- 14 Dec, 2017 1 commit
-
-
Igor Sheludko authored
This CL also removes LoadICProtoArray* builtins which are no longer necessary. Bug: v8:7206, v8:5561 Change-Id: Ic5d9a3d4d21c4bd5e5e1cd110bd029ced157a000 Reviewed-on: https://chromium-review.googlesource.com/819252 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#50104}
-
- 13 Dec, 2017 1 commit
-
-
Igor Sheludko authored
The dispatcher is responsible for handling stores to lexical environment variables and for storing directly to the JSGlobalObject. In the latter case the dispatcher also ensures that JSGlobalProxy is provided as a receiver if a setter function has to be called. Unlike StoreIC the calling convention for the StoreGlobalIC does not include receiver. Bug: v8:7206, chromium:576312, v8:5561 Change-Id: Ifa896c7b41bf440785b757c2272ec91211e79c98 Reviewed-on: https://chromium-review.googlesource.com/818965 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#50081}
-
- 20 Nov, 2017 1 commit
-
-
Benedikt Meurer authored
Bug: v8:5267 Change-Id: I2338702ef69298bc95c47dcfedf7ef7632a2bf7f Reviewed-on: https://chromium-review.googlesource.com/778842Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#49478}
-
- 06 Nov, 2017 1 commit
-
-
Toon Verwaest authored
Bug: v8:5561 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I47b7df39e80a66449a1ebe98e30052ced2ef2bd3 Reviewed-on: https://chromium-review.googlesource.com/753326Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#49151}
-
- 25 Oct, 2017 1 commit
-
-
Jakob Kummerow authored
and use a newly-introduced "enum class Operation" in all other places that so far passed Token::Values around. Also delete some related dead code along the way. Bug: v8:6921 Change-Id: I062f396d304aa62298cfeff202e3132a4a5597c1 Reviewed-on: https://chromium-review.googlesource.com/736851 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#48944}
-
- 24 Oct, 2017 1 commit
-
-
Daniel Clifford authored
Previously, V8's slice was implemented in a combination of C++ and a Javascript fallback. The disadvantage of this approach was that the fast-path required a call through the CEntryStub, which introduced considerable overhead for small arrays with fast elements kinds. Now the implementation primarily uses the CSA to generate both the full spec-complaint implementation as well as fast paths for argument objects and arrays with fast elements kinds. The CSA implementation uses a C++ implementation fallback in select situations where the the complexity of a CSA implementation would be too great and the CEntryStub overhead is not decisive (e.g. slices of dictionary elements arrays). Performance results on semi-random arrays with small number of elements (old vs. new): smi copy: 48.7 ms vs. 12 ms smi slice: 43.5 ms 14.8 ms object copy: 35.5 ms 7.7 ms object slice: 38.7 ms 8.8 ms dictionary slice: 2398.3 ms vs. 5.4 ms fast sloppy arguments slice: 9.6 ms vs. 7.2 ms slow sloppy arguments slice: 28.9 ms vs. 8.5 ms As a bonus, the new implementation is fully spec-compliant and fixes at least one existing bug. The design document for Array.prototype builtin rework can be found at https://goo.gl/wFHe2n Bug: v8:1956,v8:6601,v8:6710,v8:6978 Change-Id: Ia0155bedcf39b4577605ff754f416c2af938efb7 Reviewed-on: https://chromium-review.googlesource.com/574710 Commit-Queue: Daniel Clifford <danno@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#48853}
-
- 18 Oct, 2017 1 commit
-
-
peterwmwong authored
Bug: v8:5049 Change-Id: Ia4f5729be64794e9080eb0e644b86cd5d8c88a11 Reviewed-on: https://chromium-review.googlesource.com/722168Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#48661}
-
- 29 Sep, 2017 1 commit
-
-
Toon Verwaest authored
Bug: Change-Id: Ib888e52c7ad98e3b7419a3a5b4eabbe07f37d796 Reviewed-on: https://chromium-review.googlesource.com/691656Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#48215}
-
- 25 Sep, 2017 1 commit
-
-
Benedikt Meurer authored
When inlining based on SharedFunctionInfo rather than based on concrete JSFunction, we weren't able to properly optimize array, object and regexp literals inside the inlinee, because we didn't know the concrete FeedbackVector for the inlinee inside JSCreateLowering. This was because JSCreateLowering wasn't properly updated after the literals moved to the FeedbackVector. Now with this CL we also have the VectorSlotPair on the literal creation operators, just like we do for property accesses and calls, and are thus able to always access the appropriate FeedbackVector and optimize the literal creation. The impact is illustrated by the micro-benchmark on the tracking bug, which goes from createEmptyArrayLiteral: 1846 ms. createShallowArrayLiteral: 1868 ms. createShallowObjectLiteral: 2246 ms. to createEmptyArrayLiteral: 1175 ms. createShallowArrayLiteral: 1187 ms. createShallowObjectLiteral: 1195 ms. with this CL, so up to 2x faster now. Drive-by-fix: Also remove the unused CreateEmptyObjectLiteral builtin and cleanup the names of the other builtins to be consistent with the names of the TurboFan operators and Ignition bytecodes. Bug: v8:6856 Change-Id: I453828d019b27c9aa1344edac0dd84e91a457097 Reviewed-on: https://chromium-review.googlesource.com/680656 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#48140}
-
- 05 Sep, 2017 2 commits
-
-
Jakob Kummerow authored
Only the error cases of overwriting readonly properties need the language_mode to decide whether to throw or be silent. Reading it from the feedback vector's metadata (just like the C++ code in ic.cc does) removes the need to duplicate each stub for each language_mode ("StoreIC" + "StoreICStrict" etc.). Change-Id: Ic0c67f9d40ca36c65e41b4f162b2ab70d155e549 Reviewed-on: https://chromium-review.googlesource.com/647373Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#47836}
-
Ross McIlroy authored
Always return to the InterpreterEntryTrampoline rather than calling the InterpreterExitTrampoline from the Return bytecode handler. This fixes a regression which occured if we upset the call/return stack by skipping the return to the InterpreterEntryTrampoline from the return bytecode handler. BUG=chromium:759390,chromium:753705 Change-Id: Ib625654a4a5072ac6c8d8e9611d1b9c0bbced4ca Reviewed-on: https://chromium-review.googlesource.com/649517 Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#47826}
-
- 25 Aug, 2017 1 commit
-
-
Ross McIlroy authored
This change adapts the Call bytecode handlers such that they don't require a stack frame. It does this by modifying the call bytecode handler to tail-call the Call or InterpreterPushArgsAndCall builtins. As a result, the callee function will return to the InterpreterEntryTrampoline when it returns (since this is the return address on the interpreter frame), which is adapted to dispatch to the next bytecode handler. The return bytecode handler is modified to tail-call a new InterpreterExitTramoline instead of returning to the InterpreterEntryTrampoline. Overall this significanlty reduces the amount of stack space required for interpreter frames, increasing the maximum depth of recursive calls from around 6000 to around 12,500 on x64. BUG=chromium:753705 Change-Id: I23328e4cef878df3aca4db763b47d72a2cce664c Reviewed-on: https://chromium-review.googlesource.com/634364 Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#47617}
-
- 23 Aug, 2017 1 commit
-
-
Michael Starzinger authored
R=ishell@chromium.org BUG=v8:6409 Change-Id: Ic01d4f1a8b251bb5480840d4943d9ebec713b9c1 Reviewed-on: https://chromium-review.googlesource.com/626016Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#47534}
-
- 07 Aug, 2017 3 commits
-
-
Benedikt Meurer authored
Drop the deprecated CallConstructStub and remove the use of CallICStub from fullcodegen, since that feedback is unused completely every since Crankshaft got removed, thus we can safely unlink all the CallIC stuff from fullcodegen nowadays, and completely nuke the CallICStub and the CallICTrampolineStub now (we can also transitively nuke the unused CreateAllocationSiteStub and CreateWeakCellStub). Instead the CallIC logic is integrated into Ignition now, and part of the bytecode handlers for [[Call]] and [[Construct]]. There's still some follow-up cleanup with the way the Array constructor feedback is integrated, but that's way easier now. Bug: v8:5517, v8:6399, v8:6409, v8:6679 Change-Id: I0a6c6046faceca9b1606577bc9e63d9295e44619 Reviewed-on: https://chromium-review.googlesource.com/603609 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#47196}
-
Michael Achenbach authored
This reverts commit 6c541561. Reason for revert: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap/builds/17240 Original change's description: > [ic] Properly integrate the CallIC into Ignition. > > Drop the deprecated CallConstructStub and remove the use of CallICStub > from fullcodegen, since that feedback is unused completely every since > Crankshaft got removed, thus we can safely unlink all the CallIC stuff > from fullcodegen nowadays, and completely nuke the CallICStub and the > CallICTrampolineStub now (we can also transitively nuke the unused > CreateAllocationSiteStub and CreateWeakCellStub). > > Instead the CallIC logic is integrated into Ignition now, and part of > the bytecode handlers for [[Call]] and [[Construct]]. There's still some > follow-up cleanup with the way the Array constructor feedback is > integrated, but that's way easier now. > > Bug: v8:5517, v8:6399, v8:6409, v8:6679 > Change-Id: Ia0efc6145ee64633757a6c3fd1879d4906ea2835 > Reviewed-on: https://chromium-review.googlesource.com/602134 > Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> > Reviewed-by: Yang Guo <yangguo@chromium.org> > Cr-Commit-Position: refs/heads/master@{#47192} TBR=rmcilroy@chromium.org,yangguo@chromium.org,bmeurer@chromium.org Change-Id: I416ce6646f62ceb4127b3acee43912ee0d701c23 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:5517, v8:6399, v8:6409, v8:6679 Reviewed-on: https://chromium-review.googlesource.com/603647Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#47193}
-
Benedikt Meurer authored
Drop the deprecated CallConstructStub and remove the use of CallICStub from fullcodegen, since that feedback is unused completely every since Crankshaft got removed, thus we can safely unlink all the CallIC stuff from fullcodegen nowadays, and completely nuke the CallICStub and the CallICTrampolineStub now (we can also transitively nuke the unused CreateAllocationSiteStub and CreateWeakCellStub). Instead the CallIC logic is integrated into Ignition now, and part of the bytecode handlers for [[Call]] and [[Construct]]. There's still some follow-up cleanup with the way the Array constructor feedback is integrated, but that's way easier now. Bug: v8:5517, v8:6399, v8:6409, v8:6679 Change-Id: Ia0efc6145ee64633757a6c3fd1879d4906ea2835 Reviewed-on: https://chromium-review.googlesource.com/602134 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#47192}
-
- 01 Aug, 2017 1 commit
-
-
jgruber authored
This is a reland of 2f79e035 Original change's description: > [builtins] Remove Builtins::Name() accessors > > Instead of auto-generating the Name() convenience accessor, use a macro to > avoid wasting code space. > > BUILTIN_CODE(isolate, Name) > > expands to > > isolate->builtins()->builtin_handle(Builtins::kName); > > This reduces the size of libv8.so by 134,752 bytes on a x64 release build. > > Bug: v8:6624 > Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng > Change-Id: Idff7ee5c45e344e73412c0f47e92553c7c7ff75f > Reviewed-on: https://chromium-review.googlesource.com/593607 > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/master@{#47010} TBR=bmeurer@chromium.org,ahaas@chromium.org Bug: v8:6624 Change-Id: I4733731e56dc8873ee06c2b36cac1918c0a658b2 Reviewed-on: https://chromium-review.googlesource.com/594087 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#47037}
-
- 31 Jul, 2017 2 commits
-
-
Jakob Gruber authored
This reverts commit 2f79e035. Reason for revert: Conflicts with successor CL. Original change's description: > [builtins] Remove Builtins::Name() accessors > > Instead of auto-generating the Name() convenience accessor, use a macro to > avoid wasting code space. > > BUILTIN_CODE(isolate, Name) > > expands to > > isolate->builtins()->builtin_handle(Builtins::kName); > > This reduces the size of libv8.so by 134,752 bytes on a x64 release build. > > Bug: v8:6624 > Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng > Change-Id: Idff7ee5c45e344e73412c0f47e92553c7c7ff75f > Reviewed-on: https://chromium-review.googlesource.com/593607 > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/master@{#47010} TBR=yangguo@chromium.org,ahaas@chromium.org,jgruber@chromium.org,bmeurer@chromium.org Change-Id: Ia9ef5c755b26c3f4e143d87a7c51033614ea435e No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:6624 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Reviewed-on: https://chromium-review.googlesource.com/594048Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#47012}
-
jgruber authored
Instead of auto-generating the Name() convenience accessor, use a macro to avoid wasting code space. BUILTIN_CODE(isolate, Name) expands to isolate->builtins()->builtin_handle(Builtins::kName); This reduces the size of libv8.so by 134,752 bytes on a x64 release build. Bug: v8:6624 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: Idff7ee5c45e344e73412c0f47e92553c7c7ff75f Reviewed-on: https://chromium-review.googlesource.com/593607Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#47010}
-
- 13 Jul, 2017 1 commit
-
-
Adam Klein authored
The tail call implementation is hidden behind the --harmony-tailcalls flag, which is off-by-default (and has been unstaged since February). It is known to be broken in a variety of cases, including clusterfuzz security issues (see sample Chromium issues below). To avoid letting the implementation bitrot further on trunk, this patch removes it. Bug: v8:4698, chromium:636914, chromium:724746 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng;master.tryserver.v8:v8_linux_noi18n_rel_ng Change-Id: I9cb547101456a582374fdf7b1a3f044a9ef33e5c Reviewed-on: https://chromium-review.googlesource.com/569069 Commit-Queue: Adam Klein <adamk@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#46651}
-
- 05 Jul, 2017 1 commit
-
-
Mike Stanton authored
If the input array is small, then the cost of a trip to the runtime to transition the ElementsKind is too expensive. Bug: Change-Id: Ib04f8567674a6f1f66f4c7263eba5fb4c58987aa Reviewed-on: https://chromium-review.googlesource.com/544866 Commit-Queue: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#46417}
-
- 22 Jun, 2017 1 commit
-
-
Michael Starzinger authored
This switches all uses of the patching {BinaryOpICStub} over to the respective existing and non-patching CSA-builtins, and removes some supporting code. It also removes the inlined SMI handling. R=verwaest@chromium.org BUG=v8:6408 Change-Id: If547c0127bfcafbd01ccb33b702b1868006ebcb1 Reviewed-on: https://chromium-review.googlesource.com/541398 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#46122}
-
- 20 Jun, 2017 2 commits
-
-
bmeurer authored
Add a new JSCallWithArrayLike operator that is backed by the CallWithArrayLike builtin, and use that operator for both Function.prototype.apply and Reflect.apply inlining. Also unify the handling of JSCallWithArrayLike and JSCallWithSpread in the JSCallReducer to reduce the copy&paste overhead. Drive-by-fix: Add a lot of test coverage for Reflect.apply and Function.prototype.apply in optimized code, especially for some corner cases, which was missing so far. BUG=v8:4587,v8:5269 R=petermarshall@chromium.org Review-Url: https://codereview.chromium.org/2950773002 Cr-Commit-Position: refs/heads/master@{#46041}
-
Peter Marshall authored
We can remove a lot of native code and rely on CallOrConstructVarargs to do the stack manipulation for us. This will also take advantage of the fast-path for double arrays in CallOrConstructDoubleVarargs. We can also remove Runtime_SpreadIterableFixed because it isn't used anymore. We just call directly into spread_iterable from CSA. Bug: v8:6488, chromium:704966 Change-Id: I81a18281f062619851134fff7ce88471566ee3b5 Reviewed-on: https://chromium-review.googlesource.com/535615Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#46038}
-
- 19 Jun, 2017 1 commit
-
-
jgruber authored
Bug: v8:6474 Change-Id: Ia20250d74c94bf2568ad044795188db583b7f36c Reviewed-on: https://chromium-review.googlesource.com/539555Reviewed-by: Peter Marshall <petermarshall@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#46002}
-
- 12 Jun, 2017 1 commit
-
-
Jakob Gruber authored
Callables for TF builtins are autogenerated and accessible through Builtins::CallableFor. This removes the manually written accessors from CodeFactory. Bug: v8:6474,v8:5737 Change-Id: I9d8dec97995471c1bb258147220c190bf72e5de8 Reviewed-on: https://chromium-review.googlesource.com/530745Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#45839}
-
- 08 Jun, 2017 1 commit
-
-
bmeurer authored
This splits the monolithic Apply builtin into several smaller builtins, namely CallVargargs and ConstructVarargs, which accept a length and a FixedArray of elements and deal with the actual stack manipulation, and CallWithArrayLike / ConstructWithArrayLike that deal with getting the elements from the receiver (for Function.prototype.apply, Reflect.apply and Reflect.construct), which can now be written using the CSA. The idea is that these builtins can be reused by TurboFan directly in the future when we optimize apply better, and that we can also reuse the core logic in the handling of spread calls/constructs. R=petermarshall@chromium.org BUG=v8:4587,v8:5269 Review-Url: https://codereview.chromium.org/2930623002 Cr-Commit-Position: refs/heads/master@{#45794}
-
- 31 May, 2017 1 commit
-
-
jgruber authored
BUG=v8:5737 Review-Url: https://codereview.chromium.org/2913783002 Cr-Commit-Position: refs/heads/master@{#45629}
-
- 22 May, 2017 1 commit
-
-
Wiktor Garbacz authored
Change-Id: I20ed35a7fb5104a9cc66bb54fa8966589c43d7f9 Reviewed-on: https://chromium-review.googlesource.com/507287Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Daniel Clifford <danno@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Jochen Eisinger <jochen@chromium.org> Commit-Queue: Wiktor Garbacz <wiktorg@google.com> Cr-Commit-Position: refs/heads/master@{#45458}
-
- 18 May, 2017 2 commits
-
-
Camillo Bruni authored
Change-Id: I4b19700b613f81601321a336cc758cfd7f826f3e Reviewed-on: https://chromium-review.googlesource.com/504347Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#45390}
-
bmeurer authored
We already had an optimization to turn Function.prototype.apply with arguments object, i.e. function foo() { return bar.apply(this, arguments); } into a special operator JSCallForwardVarargs, which avoids the allocation and deconstruction of the arguments object, but just passes along the incoming parameters. We can do the same for rest parameters and spread calls/constructs, i.e. class A extends B { constructor(...args) { super(...args); } } or function foo(...args) { return bar(1, 2, 3, ...args); } where we basically pass along the parameters (plus maybe additional statically known parameters). For this, we introduce a new JSConstructForwardVarargs operator and generalize the CallForwardVarargs builtins that are backing this. BUG=v8:6407,v8:6278,v8:6344 R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2890023004 Cr-Commit-Position: refs/heads/master@{#45388}
-
- 17 May, 2017 1 commit
-
-
Tobias Tebbi authored
Bug: v8:6380 Change-Id: I85728099bcf188929c81e234a34b2bc308ddab16 Reviewed-on: https://chromium-review.googlesource.com/506016 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#45378}
-
- 05 May, 2017 1 commit
-
-
Toon Verwaest authored
Bug: v8:6364,v8:6344 Change-Id: I13bf1ec89a17c64b38b757694ee8b7df30d4f45f Reviewed-on: https://chromium-review.googlesource.com/497428 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#45133}
-
- 29 Apr, 2017 5 commits
-
-
danno authored
This CL changes certain frequently-called Array builtins to use CodeStubArguments rather than peek at the stack frames above array builtins to determine if options arguments have been passed into them. Previous failure likely due to unfortunate/unluckily timed GC that moved due to changed timing/allocation from this CL. Test mitigation for allocation-site-info.js included. BUG=v8:1956 LOG=N Review-Url: https://codereview.chromium.org/2829093004 Cr-Commit-Position: refs/heads/master@{#44998}
-
danno authored
Revert of [turbofan] Avoid going through ArgumentsAdaptorTrampoline for CSA/C++ builtins (patchset #8 id:140001 of https://codereview.chromium.org/2829093004/ ) Reason for revert: Still fails. Likely has to do with gc heap size for allocation site tests, mitigation pending... Original issue's description: > [turbofan] Reland: Avoid going through ArgumentsAdaptorTrampoline for select CSA array builtins > > This CL changes certain frequently-called Array builtins to use CodeStubArguments > rather than peek at the stack frames above array builtins to determine if options > arguments have been passed into them. > > Previous failure cannot be reproed with failing config. Flake? > > BUG=v8:1956 > LOG=N > > Review-Url: https://codereview.chromium.org/2829093004 > Cr-Commit-Position: refs/heads/master@{#44996} > Committed: https://chromium.googlesource.com/v8/v8/+/7ca381e84792b83581d0199dfae2888781785273 TBR=mvstanton@chromium.org,ishell@chromium.org,bmeurer@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:1956 Review-Url: https://codereview.chromium.org/2851063002 Cr-Commit-Position: refs/heads/master@{#44997}
-
danno authored
This CL changes certain frequently-called Array builtins to use CodeStubArguments rather than peek at the stack frames above array builtins to determine if options arguments have been passed into them. Previous failure cannot be reproed with failing config. Flake? BUG=v8:1956 LOG=N Review-Url: https://codereview.chromium.org/2829093004 Cr-Commit-Position: refs/heads/master@{#44996}
-
danno authored
Revert of [turbofan] Avoid going through ArgumentsAdaptorTrampoline for CSA/C++ builtins (patchset #8 id:140001 of https://codereview.chromium.org/2829093004/ ) Reason for revert: Nosnap failure Original issue's description: > [turbofan] Avoid going through ArgumentsAdaptorTrampoline for select CSA/C++ builtins > > This CL changes certain frequently-called Array builtins to use CodeStubArguments > rather than peek at the stack frames above array builtins to determine if options > arguments have been passed into them. > > BUG=v8:1956 > LOG=N > > Review-Url: https://codereview.chromium.org/2829093004 > Cr-Commit-Position: refs/heads/master@{#44994} > Committed: https://chromium.googlesource.com/v8/v8/+/680356278ddc7577e3b967fcc92055522ce00856 TBR=mvstanton@chromium.org,ishell@chromium.org,bmeurer@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:1956 Review-Url: https://codereview.chromium.org/2851703005 Cr-Commit-Position: refs/heads/master@{#44995}
-
danno authored
This CL changes certain frequently-called Array builtins to use CodeStubArguments rather than peek at the stack frames above array builtins to determine if options arguments have been passed into them. BUG=v8:1956 LOG=N Review-Url: https://codereview.chromium.org/2829093004 Cr-Commit-Position: refs/heads/master@{#44994}
-
- 21 Apr, 2017 2 commits
-
-
jgruber authored
If we avoid throwing a stack overflow exception from Irregexp code during direct calls, there is no need to construct exit frames before the Irregexp call anymore. As that was the last remaining blocker, we can now implement the entire stub in CSA. BUG=v8:5339 Review-Url: https://codereview.chromium.org/2752143003 Cr-Original-Original-Commit-Position: refs/heads/master@{#44770} Committed: https://chromium.googlesource.com/v8/v8/+/74f2497eae068f85da26904d8c451376c77957bf Review-Url: https://codereview.chromium.org/2752143003 Cr-Original-Commit-Position: refs/heads/master@{#44775} Committed: https://chromium.googlesource.com/v8/v8/+/9c0832eb1aceba625a2443a31d51bcaf550c575a Review-Url: https://codereview.chromium.org/2752143003 Cr-Commit-Position: refs/heads/master@{#44779}
-
jgruber authored
Revert of [regexp] Remove remainder of native RegExpExecStub (patchset #10 id:180001 of https://codereview.chromium.org/2752143003/ ) Reason for revert: More failures on ports: https://build.chromium.org/p/client.v8.ports/builders/V8%20Android%20Arm64%20-%20builder/builds/9123/steps/compile/logs/stdio https://build.chromium.org/p/client.v8.ports/builders/V8%20Mips%20-%20builder/builds/8966/steps/compile/logs/stdio Original issue's description: > [regexp] Remove remainder of native RegExpExecStub > > If we avoid throwing a stack overflow exception from Irregexp code during > direct calls, there is no need to construct exit frames before the Irregexp > call anymore. As that was the last remaining blocker, we can now implement the > entire stub in CSA. > > BUG=v8:5339 > > Review-Url: https://codereview.chromium.org/2752143003 > Cr-Original-Commit-Position: refs/heads/master@{#44770} > Committed: https://chromium.googlesource.com/v8/v8/+/74f2497eae068f85da26904d8c451376c77957bf > Review-Url: https://codereview.chromium.org/2752143003 > Cr-Commit-Position: refs/heads/master@{#44775} > Committed: https://chromium.googlesource.com/v8/v8/+/9c0832eb1aceba625a2443a31d51bcaf550c575a TBR=ishell@chromium.org,mstarzinger@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:5339 Review-Url: https://codereview.chromium.org/2832193002 Cr-Commit-Position: refs/heads/master@{#44776}
-