- 24 Mar, 2017 3 commits
-
-
Peter Marshall authored
This helper is used directly when constructing from an object with a length, as well as by ConstructByIterable and ByTypedArray. BUG=v8:5977 Change-Id: I18a4829c2a22a6099cf3b0824ea1f698bfbf1917 Reviewed-on: https://chromium-review.googlesource.com/456707Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Reviewed-by:
Franziska Hinkelmann <franzih@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#44116}
-
Toon Verwaest authored
BUG=chromium:703226 Change-Id: Ic71ae018c0090b2142f1d732bcf9c94c65e81f83 Reviewed-on: https://chromium-review.googlesource.com/458917Reviewed-by:
Igor Sheludko <ishell@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#44110}
-
danno authored
BUG=v8:1956 Review-Url: https://codereview.chromium.org/2776433003 Cr-Commit-Position: refs/heads/master@{#44105}
-
- 21 Mar, 2017 2 commits
-
-
Toon Verwaest authored
The problem was that transitioning element stores had a similar shape to the new StoreGlobal case. The problem was fixed by https://chromium-review.googlesource.com/c/457341/ BUG=v8:5561 Change-Id: If996e9b37809ba8edf6dcb228b116b77021ce7bc Reviewed-on: https://chromium-review.googlesource.com/457324Reviewed-by:
Igor Sheludko <ishell@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#43992}
-
mvstanton authored
BUG= Review-Url: https://codereview.chromium.org/2680153005 Cr-Commit-Position: refs/heads/master@{#43965}
-
- 20 Mar, 2017 2 commits
-
-
Franziska Hinkelmann authored
This reverts commit ea4346be. Reason for revert: This causes a crash in a Node.js test (parallel/test-repl-options). I can reproduce the crash locally. At a first glance, it doesn't look like we're doing anything terribly wrong in Node that explains the crash. I'll have a closer lock tomorrow. Feel free to reland if needed, we can always deactivate the test. Original change's description: > [ic] Migrate StoreGlobal to data handler > > BUG=v8:5561 > > Change-Id: If4c679c97af199ce1c90d055627186123bc88574 > Reviewed-on: https://chromium-review.googlesource.com/456698 > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Commit-Queue: Toon Verwaest <verwaest@chromium.org> > Cr-Commit-Position: refs/heads/master@{#43944} TBR=ishell@chromium.org,verwaest@chromium.org,v8-reviews@googlegroups.com NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:5561 Change-Id: I790ff9ab45016749fe2f3982045f497a995e282e Reviewed-on: https://chromium-review.googlesource.com/456505Reviewed-by:
Franziska Hinkelmann <franzih@chromium.org> Commit-Queue: Franziska Hinkelmann <franzih@chromium.org> Cr-Commit-Position: refs/heads/master@{#43951}
-
Toon Verwaest authored
BUG=v8:5561 Change-Id: If4c679c97af199ce1c90d055627186123bc88574 Reviewed-on: https://chromium-review.googlesource.com/456698Reviewed-by:
Igor Sheludko <ishell@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#43944}
-
- 17 Mar, 2017 2 commits
-
-
jgruber authored
ToDirectStringAssembler is used in StringCharCodeAt and SubString (which uses StringCharCodeAt internally). SubString is used all over the place (e.g. RegExp result construction), and is critical for benchmark performance. The CL introducing ToDirectStringAssembler caused a couple of regressions which this is intended to fix by adding a fast path for sequential strings. BUG=chromium:702246 Review-Url: https://codereview.chromium.org/2754933003 Cr-Commit-Position: refs/heads/master@{#43897}
-
Toon Verwaest authored
The ForDeopt stub isn't actually necessary anymore; but I don't want to fix the deoptimizer in the same CL. BUG=v8:5561 Change-Id: I7101cec4b783949bcfbf1ebdb80541d1b558e2e2 Reviewed-on: https://chromium-review.googlesource.com/455858 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by:
Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#43896}
-
- 16 Mar, 2017 3 commits
-
-
jgruber authored
Change Node* name = HeapConstant(name_string); Callable callable = CodeFactory::GetProperty(isolate); CallStub(callable, context, receiver, name); to GetProperty(context, receiver, name_string); BUG= Review-Url: https://codereview.chromium.org/2751363002 Cr-Commit-Position: refs/heads/master@{#43850}
-
jgruber authored
This unifies several of the places in CSA that convert various string kinds (cons, thin, sliced) to direct strings (sequential, external). A couple of spots remain with duplicate code, but most of these are more difficult to unify due to specific optimizations. BUG= Review-Url: https://codereview.chromium.org/2744263002 Cr-Commit-Position: refs/heads/master@{#43848}
-
jgruber authored
This moves most of the logic contained in RegExpExecStub to CSA. Benefits are mostly easier readability and hackability, and removal of a large chunk of platform-specific assembly. Exit frame construction and the final call remain in RegExpExecStub. BUG=v8:5339,v8:592 Review-Url: https://codereview.chromium.org/2738413002 Cr-Commit-Position: refs/heads/master@{#43844}
-
- 15 Mar, 2017 2 commits
-
-
Jochen Eisinger authored
That way, we don't need to create a context-less constructor function. Instead, we use the constructor_or_backpointer (or null) field, and rename it to constructor_or_fti_or_backpointer so nobody is confused. Note that technically, we still have JSFunctions without contexts, as they're temporarily created in the deoptimizer. BUG=v8:6084 R=dcheng@chromium.org,bmeurer@chromium.org,verwaest@chromium.org Change-Id: I084f052533c317f2cbfb9c35e1acf40263c6257b Reviewed-on: https://chromium-review.googlesource.com/454636 Commit-Queue: Jochen Eisinger <jochen@chromium.org> Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Reviewed-by:
Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/master@{#43834}
-
Toon Verwaest authored
BUG= Change-Id: Ic63c63a312c6282814c14176d982b8c825ba6dc4 Reviewed-on: https://chromium-review.googlesource.com/454756 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by:
Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#43816}
-
- 14 Mar, 2017 1 commit
-
-
Ross McIlroy authored
IsString should not count FIRST_NON_STRING_TYPE as a string type. BUG= Change-Id: I093945763c3d2b56de5b4b5745ba207fe2d8b5d1 Reviewed-on: https://chromium-review.googlesource.com/453899Reviewed-by:
Igor Sheludko <ishell@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#43783}
-
- 13 Mar, 2017 2 commits
-
-
Peter Marshall authored
Part of the performance and refactoring work to move the TypedArray constructors into CSA. This CL moves ConstructByArrayBuffer from JS to CSA. BUG=v8:5977 Change-Id: I0a200e6b3f6261ea2372ea9c3d3ca98e313cf2c5 Reviewed-on: https://chromium-review.googlesource.com/451620 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Reviewed-by:
Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#43747}
-
bmeurer authored
These operations don't need the context, so no need to pass the context to them. Also avoids the loading of context in the interpreter bytecode handlers for StrictEqual and Typeof. BUG=v8:5268,v8:5269 R=yangguo@chromium.org Review-Url: https://codereview.chromium.org/2744173002 Cr-Commit-Position: refs/heads/master@{#43733}
-
- 10 Mar, 2017 1 commit
-
-
Peter Marshall authored
AllocateRawAligned called into AllocateRawUnaligned, which expected the address of the pointer to the top of the stack, not the pointer itself. Instead, the pointer itself was passed, causing segfaults if this code is actually run. Also do some drive-by clean up of the branching/labels and unused vars etc. in AllocateRawAligned. BUG=v8:6075 Change-Id: If71db4b61d777b6543e5246e92bb5b9e6c02c81f Reviewed-on: https://chromium-review.googlesource.com/452374Reviewed-by:
Camillo Bruni <cbruni@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#43722}
-
- 07 Mar, 2017 3 commits
-
-
jgruber authored
This inlines common LoadIC cases into the LdaNamedProperty bytecode handler. Smi handlers resulting in constant/field loads for monomorphic ICs omit frame construction. The same counts for the polymorphic case as long as the target handler is in the first two vector slots. Other cases (megamorphic, uninitialized) call the new LoadIC_Noninlined stub. Local benchmarks show up to 6% improvement on Sunspider with --future. BUG=v8:5917 Review-Url: https://codereview.chromium.org/2733563002 Cr-Commit-Position: refs/heads/master@{#43630}
-
Camillo Bruni authored
Change-Id: I58fc4ad8104f9a334a24de181168122f215a0505 BUG=chromium:678427 Change-Id: I58fc4ad8104f9a334a24de181168122f215a0505 Reviewed-on: https://chromium-review.googlesource.com/447980Reviewed-by:
Mythri Alle <mythria@chromium.org> Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#43628}
-
Michael Starzinger authored
The parser already changes all negative equality comparison operations to their positive pendants in {ParserBase::ParseBinaryExpression}. No other source of the Token::NE exists in the system. We can remove all handling from the compiler and interpreter backends. R=bmeurer@chromium.org Change-Id: I58722c08dd8e498f20c65886fce86b8172737b10 Reviewed-on: https://chromium-review.googlesource.com/449716Reviewed-by:
Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#43627}
-
- 03 Mar, 2017 1 commit
-
-
bmeurer authored
We don't need the JSStrictNotEqual operator in the compiler, because this is never generated by the BytecodeGraphBuilder, and the code in the AstGraphBuilder was dead code. Also remove the backing builtin StrictNotEqual. R=mstarzinger@chromium.org BUG=v8:5267 Review-Url: https://codereview.chromium.org/2727003006 Cr-Commit-Position: refs/heads/master@{#43594}
-
- 02 Mar, 2017 1 commit
-
-
Camillo Bruni authored
This makes the assumption about new-space allocation in the CSA more clear. Additionally AllocateInNewSpace asserts that the allocation will fit in the new-space in a debug build. Change-Id: Ica5e7e12656dcdaa2c739b3d300fdcbaeb2355a2 Reviewed-on: https://chromium-review.googlesource.com/448043Reviewed-by:
Camillo Bruni <cbruni@chromium.org> Reviewed-by:
Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#43557}
-
- 27 Feb, 2017 1 commit
-
-
leszeks authored
Make MarkerIs[Not]FrameType actually use their argument instead of a fixed value for the stack frame type. Review-Url: https://codereview.chromium.org/2709953002 Cr-Commit-Position: refs/heads/master@{#43454}
-
- 24 Feb, 2017 1 commit
-
-
caitp authored
Introduce a new Object to allow GetIterator("async") to function when the iterable does not have a Symbol.asyncIterator method. This patch has been split out from https://codereview.chromium.org/2622833002/ and incorporates test cases. BUG=v8:5855, v8:4483 R=jgruber@chromium.org, rmcilroy@chromium.org, neis@chromium.org TBR=hpayer@chromium.org, bmeurer@chromium.org Review-Url: https://codereview.chromium.org/2645313003 Cr-Commit-Position: refs/heads/master@{#43419}
-
- 22 Feb, 2017 2 commits
-
-
jgruber authored
This CL allows the String.p.indexOf fast path to handle one-byte external strings (in addition to one-byte sequential strings). BUG= Review-Url: https://codereview.chromium.org/2705193002 Cr-Commit-Position: refs/heads/master@{#43369}
-
jgruber authored
This should improve readability, code generation, and ensure that we verify such locations are never reached. BUG= Review-Url: https://codereview.chromium.org/2705163005 Cr-Commit-Position: refs/heads/master@{#43367}
-
- 21 Feb, 2017 1 commit
-
-
Leszek Swirski authored
Use an opaque format for the frame type marker on the stack, where the marker is simply shifted left by 1 instead of being a Smi. This allows us to generate simpler code for frame initialisation, as we can push a smaller value, decreasing the prologue by 4 bytes and one instruction. Drive-by: Use the same format for JsFrameMarker. Change-Id: I812dde9b37869fe20de4148a665d06cf23ce7372 Reviewed-on: https://chromium-review.googlesource.com/443426Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Reviewed-by:
Benedikt Meurer <bmeurer@chromium.org> Reviewed-by:
Daniel Clifford <danno@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#43347}
-
- 20 Feb, 2017 1 commit
-
-
Caitlin Potter authored
Use TF_BUILTIN() to implement ArrayIncludes(). It's easier on the eyes and easier to read. BUG=v8:3575 R=cbruni@chromium.org, ishell@chromium.org Change-Id: I9cbe395829f0fcc7d01ba28ed7b5a2007c52cae3 Reviewed-on: https://chromium-review.googlesource.com/444830 Commit-Queue: Caitlin Potter <caitp@igalia.com> Reviewed-by:
Camillo Bruni <cbruni@chromium.org> Reviewed-by:
Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#43333}
-
- 17 Feb, 2017 2 commits
-
-
Igor Sheludko authored
BUG= Change-Id: Ifc441739ef730a0b2278be0b662413c223631a72 Reviewed-on: https://chromium-review.googlesource.com/444190Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#43288}
-
bmeurer authored
The CodeStubAssembler::SubString method should not try to be defensive about non-string inputs, but really enforce String receiver. Passing a non-String input will result in crash in the %SubString runtime function anyway. R=jgruber@chromium.org Review-Url: https://codereview.chromium.org/2700103002 Cr-Commit-Position: refs/heads/master@{#43267}
-
- 16 Feb, 2017 1 commit
-
-
Daniel Clifford authored
Before this patch, the registers needed for bytecode dispatch in interpreter handlers were inconsistently stored in the interpreter frame and/or kept in values that remained live across calls. After this patch, these registers are explicitly reloaded after calls, making it possible to elide the spills of those registers before the call in many cases. Some highlights from the CL: * Added methods to the CSA and InterpreterAssembler to efficiently store and load Smis values and Smi interpreter registers on x64 without explicit tagging/untagging. * Created Variables for all of the interpreter-internal values that need to be reloaded before bytecode dispatch at the end of an interpreter handler. * The bytecode offset can be written out early in a handler by marking it has having a call along it's critical path. By moving this early in a handler, it becomes possible to use memory operands for pushes used to marshall parameters when making calls. Change-Id: Icf8d7798789f88a4489e06a7092616bbbb881577 Reviewed-on: https://chromium-review.googlesource.com/442566 Commit-Queue: Daniel Clifford <danno@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#43260}
-
- 14 Feb, 2017 1 commit
-
-
bbudge authored
LOG=Y BUG=v8:4124,v8:5948 R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org Review-Url: https://codereview.chromium.org/2684313003 Cr-Original-Original-Commit-Position: refs/heads/master@{#43162} Committed: https://chromium.googlesource.com/v8/v8/+/d170c57ab996d00c4665a9d865bd5754a1806c6c Review-Url: https://codereview.chromium.org/2684313003 Cr-Original-Commit-Position: refs/heads/master@{#43169} Committed: https://chromium.googlesource.com/v8/v8/+/a9b59a11f1bfe069afabe5567f919727456f1f12 Review-Url: https://codereview.chromium.org/2684313003 Cr-Commit-Position: refs/heads/master@{#43176}
-
- 13 Feb, 2017 6 commits
-
-
franzih authored
Revert of Remove SIMD.js from V8. (patchset #7 id:120001 of https://codereview.chromium.org/2684313003/ ) Reason for revert: Breaks Node integration build. Original issue's description: > Remove SIMD.js from V8. > > LOG=Y > BUG=v8:4124,v8:5948 > R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org > > Review-Url: https://codereview.chromium.org/2684313003 > Cr-Original-Commit-Position: refs/heads/master@{#43162} > Committed: https://chromium.googlesource.com/v8/v8/+/d170c57ab996d00c4665a9d865bd5754a1806c6c > Review-Url: https://codereview.chromium.org/2684313003 > Cr-Commit-Position: refs/heads/master@{#43169} > Committed: https://chromium.googlesource.com/v8/v8/+/a9b59a11f1bfe069afabe5567f919727456f1f12 TBR=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org,bradnelson@google.com,machenbach@chromium.org,bbudge@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:4124,v8:5948 Review-Url: https://codereview.chromium.org/2695653005 Cr-Commit-Position: refs/heads/master@{#43170}
-
bbudge authored
LOG=Y BUG=v8:4124,v8:5948 R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org Review-Url: https://codereview.chromium.org/2684313003 Cr-Original-Commit-Position: refs/heads/master@{#43162} Committed: https://chromium.googlesource.com/v8/v8/+/d170c57ab996d00c4665a9d865bd5754a1806c6c Review-Url: https://codereview.chromium.org/2684313003 Cr-Commit-Position: refs/heads/master@{#43169}
-
bradnelson authored
Revert of Remove SIMD.js from V8. (patchset #7 id:120001 of https://codereview.chromium.org/2684313003/ ) Reason for revert: red Original issue's description: > Remove SIMD.js from V8. > > LOG=Y > BUG=v8:4124,5948 > R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org > (notry since trybots can't patch directory deletes) > NOTRY=true > > Review-Url: https://codereview.chromium.org/2684313003 > Cr-Commit-Position: refs/heads/master@{#43162} > Committed: https://chromium.googlesource.com/v8/v8/+/d170c57ab996d00c4665a9d865bd5754a1806c6c TBR=bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org,bradnelson@google.com,bbudge@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:4124,5948 Review-Url: https://codereview.chromium.org/2692933002 Cr-Commit-Position: refs/heads/master@{#43164}
-
bbudge authored
LOG=Y BUG=v8:4124,5948 R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org (notry since trybots can't patch directory deletes) NOTRY=true Review-Url: https://codereview.chromium.org/2684313003 Cr-Commit-Position: refs/heads/master@{#43162}
-
bmeurer authored
This way it's possible to disable Assert() even in Debug builds via --nodebug-code. R=danno@chromium.org BUG=v8:5268 Review-Url: https://codereview.chromium.org/2690983002 Cr-Commit-Position: refs/heads/master@{#43143}
-
bmeurer authored
We cannot skip the @@hasInstance lookup in instanceof depending on a global protector cell, as the lookup of the property is observable via proxies or accessors. So remove the global protector and properly implement CSA::InstanceOf via GetPropertyStub, with an appropriate fast-path for Function.prototype[@@hasInstance] where we call the builtin code object directly if the function matches, skipping all the checks from the call sequence, and also avoid the redundant ToBoolean conversion on the result. R=yangguo@chromium.org TBR=ulan@chromium.org BUG=v8:5958 Review-Url: https://codereview.chromium.org/2684033012 Cr-Commit-Position: refs/heads/master@{#43137}
-
- 10 Feb, 2017 1 commit
-
-
jkummerow authored
And use it to avoid runtime calls when there are too many properties for linear searching. The threshold of 32 was chosen by experimentation. Review-Url: https://codereview.chromium.org/2680973002 Cr-Commit-Position: refs/heads/master@{#43078}
-