Add support to optimize certain comparisons of typeof with known
strings to utilize the existing ObjectIs<Type> predicates. Also
add a new ObjectIsCallable, which is used to optimize the common
typeof x === "function" pattern.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1898653003
Cr-Commit-Position: refs/heads/master@{#35562}
port 0c05e02f25 (r35480)
original commit message:
Modifies Ignition to store code entry addresses in the dispatch table
rather than code objects. This allows the interpreter to avoid
calculating the code entry address from the code object on every
dispatch and provides a ~5-7% performance improvement on Octane with
Ignition.
This change adds ArchOpcode::kArchTailCallAddress to TurboFan to enable
tail call dispatch using these code addresses. It also adds a Dispatch
linkage creator (distinct from the stub linkage type used previously) to
allow targetting a code address target (which will diverge further from
the stub linkage type when we remove the context machine register in
Ignition).
BUG=
Review URL: https://codereview.chromium.org/1893243002
Cr-Commit-Position: refs/heads/master@{#35561}
port 5e9ddf6ce4 (r35453)
original commit message:
Reland of (https://codereview.chromium.org/1617503003)
* New atomic code stubs for x64, ia32, arm, arm64
* Add convenience functions JumpIfNotValidSmiValue, JumpIfUintNotValidSmiValue
to macro-assembler-ia32 (API based on x64 macro assembler)
* Remove runtime implementation of Atomics.load, the code stub should always be
called instead
* Add new test to mjsunit atomics test; check that Smi values of different
sizes are supported when possible, else fall back to HeapNumbers
These changes were needed to add another codestub:
* Bump kStubMajorKeyBits from 7 to 8
* Reduce ScriptContextFieldStub::kSlotIndexBits from 13 to 12
BUG=
Review URL: https://codereview.chromium.org/1894923002
Cr-Commit-Position: refs/heads/master@{#35560}
port c2de9611281d6da70fe1770072ec55f2f8aaf467(r35440)
original commit message:
Visit the Optimized Code Map on first call rather than closure creation.
This is useful for escape analysis, and helps upcoming changes to
type feedback gathering.
BUG=
Review URL: https://codereview.chromium.org/1893213002
Cr-Commit-Position: refs/heads/master@{#35558}
optimizer was merging phi lowering moves into the node defining the
phi. Addressing such cases proved to be too difficult in the existing
validator.
The new validator addresses this, by making no assumptions on phi
lowering details.
This unblocks 1824303002.
BUG=
Review URL: https://codereview.chromium.org/1855023002
Cr-Commit-Position: refs/heads/master@{#35557}
port 52148c41c9 (r35407)
original commit message:
Add relocatable pointers for wasm memory references that need to be updated when wasm GrowMemory is used. Code generator changes to accept relocatable constants as immediates.
BUG=
Review URL: https://codereview.chromium.org/1895673002
Cr-Commit-Position: refs/heads/master@{#35556}
port 2e3296666b04f0a038d9239a92e2ff39b5716f74(r35370)
original commit message:
... instead of doing stack magic. This is a cleanup in preparation for the new generators implementation.
BUG=
Review URL: https://codereview.chromium.org/1893943002
Cr-Commit-Position: refs/heads/master@{#35555}
These operators are really pure on the JavaScript level, and were only
part of the effect chain to make sure we don't accidentially schedule
them right after raw allocations, which is no longer an issue since we
now have the concept of atomic regions.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1893543004
Cr-Commit-Position: refs/heads/master@{#35552}
Reason for revert:
Looking at types in ChangeLowering is generally unsafe.
Original issue's description:
> [turbofan] Improve lowering of ObjectIs<Type> somewhat.
>
> If we already know that the input to one of the ObjectIs<Type> nodes is
> TaggedPointer, we don't need to perform the Smi check at runtime.
>
> R=jarin@chromium.org
>
> Committed: https://crrev.com/4fc4978cee0bb7ad2ae8681a67b7032eba6a7d11
> Cr-Commit-Position: refs/heads/master@{#35368}
TBR=jarin@chromium.org,bmeurer@google.com
# Not skipping CQ checks because original CL landed more than 1 days ago.
Review URL: https://codereview.chromium.org/1893123002
Cr-Commit-Position: refs/heads/master@{#35551}
This is a much cleaner solution, which won't require nearly as much
architecture-specific code. Thanks bmeurer@!
BUG=v8:4614
LOG=y
R=bmeurer@chromium.org,jarin@chromium.org
Review URL: https://codereview.chromium.org/1891033002
Cr-Commit-Position: refs/heads/master@{#35547}
Reason for revert:
[Sheriff] Breaks tsan:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/8999
Original issue's description:
> Get rid of UnsafeCurrent in Sampler
>
> Currently we are using UnsafeCurrent in async signal handler to acquire the
> isolate of VM thread, but we want to get rid of that since it prevents V8 from
> being thread agnostic.
>
> This patch replaces UnsafeCurrent with a static map, where we store a map of
> samplers for threads, and makes it accessible by signal handler.
>
> BUG=v8:4889
> LOG=n
>
> Committed: https://crrev.com/62fb4775fea0d56d8a175baf1d902213f6752168
> Cr-Commit-Position: refs/heads/master@{#35541}
TBR=jochen@chromium.org,alph@chromium.org,fmeawad@chromium.org,yangguo@chromium.org,lpy@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4889
Review URL: https://codereview.chromium.org/1897673002
Cr-Commit-Position: refs/heads/master@{#35545}
Reason for revert:
The boilerplate is copied based on the boilerplate + memento size, which reads off the end of the boilerplate.
Original issue's description:
> Migrate FastCloneShallowObjectStub to TurboFan
>
> BUG=
>
> Committed: https://crrev.com/4c2b04542f263b2679194f9fb75672ebbe72b924
> Cr-Commit-Position: refs/heads/master@{#35330}
>
> Committed: https://crrev.com/7fdfdc12d4e4291348112ace4278a827f57f2eb9
> Cr-Commit-Position: refs/heads/master@{#35494}
TBR=bmeurer@chromium.org,jkummerow@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review URL: https://codereview.chromium.org/1888043006
Cr-Commit-Position: refs/heads/master@{#35544}
This patch correctly re-scopes inner scopes that can appear in do
expressions used as initializers to arrow parameters.
R=rossberg@chromium.org
BUG=v8:4904
LOG=N
Review URL: https://codereview.chromium.org/1887743002
Cr-Commit-Position: refs/heads/master@{#35542}
Currently we are using UnsafeCurrent in async signal handler to acquire the
isolate of VM thread, but we want to get rid of that since it prevents V8 from
being thread agnostic.
This patch replaces UnsafeCurrent with a static map, where we store a map of
samplers for threads, and makes it accessible by signal handler.
BUG=v8:4889
LOG=n
Review URL: https://codereview.chromium.org/1858143003
Cr-Commit-Position: refs/heads/master@{#35541}
Runtime_OptimizeFunctionOnNextCall and Runtime_DeoptimizeFunction asserts that
the argument is a JSFunction object.These are used by fuzzers to get coverage
of optimizations in compiler. Having an assert causes a fuzzer test to fail
when OptimizeFunctionOnNextCall is called on objects that are not functions.
We can instead, silently return on such calls.
BUG=chromium:601391
LOG=N
Review URL: https://codereview.chromium.org/1883603002
Cr-Commit-Position: refs/heads/master@{#35539}
Port 5e9ddf6ce4
Original commit message:
* New atomic code stubs for x64, ia32, arm, arm64
* Add convenience functions JumpIfNotValidSmiValue, JumpIfUintNotValidSmiValue
to macro-assembler-ia32 (API based on x64 macro assembler)
* Remove runtime implementation of Atomics.load, the code stub should always be
called instead
* Add new test to mjsunit atomics test; check that Smi values of different
sizes are supported when possible, else fall back to HeapNumbers
These changes were needed to add another codestub:
* Bump kStubMajorKeyBits from 7 to 8
* Reduce ScriptContextFieldStub::kSlotIndexBits from 13 to 12
R=binji@chromium.org, joransiu@ca.ibm.com, mbrandy@us.ibm.com, michael_dawson@ca.ibm.com, bjaideep@ca.ibm.com
BUG=v8:4614
LOG=N
Review URL: https://codereview.chromium.org/1882733008
Cr-Commit-Position: refs/heads/master@{#35537}
Port 0c05e02f25
Original commit message:
Modifies Ignition to store code entry addresses in the dispatch table
rather than code objects. This allows the interpreter to avoid
calculating the code entry address from the code object on every
dispatch and provides a ~5-7% performance improvement on Octane with
Ignition.
This change adds ArchOpcode::kArchTailCallAddress to TurboFan to enable
tail call dispatch using these code addresses. It also adds a Dispatch
linkage creator (distinct from the stub linkage type used previously) to
allow targetting a code address target (which will diverge further from
the stub linkage type when we remove the context machine register in
Ignition).
R=rmcilroy@chromium.org, joransiu@ca.ibm.com, mbrandy@us.ibm.com, michael_dawson@ca.ibm.com, bjaideep@ca.ibm.com
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1887263003
Cr-Commit-Position: refs/heads/master@{#35533}
This hoists all bailouts out of OptimizedCompileJob::CreateGraph into
the compiler pipeline. The reason is that this moves them to a point
where we can still influence the decision which compiler to pick and
hence gives us more freedom with modeling various pipelines.
R=neis@chromium.org
Review URL: https://codereview.chromium.org/1883313003
Cr-Commit-Position: refs/heads/master@{#35532}
Usually, script compilation is expensive enough to warrant the extra
overhead of caching scripts immediatly.
BUG=chromium:588900
R=yangguo@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/1890083002
Cr-Commit-Position: refs/heads/master@{#35527}
This adds an ObjectIsString operator and hooks it up with
JSNativeContextSpecialization (to remove the use of some machine
operators there).
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1894523002
Cr-Commit-Position: refs/heads/master@{#35525}
PersistentValueMap is used to hold per-world wrappers in the blink. Currently,
when we trace wrappers, we visit wrappers in all worlds via this PersistentValueMap. This cl introduces convenient (and faster) way of registering these external references.
BUG=468240
LOG=no
Review URL: https://codereview.chromium.org/1883043003
Cr-Commit-Position: refs/heads/master@{#35523}
port 6df9a22c3f (r35187)
original commit message:
The HandlerCompiler did not properly handle the weird edge case when a
sloppy mode function was installed as an accessor on one of the value
wrapper prototypes and then accessed via a load from a primitive value.
In this case we just passed the primitive value untouched instead of
properly wrapping it first. The CallFunction builtin properly deals with
all the funny edge cases, so we use it instead of duplicating almost all
of the logic here (the performance difference is neglible).
BUG=
Review URL: https://codereview.chromium.org/1884293003
Cr-Commit-Position: refs/heads/master@{#35522}
This prefixes the escape analysis flag with "experimental", thereby
making sure the flag in question is not being fuzzed. It will reduce
noise levels on ClusterFuzz again.
R=jarin@chromium.org
BUG=chromium:603653
LOG=n
Review URL: https://codereview.chromium.org/1894513002
Cr-Commit-Position: refs/heads/master@{#35521}
This moves the responsibility of preparing full-codegen code with
deoptimization support into the backends. This avoids generating such
code when optimization can be done directly from existing bytecode.
R=bmeurer@chromium.org
BUG=v8:4280
LOG=n
Review URL: https://codereview.chromium.org/1883403002
Cr-Commit-Position: refs/heads/master@{#35517}
We have trouble with Math.fround(MEM[...]). Since we now properly type
LoadBuffer (it can produce undefined), lowering of fround has stopped
triggering (as it requires Number type). This CL is a quick fix for this issue
- we simply trigger the lowering for NumberOrUndefined and let representation
selection/truncation analysis deal with this.
Ultimately, we would want to insert some 'simplified' ToNumber conversion
that would be optimized as much as possible during representation
selection.
BUG=chromium:603802
LOG=n
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/1893483003
Cr-Commit-Position: refs/heads/master@{#35513}
