A std::deque interacts badly with zone memory in that it allocates chunks
of memory for the back of the queue and frees memory from the front of the
queue. As such we never reuse zone memory for the queue. Implement a very
simple RecyclingZoneAllocator which keeps a single block of memory from
deallocation that can be reused on allocation.
Also clean up zone-allocator a bit and make it use proper Chromium coding
style.
BUG=chromium:700364
Change-Id: I19330a8a9ec6d75fe18d8168d41f1a12030a6c4d
Reviewed-on: https://chromium-review.googlesource.com/458916
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44154}
When node splitting is enabled new nodes could be created during scheduling.
The Scheduler::node_data_ and Schedule::nodeid_to_block_ zone vectors
reserve enough space for the node count before splitting, however will
have to reallocate space when node splitting occurs. The vectors double
in space by default, meaning the peak zone usage is 3x the required amount
for these vectors as soon as a single node is split. Avoid this in the
common case by reserving 10% extra space for split nodes. The value
10% was choosen since it covers 98.7% of the optimized functions in Octane.
BUG=chromium:700364
Change-Id: Ibabd8d04cffd1eb08cc3b8a12b76892208ef3288
Reviewed-on: https://chromium-review.googlesource.com/458425
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44153}
The scheduled_nodes_ vector is used to maintain a per-block list of
non-fixed nodes. For most blocks this list remains empty, so lazily
initialize it instead of pre-allocating to save memory.
Also pre-reserve an extra 10% of blocks to avoid reallocting space in the
vector when fusing floating control creates new basic blocks.
BUG=chromium:700364
Change-Id: I9876e6a42bc90c9bff5838620365c18609ed1ee9
Reviewed-on: https://chromium-review.googlesource.com/458919
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44152}
These aren't used thanks to new implementation in CSA.
BUG=v8:5977
Change-Id: Ia4acfa0d1a925eba305a818913cbeff479b27792
Reviewed-on: https://chromium-review.googlesource.com/458477
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44151}
The Control Equivalance phase was taking a lot of memory by allocating a
large datastructure for every node even if the nodes were dead or wouldn't
participate in the control equivalence algorithm. Instead allocate the
data on-demand, and use the presense of the data as the flag for whether
the node participates in the algorithm.
Also remove DFS number field as it was unused.
This reduces the amount of memory used for a 10,000 node graph in the linked
bug from ~450KB to ~70KB. It also seems to reduce scheduling time by around
10% for local runs of Octane.
BUG=chromium:700364
Change-Id: Iedfdf4dff0a01463c5b6471513e6b69ef010b02d
Reviewed-on: https://chromium-review.googlesource.com/458219
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44150}
If used, the TypeProfileSlot is always added as the first slot and its
index is constant. If other slots are added before the TypeProfileSlot,
this number changes.
BUG=v8:5933
Change-Id: I57bc6bea3c48804af28c2d1dafe6a52bdd7d12e3
Reviewed-on: https://chromium-review.googlesource.com/459511
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Franziska Hinkelmann <franzih@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44149}
This patch adds support for MIPS SIMD (MSA) instructions in Assembler
and Decoder (disassembler) classes. MSA instructions are implemented for
both mips32 and mips64 architectures.
BUG=
Review-Url: https://codereview.chromium.org/2740123004
Cr-Commit-Position: refs/heads/master@{#44148}
Remove deep nesting and repeated code by using a switch-based structure
(instead of if-based), use clearer variable names, and separate cleanly between
immutable and mutable variables.
BUG=v8:5437
Review-Url: https://codereview.chromium.org/2776123002
Cr-Commit-Position: refs/heads/master@{#44147}
This reverts commit 6ad5ca59c9.
Reason for revert: Breaks on noi18n bot, needs fix in the new regression test
Original change's description:
> [wasm] Check the result of Promise::Resolver
>
> We check that if we do not get a result, or if we get a negative result,
> then there has to be a scheduled exception.
>
> R=clemensh@chromium.org
> TEST=mjsunit/regress/wasm/regression-704127
> BUG=chromium:704127
>
> Change-Id: I3fef3cc02f685a9cbc3f10203e2a59b61b3702d5
> Reviewed-on: https://chromium-review.googlesource.com/458282
> Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> Commit-Queue: Andreas Haas <ahaas@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#44144}
TBR=ahaas@chromium.org,clemensh@chromium.org,v8-reviews@googlegroups.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:704127
Change-Id: Ibf6d27929c88064bc2755688358998640092e31a
Reviewed-on: https://chromium-review.googlesource.com/459512
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44145}
We check that if we do not get a result, or if we get a negative result,
then there has to be a scheduled exception.
R=clemensh@chromium.org
TEST=mjsunit/regress/wasm/regression-704127
BUG=chromium:704127
Change-Id: I3fef3cc02f685a9cbc3f10203e2a59b61b3702d5
Reviewed-on: https://chromium-review.googlesource.com/458282
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44144}
This implements support for named captures in
RegExp.prototype[@@replace] for when the replaceValue is callable.
In that case, the result.groups object is passed to the replacer
function as the last argument.
BUG=v8:5437
Review-Url: https://codereview.chromium.org/2764343004
Cr-Commit-Position: refs/heads/master@{#44142}
Since we no longer support the ignition-staging configuration
any longer, we can retire the three tier pipeline and the
CompileBaseline functionallity.
We still need support for JSFunction self healing due to
liveedit (which for --no-turbo might end up replacing a
forced Ignition function with a FCG function) - we can
remove this once we remove --no-turbo support.
BUG=v8:4280
Change-Id: I5482abd17785324654e022affd6bdb555b19b181
Reviewed-on: https://chromium-review.googlesource.com/452620
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44141}
A step towards removing isolate from ParseInfo.
Removing isolate from ParseInfo will make it easier to create and
execute parse tasks on background threads.
BUG=v8:6093
Change-Id: I25b23b3bf64502f84c28ce688ad2997c9665a069
Reviewed-on: https://chromium-review.googlesource.com/458003
Reviewed-by: Daniel Clifford <danno@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Commit-Queue: Wiktor Garbacz <wiktorg@google.com>
Cr-Commit-Position: refs/heads/master@{#44140}
Previously the Boyer-Moore-Horspool optimization gave up in the presence of a
submatch. A submatch is where we record the current position so that we can go
back to it, which is an essential part of the semantics of lookarounds
(lookaheads and lookbehinds). This has been the case since
Boyer-Moore-Horspool was implemented, but it was overly cautious.
* For positive lookahead it is OK to use the patterns inside the lookahead to
guide the BMS optimization.
* For positive lookbehind we harmlessly fail to optimize when the patterns
inside the lookbehind go backwards because TextNode::EatsAtLeast returns 0.
* For negative lookarounds, the NegativeLookaroundChoiceNode::FillInBMInfo method
(in jsregexp.h) knows to only look at the following pattern.
This is in response to disappointing lookbehind performance in Atom.
See https://github.com/atom/find-and-replace/issues/571R=yangguo@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2777583003
Cr-Commit-Position: refs/heads/master@{#44139}
In code generator, DEXTM instruction will be emitted for intervals
position=[0,31] and size=[33,64]. In simulator, mask for DEXTM will be
calculated on correct way for size = 64. Disassembler has now possibility
to disassemble instructions DEXTM and DEXTU.
TEST=cctest/test-run-machops/Regression6122
BUG=
Review-Url: https://codereview.chromium.org/2769403002
Cr-Commit-Position: refs/heads/master@{#44137}
The goal of this commit is to add the equivalent to gdbinit but
for lldb. I've tried to replicate the commands as close as possible
but I'm unsure about the jss command and hoping to get some feedback
on it in addition to the bta command which I'm not sure how/when this
could be used. This is probably just inexperience on my part.
The lldbinit file can be placed into a directory prefixed with dot
(.lldbinit) and the python script is currently expected to be in the
same directory. The path to the script can be changed manually if needed
as well.
NOTRY=true
Review-Url: https://codereview.chromium.org/2758373002
Cr-Commit-Position: refs/heads/master@{#44136}
- Implement %TypedArray%prototype.reverse in builtins and
ElementsAccessor to use std::reverse
- Remove TypedArrayReverse in src/js/typedarray.js
- Fix typo in comments
BUG=v8:5929
Review-Url: https://codereview.chromium.org/2761453002
Cr-Commit-Position: refs/heads/master@{#44132}
Besides adding accessors get_origin() and set_origin(), it creates easier test
accessors is_wasm() and is_asm_js().
This allows the possibility of caching boolean flags for is_wasm() and
is_asm_js() without having to change any code except for the files containing
the class definition for WasmModule.
BUG= v8:6152
R=bbudge@chromium.org,mtrofin@chromium.org
Review-Url: https://codereview.chromium.org/2771803005
Cr-Commit-Position: refs/heads/master@{#44130}
ToNumber for Oddball/String has no side-effect, no need to go
through %Typearray%.prototype.fill slow path.
BUG=v8:5929,chromium:702902
Review-Url: https://codereview.chromium.org/2769673002
Cr-Commit-Position: refs/heads/master@{#44129}
TBR=yangguo@chromium.org
Change-Id: Iaed993ed1a61003e35bb40d1f9e0d78864979b2c
Reviewed-on: https://chromium-review.googlesource.com/459443
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44127}
Currently, v8 uses the same flag to collect time for compiling wasm modules from js asm and wasm. This separates the v8 counter into two separate counters, and then uses the appropriate counter when compiling a module.
Note: This CL doesn't separate the corresponding Chromium counter. Rather that is intenionally being delayed until v8 code has separated all appropriate counters for js asm and wasm. That way, the installation into chrome can be done at once.
BUG=chromium:704922
R=bradnelson@chromium.org,bbudge@chromium.org
Review-Url: https://codereview.chromium.org/2778493002
Cr-Commit-Position: refs/heads/master@{#44126}
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: Iff5ff2e73d598ecae1be30a61856c1292f2fd6da
Reviewed-on: https://chromium-review.googlesource.com/456646
Commit-Queue: Adam Klein <adamk@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44125}
Require the use of MarkingState when going through ObjectMarking
and friends.
BUG=chromium:651354
Review-Url: https://codereview.chromium.org/2770253002
Cr-Commit-Position: refs/heads/master@{#44123}
Currently, v8 uses the same flag to collect time for instantiating wasm modules
from js asm and wasm. This separates the v8 counter into two separate counters,
and then uses the appropriate counter when instantiating a module.
BUG=chromium:704922
R=aseemgarg@chromium.org,bradnelson@chromium.org,bbudge@chromium.org
Review-Url: https://codereview.chromium.org/2772773004
Cr-Commit-Position: refs/heads/master@{#44122}
V8 side mechanism for overriding the wasm js APIs.
We will use these to:
- implement the Chrome-side constraints on module size, and throw with more
actionable error messages, while preserving layering.
The old mechansms will be deleted once we update the Chrome side with
this new mechanism.
- implement Chrome-side .compile and .instantiate overrides accepting
Response objects.
We may want to evolve this mechanism into something more general, not
requiring V8 preparation, by replacing the v8-definition with embedder
provided definitions. We're currently exploring if we can expand
"Extras", for instance.
BUG=
Review-Url: https://codereview.chromium.org/2773063002
Cr-Commit-Position: refs/heads/master@{#44119}
This helper is used directly when constructing from an object with
a length, as well as by ConstructByIterable and ByTypedArray.
BUG=v8:5977
Change-Id: I18a4829c2a22a6099cf3b0824ea1f698bfbf1917
Reviewed-on: https://chromium-review.googlesource.com/456707
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Franziska Hinkelmann <franzih@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44116}
The temp_instance is not used but had an enormous performance impact.
The instantiation time of the zengarden WebAssembly module improved now
from 12 seconds to less than a second.
R=clemensh@chromium.org
BUG=v8:6146
Change-Id: Ibac7809b3b6092032abd77ed94f639c09f62d816
Reviewed-on: https://chromium-review.googlesource.com/458918
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44114}
Currently BodyDescriptorBase::IterateBodyImpl does a run-time check
for obj->map()->HasFastPointerLayout(), which is redundant for all
non-JSObject heap objects.
BUG=chromium:694255
Review-Url: https://codereview.chromium.org/2774553003
Cr-Commit-Position: refs/heads/master@{#44111}
This speeds up for/in over arrays. E.g.,:
function f(a) {
for (let i in a) {
if (a[i] != a[i]) print(false);
}
}
var a = new Array(10000000);
a.fill(1);
f(a);
runs 3x faster after the change.
BUG=chromium:703226
Change-Id: Iabc5e931d985a03f89440cd702b2feb3eb9f5c18
Reviewed-on: https://chromium-review.googlesource.com/459538
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44108}
This reverts commit f20261bfb4.
Reason for revert: We need the GetMapConstructor instruction for CallApiCallbackStub
Original change's description:
> Remove ClassOf intrinsic from FCG and CS
>
> I plan to change the constructor field of maps, and instead of patching
> the intrinsics all over the place, just fall back to the runtime.
>
> R=bmeurer@chromium.org
> BUG=v8:6084
>
> Change-Id: Ie294b74ab615fd794d7fc47488e2e30e2b49b4db
> Reviewed-on: https://chromium-review.googlesource.com/454616
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Commit-Queue: Jochen Eisinger <jochen@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#43765}
TBR=jochen@chromium.org,bmeurer@chromium.org,adamk@chromium.org,hablich@chromium.org,v8-reviews@googlegroups.com,v8-mips-ports@googlegroups.com,v8-ppc-ports@googlegroups.com,v8-x87-ports@googlegroups.com
# Not skipping CQ checks because original CL landed > 1 day ago.
BUG=v8:6084
Change-Id: I06f60d409eccb4ad3abad14f5c9782bfe9122aea
Reviewed-on: https://chromium-review.googlesource.com/458379
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44106}
