This clears the context register by setting it to Smi(0) before calling
the Runtime::kNotifyDeoptimized helper. The deoptimizer must be able to
materialize all heap objects without any context available. The context
itself might be dematerialized.
With this change we make sure that invariant is maintained even without
escape analysis kicking in. We also satisfy the check that the context
register is either Smi(0) or a valid context. It might have been the
special {arguments_marker} in this particular case.
R=bmeurer@chromium.org
BUG=chromium:644245
Review-Url: https://codereview.chromium.org/2320673002
Cr-Commit-Position: refs/heads/master@{#39267}
When lowering Array.prototype.push/.pop to the fast inlined version, we
first need to ensure that all prototypes (including the Object.prototype)
are stable.
R=mvstanton@chromium.org
BUG=chromium:644689
Review-Url: https://codereview.chromium.org/2319533005
Cr-Commit-Position: refs/heads/master@{#39266}
Reason for revert:
Breaks g++ build.
Original issue's description:
> [turbofan] ARM: Implement vswp and use in gap resolver
>
> Use vswp to switch double-precision registers in the gap resolver, with fall
> back temp register-based code if NEON is not available.
>
> BUG=
>
> Committed: https://crrev.com/2837c2e65a2ee5b9fc610f30ce1215f52323ecbd
> Cr-Commit-Position: refs/heads/master@{#39209}
BUG=
Review-Url: https://codereview.chromium.org/2314043002
Cr-Commit-Position: refs/heads/master@{#39264}
The optimization is not correct for unsigned output types, and we the
overall complexity seems too high. We need to find a better way to
take into account the input/output type restrictions.
Also added a regression test for the unsigned output bug.
BUG=v8:5267,v8:5270,v8:5357
TBR=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2320013002
Cr-Commit-Position: refs/heads/master@{#39262}
The trouble here is that the type of the induction variable might be
a bit ahead of the increment (JSAdd) operation's type. When we update
the type of the increment, we might only update the induction variable
type while the JSAdd type might be stale. If the induction variable typing
needs to fall back to normal phi typing (e.g., when the increment is not
an integer anymore), it might use the stale type.
To get around this, we fake monotonicity if we fallback to normal phi
typing. Another option would be to force re-typing of the increment
operation, but that seems to be harder to maintain.
BUG=chromium:644633
Review-Url: https://codereview.chromium.org/2320803002
Cr-Commit-Position: refs/heads/master@{#39261}
This patch fixes a bunch of out-of-date TODOs, un-skips some tests
and refers to appropriate bug numbers and current specification
status where appropriate.
R=adamk
Review-Url: https://codereview.chromium.org/2319203002
Cr-Commit-Position: refs/heads/master@{#39260}
Move it to HARMONY_STAGED bucket
Spec discussion: https://github.com/tc39/ecma402/issues/30
It's in stage 4 and Firefox has already implemented it.
BUG=v8:5244
TEST=intl/date-format/date-format-to-parts.js
TEST=test262/intl402/DateTimeFormat/prototype/formatToParts/*
Review-Url: https://codereview.chromium.org/2317783003
Cr-Commit-Position: refs/heads/master@{#39258}
While fixing the bug, removed code duplication from super load/store
runtime calls, and inlined calls of Object::ReadAbsentProperty (left
over from strong mode).
BUG=v8:5335
Review-Url: https://codereview.chromium.org/2311413002
Cr-Commit-Position: refs/heads/master@{#39257}
This adds support for dematerialized context values as part of an
interpreted frame (similar to an FCG frame). Both frame translations
should be kept in sync as much as possible.
R=rmcilroy@chromium.org
BUG=chromium:644728
Review-Url: https://codereview.chromium.org/2313343002
Cr-Commit-Position: refs/heads/master@{#39256}
Chromium doesn't support lsan with mac's current toolchain.
BUG=chromium:644643
NOTRY=true
Review-Url: https://codereview.chromium.org/2322493002
Cr-Commit-Position: refs/heads/master@{#39255}
This yields a ~5% serialization time improvement on typical JSON-esque data.
The approach taken matches json-stringifier fairly closely.
BUG=chromium:148757
Review-Url: https://codereview.chromium.org/2311063004
Cr-Commit-Position: refs/heads/master@{#39254}
On PPC the testcase CodeSerializerLargeCodeObject fails as
the object gets allocated in the code_space section of
the heap. This is because the code_space gets expanded
successfully to 1 page size (4MB on PPC) and can accommodate
the object (size=3784608 bytes). Increasing size of the compiled
source to (5096192 bytes) so that code_space is not expanded and
the space is allocated in the Large Object space of the heap.
Testcase was added as part of https://codereview.chromium.org/2226233002R=mstarzinger@chromium.org, bmeurer@chromium.org
BUG=
LOG=N
Review-Url: https://codereview.chromium.org/2314843003
Cr-Commit-Position: refs/heads/master@{#39252}
Move StringToNumber builtin implementation to helper function in
CodeStubAssembler.
BUG=
Review-Url: https://codereview.chromium.org/2293943002
Cr-Commit-Position: refs/heads/master@{#39249}
This is analogous to the variable liveness analysis we do in the AstGraphBuilder, but on the bytecode registers.
BUG=
Review-Url: https://codereview.chromium.org/2307863002
Cr-Commit-Position: refs/heads/master@{#39248}
We were previously incorrectly changing:
sub r0, 0, r1
cmp r2, r0
b.cond <addr>
to:
cmn r2, r1
b.cond <addr>
for all conditions. This is incorrect for conditions involving the C (carry)
and V (overflow) flags, and in particular in the case where r1 = INT_MIN.
The optimization is still safe to perform for Equal and NotEqual since they
do not depend on the C and V flags.
BUG=
Review-Url: https://codereview.chromium.org/2318043002
Cr-Commit-Position: refs/heads/master@{#39246}
This implements the CompilationInfo::context explicitly instead of
delegating to the underlying ParseInfo. This is in preparation for
ParseInfo not having to store the context at all soon.
R=jochen@chromium.org
Review-Url: https://codereview.chromium.org/2316083002
Cr-Commit-Position: refs/heads/master@{#39244}
This will allow getting the entire scope chain from a SharedFunctionInfo
which in turn will allow for generating bytecode when we just have the
SFI
R=verwaest@chromium.org,marja@chromium.org
BUG=v8:5215
Review-Url: https://codereview.chromium.org/2271993002
Cr-Commit-Position: refs/heads/master@{#39243}
Migrate the isNaN, isFinite, Number.isFinite, Number.isInteger,
Number.isSafeInteger and Number.isNaN predicates to TurboFan
builtins and make them optimizable (for certain input types) in
JavaScript callees being optimized by TurboFan. That means both
the baseline and the optimized version is now always at maximum,
consistent performance. Especially TurboFan suffered from poor
baseline (and optimized) performance because it cannot play the
same weird tricks that Crankshaft plays for %_IsSmi.
This also adds a bunch of new tests to properly cover the use
of the Harmony predicates in optimized code.
R=franzih@chromium.org
BUG=v8:5049,v8:5267
Review-Url: https://codereview.chromium.org/2313073002
Cr-Commit-Position: refs/heads/master@{#39242}
Now callers of Heap::CollectGarbage* functions need to
specify the reason as an enum value instead of a string.
Subsequent CL will add stats counter for GC reason.
BUG=
Review-Url: https://codereview.chromium.org/2310143002
Cr-Commit-Position: refs/heads/master@{#39239}
The assumption that held when this DCHECK was introduced are no longer valid. Furthermore, the code below it seems to merge two non-overlapping intervals anyway.
Review-Url: https://codereview.chromium.org/2316033002
Cr-Commit-Position: refs/heads/master@{#39238}
In ignition, allocation site mementos were disabled when creating array
literals. Enabled them in this cl.
BUG=v8:4280
LOG=N
Review-Url: https://codereview.chromium.org/2294913006
Cr-Commit-Position: refs/heads/master@{#39234}
This moves scope-related logic (such as looking up variables) to Scope
where it belongs, and enables PreParser to do more Scope-related
operations in the future.
BUG=
Review-Url: https://codereview.chromium.org/2301183003
Cr-Commit-Position: refs/heads/master@{#39233}
When we parse the top-level lazily, we don't get to see eval calls in
inner scopes anyway. By never recording them, we make sure that the
script scope ends up looking the same, no matter how we parsed it.
BUG=v8:5215
R=marja@chromium.org,adamk@chromium.org
Review-Url: https://codereview.chromium.org/2312903003
Cr-Commit-Position: refs/heads/master@{#39232}
Reason for revert:
Re-enable to get new data after recent changes.
Original issue's description:
> Remove --ignition-staging to --ignition-osr implication.
>
> Ignition OSR to turbofan seems to cause instruction selector crashes
> (where instructions selector gets simplified operators, probably
> because we break the effect chain somehow).
>
> BUG=chromium:641893
>
> Committed: https://crrev.com/26df3e230ebd8c7d1cd95ea54155959eee7cb830
> Cr-Commit-Position: refs/heads/master@{#39045}
TBR=bmeurer@chromium.org,jarin@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=chromium:641893
Review-Url: https://codereview.chromium.org/2318943002
Cr-Commit-Position: refs/heads/master@{#39231}
Lexically declared "arguments" in sloppy mode will throw redeclaration error
currently, this patch fixes it by delaying the declaration of arguments until we
fully parse parameter list and function body.
BUG=v8:4577
LOG=N
Committed: https://crrev.com/70a613dd0a5f5d205b46559b55702764464851fa
Review-Url: https://codereview.chromium.org/2290753003
Cr-Original-Commit-Position: refs/heads/master@{#39109}
Cr-Commit-Position: refs/heads/master@{#39230}
This is a complement to
https://codereview.chromium.org/2281523002.
The patch above reversed the order of nodes with same
latency, which caused bench_copy.js 4% regression and
bench_skinning.js 5% regression on Atom when enabling
'--turbo-instruction-scheduling' flag according to our
observation.
We submit this patch to sort the nodes with same latency
in original order. It aligns with instruction scheduling
logic before the patch above and fixes these regression.
BUG=
Review-Url: https://codereview.chromium.org/2284373002
Cr-Commit-Position: refs/heads/master@{#39228}
- inspector becomes a dependency of v8_base;
- generated public protocol files are placed to gen/v8/include/inspector/<Domain.h>;
- added v8_enable_inspector_override to be used in embedders (gn only);
- combined public headers into v8-inspector.h and v8-inspector-protocol.h.
BUG=chromium:635948
Review-Url: https://codereview.chromium.org/2292053003
Cr-Commit-Position: refs/heads/master@{#39226}
Spec discussion: https://github.com/tc39/ecma402/issues/30
It's in stage 4 and Firefox has already implemented it.
For now, it's added to HARMONY_IN_PROGRESS bucket behind
'--datetime-format-to-parts' flag.
BUG=v8:5244
TEST=intl/date-format/date-format-to-parts.js
TEST=test262/intl402/DateTimeFormat/prototype/formatToParts/*
Review-Url: https://codereview.chromium.org/2273953003
Cr-Commit-Position: refs/heads/master@{#39225}
Similarly to the word32->float64 case, we interpret word32 as uint32 if
the value is word32 truncated. This is fine because the users declared
they only care about mod 2^32 of the value (that's what word32
truncation means).
This CL also removes the ad-hoc handling of this situation
(https://codereview.chromium.org/2311903002).
BUG=chromium:644048
Review-Url: https://codereview.chromium.org/2312003005
Cr-Commit-Position: refs/heads/master@{#39224}
Move the code to perform function name inference for properties into
parsing the properties themselves, instead of the containing object.
This allows us to avoid unnecessary calls when parsing shorthand
properties and methods and simplifies the logic in the remaining cases.
Also fixes an edge case bug: inferring the name of the getter in
`class { static get constructor(){} }`.
Review-Url: https://codereview.chromium.org/2313723005
Cr-Commit-Position: refs/heads/master@{#39222}
This yields a ~20% serialization time improvement on typical JSON-esque data.
BUG=chromium:148757
Review-Url: https://codereview.chromium.org/2304563004
Cr-Commit-Position: refs/heads/master@{#39221}
This introduces ClassLiteralProperty and a supertype LiteralProperty of
it and ObjectLiteralProperty. It also splits the parsing of the two.
This substiantially clarifies some logic, especially as classes
continue to evolve, and is also about a 2% performance improvement to
parsing either kind of property (since no work is wasted on logic
only necessary for the other kind). Also, it saves a word on
ObjectLiteralProperties.
Review-Url: https://codereview.chromium.org/2302643002
Cr-Commit-Position: refs/heads/master@{#39219}