Reason for revert:
Speculative revert because of stability problems
Original issue's description:
> [stubs] Port SubStringStub to TurboFan
>
> This ports the platform-specific SubStringStub to TurboFan.
>
> It also contains a minor bug-fix for the case when the requested substring
> length equals the subject string length, but the start index is not equal to 0.
> The old stub implementation returned the subject string, while the new
> implementation calls into runtime, which finally results in a thrown exception.
>
> BUG=v8:5415
>
> Committed: https://crrev.com/49be31921536716706a6790fbbf9c346b975af16
> Cr-Commit-Position: refs/heads/master@{#39653}
TBR=ishell@chromium.org,bmeurer@chromium.org,jgruber@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=v8:5415, chromium:649967
NOPRESUBMIT=true
NOTRY=true
Review-Url: https://codereview.chromium.org/2365413002
Cr-Commit-Position: refs/heads/master@{#39737}
According to new store IC calling convention the value, slot and vector are passed
on the stack and there's no need in trying to preserve values or respective registers
in store handlers.
Nice bonus: we also don't need virtual registers anymore.
BUG=v8:5407
Review-Url: https://codereview.chromium.org/2357323003
Cr-Commit-Position: refs/heads/master@{#39672}
This ports the platform-specific SubStringStub to TurboFan.
It also contains a minor bug-fix for the case when the requested substring
length equals the subject string length, but the start index is not equal to 0.
The old stub implementation returned the subject string, while the new
implementation calls into runtime, which finally results in a thrown exception.
BUG=v8:5415
Review-Url: https://codereview.chromium.org/2355793003
Cr-Commit-Position: refs/heads/master@{#39653}
This cleanup is necessary to make HCallWithDescriptor support passing arguments on the stack.
BUG=v8:5407
Review-Url: https://codereview.chromium.org/2352163004
Cr-Commit-Position: refs/heads/master@{#39590}
port 3ccedd5d8a24281b4abc0af4bfe41d4212a794e6(r39398)
original commit message:
BUG=
Review-Url: https://codereview.chromium.org/2352483002
Cr-Commit-Position: refs/heads/master@{#39489}
port 2ab3fcf42f0cf04896b26bf23bc3809d8835fd39(r39377)
original commit message:
To make better inlining decisions, it's good to have call counts for poly/mega-morphic cases. This CL makes it work for calls, and another will follow to better unify the code between constructor
calls and normal calls (and thence, to record megamorphic call counts there as well).
BUG=
Review-Url: https://codereview.chromium.org/2351523002
Cr-Commit-Position: refs/heads/master@{#39487}
This CL also cleans up related interface descriptors:
1) unused StoreTransitionDescriptor is removed and VectorStoreTransitionDescriptor is
renamed to StoreTransitionDescriptor.
2) on ia32/x87 architectures slot and vector are passed on the stack (dispatcher/handlers
cleanup will be addressed in a separate CL).
These two stub ports have to be combined in one CL because:
1) without changing the StoreTransitionDescriptor TF was not able to compile them
on ia32/x87 (because of lack of registers),
2) it was not possible to change the descriptor first because Crankshaft was not able
to deal with the stack allocated parameters in case of a stub failure.
TBR=jkummerow@chromium.org
BUG=v8:5269
Review-Url: https://codereview.chromium.org/2313093002
Cr-Commit-Position: refs/heads/master@{#39476}
port 9a31162d9d3137d09063d6040865655b2e386384(r39283)
original commit message:
Adds support to collect allocation site feedback for Array function calls
to the call bytecode handler.
BUG=
Review-Url: https://codereview.chromium.org/2319123004
Cr-Commit-Position: refs/heads/master@{#39299}
This way we avoid the cyclic dependency between objects.h and heap.h and still
have one definition. Add a static assert that this size is indeed smaller than
the payload of a page.
Follow ups can finally remove the dependency on spaces.h for all heap.h users.
R=ulan@chromium.org,bmeurer@chromium.org,vogelheim@chromium.og
Review-Url: https://codereview.chromium.org/2311203002
Cr-Commit-Position: refs/heads/master@{#39206}
port 7e5b8feed3 (r39120)
original commit message:
Collect type feedback in the bytecode handler for 'new' bytecode. The
earlier cl (https://codereview.chromium.org/2153433002/) was reverted
because that implementation did not collect allocation site feedback.
This regressed delta blue by an order of magnitude. This implementation
includes collection of allocation site feedback.
Reland of https://codereview.chromium.org/2190293003/ with a bug fix.
BUG=
Review-Url: https://codereview.chromium.org/2293253007
Cr-Commit-Position: refs/heads/master@{#39145}
Drive-by fix: the order of parameters in the BinaryOpWithFeedback TurboFan code stubs now reflects the convention of having the context at the end.
BUG=v8:5273
Review-Url: https://codereview.chromium.org/2263253002
Cr-Commit-Position: refs/heads/master@{#38832}
Rebuilding (after touching certain files) is crazy slow because
includes are out of control.
Fixing it:
- Don't include stuff in headers unless necessary.
- Include the stuff you need, not some other stuff that happens to include the
stuff you need.
BUG=v8:5294
Review-Url: https://codereview.chromium.org/2258603003
Cr-Commit-Position: refs/heads/master@{#38770}
The hand-written KeyedLoadIC_Megamorphic stub didn't care about JSArray
lengths, which made it lenient towards said lengths being wrong, but it
will soon fix that bug and thereby become more strict.
LiveEdit: factory->NewJSArray(capacity) doesn't set a length, so set it
manually.
RegExp: to avoid having to take care of array length updating in the
RegExpExecStub, just use a JSObject instead.
Review-Url: https://codereview.chromium.org/2244673002
Cr-Commit-Position: refs/heads/master@{#38624}
port cdae865436 (r38292)
original commit message:
A corresponding flag was added as well to help us find out what breaks when we
do not clear pending exceptions on each JS entry.
BUG=
Review-Url: https://codereview.chromium.org/2212733002
Cr-Commit-Position: refs/heads/master@{#38320}
port 5bc2439783 (r38219)
original commit message:
This will enable the interpreter to add a bytecode and use the stub.
BUG=
Review-Url: https://codereview.chromium.org/2205813002
Cr-Commit-Position: refs/heads/master@{#38271}
port 2c7efba658 (r38129)
original commit message:
Reason for revert:
Still crashing.
Original issue's description:
> [heap] Reland "Remove black pages and use black areas instead."
>
> BUG=chromium:630969,chromium:630386
> LOG=n
>
> Committed: https://crrev.com/9e37a07c8de0a20ef2681e26824ff4d329102603
> Cr-Commit-Position: refs/heads/master@{#38057}
BUG=
Review-Url: https://codereview.chromium.org/2192113002
Cr-Commit-Position: refs/heads/master@{#38152}
In the process also inline the stub into the appropriate interpreter bytecode
handler and make sure that the context register is preserved in hand-written
assembly code that calls the stub and expects the context register to be
preserved.
BUG=608675
Review-Url: https://codereview.chromium.org/2188993003
Cr-Commit-Position: refs/heads/master@{#38132}
port 66cb026f4a (r37929)
original commit message:
Original message:
Calling Runtime::kAbort through a builtin instead of the c-entry stub
will allow to generate the call in a background thread, because a
builtin provides its own handle, whereas a code stub does not.
@v8-mips-ports: Could you take a special look at the padding that is
done in MacroAssembler::Abort()?
Reason for revert:
The reason for reverting is: Blocks roll:
https://build.chromium.org/p/client.v8.ports/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20debug/builds/1622
The problem was that on arm64 the builtin for Abort() contained a call to
Abort(). The problem is fixed by using a NoUseRealAbortsScope in the
code generation of Abort().
BUG=
Review-Url: https://codereview.chromium.org/2172093002
Cr-Commit-Position: refs/heads/master@{#37962}
port 9be015a254 (r37854)
original commit message:
Calling Runtime::kAbort through a builtin instead of the c-entry stub
will allow to generate the call in a background thread, because a
builtin provides its own handle, whereas a code stub does not.
@v8-mips-ports: Could you take a special look at the padding that is
done in MacroAssembler::Abort()?
BUG=
Review-Url: https://codereview.chromium.org/2166703002
Cr-Commit-Position: refs/heads/master@{#37880}
So far TurboFan wasn't adding the deoptimization reasons for eager/soft
deoptimization exits that can be used by either the DevTools profiler or
the --trace-deopt flag. This adds basic support for deopt reasons on
Deoptimize, DeoptimizeIf and DeoptimizeUnless nodes and threads through
the reasons to the code generation.
Also moves the DeoptReason to it's own file (to resolve include cycles)
and drops unused reasons.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2161543002
Cr-Commit-Position: refs/heads/master@{#37823}
All stores require a Slot parameter so VectorStoreICTrampolineDescriptor is a new StoreDescriptor.
VectorStoreICDescriptor renamed to StoreWithVectorDescriptor.
Review-Url: https://codereview.chromium.org/2147043002
Cr-Commit-Position: refs/heads/master@{#37779}
port fd420203ec (r37700)
original commit message:
Collect type feedback in the call bytecode handler. The current
implementation only collects feedback for JS function objects. The other
objects and Array functions do not collect any feedback. They will be
marked Megamorphic.
BUG=
Review-Url: https://codereview.chromium.org/2149493005
Cr-Commit-Position: refs/heads/master@{#37737}
After this CL we can avoid using Code::flags in hash computations for megamorphic
stub caches and therefore the unused ICState field can be finally removed from flags.
BUG=chromium:618701
Review-Url: https://codereview.chromium.org/2123983004
Cr-Commit-Position: refs/heads/master@{#37708}
port f59a23356b (r37500)
original commit message:
Stack trace generation requires access to the receiver; and while the
receiver is already on the stack, we cannot determine its position
during stack trace generation (it's stored in argv[0], and argc is only
stored in a callee-saved register).
This patch grants access to the receiver by pushing argc onto builtin
exit frames as an extra argument. Compared to simply pushing the
receiver, this requires an additional dereference during stack trace
generation, but one fewer during builtin calls.
BUG=
Review-Url: https://codereview.chromium.org/2118413002
Cr-Commit-Position: refs/heads/master@{#37511}
port 5febc27b5d (r37416)
original commit message:
Prior to this commit, calls to C++ builtins created standard exit
frames, which are skipped when constructing JS stack traces. In order to
show these calls on traces, we introduce a new builtin exit frame type.
Builtin exit frames contain target and new.target on the stack and are
not skipped during stack trace construction.
BUG=
Review-Url: https://codereview.chromium.org/2120873002
Cr-Commit-Position: refs/heads/master@{#37490}
port 588e15c034 (r37345)
original commit message:
The opcodes for 'cmpw r/m16, r16' and 'cmpw r16, r/m16' were swapped, causing a few issues when less than/greater than comparison were performed.
Adds a regression test.
BUG=
Review-Url: https://codereview.chromium.org/2119793002
Cr-Commit-Position: refs/heads/master@{#37469}
port e607e12ea0 (r37323)
original commit message:
Introduce a new machine operator Float64Pow that for now is backed by
the existing MathPowStub to start the unification of Math.pow, and at
the same time address the main performance issue that TurboFan still has
with the imaging-darkroom benchmark in Kraken.
Also migrate the Math.pow builtin itself to a TurboFan builtin and
remove a few hundred lines of hand-written platform code for special
handling of the fullcodegen Math.pow version.
BUG=
Review-Url: https://codereview.chromium.org/2119773003
Cr-Commit-Position: refs/heads/master@{#37468}
port 5e05854019 (r37325)
original commit message:
The reason for reverting is: This breaks gc-stress bot:
https://chromegw.corp.google.com/i/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot
Abortion of compaction could cause duplicate entries in the typed-old-to-new remembered set. These duplicates could cause a DCHECK to trigger which checks that slots recorded in the remembered set neve
Original issue's description:
Cells were needed originally because there was no typed remembered set to
record direct pointers from code space to new space. A previous
CL (https://codereview.chromium.org/2003553002/) already introduced
the remembered set, this CL uses it.
This CL
* stores direct pointers in code objects, even if the target is in new space,
* records the slot of the pointer in typed-old-to-new remembered set,
* adds a list which stores weak code-to-new-space references,
* adds a test to test-heap.cc for weak code-to-new-space references,
* removes prints in tail-call-megatest.js
BUG=
Review-Url: https://codereview.chromium.org/2112193002
Cr-Commit-Position: refs/heads/master@{#37466}
-Defines SIMD128_REGISTERS for all platforms.
-Adds Simd128 register information to RegisterConfiguration, and implements
aliasing calculations.
LOG=N
BUG=v8:4124
Review-Url: https://codereview.chromium.org/2092103004
Cr-Commit-Position: refs/heads/master@{#37437}
The reason for reverting is: This breaks gc-stress bot:
https://chromegw.corp.google.com/i/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot
Abortion of compaction could cause duplicate entries in the typed-old-to-new remembered set. These duplicates could cause a DCHECK to trigger which checks that slots recorded in the remembered set never point to to-space. This reland-CL allows duplicates in the remembered set by removing the DCHECK, and additionally clears entries in the remembered set if objects are moved.
Original issue's description:
Cells were needed originally because there was no typed remembered set to
record direct pointers from code space to new space. A previous
CL (https://codereview.chromium.org/2003553002/) already introduced
the remembered set, this CL uses it.
This CL
* stores direct pointers in code objects, even if the target is in new space,
* records the slot of the pointer in typed-old-to-new remembered set,
* adds a list which stores weak code-to-new-space references,
* adds a test to test-heap.cc for weak code-to-new-space references,
* removes prints in tail-call-megatest.js
Review-Url: https://codereview.chromium.org/2097023002
Cr-Commit-Position: refs/heads/master@{#37325}
port b5c69cbf39 (r37132)
original commit message:
With the tail call, pointers to the JS heap could be pushed on a
js-to-wasm frame. On the js-to-wasm frame, however, this pointer would
not be updated by the GC.
BUG=
Review-Url: https://codereview.chromium.org/2108543002
Cr-Commit-Position: refs/heads/master@{#37319}
port c1d01aea11 (r37086)
original commit message:
Compilation of wasm functions happens before instantiation. Imports are linked afterwards, at instantiation time. Globals and memory are also
allocated and then tied in via relocation at instantiation time.
This paves the way for implementing Wasm.compile, a prerequisite to
offering the compiled code serialization feature.
Currently, the WasmModule::Compile method just returns a fixed array
containing the code objects. More appropriate modeling of the compiled module to come.
Opportunistically centralized the logic on how to update memory
references, size, and globals, since that logic is the exact same on each
architecture, except for the actual storing of values back in the
instruction stream.
BUG=
Review-Url: https://codereview.chromium.org/2100393003
Cr-Commit-Position: refs/heads/master@{#37307}
