- 08 Nov, 2017 27 commits
-
-
Andreas Rossberg authored
Function prologues created slots for callee-saved registers twice on all platforms. This didn't affect JS because it doesn't use callee-save, but would probably have badly broken exceptions raised in Wasm code because Isolate::UnwindAndFindHandler was restoring registers and SP incorrectly. It also broke the in-progress CL for on-stack multiple returns. No tests included with this fix, because currently it is almost impossible to test directly (according to mstarzinger). But it will be tested indirectly via the upcoming multi-return support. Change-Id: If763cafc03de0a912eca48d5e25e8edfc4552b24 Reviewed-on: https://chromium-review.googlesource.com/758374Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Andreas Rossberg <rossberg@chromium.org> Cr-Commit-Position: refs/heads/master@{#49233}
-
Georg Neis authored
Bug: v8:6791 Change-Id: I05c8be6ac880c5ab5451db24dd0ad57b74bde8ba Reviewed-on: https://chromium-review.googlesource.com/757137 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#49232}
-
Clemens Hammacher authored
For each single bug, the fuzzer might find many very similar inputs which trigger this bug. All of them are reported as individual bugs currently, which means lots of noise in bug reports and increased workload for the clusterfuzz sheriffs. After this change, all bugs of the same category ("compiles != validates", "interpreter != liftoff", ...) will be grouped together. This requires us to fix them soon after reporting, as they will hide all other bugs of the same category. R=ahaas@chromium.org CC=mmoroz@chromium.org Change-Id: Ie203eed0c7681e3450df977b10c0d9dbbc402d34 Reviewed-on: https://chromium-review.googlesource.com/758438Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#49231}
-
Mathias Bynens authored
Instead of disabling the entire RegExp Unicode property escape test suite, this patch explicitly lists the failing tests and only disables them. BUG=v8:4743 Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng Change-Id: If398eb4fcc8d9d96279dc5afb29489e699744d9f Reviewed-on: https://chromium-review.googlesource.com/758757 Commit-Queue: Mathias Bynens <mathias@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#49230}
-
Mathias Bynens authored
This patch adds support for Emoji_Component within Unicode property escapes in regular expressions. The Emoji_Component binary property was added in Emoji data v5 and is supported in ICU 60.1. An `#if` directive is used to prevent breaking Node.js until they update their ICU. BUG=v8:4743 Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng Change-Id: If1b49a4c175e88f1840ca5ef8d57829d6d8c3291 Reviewed-on: https://chromium-review.googlesource.com/758261Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Mathias Bynens <mathias@chromium.org> Cr-Commit-Position: refs/heads/master@{#49229}
-
Georg Neis authored
They have been meaning the same thing for a while now. R=jarin@chromium.org Bug: Change-Id: Ie5988e6429b795babfa1e1f79841a9f03b8362dc Reviewed-on: https://chromium-review.googlesource.com/758268 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#49228}
-
Ivica Bogosavljevic authored
Port https://chromium-review.googlesource.com/c/chromium/src/+/752143 to GYP Bug: Change-Id: Id6f3322282ef5992b1e93dcab16d573a6b394a4d Reviewed-on: https://chromium-review.googlesource.com/758243Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Ivica Bogosavljevic <ivica.bogosavljevic@mips.com> Cr-Commit-Position: refs/heads/master@{#49227}
-
Mostyn Bramley-Moore authored
Arm64 jumbo builds might otherwise select the CountTrailingZeros function from utils-arm64.h as a closer match, and fail to build due to differences in the function prototype. Bug: chromium:782640 Change-Id: Ie26d71b34aaf0e3ae5020597fed506df83b7d0ea Reviewed-on: https://chromium-review.googlesource.com/758271Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Mostyn Bramley-Moore <mostynb@vewd.com> Cr-Commit-Position: refs/heads/master@{#49226}
-
Georg Neis authored
This is a cleanup. R=jarin@chromium.org Bug: Change-Id: I1621fde3f2a7da03ceca781b96d5ffec44eb8168 Reviewed-on: https://chromium-review.googlesource.com/758373Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#49225}
-
jgruber authored
There's three common situations in which we need to create JSFunction objects. 1) from the compiler, 2) from tests, and 3) everything else (mostly during bootstrapping). This is an attempt to simplify case 3), which previously relied on several Factory::NewFunction overloads where it was not clear how the semantics of each overload differed. This CL removes all but one overload, and packs arguments into a new NewFunctionArgs helper class. It also removes the hacks around SFI::set_lazy_deserialization_builtin_id by explicitly passing builtin_id into Factory::NewSharedFunctionInfo. Drive-by-fix: Properly set is_constructor hint in SimpleCreateSharedFunctionInfo. Bug: v8:6624 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: Ica94d95e72e443055db5e7ff9e8cdf4115201ef1 Reviewed-on: https://chromium-review.googlesource.com/757094 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#49224}
-
Michael Achenbach authored
NOTRY=true TBR=sergiyb@chromium.org Bug: chromium:782226 Change-Id: I7a059f3227e062df720a36cd47db94154caf40b5 Reviewed-on: https://chromium-review.googlesource.com/758264Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#49223}
-
jgruber authored
Flip this for a day or two to gather perf bot results & stability issues. Results will be collected in https://crbug.com/782637. TBR=hablich@chromium.org Bug: v8:6624, chromium:782637 Change-Id: I70eb5d6287d4723f935715ef80d9ba129dc282f0 Reviewed-on: https://chromium-review.googlesource.com/758375Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#49222}
-
Clemens Hammacher authored
The C_WASM_ENTRY only calls wasm code, so (outgoing) parameters of this code are always untagged. R=ahaas@chromium.org Bug: v8:7049 Change-Id: I989908eea668bd56aa88f3f1744105d218584ef1 Reviewed-on: https://chromium-review.googlesource.com/758245 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#49221}
-
jgruber authored
Add support for interpreter bytecode handlers that are deserialized lazily immediately before they are first used. Design doc: http://goo.gl/QxZBL2 Bug: v8:6624 Change-Id: Id68844ed14e76ca781b0bfe42c25a94b4fed1ae5 Reviewed-on: https://chromium-review.googlesource.com/750982 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Mythri Alle <mythria@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#49220}
-
Peter Marshall authored
We explicitly serialize the backing store when we see the TypedArray. We then put the reference in the external_pointer. To recalculate the backing_store pointer during deserialization, we have to keep track of each TypedArray and then fix up the pointer by adding the offset again. Bug: v8:6966 Change-Id: I105d44413cffe5766c23c2a3d32ca2b78b5f22e8 Reviewed-on: https://chromium-review.googlesource.com/751269Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#49219}
-
Hannes Payer authored
[heap] Use area_size() when changing the memory protection mode of the allocation area in a MemoryChunk. Bug: chromium:774108,v8:6792 Change-Id: I6cd280c2c6f159719bea523d1bcf11c290e594f6 Reviewed-on: https://chromium-review.googlesource.com/758359Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/master@{#49218}
-
Georg Neis authored
R=jarin@chromium.org Bug: Change-Id: I9adf207491a146459d676342c0b7bdf0c399e440 Reviewed-on: https://chromium-review.googlesource.com/758260Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#49217}
-
Clemens Hammacher authored
We already have a helper method for generating a sequence of values. Reuse this instead of reimplementing the same thing two more times. R=ahaas@chromium.org CC=eholk@chromium.org Change-Id: Ifbbe1324173951156c1ec9bba84fd1aa4bcb2adb Reviewed-on: https://chromium-review.googlesource.com/758365Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#49216}
-
Michael Achenbach authored
NOTRY=true TBR=clemensh@chromium.org Bug: v8:7049 Change-Id: I08db96d92a14cb048c2287b6c73b150eeb0fe864 Reviewed-on: https://chromium-review.googlesource.com/758367Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#49215}
-
Clemens Hammacher authored
The FixedArray holding the export wrappers is never being used before creating the WasmCompiledModule, so there is no need to store it in a field on the WasmCompilationJob. Just create it when creating the WasmCompiledModule. R=ahaas@chromium.org CC=mtrofin@chromium.org Change-Id: Ibdca3d5c58faf4b52df10560bdf2734fdd7a4656 Reviewed-on: https://chromium-review.googlesource.com/758242Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#49214}
-
jgruber authored
The regexp fast path in MaybeCallFunctionAtSymbol had an issue in which we'd call ToString after checking that the given {object} was a fast regexp and deciding to take the fast path. This is invalid since ToString() can call into user-controlled JS and may mutate {object}. There's no way to place the ToString call correctly in this instance: 1 before BranchIfFastRegExp, it's a spec violation if we end up on the slow regexp path; 2 the problem with the current location is already described above; 3 and we can't place it into the fast-path regexp builtin (e.g. RegExpReplace) either due to the same reasons as 1. The solution in this CL is to restrict the fast path to string arguments only, i.e. cases where ToString would be a nop and can safely be skipped. Bug: chromium:782145 Change-Id: Ifd35b3a9a6cf2e77c96cb860a8ec98eaec35aa85 Reviewed-on: https://chromium-review.googlesource.com/758257 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#49213}
-
Michael Stanton authored
This reverts commit ba76ad68. Reason for revert: Broke GCStress on arm64 port...investigating Original change's description: > [Turbofan] Introduce AllocateRaw node > > In order to simplify and verify the TurboFan graph, we > need to wire allocations into the control chain after > effect control linearization. > > Bug: v8:7002 > Change-Id: I4c5956c8d16773d721482d46a0b407bee01a9597 > Reviewed-on: https://chromium-review.googlesource.com/738139 > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Commit-Queue: Michael Stanton <mvstanton@chromium.org> > Cr-Commit-Position: refs/heads/master@{#49209} TBR=mvstanton@chromium.org,jarin@chromium.org Change-Id: I98669fdff1b960912d6eaad239776262f7bf8c67 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:7002 Reviewed-on: https://chromium-review.googlesource.com/758396Reviewed-by: Michael Stanton <mvstanton@chromium.org> Commit-Queue: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#49212}
-
Mike Stanton authored
Bug: v8:1956 Change-Id: I8e35ab6614dbf98facb6c9053fa5c50d4afeda42 Reviewed-on: https://chromium-review.googlesource.com/729019 Commit-Queue: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#49211}
-
Franziska Hinkelmann authored
Use !== instead of !=. Bug: Change-Id: I3f8127d54b80973f9ea7bb6ddf25afd928cb3045 Reviewed-on: https://chromium-review.googlesource.com/753733Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Franziska Hinkelmann <franzih@chromium.org> Cr-Commit-Position: refs/heads/master@{#49210}
-
Mike Stanton authored
In order to simplify and verify the TurboFan graph, we need to wire allocations into the control chain after effect control linearization. Bug: v8:7002 Change-Id: I4c5956c8d16773d721482d46a0b407bee01a9597 Reviewed-on: https://chromium-review.googlesource.com/738139Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#49209}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/b5d1311..6501469 Rolling v8/buildtools: https://chromium.googlesource.com/chromium/buildtools/+log/df36429..73ddd64 Rolling v8/third_party/icu: https://chromium.googlesource.com/chromium/deps/icu/+log/4b5a724..b318966 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: I0555f3a72800ea5892b870dc44061048b953fbf4 Reviewed-on: https://chromium-review.googlesource.com/758218Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#49208}
-
Sathya Gunasekaran authored
Creates a new initializer function to instantiate instance class fields in a base class. An initializer function (similar to the one created for static fields) is created during class declaration and assigned to a synthetic context allocated variable. This function is loaded from the variable during instantiation (when the constructor is run) and run. Bug: v8:5367 Change-Id: Ie11c2183b3001234ae41d7bcc2cb9b02c0764ab5 Reviewed-on: https://chromium-review.googlesource.com/754445 Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#49207}
-
- 07 Nov, 2017 13 commits
-
-
Jungshik Shin authored
Update the expected result for intl/number-format/format-currency to match the output of ICU 60/CLDR 32. Disable the test while ICU is rolled to ICU 60.1. This will be enabled once v8 picks up the ICU roll to 60.1. Bug: chromium:766816 Test: intl/numbuer-format/* Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng Change-Id: Id6ffe149e9105ca050c6398d484437e1c88c2794 Reviewed-on: https://chromium-review.googlesource.com/756643Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Jungshik Shin <jshin@chromium.org> Cr-Commit-Position: refs/heads/master@{#49206}
-
Junliang Yan authored
gcc 5.4.0 doesn't support atomic_##type Bug: Change-Id: I31d112097b6236299caf86bfc7a34888cbe65e39 Reviewed-on: https://chromium-review.googlesource.com/757178Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#49205}
-
Mircea Trofin authored
This is in preparation for wasm on the native heap. All the aforementioned API needs is the address where the JIT-ed code starts. This refactoring reduces the dependency of the API to just that. Bug: v8:6876 Change-Id: I00bbb171398f581db41b8a74ab719e8ea4db52c4 Reviewed-on: https://chromium-review.googlesource.com/755624Reviewed-by: Ben Titzer <titzer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Mircea Trofin <mtrofin@chromium.org> Cr-Commit-Position: refs/heads/master@{#49204}
-
Toon Verwaest authored
Thanks Igor and Jakob for the hard work to migrate ICs to data-driven handlers! This is done as of this CL. Bug: v8:5561 Change-Id: Icf1ddf0065e3aa85ac7efe4b99f74821ce3c0ac2 Reviewed-on: https://chromium-review.googlesource.com/756842 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#49203}
-
Eric Holk authored
Change-Id: Ib9bbcc22afbfc4d143e0eb65b1399f118bbc1e36 Reviewed-on: https://chromium-review.googlesource.com/754334 Commit-Queue: Eric Holk <eholk@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#49202}
-
Michael Achenbach authored
NOTRY=true TBR=sergiyb@chromium.org Bug: chromium:726584 Change-Id: I09777db325b5bc9d44200d528f00452619b60638 Reviewed-on: https://chromium-review.googlesource.com/757359Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Abhishek Arya <inferno@chromium.org> Cr-Commit-Position: refs/heads/master@{#49201}
-
Sathya Gunasekaran authored
We no longer need the kAlreadyVisitedSlot because we can just check for undefined in the kPromiseSlot to know if the clsoure was already fulfilled. This means we save one word per context per promise resolving closure. Bug: v8:7037 Change-Id: Ib8f0fb445d2e143714d57fe644ba6d7a3f04c1f7 Reviewed-on: https://chromium-review.googlesource.com/756176Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#49200}
-
Michael Achenbach authored
NOTRY=true TBR=sergiyb@chromium.org Bug: chromium:772816 Change-Id: I68cd583444531bfac2984794512a86e6880f57d5 Reviewed-on: https://chromium-review.googlesource.com/757396Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#49199}
-
Mircea Trofin authored
The logic for wrapper compilation is the same in the sync and async cases. Moreover, when moving wasm off the GC heap, we'll initially skip serializing the wrappers, and regenerate them, using the same logic, at deserialization. Longer term, we intend to make the serialization format for wasm more resilient wrt V8 versioning, time at which this separation will continue playing a role: cross-v8 versions, wrappers will be recompiled (instead of deserialzied), while wasm code may just be deserialized. Bug: v8:6876 Change-Id: I8d9ba835e7c83bb8d1f47163f62396a6fa17661d Reviewed-on: https://chromium-review.googlesource.com/755542Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Mircea Trofin <mtrofin@chromium.org> Cr-Commit-Position: refs/heads/master@{#49198}
-
Sergiy Byelozyorov authored
R=machenbach@chromium.org Bug: chromium:781855 Change-Id: I919bd1340fa075819777ed685dbce88a0008d245 Reviewed-on: https://chromium-review.googlesource.com/756837 Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#49197}
-
Marja Hölttä authored
Valid prototype chain validity cells should have an initial value of "Map::kPrototypeChainValid", not zero (even though they're the same). Bug: Change-Id: I7d3df7d2e3382f20ed598b387612bb48428e0fa0 Reviewed-on: https://chromium-review.googlesource.com/757140Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#49196}
-
Michal Majewski authored
This is a reland of 34e3e7f9 Original change's description: > Introduce gc flag for fuzzing over compaction. > > Bug: v8:6972 > Change-Id: If1f4ee04ae00c6ae1e037bbb1ca758e952a8f843 > Reviewed-on: https://chromium-review.googlesource.com/738112 > Reviewed-by: Michael Achenbach <machenbach@chromium.org> > Reviewed-by: Hannes Payer <hpayer@chromium.org> > Commit-Queue: Michał Majewski <majeski@google.com> > Cr-Commit-Position: refs/heads/master@{#49191} Bug: v8:6972 Change-Id: I690a72a6d5da17c6f15449b2be4cbb681a67e60e Reviewed-on: https://chromium-review.googlesource.com/756894Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Commit-Queue: Michał Majewski <majeski@google.com> Cr-Commit-Position: refs/heads/master@{#49195}
-
Michael Achenbach authored
This accompanies infra change: https://chromium-review.googlesource.com/c/chromium/tools/build/+/757096 NOTRY=true NOTREECHECKS=true Bug: chromium:726584 Change-Id: Ifaac9eef4cac1700c3fd15819c4f638cc2dc9d8e Reviewed-on: https://chromium-review.googlesource.com/757100 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#49194}
-