- 30 Sep, 2017 5 commits
-
-
Mostyn Bramley-Moore authored
Remove more "using" statements. Bug: chromium:746958 Change-Id: I2f9c45b1ff1d51fc58b7a702fee046ba3c6a7c17 Reviewed-on: https://chromium-review.googlesource.com/693862Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Mostyn Bramley-Moore <mostynb@vewd.com> Cr-Commit-Position: refs/heads/master@{#48248}
-
Benedikt Meurer authored
This improves performance of ArrayBuffer.isView by roughly 2.5x itself, and enables optimizations across ArrayBuffer.isView calls, i.e. map checks can be eliminated across. This was discovered in a related Node pull request (https://github.com/nodejs/node/pull/15663). Bug: v8:6868 Change-Id: I1d56ec385f8daa0e1d44d3bc4d6c9a5558ba4522 Reviewed-on: https://chromium-review.googlesource.com/691660Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#48247}
-
Tobias Tebbi authored
This reverts commit 3c4bc27f. Reason for revert: https://bugs.chromium.org/p/chromium/issues/detail?id=770257 Original change's description: > Reland "[turbofan] eagerly prune None types and deadness from the graph" > > This is a reland of e1cdda25 > Original change's description: > > [turbofan] eagerly prune None types and deadness from the graph > > > > In addition to using the {Dead} node to prune dead control nodes and nodes that > > depend on them, we introduce a {DeadValue} node representing an impossible value > > that can occur at any position in the graph. The extended {DeadCodeElimination} > > prunes {DeadValue} and its uses, inserting a crashing {Unreachable} node into > > the effect chain when possible. The remaining uses of {DeadValue} are handled > > in {EffectControlLinearizer}, where we always have access to the effect chain. > > In addition to explicitly introduced {DeadValue} nodes, we consider any value use > > of a node with type {None} as dead. > > > > Bug: chromium:741225 > > Change-Id: Icc4b636d1d018c452ba1a2fa7cd3e00e522f1655 > > Reviewed-on: https://chromium-review.googlesource.com/641250 > > Commit-Queue: Tobias Tebbi <tebbi@chromium.org> > > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#48208} > > Bug: chromium:741225 > Change-Id: I21316913dae02864f7a6d7c9269405a79f054138 > Reviewed-on: https://chromium-review.googlesource.com/692034 > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Commit-Queue: Tobias Tebbi <tebbi@chromium.org> > Cr-Commit-Position: refs/heads/master@{#48232} TBR=jarin@chromium.org,tebbi@chromium.org Change-Id: Ied8da411a9c8cbe4ed2e1d3e98a76162c2834c97 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:741225 chromium:770257 Reviewed-on: https://chromium-review.googlesource.com/693235Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#48246}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/57716b3..b376554 Rolling v8/third_party/android_tools: https://chromium.googlesource.com/android_tools/+log/aadb2fe..ca9dc72 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/9a255f5..b6bab93 TBR=machenbach@chromium.org,hablich@chromium.org Change-Id: I2fca7ada80048172b8dd07124a06a5064df165e9 Reviewed-on: https://chromium-review.googlesource.com/693082Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#48245}
-
Eric Holk authored
In JS to Wasm wrappers, arguments have to be converted from JavaScript's representation to Wasm's representation. Because of property accessors, this can result in JavaScript or even asm.js/Wasm code being run. We were previously setting this flag before doing the parameter conversions, and if these conversions triggered a Wasm property getter then we would try to set the flag twice. With this change, we wait until after all argument conversions are done to set the flag. Bug: chromium:769846 R=bradnelson@chromium.org Change-Id: Ia4b56df45619dcad69f3750bb33cacfedcaeb5b2 Reviewed-on: https://chromium-review.googlesource.com/693414 Commit-Queue: Brad Nelson <bradnelson@chromium.org> Reviewed-by: Brad Nelson <bradnelson@chromium.org> Cr-Commit-Position: refs/heads/master@{#48244}
-
- 29 Sep, 2017 30 commits
-
-
Jakob Kummerow authored
Changing "DoubleDigitGreaterThan", which was consuming the result of a multiplication, to "ProductGreaterThan", which performs both steps. Bug: v8:6791 Change-Id: I7dbad350ff9b8228e11682d9691a1574ea5b0b58 Reviewed-on: https://chromium-review.googlesource.com/683614Reviewed-by: Daniel Ehrenberg <littledan@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#48243}
-
Eric Holk authored
This reverts commit 1f99c66b. Reason for revert: Test timeouts on Win64 Debug: https://build.chromium.org/p/client.v8/builders/V8%20Win64%20-%20debug/builds/19226 Original change's description: > [wasm] always allocate memory when guard regions are needed > > When using trap handlers, memory references do not get any checks inserted. This > means there is no check for a null memory as happens when the memory size is > 0. Normally this would be correctly caught as an out of bounds access, since the > low memory addresses are not normally mapped. However, if they were mapped for > some reason, we would not catch the out of bounds access. > > The fix is to ensure WebAssembly instances always have a guard region even if > the memory is size 0. > > Bug: chromium:769637 > Change-Id: I2d0f8c107563236c3780eb7746c2f820e319c65f > Reviewed-on: https://chromium-review.googlesource.com/693137 > Reviewed-by: Mircea Trofin <mtrofin@chromium.org> > Commit-Queue: Eric Holk <eholk@chromium.org> > Cr-Commit-Position: refs/heads/master@{#48240} TBR=gdeepti@chromium.org,mtrofin@chromium.org,eholk@chromium.org Change-Id: I4065b367c6cfffe8dd601b67cd53ad54759ae96a No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:769637 Reviewed-on: https://chromium-review.googlesource.com/692918Reviewed-by: Eric Holk <eholk@chromium.org> Commit-Queue: Eric Holk <eholk@chromium.org> Cr-Commit-Position: refs/heads/master@{#48242}
-
Jakob Kummerow authored
based on the existing Number.parseInt. Bug: v8:6791 Change-Id: I9169a4695807a3e435e343d239431ae7f6ccf2a1 Reviewed-on: https://chromium-review.googlesource.com/685990Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#48241}
-
Eric Holk authored
When using trap handlers, memory references do not get any checks inserted. This means there is no check for a null memory as happens when the memory size is 0. Normally this would be correctly caught as an out of bounds access, since the low memory addresses are not normally mapped. However, if they were mapped for some reason, we would not catch the out of bounds access. The fix is to ensure WebAssembly instances always have a guard region even if the memory is size 0. Bug: chromium:769637 Change-Id: I2d0f8c107563236c3780eb7746c2f820e319c65f Reviewed-on: https://chromium-review.googlesource.com/693137Reviewed-by: Mircea Trofin <mtrofin@chromium.org> Commit-Queue: Eric Holk <eholk@chromium.org> Cr-Commit-Position: refs/heads/master@{#48240}
-
Jakob Kummerow authored
It was working fine for bases 2, 4, and 16; but not for 8 and 32. We have to take carryover from one digit to the next into account when bits_per_character is not a divisor of kDigitBits. Bug: v8:6791 Change-Id: Ia2cd13bdddb04b8abf1e4381e66ba4c88826fbf9 Reviewed-on: https://chromium-review.googlesource.com/685813Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#48239}
-
Michael Lippautz authored
Bug: chromium:738865 Change-Id: I070982d8a4fe2595673ca727973ad8b723050c2f Reviewed-on: https://chromium-review.googlesource.com/692255Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#48238}
-
Toon Verwaest authored
TBR: ofrobots@google.com, yangguo@chromium.org Bug: Change-Id: I6cb0704acabf9a7f2334de539a6600db8607baef Reviewed-on: https://chromium-review.googlesource.com/691720 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#48237}
-
Michael Achenbach authored
This ports: https://chromium-review.googlesource.com/c/chromium/src/+/688742 TBR=agable@chromium.org Bug: chromium:731091 Change-Id: I99b6bfcc769a5f3c429668c2d36518bcac80f3cf Reviewed-on: https://chromium-review.googlesource.com/692634Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#48236}
-
Yang Guo authored
Change the default to false. Block coverage will need to be enabled explicitly via inspector protocol, which is already being done. R=franzih@chromium.org Bug: v8:6738 Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel Change-Id: I08684ce7b501981bc376a6bc6181fabac9628a63 Reviewed-on: https://chromium-review.googlesource.com/689234Reviewed-by: Franziska Hinkelmann <franzih@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#48235}
-
Georgia Kouveli authored
This reverts commit 1cc93be0. Reason for revert: http://crbug.com/769976 Original change's description: > [arm64] Add slot copier to masm and use in builtins > > Abstract some stack slot copies through a macro assembler function. This > eliminates some non-paired stack operations. > > Bug: v8:6644 > Change-Id: Icaa3ebb1bec42587ad461bd548a4225c7b4e5d15 > Reviewed-on: https://chromium-review.googlesource.com/685238 > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> > Commit-Queue: Martyn Capewell <martyn.capewell@arm.com> > Cr-Commit-Position: refs/heads/master@{#48177} TBR=rmcilroy@chromium.org,martyn.capewell@arm.com,bmeurer@chromium.org # Not skipping CQ checks because original CL landed > 1 day ago. Bug: v8:6644 Change-Id: I9044df7c2be028748d85b7007008331a2aa8173f Reviewed-on: https://chromium-review.googlesource.com/691874 Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#48234}
-
Yang Guo authored
And some refactoring to the existing code for LiveEdit. R=jarin@chromium.org Change-Id: Ic1d626db9722b39cbcd83bf6878fc24d6094e612 Reviewed-on: https://chromium-review.googlesource.com/687014 Commit-Queue: Yang Guo <yangguo@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#48233}
-
Tobias Tebbi authored
This is a reland of e1cdda25 Original change's description: > [turbofan] eagerly prune None types and deadness from the graph > > In addition to using the {Dead} node to prune dead control nodes and nodes that > depend on them, we introduce a {DeadValue} node representing an impossible value > that can occur at any position in the graph. The extended {DeadCodeElimination} > prunes {DeadValue} and its uses, inserting a crashing {Unreachable} node into > the effect chain when possible. The remaining uses of {DeadValue} are handled > in {EffectControlLinearizer}, where we always have access to the effect chain. > In addition to explicitly introduced {DeadValue} nodes, we consider any value use > of a node with type {None} as dead. > > Bug: chromium:741225 > Change-Id: Icc4b636d1d018c452ba1a2fa7cd3e00e522f1655 > Reviewed-on: https://chromium-review.googlesource.com/641250 > Commit-Queue: Tobias Tebbi <tebbi@chromium.org> > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Cr-Commit-Position: refs/heads/master@{#48208} Bug: chromium:741225 Change-Id: I21316913dae02864f7a6d7c9269405a79f054138 Reviewed-on: https://chromium-review.googlesource.com/692034Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#48232}
-
Marja Hölttä authored
We were unnecessarily storing everything as uint32_t, even though many items in the preparsed scope data can be stored as uint8_t. This CL also adds an (internal) API which abstracts away the actual data storing, so the backing store can be made even more efficient (e.g., use only 1-3 bytes for some uint32_t values, if they fit) without affecting other parts of the code. BUG=v8:5516,chromium:762492 Change-Id: I7cd4d91dc11f87f8aec9c7584044a6f2a59b73ba Reviewed-on: https://chromium-review.googlesource.com/684182 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#48231}
-
Predrag Rudic authored
Change-Id: Id2eef89f0eba3c59bcdb490e7d986b4b3af0ff9b Reviewed-on: https://chromium-review.googlesource.com/657677Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com> Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com> Cr-Commit-Position: refs/heads/master@{#48230}
-
Marja Hölttä authored
Verify that both UTF-8 decoders (incremental and non-incremental one) match the expectations. Also cleanup / harden the UTF-8 handling code, as suggested in https://chromium-review.googlesource.com/c/v8/v8/+/671020/ . BUG=chromium:765608 Change-Id: I6344d62ca15b75ac8e333421c94c4aa35ab8190d Reviewed-on: https://chromium-review.googlesource.com/681217 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#48229}
-
Ilija Pavlovic authored
Port for: https://chromium-review.googlesource.com/c/v8/v8/+/684017 TEST=cctest/test-run-wasm-64/RunWasmCompiled_Regression_6858 BUG= Change-Id: Ib9640853ea15d73967683c1315e6b54b5b6cc3be Reviewed-on: https://chromium-review.googlesource.com/689794 Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com> Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com> Cr-Commit-Position: refs/heads/master@{#48228}
-
Ulan Degenbaev authored
Bug: chromium:694255 Change-Id: Ie596e02207f13762dbfa77e4fe65950913302b47 Reviewed-on: https://chromium-review.googlesource.com/690075Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#48227}
-
Michael Achenbach authored
Bug: chromium:645094 Change-Id: I04a7f6a4073a6a5c81546863d6f1f371fc74e65d Reviewed-on: https://chromium-review.googlesource.com/691836 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#48226}
-
Daniel Clifford authored
Change-Id: I9eec3c31cdf1441d3187e5d882ca4b88e7b698e7 Reviewed-on: https://chromium-review.googlesource.com/691726Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Daniel Clifford <danno@chromium.org> Cr-Commit-Position: refs/heads/master@{#48225}
-
Ulan Degenbaev authored
in marking worklist. Bug: chromium:769173 Change-Id: I4b3ce27d37bec19ec5cc342b4d26a2a45af34b5f Reviewed-on: https://chromium-review.googlesource.com/691728Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#48224}
-
Clemens Hammacher authored
We had dangling pointers by storing a raw pointer and then discarding the unique_ptr holding it alive, and we had lots of redundant information there. This CL refactors the interface to take a format string and a variable number of argument. R=titzer@chromium.org Change-Id: I8eb6ccd19d307e2477c97a3e5e7f537b5671a891 Reviewed-on: https://chromium-review.googlesource.com/690196 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#48223}
-
Toon Verwaest authored
Bug: Change-Id: I58ce9a0f42dfa81c8e8affa2377c5cc0d08a35e2 Reviewed-on: https://chromium-review.googlesource.com/691714 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#48222}
-
Michael Achenbach authored
This is a reland of a0d2ffb6 This also relands: https://chromium-review.googlesource.com/c/v8/v8/+/684215 Original change's description: > [build] Switch windows default compilation to MSVS 2017 > > Bug: v8:6857 > Change-Id: Icab007681753c6f8143147ea8b2c1b06bf325d92 > Reviewed-on: https://chromium-review.googlesource.com/686900 > Commit-Queue: Michael Achenbach <machenbach@chromium.org> > Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> > Cr-Commit-Position: refs/heads/master@{#48196} TBR=sergiyb@chromium.org Bug: v8:6857 Change-Id: I7e8f560dbb4fcf4f937f8494fb01c802201cf236 Reviewed-on: https://chromium-review.googlesource.com/691834Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#48221}
-
Ross McIlroy authored
Removes script() from CompilationInfo since it might not be created when compiling from a background thread. BUG=v8:5203 Change-Id: Ic36fd04cf4792336707b2d3715d47c59b6a97faf Reviewed-on: https://chromium-review.googlesource.com/690299Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#48220}
-
Toon Verwaest authored
Bug: Change-Id: I644c9f8b9ab3bd4250809ee557ec34ee738f5244 Reviewed-on: https://chromium-review.googlesource.com/691654 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#48219}
-
Benedikt Meurer authored
When loading a known value from a JSArray with a copy-on-write backing store, we don't need to actually do a map check on the JSArray, but just check that the backing store didn't change in the meantime. R=jarin@chromium.org Bug: v8:6816, v8:6815 Change-Id: I6764f3b8af7d4c17b9f6d2396555b584eae08176 Reviewed-on: https://chromium-review.googlesource.com/691721Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#48218}
-
Michael Achenbach authored
This reverts commit c6c6cdb9. Reason for revert: Missed this: https://cs.chromium.org/chromium/src/v8/gypfiles/gyp_environment.py?q=gypfiles/gyp_environment&sq=package:chromium&l=13 Original change's description: > [build] Remove unused toolchain update script > > TBR=sergiyb@chromium.org > > Bug: v8:6857 > Change-Id: I2b02d3352e5b13b73ed74a76405e15c266593873 > Reviewed-on: https://chromium-review.googlesource.com/690079 > Commit-Queue: Michael Achenbach <machenbach@chromium.org> > Reviewed-by: Michael Achenbach <machenbach@chromium.org> > Cr-Commit-Position: refs/heads/master@{#48216} TBR=machenbach@chromium.org,sergiyb@chromium.org Change-Id: I255161b348ac2732cb350ebf8039050ca864f857 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:6857 Reviewed-on: https://chromium-review.googlesource.com/691835Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#48217}
-
Michael Achenbach authored
TBR=sergiyb@chromium.org Bug: v8:6857 Change-Id: I2b02d3352e5b13b73ed74a76405e15c266593873 Reviewed-on: https://chromium-review.googlesource.com/690079 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#48216}
-
Toon Verwaest authored
Bug: Change-Id: Ib888e52c7ad98e3b7419a3a5b4eabbe07f37d796 Reviewed-on: https://chromium-review.googlesource.com/691656Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#48215}
-
Toon Verwaest authored
Bug: Change-Id: I0cc16f129dc4bd49abd04b8f6fa22102dab61c9b Reviewed-on: https://chromium-review.googlesource.com/691655Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#48214}
-
- 28 Sep, 2017 5 commits
-
-
Mostyn Bramley-Moore authored
TBR=jkummerow@chromium.org Bug: chromium:746958 Change-Id: I7500b6206c4ceb087672de5b61b7e7ad234bb425 Reviewed-on: https://chromium-review.googlesource.com/690397 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#48213}
-
Mostyn Bramley-Moore authored
Formerly known as Opera TV. Change-Id: If141d86e744f3ea9dc9605f6d2b35fc78d291a69 Reviewed-on: https://chromium-review.googlesource.com/683175Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Mostyn Bramley-Moore <mostynb@vewd.com> Cr-Commit-Position: refs/heads/master@{#48212}
-
Mircea Trofin authored
Merge better captures the upcoming usecase in the wasm native heap, where allocating/freeing is moving the accounting of memory from a free list to an allocated list and vice-versa - making 'Release' an odd API when allocating. Bug: Change-Id: I9010959c91a1e8585eb06303ab06078132a03f60 Reviewed-on: https://chromium-review.googlesource.com/688004Reviewed-by: Eric Holk <eholk@chromium.org> Commit-Queue: Mircea Trofin <mtrofin@chromium.org> Cr-Commit-Position: refs/heads/master@{#48211}
-
Clemens Hammacher authored
This reverts commit e1cdda25. Reason for revert: Fails 'constructor-inlining' on GC-Stress bot: https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/15270 Original change's description: > [turbofan] eagerly prune None types and deadness from the graph > > In addition to using the {Dead} node to prune dead control nodes and nodes that > depend on them, we introduce a {DeadValue} node representing an impossible value > that can occur at any position in the graph. The extended {DeadCodeElimination} > prunes {DeadValue} and its uses, inserting a crashing {Unreachable} node into > the effect chain when possible. The remaining uses of {DeadValue} are handled > in {EffectControlLinearizer}, where we always have access to the effect chain. > In addition to explicitly introduced {DeadValue} nodes, we consider any value use > of a node with type {None} as dead. > > Bug: chromium:741225 > Change-Id: Icc4b636d1d018c452ba1a2fa7cd3e00e522f1655 > Reviewed-on: https://chromium-review.googlesource.com/641250 > Commit-Queue: Tobias Tebbi <tebbi@chromium.org> > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Cr-Commit-Position: refs/heads/master@{#48208} TBR=jarin@chromium.org,tebbi@chromium.org Change-Id: I9c175d47e2ee4b11a36ed90421202f2354610398 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:741225 Reviewed-on: https://chromium-review.googlesource.com/690080Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#48210}
-
Enrico Bacis authored
The WasmContext struct introduced in this CL is used to store the mem_size and mem_start address of the wasm memory. These variables can be accessed at C++ level at graph build time (e.g., initialized during instance building). When the GrowMemory runtime is invoked, the context variables can be changed in the WasmContext at C++ level so that the generated code will load the correct values. This requires to insert a relocatable pointer only in the JSToWasmWrapper (and in the other wasm entry points), the value is then passed from function to function as an automatically added additional parameter. The WasmContext is then dropped when creating an Interpreter Entry or when invoking a JavaScript function. This removes the need of patching the generated code at runtime (i.e., when the memory grows) with respect to WASM_MEMORY_REFERENCE and WASM_MEMORY_SIZE_REFERENCE. However, we still need to patch the code at instance build time to patch the JSToWasmWrappers; in fact the address of the WasmContext is not known during compilation, but only when the instance is built. The WasmContext address is passed as the first parameter. This has the advantage of not having to move the WasmContext around if the function does not use many registers. This CL also changes the wasm calling convention so that the first parameter register is different from the return value register. The WasmContext is attached to every WasmMemoryObject, to share the same context with multiple instances sharing the same memory. Moreover, the nodes representing the WasmContext variables are cached in the SSA environment, similarly to other local variables that might change during execution. The nodes are created when initializing the SSA environment and refreshed every time a grow_memory or a function call happens, so that we are sure that they always represent the correct mem_size and mem_start variables. This CL also removes the WasmMemorySize runtime (since it's now possible to directly retrieve mem_size from the context) and simplifies the GrowMemory runtime (since every instance now has a memory_object). R=ahaas@chromium.org,clemensh@chromium.org CC=gdeepti@chromium.org Change-Id: I3f058e641284f5a1bbbfc35a64c88da6ff08e240 Reviewed-on: https://chromium-review.googlesource.com/671008 Commit-Queue: Enrico Bacis <enricobacis@google.com> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#48209}
-