1. 10 Oct, 2019 1 commit
  2. 16 Sep, 2019 1 commit
  3. 10 Sep, 2019 1 commit
  4. 28 Aug, 2019 1 commit
    • Z Nguyen-Huu's avatar
      Add new nonextensible element kinds · 1f4bec27
      Z Nguyen-Huu authored
      Currently the backing store and elements kind might not aligned aka
      backing store can be dictionary where elements kind is frozen/sealed
      element kinds or the other way around. The reason is that
      Object.preventExtensions change elements kind to DICTIONARY while
      Object.seal/freeze change elements kind to SEALED/FROZEN element kind.
      Apply both these operations can lead to that problem as in
      chromium:992914
      
      To solve this issue, we avoid Object.preventExtensions to change backing
      store to dictionary by introducing new nonextensible elements kind.
      These new nonextensible elements kind are handled similar to frozen,
      sealed element kinds. This change not only fixes the problem but also
      optimize the performance of nonextensible objects.
      
      Change-Id: Iffc7f14eb48223c11abf3c577f305d2d072eb65b
      Bug: chromium:992914, v8:6831
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1760976
      Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
      Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
      Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#63432}
      1f4bec27
  5. 26 Aug, 2019 1 commit
  6. 19 Aug, 2019 2 commits
    • Santiago Aboy Solanes's avatar
      Reland "[CSA][cleanup] TNodify some methods related to prototype and property lookup" · 007cbd2c
      Santiago Aboy Solanes authored
      This is a reland of 82111e22
      
      Relanding since we now have more shards:
      https://chromium-review.googlesource.com/c/v8/v8/+/1760810
      
      Original change's description:
      > [CSA][cleanup] TNodify some methods related to prototype and property lookup
      >
      > This is a CL in a string of CLs that aims to TNodify CSA. In particular,
      > there were some loads that were done in AnyTagged instead of
      > TaggedPointer. TNode-ifying them brings improvement in pointer
      > compression since we are able to decompress using the Pointer
      > decompression.
      >
      > TNodified:
      >  * LoadJSFunctionPrototype
      >  * TryPrototypeChainLookup
      >  * OrdinaryHasInstance
      >
      > Also TNodified loads regarding:
      >  * FeedbackCell::kValueOffset
      >  * HeapObject::kMapOffset
      >  * JSFunction::kSharedFunctionInfoOffset
      >  * JSFunction::kFeedbackCellOffset
      >  * Map::kInstanceTypeOffset
      >  * Map::kInstanceDescriptorsOffset
      >  * Map::kPrototypeOffset
      >
      > Drive-by cleanup: StoreJSArrayLength and StoreElements were unused.
      >
      > Bug: v8:6949, v8:9396
      > Change-Id: I89697b5c02490906be1eee63cf3d9e60a1094d48
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1755844
      > Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
      > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#63216}
      
      Bug: v8:6949, v8:9396
      Change-Id: I040aefcf8af60611f7b3c24f3bd5c661e03b6ada
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1760811Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
      Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#63249}
      007cbd2c
    • Maya Lekova's avatar
      Revert "[CSA][cleanup] TNodify some methods related to prototype and property lookup" · 3a7a4a2f
      Maya Lekova authored
      This reverts commit 82111e22.
      
      Reason for revert: Speculative revert, could be causing timeouts - https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm%20-%20sim%20-%20debug/17567
      
      Original change's description:
      > [CSA][cleanup] TNodify some methods related to prototype and property lookup
      > 
      > This is a CL in a string of CLs that aims to TNodify CSA. In particular,
      > there were some loads that were done in AnyTagged instead of
      > TaggedPointer. TNode-ifying them brings improvement in pointer
      > compression since we are able to decompress using the Pointer
      > decompression.
      > 
      > TNodified:
      >  * LoadJSFunctionPrototype
      >  * TryPrototypeChainLookup
      >  * OrdinaryHasInstance
      > 
      > Also TNodified loads regarding:
      >  * FeedbackCell::kValueOffset
      >  * HeapObject::kMapOffset
      >  * JSFunction::kSharedFunctionInfoOffset
      >  * JSFunction::kFeedbackCellOffset
      >  * Map::kInstanceTypeOffset
      >  * Map::kInstanceDescriptorsOffset
      >  * Map::kPrototypeOffset
      > 
      > Drive-by cleanup: StoreJSArrayLength and StoreElements were unused.
      > 
      > Bug: v8:6949, v8:9396
      > Change-Id: I89697b5c02490906be1eee63cf3d9e60a1094d48
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1755844
      > Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
      > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#63216}
      
      TBR=rmcilroy@chromium.org,solanes@chromium.org
      
      # Not skipping CQ checks because original CL landed > 1 day ago.
      
      Bug: v8:6949, v8:9396
      Change-Id: Ib6ae8fe86a598ed1066894595565e1162cf7dd1f
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1758310Reviewed-by: 's avatarMaya Lekova <mslekova@chromium.org>
      Reviewed-by: 's avatarSantiago Aboy Solanes <solanes@chromium.org>
      Commit-Queue: Maya Lekova <mslekova@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#63233}
      3a7a4a2f
  7. 15 Aug, 2019 1 commit
    • Santiago Aboy Solanes's avatar
      [CSA][cleanup] TNodify some methods related to prototype and property lookup · 82111e22
      Santiago Aboy Solanes authored
      This is a CL in a string of CLs that aims to TNodify CSA. In particular,
      there were some loads that were done in AnyTagged instead of
      TaggedPointer. TNode-ifying them brings improvement in pointer
      compression since we are able to decompress using the Pointer
      decompression.
      
      TNodified:
       * LoadJSFunctionPrototype
       * TryPrototypeChainLookup
       * OrdinaryHasInstance
      
      Also TNodified loads regarding:
       * FeedbackCell::kValueOffset
       * HeapObject::kMapOffset
       * JSFunction::kSharedFunctionInfoOffset
       * JSFunction::kFeedbackCellOffset
       * Map::kInstanceTypeOffset
       * Map::kInstanceDescriptorsOffset
       * Map::kPrototypeOffset
      
      Drive-by cleanup: StoreJSArrayLength and StoreElements were unused.
      
      Bug: v8:6949, v8:9396
      Change-Id: I89697b5c02490906be1eee63cf3d9e60a1094d48
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1755844
      Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
      Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#63216}
      82111e22
  8. 05 Aug, 2019 1 commit
    • Mythri A's avatar
      Reland "[ic] Don't transition to premonomorphic state" · 2999cea5
      Mythri A authored
      This is a reland of 159df248
      
      Original change's description:
      > [ic] Don't transition to premonomorphic state
      > 
      > We used to use premonomorphic state to delay initializing the ICs.
      > This optimization was to avoid the cost of setting up handlers if the
      > code executed only once. With lazy feedback allocation we no longer
      > need this.
      > 
      > This cl also renames LoadIC_Uninitialized to LoadIC_Nofeedback and
      > StoreIC_Uninitialized to StoreIC_Nofeedback since we now miss to
      > runtime in the uninitialized state and use the builtin when there
      > is no feedback.
      > 
      > 
      > Change-Id: I1633e61ea74664da51348e362c34c47a017a264a
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1683525
      > Commit-Queue: Mythri Alle <mythria@chromium.org>
      > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#63020}
      
      Change-Id: Ica7eb65649615c2f8410d5b815a98b55cb1cfc4d
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1731000
      Commit-Queue: Mythri Alle <mythria@chromium.org>
      Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
      Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#63082}
      2999cea5
  9. 01 Aug, 2019 2 commits
  10. 23 Jul, 2019 1 commit
  11. 24 Jun, 2019 1 commit
    • Mathias Bynens's avatar
      [objects] Rename JSValue to JSPrimitiveWrapper · e428dfd7
      Mathias Bynens authored
      We currently use the class name “JSValue” for JSObjects that wrap
      primitive values. This name is a common source of confusion. This patch
      switches to a name that’s more clear.
      
      In addition to manual tweaks, the patch applies the following mechanical
      global replacements:
      
      before                          | after
      --------------------------------|--------------------------------------
      if_valueisnotvalue              | if_valueisnotwrapper
      if_valueisvalue                 | if_valueiswrapper
      js_value                        | js_primitive_wrapper
      JS_VALUE_TYPE                   | JS_PRIMITIVE_WRAPPER_TYPE
      JSPrimitiveWrapperType          | JSPrimitiveWrapper type
      jsvalue                         | js_primitive_wrapper
      JSValue                         | JSPrimitiveWrapper
      _GENERATED_JSVALUE_FIELDS       | _GENERATED_JSPRIMITIVE_WRAPPER_FIELDS
      
      Change-Id: I9d9edea784eab6067b013e1f781e4db2070f807c
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1672942Reviewed-by: 's avatarTamer Tas <tmrts@chromium.org>
      Reviewed-by: 's avatarMichael Stanton <mvstanton@chromium.org>
      Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Commit-Queue: Mathias Bynens <mathias@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#62337}
      e428dfd7
  12. 19 Jun, 2019 1 commit
  13. 27 May, 2019 1 commit
    • Clemens Hammacher's avatar
      [cleanup] Replace simple typedefs by using · a335f2ae
      Clemens Hammacher authored
      This replaces all typedefs that define types and not functions by the
      equivalent "using" declaration.
      
      This was done mostly automatically using this command:
      ag -l '\btypedef\b' src test | xargs -L1 \
           perl -i -p0e 's/typedef ([^*;{}]+) (\w+);/using \2 = \1;/sg'
      
      Patchset 2 then adds some manual changes for typedefs for pointer types,
      where the regular expression did not match.
      
      R=mstarzinger@chromium.org
      TBR=yangguo@chromium.org, jarin@chromium.org
      
      Bug: v8:9183
      Change-Id: I6f6ee28d1793b7ac34a58f980b94babc21874b78
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1631409
      Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
      Reviewed-by: 's avatarMichael Starzinger <mstarzinger@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#61849}
      a335f2ae
  14. 23 May, 2019 1 commit
  15. 22 May, 2019 1 commit
  16. 21 May, 2019 1 commit
  17. 07 May, 2019 1 commit
  18. 09 Apr, 2019 1 commit
  19. 01 Mar, 2019 1 commit
    • Matt Gardner's avatar
      Reland "Optimize `in` operator" · 803ad324
      Matt Gardner authored
      The original was reverted for breaking webkit layout tests:
      https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8-Blink%20Linux%2064/30270
      
      It also caused the following clusterfuzz failures:
      
      chromium:935832
      This was a correctness bug due to not properly handling the case of arrays with prototypes other
      than Array.prototype. Accesses that were TheHole were not being handled property, both in bounds
      holes in holey arrays and out of bounds on either holey or packed arrays. Handling was incorrect
      both in access-assembler and in Turbofan.
      
      chromium:935932
      This bug was that there was no handling for Has checks on the global object. Turbofan was emitting
      code for a store (the 'else' condition on 'access_mode == AccessMode::kLoad'). It hit a DCHECK in
      debug builds but in release could show up in different places. This is the bug that caused the
      webkit layout test failure that led to the revert.
      
      Both bugs are fixed by in CL, and tests are added for those cases.
      
      Bug: v8:8733, chromium:935932, chromium:935832
      Change-Id: Iba0dfcfce6e15d2c0815a7670ece67bc13ba1925
      Reviewed-on: https://chromium-review.googlesource.com/c/1493132Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
      Reviewed-by: 's avatarSigurd Schneider <sigurds@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Commit-Queue: Matt Gardner <magardn@microsoft.com>
      Cr-Commit-Position: refs/heads/master@{#59958}
      803ad324
  20. 26 Feb, 2019 1 commit
  21. 25 Feb, 2019 1 commit
  22. 25 Jan, 2019 1 commit
  23. 13 Dec, 2018 3 commits
    • Sigurd Schneider's avatar
      Reland "Reland "Reland "[code-comments] Put code comments into the code object""" · b55dd17f
      Sigurd Schneider authored
      This is a reland of 9c0a4858
      
      Original change's description:
      > Reland "Reland "[code-comments] Put code comments into the code object""
      >
      > This is a reland of ed3d6472
      >
      > This reland fixes that padding at the end of Wasm instruction streams
      > triggered asserts in the code printer.
      >
      > Original change's description:
      > > Reland "[code-comments] Put code comments into the code object"
      > >
      > > This is a reland of e774cffe
      > >
      > > This reland disables a test as v8:8548 is blocking it, which was
      > > broken by a recent CL. CQ did not catch this because the merge-base
      > > CQ used did not yet contain the CL that caused v8:8548.
      > >
      > > Original change's description:
      > > > [code-comments] Put code comments into the code object
      > > >
      > > > Code comments in the snapshot can now be enabled with gn
      > > > arg 'v8_enable_snapshot_code_comments'
      > > >
      > > > Bug: v8:7989
      > > > Change-Id: I8bd00cafa63132d00d849394c311ba15e6b6daf3
      > > > Reviewed-on: https://chromium-review.googlesource.com/c/1329173
      > > > Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
      > > > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
      > > > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
      > > > Reviewed-by: Michael Stanton <mvstanton@chromium.org>
      > > > Cr-Commit-Position: refs/heads/master@{#58020}
      > >
      > > TBR=mvstanton@chromium.org,mstarzinger@chromium.org,jgruber@chromium.org,tebbi@chromium.org
      > >
      > > Bug: v8:7989, v8:8548
      > > Change-Id: I464fc897205fefdf2dfc2eadc54d699c4e08a0e9
      > > Reviewed-on: https://chromium-review.googlesource.com/c/1361166
      > > Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
      > > Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
      > > Cr-Commit-Position: refs/heads/master@{#58028}
      >
      > Bug: v8:7989, v8:8548
      > Change-Id: I254f55ff687ad049f8d92b09331ed26a2bd05d7d
      > Reviewed-on: https://chromium-review.googlesource.com/c/1371784
      > Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
      > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
      > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#58221}
      
      TBR=jgruber@chromium.org,mstarzinger@chromium.org
      
      Bug: v8:7989, v8:8548, v8:8593
      Change-Id: I4f7ffc98e0281c7b744eb4a04ba0763896c7b59b
      Reviewed-on: https://chromium-review.googlesource.com/c/1375919Reviewed-by: 's avatarSigurd Schneider <sigurds@chromium.org>
      Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#58232}
      b55dd17f
    • Clemens Hammacher's avatar
      Revert "Reland "Reland "[code-comments] Put code comments into the code object""" · 8a5c0095
      Clemens Hammacher authored
      This reverts commit 9c0a4858.
      
      Reason for revert: Seems to break nosnap debug: https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20nosnap%20-%20debug/22228
      
      Original change's description:
      > Reland "Reland "[code-comments] Put code comments into the code object""
      > 
      > This is a reland of ed3d6472
      > 
      > This reland fixes that padding at the end of Wasm instruction streams
      > triggered asserts in the code printer.
      > 
      > Original change's description:
      > > Reland "[code-comments] Put code comments into the code object"
      > >
      > > This is a reland of e774cffe
      > >
      > > This reland disables a test as v8:8548 is blocking it, which was
      > > broken by a recent CL. CQ did not catch this because the merge-base
      > > CQ used did not yet contain the CL that caused v8:8548.
      > >
      > > Original change's description:
      > > > [code-comments] Put code comments into the code object
      > > >
      > > > Code comments in the snapshot can now be enabled with gn
      > > > arg 'v8_enable_snapshot_code_comments'
      > > >
      > > > Bug: v8:7989
      > > > Change-Id: I8bd00cafa63132d00d849394c311ba15e6b6daf3
      > > > Reviewed-on: https://chromium-review.googlesource.com/c/1329173
      > > > Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
      > > > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
      > > > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
      > > > Reviewed-by: Michael Stanton <mvstanton@chromium.org>
      > > > Cr-Commit-Position: refs/heads/master@{#58020}
      > >
      > > TBR=mvstanton@chromium.org,mstarzinger@chromium.org,jgruber@chromium.org,tebbi@chromium.org
      > >
      > > Bug: v8:7989, v8:8548
      > > Change-Id: I464fc897205fefdf2dfc2eadc54d699c4e08a0e9
      > > Reviewed-on: https://chromium-review.googlesource.com/c/1361166
      > > Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
      > > Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
      > > Cr-Commit-Position: refs/heads/master@{#58028}
      > 
      > Bug: v8:7989, v8:8548
      > Change-Id: I254f55ff687ad049f8d92b09331ed26a2bd05d7d
      > Reviewed-on: https://chromium-review.googlesource.com/c/1371784
      > Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
      > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
      > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#58221}
      
      TBR=mvstanton@chromium.org,mstarzinger@chromium.org,sigurds@chromium.org,jgruber@chromium.org
      
      Change-Id: I681a3c63120c6ab953bfe9cd2b07bcf560ebfdee
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: v8:7989, v8:8548
      Reviewed-on: https://chromium-review.googlesource.com/c/1375916
      Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
      Reviewed-by: 's avatarClemens Hammacher <clemensh@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#58228}
      8a5c0095
    • Sigurd Schneider's avatar
      Reland "Reland "[code-comments] Put code comments into the code object"" · 9c0a4858
      Sigurd Schneider authored
      This is a reland of ed3d6472
      
      This reland fixes that padding at the end of Wasm instruction streams
      triggered asserts in the code printer.
      
      Original change's description:
      > Reland "[code-comments] Put code comments into the code object"
      >
      > This is a reland of e774cffe
      >
      > This reland disables a test as v8:8548 is blocking it, which was
      > broken by a recent CL. CQ did not catch this because the merge-base
      > CQ used did not yet contain the CL that caused v8:8548.
      >
      > Original change's description:
      > > [code-comments] Put code comments into the code object
      > >
      > > Code comments in the snapshot can now be enabled with gn
      > > arg 'v8_enable_snapshot_code_comments'
      > >
      > > Bug: v8:7989
      > > Change-Id: I8bd00cafa63132d00d849394c311ba15e6b6daf3
      > > Reviewed-on: https://chromium-review.googlesource.com/c/1329173
      > > Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
      > > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
      > > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
      > > Reviewed-by: Michael Stanton <mvstanton@chromium.org>
      > > Cr-Commit-Position: refs/heads/master@{#58020}
      >
      > TBR=mvstanton@chromium.org,mstarzinger@chromium.org,jgruber@chromium.org,tebbi@chromium.org
      >
      > Bug: v8:7989, v8:8548
      > Change-Id: I464fc897205fefdf2dfc2eadc54d699c4e08a0e9
      > Reviewed-on: https://chromium-review.googlesource.com/c/1361166
      > Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
      > Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#58028}
      
      Bug: v8:7989, v8:8548
      Change-Id: I254f55ff687ad049f8d92b09331ed26a2bd05d7d
      Reviewed-on: https://chromium-review.googlesource.com/c/1371784
      Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
      Reviewed-by: 's avatarMichael Starzinger <mstarzinger@chromium.org>
      Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#58221}
      9c0a4858
  24. 04 Dec, 2018 4 commits
  25. 22 Nov, 2018 1 commit
  26. 19 Nov, 2018 1 commit
    • Jakob Gruber's avatar
      [nojit] Move several IC stubs to builtins · 33da7197
      Jakob Gruber authored
      KeyedLoadSloppyArguments -> KeyedLoadIC_SloppyArguments
      KeyedStoreSloppyArguments -> KeyedStoreIC_SloppyArguments
      LoadIndexedIntercepter -> LoadIndexedInterceptorIC
      StoreInArrayLiteralSlowStub -> StoreInArrayLiteralIC_Slow
      StoreInterceptor -> StoreInterceptorIC
      StoreSlowElementStub -> KeyedStoreIC_Slow
      
      A few Store stubs were parameterized for the sole purpose of
      determining the KeyedAccessStoreMode later on. These are now
      implemented as a dedicated builtin for each store mode.
      
      Bug: v8:7777
      Change-Id: I743474b0e6c5d6ec2513bb9f8f3a93c5c0535927
      Reviewed-on: https://chromium-review.googlesource.com/c/1339859Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#57592}
      33da7197
  27. 31 Aug, 2018 1 commit
    • Benedikt Meurer's avatar
      [runtime] Merge %KeyedGetProperty into %GetProperty. · 5f27e5c7
      Benedikt Meurer authored
      As noticed by jkummerow@ there's probably not really a point in
      keeping two separate runtime functions that perform the same
      operation, but one has a different fast-path (which is not
      available to the other). So %KeyedGetProperty is now effectively
      %GetProperty and used consistently as fallback from both the ICs
      as well as other callers like the GetProperty builtin.
      
      Bug: v8:8015
      Change-Id: Ib46b13da739229e2eb820ecf87923ac99c6971d3
      Reviewed-on: https://chromium-review.googlesource.com/1199105
      Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
      Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#55547}
      5f27e5c7
  28. 02 Mar, 2018 1 commit
  29. 15 Dec, 2017 1 commit
  30. 15 Nov, 2017 1 commit
  31. 07 Nov, 2017 1 commit
  32. 06 Nov, 2017 1 commit
    • Toon Verwaest's avatar
      Drop custom accessor deoptimization support · c82cd313
      Toon Verwaest authored
      Previously StaNamedProperty and StaKeyedProperty were in a weird state where
      they claimed to not touch the accumulator, but actually did in case they were
      deopted in the middle. A frame was added in the middle to overwrite the 
      accumulator again with the right value before returning from the setter, using
      a lot of complexity in the deoptimizer.
      
      This changes those instructions to be marked as writing to the accumulator
      (e.g., the result of the setter), and uses to manually store and reload into
      the accumulator the value being stored.
      
      If we want to avoid the additional bytecodes, we could make sure that bytecodes
      that claim to leave the accumulator alone don't deopt back to Advance/Dispatch
      but LoadAccumulatorWithValue/Advance/Dispatch. That's in a way similar to what
      happened before this CL, but I believe could be implemented much simpler.
      
      
      Bug: 
      Change-Id: I4850a690ef5a30976701d0e050951faa46fd1c18
      Reviewed-on: https://chromium-review.googlesource.com/753487Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
      Reviewed-by: 's avatarJaroslav Sevcik <jarin@chromium.org>
      Commit-Queue: Toon Verwaest <verwaest@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#49159}
      c82cd313
  33. 30 Oct, 2017 1 commit