Skip to content

V
V8
Switch branch/tag
  1. 30 Nov, 2017 1 commit
  3. 29 Nov, 2017 2 commits
    • Michael Achenbach's avatar
      Revert "[cleanup] Harden the SubString CSA/Runtime implementations." · c0a4680d
      Michael Achenbach authored 
      This reverts commit 99cb4d35.

Reason for revert:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap%20-%20debug/builds/16445

Original change's description:
> [cleanup] Harden the SubString CSA/Runtime implementations.
> 
> Remove the self-healing for invalid parameters in the
> CodeStubAssembler::SubString helper and the %SubString runtime function,
> which is used as a fallback for the CodeStubAssembler implementation.
> All call sites must do appropriate parameter validation anyways now that
> the self-hosted JavaScript builtins using these helpers are gone, and we
> have proper contracts with the uses.
> 
> Also remove the context parameter from the CodeStubAssembler::SubString
> method, which is unnecessary, since this can no longer throw an
> exception.
> 
> Bug: v8:5269, v8:6936, v8:7109, v8:7137
> Change-Id: I19d93bad5f41faa0561c4561a48f78fcba99a549
> Reviewed-on: https://chromium-review.googlesource.com/795720
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49702}

TBR=jgruber@chromium.org,bmeurer@chromium.org

Change-Id: I2900b5f087e78f1d321724f03bd063a5ff094183
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:5269, v8:6936, v8:7109, v8:7137
Reviewed-on: https://chromium-review.googlesource.com/796150Reviewed-by: 's avatarMichael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49703}
      c0a4680d
    • Benedikt Meurer's avatar
      [cleanup] Harden the SubString CSA/Runtime implementations. · 99cb4d35
      Benedikt Meurer authored 
      Remove the self-healing for invalid parameters in the
CodeStubAssembler::SubString helper and the %SubString runtime function,
which is used as a fallback for the CodeStubAssembler implementation.
All call sites must do appropriate parameter validation anyways now that
the self-hosted JavaScript builtins using these helpers are gone, and we
have proper contracts with the uses.

Also remove the context parameter from the CodeStubAssembler::SubString
method, which is unnecessary, since this can no longer throw an
exception.

Bug: v8:5269, v8:6936, v8:7109, v8:7137
Change-Id: I19d93bad5f41faa0561c4561a48f78fcba99a549
Reviewed-on: https://chromium-review.googlesource.com/795720Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49702}
      99cb4d35
  5. 28 Nov, 2017 1 commit
  7. 27 Nov, 2017 1 commit
  9. 23 Nov, 2017 2 commits
  11. 22 Nov, 2017 2 commits
  13. 21 Nov, 2017 1 commit
  15. 20 Nov, 2017 3 commits
  17. 17 Nov, 2017 1 commit
    • Ulan Degenbaev's avatar
      [runtime] Make layout descriptor helper safe for concurrent marking. · 61bf2cc6
      Ulan Degenbaev authored 
      The layout descriptor helper computes the object header size using
map->instance_size() and map->GetInObjectProperties().

It races with finalization of slack tracking, which changes both
the instance size and the in-object properties count.

This patch replaces the in-object properties count byte in the map
with the byte that stores the start offset of in-object properties.

The new byte can be used in the layout descriptor to compute the
object header size and it is immutable.

This patch also renames InstanceSize to InstanceSizeInWords where
the instance size is represented in words.

Bug: chromium:786069, chromium:694255
Change-Id: I4b48c6944d3fe8a950bd7b0ba43d75216b177a78
Reviewed-on: https://chromium-review.googlesource.com/776720
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49461}
      61bf2cc6
  19. 15 Nov, 2017 3 commits
  21. 14 Nov, 2017 2 commits
  23. 13 Nov, 2017 2 commits
  25. 07 Nov, 2017 2 commits
  27. 06 Nov, 2017 2 commits
  29. 03 Nov, 2017 1 commit
    • Benedikt Meurer's avatar
      [turbofan] Generalized OOB support for KeyedLoadIC. · b7168573
      Benedikt Meurer authored 
      This extends the support in TurboFan and the ICs for OOB loads to also
apply to typed arrays and receivers whose prototype chain is protected
by the "no elements" protector (aka the Array protector). TurboFan will
generate code to materialize undefined instead when it sees a load that
has the OOB bit set and add an appropriate code dependency on the global
protector. For typed arrays it doesn't even need to check the global
protector since elements are never looked up in the prototype chain
for typed arrays.

In the simple micro-benchmark from the bug we go from

  testInBounds: 103 ms.
  testOutOfBounds: 289 ms.

to

  testInBounds: 103 ms.
  testOutOfBounds: 102 ms.

which fixes the 3x slowdown and thus addresses the performance cliff. In
general it's still beneficial to make sure that you don't access out of
bounds, especially once we introduce a bounds check elimination pass to
TurboFan.

This also seems to improve the jQuery benchmark on the Speedometer test
suite by like 1-2% on average. And the SixSpeed rest benchmarks go from

  rest-es5: 25 ms.
  rest-es6: 23 ms.

to

  rest-es5: 6 ms.
  rest-es6: 4 ms.

so a solid 5.7x improvement there.

Bug: v8:6936, v8:7014, v8:7027
Change-Id: Ie99699c69cc40057512e72fd40ae28107216c423
Reviewed-on: https://chromium-review.googlesource.com/750089
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49095}
      b7168573
  31. 02 Nov, 2017 3 commits
    • Yang Guo's avatar
      Perform stack check on Proxy call trap. · 1e77461d
      Yang Guo authored 
      Proxy's call trap can be used to cause recursion.

R=bmeurer@chromium.org, tebbi@chromium.org

Bug: chromium:779344
Change-Id: I19c989f618f7230028ebe18c3415bc3f4bd72b93
Reviewed-on: https://chromium-review.googlesource.com/743782Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49069}
      1e77461d
    • Benedikt Meurer's avatar
      Reintroduce compile-time --string-slices flag. · 781f7685
      Benedikt Meurer authored 
      This partially reverts commit aaebbbaa,
which removed the --string-slices flag. We reintroduce the flag as a
build time flag for an experiment to gather information of how much
SliceStrings help with throughput and effective memory use.

Bug: v8:7025
Change-Id: I529da91bb7501fe93d83891abf560710f3ecb9d0
Reviewed-on: https://chromium-review.googlesource.com/750681Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49068}
      781f7685
    • Benedikt Meurer's avatar
      [builtins] Support two byte strings in StringEqual builtin. · f597eec1
      Benedikt Meurer authored 
      This CL adds support for two byte string comparisons to the StringEqual
builtin, which so far was bailing out to the generic %StringEqual
runtime function whenever any two-byte string was involved. This made
comparisons that involved two-byte strings, either comparing them to
one-byte strings or comparing two two-byte strings, up to 3x slower than
if only one-byte strings were involved.

With this change, all direct string (SeqString or ExternalString)
equality checks are roughly on par now, and the weird performance cliff
is gone. On the micro-benchmark from the bug we go from

  stringEqualBothOneByteSeqString: 162 ms.
  stringEqualTwoByteAndOneByteSeqString: 446 ms.
  stringEqualOneByteAndTwoByteSeqString: 438 ms.
  stringEqualBothTwoByteSeqString: 472 ms.

to

  stringEqualBothOneByteSeqString: 151 ms.
  stringEqualTwoByteAndOneByteSeqString: 158 ms.
  stringEqualOneByteAndTwoByteSeqString: 166 ms.
  stringEqualBothTwoByteSeqString: 160 ms.

which is the desired result. On the esprima test of the
web-tooling-benchmark we seem to improve by 1-2%, which corresponds to
the savings of going to the runtime for many StringEqual comparisons.

Drive-by-cleanup: Introduce LoadAndUntagStringLength helper into the CSA
with proper typing to avoid the unnecessary shifts on 64-bit platforms
when keeping the length tagged initially in StringEqual.

Bug: v8:4913, v8:6365, v8:6371, v8:6936, v8:7022
Change-Id: I566f4b80e217513775ffbd35e0480154abf59b27
Reviewed-on: https://chromium-review.googlesource.com/749223Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49067}
      f597eec1
  33. 30 Oct, 2017 1 commit
    • peterwmwong's avatar
      [builtins] Port WeakMap.p.set and WeakSet.p.add to CSA from JS · 7ae0a2f9
      peterwmwong authored 
      - Add WeakMapPrototypeSet and WeakSetPrototypeAdd TFJ builtins
  - Fast paths for...
    1) existing key
    2) new key when ObjectHashTable has a "sufficient capacity"
- Create WeakCollectionsBuiltinsAssembler to consolidate common WeakMap/WeakSet code generation
- Convert existing WeakMapLookupHashIndex to use WeakCollectionsBuiltinsAssembler

Some quick benchmarks shows performance gains of...
- 1.56x - 1.98x for WeakMap constructor
- 1.66x - 2.06x for WeakSet constructor
- 1.50x - 2.11x for WeakMap.p.set
- 1.54x - 2.26x for WeakSet.p.add

https: //github.com/peterwmwong/v8-perf/blob/master/weakcollection-set/README.md
Bug: v8:5049, v8:6604
Change-Id: I3499d46be6b2b3b1d8d46720ebe86cc5142ee542
Reviewed-on: https://chromium-review.googlesource.com/737935
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49036}
      7ae0a2f9
  35. 28 Oct, 2017 1 commit
  37. 26 Oct, 2017 1 commit
  39. 25 Oct, 2017 4 commits
  41. 24 Oct, 2017 2 commits
  43. 23 Oct, 2017 1 commit
  45. 20 Oct, 2017 1 commit