- 18 May, 2017 19 commits
-
-
Adam Klein authored
This reverts commit ce538f70. Reason for revert: breaks BOM handling (thus breaking Outlook web apps). Original change's description: > [parser] Refactor streaming scanner streams. > > Unify, simplify logic, reduce UTF8 specific handling. > > Intend of this is also to have stream views. > Stream views can be used concurrently by multiple threads, but > only one thread may fetch new data from the underlying source. > This together with unified stream view creation is intended to be > used for parse tasks. > > BUG=v8:6093 > > Change-Id: Ied8e93090c506d4735080298f0fdaeed32043915 > Reviewed-on: https://chromium-review.googlesource.com/501789 > Commit-Queue: Wiktor Garbacz <wiktorg@google.com> > Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> > Reviewed-by: Marja Hölttä <marja@chromium.org> > Cr-Commit-Position: refs/heads/master@{#45336} TBR=marja@chromium.org,vogelheim@chromium.org,jochen@chromium.org,wiktorg@google.com BUG=v8:6093, chromium:724166 Change-Id: I022a23b8052d20d83a640c07b7864c622548bf90 Reviewed-on: https://chromium-review.googlesource.com/508888Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#45404}
-
ulan authored
This patch adds HeapObject::set_map_after_allocation method that initializes the map of the object without object layout checks. All other map setters now check that transitions unsafe for concurrent marking properly notify the GC. BUG=chromium:694255 Review-Url: https://codereview.chromium.org/2885883004 Cr-Commit-Position: refs/heads/master@{#45403}
-
bjaideep authored
Port bfa319e5 Original Commit Message: We already had an optimization to turn Function.prototype.apply with arguments object, i.e. function foo() { return bar.apply(this, arguments); } into a special operator JSCallForwardVarargs, which avoids the allocation and deconstruction of the arguments object, but just passes along the incoming parameters. We can do the same for rest parameters and spread calls/constructs, i.e. class A extends B { constructor(...args) { super(...args); } } or function foo(...args) { return bar(1, 2, 3, ...args); } where we basically pass along the parameters (plus maybe additional statically known parameters). For this, we introduce a new JSConstructForwardVarargs operator and generalize the CallForwardVarargs builtins that are backing this. R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG=v8:6407,v8:6278,v8:6344 LOG=N Review-Url: https://codereview.chromium.org/2887153004 Cr-Commit-Position: refs/heads/master@{#45402}
-
machenbach authored
Revert of [csa] Add assertions to CSA (patchset #11 id:200001 of https://codereview.chromium.org/2847923003/ ) Reason for revert: Seems to have made nosnap debug very slow and also leads to check failures: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap%20-%20debug/builds/13248 Original issue's description: > [csa] Add assertions to CSA > > This adds a bunch of assertions to CSA, mostly about documenting and checking > parameter types. > > Drive-by-change: Removed unused function. > > BUG=v8:6325 > > Review-Url: https://codereview.chromium.org/2847923003 > Cr-Commit-Position: refs/heads/master@{#45398} > Committed: https://chromium.googlesource.com/v8/v8/+/b14a981496ad1f841683479d2f9188dfa2d6b4bd TBR=cbruni@chromium.org,ishell@chromium.org,jgruber@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:6325 Review-Url: https://codereview.chromium.org/2892023002 Cr-Commit-Position: refs/heads/master@{#45401}
-
hpayer authored
BUG=chromium:716032 Review-Url: https://codereview.chromium.org/2890603007 Cr-Commit-Position: refs/heads/master@{#45400}
-
Adam Klein authored
Generators were previously treated as "top level" for preparsing purposes, since all their variables are context-allocated. But doing so isn't quite correct: the allocation of the "arguments" variable for a generator depends on whether it's referenced, and so an inner arrow function which references "arguments" won't properly trigger allocation of "arguments" since the reference will not be noticed in the preparser. The same problem exists for "this" since commit 68f0a47b; before that commit, all generators implicitly referenced their "this" argument as part of the desugaring. With that implicit reference gone, "this" falls into the same problem as arguments. This patch restricts the special "top level" treatment to modules, which have only a trivial "this" binding (it's always undefined), and no arguments binding. Moreover, all code inside modules is strict, meaning that unresolved references to "this" will also result in undefined. R=marja@chromium.org Bug: chromium:723132 Change-Id: I814d145fb8f3f1a65abb48e4e35595428d063051 Reviewed-on: https://chromium-review.googlesource.com/508055Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#45399}
-
jgruber authored
This adds a bunch of assertions to CSA, mostly about documenting and checking parameter types. Drive-by-change: Removed unused function. BUG=v8:6325 Review-Url: https://codereview.chromium.org/2847923003 Cr-Commit-Position: refs/heads/master@{#45398}
-
Leszek Swirski authored
Uses CheckSmi to force the switch argument to be a Smi, so that it can be used as an input into a Switch node. Change-Id: Ibec6beaeebc2168a3f80b86512c70a99d52f2575 Reviewed-on: https://chromium-review.googlesource.com/505621 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#45397}
-
Michael Achenbach authored
Add configs for: https://chromium-review.googlesource.com/c/508349 NOTRY=true TBR=ulan@chromium.org Bug: chromium:723600 Change-Id: Ie0be3d34cc35a72c012c601d0bf8c8b707e69f32 Reviewed-on: https://chromium-review.googlesource.com/508628 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#45396}
-
bmeurer authored
For additions like a+'' or ''+a where we have String feedback on the JSAdd, we can drop the concatenation and just check that a is a valid String already (via CheckString). BUG=v8:6259 R=petermarshall@chromium.org Review-Url: https://codereview.chromium.org/2894563002 Cr-Commit-Position: refs/heads/master@{#45395}
-
Ross McIlroy authored
BUG=v8:6389,v8:6379,v8:6409 Change-Id: I24e0c8b6212f2cf2877d52f27eca0beb133afa1e Reviewed-on: https://chromium-review.googlesource.com/508348Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#45394}
-
Leszek Swirski authored
For a single deferred commands, using a jump table is overkill, so instead simply test the token against the single entry. Bug: v8:4280 Bug: v8:6218 Change-Id: I0300f640080705fb10f46ad4ed5791703fa4dd77 Reviewed-on: https://chromium-review.googlesource.com/506153 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#45393}
-
ivica.bogosavljevic authored
BUG= Review-Url: https://codereview.chromium.org/2892713002 Cr-Commit-Position: refs/heads/master@{#45392}
-
jgruber authored
Restore original behavior in that strings are deduplicated in lower-case conversion (i.e. if the string is already lower-case, the original string is returned). BUG=v8:6353,v8:6412 Review-Url: https://codereview.chromium.org/2891853004 Cr-Commit-Position: refs/heads/master@{#45391}
-
Camillo Bruni authored
Change-Id: I4b19700b613f81601321a336cc758cfd7f826f3e Reviewed-on: https://chromium-review.googlesource.com/504347Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#45390}
-
Michael Starzinger authored
R=clemensh@chromium.org Change-Id: Ic1cc9bd5560a315128242dc58b29a76e359ca11f Reviewed-on: https://chromium-review.googlesource.com/507212Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#45389}
-
bmeurer authored
We already had an optimization to turn Function.prototype.apply with arguments object, i.e. function foo() { return bar.apply(this, arguments); } into a special operator JSCallForwardVarargs, which avoids the allocation and deconstruction of the arguments object, but just passes along the incoming parameters. We can do the same for rest parameters and spread calls/constructs, i.e. class A extends B { constructor(...args) { super(...args); } } or function foo(...args) { return bar(1, 2, 3, ...args); } where we basically pass along the parameters (plus maybe additional statically known parameters). For this, we introduce a new JSConstructForwardVarargs operator and generalize the CallForwardVarargs builtins that are backing this. BUG=v8:6407,v8:6278,v8:6344 R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2890023004 Cr-Commit-Position: refs/heads/master@{#45388}
-
Mircea Trofin authored
We use Schedule::EnsureDeferredCodeSingleEntryPoint as a helper for hand-crafted builtin code, to ensure deferred code isn't entered from a mix of deferred and non-deferred code (invariant required for hot/cold allocation, or "splintering"). When we create a "merger" block, it may be the case that the original block had a few phi operands. Those need to be moved as well. This bug was uncovered by both v8:6390, and, earlier, by v8:5998. We fixed the earlier one by authoring a the builtin to avoid the need for EnsureDeferredCodeSingleEntryPoint. I proposed earlier an alternative where we'd replace the Ensure... method with a Verify, and throw early when the builtin is assembled, however, we may want to maintain the slightly higher level DSL for authoring builtins, and perform such graph adjustments for the lower level constraints afterwards, hence this current CL. Bug: v8:5998 v8:6390 Change-Id: Ia3143f7a66904fe480d8edb5b52bf915b8d185dc Reviewed-on: https://chromium-review.googlesource.com/505264 Commit-Queue: Mircea Trofin <mtrofin@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#45387}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/8b49e99..ce01161 Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapult/+log/37015fb..d76621c Rolling v8/third_party/icu: https://chromium.googlesource.com/chromium/deps/icu/+log/87232d8..fd2abab TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Change-Id: Iba04b2ab7b423bc49897de8f159f7960fd0813a3 Reviewed-on: https://chromium-review.googlesource.com/508332Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#45386}
-
- 17 May, 2017 21 commits
-
-
bjaideep authored
Port 11a211ff Port 663a8ef4 Original Commit Message: Since the feedback vector is itself a native context structure, why not store optimized code for a function in there rather than in a map from native context to code? This allows us to get rid of the optimized code map in the SharedFunctionInfo, saving a pointer, and making lookup of any optimized code quicker. Original patch by Michael Stanton <mvstanton@chromium.org> R=rmcilroy@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG=v8:6246,chromium:718891 LOG=N Review-Url: https://codereview.chromium.org/2892663002 Cr-Commit-Position: refs/heads/master@{#45385}
-
Igor Sheludko authored
IC system does its best to properly mark stable transition source maps as unstable (see https://chromium-review.googlesource.com/483442) however an already recorded map can be deprecated later and the optimizing compiler may try to generate an elements kind transition from the updated version of deprecated map which can "become" stable again. Bug: chromium:723455 Change-Id: Ic0c392f153587c3cd7c7623a3a6ea85ec72ad5bd Reviewed-on: https://chromium-review.googlesource.com/507887 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#45384}
-
bjaideep authored
PPC/s390: [turbofan] [builtins] Unify construct builtins for JS functions and classes and add inlining and deoptimizer support Port 2026d5cb R=tebbi@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG=v8:6180 LOG=N Review-Url: https://codereview.chromium.org/2875073003 Cr-Commit-Position: refs/heads/master@{#45383}
-
Adam Klein authored
Mark Runtime::kInlineGeneratorGetContext as not needing a FrameState (matching the other Generator field-loading intrinsics) and avoid a call to PrepareEagerCheckpoint() in VisitResumeGenerator() (since there should never be a deopt during resume). Change-Id: I03a2d89914bc7de27bbfe6228ca115e635ea4c4e Reviewed-on: https://chromium-review.googlesource.com/506815Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#45382}
-
Tobias Tebbi authored
In analogy to the CHECK() macro, this generates an assertion check in CSA that is enabled in release builds. Intended for some security-relevant assertions in TypedArray builtins. Bug: Change-Id: Ie15a3892c4698a916bcd53bd9bfb4411eec6ebe4 Reviewed-on: https://chromium-review.googlesource.com/506158 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#45381}
-
tebbi authored
R=danno@chromium.org Review-Url: https://codereview.chromium.org/2814683002 Cr-Commit-Position: refs/heads/master@{#45380}
-
ulan authored
BUG=chromium:723600 Review-Url: https://codereview.chromium.org/2888093003 Cr-Commit-Position: refs/heads/master@{#45379}
-
Tobias Tebbi authored
Bug: v8:6380 Change-Id: I85728099bcf188929c81e234a34b2bc308ddab16 Reviewed-on: https://chromium-review.googlesource.com/506016 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#45378}
-
Michael Starzinger authored
This uses a separate temporary zone for running the asm.js parser, which can be discarded immediately after the parser finished validating one module. It reduces the lifetime of all data-structures local to the parser and only uses the compilation zone to hold the resulting module. R=clemensh@chromium.org Change-Id: I5f5a613e0abd24cd85a49ebd97f9ee7cee46b02a Reviewed-on: https://chromium-review.googlesource.com/506733 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#45377}
-
Marja Hölttä authored
Super calls need to refer to .this_function, .new.target and this, and super property references need to refer to .this_function and this, so that the is_used for those variables will be set and they will be allocated correctly. BUG=v8:5516 Change-Id: Idc58539fccad70c995e029051b59a67ea66bff91 Reviewed-on: https://chromium-review.googlesource.com/506094Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#45376}
-
Jakob Kummerow authored
BUG=chromium:722756 Change-Id: I04fc7fa0b8ef1e56d25f829fc5c8f53ae439aa52 Reviewed-on: https://chromium-review.googlesource.com/507209Reviewed-by: Daniel Clifford <danno@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#45375}
-
Andreas Haas authored
This CL refactors the module decoder so that it can process a list of section buffers instead of one module buffer. This change is needed for streaming compilation. Streaming compilation may require additional changes. This CL introduces the following interface to the module decoder: StartDecoding -- starts the decoding DecodeModuleHeader -- decodes the module header DecodeSection -- decodes the section FinishDecoding -- finishes the decoding and returns the WasmModule Aside from the different interface the biggest change to the module decoder is the introduction of a buffer_offset, which is the offset of the current section buffer of the module decoder in the module bytes. This buffer_offset is used to translate from section offsets to module offsets and back. Another nice change is that the module decoder does not have a zone anymore. Instead the zone is stored directly in the WasmModule where it belongs. Zone ownership is also more obvious now. R=mtrofin@chromium.org, clemensh@chromium.org Change-Id: I815d777ec380f4c617c39e828ea0c9746c0bae20 Reviewed-on: https://chromium-review.googlesource.com/505490 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#45374}
-
Michael Starzinger authored
R=ahaas@chromium.org Change-Id: If0001d1b829540d76a3cef54a495322ca624d030 Reviewed-on: https://chromium-review.googlesource.com/507227Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#45373}
-
Georg Neis authored
AssembleCode will eventually be moved into ExecuteJob, i.e., off the main thread. Bug: v8:6048 Change-Id: If84ee2aaca6c8827cb769c7d69e5094fb4f32e4b Reviewed-on: https://chromium-review.googlesource.com/506669 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#45372}
-
Georg Neis authored
Original CL description: [compiler] Delay allocation of heap numbers for deoptimization literals. ... until after the main bulk of code generation, which will soon run on a different thread. Bug: v8:6048, chromium:722978 Change-Id: I690c0b009211a2bac60cf06f577720a914c21000 Reviewed-on: https://chromium-review.googlesource.com/507207Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#45371}
-
Marja Hölttä authored
AstNodeFactory used to get the Zone directly from AstValueFactory. But that's generally the wrong Zone (the main Zone, instead of the temp Zone), and the creator of AstNodeFactory had to call set_zone right after. By adding a Zone param, we can pass the correct Zone right away. Also made PreParserFactory have an AstNodeFactory, so that we don't need to create temporary AstNodeFactories all the time. Also removed AstNodeFactory::BodyScope since DiscardableZoneScope essentially did the same thing already. BUG=v8:5516,v8:6092 Change-Id: I189d2e6afe91c91e49d8ed7e3496a0d9c405e1c5 Reviewed-on: https://chromium-review.googlesource.com/507129 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> Cr-Commit-Position: refs/heads/master@{#45370}
-
Marja Hölttä authored
Previous version was https://chromium-review.googlesource.com/502808 BUG=v8:5402 Change-Id: If327f4d7884577b7e5e6159372bf28a80cd21e51 Reviewed-on: https://chromium-review.googlesource.com/506073 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#45369}
-
Michael Starzinger authored
This makes message reporting use the same message text for the normal as well as --predictable execution. Running in predictable mode should just suppress all asm.js messages wholesale if needed. R=clemensh@chromium.org Change-Id: Ice1e83c4b098fbc4c3b301c685614afe26190016 Reviewed-on: https://chromium-review.googlesource.com/506093Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#45368}
-
mmoroz authored
Non-printable characters do not make sense. Inputs with non balanced brackets are mostly useless as well. This validation function makes the fuzzer 15-20x faster. Also use -only_ascii=1 option of libFuzzer: https://codereview.chromium.org/2875933003 BUG=chromium:584819 Review-Url: https://codereview.chromium.org/2881583002 Cr-Commit-Position: refs/heads/master@{#45367}
-
Georg Neis authored
This reverts commit bb90a2e8. Reason for revert: https://bugs.chromium.org/p/chromium/issues/detail?id=722978 Original change's description: > [compiler] Delay allocation of heap numbers for deoptimization literals. > > ... until after the main bulk of code generation, which will soon run on a > different thread. > > R=jarin@chromium.org > > Bug: v8:6048 > Change-Id: I12aaaf2725e2422f588c29f50084eb77b56ad9a5 > Reviewed-on: https://chromium-review.googlesource.com/505616 > Commit-Queue: Georg Neis <neis@chromium.org> > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Cr-Commit-Position: refs/heads/master@{#45340} TBR=jarin@chromium.org,neis@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Bug: v8:6048 Change-Id: I161f175685c24dc59ee4e761ea6d00a235573e7a Reviewed-on: https://chromium-review.googlesource.com/506021Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#45366}
-
Clemens Hammacher authored
The underlying issue is that TF Nodes cannot handle input counts outside the integer range. On an illegal br_table instruction, we generated a switch node with a control output count >kMaxInt. Operator::ControlOutputCount turned this into a negative integer later, leading to a failing DCHECK. Since such large numbers cannot occur in any valid wasm function anyway, we just add an additional check to the br table count. There is already a TODO in the code to change Operator::ControlOutputCount to size_t. R=ahaas@chromium.org BUG=chromium:722445 Change-Id: I1975072226e073dee6c8da3b9fa9a050a4695917 Reviewed-on: https://chromium-review.googlesource.com/505496Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#45365}
-