- 10 Aug, 2018 9 commits
-
-
Bret Sepulveda authored
Log::MessageBuilder was already escaping most unsafe characters when they were being logged, but plain backslashes were not. Merely updating the existing escaping path was not sufficient, as recursion would cause escape codes to be doubly escaped. This patches refactors the API to ensure incoming text is escaped exactly once. Bug: v8:8039 Change-Id: Id48aabf29fb6153189ae4a1ad7dfaaf4b41b62ad Reviewed-on: https://chromium-review.googlesource.com/1169049Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Bret Sepulveda <bsep@chromium.org> Cr-Commit-Position: refs/heads/master@{#55038}
-
Michael Starzinger authored
This assigns dummy instance templates to all WebAssembly API functions used as constructors. It hence avoids implicit receivers from having the internal instance types. These objects would never be fully initialized and causes heap iterations to stumble over these objects. R=clemensh@chromium.org BUG=v8:8003 Change-Id: I3c81d8dc3ae4a38e650b390a04170585cb31ec77 Reviewed-on: https://chromium-review.googlesource.com/1170685Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#55037}
-
Simon Zünd authored
This CL changes the ArrayPrototypeShift builtin to a CSA macro which is used in a newly created Torque builtin. This is in preparation for removing the JavaScript fall-back, which will be replaced by a baseline Torque implementation. R=cbruni@chromium.org, jgruber@chromium.org Bug: v8:7624 Change-Id: I9b7898beea2802cc02d394e040a1e500387cf108 Reviewed-on: https://chromium-review.googlesource.com/1169172Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Simon Zünd <szuend@google.com> Cr-Commit-Position: refs/heads/master@{#55036}
-
Michael Lippautz authored
Objects created through the API may be of different types then JS_API_* and WASM types. E.g. a JsGlobalProxy may be created through an ObjectTemplate. Bug: v8:8022 Change-Id: I393353cc89c82258d7ad3ba460b5bbd94af33090 Reviewed-on: https://chromium-review.googlesource.com/1169021 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#55035}
-
Michael Starzinger authored
R=clemensh@chromium.org BUG=v8:7424 Change-Id: Ifa7029872c4d5cfda2f2411534abad6970dda323 Reviewed-on: https://chromium-review.googlesource.com/1156549Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#55034}
-
Simon Zünd authored
This CL replaces 'let' with 'const' where applicable. This will generate TNodes instead of TVARIABLEs in the resulting CSA code. R=jgruber@chromium.org Bug: v8:8015 Change-Id: I806702c1bfa141e4c934a83c34dd49c321e18ce7 Reviewed-on: https://chromium-review.googlesource.com/1169811Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Simon Zünd <szuend@google.com> Cr-Commit-Position: refs/heads/master@{#55033}
-
Clemens Hammacher authored
Most platforms do not need these methods. Thus, make them private to the mips headers. R=titzer@chromium.org Bug: v8:6600 Change-Id: I3fb1a2a3fd9a53dfc55b45763c150911db43b537 Reviewed-on: https://chromium-review.googlesource.com/1169203Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#55032}
-
Simon Zünd authored
This CL replaces Delete/SetProperty runtime calls with calls to their stub version. The stubs will bail to the runtime themselves if they can't perform the action. R=jgruber@chromium.org Bug: v8:8015 Change-Id: I1f141296ee074e028c27a3682e2eb46d9f74c0d9 Reviewed-on: https://chromium-review.googlesource.com/1169810Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Simon Zünd <szuend@google.com> Cr-Commit-Position: refs/heads/master@{#55031}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/1f2ff68..f5a5b7b Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/8fa35d1..bca7d20 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/dd5051f..15a5a77 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/7302dfb..d299f06 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: Icb8dba9717a64abe8faa2c8e2557587937fce5af Reviewed-on: https://chromium-review.googlesource.com/1170399 Commit-Queue: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Reviewed-by: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#55030}
-
- 09 Aug, 2018 31 commits
-
-
Alexey Kozyatinskiy authored
Some clients (see Node.js) use platform path as ScriptOrigin. Reporting platform path in protocol makes using protocol much harder. This CL introduced V8InspectorClient::resourceNameToUrl method that is called for any reported using protocol url. V8Inspector uses url internally as well so protocol client may generate pattern for blackboxing with file urls only and does not need to build complicated regexp that covers files urls and platform paths on different platforms. R=lushnikov@chromium.org TBR=yangguo@chromium.org Bug: none Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel Change-Id: Iff302e7441df922fa5d689fe510f5a9bfd470b9b Reviewed-on: https://chromium-review.googlesource.com/1164624 Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Reviewed-by: Alexei Filippov <alph@chromium.org> Cr-Commit-Position: refs/heads/master@{#55029}
-
John Barboza authored
Change-Id: I853f7899dbba9112ba1ca2ce78e2838b5a09c975 Reviewed-on: https://chromium-review.googlesource.com/1168087 Commit-Queue: John Barboza <jbarboza@ca.ibm.com> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#55028}
-
Deepti Gandluri authored
Bug: v8:6532 Change-Id: I6391c3d5e86d2b04735e241a1e0549a170ab4852 Reviewed-on: https://chromium-review.googlesource.com/1164640Reviewed-by: Ben Titzer <titzer@chromium.org> Reviewed-by: Ben Smith <binji@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/master@{#55027}
-
Junliang Yan authored
Port 352e408b Original Commit Message: Add codegen support for up to 4GiB memories in Liftoff code. This CL also adds three new mjsunit tests that stress large WASM memories (1, 2, and 4 GiB) and checks that accesses near these boundaries properly generate traps. Note there is still some trickiness around the setting of: 1.) the flag --wasm-max-mem-pages 2.) wasm-limits.h kSpecMaxWasmMemoryPages = 65536 3.) wasm-limits.h kV8MaxWasmMemoryPages = 32767 In particular, the allocation of memories is still limited to 3.) and the runtime flag can only lower this limit. The above means that the tests for 2GiB and 4GiB memories will silently OOM by design until 3.) is changed (though they currently pass with manual testing). I argue it is better to include these tests up front, since they will immediately trigger if their memory allocation succeeds. Therefore the plan is to lift the restriction on 3.) after removing all other other internal V8 limitations including array buffers and views. R=titzer@chromium.org, joransiu@ca.ibm.com, michael_dawson@ca.ibm.com BUG=v8:7881 LOG=N Change-Id: Ice70a9ac5a9a26b08cc77acb7deec98305574d01 Reviewed-on: https://chromium-review.googlesource.com/1167914 Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Reviewed-by: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#55026}
-
Simon Zünd authored
This CL changes the order of the parameters of HasProperty to be more consistent with other CSA macros. Drive-by-change: Use HasProperty stub directly in Torque. R=jgruber@chromium.org Bug: v8:8015 Change-Id: I73d1096afbb86d52e2af67c1969549f1158448a7 Reviewed-on: https://chromium-review.googlesource.com/1166831 Commit-Queue: Simon Zünd <szuend@google.com> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#55025}
-
Michael Achenbach authored
NOTRY=true NOTREECHECKS=true TBR=santa Change-Id: I1f14da5476fdf6b52f62c5259ff36cdfe24105e3 Reviewed-on: https://chromium-review.googlesource.com/1169802 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#55024}
-
Michael Starzinger authored
R=sigurds@chromium.org TEST=mjsunit/wasm/asm-wasm BUG=v8:8038 NOTREECHECKS=true Change-Id: Id12226116aae1b12c8cc948b28097c1dc126f17c Reviewed-on: https://chromium-review.googlesource.com/1169046 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#55023}
-
jgruber authored
The HasProperty builtin differed in its expected argument order from the HasProperty runtime function. Like all other related spec primitives (e.g.: GetProperty, SetProperty, DeleteProperty), it should take {object} as the first argument and {key} as the second. This CL changes the builtin and all related spots to use the correct order. There was also a tricky bug in interpreter intrinsic rewriting, which assumes (but does not verify) that the argument order between runtime function and builtin is identical. Besides cctests, HasProperty intrinsic rewriting seems to be dead code. Bug: v8:8036 Change-Id: Ia669fd6f5c73a30df4e4607064603be759ced392 Reviewed-on: https://chromium-review.googlesource.com/1167297 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#55022}
-
Ulan Degenbaev authored
When the memory pressure level is critical and there are managed objects that call AdjustAmountOfExternalMemory in their finalizer, we trigger GC for each dying managed object. See the test for an example. This fixes the bug by clearing the memory pressure level before GC. Bug: v8:8014 Change-Id: Id5144430a52fb8545aa23f33229a11b1714cbf10 Reviewed-on: https://chromium-review.googlesource.com/1169011Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/master@{#55021}
-
Marja Hölttä authored
It's now unused. BUG=v8:7308 Change-Id: I301b83fde1d941d5d535922a1174d017186b82ce Reviewed-on: https://chromium-review.googlesource.com/1169017Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#55020}
-
Marja Hölttä authored
BUG=v8:7308 Change-Id: I940ed715949307abb831d47c197b7e75ed5b0fca Reviewed-on: https://chromium-review.googlesource.com/1169047 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#55019}
-
Ben L. Titzer authored
This CL introduces a set of configuration options implemented as a struct of booleans that together comprise the set of enabled or detected features. The configuration options replace command-line flags that were checked deep in the implementation. As such, it is necessary to plumb them through multiple levels of abstraction. R=ahaas@chromium.org CC=mstarzinger@chromium.org BUG=chromium:868844 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I1b82f5826e4fd263f68e8cafcd923bac5818a637 Reviewed-on: https://chromium-review.googlesource.com/1163670Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#55018}
-
Creddy authored
This is a reland of 690bda84 Original change's description: > [Interpreter] Do not use IC slots for property load/stores in an IIFE and top-level code > > An IIFE or top-level code is executed only once hence, there is no need to collect > type feedback. We can save some memory by not using IC slots for property Loads/Stores > within a IIFE/top-level code. This CL emits Runtime Get/Set property calls instead of LdaNamedProperty > /StaNamedProperty for the property loads within a IIFE and top-level code. > > Change-Id: I3e0ce26d05d82bb3648cb9262c4e112a2c4556c9 > Reviewed-on: https://chromium-review.googlesource.com/1146579 > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Reviewed-by: Marja Hölttä <marja@chromium.org> > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Reviewed-by: Yang Guo <yangguo@chromium.org> > Commit-Queue: Chandan Reddy <chandanreddy@google.com> > Cr-Commit-Position: refs/heads/master@{#54949} Change-Id: I7b07ce86f7236d82191caaceafd31b86e5863ff5 Reviewed-on: https://chromium-review.googlesource.com/1167802Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Chandan Reddy <chandanreddy@google.com> Cr-Commit-Position: refs/heads/master@{#55017}
-
Michael Starzinger authored
R=clemensh@chromium.org TEST=test-jump-table-assembler/JumpTablePatchingStress BUG=v8:8018 Change-Id: I1bb4c52a912a7c7ec7fbaf19c79cb7c7dd00a13e Reviewed-on: https://chromium-review.googlesource.com/1167283 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#55016}
-
Tobias Tebbi authored
This should allow to re-land https://crrev.com/c/1039190 Bug: chromium:871886 Change-Id: If815537410b3fa09902026dc26205421f5c36ae5 Reviewed-on: https://chromium-review.googlesource.com/1169019 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#55015}
-
Tobias Tebbi authored
Bug: v8:8029 Change-Id: I5d5575a74af49236ff55a39c6a6805472bd63609 Reviewed-on: https://chromium-review.googlesource.com/1166910 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#55014}
-
Marja Hölttä authored
Currently it was only used for modules, so repurposed it to be a weak pointer to JSModuleNamespace. BUG=v8:7308 Change-Id: I4ef522fafebd37624c309081d7432501c2c69b7a Reviewed-on: https://chromium-review.googlesource.com/1163704Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#55013}
-
Ivica Bogosavljevic authored
TEST=cctest/test-run-wasm-simd/RunWasm_S8x16Concat_turbofan Change-Id: Ifcc14b57d65d15e5ae8477a05746027356bac547 Reviewed-on: https://chromium-review.googlesource.com/1166909Reviewed-by: Bill Budge <bbudge@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Ivica Bogosavljevic <ibogosavljevic@wavecomp.com> Cr-Commit-Position: refs/heads/master@{#55012}
-
Andreas Haas authored
With the callback we can check if the origin trial is turned on for a given context. I will not land the other CL which added a flag to the isolate. The information if the origin trial is on is context-specific and not isolate-specific, and it's hard on the embedder side to track all creations of a context. With the API proposed in this CL we will ask the embedder every time we start compilation whether the origin trial is on or off. R=yangguo@chromium.org Bug:868844 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I8822f40ab12582a5b0bd6640790a269107fc085a Reviewed-on: https://chromium-review.googlesource.com/1163621 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#55011}
-
Tobias Tebbi authored
Bug: chromium:871886 Change-Id: I91c6099ebaa064575db1ee3d7354e02cd42bbfd2 Reviewed-on: https://chromium-review.googlesource.com/1166906 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#55010}
-
Georg Neis authored
Also make printing of an incomplete AST more robust. Change-Id: I56636890deb6e38882a3f8206aff7cde3e4bab60 Reviewed-on: https://chromium-review.googlesource.com/1168498Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#55009}
-
Kanghua Yu authored
Benefit from constant folding, this CL reduce snapshot by 704 bytes for {Call,Construct}WithArrayLike builtins. R=tebbi@chromium.org Change-Id: I34f055c9b46039698150f560644459aa492cde9e Reviewed-on: https://chromium-review.googlesource.com/1168739 Commit-Queue: Kanghua Yu <kanghua.yu@intel.com> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#55008}
-
Clemens Hammacher authored
This allows to have only one version of {AreAliased} which has a clean implementation. R=mstarzinger@chromium.org Bug: v8:8015 Change-Id: I25c64a8c2077383129548773319799fac768521e Reviewed-on: https://chromium-review.googlesource.com/1167290 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#55007}
-
Rodrigo Bruno authored
The HeapController is now refactored in a way that new controllers only need to specify the constants that define how a space grows and shrinks. Bug: chromium:845409 Change-Id: I804eed440a791d6fbd232b7540a1cbe66b16a5f1 Reviewed-on: https://chromium-review.googlesource.com/1165347 Commit-Queue: Rodrigo Bruno <rfbpb@google.com> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#55006}
-
Simon Zünd authored
This CL adds a SetProperty method to the KeyedStoreGenericGenerator that mirrors what "KeyedStoreGeneric" does (used for KeyedStoreIC_MegaMorphic). This new SetProperty method is then used in the SetProperty stub. Change-Id: I72a684238ef6c3b8c4db8ba957d5b79238f7e495 Reviewed-on: https://chromium-review.googlesource.com/1164945 Commit-Queue: Simon Zünd <szuend@google.com> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#55005}
-
jgruber authored
Elements is already set by CSA::AllocateJSArray. Bug: v8:7871 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: I89b87f9f33eca4a92216f248606fb746f0de5412 Reviewed-on: https://chromium-review.googlesource.com/1168487 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#55004}
-
Simon Zünd authored
This CL changes the sorting algorithm used in Array.p.sort from QuickSort to TimSort (implemented in Torque). Detailed performance results can be found here: https://goo.gl/4E733J To save on code space, fast-paths are implemented as sets of function pointers instead of specializing generics. R=cbruni@chromium.org, jgruber@chromium.org Bug: v8:7382, v8:7624 Change-Id: I7cd4287e4562d84ab7c79c58ae30780630f976de Reviewed-on: https://chromium-review.googlesource.com/1151199 Commit-Queue: Simon Zünd <szuend@google.com> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#55003}
-
Clemens Hammacher authored
R=titzer@chromium.org Bug: v8:6600 Change-Id: I2adb5a74cfdc6ec7e229f1ca1bd31d8209156617 Reviewed-on: https://chromium-review.googlesource.com/1167519Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#55002}
-
Simon Zünd authored
This CL fixes the copy-within JSTest benchmark so it works on Android. R=machenbach@chromium.org Change-Id: I63662f9ab00d0199614681a53118bc4079e697ff Reviewed-on: https://chromium-review.googlesource.com/1168488Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Simon Zünd <szuend@google.com> Cr-Commit-Position: refs/heads/master@{#55001}
-
Simon Zünd authored
This CL adds a baseline Torque implementation without fast-paths for Array.p.copyWithin. The JS version in array.js is removed. R=cbruni@chromium.org, jgruber@chromium.org Bug: v8:7624 Change-Id: Ie53047883a65dd9310ea8f8d0edb440f431044ea Reviewed-on: https://chromium-review.googlesource.com/1165223Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Simon Zünd <szuend@google.com> Cr-Commit-Position: refs/heads/master@{#55000}
-
Sergiy Byelozyorov authored
R=machenbach@chromium.org No-Try: true Bug: chromium:775123 Change-Id: I8883be60cc4860fad572ba644bbc722972551eb3 Reviewed-on: https://chromium-review.googlesource.com/1168483Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#54999}
-