We used to have Array types for typed arrays in asm.js at some point,
but had to change that quite some time ago already. And Function types
were mostly used for the CallInterfaceDescriptor (and the code-stub.js
experiment), but are also unusedn nowadays.
R=mvstanton@chromium.org
BUG=v8:5267,v8:5270
Review-Url: https://codereview.chromium.org/2310923002
Cr-Commit-Position: refs/heads/master@{#39168}
This patch moves the following parsing methods to ParserBase:
- ParseStatementList
- ParseStatementListItem
- ParseStatement
- ParseSubStatement (subsumed in ParseStatement)
- ParseStatementAsUnlabeled
It also refactors the Target and TargetScope objects, used by the
parser.
R=adamk@chromium.org, marja@chromium.org
BUG=
LOG=N
Review-Url: https://codereview.chromium.org/2307073002
Cr-Commit-Position: refs/heads/master@{#39167}
Those have been effectively unused for quite a while now, and we
don't see any use in having them around. Actually it'd be way more
consistent and simpler to just use OtherInternal as type for contexts
instead.
R=mvstanton@chromium.org
BUG=v8:5267,v8:5270
Review-Url: https://codereview.chromium.org/2305383002
Cr-Commit-Position: refs/heads/master@{#39166}
Reason for revert:
Performance regressions: crbug.com/644087
Clusterfuzz: crbug.com/644074
We'll reland all regexp changes at once when the port is complete and at least performance-neutral, since the partial port requires slow workarounds.
Original issue's description:
> [regexp] Remove dead code
>
> Remove dead code, and drop the legacy RegExp.prototype.exec implementation (the
> only differences are TO_BOOLEAN on global and sticky).
>
> BUG=v8:5339
>
> Committed: https://crrev.com/1cb2a70cb5baa7545fdf9cc4e035a6d45cb189fd
> Cr-Commit-Position: refs/heads/master@{#39121}
TBR=bmeurer@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=v8:5339
Review-Url: https://codereview.chromium.org/2310903002
Cr-Commit-Position: refs/heads/master@{#39165}
Since the extension field is already used for the catch name, store a
ContextExtension there instead.
In the future, this will allow for chaining ScopeInfos together, so we
no longer need a context chain for lazy parsing / compilation.
BUG=v8:5215
R=bmeurer@chromium.org,neis@chromium.org,marja@chromium.org
Review-Url: https://codereview.chromium.org/2302013002
Cr-Commit-Position: refs/heads/master@{#39164}
Rebuilding (after touching certain files) is crazy slow because
includes are out of control.
BUG=v8:5294
Review-Url: https://codereview.chromium.org/2312683002
Cr-Commit-Position: refs/heads/master@{#39161}
Reason for revert:
Performance regressions: crbug.com/644087
Clusterfuzz: crbug.com/644074
We'll reland all regexp changes at once when the port is complete and at least performance-neutral, since the partial port requires slow workarounds.
Original issue's description:
> [regexp] Port RegExpExec
>
> BUG=v8:5339
>
> Committed: https://crrev.com/c79e163ba82f2e2dcf9b60639127d187fdbf54b9
> Cr-Commit-Position: refs/heads/master@{#39150}
TBR=bmeurer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5339
Review-Url: https://codereview.chromium.org/2315473002
Cr-Commit-Position: refs/heads/master@{#39160}
Also remove other unnecessary includes from ast.h and dependencies.
BUG=v8:5294
Review-Url: https://codereview.chromium.org/2301423002
Cr-Commit-Position: refs/heads/master@{#39155}
Reason for revert:
mac gc stress failures:
https://build.chromium.org/p/client.v8/builders/V8%20Mac%20GC%20Stress/builds/8341
Original issue's description:
> [wasm] reuse the first compiled module.
>
> This change avoids needing to keep around an unused compiled
> module. Instead, the result of compiling the wasm bytes is
> given to the first instance. The module object and that instance object
> point to the same compiled module. Instances are, then, cloned from
> the compiled module the module object points to. When an instance is
> collected, we make sure that the module object still has a clone
> available, and, if the last instance is GC-ed, we also reset the compiled
> module so that it does not reference its heap, so that it (==heap) may
> be collected.
>
> This is achieved by linking the clones in a double-linked list and
> registering a finalizer for each. When we create an instance, we tie it
> in the front of the list, making the module object point to it (O(1)). When
> the finalizer is called, we relink the list over the dying object (O(1)). The
> costliest operation is finalizing the last instance, since we need to visit
> all wasm functions and reset heap references.
>
> BUG=v8:5316
>
> Committed: https://crrev.com/01f5af515728aebe6c5246f4f7dd6c573e8748af
> Cr-Commit-Position: refs/heads/master@{#39153}
TBR=bradnelson@chromium.org,verwaest@chromium.org,vogelheim@chromium.org,yangguo@chromium.org,mtrofin@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5316
Review-Url: https://codereview.chromium.org/2306403002
Cr-Commit-Position: refs/heads/master@{#39154}
This change avoids needing to keep around an unused compiled
module. Instead, the result of compiling the wasm bytes is
given to the first instance. The module object and that instance object
point to the same compiled module. Instances are, then, cloned from
the compiled module the module object points to. When an instance is
collected, we make sure that the module object still has a clone
available, and, if the last instance is GC-ed, we also reset the compiled
module so that it does not reference its heap, so that it (==heap) may
be collected.
This is achieved by linking the clones in a double-linked list and
registering a finalizer for each. When we create an instance, we tie it
in the front of the list, making the module object point to it (O(1)). When
the finalizer is called, we relink the list over the dying object (O(1)). The
costliest operation is finalizing the last instance, since we need to visit
all wasm functions and reset heap references.
BUG=v8:5316
Review-Url: https://codereview.chromium.org/2305903002
Cr-Commit-Position: refs/heads/master@{#39153}
There are no users of class types left inside TurboFan, so we can nuke
them and thereby simplify the type system quite a bit.
R=mvstanton@chromium.org
BUG=v8:5267,v8:5270
Review-Url: https://codereview.chromium.org/2309753002
Cr-Commit-Position: refs/heads/master@{#39152}
Avoid the useless strict equality comparisons with true/false being
generated for the JumpIfTrue, JumpIfFalse, JumpIfToBooleanTrue and
JumpIfToBooleanFalse bytecodes. Instead feed the accumulator (or the
outcome of ToBoolean) directly to the Branch node and do the negation
as part of the control flow.
The previous subraphs would render the loop variable analysis useless,
and would cause a lot of unnecessary bit materialization, because many
of our optimizations don't kick in.
Note: This is only part of the problem, there are more subtle differences
in the bytecode pipeline that prevent several important optimizations to
kick in.
R=mstarzinger@chromium.org
BUG=v8:5267,v8:5348
Review-Url: https://codereview.chromium.org/2309733002
Cr-Commit-Position: refs/heads/master@{#39151}
Fold a Select that negates a boolean value, i.e. returning true in the
false case and vice versa, into Branch users, similar to what we already
do for Branch nodes with BooleanNot inputs.
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2308303003
Cr-Commit-Position: refs/heads/master@{#39149}
has_slot_use is computed early, and we need it to determine if we need
to generate SpillRanges. After splintering, however, the information may
be incorrect - e.g. just the splinter may have slot uses, and not the
original.
BUG=
Review-Url: https://codereview.chromium.org/2312523002
Cr-Commit-Position: refs/heads/master@{#39147}
port 7e5b8feed3 (r39120)
original commit message:
Collect type feedback in the bytecode handler for 'new' bytecode. The
earlier cl (https://codereview.chromium.org/2153433002/) was reverted
because that implementation did not collect allocation site feedback.
This regressed delta blue by an order of magnitude. This implementation
includes collection of allocation site feedback.
Reland of https://codereview.chromium.org/2190293003/ with a bug fix.
BUG=
Review-Url: https://codereview.chromium.org/2293253007
Cr-Commit-Position: refs/heads/master@{#39145}
Rolling v8/build to a767a79305018c5ec5affd7d96cff474aa3b03a1
Rolling v8/tools/clang to 052b1cffaca49a038f27168ef9d897db6df04e5a
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2311503003
Cr-Commit-Position: refs/heads/master@{#39144}
This makes for slightly faster rebuilds when touching parser-base.h
(which changes frequently!). Also takes care of an old TODO,
moving CompileTimeValue into its own file under ast/, where it
properly belongs.
BUG=v8:5294
Review-Url: https://codereview.chromium.org/2305883002
Cr-Commit-Position: refs/heads/master@{#39141}
This disables notification of wasm script 'compilation' since
OnAfterCompile actually triggers a JS call (which is disallowed during
stack trace collection).
BUG=641065
Review-Url: https://codereview.chromium.org/2304943002
Cr-Commit-Position: refs/heads/master@{#39139}
This prepares using mb as a library and not as a sub
process. It is used like that in the new list command that
shows available configurations.
Also added more robust checks of user inputs, better hints
and better docu.
BUG=chromium:625791
NOTRY=true
Review-Url: https://codereview.chromium.org/2300333002
Cr-Commit-Position: refs/heads/master@{#39136}
Our Type class has a semantic and representational dimension.
Much code in src/ast, Crankshaft and Turbofan is based on it.
Going forward in Turbofan we'd like to remove representational information
entirely. To that end, new type AstType has been created to preserve
existing behavior for the benefit of Crankshaft and the AST.
BUG=
Review-Url: https://codereview.chromium.org/2302283002
Cr-Commit-Position: refs/heads/master@{#39135}
We introduce, similar to regular heap, a hard and a soft limit for external memory.
- Upon reaching the hard limit we do a full GC. The hard limit is a a delta from
the size of external memory at last GC.
- Upon reaching the soft limit we start incremental marking. Each further
AdjustAmountOfExternalMemory will trigger a marking step. The step size depends
on how far we are away from the hard limit. Further away means we have still
some wiggle room and the step will be small. Being closer to the hard limit
makes it more likely to trigger a full GC, so we increase the step size.
BUG=chromium:621829
Review-Url: https://codereview.chromium.org/2256853003
Cr-Commit-Position: refs/heads/master@{#39133}
With the flag on the blink tests fail because blink is not prepared for v8
behaving incrementally.
In order to land and enable incremental wrapper tracing both in v8 smoothly and
blink we need to:
1. Land ScriptWrappableVisitorTest (http://crrev.com/2301213003)
2. Land write barriers implementation with more tests
3. Land write barriers installations
4. Enable incremental wrapper tracing on v8 side
5. Canary the heck out of this :)
This way the tests should be passing and chrome shouldn't crash at any given
moment.
LOG=no
BUG=468240
NOTRY=true
Review-Url: https://codereview.chromium.org/2299193003
Cr-Commit-Position: refs/heads/master@{#39132}
According to the WebAssembly specification the alignment of load and
store instructions has to be less or equal to natural alignment.
R=titzer@chromium.org
Review-Url: https://codereview.chromium.org/2285643002
Cr-Commit-Position: refs/heads/master@{#39131}
Looking at the code with Toon showed me that the code is not really
readable at the moment. This refactoring should make the different kinds
of calls and their parameters more apparent.
R=titzer@chromium.org
Review-Url: https://codereview.chromium.org/2295743002
Cr-Commit-Position: refs/heads/master@{#39126}
Happily, we can/should include semantic information such as Internal(), NonInternal() even as we remove representation data.
BUG=
Review-Url: https://codereview.chromium.org/2305573003
Cr-Commit-Position: refs/heads/master@{#39123}
With the Indexed/GenericNamedPropertyDefinerCallback it is possible to intercept Object.defineProperty() calls.
Requests that call JSReceiver::OrdinaryDefineOwnProperty() internally, also trigger the interceptor. This includes Object.freeze(), Object.preventExtensions(), and Object.seal().
As without this patch, the query interceptor triggers on
defineProperty, unless the definer callback
intercepts the request.
As without this patch, the query interceptor triggers on defineProperty, unless the definer callback intercepts the request.
BUG=
Committed: https://crrev.com/b9d985975cf3bab0ded0cec9fafd3799f9bde29a
Review-Url: https://codereview.chromium.org/2272383002
Cr-Original-Commit-Position: refs/heads/master@{#39094}
Cr-Commit-Position: refs/heads/master@{#39122}
Remove dead code, and drop the legacy RegExp.prototype.exec implementation (the
only differences are TO_BOOLEAN on global and sticky).
BUG=v8:5339
Review-Url: https://codereview.chromium.org/2301803003
Cr-Commit-Position: refs/heads/master@{#39121}
Collect type feedback in the bytecode handler for 'new' bytecode. The
earlier cl (https://codereview.chromium.org/2153433002/) was reverted
because that implementation did not collect allocation site feedback.
This regressed delta blue by an order of magnitude. This implementation
includes collection of allocation site feedback.
Reland of https://codereview.chromium.org/2190293003/ with a bug fix.
BUG=v8:4280, v8:4780
LOG=N
Review-Url: https://codereview.chromium.org/2225923003
Cr-Commit-Position: refs/heads/master@{#39120}