- 17 May, 2017 12 commits
-
-
mmoroz authored
Non-printable characters do not make sense. Inputs with non balanced brackets are mostly useless as well. This validation function makes the fuzzer 15-20x faster. Also use -only_ascii=1 option of libFuzzer: https://codereview.chromium.org/2875933003 BUG=chromium:584819 Review-Url: https://codereview.chromium.org/2881583002 Cr-Commit-Position: refs/heads/master@{#45367}
-
Georg Neis authored
This reverts commit bb90a2e8. Reason for revert: https://bugs.chromium.org/p/chromium/issues/detail?id=722978 Original change's description: > [compiler] Delay allocation of heap numbers for deoptimization literals. > > ... until after the main bulk of code generation, which will soon run on a > different thread. > > R=jarin@chromium.org > > Bug: v8:6048 > Change-Id: I12aaaf2725e2422f588c29f50084eb77b56ad9a5 > Reviewed-on: https://chromium-review.googlesource.com/505616 > Commit-Queue: Georg Neis <neis@chromium.org> > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Cr-Commit-Position: refs/heads/master@{#45340} TBR=jarin@chromium.org,neis@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Bug: v8:6048 Change-Id: I161f175685c24dc59ee4e761ea6d00a235573e7a Reviewed-on: https://chromium-review.googlesource.com/506021Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#45366}
-
Clemens Hammacher authored
The underlying issue is that TF Nodes cannot handle input counts outside the integer range. On an illegal br_table instruction, we generated a switch node with a control output count >kMaxInt. Operator::ControlOutputCount turned this into a negative integer later, leading to a failing DCHECK. Since such large numbers cannot occur in any valid wasm function anyway, we just add an additional check to the br table count. There is already a TODO in the code to change Operator::ControlOutputCount to size_t. R=ahaas@chromium.org BUG=chromium:722445 Change-Id: I1975072226e073dee6c8da3b9fa9a050a4695917 Reviewed-on: https://chromium-review.googlesource.com/505496Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#45365}
-
Clemens Hammacher authored
The interpreter does not implement all asm.js specific opcodes. Thus the combination of --validate-asm and --wasm-interpret-all might crash. The interpreter does not need to execute asm.js modules, as they are debugged by executing them in turbofan instead of the wasm interpreter. This CL thus excludes asm.js modules from --wasm-interpret-all. R=ahaas@chromium.org BUG=chromium:719175 Change-Id: I14228ea11ee3ea8a229cfa6e4179338a442b6cca Reviewed-on: https://chromium-review.googlesource.com/506160 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#45364}
-
Michael Lippautz authored
Bug: chromium:651354 Change-Id: I9df2ca542112f04787987bda67657fc4015787b5 Reviewed-on: https://chromium-review.googlesource.com/506152 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#45363}
-
Michael Starzinger authored
This encapsulates message reporting into separate functions independent from the logic of asm.js compilation and instantiation. It is mostly refactoring with a small fix to also report successful instantiation of the "single function" case. R=clemensh@chromium.org Change-Id: I89c2d62707e891bf51c19945c4067195f41290a4 Reviewed-on: https://chromium-review.googlesource.com/506195 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#45362}
-
bmeurer authored
Migrate the Object.keys builtin to the CodeStubAssembler and use the enum cache backing store whenever it is available. This gives a nice speedup of 1.5x to 2x when using Object.keys on fast-mode objects that have (or can have) an enum cache. R=cbruni@chromium.org BUG=v8:5269,v8:6405 Review-Url: https://codereview.chromium.org/2853393002 Cr-Commit-Position: refs/heads/master@{#45361}
-
Michael Lippautz authored
TBR=ulan@chromium.org Bug: chromium:651354 Change-Id: Ib3a53a62e048e438bc31cbfd2ea44d17fd6a3b94 Reviewed-on: https://chromium-review.googlesource.com/506204Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#45360}
-
Andrii Shyshkalov authored
Example failure: https://uberchromegw.corp.google.com/i/tryserver.v8/builders/v8_node_linux64_rel/builds/2022/steps/update%20v8/logs/stdio R=machenbach@chromium.org Bug: chromium:722853 Change-Id: I5483dd7e09ac20fce214cd90ca949118fe1e52b0 Reviewed-on: https://chromium-review.googlesource.com/505622 Commit-Queue: Andrii Shyshkalov <tandrii@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#45359}
-
Michael Achenbach authored
TBR=phajdan.jr@chromium.org NOTRY=true Change-Id: Ifaec5818beda86020f14b2be39821759a3ee058e Reviewed-on: https://chromium-review.googlesource.com/506731Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#45358}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/7571a8a..8b49e99 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Change-Id: I23ffca10b9188f67adf5fd9436f71974f9db85e4 Reviewed-on: https://chromium-review.googlesource.com/505637Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#45357}
-
dgozman authored
BUG=none Review-Url: https://codereview.chromium.org/2887013002 Cr-Commit-Position: refs/heads/master@{#45356}
-
- 16 May, 2017 28 commits
-
-
dgozman authored
This brings clear separation to tasks vs isolate management. BUG=none Review-Url: https://codereview.chromium.org/2885253002 Cr-Commit-Position: refs/heads/master@{#45355}
-
kozyatinskiy authored
By default we just break when we first time reach passed location, with current - we'll break at passed location only when it happens within the same stack frame. BUG=v8:6397 R=dgozman@chromium.org Review-Url: https://codereview.chromium.org/2879923003 Cr-Commit-Position: refs/heads/master@{#45354}
-
Michael Lippautz authored
Adds a generic job that is based on items and tasks. Bug: chromium:651354 Change-Id: I378e04741c5761ea6c4a74816b9af8ea22867f53 Reviewed-on: https://chromium-review.googlesource.com/506075 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#45353}
-
dgozman authored
This will make it easier to create more connections/context groups. BUG=none Review-Url: https://codereview.chromium.org/2886903003 Cr-Commit-Position: refs/heads/master@{#45352}
-
bbudge authored
- Adds vdup.<size> Dd/Qd, Dm[i] instruction. - Adds vsli, vsri instructions. - Changes VMovExtended to use these to avoid moves to core registers. LOG=N BUG=v8:6020 Review-Url: https://codereview.chromium.org/2868603002 Cr-Commit-Position: refs/heads/master@{#45351}
-
Franziska Hinkelmann authored
No need to return an empty map. Return a JSObject instead. Bug: v8:5933 Change-Id: I9fb727c5e1920ba94fd3d5e7ef2a7d9d602f56d8 Reviewed-on: https://chromium-review.googlesource.com/506194Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Franziska Hinkelmann <franzih@chromium.org> Cr-Commit-Position: refs/heads/master@{#45350}
-
kozyatinskiy authored
So continue to location can be called only for one context group id at the same time. BUG=v8:6397 Review-Url: https://codereview.chromium.org/2882213004 Cr-Commit-Position: refs/heads/master@{#45349}
-
sampsong authored
R=bjaideep@ca.ibm.com, jyan@ca.ibm.com, joransiu@ca.ibm.com BUG= Review-Url: https://codereview.chromium.org/2888533003 Cr-Commit-Position: refs/heads/master@{#45348}
-
Georg Neis authored
TBR=yangguo@chromium.org Bug: Change-Id: I7407b394a0e1f6a3ffdfe5a9a5a123c30ad3e5c6 Reviewed-on: https://chromium-review.googlesource.com/506196 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#45347}
-
Leszek Swirski authored
Generate the code (extra runtime calls) for --trace-ignition support at compile time, based on a #define (similar to TRACE_MAPS). Then check for --trace-ignition at run-time when deciding whether to actually print anything. This should make --trace-ignition less painful to use. Note that --trace-igition is disabled by default, even on debug builds. It has to be enabled with the gn arg "v8_enable_trace_ignition=true" As a drive-by, TRACE_MAPS is renamed to V8_TRACE_MAPS, for consistency, and SFI unique index (needed both by --trace-ignition and --trace-maps) is cleaned up to be behind another #define. Change-Id: I8dd0c62d0e6b7ee9c75541d45eb729dc03acbee9 Reviewed-on: https://chromium-review.googlesource.com/506203 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#45346}
-
Jakob Kummerow authored
Change-Id: Iadd6764c3b478b4363c95fbfc9370fd8f47b6080 Reviewed-on: https://chromium-review.googlesource.com/505493 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#45345}
-
Leszek Swirski authored
Since deferred return/async return/rethrow commands don't have an associated statement, we can reuse their entries in the deferred command list. Bug: v8:4280 Bug: v8:6218 Change-Id: Ic51fb735d4ea13ebea1d5e456ec5689c0d98a4ac Reviewed-on: https://chromium-review.googlesource.com/506077 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#45344}
-
Ross McIlroy authored
BUG=v8:6379 Change-Id: Ieddf861db3e5ef0445989c25ba5ee36f47c0d1bf Reviewed-on: https://chromium-review.googlesource.com/506155 Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#45343}
-
Georg Neis authored
R=adamk@chromium.org Bug: Change-Id: I47087c6a15beceb7084079dcf644de7e9ede772c Reviewed-on: https://chromium-review.googlesource.com/505620Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#45342}
-
Leszek Swirski authored
Bug: v8:6218 Change-Id: I5d245ea485c93fcc03fcd95c82ae0474f31ffa5e Reviewed-on: https://chromium-review.googlesource.com/505491 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#45341}
-
Georg Neis authored
... until after the main bulk of code generation, which will soon run on a different thread. R=jarin@chromium.org Bug: v8:6048 Change-Id: I12aaaf2725e2422f588c29f50084eb77b56ad9a5 Reviewed-on: https://chromium-review.googlesource.com/505616 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#45340}
-
ivica.bogosavljevic authored
Reland d8bfdb7a Original commit message: If alignment parameter is set, the memory returned by the StackSlot operator will be aligned according to the parameter. The implementation goes like this. If alignment parameter is set we allocate a bit more memory than actually needed and so we can move the beginning of the StackSlot in order to have it aligned. BUG= Review-Url: https://codereview.chromium.org/2874713003 Cr-Commit-Position: refs/heads/master@{#45339}
-
Ross McIlroy authored
JSFunctions should no longer be materialized on deopt, and the code doing the materialization doesn't keep track of clearing the optimized code slot if the function is marked for deopt, so just remove it. BUG=chromium:718891 Change-Id: I8a1abfd2a1b810017c06fa6f889a85b428cb9dbd Reviewed-on: https://chromium-review.googlesource.com/498628Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#45338}
-
Leszek Swirski authored
Bug: v8:6218 Change-Id: I53806585ee2ba5ea5bc49748a659cceb2eeaf501 Reviewed-on: https://chromium-review.googlesource.com/506668 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#45337}
-
Wiktor Garbacz authored
Unify, simplify logic, reduce UTF8 specific handling. Intend of this is also to have stream views. Stream views can be used concurrently by multiple threads, but only one thread may fetch new data from the underlying source. This together with unified stream view creation is intended to be used for parse tasks. BUG=v8:6093 Change-Id: Ied8e93090c506d4735080298f0fdaeed32043915 Reviewed-on: https://chromium-review.googlesource.com/501789 Commit-Queue: Wiktor Garbacz <wiktorg@google.com> Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#45336}
-
Leszek Swirski authored
Bug: v8:6351 Bug: v8:6366 Change-Id: I3ec9bd75031b2c6148278353461f442c1eaf60ca Reviewed-on: https://chromium-review.googlesource.com/506015 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#45335}
-
Georg Neis authored
This is in preparation for running code generation off the main thread. Bug: v8:6048 Change-Id: Ic1ddcbbb8995d49dfcef1ffbf135117291a00ea7 Reviewed-on: https://chromium-review.googlesource.com/505513Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#45334}
-
Georg Neis authored
... by only looking at the handle. This is in preparation for running code generation off the main thread. Bug: v8:6048 Change-Id: I19b105c13278a2821a0b2395033e54abf5552a43 Reviewed-on: https://chromium-review.googlesource.com/506190Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#45333}
-
Jakob Kummerow authored
BUG=v8:6371 Change-Id: Iacb4ad572ea83ade6262272ed30d4cb684f9d8ed Reviewed-on: https://chromium-review.googlesource.com/505107 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#45332}
-
dusan.simicic authored
This change adds simd lowering support for: I8x16Splat,I8x16ExtractLane,I8x16ReplaceLane,I8x16Neg,I8x16Shl, I8x16ShrS,I8x16Add,I8x16AddSaturateS,I8x16Sub,I8x16SubSaturateS, I8x16Mul,I8x16MinS,I8x16MaxS,I8x16ShrU,I8x16AddSaturateU, I8x16SubSaturateU,I8x16MinU,I8x16MaxU,I8x16Eq,I8x16Ne,I8x16LtS, I8x16LeS,I8x16LtU,I8x16LeU operations BUG= Review-Url: https://codereview.chromium.org/2867343002 Cr-Commit-Position: refs/heads/master@{#45331}
-
Jakob Kummerow authored
When most elements of an object are deleted, we want to normalize its elements backing store to a dictionary in order to save space. Finding the right time to do so should not incur a linear cost on each delete operation. This patch changes the heuristic to an amortized-constant approach based on a global counter and the current backing store capacity. BUG=chromium:542978 Change-Id: Ifdf29ab2211fdde1df9078f63be4118627d6a67e Reviewed-on: https://chromium-review.googlesource.com/506191Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#45330}
-
Georg Neis authored
R=jarin@chromium.org Bug: v8:6048 Change-Id: Ia80a403f647b176ef02807f6d15b3198b55234bc Reviewed-on: https://chromium-review.googlesource.com/506013 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#45329}
-
Ross McIlroy authored
Now that the optimized code hangs off the feedback vector, it is possible to check whether a function has optimized code available every time it's called in the interpreter entry trampoline. If optimized code exists, the interpreter entry trampoline 'self-heals' the closure to point to the optimized code and links the closure into the optimized code list. BUG=v8:6246 Change-Id: I53b095db2a75ae4824c8195faf8649d766c86118 Reviewed-on: https://chromium-review.googlesource.com/501967Reviewed-by: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#45328}
-