- 21 Feb, 2017 1 commit
-
-
ulan authored
During concurrent marking we need special handling of object layout changes that remove tagged in-object fields or replaces them with untagged in-object fields. This patch adds a function for notifying object layout changes and verification code that is triggered on each map change in runtime. BUG=chromium:694255 Review-Url: https://codereview.chromium.org/2702303002 Cr-Commit-Position: refs/heads/master@{#43342}
-
- 20 Feb, 2017 3 commits
-
-
Michael Lippautz authored
This reverts commit 9a407a43. BUG=chromium:693413 Change-Id: I469dbba6b45982f3a083b30546c60e5dacc5d8a2 Reviewed-on: https://chromium-review.googlesource.com/445198 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#43334}
-
Michael Lippautz authored
This reverts commit 17ef406d. Reason for revert: <INSERT REASONING HERE> Original change's description: > [heap] Add histogram counter for young generation handling > > BUG=chromium:693413 > > Change-Id: I6c6bc62e7f2c702be2462e4b0c3704fabf44f9d2 > Reviewed-on: https://chromium-review.googlesource.com/445156 > Commit-Queue: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Cr-Commit-Position: refs/heads/master@{#43316} TBR=ulan@chromium.org,mlippautz@chromium.org,hpayer@chromium.org,v8-reviews@googlegroups.com NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=chromium:693413 Change-Id: I38b293d6594278370ec0c5cb20234811b48086f6 Reviewed-on: https://chromium-review.googlesource.com/445179 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#43331}
-
Michael Lippautz authored
BUG=chromium:693413 Change-Id: I6c6bc62e7f2c702be2462e4b0c3704fabf44f9d2 Reviewed-on: https://chromium-review.googlesource.com/445156 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#43316}
-
- 17 Feb, 2017 2 commits
-
-
ulan authored
The functions do not work correctly with concurrent sweeper and they do not take weak references into account. The latter is a fundamental problem for this tracing approach. BUG= Review-Url: https://codereview.chromium.org/2707433002 Cr-Commit-Position: refs/heads/master@{#43284}
-
Michael Lippautz authored
A fast promotion mode that works solely on GC heuristics without requiring compiler or other profiler support by implementing zero-copy evacuation for new space. - Once a threshold of survived bytes in the Scavenger is reached the mode is activated. - In fast promotion mode all pages are moved to old space instead of performing a Scavenge. - The inevitable upcoming full MC determines whether the decision whether the mode should stay on or be turned off based on the young generation survival rate. BUG=chromium:693413 Change-Id: Ifdf296092a9bac609f9dcdfb47a24046f3093745 Reviewed-on: https://chromium-review.googlesource.com/442560 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/master@{#43276}
-
- 14 Feb, 2017 1 commit
-
-
bbudge authored
LOG=Y BUG=v8:4124,v8:5948 R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org Review-Url: https://codereview.chromium.org/2684313003 Cr-Original-Original-Commit-Position: refs/heads/master@{#43162} Committed: https://chromium.googlesource.com/v8/v8/+/d170c57ab996d00c4665a9d865bd5754a1806c6c Review-Url: https://codereview.chromium.org/2684313003 Cr-Original-Commit-Position: refs/heads/master@{#43169} Committed: https://chromium.googlesource.com/v8/v8/+/a9b59a11f1bfe069afabe5567f919727456f1f12 Review-Url: https://codereview.chromium.org/2684313003 Cr-Commit-Position: refs/heads/master@{#43176}
-
- 13 Feb, 2017 7 commits
-
-
franzih authored
Revert of Remove SIMD.js from V8. (patchset #7 id:120001 of https://codereview.chromium.org/2684313003/ ) Reason for revert: Breaks Node integration build. Original issue's description: > Remove SIMD.js from V8. > > LOG=Y > BUG=v8:4124,v8:5948 > R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org > > Review-Url: https://codereview.chromium.org/2684313003 > Cr-Original-Commit-Position: refs/heads/master@{#43162} > Committed: https://chromium.googlesource.com/v8/v8/+/d170c57ab996d00c4665a9d865bd5754a1806c6c > Review-Url: https://codereview.chromium.org/2684313003 > Cr-Commit-Position: refs/heads/master@{#43169} > Committed: https://chromium.googlesource.com/v8/v8/+/a9b59a11f1bfe069afabe5567f919727456f1f12 TBR=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org,bradnelson@google.com,machenbach@chromium.org,bbudge@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:4124,v8:5948 Review-Url: https://codereview.chromium.org/2695653005 Cr-Commit-Position: refs/heads/master@{#43170}
-
bbudge authored
LOG=Y BUG=v8:4124,v8:5948 R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org Review-Url: https://codereview.chromium.org/2684313003 Cr-Original-Commit-Position: refs/heads/master@{#43162} Committed: https://chromium.googlesource.com/v8/v8/+/d170c57ab996d00c4665a9d865bd5754a1806c6c Review-Url: https://codereview.chromium.org/2684313003 Cr-Commit-Position: refs/heads/master@{#43169}
-
bradnelson authored
Revert of Remove SIMD.js from V8. (patchset #7 id:120001 of https://codereview.chromium.org/2684313003/ ) Reason for revert: red Original issue's description: > Remove SIMD.js from V8. > > LOG=Y > BUG=v8:4124,5948 > R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org > (notry since trybots can't patch directory deletes) > NOTRY=true > > Review-Url: https://codereview.chromium.org/2684313003 > Cr-Commit-Position: refs/heads/master@{#43162} > Committed: https://chromium.googlesource.com/v8/v8/+/d170c57ab996d00c4665a9d865bd5754a1806c6c TBR=bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org,bradnelson@google.com,bbudge@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:4124,5948 Review-Url: https://codereview.chromium.org/2692933002 Cr-Commit-Position: refs/heads/master@{#43164}
-
bbudge authored
LOG=Y BUG=v8:4124,5948 R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org (notry since trybots can't patch directory deletes) NOTRY=true Review-Url: https://codereview.chromium.org/2684313003 Cr-Commit-Position: refs/heads/master@{#43162}
-
hpayer authored
BUG=chromium:673308 Review-Url: https://codereview.chromium.org/2696563003 Cr-Commit-Position: refs/heads/master@{#43159}
-
Michael Starzinger authored
This adds support for deoptimizing into the JSConstructStub after the receiver instantiation but before the actual constructor invocation. Such a deoptimization point is needed for cases where instantiation might be observed (e.g. when new.target is a proxy) and hence might trigger a deopt. We use this new deoptimization point for the "after" frame-state the inliner attaches to {JSCreate} nodes being inserted when constructor calls are being inlined. R=jarin@chromium.org TEST=mjsunit/regress/regress-5638b BUG=v8:5638 Change-Id: I7c72c807ee8fb76d12e0e9ccab86d970ab1a0efd Reviewed-on: https://chromium-review.googlesource.com/440125Reviewed-by:
Hannes Payer <hpayer@chromium.org> Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#43149}
-
bmeurer authored
We cannot skip the @@hasInstance lookup in instanceof depending on a global protector cell, as the lookup of the property is observable via proxies or accessors. So remove the global protector and properly implement CSA::InstanceOf via GetPropertyStub, with an appropriate fast-path for Function.prototype[@@hasInstance] where we call the builtin code object directly if the function matches, skipping all the checks from the call sequence, and also avoid the redundant ToBoolean conversion on the result. R=yangguo@chromium.org TBR=ulan@chromium.org BUG=v8:5958 Review-Url: https://codereview.chromium.org/2684033012 Cr-Commit-Position: refs/heads/master@{#43137}
-
- 10 Feb, 2017 4 commits
-
-
jarin authored
This introduces new maps to track whether we have created at most one closure. If we have created just one closure, Turbofan will specialize the code to its context. Review-Url: https://codereview.chromium.org/2680313002 Cr-Commit-Position: refs/heads/master@{#43108}
-
mlippautz authored
BUG= Review-Url: https://codereview.chromium.org/2684233004 Cr-Commit-Position: refs/heads/master@{#43094}
-
yangguo authored
Sometimes we do want to include objects that are already dead. R=hpayer@chromium.org BUG=v8:5808 Review-Url: https://codereview.chromium.org/2687113002 Cr-Commit-Position: refs/heads/master@{#43083}
-
yangguo authored
Collecting precise invocation counts need to be explicitly enabled. Once enabled, we disable optimization (optimized code does not increment invocation count, and may inline callees), and make sure feedback vectors interesting for code coverage is not garbage-collected. R=hpayer@chromium.org, jgruber@chromium.org BUG=v8:5808 Review-Url: https://codereview.chromium.org/2686063002 Cr-Commit-Position: refs/heads/master@{#43082}
-
- 08 Feb, 2017 1 commit
-
-
yangguo authored
Previously, both type feedback vector and the shared function info of a function points to the matching type feedback metadata. This makes finding the shared function info of a type feedback vector difficult. Instead, we now point the type feeback vector to the shared function info, and find the metadata through the shared function info. Also remove the obsolete empty type feedback vector. R=hpayer@chromium.org, mvstanton@chromium.org BUG=v8:5808 Review-Url: https://codereview.chromium.org/2672363002 Cr-Commit-Position: refs/heads/master@{#43026}
-
- 07 Feb, 2017 2 commits
-
-
ishell@chromium.org authored
... and TypeFeedbackMetadata to FeedbackMetadata. BUG= Change-Id: I2556d1c2a8f37b8cf3d532cc98d973b6dc7e9e6c Reviewed-on: https://chromium-review.googlesource.com/439244 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
Michael Stanton <mvstanton@chromium.org> Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Reviewed-by:
Yang Guo <yangguo@chromium.org> Reviewed-by:
Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/master@{#42999}
-
ishell authored
BUG=v8:5917 Review-Url: https://codereview.chromium.org/2673383002 Cr-Commit-Position: refs/heads/master@{#42982}
-
- 30 Jan, 2017 2 commits
-
-
mvstanton authored
They have the same lifetime. It's a match! Both structures are native context dependent and dealt with (creation, clearing, gathering feedback) at the same time. By treating the spaces used for literal boilerplates as feedback vector slots, we no longer have to keep track of the materialized literal count elsewhere. A follow-on CL removes even more parser infrastructure related to this count. BUG=v8:5456 Review-Url: https://codereview.chromium.org/2655853010 Cr-Commit-Position: refs/heads/master@{#42771}
-
petermarshall authored
We need it to be a PropertyCell so that we can list it as a dependency for optimised code. Also drive-by clean up some variable names in src/isolate-inl.h. BUG=v8:5895 Review-Url: https://codereview.chromium.org/2658573008 Cr-Commit-Position: refs/heads/master@{#42764}
-
- 23 Jan, 2017 1 commit
-
-
ishell authored
Manipulating the signaling NaN used for the hole and uninitialized double field sentinel in C++, e.g. with bit_cast or HeapNumber::value()/set_value(), will change its value on ia32 (the x87 stack is used to return values and stores to the stack silently clear the signalling bit). BUG=v8:5495 Review-Url: https://codereview.chromium.org/2652553003 Cr-Commit-Position: refs/heads/master@{#42609}
-
- 19 Jan, 2017 1 commit
-
-
jkummerow authored
using newly introduced ThinStrings, which store a pointer to the actual, internalized string they represent. BUG=v8:4520 (Previously landed as #42168 / af51befe) (Previously landed as #42193 / 4c699e34) (Previously landed as #42235 / ec45e6ed) Review-Url: https://codereview.chromium.org/2549773002 Cr-Commit-Position: refs/heads/master@{#42503}
-
- 17 Jan, 2017 3 commits
-
-
jgruber authored
Background: the first page of each space is implicitly immovable. Recently, our builtin code objects have reached a size at which we fill up the first page of code space during initialization. Once that occurs, newly requested allocations of immovable code are allocated in a large object space page of 512K. This CL mitigates these effects by simply marking pages as immovable during snapshot creation instead of going into LO space. On snapshot builds, this should just work: deserialized pages are trimmed and marked immovable when deserialization finishes. However, non-snapshot builds and allocations of immovable CEntryStub code at runtime are still affected. BUG=v8:5831 Review-Url: https://codereview.chromium.org/2635973002 Cr-Commit-Position: refs/heads/master@{#42411}
-
jochen authored
Instead, it is supposed to just return an empty context if it failed. Also don't invoke interceptors (we don't for the parts that deserialize from the snapshot anyways). BUG=v8:5830 R=yangguo@chromium.org Review-Url: https://codereview.chromium.org/2636903002 Cr-Commit-Position: refs/heads/master@{#42404}
-
mlippautz authored
BUG=651354 Review-Url: https://codereview.chromium.org/2638803002 Cr-Commit-Position: refs/heads/master@{#42397}
-
- 12 Jan, 2017 1 commit
-
-
jkummerow authored
Revert of Internalize strings in-place (patchset #20 id:380001 of https://codereview.chromium.org/2549773002/ ) Reason for revert: Blocks roll, ASan detects leaking ExternalStrings. Original issue's description: > Internalize strings in-place (reland^2) > > using newly introduced ThinStrings, which store a pointer to the actual, > internalized string they represent. > > BUG=v8:4520 > > (Previously landed as #42168 / af51befe) > (Previously landed as #42193 / 4c699e34) > > Review-Url: https://codereview.chromium.org/2549773002 > Cr-Commit-Position: refs/heads/master@{#42235} > Committed: https://chromium.googlesource.com/v8/v8/+/ec45e6ed2e11698c713e664b1510bc31bcdbbdba TBR=ishell@chromium.org,hpayer@chromium.org,bmeurer@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:4520 Review-Url: https://codereview.chromium.org/2626893005 Cr-Commit-Position: refs/heads/master@{#42271}
-
- 11 Jan, 2017 4 commits
-
-
jkummerow authored
using newly introduced ThinStrings, which store a pointer to the actual, internalized string they represent. BUG=v8:4520 (Previously landed as #42168 / af51befe) (Previously landed as #42193 / 4c699e34) Review-Url: https://codereview.chromium.org/2549773002 Cr-Commit-Position: refs/heads/master@{#42235}
-
ulan authored
for debugging. This function is needed to pass increased heap limit from the main DevTools isolate to the worker isolates it spawns. BUG=chromium:675911 Review-Url: https://codereview.chromium.org/2624973003 Cr-Commit-Position: refs/heads/master@{#42228}
-
ulan authored
This API will allow DevTools to intercept out-of-memory condition, increase the heap limit and schedule heap snapshot. BUG=chromium:675911 Review-Url: https://codereview.chromium.org/2621873003 Cr-Commit-Position: refs/heads/master@{#42225}
-
jkummerow authored
Revert of Internalize strings in-place (patchset #17 id:320001 of https://codereview.chromium.org/2549773002/ ) Reason for revert: blocks roll, see: https://codereview.chromium.org/2628733002/ Debug mode runs into an Abort("External string expected, but not found"). Original issue's description: > Internalize strings in-place (reland) > > using newly introduced ThinStrings, which store a pointer to the actual, > internalized string they represent. > > BUG=v8:4520 > > (Previously landed as #42168 / af51befe. > > Review-Url: https://codereview.chromium.org/2549773002 > Cr-Commit-Position: refs/heads/master@{#42193} > Committed: https://chromium.googlesource.com/v8/v8/+/4c699e349a4986b28574b3a51e8780e3a3d067b1 TBR=ishell@chromium.org,hpayer@chromium.org,bmeurer@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:4520 Review-Url: https://codereview.chromium.org/2625073002 Cr-Commit-Position: refs/heads/master@{#42212}
-
- 10 Jan, 2017 3 commits
-
-
jkummerow authored
using newly introduced ThinStrings, which store a pointer to the actual, internalized string they represent. BUG=v8:4520 (Previously landed as #42168 / af51befe. Review-Url: https://codereview.chromium.org/2549773002 Cr-Commit-Position: refs/heads/master@{#42193}
-
machenbach authored
Revert of Internalize strings in-place (patchset #16 id:300001 of https://codereview.chromium.org/2549773002/ ) Reason for revert: gc stress failures: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20gc%20stress/builds/8024 Original issue's description: > Internalize strings in-place > > using newly introduced ThinStrings, which store a pointer to the actual, > internalized string they represent. > > BUG=v8:4520 > > Review-Url: https://codereview.chromium.org/2549773002 > Cr-Commit-Position: refs/heads/master@{#42168} > Committed: https://chromium.googlesource.com/v8/v8/+/af51befe694fe039db3554d4b9165f7d6baceb77 TBR=ishell@chromium.org,hpayer@chromium.org,bmeurer@chromium.org,jkummerow@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:4520 Review-Url: https://codereview.chromium.org/2621913002 Cr-Commit-Position: refs/heads/master@{#42170}
-
jkummerow authored
using newly introduced ThinStrings, which store a pointer to the actual, internalized string they represent. BUG=v8:4520 Review-Url: https://codereview.chromium.org/2549773002 Cr-Commit-Position: refs/heads/master@{#42168}
-
- 09 Jan, 2017 1 commit
-
-
yangguo authored
R=mvstanton@chromium.org, ulan@chromium.org BUG=v8:5808 Review-Url: https://codereview.chromium.org/2617363003 Cr-Commit-Position: refs/heads/master@{#42137}
-
- 02 Jan, 2017 1 commit
-
-
caitp authored
- Adds CodeAssembler::ConstructJS() to simplify calling JS functions as constructors, used by NewPromiseCapability() - Defines PromiseCapability as a special JSObject subclass, with a non-exensible Map, and read-only non-configurable DataDescriptors which point to its in-object fields. This allows its fields to be used by JS builtins until there is no longer any need. Currently, the performance benefit comes from https://codereview.chromium.org/2567033003/, but does not appear to regress performance in any significant way. BUG=v8:5343 TBR=ulan@chromium.org Review-Url: https://codereview.chromium.org/2567333002 Cr-Commit-Position: refs/heads/master@{#42014}
-
- 27 Dec, 2016 1 commit
-
-
ulan authored
BUG=chromium:675911 Review-Url: https://codereview.chromium.org/2593043002 Cr-Commit-Position: refs/heads/master@{#41957}
-
- 23 Dec, 2016 1 commit
-
-
mlippautz authored
1) Alternate between processing v8 and wrappers 2) Once v8 is empty, try 3 rounds of finding the fixpoint between v8 and wrappers 3) After that, finalize once v8 marking deque is empty again Reland fixed: Toggle needs to be IncrementalMarking global as we need to properly alternate tracing v8 and wrappers. BUG=chromium:468240, chromium:668164 Review-Url: https://codereview.chromium.org/2599283002 Cr-Commit-Position: refs/heads/master@{#41940}
-