- 14 Feb, 2017 29 commits
-
-
eholk authored
Previously we captured the PC before calling EnsureSpace in RecordProtectedInstruction. Sometimes EnsureSpace would resize and move the buffer, which would invalidate the previously captured PC and trip an assert when writing RelocInfo. With this change, we do not capture the PC until after we've ensured there's enough space, which ensures the PC will be valid. BUG= Review-Url: https://codereview.chromium.org/2690523003 Cr-Commit-Position: refs/heads/master@{#43202}
-
eholk authored
BUG= https://bugs.chromium.org/p/v8/issues/detail?id=5507 Review-Url: https://codereview.chromium.org/2660903003 Cr-Original-Commit-Position: refs/heads/master@{#42821} Committed: https://chromium.googlesource.com/v8/v8/+/eb9b5edffb8c5acb0abdff0729901f95dbd3ccac Review-Url: https://codereview.chromium.org/2660903003 Cr-Commit-Position: refs/heads/master@{#43201}
-
clemensh authored
Use them to encode int32 constants properly. This reduces the generated wasm size in the unity benchmark from 21.6 MB to 16.8 MB (-22.2%). This hopefully also translates to increased performance especially on mobile because of lower memory usage. R=bradnelson@chromium.org, titzer@chromium.org Review-Url: https://codereview.chromium.org/2692943002 Cr-Commit-Position: refs/heads/master@{#43200}
-
ahaas authored
R=bmeurer@chromium.org, v8-arm-ports@googlegroups.com BUG=v8:5951 Review-Url: https://codereview.chromium.org/2685943003 Cr-Original-Commit-Position: refs/heads/master@{#43090} Committed: https://chromium.googlesource.com/v8/v8/+/c46ccef921ee754d60283d132b9d19f64ae7b1ff Review-Url: https://codereview.chromium.org/2685943003 Cr-Commit-Position: refs/heads/master@{#43199}
-
clemensh authored
because that's what it actually does. In the next step, I will introduce EmitVarInt again with the correct semantics, and use it in EmitI32Const and other places where we don't do proper varint encoding currently. R=bradnelson@chromium.org, titzer@chromium.org Review-Url: https://codereview.chromium.org/2694633003 Cr-Commit-Position: refs/heads/master@{#43198}
-
vabr authored
CreateNumberFormat of src/js/i18n.js implements http://www.ecma-international.org/ecma-402/1.0/#sec-11.1.1.1, but has a typo in step 33a. The spec says that the default value for minimumSignificantDigits should be 1, while the script set it to 0. This CL fixes that typo and adds a test for that. BUG=v8:5554 Review-Url: https://codereview.chromium.org/2694673003 Cr-Commit-Position: refs/heads/master@{#43197}
-
adamk authored
R=littledan@chromium.org, marja@chromium.org, vogelheim@chromium.org NOTRY=true Review-Url: https://codereview.chromium.org/2690123003 Cr-Commit-Position: refs/heads/master@{#43196}
-
Marja Hölttä authored
It's needed by code-stubs.h and it was defined in objects-inl.h. That cannot work without violating the include rules. BUG=v8:5402 R=mstarzinger@chromium.org Change-Id: Icb84b97de5622df8cf76e9fc4d117982901c99d9 Reviewed-on: https://chromium-review.googlesource.com/441845 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#43195}
-
Ross McIlroy authored
BUG=v8:5203 Change-Id: Iee83ac42fc17bb455ea2104540d2d3bc60260a42 Reviewed-on: https://chromium-review.googlesource.com/441705Reviewed-by: Jochen Eisinger <jochen@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#43194}
-
vabr authored
After https://github.com/tc39/ecma262/pull/642, Date.UTC no longer requires the month argument to be specified. The spec provides 0 as its default value. This CL updates the builtins-date.cc code to reflect that and drops the test suppression for test262/built-ins/Date/UTC/return-value. BUG=v8:5534 Review-Url: https://codereview.chromium.org/2689173003 Cr-Commit-Position: refs/heads/master@{#43193}
-
Ross McIlroy authored
Add the function literal to eager_literals before recursing into the literal. This ensures that the order of eager_literals reflects the order in which the functions will be called, which in-turn ensures it is compiled first by the compiler-dispatcher. BUG=v8:5203 Change-Id: I0e334a7d1ee93cf67936adbadd2883e40acb1cc5 Reviewed-on: https://chromium-review.googlesource.com/441825Reviewed-by: Jochen Eisinger <jochen@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#43192}
-
Daniel Clifford authored
Change-Id: Id10be318965d7ec81af8fce8ec230557d3bf1369 Reviewed-on: https://chromium-review.googlesource.com/442126Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Daniel Clifford <danno@chromium.org> Cr-Commit-Position: refs/heads/master@{#43191}
-
Michael Achenbach authored
BUG=chromium:691954 NOTRY=true R=tandrii@chromium.org TBR=jarin@chromium.org Change-Id: Id57ed8206a19abb09a7e9835c876d3a932405658 Reviewed-on: https://chromium-review.googlesource.com/442424Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#43190}
-
Georg Neis authored
BUG= Change-Id: I4a5db9bc045a63e710d0115523ab23b98e7c7ae6 Reviewed-on: https://chromium-review.googlesource.com/442504Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#43189}
-
ishell@chromium.org authored
... and revert "[runtime] Mark maps created as a result of field type or representation generalization as migration targets." because it regresses performance of too many map checks in optimized code. BUG=v8:5444, chromium:680995 Change-Id: I84038d75425df3709a81e5fdcc6c0db32939060d Reviewed-on: https://chromium-review.googlesource.com/442125Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#43188}
-
jbroman authored
The string will be internalized anyhow when the first object is instantiated, and since templates are eternal, the string will be eternal anyhow even if the template is never instantiated. Review-Url: https://codereview.chromium.org/2697683002 Cr-Commit-Position: refs/heads/master@{#43187}
-
mstarzinger authored
R=bmeurer@chromium.org TEST=unittests/JSTypedLoweringTest Review-Url: https://codereview.chromium.org/2694063003 Cr-Commit-Position: refs/heads/master@{#43186}
-
ishell@chromium.org authored
BUG= Change-Id: I1e32fdcf9edda57f5de329c8b694620a5da4558b Reviewed-on: https://chromium-review.googlesource.com/442444Reviewed-by: Michael Stanton <mvstanton@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#43185}
-
tebbi authored
My hypothesis is that the OOM crash is caused by a loop of forgetting and reallocating a VirtualObject inside of a VirtualState. R=mstarzinger@chromium.org BUG=chromium:691487 Review-Url: https://codereview.chromium.org/2694723002 Cr-Commit-Position: refs/heads/master@{#43184}
-
Andrii Shyshkalov authored
CQ will only allow CL authors (owners in Gerrit) and V8 committers to trigger CQ in Gerrit codereview. Thus, CQ voting restriction to just committers can be lifted, letting every authenticated user attempt to trigger CQ. R=machenbach@chromium.org,agable@chromium.org BUG=641422,685318 NOTRY=True Change-Id: Ied310a65277d6fefa44a9945cc780cb8fe827e03 Reviewed-on: https://chromium-review.googlesource.com/442124 Commit-Queue: Andrii Shyshkalov <tandrii@chromium.org> Reviewed-by: Aaron Gable <agable@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#43183}
-
vabr authored
If the Reflect.construct receives an argument expected to be a constructor, and the argument is not a constructor, V8 currently declares that Reflect.construct is not a function. It should instead say that the offending argument is not a constructor. This is the case for all ports of builtins (Builtins::Generate_ReflectConstruct). All of them make an attempt to at least pass the right argument to the TypeError parametrised message, calling out the offending Reflect.construct argument. However, Runtime::kThrowCalledNonCallable extracts the callsite from those arguments, discarding the precise information. This CL adds Runtime::kNotConstructor, which reports the arguments passed to it, and the CL also modifies the ports of builtins to make use of Runtime::kNotConstructor BUG=v8:5671 Review-Url: https://codereview.chromium.org/2688393003 Cr-Commit-Position: refs/heads/master@{#43182}
-
Ross McIlroy authored
BUG=v8:5203 Change-Id: Ia64775756873a8abc5d5b9ee987201a16c190420 Reviewed-on: https://chromium-review.googlesource.com/441812Reviewed-by: Jochen Eisinger <jochen@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#43181}
-
gsathya authored
R=neis@chromium.org Review-Url: https://codereview.chromium.org/2690163004 Cr-Commit-Position: refs/heads/master@{#43180}
-
clemensh authored
I identified lots of asm.js tests that are actually not valid according to the spec, hence they execute in default-javascript-mode. This CL fixes most of them by adding additional type annotations. The atomic tests are totally non-spec-compliant by expecting a fourth argument, and infinite-loops-taken expects a function-type parameter, so I did not fix those. I also did not fix the regression tests. R=titzer@chromium.org, bradnelson@chromium.org BUG=v8:4203 Review-Url: https://codereview.chromium.org/2663243002 Cr-Commit-Position: refs/heads/master@{#43179}
-
clemensh authored
See associated bug: A continue if a do-while loop did jump back to the loop header, instead of jumping to the condition. This CL fixes this and adds a test case. R=bradnelson@chromium.org, titzer@chromium.org BUG=v8:5912 Review-Url: https://codereview.chromium.org/2693993002 Cr-Commit-Position: refs/heads/master@{#43178}
-
Andreas Haas authored
Within the initialization of a WasmInstanceWrapper a WeakCell is allocated for the wrapped instance. This allocation of the WeakCell can cause a garbage collection. The bug happened because a pointer to the WasmInstanceWrapper was stored in the unhandlified this pointer, which was invalidated by the garbage collection. R=clemensh@chromium.org CC=gdeepti@chromium.org BUG=chromium:691538 Change-Id: I7001ab7ad3ee30f4c87a13c42e2fd16c0c86027a Reviewed-on: https://chromium-review.googlesource.com/441766Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#43177}
-
bbudge authored
LOG=Y BUG=v8:4124,v8:5948 R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org Review-Url: https://codereview.chromium.org/2684313003 Cr-Original-Original-Commit-Position: refs/heads/master@{#43162} Committed: https://chromium.googlesource.com/v8/v8/+/d170c57ab996d00c4665a9d865bd5754a1806c6c Review-Url: https://codereview.chromium.org/2684313003 Cr-Original-Commit-Position: refs/heads/master@{#43169} Committed: https://chromium.googlesource.com/v8/v8/+/a9b59a11f1bfe069afabe5567f919727456f1f12 Review-Url: https://codereview.chromium.org/2684313003 Cr-Commit-Position: refs/heads/master@{#43176}
-
yangguo authored
R=jgruber@chromium.org, kozyatinskiy@chromium.org BUG=v8:5808 Review-Url: https://codereview.chromium.org/2694623003 Cr-Commit-Position: refs/heads/master@{#43175}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/3e5cfce..0fdcf96 Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapult/+log/67cf0dc..7f34a59 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Change-Id: I62a9982ea0c851b152a2ca5d13684a6cac0f2059 Reviewed-on: https://chromium-review.googlesource.com/442324Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#43174}
-
- 13 Feb, 2017 11 commits
-
-
adamk authored
Inheriting from ZoneObject already provides this operator. R=marja@chromium.org Review-Url: https://codereview.chromium.org/2688283002 Cr-Commit-Position: refs/heads/master@{#43173}
-
adamk authored
R=marja@chromium.org Review-Url: https://codereview.chromium.org/2687403003 Cr-Commit-Position: refs/heads/master@{#43172}
-
bjaideep authored
Port 6ee0b6ce Original Commit Message: This adds support for deoptimizing into the JSConstructStub after the receiver instantiation but before the actual constructor invocation. Such a deoptimization point is needed for cases where instantiation might be observed (e.g. when new.target is a proxy) and hence might trigger a deopt. We use this new deoptimization point for the "after" frame-state the inliner attaches to {JSCreate} nodes being inserted when constructor calls are being inlined. R=mstarzinger@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG=v8:5638 LOG=N Review-Url: https://codereview.chromium.org/2690213002 Cr-Commit-Position: refs/heads/master@{#43171}
-
franzih authored
Revert of Remove SIMD.js from V8. (patchset #7 id:120001 of https://codereview.chromium.org/2684313003/ ) Reason for revert: Breaks Node integration build. Original issue's description: > Remove SIMD.js from V8. > > LOG=Y > BUG=v8:4124,v8:5948 > R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org > > Review-Url: https://codereview.chromium.org/2684313003 > Cr-Original-Commit-Position: refs/heads/master@{#43162} > Committed: https://chromium.googlesource.com/v8/v8/+/d170c57ab996d00c4665a9d865bd5754a1806c6c > Review-Url: https://codereview.chromium.org/2684313003 > Cr-Commit-Position: refs/heads/master@{#43169} > Committed: https://chromium.googlesource.com/v8/v8/+/a9b59a11f1bfe069afabe5567f919727456f1f12 TBR=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org,bradnelson@google.com,machenbach@chromium.org,bbudge@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:4124,v8:5948 Review-Url: https://codereview.chromium.org/2695653005 Cr-Commit-Position: refs/heads/master@{#43170}
-
bbudge authored
LOG=Y BUG=v8:4124,v8:5948 R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org Review-Url: https://codereview.chromium.org/2684313003 Cr-Original-Commit-Position: refs/heads/master@{#43162} Committed: https://chromium.googlesource.com/v8/v8/+/d170c57ab996d00c4665a9d865bd5754a1806c6c Review-Url: https://codereview.chromium.org/2684313003 Cr-Commit-Position: refs/heads/master@{#43169}
-
bbudge authored
- Renames select, swizzle, and shuffle to be consistent with the S128 and existing S32x4 ops, and reflect that these aren't arithmetic. e.g. I16x8Swizzle -> S16x8Swizzle. - Implements S16x8 and S8x16 Select operations and tests. - Implements S128And, Or, Xor, Not operations and tests. - Implements Swizzle for 32x4 formats. - Refactors test macros that generate SIMD code. TEST=cctest/test-run-wasm-simd/* LOG=N BUG=v8:4124 Review-Url: https://codereview.chromium.org/2683713003 Cr-Commit-Position: refs/heads/master@{#43168}
-
bjaideep authored
Port 6c12d57e Original Commit Message: This fixes the case where the index passed to {HMaybeGrowElements} used to derive the new capacity for the elements backing store does not fit into Smi range. Such an overflow would fail the capacity check and cause growing to be skipped. Subsequent keyed stores would potentially go out of bounds. R=mstarzinger@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG=chromium:686427 LOG=N Review-Url: https://codereview.chromium.org/2697473004 Cr-Commit-Position: refs/heads/master@{#43167}
-
jyan authored
R=joransiu@ca.ibm.com, bjaideep@ca.ibm.com, danno@chromium.org, bmeurer@chromium.org BUG= Review-Url: https://codereview.chromium.org/2691893002 Cr-Commit-Position: refs/heads/master@{#43166}
-
verwaest authored
Unlike the old manually written LoadNonexistent stub, the data handler properly supports keyed loads out of the box. Simply remove the condition that disables it. BUG= Review-Url: https://codereview.chromium.org/2693913002 Cr-Commit-Position: refs/heads/master@{#43165}
-
bradnelson authored
Revert of Remove SIMD.js from V8. (patchset #7 id:120001 of https://codereview.chromium.org/2684313003/ ) Reason for revert: red Original issue's description: > Remove SIMD.js from V8. > > LOG=Y > BUG=v8:4124,5948 > R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org > (notry since trybots can't patch directory deletes) > NOTRY=true > > Review-Url: https://codereview.chromium.org/2684313003 > Cr-Commit-Position: refs/heads/master@{#43162} > Committed: https://chromium.googlesource.com/v8/v8/+/d170c57ab996d00c4665a9d865bd5754a1806c6c TBR=bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org,bradnelson@google.com,bbudge@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:4124,5948 Review-Url: https://codereview.chromium.org/2692933002 Cr-Commit-Position: refs/heads/master@{#43164}
-
tebbi authored
R=bmeurer@chromium.org BUG= Review-Url: https://codereview.chromium.org/2680973013 Cr-Commit-Position: refs/heads/master@{#43163}
-