The in-operator has recently been optimized making our smart macros obsolete.
This should give up to 10% speedup on forEach and friends.
BUG=v8:5041
Review-Url: https://codereview.chromium.org/2013873002
Cr-Commit-Position: refs/heads/master@{#36576}
An additional slide offset is exported into `shared-library`, which is used to
symbolize C++ stack on systems with ASLR (OS X).
This patch adds slide offset support in dumpcpp script.
BUG=v8:5048
Review-Url: https://codereview.chromium.org/2006813002
Cr-Commit-Position: refs/heads/master@{#36574}
This fixes data-flow tracking of sub-word (i.e. int8 or int16) element
accesses withing the escape analysis. In essense this makes sure that
we only ever consider the offset for loads and stores on tracked objects
and avoid mangling the offset on untracked ones.
R=jarin@chromium.org
TEST=cctest/test-api/Fixed[U]Int[8,16]Array
Review-Url: https://codereview.chromium.org/2008883002
Cr-Commit-Position: refs/heads/master@{#36573}
port 91c88644dc (r36539)
original commit message:
We get less "pollution" of type feedback if we have one vector per native
context, rather than one for the whole system. This CL moves the vector
appropriately.
BUG=
Review-Url: https://codereview.chromium.org/2019263002
Cr-Commit-Position: refs/heads/master@{#36570}
These builtins always call into C++ anyways and so there's no point in
having the JavaScript wrapper around them, but instead they can be
implemented as C++ builtins directly.
R=franzih@chromium.org
BUG=v8:5049
Review-Url: https://codereview.chromium.org/2018983002
Cr-Commit-Position: refs/heads/master@{#36569}
Rolling v8/build to 10d3723f73a8bfb0bcbee33f368d92dea8ad1bd7
Rolling v8/tools/clang to ef8e028ea0f0fdf3be7be6e817e5c26c8ba7aebe
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2021623002
Cr-Commit-Position: refs/heads/master@{#36566}
One of the top runtime calls in many workloads is Runtime_Call. Add an
intrinsic for the interpreter to inline this runtime call.
BUG=v8:4280
LOG=N
Review-Url: https://codereview.chromium.org/2019433003
Cr-Commit-Position: refs/heads/master@{#36565}
The busted logic caused us to go down the SCRIPT path internally,
causing us to fail the test262 tests that attempt to induce parse
errors at the top level.
R=littledan@chromium.org
BUG=v8:4985
Review-Url: https://codereview.chromium.org/2008743002
Cr-Commit-Position: refs/heads/master@{#36563}
We now have data that 0.011% of websites use the pattern
for (var i = 0 in j) { ... }
This pattern was banned by ES2015, with the idea to revisit if
it presents a web compatibility problem. Informally, after
the May 2016 TC39 meeting, the new data was discussed, and there
was interest in reversing the decision. Although the specification
is not yet updated, it seems likely to come soon.
This patch turns off the flag which bans that construct, reenabling
it. The change should prevent websites from breaking.
BUG=v8:4942
Review-Url: https://codereview.chromium.org/2011223003
Cr-Commit-Position: refs/heads/master@{#36562}
Some tests, e.g. in test262, want to create a new same-origin
realm. This patch exposes a new function,
Realm.createAllowCrossRealmAccess(), which vends a new realm with
the same security token as the currently executing one.
Review-Url: https://codereview.chromium.org/1973363004
Cr-Commit-Position: refs/heads/master@{#36561}
- Renames UnallocatedOperandenum values to reflect the fact that there are
multiple FP machine representations.
- Renames enum values for RegisterAllocatorVerifier enum.
- Template-izes DefineAsFixed and UseFixed methods to handle multiple FP
register types.
BUG=v8:4124
Review-Url: https://codereview.chromium.org/2017733002
Cr-Commit-Position: refs/heads/master@{#36558}
Annex B 3.3 applies only for ordinary FunctionDeclarations, not
GeneratorDeclarations or AsyncFunctionDeclarations. This patch
- Skips applying Annex B 3.3 to async functions
- Adds a flag to refrain from applying it to generators
- UseCounter for how often duplicate function in block occurs
with generators (unclear how to measure need for hoisting from block)
BUG=v8:4806
Review-Url: https://codereview.chromium.org/1995863002
Cr-Commit-Position: refs/heads/master@{#36557}
intl/number-format/parse-percent.js
intl/date-format/parse-mdyhms.js
intl/number-format/parse-decimal.js
intl/date-format/parse-MMMdy.js
Also added a few more test cases.
BUG=v8:3454
TEST=The tests listed above.
Review-Url: https://codereview.chromium.org/1988073003
Cr-Commit-Position: refs/heads/master@{#36555}
This is a temporary band-aid to turn an uncontrolled segfault into
a safe crash. The proper fix will probably be to abort compilation.
BUG=chromium:582702
Review-Url: https://codereview.chromium.org/2021433003
Cr-Commit-Position: refs/heads/master@{#36554}
Rename some methods to reflect the fact that there are multiple FP
machine representations.
LOG=N
BUG=v8:4124
Review-Url: https://codereview.chromium.org/2013193002
Cr-Commit-Position: refs/heads/master@{#36552}
This CL makes sure that Symbols-keys are printed the same way for
fast and slow properties. Additionally the elements and properties
are marked clearer in the output.
BUG=
Review-Url: https://codereview.chromium.org/2008893002
Cr-Commit-Position: refs/heads/master@{#36550}
This allows sloppy arguments objects to be allocated by the generic
Heap::AllocateJSObjectFromMap allocation function. An empty elements
backing store for such objects is provided. This is needed in order to
materialize such objects without access to a specific native context.
R=bmeurer@chromium.org
TEST=mjsunit/regress/regress-crbug-613919
BUG=chromium:613919
Review-Url: https://codereview.chromium.org/2014343004
Cr-Commit-Position: refs/heads/master@{#36547}
This was initially used to special case some weird date.js behavior, but
has since been abused in other areas. In case of the string character
access, everything that is outside the Smi range cannot be a valid
string index anyways, so %NumberToSmi is perfect here in either case,
and for ToPositiveInteger it's better to just use ToInteger adding +0 to
turn -0 into +0.
R=ishell@chromium.org
BUG=v8:5049
Review-Url: https://codereview.chromium.org/2010183003
Cr-Commit-Position: refs/heads/master@{#36545}
Adding optional operators for FNeg for WebAssembly, as the current implementation was significantly suboptimal for ARM.
Review-Url: https://codereview.chromium.org/2011303002
Cr-Commit-Position: refs/heads/master@{#36544}
Rewrite decodeURI and decodeURIComponent as builtin functions
and install them in the bootstrapper.
Delete unused runtime functions:
- TruncateString
- NewString
- OneByteSeqStringGetChar
- OneByteSeqStringSetChar
- TwoByteSeqStringGetChar
- TwoByteSeqStringSetChar
Add regression test for decoding large strings. Clusterfuzz detected
a problem with %TruncateString, see
https://bugs.chromium.org/p/chromium/issues/detail?id=612109#c6
This is automatically fixed by this rewrite because %TruncateString
is deleted anyways.
Crude benchmark on 585 decodeURI and decodeURIComponent tests
averaged over five runs:
* builtin functions
real 0m9.69s
user 2m39.8816s
sys 0m12.6398s
* JS functions calling into the runtime e.g., for %TruncateString
real 0m11.0598s
user 3m6.7026s
sys 0m13.5756s
By running:
$ time tools/run-tests.py --arch=x64 --mode=Release --buildbot
test262/built-ins/decodeURI* mjsunit/uri
>>> Running tests for x64.Release
BUG=v8:4912, chromium:612109
R=yangguo@chromium.org, bmeurer@chromium.org
Review-Url: https://codereview.chromium.org/1994733003
Cr-Commit-Position: refs/heads/master@{#36543}
This inlines the test and compare binary operations into Ignition.
With this CL all binary ops are inlined into Ignition's bytecode
handlers.
Some blocks were shuffled around in Equals/NotEquals stubs to avoid
creating frames unecessarily. Some labels were also marked as non-
deferred in both Equals/NotEquals and the AbstractRelationalComparison
stubs for the same reason.
BUG=v8:4280
LOG=N
Review-Url: https://codereview.chromium.org/2013573004
Cr-Commit-Position: refs/heads/master@{#36542}
Commit c86f189 corrected the way context from which a specific error is
thrown, but the in-line comment was not updated to reflect this.
Update the comment to accurately describe the intended behavior.
LOG=N
R=littledan@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/1999483002
Cr-Commit-Position: refs/heads/master@{#36541}
This intrinsic (and the matching runtime entry) are no longer used by
now and can thereby be removed.
BUG=v8:5049
Review-Url: https://codereview.chromium.org/2016993003
Cr-Commit-Position: refs/heads/master@{#36540}
We get less "pollution" of type feedback if we have one vector per native
context, rather than one for the whole system. This CL moves the vector
appropriately.
BUG=
Review-Url: https://codereview.chromium.org/1906823002
Cr-Commit-Position: refs/heads/master@{#36539}
Currently Mac ComputeThreadTicks only uses user time, this patch adds system
time in order to get more accurate CPU time.
BUG=v8:4984
LOG=n
Review-Url: https://codereview.chromium.org/2016513002
Cr-Commit-Position: refs/heads/master@{#36538}
For the common use case of having a single resolve or reject callback,
the callbacks are stored directly. Only when an additional callback is
registered, we create an array to store these callbacks.
There are 3 possible states for the resolve, reject symbols when we add
a new callback --
1) UNDEFINED -- This is the zero state where there is no callback
registered. When we see this state, we directly attach the callbacks to
the symbol.
2) !IS_ARRAY -- There is a single callback directly attached to the
symbols. We need to create a new array to store additional callbacks.
3) IS_ARRAY -- There are multiple callbacks already registered,
therefore we can just push the new callback to the existing array.
Also, this change creates a new symbol for storing the deferred objects.
Previously the deferred objects were stored in the callback arrays, but
since we no longer create arrays for the initial case, we need this new
symbol. The cctest has been updated to account for this new symbol.
This patch results in a 19% improvement(over 5 runs) in the bluebird benchmark.
BUG=v8:5046
Review-Url: https://codereview.chromium.org/2007803002
Cr-Commit-Position: refs/heads/master@{#36536}
Adds an API to request the total size of code/bytecode and their associated
metadata in the heap. When requested, the code_space, old_space and
large_object_space is scanned to find any code/bytecode array objects.
This could be slow and hence it should be used with caution.
BUG=v8:5019
LOG=N
Review-Url: https://codereview.chromium.org/1997363002
Cr-Commit-Position: refs/heads/master@{#36534}
Rolling v8/build to a11885a5fd2ae5b45d97a2bbfe3e33ab13a88f68
Rolling v8/third_party/icu to 4745cccafba8cdb646263fa48b959f386722c155
Rolling v8/tools/clang to 5c08263d87fd4fe23df4f73323cd6146f5dfe7b2
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2015453004
Cr-Commit-Position: refs/heads/master@{#36533}
