- 11 Jul, 2019 22 commits
-
-
Michael Starzinger authored
This adds support for properly importing {WebAssembly.Function} objects that were constructed in JavaScript and just wrap a JavaScript callable. R=ahaas@chromium.org TEST=mjsunit/wasm/type-reflection BUG=v8:7742 Change-Id: I00e01db0d85b83d405eb28517d00fba62c253985 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1690949 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#62641}
-
Frank Tang authored
https: //chromium.googlesource.com/external/github.com/tc39/test262/+log/079b00..1ef21eb Bug: v8:7834 Change-Id: I0c6b42c4bd13839138cf333a311bdd5404dc4496 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1687062Reviewed-by: Mathias Bynens <mathias@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#62640}
-
Jakob Kummerow authored
Change-Id: I871659626b41a15723f92150f6f076d356313136 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1691028 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#62639}
-
Georg Neis authored
This reverts commit a6eabacf. Reason for revert: as planned Original change's description: > Disabe FLAG_turbo_control_flow_aware_allocation again > > A few changes have been made to this feature and disabling it lets us > best see its current performance impact. > > Bug: v8:9088 > Change-Id: I54d5e09f3fcece215e29d66d5bdb3f19ba07bda0 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1690954 > Reviewed-by: Sigurd Schneider <sigurds@chromium.org> > Commit-Queue: Sigurd Schneider <sigurds@chromium.org> > Cr-Commit-Position: refs/heads/master@{#62586} TBR=neis@chromium.org,sigurds@chromium.org # Not skipping CQ checks because original CL landed > 1 day ago. Bug: v8:9088 Change-Id: I13b94d90cfb2d8e9372291645729e05b79a9a6ea Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1697243Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#62638}
-
Darius Mercadier authored
Change-Id: Ic483412145cabd2fce8f556fd56ca352dbe4ce17 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1695466Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Darius Mercadier <dmercadier@google.com> Cr-Commit-Position: refs/heads/master@{#62637}
-
Lei Zhang authored
In a DCHECK inside AddExport(), MSVC gives a C4018 signed/unsigned mismatch warning. Use a cast to silence this. Change-Id: Ie388b95b183d2ca3649475fe2206171800673f88 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1697043 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Auto-Submit: Lei Zhang <thestig@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#62636}
-
Darius Mercadier authored
Bug: v8:9329 Change-Id: I28619fef8f206fcb749b8974bb3e7547d6da402e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1687423 Commit-Queue: Darius Mercadier <dmercadier@google.com> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#62635}
-
Peter Marshall authored
Add a bit on the isolate which indicates that the stack is currently not iterable for the SafeStackFrameIterator. This is needed during deoptimization, when we do a fast C call without a return address on the stack, meaning we can't iterate the stack frames. Re-enable DeoptAtFirstLevelInlinedSource which is fixed by this CL. Bug: v8:9057 Change-Id: I76379a2dd38023be7e6f5153edeb1f838e9ac4d6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1688049 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#62634}
-
Clemens Hammacher authored
This removes the last remaining use of the AbortJS opcode. We now use AbortCSAAssert instead, which is not influenced by the --disable-abortjs flag. The AbortJS runtime function should only be called from JS now. R=mstarzinger@chromium.org Bug: v8:9396 Change-Id: I791da99594f9e1e99991ac8b03e943297d7d41e3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1695476 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#62633}
-
Michael Starzinger authored
This fixes a corner-case where a {WasmExportedFunction} that represents a re-export of a JavaScript callable from another module was identified correctly, but not all corner-cases were correctly covered. Concretely we failed to check for function signatures incompatible with JavaScript. R=ahaas@chromium.org TEST=mjsunit/regress/wasm/regress-9447 BUG=v8:9447 Change-Id: Ia6c73c82f4c1b9c357c08cde039be6af100727d6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1690941 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#62632}
-
Jakob Gruber authored
Prior to this CL, it was possible to pollute another context's fast/slow-path state for RegExp builtins due to the species protector being per-isolate rather than per-context. Among other things, this means that iframes can slow down the main site, and slowdowns persist across page reloads and navigation within the same tab. This CL thus moves the RegExpSpeciesProtector to the native context. The same should be done for all other protectors in the future. Bug: chromium:977382, v8:5577, v8:9463 Change-Id: I577f470229cb9dfcd4a88c20b1b9111c65a9b85f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1695465 Auto-Submit: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#62631}
-
Dan Elphick authored
This reverts commit e8d86597. Reason for revert: crbug.com/981701 Original change's description: > [parsing] Improve elision of hole checks for default parameters > > Use the position of the next parameter to be declared as the end of the > initializer for default parameters, so that hole checks can be elided > for initializers using previous parameters in arrow functions. > > This fixes a source of bytecode mismatches when collecting source > positions lazily. > > Bug: chromium:980422, v8:8510 > Change-Id: I5ab074231248b661156e7d8e47c01685448b56d5 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1683267 > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Commit-Queue: Dan Elphick <delphick@chromium.org> > Cr-Commit-Position: refs/heads/master@{#62525} TBR=verwaest@chromium.org,delphick@chromium.org # Not skipping CQ checks because original CL landed > 1 day ago. Bug: chromium:980422, v8:8510 Change-Id: I3abd70a1fb00967e58b46177655a0078e24db720 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1697242Reviewed-by: Dan Elphick <delphick@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Cr-Commit-Position: refs/heads/master@{#62630}
-
Jakob Kummerow authored
Change-Id: I7bce20f1f8b0a2ca2fe86cd65905e9ea65134e27 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1691027 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#62629}
-
Peter Marshall authored
We don't use this anywhere, it's always true. Change-Id: Iae16a108f036de5eddd1b9741e554ddd4eac8c83 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692928 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#62628}
-
Andreas Haas authored
At the moment we cancel all {AsyncCompileJobs} when a context of an isolate gets disposed. However, there can be multiple contexts per isolate, which meant that in some cases we canceled compilations even though their context was still alive. With this CL we only abort the compilations of the native context, which is typically the context that is being disposed. This is a small change that can be merged back. I plan to do a proper change later which extends the V8 API so that the embedder provides a handle to the context that is disposed. R=clemensh@chromium.org Bug: chromium:980876 Change-Id: I278bc30f084fe31fa409f1d4f913f1186b4809ec Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692939 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#62627}
-
Clemens Hammacher authored
The {FrameScope} with {StackFrame::NONE} just sets the {has_frame_} field in the {TurboAssembler}, so it's fine to just unconditionally do that. The field will be reverted to the previous state when the {FrameScope} dies. R=mstarzinger@chromium.org Bug: v8:9396 Change-Id: Iec56a9bd45d19eda689ff033df58928d6edbdcf0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692930 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#62626}
-
Clemens Hammacher authored
R=ahaas@chromium.org Bug: v8:9429, v8:9396 Change-Id: If26b9a480261c1625b6844b05de5323648ab34b6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1687544Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#62625}
-
Clemens Hammacher authored
This refactors some CSA methods to receive an initializer list instead of endless parameters, and simplifies the macros used to generate the respecive calls. R=tebbi@chromium.org Bug: v8:9396, v8:7629 Change-Id: I318e785da62f139ed9e70df631c426fe1609a42a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1693002 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#62624}
-
Clemens Hammacher authored
The {msg} argument to Assembler::stop is dead since https://crrev.com/2178093003 (July 2016). This CL removes it. R=mstarzinger@chromium.org Bug: v8:9396 Change-Id: I1593361709ab4977760f1ea21e3008797ef99cab Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692925 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#62623}
-
Clemens Hammacher authored
The existing AbortJS runtime function can be disabled via --disable-abortjs (which the fuzzers use), but we never want to disable CSA assertions. Hence use a separate runtime function for those. This will also reduce the size of generated strings, since the "CSA_ASSERT failed: " prefix is not part of those strings any more. As a drive-by, this renames all occurences of "DebugAbort" to "AbortJS" to be consistent in that name. R=mstarzinger@chromium.org, tebbi@chromium.org Bug: v8:9453 Change-Id: I52e48032a1d58f296f0364fe8d917e45a2603a2c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692921 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#62622}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/6016ce5..40634f1 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/5cc5f6e..b79dda9 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/3b07526..d3f6994 TBR=machenbach@chromium.org,sergiyb@chromium.org,tmrts@chromium.org Change-Id: I4b4ce167e5d6cee8ea185c9c9bbdfe0bfa80cd1b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1697082Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#62621}
-
jing.bao authored
Vtune logging for WASM can't work after https://chromium-review.googlesource.com/c/v8/v8/+/1602700. This CL adds detection for logger()->is_listening_to_code_events() which is true with jit_logger_ set under ENABLE_VTUNE_JIT_INTERFACE, because code_event_dispatcher()->IsListeningToCodeEvents() remains false with jit_logger_. Contributed by yolanda.chen@intel.com Change-Id: I1e6e67345ffbbe30fbf5faa0e344c34e606ec81f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692484Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Jing Bao <jing.bao@intel.com> Cr-Commit-Position: refs/heads/master@{#62620}
-
- 10 Jul, 2019 10 commits
-
-
Michael Achenbach authored
TBR=tmrts@chromium.org NOTRY=true Change-Id: Ief480c6d9c2326a875a57d04bec5ec65f9ff0fe5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1695479Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#62619}
-
Mathias Bynens authored
NOTRY=true Bug: v8:7834 Change-Id: Ifc6c807d19d10b447aab6c4f21c1a640fe4f3a10 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1695468 Commit-Queue: Mathias Bynens <mathias@chromium.org> Auto-Submit: Mathias Bynens <mathias@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#62618}
-
Clemens Hammacher authored
The {InterpretWasmModuleForTesting} is used to determine whether a module is cheap enough to execute the compiled code (there is a cap on the number of executed instructions). If the module executes too much code, {InterpretWasmModuleForTesting} returns {false}. The check for a stack overflow was missing though, so it would return {true} in that case, and the compiled code would be executed. This can lead to timeouts. R=ahaas@chromium.org Bug: chromium:947909 Change-Id: I0b003963d3ca548f388fdf4ec4995c4199656f91 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1693011Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#62617}
-
Michael Starzinger authored
This adds test coverage for calling "table.set" with a constructed {WebAssembly.Function} object that uses a signature incompatible with JavaScript. R=ahaas@chromium.org TEST=mjsunit/wasm/type-reflection BUG=v8:7742 Change-Id: I939d63db85b4eb9cffe5a901efe477397f20f925 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1691917Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#62616}
-
Mike Stanton authored
... for building the TurboFan graph from bytecode concurrently. Bug: v8:7790 Change-Id: Iceb838990355ee76e2dabb8a00ed5464d41764c2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1681120 Commit-Queue: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#62615}
-
Clemens Hammacher authored
This reverts commit 8f8ae4f8. Reason for revert: Still failing layout tests: https://ci.chromium.org/p/v8/builders/ci/V8-Blink%20Linux%2064/33036 Original change's description: > Reland: Serialize native errors > > This is a reland of https://crrev.com/c/v8/v8/+/1649257. The original > change was reverted because it conflicted with a blink-side serialization > tag. > > Make native errors serializable. > > The implementation is mostly straightforward, but there is one > exception: the stack property. Although the property is not specified, > the spec for error cloning asks us to preserve the property if > possible. This implementation serializes the property only when it is > a string, and otherwise ignores it. > > Spec: https://github.com/whatwg/html/pull/4665 > Intent-to-Ship: https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/f8JngIi8qYs > > Bug: chromium:970079 > Change-Id: Ic1ff07be2c5be415bfb564fa3975bc1a55a06a72 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692366 > Reviewed-by: Simon Zünd <szuend@chromium.org> > Commit-Queue: Yutaka Hirano <yhirano@chromium.org> > Cr-Commit-Position: refs/heads/master@{#62607} TBR=jbroman@chromium.org,yhirano@chromium.org,szuend@chromium.org Change-Id: Ia52b3e3997663fc293e9d217e5a56544b28d050d No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:970079 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1695462Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#62614}
-
Yang Guo authored
Change-Id: Iabb9e75b62f13a3bd08114941880c1d4a7f74d8c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1687278 Commit-Queue: Yang Guo <yangguo@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#62613}
-
Peter Marshall authored
This makes it clearer what this class does, and is more consistent with the terminology used by ignition (BytecodeGenerator). Change-Id: I9085f29f437cf15605a5ae971b1fc72d6c79feaa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692923Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#62612}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/bd69e87..6016ce5 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/dd686e3..5cc5f6e Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/92afaf5..3b07526 Rolling v8/third_party/googletest/src: https://chromium.googlesource.com/external/github.com/google/googletest/+log/d700357..437e100 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/686128d..7cefad2 TBR=machenbach@chromium.org,sergiyb@chromium.org,tmrts@chromium.org Change-Id: I9eae00dc1607c51f1a4231d5a59a42ced8eb6ed5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1694542Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#62611}
-
Ng Zhi An authored
Bug: v8:9372 Change-Id: Ia25d6a5e1950a89e945cb4fdbdf166bdfb0d3c00 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1688429Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#62610}
-
- 09 Jul, 2019 8 commits
-
-
Seth Brenith authored
Bug: v8:9337 Change-Id: Ib17a205d1f0d70c0d422dd6cd85239e71355da84 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692195Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/master@{#62609}
-
Z Nguyen-Huu authored
a7732341 missed a case when receiver is Smi in TryPrototypeChainLookup. Bug: chromium:980292, chromium:980226 Change-Id: Ife6be4541d6b280253a7e87cf6f57c96efe8300f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1687283 Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com> Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#62608}
-
Yutaka Hirano authored
This is a reland of https://crrev.com/c/v8/v8/+/1649257. The original change was reverted because it conflicted with a blink-side serialization tag. Make native errors serializable. The implementation is mostly straightforward, but there is one exception: the stack property. Although the property is not specified, the spec for error cloning asks us to preserve the property if possible. This implementation serializes the property only when it is a string, and otherwise ignores it. Spec: https://github.com/whatwg/html/pull/4665 Intent-to-Ship: https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/f8JngIi8qYs Bug: chromium:970079 Change-Id: Ic1ff07be2c5be415bfb564fa3975bc1a55a06a72 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692366Reviewed-by: Simon Zünd <szuend@chromium.org> Commit-Queue: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#62607}
-
Z Nguyen-Huu authored
This DCHECK is unnecessary because the object can be sealed or frozen before it is set as a prototype map. The repro is Object.seal(Object);// Object is HOLEY_FROZEN_ELEMENTS const v3 = Object(); v3.__proto__ = Object; // Set prototype map bit and dictionary map bit const v6 = Object.seal(Object); // Turn Object to DICTIONARY_ELEMENTS Bug: chromium:980168 Change-Id: Iec50249d0ff0c5ed959201707b837871fcb88a02 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1687280 Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#62606}
-
Tobias Tebbi authored
The slow-path emitted by the memory optimizer now checks if large object allocations were allowed before going ahead and allocating a large object. This is important because manual allocation folding in CSA must not be performed on a large object. Bug: v8:9388 Change-Id: I74b840c9c9276bd17611842e0eae7b0e58b142d2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1675960 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#62605}
-
Dominik Inführ authored
Right trimming of arrays was deleting old-to-new slots during a GC pause. Disable slots removal for right trimming of arrays and ensure no more slots are deleted during a GC pause. Bug: v8:9454 Change-Id: I6268d63b82713d765247dca4aaadadfe275b7dcd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1691915Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/master@{#62604}
-
Pierre Langlois authored
The info tab says that 'i' reveals outputs and 'o' reveals inputs, it should be the opposite. Bug: v8:7327 Change-Id: I1bf96653129e14ef315a01dc2c7a3083c9caa5bb Notry: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692929 Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Auto-Submit: Pierre Langlois <pierre.langlois@arm.com> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#62603}
-
Santiago Aboy Solanes authored
Decompressing with Any just chooses one of the decompressions (Signed or Pointer). Since we already know which decompression it is going to choose, we save ourselves a whole bunch of instructions by just skipping that. Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng Bug: v8:7703 Change-Id: I0173931536e7ba83fa3572ceb50b176409f0b6c5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1691916Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#62602}
-