- 01 Aug, 2017 12 commits
-
-
Michael Achenbach authored
This reverts commit a6c3f143. Reason for revert: https://build.chromium.org/p/client.v8/builders/V8%20Mac%20GC%20Stress/builds/14478 https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20gc%20stress/builds/11907 Original change's description: > [turbofan] enable new implementation of escape analysis > > Bug: > Change-Id: I0218ab67bf391deb8f1b1b78811643eb84745b7c > Reviewed-on: https://chromium-review.googlesource.com/595508 > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Commit-Queue: Tobias Tebbi <tebbi@chromium.org> > Cr-Commit-Position: refs/heads/master@{#47032} TBR=jarin@chromium.org,tebbi@chromium.org Change-Id: Ib534a1c5e3b67e0585c63185065370a23ba954c5 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/595647Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#47035}
-
Benedikt Meurer authored
The @@toStringTag lookup in Object.prototype.toString causes quite a lot of overhead and oftentimes dominates the builtin performance. These lookups are almost always negative, especially for primitive values, and Object.prototype.toString is often used to implement predicates (like in Node core or in AngularJS), so having a way to skip the negative lookup yields big performance gains. This CL introduces a "MayHaveInterestingSymbols" bit on every map, which says whether instances with this map may have an interesting symbol. Currently only @@toStringTag is considered an interesting symbol, but we can extend that in the future. In the Object.prototype.toString we can use the interesting symbols bit to do a quick check on the prototype chain to see if there are any maps that might have the @@toStringTag, and if not, we can just immediately return the result, which is very fast because it's derived from the instance type. This also avoids the ToObject conversions for primitive values, which is important, since this causes unnecessary GC traffic and in for example AngularJS, strings are also often probed via the Object.prototype.toString based predicates. This boosts Speedometer/AngularJS by over 3% and Speedometer overall by up to 1%. On the microbenchmark from the similar SpiderMonkey bug (https://bugzilla.mozilla.org/show_bug.cgi?id=1369042), we go from roughly 450ms to 70ms, which corresponds to a 6.5x improvement. ``` function f() { var res = ""; var a = [1, 2, 3]; var toString = Object.prototype.toString; var t = new Date; for (var i = 0; i < 5000000; i++) res = toString.call(a); print(new Date - t); return res; } f(); ``` The design document at https://goo.gl/e8CruQ has some additional data points. TBR=ulan@chromium.org Bug: v8:6654 Change-Id: I31932cf41ecddad079d294e2c322a852af0ed244 Reviewed-on: https://chromium-review.googlesource.com/593620 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#47034}
-
Andreas Haas authored
R=titzer@chromium.org Bug: v8:6640 Change-Id: I08bed124f7c6f6607b28844ea91bee90c1c1ab22 Reviewed-on: https://chromium-review.googlesource.com/586603Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#47033}
-
Tobias Tebbi authored
Bug: Change-Id: I0218ab67bf391deb8f1b1b78811643eb84745b7c Reviewed-on: https://chromium-review.googlesource.com/595508Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#47032}
-
Clemens Hammacher authored
We were just debugging a trap triggered in the c entry stub, because there was a pending exception even though the return value of the runtime function was not {heap()->exception()}. The DCHECKs added here help to catch this common error earlier. R=mstarzinger@chromium.org CC=ahaas@chromium.org Also-by: ahaas@chromium.org Change-Id: I3718dcb64a7924137c9f4bddff62776772d10386 Reviewed-on: https://chromium-review.googlesource.com/594447Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#47031}
-
Juliana Franco authored
This CL is the follow up of https://chromium-review.googlesource.com/c/586707/ which used to crash when running the gc-stress bots. It seems to be working now. We now keep the trampoline PC in the Safepoint table and use that information to find SafepointEntries. There's some refactoring that can be done, such as changing the code for exceptions in a similar way and removing the trampoline from the DeoptimizationInputData. Will take care of this in the next CL. Bug: v8:6563 Change-Id: I02565297093620023a1155b55d76a4dafcb54794 Reviewed-on: https://chromium-review.googlesource.com/593622 Commit-Queue: Juliana Patricia Vicente Franco <jupvfranco@google.com> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#47030}
-
Enrico Bacis authored
The test TestExportImportedMemoryGrowMultipleInstances in test/mjsunit/wasm/import-memory.js had a TODO about not taking into account the maximum size for exported memory objects, thus permitting to grow past thhe maximum specified in the exported memory object. The check is already in place at wasm-objects.cc:266 (https://cs.chromium.org/chromium/src/v8/src/wasm/wasm-objects.cc?rcl=a01b55b548add5aec1d3d4d8fcdadfa01555c6ea&l=266). This CL removes the TODO and asserts that growing past maximum for exported objects fails. R=ahaas@chromium.org, gdeepti@chromium.org Change-Id: Ifa69e4e85e04bc2280b629cebb30d400cca9420f Reviewed-on: https://chromium-review.googlesource.com/593948Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Enrico Bacis <enricobacis@google.com> Cr-Commit-Position: refs/heads/master@{#47029}
-
Predrag Rudic authored
Commit 0d833cb9 deleted function call that created CEntryStub code in snapshot. So when CEntryStub::GetCode is called while initializing V8, the code for it, is not found in shapshot. Hence this code has to be generated in new allocation on heap, that is why initial heap is above the limit. This patch assures that CEntryStub code is in the snapshot. Bug: Change-Id: Ifc885998e9253ab3e19e4e2409e4c124a5f1b0d1 Reviewed-on: https://chromium-review.googlesource.com/593950Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com> Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com> Cr-Commit-Position: refs/heads/master@{#47028}
-
Bill Budge authored
This is a reland of 3f90d9f9 Original change's description: > [Memory] Add an OnCriticalMemoryPressure method to V8::Platform. > > Adds virtual V8::Platform::OnCriticalMemoryPressure method, default > implementation does nothing. > > Calls this method on first allocation failures in NewArray, Malloced, > and zone AccountingAllocator and adds retry logic. > > Adds utility functions for allocating base::VirtualMemory to functions > in allocation.h, which call this method and add retry logic. > > Calls these utility functions in heap CodeRange, Spaces, StoreBuffer > and SequentialMarkingDeque. > > Bug: v8:6635 > Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng > Change-Id: I38afd394f3be556aca037d16675e9884658158cb > Reviewed-on: https://chromium-review.googlesource.com/583543 > Commit-Queue: Bill Budge <bbudge@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Cr-Commit-Position: refs/heads/master@{#46988} Bug: v8:6635 Change-Id: I0d70c5796f407f0ed42cfddf581d26f533f9bea8 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Reviewed-on: https://chromium-review.googlesource.com/593090Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#47027}
-
Deepti Gandluri authored
R=mtrofin@chromium.org Change-Id: Ia1e215d59e9ea863b85c64c2eab41f6cd6fe3404 Reviewed-on: https://chromium-review.googlesource.com/570842 Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Reviewed-by: Mircea Trofin <mtrofin@chromium.org> Cr-Commit-Position: refs/heads/master@{#47026}
-
Sathya Gunasekaran authored
The patch changes CallPrinter's AST traversal to continue even after the first positive match for an AST node. This helps us check for the subsequent GetIterator AST node in case of destructuring. We can not differentiate between the function call failing and the GetIterator failing based on source position info. This would involve runtime checks costing performance. Instead of providing an incorrect error, we provide both the possiblities to user and allow them to disambiguate. Previously, d8> function f() { return 5; } undefined d8> var [a] = f(); (d8):1: TypeError: f is not a function var [a] = f(); ^ TypeError: f is not a function at (d8):1:11 Now, d8> function f() { return 5; } undefined d8> var [a] = f(); (d8):1: TypeError: f is not a function or its return value is not iterable var [a] = f(); ^ TypeError: f is not a function or its return value is not iterable at (d8):1:11 Bug: v8:6616, v8:6513 Change-Id: I3d6427f10cae54951b0ad0e5ddcbe802bb7191c1 Reviewed-on: https://chromium-review.googlesource.com/594894 Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#47025}
-
Mathias Bynens authored
Intent to ship: https://groups.google.com/d/msg/v8-users/r-SN2yuKTL8/pfwrSuqSBQAJ BUG=v8:4545 Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng Change-Id: I15a8a5af211a3af1d2f952b48923288adc09d93c Reviewed-on: https://chromium-review.googlesource.com/592705Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Mathias Bynens <mathias@chromium.org> Cr-Commit-Position: refs/heads/master@{#47024}
-
- 31 Jul, 2017 28 commits
-
-
Jaideep Bajwa authored
For this testcase to run on BE, it requires Load/store reversed byte instructions. Disabling testcase until the necessary instructions are implemented. R=machenbach@chromium.org, jkummerow@chromium.org BUG= LOG=N Change-Id: I380c9a07030ba12e9b9e81c372496819102e2b0d Reviewed-on: https://chromium-review.googlesource.com/595047Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Jaideep Bajwa <bjaideep@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#47023}
-
Alexey Kozyatinskiy authored
This call from inspector side is redundant, V8 will clear all breakpoints on removing debug delegate in v8::internal::Debug::Unload method. In any case for correct support of multiclient we need to clear breakpoints in V8DebuggerAgentImpl::disable method. R=dgozman@chromium.org Bug: v8:5510,chromium:652939 Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel Change-Id: I66f9b97797860bad28884a099928d54ac3560428 Reviewed-on: https://chromium-review.googlesource.com/592281 Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Reviewed-by: Dmitry Gozman <dgozman@chromium.org> Cr-Commit-Position: refs/heads/master@{#47022}
-
Alexey Kozyatinskiy authored
In current implementation we call PrepareForBreakPoints during getting possible breakpoints, this call produce GC and iteration through heap, but it's not needed before we set real breakpoint. On my machine, get-possible-breakpoints-master.js without CL takes ~200ms, with CL it takes ~60 ms. Running test without getPossibleBreakpoints protocol call takes ~50 ms. It means that we have (200-50)/(60-50) = 15 times faster getPossibleBreakpoints. R=yangguo@chromium.org,jgrubber@chromium.org Bug: none Change-Id: If12e41cd87dbba11a89aa5895e3b4d88123d7d3d Reviewed-on: https://chromium-review.googlesource.com/591027 Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#47021}
-
Ulan Degenbaev authored
This reverts commit d8846ffd. Reason: the fix doesn't work, the proper fix is to not mutate the map. BUG=chromium:694255 TBR=ishell@chromium.org Change-Id: Iebef7cd01081145c172902727e0035a8745703b7 Reviewed-on: https://chromium-review.googlesource.com/594727Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#47020}
-
Adam Klein authored
Change-Id: Idb6dfed1d0314c38c25b230faa7e28728cff2637 Reviewed-on: https://chromium-review.googlesource.com/587250 Commit-Queue: Adam Klein <adamk@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#47019}
-
Ross McIlroy authored
Removes CompilationInfo::ExpectsJSReceiverAsReceiver and the associated debug code in full-codegen which uses it. This avoids the need to check language_mode from CompilationInfo and will enable decoupling of ParseInfo and CompilationInfo in a followup CL. BUG=v8:5203 Change-Id: Ib88252408e59ef321d16d5a1dd4b2b6cea609729 Reviewed-on: https://chromium-review.googlesource.com/593954Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#47018}
-
Ulan Degenbaev authored
BUG=chromium:694255 TBR=cbruni@chromium.org Change-Id: I8a7907aa18d2855ca571ae564c7eeda41bf13fbb Reviewed-on: https://chromium-review.googlesource.com/593655Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#47017}
-
Ulan Degenbaev authored
This sets the minimum semi-space size to 512K, but does not change the initial semi-space size. This reverts commit 774a4c5e. Original commit message: > [heap] Allow a minimum semi-space size of 512K. > This CL also reduces the minimum semi-space size to 512K. > BUG=chromium:716032 BUG=chromium:735649 TBR=mlippautz@chromium.org Change-Id: I1f5dd05b0851ba2b438bedcc023a5cf5f9242a81 Reviewed-on: https://chromium-review.googlesource.com/594107Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#47016}
-
Ross McIlroy authored
BUG=v8:5203 Change-Id: Id7f1b3a50f5f407e9fdada8a5b62a7ada8d966df Reviewed-on: https://chromium-review.googlesource.com/593951Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#47015}
-
Leszek Swirski authored
Since any deopt-count-based heuristics should be native context dependent, it belongs in the feedback vector rather than the SFI. Bug: v8:6402 Change-Id: I30804d58bc1dec9150558e6ee21ee5b4dbd36c8d Reviewed-on: https://chromium-review.googlesource.com/593661 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#47014}
-
Michael Achenbach authored
This reverts commit 409f84c9. Reason for revert: Breaks nosnap debug: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap%20-%20debug/builds/14288 Original change's description: > [async-iteration] implement spec-change to `yield` in async generators > > Per https://github.com/tc39/proposal-async-iteration/pull/102/files: > > AsyncGeneratorResolve no longer unwraps a value component. Instead, the > value is unwrapped before the builtin call via Await, allowing Promise > rejections to affect the generator control flow. > > Thus, all `yield <expr>` implicitly become `yield await <expr>`. > > Additionally, `return <expr>` becomes `return await <expr>`. Finally, when > the generator is resumed with `.return()`, the parameter passed to .return() > is awaited before generator execution properly continues). > > BUG=v8:5855 > R=littledan@chromium.org, neis@chromium.org, adamk@chromium.org > > Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng > Change-Id: Ife084076c3ed434b5467e6aeba14082f8b410ad5 > Reviewed-on: https://chromium-review.googlesource.com/523844 > Commit-Queue: Caitlin Potter <caitp@igalia.com> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Cr-Commit-Position: refs/heads/master@{#47011} TBR=rmcilroy@chromium.org,adamk@chromium.org,yangguo@chromium.org,neis@chromium.org,littledan@chromium.org,gsathya@chromium.org,caitp@igalia.com Change-Id: Ie6ad7e5410a3a89aab7a5dc68de36eb27b9354fe No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:5855 Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng Reviewed-on: https://chromium-review.googlesource.com/593952Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#47013}
-
Jakob Gruber authored
This reverts commit 2f79e035. Reason for revert: Conflicts with successor CL. Original change's description: > [builtins] Remove Builtins::Name() accessors > > Instead of auto-generating the Name() convenience accessor, use a macro to > avoid wasting code space. > > BUILTIN_CODE(isolate, Name) > > expands to > > isolate->builtins()->builtin_handle(Builtins::kName); > > This reduces the size of libv8.so by 134,752 bytes on a x64 release build. > > Bug: v8:6624 > Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng > Change-Id: Idff7ee5c45e344e73412c0f47e92553c7c7ff75f > Reviewed-on: https://chromium-review.googlesource.com/593607 > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/master@{#47010} TBR=yangguo@chromium.org,ahaas@chromium.org,jgruber@chromium.org,bmeurer@chromium.org Change-Id: Ia9ef5c755b26c3f4e143d87a7c51033614ea435e No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:6624 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Reviewed-on: https://chromium-review.googlesource.com/594048Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#47012}
-
Caitlin Potter authored
Per https://github.com/tc39/proposal-async-iteration/pull/102/files: AsyncGeneratorResolve no longer unwraps a value component. Instead, the value is unwrapped before the builtin call via Await, allowing Promise rejections to affect the generator control flow. Thus, all `yield <expr>` implicitly become `yield await <expr>`. Additionally, `return <expr>` becomes `return await <expr>`. Finally, when the generator is resumed with `.return()`, the parameter passed to .return() is awaited before generator execution properly continues). BUG=v8:5855 R=littledan@chromium.org, neis@chromium.org, adamk@chromium.org Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng Change-Id: Ife084076c3ed434b5467e6aeba14082f8b410ad5 Reviewed-on: https://chromium-review.googlesource.com/523844 Commit-Queue: Caitlin Potter <caitp@igalia.com> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#47011}
-
jgruber authored
Instead of auto-generating the Name() convenience accessor, use a macro to avoid wasting code space. BUILTIN_CODE(isolate, Name) expands to isolate->builtins()->builtin_handle(Builtins::kName); This reduces the size of libv8.so by 134,752 bytes on a x64 release build. Bug: v8:6624 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: Idff7ee5c45e344e73412c0f47e92553c7c7ff75f Reviewed-on: https://chromium-review.googlesource.com/593607Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#47010}
-
Leszek Swirski authored
Remove opt_count from SFI, which only had two real uses: 1. Detecting OSR in tests -- replaced with a stack walk in %GetOptimizationStatus 2. Naming optimization log files -- replaced with the optimization id This allows us to remove a field from the SFI, moving the bailout reason into the counters field. As a drive-by, add optimization marker information (e.g. marked for optimization) to the optimization status. Change-Id: Id77deb5dd5439dfba058a7e1e1748de26b717d0d Reviewed-on: https://chromium-review.googlesource.com/592028Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#47009}
-
Clemens Hammacher authored
This reverts commit 072d0e3e. Reason for revert: Performance regressions (https://crbug.com/749041). Original change's description: > [wasm] Allow for arbitrarily long error messages > > We currently have a fixed limit of 256 characters for error messages > generated in the decoder. However, we sometimes embed names in it, > which makes it easy to generate a crash by using long names (e.g. for > exports) in invalid wasm modules. > This CL fixes this by switching to a stream based interface, allowing > to pass arbitrary objects to be printed. With this interface, we can > easily limit the length of output later. > > R=titzer@chromium.org > > Bug: chromium:740023 > Change-Id: I2848c31c63a015157e2a3a9458b54e523060cd69 > Reviewed-on: https://chromium-review.googlesource.com/565282 > Reviewed-by: Ben Titzer <titzer@chromium.org> > Commit-Queue: Clemens Hammacher <clemensh@chromium.org> > Cr-Commit-Position: refs/heads/master@{#46860} TBR=titzer@chromium.org,clemensh@chromium.org # Not skipping CQ checks because original CL landed > 1 day ago. Bug: chromium:740023, chromium:749041 Change-Id: I005a60d55dcf01d350230f8d98f715bab9c43886 Reviewed-on: https://chromium-review.googlesource.com/593807 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#47008}
-
Peter Marshall authored
Now that the maximum string length varies between platforms, the correctness fuzzer is unhappy. It will ignore crashes, so when we know we have reached platform-dependant behavior just crash if --abort_on_stack_overflow is enabled. Also rename abort_on_stack_overflow to abort_on_stack_or_string_length_overflow. Bug: chromium:748137 Change-Id: Ie4e96709b90029b5ce3c8408064d928f841b3b9f Reviewed-on: https://chromium-review.googlesource.com/589269 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#47007}
-
Ross McIlroy authored
Print AST needs access to the internalized strings, so make sure AST is internalized before we print it. BUG=v8:5203 Change-Id: Ia4995147feb7ec466523a0c4a89620749b23dcab Reviewed-on: https://chromium-review.googlesource.com/593648Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#47006}
-
Clemens Hammacher authored
R=ahaas@chromium.org Change-Id: Ie46dce0e417ce528bbd81aa6ef87ca63a9fcc869 Reviewed-on: https://chromium-review.googlesource.com/593613Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#47005}
-
Clemens Hammacher authored
The bug was introduced in a previous refactoring: https://chromium-review.googlesource.com/c/455555/14/test/mjsunit/mjsunit.js R=mstarzinger@chromium.org CC=gsathya@chromium.org Change-Id: I49d2797c3ba834c89011910a81cffd9e119e719f Reviewed-on: https://chromium-review.googlesource.com/593612Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#47004}
-
jgruber authored
This is a reland of 7bb6cd63 Original change's description: > [coverage] Ship block coverage > > Enables block coverage by default. > > Design doc: http://goo.gl/hSJhXn > Tracking bug: http://crbug.com/v8/6000 > > Bug: v8:6000 > Change-Id: I8c56474473b60e4707b75dc601b3e88455861a27 > Reviewed-on: https://chromium-review.googlesource.com/583093 > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Yang Guo <yangguo@chromium.org> > Cr-Commit-Position: refs/heads/master@{#46898} Bug: v8:6000 Change-Id: I033d89a35c23fcff083f83103df45e33f7962d67 Reviewed-on: https://chromium-review.googlesource.com/592968 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#47003}
-
Michael Lippautz authored
- Add scopes - Rename scopes to fit hierarchy - Scavenge weak collections before parallel phase - Remove semi space phase which doesn't exist anymore Bug: chromium:738865 Change-Id: Id3b72793e764f8d3597917e45185d08675b57f5d Reviewed-on: https://chromium-review.googlesource.com/593611Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#47002}
-
Tobias Tebbi authored
Reland of https://chromium-review.googlesource.com/c/591667/, removing thread-local variable Bug: Change-Id: Ia9bc73be4a46a6bf052220726193c8b6634eb73e Reviewed-on: https://chromium-review.googlesource.com/593559Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#47001}
-
Leszek Swirski authored
Also enforce that it is called on the main thread. Change-Id: I827beefe625bebf6c03fce5220cfbbd68e807984 Reviewed-on: https://chromium-review.googlesource.com/591372Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#47000}
-
Ulan Degenbaev authored
When an object shrinks, we can keep the recorded slots until the sweeper removes them. It is safe because the recorded slots will not be over- written with untagged values. BUG=chromium:694255 Change-Id: I2b910c6345a306e00c7a10396876001e663f51ea Reviewed-on: https://chromium-review.googlesource.com/591650Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#46999}
-
Ulan Degenbaev authored
The slots outside the trimmed array will be cleared by the sweeper and will not be overwritten with an untagged value. BUG=chromium:694255 Change-Id: I3e814b9934ca95a09e883e237687434e6bb58c80 Reviewed-on: https://chromium-review.googlesource.com/591651Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#46998}
-
Vladan Djeric authored
We are unblocking contributors from @fb.com and @oculus.com to contribute to Chromium. Our primary contributor group is still specified in our Facebook CLA group and should be consulted before allowing any contributions. Bug: Change-Id: I21ee84a29382f034184d053b77b02c78e6055791 Reviewed-on: https://chromium-review.googlesource.com/558708Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#46997}
-
Ulan Degenbaev authored
Currently we clear only old-to-new slots in the sweeper. For old-to-old slots we maintain the invariant that there are no recorded slots in dead objects by explicitly clearing them on object size change and array trimming. The write barrier for concurrent marking will record slots even when the host object is white. Thus, it can introduce slots in dead objects, which will break evacuation phase if we do not clear them in the sweeper. Besides that, the patch makes handling of slots more uniform and allows us to remove clearing of slots on object size changes. BUG=chromium:694255 Change-Id: I48f60eb25ddc48c6948be4461367e3f7abf74672 Reviewed-on: https://chromium-review.googlesource.com/592207Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#46996}
-