- 13 Aug, 2019 1 commit
-
-
Milad Farazmand authored
Port 5b2ab2f6 Original Commit Message: Now that all uses of LoadStackPointer have been removed, this CL cleans up related code: - Removed LoadStackPointer. - Removed ArchStackPointer. - Removed IA32StackCheck. - Removed X64StackCheck. - Removed StackCheckMatcher. All stack checks now follow a simple path without matchers or special register constraints: they load the limit and pass it to StackPointerGreaterThan, which is finally handled by code generation. R=jgruber@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: I68a66054dc1422e7fc0598ef4d112a031ba94cc1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1750223Reviewed-by: Milad Farazmand <miladfar@ca.ibm.com> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#63184}
-
- 12 Aug, 2019 1 commit
-
-
Milad Farazmand authored
Port 0aa204fe Original Commit Message: This CL unifies how stack checks are handled in the Turbofan pipeline across architectures, in preparation for properly handling stack overflows caused by deoptimization in follow-up work. It will also open up possibilities to simplify related logic. How this used to work: JSStackCheck was lowered to a UintLessThan with the stack pointer (sp) and stack limit as inputs. On x64 and ia32, this node pattern was later recognized during instruction selection and rewritten to dedicated operators. On other platforms, including arm and arm64, special logic exists to avoid useless register-to-register moves when accessing the sp. This CL introduces a new StackPointerGreaterThan operator, which takes the stack limit as its sole input. This is what JSStackCheck now lowers to. This is threaded through to code generation, where we emit the appropriate code (in the future, we will apply an additional offset to the sp here). In follow-up CLs, we can remove or replace remaining uses of LoadStackPointer in CSA, Wasm, and the interpreter; and then remove the LoadStackPointer operator, related node matchers, related register constraints, and the pseudo-smi stack limit roots. R=jgruber@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: I175c110d30190bb543001b6fa77cd65cf22e5874 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1748002Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#63167}
-
- 05 Aug, 2019 1 commit
-
-
Milad Farazmand authored
Port ae60ea7e Original Commit Message: The mode without write barriers works only if incremental marking is disabled and the single generation mode is enabled. R=wangrong089@gmail.com, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: If2eb047bed41b92a0366c1401d0acf069257b650 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1733730Reviewed-by: Milad Farazmand <miladfar@ca.ibm.com> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#63080}
-
- 01 Aug, 2019 1 commit
-
-
Rong Wang authored
The mode without write barriers works only if incremental marking is disabled and the single generation mode is enabled. Bug: v8:9533 Change-Id: Iecf83b0810f757c9b50e7fb338a2905af938f1d8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1716471 Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#63033}
-
- 22 Jul, 2019 1 commit
-
-
Milad Farazmand authored
Port 4ca8b4dd Original Commit Message: This adds decoding and compilation of the "atomic.fence" operator, which is intended to preserve the synchronization guarantees of higher-level languages. Unlike other atomic operators, it does not target a particular linear memory. It may occur in modules which declare no memory, or a non-shared memory, without causing a validation error. See proposal: https://github.com/WebAssembly/threads/pull/141 See discussion: https://github.com/WebAssembly/threads/issues/140 R=mstarzinger@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG=v8:9452 LOG=N Change-Id: Ib8ad24e65154d7555a47e537f81110be47f4d4de Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710620 Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com> Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#62850}
-
- 11 Jul, 2019 2 commits
-
-
Clemens Hammacher authored
This removes the last remaining use of the AbortJS opcode. We now use AbortCSAAssert instead, which is not influenced by the --disable-abortjs flag. The AbortJS runtime function should only be called from JS now. R=mstarzinger@chromium.org Bug: v8:9396 Change-Id: I791da99594f9e1e99991ac8b03e943297d7d41e3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1695476 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#62633}
-
Clemens Hammacher authored
The existing AbortJS runtime function can be disabled via --disable-abortjs (which the fuzzers use), but we never want to disable CSA assertions. Hence use a separate runtime function for those. This will also reduce the size of generated strings, since the "CSA_ASSERT failed: " prefix is not part of those strings any more. As a drive-by, this renames all occurences of "DebugAbort" to "AbortJS" to be consistent in that name. R=mstarzinger@chromium.org, tebbi@chromium.org Bug: v8:9453 Change-Id: I52e48032a1d58f296f0364fe8d917e45a2603a2c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692921 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#62622}
-
- 08 Jul, 2019 1 commit
-
-
Clemens Hammacher authored
Cpplint usually checks for non-const reference arguments. They are forbidden in the style guide, and v8 does not explicitly make an exception here. This CL re-enables that warning, and fixes all current violations by adding an explicit "NOLINT(runtime/references)" comment. In follow-up CLs, we should aim to remove as many of them as possible. TBR=mlippautz@chromium.org Bug: v8:9429 Change-Id: If7054d0b366138b731972ed5d4e304b5ac8423bb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1687891Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#62551}
-
- 22 May, 2019 1 commit
-
-
Yang Guo authored
Bug: v8:9247 Change-Id: I79e0553e8a0d6dac2aa16b94a6c0e05b6ccde4a1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1621934 Commit-Queue: Yang Guo <yangguo@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#61725}
-
- 29 Mar, 2019 1 commit
-
-
Clemens Hammacher authored
Even though both are allowed in the style guide, it recommends to use 'using', as its syntax is more consistent with the rest of C++. This CL turns all typedefs in compiler code to 'using' declarations. R=mstarzinger@chromium.org Bug: v8:8834 Change-Id: I3baf3ecbfe2c853cb17bb479ebbf140382193b5c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1545896 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#60527}
-
- 22 Mar, 2019 1 commit
-
-
Milad Farazmand authored
Change-Id: I290ea07e4f6c66d04ee0daa04ac78a47d9f4432e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1535519Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Reviewed-by: Milad Farazmand <miladfar@ca.ibm.com> Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#60410}
-
- 14 Mar, 2019 1 commit
-
-
Sigurd Schneider authored
Change-Id: Ib9f423439f418be5ef15e2a65b9118f8f234cb5b Bug: v8:8834 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1524201Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#60244}
-
- 13 Mar, 2019 1 commit
-
-
Santiago Aboy Solanes authored
Bug: v8:8977 Change-Id: I3bf6606d9db2369f5d82c71c5f58f6cf0c34bc0d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1520712 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Auto-Submit: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#60220}
-
- 08 Mar, 2019 1 commit
-
-
Clemens Hammacher authored
It's not being used, and causes compile errors on windows because of a name clash (see referenced bugs). R=mstarzinger@chromium.org CC=tebbi@chromium.org, jarin@chromium.org Bug: v8:8953 Change-Id: I22dcdbcbe92f92c390a2f2cdd289dda7f7dc4eb1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1505794Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#60117}
-
- 05 Mar, 2019 1 commit
-
-
Junliang Yan authored
Port 9c7b6e1e Original Commit Message: This is the implementation of crrev.com/c/766371 for arm. Original description: Add the ability to return (multiple) return values on the stack: - Extend stack frames with a new buffer region for return slots. This region is located at the end of a caller's frame such that its slots can be indexed as caller frame slots in a callee (located beyond its parameters) and assigned return values. - Adjust stack frame constructon and deconstruction accordingly. - Extend linkage computation to support register plus stack returns. - Reserve return slots in caller frame when respective calls occur. - Introduce and generate architecture instructions ('peek') for reading back results from return slots in the caller. - Aggressive tests. - Some minor clean-up. R=ahaas@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com, miladfar@ca.ibm.com BUG= LOG=N Change-Id: I83df1af8c49f6d6c5b529db599fce61a1da2490d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1496549Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#60032}
-
- 13 Feb, 2019 1 commit
-
-
Junliang Yan authored
Bug: chromium:926235 Change-Id: I7af37f574c03439da34afc86cc8e6f49c3781579 Reviewed-on: https://chromium-review.googlesource.com/c/1470810 Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Reviewed-by: Milad Farazmand <miladfar@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#59574}
-
- 11 Jan, 2019 1 commit
-
-
Junliang Yan authored
Change-Id: I060905ed0954365e64c45f7bac53909256f35c0c Reviewed-on: https://chromium-review.googlesource.com/c/1405910Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#58747}
-
- 07 Dec, 2018 1 commit
-
-
Igor Sheludko authored
Bug: v8:8477, v8:8238 Change-Id: I8170911d27b605a5befe959af16212c870104a2b Reviewed-on: https://chromium-review.googlesource.com/c/1366735Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#58087}
-
- 12 Nov, 2018 1 commit
-
-
Ben L. Titzer authored
This CL splits the backend of TurboFan off into its own directory, without changing namespaces. This makes ownership management a bit more fine-grained with a logical separation. R=mstarzinger@chromium.org,jarin@chromium.org,adamk@chromium.org Change-Id: I2ac40d6ca2c4f04b8474b630aae0286ecf79ef42 Reviewed-on: https://chromium-review.googlesource.com/c/1308333 Commit-Queue: Ben Titzer <titzer@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#57437}
-
- 07 Nov, 2018 1 commit
-
-
Junliang Yan authored
Port 4f6ba385 Original Commit Message: This is a reland of de88bfb2 Original change's description: > [wasm-simd] Implement remaining I8x16 SIMD ops on x64 > > - Implementation for I8x16 Shifts, and Mul > - Fix convert bug > - Enable all tests except for shuffle tests > > Change-Id: Id1a469d2883c30ea782c51d21dc462d211f94420 > Reviewed-on: https://chromium-review.googlesource.com/c/1318609 > Reviewed-by: Bill Budge <bbudge@chromium.org> > Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> > Cr-Commit-Position: refs/heads/master@{#57254} R=gdeepti@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: I18980c8844a3e859b4ca3f2181de9f337bfb9698 Reviewed-on: https://chromium-review.googlesource.com/c/1324269Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#57333}
-
- 30 Oct, 2018 1 commit
-
-
Junliang Yan authored
Port 15c31fe4 Original Commit Message: This introduces Word64 support for the CheckBounds operator, which now lowers to either CheckedUint32Bounds or CheckedUint64Bounds after the representation selection. The right hand side of CheckBounds can now be any positive safe integer on 64-bit architectures, whereas it remains Unsigned31 for 32-bit architectures. We only use the extended Word64 support when the right hand side is outside the Unsigned31 range, so for everything except DataViews this means that the performance should remain the same. The typing rule for the CheckBounds operator was updated to reflect this new behavior. The CheckBounds with a right hand side outside the Unsigned31 range will pass a new Signed64 feedback kind, which is handled with newly introduced CheckedFloat64ToInt64 and CheckedTaggedToInt64 operators in representation selection. The JSCallReducer lowering for DataView getType()/setType() methods was updated to not smi-check the [[ByteLength]] and [[ByteOffset]] anymore, but instead just use the raw uintptr_t values and operate on any value (for 64-bit architectures these fields can hold any positive safe integer, for 32-bit architectures it's limited to Unsigned31 range as before). This means that V8 can now handle huge DataViews fully, without falling off a performance cliff. This refactoring even gave us some performance improvements, on a simple micro-benchmark just exercising different DataView accesses we go from testDataViewGetUint8: 796 ms. testDataViewGetUint16: 997 ms. testDataViewGetInt32: 994 ms. testDataViewGetFloat64: 997 ms. to testDataViewGetUint8: 895 ms. testDataViewGetUint16: 889 ms. testDataViewGetInt32: 888 ms. testDataViewGetFloat64: 890 ms. meaning we lost around 10% on the single byte case, but gained 10% across the board for all the other element sizes. R=bmeurer@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: Ia86089ca9ccc75405aa13600b031c72bac0279dd Reviewed-on: https://chromium-review.googlesource.com/c/1305035Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#57152}
-
- 10 Oct, 2018 1 commit
-
-
andrew-cc-chen authored
and load Change-Id: I710e82b2c2e0f4802d0efb11875a37b186828350 Reviewed-on: https://chromium-review.googlesource.com/c/1263828Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#56544}
-
- 03 Oct, 2018 1 commit
-
-
Junliang Yan authored
In C to WASM stubs, when number of parameters is more than 5, or anything requires stack arguments, current linkage is faulty because of missing STACK_SHADOW_WORDS Drive-by: Also cleanup s390 code which is not supported anymore. R=joransiu@ca.ibm.com Change-Id: I7405c32fd94e158e6868f9ce7d4390c995078dbb Reviewed-on: https://chromium-review.googlesource.com/c/1257269Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#56352}
-
- 02 Oct, 2018 1 commit
-
-
andrew-cc-chen authored
Change-Id: I7591ccc55405a2fbd258bf28d53cd40a4bddf2c2 Reviewed-on: https://chromium-review.googlesource.com/1255102Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#56344}
-
- 01 Oct, 2018 1 commit
-
-
andrew-cc-chen authored
R=jyan@ca.ibm.com Change-Id: Ib60ccc5f78af73afe3212c480aa2bd82f38d2678 Reviewed-on: https://chromium-review.googlesource.com/1255543Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#56327}
-
- 17 Sep, 2018 2 commits
-
-
Junliang Yan authored
Port 0c296cb2 Original Commit Message: This change introduces the necessary conversion operators to convert from Word64 to other representations (Tagged, Word32, Float64, etc.), and plugs in the Word64 representation for NumberAdd/NumberSubtract, such that TurboFan will go to Int64Add/Sub on 64-bit architectures when the inputs and the output of the operation is in safe integer range. This includes the necessary changes to the Deoptimizer to be able to rematerialize Int64 values as Smi/HeapNumber when going back to Ignition later. This change might affect performance, although measurements indicate that there should be no noticable performance impact. The goal is to have TurboFan support Word64 representation to a degree that changing the TypedArray length to an uint64_t (for 64-bit archs) becomes viable and doesn't have any negative performance implications. Independent of that we might get performance improvements in other areas such as for crypto code later. R=bmeurer@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: I2119f156c4ddf942ea09ff8ed52e1c6cb32477f2 Reviewed-on: https://chromium-review.googlesource.com/1228634Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#55971}
-
Junliang Yan authored
Port 6346cdb6 Original Commit Message: This adds support to TurboFan's representation selection for the Word64 representation, and makes use of that to handle indices for memory access and allocation instructions (i.e. LoadElement, StoreElement, Allocate, etc.). These instructions had previously used Word32 as representation for the indices / sizes, and then internally converted it to the correct representation (aka Word64 on 64-bit architectures) later on, but that was kind of brittle, and sometimes led to weird generated code. The change thus only adds support to convert integer values in the safe integer range from all kinds of representations to Word64 (on 64-bit architectures). We don't yet handle the opposite direction and none of the representation selection heuristics for the numeric operations were changed so far. This will be done in follow-up CLs. This CL itself is supposed to be neutral wrt. functionality, and only serves as a starting point, and a cleanup for the (weird) implicit Word64 index/size handling. R=bmeurer@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: Ic7ea30639dea3c5f8a59e7100a15d5ed50073c20 Reviewed-on: https://chromium-review.googlesource.com/1228416Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#55970}
-
- 15 Aug, 2018 1 commit
-
-
Junliang Yan authored
R=joransiu@ca.ibm.com Change-Id: I9a2cf0f3e4a33dc4b86c83acfefcd27968bbcdb4 Reviewed-on: https://chromium-review.googlesource.com/1176424Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#55143}
-
- 14 Aug, 2018 1 commit
-
-
Junliang Yan authored
Port 5fecd146 Original Commit Message: This adds support for unaligned load/store access to the DataView backing store and uses byteswap operations to fix up the endianess when necessary. This changes the Word32ReverseBytes operator to be a required operator and adds the missing support on the Intel and ARM platforms (on 64-bit platforms the Word64ReverseBytes operator is also mandatory now). This further improves the performance on the dataviewperf.js test mentioned in the tracking bug by up to 40%, and at the same time reduces the code complexity in the EffectControlLinearizer. R=bmeurer@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: Ia9aad21713a2ad76ce3ef2b816fc20e9a27fe4c9 Reviewed-on: https://chromium-review.googlesource.com/1174936Reviewed-by: John Barboza <jbarboza@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#55132}
-
- 27 Jul, 2018 1 commit
-
-
Deepti Gandluri authored
Functions/variables for some atomic memory operators use type, representation interchangeably. Fix to make it consistent. Bug: v8:7754, v8:6532 Change-Id: I16ae35b72728739aee4bc67287317c2fd4a9088a Reviewed-on: https://chromium-review.googlesource.com/1152462Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/master@{#54763}
-
- 19 Jun, 2018 1 commit
-
-
Tobias Tebbi authored
Bug: chromium:849098 Change-Id: Iec81d08cf6edb6040445650cadf802a34b65b8e1 Reviewed-on: https://chromium-review.googlesource.com/1092749 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#53843}
-
- 14 May, 2018 2 commits
-
-
Junliang Yan authored
Port 5dfe23a4 Original Commit Message: When encountering a LoadStackPointer input to a comparison, generate a register LocationOperand that points to the stack pointer. This can avoid unnecessary spilling of the stack pointer. R=georgia.kouveli@arm.com, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: Ie3fecf70f78c234fefad86fec74820a61f3d227b Reviewed-on: https://chromium-review.googlesource.com/1057965Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#53167}
-
Vasili Skurydzin authored
Implement atomic compare exchange and atomic bin OPs for PPC and s390 Change-Id: I8f89a0ebb912082c4c1e6b9a3daf64f28c114010 Reviewed-on: https://chromium-review.googlesource.com/1013861Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#53165}
-
- 30 Apr, 2018 1 commit
-
-
Jaroslav Sevcik authored
The idea is to mark all the branches and loads participating in array bounds checks, and let them contribute-to/use the poisoning register. In the code, the marks for array indexing operations now contain "Critical" in their name. By default (--untrusted-code-mitigations), we only instrument the "critical" operations with poisoning. With that in place, we also remove the array masking approach based on arithmetic. Since we do not propagate the poison through function calls, we introduce a node for poisoning an index that is passed through function call - the typical example is the bounds-checked index that is passed to the CharCodeAt builtin. Most of the code in this CL is threads through the three levels of protection (safe, critical, unsafe) for loads, branches and flags. Bug: chromium:798964 Change-Id: Ief68e2329528277b3ba9156115b2a6dcc540d52b Reviewed-on: https://chromium-review.googlesource.com/995413 Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#52883}
-
- 10 Apr, 2018 1 commit
-
-
Junliang Yan authored
R=joransiu@ca.ibm.com Change-Id: I995c7ea23899a00a92b350cbd1878c41d56760c2 Reviewed-on: https://chromium-review.googlesource.com/1005279Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#52529}
-
- 29 Mar, 2018 1 commit
-
-
Junliang Yan authored
Port f0f22341 Original Commit Message: Add Rcpps and Rsqrtps macros. Rename SIMD_UNOP macros. R=jing.bao@intel.com, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: I269f553353827a2f36271cdc27c336438cb6488b Reviewed-on: https://chromium-review.googlesource.com/986279Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#52304}
-
- 28 Mar, 2018 1 commit
-
-
Junliang Yan authored
R=joransiu@ca.ibm.com Change-Id: I066b6d14694393cae43285a71bfc6aff91418505 Reviewed-on: https://chromium-review.googlesource.com/984593Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#52287}
-
- 27 Mar, 2018 1 commit
-
-
Tobias Tebbi authored
This CL changes the poisoning in the interpreter to use the infrastructure used in the JIT. This does not change the original flag semantics: --branch-load-poisoning enables JIT mitigations as before. --untrusted-code-mitigation enables the interpreter mitigations (now realized using the compiler back-end), but does not enable the back-end based mitigations for the Javascript JIT. So in effect --untrusted-code-mitigation makes the CSA pipeline for bytecode handlers use the same mechanics (including changed register allocation) that --branch-load-poisoning enables for the JIT. Bug: chromium:798964 Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel Change-Id: If7f6852ae44e32e6e0ad508e9237f24dec7e5b27 Reviewed-on: https://chromium-review.googlesource.com/928881Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#52243}
-
- 15 Mar, 2018 1 commit
-
-
Vasili Skurydzin authored
Port ab9ac994 Original Commit Message: We can reduce boilerplate if we pass the continuation to some InstructionSelector::Emit.* methods. R=mvstanton@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: Ia9ddd0dcf5d6115ee9f8c35e1b05c10f9f0c4b39 Reviewed-on: https://chromium-review.googlesource.com/959441 Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#51948}
-
- 05 Mar, 2018 1 commit
-
-
Sigurd Schneider authored
This also introduces FrameStateInfoOf helper. Bug: v8:7517, v8:7310 Change-Id: If2dd1257fb9384fe957a980077a65154cc014d3b Reviewed-on: https://chromium-review.googlesource.com/946009 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#51718}
-