- 05 Oct, 2016 18 commits
-
-
epertoso authored
Revert of [heap] Simplify marking of JSFunction and SFI (patchset #3 id:40001 of https://codereview.chromium.org/2389183002/ ) Reason for revert: Broke GCStress. Original issue's description: > [heap] Simplify marking of JSFunction and SFI > > BUG=chromium:651828 > > Committed: https://crrev.com/4d45ed4597d537cf9624cb6683dc4bd646d11242 > Cr-Commit-Position: refs/heads/master@{#39975} TBR=hpayer@chromium.org,mlippautz@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=chromium:651828 Review-Url: https://codereview.chromium.org/2389963007 Cr-Commit-Position: refs/heads/master@{#39983}
-
hpayer authored
BUG=chromium:648568 Review-Url: https://codereview.chromium.org/2390743005 Cr-Commit-Position: refs/heads/master@{#39982}
-
jgruber authored
This moves the RegExp constructor to C++. Local runs of octane/regexp are performance-neutral: C++: 4970.1 +- 404.981 JS: 4869.2 +- 586.743 That's probably only the case because exec and replace dominate octane/regexp. There's potential for improvement here, for instance by adding a fast-path if new.target is an unmodified JSRegExp function. BUG=v8:5339 Review-Url: https://codereview.chromium.org/2384613004 Cr-Commit-Position: refs/heads/master@{#39981}
-
ahaas authored
The implementation of MemorySize with RelocatableInt32Constants is problematic if MemorySize is placed close to a GrowMemory instruction in the code. The use of a runtime function guarantees that the order in which MemorySize and GrowMemory is executed is correct. R=titzer@chromium.org BUG=chromium:651961 TEST=mjsunit/regress/wasm/regression-651961 Committed: https://crrev.com/2c12a9a42d454a36fcd2931fa458d72832eeb689 Review-Url: https://codereview.chromium.org/2386183004 Cr-Original-Commit-Position: refs/heads/master@{#39972} Cr-Commit-Position: refs/heads/master@{#39980}
-
mstarzinger authored
R=rmcilroy@chromium.org Review-Url: https://codereview.chromium.org/2387363003 Cr-Commit-Position: refs/heads/master@{#39979}
-
jgruber authored
These improve readability of relevant code passages. Review-Url: https://codereview.chromium.org/2395453002 Cr-Commit-Position: refs/heads/master@{#39978}
-
marja authored
It's useful for debugging / analytics purposes, since we can force all parsing to happen on a foreground thread. BUG= Review-Url: https://codereview.chromium.org/2386123006 Cr-Commit-Position: refs/heads/master@{#39977}
-
epertoso authored
It is currently being rolled behind the --turbo_verify_machine_graph flag. BUG= Review-Url: https://codereview.chromium.org/2388313003 Cr-Commit-Position: refs/heads/master@{#39976}
-
mlippautz authored
BUG=chromium:651828 Review-Url: https://codereview.chromium.org/2389183002 Cr-Commit-Position: refs/heads/master@{#39975}
-
bmeurer authored
If possible, take the constant map from the (known) native context for JSCreateIterResultObject, so that subsequent map checks can be eliminated in case of iterator inlining. R=jarin@chromium.org BUG=v8:3822 Review-Url: https://codereview.chromium.org/2394783002 Cr-Commit-Position: refs/heads/master@{#39974}
-
ahaas authored
Revert of [wasm] Call a runtime function for a MemorySize instruction. (patchset #2 id:20001 of https://codereview.chromium.org/2386183004/ ) Reason for revert: Patch problem Original issue's description: > [wasm] Call a runtime function for a MemorySize instruction. > > The implementation of MemorySize with RelocatableInt32Constants is > problematic if MemorySize is placed close to a GrowMemory instruction in > the code. The use of a runtime function guarantees that the order in > which MemorySize and GrowMemory is executed is correct. > > R=titzer@chromium.org > BUG=chromium:651961 > TEST=mjsunit/regress/wasm/regression-651961 > > Committed: https://crrev.com/2c12a9a42d454a36fcd2931fa458d72832eeb689 > Cr-Commit-Position: refs/heads/master@{#39972} TBR=titzer@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=chromium:651961 Review-Url: https://codereview.chromium.org/2391223002 Cr-Commit-Position: refs/heads/master@{#39973}
-
ahaas authored
The implementation of MemorySize with RelocatableInt32Constants is problematic if MemorySize is placed close to a GrowMemory instruction in the code. The use of a runtime function guarantees that the order in which MemorySize and GrowMemory is executed is correct. R=titzer@chromium.org BUG=chromium:651961 TEST=mjsunit/regress/wasm/regression-651961 Review-Url: https://codereview.chromium.org/2386183004 Cr-Commit-Position: refs/heads/master@{#39972}
-
jarin authored
This introduces a new OsrGuard node that is inserted during graph building to guard the inferred type of the OSR value. The type of the OSR value is inferred by running the typer before OSR deconstruction, and then taking the type from the phi that takes the OSR value. After the deconstruction, we throw the types away. At the moment we only support the SignedSmall OSR type and we always pick the tagged representation. Later, we might want to support more types (such as Number) and pick better representations (int32/float64). This CL also removes the OSR deconstruction tests because they build unrealistic graph (no effect chain, no loop termination). I considered adding the effect chains to the tests, but this would make the tests even more brittle. Review-Url: https://codereview.chromium.org/2384113002 Cr-Commit-Position: refs/heads/master@{#39971}
-
jarin authored
BUG=chromium:625966 Review-Url: https://codereview.chromium.org/2390303002 Cr-Commit-Position: refs/heads/master@{#39970}
-
jochen authored
Original issue's description: > Turn libbase into a component > > This is a precondition for turning libplatform into a component > > BUG=v8:5412 > R=jgruber@chromium.org,machenbach@chromium.org > CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_compile_ dbg_ng;master.tryserver.chromium.android:android_clang_dbg_recipe > > Committed: https://crrev.com/614e615775f732d71b5ee94ed29737d8de687104 > Cr-Commit-Position: refs/heads/master@{#39950} BUG=v8:5412 TBR=jgruber@chromium.org,machenbach@chromium.org CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_compile_dbg_ng;master.tryserver.chromium.android:android_clang_dbg_recipe;master.tryserver.chromium.mac:mac_chromium_compile_dbg_ng Review-Url: https://codereview.chromium.org/2395553002 Cr-Commit-Position: refs/heads/master@{#39969}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/ba2b708..475d5b3 Rolling v8/third_party/WebKit/Source/platform/inspector_protocol: https://chromium.googlesource.com/chromium/src/third_party/WebKit/Source/platform/inspector_protocol/+log/5258fd5..3280c57 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Review-Url: https://codereview.chromium.org/2393543004 Cr-Commit-Position: refs/heads/master@{#39968}
-
gdeepti authored
Refactor to move module specific functionality to wasm-module.cc, this provides a better interface for the grow() method on WebAssembly.memory objects. R=mtrofin@chromium.org, titzer@chromium.org Review-Url: https://codereview.chromium.org/2396473003 Cr-Commit-Position: refs/heads/master@{#39967}
-
lpy authored
Memory infra in tracing currently uses Isolate::GetHeapStatistics to fetch object statistics from V8 at certain frequency, which is not accurate and will have redundant result. This path adds a trace event as well as a trace category at where we collect object statistics after marking before sweeping, and dumps all information to the trace event. In order to use this functionality, we need to enable two flags: --track-gc-object-stats and --noincremental-marking. BUG=v8:5453 Review-Url: https://codereview.chromium.org/2379823004 Cr-Commit-Position: refs/heads/master@{#39966}
-
- 04 Oct, 2016 22 commits
-
-
mtrofin authored
Debug-time tracing for module instances, to aid diagnosing potential bugs. BUG= Review-Url: https://codereview.chromium.org/2390393002 Cr-Commit-Position: refs/heads/master@{#39965}
-
mtrofin authored
This fixes a gc stress bug. We cannot rely on an ordering of clearing of the weak cells, so we explicitly reset the weak link to the owning instance, when finalizing a compiled module. In turn, this serves as a reliable signal when GCs happen while instantiating, allowing us to correctly link the new instance. BUG=chromium:652425 Review-Url: https://codereview.chromium.org/2393443003 Cr-Commit-Position: refs/heads/master@{#39964}
-
neis authored
R=rmcilroy@chromium.org BUG= Review-Url: https://codereview.chromium.org/2393453003 Cr-Commit-Position: refs/heads/master@{#39963}
-
adamk authored
Previously, b6e9f625 fixed self-assignment in parameters to throw. But it failed to deal with the case of destructuring with defaults. This patch extends that previous approach to always treat the end of a parameter as its initializer position, whether it has an initializer or not. This is the minimal change to make it easy to merge; a follow-up will rename the field of Parameter from "initializer_end_position" to "end_position". BUG=v8:5454 Review-Url: https://codereview.chromium.org/2390943002 Cr-Commit-Position: refs/heads/master@{#39962}
-
neis authored
This removes the execute_ flag, which was always the negation of top_level_. R=rmcilroy@chromium.org BUG= Review-Url: https://codereview.chromium.org/2390163003 Cr-Commit-Position: refs/heads/master@{#39961}
-
machenbach authored
Revert of Turn libbase into a component (patchset #10 id:180001 of https://codereview.chromium.org/2381273002/ ) Reason for revert: Main suspect for roll block: https://codereview.chromium.org/2387403002/ Original issue's description: > Turn libbase into a component > > This is a precondition for turning libplatform into a component > > BUG=v8:5412 > R=jgruber@chromium.org,machenbach@chromium.org > CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_compile_dbg_ng;master.tryserver.chromium.android:android_clang_dbg_recipe > > Committed: https://crrev.com/614e615775f732d71b5ee94ed29737d8de687104 > Cr-Commit-Position: refs/heads/master@{#39950} TBR=jgruber@chromium.org,jochen@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:5412 Review-Url: https://codereview.chromium.org/2393603002 Cr-Commit-Position: refs/heads/master@{#39960}
-
franzih authored
BUG= Review-Url: https://codereview.chromium.org/2389193002 Cr-Commit-Position: refs/heads/master@{#39959}
-
cbruni authored
R=machenbach@chromium.org NOTRY=true BUG=chromium:611010 Review-Url: https://codereview.chromium.org/2391843003 Cr-Commit-Position: refs/heads/master@{#39958}
-
franzih authored
BUG= Review-Url: https://codereview.chromium.org/2390923003 Cr-Commit-Position: refs/heads/master@{#39957}
-
franzih authored
BUG= Review-Url: https://codereview.chromium.org/2387173003 Cr-Commit-Position: refs/heads/master@{#39956}
-
jbroman authored
BUG=chromium:148757 Review-Url: https://codereview.chromium.org/2386233002 Cr-Commit-Position: refs/heads/master@{#39955}
-
bjaideep authored
To keep it consistent with other platforms. R=mlippautz@chromium.org, ulan@chromium.org BUG= Review-Url: https://codereview.chromium.org/2384553003 Cr-Commit-Position: refs/heads/master@{#39954}
-
ahaas authored
The correctness fuzzer executes the input array in two different execution engines and compares the results. If the results don't match, the correctness fuzzer crashes. Since the crash signature is always the same if the results don't match, cluster fuzz would group all inputs which lead to non-matching results. To avoid the grouping a base64 hash has to be appended to the crash signature. This CL changes the text which is appended to the crash signature to a base64 hash. Note that I do not create a base64 hash directly because the base64 class is not available in V8. Instead I create a string which looks like a base64 hash. R=mmoroz@chromium.org, aarya@chromium.org, titzer@chromium.org Review-Url: https://codereview.chromium.org/2390233002 Cr-Commit-Position: refs/heads/master@{#39953}
-
jgruber authored
The old hydrogen stub (and runtime fallback) are still needed while they are used in regexp.js. These will go away once affected code has been ported. Drive-by-fix: Fixed typo in GetFixedA{a,}rrayAllocationSize. BUG=v8:5339 Review-Url: https://codereview.chromium.org/2384473002 Cr-Commit-Position: refs/heads/master@{#39952}
-
jgruber authored
BUG=v8:5415 Review-Url: https://codereview.chromium.org/2373493002 Cr-Commit-Position: refs/heads/master@{#39951}
-
jochen authored
This is a precondition for turning libplatform into a component BUG=v8:5412 R=jgruber@chromium.org,machenbach@chromium.org CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_compile_dbg_ng;master.tryserver.chromium.android:android_clang_dbg_recipe Review-Url: https://codereview.chromium.org/2381273002 Cr-Commit-Position: refs/heads/master@{#39950}
-
leszeks authored
In some (rare) cases, the context depth passed to a dynamic variable lookup can be zero. In these cases, the fast path for the lookup (i.e. load from context or global) can always be taken, as there is no need to search the current context. However, with no slow path checks, the bytecode graph builder had a null environment for the slow path, causing segfaults when this graph was built. This patch adds a null check for the slow path environment, and skips building the slow path if the environment is null. BUG=chromium:652186 Review-Url: https://codereview.chromium.org/2385123002 Cr-Commit-Position: refs/heads/master@{#39949}
-
verwaest authored
Clear also frees the memory, which isn't useful in the case of a zonelist. If we later want to use the list (e.g., because of aborting), that will cause additional allocations. BUG= Review-Url: https://codereview.chromium.org/2391953002 Cr-Commit-Position: refs/heads/master@{#39948}
-
marja authored
If an inner function only declares a variable but doesn't use it, Parser and PreParser produced different unresolved variables, and that confused the pessimistic context allocation. BUG=chromium:650969 Review-Url: https://codereview.chromium.org/2388183003 Cr-Commit-Position: refs/heads/master@{#39947}
-
heimbuef authored
BUG= Review-Url: https://codereview.chromium.org/2377943003 Cr-Commit-Position: refs/heads/master@{#39946}
-
jarin authored
Review-Url: https://codereview.chromium.org/2389553002 Cr-Commit-Position: refs/heads/master@{#39945}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/35c436b..ba2b708 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Review-Url: https://codereview.chromium.org/2389093002 Cr-Commit-Position: refs/heads/master@{#39944}
-