- 07 May, 2018 5 commits
-
-
Yang Guo authored
R=verwaest@chromium.org Bug: v8:5773 Change-Id: Ifd29a1116ee8c86b8d8d24485bbfd19e260ab66b Reviewed-on: https://chromium-review.googlesource.com/1046088 Commit-Queue: Yang Guo <yangguo@chromium.org> Reviewed-by:
Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#53015}
-
Peter Marshall authored
We can save a pointer of space for each CodeEntry by removing this field which we don't really need. Instead of concatenating the name string on demand, concatenate the prefix eagerly. Reduces sizeof(CodeEntry) from 136 to 128 on 64-bit. Bug: v8:7719 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: Id346a8f36794e337e8c886f8d1969431424539b0 Reviewed-on: https://chromium-review.googlesource.com/1039825Reviewed-by:
Yang Guo <yangguo@chromium.org> Reviewed-by:
Alexei Filippov <alph@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#53014}
-
Camillo Bruni authored
Change-Id: I9d8b13df0af987d9fcacdf57f2cfd71ec21b3ff9 Reviewed-on: https://chromium-review.googlesource.com/1042708 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#53013}
-
Camillo Bruni authored
This CL fixes a bug where we would accidentally shrink to the same size of the StringTable causing repeated unecessary allocations. Bug: v8:5443, chromium:818642 Change-Id: I353b179616d5293f6d7143e7381ae6711343a835 Reviewed-on: https://chromium-review.googlesource.com/1044207Reviewed-by:
Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#53012}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/506800f..1fd2d08 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: I1461e1e9c839a717d307eb51b79f49ecf4f45616 Reviewed-on: https://chromium-review.googlesource.com/1046246 Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Reviewed-by:
v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#53011}
-
- 06 May, 2018 2 commits
-
-
Sathya Gunasekaran authored
TBR: hpayer@chromium.org Bug: v8:6443 Change-Id: I1750475084cbcd783551d9b7c65c8ccca9b63ea3 Reviewed-on: https://chromium-review.googlesource.com/1045615 Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by:
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/0a40aa9..506800f Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/39e3bc6..3059fd7 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: I3cc068e21babbe30dd36eb715209a1b6c3214441 Reviewed-on: https://chromium-review.googlesource.com/1046127 Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Reviewed-by:
-
- 05 May, 2018 1 commit
-
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/55b398a..0a40aa9 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/153134e..39e3bc6 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: Ibba9fa7e267b5b8b92cdb3d43776e62ae32abb30 Reviewed-on: https://chromium-review.googlesource.com/1045792 Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Reviewed-by:
-
- 04 May, 2018 32 commits
-
-
Eric Holk authored
Change-Id: I19106adfd5407cbef05142fde3b7eb00ecd8ff52 Reviewed-on: https://chromium-review.googlesource.com/1043256Reviewed-by:
Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Eric Holk <eholk@chromium.org> Cr-Commit-Position: refs/heads/master@{#53007}
-
Eric Holk (eholk) authored
In preparing for adding trap-based bounds checking to Windows, this change refactors the code to separate the platform-specific portions from that which can be shared between platforms. Internally, we've renamed `RegisterDefaultSignalHandler` to `RegisterDefaultTrapHandler` to more accurately represent the difference in terminology between Linux (signals) and Windows (exceptions). The external API is left the same so as not to break downstream clients. This CL is primarily to make room for Windows support. Future CLs will begin adding support for Windows. This is a reincarnation of https://crrev.com/c/626558. Bug: v8:6743 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: Iaa8bfd68c14cd1d17933b12c24cb8dd5ee8a21d6 Reviewed-on: https://chromium-review.googlesource.com/998829 Commit-Queue: Eric Holk <eholk@chromium.org> Reviewed-by:
Brad Nelson <bradnelson@chromium.org> Cr-Commit-Position: refs/heads/master@{#53006}
-
Alexei Filippov authored
Change-Id: I450efa4916bd774265991f987f4be618ba2eb1d2 Reviewed-on: https://chromium-review.googlesource.com/1045168 Commit-Queue: Alexei Filippov <alph@chromium.org> Reviewed-by:
Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Cr-Commit-Position: refs/heads/master@{#53005}
-
Alexei Filippov authored
ProfilerListener which holds CodeEntries has been moved from Logger to CpuProfiler. This way we can clear entries when all the profiles produced by a particular CpuProfiler are deleted. BUG=v8:7719 Change-Id: I31d47dc7da44648c8fb8e87b47e2e6260d3dc5c3 Reviewed-on: https://chromium-review.googlesource.com/1043050Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Commit-Queue: Alexei Filippov <alph@chromium.org> Cr-Commit-Position: refs/heads/master@{#53004}
-
Erik Luo authored
Creating a new instance from a v8::Function will invoke its constructor. If it is an API callback that has not been marked as kHasNoSideEffect, this CL introduces a way to invoke it without throwing. Calls within the constructor are still checked for side effects. Bug: chromium:829571 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: Ia4e410d487e2847bc511cb96f0be30a3563991f6 Reviewed-on: https://chromium-review.googlesource.com/1034116 Commit-Queue: Erik Luo <luoe@chromium.org> Reviewed-by:
Hannes Payer <hpayer@chromium.org> Reviewed-by:
-
Michael Starzinger authored
This makes {Script} objects created for WebAssembly no longer reference a concrete instance object, but a module object instead. All uses of the field in question only require module-wide information and the script is meant to represent the set of all instances, not just one concrete instance. R=clemensh@chromium.org Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I751d4b75c8a970cffcb1a37b6c22ff69e9ee5489 Reviewed-on: https://chromium-review.googlesource.com/1043871Reviewed-by:Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#53002}
-
Daniel Clifford authored
Torque expressions of type constexpr are evaluated at compile-time rather than runtime. They are backed by C++ types rather than TNode<X> types, so the macro functions that are called by generated C++ code expect values to be computed when the snapshot is generated rather than by TurboFan-generated code. Specifically, "if" statements can have a constexpr modifier. With this modifier, a type of "constexpr bool" is expected rather than "bool", and in that case instead of generating a CSA BranchIf, it generates a C++ "if (<bool expression>)" that generates code for only the true or false path based on the bool value at torque-execution (compile time) rather than generating both paths (including inserting phi nodes for variables modified on either branch at the re-merge at the end of the if) and dynamically dispatching to the true or false path during d8/Chrome/node.js execution (runtime) using a CSA BranchIf. Change-Id: I8238e25aaadbfc618847e04556e96a3949ea5a8d Reviewed-on: https://chromium-review.googlesource.com/1042085 Commit-Queue: Daniel Clifford <danno@chromium.org> Reviewed-by:
Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#53001}
-
Clemens Hammacher authored
First untrusted code mitigation in Liftoff: Mask memory accesses (loads and stores) by the mask stored in the WasmInstanceObject. R=titzer@chromium.org Bug: v8:6600, chromium:798964 Change-Id: Iddf577977451444b51c42fbc2ad34430832a9e71 Reviewed-on: https://chromium-review.googlesource.com/1044215Reviewed-by:
Ben Titzer <titzer@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#53000}
-
Vincent Belliard authored
Bug: v8:6600 Change-Id: I1bd2db402d6e97ab468dc24cd4d12bef6523d784 Reviewed-on: https://chromium-review.googlesource.com/1043091 Commit-Queue: Vincent Belliard <vincent.belliard@arm.com> Reviewed-by:
-
jgruber authored
This method is intended for use by code caching as follows: 1. The module is compiled (and perhaps instantiated). 2. The embedder fetches and stores the module's unbound script (i.e. the shared function info). 3. Module evaluation, maybe triggering lazy compilation. 4. Generated code for the module (which hangs off the shared function info) is inserted into the code cache. Subsequent module loads can load from the code cache prior to evaluation. Bug: v8:7685 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I80018cd921ab1a18323906a548b249e19d9f9509 Reviewed-on: https://chromium-review.googlesource.com/1041745 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Georg Neis <neis@chromium.org> Reviewed-by:
-
Daniel Clifford authored
* Empty string literals (e.g. "" and '') were not recognized a strings. This is now fixed. * return statements without expressions (e.g. for functions with void return types) caused crashes. Change-Id: Ied60f9abffca457a0d85c9e01e3795839fe777c9 Reviewed-on: https://chromium-review.googlesource.com/1042310 Commit-Queue: Daniel Clifford <danno@chromium.org> Reviewed-by:
Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#52997}
-
Hannes Payer authored
Bug: chromium:800348, chromium:827627, chromium:839750 Change-Id: I112e20b83eb1937476ebb4f30cf5679113759c0c Reviewed-on: https://chromium-review.googlesource.com/1044195Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/master@{#52996}
-
Clemens Hammacher authored
On div and rem on ia32 and x64, we sometimes need to spill. If this spilling code happens inside of a branch, the cache state will reflect that the value was spilled, even though the actual spilling code might not have executed. R=titzer@chromium.org Bug: v8:6600, chromium:839800 Change-Id: I93b681a23119f903feb54235d6d44a7cbd5815fe Reviewed-on: https://chromium-review.googlesource.com/1044185Reviewed-by:
-
Clemens Hammacher authored
The {baseline_compilation_units_} and {tiering_compilation_units_} fields should only be accessed if the {mutex_} is held. Also, the number of compilation units is already taken care of inside of {RestartBackgroundTasks}, so no need to explicitly pass it. R=ahaas@chromium.org Change-Id: I8f36ed141b587ee1bea41291545f39546d8cf24e Reviewed-on: https://chromium-review.googlesource.com/1044213Reviewed-by:Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#52994}
-
Clemens Hammacher authored
Since address is a uintptr_t, there is no need to implement a specific hasher. R=mstarzinger@chromium.org Bug: v8:7570 Change-Id: I47e652929ef201e742224541d9df4360444e3ba8 Reviewed-on: https://chromium-review.googlesource.com/1044209Reviewed-by:
-
Benoît Lizé authored
ExternalString::kShortSize is not the same as i::kShortSize, caused incorrect reporting for code stats for two byte strings. Bug: chromium:837659 Change-Id: Icbb39f2103aa4fa72bd5b1258cb8e1d4aee10441 Reviewed-on: https://chromium-review.googlesource.com/1044212Reviewed-by:
-
Clemens Hammacher authored
macros.h already not only defines macros, but also templatized helpers like {bit_cast} and {arraysize}. Thus {implicit_cast} also belongs there. R=tebbi@chromium.org Bug: v8:7570 Change-Id: Iaea6075dad359d62498453575f22d73ca84e2323 Reviewed-on: https://chromium-review.googlesource.com/1042401 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: -
Ben L. Titzer authored
This CL factors the parts of the JSGraph that only depend on the machine part of JSGraph into a separate base class, MachineGraph. This helps separate the two layers and also allows the MachineGraph to be constructed without an Isolate, which is needed for fully asynchronous compilation, a goal for WASM. R=mstarzinger@chromium.org CC=jarin@chromium.org, mvstanton@chromium.org BUG=v8:7721 Change-Id: Ie8bc3de40159332645dcb3cadcee581e1bf9830a Reviewed-on: https://chromium-review.googlesource.com/1043746Reviewed-by:
-
Clemens Hammacher authored
Add binop tests for div and rem of i32 and i64. The test is extended to handle traps, and to check that the value of local variables is not affected by the operation. R=titzer@chromium.org Bug: v8:6600, chromium:839800 Change-Id: I1a4cbc40bd399666d9831d021afb96e0c53a9f64 Reviewed-on: https://chromium-review.googlesource.com/1044166Reviewed-by:
-
Michael Achenbach authored
Bug: chromium:830557 Change-Id: I99bfa92f46a03782232e6949dd437afb5a3f6c26 Reviewed-on: https://chromium-review.googlesource.com/1043866Reviewed-by:
Sergiy Byelozyorov <sergiyb@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#52988}
-
Clemens Hammacher authored
In order to get more test coverage (also on ClusterFuzz), stage Liftoff and tier up behind --future. R=hablich@chromium.org CC=titzer@chromium.org Bug: v8:6600 Change-Id: I718e17957b26f60aa4c002333035f693344806e0 Reviewed-on: https://chromium-review.googlesource.com/1042385Reviewed-by:
Michael Hablich <hablich@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#52987}
-
Wez authored
The Promoted* prefix was used to refer both to the total number of old generation objects, and to the delta of objects moved from the new to old generations. PromotedTotalSize() is also renamed, to reflect the actual calculation it performs Bug: chromium:837583 Change-Id: Id27a0661618257ef64eb469a83bb49c0e8ce6923 Reviewed-on: https://chromium-review.googlesource.com/1042314 Commit-Queue: Wez <wez@chromium.org> Reviewed-by:
-
Michael Starzinger authored
This is a reland of a0c57368 Original change's description: > [wasm] Maintain link from Instance to Module. > > This moves the link from a {WasmInstanceObject} to its corresponding > {WasmModuleObject} into the right place and also makes it strong. This > ensures that an instance always keeps the underlying module alive and > hence removes the situation of an "orphaned instance". > > R=clemensh@chromium.org > > Change-Id: Id59f6a49740af8ef0248679c3d2c696bb9776944 > Reviewed-on: https://chromium-review.googlesource.com/1041691 > Reviewed-by: Clemens Hammacher <clemensh@chromium.org> > Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#52942} Change-Id: I9854400bfc1d22bd258f17118fcb7460cdc3acd5 Reviewed-on: https://chromium-review.googlesource.com/1043786Reviewed-by:
-
Daniel Clifford authored
- In debug builds, 'assert(<expr>)' evaluates and aborts execution if the provided Torque expression is false at runtime. assert(<expr>) supports the same set of expressions protocols as Toruqe's if statement, i.e. both bool values and BranchIf- style tests. Upon failure, the assertion prints the Torque source code of the failed expression, not the generated CSA code. - 'unreachable' calls CSA's Unreachable() and signals to Torque that code execution cannot continue (i.e. its statement returns the 'never' type). In debug builds, the line number and position of the statement are printed before breaking. - 'debug' calls CSA's DebugBreak(). In debug builds, the line number and position of the 'debug' are printed before breaking. Change-Id: I4efd052536bb402c097a0d5f7be56e154b5b3676 Reviewed-on: https://chromium-review.googlesource.com/1042570 Commit-Queue: Daniel Clifford <danno@chromium.org> Reviewed-by:
-
Toon Verwaest authored
Instead rely on the scope info containing the name as well. Change-Id: Ie1f96ea023a793b11209510566f6831b1dfd40ab Reviewed-on: https://chromium-review.googlesource.com/1042567 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by:
-
Miran.Karic authored
The CL fixes the mips port in the CL [debug] introduced runtime side effect check (7a2c3713), that caused several test failures. BUG= Change-Id: Ia1b45fd57d7b77c912562c97f7fc6bf2aa378fe2 Reviewed-on: https://chromium-review.googlesource.com/1030193Reviewed-by:
Ivica Bogosavljevic <ivica.bogosavljevic@mips.com> Commit-Queue: Miran Karić <miran.karic@mips.com> Cr-Commit-Position: refs/heads/master@{#52982}
-
Toon Verwaest authored
Bug: v8:7066 Change-Id: Icfcb40b2048997c158fba5f3e250145bed4ca1e3 Reviewed-on: https://chromium-review.googlesource.com/1042386 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by:
-
Wez authored
Change-Id: I58f3eb9259822650a3b31010213e3df030821be2 Reviewed-on: https://chromium-review.googlesource.com/1042187Reviewed-by:
-
Michael Starzinger authored
This makes sure that allocations of {HeapNumber} objects happening in the JS-to-Wasm and Wasm-to-JS wrappers are ordered with respect to changes of the {trap_handler::IsThreadInWasm} predicate. Otherwise the compiler can (and will) move the allocations across changes of this predicate and cause safety checks to fire. R=clemensh@chromium.org Change-Id: I5366ec0c184929fbd5b60c827d9908fb6ca1d91a Reviewed-on: https://chromium-review.googlesource.com/1042399 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: -
Clemens Hammacher authored
The grow_memory opcode basically just executes a runtime call, but needs to check a condition first, and convert to and from Smi. R=titzer@chromium.org Bug: v8:6600 Change-Id: If7d62a8bb0ca6d02bd47ef6048cc65da502b002b Reviewed-on: https://chromium-review.googlesource.com/1042185 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by:
-
Clemens Hammacher authored
On arm64, we had {RegisterBase::bit} (defined in assembler.h) and {CPURegister::bit} (defined in assembler-arm.h). {CPURegister} inherits from {RegisterBase}. The two methods methods have different behaviour on the special {no_reg}, which is only relied on in very few places. This CL fixes these places to avoid the use of {no_reg}, and removes the overwritten method. R=mstarzinger@chromium.org CC=rodolph.perfetta@arm.com Change-Id: I859cc0d4ffc48fae018ee262f3e5403774db87a8 Reviewed-on: https://chromium-review.googlesource.com/1042188Reviewed-by:Rodolph Perfetta <rodolph.perfetta%arm.com@gtempaccount.com> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#52977}
-
Erik Luo authored
Side effect free whitelist now - supports 'typeof' when it performs Load operations - runtime checks for Array.p.splice Bug: v8:7588 Change-Id: I45bcd705f8d3f2d2ee61f018566439bf56d1bcbc Reviewed-on: https://chromium-review.googlesource.com/1037926Reviewed-by:
-
