1. 11 Jun, 2018 1 commit
  2. 23 May, 2018 1 commit
  3. 16 May, 2018 1 commit
  4. 15 May, 2018 1 commit
  5. 14 May, 2018 1 commit
  6. 08 May, 2018 1 commit
  7. 09 Apr, 2018 2 commits
  8. 06 Apr, 2018 3 commits
    • Igor Sheludko's avatar
      [ic] Don't use slow stub handler for fresh transitioning stores. · d1532a1a
      Igor Sheludko authored
      Given that we got a store transition handler for free (because it's just
      a transition map) there's no need to wait for a second "use" of that
      transition in order to install a normal store transition handler.
      
      Bug: v8:5988
      Change-Id: Iecdcfdd096a8efffdd0662f1b1d604943e57d85a
      Reviewed-on: https://chromium-review.googlesource.com/997553Reviewed-by: 's avatarCamillo Bruni <cbruni@chromium.org>
      Commit-Queue: Igor Sheludko <ishell@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52442}
      d1532a1a
    • Michael Achenbach's avatar
      Revert "[cleanup] Refactor the Factory" · 503e07c3
      Michael Achenbach authored
      This reverts commit f9a2e24b.
      
      Reason for revert: gc stress failures not all fixed by follow up.
      
      Original change's description:
      > [cleanup] Refactor the Factory
      > 
      > There is no good reason to have the meat of most objects' initialization
      > logic in heap.cc, all wrapped by the CALL_HEAP_FUNCTION macro. Instead,
      > this CL changes the protocol between Heap and Factory to be AllocateRaw,
      > and all object initialization work after (possibly retried) successful
      > raw allocation happens in the Factory.
      > 
      > This saves about 20KB of binary size on x64.
      > 
      > Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
      > Change-Id: Icbfdc4266d7be8b48d2fe085f03411743dc6a0ca
      > Reviewed-on: https://chromium-review.googlesource.com/959533
      > Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
      > Reviewed-by: Hannes Payer <hpayer@chromium.org>
      > Reviewed-by: Yang Guo <yangguo@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#52416}
      
      TBR=jkummerow@chromium.org,yangguo@chromium.org,mstarzinger@chromium.org,hpayer@chromium.org
      
      Change-Id: Idbbc53478742f3e9525eee83342afc6aedae122f
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
      Reviewed-on: https://chromium-review.googlesource.com/999414Reviewed-by: 's avatarMichael Achenbach <machenbach@chromium.org>
      Commit-Queue: Michael Achenbach <machenbach@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52420}
      503e07c3
    • Jakob Kummerow's avatar
      [cleanup] Refactor the Factory · f9a2e24b
      Jakob Kummerow authored
      There is no good reason to have the meat of most objects' initialization
      logic in heap.cc, all wrapped by the CALL_HEAP_FUNCTION macro. Instead,
      this CL changes the protocol between Heap and Factory to be AllocateRaw,
      and all object initialization work after (possibly retried) successful
      raw allocation happens in the Factory.
      
      This saves about 20KB of binary size on x64.
      
      Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
      Change-Id: Icbfdc4266d7be8b48d2fe085f03411743dc6a0ca
      Reviewed-on: https://chromium-review.googlesource.com/959533
      Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
      Reviewed-by: 's avatarHannes Payer <hpayer@chromium.org>
      Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52416}
      f9a2e24b
  9. 23 Mar, 2018 2 commits
  10. 21 Mar, 2018 3 commits
  11. 02 Mar, 2018 1 commit
  12. 02 Feb, 2018 1 commit
  13. 31 Jan, 2018 1 commit
  14. 13 Dec, 2017 1 commit
  15. 18 Nov, 2017 1 commit
  16. 07 Nov, 2017 1 commit
  17. 03 Nov, 2017 1 commit
    • Benedikt Meurer's avatar
      [turbofan] Generalized OOB support for KeyedLoadIC. · b7168573
      Benedikt Meurer authored
      This extends the support in TurboFan and the ICs for OOB loads to also
      apply to typed arrays and receivers whose prototype chain is protected
      by the "no elements" protector (aka the Array protector). TurboFan will
      generate code to materialize undefined instead when it sees a load that
      has the OOB bit set and add an appropriate code dependency on the global
      protector. For typed arrays it doesn't even need to check the global
      protector since elements are never looked up in the prototype chain
      for typed arrays.
      
      In the simple micro-benchmark from the bug we go from
      
        testInBounds: 103 ms.
        testOutOfBounds: 289 ms.
      
      to
      
        testInBounds: 103 ms.
        testOutOfBounds: 102 ms.
      
      which fixes the 3x slowdown and thus addresses the performance cliff. In
      general it's still beneficial to make sure that you don't access out of
      bounds, especially once we introduce a bounds check elimination pass to
      TurboFan.
      
      This also seems to improve the jQuery benchmark on the Speedometer test
      suite by like 1-2% on average. And the SixSpeed rest benchmarks go from
      
        rest-es5: 25 ms.
        rest-es6: 23 ms.
      
      to
      
        rest-es5: 6 ms.
        rest-es6: 4 ms.
      
      so a solid 5.7x improvement there.
      
      Bug: v8:6936, v8:7014, v8:7027
      Change-Id: Ie99699c69cc40057512e72fd40ae28107216c423
      Reviewed-on: https://chromium-review.googlesource.com/750089
      Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
      Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
      Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#49095}
      b7168573
  18. 31 Oct, 2017 1 commit
    • Benedikt Meurer's avatar
      [ic] Add OOB support to KeyedLoadIC. · 6dc35ab4
      Benedikt Meurer authored
      This adds support to the KeyedLoadIC to ignore out of bounds accesses
      for Strings and return undefined instead. We add a dedicated bit to the
      Smi handler to encode the OOB state and have TurboFan generate appropriate
      code for that case as well. This is mostly useful when programs
      accidentially access past the length of a string, which was observed and
      fixed for example in Babel recently, see
      
        https://github.com/babel/babel/pull/6589
      
      for details. The idea is to also extend this mechanism to Arrays and
      maybe other receivers, as reading beyond the length is also often used
      in jQuery and other popular libraries.
      
      Note that this is considered a mitigation for a performance cliff and
      not a general optimization of OOB accesses. These should still be
      avoided and handled properly instead.
      
      This seems to further improve the babel test on the web-tooling-benchmark
      by around 1%, because the OOB access no longer turns the otherwise
      MONOMORPHIC access into MEGAMORPHIC state.
      
      Bug: v8:6936, v8:7014
      Change-Id: I9df03304e056d7001a65da8e9621119f8e9bb55b
      Reviewed-on: https://chromium-review.googlesource.com/744022
      Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
      Reviewed-by: 's avatarCamillo Bruni <cbruni@chromium.org>
      Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
      Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#49049}
      6dc35ab4
  19. 26 Oct, 2017 1 commit
  20. 24 Oct, 2017 1 commit
  21. 19 Oct, 2017 1 commit
  22. 13 Oct, 2017 1 commit
  23. 12 Oct, 2017 1 commit
  24. 28 Sep, 2017 2 commits
  25. 13 Sep, 2017 2 commits
  26. 01 Sep, 2017 3 commits
  27. 30 Aug, 2017 1 commit
  28. 23 Aug, 2017 1 commit
  29. 18 Aug, 2017 1 commit
    • Jakob Kummerow's avatar
      Cache fewer StoreIC-Transition handlers · a3ef2489
      Jakob Kummerow authored
      Many handlers are not used again, so we can improve the cache hit rate
      by caching fewer handlers. Specifically, in this CL, when a StoreIC
      miss causes a new map transition to be created, then the handler is not
      cached right away yet (it will be cached next time, when the transition
      exists already).
      
      Also, fix an embarrassing bug where growing a TransitionArray dropped
      cached handlers. That further improves the cache hit rate. ;-)
      
      Bug: chromium:752867, chromium:753819
      Change-Id: Id8db5ca1e780a5fe8fc61db7f20996e61c65a90e
      Reviewed-on: https://chromium-review.googlesource.com/619851Reviewed-by: 's avatarCamillo Bruni <cbruni@chromium.org>
      Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#47433}
      a3ef2489
  30. 11 Aug, 2017 1 commit