- 16 Jan, 2020 16 commits
-
-
Jakob Gruber authored
Function calls can push arguments onto the stack. The consumed stack slots are not considered by the function-entry stack check, since initial frame setup only reserves space for local slots, not call arguments. This CL adds such logic by tracking the maximum pushed argument count during instruction selection, and adding these slots to the (existing) stack check offset logic in code generation. Bug: chromium:1030167 Change-Id: I26a9407cf38009839b1dda2ff0c8ec297c15ed8d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2002540 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#65814}
-
Leszek Swirski authored
Fixed: v8:10129 Bug: chromium:1011762 Change-Id: I2b2398178a56c5378c95fccac57040a6eddda560 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2004609 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#65813}
-
Tobias Tebbi authored
Bug: v8:7793 Change-Id: I8334a97033ebfa4bbd6bba27eb75c6ae129deab5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1995384 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#65812}
-
Bartek Nowierski authored
This reverts commits - 63dc5556 Add a debug v8 API SetDetachedWindowReason - 96458105 Introduce and emit "function calls in detached window" use counters. - db18e495 PPC/s390: Add a debug v8 API SetDetachedWindowReason Note, macro-assembler-x64.cc isn't reverted b/c DCHECK_NE is currently in a better place. Reason for revert: No longer needed. It was intended for only 1 milestone. Bug: chromium:1018156,chromium:1023293 Change-Id: Ic1c19e6e12bb4ac967cf8e687a77c58edc405833 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2004133 Auto-Submit: Bartek Nowierski <bartekn@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Bartek Nowierski <bartekn@chromium.org> Cr-Commit-Position: refs/heads/master@{#65811}
-
Toon Verwaest authored
This way we don't need to generate bytecodes to push the context. This drops the stack trace for redeclaration SyntaxErrors but keeps the message location. This is in line with what we do for other SyntaxErrors. Change-Id: Id8e3cc348b4d56a8196753baf51cfd810f07512b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1997439 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Simon Zünd <szuend@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#65810}
-
Jakob Gruber authored
The advance-by parameter can contain negative numbers, but until this CL was treated as unsigned. Bug: v8:10072,v8:9330 Change-Id: Ib9a9c2d47ba71fa819e89502d14871af6dfc9693 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2002543 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Auto-Submit: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#65809}
-
Tobias Tebbi authored
Bug: v8:7793 Change-Id: I4fc039711eb9aa9d551144ea6fccc926d4803349 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1993290 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/master@{#65808}
-
Hannes Payer authored
Change-Id: I6eb3c9c6ff25a58b2c7d0d233926514606e7ff5a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1995395 Commit-Queue: Hannes Payer <hpayer@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#65807}
-
Georg Neis authored
These safepoints weren't needed and weren't even valid (e.g. pointing to the wrong instruction). The exception are Wasm C API functions, where we do need a safepoint (and can work around the invalid address). Bug: v8:10037 Change-Id: I597c33dbd542394990fbd006ba8c16ccff7e260e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2002530 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#65806}
-
Georg Neis authored
... and remove a related, unused function. Bug: v8:7790 Change-Id: I803f4b747220a1722e096ef77fcc6c8a9e18fe1a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2002534Reviewed-by: Mythri Alle <mythria@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#65805}
-
Leszek Swirski authored
Bug: v8:10129 Bug: chromium:1011762 Change-Id: I1c2cc16326e2efb9f126ddcc0cc232229a94d0ae Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2002545 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/master@{#65804}
-
Dan Elphick authored
Changes FastCheck failures to just call Unreachable (which in turn calls DebugBreak) instead of DebugBreak and then returning to just after the check. FastCheck is only called in release builds so this does not affect debug builds. This reduces the embedded instruction size from 1249720 to 1246812 (2908 bytes) for ARM. Change-Id: If4b9b6810a53d64262a0fa9c2a1903e022748a22 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2002538Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Cr-Commit-Position: refs/heads/master@{#65803}
-
Andreas Haas authored
DebugBreak allows you to put break points into generated code. When executed in gdb, the execution will stop in the generated code at the break point. R=clemensb@chromium.org Change-Id: I5607d7ec45d4910412c7adff5ae9bea2c9498909 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2002536 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#65802}
-
Georg Neis authored
This reverts commit e04fbec1. Reason for revert: Innocent. Original change's description: > Revert "Make NoSideEffectsToString gracefully handle huge msgs on error objects" > > This reverts commit b0ebfabc. > > Reason for revert: Speculative revert for nvidia bot failure: https://ci.chromium.org/p/v8/builders/ci/Linux%20V8%20FYI%20Release%20(NVIDIA)/7953 > > Original change's description: > > Make NoSideEffectsToString gracefully handle huge msgs on error objects > > > > Bug: chromium:1032512 > > Change-Id: I323981a08e316ebc10c729f2f04b7832373937b0 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1962865 > > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > > Commit-Queue: Georg Neis <neis@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#65782} > > TBR=neis@chromium.org,jgruber@chromium.org > > Change-Id: Ibdc1efccab3edcd05dd1df99ad0263ea4bce9989 > No-Presubmit: true > No-Tree-Checks: true > No-Try: true > Bug: chromium:1032512 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2002532 > Reviewed-by: Clemens Backes <clemensb@chromium.org> > Commit-Queue: Clemens Backes <clemensb@chromium.org> > Cr-Commit-Position: refs/heads/master@{#65793} TBR=neis@chromium.org,jgruber@chromium.org,clemensb@chromium.org Change-Id: I9b2f745b15495e21c21c3198f2362437dc4376c1 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:1032512 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2002539Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#65801}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/6e49eef..1bee638 Rolling v8/buildtools: https://chromium.googlesource.com/chromium/src/buildtools/+log/8d21328..1f38b43 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/7431e17..f7d73bb Rolling v8/third_party/fuchsia-sdk: https://chromium.googlesource.com/chromium/src/third_party/fuchsia-sdk/+log/9a6352a..19c8ac5 Rolling v8/third_party/instrumented_libraries: https://chromium.googlesource.com/chromium/src/third_party/instrumented_libraries/+log/4dca59c..bb3f180 Rolling v8/third_party/zlib: https://chromium.googlesource.com/chromium/src/third_party/zlib/+log/814da1f..94485d9 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/86eb804..42fbdfe TBR=machenbach@chromium.org,tmrts@chromium.org Change-Id: Iaed275fcaffbd4af7cf87bc8047d5f5c17c4fcfa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2004229Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#65800}
-
Ng Zhi An authored
Add missing disasm tests for vroundss and vpalignr. Fix disasm for vinsertps and vpinsrq. Change-Id: I0f3907761b998d27ec00435a569084724af54ae2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1990140Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#65799}
-
- 15 Jan, 2020 24 commits
-
-
Ng Zhi An authored
Most of the implementation work has been done as part of previous patches, this finishes it by adding a new case for LoadType, and also adding a test. The arm and arm64 implementation is new, and wasn't required, since the Liftoff tests (in nooptimization variants) are skipped on arm and arm64, and hence did not fail. Bug: v8:9909 Change-Id: I01bd86d2e46de852bc067f44c802f66ac9e9b029 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2001561Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#65798}
-
Ng Zhi An authored
This reverts commit 3352fcc9. Reason for revert: Causing wasm/tier-down-to-liftoff.js to be flaky, https://crbug.com/v8/10086 Original change's description: > [wasm] Perform NativeModule tier down in parallel. > > Reuse logic in {CompileNativeModule} function in module-compiler.cc: > initialize parallel compile jobs, then wait for them to finish while > taking part in this compilation. > > Bug: v8:9654 > Change-Id: I9974d9f8b516e9faec716a592c7c0ee9c7077d8e > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1977041 > Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com> > Reviewed-by: Clemens Backes <clemensb@chromium.org> > Cr-Commit-Position: refs/heads/master@{#65763} TBR=rmcilroy@chromium.org,clemensb@chromium.org,duongn@microsoft.com Change-Id: Ie3a0a3b2315879b6c19ef25f435fdc83c297b23b No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:9654 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2002692Reviewed-by: Zhi An Ng <zhin@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#65797}
-
Tobias Tebbi authored
Rename ToNumber to PlainPrimitiveToNumber since it must only be used on primitives, as we assume that it never throws and has no side effects. Change-Id: I78880545e58e46d38712f5ab75fe0b627ad178c5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2002394 Auto-Submit: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#65796}
-
Emanuel Ziegler authored
Add tests for select, reject undefined globals for nullref and reformat JS R=ahaas@chromium.org Bug: chromium:10063 Change-Id: I97f7c86fe7435ca64ce1f4b86d8d9eadd29cc76b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2002531Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Emanuel Ziegler <ecmziegler@chromium.org> Cr-Commit-Position: refs/heads/master@{#65795}
-
Santiago Aboy Solanes authored
Change-Id: I30032793e1e764a7be7453b3fa97649bfded229a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2000748 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#65794}
-
Clemens Backes authored
This reverts commit b0ebfabc. Reason for revert: Speculative revert for nvidia bot failure: https://ci.chromium.org/p/v8/builders/ci/Linux%20V8%20FYI%20Release%20(NVIDIA)/7953 Original change's description: > Make NoSideEffectsToString gracefully handle huge msgs on error objects > > Bug: chromium:1032512 > Change-Id: I323981a08e316ebc10c729f2f04b7832373937b0 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1962865 > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Commit-Queue: Georg Neis <neis@chromium.org> > Cr-Commit-Position: refs/heads/master@{#65782} TBR=neis@chromium.org,jgruber@chromium.org Change-Id: Ibdc1efccab3edcd05dd1df99ad0263ea4bce9989 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:1032512 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2002532Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#65793}
-
Milad Farazmand authored
Port ba14c2f3 Original Commit Message: Add kWasmS128 to the list of supported types, and implement Fill for all the architectures so that LocalGet works. Add a new test file to contain tests that run only on Liftoff, and assert that the code is indeed compiled by Liftoff. We cannot rely on the nooptimization variant for testing because by default, if Liftoff compilation fails, it will fall back to Turbofan, and we accidentally get a test passing. We skip these tests on mips architecture that don't support SIMD, since there is no way to implement these, and we don't have a "lowering" phase for Liftoff. As we implement more of SIMD in Liftoff, we can add more tests to this file and ensure correctness. Future patches will introduce support for globals and params. R=zhin@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: I776b3d93dd4dc53641650ac30b26661e52142287 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2002688Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#65792}
-
Santiago Aboy Solanes authored
It doesn't do anything. Bug: v8:10021 Change-Id: I430550f9ce25fd555ec32c8eb0f3276a63c7e53b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2000746Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#65791}
-
Jakob Gruber authored
Without the type check, Bytecode() may read OOB. Note that this is an internal, test-only runtime function. Bug: chromium:1041316 Change-Id: Id9898400605719df2a294e7654cf36ddeec23af1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2002395 Auto-Submit: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#65790}
-
Clemens Backes authored
This extends the debug side table to track stack offsets of locals and operand stack slots, and uses this to read spilled value from the physical stack frame when inspecting Liftoff frames. R=jkummerow@chromium.org Bug: v8:10019 Change-Id: Ida7ab5256fcc1e9d408201f4eafe26919f1432a1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2000739 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#65789}
-
Emanuel Ziegler authored
Add decoding of ref.null as a valid argument for references in TurboFan, LiftOff and the interpreter. R=ahaas@chromium.org R=jkummerow@chromium.org Bug: chromium:10063 Change-Id: I1e2d9c76f616dacb3aa06f8b535543bdcdcf0783 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1991485 Commit-Queue: Emanuel Ziegler <ecmziegler@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#65788}
-
Leszek Swirski authored
Introduce OffThreadFactory with initial string construction support. The OffThreadFactory shares with Factory a new CRTP base class, called FactoryBase. Methods in FactoryBase return a FactoryHandle<Factory, T> alias, which is Handle<T> for normal Factory and a new OffThreadHandle<T> for OffThreadFactory. OffThreadHandle<T> behaves like Handle<T>, except it stores the object in-line rather than needing external storage. Any shared factory methods are moved into FactoryBase, which uses CRTP to call the sub-class's AllocateRaw method (plus a few more customization points which need Isolate access on the main thread). Methods that used to take an Isolate or Factory, and are needed off the main thread, are now expected to be templated on the factory type and to use the appropriate handle. Once an OffThreadFactory has finished being used (e.g. off-thread compilation completed) its pages are "Published" into the main-thread Heap. To deal with string internalization without creating a bunch of ThinStrings, this is done in two stages: 1. 'FinishOffThread': The off-thread pages are walked to collect all slots pointing to "internalized" strings. After this is called it is invalid to allocate any more objects with the factory. 2. 'Publish': On the main thread, we transform these slots into <Handle to holder, offset> pairs, then for each saved slot re-internalize its string and update the slot to point to the internalized string. Bug: chromium:1011762 Change-Id: I008a694da3c357de34362bd86fe7e1f46b535d5e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1992434 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#65787}
-
Michael Lippautz authored
The DCHECKs ensured that all on-stack handles removed when the embedder notifies V8 of an empty stack are indeed below the current stack limit. This is brittle, as the calls that are guaranteed to have no stack above, e.g., non-nestable tasks executing GC, sometimes have larger stack depth then previously registered on-stack handles. Resetting the slot to avoid UAF is not possible/needed as it is guaranteed in such cases that the stack is indeed different from the stack that was used when registering an on-stack handle. This CL removes the DCHECKs and trust the embedder on such calls, similar to when the embedder tells V8 that there's no interesting C++ stack on top of a call to avoid conservative stack scanning. Bug: chromium:1040038 Change-Id: I2e8c77d8080f2d888f773984646998bede59e19c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2000753Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#65786}
-
Jakob Kummerow authored
When reserving the requested virtual memory fails (due to address space exhaustion), simply return nullptr to indicate allocation failure, which callers must be prepared to handle anyway. That way, ClusterFuzz will correctly classify OOM situations. Bonus change: skip demo test on simulators to save time. Drive-by cleanup: add a 'simulator_run' section to mjsunit.status Bug: chromium:1042151,chromium:1042173 Change-Id: I8569f3c0d2a681fbf6f91b665dcb88a4ac3b901e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2002391Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#65785}
-
Clemens Backes authored
This moves first parts of the wrapper generation to the GraphAssembler. We should migrate more code in follow-up CLs, and think about also computing the schedule in the GraphAssembler (once everything is migrated). This also removes the only uses of the controversial {HalfDiamond} construct, hence this is also removed in this CL. Plus a bug fix in the GraphAssembler::Call method, and a new method in GraphAssembler to load heap number values. R=jkummerow@chromium.org, tebbi@chromium.org Bug: v8:10123 Change-Id: Iac4661cdd50049cb73a2f305e280c1af6200729a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2000756Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#65784}
-
Leszek Swirski authored
Bug: v8:10122 Change-Id: I5fc28a4e567ad545ac39324240458960fc86b71c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2000744 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#65783}
-
Georg Neis authored
Bug: chromium:1032512 Change-Id: I323981a08e316ebc10c729f2f04b7832373937b0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1962865Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#65782}
-
Nico Hartmann authored
This CL adds optimizations for Word64And, Word64Or and Word64Xor to the MachineOperatorReducer. Some of these (esp. constant folding) have previously been removed from CodeAssembler to streamline the optimization pipeline. Bug: v8:10021 Change-Id: I679f0b60589a84b2d92ca6d9083efaddfe0b6423 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1997131 Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#65781}
-
Clemens Backes authored
Some architectures used {kConstantStackSpace}, others used {kInstanceOffset}. This CL unifies it to {kInstanceOffset} and uses that constant consistently (in {GetInstanceOperand}). R=zhin@chromium.org Bug: v8:10019 Change-Id: Ia2b6908e289591e2dbc48e559e11407877b7c4ad Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2000146Reviewed-by: Zhi An Ng <zhin@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#65780}
-
Nico Hartmann authored
bug: chromium:1041232 No-Try: true Change-Id: Icdf1b41016701a1c336793ee278ef704782e610a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2000755Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/master@{#65779}
-
Shu-yu Guo authored
https://chromium.googlesource.com/external/github.com/tc39/test262/+log/31f1bb5a..28b4fcca4 Bug: v8:7834, v8:7532, v8:10111, v8:9515, v8:10112 Change-Id: I4775a7788fe9158e1318ca04dd1d34adc21060be Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1994392 Auto-Submit: Shu-yu Guo <syg@chromium.org> Reviewed-by: Mathias Bynens <mathias@chromium.org> Commit-Queue: Mathias Bynens <mathias@chromium.org> Cr-Commit-Position: refs/heads/master@{#65778}
-
Tobias Tebbi authored
Bug: v8:7793 Change-Id: Ibf045274ae48bd58f8c99361f02e51860b1a4150 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1997443 Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Auto-Submit: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/master@{#65777}
-
Simon Zünd authored
This CL attempts to fix a chrome crash seen in the wild. Without a reproducer, the current working theory is that we hit a 'null' context in some edge case, causing us to access an empty handle. This CL prevents the empty context handle to be dereferenced. TBR=yangguo@chromium.org Bug: chromium:1038747 Change-Id: Icd6f4853a22ddbf1e504f0f0f90c065b3437f8ab Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2000752Reviewed-by: Simon Zünd <szuend@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#65776}
-
Jakob Gruber authored
Without the type check, Code() may read OOB. Note that this is an internal, test-only runtime function. Bug: chromium:1041316 Change-Id: I8c0b21ce3c2aea8aa3d065b99d8ab45a8c9e754f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2000749 Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Auto-Submit: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/master@{#65775}
-