Skip to content

V
V8
Switch branch/tag
  1. 15 Mar, 2016 1 commit
    • adamk's avatar
      Remove Scope::scope_contains_with_ bit · 108efd7f
      adamk authored 
      This part of Scope has existed since V8's initial check in, but from what
I can tell it's not required to implement "with". The only tests that
depend upon it are tests of the debugger and the Scope mirrors, but the
resulting test behavior after removing the bit still seems perfectly
reasonable to me. In fact, with the included fix for scope name collection,
the scope mirror is actually improved with this change.

As a bi-product, this fixes the attached bug, about the contains_with
bit having inconsistent values in some arrow function compilation
scenarios.

BUG=chromium:592353
LOG=n
CQ_INCLUDE_TRYBOTS=tryserver.blink:linux_blink_rel

Review URL: https://codereview.chromium.org/1804783002

Cr-Commit-Position: refs/heads/master@{#34802}
      108efd7f
  3. 02 Mar, 2016 1 commit
  5. 18 Feb, 2016 2 commits
    • adamk's avatar
      Remove strong mode support from Scope and Variable · 63efda35
      adamk authored 
      This frees up one bit in FunctionKind, which I plan to make slightly
more syntactic info about functions available in SharedFunctionInfo
(needed for ES2015 Function.name support).

BUG=v8:3956, v8:4760
LOG=n

Review URL: https://codereview.chromium.org/1704223002

Cr-Commit-Position: refs/heads/master@{#34125}
      63efda35
    • rossberg's avatar
      [es6] Implement for-of iterator finalization · cb1bf4af
      rossberg authored 
      Implements iterator finalisation by desugaring for-of loops with an additional try-finally wrapper. See comment in parser.cc for details.

Also improved some AST printing facilities while there.

@Ross, I had to disable the bytecode generation test for for-of, because it got completely out of hand after this change (the new bytecode has 150+ lines). See the TODO that I assigned to you.

Patch set 1 is WIP patch by Georg (http://crrev.com/1695583003), patch set 2 relative changes.

@Georg, FYI, I changed the following:

- Moved try-finally out of the loop body, for performance, and in order to be able to handle `continue` correctly.
- Fixed scope management in ParseForStatement, which was the cause for the variable allocation failure.
- Fixed pre-existing zone initialisation bug in rewriter, which caused the crashes.
- Enabled all tests, adjusted a few others, added a couple more.

BUG=v8:2214
LOG=Y

Review URL: https://codereview.chromium.org/1695393003

Cr-Commit-Position: refs/heads/master@{#34111}
      cb1bf4af
  7. 08 Jan, 2016 1 commit
    • nikolaos's avatar
      Fix for temporaries in parameter initializers · 0406fa22
      nikolaos authored 
      This patch introduces a mechanism for changing the scope of temporary
variables, which is necessary for rewriting arrow parameter
initializers.

It also fixes a potential bug in AstExpressionVisitor, which did not
visit the automatically generated members of ForEachStatement.

Fixes test/mjsunit/harmony/regress/regress-4658.js

R=rossberg@chromium.org
BUG=v8:4658
LOG=N

Review URL: https://codereview.chromium.org/1564343002

Cr-Commit-Position: refs/heads/master@{#33183}
      0406fa22
  9. 23 Dec, 2015 1 commit
    • mvstanton's avatar
      Partial revert of rest parameter desugaring. · d3f074b2
      mvstanton authored 
      We'll be able to optimize rest parameters in TurboFan similarly to the arguments array. This CL restores the previous behavior, and a follow-on will enable TurboFan optimization.

(TBR for rossberg since we discussed the revert beforehand. The only changes are a few lines related to tests and rebasing.)

TBR=rossberg@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1537683002

Cr-Commit-Position: refs/heads/master@{#33024}
      d3f074b2
  11. 14 Dec, 2015 1 commit
    • yangguo's avatar
      [debugger] fix debug-evaluate wrt shadowed context var. · 089edbfa
      yangguo authored 
      Debug-evaluate used to resolve stack variables that shadow
context variables incorrectly, since the stack variable is
not visible in the context chain.

To fix this, we limit local variables accessible by debug-
evaluate to the ones directly referenced inside the function.
What is not referenced by the function itself, is considered
optimized out and not accessible by debug-evaluate.

To achieve this, we duplicate the entire context chain up to
the native context, and write back changes after debug-
evaluate. Changes to the original context chain will however
be overwritten. This already happens for catch and block
scopes though.

Also fix a crash caused by declaring variables inside debug-
evaluate.

R=mstarzinger@chromium.org
BUG=v8:4593
LOG=N

Review URL: https://codereview.chromium.org/1500933002

Cr-Commit-Position: refs/heads/master@{#32828}
      089edbfa
  13. 09 Dec, 2015 3 commits
  15. 02 Dec, 2015 2 commits
  17. 01 Dec, 2015 1 commit
  19. 26 Nov, 2015 1 commit
  21. 25 Nov, 2015 1 commit
  23. 24 Nov, 2015 2 commits
  25. 29 Oct, 2015 1 commit
    • adamk's avatar
      Fix eval calls in initializers of arrow function parameters · 0bdaa4d8
      adamk authored 
      This requires copying usage flags from the outer scope to the
arrow scope upon encountering the arrow token.

In order to properly pass-on the calls_eval bit, now record
that bit on script scopes just like everywhere else, and add
necessary code to scopes.cc to handle that change in behavior.

Also factored out scope flag propagation to its own method to
make the call site simple (though note that only the eval
bit makes any difference for arrows).

BUG=v8:4395
LOG=n

Review URL: https://codereview.chromium.org/1423613002

Cr-Commit-Position: refs/heads/master@{#31660}
      0bdaa4d8
  27. 28 Oct, 2015 1 commit
  29. 27 Oct, 2015 1 commit
  31. 21 Oct, 2015 1 commit
    • adamk's avatar
      [es6] Fix scoping for default parameters in arrow functions · 02e4d21f
      adamk authored 
      When eagerly parsing arrow functions, expressions in default
parameter initializers are parsed in the enclosing scope,
rather than in the function's scope (since that scope does not
yet exist). This leads to VariableProxies being added to the
wrong scope, and scope chains for FunctionLiterals being incorrect.

This patch addresses these problems by adding a subclass of
AstExpressionVisitor that moves VariableProxies to the proper
scope and fixes up scope chains of FunctionLiterals.

This is a revert of the revert https://crrev.com/e41614a058426fb6102e4ab2dd4f98997f00c0fc
with a much-improved (though not yet perfect) Scope::ResetOuterScope
method which properly fixes not only the outer_scope_ pointer but also
fixes the inner_scope_ list in the relevant outer_scopes.

More work likely still needs to be done to make this work completely,
but it's very close to correct.

BUG=v8:4395
LOG=y

Review URL: https://codereview.chromium.org/1414283002

Cr-Commit-Position: refs/heads/master@{#31435}
      02e4d21f
  33. 20 Oct, 2015 2 commits
    • bmeurer's avatar
      Revert of [es6] Fix scoping for default parameters in arrow functions... · e41614a0
      bmeurer authored 
      Revert of [es6] Fix scoping for default parameters in arrow functions (patchset #5 id:80001 of https://codereview.chromium.org/1405313002/ )

Reason for revert:
Breaks nosnap: http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap%20-%20debug%20-%202/builds/2407/steps/Check/logs/regress-4395

Original issue's description:
> [es6] Fix scoping for default parameters in arrow functions
>
> When eagerly parsing arrow functions, expressions in default
> parameter initializers are parsed in the enclosing scope,
> rather than in the function's scope (since that scope does not
> yet exist). This leads to VariableProxies being added to the
> wrong scope, and scope chains for FunctionLiterals being incorrect.
>
> This patch addresses these problems by adding a subclass of
> AstExpressionVisitor that moves VariableProxies to the proper
> scope and fixes up scope chains of FunctionLiterals.
>
> More work likely still needs to be done to make this work completely,
> but it's very close to correct.
>
> BUG=v8:4395
> LOG=y
>
> Committed: https://crrev.com/cf72aad39e51de9b7074ea039377c1812f4a2c6b
> Cr-Commit-Position: refs/heads/master@{#31402}

TBR=rossberg@chromium.org,caitpotter88@gmail.com,adamk@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4395

Review URL: https://codereview.chromium.org/1417463004

Cr-Commit-Position: refs/heads/master@{#31404}
      e41614a0
    • adamk's avatar
      [es6] Fix scoping for default parameters in arrow functions · cf72aad3
      adamk authored 
      When eagerly parsing arrow functions, expressions in default
parameter initializers are parsed in the enclosing scope,
rather than in the function's scope (since that scope does not
yet exist). This leads to VariableProxies being added to the
wrong scope, and scope chains for FunctionLiterals being incorrect.

This patch addresses these problems by adding a subclass of
AstExpressionVisitor that moves VariableProxies to the proper
scope and fixes up scope chains of FunctionLiterals.

More work likely still needs to be done to make this work completely,
but it's very close to correct.

BUG=v8:4395
LOG=y

Review URL: https://codereview.chromium.org/1405313002

Cr-Commit-Position: refs/heads/master@{#31402}
      cf72aad3
  35. 15 Oct, 2015 1 commit
  37. 08 Oct, 2015 1 commit
  39. 07 Oct, 2015 1 commit
    • adamk's avatar
      Use Scope::function_kind_ to distinguish arrow function scopes · 24565b85
      adamk authored 
      Previously, arrow function scopes had a separate ScopeType. However,
Scope::DeserializeScopeChain() erroneously deserialized ARROW_SCOPE
ScopeInfos as FUNCTION_SCOPE. This could lead to bugs such as the
attached one, where "super" was disallowed where it should have
been allowed.

This patch utilizes the Scope's FunctionKind to distinguish arrow
functions from others. Besides fixing the above bug, this also
simplifies code in various places that had to deal with two different
ScopeTypes both of which meant "function".

BUG=v8:4466
LOG=n

Review URL: https://codereview.chromium.org/1386253002

Cr-Commit-Position: refs/heads/master@{#31154}
      24565b85
  41. 01 Oct, 2015 1 commit
    • rossberg's avatar
      [es6] Scoping & initialization for var shadowing non-simple parameters · 2c2848dc
      rossberg authored 
      Var-bindings may shadow parameters from a non-simple parameter list. When that happens: they create separate bindings, but are initialised with the respective parameter value. Thus:

(function(x, f = () => x) { var x; var y = x; x = 2; return [x, y, f()] })(1) -->  [2, 1, 1]

This CL implements that by inserting a suitable assignment for every shadwowing var-variable (e.g., x = outer_x above) at the beginning of the function's body block.

R=adamk@chromium.org
BUG=v8:4440,v8:811
LOG=N

Review URL: https://codereview.chromium.org/1371333004

Cr-Commit-Position: refs/heads/master@{#31042}
      2c2848dc
  43. 28 Sep, 2015 1 commit
    • jkummerow's avatar
      objects-inl.h: Remove ACCESSORS_TO_SMI macro · 7117acd2
      jkummerow authored 
      Replacing it with SMI_ACCESSORS.
This change makes accesses to Smi fields in objects more regular (the
accessors now always consume/return an int rather than a Smi*), which
avoids a bunch of manual Smi::FromInt() and Smi::value() conversions,
and is a step on the way towards being able to generate objects-inl.h.

Review URL: https://codereview.chromium.org/1371893002

Cr-Commit-Position: refs/heads/master@{#30975}
      7117acd2
  45. 24 Sep, 2015 3 commits
    • bmeurer's avatar
      [es6] Introduce spec compliant IsConstructor. · 8fe3ac07
      bmeurer authored 
      There was already a bit on the Map named "function with prototype",
which basically meant that the Map was a map for a JSFunction that could
be used as a constructor. Now this CL generalizes that bit to
IsConstructor, which says that whatever (Heap)Object you are looking at
can be used as a constructor (i.e. the bit is also set for bound
functions that can be used as constructors and proxies that have a
[[Construct]] internal method).

This way we have a single chokepoint for IsConstructor checking, which
allows us to get rid of the various ways in which we tried to guess
whether something could be used as a constructor or not.

Drive-by-fix: Renamed IsConstructor on FunctionKind to
IsClassConstructor to resolve the weird name clash, and the
IsClassConstructor name also matches the spec.

CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg,v8_linux_nosnap_dbg
R=jarin@chromium.org, rossberg@chromium.org
BUG=v8:4413, v8:4430
LOG=n

Committed: https://crrev.com/8de4d9351df4cf66c8a128d561a6e331d196be54
Cr-Commit-Position: refs/heads/master@{#30900}

Review URL: https://codereview.chromium.org/1358423002

Cr-Commit-Position: refs/heads/master@{#30902}
      8fe3ac07
    • bmeurer's avatar
      Revert of [es6] Introduce spec compliant IsConstructor. (patchset #2 id:20001... · 656ebdce
      bmeurer authored 
      Revert of [es6] Introduce spec compliant IsConstructor. (patchset #2 id:20001 of https://codereview.chromium.org/1358423002/ )

Reason for revert:
Failed on Fuzzer and MIPS bot.

Original issue's description:
> [es6] Introduce spec compliant IsConstructor.
>
> There was already a bit on the Map named "function with prototype",
> which basically meant that the Map was a map for a JSFunction that could
> be used as a constructor. Now this CL generalizes that bit to
> IsConstructor, which says that whatever (Heap)Object you are looking at
> can be used as a constructor (i.e. the bit is also set for bound
> functions that can be used as constructors and proxies that have a
> [[Construct]] internal method).
>
> This way we have a single chokepoint for IsConstructor checking, which
> allows us to get rid of the various ways in which we tried to guess
> whether something could be used as a constructor or not.
>
> Drive-by-fix: Renamed IsConstructor on FunctionKind to
> IsClassConstructor to resolve the weird name clash, and the
> IsClassConstructor name also matches the spec.
>
> R=jarin@chromium.org, rossberg@chromium.org
> BUG=v8:4430
> LOG=n
>
> Committed: https://crrev.com/8de4d9351df4cf66c8a128d561a6e331d196be54
> Cr-Commit-Position: refs/heads/master@{#30900}

TBR=jarin@chromium.org,rossberg@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4430

Review URL: https://codereview.chromium.org/1360403002

Cr-Commit-Position: refs/heads/master@{#30901}
      656ebdce
    • bmeurer's avatar
      [es6] Introduce spec compliant IsConstructor. · 8de4d935
      bmeurer authored 
      There was already a bit on the Map named "function with prototype",
which basically meant that the Map was a map for a JSFunction that could
be used as a constructor. Now this CL generalizes that bit to
IsConstructor, which says that whatever (Heap)Object you are looking at
can be used as a constructor (i.e. the bit is also set for bound
functions that can be used as constructors and proxies that have a
[[Construct]] internal method).

This way we have a single chokepoint for IsConstructor checking, which
allows us to get rid of the various ways in which we tried to guess
whether something could be used as a constructor or not.

Drive-by-fix: Renamed IsConstructor on FunctionKind to
IsClassConstructor to resolve the weird name clash, and the
IsClassConstructor name also matches the spec.

R=jarin@chromium.org, rossberg@chromium.org
BUG=v8:4430
LOG=n

Review URL: https://codereview.chromium.org/1358423002

Cr-Commit-Position: refs/heads/master@{#30900}
      8de4d935
  47. 21 Sep, 2015 1 commit
    • littledan's avatar
      Implement sloppy-mode block-defined functions (Annex B 3.3) · e5ff10d7
      littledan authored 
      ES2015 specifies very particular semantics for functions defined in blocks.
In strict mode, it is simply a lexical binding scoped to that block. In sloppy
mode, in addition to that lexical binding, there is a var-style binding in
the outer scope, which is overwritten with the local binding when the function
declaration is evaluated, *as long as* introducing ths var binding would not
create a var/let conflict in the outer scope.

This patch implements the semantics by introducing a DelegateStatement, which
is initially filled in with the EmptyStatement and overwritten with the
assignment when the scope is closed out and it can be checked that there is
no conflict.

This patch is tested with a new mjsunit test, and I tried staging it and running
test262, finding that the tests that we have disabled due to lack of Annex B
support now pass.

R=adamk,rossberg
LOG=Y
BUG=v8:4285

Review URL: https://codereview.chromium.org/1332873003

Cr-Commit-Position: refs/heads/master@{#30842}
      e5ff10d7
  49. 10 Sep, 2015 1 commit
  51. 08 Sep, 2015 1 commit
    • mstarzinger's avatar
      Use baseline code to compute message locations. · 819b40aa
      mstarzinger authored 
      This switches Isolate::ComputeLocation to use baseline code when
computing message locations. This unifies locations between optimized
and non-optimized code by always going through the FrameSummary for
location computation.

R=bmeurer@chromium.org
TEST=message/regress/regress-4266
BUG=v8:4266
LOG=n

Review URL: https://codereview.chromium.org/1331603002

Cr-Commit-Position: refs/heads/master@{#30635}
      819b40aa
  53. 28 Aug, 2015 1 commit
    • littledan's avatar
      Ensure hole checks take place in switch statement scopes · d6fb6de7
      littledan authored 
      Switch statements introduce their own scope for cases, but this scope
is not necessarily executed in order, as the following function shows:

  switch (x) {
    case 1:
      let y = 1;
    case 2:
      y = 2;
    case 3:
      print(y);
  }

If x = 2 or x = 3, the code should throw a ReferenceError. However,
FullCodeGen's hole check elimination used the simple algorithm of
assuming that if the initializer was in the same scope, then it was
reached before the use, and therefore the hole check could be
eliminated.

This patch adds an extra bit to scopes, to track if they may
nonlinearly. The parser marks the scope that switch introduces as
nonlinear. FullCodeGen does not eliminate the hole check from
a scope which is nonlinear. This patch refactors FullCodeGen to
put the hole check elimination in one place, rather than in each
backend.

BUG=v8:3926
LOG=Y
R=adamk

Review URL: https://codereview.chromium.org/1312613003

Cr-Commit-Position: refs/heads/master@{#30453}
      d6fb6de7
  55. 26 Aug, 2015 1 commit
  57. 25 Aug, 2015 1 commit
  59. 21 Aug, 2015 1 commit
    • rossberg's avatar
      [es6] Parameter scopes for sloppy eval · 365fd7bc
      rossberg authored 
      This CL is a nightmare! For the utterly irrelevant edge case of a sloppy function with non-simple parameters and a call to direct eval, like here,

  let x = 1;
  function f(g = () => x) {
    var y
    eval("var x = 2")
    return g() + x  // f() = 3
  }

we have to do all of the following, on top of the declaration block ("varblock") contexts we already introduce around the body:

- Introduce the ability for varblock contexts to have both a ScopeInfo and an extension object (e.g., the body varblock in the example will contain both a static var y and a dynamic var x). No other scope needs that. Since there are no context slots left, a special new struct is introduced that pairs up scope info and extension object.

- When declaring lookup slots in the runtime, this new struct is allocated in the case where an extension object has to be added to a block scope (at which point the block's extension slot still contains a plain ScopeInfo).

- While at it, introduce some abstraction to access context extension slots in a more controlled manner, in order to keep special-casing to a minimum.

- Make sure that even empty varblock contexts do not get optimised away when they contain a sloppy eval, so that they can host the potential extension object.

- Extend dynamic search for declaration contexts (used by sloppy direct eval) to recognize varblock contexts.

- In the parser, if a function has a sloppy direct eval, introduce an additional varblock scope around each non-simple (desugared) parameter, as required by the spec to contain possible dynamic var bindings.

- In the pattern rewriter, add the ability to hoist the named variables the pattern declares to an outer scope. That is required because the actual destructuring has to be evaluated inside the protecting varblock scope, but the bindings that the desugaring introduces are in the outer scope.

- ScopeInfos need to save the information whether a block is a varblock, to make sloppy eval calls work correctly that deserialise them as part of the scope chain.

- Add the ability to materialize block scopes with extension objects in the debugger. Likewise, enable setting extension variables in block scopes via the debugger interface.

- While at it, refactor and unify some respective code in the debugger.

Sorry, this CL is large. I could try to split it up, but everything is rather entangled.

@mstarzinger: Please review the changes to contexts.
@yangguo: Please have a look at the debugger stuff.

R=littledan@chromium.org, mstarzinger@chromium.org, yangguo@chromium.org
BUG=v8:811,v8:2160
LOG=N

Review URL: https://codereview.chromium.org/1292753007

Cr-Commit-Position: refs/heads/master@{#30295}
      365fd7bc
  61. 19 Aug, 2015 1 commit
  63. 14 Aug, 2015 1 commit