- 22 Jan, 2018 24 commits
-
-
Clemens Hammacher authored
This reloc mode is never encoded, so there is no reason to differentiate between 32 and 64 bit. Both are now replaced by RelocInfo::NONE. R=mstarzinger@chromium.org Change-Id: I054d99c7dc41f99729fa33617a6f47301b4a31e7 Reviewed-on: https://chromium-review.googlesource.com/878401Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50763}
-
Sigurd Schneider authored
Bug: chromium:800594, v8:7092, v8:7270, v8:7270 Change-Id: I30b69b51f793030c6f8a031a88d2dbb26a79d2bf Reviewed-on: https://chromium-review.googlesource.com/859780 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#50762}
-
Peter Marshall authored
A check will fail if the context passed in is not a native context. Change the code to get the native context from the passed context. Bug: chromium:804288 Change-Id: Iad314a3dd170355cf524b9230a692a6329564f8a Reviewed-on: https://chromium-review.googlesource.com/878324Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#50761}
-
Clemens Hammacher authored
Immediate::is_zero already checks the reloc info to be none, so the additional check is redundant. R=tebbi@chromium.org Change-Id: I3ec91fe60e8c659b2f38fda0123784a69e4bcbe9 Reviewed-on: https://chromium-review.googlesource.com/878321Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50760}
-
Michael Starzinger authored
R=hpayer@chromium.org BUG=v8:6792 Change-Id: Id3413994de603dac1b7501c6fe376cdac1f9d7ce Reviewed-on: https://chromium-review.googlesource.com/866851 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/master@{#50759}
-
Clemens Hammacher authored
Tag RelocInfo which belongs to native wasm code, and fix printing to not try to access the Code object for CODE_TARGET, but rather just print "(wasm trampoline)". Bug: chromium:801785 R=mstarzinger@chromium.org Change-Id: I84a37f0c48ed7397cccf677b4d0f0352e5aceb9d Reviewed-on: https://chromium-review.googlesource.com/875271Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50758}
-
Leszek Swirski authored
Suspend points (inside generators and async functions) have slightly funky semantics when it comes to liveness, as they save and restore a chunk of the register file as-is. In particular, this means that granular liveness information is lost, as it is assumed that all registers in that chunk of the register file are live in a suspend. Rather than marking that entire chunk of register as live/dead in suspend/restore, we can instead pattern-match the set of bytecodes in a suspend point, and propagate liveness across them. This tightens liveness estimates, and could be used to optimize which values TurboFan actually saves when suspending. Bug: chromium:798137 Change-Id: I5840cdbfc2c6edb1d3a48cf025f52615b629cdfc Reviewed-on: https://chromium-review.googlesource.com/848895 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#50757}
-
Clemens Hammacher authored
This CL adds support for indirect calls. R=titzer@chromium.org Bug: v8:6600 Change-Id: Ia29b87fa1f7be873cd722f934b8007c38794dceb Reviewed-on: https://chromium-review.googlesource.com/877884 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#50756}
-
Michael Starzinger authored
This fixes a corner-case with lazy compilation in WebAssembly where native-heap code did not expect to see WASM-to-JS wrappers in tables. R=clemensh@chromium.org TEST=mjsunit/regress/wasm/regress-803788 BUG=chromium:803788 Change-Id: Ie44b5c9efe2b171e1915295bb95d6cb61dfab3dc Reviewed-on: https://chromium-review.googlesource.com/878262Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#50755}
-
Michael Achenbach authored
This is added only to uniformly call all tools by the infra side. NOTRY=true TBR=sergiyb@chromium.org Bug: v8:6917 Change-Id: I85a14ea51abfe1bfc775fd73d2fee02bfb2fb31e Reviewed-on: https://chromium-review.googlesource.com/878361Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50754}
-
Michael Achenbach authored
This adds flags to numfuzz for rerunning flaky tests and for storing json test results. With those flags added, the infra-side can call numfuzz with the same API as the standard test-runner. TBR=sergiyb@chromium.org Bug: v8:6917 Change-Id: I02d1cd02d90677c83f10e072383f3650c041cab1 Reviewed-on: https://chromium-review.googlesource.com/877890Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50753}
-
Sigurd Schneider authored
Array.prototype.reduce[Right] used a lazy deoptimization frame state for an eager deopt point. Bug: v8:7336, chromium:804096 Change-Id: I720f9e049bd6b396e025fa59192fdbc6b4f18647 Reviewed-on: https://chromium-review.googlesource.com/878120 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Daniel Clifford <danno@chromium.org> Cr-Commit-Position: refs/heads/master@{#50752}
-
Michael Starzinger authored
R=clemensh@chromium.org Change-Id: I545b1826be1566f7ce1ed6ad920fac0746a0dca9 Reviewed-on: https://chromium-review.googlesource.com/878161Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#50751}
-
Sigurd Schneider authored
Allow mixing smi/object packed/unpacked maps in A.p.pop/shift. Beforehand, mixing smi and object maps caused a deopt. Bug: v8:7205, v8:7340 Change-Id: Ifec021791e98589be4a56fe97d3cc003f0fb6393 Reviewed-on: https://chromium-review.googlesource.com/878121Reviewed-by: Michael Stanton <mvstanton@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#50750}
-
Andreas Haas authored
This is the V8 side change of crrev.com/c/876103. Message: It can happen that WebAssembly.compileStreaming gets aborted when we are not allowed to execute JavaScript code, and therefore are also not allowed to reject the promise returned by WebAssembly.compileStreaming. This can happen e.g. when the Chrome tab gets refreshed, which aborts all downloads. With this CL we do not pass a reason to Abort if we are not allowed to execute JavaScript code. On the V8 side we can check the reason passed to Abort and do not reject the promise if there is no reason passed. CC=mtrofin@chromium.org R=titzer@chromium.org Bug: chromium:803838 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: Ie5cc85c72b60383e9221318c18a4e1812d230692 Reviewed-on: https://chromium-review.googlesource.com/876091Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#50749}
-
Leszek Swirski authored
Instead of requiring the pattern that a SuspendGenerator must be followed by a Return, make SuspendGenerator return directly. This can, in the future, simplify some of the reasoning around generator suspends. Change-Id: I94c0156a89dc0e1c0bc306bc57acf766f3b4deb5 Reviewed-on: https://chromium-review.googlesource.com/857463Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#50748}
-
Michael Achenbach authored
TBR=sergiyb@chromium.org Bug: v8:7337 Change-Id: I1732f6e587305ce4ab41a65f73e943c7eb9e1d15 Reviewed-on: https://chromium-review.googlesource.com/877760Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50747}
-
Jakob Gruber authored
This reverts commit 03e9d415. Reason for revert: Correctness issues, see https://crbug.com/804159. Bug: chromium:804159 Original change's description: > Reland: Reimplement Object.entries/values as CSA to optimize performance. > > Add Object.entries/values builtins to debug-evaluate.cc whitelist macro. > This fix revert commit of https://chromium-review.googlesource.com/c/v8/v8/+/859937 > Original is https://chromium-review.googlesource.com/c/v8/v8/+/810504 > >> Reimplements Object.entries/values as CSA to optimize performance. See more detail about https://bugs.chromium.org/p/v8/issues/ Issue 6804. > > This reverts commit 1b49f725. > > Bug: v8:6804 > Change-Id: I57e8b66e1c4ece2abb52e1630a97fbfd4070d810 > Reviewed-on: https://chromium-review.googlesource.com/860679 > Commit-Queue: Yang Guo <yangguo@chromium.org> > Reviewed-by: Yang Guo <yangguo@chromium.org> > Cr-Commit-Position: refs/heads/master@{#50492} TBR=yangguo@chromium.org,cbruni@chromium.org,jgruber@chromium.org,ishell@chromium.org,brn@b6n.ch # Not skipping CQ checks because original CL landed > 1 day ago. Bug: v8:6804 Change-Id: I39b1854ca7c2f57819ba377f84560356d3756bfb Reviewed-on: https://chromium-review.googlesource.com/877886Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#50746}
-
Michael Lippautz authored
No-try: true Bug: v8:7266 Change-Id: If1f67688e46e443f8e9e38f5481ce591213d2228 Reviewed-on: https://chromium-review.googlesource.com/877883Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#50745}
-
Peter Marshall authored
Bug: v8:7102 Change-Id: Id37799cdf989558ca4f771d451f4b45cbf7123bf Reviewed-on: https://chromium-review.googlesource.com/787434 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#50744}
-
Mostyn Bramley-Moore authored
These functions are duplicated in module-compiler.cc and therefore cause jumbo build failures. It looks like this is planned to be refactored later by titzer. So let's just give them new names for now, to unbreak jumbo builds. Bug: v8:7316 Change-Id: I4ba0c8dcc8474a4b02a47c16f2da77650861cfe4 Reviewed-on: https://chromium-review.googlesource.com/877279Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Mostyn Bramley-Moore <mostynb@vewd.com> Cr-Commit-Position: refs/heads/master@{#50743}
-
Clemens Hammacher authored
The fields are private, so prepend them with "_". Drive-by: Replace std::map by std::unordered_map and avoid one redundant lookup in this map. R=titzer@chromium.org Change-Id: Id4aad9bb36ec84daf581a79852d56895fc05429d Reviewed-on: https://chromium-review.googlesource.com/877882 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#50742}
-
Clemens Hammacher authored
The fields in StackTransferRecipe were public some time ago. Now they are private, so prepend them with "_". R=titzer@chromium.org Bug: v8:6600 Change-Id: Ibb94841871fce4c8eca02cb3c369465183bfa5e0 Reviewed-on: https://chromium-review.googlesource.com/877881 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#50741}
-
Michael Achenbach authored
TBR=sergiyb@chromium.org Bug: v8:7337 Change-Id: Ie2f8f9082d2de65b77d1da11ff3569052bf2aed4 Reviewed-on: https://chromium-review.googlesource.com/877880 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50740}
-
- 21 Jan, 2018 2 commits
-
-
Michaël Zasso authored
Some header files were removed from the source but the change was not reflected to v8.gyp. Bug: v8:6600 Change-Id: I9f952835ea9de36bbc889efb50d63482c10f893f Reviewed-on: https://chromium-review.googlesource.com/877879Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#50739}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/ec59932..5d0c607 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: I7bcebf5758a5993e3612c779a80f515030e54971 Reviewed-on: https://chromium-review.googlesource.com/877564Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#50738}
-
- 20 Jan, 2018 2 commits
-
-
Michal Majewski authored
1. Fix infinite loop caused by time based fuzzing 2. Shallow copy of the result to avoid dropping output by different processor. Bug: v8:6917 Change-Id: Icf823e853be9d3cc8dfd46ed2fb954979bf02d2f Reviewed-on: https://chromium-review.googlesource.com/877761 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50737}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/972ab23..ec59932 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/b4706e7..c4b36e2 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: Idb247907b6f3c1d9f67e8021344a66df57cec969 Reviewed-on: https://chromium-review.googlesource.com/877560 Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#50736}
-
- 19 Jan, 2018 12 commits
-
-
Anna Henningsen authored
A map’s `constructor_or_backpointer` can be any kind of value, because `fn.prototype = foo` sets that field to `foo` if the latter is not a `JSReceiver`; so the `DCHECK` that is being removed here was invalid. Refs: https://github.com/nodejs/node/issues/18223 Bug: node:18223 Change-Id: Ia6449c07bb724e515d73b162369ab36ab1d89c6b Reviewed-on: https://chromium-review.googlesource.com/874472 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#50735}
-
Michal Majewski authored
Bug: v8:6917 Change-Id: I7576a3b8a7fb95244b241532f50759e1c88f6a5a Reviewed-on: https://chromium-review.googlesource.com/876427 Commit-Queue: Michał Majewski <majeski@google.com> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50734}
-
Michael Lippautz authored
Avoids detecting local cores and guessing remote jobs. No-try: true Change-Id: I4a825b8dd922802c5f539419313888fd3b21b870 Reviewed-on: https://chromium-review.googlesource.com/876009 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#50733}
-
Mike Stanton authored
Samples taken during deoptimization require care in the stack walk used to gather frames. The top N stack frames may not have JSFunction objects in place, because those frames represent inlined functions which may not have closures yet. Bug: v8:7314 Change-Id: Ib6488aee46a47d5341cab1b1c9c3851592ba6509 Reviewed-on: https://chromium-review.googlesource.com/870036 Commit-Queue: Ali Ijaz Sheikh <ofrobots@google.com> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Ali Ijaz Sheikh <ofrobots@google.com> Cr-Commit-Position: refs/heads/master@{#50732}
-
Michal Majewski authored
Update flags before recalculating outcomes. Bug: v8:6917 Change-Id: I5f54f7d14fd60f7e35a976e5200d3f7f0e74a5b7 Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel_ng Reviewed-on: https://chromium-review.googlesource.com/876364Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michał Majewski <majeski@google.com> Cr-Commit-Position: refs/heads/master@{#50731}
-
Michael Achenbach authored
TBR=sergiyb@chromium.org NOTRY=true Bug: v8:6972 Change-Id: I011302ff740dc65ab6a50545ad6e51a2ee32c1bc Reviewed-on: https://chromium-review.googlesource.com/876094Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50730}
-
peterwmwong authored
If an entry may have side effects (non-fast JS Array), restart and add all entries in slow path. - Move allocating and setting table into AddConstructorEntries. - Move handling non-object map entries into LoadKeyValue. - AddConstructorEntry and LoadKeyValue go to a label when adding a map entry may have side effects. Bug: chromium:798026, chromium:799364 Change-Id: I3c28594fc4a8379a106413e19e6df9e83eeb5278 Reviewed-on: https://chromium-review.googlesource.com/874786Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Peter Wong <peter.wm.wong@gmail.com> Cr-Commit-Position: refs/heads/master@{#50729}
-
Michal Majewski authored
Bug: v8:6917 Change-Id: I2a7ecc6897c8ccd6ed862cf2b0b484673ee359f6 Reviewed-on: https://chromium-review.googlesource.com/871310 Commit-Queue: Michał Majewski <majeski@google.com> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50728}
-
Michael Achenbach authored
The tests currently time out due to too many deopt points and hence too many tests generated. TBR=sergiyb@chromium.org Bug: v8:6900 Change-Id: I0998097024a4ed9c087728bb5ef288ab17d3371e Reviewed-on: https://chromium-review.googlesource.com/876322Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50727}
-
Dan Elphick authored
When the array created would exceed the maximum size for a regular heap object, instead create it using Runtime::kNewArray directly rather than via AllocateJSArray. Bug: chromium:803750 Change-Id: I78cd82edf5a813a2ed69272361e0ca07f864c5ba Reviewed-on: https://chromium-review.googlesource.com/876011 Commit-Queue: Dan Elphick <delphick@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#50726}
-
Sigurd Schneider authored
This avoids the call to the StringCharCodeAt builtin from within TurboFan optimized code and instead emits a loop that does the character load. This (together with previously reverted CL to the JSCallReducer) almost completely recovers the performance regression caused when we shipped TurboFan. Without untrusted code mitigations the benchmark goes from 580ms to roughly 490ms, and with the patch to the JSCallReducer the time goes down to 280ms, which is very close to what we had with Crankshaft. This also renames the LoadFromString helper method in the EffectControlLinearizer to LoadFromSeqString to make it clear what it does. Bug: v8:7326 Change-Id: I6c77209ae01a3eacbd1e8fd40e4ad842eaf1999a Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Reviewed-on: https://chromium-review.googlesource.com/876102 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#50725}
-
Michael Lippautz authored
No-try: true Tbr: cbruni@chromium.org Bug: v8:7266 Change-Id: I65ad82a8ae7b2b499ba3f2bf9fbec178edf7616a Reviewed-on: https://chromium-review.googlesource.com/876202Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#50724}
-