This unifies the calculation of virtual offsets within the escape
analysis pass to go through common helpers. It also switches to safer
accessors for getting FieldAccess and ElementAccess parameters.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2000733002
Cr-Commit-Position: refs/heads/master@{#36423}
In case of calling 'toLocaleString', 'toLocaleTimeString' and
'toLocaleDateString' functions of 'Date' with empty 'locales' and
'options', DateTimeFormat is cached inside 'defaultObjects'.
If we change the timezone the cache is not invalidated.
BUG=v8:5022
TEST=cctest:DateCacheVersion. See the bug
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_noi18n_rel_ng
Review-Url: https://codereview.chromium.org/1985423003
Cr-Commit-Position: refs/heads/master@{#36420}
Rather than bake foreign globals into the module
at compile time, add a __foreign_init__ function that can be called
after instantiation with foreign values gathers using keys
in a separately generated FixedArray.
This is an incremental step towards being able to enable asm->wasm
on for general traffic, behind a flag.
BUG= https://bugs.chromium.org/p/v8/issues/detail?id=4203
TEST=asm-wasm
R=titzer@chromium.org,aseemgarg@chromium.org
LOG=N
Review-Url: https://codereview.chromium.org/1999523002
Cr-Commit-Position: refs/heads/master@{#36418}
At the moment the code assumes C-function returns the address of the
struct with the values. Unfortunately, the arm ABI does not guarantee that.
After this CL, we do not assume that, and instead just take the value from the stack.
BUG=chromium:611885
LOG=n
Review-Url: https://codereview.chromium.org/2000713002
Cr-Commit-Position: refs/heads/master@{#36415}
Reason for revert:
This array only contains Smis, see its only store site five lines above:
array->set(array_size++, Smi::FromInt(i));
If you want to improve something here, use a C++ array instead of a FixedArray. There's no reason to have this short-lived list on the V8 heap.
Original issue's description:
> [keys] Don't omit write barrier after std::sort
>
> BUG=
>
> Committed: https://crrev.com/681ac8979e820d147380b5fdb2aae773e22f1302
> Cr-Commit-Position: refs/heads/master@{#36412}
TBR=mlippautz@chromium.org,cbruni@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review-Url: https://codereview.chromium.org/1996963002
Cr-Commit-Position: refs/heads/master@{#36414}
Reason for revert:
Breaks a KCS demo:
BUG=chromium:611976
Original issue's description:
> [turbofan] Take the immediate size in account when narrowing ia32/x64 word comparison operators.
>
> Trying to re-land http://crrev.com/1948453002 after fixing assembler-x64.cc in http://crrev.com/1962563003.
>
> Before this patch, we would emit a cmp or test with a memory operand only if both of the operands in the IR were loads. Now if either of them is a load and the other one is an immediate, we can use a memory operand if the load representation machine size is wide enough to represent the latter.
>
> Committed: https://crrev.com/2da70f853d7f680d491c37c72d5ef04a85497ba9
> Cr-Commit-Position: refs/heads/master@{#36136}
TBR=bmeurer@chromium.org,epertoso@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
Review-Url: https://codereview.chromium.org/1995303003
Cr-Commit-Position: refs/heads/master@{#36413}
- Move usable functions into proper heap-utils.h/.cc files and remove
utils-inl.h file
- Fix assumptions accross the board relying on certain behavior that is not
invariant
This is a requirement for modifying page size.
BUG=chromium:581412
LOG=N
R=ulan@chromium.org
Review-Url: https://codereview.chromium.org/1999753002
Cr-Commit-Position: refs/heads/master@{#36410}
In VisitArrayLiteral(), we stopped creating boilerplates during
compilation. This created a bug, because we'd emit an HStoreKeyed with an
ElementsKind based on the initial elements kind of the boilerplate. Since
boilerplates may transition as part of elements transition feedback, this can
lead to incorrect values (storing a smi in a double array).
BUG=chromium:606021
Review-Url: https://codereview.chromium.org/2000673002
Cr-Commit-Position: refs/heads/master@{#36408}
Instead of dynamically creating semaphore for each page parallel job,
we create one semaphore for MarkCompact and reuse it.
This patch also removes all instrumentation code that was added to
help with investigation.
BUG=chromium:609249
LOG=NO
Review-Url: https://codereview.chromium.org/1998213002
Cr-Commit-Position: refs/heads/master@{#36407}
For now we treat simplified ObjectIsFoo operators as escaping uses when
it comes to escape analysis. Eventually we want to handle them in the
associated reducer, just like we do with ObjectIsSmi.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2002573002
Cr-Commit-Position: refs/heads/master@{#36404}
- Lane indices are no longer required to be integers. Add index coersion for loads/stores
- Give shift operators masking shift count semantics
- Throw type/range errors instead of runtime asserts.
BUG=v8:4963
LOG=N
R=bbudge@chromium.org, bmeurer@chromium.org
Review-Url: https://codereview.chromium.org/1965443003
Cr-Commit-Position: refs/heads/master@{#36402}
Also change parser to insert %_GeneratorClose instead of %GeneratorClose.
Full-codegen generators will fall back to the runtime function.
BUG=v8:4907
Review-Url: https://codereview.chromium.org/1993073003
Cr-Commit-Position: refs/heads/master@{#36401}
This adds support to materialize JSFunction objects from deoptimization
information. By now we need to support this because TurboFan's escape
analysis can produce virtual (i.e. non-escaping) closures.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/1998143002
Cr-Commit-Position: refs/heads/master@{#36400}
Script position calculation logic (i.e. line & column numbers for a
given code position) is now based on a single method
Script::GetPositionInfo(). Refactored related code in isolate.cc and
js/messages.js to use the new method. The line_ends accessor is still
in use by chromium and thus cannot be removed yet.
R=yangguo@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2003483002
Cr-Commit-Position: refs/heads/master@{#36398}
Reason for revert:
First CF feedback is in, reverting for now until the know bugs are fixed.
Original issue's description:
> [ESNext] Activate async/await for ClusterFuzz
>
> BUG=v8:4483
> R=neis@chromium.org,littledan@chromium.org,caitpotter88@gmail.com
> LOG=N
>
> Committed: https://crrev.com/c57cadfa09fa493141bf43c1c7b898187a71da19
> Cr-Commit-Position: refs/heads/master@{#36362}
TBR=littledan@chromium.org,caitpotter88@gmail.com,neis@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4483
Review-Url: https://codereview.chromium.org/2003503002
Cr-Commit-Position: refs/heads/master@{#36397}
port f241a61a34 (r36360)
original commit message:
We cannot tier up from interpreted to baseline code when there is an
activation of the function on the stack. This significantly regresses
the performance of recursive functions since they are unlikely to get
tiered up.
This CL adds the ability for a function to be marked for baseline
compilation when it returns. To do this we patch the
InterpreterEntryTrampoline return address to point to
InterpreterMarkBaselineOnReturn, which leaves the
interpreted frame and recompile the function for
baseline.
This improves the score of EarlyBoyer by ~8x for Ignition.
BUG=
Review-Url: https://codereview.chromium.org/1998153002
Cr-Commit-Position: refs/heads/master@{#36396}
Introduce three new JS operators in Turbofan:
- JSGeneratorStore is used in implementing Ignition's SuspendGenerator bytecode.
- JSGeneratorRestoreContinuation and JSGeneratorRestoreRegister are used in
implementing Ignition's ResumeGenerator bytecode.
Remove the runtime functions that were used to implement these bytecodes before.
BUG=v8:4907
Review-Url: https://codereview.chromium.org/1991203002
Cr-Commit-Position: refs/heads/master@{#36395}
This patch re-lands #36341 with another fix to make
the amd64-generic build work as well.
R=machenbach@chromium.org, hablich@chromium.org, adamk@chromium.org
BUG=608596, 595653
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:chromeos_daisy_chromium_compile_only_ng,chromeos_amd64-generic_chromium_compile_only_ng,chromeos_x86-generic_chromium_compile_only_ng,linux_chromium_gn_chromeos_rel,linux_chromium_gn_chromeos_dbg
Review-Url: https://codereview.chromium.org/1996513005
Cr-Commit-Position: refs/heads/master@{#36390}
Rolling v8/build to f81cc400005454453b83aad6e47e321a37d092dd
Rolling v8/third_party/android_tools to 5b5f2f60b78198eaef25d442ac60f823142a8a6e
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/1999603003
Cr-Commit-Position: refs/heads/master@{#36387}
port f241a61a34
Original Commit Message:
We cannot tier up from interpreted to baseline code when there is an
activation of the function on the stack. This significantly regresses
the performance of recursive functions since they are unlikely to get
tiered up.
This CL adds the ability for a function to be marked for baseline
compilation when it returns. To do this we patch the
InterpreterEntryTrampoline return address to point to
InterpreterMarkBaselineOnReturn, which leaves the
interpreted frame and recompile the function for
baseline.
This improves the score of EarlyBoyer by ~8x for Ignition.
R=rmcilroy@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com
BUG=v8:4280
LOG=N
Review-Url: https://codereview.chromium.org/1993343002
Cr-Commit-Position: refs/heads/master@{#36384}
In ES2015, the "byteLength" and "byteOffset" properties of DataViews are
getters on the prototype, so the previously-used strategy of special-casing
them using only the receiver map is invalid.
A future CL will need to use the same strategy which will be taken for
TypedArray "length", "byteLength", and "byteOffset": adding a prototype
chain check.
BUG=v8:5018, chromium:593634
Review-Url: https://codereview.chromium.org/1984043002
Cr-Commit-Position: refs/heads/master@{#36382}
This patch is a follow up to https://codereview.chromium.org/1972103002/
adding support for the `Operand_R_LSL_I` addressing mode to loads and
stores for ARM.
Just as the ARM64 implementation, the shift + load/store pattern is only
really relevant to the interpreter. For this reason, this patch does not
add support for the other addressing modes (`R_LSR_I`, `R_ASR_I` and
`R_ROR_I`) as I haven't seen those pattern being generated. Additionally,
the optimization is restricted 32 bit loads and stores.
kind = BYTECODE_HANDLER
name = Star
compiler = turbofan
Instructions (size = 40)
0x22a5f860 0 e2851001 add r1, r5, #1
0x22a5f864 4 e19610d1 ldrsb r1, [r6, +r1]
0x22a5f868 8 e1a0200b mov r2, fp
0x22a5f86c 12 e7820101 str r0, [r2, +r1, lsl #2]
^^^^^^^^^^^^^^^^^^^^^^^^^
0x22a5f870 16 e2855002 add r5, r5, #2
0x22a5f874 20 e7d61005 ldrb r1, [r6, +r5]
0x22a5f878 24 e7981101 ldr r1, [r8, +r1, lsl #2]
^^^^^^^^^^^^^^^^^^^^^^^^^
0x22a5f87c 28 e12fff11 bx r1
BUG=
Review-Url: https://codereview.chromium.org/1974263002
Cr-Commit-Position: refs/heads/master@{#36381}
Move it to HARMONY_STAGED from HARMONY_INPROGRESS.
Update test262.status now that case mapping tests are passing with
'--harmony' specified.
BUG=v8:4476,v8:4477
LOG=Y
TEST=test262/{built-ins,intl402}/Strings/*, webkit/fast/js/*,
mjsunit/string-case, intl/general/case*
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_noi18n_rel_ng
Review-Url: https://codereview.chromium.org/1990083002
Cr-Commit-Position: refs/heads/master@{#36379}
The MLS instruction is available in all ARMv7 devices, and in no ARMv6
devices, aside from the usual ARMv6T2 caveat. We don't need a separate
feature flag for it.
BUG=
Review-Url: https://codereview.chromium.org/1988133004
Cr-Commit-Position: refs/heads/master@{#36378}
- Removing null checks as we always have the CodeRange object (it might be
invalid, but it's there)
- Account for reserved area (Win64) in SetUp so we the caller doesn't need to be
aware of it
R=ulan@chromium.org
Review-Url: https://codereview.chromium.org/1991253002
Cr-Commit-Position: refs/heads/master@{#36377}
Assembler::db() could start a trampoline pool at wrong pc position.
TEST: mjsunit/asm/embenchen/zlib
BUG=
Review-Url: https://codereview.chromium.org/1994143002
Cr-Commit-Position: refs/heads/master@{#36374}
