This is a follow-up to a recent fix to make the exception reporting even
more resilient. The original regression test flushed out more issues on
different configurations.
TBR=yangguo@chromium.org
TEST=mjsunit/regress/regress-crbug-620253
BUG=chromium:620253
NOTREECHECKS=true
Review URL: https://codereview.chromium.org/2071783002 .
Cr-Commit-Position: refs/heads/master@{#37032}
This makes sure exception reporting done by the debug shell behaves
gracefully even near the stack limit. When line number determination
fails we just fallback to not printing source information.
R=yangguo@chromium.org
TEST=mjsunit/regress/regress-crbug-620253
BUG=chromium:620253
Review-Url: https://codereview.chromium.org/2069543007
Cr-Commit-Position: refs/heads/master@{#37031}
Reason for revert:
As discussed offline with Toon, this is not the correct fix here.
Original issue's description:
> [turbofan] Properly handle dictionary maps in the prototype chain.
>
> Dictionary prototypes don't have stable maps, but still don't matter for
> element access. Generalized the JSNativeContextSpecialization a bit to
> handle everything that Crankshaft can handle in this regard.
>
> R=jarin@chromium.org
> BUG=chromium:616709
>
> Committed: https://crrev.com/1c7bdc7f6f4d9512f4982590bd949f265ee9c8c3
> Cr-Commit-Position: refs/heads/master@{#37019}
TBR=jarin@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:616709
Review-Url: https://codereview.chromium.org/2076493002
Cr-Commit-Position: refs/heads/master@{#37029}
This will be needed during debugging to know function boundaries within
the wasm module bytes, and to extract the bytes for a single function
to disassemble it.
R=titzer@chromium.org
BUG=chromium:613110
Review-Url: https://codereview.chromium.org/2055783002
Cr-Commit-Position: refs/heads/master@{#37028}
Those were wrongly translated from gyp with ia32. This should
land before renaming v8_target_arch to v8_target_cpu.
BUG=chromium:620527
NOTRY=true
TBR=vogelheim@chromium.org
Review-Url: https://codereview.chromium.org/2065323004
Cr-Commit-Position: refs/heads/master@{#37027}
This will be used for disassembling individual wasm function for
showing them in devtools.
The PrintAst function now also optionally provides an offset table
mapping from byte offset to line and column in the generated text.
R=titzer@chromium.org, ahaas@chromium.org
BUG=chromium:613110
Review-Url: https://codereview.chromium.org/2050213002
Cr-Commit-Position: refs/heads/master@{#37026}
Those operators don't have JavaScript observable side effects and would
otherwise block load elimination and other optimizations.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2075443003
Cr-Commit-Position: refs/heads/master@{#37020}
Dictionary prototypes don't have stable maps, but still don't matter for
element access. Generalized the JSNativeContextSpecialization a bit to
handle everything that Crankshaft can handle in this regard.
R=jarin@chromium.org
BUG=chromium:616709
Review-Url: https://codereview.chromium.org/2067423003
Cr-Commit-Position: refs/heads/master@{#37019}
These operators don't need to be part of the control chain.
Drive-by-fix: Properly wire the effects during representation selection.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2073683002
Cr-Commit-Position: refs/heads/master@{#37018}
Rolling v8/build to 76e9bd0241b00735b5bc402c926d7cb141a726ef
Rolling v8/buildtools to 3780bc523aad1d68a5bd00e05c453a80b2ba0b35
Rolling v8/tools/clang to 8b0c8f71a4d41c7d2cd0d898f3547e9984f79b5d
Rolling v8/tools/mb to bc05800a7cd7833ad7c2d1423cd8b2153470c9bd
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2069333002
Cr-Commit-Position: refs/heads/master@{#37016}
The patch introduces a dedicated dispatching class for JIT code events. It is
set as a helper on the isolate.
This allows classes across v8 to break their dependency on Logger and CpuProfiler.
These two became just regular clients of the dispatcher.
BUG=v8:4789
Review-Url: https://codereview.chromium.org/2061623002
Cr-Commit-Position: refs/heads/master@{#37005}
This CheckBounds simplified operator is similar to the HBoundsCheck in
Crankshaft, and is hooked up to the new type feedback support in the
SimplifiedLowering. We use it to check the index bounds for keyed
property accesses.
Note to perf sheriffs: This will tank quite a few benchmarks, as the
operator makes some redundant branch elimination ineffective for
certain patterns of keyed accesses. This does require more serious
redundancy elimination, which we will do in a separate CL. So ignore
any regressions from this CL, we know there will be a few.
R=jarin@chromium.org
BUG=v8:4470,v8:5100
Committed: https://crrev.com/85e5567dae66a918500ae94c5568221137a0f5d4
Review-Url: https://codereview.chromium.org/2035893004
Cr-Original-Commit-Position: refs/heads/master@{#36947}
Cr-Commit-Position: refs/heads/master@{#37003}
The new approach is that instead of compiling custom handlers for
every global object's PropertyCell it uses single dispatcher that
caches PropertyCells in respective slot of the feedback vector.
Currently the new LoadGlobalIC machinery is disabled.
This CL also removes unused LoadGlobalViaContext* stuff.
BUG=chromium:576312
LOG=Y
Review-Url: https://codereview.chromium.org/2065113002
Cr-Commit-Position: refs/heads/master@{#37002}
These simplified operators are used to perform the hole checks when
loading elements from a holey array. Depending on the CheckHoleMode,
they either return the hole as undefined or some NaN, or deoptimize
if the value is the hole or the hole NaN.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2066223002
Cr-Commit-Position: refs/heads/master@{#37001}
Reason for revert:
[Sheriff] Speculative revert for http://crbug.com/620279
Original issue's description:
> Reland: Add a trace-event for each runtime-stats timer (CL 2052523002)
>
> The trace-events will have a high overhead when turned on, but they are in a disabled-by-default category.
>
> As long as the off overhead is negligible, this CL allows us to understand the behavior of V8 rather than its performance at the moment.
>
> The original CL was failing the TSAN builder, the variable in question was intended to be accessed quickly with no guarantee.
> Switched to using an Atomic variable with no barrier read/write.
>
> BUG=v8:5089
>
> patch from issue 2052523002 at patchset 100001 (http://crrev.com/2052523002#ps100001)
>
> Committed: https://crrev.com/fd7080cbefc21f2f890b5db00d4eadf163e2cbbf
> Cr-Commit-Position: refs/heads/master@{#36973}
TBR=cbruni@chromium.org,fmeawad@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5089
Review-Url: https://codereview.chromium.org/2068143002
Cr-Commit-Position: refs/heads/master@{#36997}
This is to make sure the test in question does not run out of stack
space during bootstrapping on any configuration. Our fuzzers take the
test an run it against a broad spectrum of configuration. The new size
of 100 is used throughout our test suite as "the smallest" stack size.
R=jkummerow@chromium.org
TEST=mjsunit/regress/regress-1132
BUG=chromium:619744
Review-Url: https://codereview.chromium.org/2068993002
Cr-Commit-Position: refs/heads/master@{#36995}
Adds an evacuation mode that allows moving pages within new space without
copying objects.
Basic idea:
a) Move page within new space
b) Sweep page to make iterable and process ArrayBuffers
c) Finish sweep till next scavenge
Threshold is currently 70% live bytes, i.e., the same threshold we use
to determine fragmented pages.
BUG=chromium:581412
LOG=N
CQ_EXTRA_TRYBOTS=tryserver.v8:v8_linux_arm64_gc_stress_dbg,v8_linux_gc_stress_dbg,v8_mac_gc_stress_dbg,v8_linux64_tsan_rel,v8_mac64_asan_rel
Review-Url: https://codereview.chromium.org/1957323003
Cr-Commit-Position: refs/heads/master@{#36990}
Reason for revert:
Blows up on the waterfall.
Original issue's description:
> [turbofan] Stage binop type feedback.
>
> Committed: https://crrev.com/28fbec405548c43088cade1cd17d8407ca948a21
> Cr-Commit-Position: refs/heads/master@{#36988}
TBR=mvstanton@chromium.org,bmeurer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review-Url: https://codereview.chromium.org/2066193002
Cr-Commit-Position: refs/heads/master@{#36989}
If JSAdd or JSSubtract has number feedback, there's no benefit to use
the speculative versions of NumberAdd and/or NumberSubtract. Relying on
the existing operators gives us some nice truncations instead, so let's
stick to that for now.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2063073004
Cr-Commit-Position: refs/heads/master@{#36987}
Named capture groups may be specified using the /(?<name>pattern)/u
syntax, with named backreferences specified as /\k<name>/u. They're
hidden behind the --harmony-regexp-named-captures flag, and are only
enabled for unicode regexps.
R=yangguo@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2050343002
Cr-Commit-Position: refs/heads/master@{#36986}
The Vector type is deprecated, and new code should use ZoneVector
instead. This new overload of NewStringFromTwoByte will be used in an
upcoming regexp CL.
R=bmeurer@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2065053002
Cr-Commit-Position: refs/heads/master@{#36985}
Now that we have the PlainPrimitiveToNumber operator(s), we can unify
all the places where we expect a number, but can also safely handle any
plain-primitive (via ToNumber truncation).
Drive-by-fix: Also handle Math.min consistently with Math.max.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2064953004
Cr-Commit-Position: refs/heads/master@{#36984}
Rolling v8/build to 696616b539a8ab8cf400a4cfaead772154c6645c
Rolling v8/tools/clang to 792bfbf9f3126cb51eddd5c6f2f9e9a67393687b
Rolling v8/tools/mb to 5c0ee173872849b18b0837590c094a8579bc0013
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2064113003
Cr-Commit-Position: refs/heads/master@{#36983}