- 03 Apr, 2017 2 commits
-
-
pierre.langlois authored
The "perf inject" command will place the generated function into a .text section, placed directly after the ELF header. As a result, source position addresses need to be adjusted according to the size of the ELF header, which is 0x40 for 64 bit architectures and 0x34 on 32 bit architectures. We would previously adjust the addresses with 0x40 regardless of the architecture. BUG= Review-Url: https://codereview.chromium.org/2783203005 Cr-Commit-Position: refs/heads/master@{#44325}
-
jgruber authored
Previously, named captures (and related functionality) were restricted to unicode-mode regexps. This CL extends that support to non-unicode patterns. Named groups are supported regardless of the mode, and named back-references are supported if the regexp is in unicode mode or if it contains a named capture (otherwise '\k' is treated as an identity escape). BUG=v8:5437,v8:6192 Review-Url: https://codereview.chromium.org/2788873002 Cr-Commit-Position: refs/heads/master@{#44324}
-
- 02 Apr, 2017 1 commit
-
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/6491c78..e00daf3 Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapult/+log/93bc1a8..6b686d1 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Change-Id: I7f29f3db5f477e88950fa55fc334bd43b9f2f412 Reviewed-on: https://chromium-review.googlesource.com/465567Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#44323}
-
- 01 Apr, 2017 3 commits
-
-
cwhan.tunz authored
- Implement %TypedArray%.prototype.slice to C++ builtins - Remove TypedArraySlice in src/js/typedarray.js - Implement TypedArraySpeciesCreate in builtins-typedarray.cc - Implement TypedArrayCreate in builtins-typedarray.cc BUG=v8:5929 Review-Url: https://codereview.chromium.org/2763473002 Cr-Commit-Position: refs/heads/master@{#44322}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/673a8f4..6491c78 Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapult/+log/b13bd47..93bc1a8 Rolling v8/third_party/instrumented_libraries: https://chromium.googlesource.com/chromium/src/third_party/instrumented_libraries/+log/48dcb2c..61065eb TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Change-Id: I250016d204248badff52d7e29a4b466e52d20a06 Reviewed-on: https://chromium-review.googlesource.com/465726Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#44321}
-
jbroman authored
This was missed when Latin-1 encoding replaced UTF-8 encoding when one-byte strings (like most keys) are serialized. BUG=chromium:686159 Review-Url: https://codereview.chromium.org/2784423002 Cr-Commit-Position: refs/heads/master@{#44320}
-
- 31 Mar, 2017 34 commits
-
-
gdeepti authored
BUG=chromium:702460 R=mtrofin@chromium.org, bbudge@chromium.org Review-Url: https://codereview.chromium.org/2794693002 Cr-Commit-Position: refs/heads/master@{#44319}
-
kschimpf authored
Records histogram of ArrayBuffer/SharedArrayBuffer new allocations that failed because it couldn't allocate space for the buffer. Histogram is based on the buffer size requested. This counter is intended to give some clue as to how often, and what sizes are being requested. Unfortunately, the how often can't be answered with the current counter. The problem is that V8 doesn't currently support this possibility yet. Hence, for now, introducing a counter that at least counts the number/size of failing requests. BUG=chromium:704922 R=bbudge@chromium.org,bradnelson@chromium.org,mtrofin@chromium.org Review-Url: https://codereview.chromium.org/2786913004 Cr-Commit-Position: refs/heads/master@{#44318}
-
kschimpf authored
Adds a counter for large array buffers. Used to give an indication of how common large array buffers are allocated in V8. For the moment, we assume a 1Mb cutoff for the notion of large array buffers. We also use log2(length) to cleanly bucket sizes into a histogram. BUG=chromium:704922 R=bbudge@chromium.org,bradnelson@chromium.org,mtrofin@chromium.org Review-Url: https://codereview.chromium.org/2792623002 Cr-Commit-Position: refs/heads/master@{#44317}
-
bmeurer authored
Currently x instanceof RegExp checks cannot take the fast path, since the RegExp constructor has dictionary properties. To avoid that, just forcibly migrate the RegExp constructor to fast properties again once it's fully setup in the bootstrapper. This yields a 10x improvement for x instanceof RegExp checks. R=yangguo@chromium.org BUG=v8:5902 Review-Url: https://codereview.chromium.org/2786143004 Cr-Commit-Position: refs/heads/master@{#44316}
-
bjaideep authored
Port 776d89f9 Original Commit Message: Rewrite returns in derived constructors to only replace undefined with this, and otherwise just return the value, and let the construct stub builtin throw an exception if the result is a primitive instead of a JSReceiver. R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG=chromium:706642 LOG=N Review-Url: https://codereview.chromium.org/2786413003 Cr-Commit-Position: refs/heads/master@{#44315}
-
kschimpf authored
Looking at UMA results, we are getting a fair number of modules with more than 10,000 functions (5.2%) that are being lumped into the maximal entry. To get more visibility into what values are being lumped, this CL lifts the maximum to 100,000. BUG=chromium:704922 R=bbudge@chromium.org,bradnelson@chromium.org Review-Url: https://codereview.chromium.org/2787163002 Cr-Commit-Position: refs/heads/master@{#44314}
-
kschimpf authored
Looking at UMA results, we are geting a number of instantiations (4%) that are being lumped into the 1 second (plus) maximum entry. To get more visibility into the values in this bucket, this CL lift the maximun to 10 seconds. BUG=chromium:704922 R=bbudge@chromium.org,bradnelson@chromium.org Review-Url: https://codereview.chromium.org/2780353004 Cr-Commit-Position: refs/heads/master@{#44313}
-
kschimpf authored
Looking at UMA results, we are getting a lot of compilations (over 5%) that are being lumped into the 1 second (plus) maximum entry. To get more visibility into this, this CL lifts the maxiumum to 10 seconds. BUG=chromium:704922 R=bbudge@chromium.org,bradnelson@chromium.org Review-Url: https://codereview.chromium.org/2785313002 Cr-Commit-Position: refs/heads/master@{#44312}
-
jgruber authored
Fixes a crash found by clusterfuzz caused by a call to std::vector::reserve with a huge capacity, and reverts to ZoneList handling as a tentative fix for performance regressions on the slow @@replace path. BUG=chromium:707187,chromium:706748,v8:5437 Review-Url: https://codereview.chromium.org/2787343002 Cr-Commit-Position: refs/heads/master@{#44311}
-
jyan authored
some arch like s390 has native instr can benefit from this. see ~10% improvement on MathAbs on s390 Review-Url: https://codereview.chromium.org/2785773002 Cr-Commit-Position: refs/heads/master@{#44310}
-
tebbi authored
R=bmeuerer@chromium.org Review-Url: https://codereview.chromium.org/2789713003 Cr-Commit-Position: refs/heads/master@{#44309}
-
Ross McIlroy authored
Check that a register used as a local is within the bytecode array's local count. BUG=chromium:706234 Change-Id: I51f6a0a8be065b93b9a4e1dca623e98c51685b51 Reviewed-on: https://chromium-review.googlesource.com/464768Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#44308}
-
machenbach authored
This reverts commit 4506382d. We don't allow DEPS'ing things outside googlesource. This requires a mirror. Also .gitignore entry is missing. NOTRY=true NOTREECHECKS=true NOPRESUBMIT=true TBR=bmeurer@chromium.org Review-Url: https://codereview.chromium.org/2785183005 Cr-Commit-Position: refs/heads/master@{#44307}
-
martyn.capewell authored
Add assembler, disassembler and simulator support for NEON in the ARM64 backend. BUG= Review-Url: https://codereview.chromium.org/2622643005 Cr-Commit-Position: refs/heads/master@{#44306}
-
bmeurer authored
R=jarin@chromium.org BUG=v8:5267,v8:6181 Review-Url: https://codereview.chromium.org/2792553002 Cr-Commit-Position: refs/heads/master@{#44305}
-
Peter Marshall authored
This CL uses the same logic as spread calls to check whether the iteration over an array would produce different results to simply accessing the backing store directly. Skipping the full iteration protocol for normal arrays gives us a ~10x speedup on the construct-typedarray benchmark. BUG=v8:5977,v8:5699,v8:4782,chromium:698173 Change-Id: Ib878d39691e99b739afef0dd05a6a6efc5b6b5d4 Reviewed-on: https://chromium-review.googlesource.com/463367Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#44304}
-
jgruber authored
Numbered back-references that occur before the referenced capture trigger an internal mini-parser that looks ahead in the pattern and counts capturing groups. This updates the mini-parser to correctly handle named captures. BUG=v8:5437 Review-Url: https://codereview.chromium.org/2792523002 Cr-Commit-Position: refs/heads/master@{#44303}
-
hpayer authored
Revert of [heap] Take page lock when scavenging old to new references in Scavenger. (patchset #2 id:20001 of https://codereview.chromium.org/2781363002/ ) Reason for revert: This results in a deadlock when the scavenger decides to perform sweeping and re-grabs the same mutex. Original issue's description: > [heap] Take page lock when scavenging old to new references in Scavenger. > > BUG=v8:5807 > > Review-Url: https://codereview.chromium.org/2781363002 > Cr-Commit-Position: refs/heads/master@{#44268} > Committed: https://chromium.googlesource.com/v8/v8/+/4024e6a1bb0b803a5cd16fcd11f39cc305b943c6 TBR=ulan@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:5807 Review-Url: https://codereview.chromium.org/2786313003 Cr-Commit-Position: refs/heads/master@{#44302}
-
Peter Marshall authored
The last CL https://chromium-review.googlesource.com/c/456707/ caused some pretty heavy performance regressions. After experimenting, it seems the easiest and most straight-forward way to copy the elements into the new typed array is to do it in JS. Adds a fast path for typed arrays, where the source typed array has the same elements kind, in which case we can just copy the backing store using memcpy. This CL also removes regression test 319120 which is from a pwn2own vulnerability. The old code path enforced a maximum byte_length that was too low, which this change removes. The length property of the typed array must be a Smi, but the byte_length, which can be up to 8x larger than length for a Float64Array, can be a heap number. We can also re-use some of the logic from ConstructByLength when deciding whether to allocate the buffer on- or off-heap, so that is factored out into InitializeBasedOnLength. We can also re-use the DoInitialize helper instead of calling into the runtime, meaning we can remove InitializeFromArrayLike. BUG=v8:5977,chromium:705503,chromium:705394 Change-Id: I63372652091d4bdf3a9491acef9b4e3ac793a755 Reviewed-on: https://chromium-review.googlesource.com/459621Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#44301}
-
Andreas Haas authored
The original CL was reverted because regression test used i18n stuff, which was not available in the no-i18n bot. The regression test turned out to be flaky, because I cannot even reproduce the crash now without the fix. I think the reason is that for the crash to happen a stack check has to fail within the rejection of a promise. Small changes can cause the stack check to fail somewhere else. Investigations showed though that the crash should still be possible. I propose therefore to land the fix now without the regression test. Original message: We check that if we do not get a result, or if we get a negative result, then there has to be a scheduled exception. R=clemensh@chromium.org BUG=chromium:704127 Change-Id: Iaf355249686412a636074a476687413b621aac68 Reviewed-on: https://chromium-review.googlesource.com/464846Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#44300}
-
Franziska Hinkelmann authored
Add the source position to variables if they are parameters. Collect type information for parameters and return values. Index the types by their corresponding source position. For the types of return values, use the function end as source position. Sample output for a function with 2 parameters (at source position 252 and 258, and function end at 443) ************* Function: testFunction 252: Object number string number 258: undefined boolean undefined undefined 443: Object number string number ************* BUG=v8:5933 Change-Id: I3b8749afcac706c1834146abf1b5b4a3fd130fb6 Reviewed-on: https://chromium-review.googlesource.com/461919Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Franziska Hinkelmann <franzih@chromium.org> Cr-Commit-Position: refs/heads/master@{#44299}
-
Michael Starzinger authored
This fixes printing of {CallRuntime} nodes that are backed by JavaScript functions. Issues with the printing that was in place: - Crash because it was accessing {context} instead of {native_context} - Printout was not comparable, raw heap pointer different between runs R=bmeurer@chromium.org Change-Id: I941944b46550bd908ec14a324bc255d6c8f96fbe Reviewed-on: https://chromium-review.googlesource.com/464766Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#44298}
-
Clemens Hammacher authored
grow_memory was working from test cases, but not in combination with compiled code. This CL makes the effect of grow_memory executed either in the interpreter or compiled code always be reflected in both execution environments. It also adds a %RedirectToWasmInterpreter runtime function for testing this interaction. R=ahaas@chromium.org CC=gdeepti@chromium.org BUG=v8:5822 Change-Id: I3e7c184c42ef655d1c30d2e0dddad7fb783455fc Reviewed-on: https://chromium-review.googlesource.com/463506 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#44297}
-
Clemens Hammacher authored
Add a limit to the number of nested call frames in the C++ wasm interpreter. Both the size of the value stack as well as the size of the block stack are limited per call frame. Thus, a limit on only the call frame stack is enough to limit the overall memory consumption of one interpreter instance. R=ahaas@chromium.org BUG=v8:5822 Change-Id: If9f7e547cd1d003bc2ae3c7586ece6b3cf3be587 Reviewed-on: https://chromium-review.googlesource.com/463486 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#44296}
-
jgruber authored
The dotAll flag changes behavior of the dot '.' character to match every possible single character instead of excluding certain line terminators. The implementation is staged behind --harmony-regexp-dotall. Spec proposal: https://github.com/mathiasbynens/es-regexp-dotall-flag BUG=v8:6172 Review-Url: https://codereview.chromium.org/2780173002 Cr-Commit-Position: refs/heads/master@{#44295}
-
clemensh authored
The disassembly output recently changed to output pc offsets in hex (see https://codereview.chromium.org/2757263002). This CL also changes source positions, safepoints and back edges to use the same format. This allows easier matching. R=leszeks@chromium.org, yangguo@chromium.org Review-Url: https://codereview.chromium.org/2788513004 Cr-Commit-Position: refs/heads/master@{#44294}
-
Clemens Hammacher authored
This CL cleans up a few things: - It removes two dead declarations: WasmMemoryObject::Grow and wasm::GrowInstanceMemory. - It removes the unneeded wasm::GetInstanceMemory function (use instance->memory_buffer() directly). - It moves wasm::GetInstanceMemorySize to WasmInstanceObject::GetMemorySize. - It moves wasm::GrowInstanceMemory to WasmInstanceObject::GrowMemory. - It moves wasm::GrowWebAssemblyMemory to WasmMemoryObject::Grow. R=ahaas@chromium.org CC=gdeepti@chromium.org Change-Id: I19781ca9784f1a8e7b60955bef82e341c4f75550 Reviewed-on: https://chromium-review.googlesource.com/463167 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/master@{#44293}
-
Franziska Hinkelmann authored
README.md is easier to find than message.md. BUG= Change-Id: I9b9b8173c322206b931176d480566cdcb62eb31c Reviewed-on: https://chromium-review.googlesource.com/464706Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Franziska Hinkelmann <franzih@chromium.org> Cr-Commit-Position: refs/heads/master@{#44292}
-
Peter Marshall authored
The resources list is required for android, where these files are pushed to the device. The android bots have been failing due to these missing resources, as the files are not available on the devices. NOTRY=true Change-Id: Ibef3cfc10e01250cb380128013e3c304927b5459 Change-Id: Ibef3cfc10e01250cb380128013e3c304927b5459 Reviewed-on: https://chromium-review.googlesource.com/463266 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#44291}
-
jgruber authored
Additional tests, mostly for interactions with lookbehind assertions. BUG=v8:5437 Review-Url: https://codereview.chromium.org/2784813002 Cr-Commit-Position: refs/heads/master@{#44290}
-
thomasanderson authored
Revert of Remove download_binaries.py from DEPS (patchset #2 id:20001 of https://codereview.chromium.org/2774043002/ ) Reason for revert: https://codereview.chromium.org/2775913002/ needs to be reverted, so reverting all dependent patch sets Original issue's description: > Remove download_binaries.py from DEPS > > This step is no longer necessary after https://codereview.chromium.org/2775913002/ > > BUG=chromium:705072 > > Review-Url: https://codereview.chromium.org/2774043002 > Cr-Commit-Position: refs/heads/master@{#44252} > Committed: https://chromium.googlesource.com/v8/v8/+/459b881c233557f5da9ca9e4779fc1696c785a1c TBR=machenbach@chromium.org,thomasanderson@google.com # Not skipping CQ checks because original CL landed more than 1 days ago. BUG=chromium:705072 Review-Url: https://codereview.chromium.org/2786173004 Cr-Commit-Position: refs/heads/master@{#44289}
-
bmeurer authored
Rewrite returns in derived constructors to only replace undefined with this, and otherwise just return the value, and let the construct stub builtin throw an exception if the result is a primitive instead of a JSReceiver. R=yangguo@chromium.org TBR=marja@chromium.org BUG=chromium:706642 Review-Url: https://codereview.chromium.org/2788033002 Cr-Commit-Position: refs/heads/master@{#44288}
-
domenic authored
This will allow V8 extra consumers to track promise state without using a side-table. This is used by streams as of https://github.com/whatwg/streams/commit/173f9f67be56f6690f82ec26fe86c8e67256616b. BUG=chromium:658144 Review-Url: https://codereview.chromium.org/2784213002 Cr-Commit-Position: refs/heads/master@{#44287}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/a634e44..673a8f4 Rolling v8/third_party/android_tools: https://chromium.googlesource.com/android_tools/+log/b43a6a2..b65c477 Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapult/+log/d3a9107..b13bd47 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/c55112f..5bc7c5e TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Change-Id: I0c0febc9be9fe1d38ffedfb1d92588e6871541fc Reviewed-on: https://chromium-review.googlesource.com/464446Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#44286}
-