Currently it was only used for modules, so repurposed it to be a weak pointer to
JSModuleNamespace.
BUG=v8:7308
Change-Id: I4ef522fafebd37624c309081d7432501c2c69b7a
Reviewed-on: https://chromium-review.googlesource.com/1163704
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55013}
With the callback we can check if the origin trial is turned on for a
given context.
I will not land the other CL which added a flag to the isolate. The
information if the origin trial is on is context-specific and not
isolate-specific, and it's hard on the embedder side to track all
creations of a context.
With the API proposed in this CL we will ask the embedder every time we
start compilation whether the origin trial is on or off.
R=yangguo@chromium.org
Bug:868844
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I8822f40ab12582a5b0bd6640790a269107fc085a
Reviewed-on: https://chromium-review.googlesource.com/1163621
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55011}
Also make printing of an incomplete AST more robust.
Change-Id: I56636890deb6e38882a3f8206aff7cde3e4bab60
Reviewed-on: https://chromium-review.googlesource.com/1168498
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55009}
This allows to have only one version of {AreAliased} which has a
clean implementation.
R=mstarzinger@chromium.org
Bug: v8:8015
Change-Id: I25c64a8c2077383129548773319799fac768521e
Reviewed-on: https://chromium-review.googlesource.com/1167290
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55007}
The HeapController is now refactored in a way that new controllers only
need to specify the constants that define how a space grows and shrinks.
Bug: chromium:845409
Change-Id: I804eed440a791d6fbd232b7540a1cbe66b16a5f1
Reviewed-on: https://chromium-review.googlesource.com/1165347
Commit-Queue: Rodrigo Bruno <rfbpb@google.com>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55006}
This CL adds a SetProperty method to the KeyedStoreGenericGenerator
that mirrors what "KeyedStoreGeneric" does (used for
KeyedStoreIC_MegaMorphic). This new SetProperty method is then used
in the SetProperty stub.
Change-Id: I72a684238ef6c3b8c4db8ba957d5b79238f7e495
Reviewed-on: https://chromium-review.googlesource.com/1164945
Commit-Queue: Simon Zünd <szuend@google.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55005}
Elements is already set by CSA::AllocateJSArray.
Bug: v8:7871
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I89b87f9f33eca4a92216f248606fb746f0de5412
Reviewed-on: https://chromium-review.googlesource.com/1168487
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55004}
This CL changes the sorting algorithm used in Array.p.sort from
QuickSort to TimSort (implemented in Torque).
Detailed performance results can be found here: https://goo.gl/4E733J
To save on code space, fast-paths are implemented as sets of
function pointers instead of specializing generics.
R=cbruni@chromium.org, jgruber@chromium.org
Bug: v8:7382, v8:7624
Change-Id: I7cd4287e4562d84ab7c79c58ae30780630f976de
Reviewed-on: https://chromium-review.googlesource.com/1151199
Commit-Queue: Simon Zünd <szuend@google.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55003}
This CL fixes the copy-within JSTest benchmark so it works on Android.
R=machenbach@chromium.org
Change-Id: I63662f9ab00d0199614681a53118bc4079e697ff
Reviewed-on: https://chromium-review.googlesource.com/1168488
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#55001}
This CL adds a baseline Torque implementation without fast-paths for
Array.p.copyWithin. The JS version in array.js is removed.
R=cbruni@chromium.org, jgruber@chromium.org
Bug: v8:7624
Change-Id: Ie53047883a65dd9310ea8f8d0edb440f431044ea
Reviewed-on: https://chromium-review.googlesource.com/1165223
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#55000}
This reverts commit ff4fa92e88.
Reason for revert: blocks roll: https://chromium-review.googlesource.com/c/chromium/src/+/1167969 ... see https://chromium-swarm.appspot.com/task?id=3f344f7ada4e0110&refresh=10&show_raw=1 for stacktrace.
Original change's description:
> [builtins] Enable Torque Array.prototype.splice
>
> Before, splice was implemented with a C++ fast path and a
> comprehensive JavaScript version.
>
> This impl. is entirely in Torque with a fastpath for SMI,
> DOUBLE and OBJECT arrays, and a comprehensive slow path.
> The same level of "sparse" array support as given by the
> array.js implementation is included.
>
> Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
> Change-Id: Ibfa3407ed75b9ad15ac54cce446b3952e38f90a9
> Reviewed-on: https://chromium-review.googlesource.com/1039190
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54974}
TBR=danno@chromium.org,yangguo@chromium.org,mvstanton@chromium.org,tebbi@chromium.org,szuend@google.com
Change-Id: I900f667b30a0cf673ead9621618a9988cf85ffdf
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/1168902
Commit-Queue: Michael Hablich <hablich@chromium.org>
Reviewed-by: Michael Hablich <hablich@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54998}
Also, fix one spec violation that checked for Name, but should just
check for Strings.
Bug: v8:8032, v8:7684
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ib9ffa48b86b4da6e881eeec4eb24ec623345aae4
Reviewed-on: https://chromium-review.googlesource.com/1167042
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54987}
This CL adds basic JS benchmarks for Array.p.copyWithin to get some
feedback for the upcoming Torque implementation.
R=jgruber@chromium.org
Bug: v8:7624
Change-Id: Ic193a2b576d5fb7ac9f39db0379cece9144f979f
Reviewed-on: https://chromium-review.googlesource.com/1167289
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Simon Zünd <szuend@google.com>
Cr-Commit-Position: refs/heads/master@{#54984}
Also, since trampoline code is position independent now,
these builtins can be deleted from this list of Isolate dependent
builtins.
Bug: v8:7882
Change-Id: Ie65f739ebd3136993548e9737b22e7de0f09bf25
Reviewed-on: https://chromium-review.googlesource.com/1163513
Reviewed-by: Ivica Bogosavljevic <ibogosavljevic@wavecomp.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Ivica Bogosavljevic <ibogosavljevic@wavecomp.com>
Cr-Commit-Position: refs/heads/master@{#54983}
The idea is to compute the slack before compilation start. Then
we check that the slack tracking decision is the same at the end
of compilation. If it is, we just commit to that slack tracking
(by calling function->CompleteInobjectSlackTrackingIfActive).
If the slack tracking decision changed, we will retry the compilation.
This has several pieces:
- Expose computation of slack and instance size from the object model.
- Add compilation dependency on the slack tracking result.
- Change create lowering to use the dependency.
- Fix array creation to use the slack tracking result's instance
size.
Bug: v8:7790
Change-Id: Id975300cfd6c1786733cd7cbf55cc507c05738b2
Reviewed-on: https://chromium-review.googlesource.com/1164957
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54982}
This also allows us to get rid of Context::self_weak_cell.
BUG=v8:7308
Change-Id: I1b450385b674a4ad90c116648880fcbce6454c55
Reviewed-on: https://chromium-review.googlesource.com/1167186
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54981}
Port d324382e1c
and
Port bd3f0a684b
Original Commit Message:
This is a reland of a462a7854a
Original change's description:
> [turboassembler] Introduce hard-abort mode
>
> For checks and assertions (mostly for debug code, like stack alignment
> or zero extension), we had two modes: Emit a call to the {Abort}
> runtime function (the default), and emit a debug break (used for
> testing, enabled via --trap-on-abort).
> In wasm, where we cannot just call a runtime function because code must
> be isolate independent, we always used the trap-on-abort behaviour.
> This causes problems for our fuzzers, which do not catch SIGTRAP, and
> hence do not detect debug code failures.
>
> This CL introduces a third mode ("hard abort"), which calls a C
> function via {ExternalReference}. The C function still outputs the
> abort reason, but does not print the stack trace. It then aborts via
> "OS::Abort", just like the runtime function.
> This will allow fuzzers to detect the crash and even find a nice error
> message.
>
> Even though this looks like a lot of code churn, it is actually not.
> Most added lines are new tests, and other changes are minimal.
>
> R=mstarzinger@chromium.org
>
> Bug: chromium:863799
> Change-Id: I77c58ff72db552d49014614436259ccfb49ba87b
> Reviewed-on: https://chromium-review.googlesource.com/1142163
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54592}
R=clemensh@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: I60023470fa07576fd313f628ade06e279d5f4927
Reviewed-on: https://chromium-review.googlesource.com/1165822
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54980}
This fills the padding between builtins in the embedded blob with a
sequence of int3 instructions (ia32,x64).
Drive-by: Unify code zapping. We can add better support for other
architectures later.
Bug: v8:6666
Change-Id: Ibcb120ec18a8062d7527e0c6fe5ca86869c0dad8
Reviewed-on: https://chromium-review.googlesource.com/1167050
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54976}
Before, splice was implemented with a C++ fast path and a
comprehensive JavaScript version.
This impl. is entirely in Torque with a fastpath for SMI,
DOUBLE and OBJECT arrays, and a comprehensive slow path.
The same level of "sparse" array support as given by the
array.js implementation is included.
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ibfa3407ed75b9ad15ac54cce446b3952e38f90a9
Reviewed-on: https://chromium-review.googlesource.com/1039190
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54974}
This is the port of concurrent jump table patching support to ARM. It
extends the corresponding stress test and changes the encoding of code
targets in jump table slots to use constant pool entries.
R=clemensh@chromium.org
TEST=cctest/test-jump-table-assembler
BUG=v8:8018
Change-Id: I4b709a7f14dace0f4eb9219f995d42ca607bb25f
Reviewed-on: https://chromium-review.googlesource.com/1164952
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54971}
In case of switching from non-optimized to optimized version
of BranchLong macro, we forgot to take the instruction which
is located in the branch delay slot of the unoptimized version
and copy it to branch delay slot of the optimized version.
This CL implements the missing functionality.
Change-Id: I5e4adcccd0e85fd381a97eea8588e07bd8b045ef
Reviewed-on: https://chromium-review.googlesource.com/1165082
Reviewed-by: Ivica Bogosavljevic <ibogosavljevic@wavecomp.com>
Commit-Queue: Ivica Bogosavljevic <ibogosavljevic@wavecomp.com>
Cr-Commit-Position: refs/heads/master@{#54970}
DCHECKs (defined in src/logging.h) should not be used in third_party
code. This CL removes the only such use.
R=marja@chromium.org
Bug: v8:7754, v8:7965
Change-Id: I44196bd2d85e459e27c6a897f039f741edf1e2e1
Reviewed-on: https://chromium-review.googlesource.com/1158684
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54967}
We instantiate the JumpTableAssembler in patching mode (i.e. directly on
existing code without an intermittent buffer). In this mode it is not
possible to record reloc information. This makes sure we no longer just
blindly write into the non-existing buffer.
R=clemensh@chromium.org
BUG=v8:8028
Change-Id: I4abb8f06cf819fef608e901c4740263f0cecd08a
Reviewed-on: https://chromium-review.googlesource.com/1166834
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54966}
