This increases the size of register operands to be 16-bit.
Not all bytecodes have wide register variants, so when they are
needed a register translator will copy them into a small area
reserved at the top of the 8-bit register range and these registers
are supplied as arguments to the bytecode with 8-bit operands.
This is non-intrusive for typical bytecode where the number of
registers is less than 120. For bytecodes with wide register
operands (above the window) their index needs to be translated
to avoid the reserved translation window.
Enables splay.js to run in Octane and a handful of mjsunit tests.
BUG=v8:4280,v8:4675
LOG=NO
Review URL: https://codereview.chromium.org/1613163002
Cr-Commit-Position: refs/heads/master@{#33516}
- Remove semispace target capacity: It's unused and adds some unneeded
complexity
- Enforcing decl order for SemiSpace
- Move forward declarations in spaces.h to top
- Add all members to default constructor
BUG=chromium:581076
LOG=N
Review URL: https://codereview.chromium.org/1631713002
Cr-Commit-Position: refs/heads/master@{#33515}
This fixes the translation of 'throw' bytecodes to TurboFan graphs. The
correct runtime function is being used now, also the frame states are
attached to the correct nodes now.
R=mythria@chromium.org
TEST=cctest/test-run-jsexceptions/ThrowMessageIndirectly
BUG=v8:4674
LOG=n
Review URL: https://codereview.chromium.org/1636033002
Cr-Commit-Position: refs/heads/master@{#33513}
Rename IntepreterExceptionEntryHandler builtin to InterpreterEnterBytecodeDispatch
and use it as the return address when building interpreter frames during deopt.
This ensures that we restart execution of the outer frame at the correct
bytecode.
BUG=v8:4280,v8:4678
LOG=N
Review URL: https://codereview.chromium.org/1633633002
Cr-Commit-Position: refs/heads/master@{#33512}
Adds support for calling native function literals. Moves the logic for building
the native function's SharedFunctionInfo out of full-codegen into compiler.cc
to allow it to be shared between fullcodegen and Ignition.
BUG=v8:4686
LOG=N
Review URL: https://codereview.chromium.org/1635553002
Cr-Commit-Position: refs/heads/master@{#33510}
This CL implements PrepareForTailCall() mentioned in ES6 spec for full codegen, Crankshaft and Turbofan.
When debugger is active tail calls are disabled.
Tail calling can be enabled by --harmony-tailcalls flag.
BUG=v8:4698
LOG=Y
TBR=rossberg@chromium.org
Review URL: https://codereview.chromium.org/1609893003
Cr-Commit-Position: refs/heads/master@{#33509}
This simplifies the lookup mechanism used for range-based exception
handler tables. Those tables are well nested and we can assume that
results get increasingly narrow the later they appear in the table.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1639743002
Cr-Commit-Position: refs/heads/master@{#33507}
Debugging helper. Centralized the logic for printing blocks from
InstructionSequence.
A clean(-er) design would be to define an operator<< on a
PrintableInstructionBlock. However, we've discussed moving off those
operators, so it seemed unnecessary to complicate the change.
BUG=
Review URL: https://codereview.chromium.org/1632803003
Cr-Commit-Position: refs/heads/master@{#33505}
SpiderMonkey switched to 2, test262 tests for 2, and 2 is a reasonable, natural
value.
R=yangguo
Review URL: https://codereview.chromium.org/1616233002
Cr-Commit-Position: refs/heads/master@{#33504}
This patch makes Array.prototype.concat support subclassing Arrays
and constructing instances properly with Symbol.species. It is
guarded by the --harmony-species flag.
R=cbruni
LOG=Y
BUG=v8:4093
Review URL: https://codereview.chromium.org/1577043002
Cr-Commit-Position: refs/heads/master@{#33503}
This patch is a workaround to the performance regression caused by
implementing the ES2015 TypedArray prototype chain: Include a
per-TypedArray-subclass length getter so that the superclass getter does
not become polymorphic. The patch appears to fix a regression in the
Gameboy Octane benchmark.
BUG=chromium:579905
R=adamk
LOG=Y
Review URL: https://codereview.chromium.org/1624383003
Cr-Commit-Position: refs/heads/master@{#33501}
* Add caching to handling of dangling loads
* Add two unittests for load elimination on escaped objects
BUG=v8:4586
LOG=n
Review URL: https://codereview.chromium.org/1619103004
Cr-Commit-Position: refs/heads/master@{#33498}
This fixes corner cases where the start offsets of exception handler
regions within the handler table fall together. This assumption was
based on full-codegen code and no longer holds with the interpreter.
The tables however are still well nested and code has been added to
verify that in debug mode.
R=rmcilroy@chromium.org
BUG=v8:4674
LOG=n
Review URL: https://codereview.chromium.org/1633573002
Cr-Commit-Position: refs/heads/master@{#33495}
The current support for try-catch in the interpreter can handle most of
the cases appearing in our test suite. Also the flag in question did not
detect try-finally constructs. This removes the flag and instead extends
the test expectations.
R=rmcilroy@chromium.org
BUG=v8:4674
LOG=n
Review URL: https://codereview.chromium.org/1631593003
Cr-Commit-Position: refs/heads/master@{#33494}
If it's Smi::FromInt(0), the NULL check would trigger. Instead, use the
handle-zap value to mean "not set".
BUG=v8:3647,chromium:580651
R=vogelheim@chromium.org
LOG=y
Review URL: https://codereview.chromium.org/1628173002
Cr-Commit-Position: refs/heads/master@{#33492}
This CL reduces the memory overhead of escape analysis
by introducing a "copy on demand" strategy for virtual states
and virtual objects.
BUG=v8:4586
LOG=n
Review URL: https://codereview.chromium.org/1606613002
Cr-Commit-Position: refs/heads/master@{#33491}
- Completely rely on the concurrent sweeping state for SweepingCompleted()
- Rename the state accordingly.
CQ_EXTRA_TRYBOTS=tryserver.v8:v8_linux_arm64_gc_stress_dbg,v8_linux_gc_stress_dbg,v8_mac_gc_stress_dbg,v8_linux64_asan_rel,v8_linux64_tsan_rel,v8_mac64_asan_rel
R=hpayer@chromium.org
Review URL: https://codereview.chromium.org/1614953002
Cr-Commit-Position: refs/heads/master@{#33490}
Cleanup %ForInPrepare runtime entry, and unify common logic with
%ForInEnumerate (renamed from %GetPropertyNamesFast). Also introduce
a TupleType to properly type JSForInPrepare and its projections w/o
special hacks in the Typer. And fix %ForInNext and JSForInNext to be
consistent with fullcodegen again (after the proxy refactorings last
quarter).
R=jarin@chromium.org
BUG=v8:3650
LOG=n
Review URL: https://codereview.chromium.org/1631583002
Cr-Commit-Position: refs/heads/master@{#33487}
This CL implements loop assignment analysis, a pass over a loop's body
to record local variables that are assigned. This pre-pass is similar
to that done on the JavaScript AST for the same reason: avoid introducing
too many phis at loop headers when building a graph.
R=bradnelson@chromium.org,ahaas@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1617723003
Cr-Commit-Position: refs/heads/master@{#33486}
A recent ES2015 semantics web compatibility fix changed a WebKit
test from a syntax error to a known failure without a syntax
error. This confused the fuzzer infrastructure. This patch updates
the test expectations to the expected output, based on what the
new semantics provide.
R=machenbach,adamk
BUG=v8:4693
LOG=N
Review URL: https://codereview.chromium.org/1628013003
Cr-Commit-Position: refs/heads/master@{#33484}
port a0878333de4dd090f9d8987e1698a9eef9cc7219(r33460)
original commit message:
We already had hand-written optimized code for %_ToName in fullcodegen,
but the optimizing compilers always went to the runtime for %_ToName,
which is pretty bad for many of our builtins. So this CL moves the
existing native code to a ToNameStub (similar to the existing
ToStringStub), and uses the ToNameStub consistently in all compilers to
actually implement %_ToName.
BUG=
Review URL: https://codereview.chromium.org/1622793006
Cr-Commit-Position: refs/heads/master@{#33483}
port ca51c204e1ab1519e2c623a74fad117577c37732(r33463)
original commit message:
This fixes the broken return address when the exception handler within
interpreted bytecode is being entered via stack unwinding. The address
in question will never actually be taken, but our stack walker uses this
address to determine whether a frame is interpreted.
BUG=
Review URL: https://codereview.chromium.org/1632453002
Cr-Commit-Position: refs/heads/master@{#33482}
moves, we move those to the node, and remove them from the
predecessors ("merge" them to the common node).
If only some of the moves are common, we don't do anything. This is
what this change addresses.
The bug linked below should be addressed by this change. The only
difference in codegen before/after the change that introduced the bug
was un-merged moves.
BUG=chromium:549262
LOG=N
Review URL: https://codereview.chromium.org/1527203002
Cr-Commit-Position: refs/heads/master@{#33481}
Now TurboFan always uses the newly introduced %ForInPrepare, no matter
whether baseline is the interpreter or fullcodegen. For fullcodegen, we
introduce a new PrepareId bailout point for this purpose.
Drive-by-fix: Avoid the NoObservableSideEffectsScope in Crankshaft and
use the PrepareId bailout point instead.
R=jarin@chromium.org
BUG=v8:3650
LOG=n
Review URL: https://codereview.chromium.org/1630523002
Cr-Commit-Position: refs/heads/master@{#33480}
Rolling v8/buildtools to 222bd42ce39d1bd8f08fe089b066f49c469e1cdf
Rolling v8/tools/clang to 3ed46b50b0b4e8c829ea6492bbe357b2b7b8e64a
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review URL: https://codereview.chromium.org/1623773002
Cr-Commit-Position: refs/heads/master@{#33479}
The web appears to depend on being able to redeclare functions-in-blocks
in sloppy mode (examples seen so far tend to redeclare identical functions,
most likely accidentally).
This patch opens a minimal hole: two same-named function declarations
in the same scope are allowed, only in sloppy mode.
BUG=v8:4693, chromium:579395
LOG=y
Review URL: https://codereview.chromium.org/1622723003
Cr-Commit-Position: refs/heads/master@{#33478}
Change the interpreter to always store the current context in the frame's
context slot instead of the function context. This makes it possible to
restore the correct context during deopt.
BUG=v8:4678,v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1604923002
Cr-Commit-Position: refs/heads/master@{#33477}
Port a0878333de
Original commit message:
We already had hand-written optimized code for %_ToName in fullcodegen,
but the optimizing compilers always went to the runtime for %_ToName,
which is pretty bad for many of our builtins. So this CL moves the
existing native code to a ToNameStub (similar to the existing
ToStringStub), and uses the ToNameStub consistently in all compilers to
actually implement %_ToName.
R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1620313004
Cr-Commit-Position: refs/heads/master@{#33476}
This change allows the PPC simulator to execute on PPC hardware where,
due to calling conventions, we must distinguish between Object* and
ObjectPair return values.
We find this useful as another available option for debugging certain
problems. While not strictly necessary for Intel platforms, we hope
that this is less offensive now that BUILTIN_CALL_TRIPLE has been
added.
BUG=
R=rmcilroy@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
Review URL: https://codereview.chromium.org/1604653006
Cr-Commit-Position: refs/heads/master@{#33475}
These tests have been disabled while support for try-finally was work in
progress. By now control flow is connected properly and the tests pass.
R=oth@chromium.org
BUG=v8:4674
LOG=n
Review URL: https://codereview.chromium.org/1626503002
Cr-Commit-Position: refs/heads/master@{#33474}
This adds an explicit ReThrow bytecode to be used in the modelling of
try-finally statements. An exception that is being re-thrown should not
trigger message object creation or location computation and hence cannot
use the existing Throw bytecode.
R=rmcilroy@chromium.org
TEST=cctest/test-interpreter/InterpreterTryFinally
BUG=v8:4674
LOG=n
Review URL: https://codereview.chromium.org/1621673002
Cr-Commit-Position: refs/heads/master@{#33472}
Port ca51c204e1
Original commit message:
This fixes the broken return address when the exception handler within
interpreted bytecode is being entered via stack unwinding. The address
in question will never actually be taken, but our stack walker uses this
address to determine whether a frame is interpreted.
R=mstarzinger@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
TEST=cctest/test-interpreter/InterpreterTryCatch
BUG=v8:4674
LOG=n
Review URL: https://codereview.chromium.org/1615093004
Cr-Commit-Position: refs/heads/master@{#33471}
In case the receiver map has an enum cache, %ForInPrepare returns the
length of the actual enum cache, which might include properties that
are further down the transition tree tho.
R=jarin@chromium.org
BUG=v8:3650
LOG=n
Review URL: https://codereview.chromium.org/1619353002
Cr-Commit-Position: refs/heads/master@{#33469}
Is it frozen water? Is it a train? No, but it's both (relatively) fast and
(relatively) cool, it's ICE, the IC-Explorer. Upload an IC trace and you can
easily* drill-down on where most IC changes happen. It even comes with a colored
title and runs in your favourite browser without dependencies (yeah, I'm looking
at you JQuery!)
*according to a user study with a random 1-person group.
R=mvstanton@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1618213003
Cr-Commit-Position: refs/heads/master@{#33467}
