The embedder is expected to arrange for the array buffer contents to be
transferred into a v8::ArrayBuffer in the receiving context (generally by
assuming ownership of the externalized backing store).
BUG=chromium:148757
Review-Url: https://codereview.chromium.org/2275033003
Cr-Commit-Position: refs/heads/master@{#38948}
The accumulator is always part of the translation for every interpreted
frame. The assumption is that all frames are in {TOS_REGISTER} state.
This however is not supported for non-topmost frames and we need to
avoid pushing the accumulator onto the machine stack.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2271153003
Cr-Commit-Position: refs/heads/master@{#38945}
These DCHECKs were causing several test failures or r6. They should not
be here because only NEG.PS format was removed in r6, NEG.S and NEG.D
instructions remain.
BUG=
Review-Url: https://codereview.chromium.org/2276563006
Cr-Commit-Position: refs/heads/master@{#38944}
Floating point negate instructions are still present in release 6, only
one format of neg is removed, NEG.PS. Others formats can be used and in
r6 they also change the sign of NaN-like operands as well. This makes r6
generated code simpler for Neg_d and Neg_s macroassembler functions.
BUG=
Review-Url: https://codereview.chromium.org/2285703002
Cr-Commit-Position: refs/heads/master@{#38943}
on architectures that do not support missaligned memory access
BUG=unittests/AstDecoderTest.Float64Const, unittests/AstDecoderTest.Float32Const
Review-Url: https://codereview.chromium.org/2275323002
Cr-Commit-Position: refs/heads/master@{#38941}
New space evaucation in MC supports, similar to scavenges, fall back allocation
in old space.
For new space evacuation we support stick and non-sticky modes for fallback. The
sticky mode essentially removes the capability to allocate in new space while
the non-sticky mode only falls back for a single allocation.
We use the non-sticky mode for allocations that are too large for a LAB but
should still go in new space. When such an allocation fails in new space, we
allocate in old space in non-sticky mode as we would still like to reuse the
remainder memory in new space. However, in such a case we fail to properly
report the space allocated in resulting in a missed recorded slot.
BUG=chromium:641270
R=ulan@chromium.org
Review-Url: https://codereview.chromium.org/2280943002
Cr-Commit-Position: refs/heads/master@{#38940}
This CL fixes the first bug I found with the new fuzzing. The problem is
that the number of locals is unbounded. This CL bounds the number of
locals of one type with 8000000, an arbitrary number.
R=titzer@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2271803004
Cr-Commit-Position: refs/heads/master@{#38936}
Rebuilding (after touching certain files) is crazy slow because
includes are out of control. Many of these files we need to rebuild are
cctests which pull in more includes than they need.
BUG=v8:5294
Review-Url: https://codereview.chromium.org/2278103002
Cr-Commit-Position: refs/heads/master@{#38933}
Using the dedicated simplified operator we are able to eliminate
redundant neuterung checks as long as there is no call in the
effect chain. This yields a nice speed up for the Octane Mandreel
benchmark (and TypedArray-heavy workloads in general).
R=jarin@chromium.org
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2279213002
Cr-Commit-Position: refs/heads/master@{#38932}
Introduce a new TypedOptimization reducer that contains the type
based optimization reduction steps, which are not (directly)
related to lowering JavaScript operators based on types (which is
what JSTypedLowering is supposed to do).
This also addresses a chicken-and-egg problem that we see in the
Octane/Mandreel benchmark where type based constant folding isn't
applied to the numeric comparison operators introduced by the
JSTypedLowering itself, and thus gives up to 10% speedup for the
benchmark.
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2280673003
Cr-Commit-Position: refs/heads/master@{#38928}
This patch:
1. Removes the unecessary inheritance of ParserBaseTraits<Impl>
in ParserBase<Impl>.
2. Flattens ParserBaseTraits<Impl> and renames it to
ParserTypes<Impl>. The Traits parameter/member is renamed to
Types.
3. Removes unecessary v8::internal:: qualifications from parser
types.
R=adamk@chromium.org, marja@chromium.org
BUG=
LOG=N
Review-Url: https://codereview.chromium.org/2279773002
Cr-Commit-Position: refs/heads/master@{#38927}
This interleaves setting names and values in the scope info. It's a little messy since globals and locals are interleaved, but afaiu globals is going away.
BUG=v8:5209
Review-Url: https://codereview.chromium.org/2272293004
Cr-Commit-Position: refs/heads/master@{#38925}
They are both accumulated at the same time, and either one already triggered
an error in ValidateExpression. Basically, there were no disjoint uses of
these two error types.
Review-Url: https://codereview.chromium.org/2268173005
Cr-Commit-Position: refs/heads/master@{#38922}
If the parser creates a catch scope, the variable is also added to
ordered_variables_ so just always do that.
Otherwise, it's not possible to create a ScopeInfo for that catch scope
R=verwaest@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2278963002
Cr-Commit-Position: refs/heads/master@{#38921}
Previously the calls to ExpressionClassifier::Accumulate() each chose
slightly different sets of productions to accumulate, and it turned
out that these were in some cases broader than needed and in some
cases less broad.
The existence of some grab-bag production bitmasks like
ExpressionClassifier::ExpressionProductions made this situation more
error-prone (for example, that production was missing AsyncArrowFormalParametersProduction).
This patch removes all "grab-bags" besides AllProductions. In some of
the places where code was using those grab-bags for convenience, it
switches them to use negation of AllProductions. In other, specifically
those having to do with expressions that are disallowed anywhere in
a sub-expression of a parameter list, I've added a new method on
ExpressionClassifier to centralize the logic.
The aforementioned centralization/addition of
AsyncArrowFormalParametersProduction fixes several cases where we were
failing to report an error for 'await' in some contexts; I've added
those test cases.
The patch also narrows all cases to exactly the set or productions
necessary, with a comment on each explaining the choice.
BUG=v8:4483
Review-Url: https://codereview.chromium.org/2271063002
Cr-Commit-Position: refs/heads/master@{#38918}
Decrease regular heap object size to 400k. In a follow up, we can now get rid of
the new space border page while keeping the 1M minimum new space size.
This reverts commit 1617043c10.
BUG=chromium:636331
Review-Url: https://codereview.chromium.org/2278653003
Cr-Commit-Position: refs/heads/master@{#38916}
Suitably scary warnings attached, as this will yet evolve (notably to handle
host objects, which are not currently handled).
Unit tests adjusted to use the public version of ValueSerializer, eliminating
any need they have to access v8::internal.
With this, Blink can begin using this code experimentally behind a flag as it
develops.
BUG=chromium:148757
Review-Url: https://codereview.chromium.org/2274693002
Cr-Commit-Position: refs/heads/master@{#38915}
Transferral is not included in this CL, nor is SharedArrayBuffer.
BUG=chromium:148757
Review-Url: https://codereview.chromium.org/2264403004
Cr-Commit-Position: refs/heads/master@{#38913}
Record details, such as cumulative duration, number of steps, and longest steps
in IncrementalMarkingDetails which get populated at a single callsite
(AddScopeSample). Remove member fields that thus become obsolete (unfortunately
not all of them).
Additional remove some dead code and refactor printing. Printing in a single
statement allows for using logcat on Android.
This should also address the regression in chromium:640524.
BUG=chromium:639818,chromium:640524
R=jochen@chromium.org
Review-Url: https://codereview.chromium.org/2269093002
Cr-Commit-Position: refs/heads/master@{#38912}
These tests were spliced out of changelist 2216353002 and extended.
BUG=
Review-Url: https://codereview.chromium.org/2245263003
Cr-Commit-Position: refs/heads/master@{#38906}
I could only test this with FreeBSD and OSX
(on the Node.js CI).
I don't know if the fix is correct for other BSD platforms.
Review-Url: https://codereview.chromium.org/2251603004
Cr-Commit-Position: refs/heads/master@{#38905}
DuplicateFinder isn't actually used by the Scanner, except for one
convenience function which we should probably remove, also.
BUG=
Review-Url: https://codereview.chromium.org/2281443002
Cr-Commit-Position: refs/heads/master@{#38904}
Unlike Crankshaft, Turbofan does not provide a context when trying to grow
elements. Depending on the code path we might end up updating transitioning
elements kinds in allocation sites for which we need access to the current
context. Unlike GrowCapacityAndConvert, the newly introduced GrowCapacity simply
returns false in cases where map transitions are involved.
BUG=chromium:637279
Patch by Camillo Bruni <cbruni@chromium.org>,
originally reviewed at https://codereview.chromium.org/2244983004/
Review-Url: https://codereview.chromium.org/2252393002
Cr-Commit-Position: refs/heads/master@{#38901}
