If the imported wasm function is being debugged (i.e. redirects to the
interpreter), call it via the JS_TO_WASM stub, such that we can disable
the breakpoint later by patching the exported function.
This also contains a drive-by fix in wasm-translation.cc (for the case
that all known positions are bigger than the requested one).
R=titzer@chromium.org, kozyatinskiy@chromium.org
BUG=v8:5971, v8:5822
Review-Url: https://codereview.chromium.org/2720813002
Cr-Commit-Position: refs/heads/master@{#43583}
We should throw a RangeError for offset % elementSize before
length.toPrimitive is observable. Adds a test that checks this, too.
BUG=v8:6037
Change-Id: Ie9f2551c8e8fb0018b508762ac93cdc470e15dde
Reviewed-on: https://chromium-review.googlesource.com/449792
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43582}
The parameters for ConstructWithSpread and CallWithSpread both
contain the arity for JavaScript calls with a spread as the
last parameter and have the same functionality. Simplify them as
one parameter.
BUG=
Review-Url: https://codereview.chromium.org/2729143002
Cr-Commit-Position: refs/heads/master@{#43581}
Second part of relanding d2c093bcaf.
BUG=chromium:651354
Change-Id: I4d48e870ac3a630ee1c286a86e630b8cf52cadf9
Reviewed-on: https://chromium-review.googlesource.com/449712
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43580}
Materialized literal removal is a follow up to https://chromium-review.googlesource.com/443246
In addtion, remove ParserBase::Checkpoint; it was for restoring materialized
literal counts and expected property counts, but actually the expected property
count tracking was incorrect ("this" in arrow function param list binds to the
outside, so it's correct without the checkpoint):
(a, b = this.c = 0) => { }
BUG=
Change-Id: Ic097f6d2e7cb235166fb3a76af3bf5584bc167f0
Reviewed-on: https://chromium-review.googlesource.com/449733
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43579}
This should improve generated code. It is also one step in preparation
for LoadIC inlining - explicitly deferred blocks are currently necessary
to help the scheduler omit frame construction.
BUG=v8:5917
Review-Url: https://codereview.chromium.org/2732613002
Cr-Commit-Position: refs/heads/master@{#43577}
The pattern of creating a hidden catch scope occurs several times, so
define a helper for it.
BUG=
Change-Id: I5831378341d86d41bfb015bd3e687183cc79ac20
Reviewed-on: https://chromium-review.googlesource.com/448559
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43574}
In lazy compilation, we only compile one function at a time, and we
might not have the wire bytes of the whole module available.
This CL prepares the WasmCompilationUnit for this setting.
It will also be helpful for streaming compilation.
Also, the ErrorThrower (which might heap-allocate) is not stored in the
WasmCompilationUnit any more. Instead, it is passed to the
FinishCompilation method which is allowed to heap-allocate.
R=titzer@chromium.org, ahaas@chromium.org
BUG=v8:5991
Review-Url: https://codereview.chromium.org/2726553003
Cr-Commit-Position: refs/heads/master@{#43573}
We can compile a !== a and Number.isNaN(a) to ObjectIsNaN. The former is
commonly used to check for NaN, i.e. in case of equals in AngularJS.
R=jarin@chromium.org
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2722483003
Cr-Commit-Position: refs/heads/master@{#43572}
This is always the single variable declared in the catch scope.
BUG=
Change-Id: I05ccc48f57394268432c9b5b8c76f9db1b3b6312
Reviewed-on: https://chromium-review.googlesource.com/448041
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43571}
Later manipulation of Array.prototype.concat could lead to calling the Date constructor with empty arguments list. This let a non-mocked date slip in.
BUG=chromium:698097
NOTRY=true
TBR=yangguo@chromium.org,mstarzinger@chromium.org
Change-Id: Ib4bd97e06ea7be8c32d0057d42943f9f82ea6b5f
Reviewed-on: https://chromium-review.googlesource.com/449732
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43570}
The old proxy only mocked out constructor calls and didn't intercept function application. It also kept the original constructor property, through which non-mocked dates could be constructed again.
BUG=chromium:697870
NOTRY=true
R=mstarzinger@chromium.org,yangguo@chromium.org
Change-Id: Icb4ef22342424f95463a7a9c57fa0bb8d910ac19
Reviewed-on: https://chromium-review.googlesource.com/448564
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43569}
WASM interpreter requires that parameters are stored in big-endian natural
memory order (higher bits on lower addresses and lower bits on higher address).
On the other hand, WASM compiled code naturally stores data in memory in
little-endian order. This CL implements big-endian support for passing
double and int64 parameters to WASM interpreter.
TEST=cctest/test-wasm-interpreter-entry/TestArgumentPassing_int64,
cctest/test-wasm-interpreter-entry/TestArgumentPassing_AllTypes
Review-Url: https://codereview.chromium.org/2721053002
Cr-Commit-Position: refs/heads/master@{#43568}
- No callbacks for std::sort of integer typed arrays when user-defined
comparison is not given
- Use template function, instead of macro, for comparison function
- Do not sort if the array size is less than or equal to 1
BUG=v8:5953
Review-Url: https://codereview.chromium.org/2726153003
Cr-Commit-Position: refs/heads/master@{#43565}
This involved adding a count_ member to SloppyBlockFunctionMap, so
to avoid making DeclarationScope larger, this patch makes the
creation of the map lazy, thus reducing the size of DeclarationScope
by several words in the process.
BUG=chromium:688567
Change-Id: If9a9eb2ccc01690fe10edadb3aa9625454ff4a19
Reviewed-on: https://chromium-review.googlesource.com/448701
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43558}
This makes the assumption about new-space allocation in the CSA more clear.
Additionally AllocateInNewSpace asserts that the allocation will fit in the
new-space in a debug build.
Change-Id: Ica5e7e12656dcdaa2c739b3d300fdcbaeb2355a2
Reviewed-on: https://chromium-review.googlesource.com/448043
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43557}
- Implements Select instructions using a single ARM vbsl instruction.
- Renames boolean machine operators to match renamed S1xN machine types.
- Implements S1xN vector logical ops, AND, OR, XOR, NOT for ARM.
- Implements S1xN AnyTrue, AllTrue ops for ARM.
- Eliminates unused SIMD op categories in opcodes.h.
LOG=N
BUG=v8:6020
Review-Url: https://codereview.chromium.org/2711863002
Cr-Commit-Position: refs/heads/master@{#43556}
This CL fixes a bug in the implementation of the code generation of
kArm64Tst32, where the shift input operand of kArm64Tst32 was ignored.
Please take a special look at the fix in kArm64Tst. I applied the fix
there as well, but because of differences in the instruction selector
I was not able to write a test for it.
R=v8-arm-ports@googlegroups.com
BUG=v8:6028
Review-Url: https://codereview.chromium.org/2729853003
Cr-Commit-Position: refs/heads/master@{#43555}
This hack is causing false "last-resort" garbage collections.
When incremental marking is in progress and overshoots the limit,
our heuristics in the allocator request finishing the mark-compact
because V8 is in optimize-for-memory mode.
However, the mark-compact gets replaced by scavenger which leads to
retrying the allocation two times and eventually doing last resort GC
(which throws away all the marking info).
BUG=chromium:697119
Review-Url: https://codereview.chromium.org/2723003003
Cr-Commit-Position: refs/heads/master@{#43554}
BinopMatcher does not notify the reducers using it when it flips inputs to commutative operators. This leads to value numbering not being re-executed in this case. Together with the fact that value numbering might still reduce such a modified node in the case of a hash collision merging the buckets of two equivalent nodes, this leads to unpredictable behaviour.
This is the easiest fix for the problem: Always running value numbering last. This is also a performance improvement because value numbering never changes but only replaces nodes.
R=mstarzinger@chromium.org
Review-Url: https://codereview.chromium.org/2728983002
Cr-Commit-Position: refs/heads/master@{#43552}
Turbofan is a lot slower than Crankshaft at constructing TypedArrays,
because we always go to the C++ builtin. Port the builtin to CSA
to improve performance, and to clean up the implementation, which is
split across multiple files and pieces at the moment.
This CL increases the performance with --future to roughly the same
as with crankshaft.
BUG=v8:5977
Change-Id: Id0d91a4592de41a3a308846d79bd44a608931762
Reviewed-on: https://chromium-review.googlesource.com/448537
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43548}
This reverts commit 5c200fa0f1.
Reason for revert: Relies on changes that were reverted.
Original change's description:
> [builtins] Delete unused TypedArrayInitialize intrinsic.
>
> This CL only deletes code. We dont call these anymore, so they are safe
> to remove.
>
> BUG=v8:5977
>
> Change-Id: I59889c3dbb9c2610f3502d582b6c307b1fb4f63b
> Reviewed-on: https://chromium-review.googlesource.com/448517
> Commit-Queue: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#43543}
TBR=cbruni@chromium.org,petermarshall@chromium.org,bmeurer@chromium.org,v8-reviews@googlegroups.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5977
Change-Id: I41f32b0b8f74bcfdf9afbd7cc150cca9f5edd199
Reviewed-on: https://chromium-review.googlesource.com/448563
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43545}
This reverts commit 5c200fa0f1.
Reason for revert: Breaks compile:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20builder/builds/23538
Maybe conflicts with a change that just landed.
Original change's description:
> [builtins] Delete unused TypedArrayInitialize intrinsic.
>
> This CL only deletes code. We dont call these anymore, so they are safe
> to remove.
>
> BUG=v8:5977
>
> Change-Id: I59889c3dbb9c2610f3502d582b6c307b1fb4f63b
> Reviewed-on: https://chromium-review.googlesource.com/448517
> Commit-Queue: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#43543}
TBR=cbruni@chromium.org,petermarshall@chromium.org,bmeurer@chromium.org,v8-reviews@googlegroups.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5977
Change-Id: Iba1611f4c93d105a4163338b59bda42ea7937443
Reviewed-on: https://chromium-review.googlesource.com/448562
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43544}
This CL only deletes code. We dont call these anymore, so they are safe
to remove.
BUG=v8:5977
Change-Id: I59889c3dbb9c2610f3502d582b6c307b1fb4f63b
Reviewed-on: https://chromium-review.googlesource.com/448517
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43543}
... instead of inlining the dispatchers' code. This should reduce the size of the generated
builtins code.
BUG=
Change-Id: Ia3f68ea8b398f049bad87f6ce93c818f0af4674f
Reviewed-on: https://chromium-review.googlesource.com/447938
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43542}
First part of relanding d2c093bcaf.
BUG=chromium:651354
Change-Id: I34ebea331d482d5039626ccff48b11ad175793ee
Reviewed-on: https://chromium-review.googlesource.com/448518
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43541}
This unifies the search for a potential {IfException} projection with
the existing predicate on {NodeProperties} used by the rest of the
system. Also contains a related drive-by change to graph builders. This
is in preparation of eliding {IfSuccess} projections when possible.
R=jarin@chromium.org
Change-Id: I8ba0ae9e9fdb69a77bce01578200ceea434535f7
Reviewed-on: https://chromium-review.googlesource.com/448039
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43540}
