1. 09 May, 2019 3 commits
    • Maya Lekova's avatar
      Revert "Reland "[compiler] Don't collect source positions for the top frame"" · 9dff517a
      Maya Lekova authored
      This reverts commit f2e65226.
      
      Reason for revert: Speculative revert, seems to break GC stress bot and block LKGR - https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/25701
      
      Original change's description:
      > Reland "[compiler] Don't collect source positions for the top frame"
      > 
      > Fixed crashes by adding missing call to EnsureSourcePositionsAvailable,
      > which requires clearing and restoring the pending exception.
      > 
      > > While most source positions were not collected even throwing exceptions,
      > > the top frame still was always collected as it was used to initialize
      > > the JSMessageObject. This skips even that frame, by storing the
      > > SharedFunctionInfo and bytecode offset in the JSMessageObject allowing
      > > it to lazily evaluate the actual source position.
      > >
      > > Also adds tests to test-api.cc that test each of the source position
      > > functions in isolation to ensure that they don't rely on previous
      > > invocations to call the source collection function.
      > >
      > > Since no source positions are now collected at the point when an
      > > exception is thrown, the mjsunit/stack-traces-overflow now passes again
      > > with the flag enabled. (cctest/test-cpu-profiler/Inlining2 is now the
      > > only failure).
      > 
      > Bug: v8:8510
      > Change-Id: Ifa5fe31d3db34a6c6d6a9cef3d646ad620dabd81
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601270
      > Commit-Queue: Dan Elphick <delphick@chromium.org>
      > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
      > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#61372}
      
      TBR=ulan@chromium.org,rmcilroy@chromium.org,delphick@chromium.org
      
      Change-Id: Ie590df6c308b38836afc5d417d03d2a63260bcb2
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: v8:8510
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1602692Reviewed-by: 's avatarMaya Lekova <mslekova@chromium.org>
      Commit-Queue: Maya Lekova <mslekova@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61381}
      9dff517a
    • Dan Elphick's avatar
      Reland "[compiler] Don't collect source positions for the top frame" · f2e65226
      Dan Elphick authored
      Fixed crashes by adding missing call to EnsureSourcePositionsAvailable,
      which requires clearing and restoring the pending exception.
      
      > While most source positions were not collected even throwing exceptions,
      > the top frame still was always collected as it was used to initialize
      > the JSMessageObject. This skips even that frame, by storing the
      > SharedFunctionInfo and bytecode offset in the JSMessageObject allowing
      > it to lazily evaluate the actual source position.
      >
      > Also adds tests to test-api.cc that test each of the source position
      > functions in isolation to ensure that they don't rely on previous
      > invocations to call the source collection function.
      >
      > Since no source positions are now collected at the point when an
      > exception is thrown, the mjsunit/stack-traces-overflow now passes again
      > with the flag enabled. (cctest/test-cpu-profiler/Inlining2 is now the
      > only failure).
      
      Bug: v8:8510
      Change-Id: Ifa5fe31d3db34a6c6d6a9cef3d646ad620dabd81
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1601270
      Commit-Queue: Dan Elphick <delphick@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61372}
      f2e65226
    • tzik's avatar
      Fix a DCHECK failure on an exception message · 621c5c62
      tzik authored
      A DCHECK in LookupIterator::name hits when we add a indexed property,
      as it requires a named property.
      This replaces it with GetName to avoid the failure.
      
      Bug: chromium:959727
      Change-Id: I1e98b313ec9257db80460a34d691016acbceb3c9
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1597372
      Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
      Reviewed-by: 's avatarAdam Klein <adamk@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61358}
      621c5c62
  2. 08 May, 2019 4 commits
  3. 07 May, 2019 7 commits
    • Toon Verwaest's avatar
      [runtime] Move ForwardStringIfExists to snapshot deserializer · 1a04b5ee
      Toon Verwaest authored
      That's the only place where it's used, with a known StringTableKey type.
      This also makes MakeThin available on String.
      
      Change-Id: If1aca892045dadae91c902e783822280ae01f485
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598764
      Commit-Queue: Toon Verwaest <verwaest@chromium.org>
      Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
      Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61299}
      1a04b5ee
    • Toon Verwaest's avatar
      [runtime] Specialize LookupKey to StringTableKey · d9467de4
      Toon Verwaest authored
      Change-Id: I079befeac55aae9ef9ff7743f69fdd3977adcb18
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598760
      Commit-Queue: Toon Verwaest <verwaest@chromium.org>
      Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61292}
      d9467de4
    • Toon Verwaest's avatar
      [runtime] Use SequentialStringKey to implement LookupStringIfExists_NoAllocate · 0dfe759f
      Toon Verwaest authored
      This is a step towards reducing the number of StringTableKeys to the absolute
      minimum so we can better optimize how they work. This always flattens
      ConsStrings into a buffer to avoid expensive comparison with cons string (as
      well as hash computation).
      
      Change-Id: I6dcf0bdd2a722f490dad02b7f887083e1ac46000
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598707Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
      Commit-Queue: Toon Verwaest <verwaest@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61289}
      0dfe759f
    • Toon Verwaest's avatar
      [runtime] Cleanup StringTableKey · 9ce8ed75
      Toon Verwaest authored
      - Performs hash / length check before calling IsMatch
      - Casts to string before calling IsMatch
      - Removes special two-char internalization key
        (will look into removing StringTableNoAllocateKey next, and possible fold
        StringTableInsertionKey into InternalizedStringKey).
      
      Change-Id: Ida76761eb2c3dc350c829ac2bfe12d52aef5f96d
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598753Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Commit-Queue: Toon Verwaest <verwaest@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61280}
      9ce8ed75
    • Peter Marshall's avatar
      Reland "[typedarray] Make JSTypedArray::length authoritative." · 330e5ba2
      Peter Marshall authored
      This is a reland of ad44c258
      
      Patchset 2 is the original CL
      Patchset 3 fixes some misuses of FixedArrayBase::length() and adds some
      DCHECKS to flush out any more misuses.
      Patchset 4 adds the PPC/S390 port by miladfar@ca.ibm.com.
      
      Original change's description:
      > [typedarray] Make JSTypedArray::length authoritative.
      >
      > This is the first step towards full huge typed array support in V8.
      > Before this change, the JSTypedArray::length and the elements backing
      > store length (FixedTypedArrayBase::length) were used more or less
      > interchangeably to determine the number of elements in a JSTypedArray.
      >
      > With this change we disentangle these two lengths, and instead make
      > JSTypedArray::length authoritative. For on-heap typed arrays, the
      > FixedTypedArrayBase::length will remain the number of elements in the
      > backing store, but for the off-heap typed arrays, this length will be
      > set to 0 (matching the fact that the FixedTypedArrayBase instance does
      > not contain any elements itself).
      >
      > This also unifies the JSTypedArray::set_/length() and length_value()
      > methods to only have JSTypedArray::set_/length() which returns/takes
      > size_t values. Currently this still requires the values to be in Smi
      > range, but later we will extend this to allow arbitrary size_t values
      > (in the safe integer range).
      >
      > Bug: v8:4153, v8:7881
      > Change-Id: Iff9089130bb31fa9e08e0cf913e7ab52c3dbf107
      > Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
      > Doc: http://doc/1Z-wM2qwvAuxH46e9ivtkYvKzzwYZg8ymm0x0wJaomow
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1543729
      > Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
      > Reviewed-by: Peter Marshall <petermarshall@chromium.org>
      > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
      > Reviewed-by: Ben Titzer <titzer@chromium.org>
      > Reviewed-by: Hannes Payer <hpayer@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#60648}
      
      Bug: v8:4153, v8:7881, v8:9105
      Change-Id: Ic38f833071a723642ebc6f82a4012dbc0878ef98
      Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594435Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
      Reviewed-by: 's avatarHannes Payer <hpayer@chromium.org>
      Commit-Queue: Peter Marshall <petermarshall@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61275}
      330e5ba2
    • Dan Elphick's avatar
      Revert "[compiler] Don't collect source positions for the top frame" · 4bb78818
      Dan Elphick authored
      This reverts commit 758700a7.
      
      Reason for revert: Broken
      
      Original change's description:
      > [compiler] Don't collect source positions for the top frame
      > 
      > While most source positions were not collected even throwing exceptions,
      > the top frame still was always collected as it was used to initialize
      > the JSMessageObject. This skips even that frame, by storing the
      > SharedFunctionInfo and bytecode offset in the JSMessageObject allowing
      > it to lazily evaluate the actual source position.
      > 
      > Also adds tests to test-api.cc that test each of the source position
      > functions in isolation to ensure that they don't rely on previous
      > invocations to call the source collection function.
      > 
      > Since no source positions are now collected at the point when an
      > exception is thrown, the mjsunit/stack-traces-overflow now passes again
      > with the flag enabled. (cctest/test-cpu-profiler/Inlining2 is now the
      > only failure).
      > 
      > Bug: v8:8510
      > Change-Id: Ic5382bdbab65cd8838f0c84b544fabb1a9109d13
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1587385
      > Commit-Queue: Dan Elphick <delphick@chromium.org>
      > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
      > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#61271}
      
      TBR=ulan@chromium.org,rmcilroy@chromium.org,delphick@chromium.org
      
      Change-Id: I3ee0b5db5f8a1b3255f68070dc10d27d0e013048
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: v8:8510
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1598758Reviewed-by: 's avatarDan Elphick <delphick@chromium.org>
      Commit-Queue: Dan Elphick <delphick@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61273}
      4bb78818
    • Dan Elphick's avatar
      [compiler] Don't collect source positions for the top frame · 758700a7
      Dan Elphick authored
      While most source positions were not collected even throwing exceptions,
      the top frame still was always collected as it was used to initialize
      the JSMessageObject. This skips even that frame, by storing the
      SharedFunctionInfo and bytecode offset in the JSMessageObject allowing
      it to lazily evaluate the actual source position.
      
      Also adds tests to test-api.cc that test each of the source position
      functions in isolation to ensure that they don't rely on previous
      invocations to call the source collection function.
      
      Since no source positions are now collected at the point when an
      exception is thrown, the mjsunit/stack-traces-overflow now passes again
      with the flag enabled. (cctest/test-cpu-profiler/Inlining2 is now the
      only failure).
      
      Bug: v8:8510
      Change-Id: Ic5382bdbab65cd8838f0c84b544fabb1a9109d13
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1587385
      Commit-Queue: Dan Elphick <delphick@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61271}
      758700a7
  4. 06 May, 2019 2 commits
  5. 03 May, 2019 2 commits
    • Sigurd Schneider's avatar
      Revert "Reland "[json] Speed up json parsing"" · 47fccbfd
      Sigurd Schneider authored
      This reverts commit bbd740f0.
      
      Reason for revert: blocks lkgr due to layout test failure:
      https://ci.chromium.org/p/v8/builders/ci/V8-Blink%20Linux%2064/31607
      
      Original change's description:
      > Reland "[json] Speed up json parsing"
      > 
      > This is a reland of b0c4a876
      > 
      > Original change's description:
      > > [json] Speed up json parsing
      > >
      > > - scan using raw data pointers + GC callback
      > > - scan using scanner tables
      > > - cap internalizing large string values
      > > - inline fast transitioning logic
      > >
      > > Fixes previous CL by moving AllowHeapAllocation to callers of
      > > ReportUnexpectedCharacter where needed to make it clear we need to exit.
      > >
      > > Tbr: ulan@chromium.org
      > > Change-Id: Icfbb7cd536e0fbe153f34acca5d0fab6b5453d71
      > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591778
      > > Reviewed-by: Igor Sheludko <ishell@chromium.org>
      > > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
      > > Commit-Queue: Toon Verwaest <verwaest@chromium.org>
      > > Cr-Commit-Position: refs/heads/master@{#61159}
      > 
      > Tbr: verwaest@chromium.org
      > Cq-Include-Trybots: luci.v8.try:v8_linux64_msan_rel
      > Change-Id: Ic7d0057178c649fc45b8c8f4587ee9128e351515
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593292
      > Commit-Queue: Igor Sheludko <ishell@chromium.org>
      > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
      > Reviewed-by: Igor Sheludko <ishell@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#61179}
      
      TBR=ulan@chromium.org,ishell@google.com,verwaest@google.com,ishell@chromium.org,verwaest@chromium.org
      
      Change-Id: I3ae8f9ce8214bebe7fab9d87c5daf8cdfdb94199
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Cq-Include-Trybots: luci.v8.try:v8_linux64_msan_rel
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594438
      Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
      Reviewed-by: 's avatarSigurd Schneider <sigurds@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61194}
      47fccbfd
    • Sigurd Schneider's avatar
      Revert "[runtime] Inline SeqOneByteSubStringKey IsMatch and AsHandle" · 100abfe5
      Sigurd Schneider authored
      This reverts commit a87a971b.
      
      Reason for revert: required for revert of 
      bbd740f0
      
      Original change's description:
      > [runtime] Inline SeqOneByteSubStringKey IsMatch and AsHandle
      > 
      > The performance actually matters to JSON parsing and this improves it by a % or
      > 2.
      > 
      > In the longer run we should probably share the IsMatch implementation in
      > StringTableKey directly and call a virtual GetBytes on the key implementation.
      > 
      > Change-Id: I838a106f9c8c52f0385057a52a8c0b9141ae025b
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1589977
      > Commit-Queue: Toon Verwaest <verwaest@chromium.org>
      > Auto-Submit: Toon Verwaest <verwaest@chromium.org>
      > Reviewed-by: Igor Sheludko <ishell@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#61183}
      
      TBR=ishell@chromium.org,verwaest@chromium.org
      
      Change-Id: I8797310ef7834c04b44c735ce60813e3fb596013
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1594440Reviewed-by: 's avatarSigurd Schneider <sigurds@chromium.org>
      Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61193}
      100abfe5
  6. 02 May, 2019 6 commits
    • Toon Verwaest's avatar
      [runtime] Inline SeqOneByteSubStringKey IsMatch and AsHandle · a87a971b
      Toon Verwaest authored
      The performance actually matters to JSON parsing and this improves it by a % or
      2.
      
      In the longer run we should probably share the IsMatch implementation in
      StringTableKey directly and call a virtual GetBytes on the key implementation.
      
      Change-Id: I838a106f9c8c52f0385057a52a8c0b9141ae025b
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1589977
      Commit-Queue: Toon Verwaest <verwaest@chromium.org>
      Auto-Submit: Toon Verwaest <verwaest@chromium.org>
      Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61183}
      a87a971b
    • Toon Verwaest's avatar
      Reland "[json] Speed up json parsing" · bbd740f0
      Toon Verwaest authored
      This is a reland of b0c4a876
      
      Original change's description:
      > [json] Speed up json parsing
      >
      > - scan using raw data pointers + GC callback
      > - scan using scanner tables
      > - cap internalizing large string values
      > - inline fast transitioning logic
      >
      > Fixes previous CL by moving AllowHeapAllocation to callers of
      > ReportUnexpectedCharacter where needed to make it clear we need to exit.
      >
      > Tbr: ulan@chromium.org
      > Change-Id: Icfbb7cd536e0fbe153f34acca5d0fab6b5453d71
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591778
      > Reviewed-by: Igor Sheludko <ishell@chromium.org>
      > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
      > Commit-Queue: Toon Verwaest <verwaest@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#61159}
      
      Tbr: verwaest@chromium.org
      Cq-Include-Trybots: luci.v8.try:v8_linux64_msan_rel
      Change-Id: Ic7d0057178c649fc45b8c8f4587ee9128e351515
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593292
      Commit-Queue: Igor Sheludko <ishell@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61179}
      bbd740f0
    • Peter Marshall's avatar
      Revert "[typedarray] Make JSTypedArray::length authoritative." · 18100666
      Peter Marshall authored
      This reverts commit ad44c258.
      
      Reason for revert: Missed some users: crbug.com/v8/9105
      
      Original change's description:
      > [typedarray] Make JSTypedArray::length authoritative.
      >
      > This is the first step towards full huge typed array support in V8.
      > Before this change, the JSTypedArray::length and the elements backing
      > store length (FixedTypedArrayBase::length) were used more or less
      > interchangeably to determine the number of elements in a JSTypedArray.
      >
      > With this change we disentangle these two lengths, and instead make
      > JSTypedArray::length authoritative. For on-heap typed arrays, the
      > FixedTypedArrayBase::length will remain the number of elements in the
      > backing store, but for the off-heap typed arrays, this length will be
      > set to 0 (matching the fact that the FixedTypedArrayBase instance does
      > not contain any elements itself).
      >
      > This also unifies the JSTypedArray::set_/length() and length_value()
      > methods to only have JSTypedArray::set_/length() which returns/takes
      > size_t values. Currently this still requires the values to be in Smi
      > range, but later we will extend this to allow arbitrary size_t values
      > (in the safe integer range).
      >
      > Bug: v8:4153, v8:7881
      > Change-Id: Iff9089130bb31fa9e08e0cf913e7ab52c3dbf107
      > Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
      > Doc: http://doc/1Z-wM2qwvAuxH46e9ivtkYvKzzwYZg8ymm0x0wJaomow
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1543729
      > Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
      > Reviewed-by: Peter Marshall <petermarshall@chromium.org>
      > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
      > Reviewed-by: Ben Titzer <titzer@chromium.org>
      > Reviewed-by: Hannes Payer <hpayer@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#60648}
      
      TBR=jarin@chromium.org,titzer@chromium.org,hpayer@chromium.org,petermarshall@chromium.org,bmeurer@chromium.org
      
      # Not skipping CQ checks because original CL landed > 1 day ago.
      
      TBR=jarin@chromium.org, szuend@chromium.org
      
      Bug: v8:4153, v8:7881
      Change-Id: I96992bff15b4a2765ae4a557d2c37e78269c927d
      Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593294
      Commit-Queue: Peter Marshall <petermarshall@chromium.org>
      Reviewed-by: 's avatarJaroslav Sevcik <jarin@chromium.org>
      Reviewed-by: 's avatarPeter Marshall <petermarshall@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61172}
      18100666
    • Michael Achenbach's avatar
      Revert "[json] Speed up json parsing" · 2036e259
      Michael Achenbach authored
      This reverts commit b0c4a876.
      
      Reason for revert:
      https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/26470
      
      Original change's description:
      > [json] Speed up json parsing
      > 
      > - scan using raw data pointers + GC callback
      > - scan using scanner tables
      > - cap internalizing large string values
      > - inline fast transitioning logic
      > 
      > Fixes previous CL by moving AllowHeapAllocation to callers of
      > ReportUnexpectedCharacter where needed to make it clear we need to exit.
      > 
      > Tbr: ulan@chromium.org
      > Change-Id: Icfbb7cd536e0fbe153f34acca5d0fab6b5453d71
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591778
      > Reviewed-by: Igor Sheludko <ishell@chromium.org>
      > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
      > Commit-Queue: Toon Verwaest <verwaest@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#61159}
      
      TBR=ulan@chromium.org,ishell@google.com,ishell@chromium.org,verwaest@chromium.org
      
      Change-Id: Ibe823e187d9ab999be7278140b0ed31868440e9e
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1593090Reviewed-by: 's avatarMichael Achenbach <machenbach@chromium.org>
      Commit-Queue: Michael Achenbach <machenbach@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61163}
      2036e259
    • Toon Verwaest's avatar
      [json] Speed up json parsing · b0c4a876
      Toon Verwaest authored
      - scan using raw data pointers + GC callback
      - scan using scanner tables
      - cap internalizing large string values
      - inline fast transitioning logic
      
      Fixes previous CL by moving AllowHeapAllocation to callers of
      ReportUnexpectedCharacter where needed to make it clear we need to exit.
      
      Tbr: ulan@chromium.org
      Change-Id: Icfbb7cd536e0fbe153f34acca5d0fab6b5453d71
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1591778Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Commit-Queue: Toon Verwaest <verwaest@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61159}
      b0c4a876
    • Dan Elphick's avatar
      [cleanup] Fix warnings reported by clang-tidy · e0b5b88e
      Dan Elphick authored
      Fixes several warnings reported for internal repo by:
        * using vector::empty instead of vector::size() == 0
        * removing redundant return; at the end of a function
        * making operator= return OriginalType&
      
      Bug: v8:9183
      Change-Id: I8c725bd7b0bc011557fb2bb68a561ee413ab38f5
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1589978
      Auto-Submit: Dan Elphick <delphick@chromium.org>
      Reviewed-by: 's avatarMythri Alle <mythria@chromium.org>
      Commit-Queue: Dan Elphick <delphick@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61149}
      e0b5b88e
  7. 30 Apr, 2019 4 commits
  8. 29 Apr, 2019 1 commit
    • Clemens Hammacher's avatar
      [cleanup] Use Vector::begin instead of Vector::start · 4b0f9c85
      Clemens Hammacher authored
      Our {Vector} template provides both {start} and {begin} methods. They
      return exactly the same value. Since the {begin} method is needed for
      iteration, and is also what standard containers provide, this CL
      switches all uses of the {start} method to use {begin} instead.
      
      Patchset 1 was auto-generated by using this clang AST matcher:
          callExpr(
              callee(
                cxxMethodDecl(
                  hasName("start"),
                  ofClass(hasName("v8::internal::Vector")))
              ),
              argumentCountIs(0))
      
      Patchset 2 was created by running clang-format. Patchset 3 then
      removes the now unused {Vector::start} method.
      
      R=jkummerow@chromium.org
      TBR=mstarzinger@chromium.org,yangguo@chromium.org,verwaest@chromium.org
      
      Bug: v8:9183
      Change-Id: Id9f01c92870872556e2bb3f6d5667463b0e3e5c6
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1587381Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61081}
      4b0f9c85
  9. 26 Apr, 2019 1 commit
  10. 24 Apr, 2019 1 commit
  11. 18 Apr, 2019 2 commits
  12. 16 Apr, 2019 1 commit
  13. 12 Apr, 2019 1 commit
    • Benedikt Meurer's avatar
      [map] Support in-place field representation changes. · f11ba854
      Benedikt Meurer authored
      This adds a new flag --modify-field-representation-inplace (enabled by
      default), which lets the runtime perform field representation changes
      for Smi to Tagged or for HeapObject to Tagged in-place instead of
      creating new maps and marking the previous map tree as deprecated.
      
      That means we create (a lot) fewer Maps and DescriptorArrays in the
      beginning and also need to self-heal fewer objects later (migrating
      off the deprecated maps). In TurboFan we just take the "field owner
      dependency" whenever we use the field representation, which is very
      similar to what we already do for the field types. That means if we
      change the representation of a field that we used in optimized code,
      we will simply deoptimize that code and have TurboFan potentially
      later optimize it again with the new field representation.
      
      On the Speedometer2/ElmJS-TodoMVC test, this reduces the total execution
      time from around 415ms to around 352ms, which corresponds to a **15%**
      improvement. The overall Speedometer2 score improves from around 74.1
      to around 78.3 (on local runs with content_shell), corresponding to a
      **5.6%** improvement here. :tada:
      
      On the CNN desktop browsing story, it seems that we reduce map space
      utilization/fragmentation by about 4-5%. But since we allocate a lot
      less (fewer Maps and DescriptorArrays) we also significantly change
      the GC timing, which heavily influences the results here. So take this
      with a grain of salt. :shrug:
      
      Note: For Double fields, this doesn't change anything, meaning they
      still create new maps and deprecate the previous map trees.
      
      Bug: v8:8749, v8:8865, v8:9114
      Change-Id: Ibd70efcb59be982863905663dbfaa89aa5b31e14
      Cq-Include-Trybots: luci.chromium.try:linux-rel,win7-rel
      Doc: http://bit.ly/v8-in-place-field-representation-changes
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1565891
      Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
      Commit-Queue: Igor Sheludko <ishell@chromium.org>
      Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
      Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#60822}
      f11ba854
  14. 11 Apr, 2019 3 commits
  15. 09 Apr, 2019 1 commit
  16. 05 Apr, 2019 1 commit
    • Benedikt Meurer's avatar
      [typedarray] Make JSTypedArray::length authoritative. · ad44c258
      Benedikt Meurer authored
      This is the first step towards full huge typed array support in V8.
      Before this change, the JSTypedArray::length and the elements backing
      store length (FixedTypedArrayBase::length) were used more or less
      interchangeably to determine the number of elements in a JSTypedArray.
      
      With this change we disentangle these two lengths, and instead make
      JSTypedArray::length authoritative. For on-heap typed arrays, the
      FixedTypedArrayBase::length will remain the number of elements in the
      backing store, but for the off-heap typed arrays, this length will be
      set to 0 (matching the fact that the FixedTypedArrayBase instance does
      not contain any elements itself).
      
      This also unifies the JSTypedArray::set_/length() and length_value()
      methods to only have JSTypedArray::set_/length() which returns/takes
      size_t values. Currently this still requires the values to be in Smi
      range, but later we will extend this to allow arbitrary size_t values
      (in the safe integer range).
      
      Bug: v8:4153, v8:7881
      Change-Id: Iff9089130bb31fa9e08e0cf913e7ab52c3dbf107
      Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
      Doc: http://doc/1Z-wM2qwvAuxH46e9ivtkYvKzzwYZg8ymm0x0wJaomow
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1543729
      Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
      Reviewed-by: 's avatarPeter Marshall <petermarshall@chromium.org>
      Reviewed-by: 's avatarJaroslav Sevcik <jarin@chromium.org>
      Reviewed-by: 's avatarBen Titzer <titzer@chromium.org>
      Reviewed-by: 's avatarHannes Payer <hpayer@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#60648}
      ad44c258