We use the naming convention <Constructor>Prototype<Method> for builtins
that implement methods on a certain builtin constructors prototype. Fix
the collection builtins (Map and Set) to match this naming convention.
Bug: v8:5049
Change-Id: I8ced50c2ac9ebc8f4390bcbbc6aec426a0026813
Reviewed-on: https://chromium-review.googlesource.com/707318
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48403}
The contract in TurboFan is that "the hole" is never passed to "user
JavaScript", which we unfortunately still don't check strictly. Now
the inlined code for Array#forEach properly checks for "the hole",
but the type of the element Node passed to the callback function
doesn't reflect that. So introduce a proper TypeGuard here to reflect
this check.
This will also improve code generation for iteration of HOLEY arrays
better and might improve performance a bit.
Bug: v8:1956
Change-Id: Ib6b3c444b16fcf44551bda1b39f976d66b9362ab
Reviewed-on: https://chromium-review.googlesource.com/705954
Reviewed-by: Daniel Clifford <danno@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48400}
We no longer use the terminology "fast elements", so drop the "Fast"
from both NewFastSmiOrObjectElements and NewFastDoubleElements operator
names.
Bug: v8:6399, v8:6901
Tbr: jarin@chromium.org
Change-Id: Icc204623f2b459b0d0e172e26ddd73e29fe6c884
Reviewed-on: https://chromium-review.googlesource.com/707246
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48399}
The marked bytes counter needs to be updated before decrementing the
pending task counter.
Bug: chromium:694255
Change-Id: I19c4dfbdccfb32ded5b7bb707dc93d53e188e34a
Reviewed-on: https://chromium-review.googlesource.com/707140
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48390}
We can improve performance of inlined Array.prototype.map if we statically
know the type of the callback return result is a SignedSmall. Indeed,
we no longer need bother with transitioning the output array, because we
can store a SignedSmall (aka "Smi") anywhere.
Bug: v8:6896
Change-Id: I140ce9a7c15ff77d05afeda6cda58f0560d922c8
Reviewed-on: https://chromium-review.googlesource.com/707139
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48387}
This ensures the JSFunction objects materialized by the deoptimizer have
the correct instance size (depending on the given map). There are corner
cases where the instance size might vary due to in-object properties.
R=jarin@chromium.org
TEST=mjsunit/regress/regress-crbug-772610
BUG=chromium:772610
Change-Id: I4808c7260db1adbd1cdc3871c2a946475e4934f2
Reviewed-on: https://chromium-review.googlesource.com/707109
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48383}
Avoid the zero-extensions required for int32 based addressing on 64-bit
architectures by restructuring the initialization loops to work on
words. This recovers a bit of the regression on the Kraken audio-fft and
audio-beat-detection benchmarks that was introduced by the initial CL.
Bug: chromium:772669, v8:6399, v8:6901
Change-Id: I4753c254be89f2bcc7b0ea5073e469e3507408bd
Reviewed-on: https://chromium-review.googlesource.com/707098
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48377}
In call reductions for Array.prototype.map and forEach, loads weren't
wired appropriately into the effect chain, hampering the efficacy of
load elimination.
Bug:
Change-Id: If5a386b66669d7173d5cadc6d8d3ff023daed810
Reviewed-on: https://chromium-review.googlesource.com/707073
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48376}
Each concurrent marking task maintains task_state[i]->marked_bytes.
When a task finishes, its local counter is flushed into global
total_marked_bytes_ atomic counter.
Bug: chromium:694255
Change-Id: I629467385e80bf229e06a4231673ceb5ef8e4aea
Reviewed-on: https://chromium-review.googlesource.com/704823
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48374}
Missing arguments are identical to undefined, and are converted to the
integer 0 by ECMAScript {ToInteger()}.
Add more tests, and enable previously disabled tests.
There is a follow-up refactoring here: https://crrev.com/c/704586R=titzer@chromium.org, mstarzinger@chromium.org
Change-Id: I89cc259aaf5975ec2f6f51ff002e7d1b32adba5e
Reviewed-on: https://chromium-review.googlesource.com/704658
Reviewed-by: Ben Titzer <titzer@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48373}
We can use the known ElementsKind to improve typing on the receiver
element load. We can allow multiple maps, as long as they have the
same ElementsKind.
Bug: v8:6896
Change-Id: Ida7df943f7d315454b58bcf4e0bbd2346406c488
Reviewed-on: https://chromium-review.googlesource.com/704921
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48367}
Now, the EffectControlLinearizer connects all occurrences of Unreachable to the
graph end. This fixes issues with later phases running DeadCodeElimination and
introducing new DeadValue nodes when processing uses of Unreachable.
This is a reland of 3c4bc27f13
Original change's description:
> Reland "[turbofan] eagerly prune None types and deadness from the graph"
>
> This is a reland of e1cdda2512
> Original change's description:
> > [turbofan] eagerly prune None types and deadness from the graph
> >
> > In addition to using the {Dead} node to prune dead control nodes and nodes that
> > depend on them, we introduce a {DeadValue} node representing an impossible value
> > that can occur at any position in the graph. The extended {DeadCodeElimination}
> > prunes {DeadValue} and its uses, inserting a crashing {Unreachable} node into
> > the effect chain when possible. The remaining uses of {DeadValue} are handled
> > in {EffectControlLinearizer}, where we always have access to the effect chain.
> > In addition to explicitly introduced {DeadValue} nodes, we consider any value use
> > of a node with type {None} as dead.
> >
> > Bug: chromium:741225
> > Change-Id: Icc4b636d1d018c452ba1a2fa7cd3e00e522f1655
> > Reviewed-on: https://chromium-review.googlesource.com/641250
> > Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#48208}
>
> Bug: chromium:741225
> Change-Id: I21316913dae02864f7a6d7c9269405a79f054138
> Reviewed-on: https://chromium-review.googlesource.com/692034
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48232}
Bug: chromium:741225
Change-Id: I5702ec34856c075717162153adc765774453c45f
Reviewed-on: https://chromium-review.googlesource.com/702264
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48366}
The escape analysis is able to perform scalar replacement on JSArrays
with in-object properties (which currently only happens for subclasses
of the Array constructor), but the Deoptimizer didn't properly
materialized and initialized the values of the in-object fields so far.
Bug: chromium:772689, v8:6399
Change-Id: I6555a46773d2a1543db069142aa05f4337566b9c
Reviewed-on: https://chromium-review.googlesource.com/706781
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48365}
These will be used in subsequent CLs to add spec-compliant builtins
on Array.prototype built with the CSA.
Change-Id: I4c9f72f90dffe018b99efdc73e9d40b3d175c2aa
Reviewed-on: https://chromium-review.googlesource.com/704115
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Daniel Clifford <danno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48362}
This adds a new operator LookupSigned32HashStorageIndex, which is a
specialization of the general LookupHashStorageIndex for Map#get that
is used when TurboFan knows that the key is in Signed32 range.
This improves the execution time of the ARES6 Basic test locally by
around 5% and seems to make sense in general.
Bug: v8:6410, v8:6354, v8:6278, v8:6344
Change-Id: I78dcbc9cc855a4109e1690d8cd14fbc88fd89861
Reviewed-on: https://chromium-review.googlesource.com/706787
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48361}
Rewrites import.meta expressions into null literals. Builds on top
of- and requires dynamic import parsing to simplify the implementation.
Adds a new --harmony-import-meta flag.
BUG=v8:6693
Change-Id: Iadb7ddf6bad8986bf3ad641dbd3826fe730b5f44
Reviewed-on: https://chromium-review.googlesource.com/702678
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48359}
Use case: anonymous script with sourceMappingUrl. User can set
breakpoint in source with sourceUrl from sourceMap, we persist this
breakpoint in DevTools and on page reload breakpoint should be restored
correctly.
Debugger.setBreakpointByUrl method provides capabilities to set
provisional breakpoints and looks like best candidate for new "scriptHash"
argument.
I considered other options such as replacing scriptId with something
more persistent like "script-hash:script-with-this-hash-number" but it
looks more complicated and doesn't provide clear advantages.
One pager: http://bit.ly/2wkRHntR=pfeldman@chromium.org
Bug: chromium:459499
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I0e2833fceffe6b04afac01d1a4522d6874b6067a
Reviewed-on: https://chromium-review.googlesource.com/683597
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48357}