Change-Id: I4b810b3684609f19cef3adf295ac104d00b9a4c3
Reviewed-on: https://chromium-review.googlesource.com/1194441
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55536}
- Cleans up existing code that tests for representations using a
bitmask.
- Bypass FP register allocation for sequences without FP vregs.
Change-Id: I5ff32e80e0c33848ba83ee17f786b01e37821aa2
Reviewed-on: https://chromium-review.googlesource.com/1195528
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55535}
This CL fixes a bug where the receiving instance was updated improperly
in the dispatch table(s) of an imported table.
BUG=chromium:875322
R=mstarzinger@chromium.org
Change-Id: Ib5af238a0847bf332a12863523e897f59f137c1d
Reviewed-on: https://chromium-review.googlesource.com/1196886
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55534}
We have an API (GetCodeRange) which gives the location of V8 code on the
heap, but builtin code no longer lives on the heap.
The upcoming work on the V8 stack unwinder requires the embedder to
provide the code ranges for both the heap and builtins, so this API will
be used there.
Bug: v8:8116
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I15e900716e68256b9732be0ea1a5cda24878eccf
Reviewed-on: https://chromium-review.googlesource.com/1196551
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55532}
This is a naive implementation of a class that manages regions
allocation/deallocation inside given range of addresses.
This code will be used in a follow-up CLs.
Bug: v8:8096
Change-Id: I7bea7051a1525cc7f87ba34d67b85b274c5de18a
Reviewed-on: https://chromium-review.googlesource.com/1127175
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55531}
This addresses a TODO in JSTypedLowering and generally makes the more
easier to follow since the methods deal only with one kind of Node now.
Bug: v8:8015
Change-Id: I8c3521b8d630dbe272264dc01e9ab3a5b0a8f682
Reviewed-on: https://chromium-review.googlesource.com/1196883
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55530}
This is a purely cosmetic change to make the Number constructor
in the JSCallReducer easier to read.
Bug: v8:7904, v8:8015
Change-Id: Id3248dcf9c4e8111bb4f0418bfa6993630df74bb
Reviewed-on: https://chromium-review.googlesource.com/1196432
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55528}
This CL removes a regression test that was intended to check that the
maximum call stack size was not exceeded when calling Array.p.sort.
As the new sorting algorithm (TimSort) does not work recursively, this
test is no longer really necessary. It is also rather slow and causes
issues on some bots, so we remove the test.
R=mslekova@chromium.org
Bug: v8:7783
Change-Id: I5bb9693ab825fe077776fd6825688545286285fd
Reviewed-on: https://chromium-review.googlesource.com/1196511
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#55527}
This adds experimental support for an 'except_ref' value type for caught
exceptions as per the exception handling proposal. In the current for it
is only allowed to have such types in the stack or in a local, support
for having it as part of any signature was left out.
The default value for a local of type 'except_ref' is the 'ref_null'
value for now. Since this value cannot escape a wasm function, the
concrete value is not actually observable.
R=ahaas@chromium.org
TEST=unittests/LocalDeclDecoderTest.ExceptRef,mjsunit/wasm/exceptions
BUG=v8:8091
Change-Id: I7bd65274327a833262f8749cbe0e24e737f6e0c1
Reviewed-on: https://chromium-review.googlesource.com/1196510
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55526}
This CL fixes a bug if the second argument ('from') for lastIndexOf
changes the array when its converted to an integer.
R=jgruber@chromium.org
Bug: chromium:878845
Change-Id: I8759dd19381c63f0dde1d4c5abc1b6c7291c6048
Reviewed-on: https://chromium-review.googlesource.com/1196507
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#55525}
This is no longer necessary as the JSFunction::code field is now a
proper tagged field, that points to a Code object, instead of a
naked pointer into the beginning of the Code object. So now the
representation selection always sees a proper tagged value here.
Bug: v8:8015
Change-Id: Ia66e9425d82a0f765e4cbb6e3bed7bcdd9438958
Reviewed-on: https://chromium-review.googlesource.com/1196662
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55524}
Since jump tables cannot be embedded, prevent their generation for
bytecode handlers. This allows the remaining 7 bytecode handlers to be
marked isolate independent.
Bug: v8:8068
Change-Id: I3a4a6e6530fd1c585558a0d44bd429f572318b57
Reviewed-on: https://chromium-review.googlesource.com/1196509
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55523}
This improves parse time for code-load and other benchmarks.
Bug: v8:7926
Change-Id: I9c8017f2e7f73dd952c025db5abe8e4062e6ef9b
Reviewed-on: https://chromium-review.googlesource.com/1196506
Commit-Queue: Florian Sattler <sattlerf@google.com>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55521}
This CL improves the performance of creating [...a, b] or [...a].
If the array literal has a leading spread, this CL emits the bytecode
[CreateArrayFromIterable] to create the literal. CreateArrayFromIterable
is implemented by [IterableToListDefault] builtin to create the initial
array for the leading spread. IterableToListDefault has a fast path to
clone efficiently if the spread is an actual array.
The bytecode generated is now shorter. Bytecode generation is refactored
into to BuildCreateArrayLiteral, which allows VisitCallSuper to benefit
from this optimization also.
For now, turbofan also lowers the bytecode to the builtin.
The idiomatic use of [...a] to clone the array a now performs better
than a simple for-loop, but still does not match the performance of slice.
Bug: v8:7980
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ibde659c82d3c7aa1b1777a3d2f6426ac8cc15e35
Reviewed-on: https://chromium-review.googlesource.com/1181024
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Commit-Queue: Hai Dang <dhai@google.com>
Cr-Commit-Position: refs/heads/master@{#55520}
This is needed to meet the timeout requirements of android builds.
Change-Id: Ia771f94683e2e0c88c54ed0e0a75925abfa85786
Reviewed-on: https://chromium-review.googlesource.com/1196508
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Florian Sattler <sattlerf@google.com>
Cr-Commit-Position: refs/heads/master@{#55519}
This changes SimplifiedLowering to be more consistent when chosing Smi
representation as input for Number comparisons. We already had some
isolated logic for doing (speculative) Number comparisons on Smis, but
only in the case where that decision was based on type feedback, not on
information already present in the graph.
Bug: v8:7703
Change-Id: I25370ade630917675a6ac79b5ae6a8afd253dfc7
Reviewed-on: https://chromium-review.googlesource.com/1196422
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55518}
This removes the thread-local field in question. This side-channel for
the "caught exception" is not needed, we can just explicitly pass the
exception value to all support functions. Also, there is an inherent
problem with having this side-channel, as it will not be properly reset
when an exception handler ends up not rethrowing the exception.
R=ahaas@chromium.org
BUG=v8:8097
Change-Id: I2fdaff89f0eb318ce5a33bf56513165185547c1b
Reviewed-on: https://chromium-review.googlesource.com/1194063
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55517}
This reverts two CLs that were intended to show symbols for embedded builtins in chromecrash. The symbols never showed up, a part of this must still be missing.
Revert "[builtins] Declare builtin symbols as globals"
This reverts commit 8412353c99.
Revert "[builtins] Declare builtin symbols"
This reverts commit 17ad3ae47f.
TBR=yangguo@chromium.org
Bug: v8:6666, v8:7722
Change-Id: Ifcbf56a36ea51ea65de77c507886402f3663f414
Reviewed-on: https://chromium-review.googlesource.com/1195493
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55515}
Use BuiltinAssemblerOptions to generate AssemblerOptions when generating
the bytecode handlers (assuming v8_enable_embedded_bytecode_handlers is
on).
Mark all but InvokeIntrinsic, InvokeIntrinsicWide,
InvokeIntrinsicExtraWide, TestIn, TestInWide, TestInExtraWide and
TestTypeOf as isolate-independent. The excluded handlers create jump
tables which have absolute addresses.
Bug: v8:8068
Change-Id: Ia29e9c737ec345193e24fc2aa3684daefb113a9a
Reviewed-on: https://chromium-review.googlesource.com/1195508
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55514}
Also takes care of InterpreterEnterBytecodeAdvance.
Drive-by:
- Add DCHECK to ensure cmpb is only used with byte registers.
- Add Push/PopRootRegister to TurboAssembler with DCHECK ensuring
that there is a NoRootArrayScope
Change-Id: Ibcf1c91b12767bdf6425b18872c41b31124de3ba
Bug: v8:6666
Reviewed-on: https://chromium-review.googlesource.com/1190305
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55512}
Minor cleanup moving some types to more meaningful headers.
Bug: v8:8015
Change-Id: I99e428529f0b2d967a3c67385c80001bb0df19fa
Reviewed-on: https://chromium-review.googlesource.com/1195506
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55511}
This is a reland of e987606a8a
Original change's description:
> inspector: do not convert and store String16 for script source
>
> We need script source for:
> - calculating hash to report as part of scriptParsed event,
> - reporting it as response on getScriptSource request,
> - searching inside as response on searchInContent request,
> - breakpoints hints.
>
> In all cases there is no need to store source on inspector side.
>
> R=alph@chromium.org
>
> Bug: chromium:873865,v8:7731
> Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;master.tryserver.blink:linux_trusty_blink_rel
> Change-Id: Ice24ddc72cfff36fb9a2dff2d7c4543defe3f668
> Reviewed-on: https://chromium-review.googlesource.com/1182603
> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Reviewed-by: Alexei Filippov <alph@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55286}
TBR=alph@chromium.org
Bug: chromium:873865, v8:7731
Change-Id: I0a0e93cd9d7797e4b3c57b1ab4f1a20af27fea9c
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;master.tryserver.blink:linux_trusty_blink_rel
Reviewed-on: https://chromium-review.googlesource.com/1195907
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55509}
Add a C++ helper function called "CreateBoundFunction" as a static
function to the Intl class, and change all existing builtins involving
the creation of a bound function to use it instead.
Also remove the redundant ContextSlot enums on all Intl objects in favor
of a single BoundFunctionContextSlot enum in the Intl class.
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ibd541f5e79828cd1e2cd573a0e23fc93b348a8ad
Reviewed-on: https://chromium-review.googlesource.com/1194817
Commit-Queue: Ujjwal Sharma <usharma1998@gmail.com>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55508}
This is a reland of 1b3b808a54
Original change's description:
> inspector: find magic comment using V8 scanner
>
> Inspector tries to provide sourceURL and sourceMappingURL for scripts
> with parser errors. Without this CL we convert source of each script
> to inspector string and search for magic comment there. Some web sites
> use pattern when they get some data from network and constantly try to
> parse this data as JSON, in this case we do a lot of useless work.
>
> So we can parse magic comments on V8 side only for compilation errors
> (excluding parse JSON errors), to do it we can reuse scanner by running
> it on each potential comment.
>
> R=alph@chromium.org,verwaest@chromium.org,yangguo@chromium.org
>
> Bug: chromium:873865,v8:7731
> Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;master.tryserver.blink:linux_trusty_blink_rel
> Change-Id: I77c270fd0e95cd7b2c9ee4b7f72ef344bc1fa104
> Reviewed-on: https://chromium-review.googlesource.com/1182446
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Alexei Filippov <alph@chromium.org>
> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55280}
TBR=alph@chromium.org,verwaest@chromium.org,yangguo@chromium.org
Bug: chromium:873865, v8:7731
Change-Id: I097678fda0ebdcbd35a85be0bb6cf0fcb052bcbd
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;master.tryserver.blink:linux_trusty_blink_rel
Reviewed-on: https://chromium-review.googlesource.com/1195533
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55507}
This shares logic for finding additional resources in JS source code.
Previously the logic was implemented for mjsunit, now it will be used
across all d8-based test cases.
This'll enable adding those test suites for Android testing.
Bug: chromium:866862
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I7c89ba141483aaf692a03c0e168edb61bbb7b010
Reviewed-on: https://chromium-review.googlesource.com/1193873
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55503}
This increases the size of a V8BreakIterator instance by a word to store
the breakType function.
The instance to be bound is stored on the context of this builtin function.
This CL removes the AddBoundMethod helper from intl.js
Bug: v8:5751
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I4e4df2632990300b91eafda680d414e0b373825b
Reviewed-on: https://chromium-review.googlesource.com/1194803
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55501}
The AtomicNarrow operations are currently used for wider 64-bit
operations, that only operate on 32-bits of data or less
(Ex:I64AtomicAdd8U). Removing these because this can be handled
in int64-lowering by zeroing the higher order node.
Explicitly zeroing these in code-gen is not
required because -
- The spec requires only the data exchange to be atomic, for narrow
ops this uses only the low word.
- The return values are not in memory, so are not visible to other
workers/threads
BUG:v8:6532
Change-Id: I90a795ab6c21c70cb096f59a137de653c9c6a178
Reviewed-on: https://chromium-review.googlesource.com/1194428
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Ben Smith <binji@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55499}
Cloning arrays with Array.prototype.map and for-of push is too slow
for large arrays.
Bug: chromium:878681
Change-Id: I70ba5faad9e19cdc5a39cc64fb1b4bcb3fd0bf48
Reviewed-on: https://chromium-review.googlesource.com/1195363
Commit-Queue: Hai Dang <dhai@google.com>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55496}
This replaces ebx usage in several more interface descriptors.
- IC descriptors already passed most arguments on the stack (updated
their Register accessors to reflect that).
- The allocation site argument appears to be unused in the
ConstructStub descriptor. It can probably be removed in a follow-up.
Drive-by: Rename ArgumentAdaptorDescriptor to
ArgumentsAdaptorDescriptor to match the builtin name.
Bug: v8:6666
Change-Id: I4cdf1775a5b4b74491d6d303c49a8af9b6cd3c03
Reviewed-on: https://chromium-review.googlesource.com/1195367
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55495}
This CL additionally uses IsInRange for token range checks. That only uses one
branch rather than two.
Change-Id: I52c6759ba195b55cb50c2ce9afbdc9b397495633
Reviewed-on: https://chromium-review.googlesource.com/1193875
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55494}
On 32-bit platforms, String::kMaxLength is such that not all BigInts
can be converted to Strings. NoSideEffectsToString, however, used to
assume that this conversion always succeeds. This patch adds a check
for the failure case, and returns "<a very large BigInt>" instead of
crashing.
This change is practically unobservable, because actually formatting
such a huge BigInt to String would take "forever", which is also why
there is no regression test.
Bug: chromium:876628
Change-Id: I1eacdc1cce753ac5d9ca66e61e479043ab576e07
Reviewed-on: https://chromium-review.googlesource.com/1194004
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55491}
In preparation for kRootRegister support on ia32.
LoadWithVector now passes the vector on the stack.
LoadGlobalWithVector is able to reuse edx (used as ReceiverRegister in
LoadWithVector).
Drive-by: Aliasing DCHECKs and updated unused Register accessors.
Bug: v8:6666
Change-Id: If0e93d22c3c11f764bc0805c3e6a51654cdcc5f9
Reviewed-on: https://chromium-review.googlesource.com/1193891
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55490}
