This avoids implementation-defined signed overflow in the simulator's
AddWithCarry implementation. The implementation of AddWithCarry now uses
unsigned arithmetic exclusively.
Testing coverage is also significantly improved.
BUG=
Review-Url: https://codereview.chromium.org/2157283003
Cr-Commit-Position: refs/heads/master@{#37895}
Using Isolate is unsafe, because we might parse (and do scope analysis)
on a background thread.
The illegal access happens when encountering f(arguments) { ... }.
Kudos to verwaest@ for finding this bug.
R=verwaest@chromium.org, rossberg@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2158343002
Cr-Commit-Position: refs/heads/master@{#37893}
This frees up a field in Scope and untangles scope a little from the parser.
BUG=v8:5209
Review-Url: https://codereview.chromium.org/2160943004
Cr-Commit-Position: refs/heads/master@{#37887}
In a few places in the parser base, we were forced to initialize
variables of type ExpressionT even if it's not necessary, as they
are assigned to later on before their use. This was required
because, for the case of the preparser, ExpressionT is
PreParserExpression which had no default constructor.
This patch adds a default constructor, equivalent to EmptyExpression
for this class, and gets rid of the unnecessary initializations.
R=adamk@chromium.org, littledan@chromium.org
BUG=
LOG=N
Review-Url: https://codereview.chromium.org/2162763003
Cr-Commit-Position: refs/heads/master@{#37884}
Add a dedicated simplified operator to inline the general case for the
ToBoolean conversion. In a follow up CL we will also use the ToBoolean
hints gathered by the baseline compiler.
Review-Url: https://codereview.chromium.org/2167593002
Cr-Commit-Position: refs/heads/master@{#37882}
port 9be015a254 (r37854)
original commit message:
Calling Runtime::kAbort through a builtin instead of the c-entry stub
will allow to generate the call in a background thread, because a
builtin provides its own handle, whereas a code stub does not.
@v8-mips-ports: Could you take a special look at the padding that is
done in MacroAssembler::Abort()?
BUG=
Review-Url: https://codereview.chromium.org/2166703002
Cr-Commit-Position: refs/heads/master@{#37880}
Rolling v8/build to 4b2ee7d1824cdc45d8e3d4076c05f9a8af10e4ac
Rolling v8/tools/mb to 3f6bbf669fa2b89399cead251fe693ce71132779
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2166433004
Cr-Commit-Position: refs/heads/master@{#37879}
We are enabling this trial on canary to see if we can flush out some missing
context restores.
BUG=
Review-Url: https://codereview.chromium.org/2164633002
Cr-Commit-Position: refs/heads/master@{#37875}
Copies the behaviour of FullCode in attempting to get the state for
ForInPrepare inline and falling back to the runtime if necessary.
BUG=v8:4280
LOG=N
Review-Url: https://codereview.chromium.org/2155153002
Cr-Commit-Position: refs/heads/master@{#37874}
This adds an additional column with percentages to the output of
bytecode_dispatch_report.py --top-dispatches-for-bytecode.
The percentages always represent the relative number of dispatches to
the target bytecode to all dispatches from the source bytecode.
The additional flag --sort-sources-relative/-r allows sorting the
"Top sources of dispatches to" the given bytecode by this column to more
easily find bytecodes that significantly often dispatch to the target.
BUG=v8:4899
LOG=N
Review-Url: https://codereview.chromium.org/2159683003
Cr-Commit-Position: refs/heads/master@{#37873}
Reason for revert:
This cl causes a large regression in octane (https://chromeperf.appspot.com/group_report?bug_id=629503). I have to investigate the reason before I can reland this.
Original issue's description:
> [Interpreter] Collect type feedback for 'new' in the bytecode handler
>
> Collect type feedback in the bytecode handler for 'new' bytecode. The
> current implementation does not collect allocation site feedback.
>
> BUG=v8:4280, v8:4780
> LOG=N
>
> Committed: https://crrev.com/1eadc76419b323fb2e55ae9953142f801704aa59
> Cr-Commit-Position: refs/heads/master@{#37862}
TBR=rmcilroy@chromium.org,bmeurer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4280, v8:4780
Review-Url: https://codereview.chromium.org/2165633003
Cr-Commit-Position: refs/heads/master@{#37872}
This ports a large portion of Error methods to C++,
including the constructor, stack setter and getter,
and Error.prototype.toString.
BUG=
Review-Url: https://codereview.chromium.org/2142933003
Cr-Commit-Position: refs/heads/master@{#37870}
Instead of wriring the elements kind transitions into the control flow
early on, we do instead put this marker into the effect chain, so that
the elements transitions are visible to the LoadElimination and can
thus be optimized properly there.
This CL itself doesn't add any of those optimizations, but just adds
the foundations to make them possible later.
R=jarin@chromium.org
BUG=v8:4930,v8:5141
Review-Url: https://codereview.chromium.org/2164573003
Cr-Commit-Position: refs/heads/master@{#37869}
This probably slightly speeds up AllocateParameterLocals, but more importantly it removes ast_value_factory_ uses. If we get rid of ast_value_factory from Scope it's easier to lazily allocate it later from within a ScopeState object.
BUG=v8:5209
Review-Url: https://codereview.chromium.org/2158333002
Cr-Commit-Position: refs/heads/master@{#37868}
Original issue's description:
> [interpeter] Move to table based peephole optimizer.
>
> Introduces a lookup table for peephole optimizations.
>
> Fixes some tests using BytecodePeepholeOptimizer::Write() that should
> have been update to use BytecodePeepholeOptimizer::WriteJump().
>
> BUG=v8:4280
> LOG=N
>
> Committed: https://crrev.com/f4234422b93b21a286b0f31799009bcbe8b90b9e
> Cr-Commit-Position: refs/heads/master@{#37819}
BUG=v8:4280
LOG=N
Review-Url: https://codereview.chromium.org/2164583002
Cr-Commit-Position: refs/heads/master@{#37866}
This reduces memory usage when parsing (because temp_zones are discarded
every now and then) and work done by FuncNameInferrer.
BUG=
Review-Url: https://codereview.chromium.org/2156013002
Cr-Commit-Position: refs/heads/master@{#37863}
Collect type feedback in the bytecode handler for 'new' bytecode. The
current implementation does not collect allocation site feedback.
BUG=v8:4280, v8:4780
LOG=N
Review-Url: https://codereview.chromium.org/2153433002
Cr-Commit-Position: refs/heads/master@{#37862}
Port 8e18a5f2a0
Failing on r6 due to wrong registers used in macro assembler.
TEST=test-run-machops/RunInt32MulWithOverflowImm
BUG=
Review-Url: https://codereview.chromium.org/2165533002
Cr-Commit-Position: refs/heads/master@{#37861}
This will allow us to move more state from Scope into ScopeState and lazily allocate full Scopes only when needed.
BUG=v8:5209
Review-Url: https://codereview.chromium.org/2160593002
Cr-Commit-Position: refs/heads/master@{#37858}
For 64-bit cmp, replace the if clause with InputOperand2_64(), and apply the
same change to cmn.
BUG=
Review-Url: https://codereview.chromium.org/2160643002
Cr-Commit-Position: refs/heads/master@{#37855}
This allows to pass deoptimization reasons to the profiler without the
requirement of always providing a source position. The absence of deopt
reasons is now communicated via a sentinel as the deopt id value. The
deoptimization reasons recently added to TurboFan are now passed to the
profiler.
R=bmeurer@chromium.org
TEST=cctest/test-cpu-profiler
Review-Url: https://codereview.chromium.org/2159793002
Cr-Commit-Position: refs/heads/master@{#37852}
We need to pay attention to potential side effects from parameter
evaluation when inlining the fast case Array.prototype.shift.
R=yangguo@chromium.org
BUG=chromium:614644
Review-Url: https://codereview.chromium.org/2161943002
Cr-Commit-Position: refs/heads/master@{#37850}
Introduce a proper CodeStubAssembler::BranchIfToBooleanIsTrue helper
method, that branches to if_true/if_false labels depending on whether
the value that is passed would yield true or false when fed to
ToBoolean. Use this helper to implement the bytecode handlers w/o having
to materialize the temporary booleans and essentially branching twice.
The CodeStubAssembler::BranchIfToBooleanIsTrue helper favors the most
likely case of a Boolean constant now.
Also migrate the ToBooleanStub to a ToBoolean TurboFan builtin, that
also uses the helper method under the hood.
Remove the now obsolete Oddball::to_boolean field.
R=hpayer@chromium.org, rmcilroy@chromium.org, yangguo@chromium.org
Review-Url: https://codereview.chromium.org/2151163002
Cr-Commit-Position: refs/heads/master@{#37849}
Rolling v8/base/trace_event/common to f8c51e1c3b08cd1c03986f098732b87ba98a3475
Rolling v8/build to 1303552bdbd1791ad26b62f7c7052cbbf0326574
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2161933002
Cr-Commit-Position: refs/heads/master@{#37847}
