Port 34225a6afb
Original Commit Message:
For spread calls with arrays with double elements but zero length,
we skip the box-as-heapnumber step; so in this corner case the
Call builtin sees a FixedDoubleArray, which is fine because it
doesn't read any of the raw double values from it.
This patch doesn't change the implementation, it only updates the
assert to match reality.
R=jkummerow@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: Iafa52f21fb0bbee5656fdfd6c5f3a50894ff683f
Reviewed-on: https://chromium-review.googlesource.com/1126212
Reviewed-by: Michael Dawson <michael_dawson@ca.ibm.com>
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#54227}
This DCHECK does not hold for compaction spaces that may go over the limit
with large semi-spaces and small old generation size maxima.
Bug: chromium:855960
Change-Id: I39eea4c974b94c170e7314471fb1c50f9a1a2b45
Reviewed-on: https://chromium-review.googlesource.com/1126392
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54226}
In future the RO_SPACE root accessors in Heap will become private, so
instead convert them all to use ReadOnlyRoots.
Bug: v8:7786
Change-Id: I315e63a30ca6f3077f18eb1a5004daefba9bc673
Reviewed-on: https://chromium-review.googlesource.com/1125929
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54223}
In future the RO_SPACE root accessors in Heap will become private, so
instead convert them all to use ReadOnlyRoots.
Bug: v8:7786
Change-Id: Ib3c45c1023d76bec5e1f4bc8f971062880b6c53f
Reviewed-on: https://chromium-review.googlesource.com/1126240
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54221}
Changes SharedFunctionInfo to store a function_token_offset, relative
to the start_position, instead of the full function_token_position.
This enables us to reduce both FunctionTokenPosition and
ExpectedNofProperties to 16 bits each, saving 32 bits per SFI.
BUG=chromium:818642,chromium:783853
TBR=yangguo@chromium.org
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I45aefcec605c1da502053c23c73564ceaed6c9b5
Reviewed-on: https://chromium-review.googlesource.com/1122982
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54220}
This CL creates a new Operator called LoadDataViewElement, similar to
LoadTypedArray, for DataView getters.
This operator will be used as a wrapper around all the computations
that DataViews need to do when loading values, due to the endianness
parameter of DataView loads.
Change-Id: Ie67d63c9669142e539a5c8d7ae82dc1018ce5858
Reviewed-on: https://chromium-review.googlesource.com/1125928
Commit-Queue: Théotime Grohens <theotime@google.com>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54217}
In future the RO_SPACE root accessors in Heap will become private, so
instead convert them all to use ReadOnlyRoots.
Bug: v8:7786
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I4a5fb4bc70169874d003d9c31f1713f52e2bba93
Reviewed-on: https://chromium-review.googlesource.com/1126118
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54216}
In future the RO_SPACE root accessors in Heap will become private, so
instead convert them all to use ReadOnlyRoots.
Bug: v8:7786
Change-Id: I631fa1e44d2b9998a5567c96c6977955ac86d5a1
Reviewed-on: https://chromium-review.googlesource.com/1125931
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54215}
In future the RO_SPACE root accessors in Heap will become private, so
instead convert them all to use ReadOnlyRoots.
Bug: v8:7786
Change-Id: I6a7fb375411e379681637469bb3fb360635e6bbe
Reviewed-on: https://chromium-review.googlesource.com/1126111
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54214}
In future the RO_SPACE root accessors in Heap will become private, so
instead convert them all to use ReadOnlyRoots.
Bug: v8:7786
Change-Id: I67420b74440c7620b0eb3aa7980b08c0e43a1e75
Reviewed-on: https://chromium-review.googlesource.com/1125729
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54211}
The JSCallReducer could in theory inline the default resolve and reject
functions passed to the executor in the Promise constructor. But that
inlining is almost never triggered because we don't have SFI based feedback
in the CallIC. Also the use of the Promise constructor is discouraged,
so we shouldn't really need to squeeze the last bit of performance out
of this even in the future.
Getting rid of this optimization will make significantly easier to
implement the Swallowed Rejection Hook, as there's less churn on the
TurboFan side then.
Bug: v8:7919
Change-Id: If0c54f1c6c7ce95686cd74232be6b8693ac688c9
Reviewed-on: https://chromium-review.googlesource.com/1125926
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54210}
Recent changes in SerializerReferences (see https://crrev.com/c/1113930)
opened up these minor improvements to the builtin serializer allocator,
since we now have dedicated BuiltinReferences.
R=yangguo@chromium.org
Bug: v8:7887
Change-Id: Ie76a52a88ef4075c63c5eb2eaa81382c52325688
Reviewed-on: https://chromium-review.googlesource.com/1125844
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54207}
No need to iterate over imported functions just to skip them in the
loop body anyway.
R=mstarzinger@chromium.org
Bug: v8:7754
Change-Id: I8dabf8d6ee7d0cc029b6236cef319cf8e70e4a5b
Reviewed-on: https://chromium-review.googlesource.com/1125802
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54206}
This reverts commit e438d5d4de.
Reason for revert: TSAN failures - https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux64%20TSAN/21357
Original change's description:
> [heap] Make objects allocated in new_lo_space look like young generation objects.
>
> The scavenger still does not handle young generation large objects correctly.
> This will be added in a follow-up CL.
>
> Bug: chromium:852420
> Change-Id: I2587509d6e7f329aeff3db246d949bb30b3a91a5
> Reviewed-on: https://chromium-review.googlesource.com/1124477
> Commit-Queue: Hannes Payer <hpayer@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54197}
TBR=ulan@chromium.org,hpayer@chromium.org
Change-Id: Ief44cfd841278f2d53d51f3a21c03b70b8025a7a
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:852420
Reviewed-on: https://chromium-review.googlesource.com/1125979
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54205}
In future the RO_SPACE root accessors in Heap will become private, so
instead convert them all to use ReadOnlyRoots.
Bug: v8:7786
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: I2f2c031c03d56d360ef940fc925e0583e6ae31dc
Reviewed-on: https://chromium-review.googlesource.com/1125720
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54202}
In future the RO_SPACE root accessors in Heap will become private, so
instead convert them all to use ReadOnlyRoots.
Splits HEAP_CONSTANT_LIST into HEAP_MUTABLE_IMMOVABLE_OBJECT_LIST and
HEAP_IMMUTABLE_IMMOVABLE_OBJECT_LIST. The CSA accessors then use the
appropiate ReadOnlyRoots or Heap accessor to get hold of the object.
Bug: v8:7786
Change-Id: I3bdf868b5e224f8794c85307e1b4569480cebd1c
Reviewed-on: https://chromium-review.googlesource.com/1125725
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54199}
This change may slow down deserialization of the snapshot but may result in less fragmentation.
Bug: v8:7887
Change-Id: Id8bb9f1a561b08b7ae0f10b80aa77bc00eb23172
Reviewed-on: https://chromium-review.googlesource.com/1125722
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54198}
The scavenger still does not handle young generation large objects correctly.
This will be added in a follow-up CL.
Bug: chromium:852420
Change-Id: I2587509d6e7f329aeff3db246d949bb30b3a91a5
Reviewed-on: https://chromium-review.googlesource.com/1124477
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54197}
This is a preliminary step before changing the way we store zone pointers in the zones.
Bug: v8:7903, v8:7754
Change-Id: I1e1af1823766c888ee0f8fe190f205f5b7e21973
Reviewed-on: https://chromium-review.googlesource.com/1118887
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54193}
This is a reland of 8e0f67be3f
Previously landed as: 3c4d0316e4 / 1065818
Previously landed as: 8e0f67be3f / 1088890
Original change's description:
> [async] Expose async hooks to d8
>
> This implementation follows the Node.js API as a guideline.
Bug: chromium:850530
Change-Id: I8ba22b11c80328108b197d687826ce0198420c9c
Reviewed-on: https://chromium-review.googlesource.com/1125679
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54191}
This is a reland of 3dfaf8264f
Original change's description:
> [debug] liveedit in native
>
> Liveedit step-by-step:
> 1. calculate diff between old source and new source,
> 2. map function literals from old source to new source,
> 3. create new script for new_source,
> 4. mark literals with changed code as changed, all others as unchanged,
> 5. check that for changed literals there are no:
> - running generators in the heap,
> - non droppable frames (e.g. running generator) above them on stack.
> 6. mark the bottom most frame with changed function as scheduled for
> restart if any.
> 7. for unchanged functions:
> - deoptimize,
> - remove from cache,
> - update source positions,
> - move to new script,
> - reset feedback information and preparsed scope information if any,
> - replace any sfi in constant pool with changed one if any.
> 8. for changed functions:
> - deoptimize
> - remove from cache,
> - reset feedback information,
> - update all links from js functions to old shared with new one.
> 9. swap scripts.
>
> TBR=ulan@chromium.org
>
> Bug: v8:7862,v8:5713
> Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
> Change-Id: I8f6f6156318cc82d6f36d7ebc1c9f7d5f3aa1461
> Reviewed-on: https://chromium-review.googlesource.com/1105493
> Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54146}
TBR=dgozman@chromium.org
Bug: v8:7862, v8:5713
Change-Id: I163ed2fd2ca3115ba0de74cb35a6fac9e40fdd94
Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Reviewed-on: https://chromium-review.googlesource.com/1124879
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54187}
This is an optimization to avoid an unneeded "mov <reg>, #0"
instruction. Instead, we can just directly use the zero register.
R=ahaas@chromium.org
Bug: chromium:854011, v8:6600
Change-Id: I187d7a659c42d7d4a6d5798eddff8b7ee0983bbc
Reviewed-on: https://chromium-review.googlesource.com/1124684
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54186}
We need to push the sign-extended constant instead of just the lower 32
bits. Otherwise, the callee might read stale data from the stack.
Bug: chromium:854011, v8:6600
R=ahaas@chromium.orgCC=rodolph.perfetta@arm.com
Change-Id: Iafcfd6ba9532771615b41215fb4d1a2b85ce5623
Reviewed-on: https://chromium-review.googlesource.com/1124683
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54185}
In future the RO_SPACE root accessors in Heap will become private, so
instead convert them all to use ReadOnlyRoots.
Bug: v8:7786
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ifd2f75298bacd2f6a89c551f689d269a59d87e97
Reviewed-on: https://chromium-review.googlesource.com/1124470
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54183}
In future the RO_SPACE root accessors in Heap will become private, so
instead convert them all to use ReadOnlyRoots.
Bug: v8:7786
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ia24803003f1e6ce0782dffe448c662695620f026
Reviewed-on: https://chromium-review.googlesource.com/1124326
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54182}
In future the RO_SPACE root accessors in Heap will become private, so
instead convert them all to use ReadOnlyRoots.
Bug: v8:7786
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I2cc63ffc5b6df537fa7772356acd9e8b3cf59352
Reviewed-on: https://chromium-review.googlesource.com/1124322
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54181}
Using CpuProfile pointer is not safe for id as the profile objects
can be recreated on the same memory address.
Use sequential numbers instead.
Change-Id: I7253605819055bc3396b797f9ce27669e8c2584d
Reviewed-on: https://chromium-review.googlesource.com/1123325
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Alexei Filippov <alph@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54180}
Also move some helpers there.
Bug: v8:7902
Change-Id: I1ef3d1e8317102afae2861382e9ba60b0ef6bba4
Reviewed-on: https://chromium-review.googlesource.com/1121461
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54179}
Moves STRUCT_LIST AND ALLOCATION_SITE_LIST into roots.h and adds access
to their associated maps using ReadOnlyRoots.
Also corrects the location of external_map, message_object_map,
empty_script, many_closures_cell, invalid_prototype_validity_cell and
builtins_constants_table which are not in RO_SPACE.
Finally this adds a convenience ReadOnlyRoots(Isolate*) constructor.
Bug: v8:7786
Change-Id: I4982dd0cbea2062a124605678599ba48831f020f
Reviewed-on: https://chromium-review.googlesource.com/1124319
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54178}