- 02 Nov, 2017 20 commits
-
-
Michael Lippautz authored
Phantom handles were processed at the same time as finalizers. This meant that if a finalizer kept an object alive the phantom handle was still destroyed. This becomes a problem in the context of Blink GCs where internal fields are roots for Blink. Prematurely destroying a phantom handle can lead to stale pointers. Bug: chromium:772299 Change-Id: If02365c457be8ce48379ad357cce36baa9617cfb Reviewed-on: https://chromium-review.googlesource.com/750625Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#49086}
-
Michal Majewski authored
Bug: v8:6917 Change-Id: I95355d445ae08a500a3210314dc893dfaddf209d Reviewed-on: https://chromium-review.googlesource.com/750808Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michał Majewski <majeski@google.com> Cr-Commit-Position: refs/heads/master@{#49085}
-
Mircea Trofin authored
We expect no GC between the call to UnwindAndFindHandler and the call to that handler. We can precalculate the handler entrypoint and then let the CEntryStub just load and call that address. The main motivation for this change is the wasm on the native heap work, and making the CEntryStub able to work with non- Code* values. Bug: v8:6876 Change-Id: I660f29619edc315afbb537ef3df018865fab7ba4 Reviewed-on: https://chromium-review.googlesource.com/744723 Commit-Queue: Mircea Trofin <mtrofin@chromium.org> Reviewed-by: Brad Nelson <bradnelson@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#49084}
-
Ulan Degenbaev authored
This reverts commit a9a50dc9. Reason for revert: buildbot crashes. Original change's description: > [heap] Temporarily disable concurrent marking. > > The 6.3 branch has a data race that is fixed in 6.4 but the fix is too > large for back merging. > > This CL will be back-merged to 6.3 after getting Canary coverage. > > Concurrent marking will be re-enabled afterwards. > > Bug: chromium:774644 > Change-Id: I4112da0e133a637cc4fb52dee2e4c165cdc74f1f > Reviewed-on: https://chromium-review.googlesource.com/749811 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Commit-Queue: Ulan Degenbaev <ulan@chromium.org> > Cr-Commit-Position: refs/heads/master@{#49080} TBR=ulan@chromium.org,hpayer@chromium.org,mlippautz@chromium.org Change-Id: Ia9d2128c01b811073c1c8f0392eb13b7d7745cd1 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:774644 Reviewed-on: https://chromium-review.googlesource.com/751501Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#49083}
-
Clemens Hammacher authored
After renaming the WasmExecutionMode constants, I should also have renamed the tests generated from the WASM_EXEC_TEST macro. This CL cleans this up. R=titzer@chromium.org Change-Id: Ifcb1a1e09422a06f89c3b44dc6b7799d3f84f7ac Reviewed-on: https://chromium-review.googlesource.com/744044 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#49082}
-
Toon Verwaest authored
Bug: chromium:779367 Change-Id: I0d361ffc9be1e271e91ce81c3e5cf70697c0ac0b Reviewed-on: https://chromium-review.googlesource.com/749812Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#49081}
-
Ulan Degenbaev authored
The 6.3 branch has a data race that is fixed in 6.4 but the fix is too large for back merging. This CL will be back-merged to 6.3 after getting Canary coverage. Concurrent marking will be re-enabled afterwards. Bug: chromium:774644 Change-Id: I4112da0e133a637cc4fb52dee2e4c165cdc74f1f Reviewed-on: https://chromium-review.googlesource.com/749811Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#49080}
-
Jakob Gruber authored
Abort execution on stack overflow during compilation if --abort-on-stack-or-string-length-overflow was passed (for correctness fuzzer support). Bug: chromium:778962 Change-Id: Idd50b47c4ddc03b7839ce850da95502fce4cc848 Reviewed-on: https://chromium-review.googlesource.com/750842Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#49079}
-
Michal Majewski authored
This is a reland of 697b2c09 Original change's description: > Setting up the environment for testrunner refactored > > Bug: v8:6917 > Change-Id: Ibc3c738ef807d37d8b76f440d9765c4d0405c021 > Reviewed-on: https://chromium-review.googlesource.com/735421 > Commit-Queue: Michał Majewski <majeski@google.com> > Reviewed-by: Michael Achenbach <machenbach@chromium.org> > Cr-Commit-Position: refs/heads/master@{#48923} Bug: v8:6917 Change-Id: I07918814ee8277eca96bcb2d330e6b08f6a0505d Reviewed-on: https://chromium-review.googlesource.com/741621Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michał Majewski <majeski@google.com> Cr-Commit-Position: refs/heads/master@{#49078}
-
Michael Achenbach authored
This reverts commit 6366a010. Reason for revert: Breaks layout tests: https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/19429 Original change's description: > [ic] Internalize strings on the fly in KeyedLoadICGeneric. > > This turns on the existing --internalize_on_the_fly flag for the > MEGAMORPHIC KeyedLoadIC to properly internalize strings before > looking up the property. This avoids the otherwise taken runtime > call to %KeyedGetProperty, which is definitely slower. > > Initially the --internalize_on_the_fly flag was turned off because > internalizing strings on the fly causes too much traffic on the > megamorphic stub cache. We avoid this problem here by not probing > the stub cache in that case, which still gives the benefit of not > having to go to the runtime. > > This improves the babylon test on the web-tooling-benchmark by around > 2-3% and will probably also help with several tests (like React or > Ember) on the Speedometer benchmark. > > If this CL causes trouble (i.e. tanks something important), we can > just turn off the --internalize_on_the_fly flag again. > > Bug: v8:6936, v8:7026 > Change-Id: Ia59a8a3799d9624d831d66b05bae3ecef31cee0a > Reviewed-on: https://chromium-review.googlesource.com/750821 > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> > Cr-Commit-Position: refs/heads/master@{#49072} TBR=ishell@chromium.org,bmeurer@chromium.org Change-Id: I5345eb29016ecd6b7788b1b49b2f53992ea82b58 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:6936, v8:7026 Reviewed-on: https://chromium-review.googlesource.com/750904Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#49077}
-
peterwmwong authored
- Add WeakMapPrototypeDelete and WeakSetPrototypeDelete TFJ builtins - Fast paths when it's not necessary to shrink the table - Add WeakCollectionDelete TFS Some quick benchmarks shows 1.4x - 2.15x gains in performance. https://github.com/peterwmwong/v8-perf/blob/master/weakcollection-delete/README.md Bug: v8:5049, v8:6604 Change-Id: I14036df153f3a0242f9083d751658b868b16660a Reviewed-on: https://chromium-review.googlesource.com/743864Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#49076}
-
Michael Achenbach authored
This reverts commit 1feadfe8. Reason for revert: Reland as bot stayed red after revert. Original change's description: > Revert "[cctest] Clarify that tests for sync instructions are simulator specific" > > This reverts commit 4013518f. > > Reason for revert: > https://build.chromium.org/p/client.v8.ports/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20gc%20stress > > Original change's description: > > [cctest] Clarify that tests for sync instructions are simulator specific > > > > Some tests were recently added to test-simulator-arm.cc, however this file is > > meant for tests that are specific to the simulator and therefore are not written > > to work on hardware. While this sounds surprising, the reason is that our simulation > > of synchronisation instructions is more conservative than on hardware. > > > > To make this more clear, this patch renames the "test-simulator-arm{,64}.cc" > > files to "test-sync-primitives-arm{,64}.cc", and moves the vneg and vabs tests > > into "test-assembler-arm.cc" which is were tests that are garanteed to work in > > either native or simulated environments live. > > > > Finally, take the opportunity to share a little bit of code. > > > > Bug: v8:6963 > > Change-Id: Ifb85d3671c823b9bba73d09f419536b089a4e87c > > Reviewed-on: https://chromium-review.googlesource.com/749387 > > Reviewed-by: Clemens Hammacher <clemensh@chromium.org> > > Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> > > Cr-Commit-Position: refs/heads/master@{#49073} > > TBR=clemensh@chromium.org,pierre.langlois@arm.com,bmeurer@chromium.org > > Change-Id: I1bfb4e9c7c18b716f417a84b18a14cb2e1fa3a7a > No-Presubmit: true > No-Tree-Checks: true > No-Try: true > Bug: v8:6963 > Reviewed-on: https://chromium-review.googlesource.com/750624 > Reviewed-by: Michael Achenbach <machenbach@chromium.org> > Commit-Queue: Michael Achenbach <machenbach@chromium.org> > Cr-Commit-Position: refs/heads/master@{#49074} TBR=machenbach@chromium.org,clemensh@chromium.org,pierre.langlois@arm.com,bmeurer@chromium.org Change-Id: I5af7bd3678758130534730a2f6f0b651b64c6956 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:6963 Reviewed-on: https://chromium-review.googlesource.com/750903Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#49075}
-
Michael Achenbach authored
This reverts commit 4013518f. Reason for revert: https://build.chromium.org/p/client.v8.ports/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20gc%20stress Original change's description: > [cctest] Clarify that tests for sync instructions are simulator specific > > Some tests were recently added to test-simulator-arm.cc, however this file is > meant for tests that are specific to the simulator and therefore are not written > to work on hardware. While this sounds surprising, the reason is that our simulation > of synchronisation instructions is more conservative than on hardware. > > To make this more clear, this patch renames the "test-simulator-arm{,64}.cc" > files to "test-sync-primitives-arm{,64}.cc", and moves the vneg and vabs tests > into "test-assembler-arm.cc" which is were tests that are garanteed to work in > either native or simulated environments live. > > Finally, take the opportunity to share a little bit of code. > > Bug: v8:6963 > Change-Id: Ifb85d3671c823b9bba73d09f419536b089a4e87c > Reviewed-on: https://chromium-review.googlesource.com/749387 > Reviewed-by: Clemens Hammacher <clemensh@chromium.org> > Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> > Cr-Commit-Position: refs/heads/master@{#49073} TBR=clemensh@chromium.org,pierre.langlois@arm.com,bmeurer@chromium.org Change-Id: I1bfb4e9c7c18b716f417a84b18a14cb2e1fa3a7a No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:6963 Reviewed-on: https://chromium-review.googlesource.com/750624Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#49074}
-
Pierre Langlois authored
Some tests were recently added to test-simulator-arm.cc, however this file is meant for tests that are specific to the simulator and therefore are not written to work on hardware. While this sounds surprising, the reason is that our simulation of synchronisation instructions is more conservative than on hardware. To make this more clear, this patch renames the "test-simulator-arm{,64}.cc" files to "test-sync-primitives-arm{,64}.cc", and moves the vneg and vabs tests into "test-assembler-arm.cc" which is were tests that are garanteed to work in either native or simulated environments live. Finally, take the opportunity to share a little bit of code. Bug: v8:6963 Change-Id: Ifb85d3671c823b9bba73d09f419536b089a4e87c Reviewed-on: https://chromium-review.googlesource.com/749387Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Cr-Commit-Position: refs/heads/master@{#49073}
-
Benedikt Meurer authored
This turns on the existing --internalize_on_the_fly flag for the MEGAMORPHIC KeyedLoadIC to properly internalize strings before looking up the property. This avoids the otherwise taken runtime call to %KeyedGetProperty, which is definitely slower. Initially the --internalize_on_the_fly flag was turned off because internalizing strings on the fly causes too much traffic on the megamorphic stub cache. We avoid this problem here by not probing the stub cache in that case, which still gives the benefit of not having to go to the runtime. This improves the babylon test on the web-tooling-benchmark by around 2-3% and will probably also help with several tests (like React or Ember) on the Speedometer benchmark. If this CL causes trouble (i.e. tanks something important), we can just turn off the --internalize_on_the_fly flag again. Bug: v8:6936, v8:7026 Change-Id: Ia59a8a3799d9624d831d66b05bae3ecef31cee0a Reviewed-on: https://chromium-review.googlesource.com/750821Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#49072}
-
Andreas Haas authored
The existing stack check only checked the number of stack frames on the stack, not the actual size of the stack frames. In the test case, each stack frame is huge, and the interpreter runs out of memory before the stack check stops the execution. With this change we take the size of the value stack and the size of the control stack and compare their sum to the stack limit of V8. Note that this stack limit is kind of arbitrary, because the stack space of the interpreter is not on the actual runtime stack but allocated in zone memory, and the stack check exists to simulate stack overflows in compiled code, not to prevent actual stack overflows. R=clemensh@chromium.org TEST=mjsunit/regress/wasm/regress-778917 Bug: chromium:778917 Change-Id: Ife47631fcb1a178a68facab1e42c0069b12c0155 Reviewed-on: https://chromium-review.googlesource.com/744003 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#49071}
-
Benedikt Meurer authored
This is an experiment to quantify the impact of SlicedStrings on both performance and memory usage. The intention is to get Canary coverage for the experiment and then decide how to proceed. Bug: v8:7025 Change-Id: Ied548cd9e2fab127c1ad2aea3e60b2615d3de663 Reviewed-on: https://chromium-review.googlesource.com/750082 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#49070}
-
Yang Guo authored
Proxy's call trap can be used to cause recursion. R=bmeurer@chromium.org, tebbi@chromium.org Bug: chromium:779344 Change-Id: I19c989f618f7230028ebe18c3415bc3f4bd72b93 Reviewed-on: https://chromium-review.googlesource.com/743782Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#49069}
-
Benedikt Meurer authored
This partially reverts commit aaebbbaa, which removed the --string-slices flag. We reintroduce the flag as a build time flag for an experiment to gather information of how much SliceStrings help with throughput and effective memory use. Bug: v8:7025 Change-Id: I529da91bb7501fe93d83891abf560710f3ecb9d0 Reviewed-on: https://chromium-review.googlesource.com/750681Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#49068}
-
Benedikt Meurer authored
This CL adds support for two byte string comparisons to the StringEqual builtin, which so far was bailing out to the generic %StringEqual runtime function whenever any two-byte string was involved. This made comparisons that involved two-byte strings, either comparing them to one-byte strings or comparing two two-byte strings, up to 3x slower than if only one-byte strings were involved. With this change, all direct string (SeqString or ExternalString) equality checks are roughly on par now, and the weird performance cliff is gone. On the micro-benchmark from the bug we go from stringEqualBothOneByteSeqString: 162 ms. stringEqualTwoByteAndOneByteSeqString: 446 ms. stringEqualOneByteAndTwoByteSeqString: 438 ms. stringEqualBothTwoByteSeqString: 472 ms. to stringEqualBothOneByteSeqString: 151 ms. stringEqualTwoByteAndOneByteSeqString: 158 ms. stringEqualOneByteAndTwoByteSeqString: 166 ms. stringEqualBothTwoByteSeqString: 160 ms. which is the desired result. On the esprima test of the web-tooling-benchmark we seem to improve by 1-2%, which corresponds to the savings of going to the runtime for many StringEqual comparisons. Drive-by-cleanup: Introduce LoadAndUntagStringLength helper into the CSA with proper typing to avoid the unnecessary shifts on 64-bit platforms when keeping the length tagged initially in StringEqual. Bug: v8:4913, v8:6365, v8:6371, v8:6936, v8:7022 Change-Id: I566f4b80e217513775ffbd35e0480154abf59b27 Reviewed-on: https://chromium-review.googlesource.com/749223Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#49067}
-
- 01 Nov, 2017 5 commits
-
-
Hans Wennborg authored
Recent Clang versions (r317076+) warn about this. Bug: chromium:780523 Change-Id: Iccc8d675ce4700f67dedfaa60bc6662b03b55ceb Reviewed-on: https://chromium-review.googlesource.com/749117Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Hans Wennborg <hans@chromium.org> Cr-Commit-Position: refs/heads/master@{#49066}
-
Leszek Swirski authored
Rather than having a single script compilation timer, split it into multiple timers depending on the state of the (blink-owned) code cache and (v8-owned) complation cache. This is intended to replace both the script compilation time timer, and the compilation heuristic enum. Also keep track of why blink might not want us to produce (or consume) a code cache, and split the compilation timer on this as well. Note, there is currently no timer for streaming sources, so these won't show up in the histograms. Bug: chromium:582873 Bug: chromium:769203 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: Ia32fff044f919e20e3cec73329e62e01e421b72a Reviewed-on: https://chromium-review.googlesource.com/746922 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#49065}
-
Michaël Zasso authored
See: https://github.com/nodejs/node-v8/issues/23 Bug: Change-Id: Id8e1e828f6f9b1639917319b88c037942f8e73e8 Reviewed-on: https://chromium-review.googlesource.com/743941Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Michaël Zasso <mic.besace@gmail.com> Cr-Commit-Position: refs/heads/master@{#49064}
-
Martyn Capewell authored
Push cp in EnterFrame for CONSTRUCT type frames, in order to align the stack op, and adapt the users (Generate_JSBuiltinConstructStub*) to account for it. Then align the rest of the stack operations in Generate_JSBuiltinConstructStubHelper. Bug: v8:6644 Change-Id: I4ffca329d5838902f787a52ac0d362dfbf9174c6 Reviewed-on: https://chromium-review.googlesource.com/746923Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Martyn Capewell <martyn.capewell@arm.com> Cr-Commit-Position: refs/heads/master@{#49063}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/7765787..ec29950 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/6fd9f08..1471560 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: I229d22f43903bc9101ba0958b8f5a05f83700913 Reviewed-on: https://chromium-review.googlesource.com/748582Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#49062}
-
- 31 Oct, 2017 15 commits
-
-
Natalie Silvanovich authored
Change-Id: I7e833c3b06cfb3ff9eda663c2bee4981013744b0 Adding index accessor counter Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: Ic353c11fa0f430537819387d17eedeec5466d9cc Bug: Reviewed-on: https://chromium-review.googlesource.com/741169Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Natalie Silvanovich <natashenka@google.com> Cr-Commit-Position: refs/heads/master@{#49061}
-
Junliang Yan authored
Bug: Change-Id: I72a91c3a7c89730b6f54ecd30743263ff0ab4642 Reviewed-on: https://chromium-review.googlesource.com/746946Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#49060}
-
Adam Klein authored
The parser now throws for literals that are too big for the runtime to support, thus avoiding CHECK-failures further down the line. Tbr: rmcilroy@chromium.org Bug: v8:6791 Change-Id: Ie45ddebb8aa9e7a30e8b6b74f99916b700e38e4a Reviewed-on: https://chromium-review.googlesource.com/747682 Commit-Queue: Adam Klein <adamk@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#49059}
-
Mathias Bynens authored
Currently, dynamic `import()` throws the following SyntaxError when used without a specifier: > import(); < Uncaught SyntaxError: Unexpected token ) From the error message, it seems this the result of the code snippet being seen as static `import` followed by parens, as opposed to `import()` with no specifier. This patch makes this error message more clear: > import(); < SyntaxError: import() requires a specifier BUG=v8:7020,v8:6513 Change-Id: I3519dfd0029f38d23da858a5499f1d226e794935 Reviewed-on: https://chromium-review.googlesource.com/747141Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Mathias Bynens <mathias@chromium.org> Cr-Commit-Position: refs/heads/master@{#49058}
-
Jakob Kummerow authored
Implicit case-fallthrough strikes again. Bug: v8:6791 Change-Id: Iee6422a67797f8958527507bac538bcdac2ebddc Reviewed-on: https://chromium-review.googlesource.com/747075Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#49057}
-
Jakob Kummerow authored
Objects with both dictionary and non-dictionary maps can store their hash in the {properties} field when they have no other properties. Bug: chromium:778952 Change-Id: I8ac8c31eaac32116415e3c65cef8dee260dca2c9 Reviewed-on: https://chromium-review.googlesource.com/747272Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#49056}
-
Junliang Yan authored
Takes too long on bots to run Bug: Change-Id: Ia99717fe943ff6437497425abd3a3cb9999d7564 Reviewed-on: https://chromium-review.googlesource.com/746533Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#49055}
-
Leszek Swirski authored
When closing untagged template string literals, create a single n-ary addition operation, instead of a tree of binary operations. As a clean-up, this also entirely removes the "second" field from n-ary operations. This was proving to be too confusing an API when building an n-ary operation incrementally from a single expression (rather than converting a binary operation). Bug: v8:6964 Change-Id: I8f2a395d413cf345bab0a1a347b47f412cde83b1 Reviewed-on: https://chromium-review.googlesource.com/739821Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#49054}
-
Adam Klein authored
Also replaced kTrue/kFalse with a kBoolean type, and remove now-unused IsTypeX() methods (leaving ones that are called frequently). Bug: v8:6984 Change-Id: I0cbffc37efaa391981d8dce564051ce43257ed8a Reviewed-on: https://chromium-review.googlesource.com/745023Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#49053}
-
Michael Achenbach authored
Change-Id: I9fbf2b291299d7bdf12e98e8a55f2d56b59807c8 Reviewed-on: https://chromium-review.googlesource.com/746881Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#49052}
-
Michael Achenbach authored
This is a reland of f259ec2d Original change's description: > [build] Include deopt-fuzzer isolates on fuzzer builders > > TBR=sergiyb@chromium.org > NOTRY=true > NOTREECHECKS=true > > Bug: v8:7012 > Change-Id: I1d0b0488cd9b7bf6a30edc0b010f32fb0914ed0b > Reviewed-on: https://chromium-review.googlesource.com/743783 > Commit-Queue: Michael Achenbach <machenbach@chromium.org> > Reviewed-by: Michael Achenbach <machenbach@chromium.org> > Cr-Commit-Position: refs/heads/master@{#49032} TBR=sergiyb@chromium.org Bug: v8:7012 Change-Id: Idbc7126ea0cbc37da1536ca3c0ed03c4ddb7c93d Reviewed-on: https://chromium-review.googlesource.com/746781Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#49051}
-
Mythri authored
We have a check on maximum number of levels that can be inlined. This in some cases causes performance cliffs, when we cannot inline a small function because it has exceeded the number of levels. This cl removes that check. The intuition is that, having gone down several levels in a particular line stopping inlining that chain and exploring a new call site may not be beneficial. This cl also introduces a absolute limit on the number of nodes that can be inlined (including the small functions). Bug: v8:6871, chromium:779509 Change-Id: Id29639ff2fd85b84d8746da3fb78a82d4e9852e8 Reviewed-on: https://chromium-review.googlesource.com/743727Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#49050}
-
Benedikt Meurer authored
This adds support to the KeyedLoadIC to ignore out of bounds accesses for Strings and return undefined instead. We add a dedicated bit to the Smi handler to encode the OOB state and have TurboFan generate appropriate code for that case as well. This is mostly useful when programs accidentially access past the length of a string, which was observed and fixed for example in Babel recently, see https://github.com/babel/babel/pull/6589 for details. The idea is to also extend this mechanism to Arrays and maybe other receivers, as reading beyond the length is also often used in jQuery and other popular libraries. Note that this is considered a mitigation for a performance cliff and not a general optimization of OOB accesses. These should still be avoided and handled properly instead. This seems to further improve the babel test on the web-tooling-benchmark by around 1%, because the OOB access no longer turns the otherwise MONOMORPHIC access into MEGAMORPHIC state. Bug: v8:6936, v8:7014 Change-Id: I9df03304e056d7001a65da8e9621119f8e9bb55b Reviewed-on: https://chromium-review.googlesource.com/744022 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#49049}
-
Mircea Trofin authored
This both simplifies the code, and brings it in-line with what we need for wasm on the native heap. Bug: v8:6876 Change-Id: Ia48aed86ddcd94e85c0aecc053c327dfacb795d6 Reviewed-on: https://chromium-review.googlesource.com/744593 Commit-Queue: Mircea Trofin <mtrofin@chromium.org> Commit-Queue: Brad Nelson <bradnelson@chromium.org> Reviewed-by: Brad Nelson <bradnelson@chromium.org> Cr-Commit-Position: refs/heads/master@{#49048}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/c5d82db..7765787 Rolling v8/buildtools: https://chromium.googlesource.com/chromium/buildtools/+log/e043d81..3275a09 Rolling v8/third_party/android_tools: https://chromium.googlesource.com/android_tools/+log/110e5f6..ca0bd08 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/52d748d..6fd9f08 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: Ib82da8ba88f625e1d64070d69df742a3ec0792ef Reviewed-on: https://chromium-review.googlesource.com/745603Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#49047}
-