backing store.
Details of tracking:
- Scavenge: New space pages are processes in bulk on the main thread
- MC: Unswept pages are processed in bulk in parallel. All other pages
are processed by the sweeper concurrently.
BUG=chromium:611688
LOG=N
TEST=cctest/test-array-buffer-tracker/*
CQ_EXTRA_TRYBOTS=tryserver.v8:v8_linux_arm64_gc_stress_dbg,v8_linux_gc_stress_dbg,v8_mac_gc_stress_dbg,v8_linux64_tsan_rel,v8_mac64_asan_rel
Review-Url: https://codereview.chromium.org/2036643002
Cr-Commit-Position: refs/heads/master@{#36798}
PrimaryStubCache and SecondaryStubCache: resurrected outdated tests (and enabled stub cache counters in the new LoadIC).
TryProbeStubCache: decreased number of code objects created.
Review-Url: https://codereview.chromium.org/2040193002
Cr-Commit-Position: refs/heads/master@{#36794}
Uses float registers s0-s31 for moves and swaps when rep is kFloat32.
Changes bitcast to use float registers.
LOG=N
BUG=v8:4124
Review-Url: https://codereview.chromium.org/2039843003
Cr-Commit-Position: refs/heads/master@{#36791}
In most cases we return a Smi and undefined for the other cases. Hence there
is no need to handlify the result unecessary. Additionally pass in the isolate
for the hash-symbol lookup.
BUG=
Review-Url: https://codereview.chromium.org/2044843002
Cr-Commit-Position: refs/heads/master@{#36790}
This declares v8_enable_slow_dchecks and v8_optimized_debug
as gn args. It adds support for dcheck_always_on and
debugging with v8_optimized_debug = false.
BUG=chromium:474921
NOTRY=true
Review-Url: https://codereview.chromium.org/2024833002
Cr-Commit-Position: refs/heads/master@{#36789}
Using the isolate to check for IsUndefined and IsTheHole is roughly at least
20% faster in the worst-case and up to a factor 2x in the best case.
BUG=
Review-Url: https://codereview.chromium.org/2031533002
Cr-Commit-Position: refs/heads/master@{#36787}
It may be that we have a feedback vector, but no literals. In this case
we can store into the OptimizedCodeMap directly instead of using a WeakCell,
because all data in the feedback vector is already held weakly.
The use of a WeakCell in the OptimizedCodeMap is only required when
there are literals which may hold maps strongly.
This is to address a performance regression caused by the creation of
a large number of WeakCells.
BUG=chromium:615831
Review-Url: https://codereview.chromium.org/2031123003
Cr-Commit-Position: refs/heads/master@{#36786}
Reason for revert:
Blink:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/7296
Original issue's description:
> [builtins] Properly optimize TypedArray/DataView accessors.
>
> The following getters were moved to the TypedArray/DataView prototype
> chain with ES2015, and hence need different treatment now:
>
> - DataView.prototype.buffer
> - DataView.prototype.byteLength
> - DataView.prototype.byteOffset
> - TypedArray.prototype.buffer
> - TypedArray.prototype.byteLength
> - TypedArray.prototype.byteOffset
> - TypedArray.prototype.length
>
> Instead of having special magic on the LoadIC in the IC system and the
> optimizing compilers, as we used to do before (and which we got rid of
> already), we just treat those as normal accessors and make them
> recognizable via the BuiltinFunctionId mechanism. This allows us to
> remove some of the additional magic from the IC subsystem, and just
> extend the BuiltinFunctionId mechanism in Crankshaft slightly to cover
> these cases too (TurboFan doesn't yet support accessors, but that will
> be fixed soonish anyways).
>
> This addresses most of the 15-20% regression we saw on the Octane
> GameBoy emulator benchmark.
>
> BUG=chromium:579905,chromium:593634,v8:4085,v8:5073
> R=yangguo@chromium.org
>
> Committed: https://crrev.com/1ef737026565ea2becc84f30cfd432e581d50c6b
> Cr-Commit-Position: refs/heads/master@{#36782}
TBR=yangguo@chromium.org,bmeurer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:579905,chromium:593634,v8:4085,v8:5073
Review-Url: https://codereview.chromium.org/2039093005
Cr-Commit-Position: refs/heads/master@{#36783}
The following getters were moved to the TypedArray/DataView prototype
chain with ES2015, and hence need different treatment now:
- DataView.prototype.buffer
- DataView.prototype.byteLength
- DataView.prototype.byteOffset
- TypedArray.prototype.buffer
- TypedArray.prototype.byteLength
- TypedArray.prototype.byteOffset
- TypedArray.prototype.length
Instead of having special magic on the LoadIC in the IC system and the
optimizing compilers, as we used to do before (and which we got rid of
already), we just treat those as normal accessors and make them
recognizable via the BuiltinFunctionId mechanism. This allows us to
remove some of the additional magic from the IC subsystem, and just
extend the BuiltinFunctionId mechanism in Crankshaft slightly to cover
these cases too (TurboFan doesn't yet support accessors, but that will
be fixed soonish anyways).
This addresses most of the 15-20% regression we saw on the Octane
GameBoy emulator benchmark.
BUG=chromium:579905,chromium:593634,v8:4085,v8:5073
R=yangguo@chromium.org
Review-Url: https://codereview.chromium.org/2042013003
Cr-Commit-Position: refs/heads/master@{#36782}
This avoids the inclusion of inline headers (i.e. vm-state-inl.h in this
case) in a normal header. There are three more such violations left in
the code-base after this change.
R=verwaest@chromium.org
Review-Url: https://codereview.chromium.org/2039913002
Cr-Commit-Position: refs/heads/master@{#36781}
Without the boundary prototypes we have to keep track of all shadowing properties
throughout the complete prototype chain. This contradicts the finding that most
objects have a rather large number of non-enumerable properties on the prototype
chain.
BUG=v8:705, v8:4905, v8:4706
Review-Url: https://codereview.chromium.org/2038043002
Cr-Commit-Position: refs/heads/master@{#36776}
There's no point in trying to extract the type hints from the
fullcodegen CompareICs, BinaryOpICs and ToBooleanICs if the
feedback is not consumed (which is guarded by the flag).
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2048543002
Cr-Commit-Position: refs/heads/master@{#36768}
Rolling v8/build to 274d94c4280f7a4bd0e5747ac4a6ac5d1aedad32
Rolling v8/third_party/android_tools to 5b5f2f60b78198eaef25d442ac60f823142a8a6e
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2046883002
Cr-Commit-Position: refs/heads/master@{#36767}
Reason for revert:
As a side effect of calling PromiseSet from
FulfillPromise, clears the deferred symbol and the
resolve/reject callback symbols. Although this
isn't strictly necessary, not doing this seems to
result in a leak as seen in --
https://bugs.chromium.org/p/chromium/issues/detail?id=617137#c10
Original issue's description:
> Promises: Make PromiseSet operation monomorphic
>
> The PromiseSet operation is called with two types of promises
> 1) A newly created promise object with no properties
> 2) Promise object with callbacks and other properties
>
> PromiseSet is called with the first type of promise (with no
> properties) from multiple call sites. PromiseSet is called with the
> second type of promise object only from FulfillPromise. Furthermore,
> this call only sets the value and status of the promise, the rest of
> the values are reset to UNDEFINED (which isn't necessary).
>
> This patch inlines the calls to set the value and status of the
> promise in FulfillPromise, instead of calling out to PromiseSet.
>
> This patch also reduces the number of symbol lookups, as we only set
> the value and status of the promise, and don't change the callback or
> deferred symbols.
>
> This patch results in a performance improvement of 2.8% over 5 runs in
> the bluebird benchmark.
>
> BUG=v8:5046
>
> Committed: https://crrev.com/df4f8a2b9ee9e474e674301718d19b63650a0ba5
> Cr-Commit-Position: refs/heads/master@{#36688}
TBR=littledan@chromium.org,adamk@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=v8:5046
Review-Url: https://codereview.chromium.org/2047553002
Cr-Commit-Position: refs/heads/master@{#36766}
When |ResolvePromise| is resolved with a promise that is
already fulfilled or resolved, we can short circuit the
promise resolution procedure by directly looking up the
result from the promise. We save creating two closures, enqueuing in
the promise queue, and running through PromiseThen.
This patch uses IsPromise to check if the |resolution| object is a native
promise and also checks if |resolution.then| hasn't been monkey
patched.
This patch adds some redundant code from PromiseThen like setting
the promiseHasHandlerSymbol and calling PromiseRevokeReject call,
which would've been taken care of by PromiseThen in the old code path.
This patch results in a 13.8% improvement(over 5 runs) in the bluebird
benchmarks.
BUG=v8:5046
Review-Url: https://codereview.chromium.org/2028253004
Cr-Commit-Position: refs/heads/master@{#36765}
As a first step I uncommit the memory on the main thread. Also to measure impact and stability of that optimization. In a follow-up CL, the uncommitting should be moved on the concurrent thread.
BUG=
Review-Url: https://codereview.chromium.org/2032393002
Cr-Commit-Position: refs/heads/master@{#36763}
We should use both the int value as well as the reloc info mode for the
key of a relocatable int{32|64}.
BUG=
Review-Url: https://codereview.chromium.org/2039023002
Cr-Commit-Position: refs/heads/master@{#36762}
This cl sketches an api for incremental wrapper tracing, but still uses the api
in the stop-the-world fashion. Responsibility to maintain a marking deque is
transfered to the embedder. V8 will still collect wrapper internal fields, but
will send them to the embedder after each incremental gc task. Wrappers must be
sent at latest by the time next oilpan gc runs - so blink can keep all
discovered wrappables alive.
The old api will be cleared after this cl and corresponding blink cl land.
Comments are very welcomed :)
LOG=no
BUG=468240
Review-Url: https://codereview.chromium.org/2032213003
Cr-Commit-Position: refs/heads/master@{#36761}
Prior to this change, both 0 and 1 as RNG seed would result in the same
internal state. state0 and state1 cannot both be zero, but murmur hash
maps 0 back to 0.
R=cbruni@chromium.org
BUG=v8:5069
Review-Url: https://codereview.chromium.org/2040953002
Cr-Commit-Position: refs/heads/master@{#36757}
Improve CheckedLoad and Store bounds checking for arrays with power of two
length.
BUG=
Review-Url: https://codereview.chromium.org/2043663002
Cr-Commit-Position: refs/heads/master@{#36756}
The stubs do not increase respective counters as they are in the snapshot and --native-code-counters is off during snapshot creation anyway.
Review-Url: https://codereview.chromium.org/2031753003
Cr-Commit-Position: refs/heads/master@{#36754}
This allows the header in question to be included without including any
other header files. This is step towards factory.h being self-contained.
R=clemensh@chromium.org
Review-Url: https://codereview.chromium.org/2043723002
Cr-Commit-Position: refs/heads/master@{#36752}
Since the generic GetCallingContext is deprecated, but there's still the
use case for the debugger to get the currently debugged context while in
the debug context, add a convenience API for it.
Note that EventDetails already exposes this context, but the embedder
might not necessarily have the EventDetails around.
R=verwaest@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2040853003
Cr-Commit-Position: refs/heads/master@{#36751}
