Speculative reason for issue 684481.
BUG=chromium:684481
TBR=marja@chromium.org,mstarzinger@chromium.org,ahaas@chromium.org,verwaest@chromium.org,
Original issue's description:
> [Parse] ParseInfo owns the parsing Zone.
>
> Moves ownership of the parsing Zone to ParseInfo with a shared_ptr. This is
> in preperation for enabling background compilation jobs for inner functions
> share the AST in the outer-function's parse zone memory (read-only), with the
> and zone being released when all compilation jobs have completed.
>
> BUG=v8:5203, v8:5215
> Review-Url: https://codereview.chromium.org/2632123006
> Cr-Commit-Position: refs/heads/master@{#42562}
> Committed: 4b0101d369
Review-Url: https://codereview.chromium.org/2648383005
Cr-Commit-Position: refs/heads/master@{#42633}
We can share almost all of the architecture-specific builtin code with super-call-with-spread.
Info to port-writers: The code in CheckSpreadAndPushToStack has changed slightly from what was in Generate_ConstructWithSpread, in that we take the length of the spreaded parameters from the JSArray rather than the FixedArray backing store.
BUG=v8:5511
Review-Url: https://codereview.chromium.org/2649143002
Cr-Commit-Position: refs/heads/master@{#42632}
It was a scary function which handled all possible old-fashioned and
for-each statements at one go. Split it to multiple smaller functions
and made the top level logic clearer.
BUG=
Review-Url: https://codereview.chromium.org/2645353002
Cr-Commit-Position: refs/heads/master@{#42627}
This disables optimizations when using typed float arrays in
correctness fuzzer test cases. Otherwise, different NaN patterns
in float typed arrays might lead to different observations when
using the buffer in an int array view.
BUG=chromium:683579
NOTRY=true
TBR=Jarin, mvstanton, Igor Sheludko
Review-Url: https://codereview.chromium.org/2649923008
Cr-Commit-Position: refs/heads/master@{#42626}
The "sloppy eval in default param" cases will be useful for the future
tests which assert that parser and preparser produce the same scopes.
BUG=v8:5501, v8:5516
Review-Url: https://codereview.chromium.org/2644333002
Cr-Commit-Position: refs/heads/master@{#42625}
Implement stepping by remembering the current step action in the wasm
interpreter handle in WasmDebugInfo, and using it when continuing
execution in the interpreter.
The control flow is as follows: After module compilation, the user sets
a breakpoint in wasm. The respective function is redirected to the
interpreter and the breakpoint is set on the interpreter. When it is
hit, we notify all debug event listeners, which might prepare stepping.
When returning from these listeners, before continuing execution, we
check whether stepping was requested and continue execution in the
interpreter accordingly.
Stepping from Wasm to JS and vice versa will be implemented and tested
in a follow-up CL. Testing this requires breakpoints and stepping in
Wasm to be exposed via the inspector interface, such that we can write
an inspector test. This mixed JS-Wasm-execution is hard to set up in a
cctest.
R=titzer@chromium.org, yangguo@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2649533002
Cr-Commit-Position: refs/heads/master@{#42624}
Similar to the maximum memory size this limit caused problems for
the fuzzer due to oom issues. With the command line flag we can limit
the maximum table size for the fuzzer.
R=titzer@chromium.org
Review-Url: https://codereview.chromium.org/2648223004
Cr-Commit-Position: refs/heads/master@{#42623}
[RELAND with one change: until literal arrays are rooted in the outer
feedback vector (coming in the next days), the runtime-scope.cc change
is held off.]
When a function is declared in global scope, the closure is created
by the DeclareGlobals runtime service. It needs a pointer to the
literals array, already allocated in the feedback vector. This
fixes a bug where it's behavior wasn't in sync with CreateClosure,
which accepts the literals from the vector.
This enables a follow-on performance improvement in the CompileLazy
builtin.
BUG=680637
Review-Url: https://codereview.chromium.org/2634283003
Cr-Commit-Position: refs/heads/master@{#42620}
port 3a9152ece7 (r42594)
original commit message:
We are planning to add a few more debugger related bits, and are running
out of compiler hints bits. The new bit field is going to be part of the
debug info struct. If the debug info is not available, we store the bit
field in its place on the shared function info.
BUG=
Review-Url: https://codereview.chromium.org/2649893004
Cr-Commit-Position: refs/heads/master@{#42617}
A recent change to disallow wasm compilation in contexts where
CSP unsafe-eval would disallow eval also ended up banning asm.js there:
https://codereview.chromium.org/2646713002
This ends up banning non-evaled asm.js even in some places it should be
allowed.
NOTE: Although asm.js code converted to wasm generates an intermediate wasm
module. asm.js code evaled in a disallowed context can't even get
that far (as it's stoped at the eval site).
BUG=683867
R=mtrofin@chromium.org,titzer@chromium.org,adamk@chromium.org
Review-Url: https://codereview.chromium.org/2656463004
Cr-Commit-Position: refs/heads/master@{#42616}
V8 has internal mechanism to ignore steps and breaks inside internal scripts, in this CL it's reused for blackboxing implementation.
Advantages:
- much faster blackboxing implementation (before we at least wrap and collect current call stack for each step),
- get rid of StepFrame action and potential pause in blackboxed code after N StepFrame steps,
- simplification of debugger agent logic.
Disadvtanges:
- currently when user was paused in blackboxed code (e.g. on breakpoint) and then makes step action, debugger ignores blackboxed state of the script and allows to use step actions as usual - this behavior is regressed, we still able to support it on frontend side.
Current state and proposed changes for blackboxing: https://docs.google.com/document/d/1hnzaXPAN8_QC5ENxIgxgMNDbXLraM_OXT73rAyijTF8/edit?usp=sharing
BUG=v8:5842
R=yangguo@chromium.org,dgozman@chromium.org,alph@chromium.org
Review-Url: https://codereview.chromium.org/2633803002
Cr-Commit-Position: refs/heads/master@{#42614}
Check that number of properties < Code:kMaxArguments when object
destructuring with a rest property otherwise throw an error.
BUG=v8:5549
Review-Url: https://codereview.chromium.org/2650863002
Cr-Commit-Position: refs/heads/master@{#42613}
Also introduces FFIType separate from MachineType for express ffi
signatures.
BUG=v8:4456
Review-Url: https://codereview.chromium.org/2639163004
Cr-Commit-Position: refs/heads/master@{#42612}
Atomics.wait is a function which may block, which is not allowed on the
main thread. Since V8 doesn't know whether a particular isolate is the
"main thread", this CL adds an option to Isolate::CreateParams to choose
whether this function is allowed.
Review-Url: https://codereview.chromium.org/2642293002
Cr-Commit-Position: refs/heads/master@{#42611}
Manipulating the signaling NaN used for the hole and uninitialized double
field sentinel in C++, e.g. with bit_cast or HeapNumber::value()/set_value(),
will change its value on ia32 (the x87 stack is used to return values and
stores to the stack silently clear the signalling bit).
BUG=v8:5495
Review-Url: https://codereview.chromium.org/2652553003
Cr-Commit-Position: refs/heads/master@{#42609}
Also fixes check for table segments to be performed against actual size not declared one.
Makes us pass memory.wast and linking.wast tests (modulo issue 5860).
R=titzer@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2649553002
Cr-Commit-Position: refs/heads/master@{#42607}
For an object literal, has_seen_proto is needed to create the
BoilerplateDescription. When iterating over the object
properties in the AST, has_seen_proto can easily be computed. The
flag in the ObjectLiteral is unnecessary.
R=verwaest@chromium.org
BUG=v8:5625
Review-Url: https://codereview.chromium.org/2646333002
Cr-Commit-Position: refs/heads/master@{#42601}
Port the fast path for accessor inlining to cached property names from
Crankshaft to TurboFan. This constant-folds accesses to document in a
script.
R=jochen@chromium.org
BUG=v8:5548
Review-Url: https://codereview.chromium.org/2646363003
Cr-Commit-Position: refs/heads/master@{#42600}
The hardcoded constant caused a problem for the wasm fuzzer because
when the maximum memory was allocated in a test case, clusterfuzz ran
out of memory. with the command line flag we can set a lower limit
for the fuzzer.
The flag has the value of the constant as its default value, so that
for everything but the fuzzers nothing should change.
R=titzer@chromium.org
BUG=chromium:676888
Review-Url: https://codereview.chromium.org/2626313003
Cr-Commit-Position: refs/heads/master@{#42599}
We do not want to reserve space in the backing store for index keys.
Count index keys during creation of the BoilerplateDescription, and
substract them for the backing store size.
Correctly count index keys after encountering a property with
a computed name during object literal creation.
R=verwaest@chromium.org
BUG=v8:5625
Review-Url: https://codereview.chromium.org/2651523002
Cr-Commit-Position: refs/heads/master@{#42598}
As required by C++11, this CL changes the zone allocator to be able to
construct and destroy arbitrary types, and accept arbitrary arguments
for construct, passing them via perfect forwarding.
I also change some push_back to emplace_back. Some of those did not
compile before.
R=ishell@chromium.org, titzer@chromium.org
Review-Url: https://codereview.chromium.org/2646873004
Cr-Commit-Position: refs/heads/master@{#42597}
I guess that a comparison with i::wasm::kV8MaxWasmTableSize was not
intended here. I did not add a test because I do not even know if it is
even possible to create a WasmMemoryObject with
maximum_pages > i::wasm::kV8MaxWasmMemoryPages. Maybe we should replace
the condition with a Check instead.
R=titzer@chromium.org
Review-Url: https://codereview.chromium.org/2645273004
Cr-Commit-Position: refs/heads/master@{#42596}
We are planning to add a few more debugger related bits, and are running
out of compiler hints bits. The new bit field is going to be part of the
debug info struct. If the debug info is not available, we store the bit
field in its place on the shared function info.
Review-Url: https://codereview.chromium.org/2649873002
Cr-Commit-Position: refs/heads/master@{#42594}
Add the operator in preparation for actual perf work. The operator is replaced
by the same runtime call as before, during lowering.
BUG=v8:5511
Review-Url: https://codereview.chromium.org/2639233002
Cr-Commit-Position: refs/heads/master@{#42593}
port ee9c709190 (r42561)
original commit message:
FAST_DOUBLE_ELEMENTS and FAST_HOLEY_DOUBLE_ELEMENTS kinds should both
be handled by the runtime.
BUG=
Review-Url: https://codereview.chromium.org/2649053002
Cr-Commit-Position: refs/heads/master@{#42592}
The CL #42545 (https://codereview.chromium.org/2639353002 ) add SignallingNanSurvivesI32ReinterpretF32/SignallingNanSurvivesI64ReinterpretF64 tests.
Those tests failed at x87 port as X87 FPU hardware will convert a sNaN to qNaN automatically.
This CL skips SignallingNanSurvivesI32ReinterpretF32/SignallingNanSurvivesI64ReinterpretF64 tests for x87.
BUG=
Review-Url: https://codereview.chromium.org/2649843002
Cr-Commit-Position: refs/heads/master@{#42591}
For calls from ToPrimitive we already now that the receiver cannot be
null or undefined, since a property lookup succeeded before the call,
which would have thrown an exception in case of null or undefined.
R=yangguo@chromium.org
Review-Url: https://codereview.chromium.org/2649093002
Cr-Commit-Position: refs/heads/master@{#42589}
port ea92543171 (r42545)
original commit message:
On ia32 return statements in C++ automatically convert signalling NaNs
to quiet NaNs, even when bit_cast is used. This CL removes all uses of
bit_cast<float> and bit_cast<double> in the wasm compiler and wasm
interpreter.
BUG=
Review-Url: https://codereview.chromium.org/2648203002
Cr-Commit-Position: refs/heads/master@{#42588}
port 037200e625 (r42486)
original commit message:
The IA32AddPair and IA32SubPair instructions were using an input register as a
temporary value, which led to registers sometimes being clobbered when they
shouldn't have been. This led to problems, for example, in calling printf to
format doubles:
printf("%f", 1.2345) => 0.61725 (on x86)
BUG=
Review-Url: https://codereview.chromium.org/2645233002
Cr-Commit-Position: refs/heads/master@{#42587}
