- 24 Mar, 2017 6 commits
-
-
ivica.bogosavljevic authored
Port 798ffc9d TEST=mjsunit/compiler/regress-v8-6077 BUG= Review-Url: https://codereview.chromium.org/2773583003 Cr-Commit-Position: refs/heads/master@{#44086}
-
Igor Sheludko authored
The former will handle stores to global variables, lets and undeclared variables. The latter will handle named stores to explicit receiver. BUG=chromium:576312, v8:5561 Change-Id: I335fa21db47c3d001da8cc79fa8cb6f8abcbb7e2 Reviewed-on: https://chromium-review.googlesource.com/458639Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#44085}
-
bradnelson authored
Add the --fast-validate-asm option, which directs asm.js code to a new parser + validator + wasm code generator, which is then compiled using WebAssembly. This parser takes advantage of asm.js structure to linearly parse asm.js code, keeping a scope stack + a few additional tables to track varibles. BUG=v8:6090 BUG=v8:4203 R=mstarzinger@chromium.org,marja@chromium.org,vogelheim@chromium.org,kschimpf@chromium.org Review-Url: https://codereview.chromium.org/2757693003 Cr-Commit-Position: refs/heads/master@{#44084}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/4a2354d..96aa45c Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapult/+log/2038d74..5c300b0 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Change-Id: I88915820ceec01e636e888a231dd56d9c0091dac Reviewed-on: https://chromium-review.googlesource.com/458937Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#44083}
-
kozyatinskiy authored
+ added a test. BUG=none R=dgozman@chromium.org Review-Url: https://codereview.chromium.org/2743163002 Cr-Commit-Position: refs/heads/master@{#44082}
-
kozyatinskiy authored
- added InspectorTest.setupInjectedScriptEnvironment method which mutates current context, - clear prototype of InjectedScript function and domAttributesWithObservableSideEffectOnGet. Second point increases chances that injected-script-source would be successfully compiled. BUG=chromium:693338 R=dgozman@chromium.org,luoe@chromium.org Review-Url: https://codereview.chromium.org/2770823003 Cr-Commit-Position: refs/heads/master@{#44081}
-
- 23 Mar, 2017 30 commits
-
-
machenbach authored
Revert of [debug] do not report unnecessary coverage data. (patchset #4 id:60001 of https://codereview.chromium.org/2764073004/ ) Reason for revert: breaks layout tests: https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/14438 Original issue's description: > [debug] do not report unnecessary coverage data. > > Only include function ranges for with non-0 counts or if the immediate outer function has non-0 count. > > R=caseq@chromium.org, jgruber@chromium.org > BUG=v8:5808 > > Review-Url: https://codereview.chromium.org/2764073004 > Cr-Commit-Position: refs/heads/master@{#44079} > Committed: https://chromium.googlesource.com/v8/v8/+/a7577ede0b74967727895eba5e06dbe1d01fb56d TBR=caseq@chromium.org,jgruber@chromium.org,yangguo@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:5808 Review-Url: https://codereview.chromium.org/2769063004 Cr-Commit-Position: refs/heads/master@{#44080}
-
yangguo authored
Only include function ranges for with non-0 counts or if the immediate outer function has non-0 count. R=caseq@chromium.org, jgruber@chromium.org BUG=v8:5808 Review-Url: https://codereview.chromium.org/2764073004 Cr-Commit-Position: refs/heads/master@{#44079}
-
Bradley.Meck authored
There was a security issue from allowing WindowProxy to have its prototype mutated in https://bugs.chromium.org/p/chromium/issues/detail?id=399951 . This has since been resolved by making `window`, `location`, and `Object.prototype.__proto__` immutable. This change was fixed in https://bugs.chromium.org/p/v8/issues/detail?id=5149 . Reverts https://codereview.chromium.org/1529303003 R=littledan@chromium.org R=verwaest@chromium.org Review-Url: https://codereview.chromium.org/2671553006 Cr-Commit-Position: refs/heads/master@{#44078}
-
Michael Lippautz authored
BUG=chromium:651354 Change-Id: Ie9d39306c3baf2462ea5eee4f5a5ff436912744e Reviewed-on: https://chromium-review.googlesource.com/458423Reviewed-by: Hannes Payer <hpayer@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#44077}
-
skyostil authored
This patch makes Math.random() behave deterministically when a fixed random seed is provided. This is done by re-seeding the random number generator the first time a script requests a random number. Doing this ensures Math.random() returns the same sequence across page loads and across iframes. BUG=chromium:696001 Review-Url: https://codereview.chromium.org/2760393002 Cr-Commit-Position: refs/heads/master@{#44076}
-
binji authored
BUG=v8:5897 Review-Url: https://codereview.chromium.org/2741413006 Cr-Commit-Position: refs/heads/master@{#44075}
-
yangguo authored
With precise binary code coverage, the reported count is either 0 or 1. We only report 1 the first time we collect coverage data after the function has been executed. Since we do not care about the accurate execution count, we can optimize the function once it has been executed once. Also change best effort coverage to be implicitly binary. R=caseq@chromium.org, jgruber@chromium.org, pfeldman@chromium.org BUG=v8:5808 Review-Url: https://codereview.chromium.org/2766573003 Cr-Commit-Position: refs/heads/master@{#44074}
-
Toon Verwaest authored
BUG=chromium:703226 Change-Id: I2232d4a721beb35478066b25143b9635bcc6b238 Reviewed-on: https://chromium-review.googlesource.com/458429Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#44073}
-
Toon Verwaest authored
Removed the invalid DCHECKs altogether. BUG=v8:5561 Change-Id: I678b80a2f216a84333e3fe65843ca9dfc0bdf0d5 Reviewed-on: https://chromium-review.googlesource.com/458280 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#44072}
-
Michael Achenbach authored
BUG=chromium:645890 Change-Id: Iec8f473074a65abe9b4fbc968d5617038120efa5 Reviewed-on: https://chromium-review.googlesource.com/458011 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Cr-Commit-Position: refs/heads/master@{#44071}
-
sampsong authored
R=bjaideep@ca.ibm.com, jyan@ca.ibm.com, joransiu@ca.ibm.com BUG= Review-Url: https://codereview.chromium.org/2760983003 Cr-Commit-Position: refs/heads/master@{#44070}
-
jgruber authored
BUG=v8:5437 Review-Url: https://codereview.chromium.org/2766423004 Cr-Commit-Position: refs/heads/master@{#44069}
-
pierre.langlois authored
When using --trace-ignition-codegen, the name for each bytecode handler is missing. The reason is that we find the name of a bytecode by looking up the code object entry in the interpreter's dispatch table, which is not yet populated at this point. BUG= Review-Url: https://codereview.chromium.org/2771503004 Cr-Commit-Position: refs/heads/master@{#44068}
-
jgruber authored
This is just an update to reflect the current spec proposal. https://tc39.github.io/proposal-regexp-named-groups/ BUG=v8:5437 Review-Url: https://codereview.chromium.org/2769143002 Cr-Commit-Position: refs/heads/master@{#44067}
-
Michael Achenbach authored
BUG=chromium:645890 NOTRY=true TBR=jochen@chromium.org,vogelheim@chromium.org Change-Id: Id0e972bf2480dd9c48e064537090a7bd97431db1 Reviewed-on: https://chromium-review.googlesource.com/458223Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#44066}
-
ahaas authored
Stack overflow checks are typically implemented as part of the TurboFan graph of a function. This means that the stack check code is executed after frame construction. When a frame is too big, though, there may not be enough space on the stack anymore to throw the stack overflow exception after frame construction. With this CL we do an additional stack check before frame construction for functions with big frames. As discussed offline with mstarzinger, I do this change currently only for WebAssembly. This CL contains only the changes for arm. I will do the other platforms in separate CLs. R=mstarzinger@chromium.org, v8-arm-ports@googlegroups.com Review-Url: https://codereview.chromium.org/2763593002 Cr-Commit-Position: refs/heads/master@{#44065}
-
kozyatinskiy authored
BUG=none TBR=dgozman@chromium.org Review-Url: https://codereview.chromium.org/2773723002 Cr-Commit-Position: refs/heads/master@{#44064}
-
ahaas authored
When available, we use the NEON instructions vld1.8 and vst1.8 to implement unaligned loads and stores of float64 values. R=bmeurer@chromium.org, v8-arm-ports@googlegroups.com Review-Url: https://codereview.chromium.org/2769723003 Cr-Commit-Position: refs/heads/master@{#44063}
-
Michael Starzinger authored
R=machenbach@chromium.org BUG=v8:6127 Change-Id: Iced2bd9e71006077aca4bd1de8dd14b6c771ec86 Reviewed-on: https://chromium-review.googlesource.com/458222Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#44062}
-
bradnelson authored
BUG=v8:6090 R=marja@chromium.org Review-Url: https://codereview.chromium.org/2769013002 Cr-Commit-Position: refs/heads/master@{#44061}
-
Toon Verwaest authored
BUG=v8:5561 Change-Id: I3f8bac0083e22066ee26f4bfeae5a16f81654a91 Reviewed-on: https://chromium-review.googlesource.com/458424Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#44060}
-
Clemens Hammacher authored
This CL adds support for indirect function calls to the interpreter. It can indirectly call other wasm function in the same instance, which are then executed in the interpreter, or call imported functions. Implementing this required some refactoring: - The wasm interpreter now unwraps import wrappers on demand, instead of unwrapping all of them on instantiation and storing a vector of handles. This also avoids the DeferredHandleScope completely, instead we just store two global handles in the code map. - The interpreter gets the code table, function tables and signature tables directly from the attached wasm instance object. This ensures that the interpreter sees all updates to tables that might have been performed by external code. - There is now common functionality for calling a code object. This is used for direct calls to imported functions and for all indirect calls. As these code objects can also be wasm functions which should be executed in the interpreter itself, I introduce a struct to hold the outcome of calling the code object, or a pointer to InterpreterCode to be called in the interpreter. R=ahaas@chromium.org BUG=v8:5822 Change-Id: I20fb2ea007e79e5fcff9afb4b1ca31739ebcb83f Reviewed-on: https://chromium-review.googlesource.com/458417 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#44059}
-
Toon Verwaest authored
BUG=v8:5561 Change-Id: I90f59b53dbf832571aef7fa07694abfddf53b7f6 Reviewed-on: https://chromium-review.googlesource.com/458200 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#44058}
-
Wiktor Garbacz authored
It was removed so that Parser::DeserializeScopeChain does not have to get it from ParseInfo. Only a small step in direction of removing isolate from ParseInfo. BUG=v8:6093 Change-Id: Iaaf92dc6eb5ec9c4efc05ac73666fbc66e0ed8c1 Reviewed-on: https://chromium-review.googlesource.com/457999 Commit-Queue: Wiktor Garbacz <wiktorg@google.com> Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Jochen Eisinger <jochen@chromium.org> Cr-Commit-Position: refs/heads/master@{#44057}
-
ulan authored
Revert of [heap] Simplify clearing of normalized map caches. (patchset #1 id:1 of https://codereview.chromium.org/2745183002/ ) Reason for revert: https://bugs.chromium.org/p/v8/issues/detail?id=6135 Original issue's description: > [heap] Simplify clearing of normalized map caches. > > Currently the incremental marking visitor treats elements of normalized > map caches weakly by coloring the caches grey without pusing to marking > deque. > > The mark-compact prologue then clears all normalized map caches. > > We can achieve similar effect by just clearing the caches in the marking > visitor. > > BUG=chromium:694255 > > Review-Url: https://codereview.chromium.org/2745183002 > Cr-Commit-Position: refs/heads/master@{#43941} > Committed: https://chromium.googlesource.com/v8/v8/+/3d68306c71b17ebcb306b4e2ed8cae110c52229c TBR=hpayer@chromium.org,verwaest@chromium.org # Not skipping CQ checks because original CL landed more than 1 days ago. BUG=chromium:694255 Review-Url: https://codereview.chromium.org/2771703003 Cr-Commit-Position: refs/heads/master@{#44056}
-
Michael Starzinger authored
This adds a --stress-validate-asm flag intended to stress test the validator by running against every single function, independent of whether a "use asm" directive is present. It mainly tests negative cases because barely any function in our test corpus will be a valid module according to the asm.js spec. R=bradnelson@chromium.org BUG=v8:6127 Change-Id: Id04b0440628134d4e81c9bb4d71039f940fc9a83 Reviewed-on: https://chromium-review.googlesource.com/457039Reviewed-by: Brad Nelson <bradnelson@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#44055}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/a53333d..4a2354d Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapult/+log/8cbbd7f..2038d74 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Change-Id: I3363a0fa2ce1c5021029dea2a8dab2eee7cf2454 Reviewed-on: https://chromium-review.googlesource.com/458119Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#44054}
-
mtrofin authored
APIs and trivial implementation, to unblock Chrome side dev. BUG=chromium:697028 Review-Url: https://codereview.chromium.org/2763413003 Cr-Commit-Position: refs/heads/master@{#44053}
-
Aleksey Kozyatinskiy authored
This reverts commit e35ec4a7. Reason for revert: crash on WebKit Mac10.11 (dbg). Original change's description: > [ic] General cleanup after moving more ICs to data handlers > > BUG=v8:5561 > > Change-Id: Ibc64f2a42089b40a605313a5f24b1da85722fde8 > Reviewed-on: https://chromium-review.googlesource.com/457370 > Commit-Queue: Toon Verwaest <verwaest@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Cr-Commit-Position: refs/heads/master@{#44005} TBR=ishell@chromium.org,verwaest@chromium.org,v8-reviews@googlegroups.com NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:5561 Change-Id: I2000ba48b2165e26a48f3e02259e054b40c50704 Reviewed-on: https://chromium-review.googlesource.com/457788Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Cr-Commit-Position: refs/heads/master@{#44052}
-
Igor Sheludko authored
BUG=v8:6116 Change-Id: I4e521d2fb3964e0d3615ef1deea6b3418fc77c50 Reviewed-on: https://chromium-review.googlesource.com/458400 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#44051}
-
- 22 Mar, 2017 4 commits
-
-
jwolfe authored
Move ICU case conversion utility functions to a common location. BUG=v8:5751 CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_noi18n_rel_ng Review-Url: https://codereview.chromium.org/2728763006 Cr-Commit-Position: refs/heads/master@{#44050}
-
Caitlin Potter authored
The AssignmentExpressions can legally contain destructuring assignments. BUG=v8:6098 R=marja@chromium.org, adamk@chromium.org Change-Id: I99b3a0f4c8d103edfb1dda943ec3e2ab2a5969f7 Reviewed-on: https://chromium-review.googlesource.com/455221 Commit-Queue: Caitlin Potter <caitp@igalia.com> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#44049}
-
kozyatinskiy authored
These JS objects don't have size property. BUG=none R=dgozman@chromium.org,luoe@chromium.org Review-Url: https://codereview.chromium.org/2770583002 Cr-Commit-Position: refs/heads/master@{#44048}
-
gdeepti authored
Current implementation of the pextrw instruction is the legacy SSE2 instruction in the assembler (66 0F C5), and SSE4 implementation(66 0F 3A 15) in disasm-x64.cc, this causes incorrect instruction encodings to be printed when using --print-code flag for debug, in this case, causes over flow of bytes, and subsequent instructions to be incorrectly disassembled. Fixing to use SSE4 encodings in the assembler cosistent with pextrb, pextrd. R=bbudge@chromium.org, mtrofin@chromium.org Review-Url: https://codereview.chromium.org/2771513002 Cr-Commit-Position: refs/heads/master@{#44047}
-