This better separates non-arrow/assignment from the alternative, and
destructuring assignment from other types of assignment to avoid unnecessary
and duplicate branches.
Change-Id: I51c59f86c705646c02f182c9719700c558297e4a
Reviewed-on: https://chromium-review.googlesource.com/c/1328921
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57385}
The regressing change was:
https://chromium-review.googlesource.com/c/v8/v8/+/1090922/17/src/heap/factory.cc
This difference (empty list vs uninitialized) is important for other parts of
the code, mainly JSObject::UnregisterPrototypeUser whose return value depends on
this difference.
Other parts of the CL already talk about + prepare for using
Smi::kZero as a placeholder for "uninitialized" list.
No regression test added since without this bug, the regressesion test doesn't
crash but hangs.
BUG=chromium:903245
Change-Id: Id3efe955fbd7e08cc4048d23c5b519c504f0201c
Reviewed-on: https://chromium-review.googlesource.com/c/1328924
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57383}
Previously we'd check `x` for -0 by testing `(1.0 / x) == -Infinity`,
but this will yield the wrong results when `x` is a subnormal, i.e.
really close to 0.
In CSA we already perform bit checks to test for -0, so teach TurboFan
to do the same for comparisons to -0 (via `Object.is`). We introduce a
new NumberIsMinusZero simplified operator to handle the case where
SimplifiedLowering already knows that the input is a number.
Bug: chromium:903043, v8:6882
Change-Id: I0cb7c568029b461a92fc183104d5f359b4bfe7f4
Reviewed-on: https://chromium-review.googlesource.com/c/1328802
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57382}
Currently the new space linear allocation area boundaries are fetched
with sequentially consistent atomic loads.
This can be replaced with an acquire load.
Change-Id: Ib08e0bc0ae0ce79fee3723d29dc9a99a5d771880
Reviewed-on: https://chromium-review.googlesource.com/c/1326467
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57381}
This allows Node.js to enable detailed source positions for optimized code
early on, without having to pass a flag string.
R=petermarshall@chromium.org
Change-Id: Ie74ea41f600cf6e31acbe802116df4976ccf1c75
Reviewed-on: https://chromium-review.googlesource.com/c/1319757
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57380}
This is only used by ProfileEntryHookStub. For builtins, this also
needs to go through an indirection.
Bug: v8:6666
Change-Id: I088fa472e2d365ccfb2d027bfbdad182ffae487e
Reviewed-on: https://chromium-review.googlesource.com/c/1326025
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57379}
1) Use own test fixture {CancelableTaskManagerTest}.
2) Avoid base::AtomicWord.
3) Use unique_ptr.
4) Fix order of expected and actual values in EXPECT_EQ.
R=mstarzinger@chromium.org
Bug: v8:8238
Change-Id: I3d29785864bbf3de58c5d9d5384b9e0065255e99
Reviewed-on: https://chromium-review.googlesource.com/c/1325967
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57378}
Rolling v8/build: cae006c..3f61809
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/1a1b38d..5d50916
Rolling v8/third_party/depot_tools: 75fa855..93cd73d
Rolling v8/third_party/icu: 834113a..45f655f
Rolling v8/tools/clang: 7798243..31f2d26TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org
The ICU roll also fixes a test that now passes. The status file has been changed.
But: v8:8414
Change-Id: I82577bf6133176f2245b5562b71097fe3b222658
Reviewed-on: https://chromium-review.googlesource.com/c/1328003
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#57376}
Same as Windows x64, Windows ARM64 doesn't prefix assembly label with _.
Bug: chromium:893460
Change-Id: I1b19a4e7ea16da3fe8bd1873509fffe3d067613a
Reviewed-on: https://chromium-review.googlesource.com/c/1298376
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57374}
Split the case of 'ar-SA' into
test/intl/regress-8432.js
Bug: v8:8432, v8:8413
Change-Id: I6a0e3040b132be6620649c7b7aa5fdd2e0f07053
Cq-Include-Trybots: luci.v8.try:v8_android_arm64_n5x_rel_ng_triggered
Reviewed-on: https://chromium-review.googlesource.com/c/1324574
Reviewed-by: Jungshik Shin <jshin@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57372}
This is useful to see exact command used to communicate with buildbucket and
debug any triggering issues.
R=machenbach@chromium.org
Change-Id: I1630485ed128f757364d9c1f62b7f1d663db2ece
Reviewed-on: https://chromium-review.googlesource.com/c/1325371
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57371}
We are migrating streams implementation from JavaScript (v8Extra) to
C++. One of missing features is an ability to set
promise.[[PromiseIsHandled]] to true, used for example in
https://streams.spec.whatwg.org/#rs-pipe-through. This CL introduces
the feature.
Bug: chromium:894357, chromium:888154, chromium:902633
Change-Id: If6487b29a74a212761e6d2ef04ef3ca0e6957dce
Reviewed-on: https://chromium-review.googlesource.com/c/1322296
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Yutaka Hirano <yhirano@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57370}
Behavior in Release mode was correct; Debug mode triggered a DCHECK
failure that indicated an inefficiency: when a requested truncation
would be a no-op, we should return the original BigInt, rather than
creating a copy. In the special case of -2^(n-1), i.e. the smallest
negative n-bit integer, getting truncated to n bits, with n being a
multiple of kDigitBits, this shortcut was not taken.
Bug: v8:8426
Change-Id: I8e4595d9ac0dbef81aae06688f9a9636bd2d9cd9
Reviewed-on: https://chromium-review.googlesource.com/c/1325029
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57369}
Change the macros added in bf84766a2c to
only do the hard work if FLAG_unbox_double_fields is unset (otherwise,
they will attempt to dereference raw float64s, which is bad!)
Also adds a write barrier in CopyPropertyArrayValues for each store if
it's possible that a MutableHeapNumber is cloned.
BUG=chromium:901301, chromium:902965, chromium:903070, v8:7611
R=cbruni@chromium.org, jkummerow@chromium.org, ishell@chromium.org
Change-Id: I224d3c4e7b0a887684bff68985b4d97021ba4cfb
Reviewed-on: https://chromium-review.googlesource.com/c/1323911
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57368}
The rounding error occured in VirtualMemory class when the provided page
allocator had bigger allocation page size than the commit page size and
the VirtualMemory was requested to reserve an area of a size aligned only
to commit page size.
Bug: v8:8096
Change-Id: Ifb9b7fe5797881408d1bb9e95073991a42b62e80
Reviewed-on: https://chromium-review.googlesource.com/c/1327041
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57365}
It's too easy to implicitly cast it to bool, as we did in several tests.
Also, move TryAbortResult out of CancelableTaskManager to avoid too much
typing when referencing one of the enum values.
R=mstarzinger@chromium.org
Bug: v8:8238
Change-Id: Ia3fa8597428876217bc86f9b8b31c21ae4846fa1
Reviewed-on: https://chromium-review.googlesource.com/c/1326027
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57363}
This allows the main ExpressionCoverGrammar parsing to be a little tighter.
Change-Id: I45e3d1a9a647a98ffe1ad9969cb1ffbe47f67f1c
Reviewed-on: https://chromium-review.googlesource.com/c/1326468
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57362}
We only use arrow_formal_parameters_error to find that the parentheses aren't
nested. E.g., (()) isn't valid. We can immediately classify those errors if
) (matching either "(" or "async(") isn't followed by =>.
The individual parameters are verified by making sure that they are valid
binding patterns with valid initializers.
Change-Id: I5f86d9896a4fa42d1ae436ced8bf2d4bd2b02c82
Reviewed-on: https://chromium-review.googlesource.com/c/1326023
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57361}
We used to assume that we know the remaining entries returned by the
iterator based on the current index. However, that is not accurate,
since entries skipped by the current index could be deleted.
In the new approach, we allocate conservatively and shrink the result.
R=neis@chromium.org
Bug: v8:8433
Change-Id: I38a3004dc3af292daabb454bb76f38d65ef437e8
Reviewed-on: https://chromium-review.googlesource.com/c/1325966
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57360}
The lifetime of this list is fairly simple to reason about. There
is no need to allocate it into the zone.
R=leszeks@chromium.org
Change-Id: I9c918f7e5fddc24c943206aa82be859f27acc2fe
Reviewed-on: https://chromium-review.googlesource.com/c/1325610
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57359}
Since we use a ScopedPtrList to track cover grammar expressions we don't know
the position of the commas anymore. The position of the commas was used to
demark the initializer, which is needed to figure out whether we need hole
checks for variable references. (Typically only references within the
initializer need hole checks for the initialized variable.) Since we didn't
have the comma position, we simply used the position of the first expression as
the position of any subsequent comma, which would make it seem as if the
initializer body wasn't in the initializer. Now instead we simply use the
position of the subsequent parameter as the end of the initializer, which is
close enough.
Bug: chromium:902810
Change-Id: I8d2bc7a2dc9f59db16ce56ccef01e263a18a3b7a
Reviewed-on: https://chromium-review.googlesource.com/c/1326022
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57357}
Currently, in debug mode the snippets check the result of decompression equals
to the full value stored in the field.
Bug: v8:7703
Change-Id: I0caa7fdaa7d346612084706ed96a4330fcb0c236
Reviewed-on: https://chromium-review.googlesource.com/c/1319575
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57354}
Increase width of resizers and clean up CSS.
Drive-by: Add hot recompile watch command. Run
npm run-script watch
and rollup will recompile on file changes.
Notry: true
Bug: v8:7327
Change-Id: If24e18049ff565a7584b5cca9c64431e4ac03f77
Reviewed-on: https://chromium-review.googlesource.com/c/1320852
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57353}
Introduce a typedef to avoid repeating the function definition multiple
times.
R=ahaas@chromium.org
Change-Id: I9d8a2a9b663f86ce0f6e21edf6d4a6d5ae450efc
Reviewed-on: https://chromium-review.googlesource.com/c/1325963
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57352}
The Ignition statement list visitor will skip the rest of the
statements in the list if it hits a jump statement (like a return
or break), as the rest of the code in the list can be considered
dead.
return;
dead_call(); // skipped
However, since this is at an AST node level, it does not take into
account condition shortcutting:
if(2.2) return;
dead_call(); // not skipped
There is also a second dead code elimination in Ignition compilation, at
the bytecode array writer level, where a bytecodes are not emitted if an
"exit" bytecode (Return, Jump, or a few others) has been written, until
the next basic block starts (i.e. a Bind).
This can cause an issue with statements that resurrect the bytecode
array writer part-way through their visit. An example is try-catch
statements, which save the context to a register, and then Bind to start
the try region.
For the case:
if (2.2) return;
try { // try statement not skipped
...
}
the bytecode writer is called with
OutputReturn() // exit bytecode seen
OutputMove(<context>, r1) // not emitted
Bind(&try_begin) // starts new basic block
// try body
So, the try is emitted, but without saving the context to a register.
This means that the liveness analysis sees the read of that register
(as the output liveness of throwing bytecodes), but does not have a
write to the register, which means that the liveness escapes.
This patch fixes this by using the bytecode array writer dead-code
elimination (i.e. "exit bytecode seen") to inform the statement list
visitor, so that in this example the try statement is not visited at
all.
Bug: chromium:902395
Change-Id: Ieb8e46a4318df3edbac0ae17235e0ce8fba12ee3
Reviewed-on: https://chromium-review.googlesource.com/c/1322951
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57350}
As opposed to the register.
For subtle reasons, this fixes a deoptimizer bug with handling return
values in lazy deopt. Since the return values can now only overwrite
the accumulator, there is no danger of overwriting a captured object
that might be later used (since there is no "later").
Bug: chromium:902608
Change-Id: I3a7a10bb1c7a6f4303a01d60f80680afcb7bc942
Reviewed-on: https://chromium-review.googlesource.com/c/1325901
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57349}
Also brokerize a few things along the way.
Bug: v8:7790
Change-Id: I40d8175fd1c86901af3d128f0d0a1e29e56723d9
Reviewed-on: https://chromium-review.googlesource.com/c/1319751
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57345}
This is a hacky approach to make constant field tracking somewhat
friendly to class boilerplates - if the class boilerplate has
an on-descriptor-data field, we change the field to be
an on-instance-const-field and store it on the instance.
Bug: v8:8361
Change-Id: I5152041363bcd26568669fee93c91ff362ba8de9
Reviewed-on: https://chromium-review.googlesource.com/c/1319869
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57344}
Installation of the PrototypePropertyDependency, as well as GC, can
invalidate dependencies.
Bug: chromium:902552
Change-Id: Iabcce026c7475c722d19ac0b80758b22d9fbcfda
Reviewed-on: https://chromium-review.googlesource.com/c/1322450
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57343}
This fixes an issue introduced in https://crrev.com/c/1301483.
The JSArray allocation could trigger GC and thus elements must be
fully initialized.
Bug: v8:8429,chromium:890599
Change-Id: I7bfa1728c1dde7fc880063e095413163b13be2d5
Reviewed-on: https://chromium-review.googlesource.com/c/1322955
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57342}
Requires ICU 63 or above be used when building v8
1. Remove unneeded #include of icu header files
2. Remove code inside "#if U_ICU_VERSION_MAJOR_NUM < x"
block where x is 63 or smaller.
Bug: v8:8401 v8:5751
Change-Id: I908b0d7d174df53d4296580fe7150417322b0b21
Reviewed-on: https://chromium-review.googlesource.com/c/1314112
Reviewed-by: Jungshik Shin <jshin@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57341}
Previously, we finalize all compile jobs at once. This keeps the zone memory
in every compile job alive until the end. This contributes to a high peak
memory when many functions are compiled eagerly, for example when producing
cache data for the ServiceWorker cache.
Memory tracked by the AccountingAllocator in bytes, prior to this change in
the test case:
peak memory after init: 8192
peak memory after lazy compile: 41200
peak memory after lazy compile: 41200
peak memory after eager compile: 164256
With this change, if we are compiling on the main thread, we finalize every
compile job as soon as it is done and dispose the compile job and its zone
memory.
After this change:
peak memory after init: 8192
peak memory after lazy compile: 41200
peak memory after lazy compile: 41200
peak memory after eager compile: 41376
R=leszeks@chromium.org, rmcilroy@chromium.org
Bug: chromium:901329
Change-Id: Iae0c89396c89692c4ecdeec3970d3c62031d2bce
Reviewed-on: https://chromium-review.googlesource.com/c/1322949
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57340}
