- 30 Jan, 2019 34 commits
-
-
Sven Sauleau authored
We noticed that almost every call site were loading both files, the split isn't necessary anymore. In some message tests, removed the absolute line number to allow future changes. Bug: v8:8726 Change-Id: I8527f0a1ecfa685aa01a5e2f5f47ddf1cb13a545 Reviewed-on: https://chromium-review.googlesource.com/c/1446452 Commit-Queue: Sven Sauleau <ssauleau@igalia.com> Reviewed-by:
Ben Titzer <titzer@chromium.org> Reviewed-by:
Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#59220}
-
Jakob Gruber authored
Now that we generate the embedded blob and off-heap trampolines directly after builtin generation, the heap should not contain any remaining references to full on-heap builtin Code objects. The one exception is the interpreter entry trampoline copy for profiling. This mechanism was actually broken by canonicalization; we intended to store a full copy of the IET on the root list, but serialization replaced it with the canonicalized builtin. This CL fixes that as a side-effect. Bug: v8:8716 Change-Id: Ib37c4004560d67de46b1f8ebe75156361134f57d Reviewed-on: https://chromium-review.googlesource.com/c/1421037 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#59219}
-
Junliang Yan authored
Port ad3546ab Original Commit Message: This is an initial step towards clarifying the layout of the instruction area. As follow-ups, we should remove additional safepoint and handler table offset parameters, and perhaps alter Code::safepoint_table_offset (handler_table) semantics to always contain a real offset and avoid the magic 0 signifying nonexistent tables. R=jgruber@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: I6c2d3244710f8f3f33bcceb3988e19547f55fba0 Reviewed-on: https://chromium-review.googlesource.com/c/1446138Reviewed-by:
Milad Farazmand <miladfar@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#59218}
-
Igor Sheludko authored
addp, andp, cmpp, decp, incp, leap, negp, orp, subp, testp, xorp, shrp, sarp, shlp are replaced with respective quad-word instructions. Some wrongly-used xxxp instructions in regexp code are replaced with xxxl. Bug: v8:8621, v8:8562 Change-Id: If5fe3229a35805b8ef84d3e1ffa05cf9ed91ceef Reviewed-on: https://chromium-review.googlesource.com/c/1446451Reviewed-by:
Clemens Hammacher <clemensh@chromium.org> Reviewed-by:
Sigurd Schneider <sigurds@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#59217}
-
Clemens Hammacher authored
Instead of passing the error explicitly, make the callbacks get the error from the CompilationState. This prepares a change to call the callbacks asynchronously, because from the background we cannot construct the final error message (because this requires access to the wire bytes). Thus the callbacks will have to get the actual compile error from the CompilationState from a foreground task if they need it. R=mstarzinger@chromium.org Bug: v8:8689 Change-Id: I22accabf895bf21fa7492e2f5cb8bac93237c765 Reviewed-on: https://chromium-review.googlesource.com/c/1445975 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#59216}
-
Takuto Ikuta authored
By using different namespace, generated code split into different files. By this CL, build time of torque_generated_initializers is improved from 80 seconds to 40 seconds on Z840 Linux measured by following command: # Remove generated code to re-compile all generated files. ~/v8/v8$ rm -rf out/x64.release/gen/ # GOMA_STORE_ONLY=true disables goma's backend cache. ~/v8/v8$ time GOMA_STORE_ONLY=true autoninja -C out/x64.release/ torque_generated_initializers Bug: v8:8732 Change-Id: I64545f9994aea7e4209ac3852aadf4e2e9f4bc93 Reviewed-on: https://chromium-review.googlesource.com/c/1446331Reviewed-by:
Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Takuto Ikuta <tikuta@chromium.org> Cr-Commit-Position: refs/heads/master@{#59215}
-
Benedikt Meurer authored
For instances created via constructors and `new` we try to pre-size the instances such that ideally all the data properties can be allocated as in-object properties (and we don't need to allocate the out-of-object PropertyArray backing store). This is accomplished with the helper of the Parser, which counts the property assignments to `this` in the constructor, and we use that as the starting point for pre-sizing logic (a mechanism called *slack tracking* is used to dynamically shrink the objects based on the real memory usage, and eventually compute the final starting size for instances of the individual constructors). This works well even with class hierarchies, since for a derived class constructor we just include the current constructor plus all the base constructors. I.e. with ```js class A { constructor() { this.x00 = null; this.x01 = null; this.x02 = null; this.x03 = null; this.x04 = null; this.x05 = null; this.x06 = null; this.x07 = null; this.x08 = null; this.x09 = null; this.x10 = null; this.x11 = null; this.x12 = null; this.x13 = null; this.x14 = null; this.x15 = null; this.x16 = null; this.x17 = null; this.x18 = null; this.x19 = null; } } class B extends A { constructor() { super(); } } ``` we will eventually learn that instances of `B` need 20 in-object properties. However this breaks with transpiled code (i.e. as generated via TypeScript or Babel), even when the constructors are properly chained. ```js function A() { this.x00 = null; this.x01 = null; this.x02 = null; this.x03 = null; this.x04 = null; this.x05 = null; this.x06 = null; this.x07 = null; this.x08 = null; this.x09 = null; this.x10 = null; this.x11 = null; this.x12 = null; this.x13 = null; this.x14 = null; this.x15 = null; this.x16 = null; this.x17 = null; this.x18 = null; this.x19 = null; } function B() { A.call(this); } Object.setPrototypeOf(B, A); ``` Here we will always have 10 in-object properties for instances of `B` (due to the generic over-allocation logic), and the other 10 properties have to be allocated in the out-of-object PropertyArray. This is unfortunate and actually not necessary. Instead we could just do the same [[Prototype]] walk on the constructor for regular function constructors that we perform for derived (native) class constructors. This CL changes that, such that we give the same treatment to transpiled class that we have for native classes. R=verwaest@chromium.org Bug: v8:8764, v8:8765 Doc: https://bit.ly/v8-instance-presizing-with-transpiled-classes Change-Id: Iac54391e41c9a39101751a678b3a647269fb009d Reviewed-on: https://chromium-review.googlesource.com/c/1442643 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by:Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#59214}
-
Sven Sauleau authored
Changes made to the Wasm module builder: - Create emit_u64v for emitting a LEB128 that conceptually represent an 64-bits integer. - Differentiate toBuffer and toUint8Array for returning respectively ArrayBuffer and a Uint8Array. - Moved wasmF32Const and wasmF64Const functions because we can take advantage of the existing cached conversion buffers. Also, declaring them in the constants file will collide with the module-builder since they are loaded in the same scope. - The byte_view buffer (used by some conversions to bytes) switched from Int8Array to Uint8Array. Changes made to the Wasm contants: - Add a new kSharedHasMaximumFlag flag for shared memory with a maximum value. Bug: v8:8726 Change-Id: If16c59896cfa1d42008da413e2e144b73a0fa5ce Reviewed-on: https://chromium-review.googlesource.com/c/1443062Reviewed-by:
-
Michael Starzinger authored
This fixes how the interpreter modifies the operand stack in the case calls with non-zero parameter or return count throw an exception. The interpreter raises the exception before arguments are popped and before results are pushed onto the stack. This makes the control transfer analysis fit this model. It also makes the tests trigger this aspect. R=clemensh@chromium.org TEST=cctest/test-run-wasm-exceptions BUG=v8:8091 Change-Id: I001fc4bc0030393d3c97be3fa9425bc540575071 Reviewed-on: https://chromium-review.googlesource.com/c/1445972 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
-
Benedikt Meurer authored
When the length is already available from an unrolled iteration (which seems to be the common case), we can just reuse that below for the actual loop. Also it's probably cheaper to always use IntPtr instead of Smi for the length, since that way we don't need expensive SmiConstant for the abort conditions in the unrolled iterations. Change-Id: I322c5d864d58bc56c181473ca8b796a7ab27a51f Reviewed-on: https://chromium-review.googlesource.com/c/1445984Reviewed-by:
Igor Sheludko <ishell@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#59211}
-
Maya Lekova authored
R=neis@chromium.org Bug: v8:7790 Change-Id: I41d212129fbdafbf7bc0fdf238f734c6f45ae5df Reviewed-on: https://chromium-review.googlesource.com/c/1445811 Commit-Queue: Maya Lekova <mslekova@chromium.org> Reviewed-by:
Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#59210}
-
Mathias Bynens authored
This patch changes the parser to allow for-of initializer var-redeclaration of non-destructured catch parameters. Previously, the spec allowed var-redeclaration of a non-destructured catch parameter… try {} catch (e) { var e; } …except in the particular case where the var declaration is a for-of initializer: try {} catch (e) { for (var e of whatever) {} } https://github.com/tc39/ecma262/pull/1393 removes this strange exceptional case. This patch implements that change. BUG=v8:8759 Change-Id: Ia4e33ac1eab89085f8a5fdb547f479cfa38bbee5 Reviewed-on: https://chromium-review.googlesource.com/c/1444954Reviewed-by: -
Marja Hölttä authored
The test defined a function called "Register" which clashes with other functions with the same name. NOTRY=true TBR=sigurds@chromium.org BUG=v8:8179 Change-Id: I7ddfc481cd1de750272de7b43e2e7f9fe26626a9 Reviewed-on: https://chromium-review.googlesource.com/c/1445982Reviewed-by:
Marja Hölttä <marja@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#59208}
-
Ulan Degenbaev authored
Only Heap::GcSafeFindCodeForInnerPointer requires the chunk map. Other large object spaces use more the efficient MemoryChunk::FromAnyPointerAddress. Additionally, this patch renames Register/Unregister to AddPage/RemovePage to be consistent with other spaces and makes them virtual. Bug: chromium:852420 Change-Id: I8d637bb59e15bd61fe452fda7f4a55049d32030c Reviewed-on: https://chromium-review.googlesource.com/c/1439417 Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#59207}
-
Stephan Herhut authored
When cleaning up the code for the register allocator, I negated a helper function for readability but forgot to also negate its implementation. For obvious reasons, that was not a good idea. Change-Id: I0e5f4fbf5c83cce8b4891e0a84ef099df15d1ab0 Reviewed-on: https://chromium-review.googlesource.com/c/1445973Reviewed-by:
-
Jakob Gruber authored
Bug: v8:8758 Change-Id: Ifd0c66f27ab5fb33032b243d3a33c0b797b9af17 Reviewed-on: https://chromium-review.googlesource.com/c/1442644 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by:
-
Marja Hölttä authored
This replaces WeakFactory with FinalizationGroup. New API is here: https://weakrefs.netlify.com/ BUG=v8:8179 Change-Id: I8c1c4a70deb42581d17117423dd29d93bdd35cb0 Reviewed-on: https://chromium-review.googlesource.com/c/1435938Reviewed-by:
Maya Lekova <mslekova@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#59204}
-
Ross McIlroy authored
BUG=v8:8751,v8:8752 Change-Id: Ib99d5b9c399d5f2ab616399fdd3c7f190e2d0399 Reviewed-on: https://chromium-review.googlesource.com/c/1445971Reviewed-by:
-
Jakob Gruber authored
This is an initial step towards clarifying the layout of the instruction area. As follow-ups, we should remove additional safepoint and handler table offset parameters, and perhaps alter Code::safepoint_table_offset (handler_table) semantics to always contain a real offset and avoid the magic 0 signifying nonexistent tables. Bug: v8:8758 Change-Id: I9f54629ff3ddad69904b0e1ce2a58e047397aa15 Reviewed-on: https://chromium-review.googlesource.com/c/1434036 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by:
-
Tamer Tas authored
Procs return the result by increasing recursion through result_for. This CL eliminates that mechanism from the Processor interface and uses boolen return values for sending tests to signal success or the failure to load the test into the execution queue. R=machenbach@chromium.org CC=yangguo@chromium.org,sergiyb@chromium.org Bug: v8:8174,v8:8731 Change-Id: I073a86ca84bcf88da11132b90013d4c8455bc61e Reviewed-on: https://chromium-review.googlesource.com/c/1439239 Commit-Queue: Tamer Tas <tmrts@chromium.org> Reviewed-by:
Michael Achenbach <machenbach@chromium.org> Reviewed-by:
Sergiy Belozorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#59201}
-
Igor Sheludko authored
Currently, in debug mode the snippets check that the result of decompression equals to the full value stored in the field. Bug: v8:7703 Change-Id: I43d20f15510de57582ee00ca23d676dfd4d06636 Reviewed-on: https://chromium-review.googlesource.com/c/1440049Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#59200}
-
Michael Starzinger authored
This implements preliminary handling of exceptions thrown by external functions that have been imported into the module. Note that handling internal function is still missing, but tests have been added. R=clemensh@chromium.org TEST=cctest/test-run-wasm-exceptions BUG=v8:8091 Change-Id: I9d07739d8b4715a5643114fd7a868cdd8d72efd0 Reviewed-on: https://chromium-review.googlesource.com/c/1445751 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
-
Toon Verwaest authored
Bug: chromium:926819 Change-Id: I44832f8707c413d40e5632ed39b97624059f1fba Reviewed-on: https://chromium-review.googlesource.com/c/1445891Reviewed-by:
Camillo Bruni <cbruni@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#59198}
-
Camillo Bruni authored
We can directly skip the write barrier in the case we set only a Smi. Change-Id: Ic2f4f13f9edb851a18878bec14981a2ad7687433 Reviewed-on: https://chromium-review.googlesource.com/c/1444957Reviewed-by:
-
Andreas Haas authored
We extracted the platform-specific API header into separate, platform- specific header files to avoid OS-specific includes in include/v8.h. As the platform-specific headers are only needed on their specific platform, we did not make them available on other platforms in BUILD.gn. Unfortunately, this is not possible, because the `include` validation in `gn gen --check` checks the availability of header files without considering `#ifdef` in the source files. Therefore the check fails on Windows when the POSIX-specific header file is not available. With this CL platform-specific headers will be generally available. This is no problem because they can only be included on their specific platform anyways. R=adamk@chromium.org Bug: chromium:921971 Change-Id: Iee7cc22063ce31a536f937d73799b7217ac1a94e Reviewed-on: https://chromium-review.googlesource.com/c/1443057Reviewed-by:
Adam Klein <adamk@chromium.org> Reviewed-by:
-
Stephan Herhut authored
This change lands a change to the register allocator. Other than classical linear scan, we now take control flow events into account when deciding spill descisions. The basic idea is to restore the state of a predecessor on entry of a successor. In the case of multiple predecessors, we use heuristics to compute the new state based on the predecessors. The main addition to the machinery is to support unspilling live ranges and to undo live range splitting in certain cases. Currently, disabled behind a flag. Change-Id: I37a70c948be826a90d8b806a52856ad81f475573 Reviewed-on: https://chromium-review.googlesource.com/c/1426129 Commit-Queue: Stephan Herhut <herhut@chromium.org> Reviewed-by:
-
Michael Lippautz authored
In future, weak handles will be considered as independent and MarkActive() will not be supported anymore. Users should switch to TracedGlobal, when relying on special cases for using handles with v8::EmbedderHeapTracer. Bug: chromium:923361, v8:8562 Change-Id: Ic6e01a1ab59a25c5fb0aa2ebfb8ddb02e454d72d Reviewed-on: https://chromium-review.googlesource.com/c/1443064 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
-
Maya Lekova authored
Add tests for proper serialization of inlinee targets. Bug: v8:7790 Change-Id: I6bf86de1352f91fddf5f6eba9e889e7d5ac9767c Reviewed-on: https://chromium-review.googlesource.com/c/1443058 Commit-Queue: Maya Lekova <mslekova@chromium.org> Reviewed-by:
-
Sigurd Schneider authored
This removes the unnecessary helper GetNumberOfIncomingArguments from several frames. Clients should use ComputeParametersCount instead. Change-Id: I54c261fd6ff0a8a5dc6d1832a0b397429a7ba726 Bug: v8:8757 Reviewed-on: https://chromium-review.googlesource.com/c/1442642Reviewed-by:
-
Frank Tang authored
Bug: v8:8756 Change-Id: Ie0f74f1029bd566924ef6e33a6b0c293489f8234 Reviewed-on: https://chromium-review.googlesource.com/c/1445136Reviewed-by:
-
Leszek Swirski authored
Change-Id: I0895d9b9131a0c06edd3d1359c080b8b6830d236 Reviewed-on: https://chromium-review.googlesource.com/c/1443060Reviewed-by:
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/7a588f4..5d6f467 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/eae881c..1a9772f Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/9f5b861..b695155 Rolling v8/third_party/fuchsia-sdk: https://chromium.googlesource.com/chromium/src/third_party/fuchsia-sdk/+log/0544fee..8e8db13 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: Ic1bcffed12aca1a09f1d4c46aa2eb867da7f0e7a Reviewed-on: https://chromium-review.googlesource.com/c/1445212Reviewed-by:
v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#59189}
-
Sergiy Belozorov authored
TBR=sergiyb@chromium.org Bug: chromium:922125 Change-Id: Ieaaf3ec8870d74034a7cd7d1d939b3002f2a89c8 Reviewed-on: https://chromium-review.googlesource.com/c/1425202 Commit-Queue: Sergiy Belozorov <sergiyb@chromium.org> Reviewed-by:
-
Jakob Kummerow authored
The code reads whatever the stack pointer points at, and only later decides whether to use that value for anything. Change-Id: I9930cb046c4fcb3ba0c931058a9c3dd75df482f0 Reviewed-on: https://chromium-review.googlesource.com/c/1443503Reviewed-by:
Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#59187}
-
- 29 Jan, 2019 6 commits
-
-
Jakob Kummerow authored
This is a speculative fix for issue 8744. I couldn't get it to repro locally, but the stracktrace from the failing bot run points at TickSample::Init, and according to code comments in that function the value of {regs.sp} can be "arbitrary", so we must read from that address using a method that's robust towards unalignment. Bug: v8:8744 Change-Id: I7a45cc257e0eb557715ec67d9e66e54a6f2c1867 Reviewed-on: https://chromium-review.googlesource.com/c/1440463Reviewed-by: -
tzik authored
-fno-inline is unavailable on clang-cl nor cl.exe, and causes a build failure on Windows bot. This CL updates that flag to "/Ob0", which is msvc-equivalent of -fno-inline. Change-Id: Id9ffed03a855ac0b773ee28625472de664c3cb30 Reviewed-on: https://chromium-review.googlesource.com/c/1442013Reviewed-by:
-
Deepti Gandluri authored
The motivation of this change was originally to preserve is_growable flag over PostMessage in d8. Adding a more general constructor that uses SharedArrayBuffer::Contents. Change-Id: Ib8f6c36d659e91f6cfb6487f56de34fa7e8841a9 Bug: v8:8564 Reviewed-on: https://chromium-review.googlesource.com/c/1383093 Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Reviewed-by:
Ben Smith <binji@chromium.org> Reviewed-by:
-
Michael Lippautz authored
TracedGlobal integrates with the use case of EmbedderHeapTracer and replaces regular weak Global or Persistent nodes for such cases. This allows to simplify the case for regular weak handles in a sense that they follow regular weak semantics (if the underlying object is otherwise unreachable the weak handle will be reset). TracedGlobal requires slightly different semantics in the sense that it can be required to keep them alive on Scavenge garbage collections because there's a transitive path that is only known when using the EmbedderHeapTracer. TracedGlobal accomodates that use case. TracedGlobal follows move semantics and can thus be used in regular std containers without wrapping data structure. The internal state uses 20% less memory and allows for only iterating those nodes when necessary. The design trades the virtual call when iterating interesting persistents in the GC prologue with calling out through the EmbedderHeapTracer for each node which is also a virtual call. There is one less iteration over the set of handles required though and the design is robust against recursive GCs that mutate the embedder state during the prologue callback. Bug: chromium:923361 Change-Id: Idbacfbe4723cd12af9de21058a4792e51dc4df74 Reviewed-on: https://chromium-review.googlesource.com/c/1425523 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
-
Sven Sauleau authored
Enables WebAssembly's js-api module/customSection. The specification has been updated; see https://github.com/WebAssembly/spec/issues/915. V8 was already using DOMString. Bug: v8:8633 Change-Id: I4c3e93c21594dbba84b3697e7e85069c3ff8b441 Cq-Include-Trybots: luci.chromium.try:linux-blink-rel Reviewed-on: https://chromium-review.googlesource.com/c/1415554 Commit-Queue: Sven Sauleau <ssauleau@igalia.com> Reviewed-by:
-
Andreas Haas authored
In the trap handler we validate the list of registered code objects every time we register or de-register a new code object. The complexity of this validation is O(num-code-objects * num-instructions). For big WebAssembly modules with several hundred thousand code objects, this validation causes significant overhead (we saw up to 10x) and makes debugging very tedious. With this CL I mark the validation as slow. Thereby it is still enabled in most tests on our bots, but it is possible to disable validation when debugging large web applications. The referenced bug issue was created by developers who had problems with debugging because of this issue. R=mark@chromium.org Bug: v8:8536 Change-Id: If7ecb554eebcb04eb43a1f791b96c7a42a47e60f Reviewed-on: https://chromium-review.googlesource.com/c/1442634Reviewed-by:
-
