Specifically, add bytecodes for Call0, Call1, Call2, CallProperty0, CallProperty1,
and CallProperty2. Also share the bytecode handler code between between
equivalent CallX and CallPropertyX handlers.
Review-Url: https://codereview.chromium.org/2684993002
Cr-Original-Commit-Position: refs/heads/master@{#43290}
Committed: 00d6f1f80a
Review-Url: https://codereview.chromium.org/2684993002
Cr-Commit-Position: refs/heads/master@{#43700}
The optimization
NumberFloor(NumberDivide(lhs, rhs))
to
NumberToInt32(NumberDivide(lhs, rhs))
for potentially negative lhs is not valid, since Math.floor rounds
towards -infinity, whereas ToInt32 truncates.
BUG=chromium:699282
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2743673002
Cr-Commit-Position: refs/heads/master@{#43699}
We used to embed a string address as description right after
a stop instruction, which the simulator would read and print.
We removed that a while ago to make the snapshot predictable.
R=petermarshall@chromium.org
BUG=v8:6071
Review-Url: https://codereview.chromium.org/2744503003
Cr-Commit-Position: refs/heads/master@{#43698}
We need to check whether advancing the iterator moved us beyong the end
of the bitmap. This has not been flushed out as our inlined bitmap is
still in valid memory.
In practice this is not a problem because the value is never used as we
are at the end of the bitmap. Asan rightfully complains when using an
external bitmap though.
BUG=chromium:651354
Change-Id: I8b141a467e9552f8ac2287dd62a725a14a289a37
Reviewed-on: https://chromium-review.googlesource.com/452497
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43696}
BUG=
Change-Id: Ibf49df830153a829015723826dacc6939fb42189
Reviewed-on: https://chromium-review.googlesource.com/452377
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43689}
It depends on constant field tracking and currently disabled.
BUG=v8:5495
Change-Id: I6202cddfc2d32b5a06c5ab00c42caa6e276a3eb1
Reviewed-on: https://chromium-review.googlesource.com/451639
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43687}
This fixes an incorrect usage of String::Flatten in EscapeRegExpSource.
It also adds %ConstructConsString (to easily and reliably construct cons
strings in tests) and Factory::NewConsString (to enable guaranteed cons
string construction without preemptive flattening attempts).
BUG=chromium:698790
Review-Url: https://codereview.chromium.org/2736383003
Cr-Commit-Position: refs/heads/master@{#43686}
- supporting appending new data instead of simply replacing the current set
- fix issue when not filtering out groups on initial loading
Change-Id: I77d508e644b247fa236ea64ef919639cac6ee425
NOTRY=true
Change-Id: I77d508e644b247fa236ea64ef919639cac6ee425
Reviewed-on: https://chromium-review.googlesource.com/451276
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43685}
The BitcastWordToTagged operator is used for bump pointer allocation to
construct the actual HeapObject pointer. The input to this operator is
a naked pointer (derived from the allocation top). If this input value
is live across an allocation, then the resulting tagged pointer is
invalid because the GC might have scavenged new space in the meantime.
That means we must not allow Node splitting (in the Scheduler) for these
instructions, as that could extend the live range of the naked pointer
input across arbitrary code. As such, this operator must not be marked
as pure.
R=jarin@chromium.org
BUG=v8:6059
Review-Url: https://codereview.chromium.org/2739093002
Cr-Commit-Position: refs/heads/master@{#43683}
- Changes input filtering to test NaNs, but skip very large or very
small inputs, which may cause imprecision on some platforms.
- Changes expected result filtering to only skip NaNs.
LOG=N
BUG=6020
Review-Url: https://codereview.chromium.org/2738703006
Cr-Commit-Position: refs/heads/master@{#43681}
Port e82b7ccd32
Original Commit Message:
I originally needed this for the initialization of a constexpr array in
the wasm lazy compile builtin, but since it's a bigger change, I now
split it off as this separate CL.
The style guide recommends constexpr over const. I thus apply the
constexprificaton over all headers that I touched anyway.
I also remove the ARM64_DEFINE_REG_STATICS hack. It was introduced when
merging in arm64 support more than three years ago, and I don't see the
purpose for this.
Also, some #defines can now be constexpr definitions, which was not
possible before according to the comment.
R=clemensh@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Review-Url: https://codereview.chromium.org/2733323003
Cr-Commit-Position: refs/heads/master@{#43678}
The compiler dispatcher is not being used yet by Ignition, so we shouldn't
enable it when enabling Ignition + TurboFan by default.
Change-Id: I2806608ba95080df3538ef66373165107ac3beb6
Reviewed-on: https://chromium-review.googlesource.com/451279
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43677}
This bumps the required stack space gap when the bootstrapper kicks off
compilation of native scripts during genesis. The stack requirements are
now higher for simulators in no-snapshot mode with Ignition being used.
R=jochen@chromium.org
TEST=mjsunit/regress/regress-681984
BUG=v8:6066
Change-Id: I65df388d1b57c09db124ac9a85d380b4edb7d260
Reviewed-on: https://chromium-review.googlesource.com/451275
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43675}
From declarations of bit() member functions (for structures Register,
FPURegister and FPUControlRegister) are removed constexpr specificators.
Build V8 will fail if function bit() is declared as a constant
expression.
TEST=
BUG=
Review-Url: https://codereview.chromium.org/2737143002
Cr-Commit-Position: refs/heads/master@{#43674}
Adds a bar below the current timeline view which can show the time
when an individual function was on the stack. Functions in the call
stack are now clickable to show them in this view.
Sections where the function was on the stack, but not at the top, are
displayed at half height.
Review-Url: https://codereview.chromium.org/2737083003
Cr-Commit-Position: refs/heads/master@{#43673}
This fixes various allocator methods to properly propagate {nullptr} to
callers without accidentally dereferencing it. We also disable one test
case for stress mode as it runs out of memory due to inlining limits
being lifted in the stress mode.
R=bmeurer@chromium.org
TEST=mjsunit/array-natives-elements
BUG=v8:6061
Change-Id: Id0a7b826a8612d00b4f4ae8aa0bea011c50890ca
Reviewed-on: https://chromium-review.googlesource.com/451365
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43672}
The immediate passed to cmpw can be either a signed 16-bit or an
unsigned 16-bit integer, but the DCHECK was testing for signed 16-bit
values only.
R=mstarzinger@chromium.org
BUG=v8:6063
Review-Url: https://codereview.chromium.org/2735363002
Cr-Commit-Position: refs/heads/master@{#43671}
Reuse the last LAB's unused area for further newspace allocation.
This is relevant when we expect GCs that use evacuation to compact down
new space to just live bytes for single tasks.
BUG=chromium:651354
Change-Id: Ic418521d98f418a93d3748b824e3ddb6ff7a40c3
Reviewed-on: https://chromium-review.googlesource.com/451398
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43670}
Markbits should be verified in VerifyMarking and friends. The function
may also be used then e.g. iterating just black objects while
incremental marking is active for the fast promotion mode.
BUG=chromium:694255
Change-Id: Ia719a983fec27b2bae03f8c6c3332003a10e8823
Reviewed-on: https://chromium-review.googlesource.com/451363
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43669}
BUG=
Change-Id: I7aed8e7bd35f59196b1b178942355aef4c97bca8
Reviewed-on: https://chromium-review.googlesource.com/451379
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43667}
This introduces a new truncation bit for truncation of minus-zero to zero.
At the moment it is only used to handle the limit cases of deopt, such as the
one in the Google maps workload (see simplified version below), where the -q
(which is desugared to q * -1.0) currently deoptimizes because the result would
produce minus zero. To handle this situation, we exploit the knowledge that
righthand side of + cannot be -0, so even if lefthand side was -0, the result
would still be 0 (so the + operation cannot distinguish between left hand side
0 and -0).
function f(q) {
q -= 4;
return (-q) + q;
}
f(10);
f(10);
%OptimizeFunctionOnNextCall(f);
f(4);
Review-Url: https://codereview.chromium.org/2734253002
Cr-Commit-Position: refs/heads/master@{#43661}
For nodes
NumberMin(lhs, rhs)
NumberMax(lhs, rhs)
we might have feedback types for lhs and rhs that would allow us to
generate unsigned32 or signed32 versions of this operator, which is way
more efficient that going to the full Float64Min/Float64Max operator.
However we cannot promise word32 truncations in this case, since we
based this decision on the feedback types.
This allows us to generate better code for Math.min and Math.max when
one of the inputs is a speculative number operator that provides better
typing during representation selection. We've seen such code in the
hottest function on Google Maps for example.
BUG=v8:5267
R=jarin@chromium.org,mvstanton@chromium.org
Review-Url: https://codereview.chromium.org/2734193003
Cr-Commit-Position: refs/heads/master@{#43660}
- Implements Float32x4 Mul, Min, Max for ARM.
- Implements Float32x4 relational ops for ARM.
- Implements reciprocal, reciprocal square root estimate/refinement ops for ARM.
- Reorganizes tests to eliminate need for specialized float ref fns in tests.
- Rephrases Gt, Ge in terms of Lt, Le, and eliminates the redundant machine
operators.
- Renames test-run-wasm-simd test names to match instructions.
LOG=N
BUG=v8:6020
Review-Url: https://codereview.chromium.org/2729943002
Cr-Commit-Position: refs/heads/master@{#43658}
Once we enabled --turbo by default we need to turn all the implications
off with --no-turbo as well. Chrome sets flags in V8 using SetFlagFromString,
which enforces the implications each time it is called. Therefore, if --turbo
is enabled by default, and an unrelated flag is set, the turbo implications are
enabled but not later disabled if we set --no-turbo. To fix this, add negative
implications as well.
BUG=chromium:692409
Change-Id: Iadb0ca542f49ba65c7419cda8c7a03636a8d5ba9
Reviewed-on: https://chromium-review.googlesource.com/451320
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43655}
Fix two issues in the interpreter entry for 64 bit return values on
32 bit platforms. First, the effect chain was slightly incorrect, second
the order of the returned values was wrong.
Also add a test case for this.
Tested on x64, ia32 and s390.
Plus drive-by fix in Int64Lowering to reuse global constants for
big-endian/little-endian disambiguation.
R=titzer@chromium.org
BUG=v8:5822
Review-Url: https://codereview.chromium.org/2731713002
Cr-Commit-Position: refs/heads/master@{#43654}
