- 04 May, 2018 1 commit
-
-
Toon Verwaest authored
Bug: v8:7066 Change-Id: Icfcb40b2048997c158fba5f3e250145bed4ca1e3 Reviewed-on: https://chromium-review.googlesource.com/1042386 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#52981}
-
- 02 May, 2018 1 commit
-
-
Leszek Swirski authored
This reverts commit 2df5e7a7. Reason for revert: Mystery crashes https://bugs.chromium.org/p/chromium/issues/detail?id=838805 Original change's description: > [parser] Slice the source string where possible > > When internalizing string literals (for quoted strings or property names), > try to create a sliced string of the source string rather than allocating > a copy of the bytes. > > This will not work for string literals that contain escapes (e.g. unicode > escapes), and currently does not support two-byte strings. > > Bug: chromium:818642 > Change-Id: I686e5ad36baecd1a84ce5e124118431249b6c980 > Reviewed-on: https://chromium-review.googlesource.com/1010282 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Yang Guo <yangguo@chromium.org> > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Reviewed-by: Marja Hölttä <marja@chromium.org> > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > Cr-Commit-Position: refs/heads/master@{#52898} TBR=marja@chromium.org,yangguo@chromium.org,jarin@chromium.org,mlippautz@chromium.org,leszeks@chromium.org,verwaest@chromium.org Change-Id: I598b6668c43a3e843e2dd8e60852b2b2f3461954 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:818642 Reviewed-on: https://chromium-review.googlesource.com/1039885 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#52919}
-
- 01 May, 2018 1 commit
-
-
Leszek Swirski authored
When internalizing string literals (for quoted strings or property names), try to create a sliced string of the source string rather than allocating a copy of the bytes. This will not work for string literals that contain escapes (e.g. unicode escapes), and currently does not support two-byte strings. Bug: chromium:818642 Change-Id: I686e5ad36baecd1a84ce5e124118431249b6c980 Reviewed-on: https://chromium-review.googlesource.com/1010282Reviewed-by:
Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
Yang Guo <yangguo@chromium.org> Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Reviewed-by:
Marja Hölttä <marja@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#52898}
-
- 30 Apr, 2018 1 commit
-
-
Jaroslav Sevcik authored
This removes Type::operator-> which was used to split the change that removed undefined misuse of Type* to represent integers. Bug: v8:3770 Change-Id: I9a5bce5ccdc75461a7b939b4070cb58fe6040d99 Reviewed-on: https://chromium-review.googlesource.com/1033736Reviewed-by:
Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#52878}
-
- 28 Apr, 2018 1 commit
-
-
Jaroslav Sevcik authored
This is part of the effort to decrease the amount of undefined behavior. that v8 relies on. The main change here is to represent types with class Type rather than with pointer Type*. To make the CL smaller, I used an operator overload hack to separate the change from `->` to `.`. I am working on a CL that will remove the operator and change all those arrows to dots. Bug: v8:3770 Change-Id: I71a197cb739a1467937bc95c2a757fab0469aa22 Reviewed-on: https://chromium-review.googlesource.com/1032551 Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by:
Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#52872}
-
- 25 Apr, 2018 1 commit
-
-
Jaroslav Sevcik authored
This is just code reshuffling to enable changing Type* to Type. Bug: v8:3770 Change-Id: I8ed4ff41b480cab377d115c57c49d6f6c0c46d6d Reviewed-on: https://chromium-review.googlesource.com/1025897Reviewed-by:
Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#52772}
-
- 16 Apr, 2018 1 commit
-
-
Marja Hölttä authored
BUG=v8:7308 Change-Id: I5e9f371b1db5515b723d9a2864bf2038706e2015 Reviewed-on: https://chromium-review.googlesource.com/960032 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#52613}
-
- 10 Apr, 2018 1 commit
-
-
Matheus Marchini authored
Before Turbofan/Ignition it was possible to use external profilers to sample running V8/Node.js processes and generate reports/FlameGraphs from that. It's still possible to do so, but non-optimized JavaScript functions appear in the stack as InterpreterEntryTrampoline. This commit adds a runtime flag which makes interpreted frames visible on the process' native stack as distinguishable functions, making the sampled data gathered by external profilers such as Linux perf and DTrace more useful. R=bmeurer@google.com, franzih@google.com, jarin@google.com, yangguo@google.com Bug: v8:7155 Change-Id: I3dc8876aa3cd9f1b9766624842a7cc354ccca415 Reviewed-on: https://chromium-review.googlesource.com/959081 Commit-Queue: Yang Guo <yangguo@chromium.org> Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Reviewed-by:
Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#52533}
-
- 05 Apr, 2018 1 commit
-
-
peterwmwong authored
Proposal repo: https://github.com/tc39/proposal-string-matchall - Add new builtins StringPrototypeMatchAll and RegExpPrototypeMatchAll - Add new object RegExpStringIterator Bug: v8:6890 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: I9fad71900cf30e8632258c309df1c7a638ea4600 Reviewed-on: https://chromium-review.googlesource.com/981893 Commit-Queue: Peter Wong <peter.wm.wong@gmail.com> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#52403}
-
- 03 Apr, 2018 2 commits
-
-
Ben Smith authored
This change implements the WebAssembly.Global object and constructor, but none of the accessors or functions. There is a new flag to enable this: --experimental-wasm-mut-global. Change-Id: Ifeb270d57392d7ca0900c80c0038932c96ee8b61 Reviewed-on: https://chromium-review.googlesource.com/989296 Commit-Queue: Ben Smith <binji@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#52335}
-
Erik Luo authored
Makes CallHandlerInfo its own instance type, with an additional map to distinguish side-effect-free handlers. In a followup, we can expose an API flag to set the map. This CL does not support whitelisting calls to ObjectTemplates that use SetCallAsFunctionHandler(). Bug: v8:7515 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: Ie32fe144046a9fae3e3b1ea5602b0da3db8a5616 Reviewed-on: https://chromium-review.googlesource.com/965741Reviewed-by:
Hannes Payer <hpayer@chromium.org> Reviewed-by:
Yang Guo <yangguo@chromium.org> Commit-Queue: Erik Luo <luoe@chromium.org> Cr-Commit-Position: refs/heads/master@{#52328}
-
- 23 Mar, 2018 3 commits
-
-
Alexey Kozyatinskiy authored
This is a reland of 6da438fd Original change's description: > [runtime] introduced instrance type for each context type > > Each context type get own instance type: > - we can make CSA checks more strict in couple places, > - it is requires step for advanced evaluation without side effects. > > R=yangguo@chromium.org > > Bug: v8:7588 > Change-Id: I585e8b55a280a909fc3c6069ed30e34b7040d0c7 > Reviewed-on: https://chromium-review.googlesource.com/977041 > Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Reviewed-by: Yang Guo <yangguo@chromium.org> > Cr-Commit-Position: refs/heads/master@{#52191} Bug: v8:7588 Change-Id: I80110ff814c0315d7ca694b7d0aef5b10df614f0 Reviewed-on: https://chromium-review.googlesource.com/978584Reviewed-by:
Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Cr-Commit-Position: refs/heads/master@{#52196}
-
Michael Achenbach authored
This reverts commit 6da438fd. Reason for revert: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap%20-%20debug/builds/18287 Original change's description: > [runtime] introduced instrance type for each context type > > Each context type get own instance type: > - we can make CSA checks more strict in couple places, > - it is requires step for advanced evaluation without side effects. > > R=yangguo@chromium.org > > Bug: v8:7588 > Change-Id: I585e8b55a280a909fc3c6069ed30e34b7040d0c7 > Reviewed-on: https://chromium-review.googlesource.com/977041 > Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Reviewed-by: Yang Guo <yangguo@chromium.org> > Cr-Commit-Position: refs/heads/master@{#52191} TBR=yangguo@chromium.org,mstarzinger@chromium.org,kozyatinskiy@chromium.org Change-Id: I17a24b5b99552941d7a8ec54ebf6d11d6d1a66d8 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:7588 Reviewed-on: https://chromium-review.googlesource.com/977974Reviewed-by:
Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#52193}
-
Alexey Kozyatinskiy authored
Each context type get own instance type: - we can make CSA checks more strict in couple places, - it is requires step for advanced evaluation without side effects. R=yangguo@chromium.org Bug: v8:7588 Change-Id: I585e8b55a280a909fc3c6069ed30e34b7040d0c7 Reviewed-on: https://chromium-review.googlesource.com/977041 Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#52191}
-
- 19 Mar, 2018 1 commit
-
-
Georg Neis authored
This type is dangerous because it can become smaller over time (as strings get internalized). Bug: v8:6521 Change-Id: Iea650789ab52c13a0519f46999edc8a7959ccc71 Reviewed-on: https://chromium-review.googlesource.com/968525 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#52040}
-
- 16 Mar, 2018 1 commit
-
-
Benedikt Meurer authored
A value of type OtherSeqString can change its type to OtherNonSeqString via inplace internalization (and redirection via a ThinString). This can lead to out of bounds memory accesses and generally correctness bugs, as seen with crbug.com/822284. This change might affect performance in some cases, and we'll need to evaluate whether it's worth spending cycles on adding another mechanism that leverages the sequential string information in a safe way on a case by case basis. Bug: chromium:822284 Change-Id: I0de77ec089a774236555f38c365f7548f454edfe Reviewed-on: https://chromium-review.googlesource.com/966021Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#51975}
-
- 12 Mar, 2018 1 commit
-
-
Marja Hölttä authored
Not used yet apart from tests. BUG=v8:7308 Change-Id: Ibbe12597007cba123236c9fab85c524df3d5dd4a Reviewed-on: https://chromium-review.googlesource.com/955427 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/master@{#51876}
-
- 09 Mar, 2018 1 commit
-
-
Peter Marshall authored
Previously we used a FixedArray for the FeedbackMetadata, packing bits of information into Smi fields. On 64-bit platforms, we waste at least half of the available memory by using the Smi representation. Given that this is just raw data (no pointers), we can just use a new type that uses the existing packing scheme to store the data in int32 format instead. This CL changes FeedbackMetadata to a new subclass of HeapObject. This is to reduce the API surface exposed, in comparison to extending/using a more general purpose data structure like ByteArray, which is also just raw data. FeedbackMetadata only exposes general purpose methods for accessing slots, but hides the implementation detail of packing bits into int32 fields. This CL also introduces a sentinal EmptyFeedbackMetadata, because there are ~750 empty FeedbackMetadata objects when running an empty program in V8. These are probably for builtins. Bug: v8:7500 Change-Id: Ic85563153abbd71a22854cee8519260c32b1e9ab Reviewed-on: https://chromium-review.googlesource.com/945730 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#51842}
-
- 05 Mar, 2018 2 commits
-
-
Michael Starzinger authored
This makes sure that the object can be identified by a unique instance type and hence is not accidentally confused with other FixedArrays on the heap. R=clemensh@chromium.org BUG=v8:7509 Change-Id: I20521cdcabbbddecd89ca8cd4bb203a47e1db0cd Reviewed-on: https://chromium-review.googlesource.com/946253Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#51730}
-
Benedikt Meurer authored
This changes the JSArrayIterator to always have only a single instance type, instead of the zoo of instance types that we had before, and which became less useful with the specification update to when "next" is loaded from the iterator now. This greatly simplifies the baseline implementation of the array iterator, which now only looks at the iterated object during %ArrayIteratorPrototype%.next invocations. In TurboFan we introduce a new JSCreateArrayIterator operator, that holds the IterationKind and get's the iterated object as input. When optimizing %ArrayIteratorPrototype%.next in the JSCallReducer, we check whether the receiver is a JSCreateArrayIterator, and if so, we try to infer maps for the iterated object from there. If we find any, we speculatively assume that these won't have changed during iteration (as we did before with the previous approach), and generate fast code for both JSArray and JSTypedArray iteration. Drive-by-fix: Drop the fast_array_iteration protector, it's not necessary anymore since we have the deoptimization guard bit in the JSCallReducer now. This addresses the performance cliff noticed in webpack 4. The minimal repro on the tracking bug goes from console.timeEnd: mono, 124.773000 console.timeEnd: poly, 670.353000 to console.timeEnd: mono, 118.709000 console.timeEnd: poly, 141.393000 so that's a 4.7x improvement. Also make presubmit happy by adding the missing #undef's. Bug: v8:7510, v7:7514 Change-Id: I79a46bfa2cd0f0710e09365ef72519b1bbb667b5 Reviewed-on: https://chromium-review.googlesource.com/946098Reviewed-by:
Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#51725}
-
- 02 Mar, 2018 2 commits
-
-
Camillo Bruni authored
Bug: v8:7266 Change-Id: I2835ec79aaa2821aca288685a3f230a7f8029186 Reviewed-on: https://chromium-review.googlesource.com/941948 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Reviewed-by:
Michael Stanton <mvstanton@chromium.org> Reviewed-by:
Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#51696}
-
Michael Starzinger authored
This makes sure that the object can be identified by a unique instance type and hence is not accidentally confused with other FixedArrays on the heap. R=clemensh@chromium.org BUG=v8:7509 Change-Id: Ib3dcdb4559821d0ad9ca8cced37754e0e3c1d578 Reviewed-on: https://chromium-review.googlesource.com/943781 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#51687}
-
- 01 Mar, 2018 1 commit
-
-
Michael Starzinger authored
This makes sure that the object can be identified by a unique instance type and hence is not accidentally confused with other FixedArrays on the heap. R=clemensh@chromium.org BUG=v8:7509 Change-Id: I66e3d779ff9a323b64f5464bdd5fe02aefe468c6 Reviewed-on: https://chromium-review.googlesource.com/943442 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#51665}
-
- 22 Feb, 2018 1 commit
-
-
Benedikt Meurer authored
This is preparatory cleanup work for eventually tracking the functions (rather than concrete closures) in the CALL_IC, also for builtins like the default PromiseCapability [[Resolve]] and [[Reject]] functions. It adds a new FeedbackCell type, which is used by JSFunctions consistently now to reference the feedback vector (or undefined if not the function is not compiled yet or is a native/asm.js function). This also changes the calling convention for FastNewClosure builtin and the JSCreateClosure operator in TurboFan to carry the FeedbackCell here instead of the parent FeedbackVector and the slot index. In addition we eliminate the now unused %InterpreterNewClosure runtime function. Bug: v8:2206, v8:7253, v8:7310 Change-Id: Ib4ce456e276e0273e57c163dcdd0b33abf863656 Reviewed-on: https://chromium-review.googlesource.com/928403 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by:
Michael Stanton <mvstanton@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#51474}
-
- 16 Feb, 2018 1 commit
-
-
Camillo Bruni authored
Bug: v8:7310 Change-Id: I82e7ada4c0f7e415887a859719eb01bb45fd3012 Reviewed-on: https://chromium-review.googlesource.com/921742Reviewed-by:
Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#51324}
-
- 08 Feb, 2018 1 commit
-
-
Adam Klein authored
This reverts commit 14108f4c. Reason for revert: Not the culprit for Canary microtask crashes Original change's description: > [builtins] Mega-revert to address the Dev blocker in crbug.com/808911. > > - Revert "[builtins] Save one word in contexts for Promise.all." > This reverts commit 7632da06. > - Revert "[builtins] Also use the Promise#then protector for Promise#finally()." > This reverts commit d4f072ce. > - Revert "[builtins] Don't mess with entered context for MicrotaskCallbacks." > This reverts commit 6703dacd. > - Revert "[debugger] Properly deal with settled promises in catch prediction." > This reverts commit 40dd0658. > - Revert "[builtins] Widen the fast-path for Promise builtins." > This reverts commit db0556b7. > - Revert "[builtins] Unify PerformPromiseThen and optimize it with TurboFan." > This reverts commit a582199c. > - Revert "[builtins] Remove obsolete PromiseBuiltinsAssembler::AppendPromiseCallback." > This reverts commit 6bf88852. > - Revert "[builtins] Turn NewPromiseCapability into a proper builtin." > This reverts commit 313b490d. > - Revert "[builtins] Inline InternalPromiseThen into it's only caller" > This reverts commit f7bd6a2f. > - Revert "[builtins] Implement Promise#catch by really calling into Promise#then." > This reverts commit b23b098f. > - Revert "[promise] Remove incorrect fast path" > This reverts commit 0f6eafe8. > - Revert "[builtins] Squeeze JSPromise::result and JSPromise::reactions into a single field." > This reverts commit 8a677a28. > - Revert "[builtins] Refactor promises to reduce GC overhead." > This reverts commit 8e7737cb. > > Tbr: hpayer@chromium.org > Bug: chromium:800651, chromium:808911, v8:5691, v8:7253 > Change-Id: I8c8ea5ed32ed62f6cd8b0d027a3707ddd891e5f1 > Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng > Reviewed-on: https://chromium-review.googlesource.com/906991 > Commit-Queue: Yang Guo <yangguo@chromium.org> > Commit-Queue: Adam Klein <adamk@chromium.org> > Reviewed-by: Adam Klein <adamk@chromium.org> > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> > Cr-Commit-Position: refs/heads/master@{#51158} Change-Id: I09d958cbebd635a325809072a290f2f53df8c5d4 Tbr: adamk@chromium.org,yangguo@chromium.org,bmeurer@chromium.org Bug: chromium:800651, chromium:808911, v8:5691, v8:7253 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Reviewed-on: https://chromium-review.googlesource.com/908988Reviewed-by:
Adam Klein <adamk@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#51181}
-
- 07 Feb, 2018 1 commit
-
-
Benedikt Meurer authored
- Revert "[builtins] Save one word in contexts for Promise.all." This reverts commit 7632da06. - Revert "[builtins] Also use the Promise#then protector for Promise#finally()." This reverts commit d4f072ce. - Revert "[builtins] Don't mess with entered context for MicrotaskCallbacks." This reverts commit 6703dacd. - Revert "[debugger] Properly deal with settled promises in catch prediction." This reverts commit 40dd0658. - Revert "[builtins] Widen the fast-path for Promise builtins." This reverts commit db0556b7. - Revert "[builtins] Unify PerformPromiseThen and optimize it with TurboFan." This reverts commit a582199c. - Revert "[builtins] Remove obsolete PromiseBuiltinsAssembler::AppendPromiseCallback." This reverts commit 6bf88852. - Revert "[builtins] Turn NewPromiseCapability into a proper builtin." This reverts commit 313b490d. - Revert "[builtins] Inline InternalPromiseThen into it's only caller" This reverts commit f7bd6a2f. - Revert "[builtins] Implement Promise#catch by really calling into Promise#then." This reverts commit b23b098f. - Revert "[promise] Remove incorrect fast path" This reverts commit 0f6eafe8. - Revert "[builtins] Squeeze JSPromise::result and JSPromise::reactions into a single field." This reverts commit 8a677a28. - Revert "[builtins] Refactor promises to reduce GC overhead." This reverts commit 8e7737cb. Tbr: hpayer@chromium.org Bug: chromium:800651, chromium:808911, v8:5691, v8:7253 Change-Id: I8c8ea5ed32ed62f6cd8b0d027a3707ddd891e5f1 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Reviewed-on: https://chromium-review.googlesource.com/906991 Commit-Queue: Yang Guo <yangguo@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Reviewed-by:
Adam Klein <adamk@chromium.org> Reviewed-by:
Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#51158}
-
- 01 Feb, 2018 1 commit
-
-
Benedikt Meurer authored
Use the base::bits::SignedAddOverflow32() function instead, which performs an addition and checks for overflow. Bug: v8:5267, v8:7109 Change-Id: I20a5316957a3f72131d318282e8b8e8bb500b4a7 Reviewed-on: https://chromium-review.googlesource.com/797451Reviewed-by:
Yang Guo <yangguo@chromium.org> Reviewed-by:
Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#51028}
-
- 31 Jan, 2018 1 commit
-
-
Benedikt Meurer authored
This implements the ideas outlined in the section "Microtask queue" of the exploration document "Promise and async/await performance" (at https://goo.gl/WHRar2), except that the microtask queue stays a linear FixedArray for now, to avoid running into trouble with the parallel scavenger. This way we can already save a significant amount of allocations, thereby reducing the GC frequency quite a bit. All items on the microtask queue are now proper structs that subclass Microtask, i.e. we also wrap JSFunction and MicrotaskCallback jobs into structs. We also consistently remember the context for every microtask (except for MicrotaskCallback where we don't have a context), and execute it later in exactly that context (as required by the spec anyways for the Promise related jobs). Particularly interesting is the PromiseReactionJobTask and its subclasses, since they are designed to have the same size as the PromiseReaction. When we resolve a JSPromise we just take the existing PromiseReaction instances and morph them into PromiseFulfillReactionJobTask or PromiseRejectReactionJobTask (depending whether you "Fulfill" or "Reject"). That way the JSPromise class is now only 6 words instead of 10 words. Also the PromiseReaction and the reaction tasks can either carry a JSPromise (for the fast native case) or a PromiseCapability (for the generic case), which means we don't always pay the overhead of having to also remember the "deferred resolve" and "deferred reject" handlers that are only relevant for the generic case anyways. It also fixes a spec violation where we called "then" before we actually enqueued the PromiseResolveThenableJob, which is observably wrong. Calling it later has the advantage that it should be fairly straight-forward now to completely avoid it for native Promise instances. This seems to save around 10-20% on the various Promise benchmarks and micro-benchmarks. We expect to gain even more as we're now able to inline various operations into TurboFan optimized code easily. Bug: v8:7253 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I893d24ca5bb046974b4f5826a8f6dd22f1210b6a Reviewed-on: https://chromium-review.googlesource.com/892819 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by:
Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by:
Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#50980}
-
- 06 Dec, 2017 1 commit
-
-
Igor Sheludko authored
They will eventually be used instead of Tuple3/FixedArray by the IC system. Bug: v8:5561, v8:7159 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I39faad1b2dc10ce7d42cb7477ea87b64d1e0b44c Reviewed-on: https://chromium-review.googlesource.com/806178 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#49908}
-
- 23 Nov, 2017 1 commit
-
-
Igor Sheludko authored
This simplifies handling of DescriptorArray objects in deserializer. Bug: v8:5799 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: Ie4f9c6903afd8273d6320e6b0e0b05231db6cc00 Reviewed-on: https://chromium-review.googlesource.com/785676 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#49605}
-
- 15 Nov, 2017 1 commit
-
-
Georg Neis authored
They can no longer return nan. They basically intersect their argument type with Type::OrderedNumber before analysing it. Never call them on Type::NaN. Bug: Change-Id: I7e7b46aa9fcde4f2644b81b3a34e76b092f633a4 Reviewed-on: https://chromium-review.googlesource.com/763410 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#49375}
-
- 14 Nov, 2017 1 commit
-
-
Georg Neis authored
R=jarin@chromium.org Bug: v8:6791 Change-Id: I8519d0a9afdb457398ff428d0d3ec0734306052b Reviewed-on: https://chromium-review.googlesource.com/765947Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#49342}
-
- 08 Nov, 2017 2 commits
-
-
Georg Neis authored
They have been meaning the same thing for a while now. R=jarin@chromium.org Bug: Change-Id: Ie5988e6429b795babfa1e1f79841a9f03b8362dc Reviewed-on: https://chromium-review.googlesource.com/758268 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#49228}
-
Georg Neis authored
This is a cleanup. R=jarin@chromium.org Bug: Change-Id: I1621fde3f2a7da03ceca781b96d5ffec44eb8168 Reviewed-on: https://chromium-review.googlesource.com/758373Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#49225}
-
- 25 Oct, 2017 3 commits
-
-
Michael Starzinger authored
This is a reland of eeaffa9f Original change's description: > [objects] Introduce {CodeDataContainer} object type. > > This introduces the {CodeDataContainer} as a container for all mutable > fields associated with a {Code} object. For now only the kind-specific > flags are moved, but more fields can/will be moved gradually. The goal > is to make all fields in the {Code} header be immutable eventually. > > R=jarin@chromium.org > BUG=v8:6792 > > Change-Id: I2eeba893afaba877fb6117e1f18371898c3a175e > Reviewed-on: https://chromium-review.googlesource.com/732987 > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#48902} Bug: v8:6792 Change-Id: I31a127df4bb8ee5fedb4d73755df4deae6e1d352 Reviewed-on: https://chromium-review.googlesource.com/738109Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#48928}
-
Michael Achenbach authored
This reverts commit eeaffa9f. Reason for revert: Breaks msan compile (uninitialized value in snapshot): https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/builds/17824 Original change's description: > [objects] Introduce {CodeDataContainer} object type. > > This introduces the {CodeDataContainer} as a container for all mutable > fields associated with a {Code} object. For now only the kind-specific > flags are moved, but more fields can/will be moved gradually. The goal > is to make all fields in the {Code} header be immutable eventually. > > R=jarin@chromium.org > BUG=v8:6792 > > Change-Id: I2eeba893afaba877fb6117e1f18371898c3a175e > Reviewed-on: https://chromium-review.googlesource.com/732987 > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#48902} TBR=mstarzinger@chromium.org,jarin@chromium.org Change-Id: I74fe833b074752d640cff4aa4680f250e1bd8780 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:6792 Reviewed-on: https://chromium-review.googlesource.com/738029Reviewed-by:
Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#48904}
-
Michael Starzinger authored
This introduces the {CodeDataContainer} as a container for all mutable fields associated with a {Code} object. For now only the kind-specific flags are moved, but more fields can/will be moved gradually. The goal is to make all fields in the {Code} header be immutable eventually. R=jarin@chromium.org BUG=v8:6792 Change-Id: I2eeba893afaba877fb6117e1f18371898c3a175e Reviewed-on: https://chromium-review.googlesource.com/732987Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#48902}
-
- 23 Oct, 2017 1 commit
-
-
Michael Starzinger authored
R=gsathya@chromium.org BUG=v8:6792 Change-Id: I68a5f9e7e52dbc9512e6919fce2064d748a3e7c4 Reviewed-on: https://chromium-review.googlesource.com/730726 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#48824}
-
- 13 Oct, 2017 1 commit
-
-
Mathias Bynens authored
New code should use nullptr instead of NULL. This patch updates existing use of NULL to nullptr where applicable, making the code base more consistent. BUG=v8:6928,v8:6921 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng;master.tryserver.v8:v8_linux_noi18n_rel_ng Change-Id: I4687f5b96fcfd88b41fa970a2b937b4f6538777c Reviewed-on: https://chromium-review.googlesource.com/718338 Commit-Queue: Mathias Bynens <mathias@chromium.org> Reviewed-by:
Andreas Haas <ahaas@chromium.org> Reviewed-by:
Benedikt Meurer <bmeurer@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#48557}
-