Previously, we had lazy parsing of class constructor disabled when a
class literal had class fields because we were using a reference to
the initializer function variable to load the function and call it.
Instead, in this patch, we use the scope analysis to lookup this
initializer function variable.
Bug: v8:5367
Change-Id: Ib73d7e6abed33c04d1f574e7976bea4869d54757
Reviewed-on: https://chromium-review.googlesource.com/768384
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49406}
If two modules use lazy compilation, and one imports a function of
another, we are unwrapping the js-to-wasm wrapper of the export. This
was failing so far, because during unwrapping we did not find the wasm
code.
This CL fixes this by also recognizing WasmCompileLazy stubs as "wasm
code".
R=ahaas@chromium.org
Bug: chromium:779569, v8:5991
Change-Id: If2260c3721e3746a7635b9d0182fd520df2fb773
Reviewed-on: https://chromium-review.googlesource.com/771672
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49405}
This refactors EffectControlLinearizer's LowerTruncateTaggedToBit and
LowerTruncateTaggedPointerToBit such that they share the common code.
This common code will grow further when supporting bigints in a future
CL.
R=jarin@chromium.org
Bug:
Change-Id: I881d705de327243121b73e12fb93f2cd96f315f2
Reviewed-on: https://chromium-review.googlesource.com/771391
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49403}
When calling the CWasmEntry in order to call from the interpreter to a
wasm function, the given buffer must hold the arguments, and must also
have enough space to hold the return values. We were missing the second
part, hence we failed when there are no parameters, but a return.
R=ahaas@chromium.org
Bug: chromium:784125
Change-Id: I08d417cae60eea64fda8a72e898dbed9f3e88148
Reviewed-on: https://chromium-review.googlesource.com/771633
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49402}
There's not really a point in passing the resume_mode as parameter to
the ResumeGenerator builtin. Instead we could as well just store the
mode to the generator object directly.
Drive-by-fix: On Intel allocate the generator to the new.target register
immediately so we don't need to move it there later.
Bug: v8:6344, v8:6354
Change-Id: I74e98cfffa2b3d72c43d8b6e9fdca03d01c9b4fa
Reviewed-on: https://chromium-review.googlesource.com/774259
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49401}
We need to explicitly rule out negative indices for the out-of-bounds
case, otherwise we can end up with a monomorphic KeyedLoadIC that allows
OOB accesses, but doesn't properly check whether there are properties
with negative integer names on the receiver.
Bug: chromium:784835
Change-Id: Ic3ef5438b76094f024de0c6348183fb62b32088c
Reviewed-on: https://chromium-review.googlesource.com/774278
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49396}
The option lets us use the function in cases where we cannot use the current
version due to restrictions on src and dst. This will be useful for some arm64
builtins when we pad the stack arguments, where we will need to copy the
existing arguments either one slot up or one slot down in memory.
Bug: v8:6644
Change-Id: I75281cdc9fa6812e3b24bf5756057c93305cbb95
Reviewed-on: https://chromium-review.googlesource.com/771711
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com>
Cr-Commit-Position: refs/heads/master@{#49394}
Beside blocks, do also generate loops.
Also, generalize generation of breaks such that they can happen
anywhere, even outside of a block or loop.
R=eholk@chromium.org
Change-Id: Ib2f8c75913e97f331ec105fd87fc882bc5c04864
Reviewed-on: https://chromium-review.googlesource.com/771610
Reviewed-by: Eric Holk <eholk@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49392}
Even though a previous patch made the number of slots pushed/claimed on
the stack aligned, the boundary between frames was not a multiple of
two slots as well. We were pushing the number of arguments (which belongs
in the stub's frame) together with the arguments to pass to the
constructor function (which belong to the frame of the constructor
function). Those need to be separated so we can drop the arguments without
messing up the alignment.
Bug: v8:6644
Change-Id: I839a4ab9caf451623fbcf03dd8a8afe5879fef99
Reviewed-on: https://chromium-review.googlesource.com/771670
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com>
Cr-Commit-Position: refs/heads/master@{#49391}
This simplifies the existing invariant and enables loop-peeling on all loops.
The main motivation is that it enables dead code elimination to always eagerly
fold away branches even when this would create infinite loops.
Bug:
Change-Id: If4347f748f8d8735965771f66260a8f931b24132
Reviewed-on: https://chromium-review.googlesource.com/763531
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49387}
Removes Isolate from compilation info and instead threads isolate through
function calls. This ensures that we can't access the isolate from
background thread compilations.
BUG=v8:5203
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I9a4e1cd67c4736e36f609360b996fb55166a1c50
Reviewed-on: https://chromium-review.googlesource.com/751745
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49386}
On the PredictablePlatform we return the ForegroundTaskRunner of the
underlying platform in both GetForeGroundTaskRunner and
GetBackgroundTaskRunner. The reason is that thereby we can enforce a
predictable, sequential execution of tasks.
R=clemensh@chromium.org, rmcilroy@chromium.org
Change-Id: Icec9fe52da922b1e75a3fb5b0155083be0a3a0fd
Reviewed-on: https://chromium-review.googlesource.com/771792
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49384}
The foreground task runner and the background task runner are the same.
Thereby we can get predictable behavior.
R=clemensh@chromium.org
Change-Id: I18f9c7277a344b7884d6de0c2159cc3f010576b4
Reviewed-on: https://chromium-review.googlesource.com/771833
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49383}
Fix c5c50e1860
After the change from the title landed, around 700 tests started
failing on MIPS and MIPS64. The reason for the failure was a typo
in Generate_JSBuiltinsConstructStubHelper in builtin-mips.cc
and builtin-mips64.cc.
Bug:
Change-Id: Id95a87773d6ab1d4a65c3c7a306629046a44fa7d
Reviewed-on: https://chromium-review.googlesource.com/771652
Reviewed-by: Miran Karić <Miran.Karic@imgtec.com>
Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com>
Cr-Commit-Position: refs/heads/master@{#49382}
The streaming decoder allocates the whole section buffer of the code
section when it reads the section length of the code section. Therefore
we have to check that the different parts of the code section actually
use all the bytes, and that the different parts of the code section do
not need more bytes than available. The check that all bytes are used
was missing in the case where the code section contained zero functions.
In addition, this CL adds some tracing to the streaming decoder which
may be useful in future debugging.
R=clemensh@chromium.org
Bug: chromium:783595
Change-Id: Icf056c25a3000b4a08a791939dab0ccde9fc3f80
Reviewed-on: https://chromium-review.googlesource.com/768788
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49380}
There was a data race in the access of the foreground_task_runner_map_.
I protect each access to foreground_task_runner_map_ with a lock now.
Original change's description:
> [platform] Implement TaskRunners in the DefaultPlatform
>
> This CL implements the TaskRunners in the DefaultPlatform which has been
> added recently to the platform API. In addition I changed how task
> posting works on the DefaultPlatform.
>
> With this implementation the DefaultPlatform keeps one
> DefaultForegroundTaskRunner per isolate, plus one
> DefaultBackgroundTaskRunner. The DefaultPlatform owns these TaskRunners
> with a shared_ptr, which is also shared with any caller of
> GetForegroundTaskRunner or GetBackgroundTaskrunner.
>
> This CL moves the task management from the DefaultPlatform to the
> TaskRunners. The DefaultForegroundTaskRunner owns and manages the the
> task queue, the delayed task queue, and the idle task queue. The
> DefaultBackgroundTaskRunner owns the WorkerThread pool and the
> background task queue.
>
> In addition changed many Task* to std::unique_ptr<Task> to document task
> ownership.
>
> R=rmcilroy@chromium.org
>
> Change-Id: Ib9a01f1f45e5b48844a37d801f884210ec3f6c27
> Reviewed-on: https://chromium-review.googlesource.com/753583
> Commit-Queue: Andreas Haas <ahaas@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49354}
Change-Id: Iddccdb07bde1a799815ec6ed6af37082df4987c7
Reviewed-on: https://chromium-review.googlesource.com/770970
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49379}
The backing store fixed array for collections needs to be allocated
in LOS if it exceeds the maximum regular heap object size.
Drive-by-fix: Only store fixed array map once as per TODO.
Bug: chromium:784862
Change-Id: I6b4dd2e45153ae107171e21bc7448e0d9b54b0ed
Reviewed-on: https://chromium-review.googlesource.com/771150
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49378}
Adds a stress-background-compile mode which runs compilation on a background
thread at the same time as compiling on the main thread to flush out races.
This is added as one of the variants, removing stress_asm_validation since this
is no longer a useful variant.
BUG=v8:5203
Change-Id: I73dd9f21d9b6da4a4cb39c05061aa24116e6c5ad
Reviewed-on: https://chromium-review.googlesource.com/741746
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49376}
They can no longer return nan. They basically intersect their argument
type with Type::OrderedNumber before analysing it. Never call them on
Type::NaN.
Bug:
Change-Id: I7e7b46aa9fcde4f2644b81b3a34e76b092f633a4
Reviewed-on: https://chromium-review.googlesource.com/763410
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49375}
This introduces two dedicated API methods to invalidate references from
a given {Code} object. They are needed to reduce lifetime of objects
referenced from deoptimized code. The new methods are aim at embedded
objects and deoptimization data, called {InvalidateCodeEmbeddedObjects}
and {InvalidateCodeDeoptimizationData} respectively.
R=jarin@chromium.org
BUG=v8:6792
Change-Id: I6bf8806c8b00c6e0ec8f0551e9066729a86845b1
Reviewed-on: https://chromium-review.googlesource.com/757010
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49373}
The CodeStubAssembler's BitwiseOp method used by the interpreter and Number
related builtins would unconditionnaly mask the shift amount operand with
0x1f. However some targets' shift implementation may already do it.
This removes 24 `and` instructions from the snapshot on Arm64.
Bug:
Change-Id: If0a720c7ea69fea46c9b31dd55903603f058d481
Reviewed-on: https://chromium-review.googlesource.com/765971
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Pierre Langlois <pierre.langlois@arm.com>
Cr-Commit-Position: refs/heads/master@{#49371}
Despite the V8_INLINE annotation, it was never actually inlined until
18cac20c50 removed the NonPatternRewriter,
causing all calls to Parser::RewriteNonPattern() to inline RewriteSpreads.
This patch should recover the binary bloat in the attached bug while
retaining the inlining of the rest of RewriteNonPattern, which in
the common case does very little work (and doesn't call out to RewriteSpreads).
Bug: chromium:784924
Change-Id: I1c2062b41ceb51a9522d49bdb9353e1840393ca1
Reviewed-on: https://chromium-review.googlesource.com/769442
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49370}
Otherwise we can end up with performance regression with a lot of
frames in cache. Map requires log(N) for lookup, unordered map for
frames ids requires - ~O(1).
R=dgozman@chromium.org
Bug: v8:7078
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Iac1ff7e35daede8c5ebd424f686a8ef8dbae9061
Reviewed-on: https://chromium-review.googlesource.com/767035
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49369}
Previously, the Parser stored a Scope alongside a RewritableExpression
for each potential destructuring assignment. This Scope was later used
during rewriting to set the correct context for the rewriting. But this
approach failed if a new Scope was inserted into the Scope chain between
the time the assignment was parsed and when it was rewritten.
By storing the Scope directly in RewritableExpression,
ReparentExpressionScopes() is able to appropriately re-scope such
expressions prior to their rewriting.
Bug: chromium:779457
Change-Id: Ieb429a3da841f76d5798610af59da4fccb000652
Reviewed-on: https://chromium-review.googlesource.com/767666
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49368}
Add enum values to the "no cache reason" API which reflect new types of
no-cache reason we will want to distinguish.
Also, renames one of the enum values (BecauseExtension ->
BecauseV8Extension) because it was confusing. It's a V8-only type of no
cache reason, so it shouldn't affect embedders.
Bug: chromium:769203
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I41d4ecfb35b2e91b71562b4f23b15d20f16a943c
Reviewed-on: https://chromium-review.googlesource.com/769010
Reviewed-by: Mythri Alle <mythria@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49367}
At the moment, task runners are returned as unique_ptr. This is
inconvenient, however. In all implementations I did, the platform holds
a shared pointer of the task runner and wraps it in a wrapper class just
to return it as a unique_ptr. With this CL the platform API is changed
to return a shared_ptr directly.
R=rmcilroy@chromium.org
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Ide278db855199ea239ad0ae14d97fd17349dac8c
Reviewed-on: https://chromium-review.googlesource.com/768867
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49366}
Adds support for compiling top-level code on a background thread behind a flag.
When the flag is enabled, any background-parsing-task will perform compilation
as well as parsing.
BUG=v8:5203
TBR=marja@chromium.org,mstarzinger@chromium.org
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Icf90ac7211298d3555515dafc7c3245618ec1304
Reviewed-on: https://chromium-review.googlesource.com/764048
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49364}
This is a reland of 4899bcb66d
This is a reland of b73ee3344a
Original change's description:
> [Memory] Use OS::Allocate for all OS memory allocations.
>
> - Eliminates OS::ReserveRegion and OS::ReserveAlignedRegion.
> - Changes OS::Allocate to take alignment parameter, reorders parameters
> to match page_allocator.
> - Since the size of memory allocation can be deduced, don't return the
> amount of memory allocated.
> - Changes reservation of aligned address space. Before we would reserve
> (size + alignment) rounded up to page size. This is too much, because
> maximum misalignment is (alignment - page_size).
> - On Windows and Cygwin, we release an oversize allocation and
> immediately retry at the aligned address in the allocation. If we
> lose the address due to a race, we just retry.
> - Clean up all the calls to OS::Allocate in codegen and tests by adding
> helper AllocateSystemPage function (allocation.h) and
> AllocateAssemblerBuffer (cctest.h).
> - Changes 'assm' to 'masm' in some targets for consistency when using
> a macro-assembler.
>
> - Eliminates OS::ReleaseRegion, replacing with calls to OS::Free.
> - Adds bool return value to OS::Free.
> - Cleans up types of flags, protection on Windows and Cygwin.
> Bug: chromium:756050
> Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
> Change-Id: I306dbe042cc867670fdc935abca29db074b0da71
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Iad3c025334e8f8d7d647be99a36a11ee449c9087
Reviewed-on: https://chromium-review.googlesource.com/767014
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49363}
Unaligned access is still unused, but will be necessary to load String-length
once we store it as an int32 next to the hash-field.
Bug: v8:7065
Change-Id: I7fa9364e062774c0a6b32e7f961031dcd30c564c
Reviewed-on: https://chromium-review.googlesource.com/763349
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49358}
