- 11 Sep, 2019 6 commits
-
-
Ng Zhi An authored
Implementations for other architectures will follow in subsequent changes. Bug: v8:8460 Change-Id: I279388ab76b1d88d65cbe179088be5573c17fc58 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796317 Commit-Queue: Zhi An Ng <zhin@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#63693}
-
Igor Sheludko authored
... and the following helper methods: - IntPtrOrSmiConstant - IntPtrOrSmiXXX - Increment - Decrement Bug: v8:9708 Change-Id: I9da8bba4da2012a873fd3f23972c678ff80eec21 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1798623Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#63689}
-
Igor Sheludko authored
This is a first step towards removal of dynamic ParameterMode. Bug: v8:9708 Change-Id: I3502584264952dc12b44fd85b91274c9a0ddf31d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1798622Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#63688}
-
Igor Sheludko authored
... to precisely express which guarantees does this operator provide. Drive-by-fix: use it for other tag-checking predicates in CSA. Bug: v8:9396 Change-Id: Ifee22922ac02ec8866038be1a97625a32638d521 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795504 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#63681}
-
Igor Sheludko authored
... to make it "smi-corrupting" decompression-friendly. Also add a cctest for the CSA implementation. Bug: v8:9706 Change-Id: I1f1b0aa1b40832a0c2ce81658da316b3e442189c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796802Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#63674}
-
Mu Tao authored
Fix build errors introduced by commit af063685 and not fully fixed by commit db3cc4a2 Change-Id: Ifdc92f5d55061670127999058d374914985df762 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795643Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Mu Tao <pamilty@gmail.com> Auto-Submit: Mu Tao <pamilty@gmail.com> Cr-Commit-Position: refs/heads/master@{#63665}
-
- 10 Sep, 2019 5 commits
-
-
Leszek Swirski authored
Rather than duplicating code paths for in- and out-of-object stores, have one code path which checks whether it needs to load the property store (and change the storage location to the HeapNumber value for unboxed doubles). As a drive-by, change the representation dispatch into a switch, and inline the representation checks into that switch, to make explicit what checks for what and which paths transform the value. Also, TNodify some of the surrounding functions. Change-Id: Ia1bf698b4cec3ffce9aaa5732cda2e3be9efd8e8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795345Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#63652}
-
Rong Wang authored
This CL is necessary for disabling write-barriers that involoves referencing pages via address arithmetic, which is required from third-party heap implementation. Change-Id: I1d3f572d48015e5c8cf691b2dc71a32834621c2f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1781008Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#63644}
-
Clemens Hammacher authored
Since we switched to C++14 now, we can use {std::make_unique} instead of our own {base::make_unique} from {template-utils.h}. R=mstarzinger@chromium.org, yangguo@chromium.org Bug: v8:9687 No-Try: true Change-Id: I660eb30038bbb079cee93c7861cd87ccd134f01b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789300 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#63642}
-
Milad Farazmand authored
Port af063685 R=bbudge@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: Iccbb0a968cd8490cfa1191ea8adb31007739b297 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1790544Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#63634}
-
Mu Tao authored
Fix build errors introduced by commit af063685 Change-Id: I467ea39f020d07bed00875f69152191b94029dd1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1794327 Auto-Submit: Mu Tao <pamilty@gmail.com> Reviewed-by: Bill Budge <bbudge@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#63633}
-
- 09 Sep, 2019 5 commits
-
-
Zhi An Ng authored
This reverts commit 306bb635. Reason for revert: Fails on Win64 msvc https://ci.chromium.org/p/v8/builders/ci/V8%20Win64%20-%20msvc/10601 Original change's description: > [wasm-simd] Implement F64x2ConvertI64x2 for x64 > > Bug: v8:8460 > Change-Id: Icefb90c67af77ac93bd75b4e452ba426232de83a > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710332 > Commit-Queue: Zhi An Ng <zhin@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Reviewed-by: Bill Budge <bbudge@chromium.org> > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > Cr-Commit-Position: refs/heads/master@{#63627} TBR=bbudge@chromium.org,mstarzinger@chromium.org,gdeepti@chromium.org,zhin@chromium.org Change-Id: I3ad568ec01f93e89ccc758170681035413b8414e No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:8460 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792232Reviewed-by: Zhi An Ng <zhin@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#63628}
-
Ng Zhi An authored
Bug: v8:8460 Change-Id: Icefb90c67af77ac93bd75b4e452ba426232de83a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710332 Commit-Queue: Zhi An Ng <zhin@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Bill Budge <bbudge@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/master@{#63627}
-
Santiago Aboy Solanes authored
TNodify: * FloatOp * BigIntOp * Loads into their respective types * return type of: * GetContextAtDepth * ConstructWithSpread * Construct * CallBuiltin Also TNodify CheckEnumCache in code-stub-assembler. Bug: v8:6949, v8:9396 Change-Id: I79a90296b4851e47f4b89ed52fadfc9b61be1e6a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789161 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#63625}
-
Bill Budge authored
Bug: v8:9429 Change-Id: I13780eab38230ea62334485e10a5fa4dbb432e90 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789395 Commit-Queue: Bill Budge <bbudge@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#63622}
-
Santiago Aboy Solanes authored
Also TNodified context in interpreter-intrinsics-generator.cc Bug: v8:6949 Change-Id: Ia5d5b4dd61aa83592f1c7e1b502f34504cb25dbd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1784918 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Mythri Alle <mythria@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#63615}
-
- 06 Sep, 2019 2 commits
-
-
Swapnil Gaikwad authored
This is a reland of 8b89a7c3 Reland after disabling the test getting deadlocked with '--gc_stress' flag. The CL was reverted because of the 'wasm/grow-shared-memory' test from the mjsunit test suite deadlocked for the 'gc_stress' variant. This is the known issue (v8:9221) and the deadlocking test is now disabled ( https://chromium.googlesource.com/v8/v8.git/+/1c8981e3f4729b7a8220a8823e0a0d45f2a4b788). Original change's description: > Update GetIterator bytecode to load and call object[Symbol.iterator] > > The functionality of the GetIterator bytecode introduced previously is > now extended from loading the @@iterator property to calling the property > as well. This change basically absorbs the functionality of additional > two bytecodes - Star, CallProperty0 in the GetIterator bytecode. > Importantly, this change handles the cases of eager and lazy deoptimization > in the middle of the bytecode, i.e., lazy deopt for LdaNamedProperty and > eager deopt of the CallProperty0 bytecode, using the continuation builtins. > This mechanism can work as a template for the future bytecode that require > handling such inter-bytecode deopt scenario. The tests evaluating the eager > and lazy deopt scenarios are also included. > > Bug: v8:9489 > Change-Id: I93eb022bbc3d37582407820aa8482a343cac6c12 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1758313 > Commit-Queue: Swapnil Gaikwad <swapnilgaikwad@google.com> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Cr-Commit-Position: refs/heads/master@{#63528} Bug: v8:9489,v8:9221 Change-Id: I4286255aef457bfdbbe5eb50fc6dabdf9c0955b1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1787427Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Swapnil Gaikwad <swapnilgaikwad@google.com> Cr-Commit-Position: refs/heads/master@{#63599}
-
Clemens Hammacher authored
This reduces the size per runtime stub slot by using the same sequence we plan to use for far jumps. Note that alignment is not an issue here, since runtime stub slots are never patched. R=mstarzinger@chromium.org CC=joey.gouly@arm.com Bug: v8:9477 Change-Id: I38666c8fce93a977bc5b9ca5fafc54f6ae739f12 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1784293 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#63591}
-
- 05 Sep, 2019 4 commits
-
-
Leszek Swirski authored
This is a reland of 981aafaf It adds double checks to LoadFieldByIndex in the optimizing compiler, which are likely the source of the crashes. Original change's description: > Reland "[ic] In-place Double -> Tagged transitions" > > This is a reland of 0736599a. > This is a reland of 7e1fbe8f. > > Original change description: > > [ic] In-place Double -> Tagged transitions > > > > With no more MutableHeapNumber, we can make Double -> Tagged transitions > > in-place, at the cost of an extra map check when accessing double fields > > to make sure they are still doubles. > > > > Bug: v8:9606 > > Change-Id: I74ff39ed6fba62ee223cd37dfe761f7d73020e1c > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1743973 > > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#63374} > > TBR=verwaest@chromium.org, tebbi@chromium.org > > Bug: v8:9606 > Change-Id: I2d1b7416064d743582f4983fb868316b7e8a4cf2 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1777661 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > Cr-Commit-Position: refs/heads/master@{#63499} TBR=verwaest@chromium.org Bug: v8:9606 Bug: chromium:997989 Change-Id: Iccfff8e5c6306c9ee4f6c62767dce883b1c6f743 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1784288Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#63582}
-
Santiago Aboy Solanes authored
TNodified from interpreter-generator: * SwitchOnSmiNoFeedback * CreateFunctionContext * CreateEvalContext * SwitchOnGeneratorState since they were using some of the interpreter-assembler now TNodified methods. Bug: v8:6949 Change-Id: I0055100428232e8bdc79cb4356954bac52f4a30d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1781689 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#63576}
-
Ross McIlroy authored
The inferred name in the function literal might not be as accurate as the one already on the shared function info, so use the existing one instead. BUG=chromium:995813 Change-Id: Ie06eb964934fc039e56ebf9452f706e1192b7ab0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1782169 Auto-Submit: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Dan Elphick <delphick@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#63566}
-
Clemens Hammacher authored
This reduces the size per runtime stub slot by using the same sequence we plan to use for far jumps. Note that alignment is not an issue here, since runtime stub slots are never patched. R=mstarzinger@chromium.org Bug: v8:9477 Change-Id: Ida73896bfc26d01f2a3fbccde785928d1ac92380 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1784291 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#63564}
-
- 04 Sep, 2019 5 commits
-
-
Tobias Tebbi authored
This reverts commit 352a154e. Reason for revert: https://crbug.com/999972 Original change's description: > [compiler] improve inlining heuristics: call frequency per executed bytecodes > > TLDR: Inline less, but more where it matters. ~10% decrease in Turbofan > compile time including off-thread, while improving Octane scores by ~2%. > > How things used to work: > > There is a flag FLAG_min_inlining_frequency that limits inlining by > the callsite being sufficiently frequently executed. This call frequency > was measured relative to invocations of the parent (= the function we > originally optimize). At the same time, the limit was very low (0.15), > meaning we mostly relied on the total amount of inlined code > (FLAG_max_inlined_bytecode_size_cumulative) to limit inlining. > > How things work now: > > Instead of measuring call frequency relative to parent invocations, we > should have a measure that predicts how often the callsite in question > will be executed in the future. An obvious attempt at that would be to > measure how often the callsite was executed in absolute numbers in the > past. But depending on how fast feedback stabilizes, it can take more > or less time until we optimize a function. If we just take the absolute > call frequency up to the point in time when we optimize, we would > inline more for functions that stabilize slowly, which doesn't make > sense. So instead, we measure absolute call count per KB of executed > bytecodes of the parent function. > Since inlining big functions is more expensive, this threshold is > additionally scaled linearly with the bytecode-size of the inlinee. > The resulting formula is: > call_frequency > > FLAG_min_inlining_frequency * > (bytecode.length() - FLAG_max_inlined_bytecode_size_small) / > (FLAG_max_inlined_bytecode_size - FLAG_max_inlined_bytecode_size_small) > > The new threshold is chosen in a way that it effectively limits > inlining, which allows us to increase > FLAG_max_inlined_bytecode_size_cumulative without increasing inlining > in general. > > The reduction in compile time (x64 build) of ~10% was observed in Octane, > ARES-6, web-tooling-benchmark, and the standalone TypeScript benchmark. > The hope is that this will reduce CPU-time in real-world situations > too. > The Octane improvements come from inlining more in places where it > matters. > > Bug: v8:6682 > > Change-Id: I99baa17dec85b71616a3ab3414d7e055beca39a0 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1768366 > Commit-Queue: Tobias Tebbi <tebbi@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Reviewed-by: Maya Lekova <mslekova@chromium.org> > Cr-Commit-Position: refs/heads/master@{#63449} TBR=rmcilroy@chromium.org,neis@chromium.org,jgruber@chromium.org,tebbi@chromium.org,mslekova@chromium.org # Not skipping CQ checks because original CL landed > 1 day ago. Bug: v8:6682 chromium:999972 Change-Id: Iffca63d4bef81afa0f66e34d35fb72f3b5baf517 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1784281Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#63554}
-
Leszek Swirski authored
This reverts commit 981aafaf. Reason for revert: Still crashing on Canary. Original change's description: > Reland "[ic] In-place Double -> Tagged transitions" > > This is a reland of 0736599a. > This is a reland of 7e1fbe8f. > > Original change description: > > [ic] In-place Double -> Tagged transitions > > > > With no more MutableHeapNumber, we can make Double -> Tagged transitions > > in-place, at the cost of an extra map check when accessing double fields > > to make sure they are still doubles. > > > > Bug: v8:9606 > > Change-Id: I74ff39ed6fba62ee223cd37dfe761f7d73020e1c > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1743973 > > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#63374} > > TBR=verwaest@chromium.org, tebbi@chromium.org > > Bug: v8:9606 > Change-Id: I2d1b7416064d743582f4983fb868316b7e8a4cf2 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1777661 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > Cr-Commit-Position: refs/heads/master@{#63499} TBR=leszeks@chromium.org, verwaest@chromium.org, tebbi@chromium.org # Not skipping CQ checks because original CL landed > 1 day ago. Bug: v8:9606 Bug: chromium:997989 Change-Id: Ic95166e67df68e84a524dffd8155121c3ff6aa13 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1784283 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#63550}
-
Patrick Thier authored
Instead of checking code flags to decide if the irregexp code object is an off-heap trampoline, we now directly load the builtin index offset and treat the code as on-heap if the offset is -1. In addition the regexp stack now has its own external reference for top of stack address. This prevents calculating the top of stack address using the base address and size at every invocation. Bug: chromium:999993 Change-Id: I23649e8b410a56276f26846b0b12ad29310c3db7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1782565Reviewed-by: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Patrick Thier <pthier@google.com> Cr-Commit-Position: refs/heads/master@{#63548}
-
Georg Neis authored
This is a reland of ab089c78, after making a flaky test more robust. Original change's description: > [turbofan] Prepare for moving part of CreateGraph into the background > > - Pass Refs, not Handles, to graph builder, and drop bytecode array argument > (get it from SFI instead). > - Add some fields to FeedbackVectorRef that are needed to avoid heap access > in BytecodeGraphBuilderPhase. > - Rename FeedbackVectorRef's SerializeSlots to Serialize, since it's more > than just the feedback slots. > - Rearrange the last steps in PipelineCompilationJob::PrepareJobImpl such > that CreateGraph is last. > > Bug: v8:7790 > Change-Id: I4b17790d1d74da41ba63ee68e3a33968662fc398 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1781682 > Reviewed-by: Maya Lekova <mslekova@chromium.org> > Commit-Queue: Georg Neis <neis@chromium.org> > Cr-Commit-Position: refs/heads/master@{#63515} Bug: v8:7790 Change-Id: Ia6f4c1ebd82dea93c14437514d0e25b730523f75 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1781694Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#63545}
-
Georg Neis authored
Change-Id: I29a4d20656727e6ec1e1fd052a840bd5aefe3cd4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1781052 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#63544}
-
- 03 Sep, 2019 6 commits
-
-
Francis McCabe authored
This reverts commit 8b89a7c3. Reason for revert: GC Stress tests timing out. See https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20gc%20stress/24272 Original change's description: > Update GetIterator bytecode to load and call object[Symbol.iterator] > > The functionality of the GetIterator bytecode introduced previously is > now extended from loading the @@iterator property to calling the property > as well. This change basically absorbs the functionality of additional > two bytecodes - Star, CallProperty0 in the GetIterator bytecode. > Importantly, this change handles the cases of eager and lazy deoptimization > in the middle of the bytecode, i.e., lazy deopt for LdaNamedProperty and > eager deopt of the CallProperty0 bytecode, using the continuation builtins. > This mechanism can work as a template for the future bytecode that require > handling such inter-bytecode deopt scenario. The tests evaluating the eager > and lazy deopt scenarios are also included. > > Bug: v8:9489 > Change-Id: I93eb022bbc3d37582407820aa8482a343cac6c12 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1758313 > Commit-Queue: Swapnil Gaikwad <swapnilgaikwad@google.com> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Cr-Commit-Position: refs/heads/master@{#63528} TBR=rmcilroy@chromium.org,neis@chromium.org,leszeks@chromium.org,tebbi@chromium.org,swapnilgaikwad@google.com Change-Id: I9ae475f71275f71f1b9e60b8bf0578e21ce2704b No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:9489 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1783736Reviewed-by: Francis McCabe <fgm@chromium.org> Commit-Queue: Francis McCabe <fgm@chromium.org> Cr-Commit-Position: refs/heads/master@{#63536}
-
Swapnil Gaikwad authored
The functionality of the GetIterator bytecode introduced previously is now extended from loading the @@iterator property to calling the property as well. This change basically absorbs the functionality of additional two bytecodes - Star, CallProperty0 in the GetIterator bytecode. Importantly, this change handles the cases of eager and lazy deoptimization in the middle of the bytecode, i.e., lazy deopt for LdaNamedProperty and eager deopt of the CallProperty0 bytecode, using the continuation builtins. This mechanism can work as a template for the future bytecode that require handling such inter-bytecode deopt scenario. The tests evaluating the eager and lazy deopt scenarios are also included. Bug: v8:9489 Change-Id: I93eb022bbc3d37582407820aa8482a343cac6c12 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1758313 Commit-Queue: Swapnil Gaikwad <swapnilgaikwad@google.com> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#63528}
-
Santiago Aboy Solanes authored
The important bit is using MachineType::TaggedSigned instead of AnyTagged in CSA. Everything else, it's just the result of adding types to variables. SloppyTNode-ify LoadAndUntagToWord32ObjectField. Both LoadAndUntagSmi and StoreAndTagSmi were only used once, and their names were not clear. Inline those where they were used. TNodify: * ReloadBytecodeOffset * LoadAndUntagRegister * GetInterpretedFramePointer * Advance (the three variants) * SaveBytecodeOffset * BytecodeOffset Type variables: * interpreted_frame_pointer_ * bytecode_offset_ Create macros: * TYPED_VARIABLE_CONSTRUCTOR * TVARIABLE_CONSTRUCTOR which are similar to their non-typed counterparts. Bug: v8:7703, v8:6949 Change-Id: I776e3fe16ca642f868bb635b8bcd5b8b78ca6fea Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1758308Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#63522}
-
Pierre Langlois authored
The `Instruction::IsValidImmPCOffset()` method was taking an `offset` argument in numbers of *instructions* while we were passing it numbers of *bytes*. See `Instruction::IsTargetInImmPCOffsetRange()` and `MacroAssembler::NeedExtraInstructionsOrRegisterBranch()`. As a result, we were 4 times too conservative when computing branch ranges going backwards, forcing us to generate the following sequence for TBZ more often than needed: ``` TBNZ <skip> B <target> skip: ``` This happened rarely for loops, but a lot when doing an early return from out-of-line calls to write barriers. Since out-of-line code is easily out of range of 8K, although the real range of TBZ is 32K. This fixes it by changing this method to take a byte offset instead of instructions, as this is more intuitive and in line with similar methods. For instance, `Instruction::ImmPcOffset()` returns an offset in bytes. The tests are adapted so that they would have caught such a bug: * TEST(far_branch_backward): This test used to only check the code worked if the branch was very far away, but it didn't test the range was correct. So this test was changed to check each branch type separately, and test in-range and out-of-range cases separately too. * TEST(far_branch_veneer_broken_link_chain): Because of the backwards range bug, this test wasn't actually testing what it should. The idea of the test is to make sure the MacroAssembler can still cope when the chain of links is broken after a veneer was emitted. But no veneers were ever emitted. Change-Id: Iddb5c683a71147455175f38fa7ae57da0a3e7337 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1781058Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#63518}
-
Leszek Swirski authored
This reverts commit ab089c78. Reason for revert: Breaking GC stress (https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/27523) Original change's description: > [turbofan] Prepare for moving part of CreateGraph into the background > > - Pass Refs, not Handles, to graph builder, and drop bytecode array argument > (get it from SFI instead). > - Add some fields to FeedbackVectorRef that are needed to avoid heap access > in BytecodeGraphBuilderPhase. > - Rename FeedbackVectorRef's SerializeSlots to Serialize, since it's more > than just the feedback slots. > - Rearrange the last steps in PipelineCompilationJob::PrepareJobImpl such > that CreateGraph is last. > > Bug: v8:7790 > Change-Id: I4b17790d1d74da41ba63ee68e3a33968662fc398 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1781682 > Reviewed-by: Maya Lekova <mslekova@chromium.org> > Commit-Queue: Georg Neis <neis@chromium.org> > Cr-Commit-Position: refs/heads/master@{#63515} TBR=neis@chromium.org,mslekova@chromium.org Change-Id: I4dc95907657597d12cbe1ce6a8ebb694ef44e915 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:7790 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1781687Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#63517}
-
Georg Neis authored
- Pass Refs, not Handles, to graph builder, and drop bytecode array argument (get it from SFI instead). - Add some fields to FeedbackVectorRef that are needed to avoid heap access in BytecodeGraphBuilderPhase. - Rename FeedbackVectorRef's SerializeSlots to Serialize, since it's more than just the feedback slots. - Rearrange the last steps in PipelineCompilationJob::PrepareJobImpl such that CreateGraph is last. Bug: v8:7790 Change-Id: I4b17790d1d74da41ba63ee68e3a33968662fc398 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1781682Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#63515}
-
- 02 Sep, 2019 3 commits
-
-
Leszek Swirski authored
Similar to https://crrev.com/c/1781047, WordEqual already does the right truncation in the instruction selector. Bug: v8:8948 Change-Id: I92e74bafab6a467aeca1570494e9044f9cf18c46 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1781049 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#63504}
-
Leszek Swirski authored
This is a reland of 0736599a. This is a reland of 7e1fbe8f. Original change description: > [ic] In-place Double -> Tagged transitions > > With no more MutableHeapNumber, we can make Double -> Tagged transitions > in-place, at the cost of an extra map check when accessing double fields > to make sure they are still doubles. > > Bug: v8:9606 > Change-Id: I74ff39ed6fba62ee223cd37dfe761f7d73020e1c > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1743973 > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > Cr-Commit-Position: refs/heads/master@{#63374} TBR=verwaest@chromium.org, tebbi@chromium.org Bug: v8:9606 Change-Id: I2d1b7416064d743582f4983fb868316b7e8a4cf2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1777661Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#63499}
-
Mu Tao authored
Port 213504b9 Original Commit Message: The code fields in a JSRegExp object now either contain irregexp compiled code or a trampoline to the interpreter. This way the code can be executed without explicitly checking if the regexp shall be interpreted or executed natively. In case of interpreted regexp the generated bytecode is now stored in its own fields instead of the code fields for Latin1 and UC16 respectively. The signatures of the jitted irregexp match and the regexp interpreter have been equalized. Change-Id: I843b11cfdd9ecbb38f03706bcb86a5cfcbf69050 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1778083 Auto-Submit: Mu Tao <pamilty@gmail.com> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#63490}
-
- 30 Aug, 2019 2 commits
-
-
Ross McIlroy authored
Extend stress source positions to also ensure source positions for eagerly compiled inner functions when lazily compiling the outer function. BUG=v8:8510 Change-Id: I66d04beb789f13c15ed87cf10f606723c18f5d8f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1774725 Commit-Queue: Dan Elphick <delphick@chromium.org> Auto-Submit: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Dan Elphick <delphick@chromium.org> Cr-Commit-Position: refs/heads/master@{#63482}
-
Sigurd Schneider authored
Add a missing check for a prototype to GetDerivedMap. Bug: chromium:999310 Change-Id: I99c342a53e3b95bb7b624ff14c1c40576ee629df Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1776092 Auto-Submit: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#63473}
-
- 29 Aug, 2019 2 commits
-
-
Z Nguyen-Huu authored
Bug: v8:8976 Change-Id: Id6449c0e2a473db7b1d3a1c143324d8810000374 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1773558 Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#63464}
-
Milad Farazmand authored
Port 213504b9 Original Commit Message: The code fields in a JSRegExp object now either contain irregexp compiled code or a trampoline to the interpreter. This way the code can be executed without explicitly checking if the regexp shall be interpreted or executed natively. In case of interpreted regexp the generated bytecode is now stored in its own fields instead of the code fields for Latin1 and UC16 respectively. The signatures of the jitted irregexp match and the regexp interpreter have been equalized. R=pthier@google.com, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: I2b0b82e76a800408ced2e92e811ce5e8dac2cf0f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1775725Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Reviewed-by: Milad Farazmand <miladfar@ca.ibm.com> Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#63462}
-