- 04 Apr, 2017 31 commits
-
-
vogelheim authored
The past re-factoring inadvertently increased memory consumption for AstConsString. This implements a micro-optimization to revert and slightly improve beyond the original state. Example, Zone size for parsing closure.js: - 20,999,848 B (before refactoring) - 21,651,056 B (after refactoring patch; 3.1% regression) - 20,641,320 B (after this CL; 1.7% improvement over original) (Reason: ZoneLinkedList requires 4 pointers to support the std::list functionality (Zone*, head/tail ptr, payload ptr). But since we only append and iterate in order and have the Zone* available in the context, a super simple linked list (value + next ptr) saves a bit of memory, especially for the common case of having 0 or 1 string segments.) BUG=v8:6902, chromium:706935 Review-Url: https://codereview.chromium.org/2792353002 Cr-Commit-Position: refs/heads/master@{#44385}
-
pierre.langlois authored
When emitting a frame, we always push the old frame pointer at offset 0 relative to the new frame pointer. However, we didn't emit DWARF opcodes to inform perf of this. BUG= Review-Url: https://codereview.chromium.org/2795253002 Cr-Commit-Position: refs/heads/master@{#44384}
-
mlippautz authored
Revert of [heap] Fix CompactionSpace test and move to unittests (patchset #3 id:40001 of https://codereview.chromium.org/2796033002/ ) Reason for revert: Breaks https://uberchromegw.corp.google.com/i/client.v8/builders/V8%20Linux%20-%20shared/builds/17291 Original issue's description: > [heap] Fix CompactionSpace test and move to unittests > > BUG=chromium:651354 > > Review-Url: https://codereview.chromium.org/2796033002 > Cr-Commit-Position: refs/heads/master@{#44382} > Committed: https://chromium.googlesource.com/v8/v8/+/ce9a2db1e13131245d8adc2757b9d9202ba568e0 TBR=ulan@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=chromium:651354 Review-Url: https://codereview.chromium.org/2793033004 Cr-Commit-Position: refs/heads/master@{#44383}
-
mlippautz authored
BUG=chromium:651354 Review-Url: https://codereview.chromium.org/2796033002 Cr-Commit-Position: refs/heads/master@{#44382}
-
jgruber authored
This reverts 1c1edda7. I can't reproduce the flakes locally anymore, let's see if this sticks. BUG=v8:5619 Review-Url: https://codereview.chromium.org/2796053002 Cr-Commit-Position: refs/heads/master@{#44381}
-
Michael Achenbach authored
Bug: v8:5193 NOTRY=true TBR=hablich@chromium.org Change-Id: I54861956c1a7b3c3e5048946618ea98fbe0a7066 Reviewed-on: https://chromium-review.googlesource.com/467246Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#44380}
-
vchigrin authored
This removes kDeoptTableSerializeEntryCount heuristic constant. Review-Url: https://codereview.chromium.org/2790573002 Cr-Commit-Position: refs/heads/master@{#44379}
-
pierre.langlois authored
The unwinding information we emit wrongly encodes code locations as relative offsets. If we look at the .eh_frame section of shared object generated by "perf inject" using "objdump -g": ~~~ 00000000 0000000000000018 00000000 CIE (snip) 0000001c 0000000000000028 00000020 FDE cie=00000000 pc=fffffffffffffee8..00000000000017f8 (snip) 00000048 ZERO terminator ~~~ We can see the range that the FDE entry covers is incorrect, it should point to where the .text section is, at address 0x40 on a 64-bit architecture. The reason for this was that the PerfJitLogger logs a code size that is different from the one we've used when encoding the unwinding information. The logger will ignore the safepoint table while the unwinding info assumes it is part of the code. BUG= Review-Url: https://codereview.chromium.org/2790403002 Cr-Commit-Position: refs/heads/master@{#44378}
-
machenbach authored
Revert of [heap] Refactor evacuation verifier (patchset #1 id:1 of https://codereview.chromium.org/2790373002/ ) Reason for revert: Speculative revert. Breaks https://build.chromium.org/p/client.v8/builders/V8%20Win64%20-%20debug/builds/16112 and seems to lead to flakes. Original issue's description: > [heap] Refactor evacuation verifier > > BUG=chromium:651354 > > Review-Url: https://codereview.chromium.org/2790373002 > Cr-Commit-Position: refs/heads/master@{#44375} > Committed: https://chromium.googlesource.com/v8/v8/+/396f1e242184b936c61dda7a14d1306d43b1863c TBR=ulan@chromium.org,mlippautz@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=chromium:651354 Review-Url: https://codereview.chromium.org/2795903004 Cr-Commit-Position: refs/heads/master@{#44377}
-
Marja Hölttä authored
This makes it easier to match VariableProxys against variables in Scopes (allocation-based prints such as local[0] or context[0] are not unique). R=vogelheim@chromium.org Bug: Change-Id: I8f86504f5e1657633286561e032805a8f6cff06e Reviewed-on: https://chromium-review.googlesource.com/467486 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> Cr-Commit-Position: refs/heads/master@{#44376}
-
mlippautz authored
BUG=chromium:651354 Review-Url: https://codereview.chromium.org/2790373002 Cr-Commit-Position: refs/heads/master@{#44375}
-
Camillo Bruni authored
Support arbitrary arguments in %ArrayBufferNeuter without aborting for future exposure in ClusterFuzz. Change-Id: I3053a2139af215c9d417356bdeeda58d594d16aa Reviewed-on: https://chromium-review.googlesource.com/465830Reviewed-by: Peter Marshall <petermarshall@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#44374}
-
Loo Rong Jie authored
Update according to new spec change at https://github.com/tc39/ecma262/pull/856 - Call ToNumber only once in BUILTIN - Remove unused FillNumberSlowPath - FillImpl assumes obj_value->IsNumber() is true - Update test Bug:v8:5929,chromium:702902 Change-Id: Ic83e6754d043582955b81c76e68f95e1c6b7e901 Reviewed-on: https://chromium-review.googlesource.com/465646Reviewed-by: Daniel Ehrenberg <littledan@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#44373}
-
Franziska Hinkelmann authored
Getting elements, querying length or copying elements are now const functions. Drive-by fix: Noticed a few more getters that should be const. Add a comment to ArrayList functions that are static functions. BUG= Change-Id: I5de1aed97510dea4e47cb974b3259da51ae663af Reviewed-on: https://chromium-review.googlesource.com/467249Reviewed-by: Jochen Eisinger <jochen@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Franziska Hinkelmann <franzih@chromium.org> Cr-Commit-Position: refs/heads/master@{#44372}
-
Michael Achenbach authored
Broke after: https://codereview.chromium.org/2757593002 NOTRY=true TBR=yangguo@chromium.org BUG=v8:6091 Change-Id: Id06860ad6519966a31d768ec9608b48786397e8f Reviewed-on: https://chromium-review.googlesource.com/467209Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#44371}
-
Franziska Hinkelmann authored
BUG= Change-Id: Ia02787bef5fcd38397977d0ba2298d216f25f0df Reviewed-on: https://chromium-review.googlesource.com/467386 Commit-Queue: Franziska Hinkelmann <franzih@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#44370}
-
Marja Hölttä authored
BUG=v8:5402 R=mstarzinger@chromium.org Change-Id: Ib53721867e0978b6f4f127883ae1b72145adb6e8 Reviewed-on: https://chromium-review.googlesource.com/461863Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#44369}
-
Clemens Hammacher authored
Make sure that we call the destructors on all embedded object by replacing the WasmInterpreterInternals::Delete method by an actual destructor. This way, the compiler automatically calls destructors on all embedded objects, in particular the IdentityMap in the CodeMap. This change also requires to release managed objects *before* tearing down the heap, because the wasm interpreter, referenced via Managed<>, contains global handles. When those are destroyed, the isolate still needs to be intact. Drive-by: Fix include guard in managed.h. R=ahaas@chromium.org, ulan@chromium.org, mvstanton@chromium.org BUG=v8:5822 Change-Id: I9a067f037e013c84e4d697a1e913b27c683bb529 Reviewed-on: https://chromium-review.googlesource.com/466187Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#44368}
-
Michael Starzinger authored
This makes temporary variables nestable and fixes borked nesting with function table calls by introducing a {TemporaryVariableScope} helper. R=clemensh@chromium.org TEST=mjsunit/regress/regress-6196 BUG=v8:6196 Change-Id: Ie760f27ce9ede3d4d5dacdebdc295c56cc666970 Reviewed-on: https://chromium-review.googlesource.com/467327 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#44367}
-
ivica.bogosavljevic authored
Fix ff8b1abb This fixes the problem with the alignment of typed arrays in turbofan. Namely, Float64 typed arrays weren't properly aligned on 32bit architectures, and this causes crashes on those architectures that do not support misaligned memory access. TEST=mjsunit/es6/typedarray-* BUG=v8:6075 Review-Url: https://codereview.chromium.org/2784253002 Cr-Commit-Position: refs/heads/master@{#44366}
-
Franziska Hinkelmann authored
ArrayList is a FixedArray where kFirstIndex is > 0. The Elements() methods returns a copy of the elements starting at kFirstIndex, i.e., without the length that is stored in the first slot. Drive-by fix: Rename some variables. BUG= Change-Id: Ia1de73c4780a179301007f2ab9080fd08e8ea99d Reviewed-on: https://chromium-review.googlesource.com/466186Reviewed-by: Michael Stanton <mvstanton@chromium.org> Commit-Queue: Franziska Hinkelmann <franzih@chromium.org> Cr-Commit-Position: refs/heads/master@{#44365}
-
Franziska Hinkelmann authored
Return a structured objet with the type profile information. Move the test from message to mjsunit. BUG=v8:5933 Change-Id: I3e1c592697924d87f82d46b0ddbdb6d82d9c8467 Reviewed-on: https://chromium-review.googlesource.com/464847Reviewed-by: Michael Stanton <mvstanton@chromium.org> Commit-Queue: Franziska Hinkelmann <franzih@chromium.org> Cr-Commit-Position: refs/heads/master@{#44364}
-
bmeurer authored
For sloppy arguments in functions with declared formal parameters, the apply with arguments optimization in TurboFan wouldn't kick in currently, because so far there was no guard to see if using the arguments from the stack or the frame state is safe. One easy to check guard here is to just check that there's no observable side-effect between the actual arguments creation and the call to apply. BUG=v8:5267,v8:6200 R=danno@chromium.org Review-Url: https://codereview.chromium.org/2789113004 Cr-Commit-Position: refs/heads/master@{#44363}
-
machenbach authored
Revert of [typedarrays] Check detached buffer at start of typed array methods (patchset #10 id:180001 of https://codereview.chromium.org/2778623003/ ) Reason for revert: Breaks layout tests: https://build.chromium.org/p/tryserver.v8/builders/v8_linux_blink_rel/builds/18499 Changes: https://storage.googleapis.com/chromium-layout-test-archives/v8_linux_blink_rel/18499/layout-test-results/results.html See: https://github.com/v8/v8/wiki/Blink-layout-tests Original issue's description: > [typedarrays] Check detached buffer at start of typed array methods > > - Throw TypeError in ValidateTypedArray, matching JSC, SpiderMonkey > and ChakraCore. > - Validate typed arrays at start of each typed array prototype > methods in src/js/typedarrays.js > - Add tests to check detached buffers > - Remove an unnecessary parameter of TypedArraySpeciesCreate > in src/js/typedarrays.js > - Standardize TypedArray.prototype.subarray > - Update test262.status to pass detached buffer tests > > BUG=v8:4648,v8:4665,v8:4953 > > Review-Url: https://codereview.chromium.org/2778623003 > Cr-Commit-Position: refs/heads/master@{#44357} > Committed: https://chromium.googlesource.com/v8/v8/+/238d5b4453d9166aaddce76a5393514d977238d4 TBR=cbruni@chromium.org,adamk@chromium.org,bmeurer@chromium.org,littledan@chromium.org,petermarshall@chromium.org,cwhan.tunz@gmail.com # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:4648,v8:4665,v8:4953 Review-Url: https://codereview.chromium.org/2793233003 Cr-Commit-Position: refs/heads/master@{#44362}
-
Michael Starzinger authored
This fixes the name stored with functions where the declaration was hoisted above the actual function definition. It also extends test coverage and emits proper source position mapping for such cases. R=clemensh@chromium.org TEST=mjsunit/wasm/asm-wasm-stack BUG=v8:6127 Change-Id: I675a98b244fe2157925e799b5c46b7f6bd53c9da Reviewed-on: https://chromium-review.googlesource.com/466247Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#44361}
-
jgruber authored
BUG=v8:6172 Review-Url: https://codereview.chromium.org/2795693002 Cr-Commit-Position: refs/heads/master@{#44360}
-
dusan.simicic authored
Add support for F32x4Splat, F32x4ExtractLane, F32x4ReplaceLane, F32x4SConvertI32x4, F32x4UConvertI32x4 operations for mips32 and mips64 architectures. BUG= Note: Depends on https://codereview.chromium.org/2753903004/ Review-Url: https://codereview.chromium.org/2780503002 Cr-Commit-Position: refs/heads/master@{#44359}
-
machenbach authored
Revert of [inspector] move console to builtins (patchset #7 id:140001 of https://codereview.chromium.org/2785293002/ ) Reason for revert: http://crbug.com/v8/6198 Original issue's description: > [inspector] move console to builtins > > What will we get: > - console would be included into snapshot and allow us to reduce time that we spent in contextCreated function (~5 times faster), > - it allows us to make further small improvement of console methods, e.g. we can implement super quick return from console.assert if first argument is true, > - console calls are ~ 15% faster. > > BUG=v8:6175 > R=dgozman@chromium.org > > Review-Url: https://codereview.chromium.org/2785293002 > Cr-Original-Commit-Position: refs/heads/master@{#44353} > Committed: https://chromium.googlesource.com/v8/v8/+/55905f85d63d75aaa9313e51eb7bede754a8e41c > Review-Url: https://codereview.chromium.org/2785293002 > Cr-Commit-Position: refs/heads/master@{#44355} > Committed: https://chromium.googlesource.com/v8/v8/+/cc74ea0bc4fe4a71fa53d08b62cc18d15e01fbb3 TBR=dgozman@chromium.org,kozyatinskiy@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:6175 Review-Url: https://codereview.chromium.org/2790343002 Cr-Commit-Position: refs/heads/master@{#44358}
-
cwhan.tunz authored
- Throw TypeError in ValidateTypedArray, matching JSC, SpiderMonkey and ChakraCore. - Validate typed arrays at start of each typed array prototype methods in src/js/typedarrays.js - Add tests to check detached buffers - Remove an unnecessary parameter of TypedArraySpeciesCreate in src/js/typedarrays.js - Standardize TypedArray.prototype.subarray - Update test262.status to pass detached buffer tests BUG=v8:4648,v8:4665,v8:4953 Review-Url: https://codereview.chromium.org/2778623003 Cr-Commit-Position: refs/heads/master@{#44357}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/e00daf3..58260ed Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapult/+log/6b686d1..7726dac TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Change-Id: I3468312d0d9b98886299d0b89bb75cdd328603db Reviewed-on: https://chromium-review.googlesource.com/466868Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#44356}
-
kozyatinskiy authored
What will we get: - console would be included into snapshot and allow us to reduce time that we spent in contextCreated function (~5 times faster), - it allows us to make further small improvement of console methods, e.g. we can implement super quick return from console.assert if first argument is true, - console calls are ~ 15% faster. BUG=v8:6175 R=dgozman@chromium.org Review-Url: https://codereview.chromium.org/2785293002 Cr-Original-Commit-Position: refs/heads/master@{#44353} Committed: https://chromium.googlesource.com/v8/v8/+/55905f85d63d75aaa9313e51eb7bede754a8e41c Review-Url: https://codereview.chromium.org/2785293002 Cr-Commit-Position: refs/heads/master@{#44355}
-
- 03 Apr, 2017 9 commits
-
-
kozyatinskiy authored
Revert of [inspector] move console to builtins (patchset #6 id:120001 of https://codereview.chromium.org/2785293002/ ) Reason for revert: console.toString() should return "[object Object]" Original issue's description: > [inspector] move console to builtins > > What will we get: > - console would be included into snapshot and allow us to reduce time that we spent in contextCreated function (~5 times faster), > - it allows us to make further small improvement of console methods, e.g. we can implement super quick return from console.assert if first argument is true, > - console calls are ~ 15% faster. > > BUG=v8:6175 > R=dgozman@chromium.org > > Review-Url: https://codereview.chromium.org/2785293002 > Cr-Commit-Position: refs/heads/master@{#44353} > Committed: https://chromium.googlesource.com/v8/v8/+/55905f85d63d75aaa9313e51eb7bede754a8e41c TBR=dgozman@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:6175 Review-Url: https://codereview.chromium.org/2795003003 Cr-Commit-Position: refs/heads/master@{#44354}
-
kozyatinskiy authored
What will we get: - console would be included into snapshot and allow us to reduce time that we spent in contextCreated function (~5 times faster), - it allows us to make further small improvement of console methods, e.g. we can implement super quick return from console.assert if first argument is true, - console calls are ~ 15% faster. BUG=v8:6175 R=dgozman@chromium.org Review-Url: https://codereview.chromium.org/2785293002 Cr-Commit-Position: refs/heads/master@{#44353}
-
Josh Wolfe authored
Add newline at the start of the function body. BUG=v8:6190, v8:4958 R=littledan@chromium.org, adamk@chromium.org, caitp@igalia.com Change-Id: I10db088ac9807a503382fd5080ad955e418d8b45 Reviewed-on: https://chromium-review.googlesource.com/466566Reviewed-by: Caitlin Potter <caitp@igalia.com> Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Josh Wolfe <jwolfe@igalia.com> Cr-Commit-Position: refs/heads/master@{#44352}
-
Caitlin Potter authored
Relanding now that v8:6190 has been fixed BUG=v8:4958 R=adamk@chromium.org, littledan@chromium.org, jwolfe@igalia.com Change-Id: I2732dbf96c5f9f899cee826dd2fdc621098a87e5 Reviewed-on: https://chromium-review.googlesource.com/466226Reviewed-by: Daniel Ehrenberg <littledan@chromium.org> Commit-Queue: Daniel Ehrenberg <littledan@chromium.org> Cr-Commit-Position: refs/heads/master@{#44351}
-
Clemens Hammacher authored
Minor fix: Provide a string for "%s". R=hablich@chromium.org Change-Id: Ibae24688c5f69e0fee5108701aa7f483117aea8c Reviewed-on: https://chromium-review.googlesource.com/457998Reviewed-by: Michael Hablich <hablich@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#44350}
-
Peter Marshall authored
Seems to have been missed in this cleanup: crrev.com/2741683004. Also updates a comment referring to internal fields. Change-Id: I44b5fd49f5fb4b67b5288a6af959e4e963544368 Reviewed-on: https://chromium-review.googlesource.com/466147 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> Cr-Commit-Position: refs/heads/master@{#44349}
-
Michael Starzinger authored
This adds test coverage for the source position tracking of function table calls in asm.js and fixes the discovered issues. It also fixes function start positions (used by errors thrown at stack checks). R=clemensh@chromium.org TEST=mjsunit/wasm/asm-wasm-stack BUG=v8:6127,v8:6166 Change-Id: Id6ab6dc72bcedb0d838eed315e2a05fbc59039f4 Reviewed-on: https://chromium-review.googlesource.com/465949 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#44348}
-
cwhan.tunz authored
Since byteOffset is configurable, we need to access byteOffset by %_ArrayBufferViewGetByteOffset, instead of accessing .byteOffset property. BUG=v8:6120 Review-Url: https://codereview.chromium.org/2761673003 Cr-Commit-Position: refs/heads/master@{#44347}
-
Clemens Hammacher authored
When calling imported functions, we were always using the global object as receiver. This is incorrect for strict functions, which should have undefined as receiver. This CL fixes this also for the interpreter, making us pass test/mjsunit/wasm/receiver.js with --wasm-interpret-all. R=ahaas@chromium.org BUG=v8:5822 TEST=test/mjsunit/wasm/receiver Change-Id: Ib7d637083245f67b668c11540e3c3473bc167129 Reviewed-on: https://chromium-review.googlesource.com/465986 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#44346}
-