This allows us to get rid of the "push TruncateFloat64ToInt32 into Phi"
trick that was used in the MachineOperatorReducer to combine the
ChangeTaggedToFloat64 and TruncateFloat64ToInt32 operations. Instead of
doing that later, we can just introduce the proper operator during the
representation selection directly.
Also separate the TruncateFloat64ToInt32 machine operator, which had two
different meanings depending on a flag (either JavaScript truncation or
C++ style round to zero). Now there's a TruncateFloat64ToWord32 which
represents the JavaScript truncation (implemented via TruncateDoubleToI
macro + code stub) and the RoundFloat64ToInt32, which implements the C++
round towards zero operation (in the same style as the other WebAssembly
driven Round* machine operators).
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1919513002
Cr-Commit-Position: refs/heads/master@{#35743}
Reason for revert:
Need to fix the #undef logic.
Original issue's description:
> Fix interpreter unittest for embedded constant pools.
>
> The offset from fp to the register file is based on the frame size
> -- which is one slot larger when embedded constant pools are enabled.
>
> TEST=unittests/DecodeBytecodeAndOperands
> R=rmcilroy@chromium.org, bmeurer@chromium.org, oth@chromium.org, mstarzinger@chromium.org
> BUG=
TBR=bmeurer@chromium.org,mstarzinger@chromium.org,oth@chromium.org,rmcilroy@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review URL: https://codereview.chromium.org/1909323003
Cr-Commit-Position: refs/heads/master@{#35736}
Removes some control edges added from the RawMachineAssembler to the end of the graph.
Adds a parameter that tells the Verifier to ignore effect and control inputs.
Review URL: https://codereview.chromium.org/1912853003
Cr-Commit-Position: refs/heads/master@{#35731}
Refactor the Scope object to automatically enable strict mode when
initialized as a "module" scope, relieving the caller of this
responsibility.
BUG=v8:4941
LOG=N
R=adamk@chromium.org
Review URL: https://codereview.chromium.org/1906923002
Cr-Commit-Position: refs/heads/master@{#35730}
This ensures the InterpreterEntryTrampoline heals code entry fields
inside closures when being called without a valid bytecode array. This
is preparatory work to allow removal of bytecode when switching some
functions to other types of code.
R=rmcilroy@chromium.org
BUG=v8:4280
LOG=n
Review URL: https://codereview.chromium.org/1904093002
Cr-Commit-Position: refs/heads/master@{#35724}
Get rid of further typing checks from ChangeLowering and put them into
the representation selection pass instead (encoding the information in
the operator instead).
Drive-by-change: Rename ChangeSmiToInt32 to ChangeTaggedSignedToInt32
for consistency about naming Tagged, TaggedSigned and TaggedPointer.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1909343002
Cr-Commit-Position: refs/heads/master@{#35723}
Adds IncStub and DecStub TurboFan code stubs and hooks them up to the
interpreter's Inc and Dec bytecodes (which are used for count
operations, e.g. i++).
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1901083002
Cr-Commit-Position: refs/heads/master@{#35720}
Fixes a mistake made in r35618 for register OperandSize calculations.
BUG=605470
LOG=N
Review URL: https://codereview.chromium.org/1908033002
Cr-Commit-Position: refs/heads/master@{#35719}
The new bytecodes replace two runtime functions. They are still unsupported by the bytecode graphbuilder, though.
BUG=v8:4907
LOG=n
Review URL: https://codereview.chromium.org/1904933002
Cr-Commit-Position: refs/heads/master@{#35716}
This is a follow-up to 58429beb7b
"Fix KeyedStore stub selection for STRING_WRAPPER_ELEMENTS".
BUG=chromium:602184
LOG=n
Review URL: https://codereview.chromium.org/1912443004
Cr-Commit-Position: refs/heads/master@{#35715}
The feature was deprecated in M49 and flagged off in M50.
This patch removes it entirely from the codebase.
Review URL: https://codereview.chromium.org/1909433003
Cr-Commit-Position: refs/heads/master@{#35714}
If we have to convert a float64 value to tagged representation and we
already know that the value is either in Signed31/Signed32 or
Unsigned32 range, then we can just convert the float64 to word32 and
use the fast word32 to tagged conversion. Doing this in
ChangeLowering (or the effect linearization pass) would be unsound, as
the types on the nodes are no longer usable.
This removes all Type uses from effect linearization. There's still some
work to be done for ChangeLowering tho.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1908093002
Cr-Commit-Position: refs/heads/master@{#35713}
Non-vectorized KeyedLoadICs used to remember whether they had seen Names
as keys; Crankshaft uses this information to avoid emitting elements
accesses which would always deopt. This CL restores that functionality
for vector ICs.
BUG=chromium:594183
LOG=y
R=mvstanton@chromium.org
Review URL: https://codereview.chromium.org/1912593002
Cr-Commit-Position: refs/heads/master@{#35706}
The CL #35651 (https://codereview.chromium.org/1858323003) exposed one hiden issue in RunTruncateFloat32ToUint32 test cases and X87 failed at it.
Here is the issue in RunTruncateFloat32ToUint32:
For float input = static_cast<float>(*i), the x87 GCC would optimize the input viariable in float floating register for release build.
The problem is:
SSE float register has single precision rounding semantic While X87 register hasn't when directly use floating register value. It will cause the value of input viariable has
different precision for IA32 and X87 port. So static_cast<uint32_t>(input) will be different for IA32 and X87 port too.
This led to CHECK_EQ(static_cast<uint32_t>(input), m.Call(input)) fail although V8 turbofan JITTed code m.Call(input) has exactly same result in both X87 and IA32 port.
So we add the following sentence to do type cast to keep the single precision for RunTruncateFloat32ToUint32 by forcing the input viariable get value from memory insread of
floating register.
Such as: volatile float input = static_cast<float>(*i).
BUG=
Review URL: https://codereview.chromium.org/1905883002
Cr-Commit-Position: refs/heads/master@{#35689}
This patch provides a new implementation of popcnt and ctz in the case
where the platform does not provide these instructions. Instead of
building a TF graph which implements it we now call a C function.
Additionally I turned on additional tests in test-run-wasm-64.cc
R=titzer@chromium.org
Review URL: https://codereview.chromium.org/1857363003
Cr-Commit-Position: refs/heads/master@{#35685}
Port 3518e492c0
Original commit message:
Short external strings do not cache the resource data, and may be used
for compressible strings. The assumptions about their lengths is
invalid and may lead to oob reads.
R=bmeurer@chromium.org
BUG=v8:4923,chromium:604897
LOG=N
Review URL: https://codereview.chromium.org/1902393004
Cr-Commit-Position: refs/heads/master@{#35683}
Our previous over-conservative answer caused us to emit hole checks in
full-codegen when eagerly parsing but not when lazily parsing.
With this patch, we use the positions of the BinaryOperations making up
the parameter list (which are the positions of the commas) to determine
the appropriate "end position" for each parameter's initializer. This means
that we get accurate-enough positions for the initializers in the eager
parsing step to get the same answers for hole-check-elimination that we
will later during ParseLazy.
In the included test case, for example:
(function() { ((s = 17, y = s) => s)(); } )();
^2 ^1
The old code would generate a hole check when trying to load
|s| for assignment to |y| (because it treated the closing parentheses
pointed to by "^1" as the "initialization position" of |s|).
The new code uses the comma pointed to by "^2" as the initialization
position of |s|. Since that occurs textually before the load of |s|,
full-codegen knows it can avoid the hole check.
BUG=v8:4908
LOG=n
Review URL: https://codereview.chromium.org/1900343002
Cr-Commit-Position: refs/heads/master@{#35678}
New incoming test262 tests check what happens on detached ("neutered")
ArrayBuffers. This patch makes the test262 infrastructure define
detaching an ArrayBuffer in terms of %ArrayBufferNeuter, passing the
--allow-natives-syntax flag, when it is needed.
BUG=v8:4193
LOG=N
R=adamk,machenbach
Review URL: https://codereview.chromium.org/1897203003
Cr-Commit-Position: refs/heads/master@{#35676}
This causes an incoming test262 test to pass, as part of the next
test262 roll.
R=adamk,machenbach
BUG=v8:1569
LOG=N
Review URL: https://codereview.chromium.org/1896293003
Cr-Commit-Position: refs/heads/master@{#35667}
Before, just a string was thrown, so no stack trace was attached there.
Generated code from wasm does not grow by this change, we just pass a
message id to the respective (new) runtime function.
R=mstarzinger@chromium.org, titzer@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1874383002
Cr-Commit-Position: refs/heads/master@{#35664}
Short external strings do not cache the resource data, and may be used
for compressible strings. The assumptions about their lengths is
invalid and may lead to oob reads.
R=jkummerow@chromium.org
BUG=v8:4923,chromium:604897
LOG=N
Review URL: https://codereview.chromium.org/1901573003
Cr-Commit-Position: refs/heads/master@{#35660}
Also factor out test cases from test-run-machops.cc into test-run-load-store.cc
BUG=chromium:599717
LOG=Y
Review URL: https://codereview.chromium.org/1858323003
Cr-Commit-Position: refs/heads/master@{#35651}
In a full mark-compact GC, instead of copying memory to old space for
pages that have more than X% live bytes, we just move the whole page over to old
space.
X=70 (default value)
BUG=chromium:581412
LOG=N
TBR=hpayer@chromium.org
This reverts commit 8b3337278f.
Review URL: https://codereview.chromium.org/1901093002
Cr-Commit-Position: refs/heads/master@{#35649}
[15.2.1.11 Static Semantics:
LexicallyDeclaredNames](https://tc39.github.io/ecma262/#sec-module-semantics-static-semantics-lexicallydeclarednames)
(in contrast with its definition for StatementListItem) makes no
explicit provision for HoistableDeclarations. This means that function
declarations are treated as lexically scoped in module code, as
described in section 15.2.1.11's informative note:
> At the top level of a function, or script, function declarations are
> treated like var declarations rather than like lexical declarations.
BUG=v8:4884
LOG=N
R=adamk@chromium.org
Review URL: https://codereview.chromium.org/1851673007
Cr-Commit-Position: refs/heads/master@{#35633}
