Currently the jump label's distance value in LCodeGen::DoWrapReceiver() of X86 is unconsistent.
For avoiding potential bugs caused by this unconsistent usage for the same label when DeoptEveryNTimes()
return true, This CL unify the label's distance value usage in LCodeGen::DoWrapReceiver().
For more informations, please refer CL #41419 (https://codereview.chromium.org/2539403002/ ).
BUG=
Review-Url: https://codereview.chromium.org/2554493002
Cr-Commit-Position: refs/heads/master@{#41659}
When ParseOnBackground is done, we should construct a trace event and dump all
background parsing runtime statistics as argument. In tracing we don't want to
merge it back to to main thread, instead we show the trace event together with
background parsing trace event on script streamer thread track in Trace Viewer.
To perf sheriff: A series of counters ParseBackgroundxxx and
PreparseBackgroundxxx will be taken into account in this patch, thus runtime
statistics graph will increase after this patch gets landed.
BUG=v8:5089
Review-Url: https://codereview.chromium.org/2559403002
Cr-Commit-Position: refs/heads/master@{#41658}
This is to improve the performance of common operation of
extracting contextId or contextGroupId out of Context.
BUG=none
Review-Url: https://codereview.chromium.org/2558913004
Cr-Commit-Position: refs/heads/master@{#41657}
Generalize Messages to include an error level.
Add a parameter to AddMessageHandler to select which error levels to receive, using a mask (default being just errors, i.e. the current behavior).
BUG=v8:4203
R=dgozman@chromium.org,machenbach@chromium.org,danno@chromium.org,bmeurer@chromium.org,jochen@chromium.org
Review-Url: https://codereview.chromium.org/2526703002
Cr-Commit-Position: refs/heads/master@{#41648}
Reason for revert:
Tree closer: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/builds/12409
Original issue's description:
> [heap] Initialize the owner on each page after lospace allocation
>
> The least two bits of the owner field of a Page are used to determine
> whether the Page is part of a large object. If these bits are not equal
> to 0x11, the page is part of a large object and needs special handling
> e.g. in MemoryChunk::FromAnyPointerAddress to determine which chunk it
> belongs to.
>
> This CL fixes an issue in which the store buffer overflows after
> a large object space allocation but before the object has been fully
> initialized. Store buffer overflow handling attempts to look up the
> chunk of a page, but fails to do so correctly since the page's owner
> field has not yet been initialized.
>
> This CL ensures that the owner field of all pages belonging to a large
> object allocation are initialized to a value that is interpreted
> correctly.
>
> BUG=chromium:672041
>
> Committed: https://crrev.com/9b6808bfb5366beebe3af30a06f9851edb2039d4
> Cr-Commit-Position: refs/heads/master@{#41641}
TBR=mlippautz@chromium.org,jgruber@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:672041
Review-Url: https://codereview.chromium.org/2562273004
Cr-Commit-Position: refs/heads/master@{#41644}
This CL moves all methods related to scripts and eval origin (HasScript,
GetScript, IsEval, GetEvalOrigin) from JSStackFrame to StackFrameBase,
because it also applies to WasmFrames.
This makes the AppendFileLocation method append the same information to
WasmStackFrames and AsmJsWasmStackFrames than to JSStackFrames.
R=titzer@chromium.org, mstarzinger@chromium.org
BUG=v8:4203
Review-Url: https://codereview.chromium.org/2557923005
Cr-Commit-Position: refs/heads/master@{#41642}
The least two bits of the owner field of a Page are used to determine
whether the Page is part of a large object. If these bits are not equal
to 0x11, the page is part of a large object and needs special handling
e.g. in MemoryChunk::FromAnyPointerAddress to determine which chunk it
belongs to.
This CL fixes an issue in which the store buffer overflows after
a large object space allocation but before the object has been fully
initialized. Store buffer overflow handling attempts to look up the
chunk of a page, but fails to do so correctly since the page's owner
field has not yet been initialized.
This CL ensures that the owner field of all pages belonging to a large
object allocation are initialized to a value that is interpreted
correctly.
BUG=chromium:672041
Review-Url: https://codereview.chromium.org/2565713002
Cr-Commit-Position: refs/heads/master@{#41641}
The current logic in Isolate::GetLocationFromStackTrace just ignores
wasm frames, making the computed location point to the first javascript
frame, like this:
test.js:17: RuntimeError: divide by zero
module.exports.main();
^
RuntimeError: divide by zero
at main (<WASM>[1]+5)
at test.js:17:16
This CL not only fixes the location to point to the top-most wasm
frame, but also exposes to the embedder that the script of that location
is a wasm script, allowing for custom printing of wasm locations.
The Shell::ReportException method now checks for this flag, and prints
wasm locations like this:
<WASM>[0]+5: RuntimeError: divide by zero
RuntimeError: divide by zero
at main (<WASM>[0]+5)
at test/message/wasm-trap.js:15:16
R=titzer@chromium.org, yangguo@chromium.org
BUG=chromium:613110
Review-Url: https://codereview.chromium.org/2563673002
Cr-Commit-Position: refs/heads/master@{#41640}
Add the operator in preparation for actual perf work. The operator is replaced
by the same runtime call as before, during lowering.
The CallConstructWithSpreadParameters is a bit silly at the moment, but will
hold more once we add feedback.
BUG=v8:5659
Review-Url: https://codereview.chromium.org/2561103003
Cr-Commit-Position: refs/heads/master@{#41636}
For generator-based functions (e.g. async functions) we force variables to be
context-allocated. Due to a bug in the parser, this didn't always work
correctly. For instance, in "async function foo([a]) { ... }" the variable "a"
could become stack-allocated due to context allocation being forced on the wrong
scope.
Besides fixing this, I'm also cleaning up some related code in the async parsing
setup and adding some guards.
R=adamk@chromium.org, littledan@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2561093002
Cr-Commit-Position: refs/heads/master@{#41635}
The evaluation order of this argument was accidentally changed when the
special-case was added for super calls with a final spread argument.
Review-Url: https://codereview.chromium.org/2563423002
Cr-Commit-Position: refs/heads/master@{#41633}
--asan test config passes --omit-quit which breaks this test on
failure.
Review-Url: https://codereview.chromium.org/2546093002
Cr-Commit-Position: refs/heads/master@{#41627}
Forcing finalization after reaching allocation limit regresses gc pause
time in benchmarks as we have to do a lot of non-incremental marking work.
This patch allows overshoot of the limit by some margin.
BUG=chromium:670675,chromium:671994
TBR=mlippautz@chromium.org
Review-Url: https://codereview.chromium.org/2554423005
Cr-Commit-Position: refs/heads/master@{#41625}
This fixes the corner-case where the method in question failed to lookup
the very last deoptimization bailout without subsequent entries within
the relocation info. Also enable a test covering this.
R=tebbi@chromium.org
TEST=cctest/test-cpu-profiler/CollectDeoptEvents
Review-Url: https://codereview.chromium.org/2565733002
Cr-Commit-Position: refs/heads/master@{#41623}
Because the parser optimizes !123 -> false,
we allow booleans in expressions (but not parameter annotations).
Allow this in asm-wasm-builder.
Turn on an early out case in asm-typer that is fine.
BUG=672784
R=titzer@chromium.org
Review-Url: https://codereview.chromium.org/2561193003
Cr-Commit-Position: refs/heads/master@{#41622}
Logging for --perf-prof is not GC safe. Now, we are going to
emit source position info for optimized code when we are
profiling, logging, or debugging, and under the same condition,
pre-compute the line ends array for line number computation.
R=tebbi@chromium.org
BUG=v8:5730
Review-Url: https://codereview.chromium.org/2562973002
Cr-Commit-Position: refs/heads/master@{#41619}
We should really think about having a static analysis to check for
such errors, and a bot executing it regularly.
This is not the first time I encounter declared functions that are
never defined.
R=titzer@chromium.org
Review-Url: https://codereview.chromium.org/2561333002
Cr-Commit-Position: refs/heads/master@{#41617}
By now the predicate in question is an exact negation of %IsAsmWasmCode
as the name intuitively implies. The need for two separate test methods
no longer exists and one of the two can be removed.
R=bradnelson@chromium.org
Review-Url: https://codereview.chromium.org/2562003002
Cr-Commit-Position: refs/heads/master@{#41616}
By now the compiler pipeline will not produce optimized code for asm.js
functions unless validation failed (even when --always-opt is enabled).
The related workaround in the testing predicate can be removed.
R=rmcilroy@chromium.org
Review-Url: https://codereview.chromium.org/2549463002
Cr-Commit-Position: refs/heads/master@{#41614}
In the asm.js code translated to wasm, we call imported functions via a
WASM_TO_JS stub, which first calls the function and then calls ToNumber
on the return value. Exceptions can happen in both calls.
We were only ever reporting the location of the function call, whereas
asm.js code executed via turbofan reported the location of the type
coercion operator ("+" on "+foo()" or "|" on "foo()|0").
This CL implements the same behaviour for asm.js code translated to
wasm. The following is changed:
- the AsmWasmBuilder records the parent node when descending on a binary
operator (also "+foo()" is represented by a binary operation).
- it stores not one location per call in the source position side
table, but two (one for the call, one for the parent which does the
type coercion).
- the wasm compiler annotates the source positions "0" and "1" to the
two calls in the WASM_TO_JS wrapper (only if the module origin is
asm.js).
- the StackFrame::State struct now also holds the callee_pc_address,
which is set in ComputeCallerState. The WASM frame uses this
information to determine whether the callee frame is WASM_TO_JS, and
whether that frame is at the ToNumber conversion call.
- the same information is also stored in the FrameArray which is used
to reconstruct the stack trace later.
R=titzer@chromium.org, bradnelson@chromium.orgCC=jgruber@chromium.org
BUG=v8:4203,v8:5724
Committed: https://crrev.com/94cd46b55e24fa2bb7b06b3da4d5ba7f029bc262
Review-Url: https://codereview.chromium.org/2555243002
Cr-Original-Commit-Position: refs/heads/master@{#41599}
Cr-Commit-Position: refs/heads/master@{#41613}
