- 01 Mar, 2016 1 commit
-
-
mstarzinger authored
R=bmeurer@chromium.org BUG=v8:3956 LOG=n Review URL: https://codereview.chromium.org/1731063007 Cr-Commit-Position: refs/heads/master@{#34398}
-
- 29 Feb, 2016 1 commit
-
-
bmeurer authored
Rename the existing (patching) ToBooleanStub to ToBooleanICStub to match our naming convention, and add a new TurboFan-powered ToBooleanStub, which just does the ToBoolean conversion without any runtime call or code patching, so we can use it for Ignition (and TurboFan). Drive-by-fix: Add an Oddball::to_boolean field similar to the ones we already have for to_string and to_number, so we don't need to actually dispatch on the concrete Oddball at all. R=epertoso@chromium.org, rmcilroy@chromium.org, yangguo@chromium.org Review URL: https://codereview.chromium.org/1744163002 Cr-Commit-Position: refs/heads/master@{#34361}
-
- 22 Feb, 2016 1 commit
-
-
yangguo authored
R=mstarzinger@chromium.org, rmcilroy@chromium.org BUG=v8:4690 LOG=N Review URL: https://codereview.chromium.org/1703453002 Cr-Commit-Position: refs/heads/master@{#34190}
-
- 18 Feb, 2016 1 commit
-
-
verwaest authored
BUG= Review URL: https://codereview.chromium.org/1704353002 Cr-Commit-Position: refs/heads/master@{#34118}
-
- 11 Feb, 2016 1 commit
-
-
verwaest authored
[runtime/heap] Introduce CopyFixedArrayUpTo to match CopyFixedArrayAndGrow, copying to a smaller array. This allows the helper to avoid write barriers while copying, speeding up Object.keys by 5-10%. BUG= Review URL: https://codereview.chromium.org/1690953002 Cr-Commit-Position: refs/heads/master@{#33916}
-
- 08 Feb, 2016 1 commit
-
-
bmeurer authored
It's fine to use JS_OBJECT_TYPE for JSIteratorResult and only have a preallocated initial map for them to avoid unnecessary polymorphism from generators / builtin iterators. The instance type doesn't provide any advantage, since we always have to treat JSIteratorResult objects as regular JSObjects later. R=yangguo@chromium.org TBR=hpayer@chromium.org Review URL: https://codereview.chromium.org/1680513002 Cr-Commit-Position: refs/heads/master@{#33800}
-
- 05 Feb, 2016 1 commit
-
-
mvstanton authored
Revert of Type Feedback Vector lives in the closure (patchset #2 id:40001 of https://codereview.chromium.org/1668103002/ ) Reason for revert: Must revert for now due to chromium api natives issues. Original issue's description: > Type Feedback Vector lives in the closure > > (RELAND: the problem before was a missing write barrier for adding the code > entry to the new closure. It's been addressed with a new macro instruction > and test. The only change to this CL is the addition of two calls to > __ RecordWriteCodeEntryField() in the platform CompileLazy builtin.) > > We get less "pollution" of type feedback if we have one vector per native > context, rather than one for the whole system. This CL moves the vector > appropriately. > > We rely more heavily on the Optimized Code Map in the SharedFunctionInfo. The > vector actually lives in the first slot of the literals array (indeed there is > great commonality between those arrays, they can be thought of as the same > thing). So we make greater effort to ensure there is a valid literals array > after compilation. > > This meant, for performance reasons, that we needed to extend > FastNewClosureStub to support creating closures with literals. And ultimately, > it drove us to move the optimized code map lookup out of FastNewClosureStub > and into the compile lazy builtin. > > The heap change is trivial so I TBR Hannes for it... > Also, Yang has had a look at the debugger changes already and approved 'em. So he is TBR style too. > And Benedikt reviewed it as well. > > TBR=hpayer@chromium.org, yangguo@chromium.org, bmeurer@chromium.org > > BUG= > > Committed: https://crrev.com/bb31db3ad6de16f86a61f6c7bbfd3274e3d957b5 > Cr-Commit-Position: refs/heads/master@{#33741} TBR=bmeurer@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG= Review URL: https://codereview.chromium.org/1670813005 Cr-Commit-Position: refs/heads/master@{#33766}
-
- 04 Feb, 2016 1 commit
-
-
mvstanton authored
(RELAND: the problem before was a missing write barrier for adding the code entry to the new closure. It's been addressed with a new macro instruction and test. The only change to this CL is the addition of two calls to __ RecordWriteCodeEntryField() in the platform CompileLazy builtin.) We get less "pollution" of type feedback if we have one vector per native context, rather than one for the whole system. This CL moves the vector appropriately. We rely more heavily on the Optimized Code Map in the SharedFunctionInfo. The vector actually lives in the first slot of the literals array (indeed there is great commonality between those arrays, they can be thought of as the same thing). So we make greater effort to ensure there is a valid literals array after compilation. This meant, for performance reasons, that we needed to extend FastNewClosureStub to support creating closures with literals. And ultimately, it drove us to move the optimized code map lookup out of FastNewClosureStub and into the compile lazy builtin. The heap change is trivial so I TBR Hannes for it... Also, Yang has had a look at the debugger changes already and approved 'em. So he is TBR style too. And Benedikt reviewed it as well. TBR=hpayer@chromium.org, yangguo@chromium.org, bmeurer@chromium.org BUG= Review URL: https://codereview.chromium.org/1668103002 Cr-Commit-Position: refs/heads/master@{#33741}
-
- 29 Jan, 2016 1 commit
-
-
jkummerow authored
String wrappers (new String("foo")) are special objects: their string characters are accessed like elements, and they also have an elements backing store. This used to require a bunch of explicit checks like: if (obj->IsJSValue() && JSValue::cast(obj)->value()->IsString()) { /* Handle string characters */ } // Handle regular elements (for string wrappers and other objects) obj->GetElementsAccessor()->Whatever(...); This CL introduces new ElementsKinds for string wrapper objects (one for fast elements, one for dictionary elements), which allow folding the special-casing into new StringWrapperElementsAccessors. No observable change in behavior is intended. Review URL: https://codereview.chromium.org/1612323003 Cr-Commit-Position: refs/heads/master@{#33616}
-
- 27 Jan, 2016 2 commits
-
-
mvstanton authored
Revert of Type Feedback Vector lives in the closure (patchset #2 id:20001 of https://codereview.chromium.org/1642613002/ ) Reason for revert: Bug: failing to use write barrier when writing code entry into closure. Original issue's description: > Reland of Type Feedback Vector lives in the closure > > (Fixed a bug found by nosnap builds.) > > We get less "pollution" of type feedback if we have one vector per native > context, rather than one for the whole system. This CL moves the vector > appropriately. > > We rely more heavily on the Optimized Code Map in the SharedFunctionInfo. The > vector actually lives in the first slot of the literals array (indeed there is > great commonality between those arrays, they can be thought of as the same > thing). So we make greater effort to ensure there is a valid literals array > after compilation. > > This meant, for performance reasons, that we needed to extend > FastNewClosureStub to support creating closures with literals. And ultimately, > it drove us to move the optimized code map lookup out of FastNewClosureStub > and into the compile lazy builtin. > > The heap change is trivial so I TBR Hannes for it... > > TBR=hpayer@chromium.org > BUG= > > Committed: https://crrev.com/d984b3b0ce91e55800f5323b4bb32a06f8a5aab1 > Cr-Commit-Position: refs/heads/master@{#33548} TBR=bmeurer@chromium.org,yangguo@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG= Review URL: https://codereview.chromium.org/1643533003 Cr-Commit-Position: refs/heads/master@{#33556}
-
mvstanton authored
(Fixed a bug found by nosnap builds.) We get less "pollution" of type feedback if we have one vector per native context, rather than one for the whole system. This CL moves the vector appropriately. We rely more heavily on the Optimized Code Map in the SharedFunctionInfo. The vector actually lives in the first slot of the literals array (indeed there is great commonality between those arrays, they can be thought of as the same thing). So we make greater effort to ensure there is a valid literals array after compilation. This meant, for performance reasons, that we needed to extend FastNewClosureStub to support creating closures with literals. And ultimately, it drove us to move the optimized code map lookup out of FastNewClosureStub and into the compile lazy builtin. The heap change is trivial so I TBR Hannes for it... TBR=hpayer@chromium.org BUG= Review URL: https://codereview.chromium.org/1642613002 Cr-Commit-Position: refs/heads/master@{#33548}
-
- 26 Jan, 2016 2 commits
-
-
mvstanton authored
Revert of Type Feedback Vector lives in the closure (patchset #12 id:260001 of https://codereview.chromium.org/1563213002/ ) Reason for revert: FAilure on win32 bot, need to investigate webkit failures. Original issue's description: > Type Feedback Vector lives in the closure > > We get less "pollution" of type feedback if we have one vector per native > context, rather than one for the whole system. This CL moves the vector > appropriately. > > We rely more heavily on the Optimized Code Map in the SharedFunctionInfo. The > vector actually lives in the first slot of the literals array (indeed there is > great commonality between those arrays, they can be thought of as the same > thing). So we make greater effort to ensure there is a valid literals array > after compilation. > > This meant, for performance reasons, that we needed to extend > FastNewClosureStub to support creating closures with literals. And ultimately, > it drove us to move the optimized code map lookup out of FastNewClosureStub > and into the compile lazy builtin. > > The heap change is trivial so I TBR Hannes for it... > > TBR=hpayer@chromium.org > > BUG= > > Committed: https://crrev.com/a5200f7ed4d11c6b882fa667da7a1864226544b4 > Cr-Commit-Position: refs/heads/master@{#33518} TBR=bmeurer@chromium.org,akos.palfi@imgtec.com # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG= Review URL: https://codereview.chromium.org/1632993003 Cr-Commit-Position: refs/heads/master@{#33520}
-
mvstanton authored
We get less "pollution" of type feedback if we have one vector per native context, rather than one for the whole system. This CL moves the vector appropriately. We rely more heavily on the Optimized Code Map in the SharedFunctionInfo. The vector actually lives in the first slot of the literals array (indeed there is great commonality between those arrays, they can be thought of as the same thing). So we make greater effort to ensure there is a valid literals array after compilation. This meant, for performance reasons, that we needed to extend FastNewClosureStub to support creating closures with literals. And ultimately, it drove us to move the optimized code map lookup out of FastNewClosureStub and into the compile lazy builtin. The heap change is trivial so I TBR Hannes for it... TBR=hpayer@chromium.org BUG= Review URL: https://codereview.chromium.org/1563213002 Cr-Commit-Position: refs/heads/master@{#33518}
-
- 18 Jan, 2016 1 commit
-
-
verwaest authored
Review URL: https://codereview.chromium.org/1600353003 Cr-Commit-Position: refs/heads/master@{#33364}
-
- 14 Jan, 2016 1 commit
-
-
jkummerow authored
As luck would have it, there doesn't seem to be a way to trigger observable misbehavior currently (only with special flags). BUG=chromium:380671 LOG=n R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/1588013002 Cr-Commit-Position: refs/heads/master@{#33305}
-
- 27 Dec, 2015 2 commits
-
-
bmeurer authored
According to the ES2015 specification, bound functions are exotic objects, and thus don't need to be implemented as JSFunctions. So we introduce a new JSBoundFunction type to represent bound functions and make them optimizable. This already improves the performance of calling or constructing bound functions by 10-100x depending on the use case because we avoid the crazy dance between JavaScript and C++ that was implemented in v8natives.js previously. There's still room for improvement in the performance of actually creating bound functions, which is also relevant in practice, but we already have a plan how to accomplish that later. The mips/mips64 ports were contributed by akos.palfi@imgtec.com. CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel BUG=chromium:535408, chromium:571299, v8:4629 LOG=n Committed: https://crrev.com/ca8623eaa468cba65a5adafcdfb4615966f43ce2 Cr-Commit-Position: refs/heads/master@{#33042} Review URL: https://codereview.chromium.org/1542963002 Cr-Commit-Position: refs/heads/master@{#33044}
-
bmeurer authored
Revert of [runtime] Introduce dedicated JSBoundFunction to represent bound functions. (patchset #14 id:260001 of https://codereview.chromium.org/1542963002/ ) Reason for revert: Breaks arm64 sim nosnap: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20nosnap%20-%20debug/builds/805/steps/Check/logs/function-bind Original issue's description: > [runtime] Introduce dedicated JSBoundFunction to represent bound functions. > > According to the ES2015 specification, bound functions are exotic > objects, and thus don't need to be implemented as JSFunctions. So > we introduce a new JSBoundFunction type to represent bound functions > and make them optimizable. This already improves the performance of > calling or constructing bound functions by 10-100x depending on the > use case because we avoid the crazy dance between JavaScript and C++ > that was implemented in v8natives.js previously. > > There's still room for improvement in the performance of actually > creating bound functions, which is also relevant in practice, but > we already have a plan how to accomplish that later. > > The mips/mips64 ports were contributed by akos.palfi@imgtec.com. > > CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel > BUG=chromium:535408, chromium:571299, v8:4629 > LOG=n > > Committed: https://crrev.com/ca8623eaa468cba65a5adafcdfb4615966f43ce2 > Cr-Commit-Position: refs/heads/master@{#33042} TBR=cbruni@chromium.org,hpayer@chromium.org,yangguo@chromium.org,akos.palfi@imgtec.com NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=chromium:535408, chromium:571299, v8:4629 Review URL: https://codereview.chromium.org/1552473002 Cr-Commit-Position: refs/heads/master@{#33043}
-
- 26 Dec, 2015 1 commit
-
-
bmeurer authored
According to the ES2015 specification, bound functions are exotic objects, and thus don't need to be implemented as JSFunctions. So we introduce a new JSBoundFunction type to represent bound functions and make them optimizable. This already improves the performance of calling or constructing bound functions by 10-100x depending on the use case because we avoid the crazy dance between JavaScript and C++ that was implemented in v8natives.js previously. There's still room for improvement in the performance of actually creating bound functions, which is also relevant in practice, but we already have a plan how to accomplish that later. The mips/mips64 ports were contributed by akos.palfi@imgtec.com. CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel BUG=chromium:535408, chromium:571299, v8:4629 LOG=n Review URL: https://codereview.chromium.org/1542963002 Cr-Commit-Position: refs/heads/master@{#33042}
-
- 08 Dec, 2015 1 commit
-
-
cbruni authored
BUG=v8:1543 LOG=N Review URL: https://codereview.chromium.org/1499593003 Cr-Commit-Position: refs/heads/master@{#32675}
-
- 04 Dec, 2015 1 commit
-
-
cbruni authored
BUG=v8:1543 LOG=N Review URL: https://codereview.chromium.org/1496503002 Cr-Commit-Position: refs/heads/master@{#32616}
-
- 03 Dec, 2015 1 commit
-
-
hpayer authored
Reland of Introduce instance type for transition arrays. (patchset #1 id:1 of https://codereview.chromium.org/1483003002/ ) Reason for revert: Suspect for crashing found, relanding for canary coverage. Original issue's description: > Revert of Introduce instance type for transition arrays. (patchset #6 id:100001 of https://codereview.chromium.org/1480873003/ ) > > Reason for revert: > Broken canary. Trying to find out root cause. > > Original issue's description: > > Introduce instance type for transition arrays. > > > > The motivation is to allow specialized marking visitor for transition arrays and collect all transition array in a list for post-processing in ClearNonLiveReferences. > > > > BUG=chromium:554488 > > LOG=NO > > > > Committed: https://crrev.com/026095a3c7932573e1810b8064ec3008ed696601 > > Cr-Commit-Position: refs/heads/master@{#32396} > > TBR=mlippautz@chromium.org,jkummerow@chromium.org,ulan@chromium.org > NOPRESUBMIT=true > NOTREECHECKS=true > NOTRY=true > BUG=chromium:554488 > > Committed: https://crrev.com/38bf70b9cd2a07b99ac0c0b7eda111849e79c146 > Cr-Commit-Position: refs/heads/master@{#32404} TBR=mlippautz@chromium.org,jkummerow@chromium.org,ulan@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=chromium:554488 Review URL: https://codereview.chromium.org/1500623002 Cr-Commit-Position: refs/heads/master@{#32561}
-
- 30 Nov, 2015 2 commits
-
-
hpayer authored
Revert of Introduce instance type for transition arrays. (patchset #6 id:100001 of https://codereview.chromium.org/1480873003/ ) Reason for revert: Broken canary. Trying to find out root cause. Original issue's description: > Introduce instance type for transition arrays. > > The motivation is to allow specialized marking visitor for transition arrays and collect all transition array in a list for post-processing in ClearNonLiveReferences. > > BUG=chromium:554488 > LOG=NO > > Committed: https://crrev.com/026095a3c7932573e1810b8064ec3008ed696601 > Cr-Commit-Position: refs/heads/master@{#32396} TBR=mlippautz@chromium.org,jkummerow@chromium.org,ulan@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=chromium:554488 Review URL: https://codereview.chromium.org/1483003002 Cr-Commit-Position: refs/heads/master@{#32404}
-
ulan authored
The motivation is to allow specialized marking visitor for transition arrays and collect all transition array in a list for post-processing in ClearNonLiveReferences. BUG=chromium:554488 LOG=NO Review URL: https://codereview.chromium.org/1480873003 Cr-Commit-Position: refs/heads/master@{#32396}
-
- 25 Nov, 2015 1 commit
-
-
ishell authored
BUG=v8:4572 LOG=Y Review URL: https://codereview.chromium.org/1481493003 Cr-Commit-Position: refs/heads/master@{#32268}
-
- 24 Nov, 2015 1 commit
-
-
verwaest authored
BUG= Review URL: https://codereview.chromium.org/1467473002 Cr-Commit-Position: refs/heads/master@{#32223}
-
- 13 Nov, 2015 1 commit
-
-
cbruni authored
LOG=N BUG=v8:1543 Review URL: https://codereview.chromium.org/1417063011 Cr-Commit-Position: refs/heads/master@{#31983}
-
- 12 Nov, 2015 1 commit
-
-
neis authored
BUG= Review URL: https://codereview.chromium.org/1427743011 Cr-Commit-Position: refs/heads/master@{#31972}
-
- 03 Nov, 2015 1 commit
-
-
ishell authored
Original issue's description: > [es6] Fix Function and GeneratorFunction built-ins subclassing. > > BUG=v8:3101, v8:3330 > LOG=Y > > Committed: https://crrev.com/99e7f872d3d0a5fb799dcbafb05537cda491314a > Cr-Commit-Position: refs/heads/master@{#31708} The problem was in another CL, this is a clean reland with improved tests. BUG=v8:3101, v8:3330 LOG=Y Review URL: https://codereview.chromium.org/1415683007 Cr-Commit-Position: refs/heads/master@{#31756}
-
- 02 Nov, 2015 4 commits
-
-
yangguo authored
R=jkummerow@chromium.org, mstarzinger@chromium.org Review URL: https://codereview.chromium.org/1406113007 Cr-Commit-Position: refs/heads/master@{#31714}
-
ishell authored
Revert of [es6] Fix Function and GeneratorFunction built-ins subclassing. (patchset #4 id:80001 of https://codereview.chromium.org/1428823002/ ) Reason for revert: Buildbot failures Original issue's description: > [es6] Fix Function and GeneratorFunction built-ins subclassing. > > BUG=v8:3101, v8:3330 > LOG=Y > > Committed: https://crrev.com/99e7f872d3d0a5fb799dcbafb05537cda491314a > Cr-Commit-Position: refs/heads/master@{#31708} TBR=verwaest@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:3101, v8:3330 Review URL: https://codereview.chromium.org/1413723008 Cr-Commit-Position: refs/heads/master@{#31709}
-
ishell authored
BUG=v8:3101, v8:3330 LOG=Y Review URL: https://codereview.chromium.org/1428823002 Cr-Commit-Position: refs/heads/master@{#31708}
-
bmeurer authored
The compiler can generate a named access for o[x] if x is a compile time constant that can be turned into a name using ToName (limited to primitive x values, because other ToName invocations might be observable), or the KeyedLoadIC/KeyedStoreIC have gather constant name feedback for x (i.e. the access always goes to the same symbol). R=jarin@chromium.org BUG=v8:4470 LOG=n Review URL: https://codereview.chromium.org/1414013004 Cr-Commit-Position: refs/heads/master@{#31703}
-
- 29 Oct, 2015 1 commit
-
-
jochen authored
Also deprecate hidden values BUG=none LOG=y R=rossberg@chromium.org,yangguo@chromium.org Review URL: https://codereview.chromium.org/1428793002 Cr-Commit-Position: refs/heads/master@{#31658}
-
- 12 Oct, 2015 1 commit
-
-
mstarzinger authored
R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/1399623004 Cr-Commit-Position: refs/heads/master@{#31215}
-
- 06 Oct, 2015 1 commit
-
-
caitpotter88 authored
Symbols marked as "well-known" now return an undefined value when loaded with a failed access check, instead of throwing. Currently, only @@isConcatSpreadable is marked as well-known, until the correct behaviour is properly specified. BUG=v8:4289, 507553 LOG=N R=adamk@chromium.org, jochen@chromium.org, verwaest@chromium.org Review URL: https://codereview.chromium.org/1230793002 Cr-Commit-Position: refs/heads/master@{#31131}
-
- 01 Oct, 2015 1 commit
-
-
ishell authored
This CL also allows to use arbitrary number of feedback vector elements for particular slot kind. Review URL: https://codereview.chromium.org/1370303004 Cr-Commit-Position: refs/heads/master@{#31050}
-
- 30 Sep, 2015 1 commit
-
-
mstarzinger authored
This enables linter checking for "readability/namespace" violations during presubmit and instead marks the few known exceptions that we allow explicitly. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/1371083003 Cr-Commit-Position: refs/heads/master@{#31019}
-
- 29 Sep, 2015 1 commit
-
-
mstarzinger authored
This is mostly removing dead code and also dropping MUST_USE_RESULT annotations from methods that cannot throw an exception anyways. R=hpayer@chromium.org Review URL: https://codereview.chromium.org/1370153002 Cr-Commit-Position: refs/heads/master@{#30995}
-
- 28 Sep, 2015 1 commit
-
-
ishell authored
This is a second step towards merging FeedbackVectorSlot and FeedbackVectorICSlot. Review URL: https://codereview.chromium.org/1376443002 Cr-Commit-Position: refs/heads/master@{#30971}
-
- 17 Sep, 2015 1 commit
-
-
ben authored
Typed arrays from the snapshot start out in the young space but they all seem to end up in the old space sooner or later anyway. Let's expedite that by allocating them in the old space right away. Review URL: https://codereview.chromium.org/1347263003 Cr-Commit-Position: refs/heads/master@{#30804}
-