- 23 Jan, 2019 24 commits
-
-
Ben L. Titzer authored
The table.init bytecode copies a range of elements from an element segment into a table, trapping if the segment is not passive, is dropped, or would cause out-of-bounds accesses. R=mstarzinger@chromium.org CC=binji@chromium.org BUG=v8:7747 Change-Id: Ib27af9cca45a464fd1f876ddd092e99941481896 Reviewed-on: https://chromium-review.googlesource.com/c/1430063 Commit-Queue: Ben Titzer <titzer@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#59037}
-
Camillo Bruni authored
Directly access the std::vector buffer backing store to write bytes. By reserving enough space upfront we can avoid many superflous bounds checks that were previously necessary when using push_back. Change-Id: I9b2fb467809e40743b0d9409c9cccb0c6f36f8c1 Reviewed-on: https://chromium-review.googlesource.com/c/1425910 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#59036}
-
Clemens Hammacher authored
This is a reland of 92d9b09c. Patch unchanged, errors fixed by https://crrev.com/c/1430059. Original change's description: > [wasm] Decouple background compile jobs from NativeModule > > Background compile jobs should not keep the NativeModule alive, for two > reasons: > 1) We sometimes have to wait for background compilation to finish (from > a foreground task!). This introduces unnecessary latency. > 2) Giving the background compile tasks shared ownership of the > NativeModule causes the NativeModule (and the CompilationState) to > be freed from background tasks, which is error-prone (see > https://crrev.com/c/1400420). > > Instead, this CL introduces a BackgroundCompileToken which is held > alive by the NativeModule and all background compile jobs. The initial > and the final phase of compilation (getting and submitting work) > synchronize on this token to check and ensure that the NativeModule is > and stays alive. During compilation itself, the mutex is released, such > that the NativeModule can die. > The destructor of the NativeModule cancels the BackgroundCompileToken. > Immediately afterwards, the NativeModule and the CompilationState can > die. > > This change allows to remove two hacks introduced previously: The atomic > {aborted_} flag and the {FreeCallbacksTask}. > > R=mstarzinger@chromium.org > CC=titzer@chromium.org > > Bug: v8:8689, v8:7921 > Change-Id: I42e06eab3c944b0988286f2ce18e3c294535dfb6 > Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel > Reviewed-on: https://chromium-review.googlesource.com/c/1421364 > Commit-Queue: Clemens Hammacher <clemensh@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#59020} TBR=mstarzinger@chromium.org Bug: v8:8689, v8:7921 Change-Id: Iead972ef77c8503da7246cab48e7693b176d8f02 Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel Reviewed-on: https://chromium-review.googlesource.com/c/1429862Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#59035}
-
Andreas Haas authored
R=titzer@chromium.org Change-Id: I45693c7bc7600dde4d01d1130f3be1641c5e9250 Reviewed-on: https://chromium-review.googlesource.com/c/1430102Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#59034}
-
Michael Starzinger authored
This implements support for the "throw" operation in the interpreter. Note that support for catching/handling exceptions is still missing from the interpreter in will be done separately. This also introduces a {WasmExceptionPackage} class to the object model that acts as an interface for allocating and accessing exceptions that originate from WebAssembly. It does not represent a new instance type however as exceptions are instances of {WebAssembly.RuntimeError} for now. R=clemensh@chromium.org TEST=mjsunit/wasm/exceptions BUG=v8:8091 Change-Id: I1f0cb548efb798e3c1488d42e4a31421c3c1aada Reviewed-on: https://chromium-review.googlesource.com/c/1430099Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#59033}
-
Clemens Hammacher authored
This was disabled in 2014 (https://crrev.com/267383002), together with a comment about a broken serializer. The conditional v8 initialization was since then moved back to be unconditional, but the TearDown was never restored. Now we need it for wasm, since during tear down the wasm engine synchronizes on all background compile jobs. Omitting this leads to uses of the disposed platform (see https://crrev.com/c/1429861). R=mstarzinger@chromium.org Bug: v8:8689, v8:7921, v8:8725 Change-Id: Ia24f746094f38fc6ce349532587b622384379125 Reviewed-on: https://chromium-review.googlesource.com/c/1430059 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#59032}
-
Ulan Degenbaev authored
Bug: chromium:852420 Change-Id: Idc8104e0617a22586aa5d3bf1bf2618caaacacc1 Reviewed-on: https://chromium-review.googlesource.com/c/1430060Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#59031}
-
Sigurd Schneider authored
- Output from console.timeEnd is now supported - The final result is printed in table format with ; separator, making it easy to copy/paste into a spreadsheet. - Various style improvements. Change-Id: Iba00ee54720344765262b5cc44c1e939278b03a4 Notry: true Reviewed-on: https://chromium-review.googlesource.com/c/1405030 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#59030}
-
Andreas Haas authored
R=titzer@chromium.org Bug: v8:7581 Change-Id: I153b09ac1676c75590f37c4b7d1f8659c37bbe96 Reviewed-on: https://chromium-review.googlesource.com/c/1421837 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#59029}
-
Toon Verwaest authored
This allows us to remove the PatternRewriter. Change-Id: I54ec74ed3bd31e76e38c69f9b0b2a78f8620cd89 Reviewed-on: https://chromium-review.googlesource.com/c/1429863 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#59028}
-
Camillo Bruni authored
Get rid of yet another ZoneChunkList. Change-Id: If63b1b87e007f4d146532b2c66f101280d3fcf2f Reviewed-on: https://chromium-review.googlesource.com/c/1421319Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#59027}
-
Georg Neis authored
Otherwise we might come across invalid locations. Bug: chromium:923675 Change-Id: I0b01ba4b11cc7270744ec438bedb0b8ada2aa29d Reviewed-on: https://chromium-review.googlesource.com/c/1426126 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#59026}
-
Camillo Bruni authored
- Inline single-call-site functions - Pull out pre-check from AllocateVariablesRecursively Change-Id: Ieceaf2d5b3ef6902b293d09e6fa63e58e60f3607 Reviewed-on: https://chromium-review.googlesource.com/c/1426696Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#59025}
-
Stephan Herhut authored
The Assembler class (or some of them at least) have a CodeTargetAlign method that aligns the code to a target specific value (16 byte on x86, 8 byte on arm). However, these were not used. Instead we always aligned to 16 byte boundaries, hence wasting up to 8 bytes on arm. Change-Id: Iee7d24ebc13a9a58002a9d7d0ce53955bee7d628 Reviewed-on: https://chromium-review.googlesource.com/c/1426125 Commit-Queue: Stephan Herhut <herhut@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#59024}
-
Jakob Gruber authored
Code object iteration was missing logic for RELATIVE_CODE_TARGET reloc entries. Garbage collection could thus miss objects that were referenced only as targets of pc-relative calls or jumps. RELATIVE_CODE_TARGETs are only used on arm, mips, and s390 and only at mksnapshot-time. This exposed another issue in that the interpreter entry trampoline copy we generate for profiling *did* contain relative calls in runtime-accessible code. This is a problem, since code space on arm is, by default, too large to be fully addressable through pc-relative calls. This CL thus also disables the related FLAG_interpreted_frames_native_stack feature on arm. Drive-by: Ensure the builtins constants table does not contain Code objects. Bug: v8:8713,v8:6666 Change-Id: Idd914b46970ad08f9091fc72113fa7aed2732e71 Reviewed-on: https://chromium-review.googlesource.com/c/1424866Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#59023}
-
Clemens Hammacher authored
This reverts commit 92d9b09c. Reason for revert: Crashes on several bots, e.g. https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux64%20UBSan/4237 Original change's description: > [wasm] Decouple background compile jobs from NativeModule > > Background compile jobs should not keep the NativeModule alive, for two > reasons: > 1) We sometimes have to wait for background compilation to finish (from > a foreground task!). This introduces unnecessary latency. > 2) Giving the background compile tasks shared ownership of the > NativeModule causes the NativeModule (and the CompilationState) to > be freed from background tasks, which is error-prone (see > https://crrev.com/c/1400420). > > Instead, this CL introduces a BackgroundCompileToken which is held > alive by the NativeModule and all background compile jobs. The initial > and the final phase of compilation (getting and submitting work) > synchronize on this token to check and ensure that the NativeModule is > and stays alive. During compilation itself, the mutex is released, such > that the NativeModule can die. > The destructor of the NativeModule cancels the BackgroundCompileToken. > Immediately afterwards, the NativeModule and the CompilationState can > die. > > This change allows to remove two hacks introduced previously: The atomic > {aborted_} flag and the {FreeCallbacksTask}. > > R=mstarzinger@chromium.org > CC=titzer@chromium.org > > Bug: v8:8689, v8:7921 > Change-Id: I42e06eab3c944b0988286f2ce18e3c294535dfb6 > Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel > Reviewed-on: https://chromium-review.googlesource.com/c/1421364 > Commit-Queue: Clemens Hammacher <clemensh@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#59020} TBR=mstarzinger@chromium.org,clemensh@chromium.org Change-Id: I724f460f5aa654a9e75d3ce73d351214e69e2d96 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:8689, v8:7921 Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel Reviewed-on: https://chromium-review.googlesource.com/c/1429861Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#59022}
-
Maya Lekova authored
The receiver is now passed around as the first argument in the Hints array. This allows for Construct bytecodes to not supply it at all. Bug: v8:7790 Change-Id: Iae57095526dbc52ed12e0f884875ceb07280c371 Reviewed-on: https://chromium-review.googlesource.com/c/1426118 Commit-Queue: Maya Lekova <mslekova@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#59021}
-
Clemens Hammacher authored
Background compile jobs should not keep the NativeModule alive, for two reasons: 1) We sometimes have to wait for background compilation to finish (from a foreground task!). This introduces unnecessary latency. 2) Giving the background compile tasks shared ownership of the NativeModule causes the NativeModule (and the CompilationState) to be freed from background tasks, which is error-prone (see https://crrev.com/c/1400420). Instead, this CL introduces a BackgroundCompileToken which is held alive by the NativeModule and all background compile jobs. The initial and the final phase of compilation (getting and submitting work) synchronize on this token to check and ensure that the NativeModule is and stays alive. During compilation itself, the mutex is released, such that the NativeModule can die. The destructor of the NativeModule cancels the BackgroundCompileToken. Immediately afterwards, the NativeModule and the CompilationState can die. This change allows to remove two hacks introduced previously: The atomic {aborted_} flag and the {FreeCallbacksTask}. R=mstarzinger@chromium.org CC=titzer@chromium.org Bug: v8:8689, v8:7921 Change-Id: I42e06eab3c944b0988286f2ce18e3c294535dfb6 Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel Reviewed-on: https://chromium-review.googlesource.com/c/1421364 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#59020}
-
Simon Zünd authored
This CL prepares JSON#stringify for improved error messages when serializing circular structures. To this end, we also push the key/index, in addition to the object itself, onto the stack that keeps track of circular structures. The stack itself is changed from a JSArray to a std::vector. R=yangguo@chromium.org Bug: v8:6513, v8:8698 Change-Id: I6dc4cb3be75a4514281411c654337f37c8798e55 Reviewed-on: https://chromium-review.googlesource.com/c/1424863Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#59019}
-
Michael Achenbach authored
This reverts commit 516d9068. Reason for revert: Breaks layout tests: https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8-Blink%20Linux%2064/29444 See also: https://v8.dev/docs/blink-layout-tests Original change's description: > Expose the number of microtasks from RunMicrotasks > > This CL adds the number of processed microtasks to the tracing marker > of RunMicrotasks, plus let RunMicrotasks return the number. > > Bug: v8:7804, v8:8124 > Change-Id: Ie584e22964121fbda3a822379d760e7518fc54a7 > Reviewed-on: https://chromium-review.googlesource.com/c/1425277 > Commit-Queue: Taiju Tsuiki <tzik@chromium.org> > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> > Cr-Commit-Position: refs/heads/master@{#59017} TBR=bmeurer@chromium.org,tzik@chromium.org Change-Id: I7db675dbbc496cc3c45220aa141252dd371d2780 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:7804, v8:8124 Reviewed-on: https://chromium-review.googlesource.com/c/1429859Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#59018}
-
tzik authored
This CL adds the number of processed microtasks to the tracing marker of RunMicrotasks, plus let RunMicrotasks return the number. Bug: v8:7804, v8:8124 Change-Id: Ie584e22964121fbda3a822379d760e7518fc54a7 Reviewed-on: https://chromium-review.googlesource.com/c/1425277 Commit-Queue: Taiju Tsuiki <tzik@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#59017}
-
Frank Tang authored
Sync w/ https://github.com/tc39/proposal-intl-segmenter/pull/60 Bug: v8:8717 Change-Id: I98fe9e88367a611c14c82195222c8fe8a52e4bc8 Reviewed-on: https://chromium-review.googlesource.com/c/1422749Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/master@{#59016}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/4b7e3ce..f2ca77c Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/fab27df..dd2de38 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: I62ef0c5b0cf8191400d18b628ff71442bf1add63 Reviewed-on: https://chromium-review.googlesource.com/c/1429221Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#59015}
-
Frank Tang authored
Follow up cl for the change of CanonicalizeLocaleList in https://tc39.github.io/proposal-intl-locale/#sec-canonicalizelocalelist Bug: v8:8655 Change-Id: I2505057e03511806320104974519fd4b97848b53 Reviewed-on: https://chromium-review.googlesource.com/c/1423323Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/master@{#59014}
-
- 22 Jan, 2019 16 commits
-
-
Deepti Gandluri authored
Change-Id: Iac6aca817f1b96b80c7ebc46b4dcc098858a0ddd Reviewed-on: https://chromium-review.googlesource.com/c/1427661Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/master@{#59013}
-
Deepti Gandluri authored
Clusterfuzz generated test cases for narrow Load, CmpExchg nodes in which the index is a word64 expression. This was not handled correctly leading to a malformed graph. Use default lowering for all atomic narrow operations, and add reduced test cases in wasm cctests with the same sequence as the ones generated by binaryen for other I64Atomic operations as well. Change-Id: I50d63747b16a8f69289ca4e76547b325d84b22d3 Bug: chromium:921366, chromium:920120, chromium:900681 Reviewed-on: https://chromium-review.googlesource.com/c/1423177 Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#59012}
-
Suraj Sharma authored
-5**2 now produces SyntaxError: Unary operator used immediately before exponentiation expression. Parenthesis must be used to disambiguate operator precedence. Bug: v8:6894 Change-Id: I89dd034ff90ee1a49ba61e0c613da534fbf8b41b Reviewed-on: https://chromium-review.googlesource.com/c/1418592Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Suraj Sharma <surshar@microsoft.com> Cr-Commit-Position: refs/heads/master@{#59011}
-
Michael Lippautz authored
Avoid the case where the application runs behind an initial limit that grows in the case where the heap is not yet configured. Bug: chromium:924180 Change-Id: I45184f95cb00d65469574bdc40d4596ef50d9c60 Reviewed-on: https://chromium-review.googlesource.com/c/1426960Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#59010}
-
Mike Stanton authored
Now, the CodeAssembler can annotate Nodes with SourcePositions. SourcePositions themselves get a new mode "external," in which they get a file_id, line and column. The file_id is currently maintained in the isolate, mapping to strings for filenames. Additionally, inlining information is ignored at this point, but in the long run I'd like to recognize calls to different CSA functions as manual inlinings. At this point, if you want to see the results in tools like GDB, you'll need to build without clang, and use the GCC toolchain. GN flag is_clang=false will do the trick. Bug: v8:8418 Change-Id: I123cdc041612285fa7d0ba532a625bceeda5d338 Reviewed-on: https://chromium-review.googlesource.com/c/1322954 Commit-Queue: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#59009}
-
Sven Sauleau authored
Fix WebAssembly's memory/grow js-api. The argument is a unsigned long, this change refactors most of arithmetic and bounds checks type from int64 to uint32_t, according to the spec. Bug: v8:8319 Change-Id: I662c704d1d50288ad68be70c72a3db7052a80014 Cq-Include-Trybots: luci.chromium.try:linux-blink-rel Reviewed-on: https://chromium-review.googlesource.com/c/1351028 Commit-Queue: Sven Sauleau <ssauleau@igalia.com> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#59008}
-
Matt Gardner authored
V8 implements "delete this" as "LdaTrue", but an error needs to be thrown if done in a constructor before calling super. ThrowIfHole checks the accumulator, so we need to load 'this' into the accumulator. The check is inserted by the load since it has HoleCheckMode::kRequired Bug: https://bugs.chromium.org/p/v8/issues/detail?id=6711 Change-Id: I9f2ce4439505cec4327d88d1195898782edea721 Reviewed-on: https://chromium-review.googlesource.com/c/1419084Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Matt Gardner <magardn@microsoft.com> Cr-Commit-Position: refs/heads/master@{#59007}
-
Adam Klein authored
This follows the "CRTP" pattern used elsewhere in the Parser rather than a branch on IsPreParser(). Also merge GetUnexpectedTokenMessage() into ReportUnexpectedTokenAt(). Change-Id: I8eaa5cc3230c4660624a48c705f80d1a60a2710b Reviewed-on: https://chromium-review.googlesource.com/c/1423094Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#59006}
-
Daniel Clifford authored
This is a reland of d11a0648 Original change's description: > [torque] Implement safe initialization of classes through hidden structs > > Initialization of classes now happens atomically at the end of the > class constructor only once all of the values for the class' fields > have been fully computed. This makes Torque constructors completely > GC safe, e.g. hardened against allocations or exceptions in > constructors. > > As part of this change, make the 'this' parameter for method calls > explicit rather than implicit. > > Drive by: add validation to check for duplicate field declarations > > Bug: v8:7793 > Change-Id: I8b5e85980d6a103ef9fc3262b76f6514f36ebf88 > Reviewed-on: https://chromium-review.googlesource.com/c/1411252 > Commit-Queue: Daniel Clifford <danno@chromium.org> > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Cr-Commit-Position: refs/heads/master@{#58979} Bug: v8:7793 Change-Id: Ia8c23a36a661a73b5dc34437efd514a7c13a1ae8 Reviewed-on: https://chromium-review.googlesource.com/c/1426840Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Daniel Clifford <danno@chromium.org> Cr-Commit-Position: refs/heads/master@{#59005}
-
Clemens Hammacher authored
Fix some by removing (unnecessarily) implicitly declared constructors and assignment operators. String16 constructors and assignment operators can just be defaulted, and declared in the header. This fixes the last complaints of the new presubmit check. R=mlippautz@chromium.org, yangguo@chromium.org, leszeks@chromium.org Bug: v8:8616 Change-Id: Idae7031b88b793253b63488c52f757513711ed73 Reviewed-on: https://chromium-review.googlesource.com/c/1417173Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#59004}
-
Peter Marshall authored
Some includes in log.h were only needed by log.cc so move them there. Some were not needed at all, so remove them completely. Drive-by cleanup FunctionEvent(), which was never called without args for the last parameters which had default values. Change-Id: Id8b0c634c4d39d3c278ab3d932ed7af4142fd9c9 Reviewed-on: https://chromium-review.googlesource.com/c/1425914Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#59003}
-
Ulan Degenbaev authored
The main fix is to ensure that the recently allocated object is marked black in StressMarkingObserver::Step. Otherwise, the concurrent marker can observe an uninitialized white object in the old generation. This patch also removes the --black-allocation flag. Bug: v8:8676 Change-Id: Iba8f00330eabc4847eaef2cd3dfb2884d62a48b4 Reviewed-on: https://chromium-review.googlesource.com/c/1425915 Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#59002}
-
Ross McIlroy authored
This is a reland of f5729f1c TBR=ulan@chromium.org Original change's description: > [GC] Ensure JSFunctions with flushed bytecode are flushed during GC. > > When bytecode is flushed from a SFI, the JSFunctions still retain their > FeedbackVector's and point to the interpreter entry trampoline. They are > reset if re-executed, however if not they could hold onto the feedback > vector indefinetly. This CL adds a pass the GC to detect JSFunctions that > need to be reset, and performs the reset at the end of GC. > > BUG=v8:8395 > > Change-Id: I3de8655aff9ff80f912b4fd51dee43eb98cfd519 > Reviewed-on: https://chromium-review.googlesource.com/c/1393292 > Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Cr-Commit-Position: refs/heads/master@{#58775} Bug: v8:8395 Change-Id: If9580b25ba32e4065e20d86cb8ed22a3280d59e9 Reviewed-on: https://chromium-review.googlesource.com/c/1424860Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#59001}
-
Maya Lekova authored
The test was originally testing the max string length limit, but due to refactoring of Array.join started consuming too much memory, resulting in OOMs on TSAN builds. The new implementation still checks for the limit, while reducing the memory consumption drastically. R=jarin@chromium.org Bug: v8:8504, chromium:336820 Change-Id: I4db9001541103d5908149e623ce4a4beee551e6c Reviewed-on: https://chromium-review.googlesource.com/c/1426839Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#59000}
-
Simon Zünd authored
This CL enables the pre-processing step of copying from the prototype chain for JSArrays. Previously, this was done for everything BUT JSArrays. This brings Array#sort more in line with other engines in the case of undefined behavior. R=jgruber@chromium.org Bug: v8:8666 Change-Id: I832d470dc02111b64dc4919e84e7e3e47c8fdd47 Reviewed-on: https://chromium-review.googlesource.com/c/1426119 Commit-Queue: Simon Zünd <szuend@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Mathias Bynens <mathias@chromium.org> Cr-Commit-Position: refs/heads/master@{#58999}
-
Stephan Herhut authored
In wasm code, we sometimes see the pattern <some 64 bit expression> i32.wrap/i64 i32.load where we generate an instruction to extend the 32 bit offset into a zero extended 64 bit value for the actual load. However, the preceeding truncate already yields a zero extended 32 bit value, so the extra instruction is not needed. Even more, it might get in the way of munching more computation into the final load. This change adds information about the zero extending behavior to the existing optimization that avoids the zero extension. Bug: chromium:853685 Change-Id: Iab9179379923ecb88651df6091b3d9408341cf4c Reviewed-on: https://chromium-review.googlesource.com/c/1421839Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Stephan Herhut <herhut@chromium.org> Cr-Commit-Position: refs/heads/master@{#58998}
-