- 09 Mar, 2018 11 commits
-
-
jgruber authored
It turns out that with the help of Code::Instruction{Start,End,Size} helpers, we don't need custom profiler methods. InstructionStream is now all-static. Bug: v8:6666 Change-Id: I59e1d2d2cb72c128725a1ed03f11506d40e76224 Reviewed-on: https://chromium-review.googlesource.com/947973 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#51837}
-
Jaroslav Sevcik authored
Bug: chromium:798964 Change-Id: I1ef202296744a39054366f2bc424d6952c3bbe9d Reviewed-on: https://chromium-review.googlesource.com/955588Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#51836}
-
jgruber authored
This is a reland of 6afd25ff Original change's description: > [builtins] Execute binary-embedded builtin code > > This CL creates trampolines into binary-embedded builtins on > isolate-creation, if --stress-off-heap-code is passed. > > Note that this still overwrites existing code objects with the > off-heap trampoline, and that off-heap builtins still exist both in > the snapshot and the binary. Addressing these points are the next > steps. > > Drive-by-change: More efficient off-heap code lookups now that the > off-heap memory area has a contiguous and static layout. > > Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel_ng > Bug: v8:6666 > Change-Id: I7e7ef0aa2cd7b8184ae3a13fa02bdcbb4f2c9f86 > Reviewed-on: https://chromium-review.googlesource.com/947969 > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#51809} TBR=mstarzinger@chromium.org Bug: v8:6666 Change-Id: I4e0684de90733e5f18f6f0ea4832e327d03dfbf7 Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel_ng Reviewed-on: https://chromium-review.googlesource.com/955595Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#51835}
-
Clemens Hammacher authored
Some compilers complain that ConvertReturn is private in SimulatorBase, but used in the arm64 Simulator. This CL fixes this by making ConvertReturn protected. R=ulan@chromium.org Bug: v8:7541 Change-Id: I9326b2c746829e9c37c58c14561811b32929c615 Reviewed-on: https://chromium-review.googlesource.com/955689Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#51834}
-
Marja Hölttä authored
BUG=v8:7490 Change-Id: I07905a57c47ad6663d2d7f6bf539858bed1041f1 Reviewed-on: https://chromium-review.googlesource.com/939164Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#51833}
-
jgruber authored
This is a reland of 491d5a81 Original change's description: > [builtins] Embed builtins into the binary > > This embeds code for off-heap-safe builtins into the binary. Actual > execution of embedded code is not implemented yet. > > The embedded file has the following format: > > namespace v8 { > namespace internal { > > namespace { > > V8_EMBEDDED_TEXT_HEADER(v8_embedded_blob_) > __asm__( /* builtin offsets and lengths */ ); > __asm__(V8_ASM_LABEL("Builtins_RecordWrite")); > __asm__( /* binary instruction stream */ ); > /* Repeat for other builtins. */ > > extern "C" const uint8_t v8_embedded_blob_[]; > static const uint32_t v8_embedded_blob_size_ = /* size in bytes */; > > } // namespace > > const uint8_t* DefaultEmbeddedBlob() { return v8_embedded_blob_; } > uint32_t DefaultEmbeddedBlobSize() { return v8_embedded_blob_size_; } > > } // namespace internal > } // namespace v8 > > Bug: v8:6666 > Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux64_fyi_rel_ng > Change-Id: Ic989f01da69ebe2863f31d934bfbe2c5d6e80864 > Reviewed-on: https://chromium-review.googlesource.com/946011 > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Yang Guo <yangguo@chromium.org> > Cr-Commit-Position: refs/heads/master@{#51759} TBR=yangguo@chromium.org Bug: v8:6666 Change-Id: I89b0498f22b4ce573723748d55d86a82ba285a88 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux64_fyi_rel_ng Reviewed-on: https://chromium-review.googlesource.com/957024Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#51832}
-
Stephan Herhut authored
This reverts a previous accidential edit. Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel Change-Id: Ib6a2e31f600de242e960171dd921387e897e3bc9 Reviewed-on: https://chromium-review.googlesource.com/951305Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Commit-Queue: Stephan Herhut <herhut@chromium.org> Cr-Commit-Position: refs/heads/master@{#51831}
-
Yang Guo authored
R=jgruber@chromium.org Bug: v8:178 Change-Id: I1cabed9aa2a04f86e582ba09742b2e2857a40f27 Reviewed-on: https://chromium-review.googlesource.com/956045Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#51830}
-
Leszek Swirski authored
This reverts commit daa224d4. Reason for revert: https://bugs.chromium.org/p/chromium/issues/detail?id=819873 Original change's description: > [builtins] Remove CheckOptimizationMarker builtin > > This was a shim for the non-I+TF codepath, which is now the only > codepath (that still uses this tier-up mechanism anyway). There were a > couple of places we were accidentally using it due to CompileLazy or > deopts, so this also fixes those. > > Change-Id: I00a7fdf9fb5cf74844138dac62d01ceaaf192e17 > Reviewed-on: https://chromium-review.googlesource.com/951490 > Commit-Queue: Michael Achenbach <machenbach@chromium.org> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Cr-Commit-Position: refs/heads/master@{#51786} TBR=rmcilroy@chromium.org,machenbach@chromium.org,leszeks@chromium.org # Not skipping CQ checks because original CL landed > 1 day ago. Change-Id: I80765eb18aaf5086e6db5d5df96f608a317c999f Reviewed-on: https://chromium-review.googlesource.com/957022Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#51829}
-
Jakob Gruber authored
This reverts commit 36b32aa2. Reason for revert: https://build.chromium.org/p/client.v8.fyi/builders/Win%20V8%20FYI%20Release%20%28NVIDIA%29/builds/208 Original change's description: > Reland "[builtins] Embed builtins into the binary" > > This is a reland of 491d5a81 > > Original change's description: > > [builtins] Embed builtins into the binary > > > > This embeds code for off-heap-safe builtins into the binary. Actual > > execution of embedded code is not implemented yet. > > > > The embedded file has the following format: > > > > namespace v8 { > > namespace internal { > > > > namespace { > > > > V8_EMBEDDED_TEXT_HEADER(v8_embedded_blob_) > > __asm__( /* builtin offsets and lengths */ ); > > __asm__(V8_ASM_LABEL("Builtins_RecordWrite")); > > __asm__( /* binary instruction stream */ ); > > /* Repeat for other builtins. */ > > > > extern "C" const uint8_t v8_embedded_blob_[]; > > static const uint32_t v8_embedded_blob_size_ = /* size in bytes */; > > > > } // namespace > > > > const uint8_t* DefaultEmbeddedBlob() { return v8_embedded_blob_; } > > uint32_t DefaultEmbeddedBlobSize() { return v8_embedded_blob_size_; } > > > > } // namespace internal > > } // namespace v8 > > > > Bug: v8:6666 > > Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux64_fyi_rel_ng > > Change-Id: Ic989f01da69ebe2863f31d934bfbe2c5d6e80864 > > Reviewed-on: https://chromium-review.googlesource.com/946011 > > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > > Reviewed-by: Yang Guo <yangguo@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#51759} > > TBR=yangguo@chromium.org > > Bug: v8:6666 > Change-Id: I741554cb080b6811dfbcb0913c6e1594e74c0432 > Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux64_fyi_rel_ng > Reviewed-on: https://chromium-review.googlesource.com/955084 > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/master@{#51804} TBR=yangguo@chromium.org,jgruber@chromium.org Change-Id: I0e21f958f18b0e4d7edebece5e4a2a3ea094cdd3 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:6666 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux64_fyi_rel_ng Reviewed-on: https://chromium-review.googlesource.com/956185Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#51828}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/ca739dc..d8b353b Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/406b235..df668c3 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: I3712e0f496692dc50d2ee4e8374cc025a54658cd Reviewed-on: https://chromium-review.googlesource.com/955914 Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#51827}
-
- 08 Mar, 2018 29 commits
-
-
Ali Ijaz Sheikh authored
This test depends on lack of randomness in the allocation path so it is not compatible with stress_incremental_marking. Extract it into a standalone tests which runs with the stress flag disabled. Revert "[cctests] Disable flaky cctest test-heap-profiler/SamplingHeapProfiler" This reverts commit 3ea2d6b0. Bug: v8:7444 Change-Id: Id246bca4699a61e6b9ff4b5b5d2ff1ce4ebbd0da Reviewed-on: https://chromium-review.googlesource.com/953865Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com> Cr-Commit-Position: refs/heads/master@{#51826}
-
Yang Guo authored
This reverts commit b342e611. Reason for revert: x64 msvc failure Original change's description: > Attempt to fix MSVC failure in test-debug/BreakPointJSBuiltin > > TBR=bmeurer@chromium.org > > Bug: v8:178 > Change-Id: Idfa86749f3ee49c9f3b2a7fc7c0d7d3285e45c20 > Reviewed-on: https://chromium-review.googlesource.com/956066 > Reviewed-by: Yang Guo <yangguo@chromium.org> > Commit-Queue: Yang Guo <yangguo@chromium.org> > Cr-Commit-Position: refs/heads/master@{#51824} TBR=yangguo@chromium.org,clemensh@chromium.org,bmeurer@chromium.org Change-Id: I76c4df67416b982b3215df7dce23eb1e7d42ec4c No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:178 Reviewed-on: https://chromium-review.googlesource.com/955572Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#51825}
-
Yang Guo authored
TBR=bmeurer@chromium.org Bug: v8:178 Change-Id: Idfa86749f3ee49c9f3b2a7fc7c0d7d3285e45c20 Reviewed-on: https://chromium-review.googlesource.com/956066Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#51824}
-
Teddy Katz authored
This updates the scanner to use the correct error message when it encounters an octal escape sequence in a template literal. Previously, the error message referred to strict mode, even when the template literal was not in strict mode code. Bug: v8:7502 Change-Id: I37bb1338cf796c471108bc10f35f824cdf3ce0b7 Reviewed-on: https://chromium-review.googlesource.com/945411Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#51823}
-
Yang Guo authored
The number of embedder fields grows dynamically, but reading these fields do not perform bounds checks. The naming is taken from a similar method on v8::Isolate. Also changed the growing strategy for the backing store to not over-allocate. R=adamk@chromium.org, bmeurer@chromium.org Bug: v8:7533 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I70beab124a32296c940ffabd897a7790bc8ff47a Reviewed-on: https://chromium-review.googlesource.com/952923Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#51822}
-
Yang Guo authored
TBR=bmeurer@chromium.org NOTRY=true Bug: v8:178 Change-Id: I5f8b128d9f0e5ae0ad9c44da0b6cd599c47fdf6b Reviewed-on: https://chromium-review.googlesource.com/956064Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#51821}
-
Clemens Hammacher authored
Stack slots store the type of the respective value, so we can always get the reg class from that type. R=titzer@chromium.org Bug: v8:6600 Change-Id: I60ca21daa4cc1505562c344367c7586bcd272c9b Reviewed-on: https://chromium-review.googlesource.com/950948Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#51820}
-
Jakob Kummerow authored
This is a reland of 609aaa55 Originally reviewed at: https://chromium-review.googlesource.com/952626 Tbr: adamk@chromium.org Bug: v8:6791 Change-Id: If0699fbfb280192bed61538ccc67c7c95893e691 Reviewed-on: https://chromium-review.googlesource.com/954665Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#51819}
-
Yang Guo authored
This is to better pinpoint win64 failures. TBR=bmeurer@chromium.org Bug: v8:178 Change-Id: If778352cad1f209927067a12d5684e62c4ead8d2 Reviewed-on: https://chromium-review.googlesource.com/955687Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#51818}
-
Clemens Hammacher authored
On 32-bit systems, the computation {count + type_list->size()} can overflow, leading to memory corruption later on. R=titzer@chromium.org Bug: chromium:819869 Change-Id: Ic81d201e58211e3989b4e945cd52e98dc951fbda Reviewed-on: https://chromium-review.googlesource.com/955025 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#51817}
-
Jakob Gruber authored
This reverts commit 6afd25ff. Reason for revert: https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20-%20debug%20-%20fyi/builds/1437 Original change's description: > [builtins] Execute binary-embedded builtin code > > This CL creates trampolines into binary-embedded builtins on > isolate-creation, if --stress-off-heap-code is passed. > > Note that this still overwrites existing code objects with the > off-heap trampoline, and that off-heap builtins still exist both in > the snapshot and the binary. Addressing these points are the next > steps. > > Drive-by-change: More efficient off-heap code lookups now that the > off-heap memory area has a contiguous and static layout. > > Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel_ng > Bug: v8:6666 > Change-Id: I7e7ef0aa2cd7b8184ae3a13fa02bdcbb4f2c9f86 > Reviewed-on: https://chromium-review.googlesource.com/947969 > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#51809} TBR=mstarzinger@chromium.org,jgruber@chromium.org Change-Id: I18276541b468b9d2b2a1366ccd287822e96b6df7 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:6666 Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel_ng Reviewed-on: https://chromium-review.googlesource.com/956042Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#51816}
-
Sergiy Byelozyorov authored
TBR=sergiyb@chromium.org Bug: chromium:776035 Change-Id: I6a9f2cb62ec275af49ec629d6a4d41d61c0a9dfe Reviewed-on: https://chromium-review.googlesource.com/955322 Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#51815}
-
Yang Guo authored
TBR=bmeurer@chromium.org NOTRY=true Bug: v8:178 Change-Id: I25438302be07f51eb9f540ada2ec28e4d06a5198 Reviewed-on: https://chromium-review.googlesource.com/955626Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#51814}
-
Jaroslav Sevcik authored
Bug: chromium:798964 Change-Id: Ia359f68e30e87e2cbee5b8322b4ac54c335ef474 Reviewed-on: https://chromium-review.googlesource.com/955425Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#51813}
-
Camillo Bruni authored
Bug: chr:81499 Change-Id: I5a18b9ec061d426e21c08747a8c18a36bf5ca194 Reviewed-on: https://chromium-review.googlesource.com/950724 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#51812}
-
Yang Guo authored
R=bmeurer@chromium.org, leszeks@chromium.org Bug: v8:178 Change-Id: I00411ddfee458a71464dcba7f1b504b46c70ef06 Reviewed-on: https://chromium-review.googlesource.com/953002Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#51811}
-
Benedikt Meurer authored
This adds a global protector to guard the lookup of "resolve" on the %Promise% intrinsic object (the initial Promise constructor), making sure that Promise.resolve yields the initial builtin method. We use this protector to avoid the lookup of "resolve" all the time inside of Promise.all and Promise.race, when called with constructor being the %Promise% intrinsic object. This improves the performance on the parallel-async-es2017-native benchmark by roughly 2-3%. Bug: v8:7253 Change-Id: Ida93b88afbaeae61f17be4cd30ea6a78b4267cea Reviewed-on: https://chromium-review.googlesource.com/955564Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#51810}
-
jgruber authored
This CL creates trampolines into binary-embedded builtins on isolate-creation, if --stress-off-heap-code is passed. Note that this still overwrites existing code objects with the off-heap trampoline, and that off-heap builtins still exist both in the snapshot and the binary. Addressing these points are the next steps. Drive-by-change: More efficient off-heap code lookups now that the off-heap memory area has a contiguous and static layout. Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel_ng Bug: v8:6666 Change-Id: I7e7ef0aa2cd7b8184ae3a13fa02bdcbb4f2c9f86 Reviewed-on: https://chromium-review.googlesource.com/947969 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#51809}
-
Tobias Tebbi authored
JSCallReducer runs at the same time as DeadCodeElimination and hence can observe an incompletely propagated DeadValue in place of a StateValue node holding the arguments to materialize for JSCreateArguments. This CL fixes this by aborting the lowring of JSCreateArguments in this case. Bug: chromium:819311 v8:7536 Change-Id: I42c4a1923e3dbe470db1a16c5069aaa7c38659ac Reviewed-on: https://chromium-review.googlesource.com/955306Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#51808}
-
Benedikt Meurer authored
The PromiseResolve builtin was missing it's fast-path for when we can skip the "constructor" lookup due to a typo. Bug: v8:7253 Change-Id: Icca033af5d4f7fe8b43ebf49c9315b4c80d52cbc Reviewed-on: https://chromium-review.googlesource.com/955483Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#51807}
-
sreten.kovacevic authored
Test started failing after commit `[Liftoff] Remove Get{Unary,Binary}OpTargetRegister`. Optimization shouldn't be done if dst == rhs in i32_set_cond instruction. This CL fixes the issue. Change-Id: I67cd1ca4692fcf69202ef25f7aa58756a5ddddca Reviewed-on: https://chromium-review.googlesource.com/952963Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com> Cr-Commit-Position: refs/heads/master@{#51806}
-
Benedikt Meurer authored
When optimizing SpeculativeToNumber we need to pay attention to the hint, otherwise we optimize away a Signed32 conversion, based on the fact that the input is a Number. Bug: chromium:819298 Change-Id: I2ac7b0dac708fee9083eca2880bd5674a82daaa3 Reviewed-on: https://chromium-review.googlesource.com/955423Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#51805}
-
jgruber authored
This is a reland of 491d5a81 Original change's description: > [builtins] Embed builtins into the binary > > This embeds code for off-heap-safe builtins into the binary. Actual > execution of embedded code is not implemented yet. > > The embedded file has the following format: > > namespace v8 { > namespace internal { > > namespace { > > V8_EMBEDDED_TEXT_HEADER(v8_embedded_blob_) > __asm__( /* builtin offsets and lengths */ ); > __asm__(V8_ASM_LABEL("Builtins_RecordWrite")); > __asm__( /* binary instruction stream */ ); > /* Repeat for other builtins. */ > > extern "C" const uint8_t v8_embedded_blob_[]; > static const uint32_t v8_embedded_blob_size_ = /* size in bytes */; > > } // namespace > > const uint8_t* DefaultEmbeddedBlob() { return v8_embedded_blob_; } > uint32_t DefaultEmbeddedBlobSize() { return v8_embedded_blob_size_; } > > } // namespace internal > } // namespace v8 > > Bug: v8:6666 > Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux64_fyi_rel_ng > Change-Id: Ic989f01da69ebe2863f31d934bfbe2c5d6e80864 > Reviewed-on: https://chromium-review.googlesource.com/946011 > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Yang Guo <yangguo@chromium.org> > Cr-Commit-Position: refs/heads/master@{#51759} TBR=yangguo@chromium.org Bug: v8:6666 Change-Id: I741554cb080b6811dfbcb0913c6e1594e74c0432 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux64_fyi_rel_ng Reviewed-on: https://chromium-review.googlesource.com/955084Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#51804}
-
Igor Sheludko authored
... and use Smi Map::kPrototypeChainValid for the cases where direct receiver's prototype is not JSObject instead of creating a new valid cell for each such case. This will make a validity cell checking code simpler. Bug: v8:5988 Change-Id: I52cf55797171cc8021d80e4e441615d0c8fc8bd4 Reviewed-on: https://chromium-review.googlesource.com/951384 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#51803}
-
Tobias Tebbi authored
UnalignedLoad is the only kind of load operation that defines its own UnalignedLoadRepresentation type alias and LoadRepresentationOf function. This is a problem because it means we cannot use the LOAD_MATCHER infrastructure without defining all of this boilerplate for all the other kinds of load operations. Since these aliases serve no real purpose, it is best to unify UnalignedLoad to how its peers are handled. Change-Id: I51a591eb82fb85edee66512136b23276e851f767 Reviewed-on: https://chromium-review.googlesource.com/951683 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#51802}
-
Stephan Herhut authored
The debugger script implementation had its own way to write uint32_t values to a string as hex values. This removes the custom code and uses a shared implementation in String16Builder instead. The observable effect is that script hashes are now lower-case and the character sequence is reversed for each 8-character pair. Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel Change-Id: Ib21769fbe10c24055fbd3fa9573bc5c2d72f6a74 Reviewed-on: https://chromium-review.googlesource.com/951303Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Commit-Queue: Stephan Herhut <herhut@chromium.org> Cr-Commit-Position: refs/heads/master@{#51801}
-
v8-autoroll authored
Rolling v8/base/trace_event/common: https://chromium.googlesource.com/chromium/src/base/trace_event/common/+log/0e9a47d..e0009bb Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/06a6e63..ca739dc Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/36f3a71..b6fe934 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: I793509e5285594adf9f030bd2824ca2629d68117 Reviewed-on: https://chromium-review.googlesource.com/952703Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#51800}
-
Marja Hölttä authored
- Make it explicit that the field marks are supposed to be all-false after each object. - Remove unused param from MarkVisitedField. BUG=v8:7534 Change-Id: Ibc226290bb09daca60b92819944e0049bb33e594 Reviewed-on: https://chromium-review.googlesource.com/951725Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#51799}
-
Jaroslav Sevcik authored
The tricky part here is to take away one register from register allocation for the mask. The only problem is with calls that need an input operand to be passed in the poison register. For such calls, we change the register constraint in the instruction selector to pass the value in whatever place the register allocator sees fit. During code generation, we then copy the value from that place to the poison register. By that time, the mask is not necessary (once we bake the mask into the target, it should be done before this move). For the branches, the mask update does not use cmov (unlike x64) because cmov does not take an immediate and we do not have a scratch register. Instead we use bit-twiddling tricks (suggested by @tebbi). For example, here is the code for masking register update after a bailout on non-zero: jnz deopt_bailout ;; Bailout branch setnz bl ;; These three instructions update the mask add ebx, 255 sar ebx, 31 (On x64, the sequence is: jnz deopt_bailout mov r10, 0 ;; We have a scratch register for zero cmovnz r9, r10 ;; Set to zero if we execute this branch ;; in branch mis-speculation ) This CL also fixes a bug in register configuration, where we used to wrongly restrict the array of register name. Change-Id: I5fceff2faf8bdc527d9934afc284b749574ab69e Bug: chromium:798964 Reviewed-on: https://chromium-review.googlesource.com/946251 Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#51798}
-