- 11 May, 2017 15 commits
-
-
gsathya authored
BUG=v8:6261, v8:6278, v8:6344 Review-Url: https://codereview.chromium.org/2868343002 Cr-Original-Commit-Position: refs/heads/master@{#45236} Committed: https://chromium.googlesource.com/v8/v8/+/55a610ba24c819ef24d0efbcc4d2e4a4f6a24baa Review-Url: https://codereview.chromium.org/2868343002 Cr-Commit-Position: refs/heads/master@{#45259}
-
Michael Lippautz authored
Bug: chromium:651354 Change-Id: I797a0eee698c9c5a6bf191fb041111c9ff5440cf Reviewed-on: https://chromium-review.googlesource.com/503227Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#45258}
-
dusan.simicic authored
This patch fixes regresion introduced in CL: https://chromium-review.googlesource.com/c/489525/ ldr instruction is unaligned load on MIPS and it is not available in MIPS64r6 architecture. BUG= Review-Url: https://codereview.chromium.org/2873873005 Cr-Commit-Position: refs/heads/master@{#45257}
-
Michael Starzinger authored
This makes sure that function variables as well as function table variables are properly typed as immutable, hence assignments to them should cause validation failures. R=clemensh@chromium.org TEST=mjsunit/asm/immutable BUG=chromium:721271 Change-Id: Ia3f65fd0782ca571ffcf99520fdbd8fc5a359d16 Reviewed-on: https://chromium-review.googlesource.com/503209Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#45256}
-
Michael Starzinger authored
This removes logic tracking whether a number literal in the source contained a "dot" character or not. The tracking was only needed for validation of asm.js modules on the AST, it is obsolete now. R=marja@chromium.org Change-Id: Ib474e2281db80fe56d43e1af52221a7c66261e01 Reviewed-on: https://chromium-review.googlesource.com/503228Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#45255}
-
ulan authored
The mutator can convert a pointer slot of a JSObject to an unboxed double slot. To make it we safe for the concurrent marker, we require synchronization using the object markbits. The concurrent marker visits the JSObject as follows: - save snapshot of object slot addresses and values. - visit the snapshot only after successful transition of the object from grey to black. Before an unsafe layout change the mutator colors the object black and visits it using the bailout marking deque. BUG=chromium:694255 Review-Url: https://codereview.chromium.org/2876553002 Cr-Commit-Position: refs/heads/master@{#45254}
-
Michael Starzinger authored
R=clemensh@chromium.org Change-Id: I5c37cdf4f11ff7062e6af8c7af5b6eabf1baedad Reviewed-on: https://chromium-review.googlesource.com/503207Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#45253}
-
ulan authored
BUG=chromium:720606 Review-Url: https://codereview.chromium.org/2871173006 Cr-Commit-Position: refs/heads/master@{#45252}
-
Michael Achenbach authored
Bug: v8:6355 NOTRY=true TBR=sergiyb@chromium.org Change-Id: Ib0b6d32cf330d03d1898f55f7fc21092ce816beb Reviewed-on: https://chromium-review.googlesource.com/503269Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#45251}
-
Andreas Haas authored
This CL implements a streaming decoder which takes the bytes of a wasm module as an input, potentially split into multiple chunks, and decodes them into segments. Each segment either contains the payload of a whole section, or the code of a single function. The goal is that the streaming decoder is used for streaming compilation. That's where the interface comes from, see (https://cs.chromium.org/chromium/src/v8/include/v8.h?q=OnBytesReceived&sq=package:chromium&l=4060) Error positions are not reported correctly at the moment. I plan to do this in a separate CL. Change-Id: I6e3df6a91945c7baec2dc4f5de2e5f47636083df Reviewed-on: https://chromium-review.googlesource.com/471350 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Mircea Trofin <mtrofin@chromium.org> Cr-Commit-Position: refs/heads/master@{#45250}
-
Michael Achenbach authored
Port https://chromium-review.googlesource.com/c/501849/ NOTRY=true TBR=tandrii@chromium.org Bug: chromium:717504 Change-Id: Ia37759c615cc3ad4d2978a4589ca687a750afc46 Reviewed-on: https://chromium-review.googlesource.com/503028 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#45249}
-
mlippautz authored
The reason we need this mode is that IterateRoots for the Scavenger only captures dependent weak nodes. This is also what we do for marking for the minor MC. Since the regular marking might also mark objects that are weakly (non-dependently) pointed to by nodes we need to capture all of them during pointers updating. The reason this works for the Scavenger is because we do one pass at the end of the scavenger (combined with resetting) that captures all those nodes. BUG=chromium:651354 Review-Url: https://codereview.chromium.org/2869413002 Cr-Commit-Position: refs/heads/master@{#45248}
-
jgruber authored
Clearing the pending exception is not enough - if we want to swallow an exception while currently on top of an external handler (e.g. TryCatch), we also need to clear external_caught_exception. BUG=chromium:719380 Review-Url: https://codereview.chromium.org/2870423002 Cr-Commit-Position: refs/heads/master@{#45247}
-
Michael Lippautz authored
This reverts commit c836a95e. Reason for revert: I don't think this was related. Original change's description: > Revert "Revert "[global-handles] Remove dead code"" > > This reverts commit 58020872. > > Reason for revert: Turned out to be a bot issue, reverting the revert. > > Original change's description: > > Revert "[global-handles] Remove dead code" > > > > This reverts commit e2890c19. > > > > Reason for revert: Looks like this CL causes slowdown on multiple builders, Check tests timeout and raise exceptions on the bot. Possible it is a bot issue as well, see tracking bug - https://bugs.chromium.org/p/chromium/issues/detail?id=720606 > > > > Original change's description: > > > [global-handles] Remove dead code > > > > > > Bug: chromium:720477 > > > Change-Id: I090168c575c41b7038af5dfba6cd8973d1154c51 > > > Reviewed-on: https://chromium-review.googlesource.com/501790 > > > Reviewed-by: Hannes Payer <hpayer@chromium.org> > > > Commit-Queue: Michael Lippautz <mlippautz@chromium.org> > > > Cr-Commit-Position: refs/heads/master@{#45241} > > > > TBR=hpayer@chromium.org,mlippautz@chromium.org,jochen@chromium.org > > NOPRESUBMIT=true > > NOTREECHECKS=true > > NOTRY=true > > Bug: chromium:720477 > > > > Change-Id: I92f40d8c4dbfdb5208b3068648612e8c5b97fb20 > > Reviewed-on: https://chromium-review.googlesource.com/502029 > > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > > Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#45243} > > TBR=hpayer@chromium.org,gdeepti@chromium.org,mlippautz@chromium.org,jochen@chromium.org,v8-reviews@googlegroups.com > NOPRESUBMIT=true > NOTREECHECKS=true > NOTRY=true > Bug: chromium:720477 > > Change-Id: I70e190e0c27074228a8128aa849e5a419af915e8 > Reviewed-on: https://chromium-review.googlesource.com/502030 > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> > Cr-Commit-Position: refs/heads/master@{#45244} TBR=hpayer@chromium.org,gdeepti@chromium.org,mlippautz@chromium.org,jochen@chromium.org,v8-reviews@googlegroups.com NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Bug: chromium:720477 Change-Id: If3e4abea51d87546e25076b906a4c91e5ccf947b Reviewed-on: https://chromium-review.googlesource.com/503007Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#45246}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/5a162d8..2e68430 Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapult/+log/0e86ab1..27f7008 Rolling v8/tools/swarming_client: https://chromium.googlesource.com/external/swarming.client/+log/11e31af..e6fc938 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Change-Id: I076d768c3580e0981740cd27a40decac24fa062b Reviewed-on: https://chromium-review.googlesource.com/502350Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#45245}
-
- 10 May, 2017 25 commits
-
-
Deepti Gandluri authored
This reverts commit 58020872. Reason for revert: Turned out to be a bot issue, reverting the revert. Original change's description: > Revert "[global-handles] Remove dead code" > > This reverts commit e2890c19. > > Reason for revert: Looks like this CL causes slowdown on multiple builders, Check tests timeout and raise exceptions on the bot. Possible it is a bot issue as well, see tracking bug - https://bugs.chromium.org/p/chromium/issues/detail?id=720606 > > Original change's description: > > [global-handles] Remove dead code > > > > Bug: chromium:720477 > > Change-Id: I090168c575c41b7038af5dfba6cd8973d1154c51 > > Reviewed-on: https://chromium-review.googlesource.com/501790 > > Reviewed-by: Hannes Payer <hpayer@chromium.org> > > Commit-Queue: Michael Lippautz <mlippautz@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#45241} > > TBR=hpayer@chromium.org,mlippautz@chromium.org,jochen@chromium.org > NOPRESUBMIT=true > NOTREECHECKS=true > NOTRY=true > Bug: chromium:720477 > > Change-Id: I92f40d8c4dbfdb5208b3068648612e8c5b97fb20 > Reviewed-on: https://chromium-review.googlesource.com/502029 > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> > Cr-Commit-Position: refs/heads/master@{#45243} TBR=hpayer@chromium.org,gdeepti@chromium.org,mlippautz@chromium.org,jochen@chromium.org,v8-reviews@googlegroups.com NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Bug: chromium:720477 Change-Id: I70e190e0c27074228a8128aa849e5a419af915e8 Reviewed-on: https://chromium-review.googlesource.com/502030Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/master@{#45244}
-
Deepti Gandluri authored
This reverts commit e2890c19. Reason for revert: Looks like this CL causes slowdown on multiple builders, Check tests timeout and raise exceptions on the bot. Possible it is a bot issue as well, see tracking bug - https://bugs.chromium.org/p/chromium/issues/detail?id=720606 Original change's description: > [global-handles] Remove dead code > > Bug: chromium:720477 > Change-Id: I090168c575c41b7038af5dfba6cd8973d1154c51 > Reviewed-on: https://chromium-review.googlesource.com/501790 > Reviewed-by: Hannes Payer <hpayer@chromium.org> > Commit-Queue: Michael Lippautz <mlippautz@chromium.org> > Cr-Commit-Position: refs/heads/master@{#45241} TBR=hpayer@chromium.org,mlippautz@chromium.org,jochen@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Bug: chromium:720477 Change-Id: I92f40d8c4dbfdb5208b3068648612e8c5b97fb20 Reviewed-on: https://chromium-review.googlesource.com/502029Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/master@{#45243}
-
kozyatinskiy authored
Revert of [inspector] use creation stack trace as parent for async call chains (patchset #2 id:20001 of https://codereview.chromium.org/2868493002/ ) Reason for revert: CHECK is too strict. Original issue's description: > [inspector] use creation stack trace as parent for async call chains > > Creation stack trace points to the place where callback was actually chained, scheduled points where parent promise was resolved. > For async tasks without creation stack (e.g. setTimeout) we continue to use scheduled as creation since usually they are the same. > > BUG=v8:6189 > R=dgozman@chromium.org > > Review-Url: https://codereview.chromium.org/2868493002 > Cr-Commit-Position: refs/heads/master@{#45198} > Committed: https://chromium.googlesource.com/v8/v8/+/e118462f18a862df81a04486e13dd62997cbfc5a TBR=dgozman@chromium.org,alexclarke@chromium.org # Not skipping CQ checks because original CL landed more than 1 days ago. BUG=v8:6189 Review-Url: https://codereview.chromium.org/2868423004 Cr-Commit-Position: refs/heads/master@{#45242}
-
Michael Lippautz authored
Bug: chromium:720477 Change-Id: I090168c575c41b7038af5dfba6cd8973d1154c51 Reviewed-on: https://chromium-review.googlesource.com/501790Reviewed-by: Hannes Payer <hpayer@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#45241}
-
Mircea Trofin authored
This reverts commit 619dfed4. Original CL: https://chromium-review.googlesource.com/c/494968/ Bug: Change-Id: Ib4a1f481e46f1972420cc8f8d2192bb6c470e08d Reviewed-on: https://chromium-review.googlesource.com/501650 Commit-Queue: Brad Nelson <bradnelson@chromium.org> Reviewed-by: Brad Nelson <bradnelson@chromium.org> Cr-Commit-Position: refs/heads/master@{#45240}
-
gdeepti authored
Revert of [interpreter] Add intrinsics for map/set instance type checks (patchset #1 id:1 of https://codereview.chromium.org/2868343002/ ) Reason for revert: Breaks V8 Linux - arm64 - sim - gc stress - https://build.chromium.org/p/client.v8.ports/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20gc%20stress/builds/6471/steps/Bisect%20f86985ad.Retry/logs/typedarray-every Original issue's description: > [interpreter] Add intrinsics for map/set instance type checks > > BUG=v8:6261, v8:6278, v8:6344 > > Review-Url: https://codereview.chromium.org/2868343002 > Cr-Commit-Position: refs/heads/master@{#45236} > Committed: https://chromium.googlesource.com/v8/v8/+/55a610ba24c819ef24d0efbcc4d2e4a4f6a24baa TBR=rmcilroy@chromium.org,gsathya@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:6261, v8:6278, v8:6344 Review-Url: https://codereview.chromium.org/2878473002 Cr-Commit-Position: refs/heads/master@{#45239}
-
gdeepti authored
- Currently if GrowMemory is called with pages = 0, an attempt is made to unregister the ArrayBuffer even if it is external. Cleanup so all Detaching of ArrayBuffer is centralized to one method, and can only be called fromJS. - Gate creating WeakHandles to the memory on the buffer having guard pages enabled. Currently creating a WeakHandle is gated only on if the buffer is_external true. If a buffer is marked is_external = true to begin with, the WeakHandle is created and the Finalizer is run causing the program to crash. BUG=chromium:717647 Review-Url: https://codereview.chromium.org/2867233002 Cr-Commit-Position: refs/heads/master@{#45238}
-
Michael Starzinger authored
This makes sure that the checking of stdlib values during module instantiation is non-observable. It is needed to prevent observable double evaluation of the involved property loads in case of failures during instantiation and also fixes some issues with exceptions happening during property loads. R=clemensh@chromium.org TEST=mjsunit/asm/asm-stdlib BUG=v8:6297 Change-Id: I1d0c371e51bee8186d14fa794fb3f9b7f67e5944 Reviewed-on: https://chromium-review.googlesource.com/501887Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#45237}
-
gsathya authored
BUG=v8:6261, v8:6278, v8:6344 Review-Url: https://codereview.chromium.org/2868343002 Cr-Commit-Position: refs/heads/master@{#45236}
-
mlippautz authored
BUG=chromium:651354 Review-Url: https://codereview.chromium.org/2872063003 Cr-Commit-Position: refs/heads/master@{#45235}
-
Ross McIlroy authored
Since the feedback vector is itself a native context structure, why not store optimized code for a function in there rather than in a map from native context to code? This allows us to get rid of the optimized code map in the SharedFunctionInfo, saving a pointer, and making lookup of any optimized code quicker. Original patch by Michael Stanton <mvstanton@chromium.org> BUG=v8:6246,chromium:718891 TBR=yangguo@chromium.org,ulan@chromium.org Change-Id: I3bb9ec0cfff32e667cca0e1403f964f33a6958a6 Reviewed-on: https://chromium-review.googlesource.com/500134Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#45234}
-
Michael Starzinger authored
R=clemensh@chromium.org Change-Id: Id3a44a247bc881ba0f9d41a242cbb6130094771c Reviewed-on: https://chromium-review.googlesource.com/501847 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#45233}
-
Tobias Tebbi authored
[turbofan] [builtins] Unify construct builtins for JS functions and classes and add inlining and deoptimizer support BUG=v8:6180 R=mstarzinger@chromium.org Change-Id: Iac5782a0f6b0ff92293421656d907073cfc3f5dd Reviewed-on: https://chromium-review.googlesource.com/489525 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#45232}
-
jkummerow authored
When black allocation is turned on at deserialization time, then slots in deserialized objects have to be visited by the incremental marker. For spaces with reservations, this has always been done; for large object space with its special handling, this patch adds it. Additionally, we must ensure that no incremental steps that might cause incremental marking to finish are performed while there is an AlwaysAllocateScope around. BUG=chromium:718859 Review-Url: https://codereview.chromium.org/2868103002 Cr-Commit-Position: refs/heads/master@{#45231}
-
ulan authored
BUG=chromium:694255 Review-Url: https://codereview.chromium.org/2872263002 Cr-Commit-Position: refs/heads/master@{#45230}
-
ulan authored
This reverts commit 8f89e286. Review-Url: https://codereview.chromium.org/2876503002 Cr-Commit-Position: refs/heads/master@{#45229}
-
tebbi authored
BUG=v8:6380 Review-Url: https://codereview.chromium.org/2872173003 Cr-Commit-Position: refs/heads/master@{#45228}
-
ulan authored
Revert of [heap] Verify remembered set for objects in the old generation. (patchset #3 id:40001 of https://codereview.chromium.org/2868053002/ ) Reason for revert: buildbot failures Original issue's description: > [heap] Verify remembered set for objects in the old generation. > > Review-Url: https://codereview.chromium.org/2868053002 > Cr-Commit-Position: refs/heads/master@{#45225} > Committed: https://chromium.googlesource.com/v8/v8/+/755a809ee5f91f5f63d5f056af37090960be002c TBR=mlippautz@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Review-Url: https://codereview.chromium.org/2870413002 Cr-Commit-Position: refs/heads/master@{#45227}
-
Miran.Karic authored
Added support for DINSM and DINSU bit insertion instructions. Also fixed errors with bit extraction instructions, added disassembler tests and adjusted the code to make it more compact. BUG= TEST=cctest/test-assembler-mips/Dins cctest/test-disasm-mips/Type0 Review-Url: https://codereview.chromium.org/2871663002 Cr-Commit-Position: refs/heads/master@{#45226}
-
ulan authored
Review-Url: https://codereview.chromium.org/2868053002 Cr-Commit-Position: refs/heads/master@{#45225}
-
Michael Achenbach authored
This ports: https://chromium-review.googlesource.com/c/493466/ The code was originally copied from bot_update. So were the bugs. Bug: chromium:717504 NOTRY=true TBR=tandrii@chromium.org,agable@chromium.org Change-Id: If2d2dafdca8cd44f325dc770dfc42c17889a3b4a Reviewed-on: https://chromium-review.googlesource.com/501787Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#45224}
-
mlippautz authored
BUG=chromium:651354 Review-Url: https://codereview.chromium.org/2855143003 Cr-Commit-Position: refs/heads/master@{#45223}
-
jgruber authored
One of the serializer fuzzers passes in random data to the deserializer, which can then be used to deserialize a JSRegExp instance with random flag contents. This can cause issues since the JSRegExp::Flag enum statically contains kDotAll - but it is only valid to set kDotAll iff FLAG_harmony_regexp_dotall is set. This CL verifies deserialized flags before constructing the JSRegExp and bails out if they are invalid. R=jbroman@chromium.org,yangguo@chromium.org BUG=chromium:719280 Review-Url: https://codereview.chromium.org/2870743004 Cr-Commit-Position: refs/heads/master@{#45222}
-
Michael Starzinger authored
This fixes cases where falling off the end of a non-void function was accepted as a valid asm.js module. This led to translation failures in the WASM code. Only void functions are allowed to fall off the end. R=clemensh@chromium.org TEST=mjsunit/asm/return-types BUG=chromium:719286 Change-Id: I7b1c9ba5381b87a23cf0a2171bee5e5f5e8cd9de Reviewed-on: https://chromium-review.googlesource.com/500312 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#45221}
-
predrag.rudic authored
By C++ standard, behaviour is undedined when converting -Infinity to integer. This patch assures correct behaviour in this case on all platforms. BUG= Review-Url: https://codereview.chromium.org/2865113005 Cr-Commit-Position: refs/heads/master@{#45220}
-