- 02 Jul, 2020 1 commit
-
-
Georgia Kouveli authored
Using x16/x17 for tail calls allows us to use a "BTI c" instead of "BTI jc" landing pad. This means that we cannot enter functions with a jump to a register other than x16/x17 anymore. Bug: v8:10026 Change-Id: If5af1af861acc19f9e0dfc19c38d6a57a6fb6b6d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2276049Reviewed-by:
Georg Neis <neis@chromium.org> Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com> Cr-Commit-Position: refs/heads/master@{#68655}
-
- 16 Jun, 2020 1 commit
-
-
Georgia Kouveli authored
The C++ code uses the A instruction key for return address signing, which is the default for Clang and GCC when the -mbranch-protection option is used (although this can be configured to use the B key). Using the B key for JS means that it's not possible to use an A key signing gadget to replace a return address signed with the B key and vice-versa. This should offer a degree of separation from the C++ side. Bug: v8:10026 Change-Id: Ia9dcc7ae7096c96b4a271efbe25fc02940f6fc8e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2242953Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Reviewed-by:
Georg Neis <neis@chromium.org> Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com> Cr-Commit-Position: refs/heads/master@{#68360}
-
- 21 Apr, 2020 1 commit
-
-
Adam Kallai authored
Bug: None Change-Id: I78bb392d78c9ec968a0763dd9767f4b0ceb374a9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2157380Reviewed-by:
Georg Neis <neis@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#67285}
-
- 17 Mar, 2020 1 commit
-
-
Georgia Kouveli authored
Generate a BTI instruction at each target of an indirect branch (BR/BLR). An indirect branch that doesn't jump to a BTI instruction will generate an exception on a BTI-enabled core. On cores that do not support the BTI extension, the BTI instruction is a NOP. Targets of indirect branch instructions include, among other things, function entrypoints, exception handlers and jump tables. Lazy deopt exits can potentially be reached through an indirect branch when an exception is thrown, so they also get an additional BTI instruction. Bug: v8:10026 Change-Id: I0ebf51071f1b604f60f524096e013dfd64fcd7ff Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1967315 Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Reviewed-by:
Georg Neis <neis@chromium.org> Reviewed-by:
Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#66751}
-
- 25 Feb, 2020 1 commit
-
-
Georgia Kouveli authored
Change-Id: I22a6d25fb1d7b8e0db13df4a0be46d2f4104d20c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2064394Reviewed-by:
Georg Neis <neis@chromium.org> Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com> Cr-Commit-Position: refs/heads/master@{#66422}
-
- 13 Feb, 2020 1 commit
-
-
Georgia Kouveli authored
This is a reland of 137bfe47 Original change's description: > [arm64] Protect return addresses stored on stack > > This change uses the Arm v8.3 pointer authentication instructions in > order to protect return addresses stored on the stack. The generated > code signs the return address before storing on the stack and > authenticates it after loading it. This also changes the stack frame > iterator in order to authenticate stored return addresses and re-sign > them when needed, as well as the deoptimizer in order to sign saved > return addresses when creating new frames. This offers a level of > protection against ROP attacks. > > This functionality is enabled with the v8_control_flow_integrity flag > that this CL introduces. > > The code size effect of this change is small for Octane (up to 2% in > some cases but mostly much lower) and negligible for larger benchmarks, > however code size measurements are rather noisy. The performance impact > on current cores (where the instructions are NOPs) is single digit, > around 1-2% for ARES-6 and Octane, and tends to be smaller for big > cores than for little cores. > > Bug: v8:10026 > Change-Id: I0081f3938c56e2f24d8227e4640032749f4f8368 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1373782 > Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Cr-Commit-Position: refs/heads/master@{#66239} Bug: v8:10026 Change-Id: Id1adfa2e6c713f6977d69aa467986e48fe67b3c2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2051958Reviewed-by:
Georg Neis <neis@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com> Cr-Commit-Position: refs/heads/master@{#66254}
-
- 12 Feb, 2020 2 commits
-
-
Nico Hartmann authored
This reverts commit 137bfe47. Reason for revert: https://ci.chromium.org/p/v8/builders/ci/V8%20Arm%20-%20debug/13072 Original change's description: > [arm64] Protect return addresses stored on stack > > This change uses the Arm v8.3 pointer authentication instructions in > order to protect return addresses stored on the stack. The generated > code signs the return address before storing on the stack and > authenticates it after loading it. This also changes the stack frame > iterator in order to authenticate stored return addresses and re-sign > them when needed, as well as the deoptimizer in order to sign saved > return addresses when creating new frames. This offers a level of > protection against ROP attacks. > > This functionality is enabled with the v8_control_flow_integrity flag > that this CL introduces. > > The code size effect of this change is small for Octane (up to 2% in > some cases but mostly much lower) and negligible for larger benchmarks, > however code size measurements are rather noisy. The performance impact > on current cores (where the instructions are NOPs) is single digit, > around 1-2% for ARES-6 and Octane, and tends to be smaller for big > cores than for little cores. > > Bug: v8:10026 > Change-Id: I0081f3938c56e2f24d8227e4640032749f4f8368 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1373782 > Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Cr-Commit-Position: refs/heads/master@{#66239} TBR=rmcilroy@chromium.org,mstarzinger@chromium.org,neis@chromium.org,georgia.kouveli@arm.com Change-Id: I57d5928949b0d403774550b9bf7dc0b08ce4e703 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:10026 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2051952Reviewed-by:
Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/master@{#66242}
-
Georgia Kouveli authored
This change uses the Arm v8.3 pointer authentication instructions in order to protect return addresses stored on the stack. The generated code signs the return address before storing on the stack and authenticates it after loading it. This also changes the stack frame iterator in order to authenticate stored return addresses and re-sign them when needed, as well as the deoptimizer in order to sign saved return addresses when creating new frames. This offers a level of protection against ROP attacks. This functionality is enabled with the v8_control_flow_integrity flag that this CL introduces. The code size effect of this change is small for Octane (up to 2% in some cases but mostly much lower) and negligible for larger benchmarks, however code size measurements are rather noisy. The performance impact on current cores (where the instructions are NOPs) is single digit, around 1-2% for ARES-6 and Octane, and tends to be smaller for big cores than for little cores. Bug: v8:10026 Change-Id: I0081f3938c56e2f24d8227e4640032749f4f8368 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1373782 Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Reviewed-by:
Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#66239}
-
- 03 Feb, 2020 1 commit
-
-
Georgia Kouveli authored
Bug: v8:10026 Change-Id: I8ee836ee6298415a21cf487bc3d0e5f803fc6186 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1965590 Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Reviewed-by:
Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#66082}
-
- 16 Jan, 2020 1 commit
-
-
Pierre Langlois authored
We had a --log-instruction-stats option which would count executed instructions, splitting them into categories. We haven't used this for some years so we're proposing to just remove the code so it doesn't bitrot and allows further cleanups. Change-Id: If24d11608823e24689ea02f09f5e93b4a5acd636 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2002819Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Cr-Commit-Position: refs/heads/master@{#65826}
-
- 14 Nov, 2019 1 commit
-
-
Clemens Backes authored
This removes {CPURegister::Is} and {CPURegister::is}, and just uses {CPURegister::operator==} instead. Drive-by: Use DCHECK_EQ and DCHECK_NE where possible. R=mstarzinger@chromium.org Bug: v8:9810 Change-Id: I03aad8b4223bd4ae37d468326a734f7a5c3c8061 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1916202Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#64956}
-
- 28 Oct, 2019 1 commit
-
-
Pierre Langlois authored
The `Printf()` macro-assembler method can be very useful as a debugging tool. However, it's only available to the MacroAssembler making it impossible to use in jitted code or builtins. Change-Id: I0c1e6b98d5c6b7fc34990e87d0eb4e37f6322627 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1879287 Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#64585}
-
- 04 Oct, 2019 1 commit
-
-
Igor Sheludko authored
... as the smi-corrupting decompression seems to be stable enough. Bug: v8:9706 Change-Id: I404924ec4a12b37d8bc3e521c5563aa7e6357dc6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1835544Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Reviewed-by:
Clemens Backes <clemensb@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#64107}
-
- 03 Oct, 2019 1 commit
-
-
Pierre Langlois authored
When comparing with zero, we can generate a CBZ instruction instead of a CMP+B. If we teach TurboAssembler::JumpIfEqual() to do it then we can do it in code generated for binary switches. Change-Id: I39a045ed666fd6569bf9c9f6be28c4efbeeb01a9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1836254Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Cr-Commit-Position: refs/heads/master@{#64094}
-
- 30 Sep, 2019 1 commit
-
-
Igor Sheludko authored
... in disabled state. It will be enabled in a follow-up CL. Bug: v8:9706 Change-Id: I43b482a4fd1bf9af0c6ba535b453e72463bee0f8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1826731Reviewed-by:
Benedikt Meurer <bmeurer@chromium.org> Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Reviewed-by:
Clemens Backes [né Hammacher] <clemensb@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#64039}
-
- 26 Sep, 2019 1 commit
-
-
Igor Sheludko authored
This CL fixes comparison operations that take into account full-word value instead of the lower 32 bits. Bug: v8:9706 Change-Id: I9176ea1ece7c0551b1fa6b9df58445ba49434234 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1824474 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#64006}
-
- 17 Sep, 2019 1 commit
-
-
Andreas Haas authored
The {CountTrailingZeros} function is at least on one hot code path, and there it causes significant overhead. With this CL I just call the base::bit:: version of {CountTrailingZeros} directly. This allows the compiler to compile it to a single hardware instruction. R=v8-arm-ports@googlegroups.com Bug: v8:9396 Change-Id: I81eccc5fce9b9856d41c503bd1e4a07287eb6e1e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1803648 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by:
Martyn Capewell <martyn.capewell@arm.com> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#63831}
-
- 28 May, 2019 1 commit
-
-
Yang Guo authored
Bug: v8:9247 Change-Id: I2f999ed3a8cc0931e5092f2ac6e709b8ff3f9e42 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1630678 Commit-Queue: Yang Guo <yangguo@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#61896}
-
- 27 May, 2019 1 commit
-
-
Jakob Kummerow authored
Drive-by: fix an #include that the gcov bot is missing Bug: v8:9183 Change-Id: I35d1b4e346a56799a5f49b7059a658d5ccfe75ac Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627548Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#61837}
-
- 24 May, 2019 1 commit
-
-
Yang Guo authored
TBR=mvstanton@chromium.org,neis@chromium.org,ahaas@chromium.org Bug: v8:9247 Change-Id: I5433c863a54f3412d73df0d38aba3fdbcfac7ebe Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627973 Commit-Queue: Yang Guo <yangguo@chromium.org> Auto-Submit: Yang Guo <yangguo@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#61830}
-
- 21 May, 2019 1 commit
-
-
Yang Guo authored
Bug: v8:9247 TBR=bmeurer@chromium.org,neis@chromium.org NOPRESUBMIT=true Change-Id: Ia1e49d1aac09c4ff9e05d58fab9d08dd71198878 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1621931Reviewed-by:
Yang Guo <yangguo@chromium.org> Reviewed-by:
Benedikt Meurer <bmeurer@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#61682}
-
- 02 May, 2019 1 commit
-
-
Seth Brenith authored
On Windows, expanding the stack by more than 4 KB at a time can cause access violations. This change fixes a few known cases (and includes unit tests for those), and attempts to make stack expansion more consistent overall by using the AllocateStackSpace helper method everywhere we can, even when the offset is a small constant. On arm64, there was already a consistent method for stack pointer manipulation using the Claim and Drop methods, so Claim is updated to touch every page. Bug: v8:9017 Change-Id: I2dbbceeebbdefaf45803e9b621fe83f52234a395 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570666 Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
Clemens Hammacher <clemensh@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#61186}
-
- 11 Mar, 2019 1 commit
-
-
Santiago Aboy Solanes authored
Since kTaggedSize got shrinked and we are actually compressing the pointers (as oppposed to zeroing their upper bits), we need to update the arm64 codebase to accommodate this change. Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng Bug: v8:7703 Change-Id: I890f3ab8c046f47232e80f85830f9ae8f4dbced4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1499498 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by:
Igor Sheludko <ishell@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Reviewed-by:
Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#60172}
-
- 05 Nov, 2018 1 commit
-
-
Jakob Kummerow authored
and split Smi out of objects.h into smi.h. Bug: v8:3770, v8:5402 Change-Id: I5ff7461495d29c785a76c79aca2616816a29ab1e Reviewed-on: https://chromium-review.googlesource.com/c/1313035Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Reviewed-by:
Hannes Payer <hpayer@chromium.org> Reviewed-by:
Adam Klein <adamk@chromium.org> Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Reviewed-by:
Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#57252}
-
- 25 Oct, 2018 1 commit
-
-
Igor Sheludko authored
Bug: v8:8182 Change-Id: I4dadd9cab071ecd4314c370be5f444e36acb708e Reviewed-on: https://chromium-review.googlesource.com/c/1297317Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#56973}
-
- 14 Aug, 2018 3 commits
-
-
Georgia Kouveli authored
* Perform the lookups into the builtins constant table and external reference table in the generic version of Mov that accepts an Operand source. This makes sure we do not miss looking up constants and external references when the generic Mov is called. * Remove Mov(ExternalReference) as ExternalReference can be implicitly converted to an Operand. * Remove two Move functions that are unused in architecture-independent code. Replace their uses in arm64-specific code with the generic Mov, which does all the necessary work now. Change-Id: Ibbcee6ba22f661984cd830717e14c9b35a1fba0a Reviewed-on: https://chromium-review.googlesource.com/1172351 Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#55121}
-
Benedikt Meurer authored
This adds support for unaligned load/store access to the DataView backing store and uses byteswap operations to fix up the endianess when necessary. This changes the Word32ReverseBytes operator to be a required operator and adds the missing support on the Intel and ARM platforms (on 64-bit platforms the Word64ReverseBytes operator is also mandatory now). This further improves the performance on the dataviewperf.js test mentioned in the tracking bug by up to 40%, and at the same time reduces the code complexity in the EffectControlLinearizer. Bug: chromium:225811 Change-Id: I7c1ec826faf46a144a5a9068f8f815a5fd040997 Reviewed-on: https://chromium-review.googlesource.com/1174252Reviewed-by:
Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#55111}
-
Leszek Swirski authored
This reverts commit c46915b9. Reason for revert: Disasm failures https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20debug/21727 Original change's description: > [turbofan] Further optimize DataView accesses. > > This adds support for unaligned load/store access to the DataView > backing store and uses byteswap operations to fix up the endianess > when necessary. This changes the Word32ReverseBytes operator to be > a required operator and adds the missing support on the Intel and > ARM platforms (on 64-bit platforms the Word64ReverseBytes operator > is also mandatory now). > > This further improves the performance on the dataviewperf.js test > mentioned in the tracking bug by up to 40%, and at the same time > reduces the code complexity in the EffectControlLinearizer. > > Bug: chromium:225811 > Change-Id: I296170b828c2ccc1c317ed37840b564aa14cdec2 > Reviewed-on: https://chromium-review.googlesource.com/1172777 > Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> > Reviewed-by: Sigurd Schneider <sigurds@chromium.org> > Cr-Commit-Position: refs/heads/master@{#55099} TBR=sigurds@chromium.org,bmeurer@chromium.org Change-Id: If7a62e3a1a4ad26823fcbd2ab6eb4c053ad11c49 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:225811 Reviewed-on: https://chromium-review.googlesource.com/1174171Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#55107}
-
- 13 Aug, 2018 1 commit
-
-
Benedikt Meurer authored
This adds support for unaligned load/store access to the DataView backing store and uses byteswap operations to fix up the endianess when necessary. This changes the Word32ReverseBytes operator to be a required operator and adds the missing support on the Intel and ARM platforms (on 64-bit platforms the Word64ReverseBytes operator is also mandatory now). This further improves the performance on the dataviewperf.js test mentioned in the tracking bug by up to 40%, and at the same time reduces the code complexity in the EffectControlLinearizer. Bug: chromium:225811 Change-Id: I296170b828c2ccc1c317ed37840b564aa14cdec2 Reviewed-on: https://chromium-review.googlesource.com/1172777 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by:
Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#55099}
-
- 26 Jun, 2018 1 commit
-
-
Sigurd Schneider authored
We had a kRootRegisterBias on x64 before. This CL ports the feature to all other platforms as well. The root register bias is helpful to adjust the value of the root register, which allows to better utilize signed immediate offset constants in load instructions. We currently use a separate add instruction to add kRootRegisterBias in the code that initializes the root register. This could be improved by adding a custom relocation mode ensuring that instead of the root address, the root address plus the bias is inserted (and in this way the add instruction can be omitted). Bug: v8:6666 Change-Id: I55cf02ab85d11e3c6d0d83a8f7905dbf924890f1 Reviewed-on: https://chromium-review.googlesource.com/1113539 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#54023}
-
- 21 Jun, 2018 1 commit
-
-
jgruber authored
The assertion is invalid if dst aliases src, which is the case in InterpreterOnStackReplacement: __ SmiUntag(x1, FieldMemOperand(x1, FixedArray::OffsetOfElementAt( DeoptimizationData::kOsrPcOffsetIndex))); This didn't fail so far because slow asserts in snapshotted code are never executed. Bug: v8:7853 Change-Id: I5b2dad780da94b5821aa9a624a3fcb9d083b3aa3 Reviewed-on: https://chromium-review.googlesource.com/1109503Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#53905}
-
- 19 Jun, 2018 1 commit
-
-
Tobias Tebbi authored
Bug: chromium:849098 Change-Id: Iec81d08cf6edb6040445650cadf802a34b65b8e1 Reviewed-on: https://chromium-review.googlesource.com/1092749 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by:
Clemens Hammacher <clemensh@chromium.org> Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#53843}
-
- 05 Jun, 2018 1 commit
-
-
Igor Sheludko authored
This CL introduces a new gn argument: v8_enable_pointer_compression which is false by default. All the changes done in this CL are made under this flag. Upper half-word of a Smi word must be properly sign-extended according to the sign of the lower-half containing the actual Smi value. Bug: v8:7703 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I2b52ab49cd18c7c613130705de445fef44c30ac5 Reviewed-on: https://chromium-review.googlesource.com/1061175Reviewed-by:
Yang Guo <yangguo@chromium.org> Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Reviewed-by:
Ben Titzer <titzer@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#53519}
-
- 04 Jun, 2018 1 commit
-
-
Georgia Kouveli authored
Change-Id: I21f88bffb9fcc08c5b4616d77f90565714124082 Reviewed-on: https://chromium-review.googlesource.com/1076607Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com> Cr-Commit-Position: refs/heads/master@{#53486}
-
- 28 May, 2018 1 commit
-
-
Igor Sheludko authored
The result of SmiUntag is a sign-extended word-size value. Bug: v8:7703 Change-Id: I85dc87b541cab78286e47e2147c16c6a0939f509 Reviewed-on: https://chromium-review.googlesource.com/1073232Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#53389}
-
- 26 Apr, 2018 3 commits
-
-
jgruber authored
This is a reland of f5d30851 Original change's description: > [builtins] Introduce further constant & external reference indirections > > This introduces further indirections for embedded constants and > external references for builtins generated by the macro-assembler. > The used mechanisms (LookupConstant and LookupExternalReference) are > identical to what we already use in CSA. > > Almost all builtins are now isolate-independent in both release and > debug modes. snapshot_blob.bin is roughly 670K smaller in embedded > builds vs. non-embedded builds, while libv8.so is roughly 280K larger. > > Bug: v8:6666 > Change-Id: I7a6c2193ef5a763e6cf7543dd51597d6fff6c110 > Reviewed-on: https://chromium-review.googlesource.com/1006581 > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#52810} TBR=mstarzinger@chromium.org Bug: v8:6666 Change-Id: I73dfe207f2c5f79a9a06c165c75f5619e88a5a17 Reviewed-on: https://chromium-review.googlesource.com/1030550Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#52819}
-
jgruber authored
This reverts commit f5d30851. Breakages: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20noi18n%20-%20debug/builds/20370 https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20-%20custom%20snapshot%20-%20debug/builds/21174 TBR=yangguo@chromium.org No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:6666 Change-Id: Ic4d28fccf647aadcac0a60430b7fb66d22ce4577 Reviewed-on: https://chromium-review.googlesource.com/1030431Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#52813}
-
jgruber authored
This introduces further indirections for embedded constants and external references for builtins generated by the macro-assembler. The used mechanisms (LookupConstant and LookupExternalReference) are identical to what we already use in CSA. Almost all builtins are now isolate-independent in both release and debug modes. snapshot_blob.bin is roughly 670K smaller in embedded builds vs. non-embedded builds, while libv8.so is roughly 280K larger. Bug: v8:6666 Change-Id: I7a6c2193ef5a763e6cf7543dd51597d6fff6c110 Reviewed-on: https://chromium-review.googlesource.com/1006581 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#52810}
-
- 27 Feb, 2018 1 commit
-
-
Mike Stanton authored
This is a reland of 800daded. Original change's description: > [turbofan] Masking/poisoning in codegen (optimized code, arm64) > > This introduces masking of loads with speculation bit during code generation. > At the moment, this is done only under the > --branch-load-poisoning flag, and this CL enlarges the set of supported > platforms from {x64, arm} to {x64, arm, arm64}. > > Overview of changes: > - new register configuration configuration with one register reserved for > the speculation poison/mask (kSpeculationPoisonRegister). > - in codegen, we introduce an update to the poison register at the starts > of all successors of branches (and deopts) that are marked as safety > branches (deopts). > - in memory optimizer, we lower all field and element loads to PoisonedLoads. > - poisoned loads are then masked in codegen with the poison register. > * only integer loads are masked at the moment. > > Bug: chromium:798964 > Change-Id: Ie6bc9c3bdac9998b0ef81f050a9c844399ca3ae4 > Reviewed-on: https://chromium-review.googlesource.com/928724 > Commit-Queue: Michael Stanton <mvstanton@chromium.org> > Reviewed-by: Martyn Capewell <martyn.capewell@arm.com> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Cr-Commit-Position: refs/heads/master@{#51576} Bug: chromium:798964 Change-Id: I6c87d34c4e05fca0bd7f5447555133ecb0fb7a2e Reviewed-on: https://chromium-review.googlesource.com/939402Reviewed-by:
Martyn Capewell <martyn.capewell@arm.com> Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#51602}
-
- 26 Feb, 2018 1 commit
-
-
Adam Klein authored
This reverts commit 800daded. Reason for revert: breaks arm64 build Original change's description: > [turbofan] Masking/poisoning in codegen (optimized code, arm64) > > This introduces masking of loads with speculation bit during code generation. > At the moment, this is done only under the > --branch-load-poisoning flag, and this CL enlarges the set of supported > platforms from {x64, arm} to {x64, arm, arm64}. > > Overview of changes: > - new register configuration configuration with one register reserved for > the speculation poison/mask (kSpeculationPoisonRegister). > - in codegen, we introduce an update to the poison register at the starts > of all successors of branches (and deopts) that are marked as safety > branches (deopts). > - in memory optimizer, we lower all field and element loads to PoisonedLoads. > - poisoned loads are then masked in codegen with the poison register. > * only integer loads are masked at the moment. > > Bug: chromium:798964 > Change-Id: Ie6bc9c3bdac9998b0ef81f050a9c844399ca3ae4 > Reviewed-on: https://chromium-review.googlesource.com/928724 > Commit-Queue: Michael Stanton <mvstanton@chromium.org> > Reviewed-by: Martyn Capewell <martyn.capewell@arm.com> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Cr-Commit-Position: refs/heads/master@{#51576} TBR=rmcilroy@chromium.org,mvstanton@chromium.org,mstarzinger@chromium.org,jarin@chromium.org,rodolph.perfetta@arm.com,martyn.capewell@arm.com,pierre.langlois@arm.com Change-Id: I1b5dad27f9620c7da3277602081f392de6221caf No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:798964 Reviewed-on: https://chromium-review.googlesource.com/937861Reviewed-by:
Adam Klein <adamk@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#51578}
-