- 29 Aug, 2018 23 commits
-
-
Hai Dang authored
Cloning arrays with Array.prototype.map and for-of push is too slow for large arrays. Bug: chromium:878681 Change-Id: I70ba5faad9e19cdc5a39cc64fb1b4bcb3fd0bf48 Reviewed-on: https://chromium-review.googlesource.com/1195363 Commit-Queue: Hai Dang <dhai@google.com> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#55496}
-
jgruber authored
This replaces ebx usage in several more interface descriptors. - IC descriptors already passed most arguments on the stack (updated their Register accessors to reflect that). - The allocation site argument appears to be unused in the ConstructStub descriptor. It can probably be removed in a follow-up. Drive-by: Rename ArgumentAdaptorDescriptor to ArgumentsAdaptorDescriptor to match the builtin name. Bug: v8:6666 Change-Id: I4cdf1775a5b4b74491d6d303c49a8af9b6cd3c03 Reviewed-on: https://chromium-review.googlesource.com/1195367 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#55495}
-
Toon Verwaest authored
This CL additionally uses IsInRange for token range checks. That only uses one branch rather than two. Change-Id: I52c6759ba195b55cb50c2ce9afbdc9b397495633 Reviewed-on: https://chromium-review.googlesource.com/1193875Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#55494}
-
Toon Verwaest authored
Change-Id: I14fd9d439db70cc37b8a57a8bc13e09877c513ee Reviewed-on: https://chromium-review.googlesource.com/1195369 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#55493}
-
Toon Verwaest authored
They are properly initialized upon creation. Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;master.tryserver.blink:linux_trusty_blink_rel Change-Id: I10ac441580bf957e97ce663c9c3ad268ddeae935 Reviewed-on: https://chromium-review.googlesource.com/1188573 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Cr-Commit-Position: refs/heads/master@{#55492}
-
Jakob Kummerow authored
On 32-bit platforms, String::kMaxLength is such that not all BigInts can be converted to Strings. NoSideEffectsToString, however, used to assume that this conversion always succeeds. This patch adds a check for the failure case, and returns "<a very large BigInt>" instead of crashing. This change is practically unobservable, because actually formatting such a huge BigInt to String would take "forever", which is also why there is no regression test. Bug: chromium:876628 Change-Id: I1eacdc1cce753ac5d9ca66e61e479043ab576e07 Reviewed-on: https://chromium-review.googlesource.com/1194004Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#55491}
-
jgruber authored
In preparation for kRootRegister support on ia32. LoadWithVector now passes the vector on the stack. LoadGlobalWithVector is able to reuse edx (used as ReceiverRegister in LoadWithVector). Drive-by: Aliasing DCHECKs and updated unused Register accessors. Bug: v8:6666 Change-Id: If0e93d22c3c11f764bc0805c3e6a51654cdcc5f9 Reviewed-on: https://chromium-review.googlesource.com/1193891 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#55490}
-
jgruber authored
In preparation for kRootRegister support on ia32. Updated: GrowArrayElements, Typeof, ConstructWithArrayLike. Bug: v8:6666 Change-Id: I05c3f752948ecc714c0ef16a2c540b26d89628ce Reviewed-on: https://chromium-review.googlesource.com/1195462 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#55489}
-
Michael Starzinger authored
R=titzer@chromium.org TEST=unittests/FunctionBodyDecoderTest BUG=v8:8091 Change-Id: Iad8d0dbc193c8e2f1f6359632fb2dbad28c154e2 Reviewed-on: https://chromium-review.googlesource.com/1195368Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#55488}
-
Rodrigo Bruno authored
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: Id2b474917ffd711ed30b9ae5f25ec86e13b140b5 Reviewed-on: https://chromium-review.googlesource.com/1193876Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Rodrigo Bruno <rfbpb@google.com> Cr-Commit-Position: refs/heads/master@{#55487}
-
Andreas Haas authored
{ThreadInWasmScope} in only used in a single location, which is in a test. It does not look like many more such places will show up. R=titzer@chromium.org, Bug: v8:8015 Change-Id: I89f6f7e2bd13e2882e65f7657d73ba59a6c71757 Reviewed-on: https://chromium-review.googlesource.com/1193446 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#55486}
-
Andreas Haas authored
It is better not to have V8-specific constants in mjsunit.js because it also has V8-independent uses, e.g. in the spec tests. R=gdeepti@chromium.org Bug: v8:8015 Change-Id: I3b576f093f639c13e673cbd0bd5305c8101d7281 Reviewed-on: https://chromium-review.googlesource.com/1192843Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#55485}
-
Sigurd Schneider authored
This changes the interface descriptor for the frame dropper trampoline to not use the kRootRegister (ebx) anymore. Change-Id: I15df6af57f70d8aeea6c97298b437ad96af19cd4 Bug: v8:6666 Reviewed-on: https://chromium-review.googlesource.com/1193242 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#55484}
-
Michael Starzinger authored
This makes sure that direct and indirect calls get proper {IfException} projections attached to them if they appear within a try-block. It also re-enables most of the corresponding test cases for this. R=ahaas@chromium.org TEST=mjsunit/wasm/exceptions BUG=v8:8091 Change-Id: I111634759651ed47f76850e80c8754751310001b Reviewed-on: https://chromium-review.googlesource.com/1195365 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#55483}
-
Maya Lekova authored
The new node is introduced for literal string addition and calling String.prototype.concat in the typed lowering phase. It later might get optimized away during redundancy elimination, keeping the performance of already existing benchmarks with string addition. In case the operation is about to throw (due to too long string being constructed) we just deoptimize, reusing the interpreter logic for creating the error. Modify relevant mjsunit and unit tests for string concatenation. Bug: v8:7902 Change-Id: Ie97d39534df4480fa8d4fe3ba276d02ed5e750e3 Reviewed-on: https://chromium-review.googlesource.com/1193342 Commit-Queue: Maya Lekova <mslekova@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#55482}
-
Frank Tang authored
Bug: v8:8066 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: I5511b6b9272804ebbb61bf2127a2ad51bfc70e28 Reviewed-on: https://chromium-review.googlesource.com/1179319Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/master@{#55481}
-
Rodrigo Bruno authored
Bug: v8:8108 Change-Id: Iaa388e53f99c827c4bcf5177f1a9e26097f07f11 Reviewed-on: https://chromium-review.googlesource.com/1195362Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Rodrigo Bruno <rfbpb@google.com> Cr-Commit-Position: refs/heads/master@{#55480}
-
Ben L. Titzer authored
This CL makes the names of tracing flags related to WASM consistent with the rest of V8 tracing flags. R=ahaas@chromium.org Change-Id: I871fb7b5e27ff7b8f587e08507d15c0719881990 Reviewed-on: https://chromium-review.googlesource.com/1193182 Commit-Queue: Ben Titzer <titzer@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#55479}
-
Toon Verwaest authored
Using a circular buffer regresses performance unfortunately. Change-Id: Id5b68cae798d21f46376141f86d5707794bf08d6 Reviewed-on: https://chromium-review.googlesource.com/1194064Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#55478}
-
Sigurd Schneider authored
This CL removed the 2nd scratch register from StackOverflowCheck on ia32 and lower register pressure at use sites. This will make it easier to preserve the kRootRegister (ebx) in future CLs. Bug: v8:6666 Change-Id: I225ffdf155a4547fcec02a033638da094995f181 Reviewed-on: https://chromium-review.googlesource.com/1194122 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#55477}
-
Jaroslav Sevcik authored
Bug: v8:7790 Change-Id: I1e49ae883456d0a13bd19042d2649fb603612d04 Reviewed-on: https://chromium-review.googlesource.com/1189622 Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#55476}
-
Jaroslav Sevcik authored
Adds recursive serialization of boilerplate JSObjects. It also hooks up serialization of FixedArrays (shallow copy of all elements). Bug: v8:7790 Change-Id: I458133961918617ab7bdae8d14712a4e5a7d9cb5 Reviewed-on: https://chromium-review.googlesource.com/1188903Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#55475}
-
Ulan Degenbaev authored
Bug: chromium:875041 Change-Id: I4008fa2f7d92a0f2005c7566eb2945a800a9d284 Reviewed-on: https://chromium-review.googlesource.com/1190862 Commit-Queue: Alexei Filippov <alph@chromium.org> Reviewed-by: Alexei Filippov <alph@chromium.org> Cr-Commit-Position: refs/heads/master@{#55474}
-
- 28 Aug, 2018 17 commits
-
-
Wez authored
The VMAR syscall signatures are being updated, so migrate to the temporarily-provided *_old() variants, in advance of the Fuchsia SDK roll that updates the real APIs. TBR: hpayer Change-Id: I10da4df97b122262de04a2417bd91b921f3a63d5 Reviewed-on: https://chromium-review.googlesource.com/1194429 Commit-Queue: Wez <wez@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#55473}
-
Sathya Gunasekaran authored
Bug: v8:7834 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: Ieab3529ce40a2c01c18f7fade10ec8b437173aa9 Reviewed-on: https://chromium-review.googlesource.com/1194424 Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#55472}
-
Ujjwal Sharma authored
This increases the size of a V8BreakIterator instance by a word to store the current function. The instance to be bound is stored on the context of this builtin function. Bug: v8:5751 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: I1bdf3d3cd9db5ab16abb644b33b44705ca58684e Reviewed-on: https://chromium-review.googlesource.com/1194802 Commit-Queue: Ujjwal Sharma <usharma1998@gmail.com> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#55471}
-
Hannes Payer authored
This reverts commit d6de4af5. Bug: chromium:852420 Change-Id: Ife02a0e47ddb4a136c552965d9e01c6a0ef18e02 Reviewed-on: https://chromium-review.googlesource.com/1194363Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/master@{#55470}
-
Junliang Yan authored
Change-Id: I2df302a4bed3775dfdf15cc3d1797c50229cc997 Reviewed-on: https://chromium-review.googlesource.com/1194582Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#55469}
-
Michael Achenbach authored
This reverts commit 0d66b4d8. Reason for revert: https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux64%20TSAN/22200 Original change's description: > [heap] Reland: Reuse object evacuation information for slot recording in Scavenger. > > This reverts commit 136ecbb9. > > Bug: chromium:852420 > Change-Id: I4fab9d6ed7b18085352fa7488c2849b90588deaf > Reviewed-on: https://chromium-review.googlesource.com/1189802 > Commit-Queue: Hannes Payer <hpayer@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Cr-Commit-Position: refs/heads/master@{#55467} TBR=ulan@chromium.org,hpayer@chromium.org,mlippautz@chromium.org Change-Id: I03991a02eb5e06e7db91f88462232dde4bd97f49 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:852420 Reviewed-on: https://chromium-review.googlesource.com/1194005Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#55468}
-
Hannes Payer authored
This reverts commit 136ecbb9. Bug: chromium:852420 Change-Id: I4fab9d6ed7b18085352fa7488c2849b90588deaf Reviewed-on: https://chromium-review.googlesource.com/1189802 Commit-Queue: Hannes Payer <hpayer@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#55467}
-
Toon Verwaest authored
To avoid recursion cost we now more aggressively inline. The many added branches for this shortcut to work can easily hurt performance as well. Let's try to remove and see what performance looks like nowadays. Change-Id: I93e2d57ebebd6adde836f54ac629cc67dd82f143 Reviewed-on: https://chromium-review.googlesource.com/1194062 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#55466}
-
Michael Starzinger authored
This fixes a race with the aforementioned runtime function where the global map from Isolate to WasmCompileControls was accessed without proper synchronization. These are reported by "TSAN isolates". R=sigurds@chromium.org TEST=mjsunit/wasm/compilation-limits Change-Id: Iaeea7f54cbb5051ca0ca97d75543e38ab9f9addc Reviewed-on: https://chromium-review.googlesource.com/1193243Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#55465}
-
Peter Marshall authored
Very large allocations can cause timeouts or crashes on TSAN bots. This test checks the handling of arrays with length > MaxSmi, so allocates a very large array. It's unlikely that TSAN will find anything interesting here that other bots won't catch, so disabling the test. Bug: v8:8103 Change-Id: I8ea01d418ff088a2b9bd1b1ef938d4f69be1155d Reviewed-on: https://chromium-review.googlesource.com/1193423Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#55464}
-
Ujjwal Sharma authored
This increases the size of a V8BreakIterator instance by a word to store the next function. The instance to be bound is stored on the context of this builtin function. Bug: v8:5751 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: Ibdfabe53c7d0790c1ba44d5de8d1c8fc8de517c9 Reviewed-on: https://chromium-review.googlesource.com/1193502Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#55463}
-
Toon Verwaest authored
Change-Id: I6fe237d4aec3745e993a65ddf31f5fafc3ce175d Reviewed-on: https://chromium-review.googlesource.com/1193368Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#55462}
-
jgruber authored
In preparation for kRootRegister support on ia32. Updated: CallWithSpread, CallWithArrayLike, ConstructWithSpread. Bug: v8:6666 Change-Id: I41c166aebee99356efa5c175739b2124d5557d58 Reviewed-on: https://chromium-review.googlesource.com/1188563Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#55461}
-
Ross McIlroy authored
With FLAG_preparser_scope_analysis enabled we now always track unresolved variables in the preparser. Fix the logic for deciding on the correct RCS tracing category to be based on what the preparser does. Change-Id: If691d51e6a2c09e554e4d96c10c37060cc7cca96 Reviewed-on: https://chromium-review.googlesource.com/1193303Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#55460}
-
Ujjwal Sharma authored
This increases the size of a V8BreakIterator instance by a word to store the first function. The instance to be bound is stored on the context of this builtin function. Bug: v8:5751 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: Ib1e8cb8353d0885e0d9bcfdc5fe558c1de0a0738 Reviewed-on: https://chromium-review.googlesource.com/1192823 Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#55459}
-
jgruber authored
These two builtins are a special case in that their calling convention must be kept in-sync since they are both generated from Generate_CallOrConstructVarargs. ConstructVarargs in particular used all available registers. In order to free ebx, the calling convention is changed to pass the last argument on the stack. As part of this change, the order of the last two arguments is swapped since the stack parameter must be tagged. Bug: v8:6666 Change-Id: If1ad14fc09693c36dd63ffebb6f34fcd3f012896 Reviewed-on: https://chromium-review.googlesource.com/1193444Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#55458}
-
Michael Starzinger authored
This fixes a crash with a predicate used during stack unwinding of WebAssembly frames during exception handling. The predicate caused an observable side-effect in JavaScript during unwinding, code that is inherently unhandlified and is not allowed to be observable. The fix actually just removes the entire predicate. This is because the updated proposal causes all JavaScript exceptions to participate in WebAssembly exception handling, allowing modelling of "finally" language constructs to perform cleanup independent of the embedders exception details. R=ahaas@chromium.org TEST=mjsunit/regress/wasm/regress-8095 BUG=v8:8095 Change-Id: Ic03bc45e7b7f4562a431ccf910ee9ddcf558aa48 Reviewed-on: https://chromium-review.googlesource.com/1193445Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#55457}
-