Moved class definitions into header
Change-Id: I2d3e5ec6f8f5068284cdbaa6900797950fc7e01a
Reviewed-on: https://chromium-review.googlesource.com/c/1422739
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58946}
Fix WebAssembly's table/get-set js-api. The argument is a unsigned long,
this change refactors most of arithmetic and bounds checks type from
int64 to uint32_t, according to the spec.
Bug: v8:8319
Change-Id: I088f631c6805b0e5ba29089b08ea15e78fe5852d
Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
Reviewed-on: https://chromium-review.googlesource.com/c/1414914
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Sven Sauleau <ssauleau@igalia.com>
Cr-Commit-Position: refs/heads/master@{#58941}
Fix WebAssembly's table/grow js-api. The argument is a unsigned long,
this change refactors most of arithmetic and bounds checks type from
int64 to uint32_t, according to the spec.
Bug: v8:8319
Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
Change-Id: Ia29121c930d7fb930668e54a5a769dae25234f2c
Reviewed-on: https://chromium-review.googlesource.com/c/1351006
Commit-Queue: Sven Sauleau <ssauleau@igalia.com>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58936}
This reverts commit 4e1d7c87b9.
Reason for revert:
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20arm%20-%20sim%20-%20debug/14986
Original change's description:
> [wasm] Split compilation in three stages
>
> In order to refactor ownership between objects in wasm compilation, the
> compilation (executed by background tasks) is split in three stages:
> getting a compilation unit (while holding a mutex), executing the work
> (without any mutex and without keeping the NativeModule alive), and
> submitting the work (with a mutex again).
>
> This CL prepares this design by splitting compilation from submission.
> Both steps are still executed right after each other. This will be
> changed in a follow-up CL.
>
> R=titzer@chromium.org
> CC=mstarzinger@chromium.org
>
> Bug: v8:8689
> Change-Id: I2f92aee8e2f2d45470d8c63314ed026341630902
> Reviewed-on: https://chromium-review.googlesource.com/c/1414920
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58929}
TBR=titzer@chromium.org,clemensh@chromium.org
Change-Id: Ic3d0287b354ef5f834b76bc2cdc096d2231f4477
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8689
Reviewed-on: https://chromium-review.googlesource.com/c/1422917
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58932}
In order to refactor ownership between objects in wasm compilation, the
compilation (executed by background tasks) is split in three stages:
getting a compilation unit (while holding a mutex), executing the work
(without any mutex and without keeping the NativeModule alive), and
submitting the work (with a mutex again).
This CL prepares this design by splitting compilation from submission.
Both steps are still executed right after each other. This will be
changed in a follow-up CL.
R=titzer@chromium.orgCC=mstarzinger@chromium.org
Bug: v8:8689
Change-Id: I2f92aee8e2f2d45470d8c63314ed026341630902
Reviewed-on: https://chromium-review.googlesource.com/c/1414920
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58929}
By using a shared byte buffer on the preparser we can drastically
reduce the number of ZoneChunkLists.
Each PreparseDataBuilder now explicitly keeps track of all inner
builders/functions and writes out the data in consecutive order.
Change-Id: I0aada118d869b150108c1f633d9960474ad2f9a1
Reviewed-on: https://chromium-review.googlesource.com/c/1411600
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58926}
We found the nexus 5x flake so this is no longer needed.
Leave the printing functions themselves as they will still be useful
for local debugging.
Bug: v8:8649
Change-Id: Ie0af2bc9b0fc7fb8ac00ec0039b6898553865189
Reviewed-on: https://chromium-review.googlesource.com/c/1420957
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58923}
This test checks that the ModuleCompiledCallback is called eventually.
R=clemensh@chromium.orgCC=adamk@chromium.org
Bug: v8:8677
Change-Id: I360f88064f870dd4a12db019e3c9f72154abf13b
Reviewed-on: https://chromium-review.googlesource.com/c/1420759
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58917}
This reverts commit 13e07389ff.
Original change's description:
> [heap] Remove bailout marking worklist.
>
> The concurrent marker can now process all objects.
> This patch also eagerly visits the objects that undergo layout
> changes. This is because previously such objects were pushed
> onto the bailout worklist, which is gone now.
> To preserve the incremental step accounting, the patch introduces
> a new GC tracer scope called MC_INCREMENTAL_LAYOUT_CHANGE.
>
> Bug: v8:8486
> Change-Id: Ic1c2f0d4e2ac0602fc945f3258af9624247bd65f
> Reviewed-on: https://chromium-review.googlesource.com/c/1386486
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58712}
Change-Id: I85c99837819f6971c248198bd51ad40eebdb4fac
Reviewed-on: https://chromium-review.googlesource.com/c/1417595
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58913}
This CL removes a CHECK_LE that does not hold in all cases. After
moving all elements to the front, current_pos will point to the next
free spot. In the case where an object is 'packed', i.e. each index
has a non-undefined value, and the length is smaller then the max
index, current_pos will be greater than the length (limit in the code).
Sidenote: The block after taking the minimum (where the counted
undefineds get set) will not be affected. In the case where
num_undefined > 0, current_pos should be guaranteed to be smaller
than limit, as long there are no accessors with side-effects.
R=jgruber@chromium.org
Bug: chromium:923265
Change-Id: Id533cdc4db6c6c6f266cf7c6a8ab6ecbbeee7016
Reviewed-on: https://chromium-review.googlesource.com/c/1420679
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58912}
This reverts commit 0896599f6f.
Reason for revert: Speculative revert, seems to cause a layout test failure blocking the LKGR - https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8-Blink%20Linux%2064/29320
Original change's description:
> Change SetProperty/SetSuperProperty to infer language mode when possible
>
> In most cases, the language mode can be inferred from the closure and
> the context. Computing the language mode instead of passing it around
> simplifies the ICs and will make it possible to go towards lazily
> allocating feedback vectors. Currently ICs obtain the language mode from
> the feedback vectors and with lazy feedback allocation we may not always
> have feedback vectors. Since computing language mode is a bit expensive
> we want to defer it as far as possible.
>
> In Array builtins and other builtins like Reflect.Set we need to force a
> language mode when setting the properties. To support these cases the
> SetProperty methods allow the language mode to be overridden when needed.
>
> This is a first cl in a series of cls, that will defer the language mode
> computation further and remove language mode where it is not needed.
>
> BUG: v8:8580
> Change-Id: I9c2396e3bcfe77c3c9d6760c46d86954d54744b9
> Reviewed-on: https://chromium-review.googlesource.com/c/1409426
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Mythri Alle <mythria@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58893}
TBR=mlippautz@chromium.org,mythria@chromium.org,jgruber@chromium.org,verwaest@chromium.org
Change-Id: I2e0f80a4577a8ca86c05a62205f9dfa488418a52
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/1420758
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58911}
Cleans up always=true intl-relative-time-format flag
It shipped in m71 in Dec 2018.
Bug: v8:8704
Change-Id: I52d86aea9aedf201a216a1df0773a486fbee37b9
Reviewed-on: https://chromium-review.googlesource.com/c/1417299
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58904}
MicrotaskQueueTest uses Isolate's default_microtask_queue for testing,
however the instance is shared between test cases, and causes flaky
failure of MicrotaskQueueTest.BufferGrowth.
This CL adds a MicrotaskQueue instance for each test fixture, so that
each test cases use separate ones.
Also, this CL removes the DCHECK that denies non-default MicrotaskQueue
to run, which is unneeded after https://crrev.com/c/1369906.
Bug: v8:8124
Change-Id: I4ff236c327bf0be14f582b3ca8c802fd72661b42
Reviewed-on: https://chromium-review.googlesource.com/c/1417315
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58901}
and also fix part of test in intl402/Locale/likely-subtags
Improve Intl::ToLanguageTag to also handle -yes in -u- extension
Avoid removing if there are other text after -true and -yes before -
Bug: v8:7669, v8:8236
Change-Id: I59943651889602288e6978d0b1c875d89199fe33
Reviewed-on: https://chromium-review.googlesource.com/c/1383094
Reviewed-by: Jungshik Shin <jshin@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58900}
The current implementation does not correctly handle the edge case for setYear
where input is something like -0.99
Bug: v8:5139
Change-Id: Ia919814eb6282c7f996cccc4531ed073e843ba27
Reviewed-on: https://chromium-review.googlesource.com/c/1412501
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#58899}
At the moment, the whole WebAssembly compilation may run in a single
background task. On a low-end device, this can mean that the background
thread is busy for seconds and thereby blocks other tasks, see e.g.
https://crbug.com/914757.
With this CL we re-schedule compilation tasks after every 50ms. These
50ms are an arbitrary number. I don't want to introduce too much
overhead, but since this is in the background we also don't have to
make tasks super short.
Tasks which are going to compile with TurboFan will be posted with
lower priority.
This change requires changes in the CancelableTaskManager. At the
moment it is not possible that a background task posts a new task
which is managed by the same task manager as itself. The problem is
about how to deal with another thread which calls CancelAndWait
concurrently. At the moment, if a new task gets posted after the call
to CancelAndWait, then `CHECK(!canceled_)` in
CancelableTaskManager::Register will fail. If we used a lock to
synchronize the calls to CancelAndWait and Register, then there would
be a deadlock, where the thread which calls CancelAndWait waits for
the task which wants to call Register, but at the same time blocks that
task by holding the lock.
With the change here, posting a task after the call to CancelAndWait
will just immediately cancel the new task. This matches the behavior
you would get if CancelAndWait is called right after calling Register.
Bug: chromium:914757
Change-Id: I6d57aba161db8a915ec0d745658e0c28d25219a8
Reviewed-on: https://chromium-review.googlesource.com/c/1411884
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58898}
Port 1a1f4e1ef4
Original Commit Message:
Refactor the AllocateAssemblerBuffer helper for the new Assembler API.
This is the only non-mechanical part, all other callsites that create
Assembler instances can be trivially changed to the new API. This will
be done in a separate CL.
R=clemensh@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: I8e22f8c2b6c2b1b9158969d28d4edf291a84bcf0
Reviewed-on: https://chromium-review.googlesource.com/c/1416952
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#58897}
In most cases, the language mode can be inferred from the closure and
the context. Computing the language mode instead of passing it around
simplifies the ICs and will make it possible to go towards lazily
allocating feedback vectors. Currently ICs obtain the language mode from
the feedback vectors and with lazy feedback allocation we may not always
have feedback vectors. Since computing language mode is a bit expensive
we want to defer it as far as possible.
In Array builtins and other builtins like Reflect.Set we need to force a
language mode when setting the properties. To support these cases the
SetProperty methods allow the language mode to be overridden when needed.
This is a first cl in a series of cls, that will defer the language mode
computation further and remove language mode where it is not needed.
BUG: v8:8580
Change-Id: I9c2396e3bcfe77c3c9d6760c46d86954d54744b9
Reviewed-on: https://chromium-review.googlesource.com/c/1409426
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58893}
This CL adds a helper function that simplifies a bounds check pattern
that appears repeatedly in the code.
R=clemensh@chromium.org
Change-Id: I8c617515b34eb2d262d58a239a29c1515de2d92d
Reviewed-on: https://chromium-review.googlesource.com/c/1417611
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58892}
This inlines macros with structs as label parameters, to work-around
a limitation in the C++ lowering of macros that doesn't allow this.
Bug: v8:7793
Change-Id: Idd177c115f3a0b277e8cf99b8a051e6d253359b3
Reviewed-on: https://chromium-review.googlesource.com/c/1417613
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58888}
This CL fixes the zero-count and overlapping cases for the table.copy
bytecode.
R=mstarzinger@chromium.orgCC=binji@chromium.org
BUG=v8:7747
Change-Id: I6211e4c899621069ebf8bc088b3ab4e80c7bbd0a
Reviewed-on: https://chromium-review.googlesource.com/c/1417172
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58887}
Implementation of anyfunc parameters. Different to anyref parameters we
have to do a validation in the js-to-wasm wrapper: Only exported wasm
functions are allowed. I implemented this check in a runtime function.
R=titzer@chromium.org
Bug: v8:7581
Change-Id: I6145782fb8578124ddc21b50133c82235d666f19
Reviewed-on: https://chromium-review.googlesource.com/c/1417470
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58885}
Refactor all call sites to use the new API introduced in
https://crrev.com/c/1411347 and remove the legacy constructors.
R=mstarzinger@chromium.org
Bug: v8:8689, v8:8562
Change-Id: Id73686413726b2860f551dd200ef4b8823ef3034
Reviewed-on: https://chromium-review.googlesource.com/c/1415491
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58884}
Refactor the AllocateAssemblerBuffer helper for the new Assembler API.
This is the only non-mechanical part, all other callsites that create
Assembler instances can be trivially changed to the new API. This will
be done in a separate CL.
R=mstarzinger@chromium.org
Bug: v8:8689, v8:8562
Change-Id: I6c150748eeea778d9b70f41fd66fbb1221035a1b
Reviewed-on: https://chromium-review.googlesource.com/c/1415490
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58881}
This CL fixes two bugs. First, when looking for a free spot while
moving elements to the front, the prototype chain was also considered,
even though an object at a specific index might have a hole (free
spot).
Second, when moving an element to the front, we are not allowed to
delete it immediately (to preserve semantics when interacting with
non-extensible objects). Such an element is then a free spot, but
won't be recognised as such. This CL sets that element to undefined
after it was moved, to mark it as a free spot.
R=jgruber@chromium.org
Bug: chromium:897512,v8:8369
Change-Id: I79207215b8b0a3c714f064450d8fe5ca0ea4a096
Reviewed-on: https://chromium-review.googlesource.com/c/1417171
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58878}
Add a special handle of TypedArray elements in TestElementsIntegrityLevel
Bug: v8:8082
Change-Id: I60be644801618b576b0b8b1883ac67bf0040c849
Reviewed-on: https://chromium-review.googlesource.com/c/1412133
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58874}
Add benchmarks for String.prototype.startsWith in order to keep track
of performance ahead of the torque port.
Bug: v8:8400
Change-Id: I0276b84b315024bba1a0d6f761ee2c6cf2c516a2
Reviewed-on: https://chromium-review.googlesource.com/c/1416070
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58870}
and TurboAssembler. Instead of listing all the different combinations
of arguments (which is one more now, temporarily), just forward all
arguments down via MacroAssembler and TurboAssembler to
TurboAssemblerBase.
Interestingly, this requires more specific types sometimes (int instead
of size_t), since further down the forwarding chain, the compiler does
not recognize any more that the value is a constant, and emits a
warning about a possibly truncating implicit conversion.
R=mstarzinger@chromium.org
Bug: v8:8689, v8:8562
Change-Id: Ifd13d2210ee64251c0075c0d9b68cacd5107d9ab
Reviewed-on: https://chromium-review.googlesource.com/c/1414913
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58869}
Make the description return the class name as it used to be.
BUG=chromium:919292
Change-Id: Idbc07643f15014a39a08a545a5003be891d95bd3
Reviewed-on: https://chromium-review.googlesource.com/c/1416318
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Alexei Filippov <alph@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58867}
Fix WebAssembly's global/value-get-set. The argument must not be
undefined.
mjsunit tests were updated.
Bug: v8:8319
Change-Id: Id3d3c9b18cbc8854e589481dfc7c52f35cfb7bf7
Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
Reviewed-on: https://chromium-review.googlesource.com/c/1411886
Reviewed-by: Ben Smith <binji@chromium.org>
Commit-Queue: Sven Sauleau <ssauleau@igalia.com>
Cr-Commit-Position: refs/heads/master@{#58863}
After moving to its own header, this CL cleans up some parts of the
interface. It fixes names and const-declarations of simple accessors,
and adds a named constructor to make it explicit that an EnumSet should
be constructed from an integral value.
Also refactor the use in cctest.h to have less statically declared
constants. Instead, just create the set of extensions in the individual
tests.
R=titzer@chromium.org
Bug: v8:8562
Change-Id: I6178d1aba25afa1d7f54c29ccf81505c165e7cd3
Reviewed-on: https://chromium-review.googlesource.com/c/1409366
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58862}
With the changes in this patch, it is now possible to add methods to
both Torque's class and struct types. As a special case, "constructor"
methods are used to initialize the values of classes and structs when
they are constructed.
The functionality in this patch includes:
- The refactoring of class- and struct-handling code to share field
and method declaration code between both.
- Addition of the "%Allocate" intrinsic that allocates raw bytes to be
allocated from the V8 GC's NewSpace heap as the basis for freshly
created, initialized class objects.
- An implementation of a CallMethodExpression AST node that enables
calling methods and constructors, including special handling of
passing through the "this" pointer for method calls on structs by
reference. The syntax for struct construction using "{}" remains as
before, but now calls the struct's matching constructor rather than
implicitly initializing the struct fields with the initialization
arguments. A new syntax for allocation classes is introduced: "new
ClassName{constructor_param1, constructor_param1, ...}", which
de-sugars to an %Allocate call followed by a call to the matching
constructor.
- class constructors can use the "super" keyword to initialize their
super class.
- If classes and struct do not have a constructor, Torque creates a
default constructor for them based on their field declarations,
where each field's initial value is assigned to a same-typed
parameter to the the default constructor. The default constructor's
parameters are in field-declaration order, and for derived classes,
the default constructor automatically uses a "super" initialization
call to initialize inherited fields.
- Class field declarations now automatically create ".field" and
".field=" operators that create CSA-compatible object accessors.
- Addition of a no-argument constructor for JSArrays that creates an
empty, PACKED_SMI_ELEMENTS JSArray using the machinery added
elsewhere in this patch.
Bug: v8:7793
Change-Id: I31ce5f4b444656ab999555d780aeeba605666bfa
Reviewed-on: https://chromium-review.googlesource.com/c/1392192
Commit-Queue: Daniel Clifford <danno@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58860}
The table.copy bytecode copies a range of table entries in a similar
way to memcopy. This CL implements the behavior in a runtime call
that calls into the wasm engine.
R=mstarzinger@chromium.org,binji@chromium.org
BUG=v8:7747
Change-Id: I420451202b1b78ea92cbd10387a644ed57e111c8
Reviewed-on: https://chromium-review.googlesource.com/c/1414919
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58858}
That makes the declaration in sync with how dynamic references are resolved,
avoiding duplicate variable creation in the likely case that the variable is
also referenced within the eval.
Bug: v8:5112, v8:5135, v8:8693
Change-Id: I0c55495f573fe8b5076b1627c139ff72d1adda74
Also-by: leszeks@chromium.org
Reviewed-on: https://chromium-review.googlesource.com/c/1408890
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58850}
Storing a VariableProxy in declarations means that a declaration and
initialisation assignment are tightly coupled to use the same var. In
particular, this means that Var declarations in with scopes have to
clone the VariableProxy to split the declaration and initializer LHS
lookup.
This patch changes declarations to point directly to the Variable, not
the VariableProxy. This will allow future refactoring to decouple
declarations and initialisations.
Change-Id: I0baa77bfd12fe175f9521d292740d7d712cffd37
Reviewed-on: https://chromium-review.googlesource.com/c/1406683
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58843}
Now the embedder can instruct V8 to restore the initial heap limit
once the heap size drops below the given percentage of the heap limit.
Bug: chromium:922038
Change-Id: Ib668406c5d59c02b45a8eae7de96527ebc3f2b4d
Reviewed-on: https://chromium-review.googlesource.com/c/1411606
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58837}
This switches the experimental exception handling implementation to the
new proposal where 'catch' blocks behave in a catch-all fashion and a
new 'br_on_exn' operation is used to check for a certain exception type
and extract the exception values on a match.
R=clemensh@chromium.org
TEST=unittests/FunctionBodyDecoderTest,mjsunit/wasm/exceptions
BUG=v8:8091
Change-Id: Ib12ba28b3aa2a7d831312a83abcb00bf56d0adc3
Reviewed-on: https://chromium-review.googlesource.com/c/1409431
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58832}
The parenthesized flag guarantees that the contents was validated as a possible
arrow head. By collapsing a parenthesized expression with an outer binary
expression we invalidly kept the flag and invalidly assumed that the collapsed
expression was validated.
Bug: chromium:921382
Change-Id: I207dcbfd228a1ed216130226fdb7ea045b89b85a
Reviewed-on: https://chromium-review.googlesource.com/c/1412172
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58829}
We often use ResultBase or VoidResult to store or pass wasm errors
(errors with locations). This CL extracts a WasmError class which can
store an error (can also be empty), and Result<T> which stores an error
or a T (exactly one of them).
R=titzer@chromium.org
Bug: v8:8689
Change-Id: I3f5203559984a0ae8757e0130a9184957fa28df5
Reviewed-on: https://chromium-review.googlesource.com/c/1409365
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58827}
A sloppy function in a block scope implicitily creates a var in the outer
declaration scope if it's not blocked. The assignment created reads the local
lexical declaration for the function. The reference introduced automatically
takes part in NeedsHoleCheck, requiring the reference to have a valid position.
Since the assignment will happen after the local declaration, we give the
end_position() of the closure as the position of the reference, so hole checks
can be omitted.
Bug: chromium:917755
Change-Id: Iee0e042b2463f97f05075f9eec09dac8c6eaf539
Reviewed-on: https://chromium-review.googlesource.com/c/1408991
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58823}
With this CL we support importing mutable anyref globals. The CL
contains the following changes:
* We store a reference to the buffer of the imported global in
`WasmInstance::imported_mutable_globals_buffer`. This FixedArray is
already used to keep the ArrayBuffers of value-typed imported
mutable globals alive but was not accessed otherwise.
* We store the offset in the buffer of the imported global in
`WasmInstance::imported_mutable_globals`. This `Address`-array is
used for value-typed imported mutalbe globals to store direct
pointers into the backing store of the ArrayBuffer of the imported
global.
* In wasm-compiler.cc we generate code to load these fields and then
load or store globals.
* in module-compiler.cc I removed the counter variable
`next_imported_mutable_global_index`. The variable was only used for
a DCHECK. I replaced the DCHECK with a slightly weaker DCHECK now.
* Tests.
R=mstarzinger@chromium.org
Bug: v8:7581
Change-Id: I11f0f4d8637c98eded5fb2eec44bc8ead8ed5c7b
Reviewed-on: https://chromium-review.googlesource.com/c/1409169
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58822}
--jitless -> --no-opt
-> --no-validate-asm
-> --wasm-interpret-all -> --no-asm-wasm-lazy-compilation
-> --no-wasm-lazy-compilation
Note that wasm still isn't supported in jitless mode since it generates
code at runtime even with --wasm-interpret-all.
Drive-by: Fail early when trying to compile irregexp code in jitless
mode.
Cq-Include-Trybots: luci.v8.try:v8_linux_arm_lite_rel_ng
Bug: v8:7777
Change-Id: I7f0421f71efeaaeb030ed9ec268d12a659667acf
Reviewed-on: https://chromium-review.googlesource.com/c/1406677
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58820}
EnumSet currently lives in src/utils.h, which is a conglomerate of many
different helper functions and classes. In order to remove unneeded
include, move the EnumSet to its own header.
R=titzer@chromium.org
Bug: v8:7490, v8:8562
Change-Id: I979814167e87b914e9807b03e342d8b34e514331
Reviewed-on: https://chromium-review.googlesource.com/c/1409430
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58818}
The table.drop bytecode "drops" the backing storage for an element
initializer. In the V8 implementation, this is a nop, other than
updating a per-instance boolean array so that two drops of the same
segment or a drop of an active segment will trap.
This is implemented with inline code in TurboFan in order to be symmetric
to memory.drop, but could as easily be a runtime call to be supported in
Liftoff.
R=mstarzinger@chromium.org
CC=binji@chromium.org
BUG=v8:7747
Change-Id: Ic017398eaa764dd3a9ff19523453ff7142c9abf6
Reviewed-on: https://chromium-review.googlesource.com/c/1408996
Reviewed-by: Ben Smith <binji@chromium.org>
Commit-Queue: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58817}
It is slightly faster than Page::FromAddress(o->address()) (saves
one instruction), and more concise than Page::FromAddress(o->ptr()).
Same for MemoryChunk::FromHeapObject().
Bug: v8:8562
Change-Id: I9dc2b787aed5cad2d4087850dfa2e8eb157ad225
Reviewed-on: https://chromium-review.googlesource.com/c/1405031
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58806}
This removes the iteration protocol from the parser entirely, and opens
up future possibilities for more bytecodes implementing the various
functions of the protocol.
Change-Id: I316b8a92434d3b5f47927408a235ddaecd65d5bb
Reviewed-on: https://chromium-review.googlesource.com/c/1403125
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58795}
The background compile tasks should not access the NativeModule during
the main compile phase.
This CL moves on of the accessed fields into the {CompilationEnv}. It
is initialized from the existing field on the {NativeModule}.
R=titzer@chromium.org
Bug: v8:8689
Change-Id: I9738e2fb4681a035cbacf3c9e00b9e5cc9419416
Reviewed-on: https://chromium-review.googlesource.com/c/1409423
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58793}
The --perf-prof flag generates unwanted .dump files, while the
--perf-prof-unwinding-info flag enables the functionality under test here.
R=jgruber@chromium.org
BUG=chromium:913844
Change-Id: Ie5ee374977d6105854f42065600dac1bc5ba6df7
Reviewed-on: https://chromium-review.googlesource.com/c/1409363
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58791}
This reverts commit 68a8bdd829.
Reason for revert: memory regression: crbug.com/921239
Original change's description:
> [heap] Remove bailout marking worklist.
>
> The concurrent marker can now process all objects.
> This patch also eagerly visits the objects that undergo layout
> changes. This is because previously such objects were pushed
> onto the bailout worklist, which is gone now.
> To preserve the incremental step accounting, the patch introduces
> a new GC tracer scope called MC_INCREMENTAL_LAYOUT_CHANGE.
>
> Bug: v8:8486
> Change-Id: Ic1c2f0d4e2ac0602fc945f3258af9624247bd65f
> Reviewed-on: https://chromium-review.googlesource.com/c/1386486
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58712}
TBR=ulan@chromium.org,mlippautz@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:8486, chromium:921239
Change-Id: I1f851b948f4ce403316e469999f0b16e8dfdb62d
Reviewed-on: https://chromium-review.googlesource.com/c/1408990
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58787}
This CL adds two new runtime calls for table operations:
- Runtime_WasmTableInit
- Runtime_WasmTableCopy
These runtime calls (will) implement the semantics for the corresponding
bytecodes from the bulk memory proposal. The actual implementation
of these runtime calls will be done in further CLs.
The third table operation, table.drop, will be implemented with inline
code, similar to memory.drop. This is also be done in a further CL.
R=mstarzinger@chromium.org
CC=binji@chromium.org
BUG=v8:7747
Change-Id: I498aa054329baf9f72ae55d245b12c3ccd4157b7
Reviewed-on: https://chromium-review.googlesource.com/c/1408994
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58786}
This is a reland of e2d44ede95
Original change's description:
> [parser] Inline byte scope data into PreparseData object
>
> Each PreparseData object had at least one pointer to a PodArray for its
> serialized scope data. These objects usually have only tens of bytes of
> payload. By inlining the byte data we save 3 words per PreparseData object.
> This optimization saves 140KB of data on cnn.com.
>
>
> - Store data_length and inner_length as int32 saving a words on 64bit
> - Inline store byte data into PreparseData
> - OnHeapConsumedPreparseData directly uses the PreparseData object
> - get_inner, set_inner no longer allow Null sentinels
>
> Change-Id: I1f62154d05ea2f98a6574efa738b32a8a84319d5
> Reviewed-on: https://chromium-review.googlesource.com/c/1406673
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Camillo Bruni <cbruni@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58751}
Change-Id: I1f0a22c641d0d67f435b01c82daf8da7f144bff4
Reviewed-on: https://chromium-review.googlesource.com/c/1407066
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58785}
Instead, pass it as a parameter to the compilation.
This makes compilation units slimmer with the end goal of them being
just the function index and execution tier.
It also makes ownership handling of the NativeModule easier.
R=titzer@chromium.org
Bug: v8:8343, v8:7921
Change-Id: I0522c894569c71d8b7245f5ed5612ab2a249e1ad
Reviewed-on: https://chromium-review.googlesource.com/c/1406668
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58776}
This matches the terminology that is used throughout the spec.
R=clemensh@chromium.org
Change-Id: I62445e750415e6048b805110c7306f3bdbf9da60
Reviewed-on: https://chromium-review.googlesource.com/c/1408988
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58774}
It removes the assertion that caused the bug report by introducing a new
trampoline (WasmBigIntToI64) for the conversion code stub between a Bigint
object and a Wasm i64 BigIntToI64).
The tests were updated to cover calling the stub from a Wasm callsite.
Bug: v8:8625
Change-Id: I55891001cfa72f6f2849792293b43bbb54147f1a
Reviewed-on: https://chromium-review.googlesource.com/c/1405028
Commit-Queue: Sven Sauleau <ssauleau@igalia.com>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58767}
Bug: chromium:917215
Change-Id: Ie2127953a8ce3d6da4feb3478039ba318774e21d
Reviewed-on: https://chromium-review.googlesource.com/c/1404176
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58755}
This reverts commit e2d44ede95.
Reason for revert: Breaks GC stress tests - https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/23527
Original change's description:
> [parser] Inline byte scope data into PreparseData object
>
> Each PreparseData object had at least one pointer to a PodArray for its
> serialized scope data. These objects usually have only tens of bytes of
> payload. By inlining the byte data we save 3 words per PreparseData object.
> This optimization saves 140KB of data on cnn.com.
>
>
> - Store data_length and inner_length as int32 saving a words on 64bit
> - Inline store byte data into PreparseData
> - OnHeapConsumedPreparseData directly uses the PreparseData object
> - get_inner, set_inner no longer allow Null sentinels
>
> Change-Id: I1f62154d05ea2f98a6574efa738b32a8a84319d5
> Reviewed-on: https://chromium-review.googlesource.com/c/1406673
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Camillo Bruni <cbruni@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58751}
TBR=ulan@chromium.org,cbruni@chromium.org,leszeks@chromium.org
Change-Id: I39d92ee7bd2864e1b0c3a8fed4a11b68b3e14d58
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/1407073
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58753}
Each PreparseData object had at least one pointer to a PodArray for its
serialized scope data. These objects usually have only tens of bytes of
payload. By inlining the byte data we save 3 words per PreparseData object.
This optimization saves 140KB of data on cnn.com.
- Store data_length and inner_length as int32 saving a words on 64bit
- Inline store byte data into PreparseData
- OnHeapConsumedPreparseData directly uses the PreparseData object
- get_inner, set_inner no longer allow Null sentinels
Change-Id: I1f62154d05ea2f98a6574efa738b32a8a84319d5
Reviewed-on: https://chromium-review.googlesource.com/c/1406673
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58751}
The fuzzers were already removed on the chrome side and therefore
inactive, see https://crrev.com/c/1194228.
R=machenbach@chromium.org
Bug: v8:8562
Change-Id: I0cf5ec6d07e07452c5168ea952f45028bcea1c85
Reviewed-on: https://chromium-review.googlesource.com/c/1406678
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58750}
It is not legal for destructuring patterns and identifiers in declarations
to be in parentheses. This includes nested patterns/identifiers inside
another pattern.
We were checking sub-patterns for parentheses when parsing possible
sub-patterns, but this check missed sub-patterns with a default
initialiser (e.g. [({x:y})=1] = {}), as the AssignmentExpression hid
the pattern.
So, we now additionally record declaration/pattern errors of an assignment
LHS when parsing the assignment cover grammar.
Bug: v8:8630
Change-Id: Ia5a97003671fc1da7f68d7fb15943928ce9496e3
Reviewed-on: https://chromium-review.googlesource.com/c/1404452
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58743}
The JSRegExp's data fixed array is variable size depending on the
regexp kind.
Bug: v8:8572
Change-Id: I8f07b8e8d2a9a81e0905563fb701e1e3687cafb5
Reviewed-on: https://chromium-review.googlesource.com/c/1405034
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58741}
As far as I can tell these were unused; their only callers were arm
and ppc simulators, but codegen explicitly returned nullptr if in a
simulator build, falling back to std::sqrt.
There's more potential cleanup to be done here for other functions
defined in codegen-*.cc files.
Tbr: clemensh@chromium.org
Bug: v8:7777, v8:8675
Change-Id: I4b9d6062c6724a810ab094d09e3cd04a0b733d9b
Reviewed-on: https://chromium-review.googlesource.com/c/1405851
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58740}
In the degenerate case where we wanted to emit {x = x - x} (where {x}
is any register), ia32 and x64 generated wrong code (producing {-x + -x}
instead). Fix this by special casing this case.
R=ahaas@chromium.org
Bug: chromium:919308
Change-Id: I9cd9818d2a678450ac6530107e7a5cbb625ddb8d
Reviewed-on: https://chromium-review.googlesource.com/c/1405029
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58731}
This avoids having to update either the source code or the generated
test cases each year.
R=ahaas@chromium.org
Change-Id: I33fb85dc4ae7d45f8d05d982e0285d6fd3008a26
Reviewed-on: https://chromium-review.googlesource.com/c/1405032
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58725}
i64 values can be up to 20 characters long (19 + sign), plus we need
one character for the terminating null character. Thus the previous 18
needs to be increased to 21.
Also extend the test to check the longest possible i64 values.
R=ahaas@chromium.orgCC=kozyatinskiy@chromium.org
Bug: v8:8644
Change-Id: Ia9458db162a55dd57b5e8bc7cf7db73c3bab4734
Reviewed-on: https://chromium-review.googlesource.com/c/1404443
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58724}
In {Assembler::and_} we might need to use the scratch register. Thus use
a free LiftoffRegister instead to emit i32 popcnt.
R=ahaas@chromium.orgCC=george.wort@arm.com
Bug: chromium:918284
Change-Id: Ia814899bf6e33dd4989fd09329542b4bc09b48df
Reviewed-on: https://chromium-review.googlesource.com/c/1405036
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58723}
This is a reland of 8f83fd0a55
Original change's description:
> [wasm] Fix SIMD boolean reductions on Intel
>
> - Both AllTrue/AnyTrue values should return boolean 0/1
> instead of 0xffffffff to match Spec/Toolchain
> - Fix AllTrue implementation to be correct
> - Add unit tests to spot check return values as the
> cumulative test can coerce some return values to True/False
>
> Change-Id: I84eb73c915414c9ec290e73f1306404ceff729f0
> Bug: v8:8636
> Reviewed-on: https://chromium-review.googlesource.com/c/1404197
> Reviewed-by: Bill Budge <bbudge@chromium.org>
> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#58715}
Bug: v8:8636
Change-Id: Ifc438d7b64bf5d461cc848851165665104fe57d0
Reviewed-on: https://chromium-review.googlesource.com/c/1405909
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58719}
- Both AllTrue/AnyTrue values should return boolean 0/1
instead of 0xffffffff to match Spec/Toolchain
- Fix AllTrue implementation to be correct
- Add unit tests to spot check return values as the
cumulative test can coerce some return values to True/False
Change-Id: I84eb73c915414c9ec290e73f1306404ceff729f0
Bug: v8:8636
Reviewed-on: https://chromium-review.googlesource.com/c/1404197
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58715}
If feedback for call site frequency is 0, then the combined frequency
is still 0, even if the current function invocation count is infinity.
Bug: chromium:919754
Change-Id: I97be096b6b38f934fb13f01b2b22e148c539e1c0
Reviewed-on: https://chromium-review.googlesource.com/c/1404445
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58714}
If a species constructor is installed, filter() needs to loop over
the elements of the array in the "slow" way, because it doesn't
know the ElementsKind of the output array. The code failed to
bail out to the slow case for the loop right away on discovering this.
Bug: chromium:920184, chromium:920491
Change-Id: I74496db20a90807b631c1bebe7604d85b199df67
Reviewed-on: https://chromium-review.googlesource.com/c/1405035
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58713}
The concurrent marker can now process all objects.
This patch also eagerly visits the objects that undergo layout
changes. This is because previously such objects were pushed
onto the bailout worklist, which is gone now.
To preserve the incremental step accounting, the patch introduces
a new GC tracer scope called MC_INCREMENTAL_LAYOUT_CHANGE.
Bug: v8:8486
Change-Id: Ic1c2f0d4e2ac0602fc945f3258af9624247bd65f
Reviewed-on: https://chromium-review.googlesource.com/c/1386486
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58712}
