- 26 Jan, 2017 13 commits
-
-
ahaas authored
First issue I found with my local fuzzing. R=titzer@chromium.org BUG=v8:5884 Review-Url: https://codereview.chromium.org/2656563003 Cr-Commit-Position: refs/heads/master@{#42683}
-
kozyatinskiy authored
With creation frame we can show additional information with description of each async stack trace, which could help user to understand where promises were chained. At least in case of Promise.resolve().then(foo1).then(foo2) we would be able to show following stack trace for break in foo2 callback: foo2 (test.js:14:2) -- Promise.resolve (test.js:29:14)-- -- Promise.resolve (test.js:28:14)-- promiseThen (test.js:30:2) More details: https://docs.google.com/document/d/1u19N45f1gSF7M39mGsycJEK3IPyJgIXCBnWyiPeuJFE BUG=v8:5738 R=dgozman@chromium.org,gsathya@chromium.org Review-Url: https://codereview.chromium.org/2648873002 Cr-Commit-Position: refs/heads/master@{#42682}
-
jgruber authored
Revert of [regexp] Create property on result for each named capture (patchset #9 id:160001 of https://codereview.chromium.org/2630233003/ ) Reason for revert: Some heap tests are broken leading to failures on nosnap builds: https://build.chromium.org/p/client.v8.ports/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20nosnap%20-%20debug/builds/3677 Reverting again until tests are fixed to keep bots green. Original issue's description: > [regexp] Store named captures on the regexp result > > This implements storing named captures on the regexp result object. > For instance, /(?<a>.)/u.exec("b") will return a result such that: > > result.group.a // "b" > > https://tc39.github.io/proposal-regexp-named-groups/ > > BUG=v8:5437 > > Review-Url: https://codereview.chromium.org/2630233003 > Cr-Original-Original-Commit-Position: refs/heads/master@{#42532} > Committed: https://chromium.googlesource.com/v8/v8/+/70000946eb2a9155679528702a766219a1fcf154 > Review-Url: https://codereview.chromium.org/2630233003 > Cr-Original-Commit-Position: refs/heads/master@{#42570} > Committed: https://chromium.googlesource.com/v8/v8/+/ee94fa11ed63477393c6534c352ebac6e502396c > Review-Url: https://codereview.chromium.org/2630233003 > Cr-Commit-Position: refs/heads/master@{#42676} > Committed: https://chromium.googlesource.com/v8/v8/+/8bf52534f6bf86821a1589dcbcb7335052c1f94f TBR=yangguo@chromium.org,littledan@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:5437 Review-Url: https://codereview.chromium.org/2654233002 Cr-Commit-Position: refs/heads/master@{#42681}
-
bmeurer authored
We turn a JSCallFunction node for f.apply(receiver, arguments) into a JSCallForwardVarargs node, when the arguments refers to the arguments of the outermost optimized code object, i.e. not an inlined arguments, and the apply method refers to Function.prototype.apply, and there's no other user of arguments except in frame states. We also replace the arguments node in the graph with a marker for the Deoptimizer similar to Crankshaft to make sure we don't materialize unused arguments just for the sake of deoptimization. We plan to replace this with a saner EscapeAnalysis based solution soon. R=jarin@chromium.org BUG=v8:5267,v8:5726 Review-Url: https://codereview.chromium.org/2655233002 Cr-Commit-Position: refs/heads/master@{#42680}
-
mstarzinger authored
This makes sure that the deoptimizer preserves the exact bit pattern of floating-point values (both 32-bit and 64-bit) up to the point where a potential {HeapNumber} is allocated. It in turn allows us to correctly recognize the {hole_nan_value} when stored into a {FixedDouleArray}. R=jarin@chromium.org TEST=mjsunit/regress/regress-crbug-684208 BUG=chromium:684208 Review-Url: https://codereview.chromium.org/2652303002 Cr-Commit-Position: refs/heads/master@{#42679}
-
bradnelson authored
Also show size when --trace-asm-time is on. BUG= R=mtrofin@chromium.org Review-Url: https://codereview.chromium.org/2658703003 Cr-Commit-Position: refs/heads/master@{#42678}
-
bradnelson authored
In practice, Emscripten seems to emit cond?+a:+b type return expressions. This is not allowed by the spec or errata, but we need to support it for compatibility. Similar patterns with ints / signed, do not seem to be supported. BUG=v8:5891 R=mtrofin@chromium.org,aseemgarg@chromium.org Review-Url: https://codereview.chromium.org/2648353010 Cr-Commit-Position: refs/heads/master@{#42677}
-
jgruber authored
This implements storing named captures on the regexp result object. For instance, /(?<a>.)/u.exec("b") will return a result such that: result.group.a // "b" https://tc39.github.io/proposal-regexp-named-groups/ BUG=v8:5437 Review-Url: https://codereview.chromium.org/2630233003 Cr-Original-Original-Commit-Position: refs/heads/master@{#42532} Committed: https://chromium.googlesource.com/v8/v8/+/70000946eb2a9155679528702a766219a1fcf154 Review-Url: https://codereview.chromium.org/2630233003 Cr-Original-Commit-Position: refs/heads/master@{#42570} Committed: https://chromium.googlesource.com/v8/v8/+/ee94fa11ed63477393c6534c352ebac6e502396c Review-Url: https://codereview.chromium.org/2630233003 Cr-Commit-Position: refs/heads/master@{#42676}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/24cce87..6f17189 Rolling v8/buildtools: https://chromium.googlesource.com/chromium/buildtools/+log/8e94621..a7cc7a3 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/68adbeb..017f4e5 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Review-Url: https://codereview.chromium.org/2651303002 Cr-Commit-Position: refs/heads/master@{#42675}
-
bbudge authored
- Adds Int16x8, Int8x16 types. - Adds neg, abs unary ops. - Adds add, sub, mul, and signed / unsigned min / max, comparison ops. LOG=N BUG=v8:4124 Review-Url: https://codereview.chromium.org/2638133002 Cr-Commit-Position: refs/heads/master@{#42674}
-
jing.bao authored
BUG= Review-Url: https://codereview.chromium.org/2652793004 Cr-Commit-Position: refs/heads/master@{#42673}
-
luoe authored
BUG=chromium:683335 CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_trusty_blink_rel Review-Url: https://codereview.chromium.org/2651153004 Cr-Commit-Position: refs/heads/master@{#42672}
-
gsathya authored
Changes output from CALL RUNTIME (context function) code = 0x3e9ea90a2049 at -1 to CALL RUNTIME async_function_promise_create code = 0x3e9ea90a2049 at -1 This makes the ast more useful. I didn't annotate all the runtime calls, only some for now. We can annotate others if necessary. Review-Url: https://codereview.chromium.org/2654113002 Cr-Commit-Position: refs/heads/master@{#42671}
-
- 25 Jan, 2017 27 commits
-
-
kozyatinskiy authored
This action was used by inspector for blackboxing and isn't needed with new blackboxing implementation inside V8. BUG=none R=yangguo@chromium.org,clemensh@chromium.org TBR=bmeurer@chromium.org Review-Url: https://codereview.chromium.org/2650943011 Cr-Commit-Position: refs/heads/master@{#42670}
-
jyan authored
List of items: 1. Avoid zero-extending for subsequent 32-bit operations if current operation does not change upper 32-bit or does zero-extending. 2. Match complex address mode for binary operation where possible (eg. use Add R,MEM). 3. Detect instruction forms in selector. Eg. kAllowRRR, kAllowRM 4. Optimize sequence for Int32MulWithOverflow, Int32Div, etc. 5. Remove Not32/Not64 which is the same as XOR R=bjaideep@ca.ibm.com, joransiu@ca.ibm.com BUG= Review-Url: https://codereview.chromium.org/2649113007 Cr-Commit-Position: refs/heads/master@{#42669}
-
kozyatinskiy authored
Current state and proposed changes for blackboxing: https://docs.google.com/document/d/1hnzaXPAN8_QC5ENxIgxgMNDbXLraM_OXT73rAyijTF8/edit?usp=sharing BUG=v8:5842,chromium:583193 R=yangguo@chromium.org,dgozman@chromium.org,alph@chromium.org Review-Url: https://codereview.chromium.org/2648353006 Cr-Commit-Position: refs/heads/master@{#42668}
-
rmcilroy authored
Enable enqueueing of eager inner function compilation onto the compiler dispatcher. This enables these tasks to be performed in parallel to compilation of the outer functio (only for Ignition functions). We currently synchronize to ensure all inner function compilations are complete before executing the outer function - future work will allow outer function execution to happenin parallel to inner function compilation. BUG=v8:5203,v8:5215 Review-Url: https://codereview.chromium.org/2611313002 Cr-Commit-Position: refs/heads/master@{#42667}
-
pfeldman authored
BUG=chromium:682521 Review-Url: https://codereview.chromium.org/2656613004 Cr-Commit-Position: refs/heads/master@{#42666}
-
Michael Achenbach authored
Cr-Commit-Position: refs/heads/master@{#42665}
-
Michael Achenbach authored
Cr-Commit-Position: refs/heads/master@{#42664}
-
jyan authored
R=bjaideep@ca.ibm.com, joransiu@ca.ibm.com BUG= Review-Url: https://codereview.chromium.org/2651673009 Cr-Commit-Position: refs/heads/master@{#42663}
-
leszeks authored
Because it was confusing seeing U8(negative value). Review-Url: https://codereview.chromium.org/2640273002 Cr-Commit-Position: refs/heads/master@{#42662}
-
jyan authored
BUG= Review-Url: https://codereview.chromium.org/2650813003 Cr-Commit-Position: refs/heads/master@{#42661}
-
caitp authored
Adds CSA::Print(const char* s), which generates a runtime call to Runtime::kGlobalPrint with a line-terminated ASCII string constant, and CSA::DebugPrint(const char* prefix, Node* tagged_value), which emits a runtime call to Runtime::kDebugPrint() with the tagged value, optionally prefixed by an ascii string constant. These simplify debugging TF builtins by providing a tool to easily observe the contents of values at arbitrary points in a program, without stepping endlessly through assembly in a debugger, and to easily observe the path taken through a TF builtin. These methods do not generate code in release builds. BUG=v8:5268 R=ishell@chromium.org, danno@chromium.org, bmeurer@chromium.org Review-Url: https://codereview.chromium.org/2651673003 Cr-Commit-Position: refs/heads/master@{#42660}
-
machenbach authored
Also tidy some JS style in the file. BUG=chromium:673246 NOTRY=true Review-Url: https://codereview.chromium.org/2650353004 Cr-Commit-Position: refs/heads/master@{#42659}
-
ahaas authored
R=titzer@chromium.org, clemensh@chromium.org Review-Url: https://codereview.chromium.org/2657443003 Cr-Commit-Position: refs/heads/master@{#42658}
-
petermarshall authored
We did not smi-check the spread argument here, meaning we tried to take the map of a smi, resulting in segfaults which clusterfuzz found. Also added tests that exercise this path. BUG=685086 Review-Url: https://codereview.chromium.org/2655013002 Cr-Commit-Position: refs/heads/master@{#42657}
-
marja authored
[parser]: Skipping inner funcs / initial implemetation of storing scope analysis data from preparsed scopes. The data produced at the moment only contains information about scope type + positions, and only the most trivial tests pass. Upcoming CLs will extend the data to contain information about variables (once PreParser can produce it) and add more test cases. BUG=v8:5516 Review-Url: https://codereview.chromium.org/2650703003 Cr-Commit-Position: refs/heads/master@{#42656}
-
titzer authored
R=rossberg@chromium.org BUG= Review-Url: https://codereview.chromium.org/2650053005 Cr-Commit-Position: refs/heads/master@{#42655}
-
clemensh authored
After decoding an invalid function name (e.g. OOB), we stored the parsed offset and length into the WasmFunction anyway, resulting in a runtime CHECK failure later on. This CL fixes this, and adds a regression test. R=titzer@chromium.org CC=mtrofin@chromium.org, bradnelson@chromium.org BUG=chromium:684858 Review-Url: https://codereview.chromium.org/2656713003 Cr-Commit-Position: refs/heads/master@{#42654}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/dbe38ca..24cce87 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/58fecbe..68adbeb TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Review-Url: https://codereview.chromium.org/2653123004 Cr-Commit-Position: refs/heads/master@{#42653}
-
mlippautz authored
BUG=v8:5887 Review-Url: https://codereview.chromium.org/2655533004 Cr-Commit-Position: refs/heads/master@{#42652}
-
titzer authored
R=rossberg@chromium.org BUG= Review-Url: https://codereview.chromium.org/2650073003 Cr-Commit-Position: refs/heads/master@{#42651}
-
rmcilroy authored
The default stack size of a background thread is 512KB on MacOSX. We default to 1MB stack checks when compiling JS code, so we need to increase this limit to enable compilation of JS code onto background threads. Corresponding Chromium CL is https://codereview.chromium.org/2640803002/ BUG=v8:5203 Review-Url: https://codereview.chromium.org/2653673007 Cr-Commit-Position: refs/heads/master@{#42650}
-
jgruber authored
It's a common pattern to create a Variable and immediately initialize it. This adds a new constructor to make that pattern more natural. BUG= Review-Url: https://codereview.chromium.org/2657533003 Cr-Commit-Position: refs/heads/master@{#42649}
-
mstarzinger authored
This fixes the checks of accumulator usage flags in the computation of the interpreter register liveness during bytecode analysis. The usage flags at hand are bit patterns as opposed to flat enum values. Use the safe accessors instead of plain comparison. R=jarin@chromium.org TEST=mjsunit/regress/regress-crbug-683581 BUG=chromium:683581 Review-Url: https://codereview.chromium.org/2651653005 Cr-Commit-Position: refs/heads/master@{#42648}
-
bmeurer authored
This adds support to constant-fold JSGetSuperConstructor(constructor) for constructors with stable maps, i.e. where we can add a stability dependency on the constructors map to get notified when the [[Prototype]] of constructor changes. R=petermarshall@chromium.org BUG=v8:5517 Review-Url: https://codereview.chromium.org/2652763010 Cr-Commit-Position: refs/heads/master@{#42647}
-
jgruber authored
This test checks that counters accurately reflect the allocated size. There's an edge case that can occur when, previously to the allocation, the page does not have enough space left to allocate the requested object - then we move on to a fresh page, fill the remaining space of the old page with a filler object, and allocate the requested object on the new page. The counters will show the size of the filler object plus the requested object size, while the test expects only the requested size. This CL fixes that case by performing two GCs to clear out new space. BUG= Review-Url: https://codereview.chromium.org/2652933002 Cr-Commit-Position: refs/heads/master@{#42646}
-
jgruber authored
BUG= Review-Url: https://codereview.chromium.org/2653693003 Cr-Commit-Position: refs/heads/master@{#42645}
-
kozyatinskiy authored
- kDebugPromiseCreated(task, parent_task) This event occurs when promise is created (PromiseHookType::Init). V8Debugger uses this event to maintain task -> parent task map. - kDebugEnqueueAsyncFunction(task) This event occurs when first internal promise for async function is created. V8Debugger collects stack trace at this point. - kDebugEnqueuePromiseResolve(task), This event occurs when Promise fulfills with resolved status. V8Debugger collects stack trace at this point. - kDebugEnqueuePromiseReject(task), This event occurs when Promise fulfills with rejected status. V8Debugger collects stack trace at this point. - kDebugPromiseCollected, This event occurs when Promise is collected and no other chained callbacks can be added. V8Debugger removes information about async task for this promise. - kDebugWillHandle, This event occurs when chained promise function (either resolve or reject handler) is called. V8Debugger installs parent promise's stack (based on task -> parent_task map) as current if available or current promise's scheduled stack otherwise. - kDebugDidHandle, This event occurs after chained promise function has finished. V8Debugger restores asynchronous call chain to previous one. With this change all instrumentation calls are related to current promise (before WillHandle and DidHandle were related to next async task). Before V8Debugger supported only the following: - asyncTaskScheduled(task1) - asyncTaskStarted(task1) - asyncTaskFinished(task1) Now V8Debugger supports the following: - asyncTaskScheduled(parent_task) .. - asyncTaskCreated(task, parent_task), - asyncTaskStarted(task), uses parent_task scheduled stack - asyncTaskScheduled(task) - asyncTaskFinished(task) Additionally: WillHandle and DidHandle were migrated to PromiseHook API. More details: https://docs.google.com/document/d/1u19N45f1gSF7M39mGsycJEK3IPyJgIXCBnWyiPeuJFE BUG=v8:5738 R=dgozman@chromium.org,gsathya@chromium.org,yangguo@chromium.org Review-Url: https://codereview.chromium.org/2650803003 Cr-Commit-Position: refs/heads/master@{#42644}
-