If the intersection of the types of nodes a and b is empty, then there's
no way that a and b could ever refer to the same object, so we can use
that information for alias analysis.
Drive-by-fix: Improve use of types to enable typed alias analysis to
become more effective. Also fix an ASAN issue uncovered by this CL.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2237433003
Cr-Commit-Position: refs/heads/master@{#38567}
Rolling v8/build to 01ebc7132bdd79aef8a0bdda3fa87ec4cd95d550
Rolling v8/tools/gyp to 702ac58e477214c635d9b541932e75a95d349352
Rolling v8/tools/mb to 3e296ee98914402a53413da4e48fe02623f80361
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2230213003
Cr-Commit-Position: refs/heads/master@{#38566}
Throw 'Range Error: invalid string length' when the result of
case mapping is longer than the max string length (kMaxLength in
objects.h = 1 << 28 - 16).
This is for case mapping with ICU.
BUG=v8:5271
TEST=intl/general/case-mapping.js with --icu_case_mapping
Review-Url: https://codereview.chromium.org/2236593002
Cr-Commit-Position: refs/heads/master@{#38565}
1. The third parameter of strncpy should be the length of source string.
2. Value contains " should be valid.
BUG=v8:4561
Review-Url: https://codereview.chromium.org/2232683002
Cr-Commit-Position: refs/heads/master@{#38563}
This patch adds additional tests for async functions and generators, in how
they interact with destructuring, default arguments and shadow parameter
copying.
BUG=v8:5167
Review-Url: https://codereview.chromium.org/2229243002
Cr-Commit-Position: refs/heads/master@{#38560}
Separate ConvertTaggedHoleToUndefined and CheckTaggedHole into two
separate operators, where the former is pure and just turns into
trivial control flow in the EffectControlLinearizer.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2236443004
Cr-Commit-Position: refs/heads/master@{#38559}
This changes Scope::function_ (for holding the name binding
for named function expression) from a VariableDeclaration
to a Variable. No work is done when visiting this declaration,
since it's kCreatedInitialized, so we can treat it like
other function-specific variables.
This simplifies a wide variety of code, and centralizes
the logic for constructing the variable inside scopes.cc.
This may one day make it easier to eliminate the CONST_LEGACY
VariableMode.
R=neis@chromium.org, verwaest@chromium.org
BUG=v8:5209
Review-Url: https://codereview.chromium.org/2232633002
Cr-Commit-Position: refs/heads/master@{#38558}
In addition, make use of Variable::binding_needs_init() in addition to
VariableMode when deciding whether to do hole checking in variable assignment.
R=rmcilroy@chromium.org
Review-Url: https://codereview.chromium.org/2227203002
Cr-Commit-Position: refs/heads/master@{#38555}
This patch is based on alph's CL https://codereview.chromium.org/2128613004/.
This patch makes GetStackSample propogate the register state when using
simulator helper, and adds argument to avoid using register state from simulator
when pass the native register state.
BUG=v8:4789
LOG=N
Review-Url: https://codereview.chromium.org/2189513002
Cr-Commit-Position: refs/heads/master@{#38554}
This is to prevent a collision with Expectations class defined in test-field-type-tracking.cc, which happens in Clang under certain conditions (official build + Precise + unknown).
While the original intent was to just workaround the Clang bug, putting types into anonymous namespace seems reasonable anyway (thank you to Benedikt Meurer for the suggestion!)
BUG=630335
Review-Url: https://codereview.chromium.org/2227073002
Cr-Commit-Position: refs/heads/master@{#38552}
Port 6768456db5
Original commit message:
The old code was using VariableMode, but that signal is both
over-pessimistic (some CONST and LET variables need no hole-initialization)
and inconsistent with other uses of the InitializationFlag enum (such
as %LoadLookupSlot).
This changes no observable behavior, but removes unnecessary hole
initialization and hole checks in a few places, including
block-scoped function declarations, super property lookups,
and new.target.
R=adamk@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com
BUG=
LOG=N
Review-Url: https://codereview.chromium.org/2229383004
Cr-Commit-Position: refs/heads/master@{#38551}
This switches the interface of the runtime profiler to use frames as
opposed to functions for performing on-stack replacement. Requests for
such replacements need to target a specific frame. This will enable us
to activate bytecode as well as baseline code for the same function.
The existing %OptimizeOsr runtime function also had to adapted and now
takes an optional stack depth to target a specific stack frame.
R=bmeurer@chromium.org
BUG=v8:4764
Review-Url: https://codereview.chromium.org/2230783004
Cr-Commit-Position: refs/heads/master@{#38548}
Reason for revert:
It may or may not have caused a regression in kraken-crypto-ccm.
Original issue's description:
> [turbofan] Reduces x << y ^ x >>> (32 - y) to x ror (32 - y).
>
> The MachineOperatorReducer was only reducing word32 expressions of the type x << y | x >>> (32 - y) (and variants) to the equivalent Word32Ror. This CL applies the same pattern-matching logic to Word32Xor.
>
> BUG=
>
> Committed: https://crrev.com/a86397d890d3caa01a947e2a6e71beb1f58e6e6b
> Cr-Commit-Position: refs/heads/master@{#38284}
TBR=bmeurer@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
NOPRESUBMIT=true
BUG=
Review-Url: https://codereview.chromium.org/2230213002
Cr-Commit-Position: refs/heads/master@{#38545}
Also convert CodeView to a class and fix a host of selection
bugs in the process, as well as move the logic and data to
"enrich" location with one type of location data with location
data known globally to the whole graph in the selection broker.
Review-Url: https://codereview.chromium.org/2230083004
Cr-Commit-Position: refs/heads/master@{#38544}
Introduces code stubs to collect type feedback for the Add, Mul, Div and Mod operations in the interpreter, and modifies the BytecodeGraphBuilder to make use of it.
BUG=v8:5273
LOG=N
Review-Url: https://codereview.chromium.org/2224343002
Cr-Commit-Position: refs/heads/master@{#38543}
Creates ScopeInfos during the ast-numbering phase so that they
are already created during bytecode generation so that they don't
need to be allocated during concurrent bytecode generation.
BUG=v8:5203
Review-Url: https://codereview.chromium.org/2223283002
Cr-Commit-Position: refs/heads/master@{#38542}
This adds assertions to generator support functions that distinguish
between old-style and new-style generators which make sure only one
of those styles is actually used. Even though normal functions can soon
be mixed (bytecode and baseline code at the same time), generator
functions are still exclusively in only one tier.
R=neis@chromium.org
BUG=v8:5265
Review-Url: https://codereview.chromium.org/2233863002
Cr-Commit-Position: refs/heads/master@{#38541}
This adds the --ignition-preserve-bytecode flag which will preserve any
existing bytecode, even if a tier-up to baseline code is performed. This
is preparatory work in order to allow mixed stacks where bytecode and
baseline code can be active at the same time.
It also adds a {HasBaselineCode} predicate symmetric to the existing
{HasBytecodeArray} predicate. Both predicates are independent and any
combination of answers is valid.
Further adaptation of the rest of the runtime will be done step-wise in
follow-up changes.
R=yangguo@chromium.org
BUG=v8:5265
Review-Url: https://codereview.chromium.org/2224923003
Cr-Commit-Position: refs/heads/master@{#38540}
Reason for revert:
Failures on waterfall:
e.g. http://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/11134
Original issue's description:
> [heap] Switch to 500k pages
>
> - Decrease regular heap object size to 300k, keeping the same ration (60%)
> between this limit and page size.
>
> In a follow up, we can now get rid of the new space border page while
> keeping the 1M minimum new space size.
>
> Some results (v8.infinite_scroll; 3 runs):
> - evacuate.avg: +15.3% (1.4->1.2)
> - evacuate.max: +24.4% (2.4->1.8)
>
> BUG=chromium:581412
> LOG=N
> R=hpayer@chromium.org, ulan@chromium.org, yangguo@chromium.org
>
> Committed: https://crrev.com/ffe5c670e1559d11e7b252e15fec38765e7dbe4f
> Cr-Commit-Position: refs/heads/master@{#38533}
TBR=hpayer@chromium.org,ulan@chromium.org,yangguo@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:581412
Review-Url: https://codereview.chromium.org/2229403003
Cr-Commit-Position: refs/heads/master@{#38537}
This makes strings_ and values_ in AstValueFactory a linked list through the AstString and AstValue objects. Additionally the CL computes whether strings are convertible to array indexes directly using the AstString's hash + literal bytes just as Name does, rather than indirecting over name if available.
BUG=
Review-Url: https://codereview.chromium.org/2225423002
Cr-Commit-Position: refs/heads/master@{#38536}
LoadInternalField performs some redundant checks in the context of
fast accessors.
This improves the speedup from 20% to 60% for next/previousSibling in
the Dromaeo DOM traversal benchmarks.
BUG=chromium:508898
Review-Url: https://codereview.chromium.org/2186593002
Cr-Commit-Position: refs/heads/master@{#38535}
Now it actually collects free variables of the target function, rather than any reference to a non-stack-allocated variable in any of the inner scopes.
BUG=
Review-Url: https://codereview.chromium.org/2229373002
Cr-Commit-Position: refs/heads/master@{#38534}
- Decrease regular heap object size to 300k, keeping the same ration (60%)
between this limit and page size.
In a follow up, we can now get rid of the new space border page while
keeping the 1M minimum new space size.
Some results (v8.infinite_scroll; 3 runs):
- evacuate.avg: +15.3% (1.4->1.2)
- evacuate.max: +24.4% (2.4->1.8)
BUG=chromium:581412
LOG=N
R=hpayer@chromium.org, ulan@chromium.org, yangguo@chromium.org
Review-Url: https://codereview.chromium.org/2013713003
Cr-Commit-Position: refs/heads/master@{#38533}
This adds an IfSuccess control use in three places:
- in the lowering of isinstance,
- in wasm BuildTrapCode,
- in wasm BuildJavaScriptToNumber,
- WasmGrowMemory is marked as kNoThrow.
BUG=
Review-Url: https://codereview.chromium.org/2226163004
Cr-Commit-Position: refs/heads/master@{#38531}
The scopes of suspended generators can now be accessed through GeneratorMirror
(similar to FrameMirror).
BUG=v8:5235
Review-Url: https://codereview.chromium.org/2228393002
Cr-Commit-Position: refs/heads/master@{#38530}
This makes break point info independent from the code kind being executed.
BUG=v8:5265
Review-Url: https://codereview.chromium.org/2230143002
Cr-Commit-Position: refs/heads/master@{#38528}
Updates a number of AST operations to avoid dereferencing handles
such that they can safely be called off-thread. Also adds a
HandleDereferenceMode argument to some operations where handles are
compared. If handle dereferencing is allowed, the handles are compared
directly, if not then their locations are compared (which relies on the
handles being created in a CanonicalHandleScope).
BUG=v8:5203
TBR=adamk@chromium.org
Review-Url: https://codereview.chromium.org/2223523002
Cr-Commit-Position: refs/heads/master@{#38526}
We now deopt when the lhs of a mod is negative and the rhs is 1 too (previously, we erroneusly returned 0 instead of -0).
BUG=v8:5278
R=bmeurer@chromium.org
Review-Url: https://codereview.chromium.org/2233713002
Cr-Commit-Position: refs/heads/master@{#38525}
Reason for revert:
Found better solution.
Original issue's description:
> [debugger] reapply break points after clearing one shots.
>
> On the debug info, we have a list of existing break points. When we
> step in the debugger, we flood the function with one-shot break points.
> Afterwards, we clear these one-shots by clearing all break locations.
>
> Previously, while clearing break locations, we would skip ones that have
> actual break points. Now we clear all break locations, and then reapply
> break points. This is necessary for the next step, when we encode break
> point info by source position, and not code offset. Encoding by code
> offset would mean that break points are dependent on the code kind we
> use.
>
> R=jgruber@chromium.org
> BUG=v8:5265
>
> Committed: https://crrev.com/808981a22ee19461bbe981ab33b58792d991533e
> Cr-Commit-Position: refs/heads/master@{#38492}
TBR=jgruber@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5265
Review-Url: https://codereview.chromium.org/2231653003
Cr-Commit-Position: refs/heads/master@{#38521}