port 5b02a98bfa (r41986)
original commit message:
In the process, convert from a code stub into a builtin.
BUG=
Review-Url: https://codereview.chromium.org/2608203002
Cr-Commit-Position: refs/heads/master@{#42018}
port be11812c53 (r41971)
original commit message:
Recognize and emit in-memory comparisons of 8-bit and 16-bit values with
immediate values that fit.
BUG=
Review-Url: https://codereview.chromium.org/2612503002
Cr-Commit-Position: refs/heads/master@{#42017}
The ControlEquivalence cannot deal with new nodes inserted by the
Scheduler due to Node splitting. Rather when the ControlEquivalence
sees such a new Node, it'll likely crash on an out-of-bounds access.
This is a speculative fix to make the crash disappear, as there's no
100% reliable repro currently.
BUG=chromium:629398
TBR=jochen@chromium.org
Review-Url: https://codereview.chromium.org/2611603002
Cr-Commit-Position: refs/heads/master@{#42016}
Hook up TurboFan with the existing field type tracking machinery to
eliminate redundant map checks on the results of LoadField operators.
The store side is already implemented in TurboFan for quite some time,
this just adds the load part.
R=jarin@chromium.org
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2604393002
Cr-Commit-Position: refs/heads/master@{#42015}
- Adds CodeAssembler::ConstructJS() to simplify calling JS functions as
constructors, used by NewPromiseCapability()
- Defines PromiseCapability as a special JSObject subclass, with a
non-exensible Map, and read-only non-configurable DataDescriptors which
point to its in-object fields. This allows its fields to be used by JS
builtins until there is no longer any need.
Currently, the performance benefit comes from
https://codereview.chromium.org/2567033003/, but does not appear to
regress performance in any significant way.
BUG=v8:5343
TBR=ulan@chromium.org
Review-Url: https://codereview.chromium.org/2567333002
Cr-Commit-Position: refs/heads/master@{#42014}
We need to report cached wrappers within v8 to the embedder after each atomic
phase of v8 marking because the embedder can invalidate the wrappers in-between
v8 marking steps.
E.g., in Chrome, a conservative GC might need to wipe dead wrappables from
the wrapper tracing marking deque.
BUG=chromium:676700, chromium:468240
Review-Url: https://codereview.chromium.org/2610563002
Cr-Commit-Position: refs/heads/master@{#42011}
Store maps on the CheckMaps operator instead of burning inputs for
the individual maps. Use the same data structure (the ZoneHandleSet)
in the LoadElimination to track multiple maps per object.
BUG=v8:5267
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2431563002
Cr-Commit-Position: refs/heads/master@{#42010}
Add machinery to Ignition and TurboFan to collect and consume
InternalizedString feedback for abstract and strict equality
comparisons. Here we can turn the comparison into a simple
pointer equality check.
R=jarin@chromium.org
BUG=v8:5786
Review-Url: https://codereview.chromium.org/2609013002
Cr-Commit-Position: refs/heads/master@{#42008}
When Crankshaft compiles a keyed load to arguments, it disabled
optimization unless the KEYED_LOAD_IC for the access was monomorphic.
But that's too restrictive, since it will also disable optimization
for this function when the access is on a path that was never executed
so far.
This was spotted in the Node.js core function EventEmitter.prototype.emit,
which was no longer optimizable with Crankshaft using latest V8.
R=jarin@chromium.org
BUG=v8:5790
Review-Url: https://codereview.chromium.org/2607303002
Cr-Commit-Position: refs/heads/master@{#42005}
This patch fixes OOM crash that happens for large heap where
the total size of edges exceeds 2GB, which is the hard limit
for v8::internal::List allocated using tcmalloc.
BUG=chromium:675911
Review-Url: https://codereview.chromium.org/2595003002
Cr-Commit-Position: refs/heads/master@{#42004}
This refactors the logic from within the FastNewObject TF_BUILTIN to a
helper method which can be reused in other assemblers. This saves the
overhead of setting up the stub and calling into it.
A wrapper method is created for functions that don't need to tail call
into the runtime.
PromiseBuiltinsAssembler and RegexpBuiltinsAssembler are refactored to
use EmitFastNewObject.
Review-Url: https://codereview.chromium.org/2607233002
Cr-Commit-Position: refs/heads/master@{#42000}
This patch stores the promise, resolve, reject properties of the
deferred object created by CreateInternalPromiseCapability and
NewPromiseCapability directly on the promise (if the promise hasn't
been fulfilled), otherwise they are stored on the
PromiseReactionJobInfo.
This patch removes the currently unused
CreateInternalPromiseCapability and inlines the call to create the
deferred promise object.
NewPromiseCapability is the only function that works with a deferred.
This patch results in a 8.5% improvement in benchmarks over 5 runs.
BUG=v8:5343
Review-Url: https://codereview.chromium.org/2590563003
Cr-Commit-Position: refs/heads/master@{#41991}
Add test as well.
Add regression test for passing uninitialized promises to init hook
BUG=v8:4643
Review-Url: https://codereview.chromium.org/2578173004
Cr-Commit-Position: refs/heads/master@{#41982}
Section 3.2 of the C++ standard states that destructor definitions
implicitly "use" operator delete functions. Therefore, these operator
delete functions must be defined even if they are never called by
user code explicitly.
http://www.open-std.org/JTC1/SC22/WG21/docs/cwg_defects.html#261
gcc allows them to remain as empty definitions. However, not all
compilers allow this. (e.g. xlc on zOS)
This pull request creates definitions which if ever called, result
in an abort.
R=danno@chromium.org,jochen@chromium.org
BUG=
LOG=N
Review-Url: https://codereview.chromium.org/2588433002
Cr-Commit-Position: refs/heads/master@{#41981}
We currently use BitcastTaggedToWord only in from the code assemblers to verify the correctness of the operation.
BUG=
Review-Url: https://codereview.chromium.org/2605073002
Cr-Commit-Position: refs/heads/master@{#41979}
In fast-allocate, the path that leverages Add Mem-Imm fails to take
into account that the allocation size may be adjusted by kDoubleSize/2
for alignment. Limit this instruction to 64-bit only.
Also guard PFDs with the proper facility check.
R=jyan@ca.ibm.com, michael_dawson@ca.ibm.com, bjaideep@ca.ibm.com
BUG=
Review-Url: https://codereview.chromium.org/2605063002
Cr-Commit-Position: refs/heads/master@{#41978}
Before this patch, loops in deferred code would defeat the propagation of the
deferred flag, since back edges would usually not come from deferred blocks,
thus stoping the forward propagation of the deferred flag at loop headers. This
patch ensures that back edges are ignored in the deferred propations, properly
placing loops dominated by deferred labels and the code that follows them into
deferred code.
R=epertoso@chromium.org
LOG=N
Review-Url: https://codereview.chromium.org/2606923002
Cr-Commit-Position: refs/heads/master@{#41976}
Instead of loading the address both the limit and top pointers, rely on the
property that the limit pointer is always directly after the top pointer so that
it can be loaded with the limit pointer's address plus a fixed offset.
This generates smaller code and reduces the number of registers required by the
allocation sequence by one.
LOG=N
R=epertoso@chromium.org
Review-Url: https://codereview.chromium.org/2605043002
Cr-Commit-Position: refs/heads/master@{#41975}
Before this patch, Loads generated in the CSA on x64 that have a zero offset
displacement will add a zero to the effective address rather than using an
addressing mode that folds away the zero.
This functionality already exists on ia32, but the port wasn't purely mechanical
so it hadn't been done on x64.
R=epertoso@chromium.org
LOG=N
Review-Url: https://codereview.chromium.org/2602893002
Cr-Commit-Position: refs/heads/master@{#41974}
... and add explicit CallPrologue/CallEpilogue callbacks to CodeAssemblerState instead.
This will allow IntepreterAssembler to use any other helper assembler.
TBR=rmcilroy@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2600183004
Cr-Commit-Position: refs/heads/master@{#41973}
Specifically, don't propage "needs_frame" up through non-deferred -> deferred
block transitions where there are multiple edges from the non-deferred to
deferred code.
LOG=N
R=epertoso@chromium.org
Review-Url: https://codereview.chromium.org/2606893002
Cr-Commit-Position: refs/heads/master@{#41972}
