In native context specialization, we attempt to use map-based feedback to do optimized named and element loads and stores. Tragically, it could happen that any maps we encounter for a load have been deprecated. The right thing to do here is reoptimize later, let the IC subsystem update the map.
BUG=
Review-Url: https://codereview.chromium.org/2187283002
Cr-Commit-Position: refs/heads/master@{#38143}
With black allocation turned on we have no guarantee that the target array is
white and will be visited by the marker. Only execute the fast path when we are
allowed to skip the barrier.
R=hpayer@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2188713004
Cr-Commit-Position: refs/heads/master@{#38142}
The timing scopes don't come for free and in the case of wrapper creation only add
overhead. This CL removes the histogram timer for CallAs(Function|Constructor) and
Function::(NewInstance|Call).
BUG=chromium:630217
Review-Url: https://codereview.chromium.org/2188193002
Cr-Commit-Position: refs/heads/master@{#38138}
Change was meant to be in previous patch but was accidentally reverted.
README.md updated with new filename, also.
BUG=
Review-Url: https://codereview.chromium.org/2184223005
Cr-Commit-Position: refs/heads/master@{#38134}
In the process also inline the stub into the appropriate interpreter bytecode
handler and make sure that the context register is preserved in hand-written
assembly code that calls the stub and expects the context register to be
preserved.
BUG=608675
Review-Url: https://codereview.chromium.org/2188993003
Cr-Commit-Position: refs/heads/master@{#38132}
Reason for revert:
Still crashing.
Original issue's description:
> [heap] Reland "Remove black pages and use black areas instead."
>
> BUG=chromium:630969,chromium:630386
> LOG=n
>
> Committed: https://crrev.com/9e37a07c8de0a20ef2681e26824ff4d329102603
> Cr-Commit-Position: refs/heads/master@{#38057}
TBR=ulan@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=chromium:630969,chromium:630386
Review-Url: https://codereview.chromium.org/2183383004
Cr-Commit-Position: refs/heads/master@{#38129}
Split the monster methods in JSNativeContextSpecialization into smaller
ones, adding appropriate helpers. Improve the condition checking for
strings and numbers using CheckString/CheckNumber when applicable. Also
try to merge compatible PropertyAccessInfos, to avoid running into the
polymorphic case whenever possible.
Drive-by-fix: Don't try to resurrect dead nodes during LoadElimination.
With the improve code generation for monomorphic loads, we seem to
trigger the dead node resurrection.
R=epertoso@chromium.org
BUG=v8:4930,v8:5141
Review-Url: https://codereview.chromium.org/2191823002
Cr-Commit-Position: refs/heads/master@{#38127}
perf-turbo.py merges a perf data file and a turbofan trace file into a
single json object which can then be piped to a file and uploaded to
turbolizer to display the profiling data in the disassembly. With the
changes, turbolizer now shows the event counts for instruction in
percentage form and with heatmap-stype colouring. Multiple different
events can be recorded at once with a new drop-down menu to select which
event to view the counts of. The documentation has been updated with
instructions. Using the script is optional and turbolizer retains
previous functionality if a trace without profiling data is uploaded.
BUG=None
Review-Url: https://codereview.chromium.org/2174803002
Cr-Commit-Position: refs/heads/master@{#38124}
This reduces the size of GetStrongGcSubrootName() from 77 KB to 10KB.
BUG=5240
Review-Url: https://codereview.chromium.org/2189633003
Cr-Commit-Position: refs/heads/master@{#38123}
port e1ad114ed2 (r38056)
original commit message:
Reason for revert:
Fix has been landed.
Original issue's description:
> Revert of [interpreter] Add explicit OSR polling bytecode. (patchset #6 id:100001 of https://codereview.chromium.org/2172233002/ )
>
> Reason for revert:
> Bunch of breakages. Maybe bad interaction with e520e5da55 ?
>
> E.g.:
> https://build.chromium.org/p/client.v8/builders/V8%20Linux64/builds/11607
>
> Original issue's description:
> > [interpreter] Add explicit OSR polling bytecode.
> >
> > This adds an explicit {OsrPoll} bytecode into every loop header which
> > triggers on-stack replacement when armed. Note that each such bytecode
> > stores the static loop depths as an operand, and hence can be armed for
> > specific loop depths.
> >
> > This also adds builtin code that triggers OSR compilation and switches
> > execution over to optimized code in case compilation succeeds. In case
> > compilation fails, the bytecode dispatch just continues unhindered.
> >
> > R=rmcilroy@chromium.org
> > TEST=mjsunit/ignition/osr-from-bytecode
> > BUG=v8:4764
> >
> > Committed: https://crrev.com/a55beb68e0ededb3773affa294a71edc50621458
> > Cr-Commit-Position: refs/heads/master@{#38043}
>
> TBR=rmcilroy@chromium.org,mstarzinger@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:4764
>
> Committed: https://crrev.com/439aa2c6d708bfd95db725bd6f97c4c49bbc51fc
> Cr-Commit-Position: refs/heads/master@{#38044}
BUG=
Review-Url: https://codereview.chromium.org/2190903002
Cr-Commit-Position: refs/heads/master@{#38122}
Use it like this:
Program received signal SIGTRAP, Trace/breakpoint trap.
[Switching to Thread 0x7f50d02c4700 (LWP 8152)]
base::debug::(anonymous namespace)::DebugBreak ()
at ../../base/debug/debugger_posix.cc:230
230 }
(gdb) bt
at ../../base/debug/debugger_posix.cc:230
...
args_object=0x7f50d02bfe00, isolate=0x2f001c9e2020)
at ../../v8/src/builtins/builtins-api.cc:123
...
(gdb) jss
(gdb) bt
isolate=0x2f001c9e2020, is_construct=false, target=..., receiver=...,
argc=1, args=0x7f50d02c0518, new_target=...)
at ../../v8/src/execution.cc:111
isolate=0x2f001c9e2020, callable=..., receiver=..., argc=1,
argv=0x7f50d02c0518) at ../../v8/src/execution.cc:168
...
R=yangguo@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2186013002
Cr-Commit-Position: refs/heads/master@{#38121}
port ba092fb09a (r37971)
original commit message:
So far we don't have a useful way to inline Math.max or Math.min in
TurboFan optimized code. This adds new operators NumberMax and NumberMin
and changes the Float64Max/Float64Min operators to have JavaScript
semantics instead of the C++ semantics that it had previously.
This also removes support for recognizing the tenary case in the
CommonOperatorReducer, since that doesn't seem to have any positive
impact (and actually doesn't show up in regular JavaScript, where
people use Math.max/Math.min instead).
BUG=
Drive-by-fix: Also nuke the unused Float32Max/Float32Min operators.
Review-Url: https://codereview.chromium.org/2187463005
Cr-Commit-Position: refs/heads/master@{#38119}
The isolate_driver automatically adds referenced shared
libraries. They don't need to be listed explicitly.
The hard-coded location blocks the GN transition
as the library location is different in GYP and GN.
BUG=chromium:474921
NOTRY=true
Review-Url: https://codereview.chromium.org/2190543003
Cr-Commit-Position: refs/heads/master@{#38113}
This adds the build target inspector_protocol_parser_test, which depends
on several more inspector protocol related targets. The resulting
gtest executable runs, but has failures that have to be fixed.
GN build configuration will follow.
A copy of v8-inspector/js_protocol.json has been included to be able to
use it before the actual migration.
BUG=chromium:580337
Review-Url: https://codereview.chromium.org/2184733002
Cr-Commit-Position: refs/heads/master@{#38111}
This patch updates internal data structures used by V8 to support
multiple indirect function tables (WebAssembly/design#682). But, since
this feature is post-MVP, the functionality is not directly exposed and
parsing/generation of WebAssembly is left unchanged. Nevertheless, it
is being used in an experiment to implement fine-grained control flow
integrity based on C/C++ types.
BUG=
Review-Url: https://codereview.chromium.org/2174123002
Cr-Commit-Position: refs/heads/master@{#38110}
Rolling v8/build to 0a8d7715646009e2d0935f72462c481be22c6de4
Rolling v8/tools/mb to 1d3f4544cadd78d89c8c71c37ef5474ac2b1e297
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2191643003
Cr-Commit-Position: refs/heads/master@{#38109}
Reason for revert:
Blocks the roll:
https://codereview.chromium.org/2189443003/
Doesn't work with the last chromium gyp bot.
Original issue's description:
> MIPS: Fix mksnapshot on big-endian.
>
> Paritally revert standalone.gypi changes in a451bd1a68 and introduce a new separate variable for the mkpeephole.
>
> On big-endian MIPS, qemu is used to build the snapshot,
> because there's no simulator support for big-endian MIPS.
>
> BUG=
>
> Committed: https://crrev.com/928d2395c3fdf836cf9961cde96e6b274a6b1e20
> Cr-Commit-Position: refs/heads/master@{#38103}
TBR=oth@chromium.org,machenbach@google.com,akos.palfi@imgtec.com
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review-Url: https://codereview.chromium.org/2182633010
Cr-Commit-Position: refs/heads/master@{#38108}
This removes the ability to directly access the {FunctionType} stored
within a {CallInterfaceDescriptor}. The field is in the process of being
deprecated and should no longer be accessed.
R=bmeurer@chromium.org
Review-Url: https://codereview.chromium.org/2191533002
Cr-Commit-Position: refs/heads/master@{#38107}
Introduce an appropriate StringCharCodeAt simplified operator and use
that to optimize the String.prototype.charCodeAt/.charAt builtins.
R=epertoso@chromium.org
Review-Url: https://codereview.chromium.org/2180373005
Cr-Commit-Position: refs/heads/master@{#38106}
Paritally revert standalone.gypi changes in a451bd1a68 and introduce a new separate variable for the mkpeephole.
On big-endian MIPS, qemu is used to build the snapshot,
because there's no simulator support for big-endian MIPS.
BUG=
Review-Url: https://codereview.chromium.org/2172653002
Cr-Commit-Position: refs/heads/master@{#38103}
Default icu data file for all architectures was set to icudtl.dat, for
big endian this should be icudtb.dat. This will fix intl tests for big
endian once v8 rolls to a newer version of icu that supports big endian.
BUG=
TEST=intl/*
Review-Url: https://codereview.chromium.org/2182043002
Cr-Commit-Position: refs/heads/master@{#38102}
Remove TODO to perform same optimization as AstGraphBuilder.
When visiting for effect in a postfix count operation, don't
keep the intermediate result of ToNumber.
BUG=v4:4280
LOG=n
Review-Url: https://codereview.chromium.org/2187823002
Cr-Commit-Position: refs/heads/master@{#38101}
All supported ARM targets support unaligned accesses for integer
accesses. This patch removes the remnants of support for older targets.
BUG=v8:5077
Review-Url: https://codereview.chromium.org/2184823002
Cr-Commit-Position: refs/heads/master@{#38099}
