Skip to content

V
V8
Switch branch/tag
  1. 23 Aug, 2017 1 commit
    • Ross McIlroy's avatar
      Reland "[Compiler] Remove code aging support." · 8bf15bf1
      Ross McIlroy authored 
      > This reverts commit 42d3d36b.
> 
> Original change's description:
> > [Compiler] Remove code aging support.
> > 
> > Code aging is no longer supported by any remaining compilers now
> > that full codegen has been removed. This CL removes all vestiges of
> > code aging.
> > 
> > BUG=v8:6409
> > 
> > Change-Id: I945ebcc20c7c55120550c8ee36188bfa042ea65e
> > Reviewed-on: https://chromium-review.googlesource.com/619153
> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
> > Reviewed-by: Yang Guo <yangguo@chromium.org>
> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> > Reviewed-by: Marja Hölttä <marja@chromium.org>
> > Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#47501}
> 
> TBR=ulan@chromium.org,rmcilroy@chromium.org,marja@chromium.org,yangguo@chromium.org,mstarzinger@chromium.org,rodolph.perfetta@arm.com
> 
> Change-Id: I9d8b2985e2d472697908270d93a35eb7ef9c88a8
> No-Presubmit: true
> No-Tree-Checks: true
> No-Try: true
> Bug: v8:6409
> Reviewed-on: https://chromium-review.googlesource.com/625998
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47506}

TBR=ulan@chromium.org,rmcilroy@chromium.org,marja@chromium.org,yangguo@chromium.org,mstarzinger@chromium.org,rodolph.perfetta@arm.com

Change-Id: I68785c6be7686e874b3848103e3a34483eaeb519
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6409
Reviewed-on: https://chromium-review.googlesource.com/625919Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47535}
      8bf15bf1
  3. 22 Aug, 2017 2 commits
  5. 21 Aug, 2017 1 commit
  7. 14 Jul, 2017 1 commit
    • Ulan Degenbaev's avatar
      [heap] Rework ASLR for base::Platform::VirtualMemory · 0640cbf3
      Ulan Degenbaev authored 
      Currently every VirtualMemory allocation on 64-bit systems
uses a random 46-bit address hint for ASLR.

This leads to wired page leak on MacOS discovered by Erik Chen (see
crbug.com/700928 and https://chromium-review.googlesource.com/c/557958/):
"The Darwin kernel [as of macOS 10.12.5] does not clean up page directory
entries [PDE] created from mmap or mach_vm_allocate, even after
the region is destroyed. Using a virtual address space that is too large
causes a leak of about 1 wired [can never be paged out] page per call to
mmap(). The page is only reclaimed when the process is killed."

This patch changes VirtualMemory to accept the hint parameter explicitly.

On MacOS the hints are confined to 4GB contiguous region. Algorithm:
- On startup, set heap.mmap_region_base_ to a random address.
- For each mmap use heap.mmap_region_base_ + (random_offset % (4*GB)).

BUG=chromium:700928

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I2ae6a024e02fbe63f940105d7920b57c19abacc6
Reviewed-on: https://chromium-review.googlesource.com/558876
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46656}
      0640cbf3
  9. 31 May, 2017 1 commit
    • neis's avatar
      [compiler] Delay allocation of code-embedded heap numbers. · 659e8f7b
      neis authored 
      Instead of allocating and embedding certain heap numbers into the code
during code assembly, emit dummies but record the allocation requests.
Later then, in Assembler::GetCode, allocate the heap numbers and patch
the code by replacing the dummies with the actual objects. The
RelocInfos for the embedded objects are already recorded correctly when
emitting the dummies.

R=jarin@chromium.org
BUG=v8:6048

Review-Url: https://codereview.chromium.org/2900683002
Cr-Commit-Position: refs/heads/master@{#45635}
      659e8f7b
  11. 17 Mar, 2017 1 commit
    • neis's avatar
      Disentangle assembler from isolate. · 94b088ca
      neis authored 
      This is a first step towards moving Turbofan code generation off the main thread.

Summary of the changes:
- AssemblerBase no longer has a pointer to the isolate. Instead, its
  constructor receives the few things that it needs from the isolate (on most
  architectures this is just the serializer_enabled flag).
- RelocInfo no longer has a pointer to the isolate. Instead, the functions
  that need it take it as an argument.  (There are currently still a few that
  implicitly access the isolate through a HeapObject.)
- The MacroAssembler now explicitly holds a pointer to the isolate (before, it
  used to get it from the Assembler).
- The jit_cookie also moved from AssemblerBase to the MacroAssemblers, since
  it's not used at all in the Assemblers.
- A few architectures implemented parts of the Assembler with the help
  of a Codepatcher that is based on MacroAssembler.  Since the Assembler no
  longer has the isolate, but the MacroAssembler still needs it, this doesn't
  work anymore.  Instead, these Assemblers now use a new PatchingAssembler.

BUG=v8:6048

Review-Url: https://codereview.chromium.org/2732273003
Cr-Commit-Position: refs/heads/master@{#43890}
      94b088ca
  13. 23 Feb, 2017 1 commit
  15. 19 Jan, 2017 1 commit
  17. 12 Jan, 2017 1 commit
  19. 11 Jan, 2017 2 commits
  21. 10 Jan, 2017 3 commits
  23. 29 Nov, 2016 1 commit
  25. 22 Nov, 2016 1 commit
  27. 17 Jun, 2016 1 commit
    • bmeurer's avatar
      [builtins] Introduce proper Float64Exp operator. · d5f2ac5e
      bmeurer authored 
      Import base::ieee754::exp() from FreeBSD msun and introduce a Float64Exp
TurboFan operator based on that, similar to what we do for Float64Log.
Rewrite Math.exp() as TurboFan builtin and use that operator to also
inline Math.exp() into optimized TurboFan functions.

CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
BUG=v8:3266,v8:3468,v8:3493,v8:5086,v8:5108,chromium:620786
R=mvstanton@chromium.org

Committed: https://crrev.com/93e26314afc9da9b5b8bd998688262444ed73260
Review-Url: https://codereview.chromium.org/2077533002
Cr-Original-Commit-Position: refs/heads/master@{#37037}
Cr-Commit-Position: refs/heads/master@{#37047}
      d5f2ac5e
  29. 16 Jun, 2016 2 commits
  31. 01 Jun, 2016 1 commit
  33. 26 Apr, 2016 1 commit
  35. 31 Mar, 2016 1 commit
    • mythria's avatar
      [Interpreter] Changes GenerateDoubleToObject to push and pop rsi value. · e6b6e554
      mythria authored 
      In the earlier implementation of GenerateDoubleToObject the context
is loaded from the parent's frame. rsi is clobbered because it is used
to store kHoleNan constnat. It is not always safe to peek at
the parents frame. Bytecode handlers have TypedFrame and the type of
frame is stored at FP + 1. GenerateDoubleToObject expects context
to be store at that place. In the current implementation rsi is pushed
onto the stack and is popped when exiting this function.

BUG=v8:4280,chromium:597565
LOG=N

Review URL: https://codereview.chromium.org/1848473002

Cr-Commit-Position: refs/heads/master@{#35163}
      e6b6e554
  37. 27 Nov, 2015 1 commit
  39. 26 Nov, 2015 1 commit
  41. 25 Nov, 2015 3 commits
  43. 24 Nov, 2015 1 commit
  45. 23 Oct, 2015 2 commits
  47. 18 Oct, 2015 1 commit
  49. 16 Oct, 2015 2 commits
  51. 15 Oct, 2015 1 commit
  53. 11 Sep, 2015 1 commit
  55. 03 Sep, 2015 1 commit
  57. 17 Aug, 2015 1 commit
  59. 01 Jun, 2015 1 commit
  61. 09 Oct, 2014 1 commit