- 06 Feb, 2017 10 commits
-
-
mvstanton authored
TypeFeedbackVectors are strongly rooted by a closure. However, in modern JavaScript closures are created and abandoned more freely. An important closure may not be present in the root-set at time of garbage collection, even though we've cached optimized code and use it regularly. For example, consider leaf functions in an event dispatching system. They may well be "hot," but tragically non-present when we collect the heap. Until now, we've relied on a weak root to cache the feedback vector in this case. Since there is no way to signal intent or relative importance, this weak root is as susceptible to clearing as any other weak root at garbage collection time. Meanwhile, the feedback vector has become more important. All of our ICs store their data there. Literal and regex boilerplates are stored there. If we lose the vector, then we not only lose optimized code built from it, we also lose the very feedback which allowed us to create that optimized code. Therefore it's vital to express that dependency through the root set. This CL does this by creating a strong link to a feedback vector at the instantiation site of the function closure. This instantiation site is in the code and feedback vector of the outer closure. BUG=v8:5456 Review-Url: https://codereview.chromium.org/2674593003 Cr-Commit-Position: refs/heads/master@{#42953}
-
Michael Achenbach authored
BUG=v8:5193 NOTRY=true TBR=alph@chromium.org,yangguo@chromium.org Change-Id: I9740f4504c855d9526c7b6b446965996f7c50c0c Reviewed-on: https://chromium-review.googlesource.com/438344 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Hablich <hablich@chromium.org> Cr-Commit-Position: refs/heads/master@{#42952}
-
ishell authored
This CL also removes unused LoadApiGetterStub and renames StoreElementStub to StoreSlowElementStub. BUG=v8:4587 Review-Url: https://codereview.chromium.org/2670863003 Cr-Commit-Position: refs/heads/master@{#42951}
-
jgruber authored
TailCallRuntime currently does not seem to handle adaptor frames correctly. BUG=chromium:688690 Review-Url: https://codereview.chromium.org/2675133003 Cr-Commit-Position: refs/heads/master@{#42950}
-
ishell authored
BUG=v8:5917 Review-Url: https://codereview.chromium.org/2676583002 Cr-Commit-Position: refs/heads/master@{#42949}
-
Michael Achenbach authored
NOTRY=true R=ishell@chromium.org Change-Id: I99dc19f9904b24ba491334e76adb9486697e8a12 Reviewed-on: https://chromium-review.googlesource.com/438324Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#42948}
-
neis authored
- Remove TODO concerning maybe-assigned. For LOOKUP variables, the flag doesn't really matter, so let's just set it to true to avoid confusion. - Simplify a condition. R=adamk@chromium.org BUG= Review-Url: https://codereview.chromium.org/2677653003 Cr-Commit-Position: refs/heads/master@{#42947}
-
hablich authored
R=franzih@chromium.org NOTRY=true Review-Url: https://codereview.chromium.org/2676773004 Cr-Commit-Position: refs/heads/master@{#42946}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/629b322..ab0bc70 Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapult/+log/bffe083..d637de7 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Review-Url: https://codereview.chromium.org/2675183002 Cr-Commit-Position: refs/heads/master@{#42945}
-
caitp authored
Add a simple microbenchmark for calling copyWithin on a moderately large Float64Array with 10,000 elements. BUG=v8:5925, v8:5929, v8:4648 R=cbruni@chromium.org, adamk@chromium.org, littledan@chromium.org Review-Url: https://codereview.chromium.org/2676193002 Cr-Commit-Position: refs/heads/master@{#42944}
-
- 05 Feb, 2017 1 commit
-
-
v8-autoroll authored
Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapult/+log/5e0a1c8..bffe083 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Review-Url: https://codereview.chromium.org/2671183002 Cr-Commit-Position: refs/heads/master@{#42943}
-
- 04 Feb, 2017 6 commits
-
-
kozyatinskiy authored
Revert of [debugger] remove debugger statement support from FCG/CS. (patchset #5 id:80001 of https://codereview.chromium.org/2650193002/ ) Reason for revert: Fails on chromium leak bot: https://uberchromegw.corp.google.com/i/chromium.webkit/builders/WebKit%20Linux%20Trusty%20Leak/builds/2007 Original issue's description: > [debugger] remove debugger statement support from FCG/CS. > > > R=mstarzinger@chromium.org > > Review-Url: https://codereview.chromium.org/2650193002 > Cr-Commit-Position: refs/heads/master@{#42892} > Committed: https://chromium.googlesource.com/v8/v8/+/eef855a1dc956e9db03ec09abca1d732d379861b TBR=mstarzinger@chromium.org,yangguo@chromium.org # Not skipping CQ checks because original CL landed more than 1 days ago. Review-Url: https://codereview.chromium.org/2672823007 Cr-Commit-Position: refs/heads/master@{#42942}
-
franzih authored
The property details of a LookupIterator are not accessible, if the iterator state is interceptor. Instead, use the property attributes. Fixes a crash in Node.js tests in Debug mode, see https://github.com/nodejs/node/commit/c2c6ae52eaf302da9c106699b69d17c083ced316 BUG= Review-Url: https://codereview.chromium.org/2675993002 Cr-Commit-Position: refs/heads/master@{#42941}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/d4321a9..629b322 Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapult/+log/53604dd..5e0a1c8 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/88069f4..426ef62 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Review-Url: https://codereview.chromium.org/2677613006 Cr-Commit-Position: refs/heads/master@{#42940}
-
kozyatinskiy authored
Blink uses access checks to be sure that objects from one context doesn't access objects in another. Heap profiler uses current context to call this checks, we need to be sure that current context is empty to allow heap profiler collect all objects without crash. BUG=chromium:661223 R=alph@chromium.org,ulan@chromium.org Review-Url: https://codereview.chromium.org/2669393002 Cr-Commit-Position: refs/heads/master@{#42939}
-
binji authored
BUG=687196 R=jbroman@chromium.org Review-Url: https://codereview.chromium.org/2674613002 Cr-Commit-Position: refs/heads/master@{#42938}
-
binji authored
BUG=686338 R=cbruni@chromium.org,jbroman@chromium.org Review-Url: https://codereview.chromium.org/2662193002 Cr-Commit-Position: refs/heads/master@{#42937}
-
- 03 Feb, 2017 23 commits
-
-
lukasza authored
This is needed to insulate generated code from blink::protocol namespace from naming changes that we plan to do in the Great Blink Rename (which in particular will rename wtf::StringBuilder::find method into Find). This CL also includes roll of inspector_protocol which starts to generate code that uses the new StringUtil::find adapter method: rolling third_party/inspector to 1a7cbe8ba8fa0d622586f549a97c73d9b52efbea BUG=683447 Review-Url: https://codereview.chromium.org/2675763003 Cr-Commit-Position: refs/heads/master@{#42936}
-
kozyatinskiy authored
BUG=v8:1569 R=dgozman@chromium.org,alph@chromium.org Review-Url: https://codereview.chromium.org/2669713002 Cr-Commit-Position: refs/heads/master@{#42935}
-
bmeurer authored
The JumpIfFalse and JumpIfTrue bytecodes test the accumulator, and branch based on whether the accumulator is true or false (no other value allowed, and in fact TurboFan would blow up if you would pass anything else, since Branch operator can only deal with Boolean). So for either branch we know exactly the value of the accumulator, and we can update the environment to this constant value instead. This helps to avoid the useless bit materialization that currently happens when || or && is being used in a value context. CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_win64_dbg R=jarin@chromium.org BUG=v8:5267 Review-Url: https://codereview.chromium.org/2666283002 Cr-Original-Commit-Position: refs/heads/master@{#42843} Committed: https://chromium.googlesource.com/v8/v8/+/158ac9287193f315342ad31c38fe451620d176eb Review-Url: https://codereview.chromium.org/2666283002 Cr-Commit-Position: refs/heads/master@{#42934}
-
sampsong authored
BUG= R=jyan@ca.ibm.com, joransiu@ca.ibm.com, bjaideep@ca.ibm.com Review-Url: https://codereview.chromium.org/2667353005 Cr-Commit-Position: refs/heads/master@{#42933}
-
Michael Achenbach authored
With the old logic, a suppression shows up in the statistics independent if the test cases caused a difference or not. This doesn't give a signal if a suppression is useful. The new logic will help cleaning up suppressions that never apply. BUG=chromium:673246 NOTRY=true R=tandrii@chromium.org TBR=mstarzinger@chromium.org,jarin@chromium.org Change-Id: Iaebdac475f408f7d2649a34ccaa580c8d91e34a5 Reviewed-on: https://chromium-review.googlesource.com/437264Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Andrii Shyshkalov <tandrii@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#42932}
-
Michael Achenbach authored
BUG=chromium:673246,chromium:688307 NOTRY=true R=tandrii@chromium.org TBR=mstarzinger@chromium.org Change-Id: I269032497cf574cf5180762e37b0fee1002a6c76 Reviewed-on: https://chromium-review.googlesource.com/437244Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Andrii Shyshkalov <tandrii@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#42931}
-
machenbach authored
BUG=chromium:673246 NOTRY=true TBR=mstarzinger,jarin Review-Url: https://codereview.chromium.org/2669263005 Cr-Commit-Position: refs/heads/master@{#42930}
-
petermarshall authored
BUG=v8:5922 Review-Url: https://codereview.chromium.org/2669223002 Cr-Commit-Position: refs/heads/master@{#42929}
-
bmeurer authored
We cannot optimize global proxy access unless deoptimization is enabled. BUG=chromium:687990 R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2675793002 Cr-Commit-Position: refs/heads/master@{#42928}
-
jarin authored
Revert of Removes uint8_t from MachineRepresentation and MachineSemantic enums. (patchset #1 id:1 of https://codereview.chromium.org/2669113003/ ) Reason for revert: Breaks bunch Wasm tests on Win64 (e.g., cctest/test-run-wasm/RunWasmCompiled_CallIndirect_EmptyTable). Original issue's description: > Removes uint8_t from MachineRepresentation and MachineSemantic enums. > > This works around a compiler bug that leads to incorrect masking of > the semantic_ field in TruncatingUseInfoFromRepresentation. > > Patch from bulach@google.com > > BUG= > > Review-Url: https://codereview.chromium.org/2669113003 > Cr-Commit-Position: refs/heads/master@{#42925} > Committed: https://chromium.googlesource.com/v8/v8/+/8c7fc377fd5c03e30cbf767cd22aba59178e0143 TBR=bulach@google.com,bmeurer@chromium.org,ulan@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG= Review-Url: https://codereview.chromium.org/2669213006 Cr-Commit-Position: refs/heads/master@{#42927}
-
danno authored
BUG=v8:5269, v8:1956 LOG=N R=bmeurer@chromium.org Review-Url: https://codereview.chromium.org/2663033003 Cr-Commit-Position: refs/heads/master@{#42926}
-
ulan authored
This works around a compiler bug that leads to incorrect masking of the semantic_ field in TruncatingUseInfoFromRepresentation. Patch from bulach@google.com BUG= Review-Url: https://codereview.chromium.org/2669113003 Cr-Commit-Position: refs/heads/master@{#42925}
-
jarin authored
Before this change, we attributed samples for the top-most interpreter frame to the second-topmost frame if we were in a bytecode handler with elided frame. With this change we try to detect that we are in a handler without a frame. If we are, we do not drop the topmost frame. For example, consider the program function inner() { var s = 0; for (var i = 0; i < 100000; i++) { s += i * i; } return s; } function trivial() { return inner(); } for (var i = 0; i < 2000; i++) { trivial(); } Before this change, d8 --prof --ignition --nocrankshaft and linux-tick-processor would produce: [JavaScript]: ticks total nonlib name 4885 83.4% 83.5% Function: ~trivial a.js:15:17 759 13.0% 13.0% Function: ~inner a.js:7:15 After this change, we get [JavaScript]: ticks total nonlib name 5486 95.9% 96.2% Function: ~inner a.js:7:15 4 0.1% 0.1% Function: ~trivial a.js:15:17 Review-Url: https://codereview.chromium.org/2667253004 Cr-Original-Commit-Position: refs/heads/master@{#42894} Committed: https://chromium.googlesource.com/v8/v8/+/d07f6540c1f9628ed2ba1fa6507c90db07ccc5f5 Review-Url: https://codereview.chromium.org/2667253004 Cr-Commit-Position: refs/heads/master@{#42924}
-
jgruber authored
The StringIndexOf stub does the same thing but better (it uses memchr instead of a manual loop). Review-Url: https://codereview.chromium.org/2667963002 Cr-Commit-Position: refs/heads/master@{#42923}
-
yangguo authored
R=jgruber@chromium.org BUG=v8:5902 Review-Url: https://codereview.chromium.org/2669423002 Cr-Commit-Position: refs/heads/master@{#42922}
-
jarin authored
Review-Url: https://codereview.chromium.org/2670183004 Cr-Commit-Position: refs/heads/master@{#42921}
-
ahaas authored
R=titzer@chromium.org Review-Url: https://codereview.chromium.org/2669753002 Cr-Commit-Position: refs/heads/master@{#42920}
-
jgruber authored
This adds helper stubs for RegExp split and replace operations, called directly by both RegExpPrototype{Replace,Split} and StringPrototype{Replace,Split}. BUG= Review-Url: https://codereview.chromium.org/2668703002 Cr-Commit-Position: refs/heads/master@{#42919}
-
mstarzinger authored
This runs the existing checkpoint elimination during the "inlining" optimization phase. It will eliminate redundant checkpoint nodes and hence reduce graph size earlier. After this change the reducer in question runs during {InliningPhase} as well as {TypedLoweringPhase}. R=bmeurer@chromium.org Review-Url: https://codereview.chromium.org/2670763003 Cr-Commit-Position: refs/heads/master@{#42918}
-
ahaas authored
Apparently it happens quite easily that different NaNs are produced in the interpreter than in the execution of the compiled code. This non-determinism caused problems for the fuzzer which compares the equality of the results of the interpreter and the compiled code. I decided therefore to refactor the detection of non-determinism in the interpreter. Instead of tracking whether potentially non-deterministic NaNs were produced, I track now whether potentially non-deterministic NaNs could have been observed. The only way the NaN non-determinism can be observed is by observing the non-deterministic bit pattern of the NaN. AFAICT the only way to observe the bit pattern is with a I(32|64)_REINTERPRET_F(32|64) instruction or with a F(32|64)_STORE followed by a load. Therefore I flag an execution as potentially non-deterministic when either a NaN is reinterpreted to an int, or when a NaN is stored to memory. R=titzer@chromium.org, eholk@chromium.org BUG=682180 Review-Url: https://codereview.chromium.org/2671803002 Cr-Commit-Position: refs/heads/master@{#42917}
-
tebbi authored
R=jarin@chromium.org BUG= Review-Url: https://codereview.chromium.org/2664423003 Cr-Commit-Position: refs/heads/master@{#42916}
-
Andreas Haas authored
The wasm module we generate for the test case actually has an initial memory size of 16. In the mjsunit test we generate, however, we set the initial memory size to 32. This CL changes the initial memory size in the mjsunit test now to 16. R=eholk@chromium.org Change-Id: I5d3a30a97c3b0ba3105a8cf17d4c088a8fb9c8b7 Reviewed-on: https://chromium-review.googlesource.com/436544 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#42915}
-
mstarzinger authored
By now the effect-control linearizer correctly determines the dominating checkpoint, even for cases that contain effect-flow. We can elide the temporary checkpoints during lowering of property loads and stores that involve a sequence of map-checks. R=bmeurer@chromium.org Review-Url: https://codereview.chromium.org/2677483002 Cr-Commit-Position: refs/heads/master@{#42914}
-