- 04 Jun, 2019 13 commits
-
-
Maciej Goszczycki authored
Read-only heap sharing clears heap_ in read-only memory chunks because ReadOnlySpace is shared between multiple isolates. Bug: v8:7464 Change-Id: I821c94303ab3710c279e6c11a8ca8537aac0d0af Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1642809 Commit-Queue: Maciej Goszczycki <goszczycki@google.com> Reviewed-by: Dan Elphick <delphick@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#61987}
-
Joey Gouly authored
On Windows, long is 32-bits, so the 'L' suffix shouldn't be used if a 64-bit value is needed. This caused a test failure in 'Int64MulWithImmediate'. Change-Id: I93c43a1f166aa0e5bcd53aaf7a860fffd006fd0b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627538 Commit-Queue: Martyn Capewell <martyn.capewell@arm.com> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#61986}
-
Maciej Goszczycki authored
Bug: v8:7464 Change-Id: I09e5d66a2dc369d031691ef04cd8bb34bb40278e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1642808Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Maciej Goszczycki <goszczycki@google.com> Cr-Commit-Position: refs/heads/master@{#61985}
-
Jakob Gruber authored
These were only used by test-log/EquivalenceOfLoggingAndTraversal, which itself has been marked as failing since 2013. This CL removes the test itself as well as the TEST natives kind. Bug: v8:7624,v8:2857 Change-Id: Iedf2b1c94e31ccd1ea885d72bf1fac5d33defa90 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1643467 Auto-Submit: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#61984}
-
Leszek Swirski authored
Avoid the linear lookup of function literal id when getting the shared function info TraceID, by optionally passing through a FunctionLiteral. Additionally, use the FunctionLiteralId helper when a FunctionLiteral is not available, since it can also fast-path in some cases. As a drive-by, allow using a ScriptIterator without an Isolate pointer (e.g. manually creating a handle) to allow calling FunctionLiteralId without an Isolate pointer. Bug: v8:9325 Change-Id: Ibfa053f300d6d5005485c67174a848264a5d1372 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1643429 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#61983}
-
Michael Lippautz authored
Allow the embedder to decrement its allocated bytes count: - The decrement will be applied to the used bytes value. - The decrement is ignored for the total allocated bytes. Bug: chromium:948807 Change-Id: I609ccf81017b693e0db13b499cbf8967f5f8a2c7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1631428 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#61982}
-
Joey Gouly authored
This fixes the assembler tests on Windows arm64, that were previously crashing. Bug: v8:9235 Change-Id: I616e6eb00bb71d70195787f80f8b54a9ae33abe6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1634919 Commit-Queue: Martyn Capewell <martyn.capewell@arm.com> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#61981}
-
Maya Lekova authored
The fix in https://chromium-review.googlesource.com/c/v8/v8/+/1627333 didn't seem to have worked, so disabling the tests again. Bug: chromium:963411, v8:9114, v8:9183, v8:9267 Change-Id: Id080c16b1fe4c99c8ef980a15bc91668dbfe5c13 NOTRY=true TBR=machenbach@chromium.org Change-Id: Id080c16b1fe4c99c8ef980a15bc91668dbfe5c13 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1643428Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Auto-Submit: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#61980}
-
Maciej Goszczycki authored
As it stands most of ReadOnlySpace class's method are unusable once it has been sealed, since all of its pages are read-only. Set owner_ to null to ensure nothing unintentionally uses it. This also helps with separating the ReadOnlySpace from the Heap class in the future as ReadOnlySpace might not inherit from Space. Bug: v8:7464 Change-Id: I3b24f20c644d6f5e23647bc1de4d256a20a0eb19 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1637800Reviewed-by: Dan Elphick <delphick@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Maciej Goszczycki <goszczycki@google.com> Cr-Commit-Position: refs/heads/master@{#61979}
-
Georg Neis authored
It's very helpful to know when they die. Bug: v8:7790 Change-Id: I08a369da7eb19d46ecdc02b404b0085d6410ab4d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1643168Reviewed-by: Michael Stanton <mvstanton@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#61978}
-
Georg Schmid authored
R=tebbi@chromium.org Bug: chromium:964833 Change-Id: I798f7c38eacaa16011ab7cc9ac4dea066078fbb5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1643170Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Georg Schmid <gsps@google.com> Cr-Commit-Position: refs/heads/master@{#61977}
-
Gopesh Kumar Chaudhary authored
Regex test cases fails on AIX debug due to stack-overflow. R=miladfar@ca.ibm.com, joransiu@ca.ibm.com, jyan@ca.ibm.com Bug: Change-Id: I217ad3d61fa8d7572cc0c7e25efa63065552f99a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1625836 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#61976}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/a3b6390..c66b31d Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/5b31e69..fd813d1 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/c38806b..0183a1f TBR=machenbach@chromium.org,sergiyb@chromium.org,tmrts@chromium.org Change-Id: I2d3652b0533a0ba4c0b22a58c1fd23dc367ae814 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1640830Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#61975}
-
- 03 Jun, 2019 22 commits
-
-
Johannes Henkel authored
Change-Id: I05d69c8971352276c2d399f458f8f7ae6c2689c2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1639575 Auto-Submit: Johannes Henkel <johannes@chromium.org> Commit-Queue: Johannes Henkel <johannes@chromium.org> Commit-Queue: Alexei Filippov <alph@chromium.org> Reviewed-by: Alexei Filippov <alph@chromium.org> Cr-Commit-Position: refs/heads/master@{#61974}
-
Johannes Henkel authored
serialize outgoing messages via cbor to json if needed. Change-Id: I6d0300ddc27e365b16671d19922f467e09adcc54 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1636681Reviewed-by: Alexei Filippov <alph@chromium.org> Commit-Queue: Johannes Henkel <johannes@chromium.org> Cr-Commit-Position: refs/heads/master@{#61973}
-
Simon Zünd authored
The extension moved to a separate Github repository found at: https://github.com/v8/vscode-torque The extension is best installed via the VSCode Marketplace: https://marketplace.visualstudio.com/items?itemName=v8-torque.vscode-torque R=tebbi@chromium.org Bug: v8:8880 Change-Id: I38e1bc7c912002b37d367beac10fb57c58763844 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1640198 Auto-Submit: Simon Zünd <szuend@chromium.org> Reviewed-by: Tamer Tas <tmrts@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#61972}
-
Bill Budge authored
- Changes functions that call OpenHandle multiple times to assign a local and use it the second time. Change-Id: Ibc7e881158dc6aec489e3f30690da8982014d52a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1636459 Commit-Queue: Bill Budge <bbudge@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#61971}
-
Seth Brenith authored
Implemented verifiers for the following classes: - ExternalString - FixedArrayBase - JSCollection - JSCollectionIterator - JSWeakCollection - Name - SeqString - Struct Removed the following class definitions from Torque, because they're just JSObject instances with particular starting maps, as discussed in https://crrev.com/c/v8/v8/+/1619146/6/src/builtins/base.tq#459 : - JSAccessorPropertyDescriptor - JSDataPropertyDescriptor - JSIteratorResult Following similar logic, removed the Torque definition of WasmExceptionPackage because it's just an error object that happens to have a couple of private-symbol properties. The following classes should not be defined in Torque because they're just a starting state for JSObject, but I'm leaving them for now because existing Torque code requires them: - JSArgumentsObjectWithLength - JSProxyRevocableResult Bug: v8:9311 Change-Id: I0336b6be7d02e48e4a8a0f660e24d2c2fa5f5e34 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1637448 Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#61970}
-
Z Nguyen-Huu authored
Bug: v8:6664 Change-Id: Ie320264cfba8c33c90405bb009f584b8e2b3d8ce Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1637660Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com> Cr-Commit-Position: refs/heads/master@{#61969}
-
Frank Tang authored
Bug: v8:9300 Change-Id: I8eee82f41e19858f1688c64e6bc6800e26db6050 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1638257 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#61968}
-
Maciej Goszczycki authored
Bug: v8:9183 Change-Id: I583915848435b6ad3f42c320b72b7bb1a4eb2444 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1640207Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Maciej Goszczycki <goszczycki@google.com> Cr-Commit-Position: refs/heads/master@{#61967}
-
Michael Achenbach authored
Bug: v8:9290 Change-Id: I0f1558231cdb71e3d84b123f9663be66f9101c6c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1637464Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Auto-Submit: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#61966}
-
Clemens Hammacher authored
The missing forward declaration made include header checks fail on gcc: https://crrev.com/c/1637464 R=ishell@chromium.org Bug: v8:9290, v8:7490, v8:9183 Change-Id: I7e513c04297982e403783e7ea7341b271c4fef72 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1640214Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#61965}
-
Clemens Hammacher authored
This reverts commit 81abe8f7. Reason for revert: Fails several bots, e.g. https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20TSAN/26780 Original change's description: > [roheap] Enable shared ro-heap by default if ptr compression is disabled > > Shared read-only heap is currently incompatible with pointer compression. > Enable sharing only if pointer compression is disabled. > > Bug: v8:7464 > Change-Id: I0866ac288a34eb92fc227e8beba57f4d72a69ef0 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1635509 > Reviewed-by: Dan Elphick <delphick@chromium.org> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Commit-Queue: Maciej Goszczycki <goszczycki@google.com> > Cr-Commit-Position: refs/heads/master@{#61963} TBR=rmcilroy@chromium.org,delphick@chromium.org,goszczycki@google.com Change-Id: If450c8a7530763e69eaddb53583f890a467f4724 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:7464 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1640216Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#61964}
-
Maciej Goszczycki authored
Shared read-only heap is currently incompatible with pointer compression. Enable sharing only if pointer compression is disabled. Bug: v8:7464 Change-Id: I0866ac288a34eb92fc227e8beba57f4d72a69ef0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1635509Reviewed-by: Dan Elphick <delphick@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Maciej Goszczycki <goszczycki@google.com> Cr-Commit-Position: refs/heads/master@{#61963}
-
Santiago Aboy Solanes authored
Following up on https://chromium-review.googlesource.com/c/v8/v8/+/1637879, this CL removes the tests that used explicit Compress/Decompress functions in CSA Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng Bug: v8:7703 Change-Id: I063678a732545eb505fa752612242ceeb42be823 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1640206 Auto-Submit: Santiago Aboy Solanes <solanes@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#61962}
-
Sigurd Schneider authored
Change-Id: I99eb206d6c8ea206bc5451b97c5e59a28d9b75a7 Bug: v8:7793 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1640205 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Reviewed-by: Simon Zünd <szuend@chromium.org> Auto-Submit: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#61961}
-
Yang Guo authored
R=rmcilroy@chromium.org NOPRESUBMIT=true Bug: v8:9247 Change-Id: I355ac92c323ab34e1898c0764856ebadc3357dcc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1635691 Commit-Queue: Yang Guo <yangguo@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#61960}
-
Yang Guo authored
Bug: v8:9247 Change-Id: Ieae700aa01261c712e3ac22967fe3c59988c25c6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1635892Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#61959}
-
Simon Zünd authored
This CL changes "MessageWriter" type to std::function instead of a plain function pointer. This allows capturing lambdas, which in turn are used to make unittests more robust. R=sigurds@chromium.org Bug: v8:8880 Change-Id: I9d71ddcac173af36e5b62852f2a9ec6dcfac9f78 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1640201 Commit-Queue: Simon Zünd <szuend@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Auto-Submit: Simon Zünd <szuend@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#61958}
-
Clemens Hammacher authored
Trap handler registration happens under a spin lock, which causes lots of wasted cycles. With 48 background compilation threads, half of the wall-clock time is being spent on that spin lock. Moving this registration inside {PublishCodeLocked} avoids any lock contention (if a single module is being compiled), since we already sequentialize code publication. This speeds up background compilation for large numbers of background tasks, and has no measurable effect for small numbers. R=ahaas@chromium.org Bug: v8:8916 Change-Id: I572b53b9b581e4d5f6e441f6685350017d08d0be Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1634928Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#61957}
-
Ulan Degenbaev authored
Change-Id: I839de4a0c96347728abc5a0a9f7e2c4f9678133b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1640200Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#61956}
-
Ross McIlroy authored
Code stub assembler does implicit compression / decompression when loading values from the heap. As a result, we shouldn't expose explicit compress / decompress operators. BUG=v8:7703 Change-Id: I72b7b862b48f19e918db0e283d1be065a2651b44 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1637879 Auto-Submit: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#61955}
-
Jun Lim authored
This CL avoid lowering Switch to jumptable if the case count is small enough(4). Change-Id: Ida632807558c7403171e803947e7484908e0e028 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1605357Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Martyn Capewell <martyn.capewell@arm.com> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#61954}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/355210a..a3b6390 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/b8451b7..5b31e69 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/bad01ad..c38806b Rolling v8/third_party/icu: https://chromium.googlesource.com/chromium/deps/icu/+log/64e5d7d..9f0f47b Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/1f646a8..7ee072e TBR=machenbach@chromium.org,sergiyb@chromium.org,tmrts@chromium.org Change-Id: Iea3df2d17dc375327cec3fbfe86e0cd2274a05c9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1640689Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#61953}
-
- 31 May, 2019 5 commits
-
-
Frank Tang authored
Bug: v8:9312, chromium:968269 Change-Id: I0e3d134cd4341c30277df62fead6386e344be0bf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1636179 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Mathias Bynens <mathias@chromium.org> Cr-Commit-Position: refs/heads/master@{#61952}
-
Michael Achenbach authored
Change-Id: If2610987b66324a4b77531628c5058c3b31b8718 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1637463Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#61951}
-
Santiago Aboy Solanes authored
CompressedHeapConstant is used in the DecompressionElimination Reducer to create compressed HeapConstant values. It won't appear in the graph up until that point. This CL enables back the disabled tests in DecompressionElimination, as well as generating the CompressedHeapConstant in that reducer. The RelocInfo has already been added for x64 but not for arm64. Therefore, the x64 version is now doing the mov on 32 bits. The support for ARM will come in a following CL, and for now it is doing the mov in 64 bits. Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng Bug: v8:8977, v8:7703, v8:9298 Change-Id: If0ca4f937cfa60501679e66f6fd5ded2df38f605 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632236Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#61950}
-
Mythri A authored
Array push / pop / shift were inlined if the elements kind of the receiver maps is the same. This cl extends it by inlining these builtins even when the receiver maps have different elements kinds. It still limits it to only fast elements kinds. This is required to prevent regressions in deltablue when lazy feedback allocation is enabled. With lazy feedback allocation we may see polymorphic feedback more often, since we don't have allocation site feedback till the feedback vectors are allocated. Bug: v8:9078 Change-Id: Id4a7b84be6305b125913b6ce0fb4f3eb3e3b15ec Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632239 Commit-Queue: Mythri Alle <mythria@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#61949}
-
Benedikt Meurer authored
This fixes a problem where ICs for transitioning stores go MEGAMORPHIC if the transition target map dies in between invocations of the IC, which is totally possible, since we only hold on weakly to these transition targets (both from the FeedbackVectors and also from the TransitonArrays). The root problem here was an inconsistency in how the maps and handlers are being reported by the FeedbackVector. On the on hand side the method FeedbackVector::ExtractMaps() will report all receiver maps that are still present (i.e. which haven't died themselves), but then the other method FeedbackVector::FindHandlers() will only report handlers that are still alive (i.e. which in case of transition target maps being used as handlers haven't died yet). If the length of these lists don't match the IC chickens out and goes MEGAMORPHIC. But this is exactly the case with the transitioning stores, where there's no handler anymore, i.e. as can be seen in this simple example: ``` // Flags: --expose-gc function C() { this.x = 1; } new C(); new C(); gc(); // map with the `C.x` property dies new C(); // now the STORE_IC in C goes MEGAMORPHIC ``` So the problem is that we have these two methods that don't agree with each other. Now FeedbackVector::ExtractMaps() is also used by TurboFan and it even reports receiver maps for PREMONOMORPHIC state, which is different from the use case that the ICs need. So I replaced the FeedbackVector::FindHandlers() with a completely new method FeedbackVector::ExtractMapsAndHandlers(), which returns both the maps and handlers, exactly as the ICs need it. And only returns pairs for which both the receiver map and the handler are still alive. This fixes the odd problem that sometimes STORE_ICs going MEGAMORPHIC for no apparent reason. Due to the weakness of the transition target maps, they can still die and cause deoptimizations, but at least TurboFan will now be able to reoptimize again later with the new maps and still generate proper code. Bug: v8:9316 Cq-Include-Trybots: luci.chromium.try:linux-rel,win7-rel Change-Id: I74c8b60f792f310dc813f997e69efe9ad434296a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1637878 Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#61948}
-