- 22 Jun, 2016 13 commits
-
-
mlippautz authored
Failing to do the right check in AdvancePage results in a crash in a CHECK later in EnsureCurrentCapacity. BUG=chromium:620750,chromium:622115 LOG=N R=jochen@chromium.org Review-Url: https://codereview.chromium.org/2090013002 Cr-Commit-Position: refs/heads/master@{#37171}
-
yangguo authored
R=vogelheim@chromium.org Review-Url: https://codereview.chromium.org/2081703002 Cr-Commit-Position: refs/heads/master@{#37170}
-
yangguo authored
R=jgruber@chromium.org BUG=v8:4703 Review-Url: https://codereview.chromium.org/2088703002 Cr-Commit-Position: refs/heads/master@{#37169}
-
bmeurer authored
This adds a dedicated test to make sure we don't try constant folding on checks (in this case CheckTaggedPointer), which would generate invalid code as we removing checks that guard the constant without knowing whether it's safe to do so. R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2087153002 Cr-Commit-Position: refs/heads/master@{#37168}
-
bmeurer authored
Let the SimplifiedOperatorReducer perform some strength reduction for certain CheckTaggedSigned and CheckTaggedPointer inputs (reusing the existing logic for ObjectIsSmi). R=jarin@chromium.org BUG=v8:5141 Review-Url: https://codereview.chromium.org/2080703006 Cr-Commit-Position: refs/heads/master@{#37167}
-
jarin authored
Review-Url: https://codereview.chromium.org/2084943002 Cr-Commit-Position: refs/heads/master@{#37166}
-
bmeurer authored
BUG=v8:3266, v8:3468, v8:3493, v8:5086, v8:5108 R=rtoy@chromium.org Review-Url: https://codereview.chromium.org/2086663004 Cr-Commit-Position: refs/heads/master@{#37165}
-
bmeurer authored
We cannot change x - y < 0 to x < y, because it would only be safe if x - y cannot overflow, which we don't know in general. R=jarin@chromium.org BUG=v8:5129 Review-Url: https://codereview.chromium.org/2090493002 Cr-Commit-Position: refs/heads/master@{#37164}
-
bmeurer authored
Revert of [Crankshaft] Always check for stubs marked to not require an eager frame. (patchset #2 id:20001 of https://codereview.chromium.org/2089673002/ ) Reason for revert: Breaks with nosnap: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap%20-%20debug/builds/7474/steps/Check/logs/regress-2612 Original issue's description: > [Crankshaft] Always check for stubs marked to not require an eager frame. > > Previously only stubs built in the snapshot were checked for having an > eager frame. This caused a regression to creap in on ia32 for > RegExpConstructResultStub. Change test to always check. > > Committed: https://crrev.com/f6facbb2106ffc2918dd249166233a7fa95dc449 > Cr-Commit-Position: refs/heads/master@{#37162} TBR=rmcilroy@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Review-Url: https://codereview.chromium.org/2087963004 Cr-Commit-Position: refs/heads/master@{#37163}
-
rmcilroy authored
Previously only stubs built in the snapshot were checked for having an eager frame. This caused a regression to creap in on ia32 for RegExpConstructResultStub. Change test to always check. Review-Url: https://codereview.chromium.org/2089673002 Cr-Commit-Position: refs/heads/master@{#37162}
-
v8-autoroll authored
Rolling v8/build to f56976d676dfd5597229b21a83a53a58704582bf Rolling v8/buildtools to 56eaae134648135663c4aa1ed82278572b5f35ef Rolling v8/tools/mb to 5268873c8c1eebbf1a3aaed7e63f99b600fab65e TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Review-Url: https://codereview.chromium.org/2087933004 Cr-Commit-Position: refs/heads/master@{#37161}
-
bjaideep authored
PPC/s390: [builtins] NonNumberToNumber and StringToNumber now use CallRuntime instead of TailCallRuntime Port b5c69cbf Original commit message: With the tail call, pointers to the JS heap could be pushed on a js-to-wasm frame. On the js-to-wasm frame, however, this pointer would not be updated by the GC. R=ahaas@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com BUG=617084 LOG=N Review-Url: https://codereview.chromium.org/2085183002 Cr-Commit-Position: refs/heads/master@{#37160}
-
ritesht authored
Add a flag to gate experimental support for dynamic code loading and JITing (at runtime in a wasm module). Enhancing functionality of the indirect function table to support JITing and dynamic linking by allowing additional space to be filled with an "undefined" function signature. BUG=v8:5044 LOG=N TEST=None R=mtrofin@chromium.org,bradnelson@chromium.org Review-Url: https://codereview.chromium.org/2049513003 Cr-Commit-Position: refs/heads/master@{#37159}
-
- 21 Jun, 2016 27 commits
-
-
dpranke authored
The GN configs for different optimization levels are confusing and should probably be reworked, but for now we add a special config specifically so that we can compile with -O3 when appropriate. R=brettw@chromium.org, machenbach@chromium.org BUG=616031, 618678, 621335 Review-Url: https://codereview.chromium.org/2076403002 Cr-Commit-Position: refs/heads/master@{#37158}
-
bjaideep authored
Port f47b9e98 Original commit message: This adds a new BUILTIN frame type, which supports variable number of arguments for builtins implemented in hand-written native code (we will extend this mechanism to TurboFan builtins at some point). Convert the Math.max and Math.min builtins to construct a BUILTIN frame if required. This does not yet work for C++ builtins, but that'll be the next step. R=jgruber@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com BUG=v8:4815 LOG=N Review-Url: https://codereview.chromium.org/2087433003 Cr-Commit-Position: refs/heads/master@{#37157}
-
jwolfe authored
Reland of https://codereview.chromium.org/2048703002/ Code like `let a; eval("var a;");` should throw a SyntaxError, not a TypeError (this caused a test262 failure.). However, the code `eval("function NaN() {}");` should actually throw a TypeError. This patch changes most cases of redeclaration errors from TypeError to SyntaxError. See the test mjsunit/regress/redeclaration-error-types for a thorough analysis with spec references. The relevant sections of the spec are ES#sec-globaldeclarationinstantiation and ES#sec-evaldeclarationinstantiation BUG=v8:4955 LOG=y CQ_INCLUDE_TRYBOTS=tryserver.blink:linux_blink_rel R=adamk Review-Url: https://codereview.chromium.org/2086063002 Cr-Commit-Position: refs/heads/master@{#37156}
-
rossberg authored
- Use ES6 classes and other goodies. - Make some names match design/spec. - Remove obsolete generation of END section. R=bradnelson@chromium.org BUG= Review-Url: https://codereview.chromium.org/2081973003 Cr-Commit-Position: refs/heads/master@{#37155}
-
caitpotter88 authored
Previously, an async arrow function would be parsed if any valid ConditionalExpression began with the identifier "async", and its following token was on the same line. So for example, `async.bar foo => 1` was parsed as a valid async arrow function. This patch corrects this behaviour by asserting that the following token is a valid arrow parameters start. BUG=v8:4483 R=littledan@chromium.org, henrique.ferreiro@gmail.com Review-Url: https://codereview.chromium.org/2089733002 Cr-Commit-Position: refs/heads/master@{#37154}
-
verwaest authored
BUG=chromium:595492 Review-Url: https://codereview.chromium.org/2084923003 Cr-Commit-Position: refs/heads/master@{#37153}
-
jochen authored
BUG=chromium:619166 R=verwaest@chromium.org Review-Url: https://codereview.chromium.org/2082633002 Cr-Commit-Position: refs/heads/master@{#37152}
-
balazs.kilvady authored
MIPS: Fix 'MIPS: Followup [turbofan] Introduce new operators Float32SubPreserveNan and Float64SubPreserveNan.' Port eff959bb Original commit message: Float32SubMinusZero and Float64SubMinusZero tests are failing because MIPS does not preserve NaN payload according to Wasm spec. Implemented macro-assembler methods that check for NaN operands, and return the qNaN value with preserved payload and sign bits. TEST=cctest/test-run-wasm/Run_WasmFloat32SubMinusZero, cctest/test-run-wasm/Run_WasmFloat64SubMinusZero BUG= Review-Url: https://codereview.chromium.org/2081993002 Cr-Commit-Position: refs/heads/master@{#37151}
-
nikolaos authored
R=adamk@chromium.org BUG=chromium:621111 LOG=N Review-Url: https://codereview.chromium.org/2086513002 Cr-Commit-Position: refs/heads/master@{#37150}
-
caitpotter88 authored
BUG=v8:4483 R=yangguo@chromium.org, littledan@chromium.org Review-Url: https://codereview.chromium.org/2082023002 Cr-Commit-Position: refs/heads/master@{#37149}
-
bmeurer authored
Add control dependencies to Projection and Int32Add/SubWithOverflow operators, to prevent the scheduler from moving the Projection nodes into the wrong place. This way the instruction selection can combine the Int32Add/SubWithOverflow operations with the DeoptimizeIf and/or DeoptimizeUnless nodes. This needs new operators CheckedInt32Add and CheckedInt32Sub so that we can delay the actual lowering until the effect/control linearizer. This also makes CheckIf operator obsolete, so we can drop it. R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2082993002 Cr-Commit-Position: refs/heads/master@{#37148}
-
rmcilroy authored
Adds back simple dead code elimination to the bytecode pipeline. BUG=v8:4280,chromium:616064 Review-Url: https://codereview.chromium.org/2038083002 Cr-Commit-Position: refs/heads/master@{#37147}
-
bgeron authored
Fixes bug 5128 in product V8. R=danno@chromium.org BUG= Review-Url: https://codereview.chromium.org/2087813002 Cr-Commit-Position: refs/heads/master@{#37146}
-
rmcilroy authored
Make intrinsic ids a contiguous set of ids so that the switch statement can build a table switch rather than doing a large if/else tree. BUG=v8:4822 LOG=N Committed: https://crrev.com/36abd28a8d9932eb55d7c2bf3ad5e7cfe3eb99ea Review-Url: https://codereview.chromium.org/2084623002 Cr-Original-Commit-Position: refs/heads/master@{#37135} Cr-Commit-Position: refs/heads/master@{#37145}
-
neis authored
This CL merely sets the --ignition-generators flag to true. This flag is currently only meaningful in combination with --ignition. BUG= Review-Url: https://codereview.chromium.org/2065963002 Cr-Commit-Position: refs/heads/master@{#37144}
-
rossberg authored
Implements: - WebAssembly object, - WebAssembly.Module constructor, - WebAssembly.Instance constructor, - WebAssembly.compile async method, - and Module and Instance instance objects. Also, changes ErrorThrower to support capturing errors in a promise reject. Since we cannot yet compile without fixing the Wasm memory, and cannot validate a module without compiling, the Module constructor and compile method don't do anything yet but checking that their argument is a suitable BufferSource. Instead of a compiled module, the hidden state of a Module object currently is just that buffer. BUG= Review-Url: https://codereview.chromium.org/2084573002 Cr-Commit-Position: refs/heads/master@{#37143}
-
bmeurer authored
If all uses of a CheckTaggedHole[convert-hole-to-undefined] node truncate to word32, we can replace the hole check with a Smi check and return the result as word32. R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2079233006 Cr-Commit-Position: refs/heads/master@{#37142}
-
jarin authored
Review-Url: https://codereview.chromium.org/2087693003 Cr-Commit-Position: refs/heads/master@{#37141}
-
neis authored
This runtime function now also works for Ignition generators. It returns the source position of the yield at which a suspended generator got suspended. This works by storing the current bytecode offset at suspension and using an existing mechanism to map it back to a source position. TBR=littledan@chromium.org BUG= Review-Url: https://codereview.chromium.org/2079613003 Cr-Commit-Position: refs/heads/master@{#37140}
-
machenbach authored
Revert of [heap] Avoid the use of cells to point from code to new-space objects. (patchset #7 id:120001 of https://codereview.chromium.org/2045263002/ ) Reason for revert: [Sheriff] Breaks arm debug: https://build.chromium.org/p/client.v8.ports/builders/V8%20Linux%20-%20arm%20-%20sim%20-%20debug/builds/1038 Original issue's description: > [heap] Avoid the use of cells to point from code to new-space objects. > > Cells were needed originally because there was no typed remembered set to > record direct pointers from code space to new space. A previous > CL (https://codereview.chromium.org/2003553002/) already introduced > the remembered set, this CL uses it. > > This CL > * stores direct pointers in code objects, even if the target is in new space, > * records the slot of the pointer in typed-old-to-new remembered set, > * adds a list which stores weak code-to-new-space references, > * adds a test to test-heap.cc for weak code-to-new-space references, > * removes prints in tail-call-megatest.js > > R=ulan@chromium.org > > Committed: https://crrev.com/2d2087b79a293a92a6ed34a2775e481ff2173b3c > Cr-Commit-Position: refs/heads/master@{#37134} TBR=titzer@chromium.org,ulan@chromium.org,ahaas@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Review-Url: https://codereview.chromium.org/2087463004 Cr-Commit-Position: refs/heads/master@{#37139}
-
machenbach authored
Lsan only works with x64. This broke when landing: https://codereview.chromium.org/2085513002/ BUG=616035 TBR=jochen@chromium.org, vogelheim@chromium.org, kjellander@chromium.org NOTRY=true NOTREECHECKS=true Review-Url: https://codereview.chromium.org/2086623003 Cr-Commit-Position: refs/heads/master@{#37138}
-
machenbach authored
Revert of [Interpreter] Map runtime id's to intrinsic id's in InvokeIntrinsic bytecode. (patchset #3 id:40001 of https://codereview.chromium.org/2084623002/ ) Reason for revert: [Sheriff] Breaks gc stress: https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/6304 Original issue's description: > [Interpreter] Map runtime id's to intrinsic id's in InvokeIntrinsic bytecode. > > Make intrinsic ids a contiguous set of ids so that the switch statement can build > a table switch rather than doing a large if/else tree. > > BUG=v8:4822 > LOG=N > > Committed: https://crrev.com/36abd28a8d9932eb55d7c2bf3ad5e7cfe3eb99ea > Cr-Commit-Position: refs/heads/master@{#37135} TBR=epertoso@chromium.org,oth@chromium.org,rmcilroy@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:4822 Review-Url: https://codereview.chromium.org/2085823003 Cr-Commit-Position: refs/heads/master@{#37137}
-
oth authored
Add explicit state in BytecodeSourceInfo to simplify checks for validity and whether a statement or expression position. Remove BytecodeSourceInfo::Update which inherited rules for updating source position information during bytecode building. BUG=v8:4280 LOG=N Review-Url: https://codereview.chromium.org/2048203002 Cr-Commit-Position: refs/heads/master@{#37136}
-
rmcilroy authored
Make intrinsic ids a contiguous set of ids so that the switch statement can build a table switch rather than doing a large if/else tree. BUG=v8:4822 LOG=N Review-Url: https://codereview.chromium.org/2084623002 Cr-Commit-Position: refs/heads/master@{#37135}
-
ahaas authored
Cells were needed originally because there was no typed remembered set to record direct pointers from code space to new space. A previous CL (https://codereview.chromium.org/2003553002/) already introduced the remembered set, this CL uses it. This CL * stores direct pointers in code objects, even if the target is in new space, * records the slot of the pointer in typed-old-to-new remembered set, * adds a list which stores weak code-to-new-space references, * adds a test to test-heap.cc for weak code-to-new-space references, * removes prints in tail-call-megatest.js R=ulan@chromium.org Review-Url: https://codereview.chromium.org/2045263002 Cr-Commit-Position: refs/heads/master@{#37134}
-
bmeurer authored
We need to trim the graph before we execute the MemoryOptimizer, because that just walks the effect chain from Start to End and cannot deal with dead nodes in the use lists. R=jarin@chromium.org BUG=chromium:614292 Review-Url: https://codereview.chromium.org/2080703003 Cr-Commit-Position: refs/heads/master@{#37133}
-
ahaas authored
With the tail call, pointers to the JS heap could be pushed on a js-to-wasm frame. On the js-to-wasm frame, however, this pointer would not be updated by the GC. R=bmeurer@chromium.org, v8-arm-ports@googlegroups.com, v8-mips-ports@googlegroups.com BUG=617084 TEST=mjsunit/wasm/gc-frame.js:GCInJSToWasmTest() Review-Url: https://codereview.chromium.org/2079393003 Cr-Commit-Position: refs/heads/master@{#37132}
-