- 01 Sep, 2015 8 commits
-
-
ishell authored
This CL introduces HPrologue instruction which does the context allocation work and supports deoptimization. Review URL: https://codereview.chromium.org/1317383002 Cr-Commit-Position: refs/heads/master@{#30496}
-
fedor authored
Remove intersection from the `std::map`s representing current live ArrayBuffers. While being simpler to understand, it poses significant performance issue for the active ArrayBuffer users (like node.js). Store buffers separately, and process them together during mark-sweep phase. The results of benchmarks are: $ ./node-slow bench && ./node-fast bench 4997.4 ns/op 4685.7 ns/op NOTE: `fast` - was a patched node.js, `slow` - unpatched node.js with vanilla v8. BUG= Review URL: https://codereview.chromium.org/1316873004 Cr-Commit-Position: refs/heads/master@{#30495}
-
machenbach authored
TBR=hablich@chromium.org NOTRY=true Review URL: https://codereview.chromium.org/1307123003 Cr-Commit-Position: refs/heads/master@{#30494}
-
pcc authored
Fixes an invalid cast of an Operator1<StorePropertyParameters> object to Operator1<LanguageMode> by reading the language mode from StorePropertyParameters. This code happened to work before because StorePropertyParameters's first field has type LanguageMode. Cleanup for cfi_vptr=1; see https://www.chromium.org/developers/testing/control-flow-integrity BUG=chromium:457523 R=bmeurer@chromium.org LOG=N Review URL: https://codereview.chromium.org/1311393008 Cr-Commit-Position: refs/heads/master@{#30493}
-
mtrofin authored
We completely un-wired the greedy allocator to focus on the stackchecks in loops (splintering) work. This change re-wires greedy, still behind its flag. For now, enabling the greedy allocator disables the stackchecks in loops feature (and range splintering), so that we are at the baseline we left it at. The main contribution in this change is adapting the codebase after the live range model refactoring, whereby RegisterAllocationData's live_ranges() contains just top-level ranges, and children are accessed via their parents. BUG= Review URL: https://codereview.chromium.org/1320363002 Cr-Commit-Position: refs/heads/master@{#30492}
-
pcc authored
We were previously reading a language mode from all comparison nodes in JSGenericLowering::ReplaceWithCompareIC. This read was invalid for {,Strict}{,Not}Equal nodes, as these nodes do not have a language mode, as they derive from Operator rather than from Operator1<LanguageMode>. Because these nodes are not language mode dependent, we arbitrarily pass Strength::WEAK to CodeFactory::CompareIC. Cleanup for cfi_vptr=1; see https://www.chromium.org/developers/testing/control-flow-integrity BUG=chromium:457523 R=bmeurer@chromium.org LOG=N Review URL: https://codereview.chromium.org/1319463003 Cr-Commit-Position: refs/heads/master@{#30491}
-
alph authored
Revert of Fix CPU profiler deadlock on Windows + AMD CPU. (patchset #1 id:1 of https://codereview.chromium.org/1304873011/ ) Reason for revert: Broke a test Original issue's description: > Fix CPU profiler deadlock on Windows + AMD CPU. > > Implement a lock free version of RolloverProtectedTickClock::Now > to eliminate a deadlock. > > BUG=chromium:521420 > LOG=Y > > Committed: https://crrev.com/d6db8e5902af1f067f0f149844f4e92824ee93f3 > Cr-Commit-Position: refs/heads/master@{#30489} TBR=yurys@chromium.org,caseq@chromium.org,bmeurer@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=chromium:521420 Review URL: https://codereview.chromium.org/1303423006 Cr-Commit-Position: refs/heads/master@{#30490}
-
alph authored
Implement a lock free version of RolloverProtectedTickClock::Now to eliminate a deadlock. BUG=chromium:521420 LOG=Y Review URL: https://codereview.chromium.org/1304873011 Cr-Commit-Position: refs/heads/master@{#30489}
-
- 31 Aug, 2015 32 commits
-
-
yurys authored
The interrupts are already postponed in message handlers [1]. This CL aligns debug event listener (the mechanism that is actually used in Chrome DevTools) implementation with that. Handling interrupts on events like v8::AfterCompile leads to crashes like the one in the lined bug. This happens because in the interrupt handler we may change debugger state. [1] https://codereview.chromium.org/309533009/diff/40001/src/debug.cc BUG=chromium:520702 LOG=Y Review URL: https://codereview.chromium.org/1321263002 Cr-Commit-Position: refs/heads/master@{#30488}
-
Michael Lippautz authored
TBR=mstarzinger@chromium.org BUG=chromium:526244 LOG=N Review URL: https://codereview.chromium.org/1329493002 . Cr-Commit-Position: refs/heads/master@{#30487}
-
littledan authored
This is a change for ES2015. Date objects have mutable state, so having a mutable prototype is bad for SES requirements, and it is an inconsistency from the typical ES2015 class style of objects BUG=v8:4004 LOG=Y R=adamk Review URL: https://codereview.chromium.org/1317403002 Cr-Commit-Position: refs/heads/master@{#30486}
-
akos.palfi authored
Port fbad6366 Original commit message: The call protocol requires that the register dedicated to the number of actual arguments (i.e. rax on x64) always contains the actual arguments. That means after adapting arguments it should match the number of expected arguments. But currently we pass some semi-random value (usually some stack address) after adapting arguments. It looks like this is currently not observable anywhere, because our builtins and functions either don't look at the number of arguments and just make hard coded (unchecked) assumptions, or are marked as "don't adapt arguments", which bypasses the broken code in the trampoline for arguments adaption. Nevertheless this should be fixed. BUG= Review URL: https://codereview.chromium.org/1322953002 Cr-Commit-Position: refs/heads/master@{#30485}
-
bradnelson authored
Assume a zone is in scope instead of a handles object. Move INT32_TYPE into test-typing-reset. Provide a CHECK_SKIP() macro to allow skipping sections of an ast expression walk. BUG= https://code.google.com/p/v8/issues/detail?id=4203 TEST=test-typing-reset, test-ast-expression-visitor R=rossberg@chromium.org,titzer@chromium.org LOG=N Review URL: https://codereview.chromium.org/1319983004 Cr-Commit-Position: refs/heads/master@{#30484}
-
adamk authored
R=machenbach@chromium.org Review URL: https://codereview.chromium.org/1298973007 Cr-Commit-Position: refs/heads/master@{#30483}
-
bradnelson authored
Unbounded is defined in terms of None any Any, which don't require an explicit zone. Switching Unbounded to be the same. BUG= None TEST= trybots R= titzer@chromium.org LOG=N Review URL: https://codereview.chromium.org/1322003002 Cr-Commit-Position: refs/heads/master@{#30482}
-
bradnelson authored
Since we convert +x to x*1, we loose information about whether the 1 was intended to be a floating point value for asm.js or not. Mark the generated 1 as containing a dot (i.e. 1.0). BUG= https://code.google.com/p/v8/issues/detail?id=4203 TEST=test-parser R=rossberg@chromium.org,titzer@chromium.org LOG=N Review URL: https://codereview.chromium.org/1306683003 Cr-Commit-Position: refs/heads/master@{#30481}
-
mbrandy authored
Port fbad6366 Original commit message: The call protocol requires that the register dedicated to the number of actual arguments (i.e. rax on x64) always contains the actual arguments. That means after adapting arguments it should match the number of expected arguments. But currently we pass some semi-random value (usually some stack address) after adapting arguments. It looks like this is currently not observable anywhere, because our builtins and functions either don't look at the number of arguments and just make hard coded (unchecked) assumptions, or are marked as "don't adapt arguments", which bypasses the broken code in the trampoline for arguments adaption. Nevertheless this should be fixed. R=bmeurer@chromium.org, jyan@ca.ibm.com, dstence@us.ibm.com, joransiu@ca.ibm.com BUG= Review URL: https://codereview.chromium.org/1306953005 Cr-Commit-Position: refs/heads/master@{#30480}
-
paul.lind authored
BUG= Review URL: https://codereview.chromium.org/1323663003 Cr-Commit-Position: refs/heads/master@{#30479}
-
mlippautz authored
R=mstarzinger@chromium.org BUG=chromium:526244 LOG=N Review URL: https://codereview.chromium.org/1325643002 Cr-Commit-Position: refs/heads/master@{#30478}
-
cbruni authored
Moving FastElements path to ElementsAccessor. BUG= Review URL: https://codereview.chromium.org/1325483002 Cr-Commit-Position: refs/heads/master@{#30477}
-
mstarzinger authored
This CL us a pure refactoring that makes an empty compilation unit including just "frames.h" but not "handles-inl.h" compile without warnings or errors. This is needed to further reduce the header dependency tangle. R=ishell@chromium.org Review URL: https://codereview.chromium.org/1319423003 Cr-Commit-Position: refs/heads/master@{#30476}
-
mtrofin authored
Unit tests for split/splinter/merge. BUG= Review URL: https://codereview.chromium.org/1315113003 Cr-Commit-Position: refs/heads/master@{#30475}
-
bmeurer authored
R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/1310163004 Cr-Commit-Position: refs/heads/master@{#30474}
-
bmeurer authored
This way we don't need to expose JSReceiver::OrdinaryToPrimitive as runtime function, and we don't need the separate JS trampoline. This also adds tests for ToPrimitive on date objects, which are special. R=mstarzinger@chromium.org BUG=v8:4307 LOG=n Review URL: https://codereview.chromium.org/1324713002 Cr-Commit-Position: refs/heads/master@{#30473}
-
v8-autoroll authored
Rolling v8/tools/clang to 64370e74764d1fa9f50151d0e6025b0399370100 TBR=machenbach@chromium.org Review URL: https://codereview.chromium.org/1320293002 Cr-Commit-Position: refs/heads/master@{#30472}
-
cbruni authored
- Move fast paths from builtins.cc ArraySlice to ElementsAccessor - Handle more argument types in the fast path BUG= Review URL: https://codereview.chromium.org/1321773002 Cr-Commit-Position: refs/heads/master@{#30471}
-
machenbach authored
Revert of [simd.js] Disable SIMD polyfill. (patchset #2 id:20001 of https://codereview.chromium.org/1305923005/ ) Reason for revert: Breaks simdjs performance tests. See: https://paste.googleplex.com/5883927122149376 Original issue's description: > [simd.js] Disable SIMD polyfill. > > Disable the polyfill in simd.js tests as the functions for Phase 1 have been implemented. > > BUG=v8:4124 > LOG=N > > R=bbudge@chromium.org, bmeurer@chromium.org, littledan@chromium.org > > Committed: https://crrev.com/749ba3a13558cb018a2ec783e5dfb56d2f8528d8 > Cr-Commit-Position: refs/heads/master@{#30452} TBR=littledan@chromium.org,bmeurer@chromium.org,bradnelson@chromium.org,bbudge@chromium.org,gdeepti@google.com NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:4124 Review URL: https://codereview.chromium.org/1308003003 Cr-Commit-Position: refs/heads/master@{#30470}
-
machenbach authored
BUG= Review URL: https://codereview.chromium.org/1313213007 Cr-Commit-Position: refs/heads/master@{#30469}
-
mstarzinger authored
The default equality comparison operators and hashing functions for Handles are ambiguous. The intended semantics might have either been based on Handle locations or on object identity. This is why such operators do not exist on Handle. The same argument applies to the MaybeHandle class as well. Comments in that regard were also added. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/1319383002 Cr-Commit-Position: refs/heads/master@{#30468}
-
bmeurer authored
The call protocol requires that the register dedicated to the number of actual arguments (i.e. rax on x64) always contains the actual arguments. That means after adapting arguments it should match the number of expected arguments. But currently we pass some semi-random value (usually some stack address) after adapting arguments. It looks like this is currently not observable anywhere, because our builtins and functions either don't look at the number of arguments and just make hard coded (unchecked) assumptions, or are marked as "don't adapt arguments", which bypasses the broken code in the trampoline for arguments adaption. Nevertheless this should be fixed. R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/1306423003 Cr-Commit-Position: refs/heads/master@{#30467}
-
machenbach authored
TBR=hablich@chromium.org NOTRY=true Review URL: https://codereview.chromium.org/1321063004 Cr-Commit-Position: refs/heads/master@{#30466}
-
mtrofin authored
Found this while working on the unit tests for split/splinter/merge. The dependency is unnecessary and hinders testability. BUG= Review URL: https://codereview.chromium.org/1325453005 Cr-Commit-Position: refs/heads/master@{#30465}
-
mstarzinger authored
The constructor taking an artificial raw address was only used as a workaround in TurboFan. It should only be accessible by constructor functions internal to Unique<T>. R=titzer@chromium.org Review URL: https://codereview.chromium.org/1326493002 Cr-Commit-Position: refs/heads/master@{#30464}
-
hablich authored
Revert of [heap] More flag cleanup. (patchset #8 id:140001 of https://codereview.chromium.org/1314863003/ ) Reason for revert: Breaks http://build.chromium.org/p/client.v8/builders/V8%20Arm%20-%20debug%20-%202/builds/2372 Original issue's description: > [heap] GC flag cleanup/restructuring. > > * GC's flags are now proper flags and not int. > * Callback flags are not threaded through but only set once like gc flags > * Callers of methods that trigger GCs need to pass a reason when not using > the default parameters. > > Furthermore, each GC invocation can be passed the GC and GCCallback flags. We > usually override the currently set flags upon finishing a GC cylce, but are able > to restore the previously set if desired. This is useful for explicitely > triggered scavenges or external requests that interrupt the current behaviour. > > BUG= > > Committed: https://crrev.com/f4f3b431b9ce0778d926acf03c0d36dae5c0cba4 > Cr-Commit-Position: refs/heads/master@{#30457} TBR=hpayer@chromium.org,yangguo@chromium.org,mlippautz@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG= Review URL: https://codereview.chromium.org/1303393004 Cr-Commit-Position: refs/heads/master@{#30463}
-
machenbach authored
Revert of Native context: install array methods via runtime import. (patchset #1 id:1 of https://codereview.chromium.org/1324483002/ ) Reason for revert: This breaks builds without i18n support. Bisected locally. See builder: http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20noi18n%20-%20debug/builds/4285 http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20noi18n%20-%20debug/builds/4285/steps/Check/logs/Threading1 # Fatal error in .././src/objects-inl.h, line 1381 # Check failed: READ_FIELD(this, offset)->IsSmi(). Original issue's description: > Native context: install array methods via runtime import. > > R=cbruni@chromium.org > > Committed: https://crrev.com/08ee2132a818a0178038afa521ca06c297195cc9 > Cr-Commit-Position: refs/heads/master@{#30446} TBR=cbruni@chromium.org,yangguo@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Review URL: https://codereview.chromium.org/1314193003 Cr-Commit-Position: refs/heads/master@{#30462}
-
mtrofin authored
I plan to reuse this for live range splitting/splintering/merging tests. BUG= Review URL: https://codereview.chromium.org/1305313008 Cr-Commit-Position: refs/heads/master@{#30461}
-
chunyang.dai authored
port 09de997b (r30442). original commit message: This adds a new ToString runtime function and a fast-path ToStringStub (which is just a simple dispatcher for existing functionality), and also implements %_ToName using the ToStringStub. R=weiliang.lin@intel.com BUG= Review URL: https://codereview.chromium.org/1326473002 Cr-Commit-Position: refs/heads/master@{#30460}
-
wingo authored
R=adamk@chromium.org LOG=N BUG=v8:4397,v8:4394 Review URL: https://codereview.chromium.org/1318253002 Cr-Commit-Position: refs/heads/master@{#30459}
-
mstarzinger authored
The usage of Unique<T> throughout the TurboFan IR does not have any advantage. There is no single point in time when they are initialized and most use-sites looked through to the underlying Handle<T> anyways. Also there already was a mixture of Handle<T> versus Unique<T> in the graph and this unifies the situation to use Handle<T> everywhere. R=bmeurer@chromium.org,titzer@chromium.org Review URL: https://codereview.chromium.org/1314473007 Cr-Commit-Position: refs/heads/master@{#30458}
-
mlippautz authored
* GC's flags are now proper flags and not int. * Callback flags are not threaded through but only set once like gc flags * Callers of methods that trigger GCs need to pass a reason when not using the default parameters. Furthermore, each GC invocation can be passed the GC and GCCallback flags. We usually override the currently set flags upon finishing a GC cylce, but are able to restore the previously set if desired. This is useful for explicitely triggered scavenges or external requests that interrupt the current behaviour. BUG= Review URL: https://codereview.chromium.org/1314863003 Cr-Commit-Position: refs/heads/master@{#30457}
-