- 22 Dec, 2015 16 commits
-
-
yangguo authored
R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/1541143002 Cr-Commit-Position: refs/heads/master@{#33008}
-
cbruni authored
Creating proto-recursive proxies might lead to instanceof while-looping endlessly in Object::HasInPrototypeChain (For traps we already have stack guards in place to prevent stack overflows). We prevent this by limiting the number of proxies we visit in PrototypeIterator to a magic large number. LOG=n BUG=v8:1534 Review URL: https://codereview.chromium.org/1542583003 Cr-Commit-Position: refs/heads/master@{#33007}
-
bmeurer authored
The GlobalEval JavaScript function was just a small driver for stuff implemented in C++ anyway, so there's no point in having it around at all. The next step will be to move the Function constructor to C++ as well, which is the other user of %CompileString. R=yangguo@chromium.org BUG=chromium:535408 LOG=n Review URL: https://codereview.chromium.org/1540893004 Cr-Commit-Position: refs/heads/master@{#33006}
-
mythria authored
Consecutive registers are allocated in two passes. First we "reserve" a set of registers and these get allocated when we actually use them. If we request for a temporary register before we use all the consecutive registers, the earlier implementation does not gaurantee that it allocates outside the reservation for consecutive registers. This could cause problems for example, in call_func(a, b++, c). This cl fixes TemporaryRegisterScope::NewRegister, to return a new temporary register outside the reservation for consecutive registers. BUG=v8:4280 LOG=N Review URL: https://codereview.chromium.org/1531273002 Cr-Commit-Position: refs/heads/master@{#33005}
-
mythria authored
Adds implementation and tests for CreateMappedArguments and CreateUnmappedArguments to bytecode graph builder. BUG=v8:4280 LOG=N Review URL: https://codereview.chromium.org/1490283003 Cr-Commit-Position: refs/heads/master@{#33004}
-
littledan authored
Reland of [es6] ship regexp sticky flag. (patchset #1 id:1 of https://codereview.chromium.org/1531043002/ ) Reason for revert: This can be relanded since the web compatibility fix in https://codereview.chromium.org/1543723002 has been submitted. Original issue's description: > Revert of [es6] ship regexp sticky flag. (patchset #2 id:20001 of https://codereview.chromium.org/1509733010/ ) > > Reason for revert: > This causes compatibility issues, as documented in https://bugs.chromium.org/p/v8/issues/detail?id=4617#c9 > > Original issue's description: > > [es6] ship regexp sticky flag. > > > > R=littledan@chromium.org > > BUG=v8:4342 > > LOG=Y > > > > Committed: https://crrev.com/86c2dd4042dc9ce293e004234eb094f2b51d9640 > > Cr-Commit-Position: refs/heads/master@{#32826} > > TBR=yangguo@chromium.org > NOPRESUBMIT=true > NOTREECHECKS=true > NOTRY=true > BUG=v8:4342 TBR=yangguo@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:4342 Review URL: https://codereview.chromium.org/1546563002 Cr-Commit-Position: refs/heads/master@{#33003}
-
littledan authored
Reland of Add web compat workarounds for ES2015 RegExp semantics (patchset #3 id:40001 of https://codereview.chromium.org/1543723002/ ) Unexpectedly, websites depend on doing feature testing with RegExp.prototype.sticky and browser testing with RegExp.prototype.toString(). ES2015 newly throws exceptions for both of these. In order to enable shipping new ES2015 semantics, this patch puts in narrow workarounds for those two cases, keeping their old behavior. UseCounters are added for how often those particular cases come up, so we can see if it can be deprecated. This reland replaces problematic legacy const usage with var, to avoid issues with nosnap builds. R=yangguo CC=bmeurer BUG=v8:4637,v8:4617 LOG=Y CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel Review URL: https://codereview.chromium.org/1545633002 Cr-Commit-Position: refs/heads/master@{#33002}
-
cbruni authored
Revert of [proxies] Better print for proxies in d8 (patchset #6 id:100001 of https://codereview.chromium.org/1530293004/ ) Reason for revert: needs --allow-natives-syntax Original issue's description: > [proxies] Better print for proxies in d8 > > Function proxies would not be printed so far since they ended up in Function.prototype.toString which only works with Function as a receiver but no Proxy. Additionally added support for more gracefully dealing with recursive __proto__ structures introduced by proxies. > > BUG=v8:1543 > LOG=n > > Committed: https://crrev.com/8bfb7189a3472bc9d0820a1bd4534eaaf78ff847 > Cr-Commit-Position: refs/heads/master@{#32985} TBR=neis@chromium.org,yangguo@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:1543 Review URL: https://codereview.chromium.org/1543803002 Cr-Commit-Position: refs/heads/master@{#33001}
-
yangguo authored
R=caitpotter88@gmail.com, littledan@chromium.org BUG=v8:811 LOG=N Review URL: https://codereview.chromium.org/1533313002 Cr-Commit-Position: refs/heads/master@{#33000}
-
bmeurer authored
Revert of Add web compat workarounds for ES2015 RegExp semantics (patchset #3 id:40001 of https://codereview.chromium.org/1543723002/ ) Reason for revert: Breaks nosnap: http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap/builds/5883 Original issue's description: > Add web compat workarounds for ES2015 RegExp semantics > > Unexpectedly, websites depend on doing feature testing with > RegExp.prototype.sticky and browser testing with RegExp.prototype.toString(). > ES2015 newly throws exceptions for both of these. In order to enable shipping > new ES2015 semantics, this patch puts in narrow workarounds for those two > cases, keeping their old behavior. UseCounters are added for how often > those particular cases come up, so we can see if it can be deprecated. > > R=yangguo > BUG=v8:4637,v8:4617 > LOG=Y > CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel > > Committed: https://crrev.com/98f819c3e0c92d54a306cdacadda73cf96d21b52 > Cr-Commit-Position: refs/heads/master@{#32997} TBR=yangguo@google.com,yangguo@chromium.org,littledan@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:4637,v8:4617 Review URL: https://codereview.chromium.org/1546493003 Cr-Commit-Position: refs/heads/master@{#32999}
-
mtrofin authored
There was no use for the second temp vector, and the one we are using is scoped to certain methods, and that scope can be further restricted. I'm curious if there is really any value in having the temp vector instead of allocating a function-scoped local. Will verify that separately. Review URL: https://codereview.chromium.org/1533423003 Cr-Commit-Position: refs/heads/master@{#32998}
-
littledan authored
Unexpectedly, websites depend on doing feature testing with RegExp.prototype.sticky and browser testing with RegExp.prototype.toString(). ES2015 newly throws exceptions for both of these. In order to enable shipping new ES2015 semantics, this patch puts in narrow workarounds for those two cases, keeping their old behavior. UseCounters are added for how often those particular cases come up, so we can see if it can be deprecated. R=yangguo BUG=v8:4637,v8:4617 LOG=Y CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel Review URL: https://codereview.chromium.org/1543723002 Cr-Commit-Position: refs/heads/master@{#32997}
-
bmeurer authored
There's actually no point trying to do Function.prototype.toString in JavaScript, as it always calls into C++ at least once, so it only complicates things (esp. once we start optimizing bound functions). Drive-by-fix: Rename FunctionApply and FunctionCall builtins to also reflect the fact that these are builtins in the Function.prototype and not on Function itself. TBR=hpayer@chromium.org R=yangguo@chromium.org BUG=chromium:535408 LOG=n Review URL: https://codereview.chromium.org/1540953004 Cr-Commit-Position: refs/heads/master@{#32996}
-
v8-autoroll authored
Rolling v8/tools/clang to 693bc799b83f3a0bb2dc9b035a2ba3118398a582 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Review URL: https://codereview.chromium.org/1546553002 Cr-Commit-Position: refs/heads/master@{#32995}
-
littledan authored
Review URL: https://codereview.chromium.org/1539843003 Cr-Commit-Position: refs/heads/master@{#32994}
-
ofrobots authored
Context::GLOBAL_OBJECT_INDEX has been replaced by NATIVE_CONTEXT_INDEX in https://codereview.chromium.org/1480003002. Update the postmortem data generator to reflect this change. R=bmeurer@chromium.org,yangguo@chromium.org BUG= Review URL: https://codereview.chromium.org/1542753002 Cr-Commit-Position: refs/heads/master@{#32993}
-
- 21 Dec, 2015 12 commits
-
-
hablich authored
The Inbox problem got resolved so staging is ok. BUG=v8:3305 LOG=Y R=adamk@chromium.org, littledan@chromium.org,rossberg@chromium.org Review URL: https://codereview.chromium.org/1538243002 Cr-Commit-Position: refs/heads/master@{#32992}
-
caitpotter88 authored
BUG=v8:811, v8:4636 LOG=N R=adamk@chromium.org, yangguo@chromium.org Review URL: https://codereview.chromium.org/1544483002 Cr-Commit-Position: refs/heads/master@{#32991}
-
akos.palfi authored
The trunc_l_[s,d] instructions incorrectly returns success when the input is INT64_MAX. TEST=test-run-machops/RunTryTruncateFloat32ToInt64WithCheck,test-run-machops/RunTryTruncateFloat64ToInt64WithCheck BUG= Review URL: https://codereview.chromium.org/1542673002 Cr-Commit-Position: refs/heads/master@{#32990}
-
akos.palfi authored
Revert of MIPS64: Fix trunc_l_[s,d] in simulator. (patchset #1 id:1 of https://codereview.chromium.org/1539763003/ ) Reason for revert: Causes failures in r6 mode. Original issue's description: > MIPS64: Fix trunc_l_[s,d] in simulator. > > The trunc_l_[s,d] instructions incorrectly returns success when the input is INT64_MAX. > > TEST=test-run-machops/RunTryTruncateFloat32ToInt64WithCheck,test-run-machops/RunTryTruncateFloat64ToInt64WithCheck > BUG= > > Committed: https://crrev.com/53a0cc846661c65b4b1711f67642677d8da69119 > Cr-Commit-Position: refs/heads/master@{#32968} TBR=paul.lind@imgtec.com,balazs.kilvady@imgtec.com,ahaas@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG= Review URL: https://codereview.chromium.org/1543613002 Cr-Commit-Position: refs/heads/master@{#32989}
-
zhengxing.li authored
The CL #32908 (https://codereview.chromium.org/1526293002) updated the Float64 test data and cause the RunFloat64Add and RunFloat64Sub test cases failed. The reason is same as the CL #31808 (issue 1430943002, X87: Change the test case for X87 float operations), please refer: https://codereview.chromium.org/1430943002/ Here is the key comments from CL #31808 Some new test cases use CheckFloatEq(...) and CheckDoubleEq(...) function for result check. When GCC compiling the CheckFloatEq() and CheckDoubleEq() function, those inlined functions has different behavior comparing with GCC ia32 build and x87 build. The major difference is sse float register still has single precision rounding semantic. While X87 register has no such rounding precsion semantic when directly use register value. The V8 turbofan JITTed has exactly same result in both X87 and IA32 port. So we add the following sentence to do type case to keep the same precision for RunFloat64Add and RunFloat64Sub. Such as: volatile double expect = *i +/- *j; // *i +/- *j, etc. BUG= Review URL: https://codereview.chromium.org/1533593003 Cr-Commit-Position: refs/heads/master@{#32988}
-
yangguo authored
R=hablich@chromium.org BUG=v8:4545 LOG=N Review URL: https://codereview.chromium.org/1537273004 Cr-Commit-Position: refs/heads/master@{#32987}
-
oth authored
A pre-requisite for this change was changing the interpreter to use Runtime::ForInStep to bring the interpreter implementation closer to the turbofan implementation. Also required to flatten out the cache parameters into the interpreter frame for de-opt. BUG=v8:4280 LOG=N Review URL: https://codereview.chromium.org/1531693002 Cr-Commit-Position: refs/heads/master@{#32986}
-
cbruni authored
Function proxies would not be printed so far since they ended up in Function.prototype.toString which only works with Function as a receiver but no Proxy. Additionally added support for more gracefully dealing with recursive __proto__ structures introduced by proxies. BUG=v8:1543 LOG=n Review URL: https://codereview.chromium.org/1530293004 Cr-Commit-Position: refs/heads/master@{#32985}
-
ahaas authored
The new implementation detects if the input value is outside i32 range and traps it that case. The range check is done as follows: The input value is converted to int32 and then back to float. If the result is the same as the truncated input value, then the input value is within int32 range. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/1537393003 Cr-Commit-Position: refs/heads/master@{#32984}
-
ivica.bogosavljevic authored
After Cvt_d_uw macro, upper 32 bits of the output remain unitnitialized which caused flaky failures on some tests on MIPS32R6 TEST=cctest/test-assembler-mips/MIPS13,mjsunit/asm/int32-umod BUG= Review URL: https://codereview.chromium.org/1537973002 Cr-Commit-Position: refs/heads/master@{#32983}
-
ahaas authored
On ia32 the code which pushes parameters on the stack depends on the types of the parameters which are to be pushed. I provide this type information now by not only passing parameter nodes to EmitPrepareArguments, but also the index in the call descriptor which belongs to the parameter nodes. This type information will also be necessary if we want to use the PokePair instruction on arm64 again. R=bradnelson@chromium.org, bmeurer@chromium.org Review URL: https://codereview.chromium.org/1534593004 Cr-Commit-Position: refs/heads/master@{#32982}
-
zhengxing.li authored
port b10d24ff(r32971) original commit message: Adds support for generating deoptimization translations for interpreter stack frames, and building interpreter frames for these translations when a function deopts. Also adds builtins for InterpreterNotifyDeoptimized which resume the function's continuation at the correct point in the interpreter after deopt. MIPS patch contributed by balazs.kilvady@igmtec.com BUG= Review URL: https://codereview.chromium.org/1543433002 Cr-Commit-Position: refs/heads/master@{#32981}
-
- 20 Dec, 2015 1 commit
-
-
jochen authored
R=vogelheim@chromium.org BUG=none LOG=y Review URL: https://codereview.chromium.org/1526643002 Cr-Commit-Position: refs/heads/master@{#32980}
-
- 19 Dec, 2015 2 commits
-
-
v8-autoroll authored
Rolling v8/tools/clang to 0983acc03554d2e1be1eb3b37ec7905474f541dc TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Review URL: https://codereview.chromium.org/1533083005 Cr-Commit-Position: refs/heads/master@{#32979}
-
machenbach authored
Revert of [arm64] Improve some new builtins. (patchset #1 id:1 of https://codereview.chromium.org/1537903004/ ) Reason for revert: [Sheriff] Breaks arm64 nosnap debug: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20nosnap%20-%20debug/builds/753 Original issue's description: > [arm64] Improve some new builtins. > > - Simplify the variable-length pop sequence on entry. (It now uses > smaller code with no branches.) > - Use conditional compare to merge branches where appropriate. > - Make use of Ldrsw + UntagSmiFieldMemOperand to load smis more > efficiently. > - Only load 'undefined' and 'null' once per builtin. > - A few other small improvements. > > BUG= > > Committed: https://crrev.com/efc641a7be54978cd85a4dcdf1950cd97725917d > Cr-Commit-Position: refs/heads/master@{#32975} TBR=bmeurer@chromium.org,yangguo@chromium.org,jacob.bramley@arm.com NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG= Review URL: https://codereview.chromium.org/1539073002 Cr-Commit-Position: refs/heads/master@{#32978}
-
- 18 Dec, 2015 9 commits
-
-
mbrandy authored
Port b10d24ff Original commit message: Adds support for generating deoptimization translations for interpreter stack frames, and building interpreter frames for these translations when a function deopts. Also adds builtins for InterpreterNotifyDeoptimized which resume the function's continuation at the correct point in the interpreter after deopt. R=rmcilroy@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG=v8:4280 LOG=N Review URL: https://codereview.chromium.org/1541483002 Cr-Commit-Position: refs/heads/master@{#32977}
-
mbrandy authored
R=joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= Review URL: https://codereview.chromium.org/1538943003 Cr-Commit-Position: refs/heads/master@{#32976}
-
jacob.bramley authored
- Simplify the variable-length pop sequence on entry. (It now uses smaller code with no branches.) - Use conditional compare to merge branches where appropriate. - Make use of Ldrsw + UntagSmiFieldMemOperand to load smis more efficiently. - Only load 'undefined' and 'null' once per builtin. - A few other small improvements. BUG= Review URL: https://codereview.chromium.org/1537903004 Cr-Commit-Position: refs/heads/master@{#32975}
-
mbrandy authored
Port 5bd48324 Original commit message: Introduce a new Apply builtin that forms a correct and optimizable foundation for the Function.prototype.apply, Reflect.construct and Reflect.apply builtins (which properly does the PrepareForTailCall as required by the ES2015 spec). The new Apply builtin avoids going to the runtime if it is safe to just access the backing store elements of the argArray, i.e. if you pass a JSArray with no holes, or an unmapped, unmodified sloppy or strict arguments object. R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG=v8:4413, v8:4430 LOG=n Review URL: https://codereview.chromium.org/1533073003 Cr-Commit-Position: refs/heads/master@{#32974}
-
mbrandy authored
Port aafc3e54 Original commit message: The FIRST-LAST_NONCALLABLE_SPEC_OBJECT_TYPE range was accidentially used in field type tracking, where we should check for JSReceiver instead (there's no need to exclude JSProxy or JSFunction from tracking). And the use in %_ClassOf was actually wrong and didn't match the C++ implementation in JSReceiver::class_name() anymore. Now it's consistent again. R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG=chromium:535408 LOG=n Review URL: https://codereview.chromium.org/1537013002 Cr-Commit-Position: refs/heads/master@{#32973}
-
mbrandy authored
Port 0794c3c9 Original commit message: As required by the spec, the second return value now returns success also for the range between 0 and -1 where the conversion results in 0. R=ahaas@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= Review URL: https://codereview.chromium.org/1538893002 Cr-Commit-Position: refs/heads/master@{#32972}
-
rmcilroy authored
Adds support for generating deoptimization translations for interpreter stack frames, and building interpreter frames for these translations when a function deopts. Also adds builtins for InterpreterNotifyDeoptimized which resume the function's continuation at the correct point in the interpreter after deopt. MIPS patch contributed by balazs.kilvady@igmtec.com BUG=v8:4280 LOG=N TEST=test-deoptimization.cc with --ignition and --turbo Review URL: https://codereview.chromium.org/1528913003 Cr-Commit-Position: refs/heads/master@{#32971}
-
mlippautz authored
This CL prepare newspace evacuation for parallel execution wrt. to actual allocations. The priority for allocations is: * Try to allocate from LAB if objects are below kMaxLabObjectSize * Allocate directly (synchronized) from newspace for larger objects. * Fall back to old space allocation (which will be backed by a local compaction space in future). Semantical change: Previously we did fall back to regular new space promotion if we are OOM in old space. With this CL we fall back to new space promotion, which could fail because of fragmentation, again leading to an old space allocation that finally bails into OOM. Newspace evacuation is still single threaded and requires further changes to allocation site tracking. BUG=chromium:524425 LOG=N Review URL: https://codereview.chromium.org/1487853002 Cr-Commit-Position: refs/heads/master@{#32970}
-
dusan.m.milosavljevic authored
TEST=unittests/InstructionSelectorTest.CombineChangeFloat32ToInt32WithRoundFloat32, ChangeFloat64ToInt32OfChangeFloat32ToFloat64, TruncateFloat64ToFloat32OfChangeInt32ToFloat64 BUG= Review URL: https://codereview.chromium.org/1520503002 Cr-Commit-Position: refs/heads/master@{#32969}
-