Rewrites import.meta expressions into null literals. Builds on top
of- and requires dynamic import parsing to simplify the implementation.
Adds a new --harmony-import-meta flag.
BUG=v8:6693
Change-Id: Iadb7ddf6bad8986bf3ad641dbd3826fe730b5f44
Reviewed-on: https://chromium-review.googlesource.com/702678
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48359}
Use case: anonymous script with sourceMappingUrl. User can set
breakpoint in source with sourceUrl from sourceMap, we persist this
breakpoint in DevTools and on page reload breakpoint should be restored
correctly.
Debugger.setBreakpointByUrl method provides capabilities to set
provisional breakpoints and looks like best candidate for new "scriptHash"
argument.
I considered other options such as replacing scriptId with something
more persistent like "script-hash:script-with-this-hash-number" but it
looks more complicated and doesn't provide clear advantages.
One pager: http://bit.ly/2wkRHntR=pfeldman@chromium.org
Bug: chromium:459499
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I0e2833fceffe6b04afac01d1a4522d6874b6067a
Reviewed-on: https://chromium-review.googlesource.com/683597
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48357}
Further optimize the
new Array(n)
expressions by also inlining the backing store allocation into TurboFan
optimized code. Currently these backing store allocations cannot be
eliminated by escape analysis and can also not be optimized further by
the memory optimizer (i.e. no allocation folding and not write barrier
elimination) yet, but this can be done in follow-up CLs.
This yields another ~5% improvement on the ARES6 ML benchmark (steady
state).
Drive-by-fix: Add support for loops to the GraphAssembler. This was
necessary to implement the initialization loops in for the backing
store allocations in the EffectControlLinearizer.
Bug: v8:6399, v8:6901
Change-Id: I759d6802db01eb797e78c7d82d82caaee3463e16
Reviewed-on: https://chromium-review.googlesource.com/705934
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48352}
The twodigit_t code path emitted a library call rather than
a hardware "div" instruction. This is because compilers are
playing it safe: "div" can overflow when the divisor is too
small. Our algorithm carefully avoids this though, so using
the hardware "div" instruction is safe.
This speeds up a microbenchmark by almost 50%.
Bug: v8:6791
Change-Id: I35a73f8acdaca24f18327fbdaf7f53c4fd450c40
Reviewed-on: https://chromium-review.googlesource.com/686002
Reviewed-by: Ben Smith <binji@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48351}
The typical pattern for using BuildCCall was to create a stack-allocated array
of arguments, which was passed to BuildCCall. BuildCCall then would allocate
scratch space using WasmGraphBuilder::Buffer and copy the arguments into the
scratch space. This copy is unnecessary and also the use of Buffer can lead to
silently overwriting scratch space that may be used higher up the stack.
Now BuildCCall takes all of the functions parameters as arguments and stores
this directly in a stack-allocated buffer, avoiding the use of Buffer at all and
all its associated pitfalls.
Change-Id: Ia0de9a90350d7fcbbb1b05d28e735d790a5f9143
Reviewed-on: https://chromium-review.googlesource.com/701638
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Eric Holk <eholk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48350}
Make calls like
new Array(n)
new A(n)
(where A is a subclass of Array) inlinable into TurboFan. We do this by
speculatively checking that n is an unsigned integer that is not greater
than JSArray::kInitialMaxFastElementArray, and then lowering the backing
store allocation to a builtin call. The speculative optimization is
either protected by the AllocationSite for the Array constructor
invocation (if we have one), or by a newly introduced global protector
cell that is used for Array constructor invocations that don't have an
AllocationSite, i.e. the ones from Array#map, Array#filter, or from
subclasses of Array.
Next step will be to implement the backing store allocations inline in
TurboFan, but that requires Loop support in the GraphAssembler, so it's
done as a separate CL. This should further boost the performance.
This boosts the ARES6 ML benchmark by up to 8% on the steady state,
and also improves monomorphic Array#map calls by around 20-25% on the
initial setup.
Bug: v8:6399
Tbr: ulan@chromium.org
Change-Id: I7c8bdecf7c814ce52db6ee3051c3206a4f7d4bb6
Reviewed-on: https://chromium-review.googlesource.com/704639
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48348}
This brings V8's behavior in line with both the spec and with
other engines.
This also fixes the (now-incorrect) DCHECK in BytecodeGenerator relating
to the delete operator's application to a VariableProxy.
Bug: v8:6697, v8:6721
Change-Id: I413c02af235b0bb652eb4c5d5c971e2cf80e0906
Reviewed-on: https://chromium-review.googlesource.com/703894
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48346}
Also remove vogelheim (no longer on the team) for clarity.
Change-Id: Ida6d058252f17b71bb158308657ae2d18b52c2b2
Reviewed-on: https://chromium-review.googlesource.com/703161
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48345}
Avoid splitting functionality in two interface calls and passing around
a void* between them.
R=kschimpf@chromium.org
Change-Id: I0e12ff0295852ce5c36f7c3fb3b2c51dc0f2677e
Reviewed-on: https://chromium-review.googlesource.com/702484
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48335}
Currently, the transition elements kind operation invalidates the
elements of all other arrays. In particular, if we loop over matrix
elements using two nested loops, and do possibly transitioning access
a[i][j] in every iteration, we invalidate the load elimination state
for the array 'a' because a[i][j] might transition elements kind
for the 'a[i]' array. As a result, the 'a[i]' access cannot be
hoisted from the inner loop.
With this CL, we figure out that transitioning 'a[i]' cannot affect 'a'
because we know that 'a' does not have the transition's source map.
In the micro-benchmark below, the time for summing up the elements of
100x100 matrix improves by factor of 1.7 (from ~340ms to ~190ms).
function matrixSum(a) {
let s = 0;
let rowCount = a.length;
let columnCount = a[0].length;
for (let i = 0; i < rowCount; i++) {
for (let j = 0; j < columnCount ; j++) {
s += a[i][j];
}
}
return s;
}
// Setup the matrices:
// Smi elements.
var ma = [[1, 2], [3, 4]];
// Holey double elements.
var b = Array(100);
for (let i = 0; i < 100; i++) b[i] = 1.1;
var mb = [];
for (let i = 0; i < 100; i++) mb[i] = b;
// Warmup.
matrixSum(mb);
matrixSum(mb);
matrixSum(ma);
matrixSum(mb);
matrixSum(ma);
%OptimizeFunctionOnNextCall(matrixSum);
function runner(m) {
let s = 0;
for (let i = 0; i < 1e4; i++) {
s += matrixSum(m);
}
return s;
}
// Make sure the runner does not know the elements kinds.
%NeverOptimizeFunction(runner);
// Measure.
console.time("Sum");
runner(mb);
console.timeEnd("Sum");
Bug: v8:6344
Change-Id: Ie0642d8693ed63116b1aaed7d2f261fcb64729fe
Reviewed-on: https://chromium-review.googlesource.com/704634
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48334}
And other cleanups to reuse computed function names, and use
EmbeddedVector instead of ScopedVector (stack allocated instead of heap
allocated).
R=titzer@chromium.org
Change-Id: Id293946dc9aa574e7d185ff23b87068bca74549f
Reviewed-on: https://chromium-review.googlesource.com/690474
Reviewed-by: Ben Titzer <titzer@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48332}
Array (subclass) constructor calls with 0 parameters are now properly
turned into inline allocations, also Array (subclass) constructor calls
with exactly one parameter, which is either known to not be a Number
or which is a known integer in the valid loop unrolling range.
Also refactor the general JSCreateArray lowering logic to properly
support Array subclasses, i.e. deal with inobject properties and
initial maps correctly.
This boosts performance of those cases significantly (and will allow
us to reduce the complexity of the Array constructor significantly
long-term). For example the simple case
new Array("a", "b", "c", "d", "e", "f", "g")
is now around 10x faster than before.
Bug: v8:6399
Change-Id: I70661971398524ee0c6a349ee559b98a962a6266
Reviewed-on: https://chromium-review.googlesource.com/703134
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48325}
Fix disassembly of atomic operations for the inspector.
BUG=v8:6842,v8:6532
Change-Id: I3701b55c28b10561d1726e2c0b9fe2e1b2c76b8e
Reviewed-on: https://chromium-review.googlesource.com/703468
Commit-Queue: Brad Nelson <bradnelson@chromium.org>
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Reviewed-by: Ben Smith <binji@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48324}
Power-of-two radixes were supported already; this adds all others
(with 2 <= radix <= 36).
Bonus: fix digit_div fallback path for divisors with no leading zeros.
Bug: v8:6791
Change-Id: Id472667f057ad13338e0d8257a899490490e6f8f
Reviewed-on: https://chromium-review.googlesource.com/693316
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Daniel Ehrenberg <littledan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48323}
This adds a new simd lowering execution mode for
simd and re-enables the lowering tests
R=titzer@chromium.org,gdeepti@chromium.org,bbudge@chromium.org,mtrofin@chromium.org
BUG=v8:6020
Change-Id: Ice6b7ff2f5973804d379c88241d49b811429a965
Reviewed-on: https://chromium-review.googlesource.com/698928
Commit-Queue: Aseem Garg <aseemgarg@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48322}
The code used to rely on all such loops having a block scope around
them, but that is no longer the case for loops whose loop variables
are VAR-declared.
This patch introduces a new DeclarationDescriptor::Kind for such
variables, and sets it during parsing, allowing the variable
declaration code to note them as assigned appropriately.
Bug: chromium:768158
Change-Id: I0cd60e8c8c735681be9dbb9344a93156af09c952
Reviewed-on: https://chromium-review.googlesource.com/701624
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48320}
This allows us to remove the loop while calculating the hash value and
just use the HashMask as the mask for ComputeIntegerHash. This
previously overflowed on 32-bit systems failing the Smi::IsValid
check.
Bug: v8:6404
Change-Id: I84610a7592fa9d7ce4fa5cef7903bd50b8e8a4df
Reviewed-on: https://chromium-review.googlesource.com/702675
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48319}
The default component for src/ was Blink>JavaScript>Runtime
before. Unfortunately this is only partly true and tools
that use the information in the OWNERS file often misassign
issues because of it.
R=machenbach@chromium.org
NOTRY=true
Change-Id: I81457da1394a410fd494702f206af69857109c1c
Reviewed-on: https://chromium-review.googlesource.com/701758
Reviewed-by: Michael Hablich <hablich@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org>
Commit-Queue: Michael Hablich <hablich@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48315}
At the moment we check only in the module-decoder if the sections in a
module appear at most once. The code section, however, we process
already before this check. With this CL we check that there is at most
one code section before we start processing it.
R=clemensh@chromium.org
TEST=WasmStreamingDecoderTest.TwoCodeSections
Bug: chromium:771916
Change-Id: Icc79d5a87ab39f450a35c688f74ea5e67cae4b3c
Reviewed-on: https://chromium-review.googlesource.com/702379
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48314}
This makes the test robust for stress GC flags.
Bug:
Change-Id: Ica65987f0ee09fbdb4aab233dea4c51db5b19459
Reviewed-on: https://chromium-review.googlesource.com/702436
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48313}
If sweeping is not making progress and there are many young generation
GCs happening, then this can lead to accumulation of memory chunks in
the unmapper queue.
Bug: chromium:771966
Change-Id: Ief73ada0d17198a80b668850c6d2e7ea413113e7
Reviewed-on: https://chromium-review.googlesource.com/702479
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48312}
This fixes some of the old legacy API that used empty Handle<>
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I861e31a4a6f65bc497bfc512174adba39c17abca
Reviewed-on: https://chromium-review.googlesource.com/701634
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48311}