- 23 Jan, 2018 5 commits
-
-
Sigurd Schneider authored
The common operator reducer was loosing feedback information when replacing DeoptimizeIf/Unless with DeoptimizeUnless/If nodes. Bug: v8:7127 Change-Id: I5d6f253ca9dfec04f4e7c8d1485f0ca668a8db95 Reviewed-on: https://chromium-review.googlesource.com/878781Reviewed-by:
Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#50782}
-
Sigurd Schneider authored
This allows mixing of smi/object values and adds support for holey double arrays. Bug: v8:7340 Change-Id: I7e3a2b0aaa205b7af8c3af615fb9c9a965178b3f Reviewed-on: https://chromium-review.googlesource.com/878123Reviewed-by:
-
Sigurd Schneider authored
This change allows turbofan to store the index variable in a Word32 integer; my last change caused the index to be promoted to float64. Change-Id: Ia60d16461991ae941229f45d393e924d0dca5bbe Reviewed-on: https://chromium-review.googlesource.com/878160Reviewed-by:
-
Michael Achenbach authored
Bug: v8:7343 Change-Id: Ic0b89e2376fc927303a5285cc5b47a1ad4694047 Reviewed-on: https://chromium-review.googlesource.com/878642 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by:
Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#50779}
-
Georg Neis authored
R=bmeurer@chromium.org Bug: v8:5940 Change-Id: I8ce536f6f82225e8b05ef05a45eb3487360b14a2 Reviewed-on: https://chromium-review.googlesource.com/878126Reviewed-by:
-
- 22 Jan, 2018 35 commits
-
-
Mike Stanton authored
* Set gdeepti@ as a compiler backend owner. * Set sigurds@ as a compiler owner. Change-Id: I0ceb300b6452a36a7f945e92193a3946604c4e51 Reviewed-on: https://chromium-review.googlesource.com/878542Reviewed-by:
Ben Titzer <titzer@chromium.org> Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Reviewed-by:
Brad Nelson <bradnelson@chromium.org> Commit-Queue: Brad Nelson <bradnelson@chromium.org> Cr-Commit-Position: refs/heads/master@{#50777}
-
Michal Majewski authored
Bug: v8:6917 Change-Id: Ic34afb25b74520303cd9ace987fc18e1535e4147 Reviewed-on: https://chromium-review.googlesource.com/879146Reviewed-by:
Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50776}
-
Ali Ijaz Sheikh authored
Deoptimization may materialize values on the heap, which may get sampled by the heap profiler. Such samples have imprecise stack. Indicate this. BUG=v8:7314 Change-Id: I21ab079c36fc0492b05b546cc1d6a8e6c042aeb8 Reviewed-on: https://chromium-review.googlesource.com/877119 Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com> Reviewed-by:
Michael Stanton <mvstanton@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#50775}
-
Junliang Yan authored
Port 5cef3ddd Original Commit Message: Instead of requiring the pattern that a SuspendGenerator must be followed by a Return, make SuspendGenerator return directly. This can, in the future, simplify some of the reasoning around generator suspends. R=leszeks@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: Ic967164b40433ed64df5996560490b13d6159a94 Reviewed-on: https://chromium-review.googlesource.com/879223Reviewed-by:
Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#50774}
-
Michael Lippautz authored
Bug: v8:7266 Change-Id: Ibc8df4219ea990c3e1bf7a586356689080ab9eb9 Reviewed-on: https://chromium-review.googlesource.com/879182Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#50773}
-
Eric Holk authored
This is based on https://crrev.com/c/867063. R=titzer@chromium.org Bug: chromium:798964 Change-Id: I3b019040da90acd9541b4ec5c88d07ae81007120 Reviewed-on: https://chromium-review.googlesource.com/876989Reviewed-by:
-
Michael Starzinger authored
This removes the field in question to make it simpler to serialize and deserialize modules without having to worry about the state of lazy compilation. It is always possible to clone a non-anonymous builtin, even without having this module-wide field. R=clemensh@chromium.org TEST=mjsunit/regress/wasm/regress-803427 BUG=chromium:803427 Change-Id: I72041e314eb6ee92859d45f1db0ed8500003edc4 Reviewed-on: https://chromium-review.googlesource.com/878581 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50771}
-
Michael Starzinger authored
Now that write-protection of code memory is enabled everywhere and V8 is fully W^X compliant, we can remove the permission mode in question. R=hpayer@chromium.org BUG=v8:6792 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I80fe95ac6bb0e2d1ad6d993154ce45d492d941be Reviewed-on: https://chromium-review.googlesource.com/866855 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
Hannes Payer <hpayer@chromium.org> Reviewed-by:
Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#50770}
-
Michael Lippautz authored
No-try: true Bug: v8:7266 Change-Id: I778fcf6b8e1abe5eac6e2f0d2600e4c5ec9fe549 Reviewed-on: https://chromium-review.googlesource.com/878821Reviewed-by:
-
Michal Majewski authored
During GC fuzzing we combine multiple tests and run them inside a wrapper that needs to ignore all errors/exceptions/asserts to keep the combined tests running. We will use this flag to ignore %AbortJS calls. Bug: v8:6917 Change-Id: Ib426a68228cadbea8364c5e1d29c39dd53129481 Reviewed-on: https://chromium-review.googlesource.com/857514Reviewed-by:
-
Michal Majewski authored
Bug: v8:6917 Change-Id: I9f23515de0a1ae89babe41a42ab37fb2dfb67b48 Reviewed-on: https://chromium-review.googlesource.com/876324 Commit-Queue: Michał Majewski <majeski@google.com> Reviewed-by:
-
Michael Lippautz authored
- JSObject: Record elements and properties - JSCollecton: Record table - Record global caches Bug: v8:7266 Change-Id: I16b2eb511bed3dc0fb6f7af0e7037c6d42f03885 Reviewed-on: https://chromium-review.googlesource.com/878326 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
-
Andreas Haas authored
When a tab in Chrome gets refreshed, the refreshed page reuses the isolate of the original page. This means that at the moment, AsyncCompileJobs which were stared on the original page do not get aborted and will therefore eventually finish and resolve their promise. With this CL I abort all running AsyncCompileJobs when V8 gets the tab refresh signal, i.e. Isolate::ContextDisposedNotification. Note that I cannot just call CompilationManager::TearDown because it assumes that there are no pending tasks anymore. R=clemensh@chromium.org, hpayer@chromium.org Bug: chromium:803476 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I88d28fdaba6f55b7aa7379c4b5338ae62134fc8a Reviewed-on: https://chromium-review.googlesource.com/875923 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by:
-
Michael Achenbach authored
Bug: v8:7343 Change-Id: I673a490e04f7bae56199591db69b7f1c84022fc0 Reviewed-on: https://chromium-review.googlesource.com/878541Reviewed-by:
-
Clemens Hammacher authored
This reloc mode is never encoded, so there is no reason to differentiate between 32 and 64 bit. Both are now replaced by RelocInfo::NONE. R=mstarzinger@chromium.org Change-Id: I054d99c7dc41f99729fa33617a6f47301b4a31e7 Reviewed-on: https://chromium-review.googlesource.com/878401Reviewed-by:
-
Sigurd Schneider authored
Bug: chromium:800594, v8:7092, v8:7270, v8:7270 Change-Id: I30b69b51f793030c6f8a031a88d2dbb26a79d2bf Reviewed-on: https://chromium-review.googlesource.com/859780 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by:
-
Peter Marshall authored
A check will fail if the context passed in is not a native context. Change the code to get the native context from the passed context. Bug: chromium:804288 Change-Id: Iad314a3dd170355cf524b9230a692a6329564f8a Reviewed-on: https://chromium-review.googlesource.com/878324Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#50761}
-
Clemens Hammacher authored
Immediate::is_zero already checks the reloc info to be none, so the additional check is redundant. R=tebbi@chromium.org Change-Id: I3ec91fe60e8c659b2f38fda0123784a69e4bcbe9 Reviewed-on: https://chromium-review.googlesource.com/878321Reviewed-by:
Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50760}
-
Michael Starzinger authored
R=hpayer@chromium.org BUG=v8:6792 Change-Id: Id3413994de603dac1b7501c6fe376cdac1f9d7ce Reviewed-on: https://chromium-review.googlesource.com/866851 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
-
Clemens Hammacher authored
Tag RelocInfo which belongs to native wasm code, and fix printing to not try to access the Code object for CODE_TARGET, but rather just print "(wasm trampoline)". Bug: chromium:801785 R=mstarzinger@chromium.org Change-Id: I84a37f0c48ed7397cccf677b4d0f0352e5aceb9d Reviewed-on: https://chromium-review.googlesource.com/875271Reviewed-by:
-
Leszek Swirski authored
Suspend points (inside generators and async functions) have slightly funky semantics when it comes to liveness, as they save and restore a chunk of the register file as-is. In particular, this means that granular liveness information is lost, as it is assumed that all registers in that chunk of the register file are live in a suspend. Rather than marking that entire chunk of register as live/dead in suspend/restore, we can instead pattern-match the set of bytecodes in a suspend point, and propagate liveness across them. This tightens liveness estimates, and could be used to optimize which values TurboFan actually saves when suspending. Bug: chromium:798137 Change-Id: I5840cdbfc2c6edb1d3a48cf025f52615b629cdfc Reviewed-on: https://chromium-review.googlesource.com/848895 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by:
-
Clemens Hammacher authored
This CL adds support for indirect calls. R=titzer@chromium.org Bug: v8:6600 Change-Id: Ia29b87fa1f7be873cd722f934b8007c38794dceb Reviewed-on: https://chromium-review.googlesource.com/877884 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by:
-
Michael Starzinger authored
This fixes a corner-case with lazy compilation in WebAssembly where native-heap code did not expect to see WASM-to-JS wrappers in tables. R=clemensh@chromium.org TEST=mjsunit/regress/wasm/regress-803788 BUG=chromium:803788 Change-Id: Ie44b5c9efe2b171e1915295bb95d6cb61dfab3dc Reviewed-on: https://chromium-review.googlesource.com/878262Reviewed-by:
-
Michael Achenbach authored
This is added only to uniformly call all tools by the infra side. NOTRY=true TBR=sergiyb@chromium.org Bug: v8:6917 Change-Id: I85a14ea51abfe1bfc775fd73d2fee02bfb2fb31e Reviewed-on: https://chromium-review.googlesource.com/878361Reviewed-by:
-
Michael Achenbach authored
This adds flags to numfuzz for rerunning flaky tests and for storing json test results. With those flags added, the infra-side can call numfuzz with the same API as the standard test-runner. TBR=sergiyb@chromium.org Bug: v8:6917 Change-Id: I02d1cd02d90677c83f10e072383f3650c041cab1 Reviewed-on: https://chromium-review.googlesource.com/877890Reviewed-by:
-
Sigurd Schneider authored
Array.prototype.reduce[Right] used a lazy deoptimization frame state for an eager deopt point. Bug: v8:7336, chromium:804096 Change-Id: I720f9e049bd6b396e025fa59192fdbc6b4f18647 Reviewed-on: https://chromium-review.googlesource.com/878120 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by:
Daniel Clifford <danno@chromium.org> Cr-Commit-Position: refs/heads/master@{#50752}
-
Michael Starzinger authored
R=clemensh@chromium.org Change-Id: I545b1826be1566f7ce1ed6ad920fac0746a0dca9 Reviewed-on: https://chromium-review.googlesource.com/878161Reviewed-by:
-
Sigurd Schneider authored
Allow mixing smi/object packed/unpacked maps in A.p.pop/shift. Beforehand, mixing smi and object maps caused a deopt. Bug: v8:7205, v8:7340 Change-Id: Ifec021791e98589be4a56fe97d3cc003f0fb6393 Reviewed-on: https://chromium-review.googlesource.com/878121Reviewed-by:
-
Andreas Haas authored
This is the V8 side change of crrev.com/c/876103. Message: It can happen that WebAssembly.compileStreaming gets aborted when we are not allowed to execute JavaScript code, and therefore are also not allowed to reject the promise returned by WebAssembly.compileStreaming. This can happen e.g. when the Chrome tab gets refreshed, which aborts all downloads. With this CL we do not pass a reason to Abort if we are not allowed to execute JavaScript code. On the V8 side we can check the reason passed to Abort and do not reject the promise if there is no reason passed. CC=mtrofin@chromium.org R=titzer@chromium.org Bug: chromium:803838 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: Ie5cc85c72b60383e9221318c18a4e1812d230692 Reviewed-on: https://chromium-review.googlesource.com/876091Reviewed-by:
-
Leszek Swirski authored
Instead of requiring the pattern that a SuspendGenerator must be followed by a Return, make SuspendGenerator return directly. This can, in the future, simplify some of the reasoning around generator suspends. Change-Id: I94c0156a89dc0e1c0bc306bc57acf766f3b4deb5 Reviewed-on: https://chromium-review.googlesource.com/857463Reviewed-by:
Georg Neis <neis@chromium.org> Reviewed-by:
Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Reviewed-by:
Yang Guo <yangguo@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#50748}
-
Michael Achenbach authored
TBR=sergiyb@chromium.org Bug: v8:7337 Change-Id: I1732f6e587305ce4ab41a65f73e943c7eb9e1d15 Reviewed-on: https://chromium-review.googlesource.com/877760Reviewed-by:
-
Jakob Gruber authored
This reverts commit 03e9d415. Reason for revert: Correctness issues, see https://crbug.com/804159. Bug: chromium:804159 Original change's description: > Reland: Reimplement Object.entries/values as CSA to optimize performance. > > Add Object.entries/values builtins to debug-evaluate.cc whitelist macro. > This fix revert commit of https://chromium-review.googlesource.com/c/v8/v8/+/859937 > Original is https://chromium-review.googlesource.com/c/v8/v8/+/810504 > >> Reimplements Object.entries/values as CSA to optimize performance. See more detail about https://bugs.chromium.org/p/v8/issues/ Issue 6804. > > This reverts commit 1b49f725. > > Bug: v8:6804 > Change-Id: I57e8b66e1c4ece2abb52e1630a97fbfd4070d810 > Reviewed-on: https://chromium-review.googlesource.com/860679 > Commit-Queue: Yang Guo <yangguo@chromium.org> > Reviewed-by: Yang Guo <yangguo@chromium.org> > Cr-Commit-Position: refs/heads/master@{#50492} TBR=yangguo@chromium.org,cbruni@chromium.org,jgruber@chromium.org,ishell@chromium.org,brn@b6n.ch # Not skipping CQ checks because original CL landed > 1 day ago. Bug: v8:6804 Change-Id: I39b1854ca7c2f57819ba377f84560356d3756bfb Reviewed-on: https://chromium-review.googlesource.com/877886Reviewed-by:
-
Michael Lippautz authored
No-try: true Bug: v8:7266 Change-Id: If1f67688e46e443f8e9e38f5481ce591213d2228 Reviewed-on: https://chromium-review.googlesource.com/877883Reviewed-by:
-
Peter Marshall authored
Bug: v8:7102 Change-Id: Id37799cdf989558ca4f771d451f4b45cbf7123bf Reviewed-on: https://chromium-review.googlesource.com/787434 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Reviewed-by:
Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#50744}
-
Mostyn Bramley-Moore authored
These functions are duplicated in module-compiler.cc and therefore cause jumbo build failures. It looks like this is planned to be refactored later by titzer. So let's just give them new names for now, to unbreak jumbo builds. Bug: v8:7316 Change-Id: I4ba0c8dcc8474a4b02a47c16f2da77650861cfe4 Reviewed-on: https://chromium-review.googlesource.com/877279Reviewed-by:
-
