Skip to content

V
V8
Switch branch/tag
  1. 20 Sep, 2018 1 commit
  3. 30 Jul, 2018 1 commit
  5. 23 Jul, 2018 1 commit
  7. 26 Jun, 2018 1 commit
  9. 01 Jun, 2018 1 commit
    • Dan Elphick's avatar
      [objects] Deprecate GetIsolate/Heap behind a flag · 9a43b378
      Dan Elphick authored 
      Adds a new flag v8_deprecate_get_isolate that marks
HeapObject::GetIsolate/GetHeap, Handle<T>(T*) and handle<T>(T*) as
[[deprecated]]. Deprecation warnings are not converted to errors so an
entire build can be completed to collect all the warnings.

Also adds a new script tools/collect_deprecation_stats.sh which runs the
build (assuming the flag is set) and collects the number of uses of
deprecated functions. E.g. at the time of upload, we get:

Total deprecated calls: 2265
    515 GetHeap
    842 GetIsolate
    210 handle
    698 Handle

Bug: v8:7786
Change-Id: I7043c597fa90bc77759a357ef3c2a5fefe933491
Reviewed-on: https://chromium-review.googlesource.com/1082478Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53475}
      9a43b378
  11. 14 May, 2018 1 commit
  13. 14 Apr, 2018 1 commit
    • Jakob Kummerow's avatar
      [ubsan] Change Address typedef to uintptr_t · 2459046c
      Jakob Kummerow authored 
      The "Address" type is V8's general-purpose type for manipulating memory
addresses. Per the C++ spec, pointer arithmetic and pointer comparisons
are undefined behavior except within the same array; since we generally
don't operate within a C++ array, our general-purpose type shouldn't be
a pointer type.

Bug: v8:3770
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ib96016c24a0f18bcdba916dabd83e3f24a1b5779
Reviewed-on: https://chromium-review.googlesource.com/988657
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52601}
      2459046c
  15. 17 Nov, 2017 1 commit
    • Clemens Hammacher's avatar
      [handles] Use is_convertible instead of is_base_of · f8072dbd
      Clemens Hammacher authored 
      std::is_base_of<A, B> has undefined behaviour if B is not a complete
type. Hence, avoid it and use is_convertible<B*, A*> instead.
This captures exactly the requirement that
  Handle<A> foo() { return produce<Handle<B>>(); }
is valid exactly if
  A* foo() { return produce<B>(); }
is valid.
Also, change some static asserts to enable_ifs in order to allow
overloading a function by different Handle types, which would cause
disambiguity otherwise.

R=tebbi@chromium.org

Change-Id: I60fbdfcfd96c7b216e42819a5b5de3423a2c38d0
Reviewed-on: https://chromium-review.googlesource.com/774841Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49440}
      f8072dbd
  17. 13 Oct, 2017 1 commit
  19. 13 Sep, 2017 1 commit
  21. 08 Aug, 2017 1 commit
  23. 31 Jul, 2017 1 commit
  25. 14 Jul, 2017 1 commit
  27. 20 Jun, 2017 1 commit
  29. 16 May, 2017 1 commit
  31. 05 Apr, 2017 1 commit
  33. 14 Mar, 2017 1 commit
  35. 28 Feb, 2017 1 commit
  37. 22 Feb, 2017 1 commit
  39. 10 Feb, 2017 3 commits
  41. 09 Jan, 2017 1 commit
  43. 17 Oct, 2016 1 commit
  45. 27 Sep, 2016 1 commit
  47. 26 Sep, 2016 1 commit
    • jgruber's avatar
      Enable component builds for fuzzers · 22606f0c
      jgruber authored 
      V8 is collecting a growing amount of fuzzers, all of which take substantial
space on the bots and in chromium build archives. This CL improves that
situation by allowing component (shared library) builds for almost all fuzzers.

The parser fuzzer is handled as an exception since it would require exporting a
large number of additional functions.

A component build results in about a 50-100x improvement in file size for each
fuzzer (~50M-100M to around 1.1M).

BUG=chromium:648864
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_compile_dbg_ng;master.tryserver.chromium.android:android_clang_dbg_recipe

Review-Url: https://codereview.chromium.org/2360983002
Cr-Commit-Position: refs/heads/master@{#39709}
      22606f0c
  49. 20 Sep, 2016 1 commit
  51. 15 Sep, 2016 1 commit
  53. 25 Aug, 2016 1 commit
  55. 28 Jul, 2016 1 commit
    • bmeurer's avatar
      [turbofan] Refactor the lowering of element/property accesses. · 1bce2790
      bmeurer authored 
      Split the monster methods in JSNativeContextSpecialization into smaller
ones, adding appropriate helpers. Improve the condition checking for
strings and numbers using CheckString/CheckNumber when applicable. Also
try to merge compatible PropertyAccessInfos, to avoid running into the
polymorphic case whenever possible.

Drive-by-fix: Don't try to resurrect dead nodes during LoadElimination.
With the improve code generation for monomorphic loads, we seem to
trigger the dead node resurrection.

R=epertoso@chromium.org
BUG=v8:4930,v8:5141

Review-Url: https://codereview.chromium.org/2191823002
Cr-Commit-Position: refs/heads/master@{#38127}
      1bce2790
  57. 30 Apr, 2016 1 commit
    • bmeurer's avatar
      [turbofan] Run everything after representation selection concurrently. · d1b3d426
      bmeurer authored 
      Further refactor the pipeline to even run the first scheduler (part of
the effect control linearization) concurrently. This temporarily
disables most of the write barrier elimination, but we will get back to
that later.

Drive-by-fix: Remove the dead code from ChangeLowering, and stack
allocate the Typer in the pipeline. Also migrate the AllocateStub to a
native code builtin, so that we have the code object + a handle to it
available all the time.

CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux64_tsan_rel
R=mstarzinger@chromium.org
BUG=v8:4969
LOG=n

Review-Url: https://codereview.chromium.org/1926023002
Cr-Commit-Position: refs/heads/master@{#35918}
      d1b3d426
  59. 28 Apr, 2016 2 commits
  61. 18 Nov, 2015 1 commit
    • bmeurer's avatar
      [turbofan] Decouple inlining and native context specialization. · 9b14e5bb
      bmeurer authored 
      Retrieve the native context/global object from the Node being
specialized in the JSNativeContextSpecialization and the
JSGlobalObjectSpecialization classes. For this we introduce two
new methods NodeProperties::GetSpecializationNativeContext and
NodeProperties::GetSpecializationGlobalObject, which walk up
the context chain and might in the end take the native context
from the outermost activation (if native context specialization
is enabled). This allows us to run the native context specialization
pass as part of the inlining phase without hacking some of that into
the JSInliner.

Also refactor the NodeProperties::GetSpecializationContext method
that was previously local to the JSContextSpecialization.

Also refactor two other oddities in JSNativeContextSpecialization.

R=jarin@chromium.org
BUG=v8:4470, v8:4493
LOG=n

Review URL: https://codereview.chromium.org/1451143005

Cr-Commit-Position: refs/heads/master@{#32076}
      9b14e5bb
  63. 26 Oct, 2015 3 commits
  65. 31 Aug, 2015 2 commits
    • mstarzinger's avatar
      Drop ambiguous MaybeHandle comparison and hashing ops. · 51fa9e52
      mstarzinger authored 
      The default equality comparison operators and hashing functions for
Handles are ambiguous. The intended semantics might have either been
based on Handle locations or on object identity. This is why such
operators do not exist on Handle. The same argument applies to the
MaybeHandle class as well. Comments in that regard were also added.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1319383002

Cr-Commit-Position: refs/heads/master@{#30468}
      51fa9e52
    • mstarzinger's avatar
      [turbofan] Remove usage of Unique<T> from graph. · 6e65e6db
      mstarzinger authored 
      The usage of Unique<T> throughout the TurboFan IR does not have any
advantage. There is no single point in time when they are initialized
and most use-sites looked through to the underlying Handle<T> anyways.
Also there already was a mixture of Handle<T> versus Unique<T> in the
graph and this unifies the situation to use Handle<T> everywhere.

R=bmeurer@chromium.org,titzer@chromium.org

Review URL: https://codereview.chromium.org/1314473007

Cr-Commit-Position: refs/heads/master@{#30458}
      6e65e6db
  67. 11 Aug, 2015 1 commit