In case when F tail calls G we should also remove the potential arguments adaptor frame for F.
This CL introduces two new machine instructions ArchTailCallCodeObjectFromJSFunction and ArchTailCallJSFunctionFromJSFunction which (unlike existing ArchTailCallCodeObject and ArchTailCallJSFunction) also drop arguments adaptor frame if it exists right before jumping to the target function.
BUG=v8:4698
LOG=N
Review URL: https://codereview.chromium.org/1702423002
Cr-Commit-Position: refs/heads/master@{#34566}
Local declarations were previously encoded as an optional set of
4 uint16 values as part of the function declaration. This CL
implements the current design of moving these declarations to
a list of pairs of (type, count) that is part of the body.
R=bradnelson@chromium.org,binji@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1763433002
Cr-Commit-Position: refs/heads/master@{#34564}
Simply call InitializeForOfStatement (split out from InitializeForEachStatement)
instead, which already has all the necessary logic.
As part of this, trade one bool arg (is_destructuring) for an int
(iterable_pos).
Review URL: https://codereview.chromium.org/1740293002
Cr-Commit-Position: refs/heads/master@{#34561}
This avoids a minor unnecessary inefficiency (GetRoot) in setting up the LookupIterator.
BUG=
Review URL: https://codereview.chromium.org/1767123002
Cr-Commit-Position: refs/heads/master@{#34560}
Since we record slots for weak list fields, there is no need to iterate over
them after evacuation. We just need to update the roots for which we didn't
record slots.
This speeds up the evacuate_update_pointers_weak phase by ~2.5x.
BUG=
Review URL: https://codereview.chromium.org/1772803002
Cr-Commit-Position: refs/heads/master@{#34555}
This moves the post-instantiation work performed on newly allocated
JSFunction objects into the Compiler class. The aim is to eventually
have all decisions how to compile functions be centralized within the
compiler pipeline.
R=mvstanton@chromium.org
Review URL: https://codereview.chromium.org/1764023003
Cr-Commit-Position: refs/heads/master@{#34550}
The ES2015 specification requires that String.prototype.startsWith,
String.prototype.endsWith and String.prototype.includes use the IsRegExp
internal algorithm to determine whether to throw a TypeError to prevent
a RegExp from being accidentally cast to a String for those methods.
That internal algorithm checks the presence/truthiness of Symbol.match
to make its determination. This patch switches the builtins to use
this correct test, rather than checking for the [[RegExpMatcher]]
internal slot as the builtins previously did.
R=yangguo
Review URL: https://codereview.chromium.org/1762183002
Cr-Commit-Position: refs/heads/master@{#34547}
I64Shl is lowered to a new turbofan operator, WasmWord64Shl. The new
operator takes 3 inputs, the low-word input, the high-word input, and
the shift, and produces 2 output, the low-word output and the high-word
output.
At the moment I implemented the lowering only for ia32, but I think the
CL is already big enough. I will add the other platforms in separate
CLs.
R=titzer@chromium.org
Review URL: https://codereview.chromium.org/1756863002
Cr-Commit-Position: refs/heads/master@{#34546}
The CL #34376 (https://codereview.chromium.org/1740073002 ) added the Inlining test case and X87 failed at it.
The reason is:
For TEST(Inlining) test case, when level3 function is inlined, the key optimized crankshaft code will like below code normally:
............
0x21d53b7f 63 ff571b call [edi+0x1b] <----------- should call action() here
;;; <@32,#27> lazy-bailout
;;; <@36,#31> ---- B3 ----
;;; <@37,#31> gap
0x21d53b82 66 89c1 mov ecx,eax <----------- Both the inlined function’s pc_offset from DeoptimizationInputData and the pc_offset from sample stack points to here, the same pc address
............
So the TEST(Inlining) test case can get the expected inlined code entry and pass..
In fact, the exact code sequence should like the following in crankshaft:
............
0x21d53b7f 63 ff571b call [edi+0x1b] <----------- should call action()
0xxxxxxxxx xxxx GenerateBodyInstructionPost() <----------- the pc_offset from sample stack points to here
;;; <@32,#27> lazy-bailout
;;; <@36,#31> ---- B3 ----
;;; <@37,#31> gap
0x21d53b82 66 89c1 mov ecx,eax <----------- the inlined function’s pc_offset from DeoptimizationInputData points to here.
............
For most of architectures in V8, the GenerateBodyInstructionPost() is empty, so both the inlined function’s pc_offset from DeoptimizationInputData and the pc_offset from sample stack points to the same pc address .
But if some architecture has special requirement and need to put some instruction after call instruction, the GenerateBodyInstructionPost() will do that work and generate instructions, the inlined function’s pc_offset from DeoptimizationInputData and The pc_offset from sample stack will points to the different pc address, the TEST(Inlining) test case can’t get the expected inlined code entry and failed.
For all current architectures in v8, only x87 have this requirement.
After communicated with Alexei Filippov <alph@chromium.org> in E-mail, we decided to disable the Inlining test case for x87 now and try to find a solution.
BUG=
Review URL: https://codereview.chromium.org/1766263002
Cr-Commit-Position: refs/heads/master@{#34544}
HInvokeFunction and HApplyArguments instructions now support tail calling.
Inlining of calls at tail position is not supported yet and therefore still disabled.
The tail-call-megatest was modified so that the usages of "arguments" object do not disable Crankshaft.
TBR=bmeurer@chromium.org
BUG=v8:4698
LOG=N
Review URL: https://codereview.chromium.org/1760253003
Cr-Commit-Position: refs/heads/master@{#34542}
Now that the embedder side supports v8::kGCCallbackFlagCollectAllAvailableGarbage,
this CL removes the old v8::kGCCallbackFlagForced from Heap::CollectAllAvailableGarbage.
BUG=591463
LOG=Y
Review URL: https://codereview.chromium.org/1769893002
Cr-Commit-Position: refs/heads/master@{#34539}
Fixed a few errors in implementation of FastNewObjectStub::Generate
for MIPS64 that cause a hadnfull of tests to fail.
TEST=cctest/test-heap-profiler/TrackBumpPointerAllocations
BUG=
Review URL: https://codereview.chromium.org/1773533002
Cr-Commit-Position: refs/heads/master@{#34535}
Instead of using CheckFloatEq and CheckDoubleEq directly, I introduced
a macro which first stores the expected result in a volatile variable.
Here are some comments of previous CLs:
The reason is same as the CL #31808 (issue 1430943002, X87: Change the test case for X87 float operations), please refer: https://codereview.chromium.org/1430943002/.
Here is the key comments from CL #31808
Some new test cases use CheckFloatEq(...) and CheckDoubleEq(...) function for result check. When GCC compiling the CheckFloatEq() and CheckDoubleEq() function,
those inlined functions has different behavior comparing with GCC ia32 build and x87 build.
The major difference is sse float register still has single precision rounding semantic. While X87 register has no such rounding precsion semantic when directly use register value.
The V8 turbofan JITTed has exactly same result in both X87 and IA32 port.
So we add the following sentence to do type cast to keep the same precision for RunCallInt64ToFloat32/RunCallInt64ToFloat64. Such as: volatile double expect = static_cast<float>(*i).
R=titzer@chromium.org, weiliang.lin@intel.com
Review URL: https://codereview.chromium.org/1773513002
Cr-Commit-Position: refs/heads/master@{#34534}
This is a prerequisite for teaching deoptimizer to drop possible arguments adapter frame below current input frame which is needed to support tail call inlining.
Review URL: https://codereview.chromium.org/1761303002
Cr-Commit-Position: refs/heads/master@{#34533}
Introducing the KeyAccumulator accidentally removed some crucial fast-paths.
This CL starts rewriting the KeyAccumulator, step-by-step introducing the
special cases again.
BUG=chromium:545503, v8:4758
LOG=y
Review URL: https://codereview.chromium.org/1707743002
Cr-Commit-Position: refs/heads/master@{#34532}
TestNotEqualsStrict is converted to a TestEqualsStrict and logical not
by the parser. Also, CompareIC does not have an implementation for
TestNotEqualsStrict. Hence, removing this bytecode.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1768593002
Cr-Commit-Position: refs/heads/master@{#34527}
The enum in question is (and should) no longer be used outside of the
compiler API and hence is being moved back into the Compiler class.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1762323002
Cr-Commit-Position: refs/heads/master@{#34526}
Now that the embedder side supports v8::kGCCallbackFlagCollectAllAvailableGarbage,
this CL removes the old v8::kGCCallbackFlagForced from Heap::CollectAllAvailableGarbage.
BUG=591463
LOG=Y
Review URL: https://codereview.chromium.org/1762313002
Cr-Commit-Position: refs/heads/master@{#34517}
