- 07 Dec, 2015 34 commits
-
-
mtrofin authored
Deoptimization expects the context and function marker on the stack. To let the register allocator control spilling of the live ranges corresponding to these 2 operands, we need their use to be represented accurately. BUG= v8:4533 LOG=N Review URL: https://codereview.chromium.org/1506903002 Cr-Commit-Position: refs/heads/master@{#32666}
-
mbrandy authored
Port 0ed08780 Original commit message: There's no reason to limit the CompareIC to (known) JSObject instances, as all JSReceivers behave the same wrt. abstract and strict equality. So remove this historical limitation and track JSReceivers instead. R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= Review URL: https://codereview.chromium.org/1506903003 Cr-Commit-Position: refs/heads/master@{#32665}
-
ivica.bogosavljevic authored
Port 95844d94 Original commit message: The new operator provides a second output which indicates whether the conversion from float64 to int64 was successful or not. The second output returns 0 if the conversion fails. If the conversion succeeds, then the second output is differs from 0. The second output can be ignored, which means that the operator can be used the same way as the original operator. I implemented the new operator on x64 and arm64. @v8-mips-ports and @v8-ppc-ports, can you please take care of the mips64 and ppc64 implementation of the second output? BUG= TEST=cctest/test-run-machops/RunTryTruncateFloat64ToInt64WithCheck Review URL: https://codereview.chromium.org/1503173002 Cr-Commit-Position: refs/heads/master@{#32664}
-
caitpotter88 authored
BUG=v8:811 LOG=N R=adamk@chromium.org Review URL: https://codereview.chromium.org/1504553003 Cr-Commit-Position: refs/heads/master@{#32663}
-
verwaest authored
Error still to be done, since that's not yet available in the bootstrapper. BUG=v8:3900, v8:3931, v8:1543, v8:3330 LOG=n Review URL: https://codereview.chromium.org/1499923002 Cr-Commit-Position: refs/heads/master@{#32662}
-
rmcilroy authored
Fixes code size multiplier of Arm64 based on generated code size of Octane. Review URL: https://codereview.chromium.org/1504023002 Cr-Commit-Position: refs/heads/master@{#32661}
-
neis authored
R=rossberg BUG= Review URL: https://codereview.chromium.org/1502983002 Cr-Commit-Position: refs/heads/master@{#32660}
-
jochen authored
BUG=v8:4134 R=vogelheim@chromium.org LOG=n Review URL: https://codereview.chromium.org/1502193002 Cr-Commit-Position: refs/heads/master@{#32659}
-
rossberg authored
Reviving/redoing littledan's previous CL. R=nikolaos@chromium.org BUG= Review URL: https://codereview.chromium.org/1504833002 Cr-Commit-Position: refs/heads/master@{#32658}
-
titzer authored
This adds a runtime flag that controls whether the WASM object is exposed to JavaScript. While currently guarded by the V8_WASM build-time flag, after landing in V8 the build-time flag will be removed, leaving only this new runtime flag. R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/1507623002 Cr-Commit-Position: refs/heads/master@{#32657}
-
sigurds authored
This patch improves escape analysis and fixes bugs triggered by clusterfuzz. Impovements include: * Handling of LoadElement/StoreElement if index is a constant * Handling of JSStoreProperty: invalidate all information, as the store could have altered any field. * Treat phis that use an allocation as escaping * Improve resolution of replacements R=mstarzinger@chromium.org BUG=v8:4586 LOG=n Review URL: https://codereview.chromium.org/1499143002 Cr-Commit-Position: refs/heads/master@{#32656}
-
rossberg authored
R=adamk@chromium.org, mstarzinger@chromium.org, yangguo@chromium.org BUG= Review URL: https://codereview.chromium.org/1477093003 Cr-Commit-Position: refs/heads/master@{#32655}
-
mstarzinger authored
This makes the strong link from optimized code to code objects for all inlined functions explicit. It adds direct references to code objects into deoptimization data as literals. Note that this is not necessarily the code that will be deoptimized to, because the code on the shared function info might be replaced by other components (e.g. debugger). Those replacement code objects however are all non-flushable, marking explicit strong links for reachability unnecessary. R=hpayer@chromium.org Review URL: https://codereview.chromium.org/1490233009 Cr-Commit-Position: refs/heads/master@{#32654}
-
ahaas authored
The new operator provides a second output which indicates whether the conversion from float64 to int64 was successful or not. The second output returns 0 if the conversion fails. If the conversion succeeds, then the second output is differs from 0. The second output can be ignored, which means that the operator can be used the same way as the original operator. I implemented the new operator on x64 and arm64. @v8-mips-ports and @v8-ppc-ports, can you please take care of the mips64 and ppc64 implementation of the second output? R=titzer@chromium.org, v8-arm-ports@googlegroups.com Review URL: https://codereview.chromium.org/1495213003 Cr-Commit-Position: refs/heads/master@{#32653}
-
bmeurer authored
The JSInliningHeuristic keeps a list of nodes, which might have been killed by other reducers before the JSInliningHeuristic looks at it again, so it has to check whether nodes are dead before trying to expand them later (this is similar to what the ValueNumberingReducer needs to do with its internal table). R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/1508643002 Cr-Commit-Position: refs/heads/master@{#32652}
-
neis authored
- Add JSReceiver::SetIntegrityLevel, with a fast path for regular objects. - Make Object.{freeze,seal} call this via %Object{Freeze,Seal}, thus no longer using broken or deprecated functions from v8natives.js. - Add JSReceiver::OwnPropertyKeys convenience function. - Reenable harmony/proxies-hash.js test. R=rossberg BUG=v8:1543 LOG=N Review URL: https://codereview.chromium.org/1489423002 Cr-Commit-Position: refs/heads/master@{#32651}
-
jkummerow authored
Also delete a bunch of dead code from src/js/. Review URL: https://codereview.chromium.org/1502593002 Cr-Commit-Position: refs/heads/master@{#32650}
-
yangguo authored
R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/1500413002 Cr-Commit-Position: refs/heads/master@{#32649}
-
zhengxing.li authored
port 086d4598 (r32644) original commit message: The backing store is only held alive indirectly via the array buffer referenced by the holder (typed array), so it's not enough to keep the elements alive (or even just the external pointer loaded from the elements). BUG= Review URL: https://codereview.chromium.org/1503943002 Cr-Commit-Position: refs/heads/master@{#32648}
-
yangguo authored
R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/1502163002 Cr-Commit-Position: refs/heads/master@{#32647}
-
mstarzinger authored
This makes the implementations of MacroAssembler::InvokeBuiltin go through the InvokeFunctionCode helper on all architectures. This helper knows how to correctly set up all registers (i.e. argument count and the new target value). R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/1488303008 Cr-Commit-Position: refs/heads/master@{#32646}
-
zhengxing.li authored
port 0ed08780 (r32642) original commit message: There's no reason to limit the CompareIC to (known) JSObject instances, as all JSReceivers behave the same wrt. abstract and strict equality. So remove this historical limitation and track JSReceivers instead. BUG= Review URL: https://codereview.chromium.org/1501373003 Cr-Commit-Position: refs/heads/master@{#32645}
-
jochen authored
The backing store is only held alive indirectly via the array buffer referenced by the holder (typed array), so it's not enough to keep the elements alive (or even just the external pointer loaded from the elements). R=mstarzinger@chromium.org,bmeurer@chromium.org LOG=n BUG=v8:1827 Review URL: https://codereview.chromium.org/1493983004 Cr-Commit-Position: refs/heads/master@{#32644}
-
mtrofin authored
need to be marked as such. BUG= Review URL: https://codereview.chromium.org/1505683002 Cr-Commit-Position: refs/heads/master@{#32643}
-
bmeurer authored
There's no reason to limit the CompareIC to (known) JSObject instances, as all JSReceivers behave the same wrt. abstract and strict equality. So remove this historical limitation and track JSReceivers instead. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/1502963002 Cr-Commit-Position: refs/heads/master@{#32642}
-
zhengxing.li authored
port 1e671030 (r32614) original commit message: BUG= Review URL: https://codereview.chromium.org/1502053003 Cr-Commit-Position: refs/heads/master@{#32641}
-
bmeurer authored
There's no benefit in embedding the context as a constant for direct calls. In fact it seems to be cheaper both size and execution wise to just always load the context from the target. R=jarin@chromium.org Review URL: https://codereview.chromium.org/1506763002 Cr-Commit-Position: refs/heads/master@{#32640}
-
bmeurer authored
The test expectations should fail consistently in both release and debug builds. DCHECK is only meant for debug-only checks in production code. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/1506753002 Cr-Commit-Position: refs/heads/master@{#32639}
-
zhengxing.li authored
X87: Revert of Provide call counts for constructor calls, surface them as a vector IC. (patchset #4 id:60001 of https://codereview.chromium.org/1476413003/ ) port e89e08ca (r32599) original commit message: Reason for revert: Seems to be (mostly) responsible for the most recent Speedometer regression, not 100% sure. Let's see what the bots have to say. Original issue's description: > Provide call counts for constructor calls, surface them as a vector IC. > > CallIC and CallConstructStub look so alike, at least in the feedback they gather even if the implementation differs...and CallIC has such a nice way of surfacing the feedback (CallICNexus), that ther > > BUG= > > Committed: https://crrev.com/66d5a9df62da458a51e8c7ed1811dc9660f4f418 > Cr-Commit-Position: refs/heads/master@{#32452} additional description: Revert "X87: Provide call counts for constructor calls, surface them as a vector IC." as r32599 does This reverts commit 54a9d349. BUG= Review URL: https://codereview.chromium.org/1506723002 Cr-Commit-Position: refs/heads/master@{#32638}
-
zhengxing.li authored
X87: Reland of [debugger] do not restart frames that reference new.target for liveedit. (patchset #1 id:1 of https://codereview.chromium.org/1493863004/ ) port 15cb3fde (r32587) original commit message: Reason for revert: Didn't help... Original issue's description: > Revert of [debugger] do not restart frames that reference new.target for liveedit. (patchset #1 id:1 of https://codereview.chromium.org/1493363002/ ) > > Reason for revert: > [Sheriff] Speculative revert for https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/3225 > > Original issue's description: > > [debugger] do not restart frames that reference new.target for liveedit. > > > > R=mstarzinger@chromium.org > > > > Committed: https://crrev.com/6fca870240bdbb07a365189b5eb0c98fa65b3682 > > Cr-Commit-Position: refs/heads/master@{#32572} > > TBR=mstarzinger@chromium.org,yangguo@chromium.org > NOPRESUBMIT=true > NOTREECHECKS=true > NOTRY=true > > Committed: https://crrev.com/1a61dab34b9849f3f70a42ce69317e22758c53a1 > Cr-Commit-Position: refs/heads/master@{#32582} BUG= Review URL: https://codereview.chromium.org/1501323002 Cr-Commit-Position: refs/heads/master@{#32637}
-
zhengxing.li authored
port eaa0e596 (r32550) original commit message: This drops the specific slot containing the new.target value from our construct stub frames. This side-channel has been deprecated and will no longer be accessed by any consumers. BUG= Review URL: https://codereview.chromium.org/1504703002 Cr-Commit-Position: refs/heads/master@{#32636}
-
zhengxing.li authored
port 440a42b7 (r32548) original commit message: This passes the new.target value in a register instead of through a side-channel via the construct stub. Note that this marks the last consumer of said side-channel and the special slot in the construct stub frame can be removed as a follow-up. BUG= Review URL: https://codereview.chromium.org/1503923002 Cr-Commit-Position: refs/heads/master@{#32635}
-
zhengxing.li authored
port 0e956833 (r32549) original commit message: Whenever the InstanceOfStub finds a proxy (either passed as object or somewhere on the prototype chain), it should bailout to the %HasInPrototypeChain runtime function, which will do the right thing (soonish). BUG= Review URL: https://codereview.chromium.org/1508553002 Cr-Commit-Position: refs/heads/master@{#32634}
-
zhengxing.li authored
port 5d38d681 (r32547) original commit message: It didn't support subclassing case at all and in non-subclassing case the runtime allocation didn't do the slack tracking step. BUG= Review URL: https://codereview.chromium.org/1506713002 Cr-Commit-Position: refs/heads/master@{#32633}
-
- 06 Dec, 2015 2 commits
-
-
bmeurer authored
R=jarin@chromium.org Review URL: https://codereview.chromium.org/1497233002 Cr-Commit-Position: refs/heads/master@{#32632}
-
v8-autoroll authored
Rolling v8/tools/clang to 5b7bd8a08ae5ee5262c38e01f5b703cc193074d4 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Review URL: https://codereview.chromium.org/1502873002 Cr-Commit-Position: refs/heads/master@{#32631}
-
- 05 Dec, 2015 3 commits
-
-
balazs.kilvady authored
BUG= Review URL: https://codereview.chromium.org/1434263003 Cr-Commit-Position: refs/heads/master@{#32630}
-
machenbach authored
Revert of Clean up promises and fix an edge case bug (patchset #4 id:60001 of https://codereview.chromium.org/1488783002/ ) Reason for revert: [Sheriff] Breaks layout tests: https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/3266 Please request rebase upstream first. Original issue's description: > Clean up promises and fix an edge case bug > > This patch builds on previous Promise spec compliance work by > cleaning out some old code which existed to support > Promise.prototype.chain, rephrasing some code to correspond more > closely to the specification, and removing some incorrect brand > checking. A test is added for a bug in an edge case which was fixed. > > R=rossberg > BUG=v8:3641 > LOG=Y > > Committed: https://crrev.com/1deb89c8fd3cb69714ae0a24e3b5a4e78f6b73b4 > Cr-Commit-Position: refs/heads/master@{#32627} TBR=rossberg@chromium.org,caitpotter88@gmail.com,littledan@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:3641 Review URL: https://codereview.chromium.org/1501763004 Cr-Commit-Position: refs/heads/master@{#32629}
-
v8-autoroll authored
Rolling v8/tools/clang to 6ecb01a508c93b383990381a30c06d3cbb175e8c TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Review URL: https://codereview.chromium.org/1501173002 Cr-Commit-Position: refs/heads/master@{#32628}
-
- 04 Dec, 2015 1 commit
-
-
littledan authored
This patch builds on previous Promise spec compliance work by cleaning out some old code which existed to support Promise.prototype.chain, rephrasing some code to correspond more closely to the specification, and removing some incorrect brand checking. A test is added for a bug in an edge case which was fixed. R=rossberg BUG=v8:3641 LOG=Y Review URL: https://codereview.chromium.org/1488783002 Cr-Commit-Position: refs/heads/master@{#32627}
-