This CL introduces 4 test that verify that the effects of a grow_memory
instruction executed in a function invoked inside a loop are visible
also when the loop is over. This is needed because the
AnalyzeLoopAssignment method in function-body-decoder.cc is creating Phi
nodes only for variables assigned inside the loop. The test cases
introduced by this CL verify that the mem_size and mem_start variables
are always correct.
The tests verify the output of the current_memory instruction and the
result of loading a variable stored in the grown memory inside the
loop in the following cases:
* the memory is grown in a directly called function inside a loop;
* the memory is grown in an indirectly called function inside a loop.
R=ahaas@chromium.org,clemensh@chromium.org,gdeepti@chromium.org
Change-Id: I2992bf4086b5eac9580c87e2e0ca06364b99714c
Reviewed-on: https://chromium-review.googlesource.com/637911
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Enrico Bacis <enricobacis@google.com>
Cr-Commit-Position: refs/heads/master@{#47674}
We reset profiler ticks when the feedback changes so that we could tier
up functions with more stable feedback. We missed resetting these ticks
for call / construct bytecodes. This cl fixes it.
Bug:
Change-Id: Ia912dfee0495c776d9fc517a887a2fdd999773ab
Reviewed-on: https://chromium-review.googlesource.com/635846
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47673}
This reverts commit 6b4dc039a6.
Reason for revert: Mips build failure: https://build.chromium.org/p/client.v8.ports/builders/V8%20Mips%20-%20builder/builds/11749
Original change's description:
> [wasm] Refactor function body decoder
>
> This refactoring separates graph building from wasm decoding. The
> WasmGraphBuilder is just a consumer of the decoded information.
> Decoding without any consumer (i.e. just validation) gets 16% faster by
> this refactoring, because no TFNode* have to be stored in the value
> stack, and all dynamic tests to determine whether the graph should be
> build are gone (measured on AngryBots; before: 110.2 +- 3.3ms, after:
> 92.2 +- 3.1 ms).
>
> This new design will allow us to also attach other consumers, e.g. a
> new baseline compiler.
>
> R=titzer@chromium.org
>
> Bug: v8:6600
> Change-Id: I4b60f2409d871a16c3c52a37e515bcfb9dbb8f54
> Reviewed-on: https://chromium-review.googlesource.com/571010
> Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
> Reviewed-by: Ben Titzer <titzer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47671}
TBR=titzer@chromium.org,clemensh@chromium.org
Change-Id: I76a50e355f0390cc53a2da4ceedd8830ca20a9c6
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6600
Reviewed-on: https://chromium-review.googlesource.com/640870
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47672}
This refactoring separates graph building from wasm decoding. The
WasmGraphBuilder is just a consumer of the decoded information.
Decoding without any consumer (i.e. just validation) gets 16% faster by
this refactoring, because no TFNode* have to be stored in the value
stack, and all dynamic tests to determine whether the graph should be
build are gone (measured on AngryBots; before: 110.2 +- 3.3ms, after:
92.2 +- 3.1 ms).
This new design will allow us to also attach other consumers, e.g. a
new baseline compiler.
R=titzer@chromium.org
Bug: v8:6600
Change-Id: I4b60f2409d871a16c3c52a37e515bcfb9dbb8f54
Reviewed-on: https://chromium-review.googlesource.com/571010
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47671}
This removes overflow check in addition when we have Smi or
Int32 feedback for the addition, and the result is truncated
to word32. Here is an example, assuming that we passed only
integers to this function so far.
function f(a) { return a + 1 | 0; }
If the result of the addition is word32-truncated, there is no need
for an overflow check.
Until now, we would only eliminate the overflow check
if we knew that the static types of the inputs guaranteed that
the result is in safe integer range. With this CL, we use the
checked type from the feedback, too (but we do not propagate the
truncation!).
Bug: v8:5267,v8:6764
Change-Id: Ia2f929600758f58e6e7db52fef638a0e56c936a9
Reviewed-on: https://chromium-review.googlesource.com/635083
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47668}
Make sure there is a matching Leave for each Enter. Otherwise it ends up
with a dead stack-allocated object in the timer chain.
The patch incorporates the following fixes:
- RuntimeCallTimerScope::RuntimeCallTimerScope(HeapObject* ...) did create a
local object instead of calling an overloaded constructor.
- InterpreterCompilationJob::ExecuteJobImpl made an implicit call to a default
copy constructor of TimerScope which led to a single Enter was made per two
Leaves.
- InterpreterCompilationJob::FinalizeJobImpl was calling RuntimeCallTimerScope
from a background thread, which caused timer scopes become unbalanced.
- RuntimeCallTimerScope constructors were put into counters-inl.h which is not
included into most usages of RCS. That led to a suboptimal performance.
- Added thread check into Enter and Leave
BUG=chromium:669329
Change-Id: Ib5cff0e02e0b6c8b56a03ca3a5ebc37d93fcde55
Reviewed-on: https://chromium-review.googlesource.com/637307
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Alexei Filippov <alph@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47666}
When we use a WasmCompiledModule for a second instance (i.e. the first
instance has been collected already by the GC), we reset all instance
specialization data the WasmCompiledModule contains, and then patch in
the new instance specialization data. However, we guarded the reset of
memory references, and in the referenced issue the memory references
were not reset and therefore later patched incorrectly during
instantiation. With this CL we change the condition and reset now every
time the current version of a WasmCompiledModule contains non-default
values.
R=mtrofin@chromium.org
CC=mstarzinger@chromium.org
TEST=mjsunit/regress/regress-crbug-759327
Bug: chromium:759327
Change-Id: I9a147afd6ad4000b782850dae0b90685759c9dc7
Reviewed-on: https://chromium-review.googlesource.com/638571
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47665}
This won't affect the real release but will give more clusterfuzz + test
coverage on V8 side.
BUG=v8:5516
Change-Id: I6ed29b1a1b23b5bf1ce9a9a9dfe741c53312ee54
Reviewed-on: https://chromium-review.googlesource.com/640373
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47664}
The validator was trying to finalize virtual register assignments in
phi cases, however, since phis may create aliases, we ended up with
an unnecessarily complex design that was the source of pretty much all
validator bugs since its introduction.
This change embraces the fact that phis may create aliases: pending
assessments (==phis) carry a bag of aliased virtual registers.
Bug: chromium:758778
Change-Id: Ib7ded350a726fbc77e9d0ff3eeda7f00acc4de13
Reviewed-on: https://chromium-review.googlesource.com/639530
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47657}
As part of J2V8 development (https://github.com/eclipsesource/J2V8),
we realized that we had a subtle bug in how Isolate scope was created
and it's lifetime managed, see:
https://github.com/eclipsesource/J2V8/issues/313.
Mentioned above bug was fixed, however, what we also noticed is that
V8 API has been constantly and slowly moving to such an API, in which
one has to pass Isolate explicitly to methods and/or constructors. We
found two more places that might have been overlooked. This contribution
adds passing of Isolate pointer explicitly to constructors of
String::Utf8Value and String::Value classes.
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng;master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: I61984285f152aba5ca922100cf3df913a9cb2cea
Reviewed-on: https://chromium-review.googlesource.com/593309
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47656}
Now we create merges, effect phis and phis eagerly. This should make it
easier to add loop support in future.
Bug: v8:5267
Change-Id: I5324aec323feff581f5b34235a0b3d3b8987127c
Reviewed-on: https://chromium-review.googlesource.com/637834
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47651}
We now only require API references to be provided when we
actually deserialize them. Also changed the internal implementation
to avoid copying API references into V8.
R=petermarshall@chromium.org
Bug: v8:6448
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Iddb0465ff6e95020006d41b5e87614dce8f0140b
Reviewed-on: https://chromium-review.googlesource.com/632098
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47649}
This reverts commit 49e3bfd572.
Reason for revert: Primary suspect for blocked roll: 759552
Original change's description:
> [snapshot] Move builtins to dedicated snapshot area
>
> As a first step towards lazy builtin deserialization, this CL moves
> builtins to their own dedicated area in the snapshot blob, physically
> located after startup data and before context-specific data.
>
> The startup- and partial serializers now serialize all seen builtins as
> references, i.e. they only encode the relevant builtin id (taking care
> to preserve special behavior around the interpreter trampoline and
> CompileLazy). Builtins are later fully serialized by the
> BuiltinSerializer. The separate blobs are finally glued together by
> CreateSnapshotBlob.
>
> Deserialization takes the same steps: when we see builtin reference
> bytecodes before builtins have been deserialized, we push to a list of
> deferred builtin references. After builtin deserialization, this list is
> iterated and all builtin references are fixed up.
>
> Bug: v8:6624
> Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
> Change-Id: Idee42fa9c92bdbe8d5b8c4b8bf3ca9dd39634004
> Reviewed-on: https://chromium-review.googlesource.com/610225
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47596}
TBR=yangguo@chromium.org,mlippautz@chromium.org,jgruber@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:6624
Change-Id: I9906c9ea15a623226b890f63bc65876a6f5203f8
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/638331
Reviewed-by: Michael Hablich <hablich@chromium.org>
Commit-Queue: Michael Hablich <hablich@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47648}
The deadlock can happen when we lock a page for processing old to new
references as part of the scavenger while at the same time trying to
lazily sweep another page for retrieving memory. If two tasks decide to
sweep each others pages they will deadlock.
Bug: v8:6754
Change-Id: Ic9fae0eafa5b5a5cb5eaa1c0aac61de24d1b9486
Reviewed-on: https://chromium-review.googlesource.com/636371
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47647}
This makes sure the minimum memory size for WebAssembly modules derived
from asm.js is set to zero. It allows instatiation without allocating an
underlying memory, when such memory is unused. It also fixes a bug in
patching of embedded memory sizes for asm.js modules.
R=ahaas@chromium.org
TEST=mjsunit/regress/regress-crbug-759327
BUG=chromium:759327
Change-Id: If5a965b96a03cbb5ba15bc41fbaf359f74961f41
Reviewed-on: https://chromium-review.googlesource.com/637912
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47646}
This removes dangerous accessors method from the arguments object
accessor classes. The shape of an arguments object might transition,
turning the fields into dictionary mode, making the accessors invalid.
It also fixes a bug in the reported number of embedder fields on the
arguments object.
R=ishell@chromium.org
TEST=cctest/test-api/InternalFieldsOfRegularObjects
Change-Id: Ib7a73608c6236fe8864434e0cfdcb754ae012a75
Reviewed-on: https://chromium-review.googlesource.com/636368
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47643}
This reverts commit 1169f55bbc.
Reason for revert: http://crbug.com/758994
Original change's description:
> Remove obsolete kNumber binop feedback.
>
> With the removal of Crankshaft, kNumber has become obsolete as
> BinaryOperationFeedback. Turbofan uses kNumberOrOddball.
>
> Bug:
> Change-Id: If577f5efcc81d7c08f43908f2764ff0ec6f8747c
> Reviewed-on: https://chromium-review.googlesource.com/628376
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Reviewed-by: Mythri Alle <mythria@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47555}
TBR=jkummerow@chromium.org,jarin@chromium.org,neis@chromium.org,mythria@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Change-Id: I1b33f572f3e6865e00d2468bffcce2ea466814b3
Reviewed-on: https://chromium-review.googlesource.com/637711
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47642}
Get the old table size after converting integer of 'delta' argument.
Converting integer of the argument can execute another javascript code,
and the code can trigger mismatching between table sizes of instance and
table object, which causes redundant memory allocation.
http://webassembly.org/docs/js/#webassemblytableprototypegrow
Bug: chromium:752423
Change-Id: If9a576d20625d0c39342ea5de114e9fc9f230125
Reviewed-on: https://chromium-review.googlesource.com/627248
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47641}
This is just a refactoring in preparation for typing the speculative
integer operation as safe integers.
Bug: v8:5267
Change-Id: I56da91a72655a0733b2cf04afcf33cb1d2aa1415
Reviewed-on: https://chromium-review.googlesource.com/637830
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47640}
This reverts commit f6d735095f.
Reason for revert: Perf regressions https://crbug.com/758126
Original change's description:
> [csa] Refactor large-object handling in string allocation
>
> CSA::AllocateSeq{One,Two}ByteString used its own home-grown handling to
> allocate very large strings. This CL refactors both methods to use
> AllocationFlags::kAllowLargeObjectAllocation instead. Callers now need
> to specify explicitly if large-object allocation is possible or not.
>
> Bug: chromium:636391
> Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng
> Change-Id: I0b7ffb0b083f4e977cea42c500f8f2ee1c60519f
> Reviewed-on: https://chromium-review.googlesource.com/625738
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47504}
TBR=cbruni@chromium.org,jgruber@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: chromium:636391
Change-Id: Iab88ce400f489a677df821d4053bd3678289ae2e
Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/637392
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47639}
Derived projects need easy access to the original V8's implementation of
time to implement Platform interface.
Bug: chromium:751993
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I97ee77929fda5930e7d75ca8609797673485cec3
Reviewed-on: https://chromium-review.googlesource.com/636884
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Sergei Datsenko <dats@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47638}
When the range of all non-bmp characters is passed to
AddUnicodeCaseEquivalents, icu::UnicodeSet::closeOver dutifully tries to
case-fold every single character in that range. Since we already know
this to be a nop, we can simply return instead.
This improves compilation time of /ui regexps by around 100x.
Bug: v8:6727
Change-Id: I79d73c77d6a54cbb5ad2cad0355214ed712b59b9
Reviewed-on: https://chromium-review.googlesource.com/635303
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47636}
Instead of introducing a lot of explicit branching in the
JSNativeContextSpecialization for polymorphic property accesses
that cannot be folded into a single LoadField/StoreField, and which
are mostly invisible and not optimizable for later passes, we now
have a single CompareMaps operator that takes a set of maps (like the
CheckMaps operator) and produces a boolean indicating the result of
the comparison.
R=jarin@chromium.org
Bug: v8:6761
Change-Id: Iee8788e915b762d542acb54feb9931346e442dc0
Reviewed-on: https://chromium-review.googlesource.com/636365
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47635}
TryCatch only clears the pending exception if it has been propagated
through OptionalRescheduleException. This is another tentative fix for
https://crbug.com/754422.
Bug: chromium:754422
Change-Id: Ifbbeed8ef44131a0a010ac6bde3adbbf9fb4c4af
Reviewed-on: https://chromium-review.googlesource.com/637305
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47634}
There's no need to have the StringLengthProtector as a PropertyCell,
since it's only used to guard against deoptimization loops. This also
allows us to remove the use of the CompilationDependencies from the
JSTypedLowering.
R=jarin@chromium.org
Bug: v8:6759
Change-Id: I54a37be6b8064ca3475e3b321f928b6a9903f209
Tbr: mstarzinger@chromium.org
Reviewed-on: https://chromium-review.googlesource.com/637303
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47633}
Optimize the common pattern
for (var i in o) {
if (Object.prototype.hasOwnProperty.call(o, i)) {
// do something
}
}
which is part of the guard-for-in style in ESLint (see the documentation
at https://eslint.org/docs/rules/guard-for-in for details). This pattern
also shows up in React and Ember applications quite a lot (and is tested
by the appropriate Speedometer benchmarks, although not dominating those
benchmarks, since they spent a lot of time in non-TurboFan'ed code).
This improves the forInHasOwnProperty and forInHasOwnPropertySafe micro-
benchmarks in v8:6702, which look like this
function forInHasOwnProperty(o) {
var result = 0;
for (var i in o) {
if (o.hasOwnProperty(i)) {
result += 1;
}
}
return result;
}
function forInHasOwnPropertySafe(o) {
var result = 0;
for (var i in o) {
if (Object.prototype.hasOwnProperty.call(o, i)) {
result += 1;
}
}
return result;
}
by around 4x and allows for additional optimizations in the future, by
also elimiating the megamorphic load when accessing the enumerated
properties.
This changes the interpreter ForInNext bytecode to collect more precise
feedback about the for-in state, which now consists of three individual
states: UNINITIALIZED, MEGAMORPHIC and GENERIC. The MEGAMORPHIC state
means that the ForInNext has only seen objects with a usable enum cache
thus far, whereas GENERIC means that we have seen some slow-mode for..in
objects as well.
R=jarin@chromium.org
Bug: v8:6702
Change-Id: Ibcd75ea9b58c3b4f9219f11bc37eb04a2b985604
Reviewed-on: https://chromium-review.googlesource.com/636964
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47632}
This reverts commit 9b15760286.
Reason for revert:
Seems to be the cause of 100% crashes of runtime-call-stats layout_test on Windows. https://build.chromium.org/p/chromium.webkit/builders/WebKit%20Win7/builds/54947
Original change's description:
> [runtime-call-stats] Fix a long standing crash in RuntimeCallStats::Leave
>
> There must be a matching Leave for each Enter. Otherwise it ends up
> with a dead stack-allocated object in the timer chain.
>
> Drive-by: There was also a bug in
> RuntimeCallTimerScope::RuntimeCallTimerScope(HeapObject* ...) did create a
> local object instead of calling an overloaded constructor.
>
> BUG=chromium:669329
>
> Change-Id: I9aa1c574a854af8beab3d8097efab3a726ad1c8d
> Reviewed-on: https://chromium-review.googlesource.com/634511
> Commit-Queue: Alexei Filippov <alph@chromium.org>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47613}
TBR=rmcilroy@chromium.org,alph@chromium.org,cbruni@chromium.org,rmcilroy@google.com
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: chromium:669329
Change-Id: I57b4fcd2e7bf92a68824d2ac5f40cc74deee0b25
Reviewed-on: https://chromium-review.googlesource.com/636762
Reviewed-by: Alexei Filippov <alph@chromium.org>
Commit-Queue: Alexei Filippov <alph@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47631}
This is so that precise coverage starts with a clean slate.
The old behavior can be emulated by calling getBestEffortCoverage
before starting precise coverage.
R=jgruber@chromium.org
Bug: chromium:757998
Change-Id: Ib3ee2316966f676456198159bdcf8ba8b9d3896f
Reviewed-on: https://chromium-review.googlesource.com/635084
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47629}
Instead of using a word to store the status of the promise, this
patch uses 2 bit on flags.
Bug: v8:5046
Change-Id: Ic651338230dbe1704c68de8652676f236a3298f0
Reviewed-on: https://chromium-review.googlesource.com/634623
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47628}
By adding LoadIC support for JSModuleNamespace objects. The index
of the corresponding slot in the Module's "exports" dictionary is
cached in the feedback vector, so the value can be loaded directly,
without having to call the C++ accessor.
This speeds up the "foo" property access in code like the following
snippet by about 10x:
import * as m from "module.js"
m.foo;
Bug: v8:1569
Change-Id: I152abedcbdc6f90b5bedd203cfdf97ed88d1137c
Reviewed-on: https://chromium-review.googlesource.com/631136
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47625}
