug::Break.
R=bmeurer@chromium.org
BUG=chromium:517594
LOG=N
Review URL: https://codereview.chromium.org/
1286143002
Cr-Commit-Position: refs/heads/master@{#30124}
thestig [Wed, 12 Aug 2015 04:40:21 +0000 (21:40 -0700)]
[turbofan] LoadGlobalParameters::slot_index() should just return an int.
Clang says: warning: 'const' type qualifier on return type has no effect
[-Wignored-qualifiers]
Review URL: https://codereview.chromium.org/
1284013003
Cr-Commit-Position: refs/heads/master@{#30123}
littledan [Tue, 11 Aug 2015 23:59:47 +0000 (16:59 -0700)]
Split function block scoping into a separate flag
In an initial attempt to implement sloppy mode lexical bindings,
functions were made lexically scoped in sloppy mode. However, the
ES2015 spec says that they need an additional hoisted var binding,
and further, it's not clear when we'll implement that behavior
or whether it's web-compatible.
This patch splits off function block scoping into a new, separate
flag called --harmony_sloppy_function. This change will enable the
possibility of testing and shipping this feature separately from
other block scoping-related features which don't have the same risks.
BUG=v8:4285
R=adamk
LOG=N
Review URL: https://codereview.chromium.org/
1282093002
Cr-Commit-Position: refs/heads/master@{#30122}
domenic [Tue, 11 Aug 2015 22:00:44 +0000 (15:00 -0700)]
Stage --harmony-array-includes
BUG=v8:3575
R=adamk@chromium.org, rossberg@chromium.org
LOG=Y
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Review URL: https://codereview.chromium.org/
1283963002
Cr-Commit-Position: refs/heads/master@{#30121}
littledan [Tue, 11 Aug 2015 21:30:26 +0000 (14:30 -0700)]
Use a new lexical context for sloppy-mode eval
In ES6, direct eval() in sloppy mode uses the enclosing function-level
("var") scope for var-style bindings and a new lexical scope for lexical
bindings like let and class. This patch implements that feature by making
lexical bindings that are directly within an EVAL_SCOPE be on the local
scope rather than the enclosing one.
BUG=v8:4288
LOG=Y
R=adamk
Review URL: https://codereview.chromium.org/
1274193004
Cr-Commit-Position: refs/heads/master@{#30120}
bmeurer [Tue, 11 Aug 2015 19:36:04 +0000 (12:36 -0700)]
[runtime] Store constructor function index on primitive maps.
This way we can greatly simplify the different variants of ToObject in
our codebase and make them more uniform and robust. Adding a new
primitive doesn't require finding and changing all those places again,
but it is sufficient to setup the constructor function index when
allocating the map.
We use the inobject properties field of Map, which is invalid primitive
maps anyway.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
1276533003
Cr-Commit-Position: refs/heads/master@{#30119}
littledan [Tue, 11 Aug 2015 18:43:34 +0000 (11:43 -0700)]
Delete outdated comment about a bug which was fixed three years ago
R=adamk
BUG=chromium:135066
LOG=N
Review URL: https://codereview.chromium.org/
1279203002
Cr-Commit-Position: refs/heads/master@{#30118}
domenic [Tue, 11 Aug 2015 17:55:07 +0000 (10:55 -0700)]
Add includes method to typed arrays
R=littledan@chromium.org, adamk@chromium.org
BUG=v8:3575
LOG=Y
Review URL: https://codereview.chromium.org/
1283703004
Cr-Commit-Position: refs/heads/master@{#30117}
adamk [Tue, 11 Aug 2015 17:03:23 +0000 (10:03 -0700)]
run-tests.py: warn when no tests were run
The previous approach to this (in
1b1de2d22) did not work well with
bots that intentionally run no tests. But I think this warning message
is still useful for developers.
Review URL: https://codereview.chromium.org/
1281313004
Cr-Commit-Position: refs/heads/master@{#30116}
titzer [Tue, 11 Aug 2015 15:23:04 +0000 (08:23 -0700)]
Reland: [turbofan] Various fixes to allow unboxed doubles as arguments in registers and on the stack.
OCL: https://codereview.chromium.org/
1263033004/
R=mstarzinger@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
1284893002
Cr-Commit-Position: refs/heads/master@{#30115}
hpayer [Tue, 11 Aug 2015 14:51:55 +0000 (07:51 -0700)]
Respect old generation limit in large object space allocations.
Also remove unused max_capcity_ field in old spaces.
BUG=chromium:518028,chromium:504854
LOG=n
Review URL: https://codereview.chromium.org/
1284853003
Cr-Commit-Position: refs/heads/master@{#30114}
binji [Tue, 11 Aug 2015 14:28:06 +0000 (07:28 -0700)]
Use TimeTicks instead of Time in FutexEmulation::Wait.
BUG=v8:4357
R=machenbach@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
1285723003
Cr-Commit-Position: refs/heads/master@{#30113}
vogelheim [Tue, 11 Aug 2015 13:56:15 +0000 (06:56 -0700)]
Revert of Debugger: clear shared function info list when recompiling for liveedit. (patchset #1 id:1 of https://codereview.chromium.org/
1270313003/ )
Reason for revert:
Sorry for revert, but this change breaks one of the webkit-unit-tests.
Example here: https://storage.googleapis.com/chromium-layout-test-archives/V8-Blink_Win/1178/layout-test-results/inspector/sources/debugger/live-edit-no-reveal-diff.txt
Not sure if the old expectations were right, or the new ones are. :)
Original issue's description:
> Debugger: clear shared function info list when recompiling for liveedit.
>
> R=bmeurer@chromium.org
> BUG=chromium:517594
> LOG=N
>
> Committed: https://crrev.com/
9eea3ef5147a5e15256093fb4c36a7598d60d128
> Cr-Commit-Position: refs/heads/master@{#30111}
TBR=bmeurer@chromium.org,yangguo@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:517594
Review URL: https://codereview.chromium.org/
1279613008
Cr-Commit-Position: refs/heads/master@{#30112}
yangguo [Tue, 11 Aug 2015 12:00:38 +0000 (05:00 -0700)]
Debugger: clear shared function info list when recompiling for liveedit.
R=bmeurer@chromium.org
BUG=chromium:517594
LOG=N
Review URL: https://codereview.chromium.org/
1270313003
Cr-Commit-Position: refs/heads/master@{#30111}
mstarzinger [Tue, 11 Aug 2015 12:00:01 +0000 (05:00 -0700)]
Realize IWYU pattern for handles.h header.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
1290453002
Cr-Commit-Position: refs/heads/master@{#30110}
mstarzinger [Tue, 11 Aug 2015 11:29:59 +0000 (04:29 -0700)]
[heap] Avoid inclusion of objects-visiting-inl.h header.
R=hpayer@chromium.org
Review URL: https://codereview.chromium.org/
1272933004
Cr-Commit-Position: refs/heads/master@{#30109}
bmeurer [Tue, 11 Aug 2015 10:47:24 +0000 (03:47 -0700)]
[stubs] Store typeof string on Oddballs.
First step to simplify the TypeofStub. This is similar to the
optimization that we use for ToNumber and ToString on Oddballs already.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/
1272763005
Cr-Commit-Position: refs/heads/master@{#30108}
bmeurer [Tue, 11 Aug 2015 09:45:25 +0000 (02:45 -0700)]
[simd.js] Single SIMD128_VALUE_TYPE for all Simd128Values.
There's no need to have one InstanceType per SIMD primitive type (this
will not scale long-term). Also reduce the amount of code duplication
and make it more robust wrt adding new SIMD types.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/
1273353003
Cr-Commit-Position: refs/heads/master@{#30107}
yangguo [Tue, 11 Aug 2015 09:32:27 +0000 (02:32 -0700)]
Remove redundant handle in ScopeIterator constructor.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
1286653004
Cr-Commit-Position: refs/heads/master@{#30106}
yangguo [Tue, 11 Aug 2015 09:15:27 +0000 (02:15 -0700)]
Rewrite Error.prototype.toString in C++.
This avoids many back-and-forth calls to the runtime.
This also slightly changes the way we avoid getters. Previously, we circumvent getting the name property of ReferenceError, SyntaxError and TypeError due to crbug/69187 (in order to avoid leaking information from those errors through a 'name' getter installed on their prototypes). Now we do that for all errors created by V8.
R=jkummerow@chromium.org, rossberg@chromium.org
BUG=crbug:513472, crbug:69187
LOG=N
Review URL: https://codereview.chromium.org/
1281833002
Cr-Commit-Position: refs/heads/master@{#30105}
yangguo [Tue, 11 Aug 2015 08:20:29 +0000 (01:20 -0700)]
Debugger: correctly find closure to recompile eval for debugging.
R=mstarzinger@chromium.org
BUG=chromium:517592
LOG=N
Review URL: https://codereview.chromium.org/
1285793002
Cr-Commit-Position: refs/heads/master@{#30104}
saper [Tue, 11 Aug 2015 07:48:49 +0000 (00:48 -0700)]
Use static_cast<> for NULL (clang 3.7)
The following errors come up when compiling v8
with clang 3.7 on FreeBSD/amd64:
src/runtime/runtime-i18n.cc:629:37: error: reinterpret_cast from
'nullptr_t' to 'v8::internal::Smi *' is not allowed
local_object->SetInternalField(1, reinterpret_cast<Smi*>(NULL));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
test/cctest/test-heap.cc:131:20: error: reinterpret_cast from
'nullptr_t' to 'v8::internal::Object *' is not allowed
Handle<Object> n(reinterpret_cast<Object*>(NULL), isolate);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
test/cctest/test-heap.cc:1989:18: error: reinterpret_cast from
'nullptr_t' to 'Address' (aka 'unsigned char *') is not
allowed
Address base = reinterpret_cast<Address>(NULL);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+add myself to the AUTHORS file.
BUG=
Review URL: https://codereview.chromium.org/
1277353002
Cr-Commit-Position: refs/heads/master@{#30103}
mstarzinger [Tue, 11 Aug 2015 07:34:10 +0000 (00:34 -0700)]
Remove several grab-bag includes from the v8.h header.
This is the first step of turning the v8.h file into a normal header
instead of an include-the-world header. The new rule is that no other
header files are allowed to include v8.h, which is enforced by DEPS.
Also the number of includes inside the v8.h file has been drastically
reduced. Basically the last missing piece is the inclusion of the big
objects-inl.h file.
This in turn makes many headers follow the IWYU principle.
R=bmeurer@chromium.org,hpayer@chromium.org,titzer@chromium.org
Review URL: https://codereview.chromium.org/
1282503003
Cr-Commit-Position: refs/heads/master@{#30102}
yangguo [Tue, 11 Aug 2015 06:48:25 +0000 (23:48 -0700)]
Revert of [turbofan] Various fixes to allow unboxed doubles as arguments in registers and on the stack. (patchset #7 id:120001 of https://codereview.chromium.org/
1263033004/ )
Reason for revert:
This CL breaks MIPS (roll blocker).
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20mipsel%20-%20sim/builds/2061/steps/Check/logs/Run_Int32_Select_1
Original issue's description:
> [turbofan] Various fixes to allow unboxed doubles as arguments in registers and on the stack.
>
> R=jarin@chromium.org
> BUG=
>
> Committed: https://crrev.com/
71409be5395f867bbca0f6998bf6caa175cd8192
> Cr-Commit-Position: refs/heads/master@{#30091}
TBR=jarin@chromium.org,titzer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review URL: https://codereview.chromium.org/
1284853002
Cr-Commit-Position: refs/heads/master@{#30101}