Update V8 to version 4.1.0.21
This is a cherry-pick of all commits up to and including the
4.1.0.21 cherry-pick in Chromium.
Original commit message:
Version 4.1.0.21 (cherry-pick)
Merged 206e9136bde0f2b5ae8cb77afbb1e7833e5bd412
Unlink pages from the space page list after evacuation.
BUG=430201
LOG=N
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/953813002
Cr-Commit-Position: refs/branch-heads/4.1@{#22}
Cr-Branched-From: 2e08d2a7aa9d65d269d8c57aba82eb38a8cb0a18-refs/heads/candidates@{#25353}
---
FPIIM-449
Change-Id: I8c23c7bbb70772b4858fe8a47b64fa97ee0d1f8c
diff --git a/ChangeLog b/ChangeLog
index d787965..d42a2f1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,856 @@
+2015-01-07: Version 3.32.3
+
+ Performance and stability improvements on all platforms.
+
+
+2015-01-07: Version 3.32.2
+
+ Performance and stability improvements on all platforms.
+
+
+2015-01-07: Version 3.32.1
+
+ [turbofan] Don't crash when typing load from a Uint8ClampedArray
+ (Chromium issue 446156).
+
+ [turbofan] Truncation of Bit/Word8/16 to Word32 is a no-op (Chromium
+ issue 445859).
+
+ [x64] Rearrange code for OOB integer loads (Chromium issue 445858).
+
+ Fix %NeverOptimizeFunction() intrinsic (Chromium issue 445732).
+
+ [turbofan] Fix invalid bounds check with overflowing offset (Chromium
+ issue 445267).
+
+ [turbofan] Raise max virtual registers and call parameter limit (issue
+ 3786).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-23: Version 3.31.74
+
+ [turbofan] Turn DCHECK for fixed slot index into a CHECK (Chromium issue
+ 444681).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-23: Version 3.31.73
+
+ [turbofan] Fix missing ChangeUint32ToUint64 in lowering of LoadBuffer
+ (Chromium issue 444695).
+
+ Enable the embedder to specify what kind of context was disposed.
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-22: Version 3.31.72
+
+ [turbofan] Correctify lowering of Uint8ClampedArray buffer access
+ (Chromium issue 444508).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-20: Version 3.31.71
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-20: Version 3.31.70
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-20: Version 3.31.69
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-19: Version 3.31.68
+
+ [turbofan] Fix unsafe out-of-bounds check for checked loads/stores
+ (Chromium issue 443744).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-19: Version 3.31.67
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-19: Version 3.31.66
+
+ Ship ES6 template literals (issue 3230).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-18: Version 3.31.65
+
+ ES6 template literals should not use legacy octal strings (issue 3736).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-18: Version 3.31.64
+
+ Fixed -fsanitize=float-cast-overflow problems (issue 3773).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-18: Version 3.31.63
+
+ ES6 computed property names (issue 3754).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-17: Version 3.31.62
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-17: Version 3.31.61
+
+ ES6: Update unscopables to match spec (issue 3632).
+
+ ES6 computed property names (issue 3754).
+
+ More -fsanitize=vptr fixes (Chromium issue 441099).
+
+ [turbofan] Cache conversions inserted during typed lowering (issue
+ 3763).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-16: Version 3.31.60
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-16: Version 3.31.59
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-16: Version 3.31.58
+
+ Ship ES6 classes (issue 3330).
+
+ ES6 computed property names (issue 3754).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-12: Version 3.31.57
+
+ Consistently use only one of virtual/OVERRIDE/FINAL (issue 3753).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-12: Version 3.31.56
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-12: Version 3.31.55
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-11: Version 3.31.54
+
+ Implement Array.from() (issue 3336).
+
+ move v8_use_external_startup_data to standalone.gypi (Chromium issue
+ 421063).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-11: Version 3.31.53
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-11: Version 3.31.52
+
+ Ship ES6 block scoping (issue 2198).
+
+ Optimize Object.seal and Object.preventExtensions (issue 3662, Chromium
+ issue 115960).
+
+ Add Array.prototype.includes (issue 3575).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-10: Version 3.31.51
+
+ [x64] Fix optimization for certain checked load/stores (Chromium issue
+ 439743).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-09: Version 3.31.50
+
+ Temporarily restore make dependencies.
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-09: Version 3.31.49
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-09: Version 3.31.48
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-09: Version 3.31.47
+
+ Temporarily restore make dependencies.
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-08: Version 3.31.46
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-08: Version 3.31.45
+
+ Update all DEPS to match chromium's DEPS at edb488e.
+
+ Turn on DCHECKs and other debugging code if dcheck_always_on is 1 (issue
+ 3731).
+
+ Optimize GetPrototype.
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-05: Version 3.31.44
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-04: Version 3.31.43
+
+ ES6 template literals: Fix issue with template after rbrace (issue
+ 3734).
+
+ Stage ES6 template literals (issue 3230).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-04: Version 3.31.42
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-04: Version 3.31.41
+
+ Simplify template literal raw string creation (issue 3710).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-03: Version 3.31.40
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-03: Version 3.31.39
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-03: Version 3.31.38
+
+ Stage ES6 classes and object literal extensions (issue 3330).
+
+ Fixed environment handling for LFlooringDivI on ARM (Chromium issue
+ 437765).
+
+ Add GetIdentityHash to v8::Name object API (Chromium issue 437416).
+
+ Set V8_CC_GNU or V8_CC_MSVC for clang in gcc / cl mode (Chromium issue
+ 82385).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-02: Version 3.31.37
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-02: Version 3.31.36
+
+ Set V8_CC_GNU or V8_CC_MSVC for clang in gcc / cl mode (Chromium issue
+ 82385).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-02: Version 3.31.35
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-01: Version 3.31.34
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-01: Version 3.31.33
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-01: Version 3.31.32
+
+ Performance and stability improvements on all platforms.
+
+
+2014-12-01: Version 3.31.31
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-29: Version 3.31.30
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-28: Version 3.31.29
+
+ Stage @@toStringTag (--harmony-tostring).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-28: Version 3.31.28
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-28: Version 3.31.27
+
+ Ship harmony-strings.
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-28: Version 3.31.26
+
+ Abort optimization in corner case (Chromium issue 436893).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-26: Version 3.31.25
+
+ Stage ES6 block scoping (issue 2198).
+
+ Introduce legacy const slots in correct context (Chromium issue 410030).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-26: Version 3.31.24
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-25: Version 3.31.23
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-25: Version 3.31.22
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-24: Version 3.31.21
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-24: Version 3.31.20
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-22: Version 3.31.19
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-21: Version 3.31.18
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-21: Version 3.31.17
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-21: Version 3.31.16
+
+ Cache template literal callSiteObj (issue 3230).
+
+ Rename String.prototype.contains to 'includes'.
+
+ Reserve code range block for evacuation (Chromium issue 430118).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-20: Version 3.31.15
+
+ Rename String.prototype.contains to 'includes'.
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-19: Version 3.31.14
+
+ Remove Weak{Map,Set}.prototype.clear.
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-19: Version 3.31.13
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-19: Version 3.31.12
+
+ Classes: Expand test to cover strict runtime behavior (issue 3330).
+
+ v8::String::Concat must not throw (Chromium issue 420240).
+
+ Fix disabling all break points from within the debug event callback
+ (Chromium issue 432493).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-18: Version 3.31.11
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-17: Version 3.31.10
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-17: Version 3.31.9
+
+ Expose internal properties of map/set iterators via mirrors.
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-17: Version 3.31.8
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-15: Version 3.31.7
+
+ Classes: Add support for stepping through default constructors (issue
+ 3674).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-14: Version 3.31.6
+
+ Fix desugaring of let bindings in for loops to handle continue properly
+ (issue 3683).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-14: Version 3.31.5
+
+ Classes: Implement correct name binding (issue 3330).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-14: Version 3.31.4
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-14: Version 3.31.3
+
+ Classes: Cleanup default constructor flag.
+
+ Soft fail for invalid cache data.
+
+ Implement .of() on typed arrays (issue 3578).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-13: Version 3.31.2
+
+ MIPS: Leaving a generator via an exception causes it to close (issue
+ 3096).
+
+ MIPS: ES6: Add support for super in object literals (issue 3571).
+
+ Increase the target new space size to the max new space size (issue
+ 3626).
+
+ Leaving a generator via an exception causes it to close (issue 3096).
+
+ Correctly compute line numbers in functions from the function
+ constructor (Chromium issue 109362).
+
+ Rename v8::Exception::GetMessage to CreateMessage.
+
+ Classes: Add support for arguments in default constructor (issue 3672).
+
+ ES6: Add support for super in object literals (issue 3571).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-12: Version 3.31.1
+
+ Fix has_constant_parameter_count() confusion in LReturn (Chromium issue
+ 431602).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-05: Version 3.30.33
+
+ `1..isPrototypeOf.call(null)` should return false, not throw TypeError
+ (issue 3483).
+
+ Refactor ObjectGetOwnPropertyKeys to accept bitmask rather than boolean
+ (issue 3549).
+
+ Add debug mirror support for ES6 Map/Set iterators (Chromium issue
+ 427868).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-04: Version 3.30.30
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-02: Version 3.30.27
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-02: Version 3.30.26
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-01: Version 3.30.25
+
+ Performance and stability improvements on all platforms.
+
+
+2014-11-01: Version 3.30.24
+
+ Ensure we don't try to inline raw access to indexed interceptor
+ receivers (Chromium issue 419220).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-31: Version 3.30.23
+
+ Introduce v8::Exception::GetMessage to find location of an error object
+ (Chromium issue 427954).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-30: Version 3.30.22
+
+ MIPS: Classes: Add super support in methods and accessors (issue 3330).
+
+ Classes: Add super support in methods and accessors (issue 3330).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-29: Version 3.30.21
+
+ MIPS: Classes: Add basic support for properties (issue 3330).
+
+ Classes: Add more tests for prototype edge cases (Chromium issue 3655).
+
+ Classes: Add test for method prototype (issue 3330).
+
+ Get stack trace for uncaught exceptions/promise rejections from the
+ simple stack when available.
+
+ Classes: Add basic support for properties (issue 3330).
+
+ Allow duplicate property names in classes (issue 3570).
+
+ Windows: use SystemTimeToTzSpecificLocalTime instead of localtime_s
+ (Chromium issue 417640).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-28: Version 3.30.20
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-27: Version 3.30.19
+
+ Check string literals with escapes in PreParserTraits::GetSymbol()
+ (issue 3606).
+
+ only define ARRAYSIZE_UNSAFE for NaCl builds (Chromium issue 405225).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-24: Version 3.30.18
+
+ Narrow cases where Sparse/Smart versions of Array methods are used
+ (issues 2615, 3612, 3621).
+
+ Shrink new space in idle notification (Chromium issue 424423).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-23: Version 3.30.17
+
+ ARM64: Fix stack manipulation (Chromium issue 425585).
+
+ Speed up creation of Objects whose prototype has dictionary elements
+ (Chromium issue 422754).
+
+ Enable libstdc++ debug mode in debug builds (issue 3638).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-22: Version 3.30.16
+
+ Remove v8stdint.h, it doesn't serve a purpose anymore.
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-21: Version 3.30.15
+
+ Avoid the Marsaglia effect in 3D (Chromium issue 423311).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-20: Version 3.30.14
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-17: Version 3.30.13
+
+ Don't expose Array.prototype.values as it breaks webcompat (Chromium
+ issue 409858).
+
+ Fix break location calculation (Chromium issue 419663).
+
+ Enable libstdc++ debug mode in debug builds (issue 3638).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-17: Version 3.30.12
+
+ Implement .forEach() on typed arrays (issue 3578).
+
+ Introduce v8::Exception::GetStackTrace API method.
+
+ Remove SmartMove, bringing Array methods further into spec compliance
+ (issue 2615).
+
+ Convert argument toObject() in Object.getOwnPropertyNames/Descriptors
+ (issue 3443).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-15: Version 3.30.11
+
+ Array.prototype.{every, filter, find, findIndex, forEach, map, some}:
+ Use fresh primitive wrapper for calls (issue 3536).
+
+ Correctly expand literal buffer for surrogate pairs (Chromium issue
+ 423212).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-15: Version 3.30.10
+
+ Squeeze the layout of various AST node types (Chromium issue 417697).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-14: Version 3.30.9
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-13: Version 3.30.8
+
+ AST nodes have at most one bailout/typefeedback ID now, saving lots of
+ memory (Chromium issue 417697).
+
+ Allow identifier code points from supplementary multilingual planes
+ (issue 3617).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-10: Version 3.30.7
+
+ Fix computation of UTC time from local time at DST change points (issue
+ 3116, Chromium issues 415424, 417640).
+
+ Convert `obj` ToObject in Object.keys() (issue 3587).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-09: Version 3.30.6
+
+ Update unicode to 7.0.0 (issue 2892).
+
+ Classes: Add support for toString (issue 3330).
+
+ Don't enable WPO on Win64 and require Server 2003 / x64 for win64
+ (Chromium issue 421363).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-08: Version 3.30.5
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-08: Version 3.30.4
+
+ This uses a runtime function to set up the the constructor and its
+ prototype (issue 3330).
+
+ Remove PersistentBase::ClearAndLeak.
+
+ Squeeze the layout of variable proxy nodes (Chromium issue 417697).
+
+ Add MonotonicallyIncreasingTime to V8 Platform (Chromium issue 417668).
+
+ Fix representation of HLoadRoot (Chromium issue 419036).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-03: Version 3.30.3
+
+ Removed the Isolate* field from literal nodes (Chromium issue 417697).
+
+ Squeeze the layout of expression nodes a bit (Chromium issue 417697).
+
+ Merged FeedbackSlotInterface into AstNode, removing the need for a 2nd
+ vtable (Chromium issue 417697).
+
+ Extend CPU profiler with mapping ticks to source lines.
+
+ Remove support for parallel sweeping.
+
+ Introduce v8::Object::GetIsolate().
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-02: Version 3.30.2
+
+ Fix Hydrogen's BuildStore() (Chromium issue 417508).
+
+ Move unit tests to test/unittests (issue 3489).
+
+ Changes to ALLOW_UNUSED to match upcoming changes to the Chromium trunk:
+ * Eliminate usage of ALLOW_UNUSED to define COMPILE_ASSERT and just use
+ static_assert() in all cases now that all platforms build with C++11. *
+ Convert remaining uses of ALLOW_UNUSED to ALLOW_UNUSED_TYPE to match how
+ Chromium will be splitting this functionality. (In Chromium we'll have
+ both ALLOW_UNUSED_TYPE and ALLOW_UNUSED_LOCAL, which have different
+ syntax to enable us to use these with MSVC.) (Chromium issue 81439).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-10-01: Version 3.30.1
+
+ Introduce PromiseRejectCallback (issue 3093).
+
+ ES6: Implement object literal property shorthand (issue 3584).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-09-30: Version 3.29.93
+
+ Add a getter for the address and size of the code range to the pulic API
+ (issue 3598).
+
+ Convert `obj` ToObject in Object.keys() (issue 3587).
+
+ Performance and stability improvements on all platforms.
+
+
+2014-09-29: Version 3.29.92
+
+ Performance and stability improvements on all platforms.
+
+
+2014-09-26: Version 3.29.91
+
+ Performance and stability improvements on all platforms.
+
+
2014-09-25: Version 3.29.88
Performance and stability improvements on all platforms.