- 02 Aug, 2017 7 commits
-
-
Michael Starzinger authored
This adds support to materialize objects when generating a frame summary for an optimized frame via {OptimizedFrame::Summarize}. Note that this means each summary might re-materialize objects and hence produce new object identities every time. All use sites need to be able to cope with such semantics. R=jarin@chromium.org BUG=v8:6586 Change-Id: I85c66ad3e7d247cd40f37a0a6e4391c0ee279706 Reviewed-on: https://chromium-review.googlesource.com/595745Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#47067}
-
Juliana Franco authored
Replacing pc with trampoline on stack This CL is the follow up of https://chromium-review.googlesource.com/c/586707/ which used to crash when running the gc-stress bots. It seems to be working now. We now keep the trampoline PC in the Safepoint table and use that information to find SafepointEntries. There's some refactoring that can be done, such as changing the code for exceptions in a similar way and removing the trampoline from the DeoptimizationInputData. Will take care of this in the next CL. Bug: v8:6563 Change-Id: I8c0a2489de19e6d5fb4ebf1de7da1933726265b4 Reviewed-on: https://chromium-review.googlesource.com/596027 Commit-Queue: Juliana Patricia Vicente Franco <jupvfranco@google.com> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#47066}
-
Ulan Degenbaev authored
This is a partial reland of "Allow a minimum semi-space size of 512K." with a heuristic to keep 1MB initial semi-space size for high memory devices. Original commit message: > [heap] Allow a minimum semi-space size of 512K. > This CL also reduces the minimum semi-space size to 512K. > BUG=chromium:716032 BUG=chromium:735649,chromium:716032 Change-Id: I5ec851f2380c40dbc34b4576a668f63ae38ac898 Reviewed-on: https://chromium-review.googlesource.com/594387Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Hablich <hablich@chromium.org> Cr-Commit-Position: refs/heads/master@{#47065}
-
Michael Starzinger authored
R=rmcilroy@chromium.org Change-Id: Ie5109ca54917c062ba70d55bd80cfad7832b5ea9 Reviewed-on: https://chromium-review.googlesource.com/595992Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#47064}
-
Michael Achenbach authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/ece477b..c15e746 Rolling v8/buildtools: https://chromium.googlesource.com/chromium/buildtools/+log/5ad1454..275b8c4 Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapult/+log/cc7953a..3ec5781 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/7185692..b18e402 TBR=machenbach@chromium.org,hablich@chromium.org Change-Id: I7656cce0cbe7d187d8ee25951c25057b540b07ae Reviewed-on: https://chromium-review.googlesource.com/597389Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#47063}
-
Yang Guo authored
Until now, when generating a builtin, it can only embed builtins (as call targets) that have already been generated. This is either achieved by reordering the builtins list, or by loading the call target at runtime from the builtins list (see MacroAssembler::TailCallBuiltin). This patch works around this issue by filling the builtins list with dummy code objects, which are later replaced with the completed actual builtins. In release mode, this adds around 3ms to 140ms we previously needed to populate the builtins list. Change-Id: I7d451b3c09a1db4b9e755548102a80c7f0dfada2 Reviewed-on: https://chromium-review.googlesource.com/586531 Commit-Queue: Yang Guo <yangguo@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#47062}
-
Jaroslav Sevcik authored
Change-Id: Ife88feb55f12c592b1c3b4435cd584333953ef6b Reviewed-on: https://chromium-review.googlesource.com/593619Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#47061}
-
- 01 Aug, 2017 33 commits
-
-
Alexey Kozyatinskiy authored
Node.js doesn't have good place to call contextDestroyed. We need to cleanup everything on our side to allow clients to not call contextDestroyed method. R=dgozman@chromium.org,eostroukhov@chromium.com Bug: none Change-Id: Ibe3f01fd18afbfa579e5db66ab6f174d5fad7c82 Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng Reviewed-on: https://chromium-review.googlesource.com/575519Reviewed-by: Dmitry Gozman <dgozman@chromium.org> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#46849} Reviewed-on: https://chromium-review.googlesource.com/596549 Cr-Commit-Position: refs/heads/master@{#47060}
-
Annie Sullivan authored
This reverts commit eb65f35e. Reason for revert: Broke jetstream benchmark on android. BUG=chromium:750828 Original change's description: > [wasm] redirect wasm calls to js functions through a GCed table > > With this patch, rather than embedding the JSReceiver address directly > in the WasmToJS wrappers, we put that in a fixed array with global handle > scope and instead embed the location of the handle and the index in the > wrapper. This ensures that the wrapper doesn't need to be patched if the > GC kicks in. This is needed to get the WASM code off the GCed heap. > > R=mtrofin@chromium.org > > Bug: > Change-Id: Ie5a77a78cdecec51b04f702c63b8e4285e6a2d8d > Reviewed-on: https://chromium-review.googlesource.com/581682 > Commit-Queue: Aseem Garg <aseemgarg@chromium.org> > Reviewed-by: Mircea Trofin <mtrofin@chromium.org> > Cr-Commit-Position: refs/heads/master@{#46884} TBR=mtrofin@chromium.org,aseemgarg@google.com,aseemgarg@chromium.org,clemensh@chromium.org # Not skipping CQ checks because original CL landed > 1 day ago. Change-Id: I26f49ee0a1fe73cc5d8852ded87b56638be39ebf Reviewed-on: https://chromium-review.googlesource.com/596268 Commit-Queue: Aseem Garg <aseemgarg@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#47059}
-
Caitlin Potter authored
Per https://github.com/tc39/proposal-async-iteration/pull/102/files: AsyncGeneratorResolve no longer unwraps a value component. Instead, the value is unwrapped before the builtin call via Await, allowing Promise rejections to affect the generator control flow. Thus, all `yield <expr>` implicitly become `yield await <expr>`. Additionally, `return <expr>` becomes `return await <expr>`. Finally, when the generator is resumed with `.return()`, the parameter passed to .return() is awaited before generator execution properly continues). BUG=v8:6187, v8:5855 R=littledan@chromium.org, neis@chromium.org, adamk@chromium.org TBR=rmcilroy@chromium.org, neis@chromium.org Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng Change-Id: Id7718028fd555481f9f4ca0dbecfa788e3057c48 Reviewed-on: https://chromium-review.googlesource.com/594500Reviewed-by: Caitlin Potter <caitp@igalia.com> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Caitlin Potter <caitp@igalia.com> Cr-Commit-Position: refs/heads/master@{#47058}
-
Ulan Degenbaev authored
BUG=chromium:694255 TBR=ulan@chromium.org,mlippautz@chromium.org No-Presubmit: true No-Tree-Checks: true No-Try: true Change-Id: I832014d423335514cf1564984832b7a4e2c104ad Reviewed-on: https://chromium-review.googlesource.com/595984 Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#47057}
-
Sathya Gunasekaran authored
Bug: v8:5785 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I1792c57c37bac996079d5ecce5b61a13b327fb54 Reviewed-on: https://chromium-review.googlesource.com/596467Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#47056}
-
Junliang Yan authored
R=bjaideep@ca.ibm.com, joransiu@ca.ibm.com Bug: Change-Id: Ia9fa7785b0f508775f38547e56f07bc7ef9ee03d Reviewed-on: https://chromium-review.googlesource.com/557928 Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Reviewed-by: Jaideep Bajwa <bjaideep@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#47055}
-
Jaideep Bajwa authored
Port 316254a7 Original Commit Message: Commit 0d833cb9 deleted function call that created CEntryStub code in snapshot. So when CEntryStub::GetCode is called while initializing V8, the code for it, is not found in shapshot. Hence this code has to be generated in new allocation on heap, that is why initial heap is above the limit. This patch assures that CEntryStub code is in the snapshot. R=predrag.rudic@imgtec.com, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: I976dacf885e0d4ce8c5446a2c560a00cc0792150 Reviewed-on: https://chromium-review.googlesource.com/596071Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Commit-Queue: Jaideep Bajwa <bjaideep@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#47054}
-
Ulan Degenbaev authored
7a5a777c is going to be reverted and compaction depends on it. BUG=chromium:694255 TBR=ulan@chromium.org,mlippautz@chromium.org No-Presubmit: true No-Tree-Checks: true No-Try: true Change-Id: I975ea597860dd63e543b69bdc787c6667b015567 Reviewed-on: https://chromium-review.googlesource.com/595993 Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#47053}
-
Ulan Degenbaev authored
This reverts commit 7a5a777c. Reason for revert: crashing in test-api Original change's description: > [heap] Add mechanism for tracking invalidated slots per memory chunk. > > For correct slots recording in concurrent marker, we need to resolve > the race that happens when > 1) the mutator is invalidating slots for double unboxing or string > conversions > 2) and the concurrent marker is recording these slots. > > This patch adds a data-structure for tracking the invalidated objects. > Thus we can allow the concurrent marker to record slots without > worrying about clearing them. During old-to-old pointer updating phase > we re-check all slots that belong to the invalidated objects. > > BUG=chromium:694255 > > Change-Id: Ifc3d82918cd3b96e5a5fb7125691626a56f4ab83 > Reviewed-on: https://chromium-review.googlesource.com/591810 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Commit-Queue: Ulan Degenbaev <ulan@chromium.org> > Cr-Commit-Position: refs/heads/master@{#47049} TBR=ulan@chromium.org,mlippautz@chromium.org Change-Id: I7f4f8e8cb027b921a82e9c0a0623536af02581fb No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:694255 Reviewed-on: https://chromium-review.googlesource.com/595994Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#47052}
-
Ulan Degenbaev authored
BUG=chromium:694255 Change-Id: I25ac134ea2e6f9af13f18e2da819b6d368497646 Reviewed-on: https://chromium-review.googlesource.com/593009 Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#47051}
-
Bill Budge authored
Adds a base class TestPlatform which implements the most common defaults for v8::Platform methods. Reworks existing cctests and unittests to use TestPlatform. Bug: Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: Ifeb28a5a190529697d5bcac227e80b10d454d9bd Reviewed-on: https://chromium-review.googlesource.com/590194Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#47050}
-
Ulan Degenbaev authored
For correct slots recording in concurrent marker, we need to resolve the race that happens when 1) the mutator is invalidating slots for double unboxing or string conversions 2) and the concurrent marker is recording these slots. This patch adds a data-structure for tracking the invalidated objects. Thus we can allow the concurrent marker to record slots without worrying about clearing them. During old-to-old pointer updating phase we re-check all slots that belong to the invalidated objects. BUG=chromium:694255 Change-Id: Ifc3d82918cd3b96e5a5fb7125691626a56f4ab83 Reviewed-on: https://chromium-review.googlesource.com/591810Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#47049}
-
Alexey Kozyatinskiy authored
- rewritten test using new harness, - removed command line API part since we check it separatelu in inspector/runtime/command-line-api.js R=jgruber@chromium.org Bug: none Change-Id: Ia12cab10a8e299bb17688c9c5f36e7f712aa70ee Reviewed-on: https://chromium-review.googlesource.com/595032 Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#47048}
-
Georg Neis authored
R=adamk@chromium.org Bug: v8:1569 Change-Id: I3931418ef17a309789cbc5281a4542a20a1db94e Reviewed-on: https://chromium-review.googlesource.com/596029Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#47047}
-
Adam Klein authored
Also fix one apparently-harmless bug in the Parser where we failed to Finalize an empty scope. Without this fix, the DCHECK fails on any C-style for-loop with a lexical binding that hits the fast path (this is well-covered by many existing tests in mjsunit). Thanks to Georg Neis for the suggestion of this DCHECK. Change-Id: Ie1a8f8809f4d152c87f2da08209c610514645827 Reviewed-on: https://chromium-review.googlesource.com/587750Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#47046}
-
Bill Budge authored
Bug: v8:750454 Change-Id: Ia270d2ede546bdc0b8a61b944dada59905a5c862 Reviewed-on: https://chromium-review.googlesource.com/594490Reviewed-by: Martyn Capewell <martyn.capewell@arm.com> Commit-Queue: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#47045}
-
Ben L. Titzer authored
Register configuration data is not the same as frame configuration data. This CL moves the last remnants of register configuration into the assembler files, to be with the other register configuration macros. Next step: extract this register configuration data into platform-specific files that can be included independent of the assembler. R=mstarzinger@chromium.org Bug: Change-Id: I10933b5090be94e90e2a1442197528dfe30bb566 Reviewed-on: https://chromium-review.googlesource.com/595590 Commit-Queue: Ben Titzer <titzer@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#47044}
-
Michael Lippautz authored
This makes all the information that is present for GCTracer also available to RCS. Bug: chromium:748569 Change-Id: Ie7e8c3770b81ab1321cad08f6954492b72ef0514 Reviewed-on: https://chromium-review.googlesource.com/585427 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#47043}
-
Ulan Degenbaev authored
Now that the layout descriptor is pretenured, we don't need atomic accessor for the map space. BUG=chromium:694255 Change-Id: I0ced8c04eaa61eec0f6a7b518ecba6413a691501 Reviewed-on: https://chromium-review.googlesource.com/595742Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#47042}
-
Leszek Swirski authored
Remove the concept of IC age from the heap and SFI, since it no longer does anything useful. Change-Id: I4ce466efc77c007c09c0889bae09ec6a0c907e33 Reviewed-on: https://chromium-review.googlesource.com/593623 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#47041}
-
Michael Starzinger authored
R=jarin@chromium.org BUG=v8:6586 Change-Id: I1eedfe8d3d420fe88df5321cc855cfd6266d7c6e Reviewed-on: https://chromium-review.googlesource.com/595653Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#47040}
-
Yang Guo authored
Change-Id: Ida5c537fa94a376a134e60edce889b96b676a8f9 Reviewed-on: https://chromium-review.googlesource.com/584874Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#47039}
-
Michael Achenbach authored
This reverts commit a01ac7cb. Reason for revert: Causes flakes on gc stress: https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/14218 Original change's description: > Replacing pc with trampoline on stack > > This CL is the follow up of https://chromium-review.googlesource.com/c/586707/ > which used to crash when running the gc-stress bots. > It seems to be working now. We now keep the trampoline PC in the Safepoint > table and use that information to find SafepointEntries. > > There's some refactoring that can be done, such as changing the code for > exceptions in a similar way and removing the trampoline from the > DeoptimizationInputData. Will take care of this in the next CL. > > Bug: v8:6563 > Change-Id: I02565297093620023a1155b55d76a4dafcb54794 > Reviewed-on: https://chromium-review.googlesource.com/593622 > Commit-Queue: Juliana Patricia Vicente Franco <jupvfranco@google.com> > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Cr-Commit-Position: refs/heads/master@{#47030} TBR=jarin@chromium.org,bmeurer@chromium.org,jupvfranco@google.com Change-Id: Ie9929c9acae321a91014b76b9008f8835313e67d No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:6563 Reviewed-on: https://chromium-review.googlesource.com/595927Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#47038}
-
jgruber authored
This is a reland of 2f79e035 Original change's description: > [builtins] Remove Builtins::Name() accessors > > Instead of auto-generating the Name() convenience accessor, use a macro to > avoid wasting code space. > > BUILTIN_CODE(isolate, Name) > > expands to > > isolate->builtins()->builtin_handle(Builtins::kName); > > This reduces the size of libv8.so by 134,752 bytes on a x64 release build. > > Bug: v8:6624 > Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng > Change-Id: Idff7ee5c45e344e73412c0f47e92553c7c7ff75f > Reviewed-on: https://chromium-review.googlesource.com/593607 > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/master@{#47010} TBR=bmeurer@chromium.org,ahaas@chromium.org Bug: v8:6624 Change-Id: I4733731e56dc8873ee06c2b36cac1918c0a658b2 Reviewed-on: https://chromium-review.googlesource.com/594087 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#47037}
-
Michael Lippautz authored
This mitigates the problem of blocking on the main thread when the platform is unable to execute background tasks in a timely manner. Bug: v8:6655 Change-Id: Icdaae744ee73146b86b9a28c8035138746721971 Reviewed-on: https://chromium-review.googlesource.com/595467 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#47036}
-
Michael Achenbach authored
This reverts commit a6c3f143. Reason for revert: https://build.chromium.org/p/client.v8/builders/V8%20Mac%20GC%20Stress/builds/14478 https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20gc%20stress/builds/11907 Original change's description: > [turbofan] enable new implementation of escape analysis > > Bug: > Change-Id: I0218ab67bf391deb8f1b1b78811643eb84745b7c > Reviewed-on: https://chromium-review.googlesource.com/595508 > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Commit-Queue: Tobias Tebbi <tebbi@chromium.org> > Cr-Commit-Position: refs/heads/master@{#47032} TBR=jarin@chromium.org,tebbi@chromium.org Change-Id: Ib534a1c5e3b67e0585c63185065370a23ba954c5 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/595647Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#47035}
-
Benedikt Meurer authored
The @@toStringTag lookup in Object.prototype.toString causes quite a lot of overhead and oftentimes dominates the builtin performance. These lookups are almost always negative, especially for primitive values, and Object.prototype.toString is often used to implement predicates (like in Node core or in AngularJS), so having a way to skip the negative lookup yields big performance gains. This CL introduces a "MayHaveInterestingSymbols" bit on every map, which says whether instances with this map may have an interesting symbol. Currently only @@toStringTag is considered an interesting symbol, but we can extend that in the future. In the Object.prototype.toString we can use the interesting symbols bit to do a quick check on the prototype chain to see if there are any maps that might have the @@toStringTag, and if not, we can just immediately return the result, which is very fast because it's derived from the instance type. This also avoids the ToObject conversions for primitive values, which is important, since this causes unnecessary GC traffic and in for example AngularJS, strings are also often probed via the Object.prototype.toString based predicates. This boosts Speedometer/AngularJS by over 3% and Speedometer overall by up to 1%. On the microbenchmark from the similar SpiderMonkey bug (https://bugzilla.mozilla.org/show_bug.cgi?id=1369042), we go from roughly 450ms to 70ms, which corresponds to a 6.5x improvement. ``` function f() { var res = ""; var a = [1, 2, 3]; var toString = Object.prototype.toString; var t = new Date; for (var i = 0; i < 5000000; i++) res = toString.call(a); print(new Date - t); return res; } f(); ``` The design document at https://goo.gl/e8CruQ has some additional data points. TBR=ulan@chromium.org Bug: v8:6654 Change-Id: I31932cf41ecddad079d294e2c322a852af0ed244 Reviewed-on: https://chromium-review.googlesource.com/593620 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#47034}
-
Andreas Haas authored
R=titzer@chromium.org Bug: v8:6640 Change-Id: I08bed124f7c6f6607b28844ea91bee90c1c1ab22 Reviewed-on: https://chromium-review.googlesource.com/586603Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#47033}
-
Tobias Tebbi authored
Bug: Change-Id: I0218ab67bf391deb8f1b1b78811643eb84745b7c Reviewed-on: https://chromium-review.googlesource.com/595508Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#47032}
-
Clemens Hammacher authored
We were just debugging a trap triggered in the c entry stub, because there was a pending exception even though the return value of the runtime function was not {heap()->exception()}. The DCHECKs added here help to catch this common error earlier. R=mstarzinger@chromium.org CC=ahaas@chromium.org Also-by: ahaas@chromium.org Change-Id: I3718dcb64a7924137c9f4bddff62776772d10386 Reviewed-on: https://chromium-review.googlesource.com/594447Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#47031}
-
Juliana Franco authored
This CL is the follow up of https://chromium-review.googlesource.com/c/586707/ which used to crash when running the gc-stress bots. It seems to be working now. We now keep the trampoline PC in the Safepoint table and use that information to find SafepointEntries. There's some refactoring that can be done, such as changing the code for exceptions in a similar way and removing the trampoline from the DeoptimizationInputData. Will take care of this in the next CL. Bug: v8:6563 Change-Id: I02565297093620023a1155b55d76a4dafcb54794 Reviewed-on: https://chromium-review.googlesource.com/593622 Commit-Queue: Juliana Patricia Vicente Franco <jupvfranco@google.com> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#47030}
-
Enrico Bacis authored
The test TestExportImportedMemoryGrowMultipleInstances in test/mjsunit/wasm/import-memory.js had a TODO about not taking into account the maximum size for exported memory objects, thus permitting to grow past thhe maximum specified in the exported memory object. The check is already in place at wasm-objects.cc:266 (https://cs.chromium.org/chromium/src/v8/src/wasm/wasm-objects.cc?rcl=a01b55b548add5aec1d3d4d8fcdadfa01555c6ea&l=266). This CL removes the TODO and asserts that growing past maximum for exported objects fails. R=ahaas@chromium.org, gdeepti@chromium.org Change-Id: Ifa69e4e85e04bc2280b629cebb30d400cca9420f Reviewed-on: https://chromium-review.googlesource.com/593948Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Enrico Bacis <enricobacis@google.com> Cr-Commit-Position: refs/heads/master@{#47029}
-
Predrag Rudic authored
Commit 0d833cb9 deleted function call that created CEntryStub code in snapshot. So when CEntryStub::GetCode is called while initializing V8, the code for it, is not found in shapshot. Hence this code has to be generated in new allocation on heap, that is why initial heap is above the limit. This patch assures that CEntryStub code is in the snapshot. Bug: Change-Id: Ifc885998e9253ab3e19e4e2409e4c124a5f1b0d1 Reviewed-on: https://chromium-review.googlesource.com/593950Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com> Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com> Cr-Commit-Position: refs/heads/master@{#47028}
-