- 21 Sep, 2018 33 commits
-
-
Marja Hölttä authored
Also fixing DEPS include rules for heap-write-barrier.h BUG=v8:5402,v8:8015 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: Ia785da321bc6c6f4c375ae8c866a0bf294e64f5b Reviewed-on: https://chromium-review.googlesource.com/1238453Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#56138}
-
Michael Starzinger authored
This also makes the {AddCodeCopy} method more specific to only apply to import wrappers, otherwise the use of {set_code} would be unprotected. R=clemensh@chromium.org BUG=v8:8015 Change-Id: I62561560f57e4cc235a338c0e769e50ff55ec42d Reviewed-on: https://chromium-review.googlesource.com/1238477Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#56137}
-
Benedikt Meurer authored
Remove the following runtime functions, which are not used throughout the code base anymore: - %GetWeakMapEntries - %GetWeakSetValues - %MapIteratorClone - %SetIteratorClone - %StringNotEqual - %FunctionGetName - %IsConstructor - %SetCode Bug: v8:8015 Change-Id: Iaf441d58e9b9bc77ef5bf93cb82ada87fb1ff5a7 Reviewed-on: https://chromium-review.googlesource.com/1238574 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#56136}
-
Georg Neis authored
This did unnecessarily much work, part of it even didn't make sense due to my misunderstanding of the different ownership notions. Bug: v8:7790 Change-Id: I8f630b544d2fa9d583ceb7e496e88b9a655385a7 Reviewed-on: https://chromium-review.googlesource.com/1236955Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#56135}
-
Daniel Clifford authored
Bug: v8:7793 Change-Id: I3ab2cf1b6190014eff29f6983c27872b4d79a9dc Reviewed-on: https://chromium-review.googlesource.com/1233760 Commit-Queue: Daniel Clifford <danno@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#56134}
-
Michael Lippautz authored
Bug: v8:8015 Change-Id: Ic247b288294259dea1795c909874920e9f37a871 Reviewed-on: https://chromium-review.googlesource.com/1238575Reviewed-by: Hannes Payer <hpayer@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#56133}
-
Toon Verwaest authored
Rather than allocating one in the zone and swapping them on discardable zone swap, we simply swap the zone in the inferrer and allow the stacks to grow in the outer zone. The inner segments will be dropped anyway. This also introduces a PreParserFuncNameInferrer that just has dummy implementations. That way we can avoid checking whether fni_ is nullptr at runtime. Change-Id: I0ff41b16d31571fc4606fd46b705d80b423343eb Reviewed-on: https://chromium-review.googlesource.com/1238573Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#56132}
-
Benedikt Meurer authored
When constructing a TypedArray by length, only actually setup the JSTypedArray instance once the buffer is allocated, as only at that time it's known whether the byte length is fine. Otherwise we confuse the heap verifier. Bug: chromium:887891 Change-Id: I407ff9a2a053dd11ef764e4e32f482abb27eb0a8 Reviewed-on: https://chromium-review.googlesource.com/1238494Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#56131}
-
Yang Guo authored
R=ahaas@chromium.org Bug: chromium:887888 Change-Id: I69edac2289ae6c00aeba82edcd780861568165ac Reviewed-on: https://chromium-review.googlesource.com/1238178Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#56130}
-
Florian Sattler authored
Fixing clang-tidy warning. Replace 0 with nullptr. Add NOLINT for special cases. Add default/override to methods. Bug: v8:8015 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: Iff483356ace471d816051c6dd06ca08809ae1c09 Reviewed-on: https://chromium-review.googlesource.com/1238333Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Florian Sattler <sattlerf@google.com> Cr-Commit-Position: refs/heads/master@{#56129}
-
Benedikt Meurer authored
Bug: v8:8015 Change-Id: I8c7d5fce7bdac70a96a05b469c42ac578c9426bc Reviewed-on: https://chromium-review.googlesource.com/1238177Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#56128}
-
Benedikt Meurer authored
Remove %ToPrimitive, %ToPrimitive_Number, %SameValue and %SameValueZero, as these runtime functions were only used from tests. For the %SameValue we use Object.is() to test the internal algorithm (the actual one even), and for %SameValueZero we use Set#has() - this was already the case for most uses anyways. Also drop %IsDate and %ValueOf, which didn't have uses at all. Bug: v8:8015 Change-Id: Ice26d25e68aed4d5d8adac0547c56aedf9826b13 Reviewed-on: https://chromium-review.googlesource.com/1237677 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#56127}
-
Benedikt Meurer authored
The JSToInteger operator is not used anywhere in TurboFan nowadays, so no point in keeping the dead code in the tree. Bug: v8:8015 Change-Id: If03ba63c4b932ba0aac60b9bbc89fee3909a93c6 Reviewed-on: https://chromium-review.googlesource.com/1238238Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#56126}
-
Benedikt Meurer authored
The order in which ToNumber(left) and ToPrimitive(right,hint Number) is called when performing an abstract relational comparison is observable, and we need to make sure to trigger the conversions in the correct order. Bug: chromium:687063 Change-Id: Idc9edb99643c4cf1774b89dcdc319ed5dc7cdc8a Reviewed-on: https://chromium-review.googlesource.com/1236557Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#56125}
-
Jakob Gruber authored
TBR=sigurds@chromium.org Bug: v8:6666 Change-Id: I6fffc2187f7d457bfefe34cc78ad304cfb0a34a7 Reviewed-on: https://chromium-review.googlesource.com/1237678Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#56124}
-
Michael Starzinger authored
R=clemensh@chromium.org BUG=v8:8015 Change-Id: I1daca16797a6a359aaab1703767ae24e2d73e8f2 Reviewed-on: https://chromium-review.googlesource.com/1238240Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#56123}
-
Leszek Swirski authored
This test is currently flaky on TSAN and blocks the roll. Bug: v8:8209 Change-Id: I0ca32d39f5570b458d56801b9a72ff3c428678d5 Reviewed-on: https://chromium-review.googlesource.com/1237676Reviewed-by: Michael Hablich <hablich@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#56122}
-
Benedikt Meurer authored
Properly test the abstract equality - both JSEqual and JSNotEqual - for the case of symbols. Also add tests for the corner cases of the JSObjectIsArray operator, which is used to implement Array.isArray() builtin. Bug: v8:8015 Change-Id: Ib008e85553d04527a5992a904ec77774761f872e Reviewed-on: https://chromium-review.googlesource.com/1238237Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#56121}
-
Jakob Gruber authored
Bug: v8:6666 Change-Id: I3867339640de252884b7941abdacff0872eaff39 Reviewed-on: https://chromium-review.googlesource.com/1235916 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#56120}
-
Dan Elphick authored
Change the following functions from V8_DEPRECATE_SOON to V8_DEPRECATED: JSON::Parse ValueSerializer::ReleaseBuffer,TransferSharedArrayBuffer Date::New ResourceConstraints::max_semi_space_size, set_max_semi_spaceisize, max_executable_size, set_max_executable_size Bug: v8:8015, v8:7269 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I2724738809fe1db28dbe279d476ac6fdf72ee5fa Reviewed-on: https://chromium-review.googlesource.com/1235915Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Cr-Commit-Position: refs/heads/master@{#56119}
-
Simon Zünd authored
R=jgruber@chromium.org Bug: v8:6666 Change-Id: I3ece4039297f837a3677c62c4a76433b73ebbe15 Reviewed-on: https://chromium-review.googlesource.com/1233916Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Simon Zünd <szuend@google.com> Cr-Commit-Position: refs/heads/master@{#56118}
-
Jakob Gruber authored
Handlers were recently moved to the builtins table, and we never added full support for this flag. It doesn't add much value and lazy deserialization is scheduled for mid-term removal anyways, so let's just delete it. --lazy-deserialization now controls both builtin- and handler-deserialization behavior. Bug: v8:6624 Change-Id: Iffb7286a00157966abf99158ba629ce4765536d6 Reviewed-on: https://chromium-review.googlesource.com/1238235 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Dan Elphick <delphick@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#56117}
-
Sigurd Schneider authored
Change-Id: I9eda6409d05c59085a09ebc7079b9c12c9877574 Bug: v8:6666 Reviewed-on: https://chromium-review.googlesource.com/1236577 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#56116}
-
Benedikt Meurer authored
Improve the lowering of CheckedInt32Div and CheckedUint32Div for the case that the right hand side is a known (positive) power of two, as in that case it's sufficient to just check the relevant bits on the left hand side and then shift by the appropriate amount of bits. This is significantly faster than what TurboFan is able to generate from the general lowering, even with all the MachineOperatorReducer magic (it even shows as a steady ~1.5% overall improvement on the Kraken crypto ccm benchmark). Also turn the general CheckedInt32Div lowering into readable code again, and make sure that all the bailout cases are properly covered by mjsunit tests (i.e. the "division by zero" bailout was not covered properly). Bug: v8:8015 Change-Id: Ibfdd367a6ee5d70dcaa48801858042c5029b7004 Reviewed-on: https://chromium-review.googlesource.com/1236954Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#56115}
-
Benedikt Meurer authored
The previous tests didn't cover the case Number.isSafeInteger(x) where TurboFan was unable to tell that `x` is always a Number and thus had to use the ObjectIsSafeInteger operator instead. Bug: v8:8015 Change-Id: I9bdbfa602fe0bf8c5fb2bc6c160ace7ab0bc0aaa Reviewed-on: https://chromium-review.googlesource.com/1238234Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#56114}
-
Benedikt Meurer authored
Again in the spirit of https://chromium-review.googlesource.com/1226033 we can simplify the handling of NumberDivide and decide the lowering based on the feedback type. Drive-by-fix: Add test coverage for the relevant corner cases of the NumberDivide handling in SimplifiedLowering. Bug: v8:8015 Change-Id: I0edaca0fddb31d64d2c269268e87a32a687a0b26 Reviewed-on: https://chromium-review.googlesource.com/1236262Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#56113}
-
Benedikt Meurer authored
The ObjectIsArrayBuffer simplified operator, which is used to implement the ArrayBuffer.isView() builtin, didn't have any test coverage. Bug: v8:8015 Change-Id: Ia15e35bc4ae61627137f7a89976560a8d3db771f Reviewed-on: https://chromium-review.googlesource.com/1238215Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#56112}
-
Sigurd Schneider authored
This CL changes Construct, ConstructVarargs, ConstructForwardVarargs and ConstructFunctionForwardVarargs to preserve the kRootRegister (ebx). Bug: v8:6666 Change-Id: Ia2c328e419506c029cda76fc210bbd45d9eb5952 Reviewed-on: https://chromium-review.googlesource.com/1233654Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#56111}
-
Jakob Gruber authored
Even in the embedded bytecode handler configuration, there's currently no guarantee that all handlers are eager. Specifically, on ia32 handlers are currently not embedded and thus lazy. We need to keep lazy deserialization logic around until that is no longer the case. Bug: v8:6624 Change-Id: Ie4ec5f0fcd9890ed96a5df3bf3654e85379f92ae Reviewed-on: https://chromium-review.googlesource.com/1236261Reviewed-by: Dan Elphick <delphick@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#56110}
-
Florian Sattler authored
Fixing clang-tidy warning. Bug: v8:8015 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: I722e15193b3b269e94dc8e5aba80f6f73c95cda8 Reviewed-on: https://chromium-review.googlesource.com/1228036 Commit-Queue: Florian Sattler <sattlerf@google.com> Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#56109}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/64006c6..641370b Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/582a06e..6f7c60d Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/f837545..92df4e6 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/35ffce8..9ad74fa TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: Ifd02fa9d9b285854849b89aabea890e4c0124303 Reviewed-on: https://chromium-review.googlesource.com/1237853 Commit-Queue: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Reviewed-by: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#56108}
-
Sam Clegg authored
Without this the call to `formatFailureText` in `test-async.js` fails but goes unnoticed since the promise change is rejects which is not handled. And d8 silently ignores the the unhandled rejections. Once `formatFailureText` was added it reveals a but where several tests were expecting `.equal` to be a deepEquals. Specifically: test/mjsunit/es6/promise-all.js test/mjsunit/harmony/async-generators-resume-return.js test/mjsunit/harmony/async-generators-return.js test/mjsunit/harmony/async-generators-yield.js Making equals call `deepEquals` fixed that issue. Change-Id: I350c7d916147eaa7cf873bdaf273aebbaaa833c5 Reviewed-on: https://chromium-review.googlesource.com/1236852 Commit-Queue: Sam Clegg <sbc@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#56107}
-
Jakob Kummerow authored
GCC 7.x doesn't like it (-Werror=subobject-linkage) when a class either derives from a class or has a member field of a type that was declared in an anonymous namespace. It is also opposed (-Werror=attributes) to visibility attributes being defined at explicit template instantiations. GCC 8.x further has reservations (-Werror=class-memaccess) about letting memset/memcpy modify areas within non-POD objects. Change-Id: Ic5107bb5ee3af6233e3741e3ef78d03a0a84005a Reviewed-on: https://chromium-review.googlesource.com/1208306 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#56106}
-
- 20 Sep, 2018 7 commits
-
-
Sathya Gunasekaran authored
Previously, Atomics.notify was just an alias to Atomics.wake, which doesn't quite let us add a use counter for these individual builtins. This patch refactors the existing Atomics.wake into a separate function that is called from two separate builtins. Bug: v8:7883 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: If54c8f769b7949d88d327cfb2f70db394f32a0b7 Reviewed-on: https://chromium-review.googlesource.com/1234581 Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Ben Smith <binji@chromium.org> Cr-Commit-Position: refs/heads/master@{#56105}
-
Junliang Yan authored
R=joransiu@ca.ibm.com Change-Id: Ibebb8bdb064628443c7bb4093382c3e7e8c04472 Reviewed-on: https://chromium-review.googlesource.com/1236601Reviewed-by: Muntasir Mallick <mmallick@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#56104}
-
Junliang Yan authored
R=joransiu@ca.ibm.com Change-Id: Iace9b8bf40d416b2c7c56c383d00b4f0a6501de1 Reviewed-on: https://chromium-review.googlesource.com/1236973Reviewed-by: Muntasir Mallick <mmallick@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#56103}
-
Michael Lippautz authored
Bug: chromium:843903 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I93fffd197d1742d0b00e69e0967a9efb47921208 Reviewed-on: https://chromium-review.googlesource.com/1236253Reviewed-by: Hannes Payer <hpayer@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#56102}
-
Hai Dang authored
This CL extracts the branch into a new function. Previously, the branch is only used to copy a FixedArray to a new FixedArray. The new function generalizes this to allow copying from a FixedDoubleArray to a FixedArray also. This function will be useful in a follow-up CL to copy a FixedDoubleArray with holes into a FixedArray where holes are replaced by undefined. Bug: chromium:881273, v8:7980 Change-Id: I8a0e5f933fc152a12d67810f4cbcfdce094d44af Reviewed-on: https://chromium-review.googlesource.com/1230913 Commit-Queue: Hai Dang <dhai@google.com> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#56101}
-
Toon Verwaest authored
Change-Id: Idb0aa9a7ad246def358beae0b2b464496223d749 Reviewed-on: https://chromium-review.googlesource.com/1236575Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#56100}
-
Ross McIlroy authored
Merge UnoptimizedCompileJobTest::CompileFailureToFinalize and UnoptimizedCompileJobTest::CompileFailureToAnalyse They both do the same thing, and UnoptimizedCompileJobTest.CompileFailureToFinalize was failing on arm due to stack size parameters. BUG=v8:8041 No-Presubmit: true No-Tree-Checks: true No-Try: true Change-Id: I2506aed026420c2634d5cd41b0dc268debb512eb Reviewed-on: https://chromium-review.googlesource.com/1236814Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#56099}
-