- 29 Oct, 2018 40 commits
-
-
Tobias Tebbi authored
Bug: chromium:899535 Change-Id: I468912afca9187b47ae94fbbcff79e175fa1e686 Reviewed-on: https://chromium-review.googlesource.com/c/1304296Reviewed-by: Caitlin Potter <caitp@igalia.com> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#57101}
-
Frank Tang authored
Change the order of the output and add spec text. To fix the to-be-landed-soon test262 test failure in test262/intl402/Segmenter/prototype/resolvedOptions/order The spec change from "any order" to "table " order in https://github.com/tc39/ecma402/pull/279 Bug: v8:8376 Change-Id: Ife19aec4386a022168514053830ebe03f983f4a9 Reviewed-on: https://chromium-review.googlesource.com/c/1301646Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/master@{#57100}
-
Frank Tang authored
This will give us some clusterfuzz coverage. Bug: v8:6891 Change-Id: I167774aeb0110bde8d5ed1047b2875b14317903b Reviewed-on: https://chromium-review.googlesource.com/c/1301643Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/master@{#57099}
-
Hannes Payer authored
Bug: chromium:897074 Change-Id: I8f886647eaab80a6d283b3f1aef6575f36327ec7 Reviewed-on: https://chromium-review.googlesource.com/c/1304543Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/master@{#57098}
-
Junliang Yan authored
R=joransiu@ca.ibm.com Change-Id: I071409177a0a33ad90c38c787d867461be5085a9 Reviewed-on: https://chromium-review.googlesource.com/c/1302802Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#57097}
-
Michael Starzinger authored
R=clemensh@chromium.org Change-Id: If7d1237bd65b58eaf7fe305f8539a6663b748b05 Reviewed-on: https://chromium-review.googlesource.com/c/1304541Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#57096}
-
Benedikt Meurer authored
This introduces Word64 support for the CheckBounds operator, which now lowers to either CheckedUint32Bounds or CheckedUint64Bounds after the representation selection. The right hand side of CheckBounds can now be any positive safe integer on 64-bit architectures, whereas it remains Unsigned31 for 32-bit architectures. We only use the extended Word64 support when the right hand side is outside the Unsigned31 range, so for everything except DataViews this means that the performance should remain the same. The typing rule for the CheckBounds operator was updated to reflect this new behavior. The CheckBounds with a right hand side outside the Unsigned31 range will pass a new Signed64 feedback kind, which is handled with newly introduced CheckedFloat64ToInt64 and CheckedTaggedToInt64 operators in representation selection. The JSCallReducer lowering for DataView getType()/setType() methods was updated to not smi-check the [[ByteLength]] and [[ByteOffset]] anymore, but instead just use the raw uintptr_t values and operate on any value (for 64-bit architectures these fields can hold any positive safe integer, for 32-bit architectures it's limited to Unsigned31 range as before). This means that V8 can now handle huge DataViews fully, without falling off a performance cliff. This refactoring even gave us some performance improvements, on a simple micro-benchmark just exercising different DataView accesses we go from testDataViewGetUint8: 796 ms. testDataViewGetUint16: 997 ms. testDataViewGetInt32: 994 ms. testDataViewGetFloat64: 997 ms. to testDataViewGetUint8: 895 ms. testDataViewGetUint16: 889 ms. testDataViewGetInt32: 888 ms. testDataViewGetFloat64: 890 ms. meaning we lost around 10% on the single byte case, but gained 10% across the board for all the other element sizes. Design-Document: http://bit.ly/turbofan-word64 Bug: chromium:225811, v8:4153, v8:7881, v8:8171, v8:8383 Change-Id: Ic9d1bf152e47802c04dcfd679372e5c85e4abc83 Reviewed-on: https://chromium-review.googlesource.com/c/1303732Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#57095}
-
Maya Lekova authored
This reverts commit bf3d7b9a. Reason for revert: Breaks TSAN build, see https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux64%20TSAN/23248 Original change's description: > [wasm] Store compile errors in CompilationState > > We are currently storing compilation errors in the individual > compilation units and pass it to the ErrorThrower during finishing. > This CL changes that to store errors on the CompilationState directly. > From there, it is propagated to the ErrorThrower in the compilation > state callback. > This removes more work from the finisher task and slims down the > WasmCompilationUnits. > > R=mstarzinger@chromium.org > > Bug: v8:8343, v8:7921 > Change-Id: Id332add43d4219d2a30fee653ed4e53a9b2698d9 > Reviewed-on: https://chromium-review.googlesource.com/c/1303720 > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Commit-Queue: Clemens Hammacher <clemensh@chromium.org> > Cr-Commit-Position: refs/heads/master@{#57091} TBR=mstarzinger@chromium.org,clemensh@chromium.org Change-Id: Id32c7337494a4749485adbcfcaae7b2331afea66 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:8343, v8:7921 Reviewed-on: https://chromium-review.googlesource.com/c/1304544Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#57094}
-
Stephan Herhut authored
As the wasm compilation pipeline skips the start and end phase of normal pipelines, we do not log compilation start/end for functions, which makes reading log output more complicated than need be. Change-Id: I1566ab7428b2dd9763c443000e946d4c6c789626 Reviewed-on: https://chromium-review.googlesource.com/c/1304540Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Stephan Herhut <herhut@chromium.org> Cr-Commit-Position: refs/heads/master@{#57093}
-
Clemens Hammacher authored
This removes more parameters which can be queried from the NativeModule. R=titzer@chromium.org Bug: v8:8343 Change-Id: Ia5111a336e8e2272f189ff2c5523afec8b2de660 Reviewed-on: https://chromium-review.googlesource.com/c/1303723Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#57092}
-
Clemens Hammacher authored
We are currently storing compilation errors in the individual compilation units and pass it to the ErrorThrower during finishing. This CL changes that to store errors on the CompilationState directly. From there, it is propagated to the ErrorThrower in the compilation state callback. This removes more work from the finisher task and slims down the WasmCompilationUnits. R=mstarzinger@chromium.org Bug: v8:8343, v8:7921 Change-Id: Id332add43d4219d2a30fee653ed4e53a9b2698d9 Reviewed-on: https://chromium-review.googlesource.com/c/1303720Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#57091}
-
Benedikt Meurer authored
For NumberMin and NumberMax we don't need to go to Float64 when the inputs are known to be in SafeInteger range, instead we can go to Word64 on 64-bit architectures. This is preliminary work for the huge DataView support, since we'll utilize NumberMax in that case to clamp the limit for the bounds check. Bug: v8:8178, v8:8383 Change-Id: I414114229c5c86b92749d30d645cedc641541ae4 Reviewed-on: https://chromium-review.googlesource.com/c/1304535Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#57090}
-
Clemens Hammacher authored
The "grow_memory" opcode was renamed to "memory.grow", and the spec repo was updated to use kExprMemoryGrow internally instead of kExprGrowMemory (https://github.com/WebAssembly/spec/pull/720). This CL does the same change for v8. Drive-by: Rename "current_size" to "memory.size", and a minor cleanup in wasm-graph-builder.js to bring it in line with the version in the js-api tests in the spec repo. R=titzer@chromium.org Change-Id: If525dba898b2c248890a616d3392c22b45f698ef Reviewed-on: https://chromium-review.googlesource.com/c/1302057Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#57089}
-
Sigurd Schneider authored
Change-Id: Ia970b1281d73289812c4f83c722eea87c31863ba Bug: v8:8344 Reviewed-on: https://chromium-review.googlesource.com/c/1304534Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#57088}
-
Toon Verwaest authored
Bug: v8:8363, v8:7926 Change-Id: Icfc8c02573a92d655ee14f563ad9c67fe5655029 Reviewed-on: https://chromium-review.googlesource.com/c/1304440 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#57087}
-
Sigurd Schneider authored
Change-Id: I21a87236c5a65bfd44da10efa57063e2a96e3779 Bug: v8:8344 Reviewed-on: https://chromium-review.googlesource.com/c/1304533Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#57086}
-
Toon Verwaest authored
Fix: Skip sanity check of illegal tokens Additional fix: set c0_ to kEndOfInput Bug: v8:8363, v8:7926 Change-Id: I4f1222945914462e495d9ed6b86d38e478adbe39 Reviewed-on: https://chromium-review.googlesource.com/c/1304298 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#57085}
-
Michael Starzinger authored
This fixes the fall-back case when parsing a multiplicative expression where the lookahead found a '-' token followed by an unsigned token, but no '*' token is following. We cannot rewind both tokens, but still need to make sure that a full multiplicative expression is parsed. R=clemensh@chromium.org TEST=mjsunit/regress/regress-8377 BUG=v8:8377 Change-Id: I20ce6267445b32bdaf03f41f11d9ef4be66cb636 Reviewed-on: https://chromium-review.googlesource.com/c/1304317Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#57084}
-
Clemens Hammacher authored
The Counters are not specific to compilation units, they just happen to be used in WasmCompilationUnit::ExecuteCompilation. Remove it from the compilation unit and pass it explicitly where needed. This saves another field on the compilation units. R=titzer@chromium.org Bug: v8:8343 Change-Id: Iad4fd8ae23b022c237535503e0e805db7e67071a Reviewed-on: https://chromium-review.googlesource.com/c/1304297 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#57083}
-
Marja Hölttä authored
The bug was that PreParser detected a stack overflow and an unidentifiable error, and we tried to re-parse the same code. However, the stack overflow flag was still set, and that messed up error handling in the Parser. BUG=chromium:899495 Change-Id: Icdef74bdb8be252d75f245e243e1303ffb822ce2 Reviewed-on: https://chromium-review.googlesource.com/c/1304316Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#57082}
-
Marja Hölttä authored
- Store dirty JSWeakFactories in a heap root (not native context) - during GC there's no native context necessarily. - Schedule one microtask per JSWeakFactory. - Enter the context of the cleanup function before calling it. BUG=v8:8179 Change-Id: Icaa245a08a60dd7325af828858ebe55d842c5bf6 Reviewed-on: https://chromium-review.googlesource.com/c/1298899 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#57081}
-
Clemens Hammacher authored
Move some methods to transitions-inl.h to avoid using methods defined in other inl headers. R=verwaest@chromium.org Bug: v8:7965 Change-Id: I0f5a97ffa4c5faad1687c1586ef2dbf5193939bb Reviewed-on: https://chromium-review.googlesource.com/c/1303299 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#57080}
-
Clemens Hammacher authored
R=jgruber@chromium.org Bug: v8:7965 Change-Id: Icad6d0f2e43d8c5bb62ad160a186b1d3dbd57781 Reviewed-on: https://chromium-review.googlesource.com/c/1303298 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#57079}
-
Clemens Hammacher authored
They are only needed in the async DecodeModule step. We can just store a raw pointer to the Counters there. R=mstarzinger@chromium.org Bug: v8:8238 Change-Id: I2b22008fc4cbf6f8f69c9d53822fdb5af7d638f6 Reviewed-on: https://chromium-review.googlesource.com/c/1303302 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#57078}
-
Clemens Hammacher authored
R=yangguo@chromium.org Bug: v8:7965 Change-Id: I38d636b29bc6a8eebafc8299b24954bedb3cafec Reviewed-on: https://chromium-review.googlesource.com/c/1303719 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#57077}
-
Clemens Hammacher authored
See discussion after this CL: https://crrev.com/c/1297960 We want to avoid the link from NativeModule to WasmEngine to enforce encapsulation. If someone needs access to the WasmEngine, we should give them a direct pointer. R=titzer@chromium.org Bug: v8:8217 Change-Id: I5bb6f4bf9b56c43085786d7092151d51bd0ff3ca Reviewed-on: https://chromium-review.googlesource.com/c/1304433Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#57076}
-
peterwmwong authored
This allows very large arrays being joined to incrementally, on-demand allocate the internal buffer. Previously, join would allocate the buffer upfront and all at once. Large, sparse arrays will use less memory. Bug: chromium:897404 Change-Id: Id914b14a7c55a62834f63ad602bdb45363249075 Reviewed-on: https://chromium-review.googlesource.com/c/1303538 Commit-Queue: Peter Wong <peter.wm.wong@gmail.com> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#57075}
-
Igor Sheludko authored
by using C++11's default field initializers. Bug: v8:8238 Change-Id: I3f5f4994114da61efb5b3c22681e6c472cf6e3dc Reviewed-on: https://chromium-review.googlesource.com/c/1302054 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#57074}
-
Clemens Hammacher authored
R=mstarzinger@chromium.org Bug: v8:7965 Change-Id: I26c85e7791550cff269ffc998077501a1eaef3a5 Reviewed-on: https://chromium-review.googlesource.com/c/1303718 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#57073}
-
Clemens Hammacher authored
R=titzer@chromium.org Change-Id: Ib3b1cd479b42865420879bff9f1a83558585eb05 Reviewed-on: https://chromium-review.googlesource.com/c/1303301 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#57072}
-
Clemens Hammacher authored
Fix by removing a method with a single user instead of introducing an inl-header. R=mstarzinger@chromium.org Bug: v8:7965 Change-Id: I596a673f36c63197db3e774d24b65abe01e83399 Reviewed-on: https://chromium-review.googlesource.com/c/1303717 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#57071}
-
Clemens Hammacher authored
R=marja@chromium.org Bug: v8:7965 Change-Id: Ifcdaaacebf846673b576e66a242efe727a7f3665 Reviewed-on: https://chromium-review.googlesource.com/c/1303716 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#57070}
-
Clemens Hammacher authored
allocation-builder.h was using methods defined in map-inl.h, which is not allowed. Thus move the respective methods to allocation-builder-inl.h. R=mstarzinger@chromium.org Bug: v8:7965 Change-Id: Idd040f624d7e9491bc3d4bbd1e6ab3e8cf051917 Reviewed-on: https://chromium-review.googlesource.com/c/1303297 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#57069}
-
Igor Sheludko authored
Bug: v8:8238 Change-Id: I4bb14e4457b78b91a960680ab22c808b5f88052c Reviewed-on: https://chromium-review.googlesource.com/c/1302053 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#57068}
-
Clemens Hammacher authored
R=ishell@chromium.org Bug: v8:7965 Change-Id: Ia67e567790f4a5b39e24504c13c472091776ec4f Reviewed-on: https://chromium-review.googlesource.com/c/1303296 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#57067}
-
Igor Sheludko authored
and make it Isolate-independent. Bug: v8:8238 Change-Id: I23faae87c302d24877ef001873f673d4a1cdd327 Reviewed-on: https://chromium-review.googlesource.com/c/1301484Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#57066}
-
Clemens Hammacher authored
Accidentally introduced in https://crrev.com/c/1293951; they were never needed. R=mstarzinger@chromium.org Change-Id: Idbd06800de3f70d1de7c98cb9a11198a6c814093 Reviewed-on: https://chromium-review.googlesource.com/c/1303300 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#57065}
-
Jakob Gruber authored
Now that embedded builtins are enabled everywhere*, lazy deserialization can be turned off and removed. * Except nosnap builds, on aix and in msvc builds. Bug: v8:6666, v8:6624, v8:7990 Change-Id: Ib5fefe10e7ff35b13a1eb803fbc3736b8851b22b Reviewed-on: https://chromium-review.googlesource.com/c/1288638Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#57064}
-
Jakob Gruber authored
While not strictly necessary, this is consistent with how SlowFlagGetter behaves. It adds an additional shift operation (which we could fold into the smi untagging if needed). Drive-by: Typify flag accessors. Bug: chromium:899464 Change-Id: Ib154d626e522ed723e2c19b1ab7f68560ac414bc Reviewed-on: https://chromium-review.googlesource.com/c/1304315Reviewed-by: Peter Wong <peter.wm.wong@gmail.com> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#57063}
-
Clemens Hammacher authored
R=marja@chromium.org Bug: v8:7965 Change-Id: I740f7fa1ec19e269d15358fcf66862b15096e132 Reviewed-on: https://chromium-review.googlesource.com/c/1303295 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#57062}
-