When we specialize to the native context, we can replace loads of the
NATIVE_CONTEXT_INDEX in any known context with the appropriate native
context for that context. This allows us to constant-fold and further
optimize things like %reflect_construct, which are inserted by the
parser.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1697513003
Cr-Commit-Position: refs/heads/master@{#33965}
Older versions of Emscripten appear to emit Asm.js containing:
HEAP8[x] with x in int
As opposed to the spec legal construct:
HEAP8[x>>0] with x in int
As older programs and even benchmarks such as Embenchen
include these constructs, support them for compatibility.
BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-asm-validator,mjsunit/asm-wasm
R=aseemgarg@chromium.org,titzer@chromium.org
LOG=N
Review URL: https://codereview.chromium.org/1692713006
Cr-Commit-Position: refs/heads/master@{#33964}
Port 09d8453547
Original commit message:
The FastNewStrictArgumentsStub is very similar to the recently added
FastNewRestParameterStub, it's actually almost a copy of it, except that
it doesn't have the fast case we have for the empty rest parameter. This
patch improves strict arguments in TurboFan and fullcodegen by up to 10x
compared to the previous version.
Also introduce proper JSSloppyArgumentsObject and JSStrictArgumentsObject
for the in-object properties instead of having them as constants in the
Heap class.
Drive-by-fix: Use this stub and the FastNewRestParameterStub in the
interpreter to avoid the runtime call overhead for strict arguments
and rest parameter creation.
R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1696743002
Cr-Commit-Position: refs/heads/master@{#33963}
This is hopefully the last in a series of cleanup patches around
destructuring assignment. It simplifies the ParseAssignmentExpression
API, making the callers call CheckDestructuringElement() where appropriate.
CheckDestructuringElement has been further simplified to only emit the
errors that the parser depends on it emitting.
I've also beefed up the test coverage in test-parsing.cc to
handling all the destructuring flags being on, which caught an oddity
in how we disallow initializers in spreads in patterns (we need to treat
RewritableAssignmentExpressions as Assignments for the purpose of
error checking).
Finally, I added a few helper methods to ParserBase to handle a few
classes of expressions (assignments and literals-as-patterns).
Review URL: https://codereview.chromium.org/1696603002
Cr-Commit-Position: refs/heads/master@{#33961}
This change expands allocation sampling to include old, map, code, and large object spaces. This involved refactoring much of the observation logic out of NewSpace into Space and overriding as needed in sub-classes.
Additionally, the sampling heap profiler now maintains a pair of heap observers. One observer is used for observing new space and resetting the inline allocation limit to be periodically notified of allocations. The other observes allocation across the other spaces where there is no additional work required to observe allocations.
Tests have been updated to ensure that allocations are observed correctly for Paged and LargeObject spaces.
R=ofrobots@google.com, hpayer@chromium.org, ulan@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1625753002
Cr-Commit-Position: refs/heads/master@{#33959}
Recent flake happened bacause all the samples landed into native code.
The patch makes sure we collect enough JS samples.
BUG=v8:4751
LOG=N
Review URL: https://codereview.chromium.org/1695663002
Cr-Commit-Position: refs/heads/master@{#33953}
Adds JumpIfNotHoleConstant and JumpIfNotHoleConstantWide bytecodes
and removes JumpIfHole bytecode.
In situations with large numbers of constants, the generator would
fail because an 8-bit constant could not be reserved for
JumpIfHole/JumpIfNotHole and so a 16-bit constant would be reserved.
Then when patching the bytecode the patcher would discover there was
no wide constant variant of the emitted jump.
BUG=v8:4280,v8:4680
LOG=N
Review URL: https://codereview.chromium.org/1697473002
Cr-Commit-Position: refs/heads/master@{#33952}
Authorize people with try-job access to do dry runs.
Change to faster blink trybot in 20% experiment.
NOTRY=true
NOPRESUBMIT=true
Review URL: https://codereview.chromium.org/1692943002
Cr-Commit-Position: refs/heads/master@{#33950}
This avoids having to read the context and call through from the inlined
path in the JSReceiver case.
BUG=
Review URL: https://codereview.chromium.org/1698463002
Cr-Commit-Position: refs/heads/master@{#33949}
There are only two uses of %_ObjectEquals left, which should actually
use strict equality instead, so there's no need to keep this special
logic at all.
R=mvstanton@chromium.org
Review URL: https://codereview.chromium.org/1692193002
Cr-Commit-Position: refs/heads/master@{#33948}
This returns a proper test result (failure) when files are
missing for setting up the command.
Review URL: https://codereview.chromium.org/1696713002
Cr-Commit-Position: refs/heads/master@{#33946}
This removes support for the %Arguments and %ArgumentsLength runtime
entries and their intrinsic counterparts. If you need variable arguments
in any builtin, either use (strict) arguments object or rest parameters,
which are both compositional across inlining (in TurboFan), and not that
much slower compared to the %_Arguments hackery.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1688163004
Cr-Commit-Position: refs/heads/master@{#33943}
The tests in question have been disabled because throwing into lazy
deoptimized code was borked. After recent fixes landed these tests
should now pass again.
R=jarin@chromium.org
TEST=cctest/test-run-deopt/DeoptExceptionHandler
BUG=v8:4195
LOG=n
Review URL: https://codereview.chromium.org/1692873002
Cr-Commit-Position: refs/heads/master@{#33937}
The idea here is to perform the handler lookup in the deoptimizer, and then take the information from the handler table to build the catch handler frame in the deoptimizer. Specifically, we use the pc offset, context location and stack height (in full-code) to tweak the output frame.
Sadly, this still requires nasty voodoo for the liveness analyzer so that it keeps variables alive if they are used in the catch handler.
Review URL: https://codereview.chromium.org/1416543006
Cr-Commit-Position: refs/heads/master@{#33936}
There's only one last user of %_Arguments and %_ArgumentsLength left,
the rest was updated to either strict mode arguments object or to not
use arguments at all.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1692003003
Cr-Commit-Position: refs/heads/master@{#33935}
This was causing code like:
REX.W cmpq r9,r8
setzl r8l
movzxbl r8,r8
REX.W cmpq r8,0x0
jz 185
(note the cmpq instead of cmpl above) on x64 instead of:
REX.W cmpq r9,r8
jnz 149
http://crrev.com/1677503002 is now obsolete and has been reverted.
Review URL: https://codereview.chromium.org/1685183003
Cr-Commit-Position: refs/heads/master@{#33934}
Reason for revert:
No fix needed, original CL was perfectly fine!
Original issue's description:
> Revert of [interpreter] Correctly thread through catch prediction. (patchset #1 id:1 of https://codereview.chromium.org/1690973002/ )
>
> Reason for revert:
> Depends on the reverted https://codereview.chromium.org/1691723002
>
> Original issue's description:
> > [interpreter] Correctly thread through catch prediction.
> >
> > This change correctly sets the {CatchPrediction} field in exception
> > handler tables for bytecode and optimized code. It also adds tests
> > independent of promise handling for this prediction, to ensure all our
> > backends are in sync on their prediction.
> >
> > R=rmcilroy@chromium.org,yangguo@chromium.org
> > TEST=mjsunit/compiler/debug-catch-prediction
> > BUG=v8:4674
> > LOG=n
> >
> > Committed: https://crrev.com/ba55f5594cb0b4a1a1e9b35d87fe54afe2d93f3b
> > Cr-Commit-Position: refs/heads/master@{#33906}
>
> TBR=rmcilroy@chromium.org,yangguo@chromium.org,mstarzinger@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:4674
>
> Committed: https://crrev.com/c5229b311968fd638a6cd537c341b1055eb7be97
> Cr-Commit-Position: refs/heads/master@{#33922}
TBR=rmcilroy@chromium.org,yangguo@chromium.org,adamk@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4674
Review URL: https://codereview.chromium.org/1689113004
Cr-Commit-Position: refs/heads/master@{#33933}
Remove some Ignition skips in mjsunit and cctest, and replace a few
others with fails now that the there is more debugger support.
BUG=v8:4680
LOG=N
Review URL: https://codereview.chromium.org/1689993002
Cr-Commit-Position: refs/heads/master@{#33932}
Reason for revert:
No fix needed, original CL was perfectly fine!
Original issue's description:
> Revert of [interpreter] Make d8's TryCatch block be verbose. (patchset #3 id:40001 of https://codereview.chromium.org/1691723002/ )
>
> Reason for revert:
> [Sheriff] Speculative revert. Breaks
> https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/3944
>
> Somehow 3a2fbc3a4e seems to hide it again and then 699e1081a6 lets it show up again.
>
> Reproduced locally.
>
> Original issue's description:
> > [interpreter] Make d8's TryCatch block be verbose.
> >
> > This changes "d8" to no longer report exceptions as being "caught" when
> > it comes to the catch prediction mechanism in our debugger. This treats
> > scripts as being truly top-level when it comes to exception handling and
> > will allow us to properly test the catch prediction mechanism using just
> > mjsunit tests alone.
> >
> > R=yangguo@chromium.org
> > BUG=v8:4674
> > LOG=n
> >
> > Committed: https://crrev.com/fb1de271a6bc2c89a1682db8c151cf5fcda86c45
> > Cr-Commit-Position: refs/heads/master@{#33898}
>
> TBR=yangguo@chromium.org,mstarzinger@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:4674
>
> Committed: https://crrev.com/f9eef1f33d2e5cde8cb948424e7ebf509090aa59
> Cr-Commit-Position: refs/heads/master@{#33921}
TBR=yangguo@chromium.org,machenbach@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4674
Review URL: https://codereview.chromium.org/1692133002
Cr-Commit-Position: refs/heads/master@{#33931}
The FastNewStrictArgumentsStub is very similar to the recently added
FastNewRestParameterStub, it's actually almost a copy of it, except that
it doesn't have the fast case we have for the empty rest parameter. This
patch improves strict arguments in TurboFan and fullcodegen by up to 10x
compared to the previous version.
Also introduce proper JSSloppyArgumentsObject and JSStrictArgumentsObject
for the in-object properties instead of having them as constants in the
Heap class.
Drive-by-fix: Use this stub and the FastNewRestParameterStub in the
interpreter to avoid the runtime call overhead for strict arguments
and rest parameter creation.
R=jarin@chromium.orgTBR=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/1693513002
Cr-Commit-Position: refs/heads/master@{#33925}
Reason for revert:
Depends on the reverted https://codereview.chromium.org/1691723002
Original issue's description:
> [interpreter] Correctly thread through catch prediction.
>
> This change correctly sets the {CatchPrediction} field in exception
> handler tables for bytecode and optimized code. It also adds tests
> independent of promise handling for this prediction, to ensure all our
> backends are in sync on their prediction.
>
> R=rmcilroy@chromium.org,yangguo@chromium.org
> TEST=mjsunit/compiler/debug-catch-prediction
> BUG=v8:4674
> LOG=n
>
> Committed: https://crrev.com/ba55f5594cb0b4a1a1e9b35d87fe54afe2d93f3b
> Cr-Commit-Position: refs/heads/master@{#33906}
TBR=rmcilroy@chromium.org,yangguo@chromium.org,mstarzinger@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4674
Review URL: https://codereview.chromium.org/1695613002
Cr-Commit-Position: refs/heads/master@{#33922}
Reason for revert:
[Sheriff] Speculative revert. Breaks
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/3944
Somehow 3a2fbc3a4e seems to hide it again and then 699e1081a6 lets it show up again.
Reproduced locally.
Original issue's description:
> [interpreter] Make d8's TryCatch block be verbose.
>
> This changes "d8" to no longer report exceptions as being "caught" when
> it comes to the catch prediction mechanism in our debugger. This treats
> scripts as being truly top-level when it comes to exception handling and
> will allow us to properly test the catch prediction mechanism using just
> mjsunit tests alone.
>
> R=yangguo@chromium.org
> BUG=v8:4674
> LOG=n
>
> Committed: https://crrev.com/fb1de271a6bc2c89a1682db8c151cf5fcda86c45
> Cr-Commit-Position: refs/heads/master@{#33898}
TBR=yangguo@chromium.org,mstarzinger@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4674
Review URL: https://codereview.chromium.org/1694523003
Cr-Commit-Position: refs/heads/master@{#33921}
The path used by that option only comes into play when default parameters
are allowed but destructuring assignment is disallowed. Removing it
allows the removal of one implementation of ParseExpression, and makes
it clearer which code will be dead once all the destructuring flags
are removed.
Also made the |flags| param strongly typed instead of an int.
Review URL: https://codereview.chromium.org/1691653002
Cr-Commit-Position: refs/heads/master@{#33918}
