Skip to content

V
V8
Switch branch/tag
  1. 24 Apr, 2020 23 commits
    • Amy Huang's avatar
      Remove use of register r7 because llvm now issues an · 00604cd2
      Amy Huang authored 
      error when "r7" is used (starting in commit d85b3877)

Bug: chromium:1073270
Change-Id: I7ec8112f170b98d2edaf92bc9341e738f8de07a3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163435Reviewed-by: 's avatarNico Weber <thakis@chromium.org>
Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
Commit-Queue: Nico Weber <thakis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67371}
      00604cd2
    • Ng Zhi An's avatar
      Validate reading prefixed opcodes · 46813711
      Ng Zhi An authored 
      If module bytes end in a prefix like 0xfc (numeric prefix), we read out
of bounds (pc + 1). So, if validate flag is set, check the length.

Bug: chromium:1073553
Change-Id: Ia9771419d01f2315723d19dd96630172b5a7a1f5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2161404Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67370}
      46813711
    • Milad Farazmand's avatar
      PPC/s390: [wasm-simd][liftoff] Implement lt, le, gt, ge of f32x4 and f64x2 on x64 and ia32 · a7a88149
      Milad Farazmand authored 
      Port c47d1631

R=zhiguo.zhou@intel.com, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N

Change-Id: I126b610d69234c0eaa5599978a5fd25223b657c5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2164945Reviewed-by: 's avatarJunliang Yan <jyan@ca.ibm.com>
Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
Cr-Commit-Position: refs/heads/master@{#67369}
      a7a88149
    • Etienne Pierre-doray's avatar
      [Jobs]: Add job impl to default platform. · 05b62681
      Etienne Pierre-doray authored 
      The impl works by posting up to NumberOfWorkerThreads() tasks
with CallOnWorkerThread().

Change-Id: I188ac57c9e5d6e3befdcc6f945fbf337dabe1d1d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2130886
Commit-Queue: Etienne Pierre-Doray <etiennep@chromium.org>
Reviewed-by: 's avatarGabriel Charette <gab@chromium.org>
Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67368}
      05b62681
    • Clemens Backes's avatar
      [wasm][debug] Move debug-evaluate cctest to Liftoff · 30350b65
      Clemens Backes authored 
      This is the last cctest that uses the interpreter for debugging.
This CL moves it over to Liftoff.

R=jkummerow@chromium.org

Bug: v8:10389
Change-Id: I1791f0c762c9aab38eee5f5fb96772f4d01c212f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2164790Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67367}
      30350b65
    • Mythri A's avatar
      [log] Update LogAllMaps to also log maps from readonly space · 886d676d
      Mythri A authored 
      With --trace-maps, we log all maps in the heap at the end of
bootstrapping. LogAllMaps scans through the heap and logs a map-create
even for all the maps in the heap. This cl updates this function to also
look for maps in the read only space.

Change-Id: I50025a909691be8dca3455c0583a0392b4756aef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2162725Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67366}
      886d676d
    • Camillo Bruni's avatar
      [runtime] Fix source location for CallWithSpread with errors · 1d00b785
      Camillo Bruni authored 
      Unify error handling for errors in CallWithSpread Bytecode and thus
fix source location mismatches.

Bug: v8:10378
Change-Id: If224cd34f1306492059dbedd8d2ca5c0feee5658
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2162856Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67365}
      1d00b785
    • Leszek Swirski's avatar
      [offthread] Fall-back to main-thread finalization for asm.js · e0df158b
      Leszek Swirski authored 
      asm-to-wasm doesn't support off-thread finalization, so disable it if an
asm compilation job is successfully executed. Note that in the future,
we could instead have a hybrid off-thread and main-thread finalization
for mixed JS and asm.js scripts, but for now that's probably
unncecessary.

Bug: chromium:1011762
Change-Id: I52c8f31fa13790e03ccf3196dbef471bca387bc5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2110017
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67364}
      e0df158b
    • Leszek Swirski's avatar
      [offthread] Move line-end init to FinalizeScriptCompilation · 9f43850f
      Leszek Swirski authored 
      Moves the Script line-end initialization for profiling out of
CreateScript and into FinalizeScriptCompilation. This ensures that
scripts created off-thread still get line-ends when necessary.

Bug: chormium:1011762
Change-Id: If16ad17b2b3ec96908420107bd5f9161eab9492f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2122020
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67363}
      9f43850f
    • Leszek Swirski's avatar
      [offthread] Resolve parallel tasks in off-thread merge · 2b8cc34b
      Leszek Swirski authored 
      Parallel tasks have to be resolved to their SharedFunctionInfos on the
main thread, so do so for off-thread finalizations.

Bug: chromium:1011762
Change-Id: I1f0c510630b820cad191db614960ed734218bf0e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2110018
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67362}
      2b8cc34b
    • Timothy Gu's avatar
      Reland "[builtins] Clean up the use of class_name / ES5 [[Class]]" · 1aa51b49
      Timothy Gu authored 
      This is a reland of 29c1eab9

Original change's description:
> [builtins] Clean up the use of class_name / ES5 [[Class]]
>
> Before ES2015, the ES spec had a [[Class]] internal slot for all
> objects, which Object.prototype.toString() would use to figure the
> returned string. Post-ES2015, the [[Class]] slot was removed in spec for
> all objects, with the @@toStringTag well-known symbol the proper way to
> change Object.prototype.toString() output.
>
> At the time, spec-identical handling without the use of [[Class]] was
> implemented in V8 for all objects other than API objects, where issues
> with the Web IDL spec [1] prevented Blink, and hence V8, to totally
> migrate to @@toStringTag. However, since 2016 [2] Blink has been setting
> @@toStringTag on API class prototypes to manage the
> Object.prototype.toString() output, so the legacy [[Class]] handling in
> V8 has not been necessary for the past couple of years.
>
> This CL removes the remaining legacy [[Class]] handling in
> Object.prototype.toString(), JSReceiver::class_name(), and
> GetConstructorName(). However, it does not remove the class_name field
> in FunctionTemplateInfo, as it is still used for the `name` property of
> created functions.
>
> This CL also cleans up other places in the codebase that still reference
> [[Class]].
>
> This change should have minimal impact on web-compatibility. For the
> change to be observable, a script must do one of the following:
>
> 1. delete APIConstructor.prototype[Symbol.toStringTag];
> 2. Object.setPrototypeOf(apiObject, somethingElse);
>
> Before this CL, these changes will not change the apiObject.toString()
> output. But after this CL, they will make apiObject.toString() show
> "[object Object]" (in the first case) or the @@toStringTag of the other
> prototype (in the latter case).
>
> However, both are deemed unlikely. @@toStringTag is not well-known
> feature of JavaScript, nor does it get tampered much on API
> constructors. In the second case, setting the prototype of an API object
> would effectly render the object useless, as all its methods (including
> property getters/setters) would no longer be accessible.
>
> Currently, @@toStringTag-based API object branding is not yet
> implemented by other browsers. This V8 bug in particular has been an
> impediment to standardizing toString behavior. Fixing this bug will
> unblock [3] and lead to a better Web IDL spec, and better toString()
> compatibility for all.
>
> [1]: https://www.w3.org/Bugs/Public/show_bug.cgi?id=28244
> [2]: https://crrev.com/909c0d7d5a53c8526ded351683c65ea7d17531d4
> [3]: https://github.com/heycam/webidl/pull/357
>
> Bug: chromium:793406
> Cq-Include-Trybots: luci.chromium.try:linux-rel
> Change-Id: Iceded24e37afa2646ec385d5018909f55b177f93
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2146996
> Commit-Queue: Timothy Gu <timothygu@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67327}

Bug: chromium:793406
Change-Id: Ia5d97bd4e1c44cadc6f18a17ffc9d06b038cf8f1
Cq-Include-Trybots: luci.chromium.try:linux-rel
Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163881
Auto-Submit: Timothy Gu <timothygu@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67361}
      1aa51b49
    • Clemens Backes's avatar
      [wasm][debug] Move breakpoint cctests to Liftoff · 780746d6
      Clemens Backes authored 
      The cctests for breakpoints were still executing in the interpreter.
This CL moves them over to Liftoff.

Note that the additional methods on {DebugInfo} will be reused for other
purposes, see https://crrev.com/c/1941139.

R=jkummerow@chromium.org

Bug: v8:10389
Change-Id: Ia88150612377d6e7db0514af1efe091124b3ddce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2162852Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67360}
      780746d6
    • Zhao Jiazhong's avatar
      [mips][wasm-simd][liftoff] Implement lt, le, gt, ge of f32x4 and f64x2 · 460ed1f0
      Zhao Jiazhong authored 
      Port c47d1631
https://crrev.com/c/2158925

Change-Id: Ib1c494c93acfb5d19890427e6ea73202915675df
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2162415Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/master@{#67359}
      460ed1f0
    • Frank Tang's avatar
      Fix no_i18n failure missed in test262 roll 2163877 · 20f5379e
      Frank Tang authored 
      Bug: v8:7834
Change-Id: I9fbcca612db3df6698ebb63bae90b7943e38d48d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163819Reviewed-by: 's avatarMaya Lekova <mslekova@chromium.org>
Auto-Submit: Frank Tang <ftang@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67358}
      20f5379e
    • Leszek Swirski's avatar
      [offthread] Check memory pressure after merging · 5b878283
      Leszek Swirski authored 
      Currently, there is no indication of memory pressure after merging pages
from off-thread space into the heap. This can mean that with lots of
off-thread compilations, we eventually run out of pages in the memory
allocator.

Now, trigger a critical memory pressure notification after merging if
the old generation is close to being unexpandable. We may want to add
other heuristics here (e.g. moderate memory pressure if the heap is
highly fragmented), or possibly add similar checks when the off-thread
space is initialized, but this works for now.

As a drive-by, inline the NotifyOffThreadSpaceMerged call into the
off-thread factory merge -- we already do a bunch of special merging
stuff in there, and nowhere else, so we may as well be explicit in what
we're actually doing. This also allows us to do a pre-check on old-space
size and hard limits just before the merge.

Bug: chromium:1011762
Change-Id: Ic2b46057cf751bd7eaf787f46beaaf4df36e78fe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2131915
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67357}
      5b878283
    • Leszek Swirski's avatar
      Reland "[offthread] Move stress-background-compile to compiler.cc" · 471b2001
      Leszek Swirski authored 
      This is a reland of a441cbfb

Disabling cctest/test-compiler/DeepEagerCompilationPeakMemory in stress
mode since allocation is no longer deterministic.

Original change's description:
> [offthread] Move stress-background-compile to compiler.cc
>
> Make --stress-background-compile a V8 flag rather than a d8 flag, so
> that it also tests unittests/cctests.
>
> Now, with this flag, every top-level script compile (that fulfills a
> couple of restrictions) will be both main-thread and background-thread
> compiled, taking the result of the background compile. In the future,
> we'll probably want to verify that the two results are equivalent.
>
> One of the necessary changes to allow tests to pass was to introduce a
> concept of a "temporary" script (with a temporary script id), which
> doesn't get added to the script list. This is to avoid the main-thread
> compile part of the stress-test having a debugger-visible side-effect,
> e.g. in tests that enumerate scripts. We can't just create new ids for
> such scripts, as then script-id expectation files no longer match.
>
> Bug: chromium:1011762
> Change-Id: I500bbf2cabea762e69aca3dbae247daae71192cb
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2120541
> Commit-Queue: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67332}

TBR=rmcilroy@chromium.org

Bug: chromium:1011762
Change-Id: I5f9f0eb71caa4829e72b4a6d2824cbebd3698bd5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2162876Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67356}
      471b2001
    • Sathya Gunasekaran's avatar
      [turbofan] Split DependentCode::kFieldOwner group · 6acbbfbe
      Sathya Gunasekaran authored 
      This patch will allow turboprop to selectively turn off const based
optimizations.

Change-Id: Icd0ec29968287a428cbf38857191900dbf3fda36
Bug: v8:9684, v8:10431
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2149429
Commit-Queue: Sathya Gunasekaran  <gsathya@chromium.org>
Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67355}
      6acbbfbe
    • Leszek Swirski's avatar
      [offthread] Disable off-thread compiles for block coverage · 7712da4d
      Leszek Swirski authored 
      Off-thread compilation currently doesn't support adding DebugInfo to a
SharedFunctionInfo, so it also doesn't support adding coverage info.

For now, disable off-thread finalization entirely when block coverage
is enabled. In the future we most likely want to add support for this.

Bug: chromium:1011762
Change-Id: I7fdcee48f427d0f7061e90602d9d7557a98e54bb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2126911
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67354}
      7712da4d
    • Leszek Swirski's avatar
      [offthread] Allow errors in off-thread compile · d1d35f9b
      Leszek Swirski authored 
      Use the PendingCompilationErrorHandler in the UnoptimizedCompileState
class to prepare compilation errors off-thread, and report them during
the merge into the main thread.

Bug: chromium:1011762
Change-Id: I3ad5078e25c176aa30743500714b2fad838d3ce8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2105354
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67353}
      d1d35f9b
    • Frank Tang's avatar
      Roll test262 · 3fe19f31
      Frank Tang authored 
      https://chromium.googlesource.com/external/github.com/tc39/test262/+log/62b8fce3..31dabb56

31dabb5 Add a test for Unicode key-type pairs being canonicalized by Intl.Locale regardless whether they're passed in the input tag, or through the options object. by Jeff Walden · 9 hours ago master
7a4b88e Add `null` named capture coercion test case by Alexey Shvayka · 9 hours ago
6de6484 Add functional replacement test by Alexey Shvayka · 9 hours ago
a6f3449 Add string replacement test by Alexey Shvayka · 9 hours ago
eca34ed Drop "the" and align license headers by Alexey Shvayka · 9 hours ago
34b2ab3 Use non ID_Continue characters in negative tests by Alexey Shvayka · 9 hours ago
89bb1b7 Remove negative parse tests that are now valid by Alexey Shvayka · 9 hours ago
3b5845a Add invalid non-Unicode test by Alexey Shvayka · 9 hours ago
b0995ea Add invalid Unicode test by Alexey Shvayka · 9 hours ago
fd18971 Add valid non-Unicode test by Alexey Shvayka · 9 hours ago
1991c24 Add valid Unicode test by Alexey Shvayka · 9 hours ago
d57bd9d Simplify alphanum regex in testIntl.js by Ross Kirsling · 9 hours ago
064d3c2 correct exceptions for exceptZero by Frank Yung-Fong Tang · 9 hours ago
18f5551 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
7bb81a4 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
52ec585 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
6b3b5c1 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
7aa1291 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
fb00de4 correct expectation of exceptZero by Frank Yung-Fong Tang · 9 hours ago
11cc0c0 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
9119877 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
2022f97 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
0fc6784 correct exceptZero expectation by Frank Yung-Fong Tang · 9 hours ago
988bf55 correct exceptZero expectation by Frank Yung-Fong Tang · 9 hours ago
e5d4129 correct for exceptZero by Frank Yung-Fong Tang · 9 hours ago
8293c96 correct expectation for exceptZero by Frank Yung-Fong Tang · 9 hours ago
0279d96 correct cases for exceptZero by Frank Yung-Fong Tang · 9 hours ago
d401735 correction for exceptZero by Frank Yung-Fong Tang · 9 hours ago
f07fe8c correct by Frank Yung-Fong Tang · 9 hours ago
c1a1111 correct by Frank Yung-Fong Tang · 9 hours ago
832ecd2 correct by Frank Yung-Fong Tang · 9 hours ago
940be66 correct expectation for signDisplay: "exceptZero" by Frank Yung-Fong Tang · 9 hours ago
df0207c Test revoked [[ProxyHandler]] by Alexey Shvayka · 9 hours ago
d6834ac Test revoked callable [[ProxyTarget]] by Alexey Shvayka · 9 hours ago
449f3ed Test revoked [[ProxyTarget]] by Alexey Shvayka · 9 hours ago
c2f0a3c Bring back accidentally removed __proto__ test by Alexey Shvayka · 9 hours ago
0c06bbc Add "proto-from-ctor-realm" test for AggregateError by Alexey Shvayka · 9 hours ago
a240781 Use isConstructor harness in revocation function test by Alexey Shvayka · 9 hours ago
c31133b Add Proxy.revocable built-in test by Alexey Shvayka · 9 hours ago
fadb907 Atomics.waitAsync: fix lint trash by Rick Waldron · 10 hours ago
d7e4de1 Atomics.waitAsync: validate array type; waiter list position, notify before timeout by Rick Waldron · 10 hours ago
161ce48 Atomics.waitAsync: misused symbol args. by Rick Waldron · 10 hours ago
127fa27 Atomics: remove erroneous argument from getReport() in harness/atomicsHelper.js by Rick Waldron · 10 hours ago
bd5b37e Atomics.waitAsync: symbol for timeout throws by Rick Waldron · 10 hours ago
eeb75f6 Atomics.waitAsync: poisoned object throws by Rick Waldron · 10 hours ago
db9c0ef Atomics.waitAsync: out of range index by Rick Waldron · 10 hours ago
0923420 Atomics.waitAsync: fix lint issues by Rick Waldron · 10 hours ago
c3efb56 Atomics.waitAsync: make all agent timeouts async by Rick Waldron · 10 hours ago
f03c0c2 fixup! Atomics.waitAsync: no spurious wakeup on [operation] by Rick Waldron · 10 hours ago
e9ee3dc Atomics: add setTimeout, getReportAsync & safeBroadcastAsync to harness/atomicsHelper .js by Rick Waldron · 10 hours ago
a46bbfd Atomics: drop unused id argument to agent receiveBroadcast handler by Rick Waldron · 10 hours ago
974a4ff Atomics.waitAsync: no spurious wakeup on [operation] by Rick Waldron · 10 hours ago
6d4b4eb Atomics.waitAsync: false, nan, negative, null, object zero timeouts by Rick Waldron · 10 hours ago
4c2ca05 Atomics.waitAsync: negative index throws by Rick Waldron · 10 hours ago
a196c93 Atomics.waitAsync: negative timeout by Rick Waldron · 10 hours ago
677fb82 Atomics.waitAsync: false for timeouts, revised. by Rick Waldron · 10 hours ago
9519cd8 Atomics.waitAsync: Return Value by Rick Waldron · 10 hours ago
dabcc05 Atomics.waitAsync: false, nan for timeouts by Rick Waldron · 10 hours ago
c0f0adf Atomics.waitAsync: ValidateSharedIntegerTypedArray, ValidateAtomicAccess & Return promiseCapability.[[Promise]] by Rick Waldron · 10 hours ago
4e48a56 Atomics.wait: fix esid by Rick Waldron · 10 hours ago
bb37b88 Atomics.waitAsync: add descriptor, length, name tests by Rick Waldron · 10 hours ago
f32b35e Atomics.waitAsync: add feature to features.txt by Rick Waldron · 10 hours ago
1394a4f Fix Proxy tests by Alexey Shvayka · 10 hours ago
fe0d4dc Fix bound function tests by Alexey Shvayka · 10 hours ago
57fa74b Add yield* throw() method test by Alexey Shvayka · 5 days ago
5628e99 Add default parameters test by Alexey Shvayka · 5 days ago
1c06724 Add ObjectBindingPattern destructuring tests by Alexey Shvayka · 5 days ago
4d9944e Add ArrayBindingPattern destructuring tests by Alexey Shvayka · 5 days ago
1d513c3 Update indices-groups-object.js by Gus Caplan · 5 days ago
30542f3 Update groups-object.js by Gus Caplan · 5 days ago
97bd6fd Update indices-groups-object.js by Gus Caplan · 5 days ago
a799a4a Sort out __proto__ occurances outside of annexB by Gus Caplan · 5 days ago
e1fb459 Use slice in RegExp lookBehind test by Michaël Zasso · 5 days ago
68205eb Fixed wrong `esid` and `features` in a Promise.all test by jhnaldo · 5 days ago
048b6b5 Assert that Symbol is a constructor by Alexey Shvayka · 9 days ago
4a8e49b Add test for \0 in Unicode patterns (#2569) by Alexey Shvayka · 13 days ago
156d1b6 Fix async iterator methods not passing absent values tests (#2571) by Alexey Shvayka · 13 days ago
13d057d fix namespace set test (#2574) by Gus Caplan · 13 days ago
27a41b6 Improve malformed RegExp named groups coverage (#2568) by Alexey Shvayka · 13 days ago
6fb6ff6 Add String.prototype.split test by Alexey Shvayka · 2 weeks ago
0c0bcef Add String.prototype.search test by Alexey Shvayka · 2 weeks ago
2597829 Add String.prototype.replaceAll test by Alexey Shvayka · 2 weeks ago
f21c828 Add String.prototype.replace test by Alexey Shvayka · 2 weeks ago
d8a6a06 Add String.prototype.match test by Alexey Shvayka · 2 weeks ago
c1a7ffa Rename searchValue-replace-method-abrupt.js by Alexey Shvayka · 2 weeks ago
18bb955 Upstream additional language tag canonicalisation and Intl.Locale tests from SpiderMonkey by André Bargull · 2 weeks ago
5d8e6c8 Restore grandfathered tests removed in #2054 by André Bargull · 2 weeks ago
de02cf4 Re-enable variant subtag canonicalisation in tests by André Bargull · 2 weeks ago
a525174 Add Unicode and Transformed extension canonicalisation by André Bargull · 2 weeks ago
1c93566 Update language tag mappings to CLDR 36.1 by André Bargull · 2 weeks ago
033f31a Add the language tag mappings python script by André Bargull · 2 weeks ago
756ee6a Update list of numbering systems by André Bargull · 2 weeks ago
7556d59 Update list of Intl service constructors by André Bargull · 2 weeks ago


Bug: v8:7834
Change-Id: I533f42e2460ba355091e46dec29a4920255a134f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163877
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: 's avatarShu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67352}
      3fe19f31
    • Kong, Fanchen's avatar
      [wasm-simd] [liftoff] Fix i8x16.extract_lane_s on ia32 · 3eb43fbc
      Kong, Fanchen authored 
      movsx_b needs a byte register on ia32, but is using arbitrary gp register.

Bug: v8:9909
Change-Id: I5f31733ccf4ca3b04a3564a9133aec496653079e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2158928Reviewed-by: 's avatarZhi An Ng <zhin@chromium.org>
Commit-Queue: Fanchen Kong <fanchen.kong@intel.com>
Cr-Commit-Position: refs/heads/master@{#67351}
      3eb43fbc
    • Shu-yu Guo's avatar
      [weakrefs] Update js_weak_refs worklist after scavenges · f684ef02
      Shu-yu Guo authored 
      The js_weak_refs worklist is currently not updated after scavenges,
unlike other weak reference worklist.

Bug: v8:8179, chromium:1073981
Change-Id: I48172606995253edb8a0c96f2b7e2dc34cd3d0d6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163827
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67350}
      f684ef02
    • Bill Budge's avatar
      Revert "[builtins] Clean up the use of class_name / ES5 [[Class]]" · 213016d6
      Bill Budge authored 
      This reverts commit 29c1eab9.

Reason for revert: Causes Blink test failures:
https://ci.chromium.org/p/v8/builders/ci/V8%20Blink%20Linux/4222

Original change's description:
> [builtins] Clean up the use of class_name / ES5 [[Class]]
> 
> Before ES2015, the ES spec had a [[Class]] internal slot for all
> objects, which Object.prototype.toString() would use to figure the
> returned string. Post-ES2015, the [[Class]] slot was removed in spec for
> all objects, with the @@toStringTag well-known symbol the proper way to
> change Object.prototype.toString() output.
> 
> At the time, spec-identical handling without the use of [[Class]] was
> implemented in V8 for all objects other than API objects, where issues
> with the Web IDL spec [1] prevented Blink, and hence V8, to totally
> migrate to @@toStringTag. However, since 2016 [2] Blink has been setting
> @@toStringTag on API class prototypes to manage the
> Object.prototype.toString() output, so the legacy [[Class]] handling in
> V8 has not been necessary for the past couple of years.
> 
> This CL removes the remaining legacy [[Class]] handling in
> Object.prototype.toString(), JSReceiver::class_name(), and
> GetConstructorName(). However, it does not remove the class_name field
> in FunctionTemplateInfo, as it is still used for the `name` property of
> created functions.
> 
> This CL also cleans up other places in the codebase that still reference
> [[Class]].
> 
> This change should have minimal impact on web-compatibility. For the
> change to be observable, a script must do one of the following:
> 
> 1. delete APIConstructor.prototype[Symbol.toStringTag];
> 2. Object.setPrototypeOf(apiObject, somethingElse);
> 
> Before this CL, these changes will not change the apiObject.toString()
> output. But after this CL, they will make apiObject.toString() show
> "[object Object]" (in the first case) or the @@toStringTag of the other
> prototype (in the latter case).
> 
> However, both are deemed unlikely. @@toStringTag is not well-known
> feature of JavaScript, nor does it get tampered much on API
> constructors. In the second case, setting the prototype of an API object
> would effectly render the object useless, as all its methods (including
> property getters/setters) would no longer be accessible.
> 
> Currently, @@toStringTag-based API object branding is not yet
> implemented by other browsers. This V8 bug in particular has been an
> impediment to standardizing toString behavior. Fixing this bug will
> unblock [3] and lead to a better Web IDL spec, and better toString()
> compatibility for all.
> 
> [1]: https://www.w3.org/Bugs/Public/show_bug.cgi?id=28244
> [2]: https://crrev.com/909c0d7d5a53c8526ded351683c65ea7d17531d4
> [3]: https://github.com/heycam/webidl/pull/357
> 
> Bug: chromium:793406
> Cq-Include-Trybots: luci.chromium.try:linux-rel
> Change-Id: Iceded24e37afa2646ec385d5018909f55b177f93
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2146996
> Commit-Queue: Timothy Gu <timothygu@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#67327}

TBR=verwaest@chromium.org,timothygu@chromium.org

Change-Id: I678d2ffc1064b1d1ddb62024cc23c6c41b216ef4
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:793406
Cq-Include-Trybots: luci.chromium.try:linux-rel
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163956Reviewed-by: 's avatarBill Budge <bbudge@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67349}
      213016d6
  3. 23 Apr, 2020 17 commits