- 07 Aug, 2018 1 commit
-
-
Sigurd Schneider authored
The instruction size in bytes is now kInstrSize on all platforms. Bug: v8:6666 Change-Id: I2f9880a6a74199a439c8327a4117efb74240aa22 Reviewed-on: https://chromium-review.googlesource.com/1164955 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#54944}
-
- 24 Jul, 2018 1 commit
-
-
Clemens Hammacher authored
This is a reland of a462a785 Original change's description: > [turboassembler] Introduce hard-abort mode > > For checks and assertions (mostly for debug code, like stack alignment > or zero extension), we had two modes: Emit a call to the {Abort} > runtime function (the default), and emit a debug break (used for > testing, enabled via --trap-on-abort). > In wasm, where we cannot just call a runtime function because code must > be isolate independent, we always used the trap-on-abort behaviour. > This causes problems for our fuzzers, which do not catch SIGTRAP, and > hence do not detect debug code failures. > > This CL introduces a third mode ("hard abort"), which calls a C > function via {ExternalReference}. The C function still outputs the > abort reason, but does not print the stack trace. It then aborts via > "OS::Abort", just like the runtime function. > This will allow fuzzers to detect the crash and even find a nice error > message. > > Even though this looks like a lot of code churn, it is actually not. > Most added lines are new tests, and other changes are minimal. > > R=mstarzinger@chromium.org > > Bug: chromium:863799 > Change-Id: I77c58ff72db552d49014614436259ccfb49ba87b > Reviewed-on: https://chromium-review.googlesource.com/1142163 > Commit-Queue: Clemens Hammacher <clemensh@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#54592} Bug: chromium:863799 Change-Id: I7729a47b4823a982a8e201df36520aa2b6ef5326 Reviewed-on: https://chromium-review.googlesource.com/1146100Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#54656}
-
- 20 Jul, 2018 2 commits
-
-
Sigurd Schneider authored
This reverts commit a462a785. Reason for revert: Breaks a TurboAssembler test: https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Arm/7726 Original change's description: > [turboassembler] Introduce hard-abort mode > > For checks and assertions (mostly for debug code, like stack alignment > or zero extension), we had two modes: Emit a call to the {Abort} > runtime function (the default), and emit a debug break (used for > testing, enabled via --trap-on-abort). > In wasm, where we cannot just call a runtime function because code must > be isolate independent, we always used the trap-on-abort behaviour. > This causes problems for our fuzzers, which do not catch SIGTRAP, and > hence do not detect debug code failures. > > This CL introduces a third mode ("hard abort"), which calls a C > function via {ExternalReference}. The C function still outputs the > abort reason, but does not print the stack trace. It then aborts via > "OS::Abort", just like the runtime function. > This will allow fuzzers to detect the crash and even find a nice error > message. > > Even though this looks like a lot of code churn, it is actually not. > Most added lines are new tests, and other changes are minimal. > > R=mstarzinger@chromium.org > > Bug: chromium:863799 > Change-Id: I77c58ff72db552d49014614436259ccfb49ba87b > Reviewed-on: https://chromium-review.googlesource.com/1142163 > Commit-Queue: Clemens Hammacher <clemensh@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#54592} TBR=mstarzinger@chromium.org,clemensh@chromium.org Change-Id: I60c011cfe262ccebbb9abf32699a9fe17e72a3c8 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:863799 Reviewed-on: https://chromium-review.googlesource.com/1145431 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#54597}
-
Clemens Hammacher authored
For checks and assertions (mostly for debug code, like stack alignment or zero extension), we had two modes: Emit a call to the {Abort} runtime function (the default), and emit a debug break (used for testing, enabled via --trap-on-abort). In wasm, where we cannot just call a runtime function because code must be isolate independent, we always used the trap-on-abort behaviour. This causes problems for our fuzzers, which do not catch SIGTRAP, and hence do not detect debug code failures. This CL introduces a third mode ("hard abort"), which calls a C function via {ExternalReference}. The C function still outputs the abort reason, but does not print the stack trace. It then aborts via "OS::Abort", just like the runtime function. This will allow fuzzers to detect the crash and even find a nice error message. Even though this looks like a lot of code churn, it is actually not. Most added lines are new tests, and other changes are minimal. R=mstarzinger@chromium.org Bug: chromium:863799 Change-Id: I77c58ff72db552d49014614436259ccfb49ba87b Reviewed-on: https://chromium-review.googlesource.com/1142163 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#54592}
-
- 25 May, 2018 5 commits
-
-
jgruber authored
Bug: v8:6666 Change-Id: Ibb5b8b2012041e908ac7f109abf0a724b12c0e72 Reviewed-on: https://chromium-review.googlesource.com/1073447Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#53364}
-
jgruber authored
Calls from embedded builtins to stubs are expensive due to the indirection through the builtins constants table. This moves the InternalArrayConstructorStub to a builtin. Bug: v8:6666 Change-Id: I8cd801bd9218ca9ef0853ed99c7a69090af5c9f9 Reviewed-on: https://chromium-review.googlesource.com/1072608Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#53360}
-
jgruber authored
Calls from embedded builtins to stubs are expensive due to the indirection through the builtins constants table. This moves the ArrayConstructorStub to a builtin. Bug: v8:6666 Change-Id: Iff4bff99cd911a7f5f138819801c7812b75ea969 Reviewed-on: https://chromium-review.googlesource.com/1071519 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#53357}
-
jgruber authored
Calls from embedded builtins to stubs are expensive due to the indirection through the builtins constants table. This moves the ArrayNArgumentsConstructorStub to a builtin. Bug: v8:6666 Change-Id: Ied303334874251415a9057abf612d76dd8330aa6 Reviewed-on: https://chromium-review.googlesource.com/1071450 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#53356}
-
jgruber authored
Calls from embedded builtins to stubs are expensive due to the indirection through the builtins constants table. This moves CallApiGetter and the 0/1 argument case of CallApiCallback to builtins. Bug: v8:6666 Change-Id: I49c4917253f790a3b947f42c50d6308a1ab99d91 Reviewed-on: https://chromium-review.googlesource.com/1070980Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#53355}
-
- 07 May, 2018 1 commit
-
-
jgruber authored
Stubs and builtins are very similar. The main differences are that stubs can be parameterized and may be generated at runtime, whereas builtins are generated at mksnapshot-time and shipped with the snapshot (or embedded into the binary). My main motivation for these conversions is that we can generate faster calls and jumps to (embedded) builtins callees from (embedded) builtin callers. Instead of going through the builtins constants table indirection, we can simply do a pc-relative call/jump. This also unlocks other refactorings, e.g. removal of CallRuntimeDelayed. TBR=mlippautz@chromium.org Bug: v8:6666 Change-Id: I4cd63477f19a330ec70bbf20e2af8a42fb05fabb Reviewed-on: https://chromium-review.googlesource.com/1044245Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#53027}
-
- 02 May, 2018 1 commit
-
-
Marja Hölttä authored
BUG=v8:5402,v8:7570 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I56beb15109a3557ba514e8d17880b1a37a109031 Reviewed-on: https://chromium-review.googlesource.com/1032552Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#52908}
-
- 30 Apr, 2018 1 commit
-
-
Georgia Kouveli authored
This includes the following changes: - Limit code space to 128 MB. - Use direct branches wherever possible. - Where not possible, continue using load literal followed by an indirect branch. - Sort RelocInfo by target_address_address for the serializer, since mixing load literal instructions and branch instructions messes up that order. - Ensure we always wipe out targets in the serializer (not just for the snapshot) in order to be able to distinguish between constant pool entries and branch instructions. Change-Id: I1a1029ce2a5f72a3a94802daf267d14a42c7c790 Reviewed-on: https://chromium-review.googlesource.com/939175Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com> Cr-Commit-Position: refs/heads/master@{#52885}
-
- 26 Apr, 2018 3 commits
-
-
jgruber authored
This is a reland of f5d30851 Original change's description: > [builtins] Introduce further constant & external reference indirections > > This introduces further indirections for embedded constants and > external references for builtins generated by the macro-assembler. > The used mechanisms (LookupConstant and LookupExternalReference) are > identical to what we already use in CSA. > > Almost all builtins are now isolate-independent in both release and > debug modes. snapshot_blob.bin is roughly 670K smaller in embedded > builds vs. non-embedded builds, while libv8.so is roughly 280K larger. > > Bug: v8:6666 > Change-Id: I7a6c2193ef5a763e6cf7543dd51597d6fff6c110 > Reviewed-on: https://chromium-review.googlesource.com/1006581 > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#52810} TBR=mstarzinger@chromium.org Bug: v8:6666 Change-Id: I73dfe207f2c5f79a9a06c165c75f5619e88a5a17 Reviewed-on: https://chromium-review.googlesource.com/1030550Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#52819}
-
jgruber authored
This reverts commit f5d30851. Breakages: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20noi18n%20-%20debug/builds/20370 https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20-%20custom%20snapshot%20-%20debug/builds/21174 TBR=yangguo@chromium.org No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:6666 Change-Id: Ic4d28fccf647aadcac0a60430b7fb66d22ce4577 Reviewed-on: https://chromium-review.googlesource.com/1030431Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#52813}
-
jgruber authored
This introduces further indirections for embedded constants and external references for builtins generated by the macro-assembler. The used mechanisms (LookupConstant and LookupExternalReference) are identical to what we already use in CSA. Almost all builtins are now isolate-independent in both release and debug modes. snapshot_blob.bin is roughly 670K smaller in embedded builds vs. non-embedded builds, while libv8.so is roughly 280K larger. Bug: v8:6666 Change-Id: I7a6c2193ef5a763e6cf7543dd51597d6fff6c110 Reviewed-on: https://chromium-review.googlesource.com/1006581 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#52810}
-
- 25 Apr, 2018 1 commit
-
-
Andreas Haas authored
I missed one required change which was hidden behind an #if. The fix is in the diff between Patch 1 and Patch 3. Original message: In this CL I remove the isolate from signatures of ExternalReference accessor functions where the isolate is not used. The uses of the isolate were already removed in previous CLs. Changes: * I split the ExternalReference list in external-reference.h into those which need the isolate for initialization and those which do not. * I removed the public constructors and replaced them by ExternalReference::Create(). The reason is to separate external creation more clearly from internal creation, because externally created ExternalReferences sometimes need redirection, whereas internally created ExternalReferences are just stored as they are. In addition, by removing the isolate from the signature of the public constructors, they suddenly exactly matched the interal constructor. * Replace all uses of the public constructors with ExternalReference::Create(). * Remove the isolate from all call sites where necessary. This is a step towards making WebAssembly compilation independent of the isolate. R=mstarzinger@chromium.org Bug: v8:7570 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: I750c162f5d58ed32e866722b0db920f8b9bd8057 Reviewed-on: https://chromium-review.googlesource.com/1026673Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#52777}
-
- 24 Apr, 2018 2 commits
-
-
Andreas Haas authored
This reverts commit 44ea425a. Reason for revert: https://ci.chromium.org/buildbot/client.v8.ports/V8%20Arm%20-%20debug%20builder/13575 Original change's description: > [refactoring] Remove the isolate from signatures of ExternalReferences > > In this CL I remove the isolate from signatures of ExternalReference > accessor functions where the isolate is not used. The uses of the > isolate were already removed in previous CLs. > > Changes: > * I split the ExternalReference list in external-reference.h into > those which need the isolate for initialization and those which do not. > > * I removed the public constructors and replaced them by > ExternalReference::Create(). The reason is to separate external > creation more clearly from internal creation, because externally > created ExternalReferences sometimes need redirection, whereas > internally created ExternalReferences are just stored as they are. > In addition, by removing the isolate from the signature of the > public constructors, they suddenly exactly matched the interal > constructor. > > * Replace all uses of the public constructors with > ExternalReference::Create(). > > * Remove the isolate from all call sites where necessary. > > > This is a step towards making WebAssembly compilation independent of > the isolate. > > Bug: v8:7570 > R=mstarzinger@chromium.org > > Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng > Change-Id: I14f511fc6acc50ab2d6a6641299f5ddbeabef0da > Reviewed-on: https://chromium-review.googlesource.com/1018982 > Commit-Queue: Andreas Haas <ahaas@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#52768} TBR=mstarzinger@chromium.org,ahaas@chromium.org Change-Id: I7c0d8d420f815cede23d550dee8942ac4d7791cc No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:7570 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Reviewed-on: https://chromium-review.googlesource.com/1026570Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#52769}
-
Andreas Haas authored
In this CL I remove the isolate from signatures of ExternalReference accessor functions where the isolate is not used. The uses of the isolate were already removed in previous CLs. Changes: * I split the ExternalReference list in external-reference.h into those which need the isolate for initialization and those which do not. * I removed the public constructors and replaced them by ExternalReference::Create(). The reason is to separate external creation more clearly from internal creation, because externally created ExternalReferences sometimes need redirection, whereas internally created ExternalReferences are just stored as they are. In addition, by removing the isolate from the signature of the public constructors, they suddenly exactly matched the interal constructor. * Replace all uses of the public constructors with ExternalReference::Create(). * Remove the isolate from all call sites where necessary. This is a step towards making WebAssembly compilation independent of the isolate. Bug: v8:7570 R=mstarzinger@chromium.org Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: I14f511fc6acc50ab2d6a6641299f5ddbeabef0da Reviewed-on: https://chromium-review.googlesource.com/1018982 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#52768}
-
- 13 Apr, 2018 2 commits
-
-
jgruber authored
This is mostly a simple copy & paste of the stub implementation from code-stubs-arch.cc to builtins-arch.cc. The conversion allows removal of a special case for the DoubleToIStub within the compiler & wasm pipelines, and also makes the following builtins isolate-independent (in conjunction with https://crrev.com/c/1006581): TFC BitwiseAnd TFC BitwiseOr TFC BitwiseXor TFC Exponentiate TFC ShiftLeft TFC ShiftRight TFC ShiftRightLogical TFJ AtomicsAdd TFJ AtomicsAnd TFJ AtomicsCompareExchange TFJ AtomicsExchange TFJ AtomicsLoad TFJ AtomicsOr TFJ AtomicsStore TFJ AtomicsSub TFJ AtomicsXor TFJ MathClz32 TFJ MathImul TFJ MathPow TFJ NumberParseInt TFJ StringFromCharCode TFJ TypedArrayFrom TFJ TypedArrayOf TFJ TypedArrayPrototypeMap Drive-by: dead code removal & TODOs in code-stubs.h. Bug: v8:6666 Change-Id: I763cba2242bcadc2d130b0aaa16a9787212b466a Reviewed-on: https://chromium-review.googlesource.com/1012024 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#52591}
-
jgruber authored
This changes DoubleToIStub to return its result on the stack instead of a specific return register. In a follow-up, the DoubleToIStub could be converted into a builtin. Bug: v8:6666 Change-Id: I7852e1586c8f7b56bc5d2545a7bf6238dd2ad650 Reviewed-on: https://chromium-review.googlesource.com/1009702 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#52587}
-
- 11 Apr, 2018 1 commit
-
-
jgruber authored
All call sites passed nullptr as the isolate argument and DOUBLE as the exponent type. Remove these unused arguments and related dead code. Bug: v8:6666 Change-Id: Ie94d9b489f494b2a5c80f5cc3dc81013ed4f4414 Reviewed-on: https://chromium-review.googlesource.com/1006754Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#52545}
-
- 27 Feb, 2018 1 commit
-
-
Mike Stanton authored
This is a reland of 800daded. Original change's description: > [turbofan] Masking/poisoning in codegen (optimized code, arm64) > > This introduces masking of loads with speculation bit during code generation. > At the moment, this is done only under the > --branch-load-poisoning flag, and this CL enlarges the set of supported > platforms from {x64, arm} to {x64, arm, arm64}. > > Overview of changes: > - new register configuration configuration with one register reserved for > the speculation poison/mask (kSpeculationPoisonRegister). > - in codegen, we introduce an update to the poison register at the starts > of all successors of branches (and deopts) that are marked as safety > branches (deopts). > - in memory optimizer, we lower all field and element loads to PoisonedLoads. > - poisoned loads are then masked in codegen with the poison register. > * only integer loads are masked at the moment. > > Bug: chromium:798964 > Change-Id: Ie6bc9c3bdac9998b0ef81f050a9c844399ca3ae4 > Reviewed-on: https://chromium-review.googlesource.com/928724 > Commit-Queue: Michael Stanton <mvstanton@chromium.org> > Reviewed-by: Martyn Capewell <martyn.capewell@arm.com> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Cr-Commit-Position: refs/heads/master@{#51576} Bug: chromium:798964 Change-Id: I6c87d34c4e05fca0bd7f5447555133ecb0fb7a2e Reviewed-on: https://chromium-review.googlesource.com/939402Reviewed-by: Martyn Capewell <martyn.capewell@arm.com> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#51602}
-
- 26 Feb, 2018 2 commits
-
-
Adam Klein authored
This reverts commit 800daded. Reason for revert: breaks arm64 build Original change's description: > [turbofan] Masking/poisoning in codegen (optimized code, arm64) > > This introduces masking of loads with speculation bit during code generation. > At the moment, this is done only under the > --branch-load-poisoning flag, and this CL enlarges the set of supported > platforms from {x64, arm} to {x64, arm, arm64}. > > Overview of changes: > - new register configuration configuration with one register reserved for > the speculation poison/mask (kSpeculationPoisonRegister). > - in codegen, we introduce an update to the poison register at the starts > of all successors of branches (and deopts) that are marked as safety > branches (deopts). > - in memory optimizer, we lower all field and element loads to PoisonedLoads. > - poisoned loads are then masked in codegen with the poison register. > * only integer loads are masked at the moment. > > Bug: chromium:798964 > Change-Id: Ie6bc9c3bdac9998b0ef81f050a9c844399ca3ae4 > Reviewed-on: https://chromium-review.googlesource.com/928724 > Commit-Queue: Michael Stanton <mvstanton@chromium.org> > Reviewed-by: Martyn Capewell <martyn.capewell@arm.com> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Cr-Commit-Position: refs/heads/master@{#51576} TBR=rmcilroy@chromium.org,mvstanton@chromium.org,mstarzinger@chromium.org,jarin@chromium.org,rodolph.perfetta@arm.com,martyn.capewell@arm.com,pierre.langlois@arm.com Change-Id: I1b5dad27f9620c7da3277602081f392de6221caf No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:798964 Reviewed-on: https://chromium-review.googlesource.com/937861Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#51578}
-
Mike Stanton authored
This introduces masking of loads with speculation bit during code generation. At the moment, this is done only under the --branch-load-poisoning flag, and this CL enlarges the set of supported platforms from {x64, arm} to {x64, arm, arm64}. Overview of changes: - new register configuration configuration with one register reserved for the speculation poison/mask (kSpeculationPoisonRegister). - in codegen, we introduce an update to the poison register at the starts of all successors of branches (and deopts) that are marked as safety branches (deopts). - in memory optimizer, we lower all field and element loads to PoisonedLoads. - poisoned loads are then masked in codegen with the poison register. * only integer loads are masked at the moment. Bug: chromium:798964 Change-Id: Ie6bc9c3bdac9998b0ef81f050a9c844399ca3ae4 Reviewed-on: https://chromium-review.googlesource.com/928724 Commit-Queue: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Martyn Capewell <martyn.capewell@arm.com> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#51576}
-
- 18 Jan, 2018 1 commit
-
-
Martyn Capewell authored
Rename csp to sp and remove support for the stack pointer abstraction and switching stack pointers. Bug: v8:6644 Change-Id: I616633aabc1cee9926249fe95ce6c37ed6544fe3 Reviewed-on: https://chromium-review.googlesource.com/870870Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Martyn Capewell <martyn.capewell@arm.com> Cr-Commit-Position: refs/heads/master@{#50687}
-
- 16 Jan, 2018 1 commit
-
-
Martyn Capewell authored
Remove remaining references to jssp, and return register to the allocator. Bug: v8:6644 Change-Id: Ia6938e6c9548cd45d8c9c12032920b32d3da3c4c Reviewed-on: https://chromium-review.googlesource.com/866747Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Martyn Capewell <martyn.capewell@arm.com> Cr-Commit-Position: refs/heads/master@{#50613}
-
- 15 Jan, 2018 1 commit
-
-
Martyn Capewell authored
Remove SetStackPointer function and update assembler tests. Bug: v8:6644 Change-Id: I5ea26e57b848d56433c84d8eea22d7e9b761e6bb Reviewed-on: https://chromium-review.googlesource.com/864147Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Martyn Capewell <martyn.capewell@arm.com> Cr-Commit-Position: refs/heads/master@{#50571}
-
- 11 Jan, 2018 1 commit
-
-
Martyn Capewell authored
This is a reland of 50baf934 This fixes the number of expected instructions in MaybeCallEntryHookDelayed, only exposed by nosnap tests. Original change's description: > [arm64] Switch jssp to csp > > Switch stack pointer to using csp directly, making jssp redundant. > > Bug: v8:6644 > Change-Id: I8e38eda50d56a25161b187c0a033608dd9f90239 > Reviewed-on: https://chromium-review.googlesource.com/860097 > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> > Commit-Queue: Martyn Capewell <martyn.capewell@arm.com> > Cr-Commit-Position: refs/heads/master@{#50487} Bug: v8:6644 Change-Id: Ie9a969ccbf00fd7a7cff8f45b73cdb6bc4f17df9 Reviewed-on: https://chromium-review.googlesource.com/860639Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Martyn Capewell <martyn.capewell@arm.com> Cr-Commit-Position: refs/heads/master@{#50513}
-
- 10 Jan, 2018 2 commits
-
-
Adam Klein authored
This reverts commit 50baf934. Reason for revert: breaks arm64 nosnap debug tests: https://build.chromium.org/p/client.v8.ports/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20nosnap%20-%20debug/builds/8418 Original change's description: > [arm64] Switch jssp to csp > > Switch stack pointer to using csp directly, making jssp redundant. > > Bug: v8:6644 > Change-Id: I8e38eda50d56a25161b187c0a033608dd9f90239 > Reviewed-on: https://chromium-review.googlesource.com/860097 > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> > Commit-Queue: Martyn Capewell <martyn.capewell@arm.com> > Cr-Commit-Position: refs/heads/master@{#50487} TBR=martyn.capewell@arm.com,bmeurer@chromium.org Change-Id: I20015885e6029271ee6558509cdb92ff1a106e5f No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:6644 Reviewed-on: https://chromium-review.googlesource.com/860319Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#50488}
-
Martyn Capewell authored
Switch stack pointer to using csp directly, making jssp redundant. Bug: v8:6644 Change-Id: I8e38eda50d56a25161b187c0a033608dd9f90239 Reviewed-on: https://chromium-review.googlesource.com/860097Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Martyn Capewell <martyn.capewell@arm.com> Cr-Commit-Position: refs/heads/master@{#50487}
-
- 09 Jan, 2018 2 commits
-
-
Martyn Capewell authored
As they're now equal, simplify some TF opcodes by restoring jssp from csp on stack pointer switch. Also, remove some direct references to jssp. Bug: v8:6644 Change-Id: I20ee54fc0d536809a0aa72def43337f83cc91685 Reviewed-on: https://chromium-review.googlesource.com/857457Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Martyn Capewell <martyn.capewell@arm.com> Cr-Commit-Position: refs/heads/master@{#50462}
-
Clemens Hammacher authored
This ensures that there is only one entrance point from C++ to generated code, hence only one method has to be excluded from CFI. It also introduces type safety by only allowing the code to be called with the right arguments. This CL includes minor drive-by fixes in the tests, like removing unused dummy variables. R=mstarzinger@chromium.org Bug: v8:7182 Change-Id: Ied9164a2497db9e7c032324c5e082094fdffc72d Reviewed-on: https://chromium-review.googlesource.com/852213Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50426}
-
- 04 Jan, 2018 1 commit
-
-
Sathya Gunasekaran authored
This patch breaks out bailout reasons into two enum classes. This helps save 3 bits on the SharedFunctionInfo as we don't have to track the abort reasons. Change-Id: Ic2e7e7e32b0fa31491f1c6f0003a61390d68fd97 Reviewed-on: https://chromium-review.googlesource.com/848244Reviewed-by: Ben Titzer <titzer@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#50364}
-
- 13 Dec, 2017 1 commit
-
-
Georgia Kouveli authored
This includes adding a padding slot to the stack handler, which is done for all architectures for consistency. Bug: v8:6644 Change-Id: I8a6379a82e2a9d1819069850b6734489bd6071a6 Reviewed-on: https://chromium-review.googlesource.com/822477Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com> Cr-Commit-Position: refs/heads/master@{#50070}
-
- 05 Dec, 2017 1 commit
-
-
Georgia Kouveli authored
Also remove some unused code. Bug: v8:6644 Change-Id: Id0021b397f366d2f26e990750c4b8c33f0c1cd81 Reviewed-on: https://chromium-review.googlesource.com/806836Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com> Cr-Commit-Position: refs/heads/master@{#49868}
-
- 04 Dec, 2017 1 commit
-
-
Caitlin Potter authored
- Implement RunMicrotasks in CSA to prevent a potentially large number of jumps between C++ and JS code while consuming te queue. Appears to provide a ~60% speedup in microtask-heavy code, which from limited testing appears to scale linearly. The code-stub microtask pump bails out to the old C++ microtask pump if it encounters a CallHandlerInfo microtask, and remains in C++ for the remainder of the queue (returning to the JS/stub implementation after the bailed out queue is exhausted). - Add a variation of JSEntryStub which enters the new RunMicrotasks code stub. - Add a new RunMicrotasks helper to Execution, which uses the RunMicrotasks entry stub. Bug: Change-Id: I4667d4dd633d24455ea5d7cef239da0af1a7365e Reviewed-on: https://chromium-review.googlesource.com/650486 Commit-Queue: Caitlin Potter <caitp@igalia.com> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#49842}
-
- 02 Dec, 2017 1 commit
-
-
Mathias Bynens authored
This patch normalizes the casing of hexadecimal digits in escape sequences of the form `\xNN` and integer literals of the form `0xNNNN`. Previously, the V8 code base used an inconsistent mixture of uppercase and lowercase. Google’s C++ style guide uses uppercase in its examples: https://google.github.io/styleguide/cppguide.html#Non-ASCII_Characters Moreover, uppercase letters more clearly stand out from the lowercase `x` (or `u`) characters at the start, as well as lowercase letters elsewhere in strings. BUG=v8:7109 TBR=marja@chromium.org,titzer@chromium.org,mtrofin@chromium.org,mstarzinger@chromium.org,rossberg@chromium.org,yangguo@chromium.org,mlippautz@chromium.org NOPRESUBMIT=true Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I790e21c25d96ad5d95c8229724eb45d2aa9e22d6 Reviewed-on: https://chromium-review.googlesource.com/804294 Commit-Queue: Mathias Bynens <mathias@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#49810}
-
- 01 Dec, 2017 1 commit
-
-
Camillo Bruni authored
This CL introduces a Context::kInvalidContext sentinel value to make clear that no context is active. We silently accept smi 0 (= nullptr) as a non-set context which usually was the default value making it hard to ensure whether this happened on purpose or not. Change-Id: I5c35616f26b0b64c1cd976563a6eeb0ce474927d Reviewed-on: https://chromium-review.googlesource.com/790291Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#49778}
-
- 15 Nov, 2017 1 commit
-
-
Michael Starzinger authored
R=mlippautz@chromium.org Change-Id: Ie5ff0347d7c849e1941f8c8237a0bd56fdb68a4e Reviewed-on: https://chromium-review.googlesource.com/768672Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#49372}
-
- 07 Nov, 2017 1 commit
-
-
Toon Verwaest authored
Thanks Igor and Jakob for the hard work to migrate ICs to data-driven handlers! This is done as of this CL. Bug: v8:5561 Change-Id: Icf1ddf0065e3aa85ac7efe4b99f74821ce3c0ac2 Reviewed-on: https://chromium-review.googlesource.com/756842 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#49203}
-