Skip to content

V
V8
Switch branch/tag
  1. 07 Apr, 2017 1 commit
    • jgruber's avatar
      [builtins] Introduce new TFC macro and auto-generate TFS descriptors · 9ddfeafe
      jgruber authored 
      Split TFS builtins into

* TFC: TF builtins with stub linkage that use a custom interface descriptor
       (e.g. because of a non-standard return size or untagged arguments)
* TFS: the rest.

Automatically generate interface descriptors for TFS builtins to reduce
boilerplate involved in setting up stub calls. These are now as simple as
creating the TFS stub and using CSA::CallBuiltin, no extra work required.

BUG=v8:6116

Review-Url: https://codereview.chromium.org/2777203007
Cr-Commit-Position: refs/heads/master@{#44490}
      9ddfeafe
  3. 29 Mar, 2017 2 commits
    • Caitlin Potter's avatar
      [cleanup] combine 3 ResumeGenerator stubs into one · 5615e5b8
      Caitlin Potter authored 
      This hopefully shrinks binary size a bit, at the cost of (slightly)
increasing the complexity of the ResumeGenerator stub. Includes ia32,
x64, mips, mips64, arm and arm64 ports.

BUG=v8:5855
R=rmcilroy@chromium.org, paul.lind@imgtec.com, bmeurer@chromium.org, neis@chromium.org

Change-Id: I848ce08afd828091a11e03c89d5be065ff557ef3
Reviewed-on: https://chromium-review.googlesource.com/461303
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44244}
      5615e5b8
    • Caitlin Potter's avatar
      [async-iteration] implement AsyncGenerator · bf463c4d
      Caitlin Potter authored 
      - Introduce new struct AsyncGeneratorRequest, which holds
  information pertinent to resuming execution of an
  AsyncGenerator, such as the Promise associated with the async
  generator request. It is intended to be used as a singly
  linked list, and holds a pointer to the next item in te queue.

- Introduce JSAsyncGeneratorObject (subclass of
  JSGeneratorObject), which includes several new internal fields
  (`queue` which contains a singly linked list of
  AsyncGeneratorRequest objects, and `await_input` which
  contains the sent value from an Await expression (This is
  necessary to prevent function.sent (used by yield*) from
  having the sent value observably overwritten during
  execution).

- Modify SuspendGenerator to accept a set of Flags, which
  indicate whether the suspend is for a Yield or Await, and
  whether it takes place on an async generator or ES6
  generator.

- Introduce interpreter intrinsics and TF intrinsic lowering for
  accessing the await input of an async generator

- Modify the JSGeneratorStore operator to understand whether or
  not it's suspending for a normal yield, or an AsyncGenerator
  Await. This ensures appropriate registers are stored.

- Add versions of ResumeGeneratorTrampoline which store the
  input value in a different field depending on wether it's an
  AsyncGenerator Await resume, or an ordinary resume. Also modifies
  whether debug code will assert that the generator object is a
  JSGeneratorObject or a JSAsyncGeneratorObject depending on the
  resume type.

BUG=v8:5855
R=bmeurer@chromium.org, rmcilroy@chromium.org, jgruber@chromium.org,
littledan@chromium.org, neis@chromium.org
TBR=marja@chromium.org

Change-Id: I9d58df1d344465fc937fe7eed322424204497187
Reviewed-on: https://chromium-review.googlesource.com/446961
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
Reviewed-by: 's avatarHannes Payer <hpayer@chromium.org>
Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44240}
      bf463c4d
  5. 24 Mar, 2017 1 commit
    • Jochen Eisinger's avatar
      Revert "Remove ClassOf intrinsic from FCG and CS" · d0c2b8c4
      Jochen Eisinger authored 
      This reverts commit f20261bf.

Reason for revert: We need the GetMapConstructor instruction for CallApiCallbackStub

Original change's description:
> Remove ClassOf intrinsic from FCG and CS
> 
> I plan to change the constructor field of maps, and instead of patching
> the intrinsics all over the place, just fall back to the runtime.
> 
> R=​bmeurer@chromium.org
> BUG=v8:6084
> 
> Change-Id: Ie294b74ab615fd794d7fc47488e2e30e2b49b4db
> Reviewed-on: https://chromium-review.googlesource.com/454616
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Commit-Queue: Jochen Eisinger <jochen@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#43765}

TBR=jochen@chromium.org,bmeurer@chromium.org,adamk@chromium.org,hablich@chromium.org,v8-reviews@googlegroups.com,v8-mips-ports@googlegroups.com,v8-ppc-ports@googlegroups.com,v8-x87-ports@googlegroups.com
# Not skipping CQ checks because original CL landed > 1 day ago.
BUG=v8:6084

Change-Id: I06f60d409eccb4ad3abad14f5c9782bfe9122aea
Reviewed-on: https://chromium-review.googlesource.com/458379Reviewed-by: 's avatarJochen Eisinger <jochen@chromium.org>
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44106}
      d0c2b8c4
  7. 22 Mar, 2017 3 commits
  9. 17 Mar, 2017 1 commit
    • neis's avatar
      Disentangle assembler from isolate. · 94b088ca
      neis authored 
      This is a first step towards moving Turbofan code generation off the main thread.

Summary of the changes:
- AssemblerBase no longer has a pointer to the isolate. Instead, its
  constructor receives the few things that it needs from the isolate (on most
  architectures this is just the serializer_enabled flag).
- RelocInfo no longer has a pointer to the isolate. Instead, the functions
  that need it take it as an argument.  (There are currently still a few that
  implicitly access the isolate through a HeapObject.)
- The MacroAssembler now explicitly holds a pointer to the isolate (before, it
  used to get it from the Assembler).
- The jit_cookie also moved from AssemblerBase to the MacroAssemblers, since
  it's not used at all in the Assemblers.
- A few architectures implemented parts of the Assembler with the help
  of a Codepatcher that is based on MacroAssembler.  Since the Assembler no
  longer has the isolate, but the MacroAssembler still needs it, this doesn't
  work anymore.  Instead, these Assemblers now use a new PatchingAssembler.

BUG=v8:6048

Review-Url: https://codereview.chromium.org/2732273003
Cr-Commit-Position: refs/heads/master@{#43890}
      94b088ca
  11. 16 Mar, 2017 2 commits
  13. 15 Mar, 2017 2 commits
  15. 14 Mar, 2017 1 commit
  17. 07 Mar, 2017 3 commits
  19. 23 Feb, 2017 1 commit
  21. 22 Feb, 2017 1 commit
  23. 21 Feb, 2017 2 commits
  25. 14 Feb, 2017 2 commits
  27. 13 Feb, 2017 5 commits
  29. 09 Feb, 2017 3 commits
  31. 08 Feb, 2017 1 commit
    • Andreas Haas's avatar
      [x64] Consider both operands when emitting the REX prefix for testb. · 59bb1886
      Andreas Haas authored 
      The testb instruction requires the REX prefix when either of its
operands uses a register with the high bit set. The existing code only
considered the register operand. In the test case the REX prefix was not
emitted because the testb instruction had the register operand RAX which
does not have the high bit set. The REX prefix was necessary though
because the memory operand used R8, which has the high bit set.

R=bmeurer@chromium.org
BUG=chromium:688876

Change-Id: Ib214bebbe75965664f2aea530e29afa95a54f44f
Reviewed-on: https://chromium-review.googlesource.com/439145
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#43030}
      59bb1886
  33. 07 Feb, 2017 2 commits
  35. 06 Feb, 2017 1 commit
    • mvstanton's avatar
      [TypeFeedbackVector] Root feedback vectors at function literal site. · aea3ce3d
      mvstanton authored 
      TypeFeedbackVectors are strongly rooted by a closure. However, in modern
JavaScript closures are created and abandoned more freely. An important
closure may not be present in the root-set at time of garbage collection,
even though we've cached optimized code and use it regularly. For
example, consider leaf functions in an event dispatching system. They may
well be "hot," but tragically non-present when we collect the heap.

Until now, we've relied on a weak root to cache the feedback vector in
this case. Since there is no way to signal intent or relative importance,
this weak root is as susceptible to clearing as any other weak root at
garbage collection time.

Meanwhile, the feedback vector has become more important. All of our
ICs store their data there. Literal and regex boilerplates are stored there.
If we lose the vector, then we not only lose optimized code built from
it, we also lose the very feedback which allowed us to create that optimized
code. Therefore it's vital to express that dependency through the root
set.

This CL does this by creating a strong link to a feedback
vector at the instantiation site of the function closure.
This instantiation site is in the code and feedback vector
of the outer closure.

BUG=v8:5456

Review-Url: https://codereview.chromium.org/2674593003
Cr-Commit-Position: refs/heads/master@{#42953}
      aea3ce3d
  37. 04 Feb, 2017 1 commit
  39. 02 Feb, 2017 3 commits
  41. 31 Jan, 2017 1 commit
  43. 30 Jan, 2017 1 commit
    • mvstanton's avatar
      [TypeFeedbackVector] Combine the literals array and the feedback vector. · 93f05b64
      mvstanton authored 
      They have the same lifetime. It's a match!

Both structures are native context dependent and dealt with (creation,
clearing, gathering feedback) at the same time. By treating the spaces used
for literal boilerplates as feedback vector slots, we no longer have to keep
track of the materialized literal count elsewhere.

A follow-on CL removes even more parser infrastructure related to this count.

BUG=v8:5456

Review-Url: https://codereview.chromium.org/2655853010
Cr-Commit-Position: refs/heads/master@{#42771}
      93f05b64