Google Git
Sign in
chromium / v8 / v8.git / 25799516481ff9e5f92bed487c10754b55b69e5b
commit25799516481ff9e5f92bed487c10754b55b69e5b[log] [tgz]
authorTobias Tebbi <tebbi@chromium.org>Thu Feb 15 13:27:12 2018
committerCommit Bot <commit-bot@chromium.org>Mon Feb 19 15:25:23 2018
tree09c326ad1e59d43062fb824d1f85fe356e6712c3
parente56eac022f3b046bdc0d7454bd920dae16737845 [diff]
[turbofan] Masking/poisoning in codegen (optimized code, arm)

This introduces masking of loads with speculation bit during code generation.
At the moment, this is done only under the
--branch-load-poisoning flag, and this CL enlarges the set of supported
platforms from {x64} to {x64, arm}.

Overview of changes:
- new register configuration configuration with one register reserved for
  the speculation poison/mask (kSpeculationPoisonRegister).
- in codegen, we introduce an update to the poison register at the starts
  of all successors of branches (and deopts) that are marked as safety
  branches (deopts).
- in memory optimizer, we lower all field and element loads to PoisonedLoads.
- poisoned loads are then masked in codegen with the poison register.
  * only integer loads are masked at the moment.

Bug: chromium:798964
Change-Id: I37f5531fd18a96038ea8b059641e3dfc852c2d34
Reviewed-on: https://chromium-review.googlesource.com/913354
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51374}
5 files changed
tree: 09c326ad1e59d43062fb824d1f85fe356e6712c3
  1. benchmarks/
  2. build_overrides/
  3. docs/
  4. gni/
  5. include/
  6. infra/
  7. samples/
  8. src/
  9. test/
  10. testing/
  11. third_party/
  12. tools/
  13. .clang-format
  14. .editorconfig
  15. .git-blame-ignore-revs
  16. .gitignore
  17. .gn
  18. .vpython
  19. .ycm_extra_conf.py
  20. AUTHORS
  21. BUILD.gn
  22. ChangeLog
  23. CODE_OF_CONDUCT.md
  24. codereview.settings
  25. DEPS
  26. LICENSE
  27. LICENSE.fdlibm
  28. LICENSE.strongtalk
  29. LICENSE.v8
  30. LICENSE.valgrind
  31. OWNERS
  32. PRESUBMIT.py
  33. README.md
  34. snapshot_toolchain.gni
  35. WATCHLISTS
README.md

V8 JavaScript Engine

V8 is Google's open source JavaScript engine.

V8 implements ECMAScript as specified in ECMA-262.

V8 is written in C++ and is used in Google Chrome, the open source browser from Google.

V8 can run standalone, or can be embedded into any C++ application.

V8 Project page: https://github.com/v8/v8/wiki

Getting the Code

Checkout depot tools, and run

    fetch v8

This will checkout V8 into the directory v8 and fetch all of its dependencies. To stay up to date, run

    git pull origin
    gclient sync

For fetching all branches, add the following into your remote configuration in .git/config:

    fetch = +refs/branch-heads/*:refs/remotes/branch-heads/*
    fetch = +refs/tags/*:refs/tags/*

Contributing

Please follow the instructions mentioned on the V8 wiki.