The WebIDL spec expects iterator objects from interfaces that declare pair
iterators to ultimately inherit from %IteratorPrototype%. Expose the
intrinsic object in the public API so we can use it in Blink's bindings
code.
BUG=chromium:689576
R=caitp@igalia.com,jkummerow@chromium.org,jochen@chromium.org
Review-Url: https://codereview.chromium.org/2784543004
Cr-Commit-Position: refs/heads/master@{#44472}
Make Ignition collect BinaryOperationFeedback on ToNumber, using the
shared type feedback slot with the following Inc/Dec bytecode, and use
this feedback in TurboFan to turn the ToNumber(x) operation into a
SpeculativeNumberMultiply(x,1) with the feedback hint.
R=jarin@chromium.org, mstarzinger@chromium.org, rmcilroy@chromium.org
BUG=v8:6214,v8:5267
Review-Url: https://codereview.chromium.org/2804813003
Cr-Commit-Position: refs/heads/master@{#44440}
Moves the ToName elision out of the peephole optimizer and into the
BytecodeGenerator.
BUG=v8:6194
Change-Id: Ic355adbe21f967dc5d52babdd37100a260c62c26
Reviewed-on: https://chromium-review.googlesource.com/467466
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44427}
Reason for revert:
I think that this CL breaks chromium compilation on windows with clang (). All other CLs in the list looks trivial and don't change test/unittest/BUILD.gn.
[42456/47924] CXX obj/v8/test/unittests/unittests/value-serializer-unittest.obj
[42457/47924] LINK unittests.exe unittests.exe.pdb
FAILED: unittests.exe unittests.exe.pdb
E:/b/depot_tools/python276_bin/python.exe ../../build/toolchain/win/tool_wrapper.py link-wrapper environment.x64 False link.exe /nologo /OUT:./unittests.exe /PDB:./unittests.exe.pdb @./unittests.exe.rsp
bitmap-unittest.obj : error LNK2019: unresolved external symbol "public: void __cdecl v8::internal::List<class v8::internal::AllocationObserver *,class v8::internal::FreeStoreAllocationPolicy>::Add(class v8::internal::AllocationObserver * const &,class v8::internal::FreeStoreAllocationPolicy)" (?Add@?$List@PEAVAllocationObserver@internal@v8@@VFreeStoreAllocationPolicy@23@@internal@v8@@QEAAXAEBQEAVAllocationObserver@23@VFreeStoreAllocationPolicy@23@@Z) referenced in function "public: virtual void __cdecl v8::internal::Space::AddAllocationObserver(class v8::internal::AllocationObserver *)" (?AddAllocationObserver@Space@internal@v8@@UEAAXPEAVAllocationObserver@23@@Z)
slot-set-unittest.obj : error LNK2001: unresolved external symbol "public: void __cdecl v8::internal::List<class v8::internal::AllocationObserver *,class v8::internal::FreeStoreAllocationPolicy>::Add(class v8::internal::AllocationObserver * const &,class v8::internal::FreeStoreAllocationPolicy)" (?Add@?$List@PEAVAllocationObserver@internal@v8@@VFreeStoreAllocationPolicy@23@@internal@v8@@QEAAXAEBQEAVAllocationObserver@23@VFreeStoreAllocationPolicy@23@@Z)
bitmap-unittest.obj : error LNK2019: unresolved external symbol "public: bool __cdecl v8::internal::List<class v8::internal::AllocationObserver *,class v8::internal::FreeStoreAllocationPolicy>::RemoveElement(class v8::internal::AllocationObserver * const &)" (?RemoveElement@?$List@PEAVAllocationObserver@internal@v8@@VFreeStoreAllocationPolicy@23@@internal@v8@@QEAA_NAEBQEAVAllocationObserver@23@@Z) referenced in function "public: virtual void __cdecl v8::internal::Space::RemoveAllocationObserver(class v8::internal::AllocationObserver *)" (?RemoveAllocationObserver@Space@internal@v8@@UEAAXPEAVAllocationObserver@23@@Z)
slot-set-unittest.obj : error LNK2001: unresolved external symbol "public: bool __cdecl v8::internal::List<class v8::internal::AllocationObserver *,class v8::internal::FreeStoreAllocationPolicy>::RemoveElement(class v8::internal::AllocationObserver * const &)" (?RemoveElement@?$List@PEAVAllocationObserver@internal@v8@@VFreeStoreAllocationPolicy@23@@internal@v8@@QEAA_NAEBQEAVAllocationObserver@23@@Z)
./unittests.exe : fatal error LNK1120: 2 unresolved externals
Original issue's description:
> [snapshot] Move builtins generation into mksnapshot
>
> and out of the main library. This saves about 5% of binary size
> (800KB on x64, 373KB on android_arm).
>
> Only the GN build is supported; the GYP build is maintained working
> but does not support the feature.
>
> BUG=v8:6055
> CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_nosnap_rel;
>
> Review-Url: https://codereview.chromium.org/2760233005
> Cr-Commit-Position: refs/heads/master@{#44412}
> Committed: 4782bc0df8TBR=jgruber@chromium.org,rmcilroy@chromium.org,machenbach@chromium.org,jkummerow@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:6055
Review-Url: https://codereview.chromium.org/2803903002
Cr-Commit-Position: refs/heads/master@{#44422}
Move the ToBoolean elision in the BytecodeGenerator instead of the
peephole optimizer. Adds a TypeHint mechanism to the ExpressionResult
to enable passing of type hints through the ast visitor.
BUG=v8:6194
Change-Id: Ic55506ba11b213f7459250004d3f18cab04ee9b3
Reviewed-on: https://chromium-review.googlesource.com/467208
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44415}
and out of the main library. This saves about 5% of binary size
(800KB on x64, 373KB on android_arm).
Only the GN build is supported; the GYP build is maintained working
but does not support the feature.
BUG=v8:6055
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_nosnap_rel;
Review-Url: https://codereview.chromium.org/2760233005
Cr-Commit-Position: refs/heads/master@{#44412}
Both methods decoded a LEB128 encoded integer, but only consume_leb
incremented the pc pointer accordingly.
This CL implements consume_leb by using checked_read_leb.
It also refactors a few things:
1) It removes error_pt, which was only avaible in checked_read_leb.
2) It renames the error method to errorf, since it receives a format
string. This also avoids a name clash.
3) It implements sign extension directly in checked_read_leb instead of
doing this in the caller.
R=ahaas@chromium.org
BUG=v8:5822
Change-Id: I8058f57418493861e5df26d4949041f6766d5138
Reviewed-on: https://chromium-review.googlesource.com/467150
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44405}
Better demarcation between what's mutable because it is code-
specialization specific, and what is provided at initialization.
BUG=
Review-Url: https://codereview.chromium.org/2784233004
Cr-Commit-Position: refs/heads/master@{#44395}
This reflects both the contract in blink, as well as what we
plan to do in streamed compilation, where we'll want to lay out
bytes received such that each section and each function body is
contiguous, but they may all be separate - which entails a copy.
BUG=chromium:697028
Review-Url: https://codereview.chromium.org/2797653002
Cr-Commit-Position: refs/heads/master@{#44387}
Add newline at the start of the function body.
BUG=v8:6190, v8:4958
R=littledan@chromium.org, adamk@chromium.org, caitp@igalia.com
Change-Id: I10db088ac9807a503382fd5080ad955e418d8b45
Reviewed-on: https://chromium-review.googlesource.com/466566
Reviewed-by: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Josh Wolfe <jwolfe@igalia.com>
Cr-Commit-Position: refs/heads/master@{#44352}
For OOB checks on memory accesses, we first subtracted the size of the
type to load/store from the memory size, and then compared against this
effective_size. If the memory size is smaller than the size of the type,
this would lead to an integer underflow, and we would try to load the
value.
This CL fixes this, and adds a test case for this.
R=ahaas@chromium.org
BUG=v8:5822
Change-Id: I26fcba0be7343c88b8459d029b0c0af095d2466a
Reviewed-on: https://chromium-review.googlesource.com/465946
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44345}
Translates code of the form 'if (x === undefined)' into the JumpIfUndefined
bytecode, and similarly for comparisons with null. Also adds bytecodes for
JumpIfNotUndefined / Null.
Moves the peephole optimization for CompareUndefined out of the peephole
optimizer and into the BytecodeGenerator, having the side-effect of enabling
it for comparisons with undefined on both side of the compare operation.
BUG=v8:6107
Review-Url: https://codereview.chromium.org/2793923002
Cr-Commit-Position: refs/heads/master@{#44341}
With --harmony-function-tostring enabled (now enabled by --harmony),
CompileFunctionInContext would produce incorrect results whenever called
with 1 or more argument parameters, due to specifying an incorrect end
position for the parameters.
BUG=v8:6190, v8:4958
R=littledan@chromium.org, adamk@chromium.org, jwolfe@igalia.com
Change-Id: Ied2bcba44116311ebcae3967963472b4e1058fd3
Reviewed-on: https://chromium-review.googlesource.com/465515
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44340}
This reverts commit 4506382dce.
We don't allow DEPS'ing things outside googlesource. This requires a
mirror. Also .gitignore entry is missing.
NOTRY=true
NOTREECHECKS=true
NOPRESUBMIT=true
TBR=bmeurer@chromium.org
Review-Url: https://codereview.chromium.org/2785183005
Cr-Commit-Position: refs/heads/master@{#44307}
Add assembler, disassembler and simulator support for NEON in the ARM64 backend.
BUG=
Review-Url: https://codereview.chromium.org/2622643005
Cr-Commit-Position: refs/heads/master@{#44306}
This CL cleans up a few things:
- It removes two dead declarations: WasmMemoryObject::Grow and
wasm::GrowInstanceMemory.
- It removes the unneeded wasm::GetInstanceMemory function (use
instance->memory_buffer() directly).
- It moves wasm::GetInstanceMemorySize to
WasmInstanceObject::GetMemorySize.
- It moves wasm::GrowInstanceMemory to WasmInstanceObject::GrowMemory.
- It moves wasm::GrowWebAssemblyMemory to WasmMemoryObject::Grow.
R=ahaas@chromium.orgCC=gdeepti@chromium.org
Change-Id: I19781ca9784f1a8e7b60955bef82e341c4f75550
Reviewed-on: https://chromium-review.googlesource.com/463167
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44293}
This will allow V8 extra consumers to track promise state without
using a side-table. This is used by streams as of
173f9f67be.
BUG=chromium:658144
Review-Url: https://codereview.chromium.org/2784213002
Cr-Commit-Position: refs/heads/master@{#44287}
The source set only contained a header file, which caused problems
when compiling a static library with VS.
R=machenbach@chromium.org
BUG=v8:6158
Change-Id: I3eed4a888e72cf6a2917190e4a1db7b38006cd0c
Reviewed-on: https://chromium-review.googlesource.com/463027
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44263}
The parameter indices are shifted by 1 in BytecodeArrayBuilder
because the receiver is variable at index 0 and not -1.
Split BytecodeArrayBuilder::Parameter(index) method into
Receiver() (same as Parameter(-1)) and
Parameter(index).
This way we avoid confusing (index+1) counting in BytecodeGenerator().
BUG=
Change-Id: Id87ec7c708cecfc3108011994f3177f483772bcc
Reviewed-on: https://chromium-review.googlesource.com/461904
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Franziska Hinkelmann <franzih@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44262}
- Introduce new struct AsyncGeneratorRequest, which holds
information pertinent to resuming execution of an
AsyncGenerator, such as the Promise associated with the async
generator request. It is intended to be used as a singly
linked list, and holds a pointer to the next item in te queue.
- Introduce JSAsyncGeneratorObject (subclass of
JSGeneratorObject), which includes several new internal fields
(`queue` which contains a singly linked list of
AsyncGeneratorRequest objects, and `await_input` which
contains the sent value from an Await expression (This is
necessary to prevent function.sent (used by yield*) from
having the sent value observably overwritten during
execution).
- Modify SuspendGenerator to accept a set of Flags, which
indicate whether the suspend is for a Yield or Await, and
whether it takes place on an async generator or ES6
generator.
- Introduce interpreter intrinsics and TF intrinsic lowering for
accessing the await input of an async generator
- Modify the JSGeneratorStore operator to understand whether or
not it's suspending for a normal yield, or an AsyncGenerator
Await. This ensures appropriate registers are stored.
- Add versions of ResumeGeneratorTrampoline which store the
input value in a different field depending on wether it's an
AsyncGenerator Await resume, or an ordinary resume. Also modifies
whether debug code will assert that the generator object is a
JSGeneratorObject or a JSAsyncGeneratorObject depending on the
resume type.
BUG=v8:5855
R=bmeurer@chromium.org, rmcilroy@chromium.org, jgruber@chromium.org,
littledan@chromium.org, neis@chromium.orgTBR=marja@chromium.org
Change-Id: I9d58df1d344465fc937fe7eed322424204497187
Reviewed-on: https://chromium-review.googlesource.com/446961
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44240}
- Fix opcode names to be consistent with opcodes as in wasm-opcodes.h
- Fix Ordering of Ops, inconsistencies
BUG=v8:6020
Review-Url: https://codereview.chromium.org/2776753004
Cr-Commit-Position: refs/heads/master@{#44239}
Compare bytecode handlers does several checks to collect feedback and
repeats these checks when actually performing the operation. This cl
changes it perform the actual comparison for smi / number along with
collecting feedback.
BUG=v8:4280
Change-Id: If0954b68dd232461e08e94a90ccc17604c235b27
Reviewed-on: https://chromium-review.googlesource.com/458420
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44216}
A couple bugs had led code in one Context to be able to lead to
estimated memory usage in another Context, even in cases that should be
easy to detect.
- Ensure that the pointer to the next context is nulled out while
recursing over the portion of the heap. It seems like there was
previously some code to do this partway, but the nulling part
was left out.
- Skip including maps in the understanding of the Context estimated
size, as the maps are shared between Contexts and may be reachable
from other Contexts
Review-Url: https://codereview.chromium.org/2780773002
Cr-Commit-Position: refs/heads/master@{#44208}
Introduce 'contextual keyword' tokens, which are parsed as identifiers but
in some contexts are treated by the parser like proper keywords. These are
usually keywords introduced by recent ECMAScript versions, which for reasons
of backwards compatibility are still permissible as regular identifiers in
most contexts.
Current usage is to check for Token::IDENTIFIER and then do a string
compare. With this change the initial scan will scan them as usual, but
will then record the token as IDENTIFIER plus a secondary token with the
'contextual' value.
BUG=v8:6902
Change-Id: I6ae390382998cf756a23720bd481cb9c0eb78a72
Reviewed-on: https://chromium-review.googlesource.com/459479
Commit-Queue: Daniel Vogelheim <vogelheim@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44189}
Implement ASSEMBLE_ATOMIC_LOAD/STORE_INTEGER using acquire/release instructions,
to match the existing ASSEMBLE_ATOMIC_EXCHANGE_INTEGER macro.
BUG=v8:6097
Review-Url: https://codereview.chromium.org/2760963002
Cr-Commit-Position: refs/heads/master@{#44184}
This implements support for named captures in
RegExp.prototype[@@replace] for when the replaceValue is not callable.
Named captures can be referenced from replacement strings by using the
"$<name>" syntax. A couple of examples:
let re = /(?<fst>.)(?<snd>.)/u;
"abcd".replace(re, "$<snd>$<fst>") // "bacd"
"abcd".replace(re, "$2$1") // "bacd" (numbered refs work as always)
"abcd".replace(re, "$<snd") // SyntaxError (unterminated named ref)
"abcd".replace(re, "$<42$1>") // "cd" (invalid name)
"abcd".replace(re, "$<thd>") // "cd" (non-existent name)
"abcd".replace(/(?<fst>.)|(?<snd>.)/u, "$<snd>") // "cd" (non-matched capture)
Support is currently behind the --harmony-regexp-named-captures flag.
BUG=v8:5437
Review-Url: https://codereview.chromium.org/2775303002
Cr-Original-Commit-Position: refs/heads/master@{#44171}
Committed: 17f13863b6
Review-Url: https://codereview.chromium.org/2775303002
Cr-Commit-Position: refs/heads/master@{#44182}
Reason for revert:
Invalid DCHECKs for non-matched groups.
Original issue's description:
> [regexp] Named capture support for string replacements
>
> This implements support for named captures in
> RegExp.prototype[@@replace] for when the replaceValue is not callable.
>
> Named captures can be referenced from replacement strings by using the
> "$<name>" syntax. A couple of examples:
>
> let re = /(?<fst>.)(?<snd>.)/u;
> "abcd".replace(re, "$<snd>$<fst>") // "bacd"
> "abcd".replace(re, "$2$1") // "bacd" (numbered refs work as always)
> "abcd".replace(re, "$<snd") // SyntaxError (unterminated named ref)
> "abcd".replace(re, "$<42$1>") // "cd" (invalid name)
> "abcd".replace(re, "$<thd>") // "cd" (non-existent name)
> "abcd".replace(/(?<fst>.)|(?<snd>.)/u, "$<snd>") // "cd" (non-matched capture)
>
> Support is currently behind the --harmony-regexp-named-captures flag.
>
> BUG=v8:5437
>
> Review-Url: https://codereview.chromium.org/2775303002
> Cr-Commit-Position: refs/heads/master@{#44171}
> Committed: 17f13863b6TBR=yangguo@chromium.org,littledan@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5437
Review-Url: https://codereview.chromium.org/2776293003
Cr-Commit-Position: refs/heads/master@{#44180}
This CL removes code which is based on the assumption that if
WebAssembly code says that memory accesses are aligned, that they are
really aligned. On arm, memory accesses crashed when this assumption
was violated.
Most likely this CL will cause a performance regression on arm. At the
moment we plan to fix this regression eventually by using arm NEON
instructions in V8.
R=titzer@chromium.org
Change-Id: Ibb60fa1ef0173c13af813a3cb7eb26bfa2a847c2
Reviewed-on: https://chromium-review.googlesource.com/451297
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44179}
A step towards removing isolate from ParseInfo.
Removing isolate from ParseInfo will make it easier to create and
execute parse tasks on background threads.
BUG=v8:6093
Change-Id: I0a3546618d01b9232014da94cf8d0f72427a0d1d
Reviewed-on: https://chromium-review.googlesource.com/458006
Commit-Queue: Wiktor Garbacz <wiktorg@google.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44176}
A step towards removing isolate from ParseInfo.
Removing isolate from ParseInfo will make it easier to create and
execute parse tasks on background threads.
BUG=v8:6093
Change-Id: Ief4eb3c9873026a93338d5556985f31c9abe17e6
Reviewed-on: https://chromium-review.googlesource.com/458005
Commit-Queue: Wiktor Garbacz <wiktorg@google.com>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44173}
This implements support for named captures in
RegExp.prototype[@@replace] for when the replaceValue is not callable.
Named captures can be referenced from replacement strings by using the
"$<name>" syntax. A couple of examples:
let re = /(?<fst>.)(?<snd>.)/u;
"abcd".replace(re, "$<snd>$<fst>") // "bacd"
"abcd".replace(re, "$2$1") // "bacd" (numbered refs work as always)
"abcd".replace(re, "$<snd") // SyntaxError (unterminated named ref)
"abcd".replace(re, "$<42$1>") // "cd" (invalid name)
"abcd".replace(re, "$<thd>") // "cd" (non-existent name)
"abcd".replace(/(?<fst>.)|(?<snd>.)/u, "$<snd>") // "cd" (non-matched capture)
Support is currently behind the --harmony-regexp-named-captures flag.
BUG=v8:5437
Review-Url: https://codereview.chromium.org/2775303002
Cr-Commit-Position: refs/heads/master@{#44171}
Previously we threw a generic error meesage on failing hole check for
accessing 'this'. But 'this' can be a hole only if the super() has not
been called so we change the error message.
BUG=v8:5957
Change-Id: I2f0e3d813f16919645d8a5efa7d26e73bd2d83fe
Reviewed-on: https://chromium-review.googlesource.com/459085
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44162}
A step towards removing isolate from ParseInfo.
Removing isolate from ParseInfo will make it easier to create and
execute parse tasks on background threads.
BUG=v8:6093
Change-Id: I977eec8faecc8a112506f219994b4e4ec388b180
Reviewed-on: https://chromium-review.googlesource.com/458004
Commit-Queue: Wiktor Garbacz <wiktorg@google.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44160}
