1. 17 Jul, 2018 3 commits
  2. 06 Jul, 2018 2 commits
    • Georg Neis's avatar
      Move CompilationDependencies into compiler. · cf87e94c
      Georg Neis authored
      - Move the CompilationDependencies member of OptimizedCompilationInfo
        to Turbofan's PipelineData (and thus into the compiler namespace).
      - Move compilation-dependencies.{cc,h} to the compiler directory.
      
      Bug: v8:7902
      Change-Id: I5471d0923daf83abe975357325db5bc5ad0a8571
      Reviewed-on: https://chromium-review.googlesource.com/1127793
      Commit-Queue: Georg Neis <neis@chromium.org>
      Reviewed-by: 's avatarMichael Starzinger <mstarzinger@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#54295}
      cf87e94c
    • Georg Neis's avatar
      Reland^2 "[turbofan] Rewrite CompilationDependencies" · a1cb1eb9
      Georg Neis authored
      This is a reland of 4b9b9b68, which
      accidentally disabled optimization after dependency changes (instead
      of retrying).
      
      TBR=jarin@chromium.org
      TBR=mstarzinger@chromium.org
      
      Original change's description:
      > Reland "[turbofan] Rewrite CompilationDependencies"
      >
      > This is a reland of 52a10e50, after
      > eliminating an invalid assumption about maps.
      >
      > TBR=jarin@chromium.org
      > TBR=mstarzinger@chromium.org
      >
      > Original change's description:
      > > [turbofan] Rewrite CompilationDependencies
      > >
      > > Instead of installing code dependencies during graph reduction,
      > > install them after code generation.
      > >
      > > Bug: v8:7902, v8:7790
      > > Change-Id: I8a3798254abb5b9ec7c295a1592aeb6b51f24c7a
      > > Reviewed-on: https://chromium-review.googlesource.com/1119913
      > > Commit-Queue: Georg Neis <neis@chromium.org>
      > > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
      > > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
      > > Cr-Commit-Position: refs/heads/master@{#54170}
      >
      > Bug: v8:7902, v8:7790
      > Change-Id: I9cbaf98980379b9b17464af5952ec0c47e1cdc6f
      > Reviewed-on: https://chromium-review.googlesource.com/1126999
      > Reviewed-by: Georg Neis <neis@chromium.org>
      > Commit-Queue: Georg Neis <neis@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#54254}
      
      Bug: v8:7902, v8:7790
      Change-Id: I2b7a7d186e03990350e375470569177e3309683c
      Reviewed-on: https://chromium-review.googlesource.com/1127579
      Commit-Queue: Georg Neis <neis@chromium.org>
      Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#54280}
      a1cb1eb9
  3. 05 Jul, 2018 2 commits
    • Georg Neis's avatar
      Revert "Reland "[turbofan] Rewrite CompilationDependencies"" · 9d8d074d
      Georg Neis authored
      This reverts commit 4b9b9b68.
      
      Reason for revert: Regresses Octane.
      
      Original change's description:
      > Reland "[turbofan] Rewrite CompilationDependencies"
      > 
      > This is a reland of 52a10e50, after
      > eliminating an invalid assumption about maps.
      > 
      > TBR=jarin@chromium.org
      > TBR=mstarzinger@chromium.org
      > 
      > Original change's description:
      > > [turbofan] Rewrite CompilationDependencies
      > >
      > > Instead of installing code dependencies during graph reduction,
      > > install them after code generation.
      > >
      > > Bug: v8:7902, v8:7790
      > > Change-Id: I8a3798254abb5b9ec7c295a1592aeb6b51f24c7a
      > > Reviewed-on: https://chromium-review.googlesource.com/1119913
      > > Commit-Queue: Georg Neis <neis@chromium.org>
      > > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
      > > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
      > > Cr-Commit-Position: refs/heads/master@{#54170}
      > 
      > Bug: v8:7902, v8:7790
      > Change-Id: I9cbaf98980379b9b17464af5952ec0c47e1cdc6f
      > Reviewed-on: https://chromium-review.googlesource.com/1126999
      > Reviewed-by: Georg Neis <neis@chromium.org>
      > Commit-Queue: Georg Neis <neis@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#54254}
      
      TBR=mstarzinger@chromium.org,jarin@chromium.org,neis@chromium.org
      
      Change-Id: Iece193046c48ee96ab7952d2b3bd7ad05f39b190
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: v8:7902, v8:7790
      Reviewed-on: https://chromium-review.googlesource.com/1127119Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
      Commit-Queue: Georg Neis <neis@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#54260}
      9d8d074d
    • Georg Neis's avatar
      Reland "[turbofan] Rewrite CompilationDependencies" · 4b9b9b68
      Georg Neis authored
      This is a reland of 52a10e50, after
      eliminating an invalid assumption about maps.
      
      TBR=jarin@chromium.org
      TBR=mstarzinger@chromium.org
      
      Original change's description:
      > [turbofan] Rewrite CompilationDependencies
      >
      > Instead of installing code dependencies during graph reduction,
      > install them after code generation.
      >
      > Bug: v8:7902, v8:7790
      > Change-Id: I8a3798254abb5b9ec7c295a1592aeb6b51f24c7a
      > Reviewed-on: https://chromium-review.googlesource.com/1119913
      > Commit-Queue: Georg Neis <neis@chromium.org>
      > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
      > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#54170}
      
      Bug: v8:7902, v8:7790
      Change-Id: I9cbaf98980379b9b17464af5952ec0c47e1cdc6f
      Reviewed-on: https://chromium-review.googlesource.com/1126999Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
      Commit-Queue: Georg Neis <neis@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#54254}
      4b9b9b68
  4. 04 Jul, 2018 1 commit
    • Yang Guo's avatar
      Revert "[turbofan] Rewrite CompilationDependencies" · b1cf1e1e
      Yang Guo authored
      This reverts commit 52a10e50.
      
      Reason for revert: https://test-results.appspot.com/data/layout_results/V8-Blink_Linux_64__dbg_/12434/layout-test-results/results.html
      
      Crash e.g. in http/tests/devtools/oopif/oopif-performance-cpu-profiles.js
      
      crash log for devtools (pid <unknown>):
      STDOUT: <empty>
      STDERR: 
      STDERR: 
      STDERR: #
      STDERR: # Fatal error in ../../v8/src/compilation-dependencies.cc, line 281
      STDERR: # Debug check failed: descriptor == owner->LastAdded() (10 vs. 22).
      STDERR: #
      STDERR: #
      STDERR: #
      STDERR: #FailureMessage Object: 0x7fff86878630#0 0x0000031c642c base::debug::StackTrace::StackTrace()
      STDERR: #1 0x0000046a56bb gin::(anonymous namespace)::PrintStackTrace()
      STDERR: #2 0x00000469c528 V8_Fatal()
      STDERR: #3 0x00000469c285 v8::base::(anonymous namespace)::DefaultDcheckHandler()
      STDERR: #4 0x000001cc5253 v8::internal::CompilationDependencies::DependOnFieldType()
      STDERR: #5 0x000001cdcc46 v8::internal::compiler::AccessInfoFactory::ComputePropertyAccessInfo()
      STDERR: #6 0x000001cde661 v8::internal::compiler::AccessInfoFactory::ComputePropertyAccessInfos()
      STDERR: #7 0x000001dd982b v8::internal::compiler::JSNativeContextSpecialization::ReduceNamedAccess()
      STDERR: #8 0x000001ddb715 v8::internal::compiler::JSNativeContextSpecialization::ReduceNamedAccessFromNexus()
      STDERR: #9 0x000001dd656d v8::internal::compiler::JSNativeContextSpecialization::ReduceJSLoadNamed()
      STDERR: #10 0x000001d53872 v8::internal::compiler::GraphReducer::Reduce()
      STDERR: #11 0x000001d534a5 v8::internal::compiler::GraphReducer::ReduceTop()
      STDERR: #12 0x000001d52e58 v8::internal::compiler::GraphReducer::ReduceNode()
      STDERR: #13 0x000001e4c201 v8::internal::compiler::InliningPhase::Run()
      STDERR: #14 0x000001e44f79 v8::internal::compiler::PipelineImpl::Run<>()
      STDERR: #15 0x000001e41058 v8::internal::compiler::PipelineImpl::CreateGraph()
      STDERR: #16 0x000001e40c75 v8::internal::compiler::PipelineCompilationJob::PrepareJobImpl()
      STDERR: #17 0x000001ccd437 v8::internal::OptimizedCompilationJob::PrepareJob()
      STDERR: #18 0x000001cd071e v8::internal::(anonymous namespace)::GetOptimizedCode()
      STDERR: #19 0x000001cd0c6f v8::internal::Compiler::CompileOptimized()
      STDERR: #20 0x00000231fb62 v8::internal::__RT_impl_Runtime_CompileOptimized_Concurrent()
      STDERR: #21 0x00000288e535 <unknown>
      
      Original change's description:
      > [turbofan] Rewrite CompilationDependencies
      > 
      > Instead of installing code dependencies during graph reduction,
      > install them after code generation.
      > 
      > Bug: v8:7902, v8:7790
      > Change-Id: I8a3798254abb5b9ec7c295a1592aeb6b51f24c7a
      > Reviewed-on: https://chromium-review.googlesource.com/1119913
      > Commit-Queue: Georg Neis <neis@chromium.org>
      > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
      > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#54170}
      
      TBR=mstarzinger@chromium.org,jarin@chromium.org,neis@chromium.org
      
      Change-Id: Ic58c2bfadbd34bb6ba7dc0d2b74871cc90b0a74f
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: v8:7902, v8:7790
      Reviewed-on: https://chromium-review.googlesource.com/1125680Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
      Commit-Queue: Yang Guo <yangguo@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#54192}
      b1cf1e1e
  5. 03 Jul, 2018 1 commit
  6. 27 Jun, 2018 1 commit
  7. 26 Jun, 2018 1 commit
  8. 25 Jun, 2018 1 commit
  9. 23 Jun, 2018 1 commit
  10. 22 Jun, 2018 1 commit
  11. 21 Jun, 2018 2 commits
  12. 20 Jun, 2018 2 commits
  13. 19 Jun, 2018 1 commit
  14. 18 Jun, 2018 1 commit
    • Clemens Hammacher's avatar
      Make CallInterfaceDescriptor isolate-independent · 3cb376dc
      Clemens Hammacher authored
      Currently each isolate stores its own array of
      {CallInterfaceDescriptorData}. This array has size 173, and each entry
      has 40 bytes. That's already 7kB per isolate.
      Additionally, each {CallInterfaceDescriptorData} allocates two
      heap-allocated arrays, which probably add up to more than the static
      size of the {CallInterfaceDescriptorData}. Note that all the
      {CallInterfaceDescriptorData} instances are initialized eagerly on
      isolate creation.
      
      Since {CallInterfaceDescriptor} is totally isolate independent itself,
      this CL refactors the current design to avoid a copy of them per
      isolate, and instead shares them process-wide. Still, we need to free
      the allocated heap arrays when the last isolate dies to avoid leaks.
      This can probably be refactored later by statically initializing more
      and avoiding the heap allocations all together.
      
      This refactoring will also allow us to use {CallInterfaceDescriptor}s
      from wasm background compilation threads, which are not bound to any
      isolate.
      
      R=mstarzinger@chromium.org, titzer@chromium.org
      
      Bug: v8:6600
      Change-Id: If8625b89951eec8fa8986b49a5c166e874a72494
      Reviewed-on: https://chromium-review.googlesource.com/1100879
      Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
      Reviewed-by: 's avatarMichael Starzinger <mstarzinger@chromium.org>
      Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#53803}
      3cb376dc
  15. 15 Jun, 2018 1 commit
  16. 07 Jun, 2018 1 commit
  17. 29 May, 2018 1 commit
  18. 25 May, 2018 2 commits
  19. 08 May, 2018 1 commit
  20. 30 Apr, 2018 1 commit
    • Jaroslav Sevcik's avatar
      Replace array index masking with the poisoning approach. · f53dfd93
      Jaroslav Sevcik authored
      The idea is to mark all the branches and loads participating in array
      bounds checks, and let them contribute-to/use the poisoning register.
      In the code, the marks for array indexing operations now contain
      "Critical" in their name. By default (--untrusted-code-mitigations),
      we only instrument the "critical" operations with poisoning.
      
      With that in place, we also remove the array masking approach based
      on arithmetic.
      
      Since we do not propagate the poison through function calls,
      we introduce a node for poisoning an index that is passed through
      function call - the typical example is the bounds-checked index
      that is passed to the CharCodeAt builtin.
      
      Most of the code in this CL is threads through the three levels of
      protection (safe, critical, unsafe) for loads, branches and flags.
      
      Bug: chromium:798964
      
      Change-Id: Ief68e2329528277b3ba9156115b2a6dcc540d52b
      Reviewed-on: https://chromium-review.googlesource.com/995413
      Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
      Reviewed-by: 's avatarMichael Starzinger <mstarzinger@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52883}
      f53dfd93
  21. 28 Apr, 2018 1 commit
  22. 27 Apr, 2018 1 commit
  23. 25 Apr, 2018 1 commit
    • Andreas Haas's avatar
      Reland: [refactoring] Remove the isolate from signatures of ExternalReferences · 2a3c2c73
      Andreas Haas authored
      I missed one required change which was hidden behind an #if. The fix is in
      the diff between Patch 1 and Patch 3.
      
      Original message:
      In this CL I remove the isolate from signatures of ExternalReference
      accessor functions where the isolate is not used. The uses of the
      isolate were already removed in previous CLs.
      
      Changes:
      * I split the ExternalReference list in external-reference.h into
      those which need the isolate for initialization and those which do not.
      
      * I removed the public constructors and replaced them by
        ExternalReference::Create(). The reason is to separate external
        creation more clearly from internal creation, because externally
        created ExternalReferences sometimes need redirection, whereas
        internally created ExternalReferences are just stored as they are.
        In addition, by removing the isolate from the signature of the
        public constructors, they suddenly exactly matched the interal
        constructor.
      
      * Replace all uses of the public constructors with
        ExternalReference::Create().
      
      * Remove the isolate from all call sites where necessary.
      
      
      This is a step towards making WebAssembly compilation independent of
      the isolate.
      
      R=mstarzinger@chromium.org
      
      Bug: v8:7570
      Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
      Change-Id: I750c162f5d58ed32e866722b0db920f8b9bd8057
      Reviewed-on: https://chromium-review.googlesource.com/1026673Reviewed-by: 's avatarMichael Starzinger <mstarzinger@chromium.org>
      Commit-Queue: Andreas Haas <ahaas@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52777}
      2a3c2c73
  24. 24 Apr, 2018 2 commits
    • Andreas Haas's avatar
      Revert "[refactoring] Remove the isolate from signatures of ExternalReferences" · 7bfed2ad
      Andreas Haas authored
      This reverts commit 44ea425a.
      
      Reason for revert: https://ci.chromium.org/buildbot/client.v8.ports/V8%20Arm%20-%20debug%20builder/13575
      
      Original change's description:
      > [refactoring] Remove the isolate from signatures of ExternalReferences
      > 
      > In this CL I remove the isolate from signatures of ExternalReference
      > accessor functions where the isolate is not used. The uses of the
      > isolate were already removed in previous CLs.
      > 
      > Changes:
      > * I split the ExternalReference list in external-reference.h into
      > those which need the isolate for initialization and those which do not.
      > 
      > * I removed the public constructors and replaced them by
      >   ExternalReference::Create(). The reason is to separate external
      >   creation more clearly from internal creation, because externally
      >   created ExternalReferences sometimes need redirection, whereas
      >   internally created ExternalReferences are just stored as they are.
      >   In addition, by removing the isolate from the signature of the
      >   public constructors, they suddenly exactly matched the interal
      >   constructor.
      > 
      > * Replace all uses of the public constructors with
      >   ExternalReference::Create().
      > 
      > * Remove the isolate from all call sites where necessary.
      > 
      > 
      > This is a step towards making WebAssembly compilation independent of
      > the isolate.
      > 
      > Bug: v8:7570
      > R=​mstarzinger@chromium.org
      > 
      > Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
      > Change-Id: I14f511fc6acc50ab2d6a6641299f5ddbeabef0da
      > Reviewed-on: https://chromium-review.googlesource.com/1018982
      > Commit-Queue: Andreas Haas <ahaas@chromium.org>
      > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#52768}
      
      TBR=mstarzinger@chromium.org,ahaas@chromium.org
      
      Change-Id: I7c0d8d420f815cede23d550dee8942ac4d7791cc
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: v8:7570
      Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
      Reviewed-on: https://chromium-review.googlesource.com/1026570Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
      Commit-Queue: Andreas Haas <ahaas@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52769}
      7bfed2ad
    • Andreas Haas's avatar
      [refactoring] Remove the isolate from signatures of ExternalReferences · 44ea425a
      Andreas Haas authored
      In this CL I remove the isolate from signatures of ExternalReference
      accessor functions where the isolate is not used. The uses of the
      isolate were already removed in previous CLs.
      
      Changes:
      * I split the ExternalReference list in external-reference.h into
      those which need the isolate for initialization and those which do not.
      
      * I removed the public constructors and replaced them by
        ExternalReference::Create(). The reason is to separate external
        creation more clearly from internal creation, because externally
        created ExternalReferences sometimes need redirection, whereas
        internally created ExternalReferences are just stored as they are.
        In addition, by removing the isolate from the signature of the
        public constructors, they suddenly exactly matched the interal
        constructor.
      
      * Replace all uses of the public constructors with
        ExternalReference::Create().
      
      * Remove the isolate from all call sites where necessary.
      
      
      This is a step towards making WebAssembly compilation independent of
      the isolate.
      
      Bug: v8:7570
      R=mstarzinger@chromium.org
      
      Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
      Change-Id: I14f511fc6acc50ab2d6a6641299f5ddbeabef0da
      Reviewed-on: https://chromium-review.googlesource.com/1018982
      Commit-Queue: Andreas Haas <ahaas@chromium.org>
      Reviewed-by: 's avatarMichael Starzinger <mstarzinger@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52768}
      44ea425a
  25. 23 Mar, 2018 1 commit
  26. 19 Mar, 2018 2 commits
  27. 16 Mar, 2018 1 commit
  28. 14 Mar, 2018 2 commits
    • Benedikt Meurer's avatar
      [turbofan] Fix inconsistent treatment of SpeculativeToNumber. · c54d93d6
      Benedikt Meurer authored
      This is a partial revert of e583fc83.
      The reasoning here is that the treatment of SpeculativeToNumber[hint]
      was not consistent (which led to the original bug that caused the
      performance regression): The semantics of the operator is that it turns
      its input into a number, and might bailout if the input is too complex
      to accomplish that within optimized code. It can use the hint to handle
      even fewer cases without the risk of a deoptimization loop. However it
      cannot rely on the hint influencing the output, especially not before
      SimplifiedLowering ran. The code for the OOB element access however
      relied on the hint being enforced, which caused the original bug.
      
      This CL repairs that and instead uses CheckSmi for the OOB element
      access guard.
      
      Also-By: tebbi@chromium.org
      Bug: chromium:819298, chromium:820729
      Change-Id: I9b2170ccf9b5561d698c0108e93e538cac1e708c
      Reviewed-on: https://chromium-review.googlesource.com/961066Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
      Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#51924}
      c54d93d6
    • Benedikt Meurer's avatar
      [turbofan] Optimize typed array accesses for Node.js. · 39933b4a
      Benedikt Meurer authored
      In case of Node.js (and Electron) we are guaranteed to always have only
      off-heap typed arrays, indicated by V8_TYPED_ARRAY_MAX_SIZE_IN_HEAP
      being 0. So we can leverage this fact in TurboFan to generate more
      efficient code, avoiding the offset computation.
      
      Bug: v8:7253
      Change-Id: I97db0dfec21c594ff8be0f1d405e828c7ae38c33
      Reviewed-on: https://chromium-review.googlesource.com/962243Reviewed-by: 's avatarPeter Marshall <petermarshall@chromium.org>
      Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#51921}
      39933b4a
  29. 12 Mar, 2018 1 commit
  30. 09 Mar, 2018 1 commit