This reverts commit 087e95ba63.
Reason for revert: <INSERT REASONING HERE>
Original change's description:
> [Compiler] Use IdentityMap to store jobs in CompilerDispatcher.
>
> Stores jobs in an IdentityMap keyed by their SharedFunctionInfo to enable
> fast checking of whether a job is enqueued.
>
> BUG=v8:5203
>
> Change-Id: I6c37972093515a27077f79594cad27e32e1a4e7c
> Reviewed-on: https://chromium-review.googlesource.com/444768
> Reviewed-by: Jochen Eisinger <jochen@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#43370}
TBR=rmcilroy@chromium.org,jochen@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5203
Change-Id: I5d1101bdae6939378dad595b26698fe2aaaad35e
Reviewed-on: https://chromium-review.googlesource.com/446357
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43372}
Stores jobs in an IdentityMap keyed by their SharedFunctionInfo to enable
fast checking of whether a job is enqueued.
BUG=v8:5203
Change-Id: I6c37972093515a27077f79594cad27e32e1a4e7c
Reviewed-on: https://chromium-review.googlesource.com/444768
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43370}
This CL allows the String.p.indexOf fast path to handle one-byte
external strings (in addition to one-byte sequential strings).
BUG=
Review-Url: https://codereview.chromium.org/2705193002
Cr-Commit-Position: refs/heads/master@{#43369}
This should improve readability, code generation, and ensure that
we verify such locations are never reached.
BUG=
Review-Url: https://codereview.chromium.org/2705163005
Cr-Commit-Position: refs/heads/master@{#43367}
With this CL the out-of-line code of TrapIf will call a builtin instead
of doing a direct runtime call, which is cheaper. In the best case, the
out-of-line code now consists of a single call instruction. The builtin
will load the trapID and then call the runtime to throw a trap.
R=titzer@chromium.org, clemensh@chromium.org
Change-Id: I8a75ba09f40236a3d5cbdc17c1317baf0a3c915a
Reviewed-on: https://chromium-review.googlesource.com/445937
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43366}
This handles relational comparison operations (no equality yet) having
number feedback during the early type-hint lowering (i.e. during graph
construction).
R=bmeurer@chromium.org
Change-Id: I0ac1539f85de1770c3d518855754550932f6fcd3
Reviewed-on: https://chromium-review.googlesource.com/445716
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43365}
This is in preparation for porting TypedArrayInitialize to CSA.
BUG=v8:5977
Change-Id: I8b4b4bc7a30f3d0dedf85081bb47ec613c7fce52
Reviewed-on: https://chromium-review.googlesource.com/445259
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43364}
In order to use the IdentityMap in the CompilerDispatcher the following
support is added:
- Support for deleting entries
- Support for iterating through the entries.
- Support for AllocationPolicy to enable non-zone allocation of backing
stores.
- Also refactors the code a bit.
BUG=v8:5203
Change-Id: I8b616cba8ae9dc22a7f4d76070fbb318c4edc80d
Reviewed-on: https://chromium-review.googlesource.com/444409
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43362}
v8 allows the embedder to specify a global template to use when
creating a new context. However, v8 does not use the supplied
template directly when creating the global proxy: it creates a
unique template for each global proxy. However, this is problematic
for remote contexts: functions cannot use strict receiver checks
with the remote context, as the global template will never match
the global proxy.
To fix this, remote contexts now also include a remote global
object in the prototype chain that is instantiated with the global
template. This mirrors the way the global proxy is configured for a
full v8 context, and allows strict receiver checks to work.
BUG=527190
Review-Url: https://codereview.chromium.org/2677653002
Cr-Commit-Position: refs/heads/master@{#43361}
This is a speculative fix, but I believe it might work.
Idea is to keep `start_from` as a double while establishing an appropriate
index to begin iteration. This should keep -Infinity intact rather than
converting it to a positive high value, which would break the algorithm.
This is similar to what had been implemented on the fast path before it was
changed to send non-Smis to the slow path.
BUG=v8:5986
R=bmeurer@chromium.org, cbruni@chromium.org, machenbach@chromium.org, adamk@chromium.org
Change-Id: I9965fd2e75a8972f3f1c7a18e51bd580030a66ea
Reviewed-on: https://chromium-review.googlesource.com/445857
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43358}
This is such a mis-use of the API that it's important to fail fast:
this patch was prompted by a bug report from a Node.js developer
trying to use CompileModule() without passing a properly
module-tagged ScriptOrigin.
R=jochen@chromium.org, neis@chromium.org
BUG=v8:1569
Review-Url: https://codereview.chromium.org/2695713014
Cr-Commit-Position: refs/heads/master@{#43354}
Test the wasm interpreter entry stub by creating two wasm functions A
and B, make A pass arguments to B, then redirect B to be executed in the
interpreter.
Test different number and types or arguments.
BUG=v8:5822
R=titzer@chromium.org
Review-Url: https://codereview.chromium.org/2651793003
Cr-Commit-Position: refs/heads/master@{#43353}
In the upcoming concurrent marking protocol the main thread will have to
mark objects before performing unsafe layout change.
This patch is an experiment for evaluating memory the impact of marking
an object on layout change.
BUG=chromium:694255
Review-Url: https://codereview.chromium.org/2706213002
Cr-Commit-Position: refs/heads/master@{#43351}
Native resources allocated by v8, as internal implementation detail,
and held by a Foreign object, must be released when the Isolate is
torn down. Example: wasm::WasmModule allocated by wasm compile, and
held throughout the lifetime of the WebAssembly.Module object.
This change:
- Extends Managed<CppType> with a mechanism for doing just that
- Separates the role of Managed<CppType> to be strictly an owner of
the lifetime of the native resource. For cases where that's not
desirable, we can polymorphically use Foregin.
- moves managed.h out of wasm, since it's not wasm-specific.
BUG=680065
Review-Url: https://codereview.chromium.org/2676513008
Cr-Commit-Position: refs/heads/master@{#43350}
This should make http://crbug.com/694535 quiet.
BUG=chromium:694535
NOTRY=true
TBR=mstarzinger@chromium.org,jarin@chromium.org
Change-Id: I268c810662b274b45842aa22d840330b5c984277
Reviewed-on: https://chromium-review.googlesource.com/445645
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43349}
- Adds new machine types SimdBool4/8/16 for the different boolean vector types.
- Adds a kSimdMaskRegisters flag for each platform. These are all false for now.
- Removes Create, ExtractLane, ReplaceLane, Equal, NotEqual, Swizzle and Shuffle
opcodes from the Boolean types. These are unlikely to be well supported natively,
and can be synthesized using Select.
- Changes the signature of Relational opcodes to return boolean vectors.
- Changes the signature of Select opcodes to take boolean vectors.
- Updates the ARM implementation of Relational and Select opcodes.
LOG=N
BUG=v8:4124
Review-Url: https://codereview.chromium.org/2700813002
Cr-Commit-Position: refs/heads/master@{#43348}
Use an opaque format for the frame type marker on the stack, where the
marker is simply shifted left by 1 instead of being a Smi. This allows
us to generate simpler code for frame initialisation, as we can push a
smaller value, decreasing the prologue by 4 bytes and one instruction.
Drive-by: Use the same format for JsFrameMarker.
Change-Id: I812dde9b37869fe20de4148a665d06cf23ce7372
Reviewed-on: https://chromium-review.googlesource.com/443426
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Daniel Clifford <danno@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43347}
FCG implemented an optimziation which could avoid emitting a memento if the
memento was only needed for transitioning. This optimization is currently
turned off as we always run with pretenuring. Since this optimization will not
be ported to Ignition for now, we just remove the support from FCG.
Disabling allocation site pretenuring will then not make FCG and Iginition
diverge in their behavior.
BUG=chromium:693413
Change-Id: I69aea73426fc69d48e1fe6ed13caaf28f9cfb32f
Reviewed-on: https://chromium-review.googlesource.com/445258
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43345}
This fixes a missing name check for keyed property loads targeting the
global object where the feedback was warmed up with a single name. This
affects {JSLoadProperty} nodes only, syntactic global property loads via
the {JSLoadGlobal} operator are not affected.
R=bmeurer@chromium.org
TEST=mjsunit/regress/regress-crbug-694416
BUG=chromium:694416
Change-Id: I54aa3f27eaa72630539f02602ec7642b04835b27
Reviewed-on: https://chromium-review.googlesource.com/445224
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43344}
Decouples return value handling from DebugScope when handling nested break
statements. Return values are handled in ReturnValueScope. This would correctly
reset the return_values when exiting the break statements.
BUG=v8:688950
Review-Url: https://codereview.chromium.org/2702343003
Cr-Commit-Position: refs/heads/master@{#43343}
During concurrent marking we need special handling of object layout
changes that remove tagged in-object fields or replaces them with
untagged in-object fields.
This patch adds a function for notifying object layout changes and
verification code that is triggered on each map change in runtime.
BUG=chromium:694255
Review-Url: https://codereview.chromium.org/2702303002
Cr-Commit-Position: refs/heads/master@{#43342}
It turns out that the default constructor of allocators used in
standard containers is still needed in MSVS 2015.
This CL defines the constructor only when compiling on windows.
R=bbudge@chromium.org
Review-Url: https://codereview.chromium.org/2708593004
Cr-Commit-Position: refs/heads/master@{#43341}
Use the type of the RHS to compute a more precise output type. In
particular, if the RHS is, say, 1, we now know that the result is a
subtype of Unsigned31.
R=jarin@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2706763003
Cr-Commit-Position: refs/heads/master@{#43340}
Currently, the default name for wasm functions in generated code is 'wasm', tag wasm functions with the index into the function table to identify functions. Snippets of sample output with --print-code below.
Before:
--- Code ---
kind = WASM_FUNCTION
name = wasm
compiler = turbofan
After:
--- Code ---
kind = WASM_FUNCTION
name = wasm#200
compiler = turbofan
R=mtrofin@chromium.org
Review-Url: https://codereview.chromium.org/2690113012
Cr-Original-Commit-Position: refs/heads/master@{#43296}
Committed: 5fc3ac29e4
Review-Url: https://codereview.chromium.org/2690113012
Cr-Commit-Position: refs/heads/master@{#43338}
Two controls, one for instantiation and one for compilation. They allow
the embedder (e.g. Chrome) check properties of the parameters of those
two operations, and decide if they are allowed to continue.
For example, Chrome may now decline compilation of certain size buffers,
in synchronous cases; same for instantiation (where the buffer size
refers to the size of the buffer containing wasm wire bytes)
BUG=v8:5981
Review-Url: https://codereview.chromium.org/2699843003
Cr-Original-Commit-Position: refs/heads/master@{#43295}
Committed: d9bc0ffb16
Review-Url: https://codereview.chromium.org/2699843003
Cr-Commit-Position: refs/heads/master@{#43336}
This patch refactors the Atomics builtins so that they are implemented
as C++ builtins rather than experimental JS builtins. Previously, each
of these functions called out to a runtime function, so no significant
change in performance is anticipated. The goal of this patch is to
remove the last user of experimental JS builtins so that the mechanism
can be removed, for performance reasons. The patch includes a drive-by
fix of a check-fail. For the most part, the patch is just moving code
without modification from runtime-atomics.cc to
builtins-sharedarraybuffer.cc .
BUG=v8:5880
Review-Url: https://codereview.chromium.org/2698813004
Cr-Commit-Position: refs/heads/master@{#43335}
Use TF_BUILTIN() to implement ArrayIncludes(). It's easier on the eyes and
easier to read.
BUG=v8:3575
R=cbruni@chromium.org, ishell@chromium.org
Change-Id: I9cbe395829f0fcc7d01ba28ed7b5a2007c52cae3
Reviewed-on: https://chromium-review.googlesource.com/444830
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43333}
qNaN and sNaN values have different binary representation on MIPS
compared to ARM/x86 architectures. We are skipping these tests because
we can't provide specific NaNs encodings from ARM/x86 architectures.
BUG=
Review-Url: https://codereview.chromium.org/2702213003
Cr-Commit-Position: refs/heads/master@{#43327}
This extends the matching of arithmetic operations against the loop
induction variable to speculative number operations (on top of the
existing JS-level operations). This is needed now that lowering to
speculative operations is done during graph construction.
R=jarin@chromium.org
BUG=chromium:693035
Change-Id: I7c3f71af92b5c059f1d7b3b7f2d3b4a73d7dc43d
Reviewed-on: https://chromium-review.googlesource.com/445196
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43325}
All patching logic is now bundled in one compilation unit.
The CodeSpecialization object is set up by all relocation and patching
that should be applied, and then be run on individual code objects or
the whole instance in one go. We hence only need to iterate all
relocation tables exactly once at instantiation.
Also, we do not patch contexts any more since we do not embed them in
generated code any more.
R=titzer@chromium.org
BUG=v8:5991
Review-Url: https://codereview.chromium.org/2696143006
Cr-Commit-Position: refs/heads/master@{#43324}
Take runtime path if startIndex parameter requires a ToInteger() call,
which can modify the elements kind of the receiver.
This removes a stub call from the builtin, and simplifies code slightly.
BUG=v8:5986
R=bmeurer@chromium.org, cbruni@chromium.org
Change-Id: Id238a81ab8ba28621858004b34d00a4356b8037f
Reviewed-on: https://chromium-review.googlesource.com/445006
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Cr-Commit-Position: refs/heads/master@{#43323}
