- 08 Aug, 2016 7 commits
-
-
jgruber authored
Revert of Fix an OOB read through CallSite.GetFunctionName (patchset #1 id:1 of https://codereview.chromium.org/2199333002/ ) Reason for revert: We can revert this now that it's landed on 5.3. Original issue's description: > Fix an OOB read through CallSite.GetFunctionName > > The func_index parameter passed to GetWasmFunctionNameFromTable can be > user-controlled through the CallSite constructor. Catch out-of-bounds > reads and return null as the function name in such cases. > > This applies to the 5.3 branch and will be reverted on TOT in a bit. > > BUG=632965 > > Committed: https://crrev.com/8592c450a68581d7257c1b2002983c0092cd749a > Cr-Commit-Position: refs/heads/master@{#38276} TBR=ahaas@chromium.org,yangguo@chromium.org # Not skipping CQ checks because original CL landed more than 1 days ago. BUG=632965 Review-Url: https://codereview.chromium.org/2225773002 Cr-Commit-Position: refs/heads/master@{#38414}
-
bmeurer authored
Properly figure out NaN and -0 cases even for non-integer inputs. This helps to reduce the number of checks we have to perform in case we try to go back to int32 after a floating point operation. R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2227533002 Cr-Commit-Position: refs/heads/master@{#38413}
-
machenbach authored
Revert of [Tracing] Embed V8 runtime call stats into tracing. (patchset #8 id:140001 of https://codereview.chromium.org/2187693002/ ) Reason for revert: Leaks block chromium roll: https://codereview.chromium.org/2219083003/ Example build: https://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_asan_rel_ng/builds/205435 You can add the trybot from tryserver.chromium.linux, linux_chromium_asan_rel_ng, on reland. Original issue's description: > [Reland][Tracing] Embed V8 runtime call stats into tracing. > > Currently we have V8 RuntimeCallStats that is independently from tracing when > running d8 with flag --runtime_call_stats. This patch embeds V8 runtime call > stats into tracing, by having a global table of runtime call counters each > isolate, resetting the table each time we enter a top level trace event, and > dumping the table for each top level trace event. This will make trace file more > compat, as well as enable runtime call stats in tracing system. > > This patch adds ~5% overhead to V8 when the category is enabled, we measure the > overhead by running a script when category is enabled. > > BUG=v8:5089 > > Committed: https://crrev.com/d014866173eaa2b548c566217b2c94b1d49385fa > Committed: https://crrev.com/1ca3b73bba4a7253ca8eeef39321d70e7d414331 > Committed: https://crrev.com/3f936a5b17754783e92d2146eaf66c88a78ee45b > Cr-Original-Original-Commit-Position: refs/heads/master@{#38270} > Cr-Original-Commit-Position: refs/heads/master@{#38314} > Cr-Commit-Position: refs/heads/master@{#38403} TBR=cbruni@chromium.org,fmeawad@chromium.org,bmeurer@chromium.org,adamk@chromium.org,rmcilroy@chromium.org,lpy@chromium.org # Not skipping CQ checks because original CL landed more than 1 days ago. BUG=v8:5089 NOTRY=true NOPRESUBMIT=true Review-Url: https://codereview.chromium.org/2221853002 Cr-Commit-Position: refs/heads/master@{#38412}
-
bmeurer authored
Introduce a dedicated NumberOperationHint enum that represents the feedback we can use for speculative number operations. BUG=v8:4930 Review-Url: https://codereview.chromium.org/2220573002 Cr-Commit-Position: refs/heads/master@{#38411}
-
ahaas authored
I had to adjust Float64Max/Min on x64 slightly to return the default wasm NaN (0x7FF0000000000000) instead of the all-ones NaN (0xFFFFFFFFFFFFFFFF). R=titzer@chromium.org, bmeurer@chromium.org Review-Url: https://codereview.chromium.org/2204963002 Cr-Commit-Position: refs/heads/master@{#38410}
-
v8-autoroll authored
Rolling v8/build to 0aef44ff3987075f96208a8418c9f92038e7cf52 Rolling v8/tools/clang to c08b639033e7eca409e7d61c8384b7e328aabe8f TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Review-Url: https://codereview.chromium.org/2227473002 Cr-Commit-Position: refs/heads/master@{#38409}
-
mythria authored
Assign feedback slots in the type feedback vector for binary operations. Update bytecode-generator to use these slots and add them as an operand to binary operations. BUG=v8:4280 LOG=N Review-Url: https://codereview.chromium.org/2209633002 Cr-Commit-Position: refs/heads/master@{#38408}
-
- 07 Aug, 2016 2 commits
-
-
mlippautz authored
AtomicNumber should make dealing with atomic counters easier. This is not the case with size_t, as we cannot properly use the Increment() method for negative numbers. With this CL we can use AtomicNumber<size_t> and have proper decrements. R=jochen@chromium.org Review-Url: https://codereview.chromium.org/2215693002 Cr-Commit-Position: refs/heads/master@{#38407}
-
ulan authored
This patch folds --optimize-for-size flag and check for low-memory device into Heap::ShouldOptimizeForMemoryUsage() predicate. It has the following side effects: - the heap growing factor for low-memory devices is capped at 1.3 (old value was 2.0). - the memory reducer will be more aggressive for low-memory devices. BUG=chromium:634900 Review-Url: https://codereview.chromium.org/2218703004 Cr-Commit-Position: refs/heads/master@{#38406}
-
- 06 Aug, 2016 2 commits
-
-
v8-autoroll authored
Rolling v8/build to 4f92210342e455123c37ad2040085b84a8ab6274 Rolling v8/buildtools to e4aa960cb9cd2c7dbaa69655efa85b3d7dff13dd Rolling v8/third_party/WebKit/Source/platform/inspector_protocol to 470265c2fd38206eb1ca36fbe8a50931c1b8f83d Rolling v8/tools/clang to 36887a18177854dec069b5dc0e14b4274fc0c709 Rolling v8/tools/gyp to 93cc6e2c23e4d5ebd179f388e67aa907d0dfd43d Rolling v8/tools/mb to 98a61eae883d6e59651c5a2af141cd45f754aa71 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Review-Url: https://codereview.chromium.org/2213393003 Cr-Commit-Position: refs/heads/master@{#38405}
-
littledan authored
- Don't read .constructor when returning a Promise from an async function. Instead, call out to the internals of Promise.resolve directly. This is done by adding back in an "optimization" from an earlier form of the async/await code written by Caitlin Potter. - Async functions always return a new Promise with a distinct identity, even if they simply return another Promise. R=caitp@igalia.com BUG=v8:4483 Review-Url: https://codereview.chromium.org/2219623002 Cr-Commit-Position: refs/heads/master@{#38404}
-
- 05 Aug, 2016 29 commits
-
-
lpy authored
Currently we have V8 RuntimeCallStats that is independently from tracing when running d8 with flag --runtime_call_stats. This patch embeds V8 runtime call stats into tracing, by having a global table of runtime call counters each isolate, resetting the table each time we enter a top level trace event, and dumping the table for each top level trace event. This will make trace file more compat, as well as enable runtime call stats in tracing system. This patch adds ~5% overhead to V8 when the category is enabled, we measure the overhead by running a script when category is enabled. BUG=v8:5089 Committed: https://crrev.com/d014866173eaa2b548c566217b2c94b1d49385fa Committed: https://crrev.com/1ca3b73bba4a7253ca8eeef39321d70e7d414331 Review-Url: https://codereview.chromium.org/2187693002 Cr-Original-Original-Commit-Position: refs/heads/master@{#38270} Cr-Original-Commit-Position: refs/heads/master@{#38314} Cr-Commit-Position: refs/heads/master@{#38403}
-
cbruni authored
Drive-by-fix: improve threading test log output by also showing the names of the tests when they start and end. Review-Url: https://codereview.chromium.org/2218033002 Cr-Commit-Position: refs/heads/master@{#38402}
-
cbruni authored
Reland of [api] Clean up scopes and precheck instantiations cache (patchset #1 id:1 of https://codereview.chromium.org/2216903003/ ) Reason for revert: asan failures are caused by a flaky stack-verflow (see https://codereview.chromium.org/2218033002 for a fix). Original issue's description: > Revert of [api] Clean up scopes and precheck instantiations cache (patchset #3 id:40001 of https://codereview.chromium.org/2206773003/ ) > > Reason for revert: > [Sheriff] Leads to mac asan failures: > https://build.chromium.org/p/client.v8/builders/V8%20Mac64%20ASAN/builds/7835 > > Original issue's description: > > [api] Clean up scopes and precheck instantiations cache > > > > Make sure all the scopes used in api-natives.cc have inlineable constructors > > and destructors. Additionally directly precheck the instantiations cache before > > trying to enter the InvokeScope which sets the save_context. > > > > BUG=chromium:630217 > > > > Committed: https://crrev.com/a2496b942cad524f0f3144b107936eaa9a7c9fd5 > > Cr-Commit-Position: refs/heads/master@{#38346} > > TBR=yangguo@chromium.org,cbruni@chromium.org > # Skipping CQ checks because original CL landed less than 1 days ago. > NOPRESUBMIT=true > NOTREECHECKS=true > NOTRY=true > BUG=chromium:630217 > > Committed: https://crrev.com/e1b5cb43a9b90546ff5d6cea89ba17c485e842fb > Cr-Commit-Position: refs/heads/master@{#38356} TBR=yangguo@chromium.org,machenbach@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=chromium:630217 Review-Url: https://codereview.chromium.org/2217353002 Cr-Commit-Position: refs/heads/master@{#38401}
-
verwaest authored
This also gets rid of the pending_error_handler field on DeclarationScope which wasn't actually used. BUG=v8:5209 Review-Url: https://codereview.chromium.org/2218083002 Cr-Commit-Position: refs/heads/master@{#38400}
-
ahaas authored
R=bmeurer@chromium.org Review-Url: https://codereview.chromium.org/2215403002 Cr-Commit-Position: refs/heads/master@{#38399}
-
neis authored
R=adamk@chromium.org BUG= Review-Url: https://codereview.chromium.org/2218893002 Cr-Commit-Position: refs/heads/master@{#38398}
-
jyan authored
Separate 32 and 64 And/Or/Xor/Not Operation R=joransiu@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com, bjaideep@ca.ibm.com BUG= Review-Url: https://codereview.chromium.org/2216883003 Cr-Commit-Position: refs/heads/master@{#38397}
-
neis authored
R=adamk@chromium.org BUG= NOTRY=true Review-Url: https://codereview.chromium.org/2212183003 Cr-Commit-Position: refs/heads/master@{#38396}
-
adamk authored
The old code was using VariableMode, but that signal is both over-pessimistic (some CONST and LET variables need no hole-initialization) and inconsistent with other uses of the InitializationFlag enum (such as %LoadLookupSlot). This changes no observable behavior, but removes unnecessary hole initialization and hole checks in a few places, including block-scoped function declarations, super property lookups, and new.target. R=bmeurer@chromium.org, neis@chromium.org Review-Url: https://codereview.chromium.org/2201193004 Cr-Commit-Position: refs/heads/master@{#38395}
-
klaasb authored
ForInPrepare checked whether the receiver object was null, undefined or converted to a JSObject. This is already done by the generated bytecode. BUG=v8:4820 LOG=n Review-Url: https://codereview.chromium.org/2208043002 Cr-Commit-Position: refs/heads/master@{#38394}
-
neis authored
Original commit message: > Remove redundant ParseInfo::scope_. > > This was always set to the literal's scope. > > (Additional change: mark getters as const.) > > R=adamk@chromium.org > BUG= > > Review-Url: https://codereview.chromium.org/2216563003 > Cr-Commit-Position: refs/heads/master@{#38372} > This was always set to the literal's scope. TBR=adamk@chromium.org BUG= Review-Url: https://codereview.chromium.org/2216083003 Cr-Commit-Position: refs/heads/master@{#38393}
-
bmeurer authored
This extends JSNativeContextSpecialization with support for stores to fast object/smi element backing stores that are marked as copy-on-write. In this case we first call the CopyFixedArray builtin to take a copy of the elements backing store, and then store the new elements back to the object, and finally perform the actual element store. R=epertoso@chromium.org BUG=v8:4470 Committed: https://crrev.com/ac98ad22f049a59c48387f1bab1590f135d219c6 Review-Url: https://codereview.chromium.org/2218703003 Cr-Original-Commit-Position: refs/heads/master@{#38370} Cr-Commit-Position: refs/heads/master@{#38392}
-
jarin authored
If we infer loop variable bounds, we need to insert a type rename node (sigma) to make sure that simplified lowering can choose representations consistently. Review-Url: https://codereview.chromium.org/2222513002 Cr-Commit-Position: refs/heads/master@{#38391}
-
verwaest authored
This reduces peak zone memory usage by ~10% on codeload and ~5% on mandreel. BUG=v8:5209 Committed: https://crrev.com/2648162dcfff622f8587cea2faa8c3af56456968 Review-Url: https://codereview.chromium.org/2209573002 Cr-Original-Commit-Position: refs/heads/master@{#38367} Cr-Commit-Position: refs/heads/master@{#38390}
-
machenbach authored
Revert of [x64] Zero/sign-extend loads to 64-bit registers. (patchset #1 id:20001 of https://codereview.chromium.org/2220483003/ ) Reason for revert: Breaks tree: https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20-%20debug/builds/10969 Original issue's description: > [x64] Zero/sign-extend loads to 64-bit registers. > > Before this change we would first load an 8/16/32-bit value from memory into a 32-bit register, then zero/sign-extend from that register to a 64-bit one. Now we replace that pattern with a single movsx/movzx. > > Ported from http://crrev.com/2183923003 > > R=bmeurer@chromium.org > > Committed: https://crrev.com/4abecb7a27bd5fa073d0ff5fadb0c2bb248ef9f4 > Cr-Commit-Position: refs/heads/master@{#38388} TBR=bmeurer@chromium.org,epertoso@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Review-Url: https://codereview.chromium.org/2221473002 Cr-Commit-Position: refs/heads/master@{#38389}
-
epertoso authored
Before this change we would first load an 8/16/32-bit value from memory into a 32-bit register, then zero/sign-extend from that register to a 64-bit one. Now we replace that pattern with a single movsx/movzx. Ported from http://crrev.com/2183923003 R=bmeurer@chromium.org Review-Url: https://codereview.chromium.org/2220483003 Cr-Commit-Position: refs/heads/master@{#38388}
-
jochen authored
Original issue description: > The lazy parser actually parses eagerly. It's called lazy because it > parses functions that were previously lazy parsed. D'uh. > > BUG=v8:5215 > R=marja@chromium.org > > Review-Url: https://codereview.chromium.org/2220463002 > Cr-Commit-Position: refs/heads/master@{#38375} BUG=v8:5215 TBR=marja@chromium.org Review-Url: https://codereview.chromium.org/2218033003 Cr-Commit-Position: refs/heads/master@{#38387}
-
jochen authored
Since they are. R=verwaest@chromium.org BUG= Review-Url: https://codereview.chromium.org/2216123003 Cr-Commit-Position: refs/heads/master@{#38386}
-
ivica.bogosavljevic authored
BUG= Review-Url: https://codereview.chromium.org/2212133003 Cr-Commit-Position: refs/heads/master@{#38385}
-
caitp authored
Unskip test which failed with Intl support disabled, and avoid using Intl objects within the test. BUG=chromium:634273,chromium:634357,v8:5162 NOTRY=true R=mstarzinger@chromium.org Review-Url: https://codereview.chromium.org/2218743003 Cr-Commit-Position: refs/heads/master@{#38384}
-
ahaas authored
Benedikt, do you think we could also provide these operators on mips, maybe by expanding them to "-0.0 -x"? If mips can provide these operators, then we could make Float64Neg and Float32Neg real operators and not just OptionalOperators. R=bmeurer@chromium.org Review-Url: https://codereview.chromium.org/2218023002 Cr-Commit-Position: refs/heads/master@{#38383}
-
cbruni authored
BUG=chromium:634776 Review-Url: https://codereview.chromium.org/2219803002 Cr-Commit-Position: refs/heads/master@{#38382}
-
machenbach authored
BUG=v8:5238 NOTREECHECKS=true Review-Url: https://codereview.chromium.org/2214283003 Cr-Commit-Position: refs/heads/master@{#38381}
-
machenbach authored
Revert of Separate Scope into DeclarationScope and Scope (patchset #13 id:240001 of https://codereview.chromium.org/2209573002/ ) Reason for revert: [Sheriff] Make leak checker unhappy: https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20-%20debug/builds/10959 Original issue's description: > Separate Scope into DeclarationScope and Scope > > This reduces peak zone memory usage by ~10% on codeload and ~5% on mandreel. > > BUG=v8:5209 > > Committed: https://crrev.com/2648162dcfff622f8587cea2faa8c3af56456968 > Cr-Commit-Position: refs/heads/master@{#38367} TBR=marja@chromium.org,mstarzinger@chromium.org,ahaas@chromium.org,adamk@chromium.org,verwaest@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:5209 Review-Url: https://codereview.chromium.org/2212383003 Cr-Commit-Position: refs/heads/master@{#38380}
-
machenbach authored
Revert of Remove redundant ParseInfo::scope_. (patchset #4 id:60001 of https://codereview.chromium.org/2216563003/ ) Reason for revert: Reverting to revert https://codereview.chromium.org/2209573002 Original issue's description: > Remove redundant ParseInfo::scope_. > > This was always set to the literal's scope. > > (Additional change: mark getters as const.) > > R=adamk@chromium.org > BUG= > > Committed: https://crrev.com/23ea0782977ed3a4dd113462af9ecbfd6ff0ce94 > Cr-Commit-Position: refs/heads/master@{#38372} TBR=adamk@chromium.org,marja@chromium.org,neis@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG= Review-Url: https://codereview.chromium.org/2222503002 Cr-Commit-Position: refs/heads/master@{#38379}
-
machenbach authored
Revert of Hook up compiler dispatcher jobs to lazy parser. (patchset #3 id:40001 of https://codereview.chromium.org/2220463002/ ) Reason for revert: Need to revert https://codereview.chromium.org/2216563003 - just reland rebased version Original issue's description: > Hook up compiler dispatcher jobs to lazy parser. > > The lazy parser actually parses eagerly. It's called lazy because it > parses functions that were previously lazy parsed. D'uh. > > BUG=v8:5215 > R=marja@chromium.org > > Committed: https://crrev.com/255cc15f98507e2bba49574f4dc38c74deb0ca2c > Cr-Commit-Position: refs/heads/master@{#38375} TBR=marja@chromium.org,jochen@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:5215 Review-Url: https://codereview.chromium.org/2211393003 Cr-Commit-Position: refs/heads/master@{#38378}
-
jkummerow authored
This is an experiment as far as performance is concerned. If Smi-configured element loading directly from the dispatcher stub is fast enough, then we can stop compiling LoadFastElementStubs (and drop the corresponding code). Review-Url: https://codereview.chromium.org/2180273002 Cr-Commit-Position: refs/heads/master@{#38377}
-
bmeurer authored
Revert of [turbofan] Add support for copy-on-write element stores. (patchset #2 id:20001 of https://codereview.chromium.org/2218703003/ ) Reason for revert: Breaks tree? Original issue's description: > [turbofan] Add support for copy-on-write element stores. > > This extends JSNativeContextSpecialization with support for stores to > fast object/smi element backing stores that are marked as copy-on-write. > In this case we first call the CopyFixedArray builtin to take a copy of > the elements backing store, and then store the new elements back to the > object, and finally perform the actual element store. > > R=epertoso@chromium.org > BUG=v8:4470 > > Committed: https://crrev.com/ac98ad22f049a59c48387f1bab1590f135d219c6 > Cr-Commit-Position: refs/heads/master@{#38370} TBR=epertoso@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:4470 Review-Url: https://codereview.chromium.org/2220513002 Cr-Commit-Position: refs/heads/master@{#38376}
-
jochen authored
The lazy parser actually parses eagerly. It's called lazy because it parses functions that were previously lazy parsed. D'uh. BUG=v8:5215 R=marja@chromium.org Review-Url: https://codereview.chromium.org/2220463002 Cr-Commit-Position: refs/heads/master@{#38375}
-