Rolling v8/build to c409cdb27d5dfcfd5d08f22b18af9010ae50b6a8
Rolling v8/third_party/android_tools to 20a4bd598cf3ba8434311156ce94c110a0024fe7
Rolling v8/tools/mb to 6aa2ae44b604e6feec721bec77208210142dd4f5
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2154983002
Cr-Commit-Position: refs/heads/master@{#37806}
This change makes the architecture that we target generated
v8 code for a property of the current toolchain, rather than a
global setting that applies to every toolchain.
This will allow us to properly build two snapshots for two different
architectures in a single build, which is needed for android
webview/monochrome builds.
R=brettw@chromium.org, jochen@chromium.org, michaelbai@chromium.org
BUG=625383
Review-Url: https://codereview.chromium.org/2116913002
Cr-Commit-Position: refs/heads/master@{#37805}
No compiled handlers required! Instead, the type feedback vector
contains a Smi encoding the field index.
Review-Url: https://codereview.chromium.org/2133233002
Cr-Commit-Position: refs/heads/master@{#37803}
When it is in executing JS state there should be a JS stack.
Having no stack means something is wrong with frame pointer, so
just skip the bogus sample.
Review-Url: https://codereview.chromium.org/2151103002
Cr-Commit-Position: refs/heads/master@{#37802}
Reason for revert:
Unfortunately, the performance issues are still there on Android.
Original issue's description:
> [ic] [stubs] Don't use Code::flags in megamorphic stub cache hash computations.
>
> This should avoid weird performance issues when changing layout of Code::flags field.
>
> BUG=chromium:618701
>
> Committed: https://crrev.com/aa4140b1ccc114b82700471513c715f68b7c5dac
> Cr-Commit-Position: refs/heads/master@{#37755}
TBR=jkummerow@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=chromium:618701
Review-Url: https://codereview.chromium.org/2147213004
Cr-Commit-Position: refs/heads/master@{#37801}
This commit introduces support for writing unwinding tables in the
.eh_frame format, to be inserted in the jitdump read by Linux perf and
emitted with FLAG_perf_prof and FLAG_perf_prof_unwinding_info enabled.
x64 is fully implemented and tested, arm and arm64 are untested and the
unwinding information needs to be expanded, but the mechanism is ready.
BUG=v8:4899
LOG=N
Review-Url: https://codereview.chromium.org/2026313002
Cr-Commit-Position: refs/heads/master@{#37799}
This uses the same compiler flag as the chrome executable
does for better performance comparison.
BUG=chromium:474921
Review-Url: https://codereview.chromium.org/2152853004
Cr-Commit-Position: refs/heads/master@{#37798}
This sets default values for v8_enable_gdbjit and
v8_imminent_deprecation_warnings, while allowing to override
them as gn args.
Without this patch the project-specific overrides have no
effect.
BUG=chromium:474921, chromium:626064
Review-Url: https://codereview.chromium.org/2153753002
Cr-Commit-Position: refs/heads/master@{#37797}
With this patch, every node in turbo-*.json has an opcode, a title, and
a label. The label field is new; the opcode and title were already
there. The title is for the mouseover text. The label is what will be
displayed in the graph view, unless it's too long, in which case only
the opcode will be displayed. (This is similar to the preexisting
behaviour of putting titles in labels, except that the titles were
rarely short enough to fit in a label.)
With this patch, the labels generated are in practice the same as the
titles we had before, except for LoadField and StoreField, which will be
rendered as LoadField[[+432]] and StoreField[[+432]] (if 432 was the
offset).
This diff adds an overloadable method
virtual void Operator1<T>::PrintParameter(ostream&, PrintVerbosity)
for each type T to Operator1. Its default implementation just uses
operator<<(ostream&, T const&) and adds square brackets around it, but
it is overridden for FieldAccess to print "[+432]" in the example case.
BUG=
R=jarin,danno
Review-Url: https://codereview.chromium.org/2093013002
Cr-Commit-Position: refs/heads/master@{#37795}
This reverts commit 457c02573c because it caused a
regression in SunSpider/string-fasta and possibly AreWeFastYet/Life. Need to
implement this in a smarter way.
TBR=littledan@chromium.org
BUG=chromium:627729,v8:5113
Review-Url: https://codereview.chromium.org/2149303003
Cr-Commit-Position: refs/heads/master@{#37793}
This makes sure that the uses of PlainPrimitiveToNumber get a more
precise type (so that the uses know how to interpret the output
representation).
BUG=chromium:628516
Review-Url: https://codereview.chromium.org/2151223002
Cr-Commit-Position: refs/heads/master@{#37792}
- Add Simd128 type to Wasm AST types
- Add a pass that converts SIMD machine ops to runtime calls
- Sample opcodes Int32x4Splat, Int32x4ExtractLane and test
- Separate out generic SIMD Machine ops as these cannot be
handled by runtime functions just yet.
LOG=N
BUG=v8:4124
R=bradnelson@chromium.org, bbudge@chromium.org, titzer@chromium.org
Review-Url: https://codereview.chromium.org/1991143002
Cr-Commit-Position: refs/heads/master@{#37789}
This replaces the vtable on AstNode with a NodeType tag. The visitors replace double dispatch with a single switch over the NodeType.
For now, visitors with subclasses still have virtual methods themselves. We should probably specialize them later as well.
The uint8_t NodeType allows us to better pack memory, saving 8-16 bytes on many AST nodes (with additional packing that I'll do in a follow-up CL)
BUG=
Review-Url: https://codereview.chromium.org/2142233003
Cr-Commit-Position: refs/heads/master@{#37788}
There's no use putting it into parser_zone_, and if we do so, it might
refer to dead memory (the Block is in local_zone_ which might get
discarded).
BUG=
Review-Url: https://codereview.chromium.org/2145293003
Cr-Commit-Position: refs/heads/master@{#37787}
Migrate the platform NonNumberToNumber builtin to TurboFan, and change
it to use the new NonPrimitiveToPrimitive builtin for the JSReceiver
case.
R=yangguo@chromium.org
BUG=v8:5049
Review-Url: https://codereview.chromium.org/2153053002
Cr-Commit-Position: refs/heads/master@{#37786}
Rolling v8/build to 6d146149b533ff2223abf1523d097e21884a2595
Rolling v8/buildtools to 55638fe5c31652a808f059027b99b08bafd15fb7
Rolling v8/tools/mb to 1b8214f7fe4354b36d90b62086d844dae0c71747
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2151073003
Cr-Commit-Position: refs/heads/master@{#37784}
Annex B.3.3 of the spec requires that sloppy-mode block-scoped functions
declared by "eval" are hoisted unless doing so would cause an early
error (which is to say, conflict with a lexical declaration). This patch
amends the check for conflicting declarations to include those outside
of the eval itself.
BUG=v8:4468, v8:4479
Review-Url: https://codereview.chromium.org/2112163002
Cr-Commit-Position: refs/heads/master@{#37783}
Fast accessors do not have an associated JSFunction, similar to lazy accessors.
Now using the 'lazy' version of the CallApiCallbackStub.
R=vogelheim@chromium.org
BUG=chromium:508898
Review-Url: https://codereview.chromium.org/2143983002
Cr-Commit-Position: refs/heads/master@{#37782}
Instead of unconditionally parsing the catch parameter as an expression
and then recovering if it turns out to be a simple variable proxy
(the overwhelmingly common case), this patch peeks one token ahead
before attempting to parse. This avoids doing the usual RemoveUnresolved
gymnastics in ParseTryStatement, and as a side-effect slightly improves
function name inference for an async arrow function test case.
Review-Url: https://codereview.chromium.org/2151433005
Cr-Commit-Position: refs/heads/master@{#37780}
All stores require a Slot parameter so VectorStoreICTrampolineDescriptor is a new StoreDescriptor.
VectorStoreICDescriptor renamed to StoreWithVectorDescriptor.
Review-Url: https://codereview.chromium.org/2147043002
Cr-Commit-Position: refs/heads/master@{#37779}
Reason for reland:
https://codereview.chromium.org/2122953002 fixed context issues.
Original issue's description:
> Revert of Avoid Context::Enter and Context::Exit if we're reentering the active and last entered context (patchset #2 id:20001 of https://codereview.chromium.org/2131483002/ )
>
> Reason for revert:
> crashes: crbug.com/626719
>
> Original issue's description:
> > Avoid Context::Enter and Context::Exit if we're reentering the active and last entered context
> >
> > A bit of browsing around indicates that the new fast-path is taken most of the time:
> > 3496 Entering new
> > 152295 Reentering same
> >
> > BUG=
> >
> > Committed: https://crrev.com/1829eb661ef1cf432fb551bcb193f521a219d490
> > Cr-Commit-Position: refs/heads/master@{#37570}
>
> TBR=jochen@chromium.org,verwaest@chromium.org
> # Not skipping CQ checks because original CL landed more than 1 days ago.
> BUG=
>
> Committed: https://crrev.com/bec49a4876fdf8a20600ecdfc8534d0ef45c9528
> Cr-Commit-Position: refs/heads/master@{#37632}
TBR=jochen@chromium.org,verwaest@chromium.org,jkummerow@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=
Review-Url: https://codereview.chromium.org/2152803003
Cr-Commit-Position: refs/heads/master@{#37778}
1) Validation fails for literal indexes too large for accessing a given
heap type
2) Removes the special handling of FloatishDoubleQ, and FloatQDoubleQ;
the inheritance issue that required this special handling was fixed in
another CL.
3) Fix a macro name (from asm_* to ASM_*)
BUG= https://bugs.chromium.org/p/v8/issues/detail?id=4203
TEST=cctest/asmjs/test-asm-typer.cc
LOG=N
Review-Url: https://codereview.chromium.org/2150583003
Cr-Commit-Position: refs/heads/master@{#37776}
Implemented the WebAssembly.Module and WebAssembly.Instance
in terms of the WasmModule::CompileFunctions and
WasmModule::Instantiate APIs.
Added negative tests - for invalid module object.
BUG=
Review-Url: https://codereview.chromium.org/2121593002
Cr-Commit-Position: refs/heads/master@{#37775}
This removes the obsolete use of FrameStateBeforeAndAfter when visiting
compare operations. None of the operators in question require a "before"
frame state by now.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2144063003
Cr-Commit-Position: refs/heads/master@{#37771}
This is a requirement to replace AstNode vtable with a NodeType tag. In a second CL (https://codereview.chromium.org/2142233003/) I switch over that tag rather than double dispatch. With additional packing in a third CL there's roughly 8 byte reduction for almost all AstNode types, and for some even more.
BUG=
Review-Url: https://codereview.chromium.org/2126233002
Cr-Commit-Position: refs/heads/master@{#37770}
This CL introduces explicit LoopExit control nodes at loop exits.
We also attach explicit value renames (LoopExitMarker) and effect
rename (LoopExitEffect) to each loop exit. This is in preparation
to loop peeling, which will replace LoopExit, LoopExitMarker and
LoopExitEffect with Merge, Phi and EffectPhi respectively.
At the moment, we insert loop exit at every return, break,
continue and locally caught throw. We do not yet handle
uncaught throws (including error throws, such as ReferenceError).
Review-Url: https://codereview.chromium.org/2140673007
Cr-Commit-Position: refs/heads/master@{#37769}
- Fix recording sub types that have their own instance type
- Fix double accounting by keeping a shadow map for tracking recorded status
- Add recording of more fixed array sub types
BUG=hpayer@chromium.org
Review-Url: https://codereview.chromium.org/2147693004
Cr-Commit-Position: refs/heads/master@{#37768}
This removes the fallback path in question. Now the {AstNumbering} phase
is the only phase deciding whether Crankshaft is supposed to be disabled
or not. This in turn simplifies reasoning about the paths through the
compilation pipeline. We can decide early whether we want Ignition to
kick in depending on whether Crankshaft is enabled or not.
R=mvstanton@chromium.org,rmcilroy@chromium.org
Review-Url: https://codereview.chromium.org/2146573004
Cr-Commit-Position: refs/heads/master@{#37763}
Typed lowering now produces SpeculativeNumberShiftLeft for JSShiftLeft if the type feedback is kSignedSmall or kSigned32.
BUG=v8:4583
LOG=n
Review-Url: https://codereview.chromium.org/2150553002
Cr-Commit-Position: refs/heads/master@{#37762}
Reason for revert:
blink is unhappy about the microtask change
Original issue's description:
> Reland "Don't compile functions in a context the caller doesn't have access to"
>
> Original issue's description:
> > Don't compile functions in a context the caller doesn't have access to
> >
> > Instead just return undefined
> >
> > A side effect of this is that it's no longer possible to compile
> > functions in a detached context.
> >
> > BUG=chromium:541703
> > R=verwaest@chromium.org,bmeurer@chromium.org
>
> BUG=chromium:541703
> R=verwaest@chromium.org
>
> Committed: https://crrev.com/6bceabac5b705b2ce1f52d34650cea1ae3b8c617
> Cr-Commit-Position: refs/heads/master@{#37756}
TBR=verwaest@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:541703
Review-Url: https://codereview.chromium.org/2151843002
Cr-Commit-Position: refs/heads/master@{#37760}
Using the Hydrogen code stub bailout mechanism is not correct for the
string length overflow check in the StringAddStub. Instead make sure we
just throw the proper exception.
R=mstarzinger@chromium.org
BUG=chromium:627934
Review-Url: https://codereview.chromium.org/2146353002
Cr-Commit-Position: refs/heads/master@{#37758}
This adds a missing conversion of time zone names to string primitives
before case conversion and regular expression matching are applied.
This is in sync with ECMA-402, section 12.1.1.1, step 16(a).
R=jochen@chromium.org
TEST=mjsunit/regress/regress-crbug-627935
BUG=chromium:627935
Review-Url: https://codereview.chromium.org/2143003005
Cr-Commit-Position: refs/heads/master@{#37757}