- 21 May, 2019 30 commits
-
-
Toon Verwaest authored
This was already unsupported by the map updated because the condition was manually checked before CanBeInPlaceChangedTo. Since the latter function missed the check, however, new code using the function (json parser) missed the relevant check. Simply move the condition to the function. Bug: chromium:964869 Change-Id: I9424a5706c5f6d637acbf532707da3f1e7d9b55e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1622114 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#61703}
-
Michael Starzinger authored
R=yangguo@chromium.org Change-Id: Ic688665dc137bb0a1c0875f76b1c2b6360a10e2b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1615243 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#61702}
-
Clemens Hammacher authored
When tracing function compilations, do also trace the function index and the function body size. This information often helps investigating bottlenecks in compilation. R=ahaas@chromium.org Bug: v8:8916, chromium:950493 Change-Id: Ibabd1b59827b67ac9b0ef3a78f121ab8fb2c4e09 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1622111Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#61701}
-
Toon Verwaest authored
Check uintptr_t sized blocks of UTF16 chars at a time similar to NonAsciiStart. Fix readds the length precheck so we won't read out of bounds while aligning the start. Change-Id: Iaea901945a2445ba5bf50c67a6211356697ed1fd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1622115 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Auto-Submit: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#61700}
-
Toon Verwaest authored
Change-Id: Ifd8734aa682e238de54284c74209d236c7ac824f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1622110Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#61699}
-
Maciej Goszczycki authored
Bug: v8:9183 Change-Id: Ibdf4633a9a57d0a37e1e2ef8930471e6acbf7e13 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1621944Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Maciej Goszczycki <goszczycki@google.com> Cr-Commit-Position: refs/heads/master@{#61698}
-
Maya Lekova authored
This reverts commit c2e4183a. Reason for revert: Uninitialized value on MSAN, see https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/26888 Original change's description: > [runtime] Speed up String::IsOneByte > > Check uintptr_t sized blocks of UTF16 chars at a time similar to NonAsciiStart. > > Change-Id: Ib4c498cc064e6ac7b6f8cc87ab700eafc8132c39 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1622107 > Commit-Queue: Toon Verwaest <verwaest@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Cr-Commit-Position: refs/heads/master@{#61693} TBR=ishell@chromium.org,verwaest@chromium.org Change-Id: I2e18c9476f0ed47e77da87d2308a3429ef4f515c No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1622112Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#61697}
-
Simon Zünd authored
This CL changes the existing TorqueError struct into a more general TorqueMessage by adding a "kind" enum. The contextual for lint errors is removed and replaced by a list of TorqueMessages. A MessageBuilder is introduced to help with the different combinations of present information and method of reporting. A lint error with custom SourcePosition can be reported like this: Lint("naming convention error").Position(<src_pos_var>); While a fatal error, with CurrentSourcePosition can be thrown like this: Error("something went horrible wrong").Throw(); This approach is both backwards compatible and should prove flexible enough to add more information to messages or add other message kinds. Bug: v8:7793 Change-Id: Ib04fa188e34b3e8e9a6526a086f80da8f690a6f5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1617245 Commit-Queue: Simon Zünd <szuend@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#61696}
-
Sigurd Schneider authored
Change-Id: I377e96fca2dff89a986b43f092ef7684d164cd9d Bug: v8:9264 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1617679 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#61695}
-
Michael Achenbach authored
NOTRY=true Change-Id: Ice2b86a5104e55f9c618791222a3bb91a21b655f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1621940Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#61694}
-
Toon Verwaest authored
Check uintptr_t sized blocks of UTF16 chars at a time similar to NonAsciiStart. Change-Id: Ib4c498cc064e6ac7b6f8cc87ab700eafc8132c39 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1622107 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#61693}
-
Georg Neis authored
This reverts commit 42fee61a. Reason for revert: it's not safe to access in-object fields that way. Will post more information in Gerrit. Original change's description: > Reland "[torque] Convert few class layout to torque." > > This is a reland of b9bfd006 > > Original change's description: > > [torque] Convert few class layout to torque and updated torque code formatter. > > > > 1. Converted Module, JSModuleNameSpace, JSCollator, JSV8BreakIterator, > > TemplateList, > > JSStrictArgumentsObject to torque. > > 2. Updated torque code formatter to now handle multi-line > > declarations correctly. > > > > Bug: v8:8952 > > Change-Id: I97846b1bc0d2cba5d7a68468fc263423b1b55d19 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1536988 > > Reviewed-by: Simon Zünd <szuend@chromium.org> > > Commit-Queue: Suraj Sharma <surshar@microsoft.com> > > Cr-Commit-Position: refs/heads/master@{#61624} > > Removed the Torque code Formatter update from this CL > > Bug: v8:8952 > Change-Id: I01e88ac36acd7ba18791bec609e5ae737672c731 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1619146 > Commit-Queue: Suraj Sharma <surshar@microsoft.com> > Reviewed-by: Simon Zünd <szuend@chromium.org> > Cr-Commit-Position: refs/heads/master@{#61671} TBR=surshar@microsoft.com,szuend@chromium.org Change-Id: I6fd66ce67aeecf0128878924d5e5b6a71ad88e32 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:8952 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1622109Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#61692}
-
Andreas Haas authored
This was supposed to be only a clean-up, but the original code even invalidated a test and thereby covered a test. I fixed the bug here as well. Without testing it I think this fixes https://crbug.com/964607. Bug: v8:9183 Change-Id: I076f40a2302bfd5b7cecd2ae35d4e05a465e054b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1621935 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#61691}
-
Santiago Aboy Solanes authored
There was a case missing when we have a compressed value that: * Can be compressed signed * We know can't be a smi * Has to be converted to tagged pointer The case from tagged to compressed was also missing. This was the proper way of fixing the chromium bug (963917), and it could fix more things since a conversion was missing. Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng Bug: chromium:963917, v8:8977, v8:7703, v8:8982 Change-Id: Id1df8e81bc900fef9bed3539c0ace621810ab1da Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1621941Reviewed-by: Michael Stanton <mvstanton@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#61690}
-
Andreas Haas authored
This CL fixes an issue where V8 does not satisfy the WebAssembly spec of the anyref proposal. The table.fill instruction has 3 parameters, {start_index}, {length}, and {value}. V8 trapped with table-out-of-bounds when {start_index >= table_size}. However, the spec requires that {start_index == table_size} is valid when {length == 0}. R=mstarzinger@chromium.org Bug: v8:7581 Change-Id: I5f83a03fb8e349b48c887535f6f065492feb9ac2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1609537 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#61689}
-
Peter Marshall authored
This is not needed as this is already a method on all ArrayBufferViews and there is only one caller which actually uses the cast. Bug: v8:9183 Change-Id: Ic45b40bf433c870bc8cb0121c24755fd03ce405b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1622106 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Auto-Submit: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#61688}
-
Clemens Hammacher authored
In contrast to (private) class fields, struct fields are public and accessed directly, and do not end in an underscore. This CL fixes naming in struct fields in the recently introduces {CompilationUnitQueues} class. R=ahaas@chromium.org Bug: v8:9183 Change-Id: I87d80650dc4a1c58cf8067ebb4ecfadf929545ab Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1621936Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#61687}
-
Clemens Hammacher authored
The semantics of that method are not obvious (it returns an empty MaybeHandle if the element is undefined, otherwise it assumes it is of type T). Since there is only a single use of that method in the whole code base, just having that logic there explicitly is much simpler. Potential future uses of that method are probably also easier to understand if they just to the checks explicitly. Drive-by: Document semantics of {FixedArray::GetValueChecked}. Also for this method it's quesionable whether it is useful overall. Drive-by^2: Avoid else after return (see style guide). R=mstarzinger@chromium.org Bug: v8:9183 Change-Id: I88dcb0f080d728bbe55932f17cf4d7eb25ab5928 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1619761 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#61686}
-
Yang Guo authored
TBR=hpayer@chromium.org NOPRESUBMIT=true Bug: v8:9247 Change-Id: I3d49c1c748fe5109523d4cd122ba925f20cfc60b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1619755Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#61685}
-
Andreas Haas authored
This is just for convenience, and actually surprising behavior. R=clemensh@chromium.org Bug: v8:9183 Change-Id: I3316856e63b97bfb06da897c6f8b716bc988aa36 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1621932 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#61684}
-
Simon Zünd authored
This is a reland of 3dd56612 The reland introduces a new flag "--experimental-stack-trace-frames". The flag is disabled by default, but enabled for relevant tests. The flag stays disabled by default until API frames are eagerly symbolized to prevent leaks in blink web tests. Original change's description: > [stack-trace] Include API functions in Error.stack stack trace > > This CL extends Error.stack to include frames of functions declared > with the C++ FunctionTemplate API. For example, "print" in d8. > > Two changes are necessary: > - HandleApiCall and friends need to go through an BUILTIN_EXIT frame > instead of an EXIT frame. The existing stack-trace machinery will > then pick up FunctionTemplate frames without additional changes. > - Turbofan doesn't go through HandleApiCall, but instead uses an > ASM builtin to enter FunctionTemplate functions. A "marker" > frame state is needed to include these frames in the stack trace. > > Note: This CL only includes these frames in Error.stack, > but not (yet) in the stack-trace API (v8.h). > > Bug: v8:8742,v8:6802 > Change-Id: Ic0631af883cf56e0d0122a2e0c54e36fed324d91 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1609835 > Commit-Queue: Simon Zünd <szuend@chromium.org> > Reviewed-by: Sigurd Schneider <sigurds@chromium.org> > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/master@{#61602} Bug: v8:8742, v8:6802 Change-Id: I1d3b79cdf0b2edcbaeff1ec15e10deeca725f017 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1621925Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#61683}
-
Yang Guo authored
Bug: v8:9247 TBR=bmeurer@chromium.org,neis@chromium.org NOPRESUBMIT=true Change-Id: Ia1e49d1aac09c4ff9e05d58fab9d08dd71198878 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1621931Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#61682}
-
Andreas Haas authored
This parameter was just for convenience but did not end up in the generated bytes. R=clemensh@chromium.org Bug: v8:9183 Change-Id: Id4faf5b9ad20a357c069c3189db6ed14945dea8c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1621929 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#61681}
-
Toon Verwaest authored
Inputs to JSON can be two-byte because payload strings can contain two-byte characters, without actually having any one-byte property key. Rather than eagerly converting the string to one-byte, we can perform a string-table lookup with a two-byte string key; only converting the result to one-byte if it's a new key. This speeds up json parsing of two-byte json from the Youtube benchmark by 20%. Change-Id: If6d4a37d331724f48b008aef8ec3e28d366cd038 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1619866 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#61680}
-
Sigurd Schneider authored
Factory::NewStackFrameInfo was leaving fields with the default initialization to 'undefined' for fields marked as Smi type in base.tq. Our heap verifier dutifully found and reported the discrepancy. This CL initializes all fields of the struct to values compatible with the Torque specification. In the future, this should probably be done automatically. Change-Id: I30c2e2830300d9d84af663384dd7e0283ec39b77 Bug: chromium:965042 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1621928Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#61679}
-
Yang Guo authored
It has previously been moved to gni/ R=machenbach@chromium.org Change-Id: If838616d28b9eaaea2bff0496a1ad2535845f420 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1621926Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#61678}
-
Simon Zünd authored
This CL also removes the corresponding intrinsic lowering of IsTypedArray in TurboFan and Ignition. Drive-by: Remove unused ArrayBufferViewWasDetached runtime function. Bug: v8:9183 Change-Id: I2767b22fbdfb679cba30b9fbc555c8d41c7f4345 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1617930Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Peter Marshall <petermarshall@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#61677}
-
Yang Guo authored
Bug: v8:9247 Change-Id: I9bcf2694b449f79cdbe03f5fde59cb21b8cad418 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1619758 Commit-Queue: Yang Guo <yangguo@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#61676}
-
Yang Guo authored
R=verwaest@chromium.org Bug: v8:9247 Change-Id: I747c13cc8517858872c85fc93d0e95af4968e1b2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1617934Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#61675}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/eaddee0..12e7bf6 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/4d85003..5655d8f Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/cf6269b..5716400 TBR=machenbach@chromium.org,sergiyb@chromium.org,tmrts@chromium.org Change-Id: Ib0164d126269ca0974252536b9556ceae731e247 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1621488Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#61674}
-
- 20 May, 2019 10 commits
-
-
Suraj Sharma authored
Bug: v8:8952 Change-Id: I36ee0d6793a4a9715360c155636f6e19db2119bc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1616015 Commit-Queue: Suraj Sharma <surshar@microsoft.com> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Simon Zünd <szuend@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#61673}
-
Tobias Tebbi authored
Macros are now inaccessible from CSA except if their declaration is marked with the "export" keyword. The implicit field accessors for class fields are always exported. In this CL, unwarranted access from CSA is prevented by appending a pseudo-random suffix to non-exported names. This is to be replaced by something more principled, namely by not including these macros at all in the headers included from CSA. Bug: v8:7793 Change-Id: I3ffb2e91a616623f81b4b4508e001ad0cf65d2c2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1615258 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Simon Zünd <szuend@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#61672}
-
Suraj Sharma authored
This is a reland of b9bfd006 Original change's description: > [torque] Convert few class layout to torque and updated torque code formatter. > > 1. Converted Module, JSModuleNameSpace, JSCollator, JSV8BreakIterator, > TemplateList, > JSStrictArgumentsObject to torque. > 2. Updated torque code formatter to now handle multi-line > declarations correctly. > > Bug: v8:8952 > Change-Id: I97846b1bc0d2cba5d7a68468fc263423b1b55d19 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1536988 > Reviewed-by: Simon Zünd <szuend@chromium.org> > Commit-Queue: Suraj Sharma <surshar@microsoft.com> > Cr-Commit-Position: refs/heads/master@{#61624} Removed the Torque code Formatter update from this CL Bug: v8:8952 Change-Id: I01e88ac36acd7ba18791bec609e5ae737672c731 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1619146 Commit-Queue: Suraj Sharma <surshar@microsoft.com> Reviewed-by: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#61671}
-
Z Duong Nguyen-Huu authored
When reconfigure data field (e.g. change representation), it was allowed to transition from dictionary elements kind to sealed elements kind. With this change, this transition is forbidden. Bug: chromium:963346 Change-Id: I6c9a5f6f269bc5ee4cd6176ff5e8d803f08dba1f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1613840 Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#61670}
-
Z Duong Nguyen-Huu authored
Also add mjsunit test for spread call with non-extensible objects Micro-benchmark JSTests/ObjectFreeze shows ~7x improvement Before: SpreadCall SpreadCall-Numbers(Score): 239 After: SpreadCall SpreadCall-Numbers(Score): 1461 Bug: v8:6831 Change-Id: Icefd89ad790ac159b7f0617d0a012eefd90d3b1d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1614296Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com> Cr-Commit-Position: refs/heads/master@{#61669}
-
Hannes Payer authored
Bug: v8:9093 Change-Id: I69aa3edddf5ea52e1cca185fa03f51122cdf02c5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1617937 Commit-Queue: Hannes Payer <hpayer@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#61668}
-
Pierre Langlois authored
When the 'disabled-by-default-v8.gc' category is enabled, emit an instant event with heap statistics after every GC. The data that's emitted is the same as what the V8 API gives you with `GetHeapStatistics()` and `GetHeapSpaceStatistics()`. We generate JSON with the following format: ``` { "isolate": "0x55dd5cf03b50", "id": 1, "time_ms": 42.619, "total_heap_size": 3981312, "total_heap_size_executable": 573440, "total_physical_size": 2820440, "total_available_size": 2195254440, "used_heap_size": 1799616, "heap_size_limit": 2197815296, "malloced_memory": 251024, "external_memory": 2981, "peak_malloced_memory": 589280, "spaces": [ { "name": "read_only_space", "size": 262144, "used_size": 32568, "available_size": 229256, "physical_size": 32888 }, { "name": "new_space", "size": 2097152, "used_size": 903392, "available_size": 143904, "physical_size": 1856136 }, ... ] } ``` Bug: v8:9186 Change-Id: I0d07aa37b65d45778d6b47dbe6e07a9dd25d1097 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1619763Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Cr-Commit-Position: refs/heads/master@{#61667}
-
Jaroslav Sevcik authored
This reverts commit ad1fcd43. Reason for revert: Breaks waterfall. Original change's description: > [cleanup] Remove the now-unused deopt_count from feedback vector. > > Bug: v8:9183 > Change-Id: Iceeccc8ab1e4e77b428e7e2feec39bff3317f241 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1617675 > Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#61665} TBR=mstarzinger@chromium.org,jarin@chromium.org Change-Id: Iea0e6a329f55a3a941f0b976925b2abdf7eece38 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:9183 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1619867Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#61666}
-
Jaroslav Sevcik authored
Bug: v8:9183 Change-Id: Iceeccc8ab1e4e77b428e7e2feec39bff3317f241 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1617675 Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#61665}
-
Sigurd Schneider authored
This is a reland of 5ce68669 TBR=ishell@chromium.org Original change's description: > Enable alignment checks when reading object fields > > Drive-by: Fix alignment bugs caused by DCHECKS. > > Bug: v8:9264 > > Change-Id: I0836b1d08fea2ce11d8f7929e12f303b6ae06efe > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1617676 > Commit-Queue: Sigurd Schneider <sigurds@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Cr-Commit-Position: refs/heads/master@{#61643} Bug: v8:9264 Change-Id: Ice9b819cc29eec0c341f16ef35fad4867f5df85b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1619754Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#61664}
-