This changes the parser to keep around bodies for asm.js functions when
then asm.js validator is turned on. Eventually the validator will work
on one function at a time, but for now we validate the entire module at
once.
R=rossberg@chromium.org
Review-Url: https://codereview.chromium.org/1981333003
Cr-Commit-Position: refs/heads/master@{#36291}
Port f2a585935f
Original commit message:
Replace the uses with proper page flag lookups.
BUG=chromium:581412
LOG=N
TEST=mjsunit/allocation-site-info
Review-Url: https://codereview.chromium.org/1989483002
Cr-Commit-Position: refs/heads/master@{#36289}
In order to support compiling to baseline on return we need to be able to
return to the actual return address. With this change this is what the
Return bytecode now does, removing the need for the
InterpreterExitTrampoline.
This change also removes the InterpreterNotifyDeoptXXX builtins and
unifies FCG and Igntion to both use NotifyDeoptXXX. As part of this
change, FullCodegenerator::State is moved to Deoptimize::BailoutState.
BUG=v8:4280
LOG=N
Review-Url: https://codereview.chromium.org/1969423002
Cr-Commit-Position: refs/heads/master@{#36288}
There's a script for finding them (tools/check-unused-bailouts.sh), but make
sure you don't have an old .bailout-reason.h.swp or such around when using it...
R=mstarzinger@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/1986173004
Cr-Commit-Position: refs/heads/master@{#36287}
This makes escape analysis treat all guard nodes in the graph as an
escaping use. We eventually want to properly handle guard nodes, this
just serves as a temporary workaround to get things going.
R=bmeurer@chromium.org
BUG=v8:602595
LOG=n
Review-Url: https://codereview.chromium.org/1972323004
Cr-Commit-Position: refs/heads/master@{#36286}
This commit introduces a new mode for bytecode_dispatches_report.py
which reports the top sources of dispatches to a given bytecode and
the top destinations of dispatches from the same bytecode.
The bytecode name is passed with --top-dispatches-for-bytecode
(short form: -f), while the number of sources and destinations to
show is controlled with -n.
BUG=v8:4899
LOG=N
Review-Url: https://codereview.chromium.org/1979233002
Cr-Commit-Position: refs/heads/master@{#36284}
Contrary to AstVisitor, which does not implement any traversal logic,
AstTraversalVisitor provides default implementations for each Visit*
function which walk through the AST. It is intended to be used as a base
class for visitors which are only interested in a small portion of the
AST.
R=yangguo@chromium.org
Review-Url: https://codereview.chromium.org/1963243003
Cr-Commit-Position: refs/heads/master@{#36283}
These instructions were available before V8's baseline (ARMv6). V8 can
always assume that they're present.
BUG=
Review-Url: https://codereview.chromium.org/1985013002
Cr-Commit-Position: refs/heads/master@{#36280}
Trying to reland http://crrev.com/1974293002.
This time some blocks have been shuffled around in the AddStub so that the frame still doesn't get built for the fast path.
Also disables the DCHECK(!is_default_snapshot) in snapshot-common.cc if --debug-code is specified. This was causing cctest to fail on arm64 debug builds.
Review-Url: https://codereview.chromium.org/1980333002
Cr-Commit-Position: refs/heads/master@{#36279}
1) Create fast objects so that they stay fast after creation.
2) Run combination "test_function vs {test_objects}" as a benchmark during 1 second.
This CL changes benchmark's base score.
Review-Url: https://codereview.chromium.org/1988673002
Cr-Commit-Position: refs/heads/master@{#36277}
This adds back the instanceof operator support in the backends and
introduces a @@hasInstance protector cell on the isolate that guards the
fast path for the InstanceOfStub. This way we recover the ~10%
regression on Octane EarleyBoyer in Crankshaft and greatly improve
TurboFan and Ignition performance of instanceof.
R=ishell@chromium.orgTBR=hpayer@chromium.org,rossberg@chromium.org
BUG=chromium:597249, v8:4447
LOG=n
Review-Url: https://codereview.chromium.org/1980483003
Cr-Commit-Position: refs/heads/master@{#36275}
Repackage encodeURI and encodeURIComponent as builtin functions
and install them in the bootstrapper.
Crude benchmark on 351 encodeURI and encodeURIComponent tests averaged
over five runs:
* builtin functions
real 0m8.01s
user 0m18.00s
sys 0m7.37s
* JS functions calling into the runtime e.g., for %NewString
real 0m8.44s
user 0m19.52s
sys 0m7.49s
By running:
$ time tools/run-tests.py --arch=x64 --mode=Release --buildbot
mjsunit/uri test262/built-ins/encodeURI*
>>> Running tests for x64.Release
BUG=v8:4912
R=yangguo@chromium.org
Review-Url: https://codereview.chromium.org/1983593002
Cr-Commit-Position: refs/heads/master@{#36273}
If the RegExp doesn't parse, then ES2015 specifies that
RegExp.prototype.compile does not mutate it. This patch changes
our RegExp implementation to follow that logic.
R=yangguo
Review-Url: https://codereview.chromium.org/1972093003
Cr-Commit-Position: refs/heads/master@{#36268}
Since we are going to move Sampler as library, we creates tick-sample.[h|cc] for
TickSample, in order to maintain legacy code.
BUG=v8:4994
LOG=n
Review-Url: https://codereview.chromium.org/1952393002
Cr-Commit-Position: refs/heads/master@{#36267}
Ordinary arrow functions have 'undefined' in their frame's receiver.
Generators restore the receiver to the frame based on one passed in
when they are constructed in CreateJSGeneratorObject.
This patch makes async arrow functions pass in 'undefined' for their
receiver so that they have the same behavior as ordinary arrow
functions, which avoids the issue of encountering TDZ when calling
an async arrow function in a subclass constructor before a super
call has returned.
BUG=v8:4483
Review-Url: https://codereview.chromium.org/1976813002
Cr-Commit-Position: refs/heads/master@{#36264}
Remove checks for IC hotness from Ignition tiering up decision since this is
not relevent for full-codegen compilation. Also make the decision about what
tier we are moving to more explicit and visible in --trace-opt.
BUG=v8:4280
LOG=N
Review-Url: https://codereview.chromium.org/1969773002
Cr-Commit-Position: refs/heads/master@{#36260}
Rolling v8/build to d4fdf55ba8b19ee50d864162c343fd1939d00fe7
Rolling v8/buildtools to 06e80a0e17319868d4a9b13f9bb6a248dc8d8b20
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/1977243002
Cr-Commit-Position: refs/heads/master@{#36258}
Rolling v8/base/trace_event/common to 54b8455be9505c2cb0cf5c26bb86739c236471aa
Rolling v8/build to 93c1eb80b485df02249b83452a42b7a13b3bde28
Rolling v8/buildtools to e9fb74175ea7c3f251baad24d9ebe03c01ed5aba
Rolling v8/tools/gyp to bce1c7793010574d88d7915e2d55395213ac63d1
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/1980813002
Cr-Commit-Position: refs/heads/master@{#36256}
This reverts commit 41d571dfe8.
Reason for revert: This patch breaks the correctness of the typedarray
properties such as length, byteOffset, byteLength.
The accessor check optimization code is dead code eliminated. A follow
up patch will fix this optimization correctly.
BUG=chromium:593634
Review-Url: https://codereview.chromium.org/1977983002
Cr-Commit-Position: refs/heads/master@{#36254}
Port 40f345416f
Original commit message:
The previous approach taken by FastNew[Sloppy,Strict,Rest]ArgumentsStub
looked at the function slot in order to skip stub frames
and find the JS frame. However, stub frames do not have a
function slot (in fact their fixed frame ends one slot
before the JS frame's function slot). Therefore, if this
location in the stub frame happens to have the function
object the create arguments stubs won't skip this frame
correctly.
Replace this approach with one where the stub is
specialized to either skip a frame if required (since
there will only ever be one extra frame on Ignition
the loop approach isn't necessary).
R=rmcilroy@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com
BUG=
Review-Url: https://codereview.chromium.org/1978823002
Cr-Commit-Position: refs/heads/master@{#36252}
By fully annotating the API with runtime counters we can properly measure
how much time we spend in total in v8. When --runtime-call-stats is specified
we now disable the fast-paths for callbacks to properly measure them.
As a drive-by-fix this CL unifies the LOG messages in api.cc.
Additionally we added missing timers to gain better resolution in the parser
and callbacks.
BUG=
Review-Url: https://codereview.chromium.org/1923893002
Cr-Commit-Position: refs/heads/master@{#36248}
Globally cached handler stubs shouldn't be put into the on-map caches.
This should speed up IC misses and save a bit of memory.
Drive-by fix: transitioning StoreIC handlers were erroneously never cached.
Review-Url: https://codereview.chromium.org/1974793002
Cr-Commit-Position: refs/heads/master@{#36247}
Adds a V8.Execute histogram to measure the amount of time spent executing
JS code.
BUG=v8:4865
LOG=N
Review-Url: https://codereview.chromium.org/1976963002
Cr-Commit-Position: refs/heads/master@{#36245}
