- 14 Mar, 2017 19 commits
-
-
Leszek Swirski authored
Marking shared functions for tier-up was optimizing the functions non-concurrently, to avoid the case where the same shared function is optimized concurrently by multiple JS functions. This was particularly a problem for small functions, which (if called in a loop) could get marked for optimisation quite quickly. In this CL, the shared function is instead marked as having an active optimization job running, and these do not spawn a compilation job. BUG=693590 Change-Id: I3df93fbf9cec7eda8229fcf416d7c429c06bec86 Reviewed-on: https://chromium-review.googlesource.com/446836 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#43778}
-
Clemens Hammacher authored
Instead of storing call_pc and ret_pc, store just one pc. This simplifies frame inspection (no distinction between top frame and other frames). The previous ret_pc can easily be computed from the stored pc, since we know that we must be at a indirect or direct call site when returning to a previous frame. It also slightly simplifies the upcoming CL to call imported functions, which would also have to set the call_pc. R=titzer@chromium.org, ahaas@chromium.org BUG=v8:5822 Change-Id: I5876c09ec36450dc1474a760282fd5e41eab38be Reviewed-on: https://chromium-review.googlesource.com/453159 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#43777}
-
Michael Achenbach authored
BUG=chromium:682617 TBR=mstarzinger@chromium.org,mvstanton@chromium.org,rmcilroy@chromium.org NOTRY=true Change-Id: If121a5d01bba113374bc1673780fc713997e54a9 Reviewed-on: https://chromium-review.googlesource.com/454618Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#43776}
-
Michael Starzinger authored
This fixes a corner-case in {KeyAccumulator::CollectOwnJSProxyKeys} where the keys returned by {JSReceiver::OwnPropertyKeys} for an array are not internalized and hence have a diverging identity from keys returned by the "ownKeys" trap of a proxy. R=cbruni@chromium.org TEST=mjsunit/regress/regress-crbug-700678 BUG=chromium:700678 Change-Id: I5efd012eade14bd45c69e4abb0aeda684baf38f0 Reviewed-on: https://chromium-review.googlesource.com/452979Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#43775}
-
Michael Achenbach authored
Those tests do real calls to rietveld. As we're moving away from this, we can skip testing it now. BUG=chromium:701296 NOTRY=true TBR=hablich@chromium.org Change-Id: I44249160f7e35d4e2fac7aeb40889a825cfc5678 Reviewed-on: https://chromium-review.googlesource.com/454040Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#43774}
-
Clemens Hammacher authored
If this flag is set, all code will be executed in the interpreter. At some point in the future we might want to have a variant for testing all code with this flag. Currently, I am using it for finding unimplemented functionality in the interpreter and testing existing functionality. Mjsunit tests in follow-up CLs will use this flag too. R=ahaas@chromium.org, titzer@chromium.org BUG=v8:5822 Change-Id: I1393b4aedbb9f9070e011362ec95cb89f296dab4 Reviewed-on: https://chromium-review.googlesource.com/453700 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#43773}
-
Clemens Hammacher authored
In Isolate::CaptureSimpleStackTrace, we were ignoring interpreter entry frames so far. This CLs changes this to gets the interpreted stack from the wasm interpreter and add the frames to the FrameArray. R=ahaas@chromium.org, titzer@chromium.org BUG=v8:5822 Change-Id: I705909532ff28af412ff809da94522866eaa1c0d Reviewed-on: https://chromium-review.googlesource.com/452378 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#43772}
-
Michael Achenbach authored
BUG=chromium:682617 R=mstarzinger@chromium.org,mvstanton@chromium.org,rmcilroy@chromium.org Change-Id: Id0c904e080bb09e4ac1a127a02b110459442f7f3 Reviewed-on: https://chromium-review.googlesource.com/452484 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#43771}
-
Toon Verwaest authored
BUG= Change-Id: Ib7d6f1c8cc20f4170607d4f595756a534e3eceb8 Reviewed-on: https://chromium-review.googlesource.com/452382 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#43770}
-
Clemens Hammacher authored
R=titzer@chromium.org NOTRY=true Change-Id: Ib1957f83010acd7603fbdf36780be80cf3f514c5 Reviewed-on: https://chromium-review.googlesource.com/452298Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#43769}
-
yangguo authored
BUG=v8:6091 R=machenbach@chromium.org NOTRY=true Review-Url: https://codereview.chromium.org/2751513003 Cr-Commit-Position: refs/heads/master@{#43768}
-
mvstanton authored
BUG= R=bmeurer@chromium.org Review-Url: https://codereview.chromium.org/2749783002 Cr-Commit-Position: refs/heads/master@{#43767}
-
Toon Verwaest authored
This doesn't support "lookup after interceptor", but that should be unnecessary by now since we have non-masking interceptors. BUG= Change-Id: I8650a47ab2ce6fa314de25d0c4775b5c165df179 Reviewed-on: https://chromium-review.googlesource.com/453376Reviewed-by: Hannes Payer <hpayer@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#43766}
-
Jochen Eisinger authored
I plan to change the constructor field of maps, and instead of patching the intrinsics all over the place, just fall back to the runtime. R=bmeurer@chromium.org BUG=v8:6084 Change-Id: Ie294b74ab615fd794d7fc47488e2e30e2b49b4db Reviewed-on: https://chromium-review.googlesource.com/454616Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Jochen Eisinger <jochen@chromium.org> Cr-Commit-Position: refs/heads/master@{#43765}
-
yangguo authored
NOTRY=true R=franzih@chromium.org, machenbach@chromium.org, ofrobots@google.com Review-Url: https://codereview.chromium.org/2744663005 Cr-Commit-Position: refs/heads/master@{#43764}
-
Jochen Eisinger authored
As the code isn't used, but would have to be ported from hand-written assembly to CodeStubAssembler anyways, I propose to remove it and restore it if we decide that we actually need it. R=vogelheim@chromium.org BUG= Change-Id: Iffd7fc6ec534b1dd7a9144da900424355c8a7a02 Reviewed-on: https://chromium-review.googlesource.com/453461 Commit-Queue: Jochen Eisinger <jochen@chromium.org> Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#43763}
-
jing.bao authored
psll/rl/raw(xmm, imm) psrad(xmm, imm) vpsll/rl/raw(xmm, xmm, imm) vpsll/rl/rad(xmm, xmm, imm) BUG= Review-Url: https://codereview.chromium.org/2747783004 Cr-Commit-Position: refs/heads/master@{#43762}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/1748b43..7de5863 Rolling v8/buildtools: https://chromium.googlesource.com/chromium/buildtools/+log/b3771b1..e6b510a Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapult/+log/4550ebc..1ec68b3 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/49cece5..f091611 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Change-Id: Ibd5bcb1d56b09bb898bfc14b1a100746cdba1708 Reviewed-on: https://chromium-review.googlesource.com/454398Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#43761}
-
jing.bao authored
Add instructions in following format: instr(xmm, xmm/mem) vinstr(xmm, xmm, xmm/mem) BUG= Review-Url: https://codereview.chromium.org/2744643004 Cr-Commit-Position: refs/heads/master@{#43760}
-
- 13 Mar, 2017 21 commits
-
-
eholk authored
This is basically the minimum viable signal handler for Wasm bounds checks. It includes the TLS check and the fine grained instructions checks. These two checks provide most of the safety for the signal handler. Future CLs will add code range and data range checks for more robustness. The trap handling code and data structures are all in src/trap-handler, with the code that actually runs in the signal handler confined to src/trap-handler/signal-handler.cc. This changes adds a new V8 API that the embedder should call from a signal handler that will give V8 the chance to handle the fault first. For hosts that do not want to implement their own signal handler, we include the option to install a simple one. This simple handler is also used for the tests. When a Wasm module is instantiated, information about each function is passed to the trap handler, which is used to classify faults. These are removed during the instance finalizer. Several future enhancements are planned before turning this on by default. Obviously, the additional checks will be added to MaybeHandleFault. We are also planning to add a two-level CodeObjectData table that is grouped by isolates to make cleanup easier and also reduce potential for contending on a single data structure. BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277 Review-Url: https://codereview.chromium.org/2371833007 Cr-Original-Original-Commit-Position: refs/heads/master@{#43523} Committed: https://chromium.googlesource.com/v8/v8/+/a5af7fe9ee388a636675f4a6872b1d34fa7d1a7a Review-Url: https://codereview.chromium.org/2371833007 Cr-Original-Commit-Position: refs/heads/master@{#43755} Committed: https://chromium.googlesource.com/v8/v8/+/338622d7cae787a63cece1f2e79a8b030023940b Review-Url: https://codereview.chromium.org/2371833007 Cr-Commit-Position: refs/heads/master@{#43759}
-
binji authored
This reverts the previous revert, commit 5a04f4fd. Previously reverted changes: > Revert "[SAB] Move Atomics builtins to C++" > > This reverts commit 2b9840d8. > > Revert "[SAB] Remove unreachable Uint8Clamped atomics paths" > > This reverts commit d1160fb1. > > Revert "Remove tiny unit test for MinSimple/MaxSimple" > > This reverts commit 837760ec. > > Revert "Remove infrastructure for experimental JS natives" > > This reverts commit 8cfe45b6. These changes were reverted to improve a perf regression on a Chrome bot. Since then, the regression has reappeared, then disappeared again all from seemingly unrelated changes. BUG=v8:6033 TBR=adamk@chromium.org,hpayer@chromium.org,yangguo@chromium.org Review-Url: https://codereview.chromium.org/2732213005 Cr-Commit-Position: refs/heads/master@{#43758}
-
eholk authored
Revert of [wasm] Initial signal handler (patchset #60 id:1170001 of https://codereview.chromium.org/2371833007/ ) Reason for revert: ASAN breakage, such as https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20ASAN/builds/19111/steps/Check/logs/grow-memory Original issue's description: > [wasm] Initial signal handler > > This is basically the minimum viable signal handler for Wasm bounds checks. > It includes the TLS check and the fine grained instructions checks. These > two checks provide most of the safety for the signal handler. Future CLs will > add code range and data range checks for more robustness. > > The trap handling code and data structures are all in src/trap-handler, with > the code that actually runs in the signal handler confined to > src/trap-handler/signal-handler.cc. > > This changes adds a new V8 API that the embedder should call from a signal > handler that will give V8 the chance to handle the fault first. For hosts that > do not want to implement their own signal handler, we include the option to > install a simple one. This simple handler is also used for the tests. > > When a Wasm module is instantiated, information about each function is passed > to the trap handler, which is used to classify faults. These are removed during > the instance finalizer. > > Several future enhancements are planned before turning this on by default. > Obviously, the additional checks will be added to MaybeHandleFault. We are > also planning to add a two-level CodeObjectData table that is grouped by > isolates to make cleanup easier and also reduce potential for contending on > a single data structure. > > BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277 > > Review-Url: https://codereview.chromium.org/2371833007 > Cr-Original-Commit-Position: refs/heads/master@{#43523} > Committed: https://chromium.googlesource.com/v8/v8/+/a5af7fe9ee388a636675f4a6872b1d34fa7d1a7a > Review-Url: https://codereview.chromium.org/2371833007 > Cr-Commit-Position: refs/heads/master@{#43755} > Committed: https://chromium.googlesource.com/v8/v8/+/338622d7cae787a63cece1f2e79a8b030023940b TBR=ahaas@chromium.org,bradnelson@google.com,hpayer@chromium.org,jochen@chromium.org,mark@chromium.org,mseaborn@chromium.org,titzer@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277 Review-Url: https://codereview.chromium.org/2744383002 Cr-Commit-Position: refs/heads/master@{#43757}
-
bjaideep authored
Port 06fef85b Original Commit Message: Part of the performance and refactoring work to move the TypedArray constructors into CSA. This CL moves ConstructByArrayBuffer from JS to CSA. R=petermarshall@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG=v8:5977 LOG=N Review-Url: https://codereview.chromium.org/2742343005 Cr-Commit-Position: refs/heads/master@{#43756}
-
eholk authored
This is basically the minimum viable signal handler for Wasm bounds checks. It includes the TLS check and the fine grained instructions checks. These two checks provide most of the safety for the signal handler. Future CLs will add code range and data range checks for more robustness. The trap handling code and data structures are all in src/trap-handler, with the code that actually runs in the signal handler confined to src/trap-handler/signal-handler.cc. This changes adds a new V8 API that the embedder should call from a signal handler that will give V8 the chance to handle the fault first. For hosts that do not want to implement their own signal handler, we include the option to install a simple one. This simple handler is also used for the tests. When a Wasm module is instantiated, information about each function is passed to the trap handler, which is used to classify faults. These are removed during the instance finalizer. Several future enhancements are planned before turning this on by default. Obviously, the additional checks will be added to MaybeHandleFault. We are also planning to add a two-level CodeObjectData table that is grouped by isolates to make cleanup easier and also reduce potential for contending on a single data structure. BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5277 Review-Url: https://codereview.chromium.org/2371833007 Cr-Original-Commit-Position: refs/heads/master@{#43523} Committed: https://chromium.googlesource.com/v8/v8/+/a5af7fe9ee388a636675f4a6872b1d34fa7d1a7a Review-Url: https://codereview.chromium.org/2371833007 Cr-Commit-Position: refs/heads/master@{#43755}
-
Michael Lippautz authored
We already filter out fillers in ProcessMarkingDeque. BUG= Change-Id: Iee0dbfffe6e4eb5c65a1c25ba75c4c69bf15355b Reviewed-on: https://chromium-review.googlesource.com/453481Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#43754}
-
Igor Sheludko authored
BUG=v8:5495 Change-Id: I49e478f5d6b12a3b65f69fa8120a768f2dbd98f3 Reviewed-on: https://chromium-review.googlesource.com/451323Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#43753}
-
clemensh authored
I don't have a local master branch, so those commands failed for me. R=hablich@chromium.org NOTRY=true Review-Url: https://codereview.chromium.org/2733923002 Cr-Commit-Position: refs/heads/master@{#43752}
-
bjaideep authored
Add PPC/s390 configs to mb_config and BUILD.gn. Also use a script to get host byte ordering. R=machenbach@chromium.org, dpranke@chromium.org BUG= LOG=N Review-Url: https://codereview.chromium.org/2736993004 Cr-Commit-Position: refs/heads/master@{#43751}
-
kozyatinskiy authored
We emulate break by callling breakProgramCallback function in debugger context, we can just use HandleDebugBreak. It allows us to move all stepping logic to debug.cc later and remove one usage of debugger context. + two minor issues fixed, see tests. BUG=v8:5510 R=yangguo@chromium.org Review-Url: https://codereview.chromium.org/2738503006 Cr-Commit-Position: refs/heads/master@{#43750}
-
littledan authored
A couple infrastructure changes went into this patch: - test262 changed from expecting $ to $262 - upstream-local-tests.sh gets a command-line parameter for ease of use - Fixed up the FAIL_SLOPPY infrastructure, which seems to have bit-rotted - Inserted a terrible hack to get around test262 tests with a $ in the name Drive-by fix for the length of Intl.DateTimeFormat.prototype.format R=adamk Review-Url: https://codereview.chromium.org/2733843002 Cr-Commit-Position: refs/heads/master@{#43749}
-
Michael Achenbach authored
This makes it possible to directly request testing noturbofan_stress on the command line. BUG=chromium:682617 TBR=mstarzinger@chromium.org,mvstanton@chromium.org,rmcilroy@chromium.org NOTRY=true Change-Id: I6ba9a022c4ef24fb5abe6878d3f2f972e8461eb8 Reviewed-on: https://chromium-review.googlesource.com/453180 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#43748}
-
Peter Marshall authored
Part of the performance and refactoring work to move the TypedArray constructors into CSA. This CL moves ConstructByArrayBuffer from JS to CSA. BUG=v8:5977 Change-Id: I0a200e6b3f6261ea2372ea9c3d3ca98e313cf2c5 Reviewed-on: https://chromium-review.googlesource.com/451620 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#43747}
-
Ilija.Pavlovic authored
Test regress-694088.js is adapted for execution on big endian platforms. TEST=test/mjsunit/compiler/regress-694088.js BUG= Review-Url: https://codereview.chromium.org/2739403002 Cr-Commit-Position: refs/heads/master@{#43746}
-
danno authored
In the process, re-factor the implementation of Array.prototype.forEach so that the bulk of the implementation can be re-used, since much of the spec is identical. The refactor should also make it more straight-forward to implement map and filter. The re-factored version only have a single slow path for processing elements which is used for both the overall slow path and for the bailout from the FAST_ELEMENTS case. Review-Url: https://codereview.chromium.org/2709773002 Cr-Commit-Position: refs/heads/master@{#43745}
-
yangguo authored
The switch statement itself is part of the switch block. However, the source position of the statement is outside of the block. This leads to confusion for the debugger, if the switch block pushes a block context: the current context is a block context, but the scope analysis based on the current source position tells the debugger that we should be outside the scope, so we should have the function context. R=marja@chromium.org BUG=v8:6085 Review-Url: https://codereview.chromium.org/2744213003 Cr-Commit-Position: refs/heads/master@{#43744}
-
bmeurer authored
Revert of [turbofan] Less aggressively insert SOFT deopts for property access. (patchset #2 id:20001 of https://codereview.chromium.org/2746013002/ ) Reason for revert: Tanks Octane/Mandreel and Octane/MandreelLatency. Original issue's description: > [turbofan] Less aggressively insert SOFT deopts for property access. > > Sometimes TurboFan is able to extract receiver maps from the surrounding > graph and thus is able to generate reasonable code for property accesses, > even if those haven't been executed in the baseline tier yet. So, only > stick in an SOFT deoptimization exit, if ExtractReceiverMaps failed to > infer proper receiver maps. > > R=yangguo@chromium.org > BUG=v8:5267 > > Review-Url: https://codereview.chromium.org/2746013002 > Cr-Commit-Position: refs/heads/master@{#43736} > Committed: https://chromium.googlesource.com/v8/v8/+/b8453628c94ddf71e05d70471355c7c924bbcf31 TBR=yangguo@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:5267 Review-Url: https://codereview.chromium.org/2748663002 Cr-Commit-Position: refs/heads/master@{#43743}
-
Caitlin Potter authored
Add a mechanic to set these Builtin exception predictions per-Isolate rather than per-Context in the Bootstrapper. Also add Debugger tests which would fail without these prediction modes set. Does not yet test for AsyncFromSyncIteratorPrototypeReturn, as this requires AsyncGenerators and `yield*` to be hit. BUG=chromium:691875 R=yangguo@chromium.org, jgruber@chromium.org, gsathya@chromium.org Change-Id: Ic2d2aba3870cce2f7321080f4278875edf253c76 Reviewed-on: https://chromium-review.googlesource.com/451967Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Caitlin Potter <caitp@igalia.com> Cr-Commit-Position: refs/heads/master@{#43742}
-
cwhan.tunz authored
- Remove TypedArrayIndexOf in src/js/typedarray.js - Implement it to C++ using the IndexOfValue in ElementsAccessor - Add buffer neutering check also for %TypedArray%.prototype.includes BUG=v8:5929 Review-Url: https://codereview.chromium.org/2733193002 Cr-Commit-Position: refs/heads/master@{#43741}
-
yangguo authored
Previously, we would incorrectly not assign any debug id to scripts deserialized from the code cache. R=jgruber@chromium.org BUG=v8:6072 Review-Url: https://codereview.chromium.org/2742713003 Cr-Commit-Position: refs/heads/master@{#43740}
-
shiyu.zhang authored
With this change, on ia32 and x64, a load from memory into a register can be replaced by a memory operand for integer binops if it makes sense. BUG= Review-Url: https://codereview.chromium.org/2728533003 Cr-Commit-Position: refs/heads/master@{#43739}
-