- 27 Feb, 2016 1 commit
-
-
bmeurer authored
Since both null and undefined are also marked as undetectable now, we can just test that bit instead of having the CompareNilIC try to collect feedback to speed up the general case (without the undetectable bit being used). Drive-by-fix: Update the type system to match the new handling of undetectable in the runtime. R=danno@chromium.org Committed: https://crrev.com/666aec0348c8793e61c8633dee7ad29a514239ba Cr-Commit-Position: refs/heads/master@{#34237} Review URL: https://codereview.chromium.org/1722193002 Cr-Commit-Position: refs/heads/master@{#34344}
-
- 26 Feb, 2016 2 commits
-
-
bmeurer authored
The CompareICStub produces an untagged raw word value, which has to be translated to true or false manually in the TurboFan code. But for lazy bailout after the CompareIC, we immediately go back to fullcodegen or Ignition with the raw value, to a location where both fullcodegen and Ignition expect a boolean value, which might crash or in the worst case (depending on the exact computation inside the CompareIC) could lead to arbitrary memory access. Short-term fix is to use the proper runtime functions (unified with the interpreter now) for comparisons. Next task is to provide optimized versions of these based on the CodeStubAssembler, which can then be used via code stubs in TurboFan or directly in handlers in the interpreter. R=mstarzinger@chromium.org BUG=v8:4788 LOG=n Review URL: https://codereview.chromium.org/1738153002 Cr-Commit-Position: refs/heads/master@{#34335}
-
adamk authored
Revert of [compiler] Drop the CompareNilIC. (patchset #4 id:60001 of https://codereview.chromium.org/1722193002/ ) Reason for revert: Speculative revert in attempt to fix #2 crasher on canary. Original issue's description: > [compiler] Drop the CompareNilIC. > > Since both null and undefined are also marked as undetectable now, we > can just test that bit instead of having the CompareNilIC try to collect > feedback to speed up the general case (without the undetectable bit > being used). > > Drive-by-fix: Update the type system to match the new handling of > undetectable in the runtime. > > R=danno@chromium.org > > Committed: https://crrev.com/666aec0348c8793e61c8633dee7ad29a514239ba > Cr-Commit-Position: refs/heads/master@{#34237} TBR=danno@chromium.org,verwaest@chromium.org,bmeurer@chromium.org LOG=y BUG=chromium:589897 NOTRY=true Review URL: https://codereview.chromium.org/1743433002 Cr-Commit-Position: refs/heads/master@{#34308}
-
- 25 Feb, 2016 1 commit
-
-
bmeurer authored
Only use one set of %StrictEquals/%StrictNotEquals and %Equals/%NotEquals runtime entries for both the interpreter and the old-style CompareICStub. The long-term plan is to update the CompareICStub to also return boolean values, and even allow some more code sharing with the interpreter there. R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/1738883002 Cr-Commit-Position: refs/heads/master@{#34303}
-
- 24 Feb, 2016 4 commits
-
-
mstarzinger authored
This makes the FullCodeGenerator::EmitNamedPropertyLoad be architecture independent by adding MacroAssembler::Move helpers. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/1734643002 Cr-Commit-Position: refs/heads/master@{#34259}
-
mythria authored
Revert of [Interpreter] Implements calls through CallICStub in the interpreter. (patchset #15 id:270001 of https://codereview.chromium.org/1688283003/ ) Reason for revert: It is not a good idea to call CallICStub from the builtin. It might be sensitive to the frame structure. Constructing a internal frame might cause problems. It is much better to inline the code related to the type feedback vector into the builtin. Original issue's description: > [Interpreter] Implements calls through CallICStub in the interpreter. > > Calls are implemented through CallICStub to collect type feedback. Adds > a new builtin called InterpreterPushArgsAndCallIC that pushes the > arguments onto stack and calls CallICStub. > > Also adds two new bytecodes CallIC and CallICWide to indicate calls have to > go through CallICStub. > > MIPS port contributed by balazs.kilvady. > > BUG=v8:4280, v8:4680 > LOG=N > > Committed: https://crrev.com/20362a2214c11a0f2ea5141b6a79e09458939cec > Cr-Commit-Position: refs/heads/master@{#34244} TBR=rmcilroy@chromium.org,mvstanton@chromium.org,mstarzinger@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:4280, v8:4680 Review URL: https://codereview.chromium.org/1731253003 Cr-Commit-Position: refs/heads/master@{#34252}
-
mythria authored
Calls are implemented through CallICStub to collect type feedback. Adds a new builtin called InterpreterPushArgsAndCallIC that pushes the arguments onto stack and calls CallICStub. Also adds two new bytecodes CallIC and CallICWide to indicate calls have to go through CallICStub. MIPS port contributed by balazs.kilvady. BUG=v8:4280, v8:4680 LOG=N Review URL: https://codereview.chromium.org/1688283003 Cr-Commit-Position: refs/heads/master@{#34244}
-
bmeurer authored
Since both null and undefined are also marked as undetectable now, we can just test that bit instead of having the CompareNilIC try to collect feedback to speed up the general case (without the undetectable bit being used). Drive-by-fix: Update the type system to match the new handling of undetectable in the runtime. R=danno@chromium.org Review URL: https://codereview.chromium.org/1722193002 Cr-Commit-Position: refs/heads/master@{#34237}
-
- 22 Feb, 2016 1 commit
-
-
yangguo authored
R=mstarzinger@chromium.org, rmcilroy@chromium.org BUG=v8:4690 LOG=N Review URL: https://codereview.chromium.org/1703453002 Cr-Commit-Position: refs/heads/master@{#34190}
-
- 19 Feb, 2016 2 commits
-
-
rmcilroy authored
Adds a profiling counter to each BytecodeArray object, and adds code to Jump and Return bytecode handlers to update this counter by the size of the jump or the distance from the return to the start of the function. This is more accurate than fullcodegen's approach since it takes forward jumps into account as well as back-edges. Modifies RuntimeProfiler to track ticks for interpreted frames. Currently we use the SharedFunctionInfo::profiler_ticks() instead of adding another to tick field to avoid adding another field to BytecodeArray since SharedFunctionInfo::profiler_ticks() is only used by Crankshaft otherwise so we shouldn't need both for BUG=v8:4689 LOG=N Review URL: https://codereview.chromium.org/1707693003 Cr-Commit-Position: refs/heads/master@{#34166}
-
bmeurer authored
Move the already existing fast case for %NewObject into a dedicated FastNewObjectStub that we can utilize in places where we would otherwise fallback to %NewObject immediately, which is rather expensive. Also use FastNewObjectStub as the generic implementation of JSCreate, which should make constructor inlining based on SharedFunctionInfo (w/o specializing to a concrete closure) viable soon. R=jarin@chromium.org Review URL: https://codereview.chromium.org/1708313002 Cr-Commit-Position: refs/heads/master@{#34136}
-
- 18 Feb, 2016 1 commit
-
-
rmcilroy authored
Moves the accumulator value on-heap to be restored in the InterpreterNotifyDeopt handler rather than explicitly setting the accumulator register. This allows it to be materialized correctly if required. BUG=v8:4678 LOG=N Review URL: https://codereview.chromium.org/1707133003 Cr-Commit-Position: refs/heads/master@{#34113}
-
- 17 Feb, 2016 2 commits
-
-
bbudge authored
Adds kSimd128 to MachineRepresentation. Adds a Simd128Register concept that's platform independent. Adds UntaggedSimd128 to types.h. LOG=N BUG=v8:4124 Review URL: https://codereview.chromium.org/1693963004 Cr-Commit-Position: refs/heads/master@{#34089}
-
ishell authored
This CL introduces two new bytecodes TailCall and TailCallWide. BUG=v8:4698,v8:4687 LOG=N Review URL: https://codereview.chromium.org/1698273003 Cr-Commit-Position: refs/heads/master@{#34083}
-
- 16 Feb, 2016 3 commits
-
-
mstarzinger authored
R=bmeurer@chromium.org BUG=v8:3956 LOG=n Review URL: https://codereview.chromium.org/1693833002 Cr-Commit-Position: refs/heads/master@{#34036}
-
rmcilroy authored
Replaces the push of the dispatch table on the interpreted stack frame with a push of the bytecode array. This enables the debugger to replace the bytecode array with a patched version containing breakpoints. BUG=v8:4690 LOG=N Review URL: https://codereview.chromium.org/1699013002 Cr-Commit-Position: refs/heads/master@{#34032}
-
rodolph.perfetta authored
Let me know if this is not the right approach Review URL: https://codereview.chromium.org/1698483002 Cr-Commit-Position: refs/heads/master@{#34028}
-
- 15 Feb, 2016 5 commits
-
-
titzer authored
R=bmeurer@chromium.org BUG= Review URL: https://codereview.chromium.org/1698063002 Cr-Commit-Position: refs/heads/master@{#33990}
-
bmeurer authored
Turn the fast case of ArgumentsAccessStub into a new stub FastNewSloppyArgumentsStub, which is similar to the existing FastNewStrictArgumentsStub, although not polished yet, and the slow case always went to the runtime anyway, so we can just directly emit a runtime call there. R=mstarzinger@chromium.org Committed: https://crrev.com/55b0b4f6d572531eec00ab6ebd8f6feb7c584e04 Cr-Commit-Position: refs/heads/master@{#33973} Review URL: https://codereview.chromium.org/1695633003 Cr-Commit-Position: refs/heads/master@{#33986}
-
machenbach authored
Revert of [runtime] Turn ArgumentAccessStub into FastNewSloppyArgumentsStub. (patchset #2 id:20001 of https://codereview.chromium.org/1695633003/ ) Reason for revert: [Sheriff] Breaks ASAN with mipsel compile: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20ASAN%20mipsel%20-%20debug%20builder/builds/4558/ Original issue's description: > [runtime] Turn ArgumentAccessStub into FastNewSloppyArgumentsStub. > > Turn the fast case of ArgumentsAccessStub into a new stub > FastNewSloppyArgumentsStub, which is similar to the existing > FastNewStrictArgumentsStub, although not polished yet, and the slow > case always went to the runtime anyway, so we can just directly emit > a runtime call there. > > R=mstarzinger@chromium.org > > Committed: https://crrev.com/55b0b4f6d572531eec00ab6ebd8f6feb7c584e04 > Cr-Commit-Position: refs/heads/master@{#33973} TBR=mstarzinger@chromium.org,jarin@chromium.org,bmeurer@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Review URL: https://codereview.chromium.org/1701653002 Cr-Commit-Position: refs/heads/master@{#33976}
-
jarin authored
This is mostly preparation for allowing the function closure to be materialized. As a drive-by fix, I have added ignition source position support to the frame inspector (this fixed some ignition test failures). Review URL: https://codereview.chromium.org/1698743002 Cr-Commit-Position: refs/heads/master@{#33975}
-
bmeurer authored
Turn the fast case of ArgumentsAccessStub into a new stub FastNewSloppyArgumentsStub, which is similar to the existing FastNewStrictArgumentsStub, although not polished yet, and the slow case always went to the runtime anyway, so we can just directly emit a runtime call there. R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/1695633003 Cr-Commit-Position: refs/heads/master@{#33973}
-
- 12 Feb, 2016 2 commits
-
-
bmeurer authored
This removes support for the %Arguments and %ArgumentsLength runtime entries and their intrinsic counterparts. If you need variable arguments in any builtin, either use (strict) arguments object or rest parameters, which are both compositional across inlining (in TurboFan), and not that much slower compared to the %_Arguments hackery. R=jarin@chromium.org Review URL: https://codereview.chromium.org/1688163004 Cr-Commit-Position: refs/heads/master@{#33943}
-
bmeurer authored
The FastNewStrictArgumentsStub is very similar to the recently added FastNewRestParameterStub, it's actually almost a copy of it, except that it doesn't have the fast case we have for the empty rest parameter. This patch improves strict arguments in TurboFan and fullcodegen by up to 10x compared to the previous version. Also introduce proper JSSloppyArgumentsObject and JSStrictArgumentsObject for the in-object properties instead of having them as constants in the Heap class. Drive-by-fix: Use this stub and the FastNewRestParameterStub in the interpreter to avoid the runtime call overhead for strict arguments and rest parameter creation. R=jarin@chromium.org TBR=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/1693513002 Cr-Commit-Position: refs/heads/master@{#33925}
-
- 11 Feb, 2016 2 commits
-
-
rmcilroy authored
Saves and restores the dispatch pointer during calls to enable the debugger to switch the dispatch table used by a function during it's execution. Also moves the accumulator and context nodes to be Variables so that they will be properly merged across branches. BUG=v8:4280,v8:4690 LOG=N Review URL: https://codereview.chromium.org/1684073002 Cr-Commit-Position: refs/heads/master@{#33894}
-
jarin authored
This removes uses of JSFunction by the (proper) deoptimizer. This will be useful when we escape analyze JSFunction away. Unfortunately, the debugger still needs JSFunction, so escape analysis would not work yet. Review URL: https://codereview.chromium.org/1686183003 Cr-Commit-Position: refs/heads/master@{#33891}
-
- 10 Feb, 2016 5 commits
-
-
rmcilroy authored
Moves InterpreterAssembler out of the compiler directory and into the interpreter directory. Makes InterpreterAssembler as subclass of CodeStubAssembler. As part of this change, the special bytecode dispatch linkage type is removed and instead we use a InterfaceDispatchDescriptor and a normal CodeStub linkage type. Removes a bunch of duplicated logic in InterpreterAssembler and instead uses the CodeStubAssembler logic. Refactors Interpreter with these changes. Modifies CodeStubAssembler to add the extra operations required by the Interpreter (extra call types, raw memory access and some extra binary ops). Also adds the ability for subclasses to add extra prologue and epilogue operations around calls, which is required for the Interpreter. BUG=v8:4280 LOG=N Review URL: https://codereview.chromium.org/1673333004 Cr-Commit-Position: refs/heads/master@{#33873}
-
yangguo authored
The break location heavily relies on relocation info. This change abstracts that away. Currently there is only one implementation for this interface, for JIT code. Future changes will introduce an implementation to iterate bytecode arrays. R=rmcilroy@chromium.org, vogelheim@chromium.org BUG=v8:4690 LOG=N Review URL: https://codereview.chromium.org/1682853003 Cr-Commit-Position: refs/heads/master@{#33869}
-
mvstanton authored
Calls use registers for target, new_target and argument count. We don't always respect argument count. It didn't bite us in the past because the code paths where we clobbered it never used it, though in future it could be an issue. BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/1683593003 Cr-Commit-Position: refs/heads/master@{#33865}
-
verwaest authored
Mark null and undefined as undetectable, and use it to handle abstract equality comparison in the generic compare ic Marking as undetectable makes abstract equality of null, undefined, and other undetectable objects easier. Supporting it in the generic compare IC significantly speeds up dynamic comparison between those values and JSReceivers by not falling back to the runtime. MIPS port contributed by Balazs Kilvady <balazs.kilvady@imgtec.com> Review URL: https://codereview.chromium.org/1683643002 Cr-Commit-Position: refs/heads/master@{#33858}
-
mlippautz authored
Preparing the young generation for (real) non-contiguous backing memory, this change removes object masks that are used to compute containment in semi and new space. The masks are replaced by lookups for object tags and page headers, where possible. Details: - Use the fast checks (page header lookups) for containment in regular code. - Use the slow version that masks out the page start adress and iterates all pages of a space for debugging/verification. - The slow version works for off-heap/unmapped memory. - Encapsulate all checks for the old->new barrier in Heap::RecordWrite(). BUG=chromium:581412 LOG=N Review URL: https://codereview.chromium.org/1632913003 Cr-Commit-Position: refs/heads/master@{#33857}
-
- 09 Feb, 2016 1 commit
-
-
epertoso authored
BUG= Committed: https://crrev.com/4d46b510caf534d770ce19a01a11b8796304471b Cr-Commit-Position: refs/heads/master@{#33812} Review URL: https://codereview.chromium.org/1609233002 Cr-Commit-Position: refs/heads/master@{#33851}
-
- 08 Feb, 2016 6 commits
-
-
mstarzinger authored
The flag in question is a debug-only flag supported by full-codegen and Crankshaft only. In it's current form there are some unresolved issues: - The flag is defeated by inlining in Crankshaft. - The flag is not supported by TurboFan. - The flag is not supported by Ignition. Instead of addressing the above issues and increasing maintenance cost for all backends and also given the "slim" test coverage, this CL fully removes the support from all backends. R=bmeurer@chromium.org,jkummerow@chromium.org Review URL: https://codereview.chromium.org/1676263002 Cr-Commit-Position: refs/heads/master@{#33817}
-
verwaest authored
Generally we only care whether the next object is a hidden prototype. It's simpler to check whether the current object has a hidden prototype instead of walking to the next prototype and checking its map. BUG= Review URL: https://codereview.chromium.org/1675223002 Cr-Commit-Position: refs/heads/master@{#33816}
-
machenbach authored
Revert of Do not eagerly instantiate accessors' JSFunction. (patchset #9 id:180001 of https://codereview.chromium.org/1609233002/ ) Reason for revert: [Sheriff] Breaks gcmole: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20gcmole/builds/6260 Original issue's description: > Do not eagerly instantiate accessors' JSFunction. > > BUG= > > Committed: https://crrev.com/4d46b510caf534d770ce19a01a11b8796304471b > Cr-Commit-Position: refs/heads/master@{#33812} TBR=verwaest@chromium.org,epertoso@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG= Review URL: https://codereview.chromium.org/1679683004 Cr-Commit-Position: refs/heads/master@{#33814}
-
epertoso authored
BUG= Review URL: https://codereview.chromium.org/1609233002 Cr-Commit-Position: refs/heads/master@{#33812}
-
bmeurer authored
Replace the somewhat awkward RestParamAccessStub, which would always call into the runtime anyway with a proper FastNewRestParameterStub, which is basically based on the code that was already there for strict arguments object materialization. But for rest parameters we could optimize even further (leading to 8-10x improvements for functions with rest parameters), by fixing the internal formal parameter count: Every SharedFunctionInfo has a formal_parameter_count field, which specifies the number of formal parameters, and is used to decide whether we need to create an arguments adaptor frame when calling a function (i.e. if there's a mismatch between the actual and expected parameters). Previously the formal_parameter_count included the rest parameter, which was sort of unfortunate, as that meant that calling a function with only the non-rest parameters still required an arguments adaptor (plus some other oddities). Now with this CL we fix, so that we do no longer include the rest parameter in that count. Thereby checking for rest parameters is very efficient, as we only need to check whether there is an arguments adaptor frame, and if not create an empty array, otherwise check whether the arguments adaptor frame has more parameters than specified by the formal_parameter_count. The FastNewRestParameterStub is written in a way that it can be directly used by Ignition as well, and with some tweaks to the TurboFan backends and the CodeStubAssembler, we should be able to rewrite it as TurboFanCodeStub in the near future. Drive-by-fix: Refactor and unify the CreateArgumentsType which was different in TurboFan and Ignition; now we have a single enum class which is used in both TurboFan and Ignition. R=jarin@chromium.org, rmcilroy@chromium.org TBR=rossberg@chromium.org BUG=v8:2159 LOG=n Review URL: https://codereview.chromium.org/1676883002 Cr-Commit-Position: refs/heads/master@{#33809}
-
ulan authored
This replaces the global remembered set with per-page remembered sets. Each page in the old space, map space, and large object space keeps track of the set of slots in the page pointing to the new space. The data structure for storing slot sets is a two-level bitmap, which allows us to remove the store buffer overflow and SCAN_ON_SCAVENGE logic. Design doc: https://goo.gl/sMKCf7 BUG=chromium:578883 LOG=NO Review URL: https://codereview.chromium.org/1608583002 Cr-Commit-Position: refs/heads/master@{#33806}
-
- 06 Feb, 2016 1 commit
-
-
ishell authored
[api] Make ObjectTemplate::SetNativeDataProperty() work even if the ObjectTemplate does not have a constructor. Previously ObjectTemplate::New() logic relied on the fact that all the accessor properties are already installed in the initial map of the function object of the constructor FunctionTemplate. When the FunctionTemplate were instantiated the accessors of the instance templates from the whole inheritance chain were accumulated and added to the initial map. ObjectTemplate::SetSetAccessor() used to explicitly ensure that the ObjectTemplate has a constructor and therefore an initial map to add all accessors to. The new approach is to add all the accessors and data properties to the object exactly when the ObjectTemplate is instantiated. In order to keep it fast we now cache the object boilerplates in the Isolate::template_instantiations_cache (the former function_cache), so the object creation turns to be a deep copying of the boilerplate object. BUG=chromium:579009 LOG=Y Committed: https://crrev.com/6a118774244d087b5979e9291d628a994f21d59d Cr-Commit-Position: refs/heads/master@{#33674} Review URL: https://codereview.chromium.org/1642223003 Cr-Commit-Position: refs/heads/master@{#33798}
-
- 05 Feb, 2016 1 commit
-
-
yangguo authored
This makes the dispatch table similar to the builtins code list and makes sure that the dispatch table does not move. R=mstarzinger@chromium.org, rmcilroy@chromium.org Review URL: https://codereview.chromium.org/1671813003 Cr-Commit-Position: refs/heads/master@{#33781}
-