- 09 Nov, 2017 10 commits
-
-
Mostyn Bramley-Moore authored
Bug: chromium:746958 Change-Id: I38e19678e57e5769f4eb19b588ab1de1f4c3bb11 Reviewed-on: https://chromium-review.googlesource.com/758777Reviewed-by:
Yang Guo <yangguo@chromium.org> Reviewed-by:
Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Mostyn Bramley-Moore <mostynb@vewd.com> Cr-Commit-Position: refs/heads/master@{#49252}
-
Erik authored
R=yangguo@chromium.org This is a reland of for the no-i18n configuration. https: //chromium-review.googlesource.com/c/v8/v8/+/571746 with a fix Bug: Change-Id: I3e654791267b20fb3703ad4220404d8078f43440 Reviewed-on: https://chromium-review.googlesource.com/758999Reviewed-by:
-
Mathias Bynens authored
This patch adds support for Regional_Indicator within Unicode property escapes in regular expressions. The Regional_Indicator binary property was added in Unicode v10 and is supported in ICU 60.1. An `#if` directive is used to prevent breaking Node.js until they update their ICU. BUG=v8:4743 Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng Change-Id: I7acec13c8ae7552558a0f852937984bba828e738 Reviewed-on: https://chromium-review.googlesource.com/758273Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Commit-Queue: Mathias Bynens <mathias@chromium.org> Cr-Commit-Position: refs/heads/master@{#49250}
-
Michael Achenbach authored
This reverts commit 7e78506f. Reason for revert: Breaks roll: https://build.chromium.org/p/tryserver.chromium.android/builders/android_arm64_dbg_recipe/builds/381619 Original change's description: > [Memory] Use OS::Allocate for all OS memory allocations. > > - Eliminates OS::ReserveRegion and OS::ReserveAlignedRegion. > - Changes OS::Allocate to take alignment parameter, reorders parameters > to match page_allocator. > - Since the size of memory allocation can be deduced, don't return the > amount of memory allocated. > - Changes reservation of aligned address space. Before we would reserve > (size + alignment) rounded up to page size. This is too much, because > maximum misalignment is (alignment - page_size). > - On Windows and Cygwin, we release an oversize allocation and > immediately retry at the aligned address in the allocation. If we > lose the address due to a race, we just retry. > - Clean up all the calls to OS::Allocate in codegen and tests by adding > helper AllocateSystemPage function (allocation.h) and > AllocateAssemblerBuffer (cctest.h). > - Changes 'assm' to 'masm' in some targets for consistency when using > a macro-assembler. > > Bug: chromium:756050 > Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng > Change-Id: I306dbe042cc867670fdc935abca29db074b0da71 > Reviewed-on: https://chromium-review.googlesource.com/749848 > Commit-Queue: Bill Budge <bbudge@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Hannes Payer <hpayer@chromium.org> > Cr-Commit-Position: refs/heads/master@{#49235} TBR=bbudge@chromium.org,hpayer@chromium.org,mlippautz@chromium.org Change-Id: If538a174d048e0416b4374426df721d4ea84cd4c No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:756050 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Reviewed-on: https://chromium-review.googlesource.com/758860Reviewed-by:
Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#49249}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/6501469..cfed275 Rolling v8/third_party/android_tools: https://chromium.googlesource.com/android_tools/+log/ca0bd08..4a9623a Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/723b259..4b58512 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: I31f2d64ee07b308fe1b66603e9b630c9b1007e7f Reviewed-on: https://chromium-review.googlesource.com/759936Reviewed-by:
v8 autoroll <v8-autoroll@chromium.org> Commit-Queue: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#49248}
-
jing.bao authored
Shl/ShrS/ShrU Add/AddSaturateS/Sub/SubSaturateS Bug: Change-Id: I9fbca45a22505ce1cea6b6ee2b57c07b71d31d50 Reviewed-on: https://chromium-review.googlesource.com/737513 Commit-Queue: Jing Bao <jing.bao@intel.com> Reviewed-by:
Bill Budge <bbudge@chromium.org> Reviewed-by:
Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#49247}
-
Sathya Gunasekaran authored
Change-Id: Id7e93baaf9a4991c26c73579754a3a03d3822f1e Reviewed-on: https://chromium-review.googlesource.com/759408Reviewed-by:
Adam Klein <adamk@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#49246}
-
Alexei Filippov authored
The runtime_call_stats_ can be NULL on a worker thread when RCS are enabled dynamically. BUG=v8:7043 Change-Id: I1d26ae76c46955e017c82037b4a015ad86ba2f77 Reviewed-on: https://chromium-review.googlesource.com/755419Reviewed-by:
Camillo Bruni <cbruni@chromium.org> Reviewed-by:
-
Alexei Filippov authored
BUG=v8:7054 TBR=adamk@chromium.org,yangguo@chromium.org NOTRY=true NOTREECHECKS=true Change-Id: I69690ac4062c0dcb3c66a7db3ddba6d1078bc389 Reviewed-on: https://chromium-review.googlesource.com/759246 Commit-Queue: Alexei Filippov <alph@chromium.org> Reviewed-by:
Alexei Filippov <alph@chromium.org> Cr-Commit-Position: refs/heads/master@{#49244}
-
Karl Schimpf authored
Like CSP flag 'unsafe-eval', which communicates if both JS source files and WASM binary files may be compiled, this CL adds a similar flag for the compilation of WASM binary files. That is, a WASM binary file will be compiled only if the new flag is defined, or the flag for 'unsafe-eval' allows it. These flags are implemented as callback functions on the isolate. The callbacks get a (CSP) context, and a string, and returns the corresponding value of the flag. Both callbacks are initialized with the nullptr, and is used to communicate that no CSP policy is defined. This allows this concept to work, independent of it running in Chrome. It also does a small clean up in api.cc to use macro CALLER_SETTERS, instead of explicit code when appropriate. Bug: v8:7041 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: Idb3356574ae2a298057e6b7bccbd3492831952ae Reviewed-on: https://chromium-review.googlesource.com/759162Reviewed-by:
Eric Holk <eholk@chromium.org> Commit-Queue: Karl Schimpf <kschimpf@chromium.org> Cr-Commit-Position: refs/heads/master@{#49243}
-
- 08 Nov, 2017 30 commits
-
-
Bill Budge authored
This reverts commit 7e78506f. Reason for revert: Broke Android build on Arm64. Original change's description: > [Memory] Use OS::Allocate for all OS memory allocations. > > - Eliminates OS::ReserveRegion and OS::ReserveAlignedRegion. > - Changes OS::Allocate to take alignment parameter, reorders parameters > to match page_allocator. > - Since the size of memory allocation can be deduced, don't return the > amount of memory allocated. > - Changes reservation of aligned address space. Before we would reserve > (size + alignment) rounded up to page size. This is too much, because > maximum misalignment is (alignment - page_size). > - On Windows and Cygwin, we release an oversize allocation and > immediately retry at the aligned address in the allocation. If we > lose the address due to a race, we just retry. > - Clean up all the calls to OS::Allocate in codegen and tests by adding > helper AllocateSystemPage function (allocation.h) and > AllocateAssemblerBuffer (cctest.h). > - Changes 'assm' to 'masm' in some targets for consistency when using > a macro-assembler. > > Bug: chromium:756050 > Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng > Change-Id: I306dbe042cc867670fdc935abca29db074b0da71 > Reviewed-on: https://chromium-review.googlesource.com/749848 > Commit-Queue: Bill Budge <bbudge@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Hannes Payer <hpayer@chromium.org> > Cr-Commit-Position: refs/heads/master@{#49235} TBR=bbudge@chromium.org,hpayer@chromium.org,mlippautz@chromium.org Change-Id: Ic09de4d63c19746a62e804b1f889817ffaebc330 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:756050 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Reviewed-on: https://chromium-review.googlesource.com/758625Reviewed-by:
-
Eric Holk authored
The Wasm AST-based fuzzer is supposed to create valid modules by construction. This change adds a CHECK to enforce this property. Additionally, this change exposed several cases where we were not generating valid modules before: * Block types did not match up correctly * Memory operations could have invalid alignments * Storing an i64 could generate an i32 argument incorrectly. This CL includes fixes for these issues as well. Bug: Change-Id: I1aef5532bc880367ec46dc6e79b2d4dbacf2f84b Reviewed-on: https://chromium-review.googlesource.com/757129 Commit-Queue: Eric Holk <eholk@chromium.org> Reviewed-by:
Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#49241}
-
Junliang Yan authored
b % 32 could produce negative results. Therefore, the result of the shift could be undefined values. Bug: Change-Id: I6c2f7201df424735695aa01891d46523e3c5bd12 Reviewed-on: https://chromium-review.googlesource.com/759079 Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Reviewed-by:
-
Sathya Gunasekaran authored
StoreDataPropertyInLiteral doesn't throw (because the previous uses of this didn't throw), but class fields can throw on defining the property which means we can't use this. Changing to CreateDataProperty runtime call instead. Bug: v8:5367 Change-Id: I1ab45413b121972dd18fe2b35a0cedd8efe0e0bf Reviewed-on: https://chromium-review.googlesource.com/757824 Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by:
Georg Neis <neis@chromium.org> Reviewed-by:
Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#49239}
-
Adam Klein authored
This was a regression from 317cf321 which showed up, at least, on Kraken. Bug: chromium:782150 Change-Id: Ifd69b86c566182f1a50761b67c911bdde2aed997 Reviewed-on: https://chromium-review.googlesource.com/759101Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#49238}
-
Yang Guo authored
We need to throw before rethrowing, otherwise the exception does not trigger a debugger event and is not reported if uncaught. R=gsathya@chromium.org, jgruber@chromium.org Bug: v8:7047 Change-Id: I7ce0253883a21d6059e4e0ed0fc56dc55a0dcba6 Reviewed-on: https://chromium-review.googlesource.com/758372Reviewed-by:
Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#49237}
-
Alexei Filippov authored
The method forces all running profilers attached to the provided isolate to collect a sample with the current stack. It is going to be used to synchronize trace events generated by embedder with the samples collected by the profiler. Also it will finally allow us to break dependency of isolate on CPU profiler. BUG=chromium:721099 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I81a0f8a463f837b5201bc8edaf2eb4f3761e3ff8 Reviewed-on: https://chromium-review.googlesource.com/750264Reviewed-by:
-
Bill Budge authored
- Eliminates OS::ReserveRegion and OS::ReserveAlignedRegion. - Changes OS::Allocate to take alignment parameter, reorders parameters to match page_allocator. - Since the size of memory allocation can be deduced, don't return the amount of memory allocated. - Changes reservation of aligned address space. Before we would reserve (size + alignment) rounded up to page size. This is too much, because maximum misalignment is (alignment - page_size). - On Windows and Cygwin, we release an oversize allocation and immediately retry at the aligned address in the allocation. If we lose the address due to a race, we just retry. - Clean up all the calls to OS::Allocate in codegen and tests by adding helper AllocateSystemPage function (allocation.h) and AllocateAssemblerBuffer (cctest.h). - Changes 'assm' to 'masm' in some targets for consistency when using a macro-assembler. Bug: chromium:756050 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I306dbe042cc867670fdc935abca29db074b0da71 Reviewed-on: https://chromium-review.googlesource.com/749848 Commit-Queue: Bill Budge <bbudge@chromium.org> Reviewed-by:
Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/master@{#49235}
-
Jungshik Shin authored
Now that ICU 60.1 was autorolled in, reenable number-format/format-currency test the expected result of which was adjusted to match the output from ICU 60.1/CLDR 32. Bug: chromium:766816 Test: intl/number-format/format-currency Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng Change-Id: If58d493821d505b86202e134b9e2061504dd5e6a Reviewed-on: https://chromium-review.googlesource.com/758027Reviewed-by:
-
Andreas Rossberg authored
Function prologues created slots for callee-saved registers twice on all platforms. This didn't affect JS because it doesn't use callee-save, but would probably have badly broken exceptions raised in Wasm code because Isolate::UnwindAndFindHandler was restoring registers and SP incorrectly. It also broke the in-progress CL for on-stack multiple returns. No tests included with this fix, because currently it is almost impossible to test directly (according to mstarzinger). But it will be tested indirectly via the upcoming multi-return support. Change-Id: If763cafc03de0a912eca48d5e25e8edfc4552b24 Reviewed-on: https://chromium-review.googlesource.com/758374Reviewed-by:
Ben Titzer <titzer@chromium.org> Commit-Queue: Andreas Rossberg <rossberg@chromium.org> Cr-Commit-Position: refs/heads/master@{#49233}
-
Georg Neis authored
Bug: v8:6791 Change-Id: I05c8be6ac880c5ab5451db24dd0ad57b74bde8ba Reviewed-on: https://chromium-review.googlesource.com/757137 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#49232}
-
Clemens Hammacher authored
For each single bug, the fuzzer might find many very similar inputs which trigger this bug. All of them are reported as individual bugs currently, which means lots of noise in bug reports and increased workload for the clusterfuzz sheriffs. After this change, all bugs of the same category ("compiles != validates", "interpreter != liftoff", ...) will be grouped together. This requires us to fix them soon after reporting, as they will hide all other bugs of the same category. R=ahaas@chromium.org CC=mmoroz@chromium.org Change-Id: Ie203eed0c7681e3450df977b10c0d9dbbc402d34 Reviewed-on: https://chromium-review.googlesource.com/758438Reviewed-by: -
Mathias Bynens authored
Instead of disabling the entire RegExp Unicode property escape test suite, this patch explicitly lists the failing tests and only disables them. BUG=v8:4743 Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng Change-Id: If398eb4fcc8d9d96279dc5afb29489e699744d9f Reviewed-on: https://chromium-review.googlesource.com/758757 Commit-Queue: Mathias Bynens <mathias@chromium.org> Reviewed-by:
-
Mathias Bynens authored
This patch adds support for Emoji_Component within Unicode property escapes in regular expressions. The Emoji_Component binary property was added in Emoji data v5 and is supported in ICU 60.1. An `#if` directive is used to prevent breaking Node.js until they update their ICU. BUG=v8:4743 Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng Change-Id: If1b49a4c175e88f1840ca5ef8d57829d6d8c3291 Reviewed-on: https://chromium-review.googlesource.com/758261Reviewed-by:
-
Georg Neis authored
They have been meaning the same thing for a while now. R=jarin@chromium.org Bug: Change-Id: Ie5988e6429b795babfa1e1f79841a9f03b8362dc Reviewed-on: https://chromium-review.googlesource.com/758268 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by:
Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#49228}
-
Ivica Bogosavljevic authored
Port https://chromium-review.googlesource.com/c/chromium/src/+/752143 to GYP Bug: Change-Id: Id6f3322282ef5992b1e93dcab16d573a6b394a4d Reviewed-on: https://chromium-review.googlesource.com/758243Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
-
Mostyn Bramley-Moore authored
Arm64 jumbo builds might otherwise select the CountTrailingZeros function from utils-arm64.h as a closer match, and fail to build due to differences in the function prototype. Bug: chromium:782640 Change-Id: Ie26d71b34aaf0e3ae5020597fed506df83b7d0ea Reviewed-on: https://chromium-review.googlesource.com/758271Reviewed-by:
-
Georg Neis authored
This is a cleanup. R=jarin@chromium.org Bug: Change-Id: I1621fde3f2a7da03ceca781b96d5ffec44eb8168 Reviewed-on: https://chromium-review.googlesource.com/758373Reviewed-by:
-
jgruber authored
There's three common situations in which we need to create JSFunction objects. 1) from the compiler, 2) from tests, and 3) everything else (mostly during bootstrapping). This is an attempt to simplify case 3), which previously relied on several Factory::NewFunction overloads where it was not clear how the semantics of each overload differed. This CL removes all but one overload, and packs arguments into a new NewFunctionArgs helper class. It also removes the hacks around SFI::set_lazy_deserialization_builtin_id by explicitly passing builtin_id into Factory::NewSharedFunctionInfo. Drive-by-fix: Properly set is_constructor hint in SimpleCreateSharedFunctionInfo. Bug: v8:6624 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: Ica94d95e72e443055db5e7ff9e8cdf4115201ef1 Reviewed-on: https://chromium-review.googlesource.com/757094 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by:
-
Michael Achenbach authored
NOTRY=true TBR=sergiyb@chromium.org Bug: chromium:782226 Change-Id: I7a059f3227e062df720a36cd47db94154caf40b5 Reviewed-on: https://chromium-review.googlesource.com/758264Reviewed-by:
Sergiy Byelozyorov <sergiyb@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#49223}
-
jgruber authored
Flip this for a day or two to gather perf bot results & stability issues. Results will be collected in https://crbug.com/782637. TBR=hablich@chromium.org Bug: v8:6624, chromium:782637 Change-Id: I70eb5d6287d4723f935715ef80d9ba129dc282f0 Reviewed-on: https://chromium-review.googlesource.com/758375Reviewed-by:
-
Clemens Hammacher authored
The C_WASM_ENTRY only calls wasm code, so (outgoing) parameters of this code are always untagged. R=ahaas@chromium.org Bug: v8:7049 Change-Id: I989908eea668bd56aa88f3f1744105d218584ef1 Reviewed-on: https://chromium-review.googlesource.com/758245 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by:
-
jgruber authored
Add support for interpreter bytecode handlers that are deserialized lazily immediately before they are first used. Design doc: http://goo.gl/QxZBL2 Bug: v8:6624 Change-Id: Id68844ed14e76ca781b0bfe42c25a94b4fed1ae5 Reviewed-on: https://chromium-review.googlesource.com/750982 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#49220}
-
Peter Marshall authored
We explicitly serialize the backing store when we see the TypedArray. We then put the reference in the external_pointer. To recalculate the backing_store pointer during deserialization, we have to keep track of each TypedArray and then fix up the pointer by adding the offset again. Bug: v8:6966 Change-Id: I105d44413cffe5766c23c2a3d32ca2b78b5f22e8 Reviewed-on: https://chromium-review.googlesource.com/751269Reviewed-by:
-
Hannes Payer authored
[heap] Use area_size() when changing the memory protection mode of the allocation area in a MemoryChunk. Bug: chromium:774108,v8:6792 Change-Id: I6cd280c2c6f159719bea523d1bcf11c290e594f6 Reviewed-on: https://chromium-review.googlesource.com/758359Reviewed-by:
-
Georg Neis authored
R=jarin@chromium.org Bug: Change-Id: I9adf207491a146459d676342c0b7bdf0c399e440 Reviewed-on: https://chromium-review.googlesource.com/758260Reviewed-by:
-
Clemens Hammacher authored
We already have a helper method for generating a sequence of values. Reuse this instead of reimplementing the same thing two more times. R=ahaas@chromium.org CC=eholk@chromium.org Change-Id: Ifbbe1324173951156c1ec9bba84fd1aa4bcb2adb Reviewed-on: https://chromium-review.googlesource.com/758365Reviewed-by:
-
Michael Achenbach authored
NOTRY=true TBR=clemensh@chromium.org Bug: v8:7049 Change-Id: I08db96d92a14cb048c2287b6c73b150eeb0fe864 Reviewed-on: https://chromium-review.googlesource.com/758367Reviewed-by:
-
Clemens Hammacher authored
The FixedArray holding the export wrappers is never being used before creating the WasmCompiledModule, so there is no need to store it in a field on the WasmCompilationJob. Just create it when creating the WasmCompiledModule. R=ahaas@chromium.org CC=mtrofin@chromium.org Change-Id: Ibdca3d5c58faf4b52df10560bdf2734fdd7a4656 Reviewed-on: https://chromium-review.googlesource.com/758242Reviewed-by:
-
jgruber authored
The regexp fast path in MaybeCallFunctionAtSymbol had an issue in which we'd call ToString after checking that the given {object} was a fast regexp and deciding to take the fast path. This is invalid since ToString() can call into user-controlled JS and may mutate {object}. There's no way to place the ToString call correctly in this instance: 1 before BranchIfFastRegExp, it's a spec violation if we end up on the slow regexp path; 2 the problem with the current location is already described above; 3 and we can't place it into the fast-path regexp builtin (e.g. RegExpReplace) either due to the same reasons as 1. The solution in this CL is to restrict the fast path to string arguments only, i.e. cases where ToString would be a nop and can safely be skipped. Bug: chromium:782145 Change-Id: Ifd35b3a9a6cf2e77c96cb860a8ec98eaec35aa85 Reviewed-on: https://chromium-review.googlesource.com/758257 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by:
-
