- 07 Mar, 2019 1 commit
-
-
Hannes Payer authored
Bug: v8:8945 Change-Id: I0e1b0d6751efdb468e603df21af4d36972b8b90b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1505455 Commit-Queue: Hannes Payer <hpayer@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
Yang Guo <yangguo@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#60090}
-
- 06 Mar, 2019 1 commit
-
-
Jakob Gruber authored
This piggy-backs off similar support for lite mode, which silently skips tests that require optimization in lite (and now jitless) modes. Bug: v8:7777,v8:8778, v8:8885 Change-Id: I666d92685ca71682224028743f02d0cce3723135 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1503758 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#60057}
-
- 04 Mar, 2019 2 commits
-
-
Benedikt Meurer authored
In the early days of Chrome when we used WebKit there was no support for ASCII strings on the C++ side, so we put a hint onto these two-byte strings that said "string only contains one byte data", such that internally in V8 when these were involved in string operations, we could instead create the *cheaper* one byte strings. Nowadays Blink properly supports one-byte string representations and this additional hint only comes with overhead, since we check it in quite a few places (i.e. on the hot path for string concatenation), plus we end up consuming more memory due to the additional string maps. Removing the hint also frees one bit in the InstanceType zoo for strings. This alone improves performance on the `bench-dom-serialize.js` test case by around **3%**. Tbr: mstarzinger@chromium.org Bug: v8:6622, v8:8834, v8:8939 Cq-Include-Trybots: luci.chromium.try:linux-blink-rel Change-Id: I0753f2859cee7b5a37b6f0da64d8ec39fcb044ff Doc: https://bit.ly/fast-string-concatenation-in-javascript Reviewed-on: https://chromium-review.googlesource.com/c/1498478 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by:
-
peterwmwong authored
As the TODO's indicate, these helpers only used by TypedArray#join when it was implemented in JS. As of https://chromium-review.googlesource.com/c/v8/v8/+/1369330 TypedArray#join is now implemented Torque and was optimized in a way that no longer requires these helpers anymore. Bug: v8:7624 Change-Id: I1d1ff80235a12feb3846ff92764e8593ce7c72c9 Reviewed-on: https://chromium-review.googlesource.com/c/1498692Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Commit-Queue: Peter Wong <peter.wm.wong@gmail.com> Cr-Commit-Position: refs/heads/master@{#59999}
-
- 01 Mar, 2019 1 commit
-
-
Matt Gardner authored
The original was reverted for breaking webkit layout tests: https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8-Blink%20Linux%2064/30270 It also caused the following clusterfuzz failures: chromium:935832 This was a correctness bug due to not properly handling the case of arrays with prototypes other than Array.prototype. Accesses that were TheHole were not being handled property, both in bounds holes in holey arrays and out of bounds on either holey or packed arrays. Handling was incorrect both in access-assembler and in Turbofan. chromium:935932 This bug was that there was no handling for Has checks on the global object. Turbofan was emitting code for a store (the 'else' condition on 'access_mode == AccessMode::kLoad'). It hit a DCHECK in debug builds but in release could show up in different places. This is the bug that caused the webkit layout test failure that led to the revert. Both bugs are fixed by in CL, and tests are added for those cases. Bug: v8:8733, chromium:935932, chromium:935832 Change-Id: Iba0dfcfce6e15d2c0815a7670ece67bc13ba1925 Reviewed-on: https://chromium-review.googlesource.com/c/1493132Reviewed-by:
Benedikt Meurer <bmeurer@chromium.org> Reviewed-by:
Sigurd Schneider <sigurds@chromium.org> Reviewed-by:
-
- 27 Feb, 2019 2 commits
-
-
Ross McIlroy authored
Bytecode flushing can make tests using assertOptimized flaky if the bytecode is flushed between marking and optimization. It can also be flaky if the feedback vector is collected before optimization. To prevent this, a new %PrepareForOptimization runtime-test function is added that hold onto the bytecode strongly until it is optimized after being explicitly marked for optimization by %OptimizeFunctionOnNextCall. BUG=v8:8801,v8:8395 Change-Id: Idbd962a3a2044b915903f9c5e92d1789942b5b41 Reviewed-on: https://chromium-review.googlesource.com/c/1463525 Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#59914}
-
Maya Lekova authored
Moved CoverageMode and TypeProfileMode enums to interface-types.h to save one include in isolate.h. This reduces the expanded lines of code count by ~45k. Bug: v8:8834 R=yangguo@chromium.org Change-Id: I399fe8cf66b1aec79bcb5831afd46a74e358244d Reviewed-on: https://chromium-review.googlesource.com/c/1489072Reviewed-by:
-
- 26 Feb, 2019 2 commits
-
-
tzik authored
V8 used to use the microtask context when it runs EnqueueJob step 2. > Let job settings be some appropriate environment settings object. https://html.spec.whatwg.org/multipage/webappapis.html#enqueuejob(queuename,-job,-arguments) However, it's being updated to use the handler's context. https://github.com/whatwg/html/issues/1426#issuecomment-340071080 Change-Id: I24840a28ef2c903539fe4ace74ae59da290f5109 Reviewed-on: https://chromium-review.googlesource.com/c/1465902Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Commit-Queue: Taiju Tsuiki <tzik@chromium.org> Cr-Commit-Position: refs/heads/master@{#59870}
-
Sigurd Schneider authored
This reverts commit 32fc0acf. Reason for revert: https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8-Blink%20Linux%2064/30270 layout test breakage: https://test-results.appspot.com/data/layout_results/V8-Blink_Linux_64/30270/webkit_layout_tests%20%28with%20patch%29/layout-test-results/results.html There is a dead node arriving in representation selection, which might indicate that the problem is not in this CL, but that this CL stirs up the node soup in such a way that dead code elimination gets confused. Original change's description: > Optimize `in` operator > > This change implements optimizations for the `in` operator for packed array > elements and object properties. It adds a new feedback slot kind and an IC > path similar to KeyedLoadIC for handling the lookups. TurboFan uses the > feedback to optimize based on the maps and keys. > > For more details see: > https://docs.google.com/document/d/1tIfzywY8AeNVcy_sen-5Xev21MeZwjcU8QhSdzHvXig > > This can provide 10x performance improvements of on loops of the form: > > for (let i = 0; i < ary.length; ++i) { > if (i in ary) { > ... > } > } > > > Bug: v8:8733 > Change-Id: I766bf865a547a059e5bce5399bb6112e5d9a85c8 > Reviewed-on: https://chromium-review.googlesource.com/c/1432598 > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Commit-Queue: Matt Gardner <magardn@microsoft.com> > Cr-Commit-Position: refs/heads/master@{#59843} TBR=ulan@chromium.org,rmcilroy@chromium.org,jkummerow@chromium.org,jarin@chromium.org,ishell@chromium.org,bmeurer@chromium.org,verwaest@chromium.org,magardn@microsoft.com Change-Id: Ib2db974e5bed4c4a2b6b450f796bdc4b0b8fd562 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:8733 Reviewed-on: https://chromium-review.googlesource.com/c/1488761Reviewed-by:
-
- 25 Feb, 2019 3 commits
-
-
Z Duong Nguyen-Huu authored
Bug: v8:6831 Change-Id: I6e9f6fc718928f2f86d3b3c2dd144a6636b05790 Reviewed-on: https://chromium-review.googlesource.com/c/1481895 Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com> Reviewed-by:
Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#59844}
-
Matt Gardner authored
This change implements optimizations for the `in` operator for packed array elements and object properties. It adds a new feedback slot kind and an IC path similar to KeyedLoadIC for handling the lookups. TurboFan uses the feedback to optimize based on the maps and keys. For more details see: https://docs.google.com/document/d/1tIfzywY8AeNVcy_sen-5Xev21MeZwjcU8QhSdzHvXig This can provide 10x performance improvements of on loops of the form: for (let i = 0; i < ary.length; ++i) { if (i in ary) { ... } } Bug: v8:8733 Change-Id: I766bf865a547a059e5bce5399bb6112e5d9a85c8 Reviewed-on: https://chromium-review.googlesource.com/c/1432598Reviewed-by:
Igor Sheludko <ishell@chromium.org> Reviewed-by:
-
Ross McIlroy authored
Template objects should be cached after they are first created and reused on subsiquent calls to tag functions. Currently these cached objects are stored on the feedback vector, which has appropriate lifetime, however with bytecode flushing the feedback vector could be cleared when the bytecode is flushed, causing the template object to be dropped. In order to retain the cached template objects in the face of bytecode flushing, this CL adds a weakmap for each native context that is (weakly) keyed by shared function info, and holds a linked list of cached template objects associated with that shared function info, indexed by feedback vector slot id. Misses will check this weakmap, and if no entry is found, a new template object is created and added into this weakmap alongside the feedback vector. BUG=v8:8799,v8:8799,v8:8395 Change-Id: Ia95d5cfc394ce58dc9fe6a1e49780f05299acc17 Reviewed-on: https://chromium-review.googlesource.com/c/1477746 Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by:
-
- 22 Feb, 2019 1 commit
-
-
Andreas Haas authored
This CL changes the secondary stack check for WebAssembly functions with big stack frames in the code generator from calling a runtime function to calling a code stub. The runtime function caused problems with serialization. R=mstarzinger@chromium.org CC=bbudge@chromium.org Bug: v8:8882 Change-Id: Iab4a1a8af233726d322722d87433f0cb33e60ac3 Reviewed-on: https://chromium-review.googlesource.com/c/1480375 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by:
Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#59790}
-
- 20 Feb, 2019 1 commit
-
-
Jakob Gruber authored
The ReplacementStringBuilder had a tricky API that required manually growing the backing store if needed. This saves a few int additions and comparisons, but is probably not worth the potential for errors. This CL changes to automatic growth that is invisible to the user. Bug: chromium:933521 Change-Id: I7d2404a48fe47ccce9af919910c06a9eca598120 Reviewed-on: https://chromium-review.googlesource.com/c/1477748Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#59726}
-
- 19 Feb, 2019 1 commit
-
-
Jakob Gruber authored
These are no longer needed now that JS builtins have been fully removed. The internal match usage in assert.js has been replaced by a custom miniparser. The internal replace use in various string builtins was replaced by manual global string replacement in a runtime function. Bug: v8:8842,v8:7624 Change-Id: Ieb49c694662a13e84fd9fd2fe5d0412b8e0574da Reviewed-on: https://chromium-review.googlesource.com/c/1473030Reviewed-by:
Peter Wong <peter.wm.wong@gmail.com> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#59689}
-
- 15 Feb, 2019 1 commit
-
-
Jakob Kummerow authored
This takes heap-inl.h out of the "Giant Include Cluster". Naturally, that means adding a bunch of explicit includes in a bunch of places that relied on transitively including them before. As of this patch, no header file outside src/heap/ includes heap-inl.h. Bug: v8:8562,v8:8499 Change-Id: I65fa763f90e66afc30d105b9277792721f05a6d4 Reviewed-on: https://chromium-review.googlesource.com/c/1459659 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by:
Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
-
- 14 Feb, 2019 2 commits
-
-
Benedikt Meurer authored
When calling into API callbacks from TurboFan optimized, we can currently only take a fast-path when TurboFan is able to find some information about the receiver in the graph, or when the API callback specifies that it neither requires an access check (aka "accepts any receiver") nor an interface check (aka "compatible receiver check"). This change introduces a new CallFunctionTemplate builtin that sits in front of the CallApiCallback builtin and does both the access as well as the interface check as necessary (and raises appropriate exceptions). This way TurboFan can still call into the API callback via the fast-path even without ahead knowledge about the receiver, which is significantly faster than the generic call machinery for API callbacks. On the test case from the Angular team[1], the interesting metrics improve from DOM_mono: 0.273 ms DOM_mega: 0.571 ms DOM_call: 0.649 ms to DOM_mono: 0.264 ms DOM_mega: 0.572 ms DOM_call: 0.368 ms so the DOM_call is only about **1.4 times slower** than the DOM_mono and about **1.5 times faster** than the DOM_mega case (compared to **2.4 times slower**). Execution time in the DOM_call was reduced by around **~45%**. Currently this new code path is limited to TurboFan optimized code, but the idea is to eventually migrate the API calls from baseline to also use the new CSA functionality, but there are lot's of subleties to take into account, so starting with small changes to get coverage for the basic building blocks. [1]: https://mhevery.github.io/perf-tests/DOM-megamorphic.html Bug: v8:8820 Change-Id: Ie1029cf182ce05a6e519fd9a9d4fa825db8adb4c Cq-Include-Trybots: luci.chromium.try:linux-blink-rel Reviewed-on: https://chromium-review.googlesource.com/c/1470129 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by:
-
Mythri authored
The megamorphic case in the KeyedStoreIC doesn't use/update any feedback. We could use this path to fast path some of the keyed stores instead of misssing to the runtime when the feedback vector is not available. This cl, moves the check for feedback vector from the bytecode handler to the KeyedStoreIC and calls the KeyedStoreIC_Megamorphic builtin when there is no valid feedback vector. This will help improve the performance of no feedback/jitless case. Bug: v8:8293 Change-Id: I71c128b355d47ac20e50fc836f4bc2cf0aab1154 Reviewed-on: https://chromium-review.googlesource.com/c/1460946 Commit-Queue: Mythri Alle <mythria@chromium.org> Reviewed-by:
-
- 13 Feb, 2019 3 commits
-
-
Mythri authored
The uninitialized case in the StoreIC doesn't use any feedback. We could use this path to fast path some of the named stores instead of missing to the runtime when the feedback vector is not available. Bug: v8:8293 Change-Id: Ib3c4f843b24a377708f8db18fae10983e5633484 Reviewed-on: https://chromium-review.googlesource.com/c/1463781 Commit-Queue: Mythri Alle <mythria@chromium.org> Reviewed-by:
-
Mythri authored
When an error occurs when storing the properties we either need to throw or ignore the error depending on the language mode. We used to infer the language mode from the type feedback vector. This cl instead falls back to runtime to check and throw an error when needed. Bug: v8:8580 Change-Id: Iebeb3ca86d753157329dc1b5cfd1c07af2ff3dcd Reviewed-on: https://chromium-review.googlesource.com/c/1458220Reviewed-by:
-
Nico Weber authored
For macros expanding to function definitions, I removed the spurious ; after macro invocations. For macros expandign to function declarations, I made the ; required and consistently inserted it. No behavior change. Bug: chromium:926235 Change-Id: Ib8085d85d913d74307e3481f7fee4b7dc78c7549 Reviewed-on: https://chromium-review.googlesource.com/c/1467545Reviewed-by:
-
- 12 Feb, 2019 1 commit
-
-
Georg Neis authored
... as there's no search involved and there are never multiple names. Change-Id: Ice88c4d98195e74f6540926b0a1199df62b42da2 Reviewed-on: https://chromium-review.googlesource.com/c/1466645Reviewed-by:
-
- 11 Feb, 2019 1 commit
-
-
Ulan Degenbaev authored
Bug: chromium:852420 Change-Id: I659e8d2d047387d7b73f11406b29696d74d84ff7 Reviewed-on: https://chromium-review.googlesource.com/c/1462965Reviewed-by:
-
- 08 Feb, 2019 1 commit
-
-
Benedikt Meurer authored
This adds a new %ClearMegamorphicStubCache() runtime function, which can be used to easily wipe the megamorphic stub cache. This is useful when investigating performance issues that are related to high contention on the megamorphic stub cache. Change-Id: I7abb496bf1dd658298a90065241dd317f2fb6624 Reviewed-on: https://chromium-review.googlesource.com/c/1459637 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by:
-
- 07 Feb, 2019 1 commit
-
-
Ujjwal Sharma authored
Port String.prototype.endsWith from a CPP builtin to a Torque builtin. Spec: https://tc39.github.io/ecma262/#sec-string.prototype.endswith Bug: v8:8400 Change-Id: I4ac8cb92acb68389db844deaecc9ae1c6e7d6bd5 Reviewed-on: https://chromium-review.googlesource.com/c/1454677 Commit-Queue: Simon Zünd <szuend@chromium.org> Reviewed-by:
-
- 05 Feb, 2019 1 commit
-
-
Ujjwal Sharma authored
Port String.prototype.startsWith from a CPP builtin to a Torque builtin. Spec: https://tc39.github.io/ecma262/#sec-string.prototype.startswith Bug: v8:8400 Change-Id: I51aff0b3a4126c17ab4f89763019fd7e4ba665d9 Reviewed-on: https://chromium-review.googlesource.com/c/1361340 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by:
-
- 02 Feb, 2019 1 commit
-
-
Suraj Sharma authored
The program: foo; let foo = 5; …now produces: ReferenceError: Cannot access 'foo' before initialization …instead of: ReferenceError: foo is not defined Bug: v8:6513, v8:6951 Change-Id: I6c372626734570d5abeb1d0196b814dde02b9e3e Reviewed-on: https://chromium-review.googlesource.com/c/1441151Reviewed-by:Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by:
Mathias Bynens <mathias@chromium.org> Commit-Queue: Suraj Sharma <surshar@microsoft.com> Commit-Queue: Mathias Bynens <mathias@chromium.org> Cr-Commit-Position: refs/heads/master@{#59307}
-
- 31 Jan, 2019 1 commit
-
-
Ben Smith authored
* There are now two indexes for table.copy and memory.copy, one for the source and the one for the destination table/memory. (see https://github.com/WebAssembly/bulk-memory-operations/pull/43) * Reverse the order of the table.init and memory.init indexes, so the segment index is first and the table/memory index is second. (see https://github.com/WebAssembly/bulk-memory-operations/pull/45) Change-Id: I1781edd4200a7b693e3d0814999e6292aafa58d3 Reviewed-on: https://chromium-review.googlesource.com/c/1446149Reviewed-by:
Ben Titzer <titzer@chromium.org> Commit-Queue: Ben Smith <binji@chromium.org> Cr-Commit-Position: refs/heads/master@{#59259}
-
- 30 Jan, 2019 1 commit
-
-
Marja Hölttä authored
This replaces WeakFactory with FinalizationGroup. New API is here: https://weakrefs.netlify.com/ BUG=v8:8179 Change-Id: I8c1c4a70deb42581d17117423dd29d93bdd35cb0 Reviewed-on: https://chromium-review.googlesource.com/c/1435938Reviewed-by:
Maya Lekova <mslekova@chromium.org> Reviewed-by:
-
- 29 Jan, 2019 1 commit
-
-
Ulan Degenbaev authored
This replaces InNewSpace with InYoungGeneration, which is a prerequisite for young large objects. Additional changes: - FROM_SPACE, TO_SPACE flags are renamed to FROM_PAGE, TO_PAGE. - A new LARGE_PAGE flag is added. - The external string table is refactored to track young string instead of new space strings. Bug: chromium:924547 Change-Id: Ia4e3ba1b72995c3400257a1f98559f091533e811 Reviewed-on: https://chromium-review.googlesource.com/c/1437274Reviewed-by:
-
- 28 Jan, 2019 1 commit
-
-
Camillo Bruni authored
- Dehandlify ScopeInfo::ContextSlotIndex - Dehandlify ScriptContextTable::Lookup - Introduce function-kind.h with range-based helper methods - Spread usage of Scope::is_script_scope and friends Change-Id: I8ed1d82cc5bb9ea3fce856e16e9eafe194fb57ba Reviewed-on: https://chromium-review.googlesource.com/c/1430100Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Reviewed-by:
-
- 25 Jan, 2019 2 commits
-
-
Mythri authored
Inferring the language mode involves iterating the stack to find the closure. This is an expensive operation and should be done only when required. This cl changes the implementation to infer the language mode only when we can't defer it any further. Currently, we infer the language mode when throwing an exception or when passing this information to PropertyCallbackArguments. This cl also changes the language mode parameter to SetProperty related methods to Maybe<ShouldThrow>. We only use the language mode to decide if we need to throw and using ShouldThrow instead of language mode simplifies the code by avoiding conversions from Maybe<ShouldThrow> to Maybe<LanguageMode> and vice-versa. Bug: v8:8580, chromium:923820, chromium:925289 Change-Id: I72497497f62fe0d86fcecd57b06b3183b7531f7b Reviewed-on: https://chromium-review.googlesource.com/c/1425912 Commit-Queue: Mythri Alle <mythria@chromium.org> Reviewed-by:
Andreas Haas <ahaas@chromium.org> Reviewed-by:
-
Mythri authored
SetProperty now infers the language mode from the closure and the context So we no longer have to pass around the language mode. Cleanup by removing the parameter where it is no longer needed. Bug: v8:8580 Change-Id: I89452b5a762eb48a911f158d22c7bfa9e3bb1be4 Reviewed-on: https://chromium-review.googlesource.com/c/1421840 Commit-Queue: Mythri Alle <mythria@chromium.org> Reviewed-by:
Georg Neis <neis@chromium.org> Reviewed-by:
-
- 24 Jan, 2019 1 commit
-
-
Mythri authored
This is a reland of 0896599f with a fix for failing layout test. Original change's description: > Change SetProperty/SetSuperProperty to infer language mode when possible > > In most cases, the language mode can be inferred from the closure and > the context. Computing the language mode instead of passing it around > simplifies the ICs and will make it possible to go towards lazily > allocating feedback vectors. Currently ICs obtain the language mode from > the feedback vectors and with lazy feedback allocation we may not always > have feedback vectors. Since computing language mode is a bit expensive > we want to defer it as far as possible. > > In Array builtins and other builtins like Reflect.Set we need to force a > language mode when setting the properties. To support these cases the > SetProperty methods allow the language mode to be overridden when needed. > > This is a first cl in a series of cls, that will defer the language mode > computation further and remove language mode where it is not needed. > > BUG: v8:8580 > Change-Id: I9c2396e3bcfe77c3c9d6760c46d86954d54744b9 > Reviewed-on: https://chromium-review.googlesource.com/c/1409426 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Commit-Queue: Mythri Alle <mythria@chromium.org> > Cr-Commit-Position: refs/heads/master@{#58893} TBR: ahaas@chromium.org Change-Id: Id5d81eae91b55638dbc72168f0e5203e684869fb Reviewed-on: https://chromium-review.googlesource.com/c/1421077 Commit-Queue: Mythri Alle <mythria@chromium.org> Reviewed-by:
-
- 23 Jan, 2019 2 commits
-
-
Ben L. Titzer authored
The table.init bytecode copies a range of elements from an element segment into a table, trapping if the segment is not passive, is dropped, or would cause out-of-bounds accesses. R=mstarzinger@chromium.org CC=binji@chromium.org BUG=v8:7747 Change-Id: Ib27af9cca45a464fd1f876ddd092e99941481896 Reviewed-on: https://chromium-review.googlesource.com/c/1430063 Commit-Queue: Ben Titzer <titzer@chromium.org> Reviewed-by:
-
Michael Starzinger authored
This implements support for the "throw" operation in the interpreter. Note that support for catching/handling exceptions is still missing from the interpreter in will be done separately. This also introduces a {WasmExceptionPackage} class to the object model that acts as an interface for allocating and accessing exceptions that originate from WebAssembly. It does not represent a new instance type however as exceptions are instances of {WebAssembly.RuntimeError} for now. R=clemensh@chromium.org TEST=mjsunit/wasm/exceptions BUG=v8:8091 Change-Id: I1f0cb548efb798e3c1488d42e4a31421c3c1aada Reviewed-on: https://chromium-review.googlesource.com/c/1430099Reviewed-by:Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#59033}
-
- 22 Jan, 2019 3 commits
-
-
Peter Marshall authored
Some includes in log.h were only needed by log.cc so move them there. Some were not needed at all, so remove them completely. Drive-by cleanup FunctionEvent(), which was never called without args for the last parameters which had default values. Change-Id: Id8b0c634c4d39d3c278ab3d932ed7af4142fd9c9 Reviewed-on: https://chromium-review.googlesource.com/c/1425914Reviewed-by:
-
Simon Zünd authored
This CL enables the pre-processing step of copying from the prototype chain for JSArrays. Previously, this was done for everything BUT JSArrays. This brings Array#sort more in line with other engines in the case of undefined behavior. R=jgruber@chromium.org Bug: v8:8666 Change-Id: I832d470dc02111b64dc4919e84e7e3e47c8fdd47 Reviewed-on: https://chromium-review.googlesource.com/c/1426119 Commit-Queue: Simon Zünd <szuend@chromium.org> Reviewed-by:
-
Peter Marshall authored
Everything was including log.h through heap-inl.h, so remove that include by moving the one user into heap.cc, and then fix all the include errors. This reduces the log.h include ball from ~550 to ~100. Change-Id: I6d09bc2f365b48645fcfdc695a68ea12539a745d Reviewed-on: https://chromium-review.googlesource.com/c/1424198 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by:
-
- 18 Jan, 2019 1 commit
-
-
Igor Sheludko authored
Bug: v8:8477, v8:8562 Change-Id: Ieb677e0989f77ed207567d468faec0bf92752967 Reviewed-on: https://chromium-review.googlesource.com/c/1388529Reviewed-by:
-
