Document that frame summaries are bottom-to-top, i.e. caller before
callee, rename FrameSummary::GetFirst to FrameSummary::GetBottom and
introduce FrameSummary::GetTop.
For debugged JavaScript frames, it does not really matter which of the
functions we call, so I replaced a few GetFirst by GetTop instead of
GetBottom because it matches the semantics more closely.
This CL also reverts part of http://crrev.com/2621953002 by changing
BreakLocation::FromFrame back to accept a DebugInfo and a
JavaScriptFrame. We don't plan to create BreakLocations for wasm.
R=yangguo@chromium.org
BUG=v8:5822
Review-Url: https://codereview.chromium.org/2647433002
Cr-Commit-Position: refs/heads/master@{#42505}
Properly recognize and optimize typeof in a strict/abstract equality
comparison with the string literal "object" to a check for Null or a
check of the map for Receiver instance type and non-callable.
Drive-by-fix: Also optimize typeof o === "function" somewhat, now that
we have the new types for Callable and NonCallable.
R=jarin@chromium.org
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2646763003
Cr-Commit-Position: refs/heads/master@{#42501}
Instead of doing the dance via JSStrictEqual for comparisons with null,
undefined or the hole, we can just go to ReferenceEqual directly. Also
avoid the Select(x, false, true) dance for negation and use BooleanNot
directly.
R=mstarzinger@chromium.org
Review-Url: https://codereview.chromium.org/2646763004
Cr-Commit-Position: refs/heads/master@{#42500}
Currently PropertyConstness is still in sync with PropertyLocation.
BUG=v8:5495
Review-Url: https://codereview.chromium.org/2591233002
Cr-Commit-Position: refs/heads/master@{#42497}
This makes sure 32-bit constants that are used as {MachineType::Uint32}
by the deoptimization translation are also interpreted as such when the
literals are collected.
R=jarin@chromium.org
TEST=mjsunit/regress/regress-crbug-681983
BUG=chromium:681983
Review-Url: https://codereview.chromium.org/2646463002
Cr-Commit-Position: refs/heads/master@{#42493}
Reason for revert:
Breaks all windows bots:
https://build.chromium.org/p/client.v8/builders/V8%20Win32%20-%20debug/builds/6811
Original issue's description:
> [test] Remove local-tests from test262 archive and add to .isolate
>
> This might help fix the bots, which are broken in e.g.,
> https://build.chromium.org/p/tryserver.v8/builders/v8_mac_rel_ng_triggered/builds/14011
>
> The archive was added in order to transmit test262 tests more rapidly.
> It doesn't serve much of a purpose for local-tests. I naively added
> local-tests there out of symmetry. However, the BUILD.gn file does not
> regenerate an archive when files are only deleted and not added or
> changed. Since the performance concern is not present for the small
> volume of local-tests, this patch reverts to the more normal mechanism
> for sending over dependencies, with test262.isolate.
>
> R=adamk
>
> Review-Url: https://codereview.chromium.org/2643983002
> Cr-Commit-Position: refs/heads/master@{#42485}
> Committed: 9f545ea96fTBR=adamk@chromium.org,littledan@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review-Url: https://codereview.chromium.org/2640223003
Cr-Commit-Position: refs/heads/master@{#42491}
Since the script origin is part of the key used in the compilation
cache, this ensures that the cache never confuses a module with a
non-module script.
BUG=v8:1569,v8:5685
Review-Url: https://codereview.chromium.org/2611643002
Cr-Commit-Position: refs/heads/master@{#42490}
When StringAdd builtin is used to concatenate two primitive values,
we know that the operation might throw, but cannot trigger any other
observable side effect, so it shouldn't flush the LoadElimination state.
R=jarin@chromium.org
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2645523002
Cr-Commit-Position: refs/heads/master@{#42489}
Intl constructors are specified to prohibit structurally invalid
subtags. BCP 47 defines itself to be case-insensitive. Firefox does
throw on case-insensitive duplicates, following the specifications.
This patch makes V8 do the same. There is some small compatibility
risk, but the case is fairly niche, so I hope it does not cause
much breakage.
BUG=v8:4215
Review-Url: https://codereview.chromium.org/2639333003
Cr-Commit-Position: refs/heads/master@{#42487}
The IA32AddPair and IA32SubPair instructions were using an input register as a
temporary value, which led to registers sometimes being clobbered when they
shouldn't have been. This led to problems, for example, in calling printf to
format doubles:
printf("%f", 1.2345) => 0.61725 (on x86)
BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5800
Review-Url: https://codereview.chromium.org/2637583002
Cr-Commit-Position: refs/heads/master@{#42486}
This might help fix the bots, which are broken in e.g.,
https://build.chromium.org/p/tryserver.v8/builders/v8_mac_rel_ng_triggered/builds/14011
The archive was added in order to transmit test262 tests more rapidly.
It doesn't serve much of a purpose for local-tests. I naively added
local-tests there out of symmetry. However, the BUILD.gn file does not
regenerate an archive when files are only deleted and not added or
changed. Since the performance concern is not present for the small
volume of local-tests, this patch reverts to the more normal mechanism
for sending over dependencies, with test262.isolate.
R=adamk
Review-Url: https://codereview.chromium.org/2643983002
Cr-Commit-Position: refs/heads/master@{#42485}
Inspector is moved to per-event-type callbacks instead of general v8::debug::SetDebugEventListener. It allows to:
- remove any usage of v8::Debug::EventDetails in debug-interface,
- avoid redundant JS call on each event to get properties of event objects,
- introduce better pure C++ API for these events later.
BUG=v8:5510
R=yangguo@chromium.org,jgruber@chromium.org,dgozman@chromium.org
Review-Url: https://codereview.chromium.org/2622253004
Cr-Commit-Position: refs/heads/master@{#42483}
This CL implements ldrex, ldrexb, ldrexh, strex, strexb, and strexh in the
Simulator. These instructions provide "exclusive" access, which provides mutual
exclusion for concurrent threads of execution.
The ARM specification gives some leeway to implementors, but essentially
describes each processor as having Local Monitor and Global Monitor. The Local
Monitor is used to check the exclusivity state without having to synchronize
with other processors. The Global Monitor is shared between processors. We
model both to make it easier to match behavior with the spec.
When running with multiple OS threads, each thread has its own isolate, and
each isolate has its own Simulator. The Local Monitor is stored directly on the
Simulator, and the Global Monitor is stored as a lazy singleton. The Global
Monitor maintains a linked-list of all Simulators.
All loads/stores (even non-exclusive) are guarded by the Global Monitor's mutex.
BUG=v8:4614
Review-Url: https://codereview.chromium.org/2006183004
Cr-Commit-Position: refs/heads/master@{#42481}
Currently V8 context just crashes on OOM, with this CL backend will send paused notification with OOM reason before OOM and will increase heap limits to allow further debugging on pause.
BUG=chromium:675911
Review-Url: https://codereview.chromium.org/2624543004
Cr-Commit-Position: refs/heads/master@{#42480}
So far we only recognized
typeof x == 'type'
typeof x != 'type'
typeof x === 'type'
typeof x !== 'type'
but some people seem to prefer it the other way around, i.e.
'type' == typeof x
'type' != typeof x
'type' === typeof x
'type' !== typeof x
as spotted in some Ember.js code, so we should obviously handle that as
well and reduce it to a quick check on x instead of calling the TypeOf
builtin and comparing the resulting string.
R=ishell@chromium.org
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2642743003
Cr-Commit-Position: refs/heads/master@{#42478}
Listener is called instead of event listener for v8::AfterCompile and v8::CompileError events if installed.
- removed v8::debug::Script::Wrap.
BUG=v8:5510
R=yangguo@chromium.org,jgruber@chromium.org,dgozman@chromium.org,clemensh@chromium.org, alph@chromium.org,
Review-Url: https://codereview.chromium.org/2626283002
Cr-Commit-Position: refs/heads/master@{#42477}
When attempting to allocate a blocked register, in the absence of
aliasing, it was possible to assume that a register that was
blocked - by either belonging to an active fixed register, or to
an active unspillable range - could not have possibly be allocated
to another active range (because there'd be an interference otherwise).
With aliasing, that changes. The range we're trying to allocate
may be a double, while the 2 or more active ranges in the paragraph
above may be singles aliasing to the same double slot.
Opportunistically refactored for readability an optimization, and
added some comments.
BUG=681529
Review-Url: https://codereview.chromium.org/2632373004
Cr-Commit-Position: refs/heads/master@{#42474}
Reason for revert:
Causes a few bugs caught by clusterfuzz.
Original issue's description:
> [Ignition/turbo] Add a CallWithSpread bytecode.
>
> Also, emit a NewWithSpread bytecode for CallNew AST nodes where possible, rather than desugaring in the parser.
>
> BUG=v8:5511
>
> Review-Url: https://codereview.chromium.org/2629363002
> Cr-Commit-Position: refs/heads/master@{#42455}
> Committed: 4bae43471dTBR=bmeurer@chromium.org,rmcilroy@chromium.org,verwaest@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5511
Review-Url: https://codereview.chromium.org/2642843002
Cr-Commit-Position: refs/heads/master@{#42470}
V8InspectorSession::schedulePauseOnNextStatement and V8InspectorSession::cancelPauseOnNextStatement are now exposed in inspector tests. These methods are required at least for better blackboxing tests.
BUG=v8:5842
R=dgozman@chromium.org
Review-Url: https://codereview.chromium.org/2636613002
Cr-Commit-Position: refs/heads/master@{#42469}
The results are too noisy ATM. This switches off validate-asm for
default comparisons. We can add back dedicated jobs later that switch
it on.
BUG=chromium:663714
NOTRY=true
TBR=bradnelson@chromium.org,titzer@chromium.org
Review-Url: https://codereview.chromium.org/2640743004
Cr-Commit-Position: refs/heads/master@{#42467}
The new ignition config will be used as baseline comparison in new
jobs, e.g. against ignition_turbo. We'll keep --validate-asm off
in ignition_turbo for now as it is very chatty.
BUG=chromium:673246
NOTRY=true
Review-Url: https://codereview.chromium.org/2640043002
Cr-Commit-Position: refs/heads/master@{#42464}
- Refactors many FP, integer, and signed integer instructions where
possible.
LOG=N
BUG=v8:4124
Review-Url: https://codereview.chromium.org/2639443002
Cr-Commit-Position: refs/heads/master@{#42463}
CodeAssemblerLabel's destructor was not calling RawMachineLabel's destructor, because label_ is zone-allocated. RawMachineLabel's destructor contains a DCHECK that would make debugging easier. If the DCHECK is not triggered, things will go awry in the register allocation phase, making it harder to debug the issue.
BUG=
Review-Url: https://codereview.chromium.org/2641863002
Cr-Commit-Position: refs/heads/master@{#42461}
A future linear version of the hash table will only need the element count and
deleted element count. Hence moving them to the beginning of the underlying
fixed array makes the transition easier.
BUG=v8:5717
Review-Url: https://codereview.chromium.org/2630373002
Cr-Commit-Position: refs/heads/master@{#42459}
