Imports can also have associated names, and in fact we generate these
names for asm.js. Thus in logging, just append this name to the
generated signature.
R=jkummerow@chromium.org
Bug: chromium:1030103
Change-Id: I3969bcf8d1d17f4256b5a0643acdf8a24766f889
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1948705
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65321}
Bug: chromium:1029576
Change-Id: If647f764da2682a0f278b9b8060d0665fab1c40c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1948711
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65312}
I noticed that the generated code from the Torque macro
EnsureArrayLengthWritable included an imul instruction, even though the
inputs to that instruction are both constants. This change adds the
ability for MachineOperatorReducer to get rid of that operation.
Change-Id: Ia2050c888d76f110d1290fd9eab13853c3353a63
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1941138
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65310}
The following changes were introduced with the recent proposal update:
- OOB access with 0 length traps
- Double drop of segments is allowed
- Dropped segments are treated like having size 0 (OOB error)
- Active segments are dropped right after initialization
R=ahaas@chromium.org
Change-Id: I4e9fc4d9212841c7d858585c672143f99287520d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1946355
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Emanuel Ziegler <ecmziegler@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65305}
CSA::TryLookupElement must check the upper bound for dictionary-mode
indices.
The "stable map + accessor" branch of FastGetOwnValuesOrEntries must
construct its LookupIterator such that it handles the named/indexed
distinction correctly.
Bug: chromium:1029338,chromium:1029369
Change-Id: I17e74ed24c260c5cfc20c61616e75db7d347f7a5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1943164
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65301}
Add serialization of the virtual closures for Function.ptototype.apply
and Function.prototype.call. Also add tests for those.
Bug: v8:7790
Change-Id: I26374009c09958943ef36eae283a270875234e40
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1943155
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65298}
This reverts commit c509bb8c55.
Reason for revert: Breaks arm64 - sim - MSAN, see https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/30050
Original change's description:
> [wasm] Share native modules compiled from the same bytes
>
> Cache native modules in the wasm engine by their wire bytes. This is to
> prepare for sharing {Script} objects between multiple {WasmModuleObject}
> created from the same bytes. This also saves unnecessary compilation
> time and memory.
>
> R=clemensb@chromium.org
>
> Bug: v8:6847
> Change-Id: Iad5f70efbfe3f0f134dcb851edbcec50691677e0
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1916603
> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#65296}
TBR=clemensb@chromium.org,thibaudm@chromium.org
Change-Id: I908b0f59bce26678d0b5d7fddc986384c40b4709
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6847
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1946334
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65297}
Cache native modules in the wasm engine by their wire bytes. This is to
prepare for sharing {Script} objects between multiple {WasmModuleObject}
created from the same bytes. This also saves unnecessary compilation
time and memory.
R=clemensb@chromium.org
Bug: v8:6847
Change-Id: Iad5f70efbfe3f0f134dcb851edbcec50691677e0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1916603
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65296}
Loop variable analysis doesn't recognize that the initial type of the
loop variable phi combined with the increment type may produce a NaN
result through the addition of two infinities of differing sign.
This leads to unreachable code and a SIGINT crash.
The fix is to consider this case before typing the loop variable phi,
falling back to more conservative typing if discovered.
R=neis@chromium.org
Bug: chromium:1028863
Change-Id: Ic4b5189c4c50c5bbe29e46050de630fd0673de9f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1946352
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65291}
The flag combination --gc-interval=500 --stress-compaction
--stress-flush-bytecode, combined with baking mjsunit.js into the
custom snapshot, caused type feedback for "deepEquals" to be
forgotten, leading to an unexpected soft deopt. Forcing type feedback
collection with %PrepareFunctionForOptimization() fixes that.
Change-Id: I954c7ecbe70ca5b803a5fa7cd809c118f7659f21
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1946347
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65281}
Adding a regression test for https://crrev.com/c/1930606.
This test was generated using --dump-wasm-module, which created a 6KB
module, and then running binaryen's wasm-reduce on it until it churned
this out, and removing an extra kExprUnreachable.
Bug: chromium:1027410
Change-Id: I14ba6ebe52f45e3b3ba943088807e110eebe0339
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1933592
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65276}
This change includes splitting the existing SSE_INSTRUCTION_LIST into two:
1. sse instructions with two-operand AVX
2. sse instructions with three-operand AVX
Also a drive by fix for disasm of pblendw, the printing of imm8 doesn't
not require AND-ing with 3, since all 8 bits are significant.
Bug: v8:9561
Change-Id: I56c93a24bb9905ae6422698c793b27f3b9e66d8f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1933593
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65274}
Design doc: bit.ly/v8-repl-mode
This CL allows the usage of 'await' without wrapping code in an async
function when using REPL mode in global evaluate. REPL mode evaluate
is changed to *always* return a Promise. The resolve value of the
promise is the completion value of the REPL script.
The implementation is based on two existing mechanisms:
- Similar to async functions, the content of a REPL script is
enclosed in a synthetic 'try' block. Any thrown error
is used to reject the Promise of the REPL script.
- The content of the synthetic 'try' block is also re-written the
same way a normal script is. This is, artificial assignments to
a ".result" variable are inserted to simulate a completion
value. The difference for REPL scripts is, that ".result" is
used to resolve the Promise of the REPL script.
- ".result" is not returned directly but wrapped in an object
literal: "{ .repl_result: .result}". This is done to prevent
resolved promises from being chained and resolved prematurely:
> Promse.resolve(42);
should evaluate to a promise, not 42.
Bug: chromium:1021921
Change-Id: I00a5aafd9126ca7c97d09cd8787a3aec2821a67f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1900464
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65273}
This CL introduces a CHECK in v8_compile that compilation succeedes.
Previously, a failed compilation would lead to undefined behavior or
a crash in CompileRun, because it would call Script::Run on a nullptr.
This CL introduced v8_try_compile that returns a MaybeLocal and supports
test-cases that want to ensure that a compilation fails.
Bug: chromium:1014415
Change-Id: I559190da6049f325e8650e4a29c6e387d8ff7af5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1943154
Auto-Submit: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65266}
This fixes the accessor functions (getters and setters) for WebAssembly
accessor properties to not have 'prototype' properties and not be marked
as constructors.
R=ahaas@chromium.org
TEST=mjsunit/wasm/js-api
BUG=chromium:1027945
Change-Id: I0288f511fee1f99997031b41354ecf7b8629b783
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1943157
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65265}
Replacing a constant BigInt with a constant int64 is only valid
when the use site has truncating semantics. (For non-constant
values, the representation changer did correctly check for this.)
Bug: chromium:1028593
Change-Id: Ib58b16ece6f21ba30153fd6cfa0560cc2d78d6a2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1940263
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65262}
If the inputs are Unsigned32OrMinusZeroOrNaN and we want to compile for
an Unsigned32 result, we still need to deopt if the RHS is zero (because
that must produce NaN).
Bug: chromium:1028862
Change-Id: Ib5b7cd10f8c4ec9a76b75a2b408729f1ca86ea3e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1943150
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65260}
This reverts commit 5253d7bf15.
Reason for revert: Elements don't properly invalidate the cache.
Original change's description:
> [runtime] Cache prototype chain enumerable keys in PrototypeInfo
>
> This CL adds a prototype_chain_enum_cache to cache the enumeration of a
> prototype and its entire chain on the PrototypeInfo. It can improve for-in
> performance via simply merging the receiver enumeration with this cache.
>
> It improves the score of JetStream2-tagcloud-SP case by ~9% on IA Chromebook.
>
> Contributed by tao.pan@intel.com
>
> Change-Id: Ib40bfe41e772672337155584672f06fa1ba1e70d
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1870844
> Commit-Queue: Shiyu Zhang <shiyu.zhang@intel.com>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#65224}
TBR=verwaest@chromium.org,shiyu.zhang@intel.com
# Not skipping CQ checks because original CL landed > 1 day ago.
Change-Id: Ic5d476bc8b334241b2accb8344749fcf7dcf5e09
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1943153
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Auto-Submit: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65259}
This is a reland of 4ed9d48f34
CompileRun leads to undefined behavior if the compile fails;
CompileRunChecked can be used to assert that the compile must
succeed. I've removed the attempt to compile and rely on a
simpler check in the tests now.
Original change's description:
> [exceptions] Don't re-request interrupt in InvokeWithTryCatch
>
> This CL changes InvokeWithTryCatch to not re-request the terminate
> execution interrupt, but instead schedule the termination exception.
> This ensures that leaving the outermost TryCatch scope will clear
> the exception, and no interrupt remains.
>
> Previously, the interrupt request could remain and prevent further
> JavaScript execution even after the TryCatch scope was left.
>
> Change-Id: I1e603dc822bbcb0def4cf0a898d59cf8d4b9d039
> Bug: chromium:1014415
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1871910
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#65255}
Tbr: yangguo@chromium.org, verwaest@chromium.org
Bug: chromium:1014415
Change-Id: I29444c4b7ea5a158865f54d4608f374914f7b133
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1943151
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65258}
This reverts commit 4ed9d48f34.
Reason for revert: UBSan failure https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20UBSan/9084
Original change's description:
> [exceptions] Don't re-request interrupt in InvokeWithTryCatch
>
> This CL changes InvokeWithTryCatch to not re-request the terminate
> execution interrupt, but instead schedule the termination exception.
> This ensures that leaving the outermost TryCatch scope will clear
> the exception, and no interrupt remains.
>
> Previously, the interrupt request could remain and prevent further
> JavaScript execution even after the TryCatch scope was left.
>
> Change-Id: I1e603dc822bbcb0def4cf0a898d59cf8d4b9d039
> Bug: chromium:1014415
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1871910
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#65255}
TBR=yangguo@chromium.org,sigurds@chromium.org,verwaest@chromium.org
Change-Id: Iedefe5320d8bdc442a87e03698a20daf6a0ebf4f
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:1014415
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1943149
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65256}
This CL changes InvokeWithTryCatch to not re-request the terminate
execution interrupt, but instead schedule the termination exception.
This ensures that leaving the outermost TryCatch scope will clear
the exception, and no interrupt remains.
Previously, the interrupt request could remain and prevent further
JavaScript execution even after the TryCatch scope was left.
Change-Id: I1e603dc822bbcb0def4cf0a898d59cf8d4b9d039
Bug: chromium:1014415
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1871910
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65255}
Correctly passing the receiver depends on the Call AST node's type.
Calling a parenthesized optional chain expression is parsed as a Call of
an OptionalChain of a Property. Currently the computation of the type
does not take optional chains of property loads into consideration, so
calls of parenthesized optional chain expressions always get passed an
undefined receiver.
Bug: v8:10024
Change-Id: I904b0eeca2df30160def674fb32adf821403aef9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1938571
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65252}
If source positions are not required when a background compilation task
starts, but then something like profiling is started before the task
finalizes, then logging of the compilation task will crash due to a
missing source position table.
This ensures source positions are collected if source positions are
required during finalization.
R=rmcilroy@chromium.org
Bug: chromium:1022749
Change-Id: Ie83c3d88131a1c1f434274ea9ee52895c6753b49
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1942611
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65251}
Ensure that all fields of `SyntheticModule` are set before creating
the exports hash table for it, because the latter may trigger
garbage collection, leading to crashes.
This has been causing failures in the Node.js CI over the last weeks,
after making the creating of synthetic modules part of Node’s
startup sequence.
(I am generally not very familiar with this part of the V8
code and there might be a better way, or possibly a way to add a
reliable regression test, that I am not aware of.)
Refs: https://github.com/nodejs/node/issues/30498
Refs: https://github.com/nodejs/node/issues/30648
Change-Id: I32da4b7bd888c6ec1421f34f5bd52e7bad154c1e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1939752
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65247}
Fix a TODO from Ben to change the macro argument order to match the
actual order in wasm code.
After this fix, we can remove the individual {WASM_CALL_INDIRECT[0-5]}
macros and implement them via a common variadic macro.
Also, rename {WASM_CALL_INDIRECT_TABLE0} to {WASM_CALL_INDIRECT_TABLE}.
The name was confusing, because this macro explictly allows to set a
table index different from 0. Thus, just drop the "0" in the name.
The individual test changes were done via a vim macro, to avoid manual
errors.
R=mstarzinger@chromium.org
Bug: v8:10021
Change-Id: I9f0f31511c5c6e20a0b07524bf75fe9cf1598eba
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1940265
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65242}
A call to this intrinsic will produce true in the interpreter and false
in optimized code. This is useful for writing tests.
Change-Id: I64d06ed062027e723eca82d6f879202244f21fdf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1939750
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65240}
Port a0b1a9cd10
Original Commit Message:
This adds a few tests that test that the output of Liftoff is
deterministic.
These tests will be extended to test the debug side table in follow-up
CLs.
R=clemensb@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: I3e3391afa73f93298d6aff47aecb8ae1e2299bd3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1940208
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#65235}
Reverting https://chromium-review.googlesource.com/c/v8/v8/+/1741660
This fixed one bug but caused a lot of others and on balance I think
reverting it is the lesser evil.
This also fixed generator-relocation.js because
(function*(){}).constructor is the function constructor and we try to
set a breakpoint on line 3.
Bug: chromium:109362, chromium:1028689
Fixes: v8:9721
Change-Id: I1bfe6ec57ce77ea7292df91266311f5c0194947e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1940259
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65232}
Even though they don't generate any code, it breaks some pattern
matching when these nodes are present (e.g comparisons with compressed
heap objects).
Bug: v8:7703
Change-Id: I9670c2b4e85b1635061b16d4b125de9ff51fd403
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1940153
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65227}
This removes the aforementioned untyped method and switches all users to
the typed TNode<> version. Those versions now contain proper checks to
compare the static information against the return count and types stored
in the call descriptor.
R=leszeks@chromium.org
BUG=v8:10021
Change-Id: I393ea6211babc100e007fb1678877d36efa7bbf7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1939753
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65225}
This CL adds a prototype_chain_enum_cache to cache the enumeration of a
prototype and its entire chain on the PrototypeInfo. It can improve for-in
performance via simply merging the receiver enumeration with this cache.
It improves the score of JetStream2-tagcloud-SP case by ~9% on IA Chromebook.
Contributed by tao.pan@intel.com
Change-Id: Ib40bfe41e772672337155584672f06fa1ba1e70d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1870844
Commit-Queue: Shiyu Zhang <shiyu.zhang@intel.com>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65224}
First this plumbs RuntimeCallStats from the OptimizingCompileDispatcher
down through to PipelineCompilationJob which stashes the
RuntimeCallStats on the PipelineData.
Adds new RCS thread-specific counters: OptimizeAssembleCode and
OptimizeBackgroundAssembleCode which are used in
PipelineImpl::AssembleCode.
Bug: v8:10006
Change-Id: Ieef6d32afddf4b0760e204010b09a85dfec92cf3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1926030
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65221}
The serializer was missing the opportunity to process calls later
constructed by JSNativeContextSpecialization::InlinePropertySetterCall
and InlinePropertyGetterCall. Added a test to ensure we're not missing
the data anymore.
This drops the "Missing data" warnings when running ARES-6 from 1044
to only 12.
Bug: v8:7790
Change-Id: Ic4b8a4cb2ac3927371b75f22de011b9957502319
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1937147
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65220}
This reverts commit 48c9ca4462.
Reason for revert: Possible clusterfuzz issues
Bug: chromium:1028952
Original change's description:
> [names] Fix some test262 name tests to conform with spec changes
>
> In order to reflect web reality, TC39 has made some slight changes to
> name descriptors, see https://github.com/tc39/ecma262/pull/1490 for
> details. V8 was mostly already in compliance with these changes, but
> ThrowTypeError and anonymous classes needed some slight changes.
>
> Bug: v8:9646
> Change-Id: I163238954938f0c005e3adbc61b90498e01436da
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1764622
> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
> Commit-Queue: Joshua Litt <joshualitt@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#63373}
TBR=gsathya@chromium.org,joshualitt@chromium.org
Bug: v8:9646
Change-Id: I06dd5527d30052d9c9dfc45a2862be930274aba7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1939948
Reviewed-by: Joshua Litt <joshualitt@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65216}
After landing a few relatively simple ports in preceding work, this CL
ports the more involved Array.prototype.forEach reduction, containing
checkpoints, JS and runtime calls, loops, and exceptions. With the
mechanisms introduced in this change, I'd expect a large chunk of
js-call reductions to be trivially portable.
Newly introduced:
- IfBuilder0 for if-then-else statements (with optional else).
- ForBuilder for for-loop statements.
- MayThrow() for exceptional control flow. Exceptional edges are
automatically merged and wired into the outer graph if necessary.
Bug: v8:9972
Change-Id: I835bf90c5871fbd94a1d12721d44b500fbef75e2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1921798
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65193}
This adds a few tests that test that the output of Liftoff is
deterministic.
These tests will be extended to test the debug side table in follow-up
CLs.
R=mstarzinger@chromium.org
Bug: v8:10019
Change-Id: Ia7992e7a889bf6dad963e5abe5b50507735996a1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1932371
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65190}
Now since we also encode KeyedAccessStoreMode information in the slow
handler for some cases, the DCheck can result in failure.The Check can
result in failures for other cases of StoreSlow. Removing the DCHECK
altogether, now verifying the correctness of the behavior using the
Kind Bits of the Handler in the method GetKeyedAccessStoreMode.
Bug: chromium:1027025, chromium:1028085
Change-Id: I59acedbb499930e67ae5999d4bfd0f040a34b46e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1929408
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Suraj Sharma <surshar@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#65185}
