This avoids direct access to scope() for later lazy scope allocation.
BUG=v8:5209
Review-Url: https://codereview.chromium.org/2225773003
Cr-Commit-Position: refs/heads/master@{#38458}
%InitializeConstGlobal has been dead code since the demise of legacy const
declarations. While getting rid of that call, also cleaned up and clarified
the surrounding code in a variety of ways.
R=neis@chromium.org
Review-Url: https://codereview.chromium.org/2219223002
Cr-Commit-Position: refs/heads/master@{#38457}
To be able to lazily allocate BlockScopes, we need to reduce access to scope(). The explicit accesses removed here just need access to the current scope to allocate unresolved variable proxies. Those in the future should go over ScopeState rather than directly to Scope.
BUG=v8:5209
Review-Url: https://codereview.chromium.org/2224843003
Cr-Commit-Position: refs/heads/master@{#38456}
This removes the "resolve" parameter from Declare, since there's no case
where Scope analysis wouldn't make the same resolution decision the
parser can make here.
Other cleanup includes:
- Replace some if statements with DCHECKS where they could never be hit
- After the above, reordered some conditions for clarity
- Remove or edit down old comments
Should be no change in behavior.
R=neis@chromium.org
Review-Url: https://codereview.chromium.org/2217973003
Cr-Commit-Position: refs/heads/master@{#38454}
Port eb84126923
Original commit message:
One caveat: the Crankshaft stub used to preserve callee-clobbered double
registers, which is contrary to any real platform ABI that we support. Since the
only current use of this stub is in Crankshaft, the instruction there now must
be marked as double-clobbering. This might result in a small performance
regression. However, when this stub is eventually used in TF-generated code, it
will be called from deferred code that can save doubles only on the rarely-taken
path... something that Crankshaft can't do.
R=danno@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com
BUG=chromium:608675
LOG=N
Review-Url: https://codereview.chromium.org/2227673003
Cr-Commit-Position: refs/heads/master@{#38444}
This removes the test-download method for all but
promises-aplus. They all only contain legacy code for
deleting old archives.
Only test262 needs to prepare sources on swarming, which is
moved to a new method, called unconditionally.
All references to --download-data and --download-data-only
in the infrastructure can be removed after this.
BUG=
Review-Url: https://codereview.chromium.org/2227613002
Cr-Commit-Position: refs/heads/master@{#38439}
This allows us to consume the type hints gathered by the CompareIC
for the strict equality and inequality operators. Similar to abstract
equality We need to distinguish Number and NumberOrOddball feedback,
as strict equality doesn't truncate Oddball to Number.
R=epertoso@chromium.org
BUG=v8:4583
Review-Url: https://codereview.chromium.org/2222993003
Cr-Commit-Position: refs/heads/master@{#38438}
This CL changes the semantics of FloatXXSub to match the semantics of
the semantics of FloatXXSubPreserveNan. Therefore there is no need
anymore for the FloatXXSubPreserveNan operators.
The optimizations in VisitFloatXXSub which are removed in this CL have
already been moved to machine-operator-reducer.cc in
https://codereview.chromium.org/2226663002R=bmeurer@chromium.org
Review-Url: https://codereview.chromium.org/2220973002
Cr-Commit-Position: refs/heads/master@{#38437}
This CL applies the same optimization already present for calling API-function.
Execution::New and Execution::Call now both check whether the target is an
API-function and avoid calling out into the construct/call stub.
BUG=chromium:630217
Review-Url: https://codereview.chromium.org/2203353002
Cr-Commit-Position: refs/heads/master@{#38433}
This allows us to consume the type hints gathered by the CompareIC for
the abstract equality and inequality operators. We need to distinguish
Number and NumberOrOddball feedback now, as abstract equality doesn't
truncate null and undefined to Number.
R=epertoso@chromium.org
BUG=v8:4583
Review-Url: https://codereview.chromium.org/2222983002
Cr-Commit-Position: refs/heads/master@{#38432}
Introduces a new VariableLocation MODULE for variables that live in a
module's export table. Scope analysis sets this for the approriate variables.
Not yet supported by any backend.
Also, treats all imports as CONST bindings (including namespace imports), rather
than having new special variable modes.
BUG=
Review-Url: https://codereview.chromium.org/2199283002
Cr-Commit-Position: refs/heads/master@{#38426}
Pass in zone() explicitly to SloppyBlockFunctionMap::Declare and VariableMap::Declare instead.
BUG=v8:5209
Review-Url: https://codereview.chromium.org/2223773002
Cr-Commit-Position: refs/heads/master@{#38424}
The outer scope of the scope we are compiling doesn't need analysis. Either we're compiling top-level code in which case there is no outer scope. Or we are compiling code at the top-level (eval, function, module), and there won't be anything to resolve in the outer scope. Lastly we could also be compiling with a deserialized scope. In that case the outer scope is already resolved.
BUG=v8:5209
Review-Url: https://codereview.chromium.org/2224593002
Cr-Commit-Position: refs/heads/master@{#38419}
Introduce a dedicated MaybeGrowFastElements simplified operator, which
tries to grow a fast elements backing store for a given element that
should be added to an array/object. Use that to lower a growing keyed
store to a sequence of
1) check index is a valid array index,
2) check stored value,
3) maybe grow elements backing store (and deoptimize if it would
normalize), and
4) store the actual element.
The actual growing is done by two dedicated GrowFastDoubleElements
and GrowFastSmiOrObjectElements builtins, which are very similar to
the GrowArrayElementsStub that is used by Crankshaft.
Drive-by-fix: Turn CopyFixedArray into CopyFastSmiOrObjectElements
builtin, similar to the new growing builtins, so we don't need to
inline the store+write barrier for the elements into all optimized
code objects anymore.
Also fix a bug in the OperationTyper for NumberSilenceNaN, which was
triggered by this change.
BUG=v8:5272
Review-Url: https://codereview.chromium.org/2227493002
Cr-Commit-Position: refs/heads/master@{#38418}
Up until now "-0.0 - x" was lowered in the instruction selector. I moved
the lowering now to the MachineOperatorReducer.
I did not remove the lowering from the instruction selector yet, I would
prefer to do that in a separate CL.
R=bmeurer@chromium.org
Review-Url: https://codereview.chromium.org/2226663002
Cr-Commit-Position: refs/heads/master@{#38417}
Properly figure out NaN and -0 cases even for non-integer inputs. This
helps to reduce the number of checks we have to perform in case we try
to go back to int32 after a floating point operation.
R=epertoso@chromium.org
Review-Url: https://codereview.chromium.org/2221863002
Cr-Commit-Position: refs/heads/master@{#38415}
Reason for revert:
We can revert this now that it's landed on 5.3.
Original issue's description:
> Fix an OOB read through CallSite.GetFunctionName
>
> The func_index parameter passed to GetWasmFunctionNameFromTable can be
> user-controlled through the CallSite constructor. Catch out-of-bounds
> reads and return null as the function name in such cases.
>
> This applies to the 5.3 branch and will be reverted on TOT in a bit.
>
> BUG=632965
>
> Committed: https://crrev.com/8592c450a68581d7257c1b2002983c0092cd749a
> Cr-Commit-Position: refs/heads/master@{#38276}
TBR=ahaas@chromium.org,yangguo@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=632965
Review-Url: https://codereview.chromium.org/2225773002
Cr-Commit-Position: refs/heads/master@{#38414}
Properly figure out NaN and -0 cases even for non-integer inputs. This
helps to reduce the number of checks we have to perform in case we try
to go back to int32 after a floating point operation.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2227533002
Cr-Commit-Position: refs/heads/master@{#38413}
Reason for revert:
Leaks block chromium roll:
https://codereview.chromium.org/2219083003/
Example build:
https://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_asan_rel_ng/builds/205435
You can add the trybot from tryserver.chromium.linux, linux_chromium_asan_rel_ng, on reland.
Original issue's description:
> [Reland][Tracing] Embed V8 runtime call stats into tracing.
>
> Currently we have V8 RuntimeCallStats that is independently from tracing when
> running d8 with flag --runtime_call_stats. This patch embeds V8 runtime call
> stats into tracing, by having a global table of runtime call counters each
> isolate, resetting the table each time we enter a top level trace event, and
> dumping the table for each top level trace event. This will make trace file more
> compat, as well as enable runtime call stats in tracing system.
>
> This patch adds ~5% overhead to V8 when the category is enabled, we measure the
> overhead by running a script when category is enabled.
>
> BUG=v8:5089
>
> Committed: https://crrev.com/d014866173eaa2b548c566217b2c94b1d49385fa
> Committed: https://crrev.com/1ca3b73bba4a7253ca8eeef39321d70e7d414331
> Committed: https://crrev.com/3f936a5b17754783e92d2146eaf66c88a78ee45b
> Cr-Original-Original-Commit-Position: refs/heads/master@{#38270}
> Cr-Original-Commit-Position: refs/heads/master@{#38314}
> Cr-Commit-Position: refs/heads/master@{#38403}
TBR=cbruni@chromium.org,fmeawad@chromium.org,bmeurer@chromium.org,adamk@chromium.org,rmcilroy@chromium.org,lpy@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=v8:5089
NOTRY=true
NOPRESUBMIT=true
Review-Url: https://codereview.chromium.org/2221853002
Cr-Commit-Position: refs/heads/master@{#38412}
Introduce a dedicated NumberOperationHint enum that represents the
feedback we can use for speculative number operations.
BUG=v8:4930
Review-Url: https://codereview.chromium.org/2220573002
Cr-Commit-Position: refs/heads/master@{#38411}
