- 11 Sep, 2019 7 commits
-
-
Santiago Aboy Solanes authored
Bug: v8:6949, v8:9396 Change-Id: I19b865bea9ebe40f8f96cd220963cd3181412c82 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792906 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by:
Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#63673}
-
Michael Lippautz authored
Do not assume that the MaybeHandle that is returned when fetching for a property is valid and instead check for its contents. Treat an empty handle as not finding the right property. Bug: chromium:1002827 Change-Id: Iac158086ec5f66cd9602f4a73ae78de367dd3e77 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796556 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#63672}
-
Victor Gomes authored
From verwaest@ work on the Json's parser, we know that removing the allocation type argument when creating objects using the factory class increases performance. This will also allow us to optimise these functions in a latter CL. Change-Id: If78f62a63fe41453f4def8bea77b6eddc2ab7f36 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792168Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Commit-Queue: Victor Gomes <victorgomes@google.com> Cr-Commit-Position: refs/heads/master@{#63670}
-
Santiago Aboy Solanes authored
functionality is: If rhs_is_smi is true, we are sure that rhs is a Smi. If rhs_is_smi is false, rhs might or not be a Smi. Therefore, rhs_known_smi fits better. Change-Id: Ie6dd0446ef85ba0730189e2012a21c24d1731b74 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796551Reviewed-by:
Mythri Alle <mythria@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#63669}
-
Santiago Aboy Solanes authored
Bug: v8:6949, v8:9396 Change-Id: If9fa66de4aecfe72c30ac81c563216fd5e057eb3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792903 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by:
Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#63667}
-
Simon Zünd authored
This CL changes how variables are resolved during debug evaluate. We now re-parse the whole script when creating a ScopeIterator. This gives us accurate scope information for all parent scopes of the closure in which we stopped. Using this information, we build blacklists of stack-allocated variables. Each context on the chain in between the closure context up to the original native context is wrapped in a debug-evaluate context with such a blacklist attached. Variable lookup for debug-evalute contexts then works as follows: 1) Look up in the materialized stack variables (stayed the same). 2) Check the blacklist to find out whether to abort further lookup. 3) Look up in the original context. Steps 1-3 is repeated for each debug-evaluate context, since they mirror the original context chain. R=ulan@chromium.org, yangguo@chromium.org Change-Id: Ied8e5786772c70566da9627ee3b7eff066fba2b4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795354Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Yang Guo <yangguo@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#63666}
-
Mu Tao authored
Fix build errors introduced by commit af063685 and not fully fixed by commit db3cc4a2 Change-Id: Ifdc92f5d55061670127999058d374914985df762 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795643Reviewed-by:
Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Mu Tao <pamilty@gmail.com> Auto-Submit: Mu Tao <pamilty@gmail.com> Cr-Commit-Position: refs/heads/master@{#63665}
-
- 10 Sep, 2019 25 commits
-
-
Frank Tang authored
Bug: chromium:997401 Change-Id: I7a78f4ad1fd05ab2bb2dbcd343060b2647aef4e6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771954 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#63660}
-
Michael Lippautz authored
Reuse the existing builtin and extension infrastructure to provide a garbage collection mechanism that allows for asynchronous execution. On --expose-gc, this changes the gc call to parse parameters the following: (1) Parse options when encountering an options object with known properties. (2) No parameters is parsed as {type: 'major', execution: 'sync'}. (3) Truthy parameter that is not setting options is parsed as {type: 'minor', execution: 'sync'}. (2) and (3) preserve backwards compatibility for existing callers as this may be used widely across various test and benchmarking infrastructures. Valid options: - type: 'major' or 'minor' for full GC and Scavenge, respectively. - execution: 'sync' or 'async' for synchronous and asynchronous execution respectively. Returns a Promise that resolves when GC is done when asynchronous execution is requested, and undefined otherwise. Note: This is implemented as builtin to avoid having any stack at all. This information is also passed to the embedder to allow skipping stack scanning. Change-Id: Ie5c9b6f0d55238abfeb9051ffa1837501d474934 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1793143 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
Yang Guo <yangguo@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#63659}
-
Santiago Aboy Solanes authored
Bug: v8:6949, v8:9396 Change-Id: I4c9382079190379661a26fbe6e1f4f6040a56d08 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792902 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#63658}
-
Gus Caplan authored
Bug: v8:9553 Change-Id: I376d4bd3d1554e1ed0bdeea79c47bd2a45e643d8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795886 Commit-Queue: Adam Klein <adamk@chromium.org> Reviewed-by:
Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#63657}
-
Z Nguyen-Huu authored
Bug: v8:8976 Change-Id: I281dc72dcdf03a1d05fdc632c9e9228d62bd85b8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1783099 Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#63656}
-
Milad Farazmand authored
Port f72c844a Original Commit Message: Port f5ab7d38 Port 65f3861e Original Commit Message: In a new test suite: "wasm-api-tests", using a new binary "wasm_api_tests", powered by gtest/gmock (like unittests). Also fix a bunch of issues that these tests uncovered, mostly to ensure that the stack is walkable. R=miladfar@ca.ibm.com, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: Id52e771fee79210d6c295cecf56a322657cf2b8f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795864 Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com> Reviewed-by:
Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#63655}
-
Clemens Hammacher authored
This reverts commit d7d25d2a. Reason for revert: crashes win32-debug: https://ci.chromium.org/p/v8/builders/ci/V8%20Win32%20-%20debug/21970 Original change's description: > [wasm] Patch jump tables in all code spaces > > If there are multiple code spaces, make sure to patch the jump tables > in all of them. > > R=mstarzinger@chromium.org > > Bug: v8:9477 > Change-Id: I2ec3d3de913b99623fd310004555337329588da0 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789289 > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Commit-Queue: Clemens Hammacher <clemensh@chromium.org> > Cr-Commit-Position: refs/heads/master@{#63651} TBR=mstarzinger@chromium.org,clemensh@chromium.org Change-Id: I4bdeb7394ebf002e3a84fececb0defba8bc9065d No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:9477 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796064Reviewed-by:
Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#63654}
-
Igor Sheludko authored
This reverts commit 05d83a0e. Reason for revert: We passed the M78 branch point and should proceed testing the new elements kinds support. Original change's description: > Temporarily disable frozen/sealed elements kinds > > ... to prepare for merging this back to stable channel. > > Bug: chromium:992914 > Change-Id: Icbb257b5c02417d9222e60346575567360376264 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762021 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > Auto-Submit: Igor Sheludko <ishell@chromium.org> > Cr-Commit-Position: refs/heads/master@{#63277} TBR=leszeks@chromium.org,ishell@chromium.org # Not skipping CQ checks because original CL landed > 1 day ago. Bug: chromium:992914, v8:996176 Change-Id: Iaa36c140c0c9c72ca0e58f5c3e7d4cad67027085 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795342Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Reviewed-by:
Igor Sheludko <ishell@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#63653}
-
Leszek Swirski authored
Rather than duplicating code paths for in- and out-of-object stores, have one code path which checks whether it needs to load the property store (and change the storage location to the HeapNumber value for unboxed doubles). As a drive-by, change the representation dispatch into a switch, and inline the representation checks into that switch, to make explicit what checks for what and which paths transform the value. Also, TNodify some of the surrounding functions. Change-Id: Ia1bf698b4cec3ffce9aaa5732cda2e3be9efd8e8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795345Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#63652}
-
Clemens Hammacher authored
If there are multiple code spaces, make sure to patch the jump tables in all of them. R=mstarzinger@chromium.org Bug: v8:9477 Change-Id: I2ec3d3de913b99623fd310004555337329588da0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789289Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#63651}
-
Bill Budge authored
- Eliminates non-const reference parameters in src/objects. Bug: v8:9429 Change-Id: Ic39a59d54bda26c622db29f07143055c3cc6c7a0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1794683Reviewed-by:
Clemens Hammacher <clemensh@chromium.org> Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#63650}
-
Ana Peško authored
This CL changes how we handle the case when both --regexp-tier-up and --regexp-interpret-all flags are on. Previously, we had a CHECK that would crash if both flags were turned on, now we turn off the tier-up flag and print a warning message. Change-Id: I902a59cac9aaf316be05ab2acaee233aa32e023d Bug: chromium:1002242 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795353Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Commit-Queue: Ana Pesko <anapesko@google.com> Cr-Commit-Position: refs/heads/master@{#63648}
-
Joshua Litt authored
Bug: v8:9463 Change-Id: I49d74c5103f4ee2e09114a609cffe82c838655dc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792782Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Commit-Queue: Joshua Litt <joshualitt@chromium.org> Cr-Commit-Position: refs/heads/master@{#63646}
-
Simon Zünd authored
An upcoming CL will remove the COLLECT_NON_LOCALS support of the ScopeIterator. The DebugStackTraceIterator uses the list of non-locals to restore the receiver for arrow functions. This CL extracts the relevant logic into a small helper and calls it directly. Change-Id: Ia396fd599e41ca65810497d2f5228619cfdf7cc4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795347Reviewed-by:
Yang Guo <yangguo@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#63645}
-
Rong Wang authored
This CL is necessary for disabling write-barriers that involoves referencing pages via address arithmetic, which is required from third-party heap implementation. Change-Id: I1d3f572d48015e5c8cf691b2dc71a32834621c2f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1781008Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#63644}
-
Clemens Hammacher authored
Since we switched to C++14 now, we can use {std::make_unique} instead of our own {base::make_unique} from {template-utils.h}. R=mstarzinger@chromium.org, yangguo@chromium.org Bug: v8:9687 No-Try: true Change-Id: I660eb30038bbb079cee93c7861cd87ccd134f01b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789300 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by:
Yang Guo <yangguo@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#63642}
-
Thibaud Michaud authored
This is meant to check the performance impact of: https://chromium-review.googlesource.com/c/v8/v8/+/1776085/3 R=neis@chromium.org Bug: v8:9088 Change-Id: I8aad5272c1427b8bcaca02bdd0e51bf2779f7451 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1781054Reviewed-by:
Georg Neis <neis@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/master@{#63641}
-
Suraj Sharma authored
based on dicussion at docs.google.com/document/d/1UzCOai9H07fYcSaSqvF_H7BS2-sF5q91A4r9O1mRnHc/ Bug: v8:9305 Change-Id: I7464d4267b6465cc02bc27dffb602c8871d846f9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1696285 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#63640}
-
Mythri A authored
We don't handle all cases for stores to typed arrays in the builtins related to storing a property. Bailout to runtime when storing into a typed array if the property is not found on the object. Bug: chromium:996161 Change-Id: I684c7c4f526b15cdfb5bfe3fd23218910486a59e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789396 Commit-Queue: Mythri Alle <mythria@chromium.org> Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#63639}
-
Dominik Inführ authored
No invalidation of slots necessary for String::MakeThin. ThinString only stores tagged value, so it can't store an untagged value in a recorded slot. CreateFillerObjectAt takes care of slots in case of right-trimming objects. Bug: v8:9454 Change-Id: Id16e8ebceb334a845bdbf77282fbeb2069efce7d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1794682Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/master@{#63637}
-
Dan Elphick authored
When analyzing functions scopes with the script_scope as parent, don't skip migrating unresolved variables upwards if we could still be inside an arrow head, which means accesses to those variables will be correctly context allocated. Bug: v8:8510, chromium:1000094 Change-Id: I684f2f8bc692de420203990f93e5c943b5b769c9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789705Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Cr-Commit-Position: refs/heads/master@{#63635}
-
Milad Farazmand authored
Port af063685 R=bbudge@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: Iccbb0a968cd8490cfa1191ea8adb31007739b297 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1790544Reviewed-by:
Junliang Yan <jyan@ca.ibm.com> Reviewed-by:
Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#63634}
-
Mu Tao authored
Fix build errors introduced by commit af063685 Change-Id: I467ea39f020d07bed00875f69152191b94029dd1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1794327 Auto-Submit: Mu Tao <pamilty@gmail.com> Reviewed-by:
Bill Budge <bbudge@chromium.org> Reviewed-by:
Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#63633}
-
Mu Tao authored
Port 9f01d5c1 Original Commit Message: Stack overflow checks are typically implemented as part of the TurboFan graph of a function. This means that the stack check code is executed after frame construction. When a frame is too big, though, there may not be enough space on the stack anymore to throw the stack overflow exception after frame construction. With this CL we do an additional stack check before frame construction for functions with big frames. As discussed offline with mstarzinger, I do this change currently only for WebAssembly. This CL contains only the changes for arm. I will do the other platforms in separate CLs R=xwafish@gmail.com Change-Id: I46c6dd8fac1385e5da13e03cfffd9c640a7c2c57 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792582 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
Andreas Haas <ahaas@chromium.org> Auto-Submit: Mu Tao <pamilty@gmail.com> Cr-Commit-Position: refs/heads/master@{#63632}
-
Michael Starzinger authored
R=mvstanton@chromium.org BUG=v8:9396 Change-Id: Iaf1f6af19d3c4236c6f1c4b215b90b2e390e81d3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789297 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
Zhi An Ng <zhin@chromium.org> Reviewed-by:
Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#63631}
-
- 09 Sep, 2019 8 commits
-
-
Zhi An Ng authored
This reverts commit 306bb635. Reason for revert: Fails on Win64 msvc https://ci.chromium.org/p/v8/builders/ci/V8%20Win64%20-%20msvc/10601 Original change's description: > [wasm-simd] Implement F64x2ConvertI64x2 for x64 > > Bug: v8:8460 > Change-Id: Icefb90c67af77ac93bd75b4e452ba426232de83a > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710332 > Commit-Queue: Zhi An Ng <zhin@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Reviewed-by: Bill Budge <bbudge@chromium.org> > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > Cr-Commit-Position: refs/heads/master@{#63627} TBR=bbudge@chromium.org,mstarzinger@chromium.org,gdeepti@chromium.org,zhin@chromium.org Change-Id: I3ad568ec01f93e89ccc758170681035413b8414e No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:8460 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792232Reviewed-by:
Zhi An Ng <zhin@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#63628}
-
Ng Zhi An authored
Bug: v8:8460 Change-Id: Icefb90c67af77ac93bd75b4e452ba426232de83a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710332 Commit-Queue: Zhi An Ng <zhin@chromium.org> Reviewed-by:
Michael Starzinger <mstarzinger@chromium.org> Reviewed-by:
Bill Budge <bbudge@chromium.org> Reviewed-by:
Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/master@{#63627}
-
Santiago Aboy Solanes authored
TNodify: * FloatOp * BigIntOp * Loads into their respective types * return type of: * GetContextAtDepth * ConstructWithSpread * Construct * CallBuiltin Also TNodify CheckEnumCache in code-stub-assembler. Bug: v8:6949, v8:9396 Change-Id: I79a90296b4851e47f4b89ed52fadfc9b61be1e6a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789161 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#63625}
-
Ana Peško authored
This CL implements the tier-up strategy where the interpreter can be used for an arbitrary number of executions for every regex, before tiering-up to the compiler. The only exception is for functional global replaces, where we eagerly tier-up to native code right away. To use the tier-up logic --regexp-tier-up=value needs to be set. It is currently set to 0 by default. Change-Id: I770857e5eae710a952fe47661cb42957c53848b4 Bug: v8:9566 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789299 Commit-Queue: Ana Pesko <anapesko@google.com> Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#63623}
-
Bill Budge authored
Bug: v8:9429 Change-Id: I13780eab38230ea62334485e10a5fa4dbb432e90 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789395 Commit-Queue: Bill Budge <bbudge@chromium.org> Reviewed-by:
Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#63622}
-
Andreas Haas authored
The fuzzer found a crash when we want to execute the {valueOf} function of an imported value for an i64-global. The problem is that we cannot execute JavaScript at that moment (I did not check why, I guess we open some scope at some point). I checked the WebAssembly spec now, and it defines that only numbers are valid values for imported globals. I adjust our bigint implementation accordingly with this CL, i.e. that only bigint values are valid as imported i64-globalsl. I also created github issues to discuss this problem. R=jkummerow@chromium.org Bug: chromium:1001804 Change-Id: I47f0b31fab53163346f341ad290fd3c58e7707bf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792167 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#63621}
-
Igor Sheludko authored
... to make them unique. With this fix the --trace-turbo no longer overwrites bytecode handler graphs and --trace-turbo-filter allows to select exact bytecode handler version. Bug: v8:9396 Change-Id: I260edc8872e320aadd5d70aa95cf5bf2cd24b22f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792904 Commit-Queue: Igor Sheludko <ishell@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Igor Sheludko <ishell@chromium.org> Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#63620}
-
Santiago Aboy Solanes authored
TNodified: * AbortIfRegisterCountInvalid * MaybeDropFrames * TraceBytecodeDispatch * UpdateInterruptBudget * OperandOffset There are currently no more Node* in interpreter-assembler! Bug: v8:6949 Change-Id: I352a1fd18444c6ffb0f85d95f5da2e3e4a1681e1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1787432 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#63618}
-