When zeroing a floating point stack slot, store the zero register directly,
rather than storing zero moved to an FP register.
BUG=
Review-Url: https://codereview.chromium.org/2339943002
Cr-Commit-Position: refs/heads/master@{#39441}
This is a first implementation of inlining into graphs that have been
created using the {BytecodeGraphBuilder}. Note that inlining sticks to
graphs of the same kind, we only ever inline AstGraph into AstGraph or
BytecodeGraph into BytecodeGraph, no mixed inlining.
R=bmeurer@chromium.org,rmcilroy@chromium.org
TEST=cctest/test-run-inlining
BUG=v8:5251
Review-Url: https://codereview.chromium.org/2262033003
Cr-Commit-Position: refs/heads/master@{#39439}
Migrate the platform DatePrototype_GetField (and all wrappers) to
TurboFan.
BUG=v8:5049
Review-Url: https://codereview.chromium.org/2263533002
Cr-Commit-Position: refs/heads/master@{#39438}
Rolling v8/build to a34a5233778556481dfa869bff735fad2157f196
Rolling v8/third_party/WebKit/Source/platform/inspector_protocol to e240fdcdb5880deb48156dbb9ccee0c28664cf88
Rolling v8/third_party/instrumented_libraries to 45f5814b1543e41ea0be54c771e3840ea52cca4a
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2347533002
Cr-Commit-Position: refs/heads/master@{#39436}
This flag has been flipped off since 52, so it is due for removal.
R=adamk@chromium.org,caitp@igalia.com
BUG=v8:3785
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_noi18n_rel_ng
Review-Url: https://codereview.chromium.org/2268633002
Cr-Commit-Position: refs/heads/master@{#39435}
In case of duplicate exports, always report the error for the very last
one.
(Fixed a bug.)
BUG=v8:5358,v8:1569
Review-Url: https://codereview.chromium.org/2340953002
Cr-Commit-Position: refs/heads/master@{#39434}
Handle the "synchronous case" by marking try/catch blocks introduced for
async functions as ASYNC_AWAIT and traversing up the stack, finding successive
Promises and returning caught if any of them are predicted to be caught.
BUG=v8:5167
Review-Url: https://codereview.chromium.org/2325813002
Cr-Commit-Position: refs/heads/master@{#39433}
Reason for revert:
needed to revert https://codereview.chromium.org/2339173004/
Original issue's description:
> [inspector] removed ArrayLengthHelperFunction specialization for empty array
>
> There is no zero length array usage in inspector codebase. We can safely remove template specialization.
>
> BUG=chromium:635948
> R=dgozman@chromium.org,alph@chromium.org
>
> Committed: https://crrev.com/b249ffc1915d8c35ff66eae3d51d3878d588dfbf
> Cr-Commit-Position: refs/heads/master@{#39428}
TBR=jochen@chromium.org,alph@chromium.org,dgozman@chromium.org,kozyatinskiy@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:635948
Review-Url: https://codereview.chromium.org/2334163006
Cr-Commit-Position: refs/heads/master@{#39431}
There is no zero length array usage in inspector codebase. We can safely remove template specialization.
BUG=chromium:635948
R=dgozman@chromium.org,alph@chromium.org
Review-Url: https://codereview.chromium.org/2340623002
Cr-Commit-Position: refs/heads/master@{#39428}
This exposes an interface for the embedder to provide a delegate which can
serialize or deserialize embedder-specific objects, like Blink's DOM wrappers.
BUG=chromium:148757
Review-Url: https://codereview.chromium.org/2327653002
Cr-Commit-Position: refs/heads/master@{#39422}
Add a dedicated simplified operator to inline the general case for the
ToBoolean conversion. In a follow up CL we will also use the ToBoolean
hints gathered by the baseline compiler.
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_arm64_gc_stress_dbg
R=jarin@chromium.org
BUG=v8:5267
Committed: https://crrev.com/8c50b51ab3d21efcd2f6900d83962159f21e1590
Review-Url: https://codereview.chromium.org/2167593002
Cr-Original-Commit-Position: refs/heads/master@{#37882}
Cr-Commit-Position: refs/heads/master@{#39420}
RegExpSubclassExecJS and RegExpExecJS only differed in the additional
TO_BOOLEAN on global and sticky flags and the useless (i < 0) check.
R=littledan@chromium.org
BUG=v8:5339
Review-Url: https://codereview.chromium.org/2337923002
Cr-Commit-Position: refs/heads/master@{#39417}
This CL adds fuzzers for the wasm module sections 'types', 'names',
'globals', 'imports', 'function signatures', 'memory', and 'data', one
fuzzer per section. No fuzzers are added for the other sections because
either there already exists a fuzzer (e.g. wasm-code), or there exist
inter-section dependencies.
To avoid introducing a bunch executables which would make compilation
with make slow, I introduce a single executable
'v8_simple_wasm_section_fuzzer' which calls the fuzzers mentioned above.
This executable is run by the trybots and ensures that the fuzzers
actually compile. For debugging I introduce commandline parameters which
allow to execute the specific fuzzers from 'v8_simple_wasm_section_fuzzer'.
R=titzer@chromium.org, jochen@chromium.org, mstarzinger@chromium.org
Review-Url: https://codereview.chromium.org/2336603002
Cr-Commit-Position: refs/heads/master@{#39413}
The wasm-module-runner is used both in cctests and in fuzzers. As
discussed offline, it is weird to include cctest header files in
fuzzers, so I introduce a new test/common directory which contains the
common files.
R=titzer@chromium.org, jochen@chromium.org
Review-Url: https://codereview.chromium.org/2335193002
Cr-Commit-Position: refs/heads/master@{#39411}
Add a notion of "invocation count" to the baseline compilers, which
increment a special slot in the TypeFeedbackVector for each invocation
of a given function (the optimized code doesn't currently collect this
information).
Use this invocation count to relativize the call counts on the call
sites within the function, so that the inlining heuristic has a view
of relative importance of a call site rather than some absolute numbers
with unclear meaning for the current function. Also apply the call site
frequency as a factor to all frequencies in the inlinee by passing this
to the graph builders so that the importance of a call site in an
inlinee is relative to the topmost optimized function.
Note that all functions that neither have literals nor need type
feedback slots will share a single invocation count cell in the
canonical empty type feedback vector, so their invocation count is
meaningless, but that doesn't matter since we only use the invocation
count to relativize call counts within the function, which we only have
if we have at least one type feedback vector (the CallIC slot).
See the design document for additional details on this change:
https://docs.google.com/document/d/1VoYBhpDhJC4VlqMXCKvae-8IGuheBGxy32EOgC2LnT8
BUG=v8:5267,v8:5372
R=mvstanton@chromium.org,rmcilroy@chromium.org,mstarzinger@chromium.org
Review-Url: https://codereview.chromium.org/2337123003
Cr-Commit-Position: refs/heads/master@{#39410}
All events recorded are shown in separate columns simulatneously, using
rectangles with heatmap-style colouring. Hovering over the shapes gives
the event name, count, and percentage.
BUG=
Review-Url: https://codereview.chromium.org/2228553004
Cr-Commit-Position: refs/heads/master@{#39408}
This CL adds CSA::Retain() operation that ensures that the value is kept alive even during GC.
BUG=v8:5269
Review-Url: https://codereview.chromium.org/2330063002
Cr-Commit-Position: refs/heads/master@{#39407}
This removes some leftover code which avoided adding stack checks to
stubs being compiled via the normal JavaScript pipeline, which we no
longer do.
R=bmeurer@chromium.org
Review-Url: https://codereview.chromium.org/2333973003
Cr-Commit-Position: refs/heads/master@{#39404}
Extract the call counts from the type feedback vector during graph
building (either via the AstGraphBuilder or the BytecodeGraphBuilder),
and put them onto the JSCallFunction and JSCallConstruct operators,
so that they work even across inlinine through .apply and .call (which
was previously hacked by creating a temporary type feedback vector
for those).
The next logic step will be to make those call counts into real
relative call frequencies (also during graph building), so that we
can make inlining decisions that make sense for the function being
optimized (where absolute values are misleading).
R=jarin@chromium.org
BUG=v8:5267,v8:5372
Review-Url: https://codereview.chromium.org/2330883002
Cr-Commit-Position: refs/heads/master@{#39400}
Rolling v8/build to 4e62debd8bf6e75229861c7b8b352953f8bfec2e
Rolling v8/buildtools to b97d6c93a3e805c9ba5356dca872f1801639fbc5
Rolling v8/third_party/WebKit/Source/platform/inspector_protocol to f010dd827c6d3a8ec2f355168fc4342ba39a78f8
Rolling v8/third_party/icu to b0bd3ee50bc2e768d7a17cbc60d87f517f024dbe
Rolling v8/tools/clang to 23638ab6411fb9e25ea7f1837835b67a793b5499
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2343533002
Cr-Commit-Position: refs/heads/master@{#39399}
Reason for revert:
Suspecting this is a roll blocker: https://codereview.chromium.org/2332343002/
#
# Fatal error in ../../v8/src/heap/spaces.h, line 1618
# Check failed: capacity_ >= bytes (25429824 vs. 18446744073709551168).
#
Original issue's description:
> [heap] Enable black allocation when finalizing incremental marking.
>
> BUG=chromium:630386
>
> Committed: https://crrev.com/1ccc742dc326b063999670421e1da0ea124874c0
> Cr-Commit-Position: refs/heads/master@{#39382}
TBR=mlippautz@chromium.org,hpayer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:630386
Review-Url: https://codereview.chromium.org/2340463005
Cr-Commit-Position: refs/heads/master@{#39397}
json-parser does the same thing. This drastically reduces GC cost when
deserializing objects large enough that multiple collections are likely
(since it saves the effort to move them to the old generation, when we
know that the objects we create will persist at least until the deserializer
finishes).
The threshold was chosen to match json-parser.
This patch reduces deserialization time on a large blob of JSON-y data
by approximately 30%.
BUG=chromium:148757
Review-Url: https://codereview.chromium.org/2336973004
Cr-Commit-Position: refs/heads/master@{#39396}
v8::Isolate::Throw only schedules the exception; it is necessary to promote it
after invoking the delegate.
BUG=chromium:148757
Review-Url: https://codereview.chromium.org/2332843003
Cr-Commit-Position: refs/heads/master@{#39395}
Handle some examples of the "asynchronous case" by marking await expressions
as either caught or uncaught; in the caught case, this marks the Promise passed
in as having a catch predicted. The marking is done in AST numbering, which
chooses between two different runtime function calls based on catch prediction.
BUG=v8:5167
Review-Url: https://codereview.chromium.org/2276243002
Cr-Commit-Position: refs/heads/master@{#39394}
The initial support for low level exception handling in Wasm will not
support finally blocks. This decision is taken for both simplicity (
handling finallys is not straightforward if we want try blocks to yield
values), and lack of good use case (clang++ does not need them.) They
may be added in the future once we understand the implications of
having them.
BUG=
Review-Url: https://codereview.chromium.org/2336303002
Cr-Commit-Position: refs/heads/master@{#39393}