If StoreIC stores into a kConst field, only take the slow path
if the value is different from the current value.
This recovers the ObjectAssign regression in crbug.com/930680.
Bug: v8:8361, chromium:930680
Change-Id: Ie27d15d624b07ab1dcb58b244a46b87eec34bd0f
Reviewed-on: https://chromium-review.googlesource.com/c/1470134
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59618}
This takes heap-inl.h out of the "Giant Include Cluster".
Naturally, that means adding a bunch of explicit includes
in a bunch of places that relied on transitively including
them before.
As of this patch, no header file outside src/heap/ includes
heap-inl.h.
Bug: v8:8562,v8:8499
Change-Id: I65fa763f90e66afc30d105b9277792721f05a6d4
Reviewed-on: https://chromium-review.googlesource.com/c/1459659
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59617}
... as opposed to prototype maps only.
This recovers the
JSTests/ObjectLiteralSpread/ObjectSpreadAndOverwrite regression.
Bug: chromium:930680, v8:8361
Change-Id: I71510f0ac76b19d16aaf3249a5cf533adf425a20
Reviewed-on: https://chromium-review.googlesource.com/c/1472632
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59616}
Add an enum argument to DateTimeConfigurationChangeNotification to
control whether or not to redetect the host time zone. The default value
kSkip doesn't cause redetecting so that callers do not need to change if
they want the current behavior (e.g. Chromium).
Note that the host time zone detection does not work when v8 is run
inside a sandbox as in Chromium so that Chromium detects the host time
zone outside the sandbox before calling
DateTimeConfigurationChangeNotification. OTOH, other v8 embedders may
find it more convenient for v8 to do the host time zone detection on
their behalf. In that case, they can call the function with the new
argument set to value kRedetect.
Test:
With PHP+V8Js on linux, execute:
php -r '
putenv("TZ=Europe/Helsinki");
$v8 = new V8Js();
$v8->executeString("print((new Date(0)).toString()+\"\\n\");");
putenv("TZ=America/New_York");
$v8->executeString("print((new Date(0)).toString()+\"\\n\");");'
Result before modification:
Thu Jan 01 1970 02:00:00 GMT+0200 (Eastern European Standard Time)
Thu Jan 01 1970 02:00:00 GMT+0200 (Eastern European Standard Time)
Result after modification:
Thu Jan 01 1970 02:00:00 GMT+0200 (Eastern European Standard Time)
Thu Jan 01 1970 02:00:00 GMT+0200 (Eastern European Standard Time)
Result after V8JS is modified to use value kRedetect when calling
Thu Jan 01 1970 02:00:00 GMT+0200 (Eastern European Standard Time)
Wed Dec 31 1969 19:00:00 GMT-0500 (Eastern Standard Time)
DateTimeConfigurationChangeNotification:
Change-Id: I005192dd42669a94f606a49baa9eafad3475b9fd
Reviewed-on: https://chromium-review.googlesource.com/c/1449637
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jungshik Shin <jshin@chromium.org>
Commit-Queue: Jungshik Shin <jshin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59613}
Part 2 after part 1 removed flags from all tests.
Bug: v8:8705
Change-Id: Id2e299cc574228548460a562496d7905b834dc6b
Reviewed-on: https://chromium-review.googlesource.com/c/1461800
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59611}
The V8 Extras API provides `resolvePromise()` and `rejectPromise()`
functions that bypass the safety net of the resolve/reject closures
that you get from using the Promise constructor. So it's the
responsibility of the user to make sure that the promises are still
pending. This adds release mode checking and hard aborts to make
sure we catch misuse of these APIs early.
This also turns the DCHECK's in the C++ implementation into actual
CHECK's to make sure we crash hard if the invariants are violated.
Bug: chromium:931949, chromium:931640
Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
Change-Id: I98a6f424d2a3cfbb608fed21036caff6e2510ec3
Reviewed-on: https://chromium-review.googlesource.com/c/1472291
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59610}
This reverts commit a6b95a6acf.
Reason for revert:
https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Clusterfuzz%20Win64%20ASAN%20-%20release%20builder/6984
Original change's description:
> Reland "[build] disable C++ optimization for mksnapshot code."
>
> This is a reland of cee2f772c7
>
> Original change's description:
> > [build] disable C++ optimization for mksnapshot code.
> >
> > By disabling C++ optimizations for code that's only run in mksnapshot,
> > that is, CSA and Torque-generated code, we can save compile time.
> > I observed up to 2x improvements of compile time for some files,
> > while the mksnapshot time did not increase significantly.
> >
> > Bug: v8:7629
> > Change-Id: I96be2966611b2471b68023e0dd9e351d94f0013c
> > Reviewed-on: https://chromium-review.googlesource.com/c/1460941
> > Reviewed-by: Yang Guo <yangguo@chromium.org>
> > Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> > Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#59585}
>
> Bug: v8:7629
> Change-Id: I8330f93173ab3d7b400e15ea4935bbe8256b250f
> Reviewed-on: https://chromium-review.googlesource.com/c/1473292
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#59606}
TBR=yangguo@chromium.org,sigurds@chromium.org,tebbi@chromium.org
Change-Id: Ifdad207913a1814580c3055e57c6bfc2c6a53ae6
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7629
Reviewed-on: https://chromium-review.googlesource.com/c/1473294
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59608}
This is a reland of cee2f772c7
Original change's description:
> [build] disable C++ optimization for mksnapshot code.
>
> By disabling C++ optimizations for code that's only run in mksnapshot,
> that is, CSA and Torque-generated code, we can save compile time.
> I observed up to 2x improvements of compile time for some files,
> while the mksnapshot time did not increase significantly.
>
> Bug: v8:7629
> Change-Id: I96be2966611b2471b68023e0dd9e351d94f0013c
> Reviewed-on: https://chromium-review.googlesource.com/c/1460941
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#59585}
Bug: v8:7629
Change-Id: I8330f93173ab3d7b400e15ea4935bbe8256b250f
Reviewed-on: https://chromium-review.googlesource.com/c/1473292
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59606}
This removes another two macros and introduces a templatized function
instead.
Note that there is only one instantiation per input length, not per
input.
R=titzer@chromium.org
Bug: v8:8562
Change-Id: I47ad274e68d26b962cbd582e90995d30b1d09d39
Reviewed-on: https://chromium-review.googlesource.com/c/1460938
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59605}
In the wasm streaming decoder error position test, do also check the
error messages generated. This revealed messages that were not quite
fitting and some that were formatted differently than the majority.
R=ahaas@chromium.org
Bug: v8:8814
Change-Id: If157f1083a104413bf14797ac56e756baac98c17
Reviewed-on: https://chromium-review.googlesource.com/c/1463780
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59604}
This is already blocked when PRIVATE_NAME is parsed anyway, and we simply need
to make sure that we don't continue. So marking the prop_info->kind as kNotSet
will do what you want via the unexpected path rather than through the main hot
path.
Bug: v8:8808
Change-Id: I93beb80a89cf764cd79d6c3ec3a5fc763a98c4d6
Reviewed-on: https://chromium-review.googlesource.com/c/1472635
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59600}
HeapNumbers and MutableHeapNumber requires alignment for their double
value field but for now this field can be misaligned on 32-bit platforms.
According to code in Heap::GetFillToAlign() function, kDoubleUnaligned
doesn't actually mean "unaligned" but "aligned to half of double".
This CL fixes this misalignment.
Change-Id: I9b9c58d580bb287e7dad44bc96cd6b4593707b5e
Reviewed-on: https://chromium-review.googlesource.com/c/1470113
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59599}
When calling into API callbacks from TurboFan optimized, we can
currently only take a fast-path when TurboFan is able to find some
information about the receiver in the graph, or when the API callback
specifies that it neither requires an access check (aka "accepts any
receiver") nor an interface check (aka "compatible receiver check").
This change introduces a new CallFunctionTemplate builtin that sits
in front of the CallApiCallback builtin and does both the access as well
as the interface check as necessary (and raises appropriate exceptions).
This way TurboFan can still call into the API callback via the fast-path
even without ahead knowledge about the receiver, which is significantly
faster than the generic call machinery for API callbacks.
On the test case from the Angular team[1], the interesting metrics
improve from
DOM_mono: 0.273 ms
DOM_mega: 0.571 ms
DOM_call: 0.649 ms
to
DOM_mono: 0.264 ms
DOM_mega: 0.572 ms
DOM_call: 0.368 ms
so the DOM_call is only about **1.4 times slower** than the DOM_mono and
about **1.5 times faster** than the DOM_mega case (compared to **2.4
times slower**). Execution time in the DOM_call was reduced by around
**~45%**.
Currently this new code path is limited to TurboFan optimized code, but
the idea is to eventually migrate the API calls from baseline to also
use the new CSA functionality, but there are lot's of subleties to take
into account, so starting with small changes to get coverage for the
basic building blocks.
[1]: https://mhevery.github.io/perf-tests/DOM-megamorphic.html
Bug: v8:8820
Change-Id: Ie1029cf182ce05a6e519fd9a9d4fa825db8adb4c
Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
Reviewed-on: https://chromium-review.googlesource.com/c/1470129
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59598}
The builders were originally allowed higher cycle time, as fast responses
weren't necessary. They should, however, never fail due to expiring tasks.
This has happened more often lately, hence they should run with normal
CI priority. The impact is very small as they run very infrequently.
NOTRY=true
Bug: chromium:930255
Change-Id: Id9d4eb70322862cf98b9ae4e313e5c0b002b5bd1
Reviewed-on: https://chromium-review.googlesource.com/c/1466303
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Sergiy Belozorov <sergiyb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59596}
If enable_omit_source_positions is true (defaults to false), source
position tables are not generated when compiling bytecode. They will
then be regenerated when exceptions are thrown.
This adds a new function Compiler::CollectSourcePositions which given a
SharedFunctionInfo with bytecode but no source position table re-parses
and regenerates the bytecode but this time with source positions
collection enabled. Note this will reparse all inner functions that
have previously been compiled since the preparse data is no longer
available.
With the flag enabled there still 18 test failures mostly related to
debugging.
v8: 8510
Change-Id: I46dff9818d8a89c901ba8ae8df94dcaca83aa658
Reviewed-on: https://chromium-review.googlesource.com/c/1385165
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59595}
... such that the feedback maps can evenentually be processed in the
serialization phase.
Bug: v8:7790
Change-Id: Ic033e88646a1b161710b1ca2028ef10f49d23cfd
Reviewed-on: https://chromium-review.googlesource.com/c/1472293
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59592}
Similar to x64's CL (https://chromium-review.googlesource.com/c/v8/v8/+/1459638)
Bug: v8:7703
Change-Id: I4b4e06ccdb9f428559dfb6b74e8ac149f955745c
Reviewed-on: https://chromium-review.googlesource.com/c/1467181
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59591}
The megamorphic case in the KeyedStoreIC doesn't use/update any feedback.
We could use this path to fast path some of the keyed stores instead of
misssing to the runtime when the feedback vector is not available. This
cl, moves the check for feedback vector from the bytecode handler to the
KeyedStoreIC and calls the KeyedStoreIC_Megamorphic builtin when there is
no valid feedback vector. This will help improve the performance of no
feedback/jitless case.
Bug: v8:8293
Change-Id: I71c128b355d47ac20e50fc836f4bc2cf0aab1154
Reviewed-on: https://chromium-review.googlesource.com/c/1460946
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59590}
Class member initializer functions do not support lazy compilation, so
change FunctionLiteral::AllowsLazyCompilation to return false for them.
Change-Id: I38434f3a7e8c88af3f407cf19308fc3862ec4403
Reviewed-on: https://chromium-review.googlesource.com/c/1470103
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59588}
This reverts commit cee2f772c7.
Reason for revert: Breaks sanitizer builds: https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux64%20UBSan/4682
Original change's description:
> [build] disable C++ optimization for mksnapshot code.
>
> By disabling C++ optimizations for code that's only run in mksnapshot,
> that is, CSA and Torque-generated code, we can save compile time.
> I observed up to 2x improvements of compile time for some files,
> while the mksnapshot time did not increase significantly.
>
> Bug: v8:7629
> Change-Id: I96be2966611b2471b68023e0dd9e351d94f0013c
> Reviewed-on: https://chromium-review.googlesource.com/c/1460941
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#59585}
TBR=yangguo@chromium.org,sigurds@chromium.org,tebbi@chromium.org
Change-Id: I50da40da167f49a14e3a8994377c4f9dafdfe2ab
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7629
Reviewed-on: https://chromium-review.googlesource.com/c/1472630
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59586}
By disabling C++ optimizations for code that's only run in mksnapshot,
that is, CSA and Torque-generated code, we can save compile time.
I observed up to 2x improvements of compile time for some files,
while the mksnapshot time did not increase significantly.
Bug: v8:7629
Change-Id: I96be2966611b2471b68023e0dd9e351d94f0013c
Reviewed-on: https://chromium-review.googlesource.com/c/1460941
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59585}
has_prototype_slot on Context::FunctionMapIndex() is unused in its
implementation, and all callers passes just true.
Whether the function has prototype or not is determined by FunctionKind
instead.
Change-Id: I598515b25267dd3470cccbf3236b5e64c6959d00
Reviewed-on: https://chromium-review.googlesource.com/c/1469542
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59584}
... to ec358ccfd63a2a657c147329c7793d217e278a58.
This adds support for CBOR <-> Value.
v8 changes:
- Add StringUTF8Adapter (from Pavel's change)
- Add Binary::fromSpan (needed for the cbor->BinaryValue conversion).
Change-Id: I09746dc361df0b150b23697a20b287613558c003
Reviewed-on: https://chromium-review.googlesource.com/c/1470955
Commit-Queue: Pavel Feldman <pfeldman@chromium.org>
Reviewed-by: Pavel Feldman <pfeldman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59583}
This is part 1 of 2 of clean up. C++ change in Part 2 next.
Bug: v8:8705
Change-Id: Ibf4425c141391581b963f4775286b65b652452e2
Reviewed-on: https://chromium-review.googlesource.com/c/1461172
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59581}
The uninitialized case in the StoreIC doesn't use any feedback.
We could use this path to fast path some of the named stores instead of
missing to the runtime when the feedback vector is not available.
Bug: v8:8293
Change-Id: Ib3c4f843b24a377708f8db18fae10983e5633484
Reviewed-on: https://chromium-review.googlesource.com/c/1463781
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59580}
Header generating action needs to be in public_deps if generated header is included from header file in the targets depending on the action target.
See below reference for more details.
https://gn.googlesource.com/gn/+/master/docs/reference.md#var_public_deps
Bug: chromium:931596
Change-Id: I198d9e09b8585b213ec4b375f10aecc6268f3bdd
Reviewed-on: https://chromium-review.googlesource.com/c/1469545
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Takuto Ikuta <tikuta@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59579}
This API has existed for two and a half years now, with no
API changes over the last year, and is widely used in production,
code so it makes sense to consider it stable.
Change-Id: I10e38c37fb8c13e22124ef0985f4b0bd8d4615fd
Reviewed-on: https://chromium-review.googlesource.com/c/1461999
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59576}
This switches from copying entire runtime stubs into each module to only
having small jump table slots in each module that act as a trampoline to
the actual embedded builtin representing the runtime stub. This reduces
the memory footprint of modules.
R=clemensh@chromium.org
Change-Id: I3de528f7ebcc104f114ec32914d2b86e810d10d6
Reviewed-on: https://chromium-review.googlesource.com/c/1460474
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59575}
This is a reland of c79a63e634
Original change's description:
> [nojit] Don't expose wasm in jitless mode
>
> Wasm currently still creates executable memory even in
> interpreter-only mode, and is thus unsupported in jitless mode. This
> hides wasm completely, which will help e.g. fuzzers that attempt to
> run wasm code (and currently crash on the CHECK in AddOwnedCode).
>
> Bug: v8:7777,chromium:931068
> Change-Id: Iee692cb947d482ba16fb0f4da32490d42d5daef8
> Reviewed-on: https://chromium-review.googlesource.com/c/1470124
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#59561}
Tbr: mstarzinger@chromium.org
Bug: v8:7777, chromium:931068
Change-Id: I535c3f598c90cd5c4072a73544cc33c5bf5460c1
Reviewed-on: https://chromium-review.googlesource.com/c/1470132
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59571}