TurboFan lowering (see [0]) of ConsString creation cannot ensure that
the first part of the cons string is non-empty without introducing a phi
and negatively impacting performance.
This modifies ConsStringIterator to allow empty first parts of
ConsStrings.
BUG=v8:5440
Review-Url: https://codereview.chromium.org/2377983002
Cr-Commit-Position: refs/heads/master@{#39817}
When the inline lookup on a fast-property receiver doesn't find anything,
try a stub cache lookup before going into the runtime. This is much
faster for properties loaded from the receiver's prototype chain.
BUG=chromium:650236
Review-Url: https://codereview.chromium.org/2373683002
Cr-Commit-Position: refs/heads/master@{#39813}
Reason for revert:
Tanks ai-astar in Kraken pretty badly (some deopt loop).
Original issue's description:
> [stubs] Don't unconditionally canonicalize in ChangeFloat64ToTagged.
>
> Add a CanonicalizationMode to CodeStubAssembler::ChangeFloat64ToTagged,
> so clients can request Smi canonicalization when desired, but otherwise
> get Crankshaft/Fullcodegen compatible behavior of just boxing the double
> into a HeapNumber.
>
> R=verwaest@chromium.org
> BUG=v8:5268
>
> Committed: https://crrev.com/06eef6e6d8199df8317df8469d767092472f3fe0
> Cr-Commit-Position: refs/heads/master@{#39804}
TBR=verwaest@chromium.org,jarin@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5268
Review-Url: https://codereview.chromium.org/2373253003
Cr-Commit-Position: refs/heads/master@{#39812}
Add a CanonicalizationMode to CodeStubAssembler::ChangeFloat64ToTagged,
so clients can request Smi canonicalization when desired, but otherwise
get Crankshaft/Fullcodegen compatible behavior of just boxing the double
into a HeapNumber.
R=verwaest@chromium.org
BUG=v8:5268
Review-Url: https://codereview.chromium.org/2380543002
Cr-Commit-Position: refs/heads/master@{#39804}
This matches current Crankshaft/fullcodegen behavior more closely and
thus reduces the chances that we run into unnecessary polymorphism due
to the field representation tracking in our object model.
Drive-by-fixes: Make sure the JSRegExp::lastIndex field stays Smi
if possible (otherwise we tank the regexp benchmark in Octane).
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_mac64_rel,v8_mac64_dbg
R=jarin@chromium.org
BUG=v8:5267
Committed: 6a939714e9
Committed: https://crrev.com/ee158e6c4cc896479a32245432a3c2fdd31bcb73
Committed: https://crrev.com/ddf792beb3a72f6dba83e94fc8ada03ebf1630bd
Review-Url: https://codereview.chromium.org/2367593003
Cr-Original-Original-Commit-Position: refs/heads/master@{#39692}
Cr-Original-Commit-Position: refs/heads/master@{#39748}
Cr-Commit-Position: refs/heads/master@{#39803}
Even after https://codereview.chromium.org/2371963002 we still did not
always store a Smi into the JSTypedArray::length field, the runtime
function %TypedArrayInitializeFromArrayLike was still storing whatever
it got from the JavaScript code, which is highly dependent on internal
decisions of the ICs and the representation selection in the optimizing
compilers, so that's pretty fragile.
R=verwaest@chromium.org
BUG=chromium:650933
Review-Url: https://codereview.chromium.org/2377943002
Cr-Commit-Position: refs/heads/master@{#39802}
Previously we'd have a scope in the main zone, and another in the temp zone. Then we carefully copied back data to the main zone. This CL changes it so that the scope is just fixed up to only contain data from the main zone. That avoids additional copies and additional allocations; while not increasing the care that needs to be taken. This will also make it easier to abort preparsing while parsing using a temp zone.
BUG=
Review-Url: https://codereview.chromium.org/2368313002
Cr-Commit-Position: refs/heads/master@{#39800}
[0xC] Convert to stack machine semantics.
[0xC] Use section codes instead of names.
[0xC] Add elements section decoding.
[0xC] Decoding of globals section.
[0xC] Decoding of memory section.
[0xC] Decoding of imports section.
[0xC] Decoding of exports section.
[0xC] Decoding of data section.
[0xC] Remove CallImport bytecode.
[0xC] Function bodies have an implicit block.
[0xC] Remove the bottom label from loops.
[0xC] Add signatures to blocks.
[0xC] Remove arities from branches.
Add tests for init expression decoding.
Rework compilation of import wrappers and how they are patched.
Rework function indices in debugging.
Fix ASM->WASM builder for stack machine.
Reorganize asm.js foreign functions due to import indices change.
R=ahaas@chromium.org,rossberg@chromium.org,bradnelson@chromium.org
BUG=chromium:575167
LOG=Y
Committed: https://crrev.com/76eb976a67273b8c03c744f64ad850b0432554b9
Review-Url: https://codereview.chromium.org/2345593003
Cr-Original-Commit-Position: refs/heads/master@{#39678}
Cr-Commit-Position: refs/heads/master@{#39795}
If promise was resolved before adding handler in Runtime.evaluate method then this callback won't be called. We need to run microtasks after adding handlers.
R=dgozman@chromium.org,alph@chromium.org
Review-Url: https://codereview.chromium.org/2371773004
Cr-Commit-Position: refs/heads/master@{#39793}
Previously passing in the PromiseNopResolver function to the Promise
constructor would result in creating the resolving functions to be in
passed in to the executor, but the PromiseNopResolver does not use
these resolving functions resulting in wastefully creating these closures.
Instead we pass in the promiseRawSymbol to the promise constructor
so that these unnecessary resolving functions are not created.
BUG=v8:5046
Review-Url: https://codereview.chromium.org/2353303003
Cr-Commit-Position: refs/heads/master@{#39791}
This patch moves the following parsing method to ParserBase:
- DesugarAsyncFunctionBody, renamed to ParseAsyncFunctionBody
- ParseAsyncFunctionExpression, renamed to ParseAsyncFunctionLiteral
- ParseAsyncFunctionDeclaration
It renames the parser implementation methods:
- ParseArrowFunctionFormalParameterList -> DeclareArrowFunctionFormalParameters
- ParseArrowFunctionFormalParameters -> AddArrowFunctionFormalParameters
It also eliminates method ParseAsyncArrowSingleExpressionBody.
R=adamk@chromium.org, marja@chromium.org
BUG=
LOG=N
Review-Url: https://codereview.chromium.org/2372733002
Cr-Commit-Position: refs/heads/master@{#39788}
We must not throw when seeing a cycle while trying to resolve a name through
star exports. (It may be surprising that we do have to throw when seeing an
ambiguity, but this is what the spec says.)
R=adamk@chromium.org
BUG=v8:1569
Review-Url: https://codereview.chromium.org/2376563002
Cr-Commit-Position: refs/heads/master@{#39787}
This flag is meant to control whether we add a special context-free
entry to the optimized code map or not. A usage of the flag was
bogus.
BUG=
Review-Url: https://codereview.chromium.org/2374723002
Cr-Commit-Position: refs/heads/master@{#39784}
When we OSR using Turbofan, we would set the function to be optimized
on the next call, irrespective of the runtime profiler's previous
decisions - such as compiling for baseline. It seems more prudent to
always make these decisions in the runtime profiler where the data is
available.
Review-Url: https://codereview.chromium.org/2369043002
Cr-Commit-Position: refs/heads/master@{#39782}
The same information can be obtained by processing --trace-gc-nvp output
or using trace event and GC metric of catapult in Chrome.
BUG=
Review-Url: https://codereview.chromium.org/2361073002
Cr-Commit-Position: refs/heads/master@{#39780}
A page now belongs either the nursery *or* the intermediate gen. The page that
contained objects of both spaces is removed in this change.
BUG=chromium:636331
Review-Url: https://codereview.chromium.org/2209583002
Cr-Commit-Position: refs/heads/master@{#39778}
The bytecode offset parameter was Int32, but everywhere else it's an IntPtr.
BUG=
Review-Url: https://codereview.chromium.org/2369033003
Cr-Commit-Position: refs/heads/master@{#39777}
This makes sure we only replace load operations for fields on virtual
objects. Even though data flow information for non-virtual (escaping)
allocations is available, it might be inaccurate in certain situations
where object state hasn't been cleared.
R=jarin@chromium.org
TEST=mjsunit/compiler/regress-escape-analysis-indirect
Review-Url: https://codereview.chromium.org/2369953002
Cr-Commit-Position: refs/heads/master@{#39776}
The call to RegExpSubclassExec may refer to a different exec method
since splitter is newly constructed previously to the call.
BUG=v8:5351
Review-Url: https://codereview.chromium.org/2370733003
Cr-Commit-Position: refs/heads/master@{#39774}
The lowering of {JSToBoolean} operators in {JSTypedLowering} inserts
loads that are not part of the effect chain. This does not play well
with effect-sensitive data flow analysis (e.g. escape analysis). This
removes the lowering in question, we can implement it using a dedicated
simplified operator eventually if needed.
R=bmeurer@chromium.org
TEST=mjsunit/wasm/embenchen/lua_binarytrees
Review-Url: https://codereview.chromium.org/2366363003
Cr-Commit-Position: refs/heads/master@{#39773}
Reason for revert:
Regresses jank and memory. Revert for offline analysis.
Original issue's description:
> [heap] Always use the passed-in collector in CollectGarbage.
>
> Do not overwrite a collector decision.
>
> BUG=
>
> Committed: https://crrev.com/c19abaddafb5ede5e0d5efbe608b7fc5d7c7fcd0
> Cr-Commit-Position: refs/heads/master@{#39585}
TBR=ulan@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=
Review-Url: https://codereview.chromium.org/2369933004
Cr-Commit-Position: refs/heads/master@{#39770}
1) To get proper test coverage for the flag turned off
2) We need more scope analysis in the PreParser to not disable
optimizations for some common cases (inner function "var i" shadowing
outer function vars).
R=verwaest@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2365263005
Cr-Commit-Position: refs/heads/master@{#39768}
Turn the StringEqualStub and friends into proper TurboFan builtins,
which means that we don't need to do on-demand compilation for those
stubs, and use those to defer lowering of the StringEqual, etc.
simplified operators to effect/control linearization (i.e. move it to
the concurrent recompilation part).
BUG=v8:5428
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2363333003
Cr-Commit-Position: refs/heads/master@{#39762}