Skip to content

V
V8
Switch branch/tag
  1. 09 Nov, 2016 13 commits
    • jarin's avatar
      [turbofan] Enable accessor inlining when compiling from bytecode. · 12af4128
      jarin authored 
      Review-Url: https://codereview.chromium.org/2486223002
Cr-Commit-Position: refs/heads/master@{#40863}
      12af4128
    • ivica.bogosavljevic's avatar
      MIPS: Fix bad RegisterConfiguration usage in InstructionSequence unit tests. · 0cf56232
      ivica.bogosavljevic authored 
      Test InstructionSequenceTest has been initialized with a testing RegisterConfiguration
instance defined in instruction-sequence-unittest.h, whereas class ExplicitOperand which
is being tested used RegisterConfiguration from instruction.cc. In case these two
instances are different, the tests would fail. The issue is fixed by using the same
instance of RegisterConfiguration both for test code and code under test.

Additionally, the tests in register-allocator-unittest.cc use hardcoded values
for register and begin failing is the hardcoded register is not available for
allocation. Fix by forcing the use of allocatable registers only.

TEST=unittests.MoveOptimizerTest.RemovesRedundantExplicit,unittests.RegisterAllocatorTest.SpillPhi
BUG=

Review-Url: https://codereview.chromium.org/2433093002
Cr-Commit-Position: refs/heads/master@{#40862}
      0cf56232
    • bmeurer's avatar
      [turbofan] Add support for accessing Uint8ClampedArrays. · 82b315ce
      bmeurer authored 
      This adds a new NumberToUint8Clamped simplified operator that does the
round ties to even + clamping necessary to store to Uint8ClampedArrays.

BUG=v8:4470,v8:5267,v8:5615
R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2489563004
Cr-Commit-Position: refs/heads/master@{#40861}
      82b315ce
    • rmcilroy's avatar
      [Interpreter] Remove Ldr[Named/Keyed]Property bytecodes and use Star Lookahead instead. · ed35983a
      rmcilroy authored 
      The Ldr[Named/Keyed]Property bytecodes are problematic for the deoptimizer when
inlining accessors in TurboFan. Remove them and replace with a Star lookahead
in the bytecode handlers for Lda[Named/Keyed]Property.

BUG=v8:4280

Review-Url: https://codereview.chromium.org/2485383002
Cr-Commit-Position: refs/heads/master@{#40860}
      ed35983a
    • mstarzinger's avatar
      [turbofan] Stage escape analysis optimization. · 62688795
      mstarzinger authored 
      This stages escape analysis by implying --turbo-escape by the --turbo
flag. It broadens the exposure of the optimization in question.

R=jarin@chromium.org
BUG=v8:4586,v8:5267

Review-Url: https://codereview.chromium.org/1992913005
Cr-Commit-Position: refs/heads/master@{#40859}
      62688795
    • jgruber's avatar
      [debug] Disable debug events if JS execution is disallowed · 8f22fcec
      jgruber authored 
      We cannot generate debug events if JS execution is disallowed since
vital debugging logic is still implemented in JS. Return early from
Debug::OnException if that is the case.

BUG=chromium:662674

Review-Url: https://codereview.chromium.org/2491443002
Cr-Commit-Position: refs/heads/master@{#40858}
      8f22fcec
    • ulan's avatar
      [heap] Ensure that the sweeper does not lose unswept pages. · b6219871
      ulan authored 
      This fixes a race between the sweeper and the array buffer tracker
that causes the sweeper to skip unswept pages.

The scenario:
1. Mark-compact GC adds page p to the sweeping_list_ of the sweeper.
2. GC finishes, the main thread starts executinng JS.
3. The main thread takes p->mutex to unregister an array buffer.
4. A sweeper thread removes p from the sweeping_list_ and tries to
   take p->mutex. The try fails. The sweeper drops p and continues
   to the next page.
5. During selection of evacuation candidate in the next GC we hit
   page->SweepingDone() assert.

BUG=chromium:650314

Review-Url: https://codereview.chromium.org/2484153004
Cr-Commit-Position: refs/heads/master@{#40857}
      b6219871
    • ahaas's avatar
      [wasm] Fix bounds check in LoadDataSegments. · ac183d49
      ahaas authored 
      The bounds check in LoadDataSegment was off by one. I also improved the
error message, and fixed an issue where data was initialized even if
the bounds check failed.

In InstantiateModuleForTesting I allow instantiation of modules without
exports. This check was legacy code from the time where instantiation
and execution was still combined in a single function.

R=titzer@chromium.org, rossberg@chromium.org
TEST=cctest/test-run-wasm-module/InitDataAtTheUpperLimit

Review-Url: https://codereview.chromium.org/2486183002
Cr-Commit-Position: refs/heads/master@{#40856}
      ac183d49
    • ahaas's avatar
      [wasm] Data section without memory causes a validation error · bd472ffa
      ahaas authored 
      Another spec issue.

R=titzer@chromium.org, rossberg@chromium.org
TEST=unittests/WasmModuleVerifyTest.DataWithoutMemory

Review-Url: https://codereview.chromium.org/2486973003
Cr-Commit-Position: refs/heads/master@{#40855}
      bd472ffa
    • tebbi's avatar
      [turbofan] Fixed reuse of nested ObjectState in escape analysis · 288d3812
      tebbi authored 
      The problem is that writes to nested objects do not lead to a copy of a referencing VirtualObject, and that each VirtualObjects maintains a cache of an ObjectState node. Together, this leads to inappropriate reuse of ObjectState nodes.
This fix simply always copies all virtual objects when a new VirtualState is created. This is clearly not optimal to avoid clones, but determining precisely which virtual objects are affected by a write is a transitive closure computation on the virtual objects of a virtual state. Alternatively, one could change the semantics of the node cache.

BUG=v8:5611

Review-Url: https://codereview.chromium.org/2488713002
Cr-Commit-Position: refs/heads/master@{#40854}
      288d3812
    • mlippautz's avatar
      [heap] Tracer: Eliminate prefix for external callbacks · 8d6de5f2
      mlippautz authored 
      The distinction didn't provide any benefits.

BUG=chromium:651354

Review-Url: https://codereview.chromium.org/2492433002
Cr-Commit-Position: refs/heads/master@{#40853}
      8d6de5f2
    • ahaas's avatar
      [wasm] Indirect calls without function table cause validation errors. · 4db05d40
      ahaas authored 
      The spec defines that indirect calls in WebAssembly code should cause a
validation error if no function table exists.

The CL contains the following changes:
1) Throw a validation error for indirect calls if the function table
   not exist.
2) Do not create TF nodes to throw a runtime error for indirect calls
   if the function table does not exist.
3) Fix existing unit tests by creating a dummy function table.
4) Add new a new test which tests that indirect calls without function
   table cause a validation error.

R=rossberg@chromium.org
CC=titzer@chromium.org

TEST=unittests/AstDecoderTest.IndirectCallsWithoutTableCrash

Review-Url: https://codereview.chromium.org/2484623002
Cr-Commit-Position: refs/heads/master@{#40852}
      4db05d40
    • littledan's avatar
      Avoid calling out to JS during stack overflow · 5975c47a
      littledan authored 
      If an exception is thrown when there is a Promise being created, the Promise
catch prediction code would call into a part implemented in JavaScript to see if
the Promise has a catch handler. If it is not possible to call back into JS,
e.g., due to a stack overflow, then this would lead to a crash. This patch
"speculates" that, if it's impossible to call back into JavaScript, then the
error is unhandled, avoding the issue. In a future patch, the catch prediction
logic should be entirely written in C++, but this patch adds a minimal fix to
be more friendly to backports.

BUG=chromium:662935
R=jgruber

Review-Url: https://codereview.chromium.org/2487833002
Cr-Commit-Position: refs/heads/master@{#40851}
      5975c47a
  3. 08 Nov, 2016 27 commits