- 07 Dec, 2017 26 commits
-
-
Clemens Hammacher authored
We might run into the situation that all fp registers are already in use for holding parameters. Thus, use the {GetUnusedRegister()} method which might spill to free one of the registers. R=ahaas@chromium.org Bug: v8:6600, chromium:792037 Change-Id: I44b279922e31ac4acaa07b6a36ba2e394100fde0 Reviewed-on: https://chromium-review.googlesource.com/813834Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#49940}
-
Sergiy Byelozyorov authored
This reverts commit 72e7b60b. Reason for revert: whitespace CL is not landed by CQ Original change's description: > [tools] Migrate v8_linux64_asan_rel_ng and v8_linux64_asan_rel_ng_triggered to LUCI > > No-Try: true > Bug: chromium:748008, chromium:748000 > Change-Id: I487b7e85ade29b9aeaa9aeb4c90fd220581899a0 > Reviewed-on: https://chromium-review.googlesource.com/806171 > Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> > Reviewed-by: Michael Achenbach <machenbach@chromium.org> > Cr-Commit-Position: refs/heads/master@{#49938} TBR=machenbach@chromium.org,sergiyb@chromium.org Change-Id: I171e71d34b6a4365b097e4fc951aa7ff7d619edd No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:748008, chromium:748000 Reviewed-on: https://chromium-review.googlesource.com/814714Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#49939}
-
Sergiy Byelozyorov authored
No-Try: true Bug: chromium:748008, chromium:748000 Change-Id: I487b7e85ade29b9aeaa9aeb4c90fd220581899a0 Reviewed-on: https://chromium-review.googlesource.com/806171 Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#49938}
-
jgruber authored
While the affect values must be valid addresses & thus will not overflow the IntPtr type, they need to be interpreted as unsigned in comparisons. Bug: chromium:792549, v8:7123, v8:3590 Change-Id: I864b50c8dbdc297d70bf83c74a83cc466c5f3eb0 Reviewed-on: https://chromium-review.googlesource.com/814395 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#49937}
-
Michael Lippautz authored
Bug: v8:7176 Change-Id: I83d68a7e792b656d9f40a142b5403ac98c4f44c4 Reviewed-on: https://chromium-review.googlesource.com/814116Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#49936}
-
Clemens Hammacher authored
This change got lost on a rebase of https://crrev.com/c/796854. R=ahaas@chromium.org Bug: v8:6600 Change-Id: I99e0b7f51f0b3ca1135c8d98fcc7b4c2c13193a3 Reviewed-on: https://chromium-review.googlesource.com/813923Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#49935}
-
Michael Lippautz authored
The tests illustrate the use of v8::EmbedderHeapTracer. Bug: v8:7176 Change-Id: Ic383c968691fddb0ec96d66cb33ee42b9c304a75 Reviewed-on: https://chromium-review.googlesource.com/811924 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#49934}
-
Sergiy Byelozyorov authored
R=jgruber@chromium.org Bug: chromium:791045, v8:1956, v8:7165 Change-Id: I58ba09248824f0309a3d37afa3e59bdea7c5f1f1 Reviewed-on: https://chromium-review.googlesource.com/813914Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#49933}
-
jgruber authored
When enabling any coverage mode (other than best-effort), we trigger deoptimization of all functions on the heap. Prior to the recent removal of the weak list of optimized functions [0], we'd unlink optimized code from all relevant JSFunctions during the call to DeoptimizeAll. After the weak-list-removal, this was no longer the case, hence this [1] change which attempts to reset the code object from the SharedFunctionInfo for all found JSFunction objects. But this can create a situation in which JSFunctions are set up incorrectly s.t. they have unoptimized code but no feedback vector. This CL fixes that by leaving JSFunction objects untouched and relying on self-healing mechanisms (CompileLazyDeoptimizedCode) to fix up JSFunction::code. [0] https://crrev.com/f0acede9bb05155c25ee87e81b4b587e8a76f690 [1] https://crrev.com/c/647596/5/src/debug/debug-coverage.cc Bug: chromium:786784, chromium:791940, v8:6637 Change-Id: I13191f4c8800a0d72894b959105189dc09ca693e Reviewed-on: https://chromium-review.googlesource.com/813615 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#49932}
-
Sergiy Byelozyorov authored
R=machenbach@chromium.org Bug: chromium:747960 Change-Id: Id4e3b976e2600b075a3ef5b719490a9d749b3760 Reviewed-on: https://chromium-review.googlesource.com/813837 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#49931}
-
Mythri authored
Bug: v8:7109 Change-Id: I20b7eba388415c0dd3bfe64130e6c9a7eaa3a5c8 Reviewed-on: https://chromium-review.googlesource.com/803436Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#49930}
-
Michael Starzinger authored
R=clemensh@chromium.org BUG=v8:6792 Change-Id: Ia2567112ab86f42729337e539f9aaa1719d9a39f Reviewed-on: https://chromium-review.googlesource.com/811305Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#49929}
-
Sigurd Schneider authored
This is a preparation for a larger CL that needs VectorSlotPair throughtout the compilation chain (including deoptimizer.cc). Bug: v8:7127 Change-Id: Ia746805ca3fa294eedba19d23656f858840cd501 Reviewed-on: https://chromium-review.googlesource.com/813934Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#49928}
-
Michal Majewski authored
Introduce new flag for starting young generation collection early based on the current new space size. Bug: v8:6972 Change-Id: I73dd28b8ac7df873b5c3e6ca4b3e55bdec5295a1 Reviewed-on: https://chromium-review.googlesource.com/811304 Commit-Queue: Michał Majewski <majeski@google.com> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#49927}
-
Ali Ijaz Sheikh authored
This is a reland of 8dd405e3. The MSAN failures were unrelated and should be fixed by 75c1c6c6. Original change's description: > [heap] introduce SpaceWithLinearArea class > > NewSpace and OldSpace have linear allocation areas, but presently the > implementation doesn't share any code and there are subtle differences. > This CL introduces a superclass 'SpaceWithLinearArea' that will be used > to refactor and share code. > > Change-Id: I741e6a6ebb9e75c111287214fd1f555fba62c452 > Reviewed-on: https://chromium-review.googlesource.com/809504 > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com> > Cr-Commit-Position: refs/heads/master@{#49890} Change-Id: I275bdc881b1b81f3ae3c7d36e919981ac4331315 Reviewed-on: https://chromium-review.googlesource.com/812324Reviewed-by: Ali Ijaz Sheikh <ofrobots@google.com> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#49926}
-
Igor Sheludko authored
Bug: v8:7109 Change-Id: I9766d28998fca49b0d3e6dc9aca3cc19f0b42124 Reviewed-on: https://chromium-review.googlesource.com/809244Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#49925}
-
Clemens Hammacher authored
Ensure that the type is always stored correctly. R=titzer@chromium.org Bug: v8:6600, chromium:791810 Change-Id: Id3a3c20b14f8730b9550c548dec49ac47121e691 Reviewed-on: https://chromium-review.googlesource.com/811188Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#49924}
-
Michael Lippautz authored
Observers may start incremental marking and thus black allocation. Since the object was allocated before invocing the observer the invariant might not hold anymore. Bug: v8:7174 Change-Id: I74fe1816303bedb28b69ec5ac83fd19e588acace Reviewed-on: https://chromium-review.googlesource.com/813714Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#49923}
-
Ulan Degenbaev authored
This add scope for - concurrent array buffer free task, - concurrent store buffer processing task, - concurrent unmapper task Bug: chromium:758183 Change-Id: I1be3185a9ec44033982f6a0bb05d2e9b02074f85 Reviewed-on: https://chromium-review.googlesource.com/811646Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#49922}
-
Michael Achenbach authored
TBR=santa Change-Id: Ied0791d1bf111c3f4729168432042e0fd13ac81e Reviewed-on: https://chromium-review.googlesource.com/813694Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#49921}
-
Michael Achenbach authored
TBR=santa Change-Id: I17260357602130ff210f3468bef6e55cf85edb65 Reviewed-on: https://chromium-review.googlesource.com/813634 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#49920}
-
Kanghua Yu authored
This saves ~80KB code size for each Deoptimizer. Bug: Change-Id: I9fc6744e6acebad1d6012017caf2b29832364530 Reviewed-on: https://chromium-review.googlesource.com/809820Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#49919}
-
Michael Achenbach authored
TBR=mlippautz@chromium.org NOTRY=true Change-Id: I01fc2f77bb7df0b9ef7355c9910ca6d7423e46ca Reviewed-on: https://chromium-review.googlesource.com/813614Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#49918}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/3320fde..b70ba2b Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/3337fb6..82cfea0 Rolling v8/tools/swarming_client: https://chromium.googlesource.com/infra/luci/client-py/+log/6fd3c7b..4bd9152 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: I92348a6af3c322b1dd77c884290490612195743d Reviewed-on: https://chromium-review.googlesource.com/812526Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#49917}
-
jing.bao authored
Bug: Change-Id: I68e3f62612d9e6e7c915931c1c6f810d59df31eb Reviewed-on: https://chromium-review.googlesource.com/810524Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Jing Bao <jing.bao@intel.com> Cr-Commit-Position: refs/heads/master@{#49916}
-
Karl Schimpf authored
The previous code assumed that trap handling was a global concept, defined by function trap_handler::UseTrapHandler(). This CL does the first step in changing the decision to be specifiable at a module level. Therefore trap_handler::UseTrapHandler() is replaced by trap_handler::IsTrapHandlerEnabled(), and communicates if compilation supports the use of trap handlers (but still allowing the use of bounds checking on memory accesses). It then refactors the classes ModuleEnv and WasmCompiledModule to have a field "use_trap_handler" that specifies if traps should be used for the memory accesses in the module being compiled. Bug: v8:7143 Change-Id: I9844842d5721c86c2dd55e911b42bf8b9922cf63 Reviewed-on: https://chromium-review.googlesource.com/802322 Commit-Queue: Eric Holk <eholk@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Reviewed-by: Mircea Trofin <mtrofin@chromium.org> Reviewed-by: Eric Holk <eholk@chromium.org> Cr-Commit-Position: refs/heads/master@{#49915}
-
- 06 Dec, 2017 14 commits
-
-
Alexei Filippov authored
Performed manual testing as well by making 20 CPU profile recordings of loading http://meduza.io page. Without the patch the page renderer memory size grows beyond 300MB. With the patch it remains below 200MB. BUG=v8:6623 Change-Id: Ifce541b84bb2aaaa5175520f8dd49dbc0cb5dd20 Reviewed-on: https://chromium-review.googlesource.com/798020 Commit-Queue: Alexei Filippov <alph@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#49914}
-
Alexey Kozyatinskiy authored
It will help us to preserve some scripts for user. R=alph@chromium.org TBR=jgruber@chromium.org Bug: chromium:655701 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I6d42434148c2d9eb41c3a2af906e8c14ccf8d9a9 Reviewed-on: https://chromium-review.googlesource.com/806741 Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Reviewed-by: Alexei Filippov <alph@chromium.org> Cr-Commit-Position: refs/heads/master@{#49913}
-
Yang Guo authored
R=franzih@chromium.org Change-Id: I5f5ac245408c76a072f5cb3ae81b8773ddcd47cc Reviewed-on: https://chromium-review.googlesource.com/808784Reviewed-by: Franziska Hinkelmann <franzih@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#49912}
-
Jakob Kummerow authored
Exposing the existing Context::AllowCodeGenerationFromStrings(false) API to the command line. Bug: v8:7134 Change-Id: I062ccff0b03c5bcf6878c41c455c0ded37a1d743 Reviewed-on: https://chromium-review.googlesource.com/809631Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#49911}
-
Ulan Degenbaev authored
Bug: chromium:792520 Change-Id: Ibc030a08898434c1b5c7a2e8dd14730bfebc7309 Reviewed-on: https://chromium-review.googlesource.com/811504Reviewed-by: Ali Ijaz Sheikh <ofrobots@google.com> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#49910}
-
Georg Neis authored
For instance, it now knows that Number(x) has type Number. (In this particular case, we used to know that already due to js-call-reduction of Number but that was recently disabled because of BigInts.) Bug: v8:6791 Change-Id: If5c57d46fc8448ca530a9ce7c9d14d63daa0f31c Reviewed-on: https://chromium-review.googlesource.com/811264Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#49909}
-
Igor Sheludko authored
They will eventually be used instead of Tuple3/FixedArray by the IC system. Bug: v8:5561, v8:7159 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I39faad1b2dc10ce7d42cb7477ea87b64d1e0b44c Reviewed-on: https://chromium-review.googlesource.com/806178 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#49908}
-
Michal Majewski authored
Observer that increases frequency of checking if we reached marking limit. Works only with --stress-marking. Bug: v8:6972 Change-Id: I13544fdd8bb33738d78adbac96feb70222b5b634 Reviewed-on: https://chromium-review.googlesource.com/802434 Commit-Queue: Michał Majewski <majeski@google.com> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#49907}
-
Vlad Tsyrklevich authored
Control Flow Integrity [1] indirect call checking is a compiler- instrumentation that verifies that function pointers are only used to call functions whose type signatures matches the type of the function pointer. The once implementation casts function pointers to different types--refactor it to pass around a std::function that calls the provided function pointer with its original type instead. [1] https://www.chromium.org/developers/testing/control-flow-integrity Bug=chromium:776905,v8:7164 Change-Id: I26b63973fdcebbc11b1cd7b023a6a6d0724c360c Reviewed-on: https://chromium-review.googlesource.com/806262Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#49906}
-
Clemens Hammacher authored
This saves us 14.2kB binary size in libv8.so (in release mode), and probably also improves performance a little bit. R=titzer@chromium.org Bug: v8:7109 Change-Id: I345a48369aaf054572a4fd4368bf5cd526ed146a Reviewed-on: https://chromium-review.googlesource.com/797270Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#49905}
-
Clemens Hammacher authored
The value is passed as int in most places anyway, so better also store it as int, and make sure that it's in the range [0..kMaxInt]. Also, our style guide only allows {int} out of the standard integer types. R=mstarzinger@chromium.org Bug: v8:6600 Change-Id: Ia425a8a6f64c9e617de02bb1d4f07413e9da4fc6 Reviewed-on: https://chromium-review.googlesource.com/810645 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#49904}
-
Ulan Degenbaev authored
Bug: chromium:791582 Change-Id: Ic2b4289431a4bd7b4b5a37437d25ebccd493497a Reviewed-on: https://chromium-review.googlesource.com/809130Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#49903}
-
Ulan Degenbaev authored
Bug: chromium:758183 Change-Id: I626be7a8f42662a657595c1147a6aa8cb53391fa Reviewed-on: https://chromium-review.googlesource.com/808941 Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#49902}
-
Igor Sheludko authored
- When a global object changes, invalidate its validity cell. - The global object prototypes don't need to be gathered into an array in InitPrototypeChecks. Bug: v8:7159 Change-Id: I3621c914d08b83e49e8a391800a92eb53ba19feb Reviewed-on: https://chromium-review.googlesource.com/808588Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#49901}
-