Skip to content

V
V8
Switch branch/tag
  1. 17 Aug, 2016 11 commits
    • epertoso's avatar
      [interpreter] Fixes the collection of type feedback in the bitwise binary operator. · e82f9446
      epertoso authored 
      The Smi case was updating the feedback with a bitwise AND instead of a bitwise OR. This was causing feedback that should have been 'kAny' to be erroneusly reported as 'kSignedSmall'.

R=rmcilroy@chromium.org

Review-Url: https://codereview.chromium.org/2251863004
Cr-Commit-Position: refs/heads/master@{#38682}
      e82f9446
    • mlippautz's avatar
      [heap] Filter slots in map space · 23f61424
      mlippautz authored 
      We mark an object allocated as uninitialized. If we happen to have a GC before
fields of a map are written, msan will observe access to unitialized memory and
crash.

This also unifies the handling as we now deal with all spaces in the same way.
In future we could parallelize clearing.

BUG=chromium:638226
R=hpayer@chromium.org

Review-Url: https://codereview.chromium.org/2251993002
Cr-Commit-Position: refs/heads/master@{#38681}
      23f61424
    • ivica.bogosavljevic's avatar
      MIPS64: Fix [KeyedLoadIC] Support Smi "handlers" for element loads · 3b7fbafe
      ivica.bogosavljevic authored 
      Fix 2cf2eef7

Fix test failures with tests working on external Uint32 arrays. Problem
started to appear because Uint32 value was compared using Int32 compare
operators in ChangeUint32ToTagged. On MIPS64. Uint32 value is not sign-
extended, so upper 32 bits of this value are zero. MIPS64 doesn't have
Word32Compare instructions but uses Word64Compare instructions in
combination with properly sign-extended Int32 values.

BUG=cctest/test-api/Uint32Array,cctest/test-api/SharedUint32Array,
cctest/test-api/FixedUint32Array,mjsunit/compiler/uint32

Review-Url: https://codereview.chromium.org/2231053002
Cr-Commit-Position: refs/heads/master@{#38680}
      3b7fbafe
    • mstarzinger's avatar
      [test] Relax recursion depth limit in webkit test. · e78a5278
      mstarzinger authored 
      R=rmcilroy@chromium.org
TEST=webkit/fast/js/deep-recursion-test

Review-Url: https://codereview.chromium.org/2254773002
Cr-Commit-Position: refs/heads/master@{#38679}
      e78a5278
    • mstarzinger's avatar
      [turbofan] Remove representation axis for float64 fields. · 5c6719fc
      mstarzinger authored 
      This removes the representation axis from the type of {Load/StoreField}
operators representing a property load/store. The representation would
be narrowed to {None} which causes problems for all places where we use
the type to reason about the value representation. Instead we should
fully switch to {MachineRepresentation}. This is just a stop-gap fix.

R=jarin@chromium.org
BUG=chromium:636716

Review-Url: https://codereview.chromium.org/2255533003
Cr-Commit-Position: refs/heads/master@{#38678}
      5c6719fc
    • vogelheim's avatar
      Scanner::LiteralBuffer usage cleanup. · c677f813
      vogelheim authored 
      1, restrict use of LiteralBuffers to the tokens that actually need it.
  - E.g., previously the Token::FUNCTION would have a literal buffer
    containing "function", which was never actually used.
  - This eliminates copies of the string data for every call to
    PeekAhead or SetBookmark.
2, document & enforce the "secret" Scanner API contract w/ DCHECK
  - Document & check the correspondence of token value and literal buffer.
  - Document & check preconditions for calling PeekAhead, ScanRegExp*,
    ScanTemplate*.

BUG=v8:4947

Review-Url: https://codereview.chromium.org/2240513003
Cr-Commit-Position: refs/heads/master@{#38677}
      c677f813
    • rmcilroy's avatar
      Avoid accessing Isolate in source position logging. · b8b4a443
      rmcilroy authored 
      Now that all backends use the source position builder to record source
positions, simplify the code line logging events to take a source
position table on code creation. This means that the source position
table builder no longer needs to access the isolate until the table is
generated. This is required for off-thread bytecode generation.

BUG=v8:5203

Review-Url: https://codereview.chromium.org/2248673002
Cr-Commit-Position: refs/heads/master@{#38676}
      b8b4a443
    • jarin's avatar
      [turbofan] Only do value numbering when types are compatible. · b190d133
      jarin authored 
      At the moment, two NumberConstant nodes get different type even if their
value is the same because we always allocate a new heap number for
each number constant. This can lead to replacing a node with a node of
disjoint type in value numbering, which can result in incorrect code
down the line because of inconsistent types.

This fix makes sure that we only replace a node with a sub-type
node. Once we introduce a proper type for number constants, we can
move back to the intersection typing in value numbering.

Unfortunately, it is quite hard to write a repro for this because we cache NumberConstant nodes. We only throw away cached values that have too many conflicts (>5), so the test has to contain values that fall into the same bucket. That's where the magic floating point numbers in the test come from (they have the same low 8-bits of their hashes).

BUG=chromium:633497

Review-Url: https://codereview.chromium.org/2251833002
Cr-Commit-Position: refs/heads/master@{#38675}
      b190d133
    • ahaas's avatar
      [turbofan] Cleanup for Float64Max and Float64Min. · 4150b5c6
      ahaas authored 
      This CL removes the optional operator flag of Float64Max and Float64Min.
Additionally it renames the instruction codes on x64 and ia32 because
the old instructions codes (e.g. SSEFloat64Max) do not match the
generated code anymore.

R=bmeurer@chromium.org

Review-Url: https://codereview.chromium.org/2237813002
Cr-Commit-Position: refs/heads/master@{#38674}
      4150b5c6
    • marja's avatar
      Scope analysis: DCHECK that we allocate rest_parameter_ only once. · f59c0473
      marja authored 
      BUG=v8:5209

Review-Url: https://codereview.chromium.org/2254433002
Cr-Commit-Position: refs/heads/master@{#38673}
      f59c0473
    • v8-autoroll's avatar
      Update V8 DEPS. · 1c5019e6
      v8-autoroll authored 
      Rolling v8/build to 9a1647ec813695da7960692f711a1cebc948d551

Rolling v8/third_party/WebKit/Source/platform/inspector_protocol to b53e3af6bfca3333fc2dd69302dac6667a8c6418

Rolling v8/tools/clang to b5889296bac50b31f1d2806633fe99dfc2b26b54

Rolling v8/tools/mb to c5a112880d83d509e88c01d524c988845a3a3ba6

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://codereview.chromium.org/2247183004
Cr-Commit-Position: refs/heads/master@{#38672}
      1c5019e6
  3. 16 Aug, 2016 29 commits