Reason for revert:
As adamk@ pointed out, this is not correct. Some more changes required instead
Original issue's description:
> [turbofan] Enable super constructor inlining.
>
> When we inlined a [[Construct]] call to a subclass constructor, we can
> also inline the super constructor call (either explicit or implicit),
> since we have a concrete JSFunction constant for the subclass and we
> can thus constant-fold the %_GetSuperConstructor intrinsic. We don't
> need any guards here since the prototype of subclass constructors is
> non-writable, non-configurable in ES6.
>
> BUG=v8:5517
> R=jarin@chromium.org
>
> Committed: https://crrev.com/74158b00b3f6a1fc8676dd1f7af4d96131eb5ebe
> Cr-Commit-Position: refs/heads/master@{#40261}
TBR=jarin@chromium.org,adamk@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5517
Review-Url: https://codereview.chromium.org/2413883003
Cr-Commit-Position: refs/heads/master@{#40285}
This CL also adds separate runtime call stats buckets for data handlers.
BUG=
Review-Url: https://codereview.chromium.org/2419513002
Cr-Commit-Position: refs/heads/master@{#40281}
Reason for revert:
Timeout on gc stress bot.
Original issue's description:
> [heap] Cancel tasks before tearing down the heap.
>
> BUG=chromium:654343
>
> Committed: https://crrev.com/9365463d6f1fc11b2369fff63ca0ac825c61eae4
> Cr-Commit-Position: refs/heads/master@{#40272}
TBR=mlippautz@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:654343
Review-Url: https://codereview.chromium.org/2414073002
Cr-Commit-Position: refs/heads/master@{#40279}
When the test is executed in user mode qemu for mips64, it fails because
the buffer is too small. Increasing the buffer fixes the problem.
BUG=
TEST=cctest/test-mark-compact/RegressJoinThreadsOnIsolateDeinit
Review-Url: https://codereview.chromium.org/2416573002
Cr-Commit-Position: refs/heads/master@{#40278}
This ports RegExpInitialize, IsRegExp, InternalMatch and InternalReplace to C++
/ TurboFan. InternalMatch is in TurboFan because it calls RegExpExecStub and
needs to construct a RegExpResult (which are, respectively, a PlatformStub and
a CodeStubAssembler function).
Except for LastMatchInfo (and GetSubstitution, which could be moved to string.js
anytime), regexp.js is now completely empty.
BUG=v8:5339
Review-Url: https://codereview.chromium.org/2409513003
Cr-Commit-Position: refs/heads/master@{#40277}
This is automatically taken into account in the Parser constructor already
BUG=v8:5501
Review-Url: https://codereview.chromium.org/2409103005
Cr-Commit-Position: refs/heads/master@{#40275}
With --trace-ic flag, the function names and the source positions are
not shown for interpreted functions. Interpreted functions have an extra
frame built by bytecode handlers which has to be skipped to get the
interpreted function's frame. Also the code offsets are computed differently
for interpreted functions.
BUG=v8:4280
Review-Url: https://codereview.chromium.org/2405173007
Cr-Commit-Position: refs/heads/master@{#40274}
A decoder error sets builder_ to null, which causes builder_->StackCheck
to segfault.
R=titzer@chromium.org
TEST=mjsunit/regress/wasm/loop-stack-check
Review-Url: https://codereview.chromium.org/2416873002
Cr-Commit-Position: refs/heads/master@{#40271}
This CL fixes the debugger interface to provide correct (high-level)
information for asm.js frames.
It moves the computation of the source position from the FrameInspector
to the individual StackFrame implementations, such that we can easily
specualize it for certain frame types, and can potentially reuse this
in other locations.
Also, we are finalizing the setup of the wasm module earlier, before
executing the start function. This is required for correct stack traces
during the execution of the start function.
R=titzer@chromium.org, yangguo@chromium.org
BUG=v8:4203
Review-Url: https://codereview.chromium.org/2413693003
Cr-Commit-Position: refs/heads/master@{#40268}
AllocateAlignedMemory calls ReserveAlignedMemory which increments size_
value. In some cases AllocateAlignedMemory can return NULL value. Before
returning NULL, AllocateAlignedMemory should decrease size_ value.
TEST=cctest/test-spaces/LargeObjectSpace
BUG=
Review-Url: https://codereview.chromium.org/2418733002
Cr-Commit-Position: refs/heads/master@{#40262}
When we inlined a [[Construct]] call to a subclass constructor, we can
also inline the super constructor call (either explicit or implicit),
since we have a concrete JSFunction constant for the subclass and we
can thus constant-fold the %_GetSuperConstructor intrinsic. We don't
need any guards here since the prototype of subclass constructors is
non-writable, non-configurable in ES6.
BUG=v8:5517
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2409423006
Cr-Commit-Position: refs/heads/master@{#40261}
It belongs there more logically. In addition, this is a pre-step needed
for preparsing the parameters of a preparsed function.
In addition, move the "subtract rest parameter from arity" logic from
Parser to (Pre)?ParserFormalParameters.
BUG=v8:5515
Review-Url: https://codereview.chromium.org/2414003002
Cr-Commit-Position: refs/heads/master@{#40258}
Any context outer to what we're parsing already has proper context allocation, so we don't need to check those scopes.
BUG=v8:5501
Review-Url: https://codereview.chromium.org/2417643003
Cr-Commit-Position: refs/heads/master@{#40256}
In a fuzzer testcase I found locally the ast-decoder spent a lot of time
in the decoding of kExprBrTable after the decoder already found an
error. I did not add a test because the fuzzer test case did not
actually crash. It only run out of memory in the chromium fuzzer.
R=titzer@chromium.org
Review-Url: https://codereview.chromium.org/2413863003
Cr-Commit-Position: refs/heads/master@{#40254}
This moves the implementation of @@replace from regexp.js to builtins-regexp.cc
(the TurboFan fast path) and runtime-regexp.cc (slow path). The fast path
handles all cases in which the regexp itself is an unmodified JSRegExp
instance, the given 'replace' argument is not callable and does not contain any
'$' characters (i.e. we are doing a string replacement).
BUG=v8:5339
Review-Url: https://codereview.chromium.org/2398423002
Cr-Commit-Position: refs/heads/master@{#40253}
This fixes the code-path in RegExpExec in which both the passed exec
argument and regexp.exec are not callable and regexp is a JSRegExp.
In this case, we fall back to the default RegExp.prototype.exec
implementation. The arguments for Execution::call were incorrect.
BUG=v8:5339
Review-Url: https://codereview.chromium.org/2415073002
Cr-Commit-Position: refs/heads/master@{#40249}
I don't see a reason why we can't benefit from preparsing such functions. We don't necessarily compile them, so fully parsing them when unnecessary is just additional overhead.
BUG=v8:5501
Review-Url: https://codereview.chromium.org/2413213002
Cr-Commit-Position: refs/heads/master@{#40248}
port c15c58274f (r40206)
original commit message:
This is the next step to unify the Call/Construct feedback collection
and prepare it to be able to collect SharedFunctionInfo feedback. This
also reduces the CallICStub overhead quite a bit since we only need one
stub per mode (and tail call mode), not also one per call arity.
BUG=
Review-Url: https://codereview.chromium.org/2409953005
Cr-Commit-Position: refs/heads/master@{#40244}
This incorporates recent feedback:
- simpler deserialization API by dropping the std::unique_ptr.
The only purpose there was communicating to the caller that they
own the buffer, and that the deserializer won't delete it. The new
design communicates that through a naming choice.
- renamed *UncompiledBytes to *WasmWireBytes
BUG=
Review-Url: https://codereview.chromium.org/2411263004
Cr-Commit-Position: refs/heads/master@{#40238}
