With this change, WebAssembly.Memory objects have backing stores allocated as an
8GB region where everything beyond the size of the Wasm heap is inaccessible.
GrowMemory is now implemented by changing the protection on the guard regions to
make the new portions of the heap accessible.
Guard pages are not enabled by default, but this change adds a flag and a test
variant to make sure we get test coverage on them.
BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277
Review-Url: https://codereview.chromium.org/2396433008
Cr-Commit-Position: refs/heads/master@{#41089}
With the new wasm object types, the GetCompiledModule and GetWasmBytes
functions are not needed any more. The same functions are already
public on the wasm objects.
In order to use them properly, I changed a few more locations to make
use of the new types.
R=ahaas@chromium.org, titzer@chromium.org
Review-Url: https://codereview.chromium.org/2503403005
Cr-Commit-Position: refs/heads/master@{#41085}
Adds --wasm-no-bounds-checks and --wasm-no-stack-checks which
help in diagnosing potential sources of slowdown in WASM code.
R=ahaas@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2511113002
Cr-Commit-Position: refs/heads/master@{#41083}
Collect feedback for oddballs in the interpreter compare operations handlers.
This is important to ensure that we don't consider oddball comparisons as
generic, which prevents optimization.
BUG=chromium:660947
Review-Url: https://codereview.chromium.org/2506283003
Cr-Commit-Position: refs/heads/master@{#41081}
The ptr_to_* methods do (often unnecessary) type checks, and can
return nullptr. This is problematic since the handlified getter
uses them, and assumes the result to be non-null. So change
them to only to a DCHECK and never return nullptr, and introduce
maybe_ptr_to_* with the old semantics.
R=titzer@chromium.org, ahaas@chromium.org
Review-Url: https://codereview.chromium.org/2509053003
Cr-Commit-Position: refs/heads/master@{#41079}
Collect string feedback for compare operations. Without this,
functions which have a lot of string compare operations end up with
a high generic type percentage, and don't get optimized until very
late.
Currently TurboFan doesn't use this String feedback for compare
operations, but this could be done in future work if it is useful.
BUG=chromium:660947
Review-Url: https://codereview.chromium.org/2506013005
Cr-Commit-Position: refs/heads/master@{#41078}
V8 was applying incorrect optimization to them advancing the start position.
This would cause /foo$/y too match "barfoo", which it should not.
BUG=
Review-Url: https://codereview.chromium.org/2510743003
Cr-Commit-Position: refs/heads/master@{#41077}
There's no need to return anything.
Also add a DCHECK to make sure that we never mark a variable proxy as assigned
that is already resolved (to avoid potential inconsistency with the variable's
maybe_assigned status).
R=littledan@chromium.orgCC=mstarzinger@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2504613002
Cr-Commit-Position: refs/heads/master@{#41072}
The control edges in a TurboFan graph can form a cycle. To break this cycle in the int64-lowering we add special handling for loop nodes. Similar handling already exists for phi nodes and effectphi nodes, which breaks cycles formed by value edges and effect edges, respectively.
Review-Url: https://codereview.chromium.org/2511503002
Cr-Commit-Position: refs/heads/master@{#41071}
Fix c3a6ca68d0
Fix compilation failure on MIPS and GCC cross compile that started to appear
after the CL c3a6ca68d0 landed. The compilation
error is due to:
.././src/objects-inl.h:4129:54: error: assuming signed overflow does not occur
when assuming that (X + c) < X is always false [-Werror=strict-overflow]
DCHECK(index >= 0 && length >= 0 && index + length >= index &&
BUG=
Review-Url: https://codereview.chromium.org/2501963002
Cr-Commit-Position: refs/heads/master@{#41067}
This adds clearAllBreakPoints functionality (which requires tracking set
breakpoints internally), and several script-related functions that rely
on runtime functions.
BUG=v8:5530
Review-Url: https://codereview.chromium.org/2508853003
Cr-Commit-Position: refs/heads/master@{#41064}
This adds access to the LiveEdit API object, frame.restart(), and
various breakpoint setters. The LiveEdit API still depends on the JS
debugging context and blocks its removal; but it should be removed
once LiveEdit is rewritten in the midterm.
BUG=v8:5530
Review-Url: https://codereview.chromium.org/2503293002
Cr-Commit-Position: refs/heads/master@{#41062}
In Crankshaft we can actually do an abstract interpretation of the
@@hasInstance lookup when optimizing instanceof and then use the
normal machinery to protect the result instead of relying on the
global @@hasInstance protector cell for optimizations.
This recovers the 100x performance drop in Node.js v7 reported in
https://github.com/nodejs/node/issues/9634. This patch should be
easily back-mergable to Node.js v7.
BUG=v8:5640
R=yangguo@chromium.org,franzih@chromium.org
Review-Url: https://codereview.chromium.org/2504263004
Cr-Commit-Position: refs/heads/master@{#41059}
Inspector uses this type for all internal scripts, e.g. injected-script-source.js. Scripts with new type are not reported by remote debugging protocol, frames from them are ignored.
CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_precise_blink_rel
BUG=none
R=yangguo@chromium.org,dgozman@chromium.org
Review-Url: https://codereview.chromium.org/2499273003
Cr-Commit-Position: refs/heads/master@{#41056}
We do not have to invalidate the abstract state if we are transitioning to
the object's map.
Review-Url: https://codereview.chromium.org/2510843002
Cr-Commit-Position: refs/heads/master@{#41053}
Reason for revert:
Submitting this before more capacity was added to linux_trusty_blink_rel caused that builder to get too busy (http://crbug.com/665246); should be able to reland after http://crbug.com/665917 is fixed.
Original issue's description:
> Update usage of linux blink try bot to use linux_trusty_blink_rel.
>
> Reason: We're planning to drop support for Linux Precise for layout tests.
>
> BUG=chromium:660580
> NOTRY=true
TBR=machenbach@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=chromium:660580
NOTRY=true
Review-Url: https://codereview.chromium.org/2507853002
Cr-Commit-Position: refs/heads/master@{#41052}
Now we don't need to call collectSample on each V8StackTraceImpl::capture during collecting profile.
CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_precise_blink_rel
BUG=none
R=alph@chromium.org,dgozman@chromium.org
Review-Url: https://codereview.chromium.org/2510823002
Cr-Commit-Position: refs/heads/master@{#41051}
The reasons are:
1) The names dictionaries in the feedback metadata seems to consume a lot of memory
and the idea didn't payoff.
2) The absence of a name parameter blocks data handlers support in LoadGlobalIC.
This CL reverts a part of r37278 (https://codereview.chromium.org/2096653003/).
BUG=chromium:576312, v8:5561
Review-Url: https://codereview.chromium.org/2510653002
Cr-Commit-Position: refs/heads/master@{#41046}
The ScriptBreakpoint struct was before just holding line, column and
condition. It now additionally holds the scriptId.
This encapsulates information nicer, and allows for easier translation
of wasm locations, since one struct now holds all information needed
for the translation.
BUG=chromium:659715
R=yangguo@chromium.org, kozyatinskiy@chromium.org
Review-Url: https://codereview.chromium.org/2491133003
Cr-Commit-Position: refs/heads/master@{#41044}
In order to address a performance issue.
BUG=v8:5512, chromium:664937
Review-Url: https://codereview.chromium.org/2506003002
Cr-Commit-Position: refs/heads/master@{#41041}
