- 11 Jan, 2018 24 commits
-
-
Leszek Swirski authored
Two usability improvements to the GDB jco macro: * Check if the desired pc is within the code space (or large object space), to avoid failures * Highlight the current pc in the outputted code (yellow and bold) to make it easier to find. Change-Id: Ia094f33b61ed0fd2dd1e5e456992a17d97048639 Reviewed-on: https://chromium-review.googlesource.com/860102 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#50514}
-
Martyn Capewell authored
This is a reland of 50baf934 This fixes the number of expected instructions in MaybeCallEntryHookDelayed, only exposed by nosnap tests. Original change's description: > [arm64] Switch jssp to csp > > Switch stack pointer to using csp directly, making jssp redundant. > > Bug: v8:6644 > Change-Id: I8e38eda50d56a25161b187c0a033608dd9f90239 > Reviewed-on: https://chromium-review.googlesource.com/860097 > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> > Commit-Queue: Martyn Capewell <martyn.capewell@arm.com> > Cr-Commit-Position: refs/heads/master@{#50487} Bug: v8:6644 Change-Id: Ie9a969ccbf00fd7a7cff8f45b73cdb6bc4f17df9 Reviewed-on: https://chromium-review.googlesource.com/860639Reviewed-by:
Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Martyn Capewell <martyn.capewell@arm.com> Cr-Commit-Position: refs/heads/master@{#50513}
-
Adam Klein authored
This reverts commit 6af43874. Reason for revert: Linux TSAN failures: https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/19028 Original change's description: > [heap] Remove page header tag from owner field. > > Bug: chromium:800251 > Change-Id: I101131b4651b0bb27a79e5107ee43caf1229ffc7 > Reviewed-on: https://chromium-review.googlesource.com/860010 > Commit-Queue: Hannes Payer <hpayer@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Cr-Commit-Position: refs/heads/master@{#50507} TBR=ulan@chromium.org,hpayer@chromium.org Change-Id: I29001423959f6d9faadbdba5228b28cfb1f5b341 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:800251 Reviewed-on: https://chromium-review.googlesource.com/861923Reviewed-by:
Adam Klein <adamk@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#50512}
-
jgruber authored
Band-aid fix for infinite recursion in RegExp TFJ builtins. TFJ builtins don't contain stack checks in general, so any deep recursion involving only TFJ builtins can end up overflowing the stack and segfaulting on the red area. RegExp builtins in particular can only build such recursions using RegExp.p.exec, and (as far as I can tell) only by modifying the instance or prototype, thus hitting the slow path in all builtins. This CL adds a stack check to RegExpExec, which is the choke point for calling exec on slow-mode RegExps. Bug: v8:7239, chromium:797481 Regression test Change-Id: I78dbb5f868a775d9697606d513623f912639d7db Reviewed-on: https://chromium-review.googlesource.com/856777Reviewed-by:
Yang Guo <yangguo@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#50511}
-
Ben L. Titzer authored
R=ahaas@chromium.org Bug: Change-Id: I3817745013828d455ca1b623724d8789cc5f01ce Reviewed-on: https://chromium-review.googlesource.com/860643Reviewed-by:
Andreas Haas <ahaas@chromium.org> Commit-Queue: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#50510}
-
Michael Achenbach authored
NOTRY=true TBR=gsathya@chromium.org Bug: chromium:800651 Change-Id: I72717fcd694609132b76431c13c26fb3f79432dd Reviewed-on: https://chromium-review.googlesource.com/860926Reviewed-by:
Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50509}
-
Clemens Hammacher authored
Ensure that for setcc, we only use a byte register as destination register. R=titzer@chromium.org Bug: v8:6600, chromium:800756 Change-Id: Ie33f3faf602e7eda845205ba0ed2d9966460fd54 Reviewed-on: https://chromium-review.googlesource.com/860640Reviewed-by:
Ben Titzer <titzer@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50508}
-
Hannes Payer authored
Bug: chromium:800251 Change-Id: I101131b4651b0bb27a79e5107ee43caf1229ffc7 Reviewed-on: https://chromium-review.googlesource.com/860010 Commit-Queue: Hannes Payer <hpayer@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#50507}
-
Dan Elphick authored
Non-constant SMIs were being shifted to the right with SHR instead of SAR, which caused corruption of negative offsets. Add tests for SMI access to arguments using CodeStubArguments. Change-Id: I6cc4fc0a5dd0018524f5ff4f16f9e9a21866363f Reviewed-on: https://chromium-review.googlesource.com/854055Reviewed-by:
Tobias Tebbi <tebbi@chromium.org> Reviewed-by:
-
Clemens Hammacher authored
set_local was implemented before, but not added to any list of alternatives. tee_local is now additionally implemented and added. R=ahaas@chromium.org Change-Id: I51f0b35c7b507e8af06efd1f9baac30790f28a3b Reviewed-on: https://chromium-review.googlesource.com/860460Reviewed-by:
-
Hannes Payer authored
Bug: chromium:800251 Change-Id: I44d997bd54be214c34ca2864470f7cdfc3cc30f3 Reviewed-on: https://chromium-review.googlesource.com/859437 Commit-Queue: Hannes Payer <hpayer@chromium.org> Reviewed-by:
-
Ben L. Titzer authored
This CL centralizes constants related to decoding from several places into one place and makes it no longer necessary to include wasm-opcodes.h for some simple constants. R=clemensh@chromium.org Bug: Change-Id: I53aa81e34167df467bc7455b717bf67083033943 Reviewed-on: https://chromium-review.googlesource.com/859764 Commit-Queue: Ben Titzer <titzer@chromium.org> Reviewed-by:
Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50503}
-
Michael Lippautz authored
Move heap iteration to object stats to untangle the dependency from MC. Bug: v8:7266 Change-Id: I6f0f4f5f3bb0a911591a211ffd71580343765cdd Reviewed-on: https://chromium-review.googlesource.com/860358Reviewed-by:
-
Michael Starzinger authored
This funnels all serialization and deserialization calls through the common interface in the wasm-serialization.h file. All call sites are now uniform, independent of the --wasm-jit-to-native feature. R=titzer@chromium.org BUG=v8:6876 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I105907acfeba4b0e277b2003d099c5db6ab59dd3 Reviewed-on: https://chromium-review.googlesource.com/860042Reviewed-by:
-
Michael Starzinger authored
This removes the explicit --write-protect-code-memory flag from the list of flags in the "stress_incremental_marking". The feature is enabled by default by now and no longer needs explicit testing. R=ulan@chromium.org BUG=v8:6792 Change-Id: I5d6ba21dff261488bbe1b0148ce204bf78d57334 Reviewed-on: https://chromium-review.googlesource.com/860661Reviewed-by:
-
Leszek Swirski authored
This makes RestoreGeneratorRegisters do a fuller resume process: update the state register to indicate that it is now executing, and update the accumulator with the input_or_debug_pos of the generator - i.e., perform the boilerplate generator resuming in one bytecode instead of several. Change-Id: Ia87b6766ac023064b40d3e9a143e7b32118ea3a0 Reviewed-on: https://chromium-review.googlesource.com/859770 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#50499}
-
Michael Starzinger authored
R=titzer@chromium.org BUG=v8:6876 Change-Id: Ib9821123e89b4a198cfa921ffd4cf5bee55cc93d Reviewed-on: https://chromium-review.googlesource.com/856999Reviewed-by:
-
Sigurd Schneider authored
The fast-path of S.p.charAt/charCodeAt wrongly truncates the index, i.e. charAt(k + 4294967295) yields the same as charAt(k-1). This CL fixes this behaviour, at the cost of not providing a fast-path for charAt(1.1), i.e. if charAt/charCodeAt is called with a Number. Bug: chromium:800594 Change-Id: Ic8e749380d3118f0c9469eb626e81bf72cf09fec Reviewed-on: https://chromium-review.googlesource.com/860003Reviewed-by:
-
Sigurd Schneider authored
This CL adds output related to the no speculation bit on the feedback vector. Messages appear on two occasions: - if a feedback vector is read from the deoptimization entry - if the no-speculation bit on a feedback vector is set The latter only happens during object materialization. Bug: v8:7127 Change-Id: I9676323d3223441472539a544d3309687dba27a3 Reviewed-on: https://chromium-review.googlesource.com/849092Reviewed-by:
Michael Stanton <mvstanton@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#50496}
-
Michael Achenbach authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/2b74850..e176e6f Rolling v8/buildtools: https://chromium.googlesource.com/chromium/buildtools/+log/1be57dc..d3ad6b3 Rolling v8/third_party/android_tools: https://chromium.googlesource.com/android_tools/+log/7d781b3..c78b258 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/d4706cb..6385d5b Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/ac1e5f7..2ae8604 This also ports https://crrev.com/c/853294 and adds DEPS: https://chromium.googlesource.com/android_ndk/+/e951c37 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: I3222ced300fbf4aa2f5c478cc5aad0861b8e8dd5 Reviewed-on: https://chromium-review.googlesource.com/860764 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by:
v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#50495}
-
Ben Smith authored
Bug: v8:7177 Change-Id: Ifd050eaf5196a2989011b12b8e81041fd598ae8e Reviewed-on: https://chromium-review.googlesource.com/861166Reviewed-by:
-
Shenghua Zhang authored
Because of the android sdk managed by CIPD (see go/use-adjective-apis), its deps repo ndk needs to be relocated to third_party/android_ndk. This CL changes the ndk root path in files in v8. Bug: chromium:659808 Change-Id: I78d534cbb81eebd1dc631293d54764f027ed0567 Reviewed-on: https://chromium-review.googlesource.com/861182Reviewed-by:
-
Taketoshi Aono authored
Add Object.entries/values builtins to debug-evaluate.cc whitelist macro. This fix revert commit of https://chromium-review.googlesource.com/c/v8/v8/+/859937 Original is https://chromium-review.googlesource.com/c/v8/v8/+/810504 >> Reimplements Object.entries/values as CSA to optimize performance. See more detail about https://bugs.chromium.org/p/v8/issues/ Issue 6804. This reverts commit 1b49f725. Bug: v8:6804 Change-Id: I57e8b66e1c4ece2abb52e1630a97fbfd4070d810 Reviewed-on: https://chromium-review.googlesource.com/860679 Commit-Queue: Yang Guo <yangguo@chromium.org> Reviewed-by:
-
Ben Smith authored
It was included accidentally. It is not in the ES spec, nor is it provided by any other browser. BUG=chromium:793095 Change-Id: I2370a6d2b8d14def8dbd47ff4a1ffb4f5f65f097 Reviewed-on: https://chromium-review.googlesource.com/815757 Commit-Queue: Ben Smith <binji@chromium.org> Reviewed-by:
-
- 10 Jan, 2018 16 commits
-
-
Junliang Yan authored
Port 30fabc4c Original Commit Message: This ensures that there is only one entrance point from C++ to generated code, hence only one method has to be excluded from CFI. It also introduces type safety by only allowing the code to be called with the right arguments. This CL includes minor drive-by fixes in the tests, like removing unused dummy variables. R=clemensh@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: Idb21a7b8103a8fb833c963c182463006d9dd6288 Reviewed-on: https://chromium-review.googlesource.com/857425Reviewed-by:
Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#50490}
-
Ali Ijaz Sheikh authored
Make it possible for embedders to provide their own tracing timetamps by providing an overridable virtual function on V8's tracing controller. Bug: Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I727e633cb7f63d4b41c2e427ecca3c9174c90bfe Reviewed-on: https://chromium-review.googlesource.com/847690Reviewed-by:
Fadi Meawad <fmeawad@chromium.org> Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com> Cr-Commit-Position: refs/heads/master@{#50489}
-
Adam Klein authored
This reverts commit 50baf934. Reason for revert: breaks arm64 nosnap debug tests: https://build.chromium.org/p/client.v8.ports/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20nosnap%20-%20debug/builds/8418 Original change's description: > [arm64] Switch jssp to csp > > Switch stack pointer to using csp directly, making jssp redundant. > > Bug: v8:6644 > Change-Id: I8e38eda50d56a25161b187c0a033608dd9f90239 > Reviewed-on: https://chromium-review.googlesource.com/860097 > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> > Commit-Queue: Martyn Capewell <martyn.capewell@arm.com> > Cr-Commit-Position: refs/heads/master@{#50487} TBR=martyn.capewell@arm.com,bmeurer@chromium.org Change-Id: I20015885e6029271ee6558509cdb92ff1a106e5f No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:6644 Reviewed-on: https://chromium-review.googlesource.com/860319Reviewed-by:
-
Martyn Capewell authored
Switch stack pointer to using csp directly, making jssp redundant. Bug: v8:6644 Change-Id: I8e38eda50d56a25161b187c0a033608dd9f90239 Reviewed-on: https://chromium-review.googlesource.com/860097Reviewed-by:
-
Josh Wolfe authored
Update tests to work with new behavior. Thanks Yang Guo for fixing the GC problem in ad126d46 R=adamk@chromium.org, machenbach@chromium.org Q_INCLUDE_TRYBOTS=master.tryserver.blink:linux_trusty_blink_rel Bug: v8:4958 Change-Id: Ia7d9417f80087fb6df4ef877d0b4357875ee6c30 Reviewed-on: https://chromium-review.googlesource.com/834458Reviewed-by:
-
Wael Al Jishi authored
This avoids a segfault rather than reporting the (API usage) error message: "Fatal error in v8::HandleScope::CreateHandle() Cannot create a handle without a HandleScope" Bug: Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I68a3d77ca37cc09d9e70526008a072dee8973000 Reviewed-on: https://chromium-review.googlesource.com/832488 Commit-Queue: Wael Al Jishi <waelj@google.com> Reviewed-by:
-
Michael Lippautz authored
Bug: v8:7266 Change-Id: I0983ec2db72e7013eb28e20370e13be282d0da39 Reviewed-on: https://chromium-review.googlesource.com/860377Reviewed-by:
-
Sathya Gunasekaran authored
This information is already stored in compiler_hints_. This saves 1 bit on ParseInfo. Change-Id: I37927c256aacd18fb332b522989dc669aa80df01 Reviewed-on: https://chromium-review.googlesource.com/858427Reviewed-by:
-
Michal Majewski authored
Bug: v8:6917 Change-Id: I4b10091a40372e1aa614ac26452e20ed481ab686 Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel_ng Reviewed-on: https://chromium-review.googlesource.com/856498Reviewed-by:
Sergiy Byelozyorov <sergiyb@chromium.org> Commit-Queue: Michał Majewski <majeski@google.com> Cr-Commit-Position: refs/heads/master@{#50482}
-
Clemens Hammacher authored
This adds support for i32.shl, i32.shr_u and i32.shr_s. These are the first instructions implemented which have constraints on the registers they use (rcx in this case), so the implementation is a bit more involved. It's still worth trying to emit good code here, as shifts are quite common in our benchmarks. This code will later have to be extended to use i32 immediates directly instead of loading them into a register first. This will result in smaller code and better performance. R=titzer@chromium.org Bug: v8:6600 Change-Id: I45b41ab062b58a9b2bc7e14a68663180307b900d Reviewed-on: https://chromium-review.googlesource.com/859761 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by:
-
Camillo Bruni authored
Drive-by-cleanup: - Add InternalElementsAccessor to expose protected instance methods to ElementsAccessor subclasses. - Make some more ElementsAccessor methods protected that take the raw entry as parameter. Bug: chromium:798644 Change-Id: Iffd00f1953461e8dd22c123e62298410fb6e049c Reviewed-on: https://chromium-review.googlesource.com/856816 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#50480}
-
Michael Starzinger authored
R=clemensh@chromium.org Change-Id: I84788f60f531c2faeadad74987ac7af72db10cc0 Reviewed-on: https://chromium-review.googlesource.com/859778Reviewed-by:
-
Yang Guo authored
This reverts commit d30a8fa9. Reason for revert: no-snap test failures here https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap%20-%20debug/builds/17068 You need to update the whitelist in src/debug/debug-evaluate.cc. I'm a bit surprised this only happens in no-snap builds. Original change's description: > Reimplement Object.entries/values as CSA to optimize performance. > > This implementation based on runtime implementation. > > Bug: v8:6804 > Change-Id: Ib8bfcc4648e44a999789237effc0275c5e4d9936 > Reviewed-on: https://chromium-review.googlesource.com/810504 > Commit-Queue: Camillo Bruni <cbruni@chromium.org> > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/master@{#50477} TBR=cbruni@chromium.org,jgruber@chromium.org,ishell@chromium.org,brn@b6n.ch Change-Id: I1a0c8e3c054a57ca4d15f7a064ff4b28ca133b16 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:6804 Reviewed-on: https://chromium-review.googlesource.com/859937Reviewed-by:
-
Taketoshi Aono authored
This implementation based on runtime implementation. Bug: v8:6804 Change-Id: Ib8bfcc4648e44a999789237effc0275c5e4d9936 Reviewed-on: https://chromium-review.googlesource.com/810504 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by:
Camillo Bruni <cbruni@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#50477}
-
Timothy Gu authored
Before this, only the [[ProxyHandler]] was set to null during revocation of the Proxy through either the v8::Proxy::Revoke() or the Proxy.revocable() API. To be consistent with the spec, the Proxy's target is set to null as well. This change should not be observable through JS, since the check for if the Proxy is revoked should always use the handler. But the changed value is exposed through the public v8::Proxy::GetTarget() API, which is used by the inspector API and Node.js. Also included is a much more comprehensive test for Inspector's support for Proxy, which prior to this commit did not work as intended. Bug: Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I727607ec2b3cea8642cd636573932c1e6bb5cc07 Reviewed-on: https://chromium-review.googlesource.com/854676 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by:
-
Pierre Langlois authored
Disallow using the PC as a base in LDR and instead provide a dedicated assembler method for pc-relative loads. The reason for this is that the generic `Assembler::ldr` method may decide to generate more instructions if the offset is out of range, and if the PC was the base, we would get surprising results. For example: ~~~ ldr r0, [pc, #0xcabba9e] ~~~ is not equivalent to: ~~~ movw ip, #0xba9e movt ip, #0xcab ldr r0, [pc, ip] ~~~ since the reference to the PC has moved down two instructions! We could teach the assembler to handle those cases correctly, but pc-relative loads are used in specific cases only so that's not necessary. As a drive-by, remove a reference to code aging. Bug: Change-Id: I586d83a418db52cf28d3b524f889bf40f077998a Reviewed-on: https://chromium-review.googlesource.com/847008Reviewed-by:
-
