This makes CloneFastJSArray allocate exact memory needed for the elements
to be copy, instead of over-allocating.
Bug: chromium:875723
Change-Id: Id8e14cff3caf42eb0fb4090ec755f1cadcf518e6
Reviewed-on: https://chromium-review.googlesource.com/1180893
Commit-Queue: Hai Dang <dhai@google.com>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55246}
Start storing locations in heap snapshot file. Initial support
for closure, additional object types might be added in the future.
Needed to show source code locations for objects in the DevTools
heap snapshot viewer.
Bug: chromium:854097
Change-Id: I12659373ce1adf67b55c6a10ea1d0465fcdb4a10
Reviewed-on: https://chromium-review.googlesource.com/1174257
Commit-Queue: Dominik Inführ <dinfuehr@google.com>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55245}
This is a reland of 041ae1f879
The clashing method has been fixed.
Original change's description:
> [builtins] Start adding byte code handlers to builtins
>
> Adds a new build flag, v8_enable_embedded_bytecode_handlers, that adds
> the bytecode handlers to the BUILTIN_LIST macros.
>
> Currently it's not connected up to the code-generation so it actually
> does nothing except expand the builtins table.
>
> Bug: v8:8068
> Change-Id: Iaecc3982cf22d04e6c46169b86c9d694952fd091
> Reviewed-on: https://chromium-review.googlesource.com/1179887
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55215}
Bug: v8:8068
Change-Id: Ibc98929a9ad464e9d4c9fc7d43401f0fb0df9a00
Reviewed-on: https://chromium-review.googlesource.com/1181981
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55244}
This reverts commit 8fa7f9ed93.
Reason for revert: Speculating that this breaks GC stress
Original change's description:
> [runtime] Improve for-in performance
>
> - Add fast-path String conversion for Smi (which is the most common case)
> This improves for-in by ~10% on non-initialized enum-caches
> - Don't use the NumberStringCache for large indices to not overflow the cache
> during key collection. This improves worst-case performance by ~2.5x
> - Drop number_to_string_native and number_to_string_runtime counters
>
> Bug: v8:7717
> Change-Id: Ic1ff385e3374e6a7e7e7bdb9ae75fb8c238105d1
> Reviewed-on: https://chromium-review.googlesource.com/1167049
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Camillo Bruni <cbruni@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55233}
TBR=ulan@chromium.org,cbruni@chromium.org,verwaest@chromium.org
Change-Id: I8d0332478afcd7c6a3f8fbf1f044b9aa870b6b13
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7717
Reviewed-on: https://chromium-review.googlesource.com/1182676
Reviewed-by: Aseem Garg <aseemgarg@chromium.org>
Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55241}
This increases the size of a DateFormat instance by a word to store
the bound format function.
The instance to be bound is stored on the context of this builtin function.
Bug: v8:7800
Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: I05968251d3411f5126dba3ce9b5b6b29836fd5dc
Reviewed-on: https://chromium-review.googlesource.com/1178763
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55240}
The Fuchsia SDK will no longer include QEMU as part of the tarball.
QEMU will be downloaded separately from CIPD instead.
Fixes V8 roll failure: https://chromium-review.googlesource.com/1180602
Tested by verifying that
//build/config/fuchsia:blobstore_extended_qcow2 builds using the updated
Chromium build targets in //build/fuchsia/.
Change-Id: I01795aaf45dcdaa1a05481e4a72302c7aa387b3a
Reviewed-on: https://chromium-review.googlesource.com/1181688
Commit-Queue: Kevin Marshall <kmarshall@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55235}
ParseErrorType is never passed to ExpressionClassifier, so there's
no need to store it in the Error struct (we can always use the Parser's
default of SyntaxError).
Also simplify the handling of non-simple parameter detection, which
was stored in a two-bit function_properties_ field that was only
being used for this purpose.
Bug: v8:8015
Change-Id: I198e8285cbafee650614d1ff5bb434fe9fd2a338
Reviewed-on: https://chromium-review.googlesource.com/1180525
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55234}
- Add fast-path String conversion for Smi (which is the most common case)
This improves for-in by ~10% on non-initialized enum-caches
- Don't use the NumberStringCache for large indices to not overflow the cache
during key collection. This improves worst-case performance by ~2.5x
- Drop number_to_string_native and number_to_string_runtime counters
Bug: v8:7717
Change-Id: Ic1ff385e3374e6a7e7e7bdb9ae75fb8c238105d1
Reviewed-on: https://chromium-review.googlesource.com/1167049
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55233}
This reverts commit 5232b938d7.
Reason for revert: Regresses performance on the JSTests bots
Original change's description:
> [turbofan] Optimize index checking for DataView accesses.
>
> Use CheckBounds and reduce the number of checks required to sanitize the
> indices for DataView accesses in optimized code. Also constant-fold the
> [[ByteLength]] if the DataView is a known compile-time constant (similar
> to what we do for TypedArrays already). This further improves performance
> of DataViews by 2-7% depending on the exact test case.
>
> With this change DataView and TypedArray accesses themselves are mostly
> on par performance wise.
>
> Bug: chromium:225811
> Change-Id: I6838339108b8a4dcf9b13ddecab40f1c3632967c
> Reviewed-on: https://chromium-review.googlesource.com/1179741
> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
> Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55190}
TBR=sigurds@chromium.org,bmeurer@chromium.org,mathias@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: chromium:225811
Change-Id: I90547f91bab27127f57ba812194d3a3e3deb8ff7
Reviewed-on: https://chromium-review.googlesource.com/1179563
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55232}
The vim counterpart to the existing Visual Studio Code extension.
Change-Id: I7ee59e212a31e81034362eb406f3ffdbb2447acb
Reviewed-on: https://chromium-review.googlesource.com/1180705
Commit-Queue: Timothy Gu <timothygu@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55231}
This reverts commit 041ae1f879.
Reason for revert: Causes jumbo builds to fail because of duplicate GenerateBytecodeHandler definitions.
Original change's description:
> [builtins] Start adding byte code handlers to builtins
>
> Adds a new build flag, v8_enable_embedded_bytecode_handlers, that adds
> the bytecode handlers to the BUILTIN_LIST macros.
>
> Currently it's not connected up to the code-generation so it actually
> does nothing except expand the builtins table.
>
> Bug: v8:8068
> Change-Id: Iaecc3982cf22d04e6c46169b86c9d694952fd091
> Reviewed-on: https://chromium-review.googlesource.com/1179887
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#55215}
TBR=rmcilroy@chromium.org,jgruber@chromium.org,delphick@chromium.org
Change-Id: I860b3ecf543944fd0f4fdcb8de09d21a4b784150
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8068
Reviewed-on: https://chromium-review.googlesource.com/1181301
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55225}
This CL prepares the way for adding a root register on ia32. The new
register allocation configuration PreserveRootIA32 treats
kRootRegister as an unallocatable register.
Note that kRootRegister (on ia32) is still completely unused,
unallocated, and may be clobbered at many points. This is left to
future work.
Bug: v8:6666
Change-Id: I4aacdf9c3bb365d6ed49fea8f013f79b7b1f0a98
Reviewed-on: https://chromium-review.googlesource.com/1181023
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55224}
NeedsSourcePositionsForProfiling is used to control the generation of
the line end table during parsing (see ParseInfo::CreateScript). This
is costly both for memory and performance. Turning on detailed_line_info
by default caused regressions because we always generate the line end
table.
This CL splits the two conditions apart as they aren't related.
Bug: chromium:875677
Change-Id: I71006db586e504b4cf9232081ba249f5647f5b76
Reviewed-on: https://chromium-review.googlesource.com/1181041
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55222}
This makes sure that debug info and interpreter handle are created
lazily, even when interpretation is triggered by a different Isolate
sharing the same WasmEngine (and hence the native module).
R=titzer@chromium.org
TEST=mjsunit/wasm/worker-interpreter
BUG=v8:7424
Change-Id: Iba17e207a537007fd2e642cede22dad7a708c6c7
Reviewed-on: https://chromium-review.googlesource.com/1181045
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55220}
This commit adds a single NumberToString test suite.
It recognizes the following revert by showing more than 100x improvement:
https://chromium-review.googlesource.com/c/v8/v8/+/1166783
Bug: chromium:865494
Change-Id: I93dab3f0b21e98565c76e65722e90a92adc41d72
Reviewed-on: https://chromium-review.googlesource.com/1181042
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55219}
Now that we don't iterate over the strong roots in the StartupSerializer
twice, remove code related to skipping non-immortal immovable roots.
Factor out code from Serializer::VisitRootPointers and use that method in
the StartSerializer override.
Also update comments that reflected the old way of serializing.
Change-Id: Ieb5e63389f455b963244717cada7e5ccde8e41cb
Reviewed-on: https://chromium-review.googlesource.com/1179669
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55218}
This way we can avoid reencoding everything to utf16 (buffered) and avoid the
overhead of needing to check the encoding for each character individually.
This may result in a minor asm.js scanning regression due to one-byte tokens
possibly being more common.
Change-Id: I90b51c256d56d4f4fa2d235d7e1e58fc01e43f31
Reviewed-on: https://chromium-review.googlesource.com/1172437
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55217}
This is already a heap root, so no need to internalize the string again,
nor to open a local handle for it (the one the factory gives is sufficient).
Change-Id: I5095bd378956ab6667b8a1f9d8f3e3d19ddffdb9
Reviewed-on: https://chromium-review.googlesource.com/1177889
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Jeremy Roman <jbroman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55216}
Adds a new build flag, v8_enable_embedded_bytecode_handlers, that adds
the bytecode handlers to the BUILTIN_LIST macros.
Currently it's not connected up to the code-generation so it actually
does nothing except expand the builtins table.
Bug: v8:8068
Change-Id: Iaecc3982cf22d04e6c46169b86c9d694952fd091
Reviewed-on: https://chromium-review.googlesource.com/1179887
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55215}
Off-heap trampolines (short trampolines that jump to .text-embedded
builtin instruction streams) should contain exactly one OFF_HEAP_TARGET
reloc entry.
When AddAnonymousCode is called on such a trampoline, it copies the
(off-heap) *instruction stream* and thus should never perform any
relocations using the *trampoline's* RelocInfo.
Bug: v8:6666
Change-Id: I09a11344fb7e62d759c4c943712e7d4e91199130
Reviewed-on: https://chromium-review.googlesource.com/1179671
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55214}
The CheckedInt32Mod lowering in the EffectControlLinearizer wasn't
playing well with subsequent optimizations in the MachineOperatorReducer
especially due to the use of Int32Mod, which introduces another (floating)
diamond in the MachineOperatorReducer. Switching to Uint32Mod and explicit
sign handling fixes the problem, plus we also do the mask trick in the
case where the left hand side is negative now.
With this change the performance on the benchmark mentioned in the bug
report goes from
console.timeEnd: binary, 1872.346000
console.timeEnd: modulo, 5967.464000
console.timeEnd: binary, 6006.789000
console.timeEnd: modulo, 6293.496000
console.timeEnd: binary, 5969.264000
console.timeEnd: modulo, 6291.874000
to
console.timeEnd: binary, 1876.464000
console.timeEnd: modulo, 5846.643000
console.timeEnd: binary, 5962.545000
console.timeEnd: modulo, 5972.639000
console.timeEnd: binary, 5958.221000
console.timeEnd: modulo, 5973.171000
so even the peak performance of the modulus is now mostly the same as
the binary bitwise and.
Bug: v8:8069
Change-Id: Iaf3828fc0f6c53352367e8bf6c42534f8b13bfb3
Reviewed-on: https://chromium-review.googlesource.com/1180971
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55211}
Small clean up to create a BUILTIN_LIST_INTL to include in BUILTIN_LIST
rather than having two definitions of BUILTIN_LIST depending on whether
V8_INTL_SUPPORT is enabled.
Change-Id: I05ce83fe478049398392c5204b22961d29eb3622
Reviewed-on: https://chromium-review.googlesource.com/1180967
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55209}
Since the number of properties is always 0, we can just directly use the
Object function's initial map.
Bug: v8:7790
Change-Id: I061bd522f5bce1c059cd82f5946d8bc572dbfb27
Reviewed-on: https://chromium-review.googlesource.com/1180887
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55208}
The RegExp replace implementation is a bit of a mess. Here, we first
try to handle parts of RegExp.p.exec, and then call directly into the
raw irregexp code (skipping RegExp.p.exec).
We got parts of this wrong: when lastIndex > string.length and the
regexp instance is sticky, two things should happen. 1. The match
should fail, and 2. lastIndex should be reset to 0. On the fast path,
we did the latter but not the former, instead running exec with a
lastIndex of 0.
This CL omits the irregexp call in this case, and defaults to a failed
match instead.
Bug: chromium:875493
Change-Id: I8c959610d267575e37686076a3fd5dfde322f0ca
Reviewed-on: https://chromium-review.googlesource.com/1180889
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55207}
This makes sure the aforementioned predicate is independent of the
current context (aka. Realm) and only uses the instance type of the
given object to determine whether it is a WebAssembly module object.
R=titzer@chromium.org
TEST=mjsunit/regress/wasm/regress-8059
BUG=v8:8059
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Icc8e400f8412483f2a3883ca65c58b7ef938ef23
Reviewed-on: https://chromium-review.googlesource.com/1180886
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55205}
This is a reland of f991465b42
Original change's description:
> [wasm] Publish new code from the background threads.
>
> R=clemensh@chromium.org
> BUG=v8:7921
>
> Change-Id: Ib86cb5f742907b6e54365827facfc765867ca22e
> Reviewed-on: https://chromium-review.googlesource.com/1156384
> Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#54985}
Bug: v8:7921
Change-Id: Ic99f59410b6f26593f4bd4b47209e9cce56481fc
Reviewed-on: https://chromium-review.googlesource.com/1179861
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#55202}