- 26 Jul, 2016 1 commit
-
-
yangguo authored
This feature has not been used in the past few years and most likely does not even work anymore. R=ishell@chromium.org Review-Url: https://codereview.chromium.org/2186533002 Cr-Commit-Position: refs/heads/master@{#38046}
-
- 08 Jul, 2016 1 commit
-
-
jgruber authored
BUG=v8:5173 R=bmeurer@chromium.org Review-Url: https://codereview.chromium.org/2118283003 Cr-Commit-Position: refs/heads/master@{#37598}
-
- 30 Jun, 2016 1 commit
-
-
jgruber authored
Prior to this commit, calls to C++ builtins created standard exit frames, which are skipped when constructing JS stack traces. In order to show these calls on traces, we introduce a new builtin exit frame type. Builtin exit frames contain target and new.target on the stack and are not skipped during stack trace construction. BUG=v8:4815 R=bmeurer@chromium.org, yangguo@chromium.org CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel;tryserver.v8:v8_linux_nosnap_dbg Committed: https://crrev.com/3c60c6b105f39344f93a8407f41534e5e60cf19a Review-Url: https://codereview.chromium.org/2090723005 Cr-Original-Commit-Position: refs/heads/master@{#37384} Cr-Commit-Position: refs/heads/master@{#37416}
-
- 29 Jun, 2016 2 commits
-
-
bmeurer authored
Revert of [builtins] New frame type for exits to C++ builtins (patchset #5 id:80001 of https://codereview.chromium.org/2090723005/ ) Reason for revert: Looks like this breaks on nosnap: http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap%20-%20debug/builds/7626 Original issue's description: > [builtins] New frame type for exits to C++ builtins > > Prior to this commit, calls to C++ builtins created standard exit > frames, which are skipped when constructing JS stack traces. In order to > show these calls on traces, we introduce a new builtin exit frame type. > > Builtin exit frames contain target and new.target on the stack and are > not skipped during stack trace construction. > > BUG=v8:4815 > R=bmeurer@chromium.org, yangguo@chromium.org > CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel > > Committed: https://crrev.com/3c60c6b105f39344f93a8407f41534e5e60cf19a > Cr-Commit-Position: refs/heads/master@{#37384} TBR=yangguo@chromium.org,jgruber@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:4815 Review-Url: https://codereview.chromium.org/2106113002 Cr-Commit-Position: refs/heads/master@{#37394}
-
jgruber authored
Prior to this commit, calls to C++ builtins created standard exit frames, which are skipped when constructing JS stack traces. In order to show these calls on traces, we introduce a new builtin exit frame type. Builtin exit frames contain target and new.target on the stack and are not skipped during stack trace construction. BUG=v8:4815 R=bmeurer@chromium.org, yangguo@chromium.org CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel Review-Url: https://codereview.chromium.org/2090723005 Cr-Commit-Position: refs/heads/master@{#37384}
-
- 19 May, 2016 1 commit
-
-
binji authored
They are not currently implemented by the ARM64 simulator. R=jarin@chromium.org, bmeurer@chromium.org Review-Url: https://codereview.chromium.org/1990073002 Cr-Commit-Position: refs/heads/master@{#36385}
-
- 10 May, 2016 1 commit
-
-
hpayer authored
The new allocation folding implementation avoids fragmentation between folded allocation. As a consequence, our heap will always be iterable i.e. we do not have to perform a garbage collection before iterating the heap. BUG=chromium:580959 LOG=n Review-Url: https://codereview.chromium.org/1899813003 Cr-Commit-Position: refs/heads/master@{#36133}
-
- 03 May, 2016 1 commit
-
-
martyn.capewell authored
Disable ASM_LOCATION inline debug messages in release builds. This makes code size measurements more representative when using the simulator. BUG= Review-Url: https://codereview.chromium.org/1919013005 Cr-Commit-Position: refs/heads/master@{#35990}
-
- 30 Apr, 2016 1 commit
-
-
bmeurer authored
Further refactor the pipeline to even run the first scheduler (part of the effect control linearization) concurrently. This temporarily disables most of the write barrier elimination, but we will get back to that later. Drive-by-fix: Remove the dead code from ChangeLowering, and stack allocate the Typer in the pipeline. Also migrate the AllocateStub to a native code builtin, so that we have the code object + a handle to it available all the time. CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux64_tsan_rel R=mstarzinger@chromium.org BUG=v8:4969 LOG=n Review-Url: https://codereview.chromium.org/1926023002 Cr-Commit-Position: refs/heads/master@{#35918}
-
- 19 Apr, 2016 1 commit
-
-
rmcilroy authored
Removes the register file machine register from the interpreter and replaces it will loads from the parent frame pointer. As part of this change the raw operand values for register values changes to enable the interpreter to keep using the operand value as the offset from the parent frame pointer. BUG=v8:4280 LOG=N Review URL: https://codereview.chromium.org/1894063002 Cr-Commit-Position: refs/heads/master@{#35618}
-
- 15 Apr, 2016 1 commit
-
-
ahaas authored
The default NaN mode was originally used to identify holes in double arrays. With (https://codereview.chromium.org/863633002/) signalling NaNs are used for that, and the default NaN mode is not needed anymore. Without the default NaN mode it is easier to satisfy the WebAssembly spec which requires that quiet NaNs are preserved. R=titzer@chromium.org, rodolph.perfetta@arm.com, bmeurer@chromium.org Review URL: https://codereview.chromium.org/1884193002 Cr-Commit-Position: refs/heads/master@{#35518}
-
- 06 Apr, 2016 1 commit
-
-
bmeurer authored
Introduce a ResumeGeneratorTrampoline, which does the actual stack state reconstruction (currently always restores a fullcodegen frame), and introduce appropriate TurboFan builtins for %GeneratorPrototype%.next, %GeneratorPrototype%.return and %GeneratorPrototype%.throw based on this native builtin. Also unify the flooding in case of step-in to always work based on JSFunction and remove the special casing for JSGeneratorObject. R=mstarzinger@chromium.org, neis@chromium.org TBR=rossberg@chromium.org BUG=chromium:513471 LOG=n Review URL: https://codereview.chromium.org/1865833002 Cr-Commit-Position: refs/heads/master@{#35283}
-
- 29 Mar, 2016 1 commit
-
-
titzer authored
In JavaScript code and stubs, JSSP mirrors the CSP but may be unaligned. But in WASM code only CSP is used, like native code, and it must be aligned. Calls into WASM from JS need to carefully align the C stack pointer (csp) and restore the previous JSSP, while calls from WASM to JS need to compute a new JSSP and restore their CSP after the call. R=ahaas@chromium.org BUG= Review URL: https://codereview.chromium.org/1811283003 Cr-Commit-Position: refs/heads/master@{#35096}
-
- 21 Mar, 2016 1 commit
-
-
bmeurer authored
Split ToNumberStub into the entry ToNumberStub, and two new stubs, StringToNumberStub and NonNumberToNumberStub, which can be used when we already know something about the input (i.e. in various branches of the code stubs, or in TurboFan graphs). Also introduce an appropriate StringToNumber simplified operator for TurboFan, that is pure and is lowered to an invocation of the newly added StringToNumberStub. R=jarin@chromium.org Review URL: https://codereview.chromium.org/1818923002 Cr-Commit-Position: refs/heads/master@{#34922}
-
- 08 Mar, 2016 1 commit
-
-
danno authored
Before this CL, various code stubs used different techniques for marking their frames to enable stack-crawling and other access to data in the frame. All of them were based on a abuse of the "standard" frame representation, e.g. storing the a context pointer immediately below the frame's fp, and a function pointer after that. Although functional, this approach tends to make stubs and builtins do an awkward, unnecessary dance to appear like standard frames, even if they have nothing to do with JavaScript execution. This CL attempts to improve this by: * Ensuring that there are only two fundamentally different types of frames, a "standard" frame and a "typed" frame. Standard frames, as before, contain both a context and function pointer. Typed frames contain only a minimum of a smi marker in the position immediately below the fp where the context is in standard frames. * Only interpreted, full codegen, and optimized Crankshaft and TurboFan JavaScript frames use the "standard" format. All other frames use the type frame format with an explicit marker. * Typed frames can contain one or more values below the type marker. There is new magic macro machinery in frames.h that simplifies defining the offsets of these fields in typed frames. * A new flag in the CallDescriptor enables specifying whether a frame is a standard frame or a typed frame. Secondary register location spilling is now only enabled for standard frames. * A zillion places in the code have been updated to deal with the fact that most code stubs and internal frames use the typed frame format. This includes changes in the deoptimizer, debugger, and liveedit. * StandardFrameConstants::kMarkerOffset is deprecated, (CommonFrameConstants::kContextOrFrameTypeOffset and StandardFrameConstants::kFrameOffset are now used in its stead). LOG=N Review URL: https://codereview.chromium.org/1696043002 Cr-Commit-Position: refs/heads/master@{#34571}
-
- 07 Mar, 2016 1 commit
-
-
ishell authored
HInvokeFunction and HApplyArguments instructions now support tail calling. Inlining of calls at tail position is not supported yet and therefore still disabled. The tail-call-megatest was modified so that the usages of "arguments" object do not disable Crankshaft. TBR=bmeurer@chromium.org BUG=v8:4698 LOG=N Review URL: https://codereview.chromium.org/1760253003 Cr-Commit-Position: refs/heads/master@{#34542}
-
- 24 Feb, 2016 1 commit
-
-
mstarzinger authored
This makes the FullCodeGenerator::EmitNamedPropertyLoad be architecture independent by adding MacroAssembler::Move helpers. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/1734643002 Cr-Commit-Position: refs/heads/master@{#34259}
-
- 19 Feb, 2016 1 commit
-
-
bmeurer authored
Move the already existing fast case for %NewObject into a dedicated FastNewObjectStub that we can utilize in places where we would otherwise fallback to %NewObject immediately, which is rather expensive. Also use FastNewObjectStub as the generic implementation of JSCreate, which should make constructor inlining based on SharedFunctionInfo (w/o specializing to a concrete closure) viable soon. R=jarin@chromium.org Review URL: https://codereview.chromium.org/1708313002 Cr-Commit-Position: refs/heads/master@{#34136}
-
- 15 Feb, 2016 1 commit
-
-
titzer authored
R=bmeurer@chromium.org BUG= Review URL: https://codereview.chromium.org/1698063002 Cr-Commit-Position: refs/heads/master@{#33990}
-
- 10 Feb, 2016 1 commit
-
-
mlippautz authored
Preparing the young generation for (real) non-contiguous backing memory, this change removes object masks that are used to compute containment in semi and new space. The masks are replaced by lookups for object tags and page headers, where possible. Details: - Use the fast checks (page header lookups) for containment in regular code. - Use the slow version that masks out the page start adress and iterates all pages of a space for debugging/verification. - The slow version works for off-heap/unmapped memory. - Encapsulate all checks for the old->new barrier in Heap::RecordWrite(). BUG=chromium:581412 LOG=N Review URL: https://codereview.chromium.org/1632913003 Cr-Commit-Position: refs/heads/master@{#33857}
-
- 04 Feb, 2016 1 commit
-
-
mvstanton authored
BUG= Review URL: https://codereview.chromium.org/1647123002 Cr-Commit-Position: refs/heads/master@{#33718}
-
- 02 Feb, 2016 1 commit
-
-
jacob.bramley authored
BUG= Review URL: https://codereview.chromium.org/1652023002 Cr-Commit-Position: refs/heads/master@{#33666}
-
- 21 Jan, 2016 1 commit
-
-
bmeurer authored
The PrepareId bailout location was used incorrectly in Crankshaft and, as it turns out, is not required anyway (once you do it right). Also there was some premature optimization going on with the CheckEnumCache (trying to load null from roots only once), plus we can be smarter about the null/undefined check anyway. The idea behind this changes is to prepare unification of the two different ForInPrepare implementations that we now have, with the end result being that we only use the new implementation that was recently added for the interpreter. R=jarin@chromium.org BUG=v8:3650 LOG=n Review URL: https://codereview.chromium.org/1618613002 Cr-Commit-Position: refs/heads/master@{#33426}
-
- 20 Jan, 2016 1 commit
-
-
bmeurer authored
We no longer have the concept of "JS builtins" exposed to handwritten native code, so there's no need to keep the InvokeBuiltin macro around. R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/1611613002 Cr-Commit-Position: refs/heads/master@{#33416}
-
- 15 Jan, 2016 1 commit
-
-
rmcilroy authored
Adds a ForInPrepare Runtime function which returns a triple of cache_type, cache_array and cache_length. This requires adding support to CEntryStub to call runtime functions which return a ObjectTriple - a struct containing three Object* pointers. Also did some cleanup of the x64 CEntryStub to avoid replicated code. Replaces the interpreter's use of the ad-hock InterpreterForInPrepare Runtime function with ForInPrepare in preparation for fixing deopt in BytecodeGraphBuilder for ForIn (which will be done in a followup CL). MIPS port contributed by Balazs Kilvady <balazs.kilvady@imgtec.com>. BUG=v8:4280 LOG=N Review URL: https://codereview.chromium.org/1576093004 Cr-Commit-Position: refs/heads/master@{#33334}
-
- 13 Jan, 2016 1 commit
-
-
bmeurer authored
Also migrate the Number constructor to a native builtin, using the same mechanism already used by the String constructor. Otherwise just parsing and compiling the Number constructor to optimized code already eats 2ms on desktop for no good reason, and the resulting optimized code is not even close to awesome. Drive-by-fix: Use correct context for the [[Construct]] case of the String constructor as well, and share some code with it. R=jarin@chromium.org Review URL: https://codereview.chromium.org/1573243009 Cr-Commit-Position: refs/heads/master@{#33265}
-
- 11 Jan, 2016 1 commit
-
-
jacob.bramley authored
In particular, Claim doesn't work with a negative size, so ensure that it is positive. BUG= Review URL: https://codereview.chromium.org/1565193002 Cr-Commit-Position: refs/heads/master@{#33198}
-
- 30 Dec, 2015 1 commit
-
-
cbruni authored
counts specified in runtime.h. In the vast majority of the cases when we call into the runtime we use the default number of arguments. Hence, there is not need to specify it again. This CL also removes TailCallExternalReference as there were no users. BUG= Review URL: https://codereview.chromium.org/1553703002 Cr-Commit-Position: refs/heads/master@{#33066}
-
- 29 Dec, 2015 1 commit
-
-
cbruni authored
JumpToExternalReference ignored the passed-in result_size argument, which defaulted to 1. This change updates all users to not use a result_size. BUG= Review URL: https://codereview.chromium.org/1550923002 Cr-Commit-Position: refs/heads/master@{#33059}
-
- 27 Dec, 2015 2 commits
-
-
bmeurer authored
According to the ES2015 specification, bound functions are exotic objects, and thus don't need to be implemented as JSFunctions. So we introduce a new JSBoundFunction type to represent bound functions and make them optimizable. This already improves the performance of calling or constructing bound functions by 10-100x depending on the use case because we avoid the crazy dance between JavaScript and C++ that was implemented in v8natives.js previously. There's still room for improvement in the performance of actually creating bound functions, which is also relevant in practice, but we already have a plan how to accomplish that later. The mips/mips64 ports were contributed by akos.palfi@imgtec.com. CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel BUG=chromium:535408, chromium:571299, v8:4629 LOG=n Committed: https://crrev.com/ca8623eaa468cba65a5adafcdfb4615966f43ce2 Cr-Commit-Position: refs/heads/master@{#33042} Review URL: https://codereview.chromium.org/1542963002 Cr-Commit-Position: refs/heads/master@{#33044}
-
bmeurer authored
Revert of [runtime] Introduce dedicated JSBoundFunction to represent bound functions. (patchset #14 id:260001 of https://codereview.chromium.org/1542963002/ ) Reason for revert: Breaks arm64 sim nosnap: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20nosnap%20-%20debug/builds/805/steps/Check/logs/function-bind Original issue's description: > [runtime] Introduce dedicated JSBoundFunction to represent bound functions. > > According to the ES2015 specification, bound functions are exotic > objects, and thus don't need to be implemented as JSFunctions. So > we introduce a new JSBoundFunction type to represent bound functions > and make them optimizable. This already improves the performance of > calling or constructing bound functions by 10-100x depending on the > use case because we avoid the crazy dance between JavaScript and C++ > that was implemented in v8natives.js previously. > > There's still room for improvement in the performance of actually > creating bound functions, which is also relevant in practice, but > we already have a plan how to accomplish that later. > > The mips/mips64 ports were contributed by akos.palfi@imgtec.com. > > CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel > BUG=chromium:535408, chromium:571299, v8:4629 > LOG=n > > Committed: https://crrev.com/ca8623eaa468cba65a5adafcdfb4615966f43ce2 > Cr-Commit-Position: refs/heads/master@{#33042} TBR=cbruni@chromium.org,hpayer@chromium.org,yangguo@chromium.org,akos.palfi@imgtec.com NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=chromium:535408, chromium:571299, v8:4629 Review URL: https://codereview.chromium.org/1552473002 Cr-Commit-Position: refs/heads/master@{#33043}
-
- 26 Dec, 2015 1 commit
-
-
bmeurer authored
According to the ES2015 specification, bound functions are exotic objects, and thus don't need to be implemented as JSFunctions. So we introduce a new JSBoundFunction type to represent bound functions and make them optimizable. This already improves the performance of calling or constructing bound functions by 10-100x depending on the use case because we avoid the crazy dance between JavaScript and C++ that was implemented in v8natives.js previously. There's still room for improvement in the performance of actually creating bound functions, which is also relevant in practice, but we already have a plan how to accomplish that later. The mips/mips64 ports were contributed by akos.palfi@imgtec.com. CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel BUG=chromium:535408, chromium:571299, v8:4629 LOG=n Review URL: https://codereview.chromium.org/1542963002 Cr-Commit-Position: refs/heads/master@{#33042}
-
- 23 Dec, 2015 1 commit
-
-
hpayer authored
BUG=chromium:561449 LOG=n Review URL: https://codereview.chromium.org/1542113002 Cr-Commit-Position: refs/heads/master@{#33026}
-
- 17 Dec, 2015 1 commit
-
-
Benedikt Meurer authored
The FIRST-LAST_NONCALLABLE_SPEC_OBJECT_TYPE range was accidentially used in field type tracking, where we should check for JSReceiver instead (there's no need to exclude JSProxy or JSFunction from tracking). And the use in %_ClassOf was actually wrong and didn't match the C++ implementation in JSReceiver::class_name() anymore. Now it's consistent again. R=yangguo@chromium.org BUG=chromium:535408 LOG=n Review URL: https://codereview.chromium.org/1535523003 . Cr-Commit-Position: refs/heads/master@{#32926}
-
- 03 Dec, 2015 1 commit
-
-
bmeurer authored
Whenever the InstanceOfStub finds a proxy (either passed as object or somewhere on the prototype chain), it should bailout to the %HasInPrototypeChain runtime function, which will do the right thing (soonish). R=yangguo@chromium.org BUG=v8:1543 LOG=n Review URL: https://codereview.chromium.org/1492243003 Cr-Commit-Position: refs/heads/master@{#32549}
-
- 27 Nov, 2015 3 commits
-
-
bmeurer authored
Previously all contexts had a link to the global object, but what is required in most cases (except for the global load, store and delete case) is the native context. This also removes the second dummy global object that was still linked to every native context. We will add a different mechanism to ensure that builtins do not pollute the actual global object during bootstrapping. Drive-by-fix: Unify some MacroAssembler magic and drop obsolete stuff. CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_nosnap_rel R=yangguo@chromium.org,mstarzinger@chromium.org Committed: https://crrev.com/d290f204938295bfecc5c8e645ccfcff6e80ddb8 Cr-Commit-Position: refs/heads/master@{#32375} Review URL: https://codereview.chromium.org/1480003002 Cr-Commit-Position: refs/heads/master@{#32381}
-
machenbach authored
Revert of [runtime] Replace global object link with native context link in all contexts. (patchset #3 id:40001 of https://codereview.chromium.org/1480003002/ ) Reason for revert: [Sheriff] Breaks: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap/builds/5472 Original issue's description: > [runtime] Replace global object link with native context link in all contexts. > > Previously all contexts had a link to the global object, but what is > required in most cases (except for the global load, store and delete > case) is the native context. > > This also removes the second dummy global object that was still linked > to every native context. We will add a different mechanism to ensure > that builtins do not pollute the actual global object during > bootstrapping. > > Drive-by-fix: Unify some MacroAssembler magic and drop obsolete stuff. > > R=yangguo@chromium.org > > Committed: https://crrev.com/d290f204938295bfecc5c8e645ccfcff6e80ddb8 > Cr-Commit-Position: refs/heads/master@{#32375} TBR=yangguo@chromium.org,mstarzinger@chromium.org,bmeurer@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Review URL: https://codereview.chromium.org/1478303002 Cr-Commit-Position: refs/heads/master@{#32377}
-
bmeurer authored
Previously all contexts had a link to the global object, but what is required in most cases (except for the global load, store and delete case) is the native context. This also removes the second dummy global object that was still linked to every native context. We will add a different mechanism to ensure that builtins do not pollute the actual global object during bootstrapping. Drive-by-fix: Unify some MacroAssembler magic and drop obsolete stuff. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/1480003002 Cr-Commit-Position: refs/heads/master@{#32375}
-
- 26 Nov, 2015 1 commit
-
-
yangguo authored
R=verwaest@chromium.org Committed: https://crrev.com/93eb633214e0f97bf70ae30d2a07b7fbbaa78266 Cr-Commit-Position: refs/heads/master@{#32285} Review URL: https://codereview.chromium.org/1463803002 Cr-Commit-Position: refs/heads/master@{#32339}
-
- 25 Nov, 2015 1 commit
-
-
machenbach authored
Revert of [debugger] flood function for stepping before calling it. (patchset #7 id:120001 of https://codereview.chromium.org/1463803002/ ) Reason for revert: [Sheriff] Breaks layout tests: https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/3074 Original issue's description: > [debugger] flood function for stepping before calling it. > > R=verwaest@chromium.org > > Committed: https://crrev.com/93eb633214e0f97bf70ae30d2a07b7fbbaa78266 > Cr-Commit-Position: refs/heads/master@{#32285} TBR=verwaest@chromium.org,mstarzinger@chromium.org,yangguo@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Review URL: https://codereview.chromium.org/1474943005 Cr-Commit-Position: refs/heads/master@{#32299}
-