The memcpy and memmove externals can end up at the same address; see bug for
details.
BUG=chromium:726896
Review-Url: https://codereview.chromium.org/2906193002
Cr-Commit-Position: refs/heads/master@{#45545}
... to make AsyncFunction subclassing work.
Bug: chromium:725537
Change-Id: I7edf4891e14e01567046e7536b3aa93877111448
Reviewed-on: https://chromium-review.googlesource.com/517087
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45544}
... which caused assertion failures in --enable-slow-asserts mode.
The surrounding code treated the constructor value properly so regression
test is not necessary.
Bug: chromium:726622
Change-Id: Icd43d9117a1125bec8feca8eca5708993de2c3ef
Reviewed-on: https://chromium-review.googlesource.com/516626
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45543}
All other properties in the boilerplate are data fields, so we can avoid additional checks.
Bug:
Change-Id: Ie494329332b0ba646515850b6d267fb05735f0ea
Reviewed-on: https://chromium-review.googlesource.com/517044
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45539}
This removes a lot of special handling for the predictable platform.
Instead of executing spawned foreground and background tasks
immediately (i.e. inside the scope that spawns the tasks), just add
both to the foreground task queue.
This avoids existing special handling for predictable mode in wasm
async compilation, and should fix current failures on the predictable
bot.
BUG=v8:6427
Change-Id: Idbaa764a3dc8c230c29f3937d885e12174691ac4
Reviewed-on: https://chromium-review.googlesource.com/509694
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45538}
This speeds up fast-mode object copying by ~2x and __proto__:null cases by ~20x.
Bug:
Change-Id: Ic3893ae4c87063f0c8c524ef55c0e786b7a87192
Reviewed-on: https://chromium-review.googlesource.com/516983
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45536}
This CL removes the isolate_ property from the Cancelable class. The
isolate is actually not used in the class itself, only in sub-classes
which can store the isolate themselves.
R=jochen@chromium.org, mlippautz@chromium.org
Change-Id: If102fdea41b81fb3cb25782728f7fcbce9642815
Reviewed-on: https://chromium-review.googlesource.com/516704
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45535}
- This won't save a bit, since the enum is not a flags enum and there is
still room for another value.
- While it may be possible to eliminate this value, the code to init
and check for invalid becomes much more complex. Unallocated operands
are currently created with invalid vreg code, so we also have to check
the policy.
BUG=v8:6325
Review-Url: https://codereview.chromium.org/2904603004
Cr-Commit-Position: refs/heads/master@{#45534}
- Removes set_virtual_register method. InstructionOperands are immutable.
- Adds a new ctor to copy an UnallocatedOperand with a new vreg.
- Removes some DCHECKs in UnallocatedOperand that are always true. To
make sure, make UnallocatedOperand final.
- Cleans up some comments on UnallocatedOperand Lifetime enum.
BUG=v8:6325
Review-Url: https://codereview.chromium.org/2897203002
Cr-Commit-Position: refs/heads/master@{#45533}
Fix 233b6926e3
With the introduction of upfront deopt table generation, case where
deoptimization tables have more than 8000 entries become much more common
and bugs started to appear.
This CL fixes the issue, but it is far from perfect. We had to
increase number of instruction per table entry from 2 to 3 in
order to accommodate larger tables.
TEST=mjsunit/array-sort,mjsunit/json,mjsunit/md5
BUG=
Review-Url: https://codereview.chromium.org/2901393003
Cr-Commit-Position: refs/heads/master@{#45531}
This CL improves break locations for expressions like 'var a = <expr>'. Without CL we use <expr> position as break location for initialization statement, with this CL we use position of first character after '=' as position.
Benefits (see test for details):
- only one break in expressions which includes mix of property lookup and calls, e.g. var p = Promise.resolve().then(x => x * 2),
- removed redundant break location for expressions like: let { x, y } = { x: 1, y: 2}.
Bug: v8:5909
Change-Id: I039d911903a2826c9859710a63ab0462c992e11b
Reviewed-on: https://chromium-review.googlesource.com/513926
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45530}
- Increase FPUregisters_[] element size to 128b in order to support MSA regs
- Add skeleton for MSA instr. decoding in mips32 and mips64 simulator
- Add support for fill.df, copy_u.df and copy_s.df MSA instructions
- Assembler test for fill.df, copy_u.df and copy_s.df
BUG=
Review-Url: https://codereview.chromium.org/2799923002
Cr-Commit-Position: refs/heads/master@{#45529}
Creates a new class StatsCounterThreadSafe to be used by counters that
can be updated when compiling/decoding etc. are done using workers.
Does this by using a mutex on all opreations.
Also updates the StatsCounterThreadSafe constructor to force counter
initialization, as well as method Reset(). In addition, whenever the
method StatsTable::SetCounterFunction() is called (from the main
thread), it forces counter initialization for all thread safe stats
counters.
BUG=v8:6361
Review-Url: https://codereview.chromium.org/2887193002
Cr-Commit-Position: refs/heads/master@{#45526}
Compilation failure is result to overloaded-virtual warning
treated as error.
BUG=
Review-Url: https://codereview.chromium.org/2895923002
Cr-Commit-Position: refs/heads/master@{#45525}
A few tests that would be good to have to verify that the known manifestations
of this bug are resolved.
Previously, the async generator and async function tests would crash. The other
ones never did, but still resulted in the register overwite bug.
BUG=v8:6322
R=adamk@chromium.org
Change-Id: Ic2238227629077de5671d67d18b3bfe018dd23f4
Reviewed-on: https://chromium-review.googlesource.com/514230
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#45524}
Rather than trying to pre-calculate the number of contexts required during
scope analysis, instead just allocate context registers in the register
allocator. This reduces frame size a bit due to reusing of registers when
the context isn't pushed.
BUG=v8:6322, chromium:716265
Change-Id: I145e38fcb3797a3b86c91e90ea9326a6e55b9b89
Reviewed-on: https://chromium-review.googlesource.com/514087
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45522}
In particular, local variables should be allocated on stack (in bytecode register), and stored/loaded to the generator object on generator suspend/resume.
The CL is based on @adamk's change to scoping/parsers (https://chromium-review.googlesource.com/c/498538/), I only made the debugger cope with this change.
I should note that the CL changes the scope type of suspended generators from ScopeType.Closure to ScopeType.Local. In the future we might want to introduce ScopeType.SuspendedGenerator to make the distinction explicit.
Some of the changes in the tests have been made because the debugger functions do not return scopes of closed generators anymore. Generators should be allowed to throw away their internal state when they finish.
BUG=v8:6368
Review-Url: https://codereview.chromium.org/2898163002
Cr-Commit-Position: refs/heads/master@{#45515}
Add a protector cell for string bounds checks that is being used to
protect speculative bounds for String.prototype.charCodeAt and
String.prototype.charAt in TurboFan (and Crankshaft). This way we don't
have the diamond in optimized code, which stands in the way of other
optimizations for charCodeAt that are currently being worked on by
petermarshall@.
BUG=v8:6391
TBR=mlippautz@chromium.orgR=petermarshall@chromium.org
Review-Url: https://codereview.chromium.org/2905623003
Cr-Commit-Position: refs/heads/master@{#45514}
- Create getters for number of tasks for all parallel stages
- Count slots for the minor MC and limit tasks by the overall number of slots.
- Cleanup existing getters.
Bug: chromium:651354
Change-Id: I9f67cca4474cbe1800faff4a549fbec019b096ce
Reviewed-on: https://chromium-review.googlesource.com/512862
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45513}
This removes the need for certain context scopes to skip popping the
context register. For the {incoming_context} the flag was already
obsolete, because its destructor would only run once the basic block
ended with a return. For {local_function_context} the same holds now
by moving handling of implicit returns into the body visitor.
R=rmcilroy@chromium.org
Change-Id: Icceaab1b30d7223b2b2f87a092a6580be7d7d675
Reviewed-on: https://chromium-review.googlesource.com/513963
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45511}
This is safe since we already take the page lock.
Bug:
Change-Id: Id7797ef66c387be150064cda1213c1f2b75d31d3
Reviewed-on: https://chromium-review.googlesource.com/514003
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45510}
There are two break locations at the same source location by desugaring:
- call iterator.next,
- before variable assignment.
Additionally location for for..of loops is moved from before "of" to before each variable expression.
We should not report first implicit call to avoid user confusion. User still able to go into .next function with both scenarios:
- when this call is reached by stepOver or stepInto from previous line,
- when this call is reached because of breakpoint at current line.
BUG=v8:6425
R=dgozman@chromium.org,jgruber@chromium.org
Review-Url: https://codereview.chromium.org/2893313002
Cr-Commit-Position: refs/heads/master@{#45509}
Add a sequential string type to the compiler, and transform
charCodeAt on SeqString into SeqStringCharCodeAt.
SeqStringCharCodeAt can handle one and two byte strings.
Bug: v8:6391
Change-Id: I2785257522c28f3b268c9833f5313e9630cb982a
Reviewed-on: https://chromium-review.googlesource.com/509573
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45508}
This avoids emitting redundant {PopContext} bytecode instructions when
non-local control-flow leaves the method body. It also folds multiple
such {PopContext} instructions into one, in case several scoping levels
are crossed at one. Only the expected context of the target of a local
control-flow transfer matters.
R=rmcilroy@chromium.org
TEST=debugger/regress/regress-crbug-724858
BUG=chromium:724858
Change-Id: Id4a47ae9fea25e75ae1af13619720b16a3975edf
Reviewed-on: https://chromium-review.googlesource.com/512545
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45507}
There are only two users of hidden prototypes left and they both only have 1 level. This slightly simplifies the handcrafted code.
Bug: v8:5561
Change-Id: I674e72f1465ccbe75c0bb63f7eea3525830145cb
Reviewed-on: https://chromium-review.googlesource.com/512745
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45503}
We're now using explicit APIs.
Bug:
Change-Id: I4a4248e44543f6e7dfcbdc66456e610fb98ff5ee
Reviewed-on: https://chromium-review.googlesource.com/513406
Commit-Queue: Brad Nelson <bradnelson@chromium.org>
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45500}
This doesn't fix the bug, just avoids it.
Bug: v8:6436
Change-Id: I06305a9baf892e4039f2aaf353fa7edf7b7e325d
Reviewed-on: https://chromium-review.googlesource.com/513242
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Commit-Queue: Brad Nelson <bradnelson@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45499}
This patch also adds sharing of code target entries, which requires
sharing the RelocInfo for those entries as well. The disassembler
is also modified in order to print comments for the RelocInfo that
is now shared.
This improves the snapshot size for arm by about 4%.
BUG=
Review-Url: https://codereview.chromium.org/2869683004
Cr-Commit-Position: refs/heads/master@{#45497}
Asynchronous context tracking mechanisms in Node.js need to store some
state on all promise objects. This change will allow embedders to
configure the number of internal fields on promises as is already done
for ArrayBuffers.
BUG=v8:6435
Review-Url: https://codereview.chromium.org/2889863002
Cr-Commit-Position: refs/heads/master@{#45496}