Adds a new field rare_data of type FunctionTemplateRareData to
FunctionTemplateInfo and moves 8 others which are unset on 90% of
FunctionTemplateInfo objects to this field.
Getters like prototype_template() are changed to GetPrototypeTemplate()
to indicate they're not trivial. The setters are replaced with static
methods (e.g. SetPrototypeTemplate) that take an Isolate and the
template object, since they can now perform allocation.
Bug: v8:8478
Change-Id: If72b132ade4ca4a3f803f913761c9caddc0e9dd6
Reviewed-on: https://chromium-review.googlesource.com/c/1342519
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57725}
Many tests were already skipped in debug mode, but they kept running on CQ
which sets dcheck_always_on, probably equally slow.
Some other tests are marked as slow based on a recent run of the arm64 sim
trybot.
NOTRY=true
Bug: v8:7783
Change-Id: Ic022518edfa112ea6d228ae9a68653c99651dbb4
Reviewed-on: https://chromium-review.googlesource.com/c/1347479
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57724}
Previosly, LoadArrayElement assumed that the array is a FixedArray.
The PropertyArray and WeakFixedArray pretended to be a FixedArray and
had static asserts about length offsets.
This patch make LoadArrayElement generic and uses a new LoadArrayLength
function to fetch the length of the array without hard-coding the length
offset.
Bug: v8:8486
Change-Id: Ib27132bf3fcecc135ad632c4227c57ca0a05036f
Reviewed-on: https://chromium-review.googlesource.com/c/1346498
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57723}
Remove PrintableInstructionSequence and friends, just overload
operator<< directly for the respective types.
R=herhut@chromium.org
Bug: v8:8238
Change-Id: I67713978ab06f7ec5309e52b4090256480f362b1
Reviewed-on: https://chromium-review.googlesource.com/c/1346113
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Stephan Herhut <herhut@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57722}
With the last remaining TF code stubs gone, c-s-a.{h,cc} is no longer
needed in the final binary.
Bug: v8:7777
Change-Id: I8573199401678758698df56e0cb680f125f06bdc
Reviewed-on: https://chromium-review.googlesource.com/c/1346329
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57721}
This CL moves the two remaining IC stubs to builtins, generating a
dedicated builtin for each KeyedAccessStoreMode variant.
Bug: v8:7777
Change-Id: I540b3c3437adb94094771a19713e71ec8a349553
Reviewed-on: https://chromium-review.googlesource.com/c/1346095
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57719}
This CL moves optimization capabilities from typed lowering to typed
optimization. In particular, this allows retyping of Speculative to
number optimizations depending on their input types. This can save type
checks if we know that inputs are already in SafeIntegerRange and uses
are truncating to 32bit integers.
This change recovers the performance lost to 31bit Smis on
Octane/crypto on x64:
32bit nosmis avg 30,984.84 stddev 180.52
31bit smis (w/o patch) avg 29,438.52 stddev 120.30 -4.99%
31bit smis avg 31,274.52 stddev 176.26 +0.93% +6.24%
Change-Id: I86d6e37305262336f4f7bd46aac0d2cbca11e8c1
Bug: v8:8344
Reviewed-on: https://chromium-review.googlesource.com/c/1323729
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57717}
This should make it possible to load a new graph without reloading
Turbolizer.
Notry: true
Change-Id: Ic6f8bdf7fee658836612043d8893614ae54d7e15
Bug: v8:7327
Reviewed-on: https://chromium-review.googlesource.com/c/1347476
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57716}
In preparation for converting these stubs to builtins. This turns
compile-time elements kind parameters into a runtime check, essentially
emitting all contained logic for each elements kinds and dispatching
at runtime.
Bug: v8:7777
Change-Id: I7a5c97ea2775e9f8ff469db6ab577de6c65c6bbe
Reviewed-on: https://chromium-review.googlesource.com/c/1340282
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57714}
Initial port of Array.p.join came before Torque had exception
handling. This small cleanup also simplifies a future CL
porting TypedArray.p.join.
Bug: v8:7624
Change-Id: I74f3880ee6e87917bc87e41d94be1a83b039384b
Reviewed-on: https://chromium-review.googlesource.com/c/1347514
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Peter Wong <peter.wm.wong@gmail.com>
Cr-Commit-Position: refs/heads/master@{#57712}
This commit adds a --run-skipped flag to the test runner that will
bypass the 'SKIP' status.
Bug: v8:8485
Change-Id: Iac012bdaf2de6b0f8e44ed3a65bc9330709527bb
Reviewed-on: https://chromium-review.googlesource.com/c/1346490
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57710}
IA support both "push reg" and "push [mem]" assemble instruction.
Use OperandGenerator::UseAny() for initializing Operand of kX64Push with
should be more willing to use spill slots (Use constraints are marked
as register-beneficial; UseAny are not)
UnallocatedOperand: :REGISTER_OR_SLOT. That way, the register allocator
Change-Id: I8ffd66915c8acd64221182710257232ef19f06d6
Reviewed-on: https://chromium-review.googlesource.com/c/1337312
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57708}
With constant field tracking, we get more properties on instance. This
negatively affects the common scenario where objects are used as
module, i.e., they have large number of constant functions as properties.
In that case, we would transition the objects to dictionary mode.
Bug: v8:8361
Change-Id: If4831bd081f3c45be651e051e7375eb275d265b4
Reviewed-on: https://chromium-review.googlesource.com/c/1344110
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57707}
This is a reland of 6ec90ecee2
Original change's description:
> Reland "Create a fast path to get migration target when updating map"
>
> This is a reland of c285380ca8
>
> Original change's description:
> > Create a fast path to get migration target when updating map
> >
> > During map updating, store the pointer to new map in the
> > raw_transitions slot of the old map that is deprecated from map
> > transition tree. Thus, we can get the migration target directly
> > instead of TryReplayPropertyTransitions when updating map.
> >
> > This can improve Speedometer2.0 Elm-TodoMVC case by ~5% on ATOM
> > Chromebook and ~9% on big-core Ubuntu.
> >
> > Change-Id: I56f9ce5183bbdd567b964890f623ef0ceed9b7db
> > Reviewed-on: https://chromium-review.googlesource.com/1233433
> > Commit-Queue: Shiyu Zhang <shiyu.zhang@intel.com>
> > Reviewed-by: Igor Sheludko <ishell@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#56303}
>
> Change-Id: Idf0b7716b92a6a15bfe58721c2c34dbd02b31137
> Reviewed-on: https://chromium-review.googlesource.com/c/1270261
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Commit-Queue: Shiyu Zhang <shiyu.zhang@intel.com>
> Cr-Commit-Position: refs/heads/master@{#56588}
Change-Id: Iad23455f66c83340430370be6670bac493c638a1
Reviewed-on: https://chromium-review.googlesource.com/c/1309305
Commit-Queue: Shiyu Zhang <shiyu.zhang@intel.com>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57705}
Moves allocation of the WasmModuleObject for asm.js code out of SyncCompileTranslatedAsmJS
since that is called when we are compiling the native context independent SharedFunctionInfo
and the WasmModuleObject requires a native context. Instead save the members required to
create the object in the AsmWasmData and create it during module instantiation. Note:
since the Wasm module is an implementation detail for asm_wasm code and isn't exposed,
this doeesn't have semantic change for asm.js code.
As part of this change, the AsmWasmData is changed from a FixedArray to a dedicated
struct. Some logic is also moved from module-compiler to wasm-engine to make the
seperation between Wasm SyncCompile and AsmJS SyncCompile more clear.
BUG=chromium:900535,v8:8395
Change-Id: Ia48469c095b0688f210aa86e7430c9ab4ea4b26b
Reviewed-on: https://chromium-review.googlesource.com/c/1345509
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57704}
Types such as "function" have a ValueMirror that does not override
"buildObjectPreview()". This CL updates clients to check that the
preview was actually built after call it.
Bug: chromium:907400
Change-Id: Id569c98363d47b259a40790b596efedb3d14abc2
Reviewed-on: https://chromium-review.googlesource.com/c/1347067
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Erik Luo <luoe@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57703}
In preparation for incrementally migrating subclasses to deriving
from FixedArrayPtr/FixedArrayBasePtr. Once that is done for all
subclasses, this duplication will be dropped again.
Bug: v8:3770
Change-Id: I6d664997fdcb18f7c0f37183d9f920ae30f3b749
Reviewed-on: https://chromium-review.googlesource.com/c/1345325
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57702}
We haven't put 64bit constants in the constant pool for a while. This
CL removes the support, simplifying the implementation.
Change-Id: I2c8972ea74dc71ccd5c9d333947d681dad2ea6c0
Bug: v8:8054
Reviewed-on: https://chromium-review.googlesource.com/c/1346109
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57701}
Sharing WasmCall/StubCall will lead to relocation
being processed more than once in NativeModule::AddCode
for wasm.
R=joransiu@ca.ibm.com
Change-Id: I88d9a1a956fe36ef81e0a4c61d7dedf868bdf9a3
Reviewed-on: https://chromium-review.googlesource.com/c/1344510
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#57700}
Port de2681c1a8
Original Commit Message:
This adds a {PrintRegister} method which prints the given register in a
readable way (e.g. "eax", ... on ia32).
This is currently only used in Liftoff. The {RegisterConfiguration}
class has the same functionality, and I plan to make
{RegisterConfiguration} also use the new {RegisterName} functions in a
follow-up CL.
R=clemensh@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Change-Id: I8359ed22ebe88d5c30a45a9c6f3caa3b03d902ee
Reviewed-on: https://chromium-review.googlesource.com/c/1344509
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Joran Siu <joransiu@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#57698}
This reverts commit d8c471ffa1.
Reason for revert: breaks waterfall
Original change's description:
> [torque] change formatter to emit LF newlines on Windows
>
> Otherwise, it will always replace LF with CRLF, which is not what you
> want if you follow the Chromium instructions for Windows, that is,
> configure git with core.autocrlf = false.
>
> Change-Id: I30fcfc471cde79d5c80d05ce582a8507cf5810b5
> Reviewed-on: https://chromium-review.googlesource.com/c/1345150
> Reviewed-by: Daniel Clifford <danno@chromium.org>
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#57691}
TBR=danno@chromium.org,tebbi@chromium.org
Change-Id: Ib30ae0d5b1803dbe8e6e8a0928cc41a6ce2d2bb8
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/1346502
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57695}
and make the slot occupy two tagged words when pointer compression is enabled.
Tbr: bmeurer@chromium.org
Bug: v8:7703
Change-Id: Idcd3385cc7d5299d9bdaf6a69c7bd0591099f0bb
Reviewed-on: https://chromium-review.googlesource.com/c/1346489
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57693}
Also add the first intrinsic and usage of it: %RawCast
Bug: v8:7793
Change-Id: Id1e3288e8bab6adb510731076a39590e8fd156be
Reviewed-on: https://chromium-review.googlesource.com/c/1344152
Commit-Queue: Daniel Clifford <danno@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57692}
Otherwise, it will always replace LF with CRLF, which is not what you
want if you follow the Chromium instructions for Windows, that is,
configure git with core.autocrlf = false.
Change-Id: I30fcfc471cde79d5c80d05ce582a8507cf5810b5
Reviewed-on: https://chromium-review.googlesource.com/c/1345150
Reviewed-by: Daniel Clifford <danno@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57691}
Load elimination is running together with to dead code elimination, the
latter of which might eliminate allocations (in particular FinishRegion
nodes). These are treated as alias nodes by load elimination, and load
elimination does not immediatelly learn that a node has been disconnected.
This causes load elimination to access the inputs of dead code eliminated
nodes while resolving renames, which causes nullptr dereferences.
This CL modifies load elimination to not resolve to a nullptr alias but
simply stop before that.
Change-Id: If4cef061c7c0e25f353727c9e27f790439b0beb5
Bug: chromium:906406
Reviewed-on: https://chromium-review.googlesource.com/c/1346491
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57688}
Adds support to render the live ranges as ascii diagram. This is
similar in nature to what the c1visualizer would produce.
Also, print the visualization when tracing the register allocator.
Change-Id: Ib6a43f67ba356e9a80cacaddfdbd6d589c685483
Reviewed-on: https://chromium-review.googlesource.com/c/1346114
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Stephan Herhut <herhut@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57687}
This moves is_async and parenthesized_formals tracking out of the
ParseAssignmentExpression header. Instead we set flags on the parser for the
next arrow function: next_arrow_function_kind_ that defaults to kArrowFunction
and next_arrow_formals_parenthesized_ which defaults to false.
If we end up recognizing an async arrow head, we update
next_arrow_function_kind_ to kAsyncArrowFunction. If we detect (...) followed
by => or async(...) followed by => we set next_arrow_formals_parenthesized_ to
true. When we start parsing the arrow continuation we consume the values and
reset them to default for the next arrow function.
Change-Id: Ia22c0068fea0f175fafc568b7339813fd10c3b5a
Reviewed-on: https://chromium-review.googlesource.com/c/1345996
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57684}
It seems that allocating smaller pages is actually quite a bit faster than
larger pages, probably because they can be cached by malloc. Let's see what the
bots say.
In a follow-up I'll check whether the segment-pool is actually beneficial or
whether we should just remove it.
This also drops SegmentSize::kLarge as a way to make compilation deterministic.
Turns out that by now we need >8mb anyway, and the previous 1mb wasn't enough.
At the same time the compiler was fixed to not rely on virtual addresses of
zone objects anymore, and there's a bot checking whether the snapshot is
determistic.
Change-Id: I38cbb0d209d68b3671fd38763b42714811f4223e
Reviewed-on: https://chromium-review.googlesource.com/c/1346370
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57683}
Use the parser's IsValidReferenceExpression as a likely-succeeding precheck.
Slightly optimizes IsEvalOrArguments in the preparser and IsIdentifier for the
parser (we now have FailureExpression everywhere); and replaces
IsObjectLiteral||IsArrayLiteral by IsValidPattern.
Change-Id: I7e9684485c0ce454e640800566eb4b0a24c6bfc8
Reviewed-on: https://chromium-review.googlesource.com/c/1345995
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57682}
an abstraction that hides the details about how embedder data fields are
encoded in EmbedderDataArrays and JSObjects.
Bug: v8:7703
Change-Id: Ic9f6d9511bec557c6671aa6488b9545e353f968c
Reviewed-on: https://chromium-review.googlesource.com/c/1344155
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57679}
This reverts commit a5336471f2.
Reason for revert: Fails nosnap debug tests: https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20nosnap%20-%20debug/21838
Original change's description:
> [builtins] Implement Object.fromEntries
>
> Adds the Object.fromEntries() method behind
> --harmony-object-from-entries.
>
> > Includes an initial implementation of the new experimental builtin
> Object.fromEntries implemented by Daniel Clifford, and
> has been modified by Caitlin Potter to support a fast case to skip
> the iterator protocol when it can be done unobservably in common cases.
>
> There are some incidental changes: A number of CSA macros have been
> updated to use TNodes, and some Context arguments have been
> re-arranged to be implicit in Torque. >
>
> There are also a number of mjsunit tests written mirroring and
> expanding on the test262 tests.
>
> BUG=v8:8021
>
> Change-Id: I1c12bee8a2f98c6297b77d5d723910a5e3b630cc
> Co-authored-by: Daniel Clifford <danno@chromium.org>
> Co-authored-by: Caitlin Potter <caitp@igalia.com>
> Reviewed-on: https://chromium-review.googlesource.com/c/1337585
> Commit-Queue: Daniel Clifford <danno@chromium.org>
> Reviewed-by: Daniel Clifford <danno@chromium.org>
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#57667}
TBR=danno@chromium.org,caitp@igalia.com,tebbi@chromium.org
Change-Id: Id0cd8b16131f151a42dffbaca7e59ab17c68ab23
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8021
Reviewed-on: https://chromium-review.googlesource.com/c/1346116
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57677}
