ThrowIfHole bytecodes were handled by introducing deopt points to check
for a hole. To avoid deopt loops a hole check protector was used to
generate control flow if there was a deopt due to a hole. However, the
normal control flow version should be as fast as the deopt version
in general. The deopt version could potentially consume less compile time
but it may not be worth the complexity added. Hence simplifying it to
only construct the control flow.
Bug: v8:6383
Change-Id: Icace11f7a6e21e64e1cebd104496e3f559bc85f7
Reviewed-on: https://chromium-review.googlesource.com/525573
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45783}
This CL contains a few pieces:
- A new mechanism to create "BuiltinContinuation" checkpoints in TurboFan
graphs, which--when triggered--swizzle the values in the the FrameState to be
parameters to a typically TF-generated builtin that resumes execution to finish
the slow-case functionality.
- Continuation builtins that have special handling in the deoptimizer and their own
new frame type to ensure that the values they need to begin executing can be stashed
away and restored immediately before the builtin is called via a trampoline that runs
when the continuation builtin's frame execution resumes.
- An implementation of Array.prototype.forEach in TurboFan that can be used to
inline it. The inlined forEach implementation uses the checkpoints mechanism
described above to deopt in the middle of the forEach in the cases that optimization
invariants are violated. There is a slightly different continuation stub for each
deopt point in the forEach implementation to ensure the correct side-effects, i.e.
that the deopt of the builtin isn't programmatically observable.
Review-Url: https://codereview.chromium.org/2803853005
Cr-Commit-Position: refs/heads/master@{#45764}
Introduces ThrowReferenceErrorIfHole / ThrowSuperNotCalledIfHole
/ ThrowSuperAlreadyCalledIfNotHole bytecodes to handle hole checks.
In the bytecode-graph builder they are handled by introducing a deopt point
instead of adding explicit control flow. JumpIfNotHole / JumpIfNotHoleConstant
bytecodes are removed since they are no longer required.
Bug: v8:4280, v8:6383
Change-Id: I58b70c556b0ffa30e41a0cd44016874c3e9c5fe1
Reviewed-on: https://chromium-review.googlesource.com/509613
Commit-Queue: Mythri Alle <mythria@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45720}
This patch also adds sharing of code target entries, which requires
sharing the RelocInfo for those entries as well. The disassembler
is also modified in order to print comments for the RelocInfo that
is now shared.
This improves the snapshot size for arm by about 4%.
BUG=
Review-Url: https://codereview.chromium.org/2869683004
Cr-Commit-Position: refs/heads/master@{#45497}
... by only looking at the handle.
This is in preparation for running code generation off the main thread.
Bug: v8:6048
Change-Id: I19b105c13278a2821a0b2395033e54abf5552a43
Reviewed-on: https://chromium-review.googlesource.com/506190
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45333}
- Migrate make grokdump to GYP and GN
- Move code from d8 into stand-alone execution
- Add test case to ensure it's up-to-date
Review-Url: https://codereview.chromium.org/2809653003
Cr-Commit-Position: refs/heads/master@{#44687}
- Add new address markers:
T: tagged pointer in the minidump
C: address into a module in the minidump
S: pointer into the exception stack in the minidump
*: other address in the minidump
- Show ASCII decoding of address in dd
- Display potential frame markers on the exception stack:
00000032212fdae8: 0000000300000000 ........ Smi(3) EXIT frame marker
- Display relative addresses, useful to detect stack frames:
00000032212fdb68: 00000032212fdb98 S ........ [+6]=00000032212fdcb0 S
00000032212fdb70: 0000010ff5ca0a84 ........
00000032212fdb78: 000001064c1fa881 ........
00000032212fdb80: 0000016a8e52fcb1 ........
00000032212fdb88: 0000010ff5ca0981 ........
00000032212fdb90: 0000000d00000000 ........ Smi(13) INTERNAL frame marker
00000032212fdb98: 00000032212fdcb0 S ........ [+35]=00000032212fdd61 S
Change-Id: I56bd7e6723a34bcb668719246dd5ff2898224928
Reviewed-on: https://chromium-review.googlesource.com/461862
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44269}
The plan is to also use it for With and Catch scopes, so all kinds of
contexts have a pointer back to their ScopeInfo
R=neis@chromium.org,marja@chromium.org
BUG=v8:5215
Review-Url: https://codereview.chromium.org/2301913002
Cr-Commit-Position: refs/heads/master@{#39092}
We use a scratchpad to remember visited allocation sites for post processing
(making tenure decisions). The previous implementation used a rooted FixedArray
with constant length (256) to remember all sites. Updating the scratchpad is a
bottleneck in any parallel/concurrent implementation of newspace evacuation.
The new implementation uses a HashMap with allocation sites as keys and
temporary counts as values. During evacuation we collect a local hashmap of
visited allocation sites. Upon merging the local hashmap back into a global one
we update potential forward pointers of compacted allocation sites. The
scavenger can directly enter its entries into the global hashmap. Note that the
actual memento found count is still kept on the AllocationSite as it needs to
survive scavenges and full GCs.
BUG=chromium:524425
LOG=N
R=hpayer@chromium.org
Review URL: https://codereview.chromium.org/1535723002
Cr-Commit-Position: refs/heads/master@{#33233}
This patch generalizes Object.observe callbacks and promise resolution into a FIFO queue called a "microtask queue".
It also exposes new V8 API which exposes the microtask queue to the embedder. In particular, it allows the embedder to
-schedule a microtask (EnqueueExternalMicrotask)
-run the microtask queue (RunMicrotasks)
-control whether the microtask queue is run automatically within V8 when the last script exits (SetAutorunMicrotasks).
R=dcarney@chromium.org, rossberg@chromium.org, dcarney, rossberg, svenpanne
BUG=
Review URL: https://codereview.chromium.org/154283002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19344 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
This is done similar to weak embedded objects in optimized code (r17102). The
reference from optimized code to a cell is treated weakly in marking visitors
if the cell points to a JSObject. After marking we iterate over all cells
embedded in optimized code. If a cell is not marked but its value is marked,
then we revive the cell by marking it. Otherwise, the cell value is dead, so
we mark the code for deoptimization.
BUG=v8:2073
TEST=cctest/test-heap/CellsInOptimizedCodeAreWeak
LOG=Y
R=hpayer@chromium.org, mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/117483002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18616 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Things got quite a bit out of sync (don't we all love copy-n-paste?):
* TypeToString didn't handle SLICED_STRING_TYPE,
SLICED_ASCII_STRING_TYPE, FIXED_DOUBLE_ARRAY_TYPE,
JS_FUNCTION_PROXY_TYPE and JS_DATE_TYPE.
* INSTANCE_TYPE_LIST was missing entries for
SLICED_ASCII_STRING_TYPE, JS_SET_TYPE, and JS_MAP_TYPE.
To improve this maintenance nightmare a little bit, the missing
instance types were added to the INSTANCE_TYPE_LIST macro and this
list is now used via our beloved 2nd order macro technique in
TypeToString. As a side-effect, the strings returned by TypeToString
have a "_TYPE" suffix now, but this doesn't really matter and is a
small price to pay for consistency.
Removed INVALID_TYPE on the way, it had no real use.
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/22681004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16120 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
