- 06 Jul, 2017 32 commits
-
-
Andreas Haas authored
In the original CL I moved an error check backwards, unfortunately behind a vector lookup which should not happen when there is an error. Now I also move the vector lookup backwards. Original message: We stored the size of a function body before we check that these values are valid. This caused a failing DCHECK in the constructor of WireBytesRef which checked for integer overflows. With this CL we check the size of the function body before we create the WireBytesRef. R=clemensh@chromium.org Bug: chromium:738097 Change-Id: Ie65b3cfcbcd6bdb3f04b0760673d9c7b7a0d1057 Reviewed-on: https://chromium-review.googlesource.com/561519Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#46453}
-
Pierre Langlois authored
Bug: v8:6553 Change-Id: I59203a8a81615a0d847e1cef720b5e476ab8df29 Reviewed-on: https://chromium-review.googlesource.com/544940Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Cr-Commit-Position: refs/heads/master@{#46452}
-
Sathya Gunasekaran authored
Bug: v8:5536 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: Icec1f77c6073e1e89210e71ad20044e09594209e Reviewed-on: https://chromium-review.googlesource.com/548987Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#46451}
-
jgruber authored
This CL adds a few transformations that clean up the set of reported source ranges. Duplicates, empty, and uncovered ranges are removed, and nested/consecutive ranges are merged if possible. BUG=v8:6000 Change-Id: I421ee35ce8292cfe84c1eea4f653762cea5d909d Reviewed-on: https://chromium-review.googlesource.com/558411Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#46450}
-
Camillo Bruni authored
Due to the dictionary refactoring we ended up calling the superclass' helper which in turn made us decode the values wrongly for the GlobalDictionary. Change-Id: I4298b6a437ef2d84b69b7e980470c3cf5af79944 Reviewed-on: https://chromium-review.googlesource.com/561701Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#46449}
-
Camillo Bruni authored
Change-Id: Ib94838e8c6991348dd6c324c55d8996e9e675e20 Reviewed-on: https://chromium-review.googlesource.com/561698Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#46448}
-
Clemens Hammacher authored
R=ahaas@chromium.org Change-Id: I41920c8266068722549aa3755ef9169d8cd33b66 Reviewed-on: https://chromium-review.googlesource.com/561004Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#46447}
-
Michael Lippautz authored
Replaces the old PromotionQueue that was kept at the end of to space. This change allows a future implementation to use (a) a thread-local promotion list and (b) enables work stealing for concurrent scenarios. Bug: chromium:738865 Change-Id: I4c983a36e69ad4a9462eb9a59f586a85e51acbde Reviewed-on: https://chromium-review.googlesource.com/561141 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#46446}
-
Michael Achenbach authored
This reverts commit 6c8aed76. Reason for revert: Breaks some debug bots: https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20-%20debug/builds/16754 https://build.chromium.org/p/client.v8/builders/V8%20Win64%20-%20debug/builds/17654 Original change's description: > [wasm] Check the size of a function body before storing it > > We stored the size of a function body before we check that > these values are valid. This caused a failing DCHECK in the constructor > of WireBytesRef which checked for integer overflows. With this CL we > check the size of the function body before we create the WireBytesRef. > > R=clemensh@chromium.org > > Bug: chromium:738097 > Change-Id: I18f8b628c1499aae9c8e9340ea73c87f19e6f1d7 > Reviewed-on: https://chromium-review.googlesource.com/561000 > Commit-Queue: Andreas Haas <ahaas@chromium.org> > Reviewed-by: Clemens Hammacher <clemensh@chromium.org> > Cr-Commit-Position: refs/heads/master@{#46442} TBR=ahaas@chromium.org,clemensh@chromium.org Change-Id: Ifd533c0dee369c746bc97fea13275ebc09ed5eff No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:738097 Reviewed-on: https://chromium-review.googlesource.com/561517Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#46445}
-
Maya Lekova authored
- Check for value map in favour of value instance type Bug: v8:6557 Change-Id: I820267a87c169143d7a3c567d6c9508bae492350 Reviewed-on: https://chromium-review.googlesource.com/561358 Commit-Queue: Maya Lekova <mslekova@google.com> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#46444}
-
Michael Lippautz authored
Bug: Change-Id: If88c6deee07b0188bd6177a4cef6a14dd7610392 Reviewed-on: https://chromium-review.googlesource.com/561397Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#46443}
-
Andreas Haas authored
We stored the size of a function body before we check that these values are valid. This caused a failing DCHECK in the constructor of WireBytesRef which checked for integer overflows. With this CL we check the size of the function body before we create the WireBytesRef. R=clemensh@chromium.org Bug: chromium:738097 Change-Id: I18f8b628c1499aae9c8e9340ea73c87f19e6f1d7 Reviewed-on: https://chromium-review.googlesource.com/561000 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#46442}
-
Benedikt Meurer authored
This is the first step in optimizing Map and Set iterators. This ports all the base functionality including - Set.prototype.entries - Set.prototype.values - %SetPrototypeIterator%.next - Map.prototype.entries - Map.prototype.keys - Map.prototype.values - %MapPrototypeIterator%.next to C++ and removes all the dead code and the previous half JavaScript implementation. The next step is to port core parts to CodeStubAssembler and finally inline the fast-paths into TurboFan directly. The relevant design document is at: https://docs.google.com/document/d/13z1fvRVpe_oEroplXEEX0a3WK94fhXorHjcOMsDmR-8 Most of this work is very similar to how the Array iterator works and we mostly follow the same process for the implementation. R=jgruber@chromium.org Bug: v8:6571 Change-Id: Ieb253d6705ba4077c697a5ff0cb6f87f9c4056ff Reviewed-on: https://chromium-review.googlesource.com/561138Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#46441}
-
Andreas Haas authored
TruncateDoubleToI generated a 32-bit result but did not clear the upper 32 bits. This violated the invariant that the upper 32 bits should be cleared when the result is 32 bits. This change fixes the bug mentioned below. Clearing the upper 32 bits is also done on x64. R=v8-arm-ports@googlegroups.com, titzer@chromium.org, martyn.capewell@arm.com Bug: chromium:738952 Change-Id: I7e23e03fbed380ff08803db41fbae6382957ba08 Reviewed-on: https://chromium-review.googlesource.com/559671Reviewed-by: Martyn Capewell <martyn.capewell@arm.com> Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#46440}
-
Michael Achenbach authored
https://chromium-review.googlesource.com/561001 was not sufficient, because we don't use the --gerrit flag in V8 anymore. Now we explicitly pass an option for private upload. TBR=hablich@chromium.org,tandrii@chromium.org NOTRY=true Bug: v8:6574 Change-Id: Ib8e2883795f26f22ac47e648b37c47f3a0a60a40 Reviewed-on: https://chromium-review.googlesource.com/561378Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#46439}
-
Camillo Bruni authored
Bug: chromium:737645 Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng Change-Id: Ib02b3082cec82dfbbc48b21609dde7499e87042e Reviewed-on: https://chromium-review.googlesource.com/558868 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#46438}
-
Camillo Bruni authored
jtt will now print the complete transition tree of a given Map in gdb. Change-Id: I07031dd3d463bec0072e8ac696406279ff057489 Reviewed-on: https://chromium-review.googlesource.com/558257 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#46437}
-
Georg Neis authored
Remove all IsHeapObject/IsSmi checks from assembler and also from the macro-assembler functions that Turbofan code generation uses. Note for porters: In case it's unclear which macro-assembler functions need to be modified, it may be best to wait until I split MacroAssembler in a followup-CL, which will make that clear. Bug: v8:6048 Change-Id: Ife0735cc6f48713c9ec493faf2dac5e553d1c06b Reviewed-on: https://chromium-review.googlesource.com/561015 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#46436}
-
Michael Achenbach authored
NOTRY=true TBR=hablich@chromium.org Bug: chromium:738814 Change-Id: I575a36e271fb70cbf9a9c09f0daf9056864487c5 Reviewed-on: https://chromium-review.googlesource.com/561143Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#46435}
-
Camillo Bruni authored
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: Ia86a3344bbe2a7101b4aa633d80f0dc8141882bb Reviewed-on: https://chromium-review.googlesource.com/557868Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#46434}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/d71a8ff..08ca0e2 Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapult/+log/3b0c0e0..52495f0 TBR=machenbach@chromium.org,hablich@chromium.org Change-Id: I34dfc8eb47f00db168ddd8ea30a44c17a19f3cf0 Reviewed-on: https://chromium-review.googlesource.com/561117Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#46433}
-
Pierre Langlois authored
Bug: v8:6553 Change-Id: Iffd023967e52aa16fdeec1deeabd3227389223a3 Reviewed-on: https://chromium-review.googlesource.com/544879 Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#46432}
-
Juliana Franco authored
Also nuke the disabled test that still uses --deopt-every-n-garbage-collections. Bug: v8:3389 Change-Id: I254f544b73271e768e7619e578535aaf7cef0530 Reviewed-on: https://chromium-review.googlesource.com/561005Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Juliana Patricia Vicente Franco <jupvfranco@google.com> Cr-Commit-Position: refs/heads/master@{#46431}
-
Damilola Olagunju authored
NOTRY=true Change-Id: I9e510599decdb2c89e8da82ff6ccf07c3aed8b51 Reviewed-on: https://chromium-review.googlesource.com/561012Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Damilola Olagunju <odeedee@google.com> Cr-Commit-Position: refs/heads/master@{#46430}
-
Pierre Langlois authored
Make use of UseScratchRegisterScope instead of using the ip register directly in code stubs, builtin and the deoptimizer. In a lot of cases, we can simply use a different register rather than using the new scope. Bug: v8:6553 Change-Id: Ibc8a9a78bb88f3850c6e8b45871cc3a5b3971b3b Reviewed-on: https://chromium-review.googlesource.com/544837 Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#46429}
-
Igor Sheludko authored
... when receiver is in dictionary mode. Bug: v8:6490 Change-Id: Ic5a8d214adcc4efd4cb163cbc6b351c4e6b596af Reviewed-on: https://chromium-review.googlesource.com/559548Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#46428}
-
Andrea D'Olimpio authored
NOTRY=true Change-Id: Ia136b48ec90ff503103f327131bc84fbe68d6bc5 Reviewed-on: https://chromium-review.googlesource.com/561003Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Andrea D'Olimpio <adolimpio@google.com> Cr-Commit-Position: refs/heads/master@{#46427}
-
Michael Achenbach authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/e9a4317..d71a8ff This also temporarily switches off use_custom_libcxx until the referenced bug is resolved. TBR=hablich@chromium.org Bug: chromium:738814 Change-Id: Iaf0c2dd632a493f1e7f38e7e8f86e674a4b32fc9 Reviewed-on: https://chromium-review.googlesource.com/558414 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#46426}
-
Pierre Langlois authored
Introduce a stripped down version of UseScratchRegisterScope for ARM and use it inside the assembler and macro-assembler. At the exception of the Call instructions, we now use this scope instead of using the ip register directly. This is inspired from how the ARM64 backend works. In general, the benefit of doing this is we can catch cases where ip is being used both by the caller and by the assembler. But more specifically, TurboFan reserves r9 as an extra scratch register because ip can already be used by the assembler. With this utility, we can isolate the cases in the code generator which need an extra register and potentially fix them, allowing us to give r9 back to the register allocator. This patch uncovered places in the assembler where we were using ip unconditionally when we could have re-used the destination register instead. Bug: v8:6553 Change-Id: Ib7134e3ed64dd1f90baf209ae831ed8f644cac78 Reviewed-on: https://chromium-review.googlesource.com/544956 Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#46425}
-
Michael Achenbach authored
NOTRY=true TBR=hablich@chromium.org Bug: v8:6574 Change-Id: Ibe9d023a11a062f167a696e752478f3355f32bb4 Reviewed-on: https://chromium-review.googlesource.com/561001Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#46424}
-
Tom Anderson authored
R=machenback@chromium.org Bug: v8:6565 Change-Id: I57bf7deb926e2b2b0623d8f2a65693df4639aaa2 Reviewed-on: https://chromium-review.googlesource.com/560092Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Thomas Anderson <thomasanderson@chromium.org> Cr-Commit-Position: refs/heads/master@{#46423}
-
Benedikt Meurer authored
R=jgruber@chromium.org Bug: v8:5717 Change-Id: I715aa8e807d479056044f364410bbce62d23c593 Reviewed-on: https://chromium-review.googlesource.com/560996Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#46422}
-
- 05 Jul, 2017 8 commits
-
-
Sathya Gunasekaran authored
Bug: v8:5785 Change-Id: I3d9b530ce3acd5d4685d5565475ea0bb96c822f6 Reviewed-on: https://chromium-review.googlesource.com/559731 Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#46421}
-
Miran.Karic authored
The CL replaces several helper functions for memory load/store using base register and offset with one helper function that contains several optimizations. BUG= Change-Id: I187e7e882131552abd9a0b3a0070d78adefd25b6 Reviewed-on: https://chromium-review.googlesource.com/552119 Commit-Queue: Miran Karić <Miran.Karic@imgtec.com> Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com> Cr-Commit-Position: refs/heads/master@{#46420}
-
Caitlin Potter authored
Remove catch prediction tracking from AstNumbering, and replace it with a similar mechanism in the BytecodeGenerator visitor. BUG=v8:4483, v8:5855 Change-Id: I6351ba311716102fa55cd9ef29b9955ab4b11027 Reviewed-on: https://chromium-review.googlesource.com/559006Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Caitlin Potter <caitp@igalia.com> Cr-Commit-Position: refs/heads/master@{#46419}
-
Andreas Haas authored
On x86, signalling NaNs get converted to quiet NaNs when they get push on the stack and popped again. This happens in the code generation for arm, specifically for the vmov instruction with the immediate parameter. This CL replaces the vmov function in assembler-arm to take the immediate as a uint64_t instead of a double, to guarantee that the bit pattern does not change even if the parameter is a signalling NaN. BUG=v8:6564 Change-Id: I062559f9a7ba8b0f560628e5c39621ca578c3e7d Reviewed-on: https://chromium-review.googlesource.com/558964 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Reviewed-by: Martyn Capewell <martyn.capewell@arm.com> Cr-Commit-Position: refs/heads/master@{#46418}
-
Mike Stanton authored
If the input array is small, then the cost of a trip to the runtime to transition the ElementsKind is too expensive. Bug: Change-Id: Ib04f8567674a6f1f66f4c7263eba5fb4c58987aa Reviewed-on: https://chromium-review.googlesource.com/544866 Commit-Queue: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#46417}
-
Michael Lippautz authored
Bug: chromium:738865 Change-Id: I310684886b6507616733e61338b605f24c6adfe1 Reviewed-on: https://chromium-review.googlesource.com/558298Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#46416}
-
Maya Lekova authored
Bug: Change-Id: I95285260b0848c4c876498bfef0b13ffbe6855ad Reviewed-on: https://chromium-review.googlesource.com/558297Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Maya Lekova <mslekova@google.com> Cr-Commit-Position: refs/heads/master@{#46415}
-
Michael Lippautz authored
Inline pointers visitation instead of handling recursive marking. Bug: chromium:738831 Change-Id: I0840258988c3097119f6299f0e1b6759b55fbd27 Reviewed-on: https://chromium-review.googlesource.com/559346 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#46414}
-