Even in optimized code we can utilize the various load and store IC
trampolines to save code space when it's an IC in the outermost
function, as in that case the trampoline can just take the vector
from the parent's frame.
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2776073005
Cr-Commit-Position: refs/heads/master@{#44226}
This should be the fastest case, as we can just copy the backing store
directly. Adding this test so that we can monitor if upcoming changes
regress this path.
BUG=v8:5977
Change-Id: I021a199061ac845f265a906bda68b7ad3e8d5708
Reviewed-on: https://chromium-review.googlesource.com/461183
Reviewed-by: Franziska Hinkelmann <franzih@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44225}
Move builtin definitions (i.e. BUILTIN_LIST and family) to a separate header
in preparation for auto-generation of TFS interface descriptors.
BUG=v8:6116
Review-Url: https://codereview.chromium.org/2784793002
Cr-Commit-Position: refs/heads/master@{#44221}
Now that Ignition has the dedicated TestTypeOf operator, there's not
really a point in doing the typeof with abstract/strict equal combining
in TurboFan anymore. In fact it's counter-productive to do so, as it
might try to cover typeof comparisons in cases where it's better to just
compute the typeof once, i.e.:
let x = typeof a, y = typeof b;
if (x === y) {
if (x === 'string') {
...
}
}
Here we would combine the second comparison into an ObjectIsString, and
still compute the typeof a.
R=jarin@chromium.org
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2780953003
Cr-Commit-Position: refs/heads/master@{#44220}
When we call from TurboFan to a CSA or C++ builtin, we can avoid the
ArgumentsAdaptorFrame in case of a parameter arity mismatch by just
filling up missing arguments with undefined or removing additional
arguments on the call site already. This is safe for CSA/C++ builtins,
since those that care about variable arguments are marked with the
kDontAdaptArgumentsSentinel.
R=danno@chromium.org
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2684963002
Cr-Commit-Position: refs/heads/master@{#44218}
Reason for revert:
Breaks layout tests:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/14569
Original issue's description:
> [inspector] console get all information from inspector when needed
>
> With this CL we don't need to store reference to InspectedContext inside of JavaScript console object and able to get all required information from callback data.
> It allows us to implement console methods without taking in account how and where we create and store these methods:
> - later we can move console object implementation to builtins..
> - ..and install command line API methods smarter.
>
> BUG=chromium:588893
> R=dgozman@chromium.org
>
> Review-Url: https://codereview.chromium.org/2784713002
> Cr-Commit-Position: refs/heads/master@{#44212}
> Committed: 908cd38123TBR=dgozman@chromium.org,kozyatinskiy@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:588893
Review-Url: https://codereview.chromium.org/2784603003
Cr-Commit-Position: refs/heads/master@{#44217}
Compare bytecode handlers does several checks to collect feedback and
repeats these checks when actually performing the operation. This cl
changes it perform the actual comparison for smi / number along with
collecting feedback.
BUG=v8:4280
Change-Id: If0954b68dd232461e08e94a90ccc17604c235b27
Reviewed-on: https://chromium-review.googlesource.com/458420
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44216}
Compilation can fail e.g. on stack overflow. This ensures that we exit
early from StringReplaceGlobalRegExpWithString in that case.
BUG=v8:5437,chromium:705934
Review-Url: https://codereview.chromium.org/2778953004
Cr-Commit-Position: refs/heads/master@{#44215}
With this CL we don't need to store reference to InspectedContext inside of JavaScript console object and able to get all required information from callback data.
It allows us to implement console methods without taking in account how and where we create and store these methods:
- later we can move console object implementation to builtins..
- ..and install command line API methods smarter.
BUG=chromium:588893
R=dgozman@chromium.org
Review-Url: https://codereview.chromium.org/2784713002
Cr-Commit-Position: refs/heads/master@{#44212}
Currently, V8 uses the same size counter to measure module sizes for both asm.js
and WASM. This CL separates the counter into two separate counters, and then
uses the appropriate counter when decoding.
BUG=chromium:704922
R=mtrofin@chromium.org,bradnelson@chromium.org
Review-Url: https://codereview.chromium.org/2777203005
Cr-Commit-Position: refs/heads/master@{#44211}
Currently, V* uses the same size counter to measure the maximum number
of memory pages allocated by a module for both asm.js and WASM. This
CL separates the counter into two separate counters, and then uses the
appropriate counter when measuring.
BUG=chromium:704922
R=mtrofin@chromium.org,bradnelson@chromium.org
Review-Url: https://codereview.chromium.org/2783713002
Cr-Commit-Position: refs/heads/master@{#44210}
A couple bugs had led code in one Context to be able to lead to
estimated memory usage in another Context, even in cases that should be
easy to detect.
- Ensure that the pointer to the next context is nulled out while
recursing over the portion of the heap. It seems like there was
previously some code to do this partway, but the nulling part
was left out.
- Skip including maps in the understanding of the Context estimated
size, as the maps are shared between Contexts and may be reachable
from other Contexts
Review-Url: https://codereview.chromium.org/2780773002
Cr-Commit-Position: refs/heads/master@{#44208}
Currently, V8 uses the same counter to measue module decoding peak memory bytes
for both asm.js and WASM. This CL separates the counter into two separate
counters, and then uses the appropriate counter when decoding a module.
BUG=chromium:704922
R=bbudge@chromium.org,bradnelson@chromium.org,mtrofin@chromium.org
Review-Url: https://codereview.chromium.org/2778973003
Cr-Commit-Position: refs/heads/master@{#44207}
Currently, V8 uses the same size counter to measure function byte sizes for both
asm.js and WASM. This CL separates the counter into two separate counters, and
then uses the appropriate counter when decoding.
BUG=chromium:704922
R=bbudge@google.com,bradnelson@chromium.org
Review-Url: https://codereview.chromium.org/2780783003
Cr-Commit-Position: refs/heads/master@{#44205}
Currently, V8 uses the same size counter to measure the minimum number of memory pages allocated by a module for both asm.js and WASM. This CL separates the counter into two separate counters, and then uses the appropriate counter when measuring.
BUG=chromium:704922
R=mtrofin@chromium.org,bradnelson@chromium.org
Review-Url: https://codereview.chromium.org/2781453004
Cr-Commit-Position: refs/heads/master@{#44204}
Fix a few items broken during review of scanner + parser:
* Make the scanner retain stale newline state on a rewind (as otherwise it must be able to correctly rewind that too, though it doesn't need it). (Probably should revisit).
* Change StashCode in the builder skip to the zero case, as it crashes for some reason (added TODO).
Also fix:
* Drop test based on constant expression evaluation in main parser
* Support constant defined based on existing constant.
* Type constants as signed.
* Added a check that all used functions are defined eventually.
* Zone allocate strings for simplicity (TODOs to refactor better).
BUG=v8:6090
BUG=v8:4203
R=mstarzinger@chromium.org,marja@chromium.org,vogelheim@chromium.org
Review-Url: https://codereview.chromium.org/2771183002
Cr-Original-Commit-Position: refs/heads/master@{#44200}
Committed: be0dbdd679
Review-Url: https://codereview.chromium.org/2771183002
Cr-Commit-Position: refs/heads/master@{#44203}
Reason for revert:
Fails on gc-stress.
Original issue's description:
> [wasm][asm.js] Fix and enable several asm.js tests with the new parser.
>
> Fix a few items broken during review of scanner + parser:
> * Make the scanner retain stale newline state on a rewind (as otherwise it must be able to correctly rewind that too, though it doesn't need it). (Probably should revisit).
> * Change StashCode in the builder skip to the zero case, as it crashes for some reason (added TODO).
>
> Also fix:
> * Drop test based on constant expression evaluation in main parser
> * Support constant defined based on existing constant.
> * Type constants as signed.
> * Added a check that all used functions are defined eventually.
> * Zone allocate strings for simplicity (TODOs to refactor better).
>
> BUG=v8:6090
> BUG=v8:4203
> R=mstarzinger@chromium.org,marja@chromium.org,vogelheim@chromium.org
>
> Review-Url: https://codereview.chromium.org/2771183002
> Cr-Commit-Position: refs/heads/master@{#44200}
> Committed: be0dbdd679TBR=clemensh@chromium.org,bradnelson@google.com,marja@chromium.org,mstarzinger@chromium.org,vogelheim@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:6090
Review-Url: https://codereview.chromium.org/2782613002
Cr-Commit-Position: refs/heads/master@{#44201}
Fix a few items broken during review of scanner + parser:
* Make the scanner retain stale newline state on a rewind (as otherwise it must be able to correctly rewind that too, though it doesn't need it). (Probably should revisit).
* Change StashCode in the builder skip to the zero case, as it crashes for some reason (added TODO).
Also fix:
* Drop test based on constant expression evaluation in main parser
* Support constant defined based on existing constant.
* Type constants as signed.
* Added a check that all used functions are defined eventually.
* Zone allocate strings for simplicity (TODOs to refactor better).
BUG=v8:6090
BUG=v8:4203
R=mstarzinger@chromium.org,marja@chromium.org,vogelheim@chromium.org
Review-Url: https://codereview.chromium.org/2771183002
Cr-Commit-Position: refs/heads/master@{#44200}
This extends the existing insertion of soft deopts during early lowering
from loads to stores (both named and keyed). It now covers all property
access operations. Next we will handle monomorphic type feedback when
applicable.
R=bmeurer@chromium.org
Change-Id: I6138744682cdbdbdb7274851aa81fb075229c309
Reviewed-on: https://chromium-review.googlesource.com/459482
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44198}
Currently, V8 uses the same counter to collect decoding time for both asm.js and
WASM. This separates the function decoding counter into two separate counters,
and then uses the appropriate counter when decoding a module.
BUG=chromium:704922
R=bbudge@chromium.org,bradnelson@chromium.org
Review-Url: https://codereview.chromium.org/2772363002
Cr-Commit-Position: refs/heads/master@{#44197}
Don't put internalized parser handles in a DeferredHandleScope if we aren't
going to compile concurrently since this has a performance cost.
BUG=chromium:686658
Change-Id: Id89d197b863569346895583e6df79134e79a5d4b
Reviewed-on: https://chromium-review.googlesource.com/461879
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44196}
- support register expression for addresses, e.g.: $r15-1
- show whether addresses are in the minidump with "*"
- show decoded Smis with dd
- dd without arguments continues printing the next words
Change-Id: I1a6a4f9f470c25eee7da1381014252e723ef5f7c
Reviewed-on: https://chromium-review.googlesource.com/461900
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44192}
Introduce 'contextual keyword' tokens, which are parsed as identifiers but
in some contexts are treated by the parser like proper keywords. These are
usually keywords introduced by recent ECMAScript versions, which for reasons
of backwards compatibility are still permissible as regular identifiers in
most contexts.
Current usage is to check for Token::IDENTIFIER and then do a string
compare. With this change the initial scan will scan them as usual, but
will then record the token as IDENTIFIER plus a secondary token with the
'contextual' value.
BUG=v8:6902
Change-Id: I6ae390382998cf756a23720bd481cb9c0eb78a72
Reviewed-on: https://chromium-review.googlesource.com/459479
Commit-Queue: Daniel Vogelheim <vogelheim@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44189}
This extends the existing insertion of soft deopts during early lowering
from named loads to keyed loads as well (i.e. from just {JSLoadName} to
{JSLoadProperty}). Stores will be handled in a follow-up change.
R=bmeurer@chromium.org
Change-Id: I6ad7d0a3561f9160e15e13c64ec5255b4f45e614
Reviewed-on: https://chromium-review.googlesource.com/459421
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44187}
We were not implementing the specified ToWebAssemblyValue coercion at
all. This caused a failure on arm architectures.
R=ahaas@chromium.org
BUG=v8:5822
TEST=mjsunit/wasm/interpreter
Change-Id: Ic77cfd13007d45308bafa285d517f3820a3b1c80
Reviewed-on: https://chromium-review.googlesource.com/461859
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44185}
Implement ASSEMBLE_ATOMIC_LOAD/STORE_INTEGER using acquire/release instructions,
to match the existing ASSEMBLE_ATOMIC_EXCHANGE_INTEGER macro.
BUG=v8:6097
Review-Url: https://codereview.chromium.org/2760963002
Cr-Commit-Position: refs/heads/master@{#44184}
TurboFan didn't support transitioning stores that also need to grow the
properties backing store so far. This CL adds support for re-allocating
the properties backing store in-place, so these stores can participate
properly in various optimizations like escape analysis and allocation
folding.
R=ishell@chromium.org
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2778133003
Cr-Commit-Position: refs/heads/master@{#44183}
This implements support for named captures in
RegExp.prototype[@@replace] for when the replaceValue is not callable.
Named captures can be referenced from replacement strings by using the
"$<name>" syntax. A couple of examples:
let re = /(?<fst>.)(?<snd>.)/u;
"abcd".replace(re, "$<snd>$<fst>") // "bacd"
"abcd".replace(re, "$2$1") // "bacd" (numbered refs work as always)
"abcd".replace(re, "$<snd") // SyntaxError (unterminated named ref)
"abcd".replace(re, "$<42$1>") // "cd" (invalid name)
"abcd".replace(re, "$<thd>") // "cd" (non-existent name)
"abcd".replace(/(?<fst>.)|(?<snd>.)/u, "$<snd>") // "cd" (non-matched capture)
Support is currently behind the --harmony-regexp-named-captures flag.
BUG=v8:5437
Review-Url: https://codereview.chromium.org/2775303002
Cr-Original-Commit-Position: refs/heads/master@{#44171}
Committed: 17f13863b6
Review-Url: https://codereview.chromium.org/2775303002
Cr-Commit-Position: refs/heads/master@{#44182}
In a recent CL (https://codereview.chromium.org/2738683003) I changed
the generation of call instructions on arm to emit a constant pool if
necessary. However it can happen now that a call is generated within a
PredictableSizeScope, which causes a crash if a constant pool is
actually emitted, which naturally changes the size of the generated
code. With this CL I add a flag to the generation of a call where we
can state explicitly that for particular calls, i.e. those calls within
a PredictableSizeScope, we do not want to emit a constant pool.
BUG=chromium:704528
Change-Id: I7740d5440d007a2a5457c524aa8eec1b74944d57
Reviewed-on: https://chromium-review.googlesource.com/459602
Reviewed-by: Jacob Bramley <jacob.bramley@arm.com>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44181}
Reason for revert:
Invalid DCHECKs for non-matched groups.
Original issue's description:
> [regexp] Named capture support for string replacements
>
> This implements support for named captures in
> RegExp.prototype[@@replace] for when the replaceValue is not callable.
>
> Named captures can be referenced from replacement strings by using the
> "$<name>" syntax. A couple of examples:
>
> let re = /(?<fst>.)(?<snd>.)/u;
> "abcd".replace(re, "$<snd>$<fst>") // "bacd"
> "abcd".replace(re, "$2$1") // "bacd" (numbered refs work as always)
> "abcd".replace(re, "$<snd") // SyntaxError (unterminated named ref)
> "abcd".replace(re, "$<42$1>") // "cd" (invalid name)
> "abcd".replace(re, "$<thd>") // "cd" (non-existent name)
> "abcd".replace(/(?<fst>.)|(?<snd>.)/u, "$<snd>") // "cd" (non-matched capture)
>
> Support is currently behind the --harmony-regexp-named-captures flag.
>
> BUG=v8:5437
>
> Review-Url: https://codereview.chromium.org/2775303002
> Cr-Commit-Position: refs/heads/master@{#44171}
> Committed: 17f13863b6TBR=yangguo@chromium.org,littledan@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5437
Review-Url: https://codereview.chromium.org/2776293003
Cr-Commit-Position: refs/heads/master@{#44180}
This CL removes code which is based on the assumption that if
WebAssembly code says that memory accesses are aligned, that they are
really aligned. On arm, memory accesses crashed when this assumption
was violated.
Most likely this CL will cause a performance regression on arm. At the
moment we plan to fix this regression eventually by using arm NEON
instructions in V8.
R=titzer@chromium.org
Change-Id: Ibb60fa1ef0173c13af813a3cb7eb26bfa2a847c2
Reviewed-on: https://chromium-review.googlesource.com/451297
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44179}
