RegExp assertions (e.g.: '^', '$', '\b', ...) sequences have certain
properties that this rewriter exploits:
1. They are zero-width and order-independent, thus one can remove all
duplicate assertions.
2. If a subsequence is guaranteed to fail, the entire sequence fails.
Any sequence always known to fail (e.g. containing both '\b' and '\B')
can be rewritten to a single node that triggers failure.
This CL generalizes the previous optimization for repeated assertions
to be order-independent, i.e. assertions only have to be in the same
sequence but not next to each other.
Bug: v8:6515, v8:6126
Change-Id: I3f92f081ce8a55ad8c34c269a09a6686e3b008f3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1657925
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62201}
Port 7b48dd55https://crrev.com/c/1648155
Original Commit Message:
This changes Generate_ContinueToBuiltinHelper to generate code to load
the builtin address directly from the builtins table rather than going
via the executable code in the trampoline's code object.
The set up for Generate_ContinueToBuiltinHelper is changed so that the
builtin index is stored on the stack in place of the builtin Code
object which is no longer needed.
Change-Id: I1c8a5a18ac998b16d84556f08637b32d758f44da
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1659992
Commit-Queue: Dan Elphick <delphick@chromium.org>
Auto-Submit: Yu Yin <xwafish@gmail.com>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62199}
New revision: 83b1154a9661d22bba9a368d368214cc20880419
This updates the usages of the protocol types to the new
definitions, using std::vector-based implementations
of protocol::Array.
Change-Id: Ibb095862fed7db23f1a0b4b5b726bddbe1e2585e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1654091
Commit-Queue: Johannes Henkel <johannes@chromium.org>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62194}
In the JSCallReducer, we need to serialize prototypes of receiver
maps in order to verify that they are the promise prototype.
Bug: v8:7790
Change-Id: Ie9817e531b7faaa3f11dae61a120b46ef5c49847
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660487
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62191}
... since decompression customization for MapWord is already
handled by HeapObject::MapField.
Bug: v8:9353, v8:9183
Change-Id: I009cdbbf8fc7e72029e1b9be54a0f0b73050e738
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660475
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62188}
Port 7b48dd55e1
Original Commit Message:
This changes Generate_ContinueToBuiltinHelper to generate code to load
the builtin address directly from the builtins table rather than going
via the executable code in the trampoline's code object.
The set up for Generate_ContinueToBuiltinHelper is changed so that the
builtin index is stored on the stack in place of the builtin Code
object which is no longer needed.
R=delphick@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: Ie696468685517333515bf4b0b78fdd7d8c4e7763
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660628
Reviewed-by: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#62187}
This extends the existing Isolate::SetAllowCodeGenerationFromStringsCallback
mechanism, by adding SetModifyCodeGenerationFromStringCallback, which
can also modify the eval argument (it could e.g. add escaping).
Bug: chromium:940927
Change-Id: I2b72ec2e3b77a5a33f428a0db5cef3f9f8ed6ba2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593336
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Daniel Vogelheim <vogelheim@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62185}
It will allow us to use knowledge about the type of field during value
decompression upon field read.
Use the new class for HeapObject::MapField.
Bug: v8:9353
Change-Id: I1368426ec2e25fcec3af8d5cccd7a78d80423e72
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1658150
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62184}
Implicit parameters for builtins with JavaScript linkage are now separate, using
the keyword "js-implicit". They have to be one of:
- context: Context
- receiver: Object (this in JS)
- target: JSFunction (arguments.callee in JS)
- newTarget: Object (new.target in JS)
Bug: v8:9120 v8:7793
Change-Id: I916f60971bb53d5046b6006725d0ce39291ca55e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1658159
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62174}
- Lower LoadObjectField to LoadFromObject
- Mark LoadFromObject and StoreToObject as non-allocating
- Use optimizable BitcastTaggedSignedToWord in TaggedIsNotSmi check
R=jarin@chromium.org, tebbi@chromium.org
Change-Id: I42992d46597be795aee3702018f7efd93fcc6ebf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1657926
Commit-Queue: Georg Schmid <gsps@google.com>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62173}
The CL https://crrev.com/c/1646846 changed column numbers for Wasm
frames in Error.stack traces. Instead of using the offset relative to
the beginning of the function, the absolute offset inside the module
is displayed as hex.
This CL propagates that change to the StackTrace C++ API, so
StackFrame::GetColumn() also returns the absolute offset. Note that the
StackFrame API historically uses "0" to signal "no information", so the
line and column numbers for Wasm frames are also adjusted to 1-based,
even though they signify function index and absolute offset
into the module.
This CL does not touch Script::PositionInfo.column. That field still
contains the offset relative to the function start.
Bug: v8:8742
Change-Id: If4fd37fa681c7ebd0823ce0d95eccc1335c35272
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1655300
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62171}
This changes Generate_ContinueToBuiltinHelper to generate code to load
the builtin address directly from the builtins table rather than going
via the executable code in the trampoline's code object.
The set up for Generate_ContinueToBuiltinHelper is changed so that the
builtin index is stored on the stack in place of the builtin Code
object which is no longer needed.
Bug: v8:9338
Change-Id: I83f66af99fb27f131fc39ff426fdca4b1d674b70
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1648155
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62170}
Func::type() was broken for functions created with Func::make().
Change-Id: I2867bcf00d9e5c1488165a804598c9ca8081ff25
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1655648
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62167}
I removed the following entries:
.d8_history - afaict, this does not exist anymore. If it exists, it
would be in the out/ directory and thereby ignored anyways.
/hydrogen.cfg - hydrogen is no more.
/obj - this is now also in the out/ directory.
d8_g - I think this does not exist anymore, or would be in the out/
directory.
shell - If it still exists, it would be in the out/ directory.
shell_g - same here.
NOTRY=true
R=jkummerow@chromium.org
Bug: v8:9183
Change-Id: Iadb8d2533bfdda1190ec3a31a9ca9c199e087fd5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1660468
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Tamer Tas <tmrts@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62166}
When iterating over the holdings inside the cleanup callback,
we could potentially unregister the weakref which is next or
prev on the key list causing these checks to be incorrect.
Bug: v8:9360, v8:8179
Change-Id: I53ea12346eb4882b16a82677b64ba2c756d23a1c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1658161
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62165}
This CL introduces two usage counters for two CallSite functions in
sloppy mode:
- getFunction()
- getThis()
Chromium CL: https://crrev.com/c/1657902
Bug: v8:8742
Change-Id: I81e8fec48534f5932a72de86d9d21f3b370c66a7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1657919
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62164}
Port ea4206556https://crrev.com/c/1651470
Original Commit Message:
API calls made via the CallApiCallback builtin, which is used from the
ICs and optimized code, are currently misattributed to the wrong counter
InvokeFunctionCallback instead of FunctionCallback. In addition we don't
use the C trampoline when only runtime call stats are enabled, but the
Chrome DevTools profiler is not active, which means that these calls
will not be attrituted properly at all, and that had to be worked around
using all kinds of tricks (i.e. disabling fast-paths in ICs when RCS is
active and not inlining calls/property accesses into optimized code
depending on the state of RCS).
All of this was really brittle and only due to the fact that the central
builtin didn't properly check for RCS (in addition to checking for the
CDT profiler). With this fix it's now handled in a central place and
attributed to the correct category, so user code doesn't need to worry
about RCS anymore and can just call straight into the fast-path.
core hand-written native code with the API callback logic.
Change-Id: I6bcc8c4d7f4642381803a8b6c8282ceb8f3d056c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1659988
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62163}
Zircon VMOs are now created non-resizeable by default. This family of
flags is now a no-op and they will soon be removed.
Bug: chromium:973981
Change-Id: I99b5a18b9744e32ebb3f33f1a848ee9b5c51eb0d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1659568
Commit-Queue: Fabrice de Gans-Riberi <fdegans@chromium.org>
Commit-Queue: Wez <wez@chromium.org>
Auto-Submit: Fabrice de Gans-Riberi <fdegans@chromium.org>
Reviewed-by: Wez <wez@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62159}
Disable bytecode flushing for test as it messes up lazy source
positions and the flags aren't representative anyway.
Bug: v8:8510
Change-Id: I6d5bc8dcd174a9bfc48f682518e6c62d79acb691
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1658152
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Auto-Submit: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62155}
This is a reland of 811bfbbc56
Original change's description:
> [regexp] Move AST-to-Node code to a dedicated file
>
> Prior to this CL, jsregexp contains a bunch of things that are slightly
> related but would be cleaner in separate files, including: AST-to-Node
> transformations, the compiler implementation, and a debugging printer.
>
> This CL extracts AST-to-Node transformations.
>
> Bug: v8:9359
> Change-Id: I030cfca5c40cfd72e3a7abe2188e4654cfe2277c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1655303
> Auto-Submit: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#62148}
Tbr: yangguo@chromium.org
Bug: v8:9359
Change-Id: I68a16086dc56c9a059547033ca8bc1e9de1080db
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1658568
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62154}
Include API-instantiated functions in the definition of Callable so
that PromiseReactionJobTask::handler can verify correctly. Also make
Callable verification stricter regarding JSProxy instances: they must
have the callable bit set.
Also update test-weak-references to use a different object type, since
FeedbackVector::optimized_code_weak_or_smi should never point to a
FixedArray.
Bug: v8:9311
Change-Id: I4242df993e381a75f5b53302fee8fd2b12e96d34
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1650563
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62153}
The store element handlers don't check if the array length is writable
before updating the length. Since this is not expected to be a common
case no need of handling this in the element handlers. Just moving to
megamorphic would be sufficient.
Bug: chromium:967104
Change-Id: I7a7f9ea768266b9ffd6289328d61d2297d455619
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1658154
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62152}
