- 12 Feb, 2018 3 commits
-
-
Ross McIlroy authored
Moves generation of speculation poison to be based on the PC target vs the actual PC being executed. The speculation poison is generated in the prologue of the generated code if CompilationInfo::kGenerateSpeculationPoison is set. The result is stored in a known register, which can then be read using the SpeculationPoison machine node. Currently we need to ensure the SpeculationPoison node is scheduled right after the code prologue so that the poison register doesn't get clobbered. This is currently not verified, however it's only use is in RawMachineAssembler where it is manually scheduled early. The Ignition bytecode handlers are updated to use this speculation poison rather than one generated by comparing the target bytecode. BUG=chromium:798964 Change-Id: I2a3d0cfc694e88d7a8fe893282bd5082f693d5e2 Reviewed-on: https://chromium-review.googlesource.com/893160 Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#51229}
-
Sergiy Byelozyorov authored
R=mvstanton@chromium.org Bug: chromium:810410 Change-Id: I366c0cb3a8726a0d4e1072aa0332b2a9235b120b Reviewed-on: https://chromium-review.googlesource.com/912870Reviewed-by: Michael Stanton <mvstanton@chromium.org> Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#51228}
-
Sigurd Schneider authored
This fixes a bug which causes the call count to change when changing the speculation mode. Bug: v8:7127 Change-Id: Icb43bd9ac392a5be4df154cb1e5cd4365013efc4 Reviewed-on: https://chromium-review.googlesource.com/911575Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#51227}
-
- 10 Feb, 2018 3 commits
-
-
Yang Guo authored
R=ulan@chromium.org Bug: v8:7402 Change-Id: Ia9d79723ebf63d30528b0d8e639555d08be38531 Reviewed-on: https://chromium-review.googlesource.com/899063Reviewed-by: Alexei Filippov <alph@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#51226}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/c1972dd..792040c Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/e653c4b..c60b98d Rolling v8/third_party/instrumented_libraries: https://chromium.googlesource.com/chromium/src/third_party/instrumented_libraries/+log/b7578b4..b745ddc Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/7c6255f..a695c30 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: Ifa08a03d8102a15f608cf5dbea7910faf8b3169b Reviewed-on: https://chromium-review.googlesource.com/912537Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#51225}
-
Adam Klein authored
d8's fragile path manipulation code requires that backslashes are replaced with slashes before further processing. NormalizePath() is the function that does this, and it's called in almost all the required cases. But because of Clusterfuzz runs tests with an absolute URL on the commandline, there was one case that slipped through. This patch closes that gap. No test added since this only reproduces under Clusterfuzz, not in running mjsunit tests. Bug: chromium:784012 Change-Id: Ie699e93ff1acb79edfe25ce59d576e9f7bd8c022 Reviewed-on: https://chromium-review.googlesource.com/912325Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#51224}
-
- 09 Feb, 2018 31 commits
-
-
Ben L. Titzer authored
This is a purely cosmetic change. Rename all local variables and parameters of type CallDescriptor* to "call_descriptor". For locals that are now named "call_descriptor", use auto upon initialization, following the Google style guide (https://google.github.io/styleguide/cppguide.html#auto). Note: fields in structs and classes were not renamed in this CL. R=clemensh@chromium.org,mstarzinger@chromium.org,jarin@chromium.org Change-Id: Ic6f7afdba12f7b97741b098a9d0e0f58c41c587e Reviewed-on: https://chromium-review.googlesource.com/909866 Commit-Queue: Ben Titzer <titzer@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#51223}
-
Benedikt Meurer authored
Extend the current OOB support for typed arrays to also handle the negative integer indices in the fast-path. This is safe because in ECMAScript we never look up integer indexed properties (including negative indices) on typed arrays in the prototype chain. This reduces the performance cliff shown in the benchmark on the relevant bug from console.timeEnd: Runtime deopt, 596.185000 console.timeEnd: Runtime deopt, 1444.289000 console.timeEnd: Runtime deopt, 1445.191000 console.timeEnd: Runtime deopt, 1443.008000 to console.timeEnd: Runtime deopt, 590.017000 console.timeEnd: Runtime deopt, 784.899000 console.timeEnd: Runtime deopt, 792.428000 console.timeEnd: Runtime deopt, 786.740000 which corresponds to a 2x improvement overall. It's not for free, especially not in this benchmark, but the cliff isn't as bad as it was previously. Bug: v8:7027 Change-Id: Icf8a7ee87bb7ebc54f82c1b9166fc5e78c12bc0e Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Reviewed-on: https://chromium-review.googlesource.com/911574Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#51222}
-
Michael Starzinger authored
R=clemensh@chromium.org Change-Id: Icfe73151ddc0d6a8afaed89004614e1a7c4e9416 Reviewed-on: https://chromium-review.googlesource.com/909531 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#51221}
-
Sergiy Byelozyorov authored
TBR=sergiyb@chromium.org No-Try: true Bug: chromium:793687 Change-Id: Ie9f808ca28ab6ceaa3cff88a7e257cd466e67c64 Reviewed-on: https://chromium-review.googlesource.com/911795 Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#51220}
-
Michael Starzinger authored
This refactors the instruction cache simulation to now be maintained process-wide (as opposed to be per Isolate). It prepares for allowing to share code between Isolates (e.g. WebAssembly or shared builtins) while still allowing to simulate execution of such shared code. R=clemensh@chromium.org Change-Id: I5a6f083f4e32597565dc646f13b4445014c0daaa Reviewed-on: https://chromium-review.googlesource.com/909130Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#51219}
-
Junliang Yan authored
Port d629d901 R=jarin@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: I92fbddb9d55ac3d0410bf83d479746e6c7f61ecc Reviewed-on: https://chromium-review.googlesource.com/909703Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#51218}
-
Tobias Tebbi authored
This avoids the ambiguous implicit conversion C++ compile errors we had to fix with static_cast before. Change-Id: I4247f617740f2b6d14d9588a902e0e25029a6726 Reviewed-on: https://chromium-review.googlesource.com/911629Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#51217}
-
Ivica Bogosavljevic authored
Change-Id: I9cc0cc5ffe9175132634bea87cfc24cc5439e592 Reviewed-on: https://chromium-review.googlesource.com/911389Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com> Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com> Cr-Commit-Position: refs/heads/master@{#51216}
-
Michael Achenbach authored
This ports the MB script from Chromium until revision: https://crrev.com/66958462e684149bcb220000868e8247096e435b The main difference is the removed gyp support. This reapplies V8-side changes from: https://crrev.com/41d9e8571419acd3547c9810c55c5516cc4dee79 https://crrev.com/1cd6fd9ff8e88bffa7cbec7131b85ff086dc128c Bug: chromium:772804 Change-Id: I530e01df0c2343e961519ac27b1e58a01bb63743 Reviewed-on: https://chromium-review.googlesource.com/911073Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#51215}
-
Clemens Hammacher authored
Add support for retrieving i64 parameters and returning them from a liftoff function. R=ahaas@chromium.org Bug: v8:6600 Change-Id: I407b6e3cde6967bacc59d8c3a54e0d5798164d18 Reviewed-on: https://chromium-review.googlesource.com/909215 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#51214}
-
Choongwoo Han authored
We don't need to generate TypedArraySpeciesCreate code for each type case because TypedArraySpeciesCreate also handles each case, so it generates duplicated codes. Thus, create a result object once before switching to each type case. Also, replace ToNumber with ToNumber_Inline. This CL saves about 8000 bytes of generated code size. Change-Id: I014535b0ef4b3d2a50a37cdc2b6cb4e83f6c2f17 Reviewed-on: https://chromium-review.googlesource.com/910755Reviewed-by: Peter Marshall <petermarshall@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#51213}
-
Ivica Bogosavljevic authored
Fix 8238562b Requirement that the address is stored kJavaScriptCallCodeStartRegister caused failures on MIPSR6, because of R6 optimization which doesn't load the address in kJavaScriptCallCodeStartRegister. Change-Id: If05d8bfe8601288b10fc65cca77664fe9638bbe9 Reviewed-on: https://chromium-review.googlesource.com/910851Reviewed-by: Miran Karić <miran.karic@mips.com> Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com> Cr-Commit-Position: refs/heads/master@{#51212}
-
Andreas Haas authored
When streaming compilation for WebAssembly gets aborted, we reject the promise associated with the compilation. However, in some circumstances, e.g. when streaming comilation gets aborted because the browser tab gets refreshed, then we want to omit rejecting the promise. In an older CL (https://crrev.com/c/876103) we omit rejecting the promise when the exception value is null. With this CL the exception value is a MaybeLocal so that we document properly that the value can be null. In addition, I added documentation to say that in that case we do not reject the promise. R=adamk@chromium.org Bug: chromium:803838 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I6a093e61c8ec63f7ae385a7f77ae6178e7b34a06 Reviewed-on: https://chromium-review.googlesource.com/897647Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#51211}
-
Clemens Hammacher authored
This allows to emit the best opcode for the register move. The type is available at all call sites anyway. R=ahaas@chromium.org Bug: v8:6600 Change-Id: I8516deff4d8a5480cea9df37cfc003fb9c668e8c Reviewed-on: https://chromium-review.googlesource.com/910910Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#51210}
-
Michael Achenbach authored
The suppression flag must be set before loading the tests to have an effect. This got turned around in https://crrev.com/c/899366 and is fixed again by this CL. TBR=sergiyb@chromium.org NOTRY=true Bug: v8:6917 Change-Id: Ie58465288a0d6eec9a99a23d610710de9e1cdddd Reviewed-on: https://chromium-review.googlesource.com/911114Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#51209}
-
Dan Elphick authored
This removes the Javascript version of Array.from in js/array.js and adds a CodeStubAssembler version in src/builtins/builtins-array-gen.cc. Also modify IteratorBuiltinsAssembler to allow querying the existence of the iterator method without calling it so we can fall back to the array-like behavior. BUG=v8:1956 Change-Id: Ibfb3cef002d72d70bd30b4de676fd22becde006c Reviewed-on: https://chromium-review.googlesource.com/887066Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Cr-Commit-Position: refs/heads/master@{#51208}
-
Clemens Hammacher authored
Add support for i64 loads and stores. R=ahaas@chromium.org Bug: v8:6600 Change-Id: I494fb466f702c8b89b96f7ded6d1cf09ec6991fb Reviewed-on: https://chromium-review.googlesource.com/902046 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#51207}
-
jgruber authored
Since we naively build the JS source code through concatenation, we need to ensure the regexp literal does not end up being interpreted as a multiline comment: const re = /*/; Bug: v8:6741,chromium:808418 Change-Id: Id52fbd2d62c14fc634d05fa1b0192ab86cc9e4fc Reviewed-on: https://chromium-review.googlesource.com/905667Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#51206}
-
Yang Guo authored
R=machenbach@chromium.org NOTREECHECKS=true NOTRY=true Bug: chromium:807986 Change-Id: Iffcd9fb943c59e218e70c61491efcadce5a7497c Reviewed-on: https://chromium-review.googlesource.com/911049 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#51205}
-
Clemens Hammacher authored
This new variant is executed on a small number of bots as part of the "extra" suite. It checks that the wasm-jit-to-native flag can still be disabled if unexpected failures pop up on a release branch. R=machenbach@chromium.org Bug: v8:7417 Change-Id: I1658cb2f04302fa80915b59bfedd85d980742db5 Reviewed-on: https://chromium-review.googlesource.com/909213Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#51204}
-
Benedikt Meurer authored
As part of https://chromium-review.googlesource.com/902283 I changed the JSCreateClosure lowering to respect the pretenure flag on the operator, but that tanks some benchmarks heavily, as the Parser marks closures like args[l] = function(...) { ... } for old-space allocation, which backfires for short-living closures. Bug: v8:7253, chromium:810132 Change-Id: I66f048553d9f2a70b2691537e726128f3fb01563 Reviewed-on: https://chromium-review.googlesource.com/910849Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#51203}
-
Michael Achenbach authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/3ba6ca6..c1972dd Rolling v8/third_party/android_tools: https://chromium.googlesource.com/android_tools/+log/c9f9bbf..9a70d48 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/b4a4bed..e653c4b Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/357315f..7c6255f This also ports https://crrev.com/c/907673 for adjusting V8's DEPS file to the sysroot changes rolling in v8/build. TBR=yangguo@chromium.org Bug: chromium:807986 Change-Id: If55378330ae8797798abe1a98a858a0f57cf7fbe Reviewed-on: https://chromium-review.googlesource.com/910193Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#51202}
-
Kim-Anh Tran authored
Added counter to correctly reflect the number of non-compiled functions. Added usages of variables used only for tracing or debug to avoid compiler warnings. R=clemensh@chromium.org Change-Id: I4c8d9c0f43bf23250b4702e43592cd64046d28c7 Reviewed-on: https://chromium-review.googlesource.com/907890 Commit-Queue: Kim-Anh Tran <kimanh@google.com> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#51201}
-
Clemens Hammacher authored
This CL fixes several unrelated failures with --no-wasm-jit-to-native. A follow-up CL will then add a new test variant with that flag. R=ahaas@chromium.org Bug: v8:7417 Change-Id: I40a7be53a50d0efbbec8de49aceeb4a43a1f41de Reviewed-on: https://chromium-review.googlesource.com/909212Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#51200}
-
Yang Guo authored
R=franzih@chromium.org Bug: v8:7335 Change-Id: Icd4624b119f573640bd34b19db1f6c1b7e035f8d Reviewed-on: https://chromium-review.googlesource.com/910930Reviewed-by: Franziska Hinkelmann <franzih@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#51199}
-
Ivica Bogosavljevic authored
Fix 876f37c3 Wrong instruction use causes around 600 failures on MIPS64 bots Change-Id: I66bd9689c5e5b5e9bf40a0e7063dbbcfed04fcf7 Reviewed-on: https://chromium-review.googlesource.com/908465Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com> Cr-Commit-Position: refs/heads/master@{#51198}
-
Michael Achenbach authored
TBR=cbruni@chromium.org NOTRY=true Bug: v8:7429 Change-Id: Id30d462792f062e8c1b21f622b949e5b7aa52907 Reviewed-on: https://chromium-review.googlesource.com/910889Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#51197}
-
Clemens Hammacher authored
The return type of {CallFPImpl} differs between declaration and definition (int32_t vs intptr_t). Even though our bots seem to be fine with this, I got a compile error on mac. R=mstarzinger@chromium.org Change-Id: I4fb26cbe712c090d08dfcd2614a7af78de09e448 Reviewed-on: https://chromium-review.googlesource.com/909428Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#51196}
-
Sergiy Byelozyorov authored
TBR=sergiyb@chromium.org No-Try: true Bug: chromium:616879 Change-Id: Id733f67781acade86007cd65b20b7108857764b5 Reviewed-on: https://chromium-review.googlesource.com/910508 Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#51195}
-
Sergiy Byelozyorov authored
TBR=sergiyb@chromium.org No-Try: true Bug: chromium:616879 Change-Id: Ied48d94830b452a9bbde80858e7c130bfb671b01 Reviewed-on: https://chromium-review.googlesource.com/910368Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#51194}
-
Sergiy Byelozyorov authored
TBR=sergiyb@chromium.org No-Try: true Bug: chromium:616879 Change-Id: I5611f37c8c9d55a9b3ac316cf7d1ef8d4a1b2e2a Reviewed-on: https://chromium-review.googlesource.com/910288 Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#51193}
-
- 08 Feb, 2018 3 commits
-
-
Adam Klein authored
Change-Id: I75111d30d9e31605fd78c55e3103af8834178cd7 Reviewed-on: https://chromium-review.googlesource.com/909963Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#51192}
-
Alexey Kozyatinskiy authored
We used to calculate hash in completely incorrect way. We use each forth character to calculate hash but we should use each one. R=dgozman@chromium.org Bug: v8:7426 Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel Change-Id: Iaaa317bbf3b3ef71632735dfd069db450283b6f4 Reviewed-on: https://chromium-review.googlesource.com/909586 Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Reviewed-by: Dmitry Gozman <dgozman@chromium.org> Cr-Commit-Position: refs/heads/master@{#51191}
-
Wez authored
Bug: chromium:809201 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I060ae3a88c3a3731bfdbb9e6d5cdf8600ec8b832 Reviewed-on: https://chromium-review.googlesource.com/903421Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Wez <wez@chromium.org> Cr-Commit-Position: refs/heads/master@{#51190}
-