Traditionally, we had a prefix for a function name of "~" for
unoptimized code and "*" for optimized code. Restore this prefix
in v8/tools/ic-processor. It's really cool to know if an IC was
called from optimized code (often a hint of poor performance!).
NOTRY=true
R=cbruni@chromium.org
Review-Url: https://codereview.chromium.org/2835923004
Cr-Commit-Position: refs/heads/master@{#44846}
This header file is only used from tests.
Also, move the LoadStoreOpcodeOf method (only used in tests) from
wasm-opcodes.h to wasm-macro-gen.h.
R=ahaas@chromium.org
Change-Id: I8d4691be494b5c1fbe3084441329850930bad647
Reviewed-on: https://chromium-review.googlesource.com/486861
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44845}
Ideally they are already filtered on the embedder side. Sometimes
howevever, embedders end up with a Local<T> pointing to a nullptr
object. In this case the best way to filter this is right at the
beginning of the registration process.
BUG=chromium:713667
Review-Url: https://codereview.chromium.org/2836013003
Cr-Commit-Position: refs/heads/master@{#44844}
Adds a micro benchmark in js-perf-test to measure the performance of
compare bytecode handlers.
Bug:v8:4280
Change-Id: Ic86d670f8f09147076a22cfeff2e1ec052afe20c
Reviewed-on: https://chromium-review.googlesource.com/485522
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44843}
Instead of using the WASM_I32V_* macros (and other) from
wasm-macro-gen.h, use the appropriate methods to encode LEB integers.
This also saves some spaces for the wasm bytecode generated from asm.js.
Specifically, this CL
1) renames EmitVarInt to EmitI32V and EmitVarUint to EmitU32V (on
WasmFunctionBuilder).
2) introduces more methods on the WasmFunctionBuilder to emit i64v,
u64v, f32, and f64 values.
3) uses the ZoneBuffer instead of a plain ZoneVector<char> in the
WasmFunctionBuilder to build the body of the function.
4) introduces more helper functions on the ZoneBuffer to encode i64v,
u64v, f32 and f64 values.
R=ahaas@chromium.org
Change-Id: Ifa59a6a67380ecf9a3823c382daf00855f5bc61e
Reviewed-on: https://chromium-review.googlesource.com/486803
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44842}
Until now JIC and JIALC compact branches were emited without using their
offset. Here we optimize their use by using offset after addition and/or
load immediate operations.
The CL also fixes a problem with deserialization that occurs when a code
object ends with an optimized LUI/AUI and JIC/JIALC instruction pair.
Deserializer processed these instruction pairs by moving to a location
immediately after it, but when this location is the end of the object it
would finish with the current object before doing relocation. This is
fixed by moving the deserializer one instruction before the location of
the instruction pair end.
BUG=
Review-Url: https://codereview.chromium.org/2542403002
Cr-Commit-Position: refs/heads/master@{#44841}
Some of these tests pass the pattern as a string, and in this case
there's a subtle distinction between
"/\u{0041}/" // Unicode escape interpreted in string literal.
and
"/\\u{0041}/" // Unicode escape interpreted by regexp parser.
Extend these tests to check both cases.
Thanks littledan@ for pointing this out.
BUG=v8:5437
Review-Url: https://codereview.chromium.org/2839923002
Cr-Commit-Position: refs/heads/master@{#44840}
wasm-macro-gen.h is mainly used from tests, but LocalDeclEncoder is
also used from various other places.
This CL moves the LocalDeclEncoder to an own compilation unit. We want
to later move wasm-macro-gen.h to the tests folder.
It also refactors the LocalDeclEncoder to reuse the
LEBHelper::write_u32v and LEBHelper::sizeof_u32v methods instead of
reimplementing it.
R=ahaas@chromium.org
Change-Id: Ia4651436f0544578da7c1c43596d343571942e97
Reviewed-on: https://chromium-review.googlesource.com/486724
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44838}
Instead of dynamically tracking the block nesting, precompute the
information statically.
The interpreter was already using a side table to store the pc diff for
each break, conditional break and others. The information needed to
adjust the stack was tracked dynamically, however. This CL also
precomputes this information, as it is statically known.
Instead of just storing the pc diff in the side table, we now store the
pc diff, the stack height diff and the arity of the target block.
Local measurements show speedups of 5-6% on average, sometimes >10%.
R=ahaas@chromium.org
BUG=v8:5822
Change-Id: I986cfa989aabe1488f2ff79ddbfbb28aeffe1452
Reviewed-on: https://chromium-review.googlesource.com/485482
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44837}
This unifies the memory management of identifier strings passed between
the scanner, parser and module builder. The following scheme is used:
- The scanner does not create copies of identifier strings itself, it
exposes a reference to the current identifier. This reference becomes
invalid as soon as the scanner advanced.
- The parser preserves a single copy of each identifier that is stored
in any data structure. That copy is allocated in the zone, lifetime
is coupled to that of the zone.
- The module builder can use all such identifiers by reference, as long
as its lifetime is also coupled to the same zone.
Note that the module builder still creates redundant copies for some
identifiers (in order to maintain backwards compatibility with the old
AST-based parser). This can be fixed once the "old validator" has been
removed.
R=clemensh@chromium.org
BUG=v8:6127
Change-Id: I8611d162e87730045a6061d08c3fe841daae8a7d
Reviewed-on: https://chromium-review.googlesource.com/484439
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44836}
The data produced by the preparser scope analysis might be large.
ByteArrays are already allowed in the large object space.
This fixes mjsunit/asm/poppler/poppler.js with the flag on.
First version landed as https://chromium-review.googlesource.com/c/484459/
this version includes gen-postmortem-metadata fixes.
BUG=v8:5516
Change-Id: I2218c4729ba9feefd6595a93e5cc6d2e52ebda0e
Reviewed-on: https://chromium-review.googlesource.com/486641
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44835}
When looking for receiver maps, we need to account for the renaming
performed by FinishRegion, and look for the original receiver instead
from that point on.
Drive-by-fix: Abort effect chain walk as soon as the definition of the
receiver is seen on the effect chain.
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2836853002
Cr-Commit-Position: refs/heads/master@{#44833}
I think the WebAssembly format changed since the last time we updated
the corpus.
R=bradnelson@chromium.org
Change-Id: Ic4e24bade8cffbd43025d0961b805757a5e6f4d6
Reviewed-on: https://chromium-review.googlesource.com/485801
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44832}
For polymorphic loads that refer to the same underlying field, but
differ in either representation or field maps, try harder to merge
them into a simple field load by going to Tagged representation or
throwing away the field maps (this is essentially what Crankshaft
is doing).
R=jarin@chromium.org
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2836893002
Cr-Commit-Position: refs/heads/master@{#44831}
Avoid TransitionElementsKind when storing to objects which only differ
in holeyness of their elements kind. Instead go for polymorphic
CheckMaps, which can often by optimized and avoid the mutation of the
array map.
This generalizes the approach https://codereview.chromium.org/2836943003
which covered only element loads.
R=yangguo@chromium.org
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2836913004
Cr-Commit-Position: refs/heads/master@{#44828}
This patch removes JSFunction::SetInstancePrototype() from
JSFunction's public API and makes it an implementation detail
of SetPrototype().
Also clear out constructor field of JSFunction Map when
transitioning from non-instance prototype to instance
prototype.
Change-Id: If51d37bf6047b51b934d1b370fb52bb5cf5ffed4
Reviewed-on: https://chromium-review.googlesource.com/483961
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44821}
The AsyncGeneratorYield builtin just invoked the
AsyncGeneratorResolve() stub anyways, so this removes the middle-man.
Really minor refactoring, but clears out a bit of snapshot size and
another context index.
BUG=v8:5855
R=rmcilroy@chromium.org, bmeurer@chromium.org
Change-Id: I3385a5c5412e8d58493601874c2ad6b60e613012
Reviewed-on: https://chromium-review.googlesource.com/471913
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44820}
This lived in the JS natives for a long time, but it seems to work
just fine in the bootstrapper, and looks much cleaner there.
Change-Id: I9f5723cd840d83dde536db842b294ff1ccac294b
Reviewed-on: https://chromium-review.googlesource.com/483963
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44816}
This changes behavior of TurboFan to match the behavior of Crankshaft
when it comes to polymorphic loads of similar elements kind (i.e. all
tagged or all double), where we should use the "worst case" code without
a transition. This is often much faster than transitioning the elements
to the worst case first, trading a TransitionElementsKind for a CheckMaps
and avoiding mutation of the array.
This is beneficial for various crypto benchmarks, which don't need to
pay the cost for TransitionElementsKind now.
R=jarin@chromium.org
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2836943003
Cr-Commit-Position: refs/heads/master@{#44815}
VC++ 2017's STL doesn't suppress warnings as aggressively as prior
versions did. This causes warnings on code which mixes signed and
unsigned types. In this case a deque of unsigned integers was being
queried to see how many signed integers it contains. This could be
fixed by passing in unsigned 0, 1, and 2 to std::count but changing
the deque from unsigned to int is simpler.
R=adamk@chromium.org
BUG=chromium:683729
Review-Url: https://codereview.chromium.org/2834293002
Cr-Commit-Position: refs/heads/master@{#44814}
This makes it easier to set the value for embedders where it is
difficult to plumb through to the Isolate constructor.
BUG=chromium:711809
R=jochen@chromium.org
Review-Url: https://codereview.chromium.org/2829223002
Cr-Commit-Position: refs/heads/master@{#44813}
- Adds new F32x4AddHoriz, I32x4AddHoriz, etc. to WASM opcodes.
- Implements them for ARM.
LOG=N
BUG=v8:6020
Review-Url: https://codereview.chromium.org/2804883008
Cr-Commit-Position: refs/heads/master@{#44812}
- All ARM hardware has 32 single precision float registers; save all
s-registers regardless of the number of d-registers (16 or 32).
LOG=N
BUG=v8:6077
Review-Url: https://codereview.chromium.org/2821273004
Cr-Commit-Position: refs/heads/master@{#44810}
In general, deleting a property from a fast-properties object
requires transitioning the object to dictionary mode. However,
when the most-recently-added property is deleted, we can simply
roll back the last map transition that the object went through.
This is a performance experiment: it should make things faster,
but if it turns out to have more negative than positive impact,
we will have to revert it.
TBR=bmeurer@chromium.org (just adding a comment)
Previously reviewed at https://codereview.chromium.org/2830093002
Previously landed as 98acfb36e1 / r44799
Review-Url: https://codereview.chromium.org/2840583002
Cr-Commit-Position: refs/heads/master@{#44808}
- Dispatch evacuation of a page to its concrete evacuator.
- Create MC base class to accommodate shared state.
BUG=chromium:651354
Review-Url: https://codereview.chromium.org/2828323004
Cr-Commit-Position: refs/heads/master@{#44807}
This reverts commit e8f1fc24fd.
Reason for revert: Node.js doesn't build with this patch anymore.
out/Release/obj/gen/debug-support.cc:428:55: error: expected initializer before ‘<’ token
int v8dbg_class_Script__preparsed_scope_data__PodArray<uint32_t> = Script::kPreParsedScopeDataOffset;
Original change's description:
> [parser] Skipping inner funcs: use PodArray for the data.
>
> The data produced by the preparser scope analysis might be large.
>
> ByteArrays are already allowed in the large object space.
>
> This fixes mjsunit/asm/poppler/poppler.js with the flag on.
>
> BUG=v8:5516
>
> Change-Id: I951836244776c57efdd2a491c5c78493dc8cca63
> Reviewed-on: https://chromium-review.googlesource.com/484459
> Commit-Queue: Marja Hölttä <marja@chromium.org>
> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#44795}
TBR=marja@chromium.org,mstarzinger@chromium.org,ulan@chromium.org,vogelheim@chromium.org,hpayer@chromium.org,v8-reviews@googlegroups.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5516
Change-Id: I3012d27b6b65b37d3afc5f3b0921e044bdcc118e
Reviewed-on: https://chromium-review.googlesource.com/485759
Reviewed-by: Franziska Hinkelmann <franzih@chromium.org>
Commit-Queue: Franziska Hinkelmann <franzih@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44805}
This patch cleans up the Intl code by switching to using declared
accessors, rather than embedder fields, for holding references to
ICU objects. Additionally:
- Rename classes to be more similar to how other classes are named
- Make some unreachable paths into check-fails, rather than throwing
JS exceptions
- Move some macros from objects-inl.h into object-macros.h, to allow
the implementation here to not touch objects.h
- Some setup logic is moved from runtime-i18n.cc to i18n.cc.
This patch leaves type tags as they are; a future patch should move
from a special Intl type tagging system to object types as other system
objects use. Future patches should also move more logic to i18n.cc
BUG=v8:5402,v8:5751,v8:6057
CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_noi18n_rel_ng
Change-Id: Ia9cbb25cf8f52662e3deb15e64179d792c10842c
Reviewed-on: https://chromium-review.googlesource.com/479651
Commit-Queue: Daniel Ehrenberg <littledan@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44804}
I have no idea how the empty folder got
in there in the first place ¯\_(ツ)_/¯.
Bug:
Change-Id: I0fd94d1dec76f2444b24f772c1691924f872ec55
Reviewed-on: https://chromium-review.googlesource.com/485621
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Franziska Hinkelmann <franzih@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44803}
- Split out code for Intl objects into src/objects/
- Rename i18n to intl (except for the name of the build flag)
- Use build system more broadly to turn on/off Intl code
- Delete a little bit of dead code
Bug: v8:5751
Change-Id: I41bf2825a5cb0df20824922b17c24cae637984da
Reviewed-on: https://chromium-review.googlesource.com/481284
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Daniel Ehrenberg <littledan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44801}
This makes sure that typed array constructors (e.g. Int8Array, ...) used
within an asm.js module are considered uses of stdlib values, and hence
are checked during module instantiation.
R=clemensh@chromium.org
TEST=mjsunit/regress/regress-6280
BUG=v8:6280,chromium:714537
Change-Id: Ic5d689f5319c4dac4e9df3dca4a8cf5a4edd890b
Reviewed-on: https://chromium-review.googlesource.com/485521
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44800}
In general, deleting a property from a fast-properties object
requires transitioning the object to dictionary mode. However,
when the most-recently-added property is deleted, we can simply
roll back the last map transition that the object went through.
This is a performance experiment: it should make things faster,
but if it turns out to have more negative than positive impact,
we will have to revert it.
TBR=bmeurer@chromium.org (just adding a comment)
Review-Url: https://codereview.chromium.org/2830093002
Cr-Commit-Position: refs/heads/master@{#44799}
Local refactoring to replace if cascade by switch. For readability and
performance.
R=ahaas@chromium.org
Change-Id: I064d51c7c8232fefcde223b086eb7b9caf44f94c
Reviewed-on: https://chromium-review.googlesource.com/485480
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44798}
