- 04 May, 2017 16 commits
-
-
bmeurer authored
So far the Array.prototype.pop lowering in the JSBuiltinReducer was limited to (holey) fast or fast-smi elements. But it can be made to work easily to also handle fast-double elements, so allow that as well. R=jarin@chromium.org BUG=v8:5267,v8:6338 Review-Url: https://codereview.chromium.org/2861443006 Cr-Commit-Position: refs/heads/master@{#45090}
-
jarin authored
This enables allocation in Turbofan's graph building (which is useful for taking code dependencies there). BUG=v8:6357 R=bmeurer@chromium.org Review-Url: https://codereview.chromium.org/2860843003 Cr-Commit-Position: refs/heads/master@{#45089}
-
littledan authored
Revert of [regexp] Support unicode capture names in non-unicode patterns (patchset #3 id:40001 of https://codereview.chromium.org/2791163003/ ) Reason for revert: The decision for the specification was to not have this syntax, and instead the syntax before this patch. Original issue's description: > [regexp] Support unicode capture names in non-unicode patterns > > This ensures that capture names containing surrogate pairs are parsed > correctly even in non-unicode RegExp patterns by introducing a new > scanning mode which unconditionally combines surrogate pairs. > > BUG=v8:5437,v8:6192 > > Review-Url: https://codereview.chromium.org/2791163003 > Cr-Commit-Position: refs/heads/master@{#44466} > Committed: https://chromium.googlesource.com/v8/v8/+/a8651c5671dd6e41595ffb438e7ea013082f2d38 R=yangguo@chromium.org,jgruber@chromium.org # Not skipping CQ checks because original CL landed more than 1 days ago. BUG=v8:5437,v8:6192 Review-Url: https://codereview.chromium.org/2859933003 Cr-Commit-Position: refs/heads/master@{#45088}
-
bmeurer authored
Make sure that the input to ChangeFloat64ToTagged is definitely of type Number, because the operator cannot deal with non-Number inputs. R=jarin@chromium.org BUG=v8:5267 Review-Url: https://codereview.chromium.org/2858153003 Cr-Commit-Position: refs/heads/master@{#45087}
-
Clemens Hammacher authored
The functions are validated later during graph generation. This change uncovered a memory leak, which is now also fixed. R=ahaas@chromium.org Change-Id: I0150817da131c5c611fe21b156da9d9d00d4827d Reviewed-on: https://chromium-review.googlesource.com/490088Reviewed-by: Andreas Rossberg <rossberg@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#45086}
-
ulan authored
Now non-atomic color transition operations return a boolean indicating whether the transition succeeded or not. This allows to replace color check and transition operations with a single transition operation. For example: if (IsWhite(object)) { WhiteToBlack(object); Foo(); } becomes if (WhiteToBlack(object)) { Foo(); } BUG=chromium:694255 Review-Url: https://codereview.chromium.org/2857713002 Cr-Commit-Position: refs/heads/master@{#45085}
-
Ross McIlroy authored
Since the feedback vector is itself a native context structure, why not store optimized code for a function in there rather than in a map from native context to code? This allows us to get rid of the optimized code map in the SharedFunctionInfo, saving a pointer, and making lookup of any optimized code quicker. Original patch by Michael Stanton <mvstanton@chromium.org> BUG=v8:6246 TBR=yangguo@chromium.org,ulan@chromium.org Change-Id: Ic83e4011148164ef080c63215a0c77f1dfb7f327 Reviewed-on: https://chromium-review.googlesource.com/494487Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#45084}
-
neis authored
1. Generalize context specialization such that the provided context can be any outer context of the function, not necessarily the immediate outer context. 2. Based on this: if function specialization is disabled, then specialize for the module context if there is one. 3. Extend typed lowering of module loads and stores such that if the operand is a Module constant, we constant-fold the cell load. That is, a JSLoadModule with a Module HeapConstant input becomes a LoadField with a Cell HeapConstant input, and similarly for JSStoreModule. BUG=v8:1569 Review-Url: https://codereview.chromium.org/2841613002 Cr-Commit-Position: refs/heads/master@{#45083}
-
Ross McIlroy authored
Remove the --zap_code_space flag and always patch deopted code to hard fail if called. Also, as a drive-by add deopt code patching for Arm64. BUG=v8:6246 Change-Id: Ibf1bc53692dbbe618132100a66c56a88c97fd62b Reviewed-on: https://chromium-review.googlesource.com/496127Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#45082}
-
jarin authored
BUG=chromium:712739 Review-Url: https://codereview.chromium.org/2857983004 Cr-Commit-Position: refs/heads/master@{#45081}
-
Daniel Ehrenberg authored
It's not clear what this logic is there for; ICU seems to already preserve the locale in the way that the comment mentions. There appear to be tests in test/intl/general/mapped-locale.js which remain passing. Bug: v8:5751 Change-Id: Ib9c64f00b982711ae0eab078252a88f44b81b894 Reviewed-on: https://chromium-review.googlesource.com/485780 Commit-Queue: Daniel Ehrenberg <littledan@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#45080}
-
mlippautz authored
BUG=v8:6343 Review-Url: https://codereview.chromium.org/2860043002 Cr-Commit-Position: refs/heads/master@{#45079}
-
Michael Starzinger authored
Note that this just switches from the AST-based validator to a dedicated parser for asm.js modules. The validation of asm.js modules in general still is predicated by the "--validate-asm" flag, and not enabled by default yet. R=clemensh@chromium.org,marja@chromium.org BUG=v8:6127 Change-Id: Ibd920b03e20ec3c70ee51b79c6c5a2043964fe4f Reviewed-on: https://chromium-review.googlesource.com/496146Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#45078}
-
mlippautz authored
BUG=v8:6343 Review-Url: https://codereview.chromium.org/2857213003 Cr-Commit-Position: refs/heads/master@{#45077}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/e9e0102..cef928f Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapult/+log/08f16b6..0d00147 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Change-Id: I0aa7541addc2fd6ba2ef5471d56acdbb0c319fac Reviewed-on: https://chromium-review.googlesource.com/495351Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#45076}
-
Eric Holk authored
AllocateGuarded previously fell back on Allocate and then called Guard to set the protection to PROT_NONE. Linux commits RW memory, but the important thing here is to reserve the address space without committing it. This change adds a new variant of Allocate that takes explicit permission bits so that AllocateGuarded allocates non-RW memory from the beginning. Bug: v8:6320 Change-Id: I7962acbed09938951bf3bb4af2d1f302adba2547 Reviewed-on: https://chromium-review.googlesource.com/491928 Commit-Queue: Eric Holk <eholk@chromium.org> Reviewed-by: Mircea Trofin <mtrofin@chromium.org> Reviewed-by: Jochen Eisinger <jochen@chromium.org> Cr-Commit-Position: refs/heads/master@{#45075}
-
- 03 May, 2017 24 commits
-
-
mlippautz authored
In the spirit of the full MC, we evacuate and update pointers in parallel for the young generation. The collectors are connected during incremental marking when mark bits are transferred from the young generation bitmap to the old generation bitmap. The evacuation phase cannot (yet) move pages and relies completely on copying objects. BUG=chromium:651354 Review-Url: https://codereview.chromium.org/2796233003 Cr-Commit-Position: refs/heads/master@{#45074}
-
mlippautz authored
BUG=v8:6343 Review-Url: https://codereview.chromium.org/2861763002 Cr-Commit-Position: refs/heads/master@{#45073}
-
ochang authored
-fsanitize-coverage={edge,bb,func} are deprecated. -fsanitize-coverage={edge,bb,func},trace-pc-guard should be used instead (edge is default). BUG=chromium:651540 Review-Url: https://codereview.chromium.org/2860653002 Cr-Commit-Position: refs/heads/master@{#45072}
-
neis authored
This is just a refactoring, no changes in behavior. BUG=v8:1569 Review-Url: https://codereview.chromium.org/2839623003 Cr-Commit-Position: refs/heads/master@{#45071}
-
Michael Achenbach authored
This reverts commit 8f4e8c0a. Reason for revert: Speculative revert for http://crbug.com/717854 Original change's description: > Fix runtime_call_stats for background parsing. > > BUG=v8:6093 > > Change-Id: I365fbd7c3f33e2de47e0a84ee3ea631b4ffa6d35 > Reviewed-on: https://chromium-review.googlesource.com/488243 > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Reviewed-by: Marja Hölttä <marja@chromium.org> > Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> > Commit-Queue: Wiktor Garbacz <wiktorg@google.com> > Cr-Commit-Position: refs/heads/master@{#45013} TBR=marja@chromium.org R=marja@chromium.org,vogelheim@chromium.org,cbruni@chromium.org,jochen@chromium.org BUG=v8:6093,chromium:717854 Change-Id: Ia58a420ec4c1e84a9f01eb90545fabb0bc03aa63 Reviewed-on: https://chromium-review.googlesource.com/494568 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#45070}
-
jkummerow authored
When deleting the most recently added fast property from an object by undoing its last map transition, we must clear any recorded slots. This can only be done in C++, so this functionality must move out of the stub. Also update a CHECK in the JSObject verifier to allow backing stores sticking around after such property deletions. BUG=chromium:716912,chromium:714981 Review-Url: https://codereview.chromium.org/2854373002 Cr-Commit-Position: refs/heads/master@{#45069}
-
Wiktor Garbacz authored
If a negative value is passed as end position it may get past the end without triggering any DCHECK due to int to size_t cast. BUG=v8:6093 Change-Id: I0c6be0e8442049cc4b7fc87593ad018bce4b677e Reviewed-on: https://chromium-review.googlesource.com/494108 Commit-Queue: Wiktor Garbacz <wiktorg@google.com> Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#45068}
-
ulan authored
BUG=chromium:718013 Review-Url: https://codereview.chromium.org/2862533003 Cr-Commit-Position: refs/heads/master@{#45067}
-
jkummerow authored
by pulling parameterizable things out of the case-blocks. No change in functionality. BUG=chromium:714894 Review-Url: https://codereview.chromium.org/2854273004 Cr-Commit-Position: refs/heads/master@{#45066}
-
mvstanton authored
More care must be taken to remain on the fast path in the face of @@species constructors. BUG=chromium:716044 Review-Url: https://codereview.chromium.org/2846963003 Cr-Commit-Position: refs/heads/master@{#45065}
-
jl authored
Blink uses Isolate::GetEnteredContext() to implement HTML's "entry context" concept, and thus depends on it not being changed except explicitly (by Blink.) To support this, stop entering contexts implicitly in all external API entry points; rather just set the context as current. The only thing that changes the entered context is now Context::Enter()/Context::Exit() (and Context::Scope.) BUG=v8:6307 Review-Url: https://codereview.chromium.org/2862483003 Cr-Commit-Position: refs/heads/master@{#45064}
-
mlippautz authored
There is no point in doing black allocation here as we then have to iterate the objects for various reasons. The marker does the same work but can be moved outside of the atomic pause. BUG=chromium:581412 Review-Url: https://codereview.chromium.org/2862563002 Cr-Commit-Position: refs/heads/master@{#45063}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/4a81c96..e9e0102 Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapult/+log/9300a23..08f16b6 Rolling v8/third_party/instrumented_libraries: https://chromium.googlesource.com/chromium/src/third_party/instrumented_libraries/+log/0ad2bcb..644afd3 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Change-Id: I3cba6319b9b8f103fbfe8e4938bcf20c53ace537 Reviewed-on: https://chromium-review.googlesource.com/493810Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#45062}
-
Camillo Bruni authored
Change-Id: I744d6ffca3747c166e8de194c2a7196b46b73f45 NOTRY=true Change-Id: I744d6ffca3747c166e8de194c2a7196b46b73f45 Reviewed-on: https://chromium-review.googlesource.com/493748Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#45061}
-
Marja Hölttä authored
Bug: Change-Id: I335a793d28697092c89e588c456f2689e689c841 Reviewed-on: https://chromium-review.googlesource.com/494054Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#45060}
-
Clemens Hammacher authored
During computation of the side table, ignore stack effects of instructions following any unconditional jump in the same block (|unreachable|, |br|, |br_table| or |return| jump out of the block). Without this fix, the current stack height might underflow, or we compute an unnecessarily large max_stack_height_. Note that those instruction will never get executed anyway. Hence, we don't need to store any side table information for such unreachable code. R=rossberg@chromium.org BUG=chromium:716936, chromium:715990 Change-Id: I282f7f18ba1b972a112210e692f6cd05cf32308c Reviewed-on: https://chromium-review.googlesource.com/493266Reviewed-by: Andreas Rossberg <rossberg@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#45059}
-
Franziska Hinkelmann authored
Bug: Change-Id: I945fa5837439feb2567cc1961516b4e3bed55f82 Reviewed-on: https://chromium-review.googlesource.com/493346Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Franziska Hinkelmann <franzih@chromium.org> Cr-Commit-Position: refs/heads/master@{#45058}
-
Michael Starzinger authored
This fixes cases where the omission of return type annotation of calls to stdlib function was rejected, because a surrounding {fround} call used to be misinterpreted as an annotation instead of a rounding. R=clemensh@chromium.org TEST=mjsunit/asm/call-stdlib BUG=v8:6127 Change-Id: Idec0ef1740ebf8eda969ff05dd1c90252de87a6b Reviewed-on: https://chromium-review.googlesource.com/493349 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#45057}
-
Jochen Eisinger authored
This reverts commit 5db25a09. Original change's description: > Make unittest link correctly again > > Remains to port these fixes over to gyp. > > R=machenbach@chromium.org, jkummerow@chromium.org, mstarzinger@chromium.org > BUG=v8:6325 > > Change-Id: I3bebbc6d0ec52fcb60e3d51acd27e616f51d3dbb > Reviewed-on: https://chromium-review.googlesource.com/490108 > Commit-Queue: Jochen Eisinger <jochen@chromium.org> > Reviewed-by: Clemens Hammacher <clemensh@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Reviewed-by: Michael Achenbach <machenbach@chromium.org> > Cr-Commit-Position: refs/heads/master@{#45026} R=jkummerow@chromium.org TBR=mstarzinger@chromium.org,clemensh@chromium.org BUG=v8:6325 Change-Id: Ic3c0ffdf1f13045ea5a3929b720908e0b27a11c3 Reviewed-on: https://chromium-review.googlesource.com/494566Reviewed-by: Jochen Eisinger <jochen@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Jochen Eisinger <jochen@chromium.org> Cr-Commit-Position: refs/heads/master@{#45056}
-
hpayer authored
BUG=chromium:714207 Review-Url: https://codereview.chromium.org/2857003002 Cr-Commit-Position: refs/heads/master@{#45055}
-
ulan authored
We can use FinalizeIncrementalMarking instead since the only caller of TryFinalizeIdleIncrementalMarking is IdleNotification, for which staying within idle deadline is not critical. This also fixes a bug caused by inconsistent code duplication in finalization condition in the two functions. BUG=v8:6325,chromium:715457 Review-Url: https://codereview.chromium.org/2851743002 Cr-Commit-Position: refs/heads/master@{#45054}
-
bmeurer authored
When we don't know the call count for a given call site (i.e. for inlined accessors), we put 0 as call frequency so far. But as of https://codereview.chromium.org/2859433002, this would completely disable the inlining of those calls, since 0 is interpreted as never called, which is not what we want. So instead of defaulting to 0, add a dedicated sentinel, whose value is NaN, which makes the call site eligible for inlining, but not high priority (as it was before the CL mentioned above). BUG=v8:4493,v8:5267 R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2856103002 Cr-Commit-Position: refs/heads/master@{#45053}
-
Jochen Eisinger authored
This reverts commit 7683df24. Reason for revert: doesn't help with gcc, so removing Original change's description: > Disable -Werror=attributes on gcc > > The warning triggers even if the attributes don't change - it's enough > to declare them multiple times. Given that the other compilers don't > complain, just disable the warning on gcc for now. > > R=jkummerow@chromium.org,mtrofin@chromium.org > BUG=v8:6339 > NOTRY=true > > Change-Id: Ie0fcc4feeb8568d4ab74ac65f6887523f3cdcbf9 > Reviewed-on: https://chromium-review.googlesource.com/494106 > Commit-Queue: Michael Achenbach <machenbach@chromium.org> > Reviewed-by: Mircea Trofin <mtrofin@chromium.org> > Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Cr-Commit-Position: refs/heads/master@{#45045} TBR=jkummerow@chromium.org,machenbach@chromium.org,mtrofin@chromium.org,gsathya@chromium.org,jochen@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:6339 Change-Id: I581e4f0499ae0d7e3bc791fd6fa9988aabe64c5e Reviewed-on: https://chromium-review.googlesource.com/494469Reviewed-by: Jochen Eisinger <jochen@chromium.org> Commit-Queue: Jochen Eisinger <jochen@chromium.org> Cr-Commit-Position: refs/heads/master@{#45052}
-
Ross McIlroy authored
We only need to materialize the existing output register for a given register transfer if it is in a different equivalence set, otherwise we already have the value we want in the output register. BUG=v8:4280 Change-Id: Ic4966590ac10445180aff353940d2c93e6a818aa Reviewed-on: https://chromium-review.googlesource.com/493168Reviewed-by: Mythri Alle <mythria@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#45051}
-