- 13 Apr, 2017 11 commits
-
-
jarin authored
Previously, we would only consider it if it pointed to a full-code JS function. Thus we could miss both optimized functions and bytecode handlers if they called frame-less code. Review-Url: https://codereview.chromium.org/2822433002 Cr-Commit-Position: refs/heads/master@{#44640}
-
Michael Starzinger authored
This fixes the validation of "|0" annotations of call sites that are used to indicate a "signed" return type of functions. We use lookahead during call validation and request deferred validation as part of the actual OR-expression. Special care has to be taken to get precedence levels of all involved operators right. R=clemensh@chromium.org TEST=mjsunit/asm/call-annotation BUG=v8:6183 Change-Id: If0586f669e7cee26a13425b0fd9f41098e852d68 Reviewed-on: https://chromium-review.googlesource.com/475871 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#44639}
-
jgruber authored
The condition only applies in unicode mode, where any lone surrogates are desugared into a character class (and will not be considered in this optimization). Non-unicode mode treats lone surrogates exactly like any other codepoint. BUG=chromium:711092 Review-Url: https://codereview.chromium.org/2808403006 Cr-Commit-Position: refs/heads/master@{#44638}
-
Franziska Hinkelmann authored
In eval scripts, the source code position can be 0 rather than greater than 0. Add regression test. Drive-by fix: unrelated typo. Bug: 707223 Change-Id: If52c0736daac3ad42ac6d324eb8ec5f1798f6f5a Reviewed-on: https://chromium-review.googlesource.com/476630Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Franziska Hinkelmann <franzih@chromium.org> Cr-Commit-Position: refs/heads/master@{#44637}
-
georgia.kouveli authored
This issue was fixed in VisitWord64And in 2f8ad11f. Port the fix to VisitWord32And. BUG= Review-Url: https://codereview.chromium.org/2815853002 Cr-Commit-Position: refs/heads/master@{#44636}
-
Michael Achenbach authored
Bug: chromium:710428,v8:6248 Change-Id: I70430d5a200199563bf5468a6cc80614307f63e6 Reviewed-on: https://chromium-review.googlesource.com/474847Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#44635}
-
bmeurer authored
When optimizing calls to get Object.prototype.__proto__ in JSCallReducer, we can also consume unreliable receiver map information, as long as the receiver maps are stable. In that case we also need to install proper stability dependencies. BUG=chromium:711195,v8:5267,v8:6241 R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2816993002 Cr-Commit-Position: refs/heads/master@{#44634}
-
Clemens Hammacher authored
This CL implements the proposed change to show information about WebAssembly values and call frames via the inspector interface. Each interpreted WebAssembly frame will have two scopes: A global scope showing information about the memory (to be extended for globals), and a local scope showing information about parameters, local variables, and stack values. Names of local variables will be added later. R=ahaas@chromium.org, yangguo@chromium.org BUG=v8:6245,v8:5822 Change-Id: I0a35fddd0a353933c86adf62083233b08098a2c7 Reviewed-on: https://chromium-review.googlesource.com/474865 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#44633}
-
Michael Starzinger authored
This fixes the existing lowering of {JSGetSuperConstructor} nodes to unconditional throws. The above operator is marked as {kNoWrite} but runtime calls are not marked as such. Any deoptimizing operation after the throw would not be able to find a valid {Checkpoint}. We remove the lowering case in question. R=bmeurer@chromium.org TEST=mjsunit/regress/regress-6248 BUG=v8:6248 Change-Id: I22c922947336254502f698b02f944cf35dd8688a Reviewed-on: https://chromium-review.googlesource.com/476570Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#44632}
-
bmeurer authored
When the incoming value to ChangeFloat64ToTagged is in Smi range, we represent it as Smi instead of a HeapNumber. This addresses a range of problems where TurboFan unnecessarily deoptimizes because an operation learned Smi feedback in Ignition, but was then confronted with a tagged HeapNumber in TurboFan, just because the value was also represented as unboxed double somewhere in the meantime. BUG=v8:6256 R=yangguo@chromium.org Review-Url: https://codereview.chromium.org/2815283002 Cr-Commit-Position: refs/heads/master@{#44631}
-
Sathya Gunasekaran authored
This patch delays the DisposeModuleEmbedderData call for the interative shell case until we exit the RunShell function. Bug: v8:5785 Change-Id: I01ff76000882cd1d6801fefc9ea3770c3f38c83b Reviewed-on: https://chromium-review.googlesource.com/476024 Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#44630}
-
- 12 Apr, 2017 29 commits
-
-
Caitlin Potter authored
Adds some benchmarks copied from v8:4762. BUG=v8:4762, v8:5460 R=adamk@chromium.org Change-Id: I0b96080042781c2c46c0c8a3896a921bde97c1e5 Reviewed-on: https://chromium-review.googlesource.com/475934Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Caitlin Potter <caitp@igalia.com> Cr-Commit-Position: refs/heads/master@{#44629}
-
jyan authored
R=joransiu@ca.ibm.com, bjaideep@ca.ibm.com BUG= Review-Url: https://codereview.chromium.org/2815903002 Cr-Commit-Position: refs/heads/master@{#44628}
-
jyan authored
Port a7c4e778 Original Commit Message: This change mirrors the semantics for derived class constructors. This change doesn't affect non class constructors. This change could potentially break web compat. More details: https://github.com/tc39/ecma262/pull/469 R=gsathya@chromium.org, joransiu@ca.ibm.com, bjaideep@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Review-Url: https://codereview.chromium.org/2815873003 Cr-Commit-Position: refs/heads/master@{#44627}
-
binji authored
It's required by the spec -- and observable -- that the index be validated before the conversion of the value(s) via ToInteger. The previous implementation also had an old test for validating the atomic index, which has now been switched to ToIndex. This also exposed an issue in the ia32 code generator: cmpxchg_b requires a byte register, but the ia32 instruction selector was ensuring that the new_value was a byte register, not the TempRegister. This change forces the temp register to use edx, which always can be used as a byte register (dl). This is the same behavior as currently used in UseByteRegister. BUG=v8:4614 R=jarin@chromium.org,jkummerow@chromium.org Review-Url: https://codereview.chromium.org/2814753003 Cr-Commit-Position: refs/heads/master@{#44626}
-
brucedawson authored
When doing VS 2017 official builds of some targets, including mksnapshot.exe, a warning about a buffer overrun is shown. After analysis and discussion with Microsoft it was decided that this warning is spurious. The warning is: warning C4789: buffer 'key' of size 16 bytes will be overrun; 4 bytes will be written starting at offset 16 Despite the certain language "4 bytes *will* be written..." it is in fact a heuristic based warning. Suppressing it at this point in the inlining stack appears to avoid the issues. R=hablich@chromium.org BUG=v8:6068 Review-Url: https://codereview.chromium.org/2804033005 Cr-Commit-Position: refs/heads/master@{#44625}
-
kozyatinskiy authored
We currently store it in parent stack trace but stacks with the same parent can have different creations stacks. BUG=v8:6189 R=dgozman@chromium.org Review-Url: https://codereview.chromium.org/2807273002 Cr-Commit-Position: refs/heads/master@{#44624}
-
hans authored
The arm64 MacroAssembler expects buffer_size to be an unsigned, not a size_t. BUG=chromium:710913 Review-Url: https://codereview.chromium.org/2818513002 Cr-Commit-Position: refs/heads/master@{#44623}
-
kozyatinskiy authored
Usually program doesn't contain a lot of different stack frames in collected stack trace. BUG=v8:6189 R=yangguo@chromium.orr TBR=bmeurer@chromium.org Review-Url: https://codereview.chromium.org/2788413004 Cr-Commit-Position: refs/heads/master@{#44622}
-
brucedawson authored
Optimizations are supposed to be disabled in our stack-trace code when building with VC++. However the check used #if defined(COMPILER_MSVC) when that is never defined in v8. The correct define in v8 is V8_CC_MSVC. R=hablich@chromium.org Review-Url: https://codereview.chromium.org/2800043003 Cr-Commit-Position: refs/heads/master@{#44621}
-
Franziska Hinkelmann authored
gdb_index is not in declare_args() and has no effect. NOTRY=true Change-Id: I88a9558937aa8fea30ab246899bea4a123947f82 Reviewed-on: https://chromium-review.googlesource.com/475772 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#44620}
-
Ross McIlroy authored
The BytecodePipeline is no longer used by any optimizers, so remove it and connect the BytecodeArrayBuilder directly to the BytecodeWriter. Also remove some functions from BytecodeNode which are no longer used. BUG=v8:6194 Change-Id: Id2ec94ff1d4db41b108a778100459283fbb2256c Reviewed-on: https://chromium-review.googlesource.com/471528Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#44619}
-
bjaideep authored
R=joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Review-Url: https://codereview.chromium.org/2800813002 Cr-Commit-Position: refs/heads/master@{#44618}
-
Ross McIlroy authored
This relands commit a79f9031. Original change's description: > [Interpreter] Unify approach to building interpreter handler and Turbofan stubs. > > Moves interpreter-generator.cc to a similar model of building handlers as > Turbofan stubs elsewhere, to simplify moving code between stubs / builtins and > bytecode handlers. This removes the "__" hack from the Interpreter generator > code. > > Also make SetBytecodeOffset private to InterpreterAssembler and make > LdaImmutable[Current]ContextSlot and Lda[Current]ContextSlot share > handlers since they are identical. > > Change-Id: I9e91e7d37c2ea75513e4dcc3b95b4bb6517f83da > Reviewed-on: https://chromium-review.googlesource.com/471987 > Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Cr-Commit-Position: refs/heads/master@{#44534} > TBR=rmcilroy@chromium.org,jkummerow@chromium.org,machenbach@chromium.org,cbruni@chromium.org,leszeks@chromium.org,v8-reviews@googlegroups.com,ishell@chromium.org Change-Id: I282fe5582f681ccb0642537a70f89185558ee195 Reviewed-on: https://chromium-review.googlesource.com/474755Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#44617}
-
Michael Achenbach authored
This reverts commit b9194e93. Reason for revert: Makes old pipeline flaky with custom snapshot: https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20-%20custom%20snapshot%20-%20debug/builds/14049 Original change's description: > [heap-verification] Increase verification for arguments objects > > BUG: v8:6251 > Change-Id: I8a6dd528656a69c7910770acaf2133830b60c291 > Reviewed-on: https://chromium-review.googlesource.com/475651 > Commit-Queue: Camillo Bruni <cbruni@chromium.org> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Cr-Commit-Position: refs/heads/master@{#44609} TBR=jkummerow@chromium.org,cbruni@chromium.org,v8-reviews@googlegroups.com NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Change-Id: Iedfdad290bf4f5f6ec2534e8c5378a7cc195db82 Reviewed-on: https://chromium-review.googlesource.com/475719Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#44616}
-
Marja Hölttä authored
Unfortunately, this test cannot test that a function was really skipped (i.e., not parsed). BUG=v8:5516 Change-Id: I8db5027d2216a95cc012ceae8e17554095cc1d4f Reviewed-on: https://chromium-review.googlesource.com/457037Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#44615}
-
hablich authored
Revert of [wasm] instantiate expressed in terms of compile (patchset #6 id:140001 of https://codereview.chromium.org/2806073002/ ) Reason for revert: Roll blocker: https://bugs.chromium.org/p/chromium/issues/detail?id=710824 Original issue's description: > [wasm] instantiate expressed in terms of compile > > Today, the semantics of: > > WebAssembly.instantiate > > and > > WebAssembly.compile().then(new WebAssemblyInstance) > > are subtly different, to the point where attempting the proposed > change uncovered bugs. > > In the future, it's possible that .instantiate actually have different > semantics - if we pre-specialized to the provided ffi, for example. > Right now that's not the case. > > This CL: > - gets our implementation closer to what developers may write using > the compile -> new Instance alternative, in particular wrt promise > creation. By reusing code paths, we uncover more bugs, and keep > maintenance cost lower. > > - it gives us the response-based WebAssembly.instantiate implicitly. > Otherwise, we'd need that same implementation on the blink side. The > negative is maintenance: imagine if the bugs I mentioned could only be > found when running in Blink. > > BUG=chromium:697028 > > Review-Url: https://codereview.chromium.org/2806073002 > Cr-Commit-Position: refs/heads/master@{#44592} > Committed: https://chromium.googlesource.com/v8/v8/+/7829af3275ff4644a2d0a1270abe1a1e4415e9fb TBR=bradnelson@chromium.org,ahaas@chromium.org,adamk@chromium.org,mtrofin@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=chromium:697028 Review-Url: https://codereview.chromium.org/2810203002 Cr-Commit-Position: refs/heads/master@{#44614}
-
Marja Hölttä authored
The biggest problem is isolate.h (this CL doesn't solve that yet). BUG=v8:5294 Change-Id: I56b32109f501c48facd99cd12ca6c8f427e188a9 Reviewed-on: https://chromium-review.googlesource.com/471487Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#44613}
-
bmeurer authored
R=jarin@chromium.org BUG=v8:5267 Review-Url: https://codereview.chromium.org/2813183002 Cr-Commit-Position: refs/heads/master@{#44612}
-
Daniel Vogelheim authored
Change-Id: I7f519cc778157f3ddd4c3135d0620a9f46d1193c Reviewed-on: https://chromium-review.googlesource.com/475873Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Daniel Vogelheim <vogelheim@chromium.org> Cr-Commit-Position: refs/heads/master@{#44611}
-
Loo Rong Jie authored
BUG=v8:4742 R=machenbach@chromium.org,jkummerow@chromium.org Change-Id: I03e87db1536f33a67593437f8c72c33486ecdbd1 Reviewed-on: https://chromium-review.googlesource.com/474787 Commit-Queue: Loo Rong Jie <loorongjie@gmail.com> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#44610}
-
Camillo Bruni authored
BUG: v8:6251 Change-Id: I8a6dd528656a69c7910770acaf2133830b60c291 Reviewed-on: https://chromium-review.googlesource.com/475651 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#44609}
-
bmeurer authored
BUG=chromium:684208,chromium:709753,v8:5267 R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2811153003 Cr-Commit-Position: refs/heads/master@{#44608}
-
yangguo authored
We used to reserve the 0-th embedder data field for the debug context id. This is no longer necessary since the inspector has migrated to be part of V8. This makes the API a bit simpler. R=clemensh@chromium.org, jochen@chromium.org, kozyatinskiy@chromium.org BUG=v8:5530 Review-Url: https://codereview.chromium.org/2806303002 Cr-Commit-Position: refs/heads/master@{#44607}
-
jgruber authored
This adds a fast path to skip runtime calls to GetSubstitution when the replacer string does not contain a '$' char. Extended background: String.prototype.replace is (roughly) structured as follows: * Check if {searchValue} has a @@replace Symbol, and delegate to that if so. We currently implement efficient fast paths when {searchValue} is a String or a fast RegExp. * A specialized fast path for single-char {searchValue}, "long" subject string, and String {replaceValue} that do not contain '$' chars (yes, this fast path is very specialized). * Check for the location of the first match using StringIndexOf, and exit early if no match is found. * Finally build the return value, which is 'prefix + replacement + suffix', where replacement is either the result of calling {replaceValue} (if it is callable), or GetSubstitution(ToString({replaceValue})) otherwise. There's several spots that could be improved. StringIndexOf currently calls into C++ runtime for all but the simple 1-byte, 1-char {searchValue} case. We need to finally add support for remaining cases. The runtime call to GetSubstitution can be skipped if the replacer string does not contain any '$' syntax. This CL handles that case. BUG= Review-Url: https://codereview.chromium.org/2813843002 Cr-Commit-Position: refs/heads/master@{#44606}
-
mic.besace authored
BUG= Review-Url: https://codereview.chromium.org/2757543004 Cr-Commit-Position: refs/heads/master@{#44605}
-
pwnall authored
This is necessary to appease "gn check" if gtest_prod.h becomes a part of the Chromium checkout, instead of a third-party repository brought over by Chromium's DEPS. The file is already listed in v8's DEPS, but gn does not use DEPS as an input. BUG=chromium:630705 Review-Url: https://codereview.chromium.org/2807353002 Cr-Commit-Position: refs/heads/master@{#44604}
-
bmeurer authored
The hole NaN should also have proper Type::Hole, and not silently hide in the Type::Number. This way we can remove all the special casing for the hole NaN, and we also finally get the CheckNumber right. This also allows us to remove some ducktape from the Deoptimizer, as for escape analyzed FixedDoubleArrays we always pass the hole value now to represent the actual holes. Also-By: jarin@chromium.org BUG=chromium:684208,chromium:709753,v8:5267 R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2814013003 Cr-Commit-Position: refs/heads/master@{#44603}
-
Clemens Hammacher authored
The local variables were parsed two times, which in fact doubled the amount of local variables allocated for each called function. This was costing memory and performance. As the additional local variables were never used, we did not recognize this before. Add a test case for locals and stack values of interpreted frames. R=ahaas@chromium.org BUG=v8:5822 Change-Id: Ie5cb8d8f5441edee6abb46aa6bebef4a033d582b Reviewed-on: https://chromium-review.googlesource.com/474749 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#44602}
-
Michael Achenbach authored
This was missing in: TBR=vogelheim@chromium.org Bug: chromium:710409 TBR=vogelheim@chromium.org NOTRY=true Bug: chromium:710409 Change-Id: Ic4b59550e358860cd10adf3d5137342ff7e862a3 Reviewed-on: https://chromium-review.googlesource.com/475831 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#44601}
-