If used, the TypeProfileSlot is always added as the first slot and its
index is constant. If other slots are added before the TypeProfileSlot,
this number changes.
BUG=v8:5933
Change-Id: I57bc6bea3c48804af28c2d1dafe6a52bdd7d12e3
Reviewed-on: https://chromium-review.googlesource.com/459511
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Franziska Hinkelmann <franzih@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44149}
This patch adds support for MIPS SIMD (MSA) instructions in Assembler
and Decoder (disassembler) classes. MSA instructions are implemented for
both mips32 and mips64 architectures.
BUG=
Review-Url: https://codereview.chromium.org/2740123004
Cr-Commit-Position: refs/heads/master@{#44148}
Remove deep nesting and repeated code by using a switch-based structure
(instead of if-based), use clearer variable names, and separate cleanly between
immutable and mutable variables.
BUG=v8:5437
Review-Url: https://codereview.chromium.org/2776123002
Cr-Commit-Position: refs/heads/master@{#44147}
This reverts commit 6ad5ca59c9.
Reason for revert: Breaks on noi18n bot, needs fix in the new regression test
Original change's description:
> [wasm] Check the result of Promise::Resolver
>
> We check that if we do not get a result, or if we get a negative result,
> then there has to be a scheduled exception.
>
> R=clemensh@chromium.org
> TEST=mjsunit/regress/wasm/regression-704127
> BUG=chromium:704127
>
> Change-Id: I3fef3cc02f685a9cbc3f10203e2a59b61b3702d5
> Reviewed-on: https://chromium-review.googlesource.com/458282
> Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> Commit-Queue: Andreas Haas <ahaas@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#44144}
TBR=ahaas@chromium.org,clemensh@chromium.org,v8-reviews@googlegroups.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:704127
Change-Id: Ibf6d27929c88064bc2755688358998640092e31a
Reviewed-on: https://chromium-review.googlesource.com/459512
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44145}
We check that if we do not get a result, or if we get a negative result,
then there has to be a scheduled exception.
R=clemensh@chromium.org
TEST=mjsunit/regress/wasm/regression-704127
BUG=chromium:704127
Change-Id: I3fef3cc02f685a9cbc3f10203e2a59b61b3702d5
Reviewed-on: https://chromium-review.googlesource.com/458282
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44144}
This implements support for named captures in
RegExp.prototype[@@replace] for when the replaceValue is callable.
In that case, the result.groups object is passed to the replacer
function as the last argument.
BUG=v8:5437
Review-Url: https://codereview.chromium.org/2764343004
Cr-Commit-Position: refs/heads/master@{#44142}
Since we no longer support the ignition-staging configuration
any longer, we can retire the three tier pipeline and the
CompileBaseline functionallity.
We still need support for JSFunction self healing due to
liveedit (which for --no-turbo might end up replacing a
forced Ignition function with a FCG function) - we can
remove this once we remove --no-turbo support.
BUG=v8:4280
Change-Id: I5482abd17785324654e022affd6bdb555b19b181
Reviewed-on: https://chromium-review.googlesource.com/452620
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44141}
A step towards removing isolate from ParseInfo.
Removing isolate from ParseInfo will make it easier to create and
execute parse tasks on background threads.
BUG=v8:6093
Change-Id: I25b23b3bf64502f84c28ce688ad2997c9665a069
Reviewed-on: https://chromium-review.googlesource.com/458003
Reviewed-by: Daniel Clifford <danno@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Commit-Queue: Wiktor Garbacz <wiktorg@google.com>
Cr-Commit-Position: refs/heads/master@{#44140}
Previously the Boyer-Moore-Horspool optimization gave up in the presence of a
submatch. A submatch is where we record the current position so that we can go
back to it, which is an essential part of the semantics of lookarounds
(lookaheads and lookbehinds). This has been the case since
Boyer-Moore-Horspool was implemented, but it was overly cautious.
* For positive lookahead it is OK to use the patterns inside the lookahead to
guide the BMS optimization.
* For positive lookbehind we harmlessly fail to optimize when the patterns
inside the lookbehind go backwards because TextNode::EatsAtLeast returns 0.
* For negative lookarounds, the NegativeLookaroundChoiceNode::FillInBMInfo method
(in jsregexp.h) knows to only look at the following pattern.
This is in response to disappointing lookbehind performance in Atom.
See https://github.com/atom/find-and-replace/issues/571R=yangguo@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2777583003
Cr-Commit-Position: refs/heads/master@{#44139}
In code generator, DEXTM instruction will be emitted for intervals
position=[0,31] and size=[33,64]. In simulator, mask for DEXTM will be
calculated on correct way for size = 64. Disassembler has now possibility
to disassemble instructions DEXTM and DEXTU.
TEST=cctest/test-run-machops/Regression6122
BUG=
Review-Url: https://codereview.chromium.org/2769403002
Cr-Commit-Position: refs/heads/master@{#44137}
The goal of this commit is to add the equivalent to gdbinit but
for lldb. I've tried to replicate the commands as close as possible
but I'm unsure about the jss command and hoping to get some feedback
on it in addition to the bta command which I'm not sure how/when this
could be used. This is probably just inexperience on my part.
The lldbinit file can be placed into a directory prefixed with dot
(.lldbinit) and the python script is currently expected to be in the
same directory. The path to the script can be changed manually if needed
as well.
NOTRY=true
Review-Url: https://codereview.chromium.org/2758373002
Cr-Commit-Position: refs/heads/master@{#44136}
- Implement %TypedArray%prototype.reverse in builtins and
ElementsAccessor to use std::reverse
- Remove TypedArrayReverse in src/js/typedarray.js
- Fix typo in comments
BUG=v8:5929
Review-Url: https://codereview.chromium.org/2761453002
Cr-Commit-Position: refs/heads/master@{#44132}
Besides adding accessors get_origin() and set_origin(), it creates easier test
accessors is_wasm() and is_asm_js().
This allows the possibility of caching boolean flags for is_wasm() and
is_asm_js() without having to change any code except for the files containing
the class definition for WasmModule.
BUG= v8:6152
R=bbudge@chromium.org,mtrofin@chromium.org
Review-Url: https://codereview.chromium.org/2771803005
Cr-Commit-Position: refs/heads/master@{#44130}
ToNumber for Oddball/String has no side-effect, no need to go
through %Typearray%.prototype.fill slow path.
BUG=v8:5929,chromium:702902
Review-Url: https://codereview.chromium.org/2769673002
Cr-Commit-Position: refs/heads/master@{#44129}
TBR=yangguo@chromium.org
Change-Id: Iaed993ed1a61003e35bb40d1f9e0d78864979b2c
Reviewed-on: https://chromium-review.googlesource.com/459443
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44127}
Currently, v8 uses the same flag to collect time for compiling wasm modules from js asm and wasm. This separates the v8 counter into two separate counters, and then uses the appropriate counter when compiling a module.
Note: This CL doesn't separate the corresponding Chromium counter. Rather that is intenionally being delayed until v8 code has separated all appropriate counters for js asm and wasm. That way, the installation into chrome can be done at once.
BUG=chromium:704922
R=bradnelson@chromium.org,bbudge@chromium.org
Review-Url: https://codereview.chromium.org/2778493002
Cr-Commit-Position: refs/heads/master@{#44126}
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: Iff5ff2e73d598ecae1be30a61856c1292f2fd6da
Reviewed-on: https://chromium-review.googlesource.com/456646
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44125}
Require the use of MarkingState when going through ObjectMarking
and friends.
BUG=chromium:651354
Review-Url: https://codereview.chromium.org/2770253002
Cr-Commit-Position: refs/heads/master@{#44123}
Currently, v8 uses the same flag to collect time for instantiating wasm modules
from js asm and wasm. This separates the v8 counter into two separate counters,
and then uses the appropriate counter when instantiating a module.
BUG=chromium:704922
R=aseemgarg@chromium.org,bradnelson@chromium.org,bbudge@chromium.org
Review-Url: https://codereview.chromium.org/2772773004
Cr-Commit-Position: refs/heads/master@{#44122}
V8 side mechanism for overriding the wasm js APIs.
We will use these to:
- implement the Chrome-side constraints on module size, and throw with more
actionable error messages, while preserving layering.
The old mechansms will be deleted once we update the Chrome side with
this new mechanism.
- implement Chrome-side .compile and .instantiate overrides accepting
Response objects.
We may want to evolve this mechanism into something more general, not
requiring V8 preparation, by replacing the v8-definition with embedder
provided definitions. We're currently exploring if we can expand
"Extras", for instance.
BUG=
Review-Url: https://codereview.chromium.org/2773063002
Cr-Commit-Position: refs/heads/master@{#44119}
This helper is used directly when constructing from an object with
a length, as well as by ConstructByIterable and ByTypedArray.
BUG=v8:5977
Change-Id: I18a4829c2a22a6099cf3b0824ea1f698bfbf1917
Reviewed-on: https://chromium-review.googlesource.com/456707
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Franziska Hinkelmann <franzih@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44116}
The temp_instance is not used but had an enormous performance impact.
The instantiation time of the zengarden WebAssembly module improved now
from 12 seconds to less than a second.
R=clemensh@chromium.org
BUG=v8:6146
Change-Id: Ibac7809b3b6092032abd77ed94f639c09f62d816
Reviewed-on: https://chromium-review.googlesource.com/458918
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44114}
Currently BodyDescriptorBase::IterateBodyImpl does a run-time check
for obj->map()->HasFastPointerLayout(), which is redundant for all
non-JSObject heap objects.
BUG=chromium:694255
Review-Url: https://codereview.chromium.org/2774553003
Cr-Commit-Position: refs/heads/master@{#44111}
This speeds up for/in over arrays. E.g.,:
function f(a) {
for (let i in a) {
if (a[i] != a[i]) print(false);
}
}
var a = new Array(10000000);
a.fill(1);
f(a);
runs 3x faster after the change.
BUG=chromium:703226
Change-Id: Iabc5e931d985a03f89440cd702b2feb3eb9f5c18
Reviewed-on: https://chromium-review.googlesource.com/459538
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44108}
This reverts commit f20261bfb4.
Reason for revert: We need the GetMapConstructor instruction for CallApiCallbackStub
Original change's description:
> Remove ClassOf intrinsic from FCG and CS
>
> I plan to change the constructor field of maps, and instead of patching
> the intrinsics all over the place, just fall back to the runtime.
>
> R=bmeurer@chromium.org
> BUG=v8:6084
>
> Change-Id: Ie294b74ab615fd794d7fc47488e2e30e2b49b4db
> Reviewed-on: https://chromium-review.googlesource.com/454616
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Commit-Queue: Jochen Eisinger <jochen@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#43765}
TBR=jochen@chromium.org,bmeurer@chromium.org,adamk@chromium.org,hablich@chromium.org,v8-reviews@googlegroups.com,v8-mips-ports@googlegroups.com,v8-ppc-ports@googlegroups.com,v8-x87-ports@googlegroups.com
# Not skipping CQ checks because original CL landed > 1 day ago.
BUG=v8:6084
Change-Id: I06f60d409eccb4ad3abad14f5c9782bfe9122aea
Reviewed-on: https://chromium-review.googlesource.com/458379
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44106}
Removes the AstString super-class and makes the two sub-classes stand-alone.
That also removes the slightly awkward implementation of a super-class with
dynamically dispatched behaviour, except it was manually implemented because
virtual function calls were considered expensive.
BUG=v8:6902
Change-Id: I079a2372557aa17ee839efcaddb9b7fe86e38b4d
Reviewed-on: https://chromium-review.googlesource.com/458428
Commit-Queue: Daniel Vogelheim <vogelheim@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44104}
