Since we only can do limited checks during microtask execution, do the
checks before actually creating a promise
BUG=chromium:658194
R=bmeurer@chromium.org,gsathya@chromium.org
Review-Url: https://codereview.chromium.org/2628863002
Cr-Commit-Position: refs/heads/master@{#42265}
Literal arrays and feedback vectors for a function can be garbage
collected if we don't have a rooted closure for the function, which
happens often. It's expensive to come back from this (recreating
boilerplates and gathering feedback again), and the cost is
disproportionate if the function was inlined into optimized code.
To guard against losing these arrays when we need them, we'll now
create literal arrays when creating the feedback vector for the outer
closure, and root them strongly in that vector.
BUG=v8:5456
Review-Url: https://codereview.chromium.org/2620753003
Cr-Original-Commit-Position: refs/heads/master@{#42258}
Committed: 3188780410
Review-Url: https://codereview.chromium.org/2620753003
Cr-Commit-Position: refs/heads/master@{#42264}
Before the fix it checked whether the initial map of the base constructor pointed back to the new target. That's only true if initial_map->new_target_is_base() (new.target == target). Now it properly checks that the initial map of the original constructor (new.target) was created in combination with target by checking back that new.target->initial_map()->constructor() == target.
BUG=
Review-Url: https://codereview.chromium.org/2621303003
Cr-Commit-Position: refs/heads/master@{#42263}
Reason for revert:
gc stress:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20gc%20stress/builds/8105
also on mac
Original issue's description:
> [TypeFeedbackVector] Root literal arrays in function literals slots
>
> Literal arrays and feedback vectors for a function can be garbage
> collected if we don't have a rooted closure for the function, which
> happens often. It's expensive to come back from this (recreating
> boilerplates and gathering feedback again), and the cost is
> disproportionate if the function was inlined into optimized code.
>
> To guard against losing these arrays when we need them, we'll now
> create literal arrays when creating the feedback vector for the outer
> closure, and root them strongly in that vector.
>
> BUG=v8:5456
>
> Review-Url: https://codereview.chromium.org/2620753003
> Cr-Commit-Position: refs/heads/master@{#42258}
> Committed: 3188780410TBR=bmeurer@chromium.org,mstarzinger@chromium.org,yangguo@chromium.org,mvstanton@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5456
Review-Url: https://codereview.chromium.org/2626863004
Cr-Commit-Position: refs/heads/master@{#42260}
For debugging, we are patching call sites to not call other
WASM_FUNCTIONs, but call WASM_TO_INTERPRETER stubs instead. When later
re-instantiating / cloning this code, the old logic for patching call
sites would miss those calls.
This CL changes the way we patch callsites by getting the called
function index per callsite from the bytecode. This requires iterating
both the source position table and the relocation table at the same
time to determine the byte position for each call.
Instead of looking up the functions to be replaced in a std::map, we now
get the function directly from a FixedArray. This reduces the complexity
from O(n*n*log(n)) to O(m), where n is the total number of functions and
m is the total byte code length (note that each function is patched
individually, so we set up the map n times before).
Constant factor are unclear though.
BUG=v8:5822
R=titzer@chromium.org
Review-Url: https://codereview.chromium.org/2627613002
Cr-Commit-Position: refs/heads/master@{#42259}
Literal arrays and feedback vectors for a function can be garbage
collected if we don't have a rooted closure for the function, which
happens often. It's expensive to come back from this (recreating
boilerplates and gathering feedback again), and the cost is
disproportionate if the function was inlined into optimized code.
To guard against losing these arrays when we need them, we'll now
create literal arrays when creating the feedback vector for the outer
closure, and root them strongly in that vector.
BUG=v8:5456
Review-Url: https://codereview.chromium.org/2620753003
Cr-Commit-Position: refs/heads/master@{#42258}
Reason for revert:
Blocks roll: https://codereview.chromium.org/2633463002/
Original issue's description:
> Pull define for version out into v8-version.h and separate build target
>
> This is part of removing the dependency of the Chromium browser DLL on
> Windows on V8.
>
> R=jochen@chromium.org
> BUG=chromium:581766
>
> Review-Url: https://codereview.chromium.org/2621983002
> Cr-Commit-Position: refs/heads/master@{#42243}
> Committed: 4593845417TBR=jochen@chromium.org,machenbach@chromium.org,scottmg@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:581766
Review-Url: https://codereview.chromium.org/2627713008
Cr-Commit-Position: refs/heads/master@{#42257}
Reason for revert:
Triggers flaky tests.
Original issue's description:
> [wasm][asm.js] Do same work even when not printing asm info.
>
> Skipping this work seems to perturb a gc-stress issue.
> More investigation is likely needed.
>
> BUG=v8:4203
> R=danno@chromium.org
>
> Review-Url: https://codereview.chromium.org/2629043002
> Cr-Commit-Position: refs/heads/master@{#42248}
> Committed: 785cedf1eeTBR=danno@chromium.org,bradnelson@google.com
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4203
Review-Url: https://codereview.chromium.org/2623383002
Cr-Commit-Position: refs/heads/master@{#42252}
Reason for revert:
Triggers flaky tests.
Original issue's description:
> Revert of [wasm][asm.js] Do same work even when not printing asm info. (patchset #1 id:1 of https://codereview.chromium.org/2629043002/ )
>
> Reason for revert:
> Triggers flaky tests.
>
> Original issue's description:
> > [wasm][asm.js] Do same work even when not printing asm info.
> >
> > Skipping this work seems to perturb a gc-stress issue.
> > More investigation is likely needed.
> >
> > BUG=v8:4203
> > R=danno@chromium.org
> >
> > Review-Url: https://codereview.chromium.org/2629043002
> > Cr-Commit-Position: refs/heads/master@{#42248}
> > Committed: 785cedf1ee
>
> TBR=danno@chromium.org,bradnelson@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:4203
>
> Review-Url: https://codereview.chromium.org/2627223002
> Cr-Commit-Position: refs/heads/master@{#42250}
> Committed: 636df54873TBR=danno@chromium.org,bradnelson@google.com
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4203
Review-Url: https://codereview.chromium.org/2626953003
Cr-Commit-Position: refs/heads/master@{#42251}
Reason for revert:
Triggers flaky tests.
Original issue's description:
> [wasm][asm.js] Do same work even when not printing asm info.
>
> Skipping this work seems to perturb a gc-stress issue.
> More investigation is likely needed.
>
> BUG=v8:4203
> R=danno@chromium.org
>
> Review-Url: https://codereview.chromium.org/2629043002
> Cr-Commit-Position: refs/heads/master@{#42248}
> Committed: 785cedf1eeTBR=danno@chromium.org,bradnelson@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4203
Review-Url: https://codereview.chromium.org/2627223002
Cr-Commit-Position: refs/heads/master@{#42250}
This patch changes the test262 infrastructure to pass individual flags,
specified in the status file, for tests for experimental features, rather
than passing --harmony for all runs. With this change, it should be
easier to run test262 tests in automation when developing new features.
The new workflow would be, when adding a flag, include the flag in the
test expectations file, and when removing the flag, remove the lines from
the test expectations file. This way, the status file does not have to
change when staging or unstaging, and you get the benefit of the automated
tests before staging starts.
R=adamk
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_noi18n_rel_ng
Review-Url: https://codereview.chromium.org/2601393002
Cr-Commit-Position: refs/heads/master@{#42249}
Reason for revert:
Suspected of causing crashes on Canary: https://crbug.com/680108
Original issue's description:
> [crankshaft] Also inline Math.ceil.
>
> Inline calls to Math.ceil(x) as -Math.floor(-x) via the existing fast
> path in Crankshaft.
>
> R=ishell@chromium.org
> BUG=v8:5782
>
> Review-Url: https://codereview.chromium.org/2621903002
> Cr-Commit-Position: refs/heads/master@{#42161}
> Committed: a3859e48c3TBR=ishell@chromium.org,bmeurer@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=v8:5782, chromium:680108
Review-Url: https://codereview.chromium.org/2629493002
Cr-Commit-Position: refs/heads/master@{#42247}
Move the language code checking for 4 languages requiring
special case mapping to C++ from JavaScript.
This is a speculative fix for crashes reported from Windows and
Mac Chrome canary builds when icu-case-mapping is enabled by
default. (see crbug.com/676643)
In addition, tighten up comparision operators in a couple of
places in i18n.js (=== and !== instead of == and !=).
BUG=v8:4477, v8:4476, chromium:676643
TEST=test262/{built-ins,intl402}/Strings/*, webkit/fast/js/*,
mjsunit/string-case, intl/general/case*
Review-Url: https://codereview.chromium.org/2621393002
Cr-Commit-Position: refs/heads/master@{#42246}
Also, add a runtime function to call the interpreter, passing a
stack-allocated buffer holding the arguments.
The WASM_INTERPRETER_ENTRY stub allocates the stack slot for the
arguments, fills it, and calls to the wasm interpreter.
It's abi is compatible with WASM functions, such that we can just
replace a call to a WASM_FUNCTION with a call to
WASM_INTERPRETER_ENTRY.
See tracking bug to get the overall picture.
BUG=v8:5822
R=titzer@chromium.org
Review-Url: https://codereview.chromium.org/2619803004
Cr-Commit-Position: refs/heads/master@{#42242}
According to the latest spec changes the WasmToJS wrapper and the
JSToWasm wrapper through a TypeError if the signature of the wrapper
contains a I64 parameter or return value. Originally the TypeError was
thrown when the parameter or return value was converted to or from JS.
In addition I removed all special handling of I64 parameters and return
values in the wrappers which was already dead code.
R=titzer@chromium.org
Review-Url: https://codereview.chromium.org/2626853003
Cr-Commit-Position: refs/heads/master@{#42238}
Original commit message:
[wasm] Introduce the TrapIf and TrapUnless operators to generate trap code.
Some instructions in WebAssembly trap for some inputs, which means that the
execution is terminated and (at least at the moment) a JavaScript exception is
thrown. Examples for traps are out-of-bounds memory accesses, or integer
divisions by zero.
Without the TrapIf and TrapUnless operators trap check in WebAssembly introduces 5
TurboFan nodes (branch, if_true, if_false, trap-reason constant, trap-position
constant), in addition to the trap condition itself. Additionally, each
WebAssembly function has four TurboFan nodes (merge, effect_phi, 2 phis) whose
number of inputs is linear to the number of trap checks in the function.
Especially for functions with high numbers of trap checks we observe a
significant slowdown in compilation time, down to 0.22 MiB/s in the sqlite
benchmark instead of the average of 3 MiB/s in other benchmarks. By introducing
a TrapIf common operator only a single node is necessary per trap check, in
addition to the trap condition. Also the nodes which are shared between trap
checks (merge, effect_phi, 2 phis) would disappear. First measurements suggest a
speedup of 30-50% on average.
This CL only implements TrapIf and TrapUnless on x64. The implementation is also
hidden behind the --wasm-trap-if flag.
Please take a special look at how the source position is transfered from the
instruction selector to the code generator, and at the context that is used for
the runtime call.
R=titzer@chromium.org, v8-mips-ports@googlegroups.com
Review-Url: https://codereview.chromium.org/2627003002
Cr-Commit-Position: refs/heads/master@{#42237}
Since type feedback is stored as Smis, we can avoid a few shift
instructions per bytecode handler by performing type feedback updates
on Smis directly, rather than converting between Smi and Word32.
Review-Url: https://codereview.chromium.org/2624753002
Cr-Commit-Position: refs/heads/master@{#42236}
using newly introduced ThinStrings, which store a pointer to the actual,
internalized string they represent.
BUG=v8:4520
(Previously landed as #42168 / af51befe69)
(Previously landed as #42193 / 4c699e349a)
Review-Url: https://codereview.chromium.org/2549773002
Cr-Commit-Position: refs/heads/master@{#42235}
The Local<Value> in the MessageCallback typedef is named "error", but
should be "data" - it's referred to as "data" everywhere else, and
that seems to be the canonical name for a curried-in value.
BUG=None
Review-Url: https://codereview.chromium.org/2621163003
Cr-Commit-Position: refs/heads/master@{#42234}
Original commit message:
[wasm] Introduce the TrapIf and TrapUnless operators to generate trap code.
Some instructions in WebAssembly trap for some inputs, which means that the
execution is terminated and (at least at the moment) a JavaScript exception is
thrown. Examples for traps are out-of-bounds memory accesses, or integer
divisions by zero.
Without the TrapIf and TrapUnless operators trap check in WebAssembly introduces 5
TurboFan nodes (branch, if_true, if_false, trap-reason constant, trap-position
constant), in addition to the trap condition itself. Additionally, each
WebAssembly function has four TurboFan nodes (merge, effect_phi, 2 phis) whose
number of inputs is linear to the number of trap checks in the function.
Especially for functions with high numbers of trap checks we observe a
significant slowdown in compilation time, down to 0.22 MiB/s in the sqlite
benchmark instead of the average of 3 MiB/s in other benchmarks. By introducing
a TrapIf common operator only a single node is necessary per trap check, in
addition to the trap condition. Also the nodes which are shared between trap
checks (merge, effect_phi, 2 phis) would disappear. First measurements suggest a
speedup of 30-50% on average.
This CL only implements TrapIf and TrapUnless on x64. The implementation is also
hidden behind the --wasm-trap-if flag.
Please take a special look at how the source position is transfered from the
instruction selector to the code generator, and at the context that is used for
the runtime call.
R=titzer@chromium.org, v8-mips-ports@googlegroups.com
Review-Url: https://codereview.chromium.org/2628433004
Cr-Commit-Position: refs/heads/master@{#42230}
for debugging. This function is needed to pass increased heap limit
from the main DevTools isolate to the worker isolates it spawns.
BUG=chromium:675911
Review-Url: https://codereview.chromium.org/2624973003
Cr-Commit-Position: refs/heads/master@{#42228}
This API will allow DevTools to intercept out-of-memory condition,
increase the heap limit and schedule heap snapshot.
BUG=chromium:675911
Review-Url: https://codereview.chromium.org/2621873003
Cr-Commit-Position: refs/heads/master@{#42225}
This changes the BytecodeGraphBuilder interface to make the fact that
graph construction is independent of a closure explicit. A valid graph
can be constructed by providing only the pair of statically known values
for SharedFunctionInfo and TypeFeedbackVector. This is in preparation of
inlining based on the SharedFunctionInfo.
R=jarin@chromium.org
BUG=v8:2206
Review-Url: https://codereview.chromium.org/2626623002
Cr-Commit-Position: refs/heads/master@{#42224}
This is mainly to catch a crash that we see in Canary with escape
analysis on.
Review-Url: https://codereview.chromium.org/2625893003
Cr-Commit-Position: refs/heads/master@{#42223}
This CL modifies the ast-numbering phase to collect function literals which
should be compiled eagerly. This is then used to eagerly compile the inner
functions before compiling the outer function. This will be used to queue
compilation jobs on the CompilerDispatcher in a later CL.
This CL moves the compilation of eager inner functions out of the
GetSharedFunctionInfo function and instead compiles them explicitly. This
simplifies GetSharedFunctionInfo and also means there is no need to pass a
LazyCompilationMode to the function, so this concept has been removed.
BUG=v8:5203,v8:5215
Review-Url: https://codereview.chromium.org/2618553004
Cr-Commit-Position: refs/heads/master@{#42221}
