- 07 Jun, 2017 13 commits
-
-
Ulan Degenbaev authored
This patch also changes String body descriptor to use synchronized length and adds atomic live_bytes accessor. BUG=chromium:694255 Change-Id: I41233b2097ec5c6a4ea2c45d4b8febf7ffca155e Reviewed-on: https://chromium-review.googlesource.com/527093Reviewed-by: Hannes Payer <hpayer@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#45761}
-
Ross McIlroy authored
Adds support for Speculatively lower ToPrimitiveToString to CheckString where the type hint shows the value has always been a string. BUG=v8:6243 Change-Id: I7f36deb8c2bc309e6d0546e099c76ac518c6be09 Reviewed-on: https://chromium-review.googlesource.com/521123 Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#45760}
-
Jakob Kummerow authored
When the slow path for Array.prototype.indexOf calls a Proxy's "has" trap, it must check afterwards whether an exception was thrown. BUG=chromium:728813 Change-Id: I998bba6ddcd65adfed2eefb63b3285da60d2a43c Reviewed-on: https://chromium-review.googlesource.com/527173Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#45759}
-
Michael Starzinger authored
This removes the test suite variant for stressing Crankshaft from the list of supported variants. Other stress variants remain untouched. R=machenbach@chromium.org Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng Change-Id: Iad236c2b80a1dea21b8be9b931e6a4e88f3ebcc5 Reviewed-on: https://chromium-review.googlesource.com/527094Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#45758}
-
Mythri authored
This cl: https://chromium-review.googlesource.com/509613 changed CheckNotTaggedHole to not produce any value output. This would mean that in some cases, we could leak hole on value edges. This violates the assumption that we cannot see a hole on several operators. Fixing this back to the original state. Bug: chromium:730254 Change-Id: I3512930e88dbe15e9d9b4b0d276868f354cc2ae2 Reviewed-on: https://chromium-review.googlesource.com/527033Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#45757}
-
Ross McIlroy authored
Adds support for lowering of ToPrimitiveToString and StringConcat bytecodes to the corresponding builtins. As part of this, moves the interpreter implementation of these operations into the appropriate builtin generators and add builtin support for them. Also adds TailCallRuntimeN operator to code-assembler which enables tail calling a runtime function when the arguments have already been pushed onto the stack. BUG=v8:6243 Change-Id: Id5c851bc42e4ff490d9a23a8990ae331c7eac73e Reviewed-on: https://chromium-review.googlesource.com/515362 Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#45756}
-
martyn.capewell authored
NEON loads and stores need notifiers for the local and global memory access monitors. Add these whilst removing the address argument from the notifier, making implementation simpler. BUG= Review-Url: https://codereview.chromium.org/2916853002 Cr-Commit-Position: refs/heads/master@{#45755}
-
Andreas Haas authored
The old implementation of Table.Set in wasm-js.cc accessed information which should be hidden from this level of abstraction, e.g. the internal structure of a WasmTableObject. With this CL, all that is done in wasm-js.cc is the extraction of parameters. The actual logic is happening in wasm-module.{h|cc}. This CL will also make refactoring wasm-module.cc easier. R=clemensh@chromium.org, mtrofin@chromium.org Change-Id: Ifbce6f739459dffc9f9d47e4cd8227638867f3e9 Reviewed-on: https://chromium-review.googlesource.com/525694 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#45754}
-
bmeurer authored
R=jarin@chromium.org, jkummerow@chromium.org Review-Url: https://codereview.chromium.org/2923983002 Cr-Commit-Position: refs/heads/master@{#45753}
-
jgruber authored
It's possible to build circular objects through the reviver function in JSON.parse. Recursion needs to check for stack overflows and throw as needed. BUG=chromium:729671 Change-Id: I52ccd9ed9fea5829810879f8dd8207043fa6d910 Reviewed-on: https://chromium-review.googlesource.com/525812 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#45752}
-
bmeurer authored
The inlining of Function.prototype.bind can lead to escape analyzed bound functions, which weren't handled by the Deoptimizer previously. BUG=chromium:729573 R=jarin@chromium.org,cbruni@chromium.org Review-Url: https://codereview.chromium.org/2931483003 Cr-Commit-Position: refs/heads/master@{#45751}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/cd94ef8..d122cd7 Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapult/+log/e7bf345..3919ea6 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Change-Id: I4f37b8a4bafb117002e6d8b5acc216835428b64c Reviewed-on: https://chromium-review.googlesource.com/526992Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#45750}
-
dgozman authored
... as opposite to a global per-isolate one. Also streamlined multiple checks into a single acceptsPause() method. BUG=chromium:590878 Review-Url: https://codereview.chromium.org/2925903002 Cr-Commit-Position: refs/heads/master@{#45749}
-
- 06 Jun, 2017 27 commits
-
-
sampsong authored
BUG= R=bjaideep@ca.ibm.com, jyan@ca.ibm.com, joransiu@ca.ibm.com, machenbach@chromium.org, rossberg@chromium.org Review-Url: https://codereview.chromium.org/2921293002 Cr-Commit-Position: refs/heads/master@{#45748}
-
dgozman authored
... when trying to resume or step. BUG=none Review-Url: https://codereview.chromium.org/2923243002 Cr-Commit-Position: refs/heads/master@{#45747}
-
Alexey Kozyatinskiy authored
Bug: v8:6197 Change-Id: I7b9e6d0979630dfd1ce5ee7f23f715cdb2f51802 R: dgozman@chromium.org Reviewed-on: https://chromium-review.googlesource.com/524045Reviewed-by: Dmitry Gozman <dgozman@chromium.org> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Cr-Commit-Position: refs/heads/master@{#45746}
-
ulan authored
TBR=hpayer@chromium.org BUG=chromium:729868,chromium:729521 CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_rel_ng Review-Url: https://codereview.chromium.org/2929463002 Cr-Commit-Position: refs/heads/master@{#45745}
-
Igor Sheludko authored
Properly propagate the fact that the function has a statically known name from parser to SharedFunctionInfo objects. The empty string that has been set as name before this CL does not help to distinguish cases like: var o1 = { ''(){} }; var o1 = { [foo()](){} }; or var o2 = { get ''(){} }; var o2 = { get [foo()](){} }; This is a preliminary step for using different layouts for closure objects with and without computed names. TBR=bmeurer@chromium.org, marja@chromium.org Bug: v8:6459 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I10afa6f4bda7881c3714711a75f720f83c1d875d Reviewed-on: https://chromium-review.googlesource.com/522073 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#45744}
-
kschimpf authored
Fixes issues raised in CL https://codereview.chromium.org/2887193002. That is: 1) Remove using mutex in Isolate::InitializeCounters(). 2) Use counters_shared_.get() instead of counters_ (and hence, also remove field counters_). BUG=v8:6361 Review-Url: https://codereview.chromium.org/2919953003 Cr-Commit-Position: refs/heads/master@{#45743}
-
dgozman authored
Found multiple issues (added TODOs for them): - isPaused() check is global, so one can resume from another session/context group without receiving 'paused' notification; - setBreakpointsActive flag is global affecting all sessions and context groups; - max async call stack depth is global, and should be per context group. BUG=chromium:590878 Review-Url: https://codereview.chromium.org/2921373002 Cr-Commit-Position: refs/heads/master@{#45742}
-
Daniel Vogelheim authored
R=marja@chromium.org CC=adamk@chromium.org Bug=v8:6401 Change-Id: Iac47c149d8c9136f4d0f5ef9844d2eaa95c2e497 Reviewed-on: https://chromium-review.googlesource.com/508696 Commit-Queue: Daniel Vogelheim <vogelheim@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#45741}
-
Sathya Gunasekaran authored
OrderedHashSet doesn't need a ::Get, so we can move it to OrderedHashMap. Bug: v8:5717 Change-Id: I9606d8c4608473f9daecf8a87b4dd2e3b9570246 Reviewed-on: https://chromium-review.googlesource.com/522348Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#45740}
-
Clemens Hammacher authored
The regression is already fixed. This just adds a regression test to ensure it will never be reintroduced. R=ahaas@chromium.org BUG=chromium:729991 Change-Id: I5cf960cc756cbb7723041bc06a78d6a14c66e241 Reviewed-on: https://chromium-review.googlesource.com/525538Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#45739}
-
Franziska Hinkelmann authored
There's no point in using our own implemention of List for this. Bug:v8:6325 Change-Id: Ibe9a5c65df3c9ae577ece93616bcfa47f332c212 Reviewed-on: https://chromium-review.googlesource.com/489542Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Daniel Clifford <danno@chromium.org> Commit-Queue: Franziska Hinkelmann <franzih@chromium.org> Cr-Commit-Position: refs/heads/master@{#45738}
-
jgruber authored
This CL implements general infrastructure for block coverage together with initial support for if-statements. Coverage output can be generated in lcov format by d8 as follows: $ d8 --block-coverage --lcov=$(echo ~/simple-if.lcov) ~/simple-if.js $ genhtml ~/simple-if.lcov -o ~/simple-if $ chrome ~/simple-if/index.html A high level overview of the implementation follows: The parser now collects source ranges unconditionally for relevant AST nodes. Memory overhead is very low and this seemed like the cleanest and simplest alternative. Bytecode generation uses these ranges to allocate coverage slots and insert IncBlockCounter instructions (e.g. at the beginning of then- and else blocks for if-statements). The slot-range mapping is generated here and passed on through CompilationInfo, and is later accessible through the SharedFunctionInfo. The IncBlockCounter bytecode fetches the slot-range mapping (called CoverageInfo) from the shared function info and simply increments the counter. We don't collect native-context-specific counts as they are irrelevant to our use-cases. Coverage information is finally generated on-demand through Coverage::Collect. The only current consumer is a d8 front-end with lcov-style output, but the short-term goal is to expose this through the inspector protocol. BUG=v8:6000 CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_rel_ng Review-Url: https://codereview.chromium.org/2882973002 Cr-Commit-Position: refs/heads/master@{#45737}
-
dgozman authored
Revert of [inspector] Test how Profiler interacts with multiple sessions (patchset #3 id:30001 of https://codereview.chromium.org/2920313002/ ) Reason for revert: DCHECKS triggering in debug build. Original issue's description: > [inspector] Test how Profiler interacts with multiple sessions > > BUG=chromium:590878 > > Review-Url: https://codereview.chromium.org/2920313002 > Cr-Original-Commit-Position: refs/heads/master@{#45715} > Committed: https://chromium.googlesource.com/v8/v8/+/754f81e20e9e7abfb3ce82e73a3389a72f4657a6 > Review-Url: https://codereview.chromium.org/2920313002 > Cr-Commit-Position: refs/heads/master@{#45717} > Committed: https://chromium.googlesource.com/v8/v8/+/679604bdd2991a19cadf7ab5c462fc6f368f32fc TBR=alph@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=chromium:590878 Review-Url: https://codereview.chromium.org/2926533003 Cr-Commit-Position: refs/heads/master@{#45736}
-
georgia.kouveli authored
Inline SMI checks in ICs are performed with a TBZ/TBNZ instruction, which has a 32 kB range. To allow patching the SMI check, the location of the TBZ/TBNZ instruction is stored after the call to the IC using a MOVZ instruction, in particular using 11 bits of the immediate (so the number of instructions between the inline data and the SMI check must be encodable in 11 bits). To make sure we do not exceed these ranges, we need to block pool emission between the check, the patch info, and the label the check branches to. BUG= Review-Url: https://codereview.chromium.org/2917403002 Cr-Commit-Position: refs/heads/master@{#45735}
-
jarin authored
This takes into account the type of the type guard when choosing representation for a node. To make the representation changes unambiguous, we pass the restricted type to the changer. BUG=chromium:726554 Review-Url: https://codereview.chromium.org/2920193004 Cr-Commit-Position: refs/heads/master@{#45734}
-
Ulan Degenbaev authored
This reverts commit 0d06e42b. Reason for revert: clusterfuzz and canary crashes. BUG=chromium:729209,v8:6456 Original change's description: > [heap] Use partial free when shrinking instead of uncommitting > > This fixes the counter inconsistencies while leaving the memory in an > inaccessible state. > > Bug: chromium:724947 > Change-Id: I431eb6fda84922a52dfb9380c6b482ada55bccee > Reviewed-on: https://chromium-review.googlesource.com/519164 > Commit-Queue: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Hannes Payer <hpayer@chromium.org> > Cr-Commit-Position: refs/heads/master@{#45647} TBR=hpayer@chromium.org,mlippautz@chromium.org # Not skipping CQ checks because original CL landed > 1 day ago. Bug: chromium:724947 Change-Id: I6c52b478b89a858ba984fe17f86cdf15fcfa974c Reviewed-on: https://chromium-review.googlesource.com/525716Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#45733}
-
bmeurer authored
Previously Ignition would collect precise Number feedback for binary operators, but TurboFan would just ignore that and treat it the same as NumberOrOddball. That however generates a lot of unnecessary code, plus it defeats redundancy elimination if the same input is also used by compare operations, which do properly distinguish feedback Number and NumberOrOddball. This CL adds the missing bits to connect the existing functionality properly, i.e. adding the missing BinaryOperationHint and using the NumberOperationHint::kNumber in the representation selection for tagged inputs. R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2923543003 Cr-Commit-Position: refs/heads/master@{#45732}
-
Ulan Degenbaev authored
The boundary cells of the mark-bitmap can be access concurrently, so they need to be updated with atomic CAS. BUG=chromium:694255 Change-Id: Ibe85f00c8b4ccc61edc43b400c5b08a6d0ba620e Reviewed-on: https://chromium-review.googlesource.com/521103 Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/master@{#45731}
-
Igor Sheludko authored
... by using CSA::Word32BinaryNot() instead. Change-Id: I04e2ceafc205d5667b92cfa276faed741ad3a917 Reviewed-on: https://chromium-review.googlesource.com/525695Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#45730}
-
Daniel Ehrenberg authored
Change-Id: Ibd0cfc0c03b94ed6e15c6496cf16d9059447467c Reviewed-on: https://chromium-review.googlesource.com/525472Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Daniel Ehrenberg <littledan@chromium.org> Cr-Commit-Position: refs/heads/master@{#45729}
-
Jakob Kummerow authored
BUG=chromium:713699 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: Ibe30fe7922a421af1596070fde4519bd2f870c4e Reviewed-on: https://chromium-review.googlesource.com/525535 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#45728}
-
bmeurer authored
When optimizing stores to data properties in literals, we need to first migrate deprecated maps before we lookup the property access infos for those. BUG=chromium:724608 R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2930433003 Cr-Commit-Position: refs/heads/master@{#45727}
-
hpayer authored
BUG=chromium:728228 CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_rel_ng Review-Url: https://codereview.chromium.org/2921883002 Cr-Commit-Position: refs/heads/master@{#45726}
-
Marja Hölttä authored
This reverts commit 7fa071a4. Reason for revert: https://bugs.chromium.org/p/chromium/issues/detail?id=729482 Original change's description: > Reland [parser] Refactor streaming scanner streams. > > Unify, simplify logic, reduce UTF8 specific handling. > > Intend of this is also to have stream views. > Stream views can be used concurrently by multiple threads, but > only one thread may fetch new data from the underlying source. > This together with unified stream view creation is intended to be > used for parse tasks. > > BUG=v8:6093 > > Change-Id: I3bce48185fa2c986d16619a9a8ece3ff4c4f5e60 > Reviewed-on: https://chromium-review.googlesource.com/509489 > Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> > Reviewed-by: Marja Hölttä <marja@chromium.org> > Commit-Queue: Wiktor Garbacz <wiktorg@google.com> > Cr-Commit-Position: refs/heads/master@{#45688} TBR=marja@chromium.org,vogelheim@chromium.org,wiktorg@google.com # Not skipping CQ checks because original CL landed > 1 day ago. BUG=v8:6093 Change-Id: Iefa7c43a2f6ae3a7f3ef0f77d87b6ae36ae4be99 Reviewed-on: https://chromium-review.googlesource.com/525712Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#45725}
-
jgruber authored
Runtime::kStringSplit's result caching is only enabled when limit equals kMaxUInt32. BUG=v8:6463 Review-Url: https://codereview.chromium.org/2923183002 Cr-Commit-Position: refs/heads/master@{#45724}
-
jarin authored
This avoids write barrier when writing smis to tagged fields. This includes writing to contexts, see example below: var f = (function() { var i = 0; return function f() { return i++; // Write barrier when writing to context. } })(); f(); f(); %OptimizeFunctionOnNextCall(f); f(); Review-Url: https://codereview.chromium.org/2925793002 Cr-Commit-Position: refs/heads/master@{#45723}
-
Daniel Ehrenberg authored
Change-Id: I865d7d4d4d88997127771b10449d1b794264e252 CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux_noi18n_rel_ng NOTREECHECKS=true Change-Id: I865d7d4d4d88997127771b10449d1b794264e252 Reviewed-on: https://chromium-review.googlesource.com/524047 Commit-Queue: Daniel Ehrenberg <littledan@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#45722}
-