- 03 May, 2017 26 commits
-
-
jkummerow authored
When deleting the most recently added fast property from an object by undoing its last map transition, we must clear any recorded slots. This can only be done in C++, so this functionality must move out of the stub. Also update a CHECK in the JSObject verifier to allow backing stores sticking around after such property deletions. BUG=chromium:716912,chromium:714981 Review-Url: https://codereview.chromium.org/2854373002 Cr-Commit-Position: refs/heads/master@{#45069}
-
Wiktor Garbacz authored
If a negative value is passed as end position it may get past the end without triggering any DCHECK due to int to size_t cast. BUG=v8:6093 Change-Id: I0c6be0e8442049cc4b7fc87593ad018bce4b677e Reviewed-on: https://chromium-review.googlesource.com/494108 Commit-Queue: Wiktor Garbacz <wiktorg@google.com> Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#45068}
-
ulan authored
BUG=chromium:718013 Review-Url: https://codereview.chromium.org/2862533003 Cr-Commit-Position: refs/heads/master@{#45067}
-
jkummerow authored
by pulling parameterizable things out of the case-blocks. No change in functionality. BUG=chromium:714894 Review-Url: https://codereview.chromium.org/2854273004 Cr-Commit-Position: refs/heads/master@{#45066}
-
mvstanton authored
More care must be taken to remain on the fast path in the face of @@species constructors. BUG=chromium:716044 Review-Url: https://codereview.chromium.org/2846963003 Cr-Commit-Position: refs/heads/master@{#45065}
-
jl authored
Blink uses Isolate::GetEnteredContext() to implement HTML's "entry context" concept, and thus depends on it not being changed except explicitly (by Blink.) To support this, stop entering contexts implicitly in all external API entry points; rather just set the context as current. The only thing that changes the entered context is now Context::Enter()/Context::Exit() (and Context::Scope.) BUG=v8:6307 Review-Url: https://codereview.chromium.org/2862483003 Cr-Commit-Position: refs/heads/master@{#45064}
-
mlippautz authored
There is no point in doing black allocation here as we then have to iterate the objects for various reasons. The marker does the same work but can be moved outside of the atomic pause. BUG=chromium:581412 Review-Url: https://codereview.chromium.org/2862563002 Cr-Commit-Position: refs/heads/master@{#45063}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/4a81c96..e9e0102 Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapult/+log/9300a23..08f16b6 Rolling v8/third_party/instrumented_libraries: https://chromium.googlesource.com/chromium/src/third_party/instrumented_libraries/+log/0ad2bcb..644afd3 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Change-Id: I3cba6319b9b8f103fbfe8e4938bcf20c53ace537 Reviewed-on: https://chromium-review.googlesource.com/493810Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#45062}
-
Camillo Bruni authored
Change-Id: I744d6ffca3747c166e8de194c2a7196b46b73f45 NOTRY=true Change-Id: I744d6ffca3747c166e8de194c2a7196b46b73f45 Reviewed-on: https://chromium-review.googlesource.com/493748Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#45061}
-
Marja Hölttä authored
Bug: Change-Id: I335a793d28697092c89e588c456f2689e689c841 Reviewed-on: https://chromium-review.googlesource.com/494054Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#45060}
-
Clemens Hammacher authored
During computation of the side table, ignore stack effects of instructions following any unconditional jump in the same block (|unreachable|, |br|, |br_table| or |return| jump out of the block). Without this fix, the current stack height might underflow, or we compute an unnecessarily large max_stack_height_. Note that those instruction will never get executed anyway. Hence, we don't need to store any side table information for such unreachable code. R=rossberg@chromium.org BUG=chromium:716936, chromium:715990 Change-Id: I282f7f18ba1b972a112210e692f6cd05cf32308c Reviewed-on: https://chromium-review.googlesource.com/493266Reviewed-by: Andreas Rossberg <rossberg@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#45059}
-
Franziska Hinkelmann authored
Bug: Change-Id: I945fa5837439feb2567cc1961516b4e3bed55f82 Reviewed-on: https://chromium-review.googlesource.com/493346Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Franziska Hinkelmann <franzih@chromium.org> Cr-Commit-Position: refs/heads/master@{#45058}
-
Michael Starzinger authored
This fixes cases where the omission of return type annotation of calls to stdlib function was rejected, because a surrounding {fround} call used to be misinterpreted as an annotation instead of a rounding. R=clemensh@chromium.org TEST=mjsunit/asm/call-stdlib BUG=v8:6127 Change-Id: Idec0ef1740ebf8eda969ff05dd1c90252de87a6b Reviewed-on: https://chromium-review.googlesource.com/493349 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#45057}
-
Jochen Eisinger authored
This reverts commit 5db25a09. Original change's description: > Make unittest link correctly again > > Remains to port these fixes over to gyp. > > R=machenbach@chromium.org, jkummerow@chromium.org, mstarzinger@chromium.org > BUG=v8:6325 > > Change-Id: I3bebbc6d0ec52fcb60e3d51acd27e616f51d3dbb > Reviewed-on: https://chromium-review.googlesource.com/490108 > Commit-Queue: Jochen Eisinger <jochen@chromium.org> > Reviewed-by: Clemens Hammacher <clemensh@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Reviewed-by: Michael Achenbach <machenbach@chromium.org> > Cr-Commit-Position: refs/heads/master@{#45026} R=jkummerow@chromium.org TBR=mstarzinger@chromium.org,clemensh@chromium.org BUG=v8:6325 Change-Id: Ic3c0ffdf1f13045ea5a3929b720908e0b27a11c3 Reviewed-on: https://chromium-review.googlesource.com/494566Reviewed-by: Jochen Eisinger <jochen@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Jochen Eisinger <jochen@chromium.org> Cr-Commit-Position: refs/heads/master@{#45056}
-
hpayer authored
BUG=chromium:714207 Review-Url: https://codereview.chromium.org/2857003002 Cr-Commit-Position: refs/heads/master@{#45055}
-
ulan authored
We can use FinalizeIncrementalMarking instead since the only caller of TryFinalizeIdleIncrementalMarking is IdleNotification, for which staying within idle deadline is not critical. This also fixes a bug caused by inconsistent code duplication in finalization condition in the two functions. BUG=v8:6325,chromium:715457 Review-Url: https://codereview.chromium.org/2851743002 Cr-Commit-Position: refs/heads/master@{#45054}
-
bmeurer authored
When we don't know the call count for a given call site (i.e. for inlined accessors), we put 0 as call frequency so far. But as of https://codereview.chromium.org/2859433002, this would completely disable the inlining of those calls, since 0 is interpreted as never called, which is not what we want. So instead of defaulting to 0, add a dedicated sentinel, whose value is NaN, which makes the call site eligible for inlining, but not high priority (as it was before the CL mentioned above). BUG=v8:4493,v8:5267 R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2856103002 Cr-Commit-Position: refs/heads/master@{#45053}
-
Jochen Eisinger authored
This reverts commit 7683df24. Reason for revert: doesn't help with gcc, so removing Original change's description: > Disable -Werror=attributes on gcc > > The warning triggers even if the attributes don't change - it's enough > to declare them multiple times. Given that the other compilers don't > complain, just disable the warning on gcc for now. > > R=jkummerow@chromium.org,mtrofin@chromium.org > BUG=v8:6339 > NOTRY=true > > Change-Id: Ie0fcc4feeb8568d4ab74ac65f6887523f3cdcbf9 > Reviewed-on: https://chromium-review.googlesource.com/494106 > Commit-Queue: Michael Achenbach <machenbach@chromium.org> > Reviewed-by: Mircea Trofin <mtrofin@chromium.org> > Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Cr-Commit-Position: refs/heads/master@{#45045} TBR=jkummerow@chromium.org,machenbach@chromium.org,mtrofin@chromium.org,gsathya@chromium.org,jochen@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:6339 Change-Id: I581e4f0499ae0d7e3bc791fd6fa9988aabe64c5e Reviewed-on: https://chromium-review.googlesource.com/494469Reviewed-by: Jochen Eisinger <jochen@chromium.org> Commit-Queue: Jochen Eisinger <jochen@chromium.org> Cr-Commit-Position: refs/heads/master@{#45052}
-
Ross McIlroy authored
We only need to materialize the existing output register for a given register transfer if it is in a different equivalence set, otherwise we already have the value we want in the output register. BUG=v8:4280 Change-Id: Ic4966590ac10445180aff353940d2c93e6a818aa Reviewed-on: https://chromium-review.googlesource.com/493168Reviewed-by: Mythri Alle <mythria@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#45051}
-
Wiktor Garbacz authored
AnalyzePartially already calls ResetAfterPreparsing. BUG=v8:6093 Change-Id: Idafed85133016a6c7ba17074e269ff2ab94ff38d Reviewed-on: https://chromium-review.googlesource.com/493387Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> Commit-Queue: Wiktor Garbacz <wiktorg@google.com> Cr-Commit-Position: refs/heads/master@{#45050}
-
Michael Achenbach authored
This reverts commit 0f5ebcca. Reason for revert: Still blocks rolling: https://codereview.chromium.org/2857903002/ Original change's description: > Make unittest link correctly again > > Remains to port these fixes over to gyp. > > R=machenbach@chromium.org, jkummerow@chromium.org, mstarzinger@chromium.org > BUG=v8:6325 > > Change-Id: I3bebbc6d0ec52fcb60e3d51acd27e616f51d3dbb > Reviewed-on: https://chromium-review.googlesource.com/490108 > Commit-Queue: Jochen Eisinger <jochen@chromium.org> > Reviewed-by: Clemens Hammacher <clemensh@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Reviewed-by: Michael Achenbach <machenbach@chromium.org> > Cr-Commit-Position: refs/heads/master@{#45026} TBR=jkummerow@chromium.org,machenbach@chromium.org,mstarzinger@chromium.org,jochen@chromium.org,clemensh@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:6325 Change-Id: Icb11e6e12cb6c7bd6c68677359596fee740b6531 Reviewed-on: https://chromium-review.googlesource.com/494467Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#45049}
-
ivica.bogosavljevic authored
Test typedarray-arg-set-values-same-buffer-other-type fails on big-endian platforms due to the issue in the test itself. The issue has been reported to test262 maintainers, until resolved the test is skipped. TEST=test262/built-ins/TypedArray/prototype/set/typedarray-arg-set-values-same-buffer-other-type BUG= Review-Url: https://codereview.chromium.org/2834093002 Cr-Commit-Position: refs/heads/master@{#45048}
-
Clemens Hammacher authored
The --wasm-interpret-all flag is mainly used for debugging. Combining it with lazy compilation is unreasonable and would create a lot of special cases in both code paths. Hence this CL disallows the combination of these two flags by adding a negative flag implication. R=rossberg@chromium.org BUG=chromium:715216 Change-Id: I777e21d7e64f567e2728498dbb6f5b0709cd28f1 Reviewed-on: https://chromium-review.googlesource.com/494486Reviewed-by: Andreas Rossberg <rossberg@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#45047}
-
Mythri authored
Adds tests for Heap::IsUnmodifiedHeapObject that is used during scavenge. Bug: Change-Id: Ide549a6616101cbd6ed17372ed1ed168c7a76fbd Reviewed-on: https://chromium-review.googlesource.com/484539 Commit-Queue: Mythri Alle <mythria@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#45046}
-
Jochen Eisinger authored
The warning triggers even if the attributes don't change - it's enough to declare them multiple times. Given that the other compilers don't complain, just disable the warning on gcc for now. R=jkummerow@chromium.org,mtrofin@chromium.org BUG=v8:6339 NOTRY=true Change-Id: Ie0fcc4feeb8568d4ab74ac65f6887523f3cdcbf9 Reviewed-on: https://chromium-review.googlesource.com/494106 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Mircea Trofin <mtrofin@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#45045}
-
Jochen Eisinger authored
I'd like to change the parser to not create those AST nodes in the first place. To get there, I'm skipping visiting of those nodes in the existing visitors. With this change, there is only one visitor in asm-to-wasm left that actually visits those nodes, and seemingly depends on it. R=adamk@chromium.org BUG=v8:6312 Change-Id: I0837fdd97cf4c1baefa2d7fd76eddd90ad00b1df Reviewed-on: https://chromium-review.googlesource.com/493167Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Jochen Eisinger <jochen@chromium.org> Cr-Commit-Position: refs/heads/master@{#45044}
-
- 02 May, 2017 14 commits
-
-
Sathya Gunasekaran authored
Bug: v8:6337 Change-Id: I7de330c77e5f4cbb2cd4bf327c8b60783e78880c Reviewed-on: https://chromium-review.googlesource.com/493786 Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#45043}
-
ulan authored
This patch adds a concurrent marking deque that exposes the same interface for the main thread as the existing marking deque. The matching interface makes the concurrent marking deque a drop-in replacement for the sequential marking deque without any change in mark-compactor and incremental marker. BUG=chromium:694255 Review-Url: https://codereview.chromium.org/2810893002 Cr-Commit-Position: refs/heads/master@{#45042}
-
Clemens Hammacher authored
Executing the |end| opcode of a loop assumed that the stack height was being reset to the height at start of the loop. Hence we were ignoring the arity of the loop. During computation of the side table, the arity of the label associated with the loop was explicitly set to 0, such that a |br| instruction to that label would not transfer any values. It turns out though that we need to remember the arity in order to precompute the correct stack height when executing the |end| opcode of a loop. Also, add a regression test. R=rossberg@chromium.org BUG=chromium:716936 Change-Id: Ib3a559998f1ce5f8fcd7b94af1426637b3e48f86 Reviewed-on: https://chromium-review.googlesource.com/493286 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Rossberg <rossberg@chromium.org> Cr-Commit-Position: refs/heads/master@{#45041}
-
mathias authored
During code review, `CASE` was renamed to `TFJ_CASE`, but one occurrence still refers to the old name. This patch fixes that. Ref. 2c995c8c R=danno@chromium.org BUG=v8:1956 LOG=N Review-Url: https://codereview.chromium.org/2854913002 Cr-Commit-Position: refs/heads/master@{#45040}
-
Clemens Hammacher authored
ErrorThrower::Reify() should only be called if an error is actually set. This CL introduces a Reset() method to replace the obsolete (now disallowed) usages. R=mtrofin@chromium.org BUG=chromium:717056 Change-Id: I41b989a9c7b33591ee26ec6d43540a38289ab54f Reviewed-on: https://chromium-review.googlesource.com/493506Reviewed-by: Mircea Trofin <mtrofin@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#45039}
-
jkummerow authored
CopyFixedArrayAndGrow can trigger GC, which can clean up previous detached contexts, so storing the length of the FixedArray across the allocation is unsafe. BUG=v8:6282 Review-Url: https://codereview.chromium.org/2857633002 Cr-Commit-Position: refs/heads/master@{#45038}
-
ulan authored
The existing formula returns non-sense when the old top is greater than the current top. BUG=chromium:694255 Review-Url: https://codereview.chromium.org/2850373003 Cr-Commit-Position: refs/heads/master@{#45037}
-
Mythri authored
BytecodeRegisterOptimizer had special handling for the case when parameters is 0. This is not possible from valid javascript. It exists because some tests do not take this into account. Fixed tests and removed the special handling. Also removed a TODO, which is already done here: https://codereview.chromium.org/2227203002/ Bug: v8:4280,v8:6325 Change-Id: Idc17af12ad9292c13a6677aa4c8b88d21f4adf81 Reviewed-on: https://chromium-review.googlesource.com/490308 Commit-Queue: Mythri Alle <mythria@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#45036}
-
Peter Marshall authored
The existing CHECK assumed that the source and destination could not have the same buffer, but they actually can as long as the data ranges do not overlap within the buffer. Change the check to look for this more relaxed condition instead. Moved the check outside of the memcpy case as well, given that it should also apply for the slower, element-by-element copy as well. Also use JSTypedArray::element_size() to get the element size instead of the helper on the FixedTypedArrayBase. This lets us change that helper back to private again. Bug: chromium:717022 Change-Id: I2eca1df1e87444c5db397e0b7cf686cefe67d29c Reviewed-on: https://chromium-review.googlesource.com/493147 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#45035}
-
Peter Marshall authored
String inputs would end up in the fast-path, crashing because it expected an array type. Add the fast path explicitly when the source is a TypedArray, and let everything else fall back to the generic JS implementation. Bug: chromium:715971 Change-Id: Ieec28e93279047d403e00ed2676dc1eda193c033 Reviewed-on: https://chromium-review.googlesource.com/493226 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#45034}
-
danno authored
Previously, the parameter count for CSA-generated array builtins needed to be specified both in the TFJ list of builtins as well as in the bootstrapper when installing each builtin. This patch adds a utility function that returns the arity of builtins, including CSA-generated array builtins, given the builtin's name. This function is now used by the bootstrapper and thus removes the need for the explicit duplication. R=ishell@chromium.org BUG=v8:1956 LOG=N Review-Url: https://codereview.chromium.org/2852833002 Cr-Commit-Position: refs/heads/master@{#45033}
-
ulan authored
This introduces MarkingDeque::Update function that accepts a callback and updates marking deque elements using the callback. BUG=chromium:694255 Review-Url: https://codereview.chromium.org/2854063002 Cr-Commit-Position: refs/heads/master@{#45032}
-
bmeurer authored
Add a new flag --min-inlining-frequency, defaulting to 0.15, which serves as a minimum threshold for callsites to be considered by the TurboFan inlining heuristic. Call sites with a frequency below this (i.e. a call site that is only hit every 10th invocation of the caller) are not considered for inlining. BUG=v8:4493,v8:5267 R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2859433002 Cr-Commit-Position: refs/heads/master@{#45031}
-
ulan authored
BUG=chromium:694255 Review-Url: https://codereview.chromium.org/2852953004 Cr-Commit-Position: refs/heads/master@{#45030}
-