- 19 Dec, 2017 15 commits
-
-
Andreas Haas authored
There was an issue when the caller of a function with multiple returns did not use all values which were returned over the stack. The caller used only the used returns to calculate the offsets on the stack, whereas the callee used all returns to calculate the offsets. With this CL also the caller uses all returns to calculate the stack offsets and thereby agrees again with the callee on the location of all returns. In addition I fixed an issue on x64: A quad word is reserved on the stack frame to spill callee-saved FP registers, which is not pointer size. R=titzer@chromium.org Change-Id: Ibe56b4b57e4b6e59071a868805b1237412344f93 Reviewed-on: https://chromium-review.googlesource.com/824043Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#50193}
-
Clemens Hammacher authored
This is the counterpart of https://crrev.com/c/822471. It implements asm.js bounds checks for loads using normal branch nodes and removes the need for CheckedLoad, improving maintainability at some small cost to compilation time. R=ahaas@chromium.org CC=mstarzinger@chromium.org, titzer@chromium.org Change-Id: I7a2716f364b9e4d7beb9cc460eb028c3bd1c3a99 Reviewed-on: https://chromium-review.googlesource.com/832457 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#50192}
-
Sigurd Schneider authored
Bug: v8:7127, v8:6270 Change-Id: Ic35a9b7a5145115736934b0c7de6ace26e9c0e51 Reviewed-on: https://chromium-review.googlesource.com/832966 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#50191}
-
Yang Guo authored
R=mlippautz@chromium.org Bug: chromium:795856 Change-Id: I2a631a94e4bc0c000842923a962e812e0370b837 Reviewed-on: https://chromium-review.googlesource.com/832454 Commit-Queue: Yang Guo <yangguo@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#50190}
-
Sigurd Schneider authored
Bug: v8:7127 Change-Id: I9081710445bf44e1af18e8f254f373c5736792a5 Reviewed-on: https://chromium-review.googlesource.com/832477Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#50189}
-
Jakob Gruber authored
Teach the fuzzer about the new DotAll flag. Bug: v8:6612 Change-Id: I92d6bfd920f5daef6733b1c547063ede718ecc8f Reviewed-on: https://chromium-review.googlesource.com/832748Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#50188}
-
Clemens Hammacher authored
The memory size is always stored as 32 bit value, so the comparison should always be done in 32 bit space. R=ahaas@chromium.org Change-Id: Ic059e63bf1dc9e8bf568dbb5f8d7ccde1da4761a Reviewed-on: https://chromium-review.googlesource.com/832473Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50187}
-
Michael Achenbach authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/9caf5bf..9f00b2f Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/9cfb34e..035dfdb Rolling v8/third_party/instrumented_libraries: https://chromium.googlesource.com/chromium/src/third_party/instrumented_libraries/+log/2841745..b7578b4 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/ec766dc..07e0150 Rolling v8/tools/luci-go: https://chromium.googlesource.com/chromium/src/tools/luci-go/+log/45a8a51..564ab65 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: Ibb83e4858f476caaece11b8365234351a2211995 Reviewed-on: https://chromium-review.googlesource.com/832788 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Cr-Commit-Position: refs/heads/master@{#50186}
-
Michael Achenbach authored
Bug: Change-Id: I7d4152139548d8a24c0b444dfff3c363bf92680b Reviewed-on: https://chromium-review.googlesource.com/816836 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#50185}
-
Clemens Hammacher authored
Even inside an "#ifdef DEBUG", we still want to use the DCHECK macro instead of CHECK in order to get the "correct" error message. Drive-by: Remove "#ifdef DEBUG" around DCHECKS in macro-assembler-x64.cc R=ahaas@chromium.org CC=mtrofin@chromium.org Change-Id: I5b92c87fa9b10e5751cc2704d6218bee292cfb8f Reviewed-on: https://chromium-review.googlesource.com/832687Reviewed-by: Mircea Trofin <mtrofin@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50184}
-
Clemens Hammacher authored
Remove comment about usage of FATAL, UNREACHABLE and UNIMPLEMENTED, which was deprecated since https://crrev.com/1410713006. Also, refactor the FATAL macro and use it for implementing UNREACHABLE and UNIMPLEMENTED, and in more code. The benefit over printf + CHECK(false) is that the compiler knows that FATAL will never return. R=bmeurer@chromium.org Change-Id: I8c2ab3b4e6edfe8eff5ec6fdf3d92b15d0ed7126 Reviewed-on: https://chromium-review.googlesource.com/832726Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50183}
-
Michael Achenbach authored
This reverts commit c3dda0bb. Reason for revert: Breaks gc stress bots: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20gc%20stress/builds/14266 Original change's description: > Enable --harmony-function-tostring by default > > Update tests to work with new behavior. > > This feature is shipping in Firefox 54, so compatibility risk is low. > > R=littledan@chromium.org, adamk@chromium.org, caitp@igalia.com > CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_trusty_blink_rel > > Bug: v8:4958 > Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng > Change-Id: Ib16d19468cf935f961d7bcd856ebbeb5692d3e61 > Reviewed-on: https://chromium-review.googlesource.com/546941 > Commit-Queue: Josh Wolfe <jwolfe@igalia.com> > Reviewed-by: Adam Klein <adamk@chromium.org> > Cr-Commit-Position: refs/heads/master@{#50178} TBR=adamk@chromium.org,hablich@chromium.org,kozyatinskiy@chromium.org,littledan@chromium.org,caitp@igalia.com,jwolfe@igalia.com Change-Id: Ie5dd0bd2b97ae6d0126edec6373e48abe0eeb3f0 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:4958 Reviewed-on: https://chromium-review.googlesource.com/832649 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50182}
-
Sergiy Byelozyorov authored
TBR=sergiyb@chromium.org No-Try: true Change-Id: I16311dee2256f800f9d8fd297e1d45ae301fa207 Reviewed-on: https://chromium-review.googlesource.com/832452Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#50181}
-
Sergiy Byelozyorov authored
TBR=sergiyb@chromium.org No-Try: true Change-Id: I86256c61155e42c193a2532adc15392c0bf33e3b Reviewed-on: https://chromium-review.googlesource.com/832451 Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#50180}
-
marcin authored
Patch will decrease size of JS files included into Chrome APK (about 11 KB now) Bug: Change-Id: I701c9904fbf22fd295199f255601dea6524a3766 Reviewed-on: https://chromium-review.googlesource.com/821071Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Marcin Wiącek <marcin@mwiacek.com> Cr-Commit-Position: refs/heads/master@{#50179}
-
- 18 Dec, 2017 25 commits
-
-
Josh Wolfe authored
Update tests to work with new behavior. This feature is shipping in Firefox 54, so compatibility risk is low. R=littledan@chromium.org, adamk@chromium.org, caitp@igalia.com CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_trusty_blink_rel Bug: v8:4958 Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng Change-Id: Ib16d19468cf935f961d7bcd856ebbeb5692d3e61 Reviewed-on: https://chromium-review.googlesource.com/546941 Commit-Queue: Josh Wolfe <jwolfe@igalia.com> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#50178}
-
Igor Sheludko authored
This CL removes LoadScriptContextFieldStub and StoreScriptContextFieldStub. Bug: v8:7206, chromium:576312 Change-Id: I217eeb726ca7d1ec85a67331da4941b9ac2a4b7a Reviewed-on: https://chromium-review.googlesource.com/831867Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#50177}
-
Alexey Kozyatinskiy authored
We should not report promise created for async function as candidate for stepping. Regular StepInto works fine in this case. TBR=dgozman@chromium.org Bug: none Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel Change-Id: I8dafec5417df0de593cb2a1c06d6a11093e7c64b Reviewed-on: https://chromium-review.googlesource.com/828024Reviewed-by: Dmitry Gozman <dgozman@chromium.org> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Cr-Commit-Position: refs/heads/master@{#50176}
-
Andreas Haas authored
I also added a test for movdqa, which was already implemented. R=bmeurer@chromium.org Change-Id: I6dd5cba072f1439dcdfb5f975de116e4534c7581 Reviewed-on: https://chromium-review.googlesource.com/832466Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#50175}
-
Clemens Hammacher authored
The WasmCompiledModule is kept alive from the Script, which again is kept alive then the debugger is enabled. This, however, should not keep the whole context alive, including the global object. Hence, we only store a weak reference to the native context. R=ahaas@chromium.org Bug: chromium:750256 Change-Id: Ia409995c40fb3e90665534fbc94c6eafc081c4e5 Reviewed-on: https://chromium-review.googlesource.com/832126 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#50174}
-
Clemens Hammacher authored
The interface of {WasmCompiledModule} currently mostly receives and provides handles to the contained data. Other interfaces don't (see {object-macros.h}. This leads to performance and memory overhead for chained accesses like {instance->compiled_module()->shared()->script()}, because intermediate accessors allocate Handles for no reason. It also breaks the constraints that lower-case accessors should be trivial to execute, but allocating a handle is not trivial (should not be done in a loop if not needed). It also silences gcmole errors, as documented in https://crrev.com/c/832268. R=ahaas@chromium.org, mtrofin@chromium.org Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: Ib82fb295977a47b4a8ab9bae9c9b6e2b235ad5e5 Reviewed-on: https://chromium-review.googlesource.com/832387 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Mircea Trofin <mtrofin@chromium.org> Cr-Commit-Position: refs/heads/master@{#50173}
-
Sigurd Schneider authored
This CL allows deopts from CheckString to disable speculation. Bug: v8:7127, v8:6270 Change-Id: I029caeb61c509e5eb51b169ac42596d632f7c75a Reviewed-on: https://chromium-review.googlesource.com/831866 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#50172}
-
Sigurd Schneider authored
This CL passes feedback from the element kind deopt points in Array.push to the deoptimizer. If the deopt points are triggered, further speculation on Array.push is disallowed. Bug: v8:7127, v8:7204 Change-Id: Ie91dee598bd8b8797110c8f468406327226893a4 Reviewed-on: https://chromium-review.googlesource.com/831523 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#50171}
-
Leszek Swirski authored
Move the one remaining optimization disabling in AST numbering (native function literals) to be in the parser. Bug: v8:7178 Change-Id: Icd96020622cbe64afa11b42c5831618247e3e021 Reviewed-on: https://chromium-review.googlesource.com/814399 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#50170}
-
Clemens Hammacher authored
Make sure that a continue still executed the increment part of a for loop by adding another nested block for the body, which is the break target for a continue in the body. The increment code lives outside this block, in the original loop. R=bradnelson@chromium.org CC=mstarzinger@chromium.org Bug: chromium:788916 Change-Id: I178b874ffac16d9237a0f4da097d2742bd93335a Reviewed-on: https://chromium-review.googlesource.com/832447 Commit-Queue: Brad Nelson <bradnelson@chromium.org> Reviewed-by: Brad Nelson <bradnelson@chromium.org> Cr-Commit-Position: refs/heads/master@{#50169}
-
Leszek Swirski authored
Move literal initialization out of AST numbering and into the parser. The initialization includes setting the depth and flags of Object and Array literals, and calculating the emit store of object literals. Bug: v8:7178 Change-Id: I9af59a2fea44f8a1adcc5a0261f29ce97fa8da92 Reviewed-on: https://chromium-review.googlesource.com/814634 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#50168}
-
Sigurd Schneider authored
This change is quite invasive, because CheckSmi is lowered through representation change depending on UseInfo to several different checked conversion operators. This CL adds feedback to every checked conversion operator to Int32. Bug: v8:7127, v8:7204 Change-Id: Icb780e5a69d321c2ec161c3c2a32984bdcf101f1 Reviewed-on: https://chromium-review.googlesource.com/831521Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#50167}
-
Clemens Hammacher authored
This makes --print-code and --print-wasm-code also print code emitted on the native wasm heap. It also extends code printing to include the code kind and the index. R=mtrofin@chromium.org Change-Id: I39c23f4b65168c059f23477ec5d264924ca83e82 Reviewed-on: https://chromium-review.googlesource.com/831987Reviewed-by: Mircea Trofin <mtrofin@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50166}
-
Clemens Hammacher authored
The pattern "handle->foo(factory->NewXX())" is unsafe, because the evaluation order of the receiver (dereferencing the handle) and the argument (allocating something on the heap) is undefined. If the receiver is evaluated first, then the allocation in the evaluation of the argument might invalidate the receiver. In general, gcmole should catch these errors, but sadly, if the method "foo" receives a Handle, it seems to not catch them. We should generally refactor our getters and setters to receive and return raw pointers instead of handles, just like most other code in our code base. R=mtrofin@chromium.org, ahaas@chromium.org Bug: v8:7224 Change-Id: If9e84e4ca7efe02c40b97a8c5c549c222947d6bb Reviewed-on: https://chromium-review.googlesource.com/832268Reviewed-by: Mircea Trofin <mtrofin@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50165}
-
Igor Sheludko authored
... by "inlining" the Tuple2 object into the data handler. Bug: v8:7206, v8:5561 Change-Id: I8517b2faa8d13bd16b8ec99c7ea8ab97c73a5f2a Reviewed-on: https://chromium-review.googlesource.com/819233Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#50164}
-
Michal Majewski authored
Bug: v8:6917 Cq-Include-Trybots: master.tryserver.v8:v8_linux_noi18n_rel_ng Change-Id: I69d15801b79bf7aa846582367e9f3037b6612431 Reviewed-on: https://chromium-review.googlesource.com/829033 Commit-Queue: Michał Majewski <majeski@google.com> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#50163}
-
Clemens Hammacher authored
Add additional protection against OOB accesses by masking the index to access by a mask precomputed from the memory size. R=clemensh@chromium.org, bradnelson@chromium.org Change-Id: I1d5875121e1904074b115a2c88ca773b6c1c1a66 Reviewed-on: https://chromium-review.googlesource.com/830394Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50162}
-
Sergiy Byelozyorov authored
TBR=machenbach@chromium.org No-Try: true Bug: chromium:747960 Change-Id: I2befa4776ba51d0512a86e43a44a5ca4afd34b1b Reviewed-on: https://chromium-review.googlesource.com/832446 Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#50161}
-
Michael Achenbach authored
If a command prefix should be used in predictable mode, it should wrap around d8 and not around the predictable wrapper. NOTRY=true TBR=majeski@google.com Bug: v8:7166 Change-Id: I16f33090c647ea4f6f040c6194908df6500b82a3 Reviewed-on: https://chromium-review.googlesource.com/832206 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50160}
-
Michal Majewski authored
Bug: v8:6917 Change-Id: I45ee0277bd243559746f9bc9396d1a8900c891cc Reviewed-on: https://chromium-review.googlesource.com/832026 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#50159}
-
Camillo Bruni authored
The new maptracer provides a timeline visualization of the maps logged with --trace-maps. Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I896d677e1d28ceb7b94e29139d25c1476c8ce157 Reviewed-on: https://chromium-review.googlesource.com/664719Reviewed-by: Mathias Bynens <mathias@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#50158}
-
Clemens Hammacher authored
We had a number of accessors defined on {WasmCompiledModule}, which redirected to {WasmSharedModuleData}. This is uncommon in the code base and hides where information is really stored. This CL removes them and accesses information directly from the {WasmSharedModuleData} instead. R=ahaas@chromium.org Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I54fce75dbf7dcb2f16dcf13e4634b5618225a429 Reviewed-on: https://chromium-review.googlesource.com/831510Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50157}
-
Clemens Hammacher authored
Many methods currently defined in WasmCompiledModule actually only use shared information from WasmSharedModuleData. Hence, move them to this class. R=ahaas@chromium.org Bug: chromium:750256 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: Ia298306c3757fca8e2d93eaaf3424d6f91150212 Reviewed-on: https://chromium-review.googlesource.com/831509Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#50156}
-
Kanghua Yu authored
Remove redundant jmp in AdvanceBytecodeOffset(), safely add a couple of {Label::kNear} hint for forward jmp instructions. Bug: Change-Id: Iefc8c1c4656963e7e8a56c5127391e0c508ca401 Reviewed-on: https://chromium-review.googlesource.com/810216 Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#50155}
-
jgruber authored
See https://github.com/tc39/proposal-regexp-named-groups/pull/40. The spec is being changed to always create a 'groups' property on regexp result objects. Its value is undefined if no named captures exist, and the object containing named captures otherwise. Bug: v8:7192, v8:5437 Change-Id: I1fb00ffc186c7effd84b5692dcbed420581855c3 Reviewed-on: https://chromium-review.googlesource.com/829137Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#50154}
-