- 10 Jan, 2018 18 commits
-
-
Wael Al Jishi authored
This avoids a segfault rather than reporting the (API usage) error message: "Fatal error in v8::HandleScope::CreateHandle() Cannot create a handle without a HandleScope" Bug: Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I68a3d77ca37cc09d9e70526008a072dee8973000 Reviewed-on: https://chromium-review.googlesource.com/832488 Commit-Queue: Wael Al Jishi <waelj@google.com> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#50485}
-
Michael Lippautz authored
Bug: v8:7266 Change-Id: I0983ec2db72e7013eb28e20370e13be282d0da39 Reviewed-on: https://chromium-review.googlesource.com/860377Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#50484}
-
Sathya Gunasekaran authored
This information is already stored in compiler_hints_. This saves 1 bit on ParseInfo. Change-Id: I37927c256aacd18fb332b522989dc669aa80df01 Reviewed-on: https://chromium-review.googlesource.com/858427Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#50483}
-
Michal Majewski authored
Bug: v8:6917 Change-Id: I4b10091a40372e1aa614ac26452e20ed481ab686 Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel_ng Reviewed-on: https://chromium-review.googlesource.com/856498Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Commit-Queue: Michał Majewski <majeski@google.com> Cr-Commit-Position: refs/heads/master@{#50482}
-
Clemens Hammacher authored
This adds support for i32.shl, i32.shr_u and i32.shr_s. These are the first instructions implemented which have constraints on the registers they use (rcx in this case), so the implementation is a bit more involved. It's still worth trying to emit good code here, as shifts are quite common in our benchmarks. This code will later have to be extended to use i32 immediates directly instead of loading them into a register first. This will result in smaller code and better performance. R=titzer@chromium.org Bug: v8:6600 Change-Id: I45b41ab062b58a9b2bc7e14a68663180307b900d Reviewed-on: https://chromium-review.googlesource.com/859761 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#50481}
-
Camillo Bruni authored
Drive-by-cleanup: - Add InternalElementsAccessor to expose protected instance methods to ElementsAccessor subclasses. - Make some more ElementsAccessor methods protected that take the raw entry as parameter. Bug: chromium:798644 Change-Id: Iffd00f1953461e8dd22c123e62298410fb6e049c Reviewed-on: https://chromium-review.googlesource.com/856816 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#50480}
-
Michael Starzinger authored
R=clemensh@chromium.org Change-Id: I84788f60f531c2faeadad74987ac7af72db10cc0 Reviewed-on: https://chromium-review.googlesource.com/859778Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#50479}
-
Yang Guo authored
This reverts commit d30a8fa9. Reason for revert: no-snap test failures here https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap%20-%20debug/builds/17068 You need to update the whitelist in src/debug/debug-evaluate.cc. I'm a bit surprised this only happens in no-snap builds. Original change's description: > Reimplement Object.entries/values as CSA to optimize performance. > > This implementation based on runtime implementation. > > Bug: v8:6804 > Change-Id: Ib8bfcc4648e44a999789237effc0275c5e4d9936 > Reviewed-on: https://chromium-review.googlesource.com/810504 > Commit-Queue: Camillo Bruni <cbruni@chromium.org> > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/master@{#50477} TBR=cbruni@chromium.org,jgruber@chromium.org,ishell@chromium.org,brn@b6n.ch Change-Id: I1a0c8e3c054a57ca4d15f7a064ff4b28ca133b16 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:6804 Reviewed-on: https://chromium-review.googlesource.com/859937Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#50478}
-
Taketoshi Aono authored
This implementation based on runtime implementation. Bug: v8:6804 Change-Id: Ib8bfcc4648e44a999789237effc0275c5e4d9936 Reviewed-on: https://chromium-review.googlesource.com/810504 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#50477}
-
Timothy Gu authored
Before this, only the [[ProxyHandler]] was set to null during revocation of the Proxy through either the v8::Proxy::Revoke() or the Proxy.revocable() API. To be consistent with the spec, the Proxy's target is set to null as well. This change should not be observable through JS, since the check for if the Proxy is revoked should always use the handler. But the changed value is exposed through the public v8::Proxy::GetTarget() API, which is used by the inspector API and Node.js. Also included is a much more comprehensive test for Inspector's support for Proxy, which prior to this commit did not work as intended. Bug: Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I727607ec2b3cea8642cd636573932c1e6bb5cc07 Reviewed-on: https://chromium-review.googlesource.com/854676 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#50476}
-
Pierre Langlois authored
Disallow using the PC as a base in LDR and instead provide a dedicated assembler method for pc-relative loads. The reason for this is that the generic `Assembler::ldr` method may decide to generate more instructions if the offset is out of range, and if the PC was the base, we would get surprising results. For example: ~~~ ldr r0, [pc, #0xcabba9e] ~~~ is not equivalent to: ~~~ movw ip, #0xba9e movt ip, #0xcab ldr r0, [pc, ip] ~~~ since the reference to the PC has moved down two instructions! We could teach the assembler to handle those cases correctly, but pc-relative loads are used in specific cases only so that's not necessary. As a drive-by, remove a reference to code aging. Bug: Change-Id: I586d83a418db52cf28d3b524f889bf40f077998a Reviewed-on: https://chromium-review.googlesource.com/847008Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Cr-Commit-Position: refs/heads/master@{#50475}
-
Ivo Markovic authored
Previous usage was getting wrong address on Mips. TEST=test-wasm-trap-position/RunWasmTurbofan_IllegalLoad Bug: Change-Id: I325ada99540f01ae509dfbfe3c0e55693dacca19 Reviewed-on: https://chromium-review.googlesource.com/859457Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#50474}
-
sreten.kovacevic authored
After commit a3baa353 `[simulator] Make Call variadic` this DCHECK always fails for negative input. Bug: Change-Id: Ib0efa8380586ac21b7b8537978310f8397b37ca5 Reviewed-on: https://chromium-review.googlesource.com/859460Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com> Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com> Cr-Commit-Position: refs/heads/master@{#50473}
-
Ben L. Titzer authored
This fixes a long-standing TODO to only make a copy of a module's wire bytes if the input is a SharedArrayBuffer and also fixes the concurrent-modification bug for synchronous validation. R=clemensh@chromium.org BUG=chromium:794091 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I8d2f20a9aeedbc306434853f8f6cfc070a24cf97 Reviewed-on: https://chromium-review.googlesource.com/856559 Commit-Queue: Ben Titzer <titzer@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50472}
-
Marja Hölttä authored
BUG=chromium:797581 Change-Id: I08f880a907f122480a014763975ecc07e2c49f7d Reviewed-on: https://chromium-review.googlesource.com/856937Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#50471}
-
Jakob Gruber authored
This reverts commit 8fbc6a05. Reason for revert: https://crbug.com/800356 Original change's description: > Optimize TypedArraySpeciesCreate using SpeciesProtector of Array > > If there is no constructor or species updates on Array or TypedArrays, > then skip lookups of constructor and species so that we can create a new > typed array quickly. This path makes TA.p.slice() 4x faster in fast > cases. > > Bug: v8:7161 > Change-Id: Ib8d2a3f6b8b5ed356c5822a814164166d1285f64 > Reviewed-on: https://chromium-review.googlesource.com/828343 > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/master@{#50423} TBR=jkummerow@chromium.org,jgruber@chromium.org,ishell@chromium.org,bmeurer@chromium.org,cwhan.tunz@gmail.com Change-Id: Icca07564d2a83710852eb797bac25f1d5600696e No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:7161 Reviewed-on: https://chromium-review.googlesource.com/859156Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#50470}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/1ce2f5d..2b74850 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/e1f9b2c..d4706cb Rolling v8/tools/swarming_client: https://chromium.googlesource.com/infra/luci/client-py/+log/4bd9152..36e0979 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: I236d57ee429121a7f4ec35ba58e1d8f058da6b89 Reviewed-on: https://chromium-review.googlesource.com/858816 Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#50469}
-
jing.bao authored
Bug: Change-Id: I75de89ca895ef5a408a1d958b75dbc79d07e007a Reviewed-on: https://chromium-review.googlesource.com/856096Reviewed-by: Bill Budge <bbudge@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Jing Bao <jing.bao@intel.com> Cr-Commit-Position: refs/heads/master@{#50468}
-
- 09 Jan, 2018 22 commits
-
-
Adam Klein authored
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: Ida22cec17a93b160c64f3ba9e66788e2a621828c Reviewed-on: https://chromium-review.googlesource.com/744589Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#50467}
-
Tobias Tebbi authored
The types of the arguments length was wrong because it didn't include the case of SMI_PARAMETERS. Fixing this by reverting to untyped nodes. Bug: Change-Id: Iebc2f1f4530f4f04418a0e200b7bb46938cb456f Reviewed-on: https://chromium-review.googlesource.com/856981Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#50466}
-
Junliang Yan authored
Port 2a50797d Original Commit Message: This CL introduces a Context::kInvalidContext sentinel value to make clear that no context is active. We silently accept smi 0 (= nullptr) as a non-set context which usually was the default value making it hard to ensure whether this happened on purpose or not. R=cbruni@chromium.org, joransiu@ca.ibm.com, bjaideep@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: If907db07b6e84696e3f9c1df937ed75bac54a987 Reviewed-on: https://chromium-review.googlesource.com/857587Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#50465}
-
Sathya Gunasekaran authored
Bug: v8:6889 Change-Id: Ia14a51f4d71059669e62a831c4f3c4d3e60003f1 Reviewed-on: https://chromium-review.googlesource.com/857881Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#50464}
-
Aseem Garg authored
This is a reland of 86bc1517 Original change's description: > [wasm] remove kExecuteSimdLowered mode from wasm cctest > > R=clemensh@chromium.org,titzer@chromium.org,bbudge@chromium.org,gdeepti@chromium.org > BUG=v8:7028 > > Change-Id: Ie0b984ebd18e267cdaf7aaff9f17fb4328d8e5fa > Reviewed-on: https://chromium-review.googlesource.com/849638 > Commit-Queue: Aseem Garg <aseemgarg@chromium.org> > Reviewed-by: Clemens Hammacher <clemensh@chromium.org> > Cr-Commit-Position: refs/heads/master@{#50385} Bug: v8:7028 Change-Id: I64ef0f55268d542588d69a661c0ce88b8aa2f6d5 Reviewed-on: https://chromium-review.googlesource.com/854776Reviewed-by: Ben Titzer <titzer@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Aseem Garg <aseemgarg@chromium.org> Cr-Commit-Position: refs/heads/master@{#50463}
-
Martyn Capewell authored
As they're now equal, simplify some TF opcodes by restoring jssp from csp on stack pointer switch. Also, remove some direct references to jssp. Bug: v8:6644 Change-Id: I20ee54fc0d536809a0aa72def43337f83cc91685 Reviewed-on: https://chromium-review.googlesource.com/857457Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Martyn Capewell <martyn.capewell@arm.com> Cr-Commit-Position: refs/heads/master@{#50462}
-
Benedikt Meurer authored
Inlining the EnqueueMicrotask logic into the various uses blows up the snapshot size significantly. So instead of doing that we just turn the operation into a dedicated builtin that we call from the various uses. This still avoids the runtime function call overhead and maintains the fast path without write barriers for the common case of the microtask queue fitting into new space. This also moves back the microtask helper CSA functions to the specialized assembler. Bug: v8:7253, chromium:799563 Change-Id: I2d24d0e5c01e442c5ad7f5d4373fbc6e94351ac5 Reviewed-on: https://chromium-review.googlesource.com/856618Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#50461}
-
Josh Wolfe authored
This is used in chromium for html attribute event handlers. See blink layout test fast/events/event-function-toString.html Bug: v8:4958 Change-Id: Ib3d88af834bbb62b4ccd4683eda743d92064b075 Reviewed-on: https://chromium-review.googlesource.com/837641 Commit-Queue: Josh Wolfe <jwolfe@igalia.com> Reviewed-by: Daniel Ehrenberg <littledan@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#50460}
-
Michal Majewski authored
Bug: v8:6972 Change-Id: I0f3f933f14b26771b73daa053c17ce4cf8906bd7 Reviewed-on: https://chromium-review.googlesource.com/819635 Commit-Queue: Michał Majewski <majeski@google.com> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50459}
-
Sergiy Byelozyorov authored
R=machenbach@chromium.org Change-Id: Ibb497a46a92168ef6c1d60ea3380626b9b6ec413 Reviewed-on: https://chromium-review.googlesource.com/842985 Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50458}
-
Michal Majewski authored
Bug: v8:6917 Change-Id: I6ecfab76e6d2ee0b4ab86380e8cfbb68df07599e Reviewed-on: https://chromium-review.googlesource.com/852295 Commit-Queue: Michał Majewski <majeski@google.com> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#50457}
-
Michal Majewski authored
--fuzzer-gc-analysis prints allocations count without need for predictable mode. --random_gc_interval is similar to --gc-interval with 2 differences: 1) Causes gc every random(0, X) allocations instead of constant X. 2) Doesn't update the allocation timeout when there is a GC for different reason than timeout equals to 0. Bug: v8:6972 Change-Id: I07ad935fc264a61069255c7358b4fcbe42bfb17a Reviewed-on: https://chromium-review.googlesource.com/815214 Commit-Queue: Michał Majewski <majeski@google.com> Reviewed-by: Hannes Payer <hpayer@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50456}
-
Michael Achenbach authored
This reverts commit ae14edca. Reason for revert: Test fails with gc stress: https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/17067 Original change's description: > [turbofan] Handle mixed packed/unpacked multimaps in Array.prototype.push > > Bug: v8:7127, v8:7204, v8:7205 > Change-Id: I4eb009492222b208ff8875b4b7940174dfb132ff > Reviewed-on: https://chromium-review.googlesource.com/847576 > Commit-Queue: Sigurd Schneider <sigurds@chromium.org> > Reviewed-by: Michael Stanton <mvstanton@chromium.org> > Cr-Commit-Position: refs/heads/master@{#50451} TBR=mvstanton@chromium.org,sigurds@chromium.org Change-Id: Ic1dac13e59565d2f0f2a4265c24f6532973f630a No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:7127, v8:7204, v8:7205 Reviewed-on: https://chromium-review.googlesource.com/857636Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50455}
-
Michael Achenbach authored
This reverts commit bf4cc9ee. Reason for revert: Breaks windows with msvc and linux with gcc https://build.chromium.org/p/client.v8/builders/V8%20Win64%20-%20msvc/builds/841 https://build.chromium.org/p/client.v8/builders/V8%20Linux%20gcc%204.8/builds/17265 Original change's description: > [esnext] load `iterator.next` only once at beginning of iteration > > https://github.com/tc39/ecma262/pull/988 gained concensus during the > september 2017 TC39 meetings. This moves the load of the "next" method > to the very beginning of the iteration protocol, rather than during > each iteration step. > > This impacts: > > - yield* > - for-of loops > - spread arguments > - array spreads > > In the v8 implementation, this also affects async iteration versions of > these things (the sole exception being the Async-From-Sync iterator, > which requires a few more changes to work with this, likely done in a > followup patch). > > This change introduces a new AST node, ResolvedProperty, which can be used > as a callee by Call nodes to produce the same bytecode as Property calls, > without observably re-loading the property. This is used in several > AST-desugarings involving the iteration protocol. > > BUG=v8:6861, v8:5699 > R=rmcilroy@chromium.org, neis@chromium.org, adamk@chromium.org > > Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng > Change-Id: Ib81106a0182687fc5efea0bc32302ad06376773b > Reviewed-on: https://chromium-review.googlesource.com/687997 > Commit-Queue: Caitlin Potter <caitp@igalia.com> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Reviewed-by: Adam Klein <adamk@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Cr-Commit-Position: refs/heads/master@{#50452} TBR=rmcilroy@chromium.org,adamk@chromium.org,neis@chromium.org,caitp@igalia.com,caitp@chromium.org Change-Id: I1797c0d596dfd6850d6f0f505f591a7a990dd1f1 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:6861, v8:5699 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Reviewed-on: https://chromium-review.googlesource.com/857616Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50454}
-
Michal Majewski authored
--stress-marking and --stress-scavenge flags with the value greater than 0 enable additional tracking, allocation observers etc. --fuzzer-analysis switches --stress-* flags into analysis mode, which means that all allocation observers and additional checks are still executed, but GC is not influenced by them. It also provides analysis information needed by the fuzzer on the stdout. Bug: v8:6972 Change-Id: I5ac45adb311441d57d5b951aeec036e689930e9f Reviewed-on: https://chromium-review.googlesource.com/814536Reviewed-by: Hannes Payer <hpayer@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michał Majewski <majeski@google.com> Cr-Commit-Position: refs/heads/master@{#50453}
-
Caitlin Potter authored
https://github.com/tc39/ecma262/pull/988 gained concensus during the september 2017 TC39 meetings. This moves the load of the "next" method to the very beginning of the iteration protocol, rather than during each iteration step. This impacts: - yield* - for-of loops - spread arguments - array spreads In the v8 implementation, this also affects async iteration versions of these things (the sole exception being the Async-From-Sync iterator, which requires a few more changes to work with this, likely done in a followup patch). This change introduces a new AST node, ResolvedProperty, which can be used as a callee by Call nodes to produce the same bytecode as Property calls, without observably re-loading the property. This is used in several AST-desugarings involving the iteration protocol. BUG=v8:6861, v8:5699 R=rmcilroy@chromium.org, neis@chromium.org, adamk@chromium.org Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: Ib81106a0182687fc5efea0bc32302ad06376773b Reviewed-on: https://chromium-review.googlesource.com/687997 Commit-Queue: Caitlin Potter <caitp@igalia.com> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#50452}
-
Sigurd Schneider authored
Bug: v8:7127, v8:7204, v8:7205 Change-Id: I4eb009492222b208ff8875b4b7940174dfb132ff Reviewed-on: https://chromium-review.googlesource.com/847576 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#50451}
-
Andreas Haas authored
R=titzer@chromium.org Change-Id: Iefa0c90f572acbf4cdc3fc4c4f046a760fb59df9 Reviewed-on: https://chromium-review.googlesource.com/857197Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#50450}
-
Michael Starzinger authored
This switches the source positions consumed by {WasmFunctionBuilder} to have type {size_t} instead of {int}. All checks for accidental loss due to overflow in static casts can now be moved into one place. R=clemensh@chromium.org Change-Id: Id0b0da5fe799eac794c9d610c4c4c9a72a587b3f Reviewed-on: https://chromium-review.googlesource.com/857196Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#50449}
-
Ben L. Titzer authored
Combined with existing masking, provides protection against speculative OOB accesses. R=clemensh@chromium.org Bug: chromium:798964 Change-Id: Ib7cdc8bccc6d22b8b45896c63f69cb647deba383 Reviewed-on: https://chromium-review.googlesource.com/856980 Commit-Queue: Ben Titzer <titzer@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50448}
-
Clemens Hammacher authored
In Liftoff, we want to trace the cache state basically before or after processing each instruction. Instead of duplicating this code everywhere, introduce a new interface method {NextInstruction}, which is called before each instruction. R=titzer@chromium.org Bug: v8:6600 Change-Id: Iea61738d200076690a8440a75a2fd90018efa43b Reviewed-on: https://chromium-review.googlesource.com/852457 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#50447}
-
Clemens Hammacher authored
This is a reland of f22156bf. Original change's description: > [Liftoff] Rename kConstant to kI32Const > > This makes it more clear that we only store i32 values as constants in > the cache state. > > R=ahaas@chromium.org > > Bug: v8:6600 > Change-Id: I3022e963e864c9c533cbb673bd8502481389799b > Reviewed-on: https://chromium-review.googlesource.com/853870 > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Commit-Queue: Clemens Hammacher <clemensh@chromium.org> > Cr-Commit-Position: refs/heads/master@{#50437} Bug: v8:6600 Change-Id: I4c28f379eab525a0c86866c39b2e6b55f7c5ab1a Reviewed-on: https://chromium-review.googlesource.com/857017 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#50446}
-