Breakpoints are always re-set by the embedder after compilation, so we
don't want to store the corresponding breakpoint objects.
Also don't serialize WASM_INTERPRETER_ENTRY stubs as they are replaced
by ordinary WASM_FUNCTION code at instantiation anyway, and skip
WASM_TO_JS wrappers which are recompiled on each instantiation.
Instead, we serialize the Illegal builtin, and also use that one
instead of the placeholder when compiling the wasm code initially.
R=titzer@chromium.org, yangguo@chromium.org
BUG=v8:5822
Review-Url: https://codereview.chromium.org/2629853004
Cr-Commit-Position: refs/heads/master@{#42451}
As no one will ever try to allocate a Thread directly, we can just make
Thread a proxy of ThreadImpl by reinterpret_casting between both types.
This allows to not mention ThreadImpl in the header at all, and to
define it in an anonymous namespace in the implementation, allowing for
more optimizations.
It also saves runtime, as no memory load is needed to forward from
Thread to ThreadImpl, and we do not need to allocate ThreadImpl objects
on the heap.
R=titzer@chromium.org
Review-Url: https://codereview.chromium.org/2643443002
Cr-Commit-Position: refs/heads/master@{#42450}
When inlining allocations for Array and String iterators, make sure the
allocations have proper types on it (rather than just Type::Any). This
allows us to escape analyze the iterators in a couple of more cases,
i.e. in this very simple case:
function f(a) {
const it = a[Symbol.iterator]();
return it.next().value;
}
R=jarin@chromium.org
BUG=v8:4586,v8:5448
Review-Url: https://codereview.chromium.org/2640743003
Cr-Commit-Position: refs/heads/master@{#42449}
This also introduces exhaustive switch-cases for instance types.
BUG=chromium:681383
Review-Url: https://codereview.chromium.org/2646433002
Cr-Commit-Position: refs/heads/master@{#42447}
This fast path check compared a tagged smi and an untagged one, meaning that the slow path was always taken.
Review-Url: https://codereview.chromium.org/2641823002
Cr-Commit-Position: refs/heads/master@{#42445}
Store breakpoint positions in the WasmSharedModuleData in order to set
them on new instantiations. Also redirect them to all live instances at
the time the breakpoint is set.
Inside the WasmDebugInfo, we store the BreakPointInfo objects to find
hit breakpoints.
R=titzer@chromium.org, yangguo@chromium.org
BUG=v8:5822
Review-Url: https://codereview.chromium.org/2626253002
Cr-Commit-Position: refs/heads/master@{#42443}
We used dynamic dispatch before, which has considerable runtime
overhead. Pimpl (a.k.a. opaque pointer) has the same memory overhead
of one additional pointer, but less runtime overhead.
R=titzer@chromium.org
Review-Url: https://codereview.chromium.org/2639013002
Cr-Commit-Position: refs/heads/master@{#42442}
Non-capturing groups so far did not have any effect, so we elided
them in the regexp parser. However, they do affect how lookarounds
are parsed: in unicode mode, lookarounds are not quantifiable. They
are however if wrapped in a group.
BUG=v8:5845
Review-Url: https://codereview.chromium.org/2636883002
Cr-Commit-Position: refs/heads/master@{#42436}
Collect Receiver feedback for abstract/strict equality in Ignition and
use it in TurboFan to optimize JSEqual and JSStrictEqual operations to
pointer equality instead of having to call Equal/StrictEqual builtins.
R=jarin@chromium.org
BUG=v8:5267,v8:5400
Review-Url: https://codereview.chromium.org/2639883002
Cr-Commit-Position: refs/heads/master@{#42435}
- Currently WebAssembly.Memory.grow() assumes that it always has an instance associated with it,
fix to grow and reflect new size when no instance is associated with memory object.
- Correctness fixes for the js api, throw range errors instead of generic errors
BUG=chromium:680938
R=bradnelson@chromium.org, titzer@chromium.org
Review-Url: https://codereview.chromium.org/2638243002
Cr-Commit-Position: refs/heads/master@{#42432}
This rewrites the rest property into a runtime call which sets up the
correct properties in the newly created object.
- Changes flag to --harmony-object-rest-spread
- Changes pattern rewriter to desugar rest property
- Adds new runtime function CopyDataPropertiesWithExcludedProperties
BUG=v8:5549
Review-Url: https://codereview.chromium.org/2620943002
Cr-Commit-Position: refs/heads/master@{#42430}
The existing implementation assumes that return nodes have exactly one
real value input. This assumption does not hold for WebAssembly. To
avoid incorrect behavior, this CL turns of the reduction of returns
with a value input count != 1.
R=titzer@chromium.org, mstarzinger@chromium.org
Review-Url: https://codereview.chromium.org/2638053002
Cr-Commit-Position: refs/heads/master@{#42425}
There were multiple bugs in the apply builtins on mips and mips64 which
caused them to always take the slow path by calling into the runtime to
create the array. The other bugs went undiscovered because those paths
were never taken.
Review-Url: https://codereview.chromium.org/2634393002
Cr-Commit-Position: refs/heads/master@{#42424}
Port b83c3d29a9
Original Commit Message:
When a function is declared in global scope, the closure is created
by the DeclareGlobals runtime service. It needs a pointer to the
literals array, already allocated in the feedback vector. This
fixes a bug where it's behavior wasn't in sync with CreateClosure,
which accepts the literals from the vector.
This enables a follow-on performance improvement in the CompileLazy
builtin.
R=mvstanton@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=680637
LOG=N
Review-Url: https://codereview.chromium.org/2634423002
Cr-Commit-Position: refs/heads/master@{#42421}
Uses the structure of an IEEE float to speed up
DoubleToUint32IfEqualToSelf, similar to FastD2UI. Micro-benchmarks show
a ~1.2x-2x speed-up, depending on the input.
Review-Url: https://codereview.chromium.org/2636453003
Cr-Commit-Position: refs/heads/master@{#42420}
Port 95f210d562
Original commit message:
Improve CheckedLoad and Store bounds checking for arrays with power of two
length.
BUG=
Review-Url: https://codereview.chromium.org/2632213002
Cr-Commit-Position: refs/heads/master@{#42414}
Enable enqueueing of eager inner function compilation onto the compiler
dispatcher. This enables these tasks to be performed in parallel to
compilation of the outer functio (only for Ignition functions).
We currently synchronize to ensure all inner function compilations
are complete before executing the outer function - future work will
allow outer function execution to happenin parallel to inner function
compilation.
BUG=v8:5203,v8:5215
Review-Url: https://codereview.chromium.org/2611313002
Cr-Commit-Position: refs/heads/master@{#42413}
Reduce duplication of the inner function declaration + now we get the
test for inner arrow functions for free (if we later implement lazy
inner arrow functions).
BUG=v8:5501, v8:5516
Review-Url: https://codereview.chromium.org/2637003005
Cr-Commit-Position: refs/heads/master@{#42412}
Background: the first page of each space is implicitly immovable.
Recently, our builtin code objects have reached a size at which we
fill up the first page of code space during initialization. Once
that occurs, newly requested allocations of immovable code are
allocated in a large object space page of 512K.
This CL mitigates these effects by simply marking pages as immovable
during snapshot creation instead of going into LO space.
On snapshot builds, this should just work: deserialized pages are
trimmed and marked immovable when deserialization finishes.
However, non-snapshot builds and allocations of immovable CEntryStub
code at runtime are still affected.
BUG=v8:5831
Review-Url: https://codereview.chromium.org/2635973002
Cr-Commit-Position: refs/heads/master@{#42411}
This is just a bug. CompileLazy knows how to look in the
SharedFunctionInfo for code (or bytecode, essentially) if it
finds nothing in the OptimizedCodeMap. Ensure that behavior.
BUG=681543
R=leszeks@chromium.org
Review-Url: https://codereview.chromium.org/2636143002
Cr-Commit-Position: refs/heads/master@{#42409}
When a function is declared in global scope, the closure is created
by the DeclareGlobals runtime service. It needs a pointer to the
literals array, already allocated in the feedback vector. This
fixes a bug where it's behavior wasn't in sync with CreateClosure,
which accepts the literals from the vector.
This enables a follow-on performance improvement in the CompileLazy
builtin.
BUG=680637
Review-Url: https://codereview.chromium.org/2634283003
Cr-Commit-Position: refs/heads/master@{#42408}
The resume trampolin used to call the generator function with the context of the
last suspension rather than the closure's context. While that was fine for
Ignition, Turbofan got utterly confused. With this CL, the resume trampolin
always passes in the closure's context (like in the very first call of the
generator function). The generator function itself then restores its previously
current context by reading it from the generator object and doing a
PushContext.
BUG=chromium:681171
Review-Url: https://codereview.chromium.org/2639533002
Cr-Commit-Position: refs/heads/master@{#42407}
Instead, it is supposed to just return an empty context if it failed.
Also don't invoke interceptors (we don't for the parts that deserialize
from the snapshot anyways).
BUG=v8:5830
R=yangguo@chromium.org
Review-Url: https://codereview.chromium.org/2636903002
Cr-Commit-Position: refs/heads/master@{#42404}
This internalization was not necessary, since the rewriting does not use
the .result name string.
The subsequent internalization is still needed, so to simplify later
refactoring, this CL also adds "releasing" of the disallow scopes and
uses them here immediately before the second internalize. Notably, this
means that the rewriting is now also in the disallow scopes.
Driveby: Remove isolate from the rewriter's processor constructor.
BUG=v8:5832
Review-Url: https://codereview.chromium.org/2635913002
Cr-Commit-Position: refs/heads/master@{#42403}