This adds initial support for inline allocation of object and array
literals to the JSCreateLowering pass. It's basically identical to
what Crankshaft does.
This also unstages the TurboFan escape analysis, as the lowering seems
to trigger a bunch of bugs in it; those bugs will be fixed separately,
and we will re-enable escape analysis afterwards.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1698783002
Cr-Commit-Position: refs/heads/master@{#33972}
Older versions of Emscripten appear to emit Asm.js containing:
HEAP8[x] with x in int
As opposed to the spec legal construct:
HEAP8[x>>0] with x in int
As older programs and even benchmarks such as Embenchen
include these constructs, support them for compatibility.
BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-asm-validator,mjsunit/asm-wasm
R=aseemgarg@chromium.org,titzer@chromium.org
LOG=N
Review URL: https://codereview.chromium.org/1692713006
Cr-Commit-Position: refs/heads/master@{#33964}
This is hopefully the last in a series of cleanup patches around
destructuring assignment. It simplifies the ParseAssignmentExpression
API, making the callers call CheckDestructuringElement() where appropriate.
CheckDestructuringElement has been further simplified to only emit the
errors that the parser depends on it emitting.
I've also beefed up the test coverage in test-parsing.cc to
handling all the destructuring flags being on, which caught an oddity
in how we disallow initializers in spreads in patterns (we need to treat
RewritableAssignmentExpressions as Assignments for the purpose of
error checking).
Finally, I added a few helper methods to ParserBase to handle a few
classes of expressions (assignments and literals-as-patterns).
Review URL: https://codereview.chromium.org/1696603002
Cr-Commit-Position: refs/heads/master@{#33961}
This change expands allocation sampling to include old, map, code, and large object spaces. This involved refactoring much of the observation logic out of NewSpace into Space and overriding as needed in sub-classes.
Additionally, the sampling heap profiler now maintains a pair of heap observers. One observer is used for observing new space and resetting the inline allocation limit to be periodically notified of allocations. The other observes allocation across the other spaces where there is no additional work required to observe allocations.
Tests have been updated to ensure that allocations are observed correctly for Paged and LargeObject spaces.
R=ofrobots@google.com, hpayer@chromium.org, ulan@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1625753002
Cr-Commit-Position: refs/heads/master@{#33959}
Recent flake happened bacause all the samples landed into native code.
The patch makes sure we collect enough JS samples.
BUG=v8:4751
LOG=N
Review URL: https://codereview.chromium.org/1695663002
Cr-Commit-Position: refs/heads/master@{#33953}
Adds JumpIfNotHoleConstant and JumpIfNotHoleConstantWide bytecodes
and removes JumpIfHole bytecode.
In situations with large numbers of constants, the generator would
fail because an 8-bit constant could not be reserved for
JumpIfHole/JumpIfNotHole and so a 16-bit constant would be reserved.
Then when patching the bytecode the patcher would discover there was
no wide constant variant of the emitted jump.
BUG=v8:4280,v8:4680
LOG=N
Review URL: https://codereview.chromium.org/1697473002
Cr-Commit-Position: refs/heads/master@{#33952}
There are only two uses of %_ObjectEquals left, which should actually
use strict equality instead, so there's no need to keep this special
logic at all.
R=mvstanton@chromium.org
Review URL: https://codereview.chromium.org/1692193002
Cr-Commit-Position: refs/heads/master@{#33948}
This removes support for the %Arguments and %ArgumentsLength runtime
entries and their intrinsic counterparts. If you need variable arguments
in any builtin, either use (strict) arguments object or rest parameters,
which are both compositional across inlining (in TurboFan), and not that
much slower compared to the %_Arguments hackery.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1688163004
Cr-Commit-Position: refs/heads/master@{#33943}
The tests in question have been disabled because throwing into lazy
deoptimized code was borked. After recent fixes landed these tests
should now pass again.
R=jarin@chromium.org
TEST=cctest/test-run-deopt/DeoptExceptionHandler
BUG=v8:4195
LOG=n
Review URL: https://codereview.chromium.org/1692873002
Cr-Commit-Position: refs/heads/master@{#33937}
The idea here is to perform the handler lookup in the deoptimizer, and then take the information from the handler table to build the catch handler frame in the deoptimizer. Specifically, we use the pc offset, context location and stack height (in full-code) to tweak the output frame.
Sadly, this still requires nasty voodoo for the liveness analyzer so that it keeps variables alive if they are used in the catch handler.
Review URL: https://codereview.chromium.org/1416543006
Cr-Commit-Position: refs/heads/master@{#33936}
This was causing code like:
REX.W cmpq r9,r8
setzl r8l
movzxbl r8,r8
REX.W cmpq r8,0x0
jz 185
(note the cmpq instead of cmpl above) on x64 instead of:
REX.W cmpq r9,r8
jnz 149
http://crrev.com/1677503002 is now obsolete and has been reverted.
Review URL: https://codereview.chromium.org/1685183003
Cr-Commit-Position: refs/heads/master@{#33934}
Reason for revert:
No fix needed, original CL was perfectly fine!
Original issue's description:
> Revert of [interpreter] Correctly thread through catch prediction. (patchset #1 id:1 of https://codereview.chromium.org/1690973002/ )
>
> Reason for revert:
> Depends on the reverted https://codereview.chromium.org/1691723002
>
> Original issue's description:
> > [interpreter] Correctly thread through catch prediction.
> >
> > This change correctly sets the {CatchPrediction} field in exception
> > handler tables for bytecode and optimized code. It also adds tests
> > independent of promise handling for this prediction, to ensure all our
> > backends are in sync on their prediction.
> >
> > R=rmcilroy@chromium.org,yangguo@chromium.org
> > TEST=mjsunit/compiler/debug-catch-prediction
> > BUG=v8:4674
> > LOG=n
> >
> > Committed: https://crrev.com/ba55f5594cb0b4a1a1e9b35d87fe54afe2d93f3b
> > Cr-Commit-Position: refs/heads/master@{#33906}
>
> TBR=rmcilroy@chromium.org,yangguo@chromium.org,mstarzinger@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:4674
>
> Committed: https://crrev.com/c5229b311968fd638a6cd537c341b1055eb7be97
> Cr-Commit-Position: refs/heads/master@{#33922}
TBR=rmcilroy@chromium.org,yangguo@chromium.org,adamk@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4674
Review URL: https://codereview.chromium.org/1689113004
Cr-Commit-Position: refs/heads/master@{#33933}
Remove some Ignition skips in mjsunit and cctest, and replace a few
others with fails now that the there is more debugger support.
BUG=v8:4680
LOG=N
Review URL: https://codereview.chromium.org/1689993002
Cr-Commit-Position: refs/heads/master@{#33932}
The FastNewStrictArgumentsStub is very similar to the recently added
FastNewRestParameterStub, it's actually almost a copy of it, except that
it doesn't have the fast case we have for the empty rest parameter. This
patch improves strict arguments in TurboFan and fullcodegen by up to 10x
compared to the previous version.
Also introduce proper JSSloppyArgumentsObject and JSStrictArgumentsObject
for the in-object properties instead of having them as constants in the
Heap class.
Drive-by-fix: Use this stub and the FastNewRestParameterStub in the
interpreter to avoid the runtime call overhead for strict arguments
and rest parameter creation.
R=jarin@chromium.orgTBR=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/1693513002
Cr-Commit-Position: refs/heads/master@{#33925}
Reason for revert:
Depends on the reverted https://codereview.chromium.org/1691723002
Original issue's description:
> [interpreter] Correctly thread through catch prediction.
>
> This change correctly sets the {CatchPrediction} field in exception
> handler tables for bytecode and optimized code. It also adds tests
> independent of promise handling for this prediction, to ensure all our
> backends are in sync on their prediction.
>
> R=rmcilroy@chromium.org,yangguo@chromium.org
> TEST=mjsunit/compiler/debug-catch-prediction
> BUG=v8:4674
> LOG=n
>
> Committed: https://crrev.com/ba55f5594cb0b4a1a1e9b35d87fe54afe2d93f3b
> Cr-Commit-Position: refs/heads/master@{#33906}
TBR=rmcilroy@chromium.org,yangguo@chromium.org,mstarzinger@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4674
Review URL: https://codereview.chromium.org/1695613002
Cr-Commit-Position: refs/heads/master@{#33922}
This fact is depended upon by, at least, Parser::ParseLazy, and quite
likely by other code. There was already code in %FunctionSetName
enforcing this invariant. This patch adds similar code to
Factory::NewSharedFunctionInfo().
BUG=v8:4659
LOG=n
Review URL: https://codereview.chromium.org/1686193003
Cr-Commit-Position: refs/heads/master@{#33914}
Instead of doing a full function body traversal we collect return expressions and mark them after function parsing.
And since we rewrite do-expressions so that the result is explicitly assigned to a result variable the statements marking will never hit so I removed it from the AST.
BUG=v8:4698
LOG=N
Review URL: https://codereview.chromium.org/1693523002
Cr-Commit-Position: refs/heads/master@{#33911}
Apparently, this BytecodeArrayIterator method was missed during the
previous refactor. No other (collateral) change was done.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1691433002
Cr-Commit-Position: refs/heads/master@{#33909}
This replaces the bytecode in question with a runtime call within the
bytecode stream. The tradeoff is to safe one bytecode opcode for more
expensive encoding of lookup slot deletion.
R=rmcilroy@chromium.org
Review URL: https://codereview.chromium.org/1690913002
Cr-Commit-Position: refs/heads/master@{#33907}
This change correctly sets the {CatchPrediction} field in exception
handler tables for bytecode and optimized code. It also adds tests
independent of promise handling for this prediction, to ensure all our
backends are in sync on their prediction.
R=rmcilroy@chromium.org,yangguo@chromium.org
TEST=mjsunit/compiler/debug-catch-prediction
BUG=v8:4674
LOG=n
Review URL: https://codereview.chromium.org/1690973002
Cr-Commit-Position: refs/heads/master@{#33906}
Reason for revert:
[Sheriff] Breaks the tree:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20builder/builds/13892
Blamelists are wrong because of overloaded master. The trybots on this CL might have been outdated by the time of commit... Please rebase and retry.
Original issue's description:
> [Interpreter] Rename GetCountOperand to GetRegisterCountOperand.
>
> Apparently, this BytecodeArrayIterator method was missed during the
> previous refactor. No other (collateral) change was done.
>
> BUG=v8:4280
> LOG=N
>
> Committed: https://crrev.com/3781ca79f5c48b55d7f0bf6df370ec11515a1466
> Cr-Commit-Position: refs/heads/master@{#33897}
TBR=oth@chromium.org,rmcilroy@chromium.org,mstarzinger@chromium.org,ssanfilippo@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4280
Review URL: https://codereview.chromium.org/1690963002
Cr-Commit-Position: refs/heads/master@{#33900}
Apparently, this BytecodeArrayIterator method was missed during the
previous refactor. No other (collateral) change was done.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1691433002
Cr-Commit-Position: refs/heads/master@{#33897}
In the case of a simple fast-mode receiver without fancy properties, we
can just walk over the descriptor array to find all its initial property
names. As long as the map stays the same, we can also use that
descriptor array to figure out how to handle the properties.
This speeds up
https://github.com/kpdecker/six-speed/tree/master/tests/object-assign by
~2x.
BUG=
Review URL: https://codereview.chromium.org/1688953004
Cr-Commit-Position: refs/heads/master@{#33895}
This is a follow-up to https://crrev.com/1671863002, adding the
capability to print the contents of the constant pool. The expected
type of the pool is taken from command line, and it's either:
* string/int/double: assume all constants have the specified type.
This way, we can emit a meaningful representation, e.g. a quoted
string for type string and so on. All the constants in the pool must
have the same type, otherwise one or more CHECK() will fail and the
program will eventually crash.
* mixed: print the InstanceType tag instead of the actual value.
This is the choice for those tests where the type of the constants in
the pool is not uniform, however only a type tag is printed, not the
actual value of the entries. SMIs are an exception, since they do not
have an InstanceType tag, so kInstanceTypeDontCare is printed instead.
In addition to that, functions Print{ExpectedSnippet,BytecodeSequence}
have been extracted with no functional change. It's just for improving
readability, since the code is becoming quite long.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1686963002
Cr-Commit-Position: refs/heads/master@{#33888}
1) Update profiling counters in Full codegen.
2) Call Runtime::kTraceTailCall when tracing is on
test/mjsunit/es6/tail-call-simple.js is disabled for now, because Turbofan does not fully support TCO yet.
BUG=v8:4698
LOG=N
Review URL: https://codereview.chromium.org/1670133002
Cr-Commit-Position: refs/heads/master@{#33886}
Add dedicated %LoadLookupSlot, %LoadLookupSlotInsideTypeof,
%LoadLookupSlotForCall, %StoreLookupSlot_Sloppy and
%StoreLookupSlot_Strict runtime entry points and use them
appropriately in the various compilers. This way we can
finally drop the machine operators from the JS graph level
completely in TurboFan.
Also drop the funky JSLoadDynamic operator from TurboFan,
which was by now just a small wrapper around the runtime
call to %LoadLookupSlot.
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/1683103002
Cr-Commit-Position: refs/heads/master@{#33880}
