Currently the CompileLazy builtin checks the SFI expliciltly for FCG code. This means
if the SFI has bytecode we have to go through to the runtime to install the
interpreter entry trampoline into the JSFunction object.
Modify the builtin to always put the SFI code object into the JSFunction unless it's
the lazy compile stub on the SFI as well.
BUG=v8:4380
Review-Url: https://codereview.chromium.org/2583693003
Cr-Commit-Position: refs/heads/master@{#42034}
When baselining a function using the BaselineFunctionOnNextCall intrinsic, it is
not always ensured that a function is already compiled. Update the
Runtime_BaselineFunctionOnNextCall function to trigger a compile if it is not already
compiled.
BUG=v8:5768
Review-Url: https://codereview.chromium.org/2594543003
Cr-Commit-Position: refs/heads/master@{#42033}
Reason for revert:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/13358
Original issue's description:
> [Compiler] Track Ignition background compilation separately in RuntimeStats.
>
> Tracks background compilation of Ignition in a separate bucket from main thread
> compilation. Also add some more compilation buckets for functions which can take a
> significant proportion of compilation.
>
> BUG=v8:5203,v8:5215
>
> Review-Url: https://codereview.chromium.org/2577263002
> Cr-Commit-Position: refs/heads/master@{#42026}
> Committed: b0e9116d59TBR=jochen@chromium.org,cbruni@chromium.org,rmcilroy@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5203,v8:5215
Review-Url: https://codereview.chromium.org/2609773003
Cr-Commit-Position: refs/heads/master@{#42031}
Migrate Date.prototype.valueOf and Date.prototype[ @@toPrimitive ]
to use the CodeStubAssembler, to avoid going through C++ always
when comparing or subtracting two dates.
R=epertoso@chromium.org
Review-Url: https://codereview.chromium.org/2608143003
Cr-Commit-Position: refs/heads/master@{#42030}
(Missing includes discovered during the objects.h splitting work.)
BUG=v8:5402
Review-Url: https://codereview.chromium.org/2610643002
Cr-Commit-Position: refs/heads/master@{#42029}
Tracks background compilation of Ignition in a separate bucket from main thread
compilation. Also add some more compilation buckets for functions which can take a
significant proportion of compilation.
BUG=v8:5203,v8:5215
Review-Url: https://codereview.chromium.org/2577263002
Cr-Commit-Position: refs/heads/master@{#42026}
The heap traversal for SFI code objects when logging compiled functions
was previously accessing the abstract code of an SFI, logging its
bytecode if it exists or code object otherwise. However, there are some
(rare) cases where an SFI has both bytecode and a non-interpreter code
object -- for example, after baseline tier-up -- in which case we want
to log both, as both could be executing (at different points on the
stack).
BUG=v8:5758
Review-Url: https://codereview.chromium.org/2603333002
Cr-Commit-Position: refs/heads/master@{#42025}
Changes some for loops to use node->inputs() instead of iterating over
InputCount and accessing InputAt(i). This saves some checks for
"has_inline_inputs" and so some branches.
Review-Url: https://codereview.chromium.org/2585713002
Cr-Commit-Position: refs/heads/master@{#42024}
Don't fallback to the %StrictEqual / %Equal runtime functions for the
generic CompareIC slow path, but use the (new) StrictEqual and Equal
builtins instead. This avoids a performance cliff when mixing input
types for strict equality sites.
R=jochen@chromium.org
BUG=v8:4773
Review-Url: https://codereview.chromium.org/2609153002
Cr-Commit-Position: refs/heads/master@{#42021}
port 05873add85 (r41989)
original commit message:
The following ported to builtins:
FastCloneRegExp
FastCloneShallowArray
FastCloneShallowObject
BUG=
Review-Url: https://codereview.chromium.org/2607383002
Cr-Commit-Position: refs/heads/master@{#42020}
port 5b02a98bfa (r41986)
original commit message:
In the process, convert from a code stub into a builtin.
BUG=
Review-Url: https://codereview.chromium.org/2608203002
Cr-Commit-Position: refs/heads/master@{#42018}
port be11812c53 (r41971)
original commit message:
Recognize and emit in-memory comparisons of 8-bit and 16-bit values with
immediate values that fit.
BUG=
Review-Url: https://codereview.chromium.org/2612503002
Cr-Commit-Position: refs/heads/master@{#42017}
The ControlEquivalence cannot deal with new nodes inserted by the
Scheduler due to Node splitting. Rather when the ControlEquivalence
sees such a new Node, it'll likely crash on an out-of-bounds access.
This is a speculative fix to make the crash disappear, as there's no
100% reliable repro currently.
BUG=chromium:629398
TBR=jochen@chromium.org
Review-Url: https://codereview.chromium.org/2611603002
Cr-Commit-Position: refs/heads/master@{#42016}
Hook up TurboFan with the existing field type tracking machinery to
eliminate redundant map checks on the results of LoadField operators.
The store side is already implemented in TurboFan for quite some time,
this just adds the load part.
R=jarin@chromium.org
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2604393002
Cr-Commit-Position: refs/heads/master@{#42015}
- Adds CodeAssembler::ConstructJS() to simplify calling JS functions as
constructors, used by NewPromiseCapability()
- Defines PromiseCapability as a special JSObject subclass, with a
non-exensible Map, and read-only non-configurable DataDescriptors which
point to its in-object fields. This allows its fields to be used by JS
builtins until there is no longer any need.
Currently, the performance benefit comes from
https://codereview.chromium.org/2567033003/, but does not appear to
regress performance in any significant way.
BUG=v8:5343
TBR=ulan@chromium.org
Review-Url: https://codereview.chromium.org/2567333002
Cr-Commit-Position: refs/heads/master@{#42014}
We need to report cached wrappers within v8 to the embedder after each atomic
phase of v8 marking because the embedder can invalidate the wrappers in-between
v8 marking steps.
E.g., in Chrome, a conservative GC might need to wipe dead wrappables from
the wrapper tracing marking deque.
BUG=chromium:676700, chromium:468240
Review-Url: https://codereview.chromium.org/2610563002
Cr-Commit-Position: refs/heads/master@{#42011}
Store maps on the CheckMaps operator instead of burning inputs for
the individual maps. Use the same data structure (the ZoneHandleSet)
in the LoadElimination to track multiple maps per object.
BUG=v8:5267
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2431563002
Cr-Commit-Position: refs/heads/master@{#42010}
Add machinery to Ignition and TurboFan to collect and consume
InternalizedString feedback for abstract and strict equality
comparisons. Here we can turn the comparison into a simple
pointer equality check.
R=jarin@chromium.org
BUG=v8:5786
Review-Url: https://codereview.chromium.org/2609013002
Cr-Commit-Position: refs/heads/master@{#42008}
When Crankshaft compiles a keyed load to arguments, it disabled
optimization unless the KEYED_LOAD_IC for the access was monomorphic.
But that's too restrictive, since it will also disable optimization
for this function when the access is on a path that was never executed
so far.
This was spotted in the Node.js core function EventEmitter.prototype.emit,
which was no longer optimizable with Crankshaft using latest V8.
R=jarin@chromium.org
BUG=v8:5790
Review-Url: https://codereview.chromium.org/2607303002
Cr-Commit-Position: refs/heads/master@{#42005}
This patch fixes OOM crash that happens for large heap where
the total size of edges exceeds 2GB, which is the hard limit
for v8::internal::List allocated using tcmalloc.
BUG=chromium:675911
Review-Url: https://codereview.chromium.org/2595003002
Cr-Commit-Position: refs/heads/master@{#42004}
This refactors the logic from within the FastNewObject TF_BUILTIN to a
helper method which can be reused in other assemblers. This saves the
overhead of setting up the stub and calling into it.
A wrapper method is created for functions that don't need to tail call
into the runtime.
PromiseBuiltinsAssembler and RegexpBuiltinsAssembler are refactored to
use EmitFastNewObject.
Review-Url: https://codereview.chromium.org/2607233002
Cr-Commit-Position: refs/heads/master@{#42000}
This patch stores the promise, resolve, reject properties of the
deferred object created by CreateInternalPromiseCapability and
NewPromiseCapability directly on the promise (if the promise hasn't
been fulfilled), otherwise they are stored on the
PromiseReactionJobInfo.
This patch removes the currently unused
CreateInternalPromiseCapability and inlines the call to create the
deferred promise object.
NewPromiseCapability is the only function that works with a deferred.
This patch results in a 8.5% improvement in benchmarks over 5 runs.
BUG=v8:5343
Review-Url: https://codereview.chromium.org/2590563003
Cr-Commit-Position: refs/heads/master@{#41991}