- 23 Jan, 2018 22 commits
-
-
Michael Starzinger authored
This fixes a corner-case where deserialization of a module containing multiple exported functions of the same signature forgot to properly unprotect the code-space. Test coverage has been added. R=clemensh@chromium.org TEST=mjsunit/wasm/compiled-module-serialization BUG=chromium:804767 Change-Id: I0082303db19bcc14c4de30f29d604665e281d79d Reviewed-on: https://chromium-review.googlesource.com/880844Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#50799}
-
Ben L. Titzer authored
As part of the effort to despecialize WASM code, convert many uses of WasmInstanceObject which were simply indirecting through to either the compiled module or the shared module data with helpers on the respective Frame objects. R=mstarzinger@chromium.org Bug: Change-Id: I05bd1a18b1d81cceef8a80d9f6988e4f5d537e66 Reviewed-on: https://chromium-review.googlesource.com/876125 Commit-Queue: Ben Titzer <titzer@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#50798}
-
Clemens Hammacher authored
When spilling a value to the stack, make sure to fill it as the same type later. Otherwise, we might load garbage from the stack and violate the assumption that the upper 32 bits of a 64 bit register are zero if it currently holds a 32 bit value. R=titzer@chromium.org Bug: v8:7353, v8:6600 Change-Id: I7f2b1b31b7f3c13aa152c682cb59400fb5a3ebf0 Reviewed-on: https://chromium-review.googlesource.com/880682 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#50797}
-
Leszek Swirski authored
Now that SuspendGenerator returns, we have to update the interrupt budget during that return to ensure that generators can be optimized. Bug: chromium:804796 Change-Id: I8a9fa1c2399da81a3c2a7d8a07a774d5648d1c5e Reviewed-on: https://chromium-review.googlesource.com/880821Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#50796}
-
Michael Lippautz authored
Bug: v8:7266 Change-Id: I1436d39281caa9daf33289840d19a4a5e1ba476d Reviewed-on: https://chromium-review.googlesource.com/880843Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#50795}
-
Benedikt Meurer authored
Use this in the PromiseThen operation to skip the (expensive) lookup in the SpeciesConstructor operation. This yields in a nice 3-5% improvement on the bluebird and wikipedia benchmarks, and paves the way for inlining certain Promise operations into TurboFan optimized code later. On the micro-benchmark mentioned in the bug (from the findings doc), we reduce the overall execution time by 25%, which makes sense given that Promise.prototype.then spends a significant portion of it's time just figuring out the appropriate constructor. Bug: v8:7253, v8:7349 Change-Id: Ia1577b59d1b7e4b8dbda83e2186583edab76695a Reviewed-on: https://chromium-review.googlesource.com/880681Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#50794}
-
Ulan Degenbaev authored
The predicatable mode sets --single-threaded flag, which disables --wasm-async-compilation. The test relies on async compilation. Change-Id: I49dae829506c69f21f148cc9c9565c136abcda42 Reviewed-on: https://chromium-review.googlesource.com/880842Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#50793}
-
Yang Guo authored
R=machenbach@chromium.org Bug: v8:7350 Change-Id: I048ea31afaa6aeb1bee6b9ef91e1afa31324ebcd Reviewed-on: https://chromium-review.googlesource.com/880624Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#50792}
-
Michael Achenbach authored
TBR=sergiyb@chromium.org Bug: v8:7343 Change-Id: I46d276f16a001651ad36d550df2535fb8b3ba150 Reviewed-on: https://chromium-review.googlesource.com/880584Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50791}
-
Yang Guo authored
Bug: v8:7341 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng;master.tryserver.blink:linux_trusty_blink_rel Change-Id: I90879be3a94745859b7da7c9bb9b6533af11cc2d Reviewed-on: https://chromium-review.googlesource.com/878221Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#50790}
-
Ulan Degenbaev authored
Async compilation relies on background tasks, which are not available in single-threaded mode. Change-Id: Id47e7f5bd1406a5323d6a770936a23b6839e7936 Reviewed-on: https://chromium-review.googlesource.com/880583Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#50789}
-
Michael Lippautz authored
bug: v8:7266 Change-Id: I8241301c9652e70c88b35ebd057af107a1c05687 Reviewed-on: https://chromium-review.googlesource.com/880622Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#50788}
-
Michael Achenbach authored
The extra output on mac was to investigate a bug that's now fixed. TBR=sergiyb@chromium.org NOTRY=true Bug: v8:6927 Change-Id: Iac8074c7e89a987e164f676442da1ed4f93987cc Reviewed-on: https://chromium-review.googlesource.com/880623Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50787}
-
Michael Achenbach authored
TBR=sergiyb@chromium.org Bug: v8:7343 Change-Id: Iea94f5b12b48fb6c04fe25b827a30e713fdfb716 Reviewed-on: https://chromium-review.googlesource.com/880582Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50786}
-
Sigurd Schneider authored
Bug: v8:7340 Change-Id: I7f4df794a57bf5db6a3b611ad76b5ef5c4edba9c Reviewed-on: https://chromium-review.googlesource.com/878264Reviewed-by: Michael Stanton <mvstanton@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#50785}
-
Michal Majewski authored
Since we're not winning anything by changing the result between processors on the main process, reduce is noop there and result is immutable. Bug: v8:6917 Change-Id: Ieb282e7abd4ab31162aee6b52493a6e1b6a25109 Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel_ng Reviewed-on: https://chromium-review.googlesource.com/878239 Commit-Queue: Michał Majewski <majeski@google.com> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50784}
-
Sigurd Schneider authored
Simplified lowering may loose feedback by inserting Checked conversions for BoundsChecks in case the bounds check gets optimized away later on. Bug: v8:7127 Change-Id: I254a29ba4e578d653d1dee2d70582ce0a4b57789 Reviewed-on: https://chromium-review.googlesource.com/878743Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#50783}
-
Sigurd Schneider authored
The common operator reducer was loosing feedback information when replacing DeoptimizeIf/Unless with DeoptimizeUnless/If nodes. Bug: v8:7127 Change-Id: I5d6f253ca9dfec04f4e7c8d1485f0ca668a8db95 Reviewed-on: https://chromium-review.googlesource.com/878781Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#50782}
-
Sigurd Schneider authored
This allows mixing of smi/object values and adds support for holey double arrays. Bug: v8:7340 Change-Id: I7e3a2b0aaa205b7af8c3af615fb9c9a965178b3f Reviewed-on: https://chromium-review.googlesource.com/878123Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#50781}
-
Sigurd Schneider authored
This change allows turbofan to store the index variable in a Word32 integer; my last change caused the index to be promoted to float64. Change-Id: Ia60d16461991ae941229f45d393e924d0dca5bbe Reviewed-on: https://chromium-review.googlesource.com/878160Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#50780}
-
Michael Achenbach authored
Bug: v8:7343 Change-Id: Ic0b89e2376fc927303a5285cc5b47a1ad4694047 Reviewed-on: https://chromium-review.googlesource.com/878642 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#50779}
-
Georg Neis authored
R=bmeurer@chromium.org Bug: v8:5940 Change-Id: I8ce536f6f82225e8b05ef05a45eb3487360b14a2 Reviewed-on: https://chromium-review.googlesource.com/878126Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#50778}
-
- 22 Jan, 2018 18 commits
-
-
Mike Stanton authored
* Set gdeepti@ as a compiler backend owner. * Set sigurds@ as a compiler owner. Change-Id: I0ceb300b6452a36a7f945e92193a3946604c4e51 Reviewed-on: https://chromium-review.googlesource.com/878542Reviewed-by: Ben Titzer <titzer@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Brad Nelson <bradnelson@chromium.org> Commit-Queue: Brad Nelson <bradnelson@chromium.org> Cr-Commit-Position: refs/heads/master@{#50777}
-
Michal Majewski authored
Bug: v8:6917 Change-Id: Ic34afb25b74520303cd9ace987fc18e1535e4147 Reviewed-on: https://chromium-review.googlesource.com/879146Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50776}
-
Ali Ijaz Sheikh authored
Deoptimization may materialize values on the heap, which may get sampled by the heap profiler. Such samples have imprecise stack. Indicate this. BUG=v8:7314 Change-Id: I21ab079c36fc0492b05b546cc1d6a8e6c042aeb8 Reviewed-on: https://chromium-review.googlesource.com/877119 Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#50775}
-
Junliang Yan authored
Port 5cef3ddd Original Commit Message: Instead of requiring the pattern that a SuspendGenerator must be followed by a Return, make SuspendGenerator return directly. This can, in the future, simplify some of the reasoning around generator suspends. R=leszeks@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: Ic967164b40433ed64df5996560490b13d6159a94 Reviewed-on: https://chromium-review.googlesource.com/879223Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#50774}
-
Michael Lippautz authored
Bug: v8:7266 Change-Id: Ibc8df4219ea990c3e1bf7a586356689080ab9eb9 Reviewed-on: https://chromium-review.googlesource.com/879182Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#50773}
-
Eric Holk authored
This is based on https://crrev.com/c/867063. R=titzer@chromium.org Bug: chromium:798964 Change-Id: I3b019040da90acd9541b4ec5c88d07ae81007120 Reviewed-on: https://chromium-review.googlesource.com/876989Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Eric Holk <eholk@chromium.org> Cr-Commit-Position: refs/heads/master@{#50772}
-
Michael Starzinger authored
This removes the field in question to make it simpler to serialize and deserialize modules without having to worry about the state of lazy compilation. It is always possible to clone a non-anonymous builtin, even without having this module-wide field. R=clemensh@chromium.org TEST=mjsunit/regress/wasm/regress-803427 BUG=chromium:803427 Change-Id: I72041e314eb6ee92859d45f1db0ed8500003edc4 Reviewed-on: https://chromium-review.googlesource.com/878581 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50771}
-
Michael Starzinger authored
Now that write-protection of code memory is enabled everywhere and V8 is fully W^X compliant, we can remove the permission mode in question. R=hpayer@chromium.org BUG=v8:6792 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I80fe95ac6bb0e2d1ad6d993154ce45d492d941be Reviewed-on: https://chromium-review.googlesource.com/866855 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Reviewed-by: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#50770}
-
Michael Lippautz authored
No-try: true Bug: v8:7266 Change-Id: I778fcf6b8e1abe5eac6e2f0d2600e4c5ec9fe549 Reviewed-on: https://chromium-review.googlesource.com/878821Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#50769}
-
Michal Majewski authored
During GC fuzzing we combine multiple tests and run them inside a wrapper that needs to ignore all errors/exceptions/asserts to keep the combined tests running. We will use this flag to ignore %AbortJS calls. Bug: v8:6917 Change-Id: Ib426a68228cadbea8364c5e1d29c39dd53129481 Reviewed-on: https://chromium-review.googlesource.com/857514Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michał Majewski <majeski@google.com> Cr-Commit-Position: refs/heads/master@{#50768}
-
Michal Majewski authored
Bug: v8:6917 Change-Id: I9f23515de0a1ae89babe41a42ab37fb2dfb67b48 Reviewed-on: https://chromium-review.googlesource.com/876324 Commit-Queue: Michał Majewski <majeski@google.com> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50767}
-
Michael Lippautz authored
- JSObject: Record elements and properties - JSCollecton: Record table - Record global caches Bug: v8:7266 Change-Id: I16b2eb511bed3dc0fb6f7af0e7037c6d42f03885 Reviewed-on: https://chromium-review.googlesource.com/878326 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#50766}
-
Andreas Haas authored
When a tab in Chrome gets refreshed, the refreshed page reuses the isolate of the original page. This means that at the moment, AsyncCompileJobs which were stared on the original page do not get aborted and will therefore eventually finish and resolve their promise. With this CL I abort all running AsyncCompileJobs when V8 gets the tab refresh signal, i.e. Isolate::ContextDisposedNotification. Note that I cannot just call CompilationManager::TearDown because it assumes that there are no pending tasks anymore. R=clemensh@chromium.org, hpayer@chromium.org Bug: chromium:803476 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I88d28fdaba6f55b7aa7379c4b5338ae62134fc8a Reviewed-on: https://chromium-review.googlesource.com/875923 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/master@{#50765}
-
Michael Achenbach authored
Bug: v8:7343 Change-Id: I673a490e04f7bae56199591db69b7f1c84022fc0 Reviewed-on: https://chromium-review.googlesource.com/878541Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50764}
-
Clemens Hammacher authored
This reloc mode is never encoded, so there is no reason to differentiate between 32 and 64 bit. Both are now replaced by RelocInfo::NONE. R=mstarzinger@chromium.org Change-Id: I054d99c7dc41f99729fa33617a6f47301b4a31e7 Reviewed-on: https://chromium-review.googlesource.com/878401Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50763}
-
Sigurd Schneider authored
Bug: chromium:800594, v8:7092, v8:7270, v8:7270 Change-Id: I30b69b51f793030c6f8a031a88d2dbb26a79d2bf Reviewed-on: https://chromium-review.googlesource.com/859780 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#50762}
-
Peter Marshall authored
A check will fail if the context passed in is not a native context. Change the code to get the native context from the passed context. Bug: chromium:804288 Change-Id: Iad314a3dd170355cf524b9230a692a6329564f8a Reviewed-on: https://chromium-review.googlesource.com/878324Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#50761}
-
Clemens Hammacher authored
Immediate::is_zero already checks the reloc info to be none, so the additional check is redundant. R=tebbi@chromium.org Change-Id: I3ec91fe60e8c659b2f38fda0123784a69e4bcbe9 Reviewed-on: https://chromium-review.googlesource.com/878321Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50760}
-