- 31 Aug, 2018 15 commits
-
-
Alexey Kozyatinskiy authored
GetIdentityHashHelper function can return hash from GlobalDictionary, but SetHashAndUpdateProperties crashes on DCHECK on attempt to set this hash (it works when DCHECKs are disabled because SetHash is defined on base class for NameDictionary and GlobalDictionary). R=yangguo@chromium.org Bug: none Change-Id: I740fa6a3232f7db8e4396b9a5e4664b8ab81969a Reviewed-on: https://chromium-review.googlesource.com/1198765Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Cr-Commit-Position: refs/heads/master@{#55551}
-
Alexey Kozyatinskiy authored
DebugEvaluate contains code since 2009 that bypasses JSGlobalProxy and returns JSGlobalObject when result of expression is global proxy. This behavior may be dangerous: - JSGlobalObject does not perform security checks, - some parts of V8 code do not ready for JSGlobalObject, e.g., SetHashAndUpdateProperties function will crash on DCHECK if we will try to store JSGlobalObject to map. At the same time it looks like there is no any valid use case for it. R=yangguo@chromium.org Bug: none Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;master.tryserver.blink:linux_trusty_blink_rel Change-Id: Ib0e35d5ae9ef47318c866e44c5c6856e34ed05a5 Reviewed-on: https://chromium-review.googlesource.com/1198764Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Cr-Commit-Position: refs/heads/master@{#55550}
-
Michael Achenbach authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/dd6b994..9f16b23 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/bc2c0a9..d0d714d Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/2d0e03c..5cc2afd TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: I292ecb01b67446d985dc7070f9f7c453395e7981 Reviewed-on: https://chromium-review.googlesource.com/1192237 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#55549}
-
Mike Stanton authored
Change-Id: Ibfddd236dbe8b6a205a457aea1cb9eb00b0a3572 Reviewed-on: https://chromium-review.googlesource.com/1199403Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#55548}
-
Benedikt Meurer authored
As noticed by jkummerow@ there's probably not really a point in keeping two separate runtime functions that perform the same operation, but one has a different fast-path (which is not available to the other). So %KeyedGetProperty is now effectively %GetProperty and used consistently as fallback from both the ICs as well as other callers like the GetProperty builtin. Bug: v8:8015 Change-Id: Ib46b13da739229e2eb820ecf87923ac99c6971d3 Reviewed-on: https://chromium-review.googlesource.com/1199105 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#55547}
-
Simon Zünd authored
This CL fixes an issue where getters/setters would get called on a prototype with the wrong receiver. This happens in the pre-processing for Array.p.sort when values get copied down from the prototype chain. R=jgruber@chromium.org Bug: v8:7682 Change-Id: I0d8ff1dc721c33bd721aaca54ffd357b3d2a2096 Reviewed-on: https://chromium-review.googlesource.com/1198767Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Simon Zünd <szuend@google.com> Cr-Commit-Position: refs/heads/master@{#55546}
-
Camillo Bruni authored
Bug: v8:7717, chromium:879304 Change-Id: I524a9cf45f6a69efe0445b4ffaddfffc85c5560d Reviewed-on: https://chromium-review.googlesource.com/1199282 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#55545}
-
Georg Neis authored
This reverts commit 1c48d52b. Reason for revert: Clusterfuzz found something. Original change's description: > [interpreter] Add bytecode for leading array spreads. > > This CL improves the performance of creating [...a, b] or [...a]. > If the array literal has a leading spread, this CL emits the bytecode > [CreateArrayFromIterable] to create the literal. CreateArrayFromIterable > is implemented by [IterableToListDefault] builtin to create the initial > array for the leading spread. IterableToListDefault has a fast path to > clone efficiently if the spread is an actual array. > > The bytecode generated is now shorter. Bytecode generation is refactored > into to BuildCreateArrayLiteral, which allows VisitCallSuper to benefit > from this optimization also. > For now, turbofan also lowers the bytecode to the builtin. > > The idiomatic use of [...a] to clone the array a now performs better > than a simple for-loop, but still does not match the performance of slice. > > Bug: v8:7980 > > Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng > Change-Id: Ibde659c82d3c7aa1b1777a3d2f6426ac8cc15e35 > Reviewed-on: https://chromium-review.googlesource.com/1181024 > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Reviewed-by: Sigurd Schneider <sigurds@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Commit-Queue: Georg Neis <neis@chromium.org> > Commit-Queue: Hai Dang <dhai@google.com> > Cr-Commit-Position: refs/heads/master@{#55520} TBR=rmcilroy@chromium.org,neis@chromium.org,sigurds@chromium.org,gsathya@chromium.org,jgruber@chromium.org,dhai@google.com Change-Id: I1c86ddcc24274da9f5a8dd3d8bf8d869cbb55cb6 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:7980 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Reviewed-on: https://chromium-review.googlesource.com/1199303Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#55544}
-
🎉 Mathias Bynens authoredProposal repository: https://github.com/tc39/proposal-global Intent to ship: https://groups.google.com/d/msg/v8-users/Vkoh0wXRwaM/Yt7MpzhkAgAJ Bug: v8:5537 Change-Id: I60a6c5375165d89548db12fef454a64137d04c27 Reviewed-on: https://chromium-review.googlesource.com/1195494Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Mathias Bynens <mathias@chromium.org> Cr-Commit-Position: refs/heads/master@{#55543}
-
Bret Sepulveda authored
If profiling is done with --log-source-code profview will now display a "View source" link for each function in the tree view. Clicking this will show a new source viewer, with sampled lines highlighted. See the associated bug for screenshots. This patch also fixes a bug in the profiler where the source info of only the first code object for each function would be logged, and includes some refactoring. Bug: v8:6240 Change-Id: Ib96a9cfc54543d0dc9bef4657cdeb96ce28b223c Reviewed-on: https://chromium-review.googlesource.com/1194231 Commit-Queue: Bret Sepulveda <bsep@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#55542}
-
Benedikt Meurer authored
The %GetPrototype runtime function is not used anymore. Also remove the cctests that were introduced to guard the Crankshaft optimizations for the %_GetPrototype intrinsic. Bug: v8:8015 Change-Id: I4b848f2c8d67209dae002d260a26867299d6b4a5 Reviewed-on: https://chromium-review.googlesource.com/1199106Reviewed-by: Peter Marshall <petermarshall@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#55541}
-
Benedikt Meurer authored
In the KeyedLoadICGeneric case the engine previously immediately fell back to the %KeyedGetProperty runtime function if the key was not a Name or a valid array index. This turns out to be really slow if a program passes for example objects as keys. Since we already have all the logic in place to convert an arbitrary JavaScript value to a Name, we can just call into ToName first and then operate on the result of that, which is significantly faster since C++ usually doesn't need to call back into JavaScript then to convert a JSReceiver into a Name. This also changes the ToName builtin to use the existing builtin for NonPrimitiveToPrimitive, which stays in JavaScript land completely. Since there's not really a point in inlining ToName into the call sites, the other uses were also changed to call the builtin instead, which saves some space and might also help with instruction cache utilization (especially when the ToName logic is more involved now). This improves the performance on the microbenchmark ```js const n = 1e7; const obj = {}; const key = [1,2]; const start = Date.now(); for (let i = 0; i < n; ++i) { if (obj[key] === undefined) obj[key] = key; } print(`time: ${Date.now() - start} ms.`); ``` by up to 36%. On the ARES-6 ML benchmark the steady state improves by up to ~7% and the overall mean for ARES-6 ML improves by up to ~6%. Further improvements might be possible here if the GetProperty builtin could be made faster for common prototype lookups like Symbol.toPrimitive and the "valueOf" and "toString" functions. Bug: v8:6344, v8:6670 Change-Id: Ic3ac2bc4d4277836ef03039de4eda5c5f66a85da Reviewed-on: https://chromium-review.googlesource.com/1199022 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#55540}
-
Benedikt Meurer authored
Teach the GetProperty builtin how to perform [[Get]] on JSProxy instances by calling into the dedicated ProxyGetProperty builtin that we already use for the LOAD_IC / KEYED_LOAD_IC. This is important when proxies are used in places were GetProperty builtin is used like for example as iterables in for..of loops or in spreads. On a simple micro-benchmark like the following ```js const proxy = new Proxy([1, 2, 3], { get(target, property) { return target[property]; } }); const TESTS = [ function testForOfProxy() { for (const x of proxy) {} }, function testSpreadProxy() { return [...proxy]; } ]; function test(fn) { var result; for (var i = 0; i < 1e6; ++i) result = fn(); return result; } test(x => x); for (var j = 0; j < TESTS.length; ++j) test(TESTS[j]); for (var j = 0; j < TESTS.length; ++j) { var startTime = Date.now(); test(TESTS[j]); print(TESTS[j].name + ':', (Date.now() - startTime), 'ms.'); } ``` improves from around testForOfProxy: 1672.6 ms. testSpreadProxy: 1956.6 ms. to testForOfProxy: 408.4 ms. testSpreadProxy: 530.8 ms. on average, which corresponds to a 4-5x performance improvement, even for small arrays. On the ARES-6 Air benchmark this completely eliminates all calls to the %GetProperty runtime function, and thereby improves the steady state mean by 2-3%. Bug: v8:6344, v8:6557, v8:6559 Change-Id: Ifebdaff8f3ae5899a33ce408ecd54655247f3a02 Reviewed-on: https://chromium-review.googlesource.com/1199023Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#55539}
-
Jao-ke Chin-Lee authored
chromeos_daisy_chromium_compile_only_ng has been deleted and was removed from Buildbucket in https://chromium-review.googlesource.com/c/chromium/src/+/1195731 BUG=v8:8058 Change-Id: I42adaca73f0b04cf553e16f215f92ed2f5a7a010 Reviewed-on: https://chromium-review.googlesource.com/1198242Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#55538}
-
Frank Tang authored
The expectation is changed in https://chromium-review.googlesource.com/c/chromium/src/+/1196032 revert of https://chromium-review.googlesource.com/c/v8/v8/+/1188143 to reland https://chromium-review.googlesource.com/c/v8/v8/+/1185763 v8:7961 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng;luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux_blink_rel Change-Id: I461db83b377c31abda72f2ce9c4501fcdd3b2663 Reviewed-on: https://chromium-review.googlesource.com/1195539Reviewed-by: Jungshik Shin <jshin@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/master@{#55537}
-
- 30 Aug, 2018 25 commits
-
-
Adam Klein authored
Change-Id: I4b810b3684609f19cef3adf295ac104d00b9a4c3 Reviewed-on: https://chromium-review.googlesource.com/1194441Reviewed-by: Hannes Payer <hpayer@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#55536}
-
Bill Budge authored
- Cleans up existing code that tests for representations using a bitmask. - Bypass FP register allocation for sequences without FP vregs. Change-Id: I5ff32e80e0c33848ba83ee17f786b01e37821aa2 Reviewed-on: https://chromium-review.googlesource.com/1195528 Commit-Queue: Bill Budge <bbudge@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#55535}
-
Ben L. Titzer authored
This CL fixes a bug where the receiving instance was updated improperly in the dispatch table(s) of an imported table. BUG=chromium:875322 R=mstarzinger@chromium.org Change-Id: Ib5af238a0847bf332a12863523e897f59f137c1d Reviewed-on: https://chromium-review.googlesource.com/1196886Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#55534}
-
Adam Klein authored
Tbr: gsathya@chromium.org Change-Id: I293e5eb686e2ba92386efb908d3437b2afdd152d Reviewed-on: https://chromium-review.googlesource.com/1196683Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#55533}
-
Peter Marshall authored
We have an API (GetCodeRange) which gives the location of V8 code on the heap, but builtin code no longer lives on the heap. The upcoming work on the V8 stack unwinder requires the embedder to provide the code ranges for both the heap and builtins, so this API will be used there. Bug: v8:8116 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I15e900716e68256b9732be0ea1a5cda24878eccf Reviewed-on: https://chromium-review.googlesource.com/1196551Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#55532}
-
Igor Sheludko authored
This is a naive implementation of a class that manages regions allocation/deallocation inside given range of addresses. This code will be used in a follow-up CLs. Bug: v8:8096 Change-Id: I7bea7051a1525cc7f87ba34d67b85b274c5de18a Reviewed-on: https://chromium-review.googlesource.com/1127175Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#55531}
-
Benedikt Meurer authored
This addresses a TODO in JSTypedLowering and generally makes the more easier to follow since the methods deal only with one kind of Node now. Bug: v8:8015 Change-Id: I8c3521b8d630dbe272264dc01e9ab3a5b0a8f682 Reviewed-on: https://chromium-review.googlesource.com/1196883Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#55530}
-
Michael Lippautz authored
Revert "Reland "[heap] Attempt to incorporate backing store counters into heap sizing and GC trigger stragery."" This reverts commit eb164dbd. Revert "[d8] Fixed external gc test (limit multiplied by number of isolates)." This reverts commit 38cbc26a. Revert "[heap] Fixed typo in method name." This reverts commit 263174af. Bug: chromium:845409, chromium:879045 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I555bcff2ad04ae23368c7b3999a237083010f9c6 Reviewed-on: https://chromium-review.googlesource.com/1196550Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#55529}
-
Benedikt Meurer authored
This is a purely cosmetic change to make the Number constructor in the JSCallReducer easier to read. Bug: v8:7904, v8:8015 Change-Id: Id3248dcf9c4e8111bb4f0418bfa6993630df74bb Reviewed-on: https://chromium-review.googlesource.com/1196432Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#55528}
-
Simon Zünd authored
This CL removes a regression test that was intended to check that the maximum call stack size was not exceeded when calling Array.p.sort. As the new sorting algorithm (TimSort) does not work recursively, this test is no longer really necessary. It is also rather slow and causes issues on some bots, so we remove the test. R=mslekova@chromium.org Bug: v8:7783 Change-Id: I5bb9693ab825fe077776fd6825688545286285fd Reviewed-on: https://chromium-review.googlesource.com/1196511Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Simon Zünd <szuend@google.com> Cr-Commit-Position: refs/heads/master@{#55527}
-
Michael Starzinger authored
This adds experimental support for an 'except_ref' value type for caught exceptions as per the exception handling proposal. In the current for it is only allowed to have such types in the stack or in a local, support for having it as part of any signature was left out. The default value for a local of type 'except_ref' is the 'ref_null' value for now. Since this value cannot escape a wasm function, the concrete value is not actually observable. R=ahaas@chromium.org TEST=unittests/LocalDeclDecoderTest.ExceptRef,mjsunit/wasm/exceptions BUG=v8:8091 Change-Id: I7bd65274327a833262f8749cbe0e24e737f6e0c1 Reviewed-on: https://chromium-review.googlesource.com/1196510Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#55526}
-
Simon Zünd authored
This CL fixes a bug if the second argument ('from') for lastIndexOf changes the array when its converted to an integer. R=jgruber@chromium.org Bug: chromium:878845 Change-Id: I8759dd19381c63f0dde1d4c5abc1b6c7291c6048 Reviewed-on: https://chromium-review.googlesource.com/1196507Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Simon Zünd <szuend@google.com> Cr-Commit-Position: refs/heads/master@{#55525}
-
Benedikt Meurer authored
This is no longer necessary as the JSFunction::code field is now a proper tagged field, that points to a Code object, instead of a naked pointer into the beginning of the Code object. So now the representation selection always sees a proper tagged value here. Bug: v8:8015 Change-Id: Ia66e9425d82a0f765e4cbb6e3bed7bcdd9438958 Reviewed-on: https://chromium-review.googlesource.com/1196662Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#55524}
-
Dan Elphick authored
Since jump tables cannot be embedded, prevent their generation for bytecode handlers. This allows the remaining 7 bytecode handlers to be marked isolate independent. Bug: v8:8068 Change-Id: I3a4a6e6530fd1c585558a0d44bd429f572318b57 Reviewed-on: https://chromium-review.googlesource.com/1196509Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Cr-Commit-Position: refs/heads/master@{#55523}
-
Michael Lippautz authored
Embedders should use the mentioned replacements. Bug: chromium:843903 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I7b7d6a086fd5fe5df3b6d0c4a91bb834c699600d Reviewed-on: https://chromium-review.googlesource.com/1196444Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#55522}
-
Florian Sattler authored
This improves parse time for code-load and other benchmarks. Bug: v8:7926 Change-Id: I9c8017f2e7f73dd952c025db5abe8e4062e6ef9b Reviewed-on: https://chromium-review.googlesource.com/1196506 Commit-Queue: Florian Sattler <sattlerf@google.com> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#55521}
-
Hai Dang authored
This CL improves the performance of creating [...a, b] or [...a]. If the array literal has a leading spread, this CL emits the bytecode [CreateArrayFromIterable] to create the literal. CreateArrayFromIterable is implemented by [IterableToListDefault] builtin to create the initial array for the leading spread. IterableToListDefault has a fast path to clone efficiently if the spread is an actual array. The bytecode generated is now shorter. Bytecode generation is refactored into to BuildCreateArrayLiteral, which allows VisitCallSuper to benefit from this optimization also. For now, turbofan also lowers the bytecode to the builtin. The idiomatic use of [...a] to clone the array a now performs better than a simple for-loop, but still does not match the performance of slice. Bug: v8:7980 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: Ibde659c82d3c7aa1b1777a3d2f6426ac8cc15e35 Reviewed-on: https://chromium-review.googlesource.com/1181024Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Commit-Queue: Hai Dang <dhai@google.com> Cr-Commit-Position: refs/heads/master@{#55520}
-
Florian Sattler authored
This is needed to meet the timeout requirements of android builds. Change-Id: Ia771f94683e2e0c88c54ed0e0a75925abfa85786 Reviewed-on: https://chromium-review.googlesource.com/1196508Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Florian Sattler <sattlerf@google.com> Cr-Commit-Position: refs/heads/master@{#55519}
-
Benedikt Meurer authored
This changes SimplifiedLowering to be more consistent when chosing Smi representation as input for Number comparisons. We already had some isolated logic for doing (speculative) Number comparisons on Smis, but only in the case where that decision was based on type feedback, not on information already present in the graph. Bug: v8:7703 Change-Id: I25370ade630917675a6ac79b5ae6a8afd253dfc7 Reviewed-on: https://chromium-review.googlesource.com/1196422Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#55518}
-
Michael Starzinger authored
This removes the thread-local field in question. This side-channel for the "caught exception" is not needed, we can just explicitly pass the exception value to all support functions. Also, there is an inherent problem with having this side-channel, as it will not be properly reset when an exception handler ends up not rethrowing the exception. R=ahaas@chromium.org BUG=v8:8097 Change-Id: I2fdaff89f0eb318ce5a33bf56513165185547c1b Reviewed-on: https://chromium-review.googlesource.com/1194063Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#55517}
-
Sigurd Schneider authored
TBR=machenbach@chromium.org, hablich@chromium.org NOTRY=true Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I8c5fc76a3d16428c2495c23ef0529569a927a8c9 Reviewed-on: https://chromium-review.googlesource.com/1196443 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#55516}
-
jgruber authored
This reverts two CLs that were intended to show symbols for embedded builtins in chromecrash. The symbols never showed up, a part of this must still be missing. Revert "[builtins] Declare builtin symbols as globals" This reverts commit 8412353c. Revert "[builtins] Declare builtin symbols" This reverts commit 17ad3ae4. TBR=yangguo@chromium.org Bug: v8:6666, v8:7722 Change-Id: Ifcbf56a36ea51ea65de77c507886402f3663f414 Reviewed-on: https://chromium-review.googlesource.com/1195493Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#55515}
-
Dan Elphick authored
Use BuiltinAssemblerOptions to generate AssemblerOptions when generating the bytecode handlers (assuming v8_enable_embedded_bytecode_handlers is on). Mark all but InvokeIntrinsic, InvokeIntrinsicWide, InvokeIntrinsicExtraWide, TestIn, TestInWide, TestInExtraWide and TestTypeOf as isolate-independent. The excluded handlers create jump tables which have absolute addresses. Bug: v8:8068 Change-Id: Ia29e9c737ec345193e24fc2aa3684daefb113a9a Reviewed-on: https://chromium-review.googlesource.com/1195508Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Cr-Commit-Position: refs/heads/master@{#55514}
-
Toon Verwaest authored
This reverts commit 19a8f1ba. Reason for revert: it's actually slower this way Original change's description: > [scanner] Use AdvanceUntil in SkipWhiteSpace > > Change-Id: I4a578589290e91da2eae4cef8f936e6c888e177c > Reviewed-on: https://chromium-review.googlesource.com/1194015 > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Commit-Queue: Toon Verwaest <verwaest@chromium.org> > Cr-Commit-Position: refs/heads/master@{#55497} TBR=ishell@chromium.org,verwaest@chromium.org Change-Id: I93b51104bef984332536360c6321eaa1dab8fd74 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/1196402Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#55513}
-
Sigurd Schneider authored
Also takes care of InterpreterEnterBytecodeAdvance. Drive-by: - Add DCHECK to ensure cmpb is only used with byte registers. - Add Push/PopRootRegister to TurboAssembler with DCHECK ensuring that there is a NoRootArrayScope Change-Id: Ibcf1c91b12767bdf6425b18872c41b31124de3ba Bug: v8:6666 Reviewed-on: https://chromium-review.googlesource.com/1190305Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#55512}
-