There is no guarantee that Map::GetConstructor() returns a JSFunction.
Specifically, detached global proxies return the |null| sentinel. So
we have to check the object type before casting to JSFunction.
BUG=chromium:694141
Review-Url: https://codereview.chromium.org/2739303003
Cr-Commit-Position: refs/heads/master@{#43727}
Note that this changes the sampling interval from milliseconds to
microseconds -- this shouldn't cause issues except for tools that use
'profiler,"begin",<interval>' somehow.
Change-Id: I20222de91f7820e26eb3fc505a4752b0bc7e1642
Reviewed-on: https://chromium-review.googlesource.com/451658
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43726}
This fixes the catch predictions for the following builtins --
AsyncFunctionAwaitCaught
AsyncFunctionAwaitUncaught
PromiseResolveClosure
ResolvePromise
PromiseResolve
Added tests for each.
Added whitelist for builtins behind a flag.
BUG=chromium:691875
Change-Id: I816cafdb69f0c9f1eefc440a0a44c36713d0b7dc
Reviewed-on: https://chromium-review.googlesource.com/450894
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43725}
AllocateRawAligned called into AllocateRawUnaligned, which expected
the address of the pointer to the top of the stack, not the pointer
itself. Instead, the pointer itself was passed, causing segfaults
if this code is actually run.
Also do some drive-by clean up of the branching/labels and unused
vars etc. in AllocateRawAligned.
BUG=v8:6075
Change-Id: If71db4b61d777b6543e5246e92bb5b9e6c02c81f
Reviewed-on: https://chromium-review.googlesource.com/452374
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43722}
Removing it from default variants set which will substantially increase test speed for developers.
Pure ignition is intended to be tested only on bots unless opted in.
BUG=chromium:682617
R=mstarzinger@chromium.org,mvstanton@chromium.org,rmcilroy@chromium.org
Change-Id: I98adb81951a0a2d16f52e6b34b98d3a90e178d8a
Reviewed-on: https://chromium-review.googlesource.com/452580
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43721}
Now that the --turbo flag is on by default, this implication makes it
impossible to disable the runtime profiler to prevent functions from
being considered hot. Essentially the --nocrankshaft flag was borked.
R=machenbach@chromium.org
Change-Id: I698008b4b69038e8bfab6d8ec3ccf57e2fd71701
Reviewed-on: https://chromium-review.googlesource.com/452619
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43720}
Also format flags in single lines to make configs easier to read and modify.
BUG=chromium:673246
NOTRY=true
R=mstarzinger@chromium.org,titzer@chromium.org,rmcilroy@chromium.org
Change-Id: If37486c98af161467b639271b035207c3ae1077a
Reviewed-on: https://chromium-review.googlesource.com/452579
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43719}
The callers of this function already do the flushing (as its comment demands).
BUG=
Change-Id: Iff6720f4ddecb1a4569b6cac66eba4b857c46b17
Reviewed-on: https://chromium-review.googlesource.com/452504
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43718}
- lower the cutoff-threshold for bottom up graphs to 1%
- show all builtins/stubs/ics by default
R=jkummerow@chromium.org
Change-Id: I522173155b817ae20a37c40ecf411f2b55d82105
Reviewed-on: https://chromium-review.googlesource.com/452482
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43717}
Add log message when RuntimeProfiler checks whether to optimize a
function, but that function is already in the optimization queue
(with --trace-opt-verbose).
R=yangguo@chromium.org
Review-Url: https://codereview.chromium.org/2740103003
Cr-Commit-Position: refs/heads/master@{#43711}
ICU's UChar was uint16_t (non-Win) or wchar_t (Windows). It's switching
to char16_t in both C/C++ API. It needs some changes. Fortunately,
v8 needs only a couple of changes because v8 has been using
reinterpret_cast in many places calling ICU API.
This change was confirmed to work fine with ICU-59-to-be.
BUG=v8:6062
TEST=trybot
Review-Url: https://codereview.chromium.org/2738503008
Cr-Commit-Position: refs/heads/master@{#43707}
Chrome no longer calls v8::Isolate::Dispose on shutdown, essentially preventing
the use of V8 stats within chrome/content_shell. This CL adds a basic hook to
the api that is then used to only print the stats.
Chrome change: https://codereview.chromium.org/2693353002
Change-Id: I1481c14afe611e9c08ae67c815201a45940daa57
Reviewed-on: https://chromium-review.googlesource.com/452338
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43706}
- lower the cutoff-threshold for bottom up graphs to 1%
- show all builtins/stubs/ics by default
R=jkummerow@chromium.org
Change-Id: I85f8c4f00c5f36407bc5d9f81bead8f39a5ef632
NOTRY=true
Change-Id: I85f8c4f00c5f36407bc5d9f81bead8f39a5ef632
Reviewed-on: https://chromium-review.googlesource.com/452300
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43704}
Specifically, add bytecodes for Call0, Call1, Call2, CallProperty0, CallProperty1,
and CallProperty2. Also share the bytecode handler code between between
equivalent CallX and CallPropertyX handlers.
Review-Url: https://codereview.chromium.org/2684993002
Cr-Original-Commit-Position: refs/heads/master@{#43290}
Committed: 00d6f1f80a
Review-Url: https://codereview.chromium.org/2684993002
Cr-Commit-Position: refs/heads/master@{#43700}
The optimization
NumberFloor(NumberDivide(lhs, rhs))
to
NumberToInt32(NumberDivide(lhs, rhs))
for potentially negative lhs is not valid, since Math.floor rounds
towards -infinity, whereas ToInt32 truncates.
BUG=chromium:699282
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2743673002
Cr-Commit-Position: refs/heads/master@{#43699}
We used to embed a string address as description right after
a stop instruction, which the simulator would read and print.
We removed that a while ago to make the snapshot predictable.
R=petermarshall@chromium.org
BUG=v8:6071
Review-Url: https://codereview.chromium.org/2744503003
Cr-Commit-Position: refs/heads/master@{#43698}
We need to check whether advancing the iterator moved us beyong the end
of the bitmap. This has not been flushed out as our inlined bitmap is
still in valid memory.
In practice this is not a problem because the value is never used as we
are at the end of the bitmap. Asan rightfully complains when using an
external bitmap though.
BUG=chromium:651354
Change-Id: I8b141a467e9552f8ac2287dd62a725a14a289a37
Reviewed-on: https://chromium-review.googlesource.com/452497
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43696}
BUG=
Change-Id: Ibf49df830153a829015723826dacc6939fb42189
Reviewed-on: https://chromium-review.googlesource.com/452377
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43689}
It depends on constant field tracking and currently disabled.
BUG=v8:5495
Change-Id: I6202cddfc2d32b5a06c5ab00c42caa6e276a3eb1
Reviewed-on: https://chromium-review.googlesource.com/451639
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43687}
This fixes an incorrect usage of String::Flatten in EscapeRegExpSource.
It also adds %ConstructConsString (to easily and reliably construct cons
strings in tests) and Factory::NewConsString (to enable guaranteed cons
string construction without preemptive flattening attempts).
BUG=chromium:698790
Review-Url: https://codereview.chromium.org/2736383003
Cr-Commit-Position: refs/heads/master@{#43686}
- supporting appending new data instead of simply replacing the current set
- fix issue when not filtering out groups on initial loading
Change-Id: I77d508e644b247fa236ea64ef919639cac6ee425
NOTRY=true
Change-Id: I77d508e644b247fa236ea64ef919639cac6ee425
Reviewed-on: https://chromium-review.googlesource.com/451276
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43685}
The BitcastWordToTagged operator is used for bump pointer allocation to
construct the actual HeapObject pointer. The input to this operator is
a naked pointer (derived from the allocation top). If this input value
is live across an allocation, then the resulting tagged pointer is
invalid because the GC might have scavenged new space in the meantime.
That means we must not allow Node splitting (in the Scheduler) for these
instructions, as that could extend the live range of the naked pointer
input across arbitrary code. As such, this operator must not be marked
as pure.
R=jarin@chromium.org
BUG=v8:6059
Review-Url: https://codereview.chromium.org/2739093002
Cr-Commit-Position: refs/heads/master@{#43683}
- Changes input filtering to test NaNs, but skip very large or very
small inputs, which may cause imprecision on some platforms.
- Changes expected result filtering to only skip NaNs.
LOG=N
BUG=6020
Review-Url: https://codereview.chromium.org/2738703006
Cr-Commit-Position: refs/heads/master@{#43681}
Port e82b7ccd32
Original Commit Message:
I originally needed this for the initialization of a constexpr array in
the wasm lazy compile builtin, but since it's a bigger change, I now
split it off as this separate CL.
The style guide recommends constexpr over const. I thus apply the
constexprificaton over all headers that I touched anyway.
I also remove the ARM64_DEFINE_REG_STATICS hack. It was introduced when
merging in arm64 support more than three years ago, and I don't see the
purpose for this.
Also, some #defines can now be constexpr definitions, which was not
possible before according to the comment.
R=clemensh@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Review-Url: https://codereview.chromium.org/2733323003
Cr-Commit-Position: refs/heads/master@{#43678}
