- 29 Sep, 2017 18 commits
-
-
Marja Hölttä authored
We were unnecessarily storing everything as uint32_t, even though many items in the preparsed scope data can be stored as uint8_t. This CL also adds an (internal) API which abstracts away the actual data storing, so the backing store can be made even more efficient (e.g., use only 1-3 bytes for some uint32_t values, if they fit) without affecting other parts of the code. BUG=v8:5516,chromium:762492 Change-Id: I7cd4d91dc11f87f8aec9c7584044a6f2a59b73ba Reviewed-on: https://chromium-review.googlesource.com/684182 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#48231}
-
Predrag Rudic authored
Change-Id: Id2eef89f0eba3c59bcdb490e7d986b4b3af0ff9b Reviewed-on: https://chromium-review.googlesource.com/657677Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com> Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com> Cr-Commit-Position: refs/heads/master@{#48230}
-
Marja Hölttä authored
Verify that both UTF-8 decoders (incremental and non-incremental one) match the expectations. Also cleanup / harden the UTF-8 handling code, as suggested in https://chromium-review.googlesource.com/c/v8/v8/+/671020/ . BUG=chromium:765608 Change-Id: I6344d62ca15b75ac8e333421c94c4aa35ab8190d Reviewed-on: https://chromium-review.googlesource.com/681217 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#48229}
-
Ilija Pavlovic authored
Port for: https://chromium-review.googlesource.com/c/v8/v8/+/684017 TEST=cctest/test-run-wasm-64/RunWasmCompiled_Regression_6858 BUG= Change-Id: Ib9640853ea15d73967683c1315e6b54b5b6cc3be Reviewed-on: https://chromium-review.googlesource.com/689794 Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com> Reviewed-by: Ivica Bogosavljevic <ivica.bogosavljevic@imgtec.com> Cr-Commit-Position: refs/heads/master@{#48228}
-
Ulan Degenbaev authored
Bug: chromium:694255 Change-Id: Ie596e02207f13762dbfa77e4fe65950913302b47 Reviewed-on: https://chromium-review.googlesource.com/690075Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#48227}
-
Michael Achenbach authored
Bug: chromium:645094 Change-Id: I04a7f6a4073a6a5c81546863d6f1f371fc74e65d Reviewed-on: https://chromium-review.googlesource.com/691836 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#48226}
-
Daniel Clifford authored
Change-Id: I9eec3c31cdf1441d3187e5d882ca4b88e7b698e7 Reviewed-on: https://chromium-review.googlesource.com/691726Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Daniel Clifford <danno@chromium.org> Cr-Commit-Position: refs/heads/master@{#48225}
-
Ulan Degenbaev authored
in marking worklist. Bug: chromium:769173 Change-Id: I4b3ce27d37bec19ec5cc342b4d26a2a45af34b5f Reviewed-on: https://chromium-review.googlesource.com/691728Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#48224}
-
Clemens Hammacher authored
We had dangling pointers by storing a raw pointer and then discarding the unique_ptr holding it alive, and we had lots of redundant information there. This CL refactors the interface to take a format string and a variable number of argument. R=titzer@chromium.org Change-Id: I8eb6ccd19d307e2477c97a3e5e7f537b5671a891 Reviewed-on: https://chromium-review.googlesource.com/690196 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#48223}
-
Toon Verwaest authored
Bug: Change-Id: I58ce9a0f42dfa81c8e8affa2377c5cc0d08a35e2 Reviewed-on: https://chromium-review.googlesource.com/691714 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#48222}
-
Michael Achenbach authored
This is a reland of a0d2ffb6 This also relands: https://chromium-review.googlesource.com/c/v8/v8/+/684215 Original change's description: > [build] Switch windows default compilation to MSVS 2017 > > Bug: v8:6857 > Change-Id: Icab007681753c6f8143147ea8b2c1b06bf325d92 > Reviewed-on: https://chromium-review.googlesource.com/686900 > Commit-Queue: Michael Achenbach <machenbach@chromium.org> > Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> > Cr-Commit-Position: refs/heads/master@{#48196} TBR=sergiyb@chromium.org Bug: v8:6857 Change-Id: I7e8f560dbb4fcf4f937f8494fb01c802201cf236 Reviewed-on: https://chromium-review.googlesource.com/691834Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#48221}
-
Ross McIlroy authored
Removes script() from CompilationInfo since it might not be created when compiling from a background thread. BUG=v8:5203 Change-Id: Ic36fd04cf4792336707b2d3715d47c59b6a97faf Reviewed-on: https://chromium-review.googlesource.com/690299Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#48220}
-
Toon Verwaest authored
Bug: Change-Id: I644c9f8b9ab3bd4250809ee557ec34ee738f5244 Reviewed-on: https://chromium-review.googlesource.com/691654 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#48219}
-
Benedikt Meurer authored
When loading a known value from a JSArray with a copy-on-write backing store, we don't need to actually do a map check on the JSArray, but just check that the backing store didn't change in the meantime. R=jarin@chromium.org Bug: v8:6816, v8:6815 Change-Id: I6764f3b8af7d4c17b9f6d2396555b584eae08176 Reviewed-on: https://chromium-review.googlesource.com/691721Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#48218}
-
Michael Achenbach authored
This reverts commit c6c6cdb9. Reason for revert: Missed this: https://cs.chromium.org/chromium/src/v8/gypfiles/gyp_environment.py?q=gypfiles/gyp_environment&sq=package:chromium&l=13 Original change's description: > [build] Remove unused toolchain update script > > TBR=sergiyb@chromium.org > > Bug: v8:6857 > Change-Id: I2b02d3352e5b13b73ed74a76405e15c266593873 > Reviewed-on: https://chromium-review.googlesource.com/690079 > Commit-Queue: Michael Achenbach <machenbach@chromium.org> > Reviewed-by: Michael Achenbach <machenbach@chromium.org> > Cr-Commit-Position: refs/heads/master@{#48216} TBR=machenbach@chromium.org,sergiyb@chromium.org Change-Id: I255161b348ac2732cb350ebf8039050ca864f857 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:6857 Reviewed-on: https://chromium-review.googlesource.com/691835Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#48217}
-
Michael Achenbach authored
TBR=sergiyb@chromium.org Bug: v8:6857 Change-Id: I2b02d3352e5b13b73ed74a76405e15c266593873 Reviewed-on: https://chromium-review.googlesource.com/690079 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#48216}
-
Toon Verwaest authored
Bug: Change-Id: Ib888e52c7ad98e3b7419a3a5b4eabbe07f37d796 Reviewed-on: https://chromium-review.googlesource.com/691656Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#48215}
-
Toon Verwaest authored
Bug: Change-Id: I0cc16f129dc4bd49abd04b8f6fa22102dab61c9b Reviewed-on: https://chromium-review.googlesource.com/691655Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#48214}
-
- 28 Sep, 2017 21 commits
-
-
Mostyn Bramley-Moore authored
TBR=jkummerow@chromium.org Bug: chromium:746958 Change-Id: I7500b6206c4ceb087672de5b61b7e7ad234bb425 Reviewed-on: https://chromium-review.googlesource.com/690397 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#48213}
-
Mostyn Bramley-Moore authored
Formerly known as Opera TV. Change-Id: If141d86e744f3ea9dc9605f6d2b35fc78d291a69 Reviewed-on: https://chromium-review.googlesource.com/683175Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Mostyn Bramley-Moore <mostynb@vewd.com> Cr-Commit-Position: refs/heads/master@{#48212}
-
Mircea Trofin authored
Merge better captures the upcoming usecase in the wasm native heap, where allocating/freeing is moving the accounting of memory from a free list to an allocated list and vice-versa - making 'Release' an odd API when allocating. Bug: Change-Id: I9010959c91a1e8585eb06303ab06078132a03f60 Reviewed-on: https://chromium-review.googlesource.com/688004Reviewed-by: Eric Holk <eholk@chromium.org> Commit-Queue: Mircea Trofin <mtrofin@chromium.org> Cr-Commit-Position: refs/heads/master@{#48211}
-
Clemens Hammacher authored
This reverts commit e1cdda25. Reason for revert: Fails 'constructor-inlining' on GC-Stress bot: https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/15270 Original change's description: > [turbofan] eagerly prune None types and deadness from the graph > > In addition to using the {Dead} node to prune dead control nodes and nodes that > depend on them, we introduce a {DeadValue} node representing an impossible value > that can occur at any position in the graph. The extended {DeadCodeElimination} > prunes {DeadValue} and its uses, inserting a crashing {Unreachable} node into > the effect chain when possible. The remaining uses of {DeadValue} are handled > in {EffectControlLinearizer}, where we always have access to the effect chain. > In addition to explicitly introduced {DeadValue} nodes, we consider any value use > of a node with type {None} as dead. > > Bug: chromium:741225 > Change-Id: Icc4b636d1d018c452ba1a2fa7cd3e00e522f1655 > Reviewed-on: https://chromium-review.googlesource.com/641250 > Commit-Queue: Tobias Tebbi <tebbi@chromium.org> > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Cr-Commit-Position: refs/heads/master@{#48208} TBR=jarin@chromium.org,tebbi@chromium.org Change-Id: I9c175d47e2ee4b11a36ed90421202f2354610398 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:741225 Reviewed-on: https://chromium-review.googlesource.com/690080Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#48210}
-
Enrico Bacis authored
The WasmContext struct introduced in this CL is used to store the mem_size and mem_start address of the wasm memory. These variables can be accessed at C++ level at graph build time (e.g., initialized during instance building). When the GrowMemory runtime is invoked, the context variables can be changed in the WasmContext at C++ level so that the generated code will load the correct values. This requires to insert a relocatable pointer only in the JSToWasmWrapper (and in the other wasm entry points), the value is then passed from function to function as an automatically added additional parameter. The WasmContext is then dropped when creating an Interpreter Entry or when invoking a JavaScript function. This removes the need of patching the generated code at runtime (i.e., when the memory grows) with respect to WASM_MEMORY_REFERENCE and WASM_MEMORY_SIZE_REFERENCE. However, we still need to patch the code at instance build time to patch the JSToWasmWrappers; in fact the address of the WasmContext is not known during compilation, but only when the instance is built. The WasmContext address is passed as the first parameter. This has the advantage of not having to move the WasmContext around if the function does not use many registers. This CL also changes the wasm calling convention so that the first parameter register is different from the return value register. The WasmContext is attached to every WasmMemoryObject, to share the same context with multiple instances sharing the same memory. Moreover, the nodes representing the WasmContext variables are cached in the SSA environment, similarly to other local variables that might change during execution. The nodes are created when initializing the SSA environment and refreshed every time a grow_memory or a function call happens, so that we are sure that they always represent the correct mem_size and mem_start variables. This CL also removes the WasmMemorySize runtime (since it's now possible to directly retrieve mem_size from the context) and simplifies the GrowMemory runtime (since every instance now has a memory_object). R=ahaas@chromium.org,clemensh@chromium.org CC=gdeepti@chromium.org Change-Id: I3f058e641284f5a1bbbfc35a64c88da6ff08e240 Reviewed-on: https://chromium-review.googlesource.com/671008 Commit-Queue: Enrico Bacis <enricobacis@google.com> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#48209}
-
Tobias Tebbi authored
In addition to using the {Dead} node to prune dead control nodes and nodes that depend on them, we introduce a {DeadValue} node representing an impossible value that can occur at any position in the graph. The extended {DeadCodeElimination} prunes {DeadValue} and its uses, inserting a crashing {Unreachable} node into the effect chain when possible. The remaining uses of {DeadValue} are handled in {EffectControlLinearizer}, where we always have access to the effect chain. In addition to explicitly introduced {DeadValue} nodes, we consider any value use of a node with type {None} as dead. Bug: chromium:741225 Change-Id: Icc4b636d1d018c452ba1a2fa7cd3e00e522f1655 Reviewed-on: https://chromium-review.googlesource.com/641250 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#48208}
-
Toon Verwaest authored
Bug: Change-Id: I41d3f3086f5e90a1a1579c18eca59b5d098f637f Reviewed-on: https://chromium-review.googlesource.com/690374 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#48207}
-
Yang Guo authored
R=hablich@chromium.org Bug: chromium:646005 Change-Id: I425111cb393d0119fa18fbe14bc32d5e7560b181 Reviewed-on: https://chromium-review.googlesource.com/667157 Commit-Queue: Michael Hablich <hablich@chromium.org> Reviewed-by: Michael Hablich <hablich@chromium.org> Cr-Commit-Position: refs/heads/master@{#48206}
-
Martyn Capewell authored
Pair some stack ops so that they deal with an even numbers of registers, add padding around profile entry calls, and delete some unused macro assembler code. Bug: v8:6644 Change-Id: I5a5529f04738ba2a2fdb1b0d4ee93c567a3c504e Reviewed-on: https://chromium-review.googlesource.com/686823Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Martyn Capewell <martyn.capewell@arm.com> Cr-Commit-Position: refs/heads/master@{#48205}
-
Ben L. Titzer authored
Note that this also makes it possible to move several classes into the module-compiler.cc file and inline their implementations. This also allows removing several uses of wasm-module.h from other places in V8 that include wasm-objects.h. R=yangguo@chromium.org,clemensh@chromium.org,ahaas@chromium.org Bug: Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I303ee2bb49dc53c951d377a1b65699c1e0e91da7 Reviewed-on: https://chromium-review.googlesource.com/687494Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#48204}
-
Marja Hölttä authored
For sorting out regressions. BUG=v8:5516 Change-Id: I117667346b5de33c1cadd250e4a0d4f2dc807227 Reviewed-on: https://chromium-review.googlesource.com/690077Reviewed-by: Michael Hablich <hablich@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#48203}
-
Michael Starzinger authored
R=rmcilroy@chromium.org Change-Id: Id568afef0d6ac68170faa33ad9ab4bba97d40ce9 Reviewed-on: https://chromium-review.googlesource.com/690294 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#48202}
-
Toon Verwaest authored
There are only very few custom compiled IC handlers left that go in there, and for each compiled handler we only have 1 cache hit on top25; maximally saving 60ms over 33s. Additionally we'll migrate the remaining handlers to data-driven handlers anyway. Let's try to remove this code. Bug: Change-Id: Ib874cc498015046a3ff67c83ea8b10b3c4eb7d0f Reviewed-on: https://chromium-review.googlesource.com/668409 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#48201}
-
Peter Marshall authored
ZoneList still used List as a base class, so this CL merges the two classes together. We also remove unused functions in List and ZoneList. We keep the inline header but move it to src/zone/zone-list-inl.h. The includes that use this header are still quite tangled, but we can fix that later. Bug: v8:6333 Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng Change-Id: Ia809813834b2328ff616623f8a843812a1eb42a7 Reviewed-on: https://chromium-review.googlesource.com/681658 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#48200}
-
Michael Achenbach authored
This reverts commit a0d2ffb6. Reason for revert: Breaks CI Original change's description: > [build] Switch windows default compilation to MSVS 2017 > > Bug: v8:6857 > Change-Id: Icab007681753c6f8143147ea8b2c1b06bf325d92 > Reviewed-on: https://chromium-review.googlesource.com/686900 > Commit-Queue: Michael Achenbach <machenbach@chromium.org> > Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> > Cr-Commit-Position: refs/heads/master@{#48196} TBR=machenbach@chromium.org,brucedawson@chromium.org,sergiyb@chromium.org Change-Id: I5c961c8c28c6213014cf61ad342984193a18498e No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:6857 Reviewed-on: https://chromium-review.googlesource.com/690034Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#48199}
-
Michael Starzinger authored
This is a reland of 9d3c4b4b Original change's description: > [turbofan] Implement lowering of {JSCreateClosure}. > > This adds support for inline allocation of {JSFunction} objects as part > of closures instantiation for {JSCreateClosure} nodes. The lowering is > limited to instantiation sites which have already seen more than one > previous instantiation, this avoids the need to increment the respective > counter. > > R=jarin@chromium.org > > Change-Id: I462c557453fe58bc5f09020a3d5ebdf11c2ea68b > Reviewed-on: https://chromium-review.googlesource.com/594287 > Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Cr-Commit-Position: refs/heads/master@{#48176} Change-Id: I3ec3880bea89798a34a3878e6122b95db1014151 Reviewed-on: https://chromium-review.googlesource.com/686834Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#48198}
-
Peter Marshall authored
The members of HandleScopeImplementer are copied with memcpy when the isolate is transferred to another thread. List contained some primitives which allowed us to manually free the backing store, which was needed in order to ensure that threads would not hold on to old pointers and use them later. With std::vector, we can't do that. Here we change the HandleScopeImplementer to instead use a custom structure DetachableVector, which contains a std::vector but allows manual detaching and freeing of the backing store. This allows us to maintain the old behavior. Bug: v8:6333 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I6361d161cdb19878ba19ed51d6ba2fae99e8cdc0 Reviewed-on: https://chromium-review.googlesource.com/660125Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#48197}
-
Michael Achenbach authored
Bug: v8:6857 Change-Id: Icab007681753c6f8143147ea8b2c1b06bf325d92 Reviewed-on: https://chromium-review.googlesource.com/686900 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#48196}
-
Toon Verwaest authored
Bug: Change-Id: I6894c097a994527b5e749527966c5de6c42d964b Reviewed-on: https://chromium-review.googlesource.com/668405 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#48195}
-
Yang Guo authored
Both flags are obsolete. R=cbruni@chromium.org Change-Id: I78f5980f2d0bd569b8e5f6e29539cf87293cab94 Reviewed-on: https://chromium-review.googlesource.com/684296Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#48194}
-
Jakob Kummerow authored
- The fallback path for "digit_mul" was missing shifts - RightTrim() could end up reading digit(-1) (i.e. the bit field) - Add SLOW_DCHECKs to digit()/set_digit() to catch any further invalid-index issues Bug: v8:6791 Change-Id: I901edfce90bb6ac11e74c3c3f577225f12bad177 Reviewed-on: https://chromium-review.googlesource.com/683796Reviewed-by: Daniel Ehrenberg <littledan@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#48193}
-
- 27 Sep, 2017 1 commit
-
-
Clemens Hammacher authored
Since code objects cannot grow larger than 2GB anyway, it's enough to store the instruction offset and landing pad offset as 32-bit values. This reduces the size of the ProtectedInstructionData struct by 50%. R=eholk@chromium.org Bug: v8:5277 Change-Id: I4d2e0dc76b8a853fb50d51d70d5ec4038ee594ac Reviewed-on: https://chromium-review.googlesource.com/686757 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Eric Holk <eholk@chromium.org> Cr-Commit-Position: refs/heads/master@{#48192}
-