- 14 Dec, 2017 13 commits
-
-
Michael Achenbach authored
TBR=hablich@chromium.org NOTRY=true Bug: v8:5193 Change-Id: Ia5e91f50e35ca361cdb1eae8c2ca5cc2e2fd866c Reviewed-on: https://chromium-review.googlesource.com/827005Reviewed-by:
Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50106}
-
Michael Starzinger authored
This makes sure that breaking dependencies during compilation is also caught properly in release mode (not only in debug mode). When this happens the generated code would be invalid from the beginning and we need to prevent using such code. R=bmeurer@chromium.org BUG=chromium:794394,chromium:786723 Change-Id: I76fd85786c16807389f69a9c44b9f893004b1c6f Reviewed-on: https://chromium-review.googlesource.com/826635Reviewed-by:
Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#50105}
-
Igor Sheludko authored
This CL also removes LoadICProtoArray* builtins which are no longer necessary. Bug: v8:7206, v8:5561 Change-Id: Ic5d9a3d4d21c4bd5e5e1cd110bd029ced157a000 Reviewed-on: https://chromium-review.googlesource.com/819252 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#50104}
-
Sigurd Schneider authored
Bug: v8:7204, v8:7127 Change-Id: Id99b0e83385275508a9e7f46e17bb8263f7b256a Reviewed-on: https://chromium-review.googlesource.com/826626Reviewed-by:
-
Igor Sheludko authored
Given that we already treat feedback vector as a source of truth for language mode of other store operations and given that the StoreGlobalIC dispatcher does not depend on the language more anymore, we can just combine these two bytecodes. Bug: v8:7206 Change-Id: I27f03f2102ff79ec20fa997eb18dde816f376b00 Reviewed-on: https://chromium-review.googlesource.com/823846Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#50102}
-
Sigurd Schneider authored
Bug: v8:7127, v8:7204 Change-Id: I923658dd9142d658f1155015f5ee02526d280e2a Reviewed-on: https://chromium-review.googlesource.com/824171 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by:
-
Igor Sheludko authored
... instead of checking if the property cell is still empty when loading/storing through JSGlobalObject prototype. Also invalidate the validity cell when new global lexical variables appear in the script. Bug: v8:5561 Change-Id: Iaf122dffe76d57b32e2b69291dee079e772b271c Reviewed-on: https://chromium-review.googlesource.com/819230Reviewed-by:
-
Sigurd Schneider authored
Bug: v8:7127 Change-Id: Ia2e291d2b57150ea12bca6427b0c6843356b300e Reviewed-on: https://chromium-review.googlesource.com/826625 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by:
-
Michael Hablich authored
This reverts commit bee8c168. Reason for revert: blocks roll https://chromium-review.googlesource.com/c/chromium/src/+/822232 Original change's description: > [deoptimizer] Use empty fixed array when materializing empty arguments elements. > > Bug: chromium:793863 > Change-Id: I68860924c3252184f63dbea8561e5c4fe6bfa4ca > Reviewed-on: https://chromium-review.googlesource.com/822071 > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> > Cr-Commit-Position: refs/heads/master@{#50028} TBR=jarin@chromium.org,tebbi@chromium.org NOTRY=true Bug: chromium:793863 Change-Id: Iee622cd96333671277029fdd766f4ea137c9efc2 Reviewed-on: https://chromium-review.googlesource.com/826962 Commit-Queue: Michael Hablich <hablich@chromium.org> Reviewed-by:
Michael Hablich <hablich@chromium.org> Cr-Commit-Position: refs/heads/master@{#50098}
-
Sigurd Schneider authored
Add support for disallowing speculation upon deoptimize from a CheckBound node, and use this in the case of array builtins in js-call-reducer to prevent deoptimization loops. Bug: v8:7127 Change-Id: I04cf655b10178d2938d2f0ee6b336601fab6463b Reviewed-on: https://chromium-review.googlesource.com/822195 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by:
-
Brad Nelson authored
R=jarin@chromium.org Bug: Change-Id: I43c72aa222a6b41b22b3f80f3d4ce3113b965a81 Reviewed-on: https://chromium-review.googlesource.com/822526Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#50096}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/3d92234..9caf5bf Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/fbee132..9cfb34e Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/73924d8..ec766dc TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: I9c3106b436041575140f3bfc447585ee0613a617 Reviewed-on: https://chromium-review.googlesource.com/826862Reviewed-by:
v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#50095}
-
bsheedy authored
Adds static_cast<int> to a number of return values in disasm-arm64.cc. The implicit conversion from size_t (unsigned long) to int was causing compilation warnings/errors when upgrading to Android NDK r16. Bug: chromium:771171 Change-Id: I9a5f80d65565e1a9ab4caf2cf874240f04f406a1 Reviewed-on: https://chromium-review.googlesource.com/826254 Commit-Queue: Brian Sheedy <bsheedy@chromium.org> Reviewed-by:
Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#50094}
-
- 13 Dec, 2017 27 commits
-
-
Jakob Kummerow authored
Bug: v8:7109 Change-Id: I6384546566a760bd2956685a09d2327616eabd6d Reviewed-on: https://chromium-review.googlesource.com/810266 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by:
Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#50093}
-
Adam Klein authored
This would help separate such API misuses from other Invoke() crashes which indicate crashes in generated code. Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I6c596fb63950d7306fab1b689dd913a61764d257 Reviewed-on: https://chromium-review.googlesource.com/825942Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#50092}
-
Junliang Yan authored
Port bd732f7d Original Commit Message: The original CL introduced a test which uses a random number generator. I disable the test for now, which is okay because this CL adds to a work-in-progress feature anyways, and I will fix the problem in another CL. Original description: Add the ability to return (multiple) return values on the stack: - Extend stack frames with a new buffer region for return slots. This region is located at the end of a caller's frame such that its slots can be indexed as caller frame slots in a callee (located beyond its parameters) and assigned return values. - Adjust stack frame constructon and deconstruction accordingly. - Extend linkage computation to support register plus stack returns. - Reserve return slots in caller frame when respective calls occur. - Introduce and generate architecture instructions ('peek') for reading back results from return slots in the caller. - Aggressive tests. - Some minor clean-up. So far, only ia32 and x64 are implemented. R=ahaas@chromium.org, joransiu@ca.ibm.com, jbarboza@ca.ibm.com BUG= LOG=N Change-Id: I8d63286aa5af5f52cc2eeaf2adeee13d0ff19e7d Reviewed-on: https://chromium-review.googlesource.com/823084 Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Reviewed-by:
Joran Siu <joransiu@ca.ibm.com> Reviewed-by:
Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#50091}
-
Andreas Haas authored
In a certain scenario streaming compilation got stuck and did never finish. This CL fixes this issue. Scenario: * Streaming compilation starts * The compilation tasks execute all compiation units in the working queue and set the finished_ flag to true. * New data arrives over streaming * The compilation tasks compile so fast that the executed_units_ queue gets full. The compilation tasks stop executing and wait for the finisher task to restart them. * The finisher task does not restart the compilation tasks because the finished_ flag is set. With this CL I remove the finished flag and instead look at the size of the working queue directly. In addition I added a test which does not actually reproduce this scenario but seems good to have anyways. R=mtrofin@chromium.org Change-Id: I44560c43e51be13c4461208368e21137b115656c Reviewed-on: https://chromium-review.googlesource.com/824523Reviewed-by:
Mircea Trofin <mtrofin@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#50090}
-
Sergiy Byelozyorov authored
R=majeski@google.com TBR=machenbach@chromium.org This is breaking some test runs, e.g. https://chromium-swarm.appspot.com/task?id=3a69c31ccb964d10&refresh=10&show_raw=1. Bug: v8:6917 Change-Id: I61c12eafdf12a1bee2bf08de75f26b0d44fd0056 Reviewed-on: https://chromium-review.googlesource.com/825122 Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> Reviewed-by:
Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#50089}
-
Ali Ijaz Sheikh authored
top_on_previous_step_ can only be valid when Allocation Observers are active. Add some assertions in the code to ensure this holds. Use AllocationObserversActive() more pervasively. Remove some code based on the established invariant. Bug: Change-Id: I7f0d4c4f617ed9fa05c6b94202a90953fbc33cfd Reviewed-on: https://chromium-review.googlesource.com/823576Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com> Cr-Commit-Position: refs/heads/master@{#50088}
-
Bill Budge authored
- Makes ArrayBufferAllocatorBase forward all operations to default ArrayBufferAllocator. - ShellArrayBufferAllocator uses VM for allocations over a threshold. Bug: chromium:793750,v8:7146 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I62d8f9281b744e987223a16fbb762bd77747bf39 Reviewed-on: https://chromium-review.googlesource.com/822764Reviewed-by:
Eric Holk <eholk@chromium.org> Commit-Queue: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#50087}
-
Ulan Degenbaev authored
This ensures that MigrateFastToFast does not overflow the length of the property array. Bug: chromium:789393 Change-Id: I77adc319c1c8c469ea482bad35ead8661d535192 Reviewed-on: https://chromium-review.googlesource.com/824167 Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Igor Sheludko <ishell@chromium.org> Reviewed-by:
Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#50086}
-
Sergiy Byelozyorov authored
TBR=sergiyb@chromium.org Bug: chromium:747960 Change-Id: I4b28456f7a2809065ef8581a2440b87161996332 Reviewed-on: https://chromium-review.googlesource.com/824169 Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> Reviewed-by:
-
Benedikt Meurer authored
The k value passed to NumberAdd was outside the integer range, which meant it had to choose Double as the only valid representation. The other array builtins pass the result of CheckBounds here to specifically force the types into integer range, which allows the representation selection to pick Word32 instead of Float64 representation. Drive-by-fix: Pass kind to AccessBuilder::ForJSArrayLength() as well. Bug: chromium:791045, v8:1956 Change-Id: I357e1ba0dc52be544e631e4d554ab772b9b4c9bb Reviewed-on: https://chromium-review.googlesource.com/823968Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#50084}
-
Sergiy Byelozyorov authored
TBR=machenbach@chromium.org No-Try: true Bug: chromium:747960 Change-Id: If7cb86066c7579a02b3cb56bb64084574fa4187d Reviewed-on: https://chromium-review.googlesource.com/824922 Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> Reviewed-by:
-
Michael Starzinger authored
R=clemensh@chromium.org Change-Id: I80201b16c5d7a373ae5ff56bfafb46f4425bf997 Reviewed-on: https://chromium-review.googlesource.com/824243 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50082}
-
Igor Sheludko authored
The dispatcher is responsible for handling stores to lexical environment variables and for storing directly to the JSGlobalObject. In the latter case the dispatcher also ensures that JSGlobalProxy is provided as a receiver if a setter function has to be called. Unlike StoreIC the calling convention for the StoreGlobalIC does not include receiver. Bug: v8:7206, chromium:576312, v8:5561 Change-Id: Ifa896c7b41bf440785b757c2272ec91211e79c98 Reviewed-on: https://chromium-review.googlesource.com/818965 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by:
-
Ulan Degenbaev authored
Revision 5bc1d291 introduced a bug in the case when the filler is in the unmapped region, which leads to CHECK failure. Change-Id: I013e4386f6d5e9cdad22c11e1a7a9f1a088375ae Reviewed-on: https://chromium-review.googlesource.com/823845Reviewed-by:
-
Michal Majewski authored
Bug: v8:6917 Change-Id: I88fdb12c39311531600c0715fff5abe5da051295 Reviewed-on: https://chromium-review.googlesource.com/824271 Commit-Queue: Michał Majewski <majeski@google.com> Reviewed-by:
-
Michal Majewski authored
Bug: v8:6917 Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng Change-Id: I5ca840db75766413659cb96fd28b922712040cec Reviewed-on: https://chromium-review.googlesource.com/823843 Commit-Queue: Michał Majewski <majeski@google.com> Reviewed-by:
-
Clemens Hammacher authored
So far we generated source positions and safepoint information, but we never actually attached it to the generated code objects. This CL adds that. R=titzer@chromium.org Bug: v8:6600, chromium:793694 Change-Id: I8f4c6d8752f4c31a1df51c4893c262ea5925f3b5 Reviewed-on: https://chromium-review.googlesource.com/824266Reviewed-by:
Ben Titzer <titzer@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50077}
-
Michal Majewski authored
- All testcase/testsuite/variant generator subclasses renamed to just TestCase/TestSuite/VariantGenerator since they're private implementation. - All `testcase` variables renamed to `test` to not conflict with a module name. - No more two statements in the same line. - Removed some unused testsuite methods. Bug: v8:6917 Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng Change-Id: I7710f3419f738a5f9ddca73765dd2cad2e35b952 Reviewed-on: https://chromium-review.googlesource.com/823964Reviewed-by:
-
Clemens Hammacher authored
The intel manual knows "short jumps", "near jumps" and "far jumps", where our Label::kNear corresponds to short jumps and Label::kFar corresponds to near jumps. Add some words to document this. R=mstarzinger@chromium.org Change-Id: I2b41cc770ee2c1fecff5e7363cede264ca3cd033 Reviewed-on: https://chromium-review.googlesource.com/824270Reviewed-by:
-
Michael Starzinger authored
This refactors the list of redirections of runtime call targets that simulators maintain to be process-wide (as opposed to be per Isolate). Such redirections are used for static C++ call targets which themselves are process-wide, which makes this model a closer fit. Access is already properly synchronized via a mutex. Along the way this also introduces the {SimulatorBase} class as a common base class for all simulator implementations. R=clemensh@chromium.org Change-Id: Iae8602c44b1b34cb916dde2b22c9403b0496b3d4 Reviewed-on: https://chromium-review.googlesource.com/823966 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: -
Ross McIlroy authored
RegisterLists should only be allocated via the register allocator. To ensure this, make the RegisterList constructor private and only expose it to tests and the BytecodeRegisterAllocator. Change-Id: I09ebfc5c0f1baecfb1333fd672b96d462fd26fcf Reviewed-on: https://chromium-review.googlesource.com/822196 Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by:
Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#50073}
-
Clemens Hammacher authored
LiftoffAssembler::ReserveStackSpace expected number of bytes, not number of stack slots. Also, make this clear in the naming of the parameter, and remove a dead field. R=titzer@chromium.org Bug: v8:6600 Change-Id: Ic4c7167cfa26a169b2936acdde865863141f441d Reviewed-on: https://chromium-review.googlesource.com/823967Reviewed-by:
-
Clemens Hammacher authored
We really just need one check instead of three. This also unifies the error message to be the same on 32 and 64 bit systems. Drive-by: Fix potential overflow in {validate_size}. R=titzer@chromium.org Bug: chromium:794353 Change-Id: I63c1f5ef53c1f245b9e82bcbf86a5d9ac0d2725e Reviewed-on: https://chromium-review.googlesource.com/824082Reviewed-by: -
Georgia Kouveli authored
This includes adding a padding slot to the stack handler, which is done for all architectures for consistency. Bug: v8:6644 Change-Id: I8a6379a82e2a9d1819069850b6734489bd6071a6 Reviewed-on: https://chromium-review.googlesource.com/822477Reviewed-by:
-
Sigurd Schneider authored
This disallows speculation after deoptimization from any of Array.{forEach,map,filter,find} due to CheckMap fails. Such CheckMap fails happen if the builtins' function argument causes the map of the array to change. The js-call-lowering refrains from optimizing builtins for which speculation was disallowed. Bug: v8:6898, v8:7127 Change-Id: Ied6696f8fb023ee404fb82e9d37bfb061f293854 Reviewed-on: https://chromium-review.googlesource.com/819354Reviewed-by: -
Clemens Hammacher authored
Add support for loading and storing i32 values to and from memory. Support for f32 and for non-traphandler configurations (i.e. emitting bounds checks) will be added in a follow-up CL. R=titzer@chromium.org Bug: v8:6600 Change-Id: I43c44ce61f5acbac325261212374eb0f48c6ee89 Reviewed-on: https://chromium-review.googlesource.com/809164Reviewed-by:
-
Tobias Tebbi authored
I also used the opportunity to clean up the loop peeler a bit by making the class stateful, to avoid passing long argument lists around. Bug: v8:5864 Change-Id: I2e034c6eabd381b01e15cf3e6aa3ce7b14e7b3d8 Reviewed-on: https://chromium-review.googlesource.com/822933 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by:
-
