From asm.js code we might get an empty ArrayBuffer as heap memory. In
this case, both the old memory start and the new memory start will be
nullptr. The size however has to be patched from default_size to 0.
This CL changes code specialization to be able to either patch memory
references, or patch memory sizes or both.
R=titzer@chromium.org, ahaas@chromium.org
BUG=chromium:698587
Change-Id: I4d9d811d75cb83842f23df317e8e7fc02aeb5146
Reviewed-on: https://chromium-review.googlesource.com/450257
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43613}
This makes the collection logic of {Projection} nodes (i.e. value
projections for multi-value returning calls) more robust. The projection
nodes by now have a control input, which in turn can make them appear
more than once in the use list of a call. We should limit the use list
inspection to value edges only. This is in preparation of eliding any
redundant {IfSuccess} control node.
R=jarin@chromium.org
Change-Id: I9bb4cc0e2e877976be55a894af972aa83d07d7d7
Reviewed-on: https://chromium-review.googlesource.com/450244
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43608}
Instead of creating a signed comparison with INT_MAX, create an unsigned
comparison with 0. This saves a few bytes in the generated code.
R=jarin@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2715513007
Cr-Commit-Position: refs/heads/master@{#43606}
DataPropertyParameters are not specific to StoreDataProperty.
Rename it to FeedbackParameter, so it can be used for similar
ICs, e.g., future CollectTypeProfile. Also, the parameter for spread calls contains just one parameter, remove the plural s.
BUG=
Review-Url: https://codereview.chromium.org/2725263003
Cr-Commit-Position: refs/heads/master@{#43604}
The previous fix (http://crrev.com/2720813002) was problematic for
functions containing i64 parameters or returns. Those would throw a
TypeError when called via WASM_TO_JS and JS_TO_WASM.
Instead, we now unwrap the WASM_INTERPRETER_ENTRY function and call it
directly. This removes the option to later redirect back to the
original wasm function, but this functionality is not needed currently.
Plus drive-by fix to put functions in anonymous namespace in
wasm-compiler.cc.
R=ahaas@chromium.org, titzer@chromium.org
BUG=v8:5971, v8:5822
Review-Url: https://codereview.chromium.org/2725333002
Cr-Commit-Position: refs/heads/master@{#43603}
The function list is now filtered by category by default, and sorting improved to break ties better.
Since the butterfly trees get massive, I had to start expanding the call trees on demand. This is implemented by keeping track of all ticks that cross given tree node (+ position where they crosses it). This seems to work quite well - in subsequent CL, I am planning to flip the bottom-up and top-down trees to use this.
Review-Url: https://codereview.chromium.org/2730293002
Cr-Commit-Position: refs/heads/master@{#43602}
The previous method was too brittle as applying a variable number of arguments to Date can be manipulated in too many ways, e.g. concat and apply semantics.
The new method shoud suffice for most cases.
BUG=chromium:698305
NOTRY=true
TBR=yangguo@chromium.org,mstarzinger@chromium.org
Change-Id: If6baf6ca8f1534c41ab8c50a5c507df89fbf0d16
Reviewed-on: https://chromium-review.googlesource.com/449653
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43601}
Adwords dominates the numbers and is flaky. Speedometer is measured elsewhere.
Perf sheriffs: This will change the numbers on the RuntimeStats benchmarks.
Change-Id: Id64863b41b95269987c95d48ce90f24cfa86b86d
Reviewed-on: https://chromium-review.googlesource.com/449674
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43598}
A previous patch lifting the restriction on invalid escape sequences in
tagged templates had a bug when two template tokens appeared immediately
adject to each other. This moves invalid escape information from the
tokenizer state proper into the TokenDesc, preventing the overwriting
which caused this issue.
Previous CL is at
https://codereview.chromium.org/2665513002
BUG=v8:6029,v8:5546
Review-Url: https://codereview.chromium.org/2724003006
Cr-Commit-Position: refs/heads/master@{#43596}
We don't need the JSStrictNotEqual operator in the compiler, because
this is never generated by the BytecodeGraphBuilder, and the code in
the AstGraphBuilder was dead code. Also remove the backing builtin
StrictNotEqual.
R=mstarzinger@chromium.org
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2727003006
Cr-Commit-Position: refs/heads/master@{#43594}
Spinning up a new background task is expensive, and many times an existing
task will finish it's work before a new task starts work on a job, so enable
the existing tasks to do more than one background job.
BUG=v8:5203
Change-Id: Ibbef317c8bb3921c36a096fed88d244716be9c42
Reviewed-on: https://chromium-review.googlesource.com/441706
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43593}
The callsite in ConstructByArrayBuffer could have a length that is
above Smi range if the buffer had such a length. Check this before
calling. Add a test too.
BUG=v8:5977, chromium:698201
Change-Id: Ic22046a31607f1f85642c8caf7f5ed064edb3110
Reviewed-on: https://chromium-review.googlesource.com/449813
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43589}
This refactoring is preparatory work to enable ICU to be the backend
for timezone information rather than system calls. In the process, a
bit of code duplication that was inserted in the Solaris port patch is
eliminated here among modern POSIX backends.
One possible performance downside of this patch is that it introduces
a virtual method call for operations which were previously not virtual
methods. However, a couple factors mitigate this effect:
- The DateCache minimizes the need for calls into the TimezoneCache
- These calls were already not very high performance, as they included
a system call which requires an RPC to get out of the sandbox, and
they are surrounded by C++ builtins, which require a JS to C++
transition.
- A future transition to ICU, enabled by this refactoring, may improve
performance by eliminating the system call.
BUG=v8:6031
Review-Url: https://codereview.chromium.org/2731463003
Cr-Commit-Position: refs/heads/master@{#43588}
If the imported wasm function is being debugged (i.e. redirects to the
interpreter), call it via the JS_TO_WASM stub, such that we can disable
the breakpoint later by patching the exported function.
This also contains a drive-by fix in wasm-translation.cc (for the case
that all known positions are bigger than the requested one).
R=titzer@chromium.org, kozyatinskiy@chromium.org
BUG=v8:5971, v8:5822
Review-Url: https://codereview.chromium.org/2720813002
Cr-Commit-Position: refs/heads/master@{#43583}
We should throw a RangeError for offset % elementSize before
length.toPrimitive is observable. Adds a test that checks this, too.
BUG=v8:6037
Change-Id: Ie9f2551c8e8fb0018b508762ac93cdc470e15dde
Reviewed-on: https://chromium-review.googlesource.com/449792
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43582}
The parameters for ConstructWithSpread and CallWithSpread both
contain the arity for JavaScript calls with a spread as the
last parameter and have the same functionality. Simplify them as
one parameter.
BUG=
Review-Url: https://codereview.chromium.org/2729143002
Cr-Commit-Position: refs/heads/master@{#43581}
Second part of relanding d2c093bcaf.
BUG=chromium:651354
Change-Id: I4d48e870ac3a630ee1c286a86e630b8cf52cadf9
Reviewed-on: https://chromium-review.googlesource.com/449712
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43580}
Materialized literal removal is a follow up to https://chromium-review.googlesource.com/443246
In addtion, remove ParserBase::Checkpoint; it was for restoring materialized
literal counts and expected property counts, but actually the expected property
count tracking was incorrect ("this" in arrow function param list binds to the
outside, so it's correct without the checkpoint):
(a, b = this.c = 0) => { }
BUG=
Change-Id: Ic097f6d2e7cb235166fb3a76af3bf5584bc167f0
Reviewed-on: https://chromium-review.googlesource.com/449733
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43579}
This should improve generated code. It is also one step in preparation
for LoadIC inlining - explicitly deferred blocks are currently necessary
to help the scheduler omit frame construction.
BUG=v8:5917
Review-Url: https://codereview.chromium.org/2732613002
Cr-Commit-Position: refs/heads/master@{#43577}
The pattern of creating a hidden catch scope occurs several times, so
define a helper for it.
BUG=
Change-Id: I5831378341d86d41bfb015bd3e687183cc79ac20
Reviewed-on: https://chromium-review.googlesource.com/448559
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43574}
In lazy compilation, we only compile one function at a time, and we
might not have the wire bytes of the whole module available.
This CL prepares the WasmCompilationUnit for this setting.
It will also be helpful for streaming compilation.
Also, the ErrorThrower (which might heap-allocate) is not stored in the
WasmCompilationUnit any more. Instead, it is passed to the
FinishCompilation method which is allowed to heap-allocate.
R=titzer@chromium.org, ahaas@chromium.org
BUG=v8:5991
Review-Url: https://codereview.chromium.org/2726553003
Cr-Commit-Position: refs/heads/master@{#43573}
We can compile a !== a and Number.isNaN(a) to ObjectIsNaN. The former is
commonly used to check for NaN, i.e. in case of equals in AngularJS.
R=jarin@chromium.org
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2722483003
Cr-Commit-Position: refs/heads/master@{#43572}
This is always the single variable declared in the catch scope.
BUG=
Change-Id: I05ccc48f57394268432c9b5b8c76f9db1b3b6312
Reviewed-on: https://chromium-review.googlesource.com/448041
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43571}
Later manipulation of Array.prototype.concat could lead to calling the Date constructor with empty arguments list. This let a non-mocked date slip in.
BUG=chromium:698097
NOTRY=true
TBR=yangguo@chromium.org,mstarzinger@chromium.org
Change-Id: Ib4bd97e06ea7be8c32d0057d42943f9f82ea6b5f
Reviewed-on: https://chromium-review.googlesource.com/449732
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43570}
The old proxy only mocked out constructor calls and didn't intercept function application. It also kept the original constructor property, through which non-mocked dates could be constructed again.
BUG=chromium:697870
NOTRY=true
R=mstarzinger@chromium.org,yangguo@chromium.org
Change-Id: Icb4ef22342424f95463a7a9c57fa0bb8d910ac19
Reviewed-on: https://chromium-review.googlesource.com/448564
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43569}
WASM interpreter requires that parameters are stored in big-endian natural
memory order (higher bits on lower addresses and lower bits on higher address).
On the other hand, WASM compiled code naturally stores data in memory in
little-endian order. This CL implements big-endian support for passing
double and int64 parameters to WASM interpreter.
TEST=cctest/test-wasm-interpreter-entry/TestArgumentPassing_int64,
cctest/test-wasm-interpreter-entry/TestArgumentPassing_AllTypes
Review-Url: https://codereview.chromium.org/2721053002
Cr-Commit-Position: refs/heads/master@{#43568}
- No callbacks for std::sort of integer typed arrays when user-defined
comparison is not given
- Use template function, instead of macro, for comparison function
- Do not sort if the array size is less than or equal to 1
BUG=v8:5953
Review-Url: https://codereview.chromium.org/2726153003
Cr-Commit-Position: refs/heads/master@{#43565}
