The RegExp replace implementation is a bit of a mess. Here, we first
try to handle parts of RegExp.p.exec, and then call directly into the
raw irregexp code (skipping RegExp.p.exec).
We got parts of this wrong: when lastIndex > string.length and the
regexp instance is sticky, two things should happen. 1. The match
should fail, and 2. lastIndex should be reset to 0. On the fast path,
we did the latter but not the former, instead running exec with a
lastIndex of 0.
This CL omits the irregexp call in this case, and defaults to a failed
match instead.
Bug: chromium:875493
Change-Id: I8c959610d267575e37686076a3fd5dfde322f0ca
Reviewed-on: https://chromium-review.googlesource.com/1180889
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55207}
This makes sure the aforementioned predicate is independent of the
current context (aka. Realm) and only uses the instance type of the
given object to determine whether it is a WebAssembly module object.
R=titzer@chromium.org
TEST=mjsunit/regress/wasm/regress-8059
BUG=v8:8059
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Icc8e400f8412483f2a3883ca65c58b7ef938ef23
Reviewed-on: https://chromium-review.googlesource.com/1180886
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55205}
This is a reland of f991465b42
Original change's description:
> [wasm] Publish new code from the background threads.
>
> R=clemensh@chromium.org
> BUG=v8:7921
>
> Change-Id: Ib86cb5f742907b6e54365827facfc765867ca22e
> Reviewed-on: https://chromium-review.googlesource.com/1156384
> Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54985}
Bug: v8:7921
Change-Id: Ic99f59410b6f26593f4bd4b47209e9cce56481fc
Reviewed-on: https://chromium-review.googlesource.com/1179861
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55202}
This is a cleanup CL that is preparation for making the byte length
and offsets of typed arrays into unboxed size_t fields.
R=mstarzinger@chromium.org
BUG=v8:7881
Change-Id: Iee8bb2142124c88c71cec7343149ae3f08b40c6c
Reviewed-on: https://chromium-review.googlesource.com/1179829
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55196}
This makes sure that a tier-up from Ignition to TurboFan (or any other
code publishing) preserves redirections to the Interpreter. Currently an
interpreted function never switches back to compiled.
R=titzer@chromium.org
TEST=mjsunit/wasm/interpreter-mixed
BUG=v8:7921,v8:8018
Change-Id: Ifca479953509708c998c11cc00b481c232678e00
Reviewed-on: https://chromium-review.googlesource.com/1179661
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55195}
Change-Id: I31cf082abae120dc4f5aa7eadce6513e933d942b
Reviewed-on: https://chromium-review.googlesource.com/1178042
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55191}
Use CheckBounds and reduce the number of checks required to sanitize the
indices for DataView accesses in optimized code. Also constant-fold the
[[ByteLength]] if the DataView is a known compile-time constant (similar
to what we do for TypedArrays already). This further improves performance
of DataViews by 2-7% depending on the exact test case.
With this change DataView and TypedArray accesses themselves are mostly
on par performance wise.
Bug: chromium:225811
Change-Id: I6838339108b8a4dcf9b13ddecab40f1c3632967c
Reviewed-on: https://chromium-review.googlesource.com/1179741
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55190}
This reduced the number of targets depending on assembler.h
from ~900 to ~350.
Bug: v8:8054
Change-Id: I74ae2ce7a4b27791d0ee25542ee0b2175bedf5f7
Reviewed-on: https://chromium-review.googlesource.com/1174534
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55188}
Now that we pass in assembler options during builtin setup, we can be
more precise in assembler configuration.
Isolate-independent generation is only requested for isolate-independent
builtins. And pc-relative jumps additionally need a valid code range.
Bug: v8:6666
Change-Id: I64dfb414549a2f1e87610244c48d9405e63a1b12
Reviewed-on: https://chromium-review.googlesource.com/1177707
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55187}
This way the snapshot will contain only old space objects.
BUG=v8:7308
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ib19642795b1e8c7cbeda5162be86909c1a777767
Reviewed-on: https://chromium-review.googlesource.com/1177384
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55186}
This moves write-barrier for writes into code to heap-write-barrier.h
and adds four new functions:
- WriteBarrierForCode(host, rinfo, object) - combined generational
and marking write barrier.
- WriteBarrierForCode(host) - combined write barrier that rescans
all pointers in the host (former RecordWritesIntoCode).
- GenerationalWriteBarrierForCode.
- MarkingWriteBarrierForCode.
Bug: v8:8054,v8:7490
Change-Id: Ib1e07cfa1d5998fca2fa44e2ad08c52305f1373f
Reviewed-on: https://chromium-review.googlesource.com/1174436
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55185}
When printing the number and size of the instance types in each
snapshot, break out each line into the number for each AllocationSpace.
(This removes the specific RO_SPACE path that just broke out its stats).
Change-Id: I9d5bcecc4f0e8e1ec5c83409f54164f9bf83c5be
Reviewed-on: https://chromium-review.googlesource.com/1175826
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55184}
JSArrays and JSArrayBuffers are very different animals. As such,
split the js-array.h header into two parts.
R=ulan@chromium.org,mstarzinger@chromium.org
Bug: v8:5402
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I82f987ecea3e2e1ceaf8f8962a2b88165558c57e
Reviewed-on: https://chromium-review.googlesource.com/1177760
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55183}
This CL refactors the CodeAssembler::Branch(condition, true_body, false_body)
which was introduced by https://crrev.com/c/1175488, and this reduces snapshot by 864 bytes.
Change-Id: Ifde7d6f39bd7f265e71fef5bdcc6e69d8ab5be85
Reviewed-on: https://chromium-review.googlesource.com/1175488
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Kanghua Yu <kanghua.yu@intel.com>
Cr-Commit-Position: refs/heads/master@{#55179}
Previously, FormatDate implemented two functions:
(a) "DateTime Format Functions" as in ecma402/#sec-datetime-format-functions
(b) "FormatDateTime( dateTimeFormat, x )" as in ecma402/#sec-formatdatetime
This patch split FormatDate into two separate functions exactly as they are specified.
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Iae47f4d992f1767968e5a6df7d1a45a95bc33192
Reviewed-on: https://chromium-review.googlesource.com/1178886
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55177}
Don't compute the ToNumber conversion of long strings as it is
expensive.
Bug: v8:7790
Change-Id: Ief104f9229f7f633e31d26c98ed24b08a161525b
Reviewed-on: https://chromium-review.googlesource.com/1177719
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55168}
Fix 0027c83440
FLAG_runtime_stats was declared as Int but it was accessed as
pointer. On 64-bit architectures pointer access needs to be
eight byte aligned. This created unaligned memory access
on 64-bit architectures for those architectures that do not
support unaligned memory access.
TEST=mjsunit/wasm/table,cctest/test-accessors/AccessorIC
Change-Id: I569b69583de98b4c5fb7266f23f927bbd006966d
Reviewed-on: https://chromium-review.googlesource.com/1177601
Commit-Queue: Ivica Bogosavljevic <ibogosavljevic@wavecomp.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55166}
Forcing it seems unnecessary and hinders concurrent compilation.
Also turn a related condition into a CHECK.
Bug: v8:7790
Change-Id: Ie7d7e47e6bc2743d742cfe07e65436c1b8b994f3
Reviewed-on: https://chromium-review.googlesource.com/1177705
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55164}
Enforce both engine limitations and spec (http://asmjs.org/spec/latest/)
limitations on the size of asm.js heaps.
R=clemensh@chromium.org
CC=mstarzinger@chromium.org
Bug: chromium:873600
Change-Id: I104c23bbd0a9a7c494f97f8f9e83ac5a37496dfd
Reviewed-on: https://chromium-review.googlesource.com/1174411
Commit-Queue: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55163}
{AsyncCompileJob::FinishCompile} assumes that a context is set on the
isolate when it is called. This was not the case when it was called at
the end of streaming compilation.
R=mstarzinger@chromium.org
Bug: chromium:874525
Change-Id: Ia31cd9eb40598918262ff14606796027a6c80bc0
Reviewed-on: https://chromium-review.googlesource.com/1177392
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55161}
We really want to catch such errors. (std::optional throws an
exception in some of these cases.)
Change-Id: I7f8c3aff38aed1b3cbe52bcfb92062268fd3b201
Reviewed-on: https://chromium-review.googlesource.com/1177387
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55158}