Currently we have V8 RuntimeCallStats that is independently from tracing when
running d8 with flag --runtime_call_stats. This patch embeds V8 runtime call
stats into tracing, by having a global table of runtime call counters each
isolate, resetting the table each time we enter a top level trace event, and
dumping the table for each top level trace event. This will make trace file more
compat, as well as enable runtime call stats in tracing system.
This patch adds ~5% overhead to V8 when the category is enabled, we measure the
overhead by running a script when category is enabled.
BUG=v8:5089
Committed: https://crrev.com/d014866173eaa2b548c566217b2c94b1d49385fa
Committed: https://crrev.com/1ca3b73bba4a7253ca8eeef39321d70e7d414331
Committed: https://crrev.com/3f936a5b17754783e92d2146eaf66c88a78ee45b
Review-Url: https://codereview.chromium.org/2187693002
Cr-Original-Original-Original-Commit-Position: refs/heads/master@{#38270}
Cr-Original-Original-Commit-Position: refs/heads/master@{#38314}
Cr-Original-Commit-Position: refs/heads/master@{#38403}
Cr-Commit-Position: refs/heads/master@{#38510}
Reason for revert:
Leaks block chromium roll:
https://codereview.chromium.org/2219083003/
Example build:
https://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_asan_rel_ng/builds/205435
You can add the trybot from tryserver.chromium.linux, linux_chromium_asan_rel_ng, on reland.
Original issue's description:
> [Reland][Tracing] Embed V8 runtime call stats into tracing.
>
> Currently we have V8 RuntimeCallStats that is independently from tracing when
> running d8 with flag --runtime_call_stats. This patch embeds V8 runtime call
> stats into tracing, by having a global table of runtime call counters each
> isolate, resetting the table each time we enter a top level trace event, and
> dumping the table for each top level trace event. This will make trace file more
> compat, as well as enable runtime call stats in tracing system.
>
> This patch adds ~5% overhead to V8 when the category is enabled, we measure the
> overhead by running a script when category is enabled.
>
> BUG=v8:5089
>
> Committed: https://crrev.com/d014866173eaa2b548c566217b2c94b1d49385fa
> Committed: https://crrev.com/1ca3b73bba4a7253ca8eeef39321d70e7d414331
> Committed: https://crrev.com/3f936a5b17754783e92d2146eaf66c88a78ee45b
> Cr-Original-Original-Commit-Position: refs/heads/master@{#38270}
> Cr-Original-Commit-Position: refs/heads/master@{#38314}
> Cr-Commit-Position: refs/heads/master@{#38403}
TBR=cbruni@chromium.org,fmeawad@chromium.org,bmeurer@chromium.org,adamk@chromium.org,rmcilroy@chromium.org,lpy@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=v8:5089
NOTRY=true
NOPRESUBMIT=true
Review-Url: https://codereview.chromium.org/2221853002
Cr-Commit-Position: refs/heads/master@{#38412}
Currently we have V8 RuntimeCallStats that is independently from tracing when
running d8 with flag --runtime_call_stats. This patch embeds V8 runtime call
stats into tracing, by having a global table of runtime call counters each
isolate, resetting the table each time we enter a top level trace event, and
dumping the table for each top level trace event. This will make trace file more
compat, as well as enable runtime call stats in tracing system.
This patch adds ~5% overhead to V8 when the category is enabled, we measure the
overhead by running a script when category is enabled.
BUG=v8:5089
Committed: https://crrev.com/d014866173eaa2b548c566217b2c94b1d49385fa
Committed: https://crrev.com/1ca3b73bba4a7253ca8eeef39321d70e7d414331
Review-Url: https://codereview.chromium.org/2187693002
Cr-Original-Original-Commit-Position: refs/heads/master@{#38270}
Cr-Original-Commit-Position: refs/heads/master@{#38314}
Cr-Commit-Position: refs/heads/master@{#38403}
Reason for revert:
Mac64 ASAN failure. https://build.chromium.org/p/client.v8/builders/V8%20Mac64%20ASAN/builds/7810/steps/Check/logs/Threading4
Original issue's description:
> [Reland][Tracing] Embed V8 runtime call stats into tracing.
>
> Currently we have V8 RuntimeCallStats that is independently from tracing when
> running d8 with flag --runtime_call_stats. This patch embeds V8 runtime call
> stats into tracing, by having a global table of runtime call counters each
> isolate, resetting the table each time we enter a top level trace event, and
> dumping the table for each top level trace event. This will make trace file more
> compat, as well as enable runtime call stats in tracing system.
>
> This patch adds ~5% overhead to V8 when the category is enabled, we measure the
> overhead by running a script when category is enabled.
>
> BUG=v8:5089
>
> Committed: https://crrev.com/d014866173eaa2b548c566217b2c94b1d49385fa
> Committed: https://crrev.com/1ca3b73bba4a7253ca8eeef39321d70e7d414331
> Cr-Original-Commit-Position: refs/heads/master@{#38270}
> Cr-Commit-Position: refs/heads/master@{#38314}
TBR=cbruni@chromium.org,fmeawad@chromium.org,machenbach@chromium.org,bmeurer@chromium.org,adamk@chromium.org,rmcilroy@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5089
Review-Url: https://codereview.chromium.org/2200373003
Cr-Commit-Position: refs/heads/master@{#38315}
Currently we have V8 RuntimeCallStats that is independently from tracing when
running d8 with flag --runtime_call_stats. This patch embeds V8 runtime call
stats into tracing, by having a global table of runtime call counters each
isolate, resetting the table each time we enter a top level trace event, and
dumping the table for each top level trace event. This will make trace file more
compat, as well as enable runtime call stats in tracing system.
This patch adds ~5% overhead to V8 when the category is enabled, we measure the
overhead by running a script when category is enabled.
BUG=v8:5089
Committed: https://crrev.com/d014866173eaa2b548c566217b2c94b1d49385fa
Review-Url: https://codereview.chromium.org/2187693002
Cr-Original-Commit-Position: refs/heads/master@{#38270}
Cr-Commit-Position: refs/heads/master@{#38314}
Reason for revert:
Sanitizer failures:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/10989/https://build.chromium.org/p/client.v8/builders/V8%20Mac64%20ASAN/builds/7786/
Original issue's description:
> [Tracing] Embed V8 runtime call stats into tracing.
>
> Currently we have V8 RuntimeCallStats that is independently from tracing when
> running d8 with flag --runtime_call_stats. This patch embeds V8 runtime call
> stats into tracing, by having a global table of runtime call counters each
> isolate, resetting the table each time we enter a top level trace event, and
> dumping the table for each top level trace event. This will make trace file more
> compat, as well as enable runtime call stats in tracing system.
>
> This patch adds ~5% overhead to V8 when the category is enabled, we measure the
> overhead by running a script when category is enabled.
>
> BUG=v8:5089
>
> Committed: https://crrev.com/d014866173eaa2b548c566217b2c94b1d49385fa
> Cr-Commit-Position: refs/heads/master@{#38270}
TBR=cbruni@chromium.org,fmeawad@chromium.org,machenbach@chromium.org,bmeurer@chromium.org,adamk@chromium.org,rmcilroy@chromium.org,lpy@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5089
Review-Url: https://codereview.chromium.org/2203913004
Cr-Commit-Position: refs/heads/master@{#38275}
Currently we have V8 RuntimeCallStats that is independently from tracing when
running d8 with flag --runtime_call_stats. This patch embeds V8 runtime call
stats into tracing, by having a global table of runtime call counters each
isolate, resetting the table each time we enter a top level trace event, and
dumping the table for each top level trace event. This will make trace file more
compat, as well as enable runtime call stats in tracing system.
This patch adds ~5% overhead to V8 when the category is enabled, we measure the
overhead by running a script when category is enabled.
BUG=5089
Review-Url: https://codereview.chromium.org/2187693002
Cr-Commit-Position: refs/heads/master@{#38270}
Now LookupIterator follows the same pattern of prepare transition, apply transition
and write value when adding new properties to dictionary objects.
JSGlobalObject case:
* Prepare transition phase ensures that there is a "transition" property cell
prepared for receiving a value.
* Apply transition phase does nothing.
* Prepare for data property phase ensures that the existing property cell can
receive the value.
* Write value phase writes value directly to the current property cell.
JSObject case:
* Prepare transition phase prepares the object for receiving a data value (which
could switch an object to dictionary mode).
* Apply transition phase migrates object to a transition map. If the map happened
to be a dictionary mode object's map then an uninitialized entry added to the
properties dictionary.
* Prepare for data property phase does nothing.
* Write value phase just puts value to the properties dictionary.
BUG=chromium:576312
Review-Url: https://codereview.chromium.org/2127583002
Cr-Commit-Position: refs/heads/master@{#37585}
Reason for revert:
[Sheriff] Speculative revert for http://crbug.com/620279
Original issue's description:
> Reland: Add a trace-event for each runtime-stats timer (CL 2052523002)
>
> The trace-events will have a high overhead when turned on, but they are in a disabled-by-default category.
>
> As long as the off overhead is negligible, this CL allows us to understand the behavior of V8 rather than its performance at the moment.
>
> The original CL was failing the TSAN builder, the variable in question was intended to be accessed quickly with no guarantee.
> Switched to using an Atomic variable with no barrier read/write.
>
> BUG=v8:5089
>
> patch from issue 2052523002 at patchset 100001 (http://crrev.com/2052523002#ps100001)
>
> Committed: https://crrev.com/fd7080cbefc21f2f890b5db00d4eadf163e2cbbf
> Cr-Commit-Position: refs/heads/master@{#36973}
TBR=cbruni@chromium.org,fmeawad@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5089
Review-Url: https://codereview.chromium.org/2068143002
Cr-Commit-Position: refs/heads/master@{#36997}
The trace-events will have a high overhead when turned on, but they are in a disabled-by-default category.
As long as the off overhead is negligible, this CL allows us to understand the behavior of V8 rather than its performance at the moment.
The original CL was failing the TSAN builder, the variable in question was intended to be accessed quickly with no guarantee.
Switched to using an Atomic variable with no barrier read/write.
BUG=v8:5089
patch from issue 2052523002 at patchset 100001 (http://crrev.com/2052523002#ps100001)
Review-Url: https://codereview.chromium.org/2063853002
Cr-Commit-Position: refs/heads/master@{#36973}
Reason for revert:
Cannot reproduce gc-stress failures locally.
Original issue's description:
> Revert of Replace all remaining Oddball checks with new function (patchset #10 id:180001 of https://codereview.chromium.org/2043183003/ )
>
> Reason for revert:
> failing tests
>
> Original issue's description:
> > Replace all remaining Oddball checks with new function
> >
> > This CL removes the IsUndefined() and Co. methods from Object and HeapObject.
> > The new method all take the isolate as parameter.
> >
> > BUG=
> >
> > Committed: https://crrev.com/ccefb3ae5fe967288d568013fb04e8761eafebc5
> > Cr-Commit-Position: refs/heads/master@{#36921}
>
> TBR=mstarzinger@chromium.org,verwaest@chromium.org,yangguo@chromium.org,ahaas@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=
>
> Committed: https://crrev.com/33b8bc24a12fb062100c0be84456faeb0b9fa5d1
> Cr-Commit-Position: refs/heads/master@{#36923}
TBR=mstarzinger@chromium.org,verwaest@chromium.org,yangguo@chromium.org,ahaas@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2059173002
Cr-Commit-Position: refs/heads/master@{#36957}
Reason for revert:
failing tests
Original issue's description:
> Replace all remaining Oddball checks with new function
>
> This CL removes the IsUndefined() and Co. methods from Object and HeapObject.
> The new method all take the isolate as parameter.
>
> BUG=
>
> Committed: https://crrev.com/ccefb3ae5fe967288d568013fb04e8761eafebc5
> Cr-Commit-Position: refs/heads/master@{#36921}
TBR=mstarzinger@chromium.org,verwaest@chromium.org,yangguo@chromium.org,ahaas@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review-Url: https://codereview.chromium.org/2060213002
Cr-Commit-Position: refs/heads/master@{#36923}
This CL removes the IsUndefined() and Co. methods from Object and HeapObject.
The new method all take the isolate as parameter.
BUG=
Review-Url: https://codereview.chromium.org/2043183003
Cr-Commit-Position: refs/heads/master@{#36921}
Reason for revert:
Seems to break TSAN, see http://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/10057
Original issue's description:
> The trace-events will have a high overhead when turned on, but they are in a disabled-by-default category.
>
> As long as the off overhead is negligible, this CL allows us to understand the behavior of V8 rather than its performance at the moment.
>
> BUG=v8:5089
>
> Committed: https://crrev.com/44ec143f26769bd103662643bfeafc7d0834cc90
> Cr-Commit-Position: refs/heads/master@{#36909}
TBR=cbruni@chromium.org,fmeawad@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5089
Review-Url: https://codereview.chromium.org/2064553002
Cr-Commit-Position: refs/heads/master@{#36910}
As long as the off overhead is negligible, this CL allows us to understand the behavior of V8 rather than its performance at the moment.
BUG=v8:5089
Review-Url: https://codereview.chromium.org/2052523002
Cr-Commit-Position: refs/heads/master@{#36909}
Adding properties to prototypes is faster when we don't force their
maps into fast mode yet. Once a prototype shows up in the IC system,
its setup phase is likely over, and it makes sense to transition it
to fast properties.
This patch speeds up the microbenchmark in the bug by 20x.
Octane-Typescript sees a 3% improvement.
BUG=chromium:607010
Review-Url: https://codereview.chromium.org/2036493006
Cr-Commit-Position: refs/heads/master@{#36828}
Passing in the isolate and pointer compare the instnance against the
corresponding constant is always faster than decoding the instance types.
BUG=
Review-Url: https://codereview.chromium.org/2028983002
Cr-Commit-Position: refs/heads/master@{#36744}
This adds back the instanceof operator support in the backends and
introduces a @@hasInstance protector cell on the isolate that guards the
fast path for the InstanceOfStub. This way we recover the ~10%
regression on Octane EarleyBoyer in Crankshaft and greatly improve
TurboFan and Ignition performance of instanceof.
R=ishell@chromium.orgTBR=hpayer@chromium.org,rossberg@chromium.org
BUG=chromium:597249, v8:4447
LOG=n
Review-Url: https://codereview.chromium.org/1980483003
Cr-Commit-Position: refs/heads/master@{#36275}
Hidden prototypes are merely an implementation detail. Properties on an object + hidden prototype should look like properties on the object. Hence we should always perform a hidden prototype lookup. This CL removes the option to ignore hidden prototypes to avoid bugs that leak this implementation detail.
Also, the only previously valid cases were either places were we knew we didn't have a hidden prototype; or because we knew we (in the optimizing compiler) would only handle properties from the non-hidden object.The first case is already handled by directly tagging whether a receiver has a hidden prototype. In the second case we can just filter out properties from hidden prototypes.
Review-Url: https://codereview.chromium.org/1975763002
Cr-Commit-Position: refs/heads/master@{#36235}
Currently we do not check for @@isConcatSpreadable properly. If the Symbol is
set on the Array.prototype or Object.prototype the current fast paths fail.
This CL adds a fix to globally invalidate a isConcatSpreadable_protector.
Drive-by-fix: use named accessors for context variables
LOG=N
BUG=chromium:542504, v8:903
Review-Url: https://codereview.chromium.org/1409123003
Cr-Commit-Position: refs/heads/master@{#36201}
This is the equivalent of the fast-path in
ApplyTransitionToDataProperty.
BUG=588893, 325923
LOG=n
Review URL: https://codereview.chromium.org/1765633003
Cr-Commit-Position: refs/heads/master@{#34488}
This introduces a new instance type and reorders the JSObject types so any type requiring special LookupIterator support can be identified with a single range check.
In addition, it restructures the Next for better performance, avoiding unnecessary calls.
BUG=
Review URL: https://codereview.chromium.org/1751043002
Cr-Commit-Position: refs/heads/master@{#34429}
This patch makes ArraySpeciesCreate fast in V8 by avoiding two property reads
when the following conditions are met:
- No Array instance has had its __proto__ reset
- No Array instance has had a constructor property defined
- Array.prototype has not had its constructor changed
- Array[Symbol.species] has not been reset
For subclasses of Array, or for conditions where one of these assumptions is
violated, the full lookup of species is done according to the ArraySpeciesCreate
algorithm. Although this is a "performance cliff", it does not come up in the
expected typical use case of @@species (Array subclassing), so it is hoped that
this can form a good start. Array subclasses will incur the slowness of looking
up @@species, but their use won't slow down invocations of, for example,
Array.prototype.slice on Array base class instances.
Possible future optimizations:
- For the fallback case where the assumptions don't hold, optimize the two
property lookups.
- For Array.prototype.slice and Array.prototype.splice, even if the full lookup
of @@species needs to take place, we still could take the rest of the C++
fastpath. However, to do this correctly requires changing the calling convention
from C++ to JS to pass the @@species out, so it is not attempted in this patch.
With this patch, microbenchmarks of Array.prototype.slice do not suffer a
noticeable performance regression, unlike their previous 2.5x penalty.
TBR=hpayer@chromium.org
Review URL: https://codereview.chromium.org/1689733002
Cr-Commit-Position: refs/heads/master@{#34199}
Generally we only care whether the next object is a hidden prototype.
It's simpler to check whether the current object has a hidden prototype
instead of walking to the next prototype and checking its map.
BUG=
Review URL: https://codereview.chromium.org/1675223002
Cr-Commit-Position: refs/heads/master@{#33816}
This was inconsistent in the spec in case of has vs get, set. Removing
receiver==holder simplifies the lookup; so tentatively removing this
additional check which was broken until yesterday anyway. See
https://github.com/tc39/ecma262/issues/347 for more information.
Review URL: https://codereview.chromium.org/1660903002
Cr-Commit-Position: refs/heads/master@{#33701}
This includes 2 fixes:
1) We didn't properly advance the holder when checking whether
Receiver==Holder, so we'd inadvertently block loading the property if
the first property we find is on the typed array.
2) Reflect.get may cause any object on the prototype chain of the holder
to be the receiver; so we need to recheck for this special state for
each object we perform lookup on.
Review URL: https://codereview.chromium.org/1651913005
Cr-Commit-Position: refs/heads/master@{#33689}
