- 25 Feb, 2019 3 commits
-
-
Anna Henningsen authored
Do not leak handles to the outer scopes from inspector methods. Add `SealHandleScope`s to the tests and the d8 binding, and `HandleScope`s in the places in the inspector source where handles are actually used. Change-Id: I80b1bb0ccc4778b32e9198513f63d5c0652c8f59 Reviewed-on: https://chromium-review.googlesource.com/c/1484304Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#59812}
-
Jakob Gruber authored
This fixes an early handle dereference before a potential allocation in ReplacementStringBuilder. Bug: chromium:935101 Change-Id: I03cf2b18b577a38af818dcc42f7c430faba23450 Reviewed-on: https://chromium-review.googlesource.com/c/1485831Reviewed-by: Peter Marshall <petermarshall@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#59811}
-
Peter Marshall authored
This read can cause a guard page violation on Windows, where the sp is sometimes incorrect and points far into the future stack space. Bug: v8:8883, v8:5193 Change-Id: I55c1fcac873a9c43484a5d1c3f2661f3589b1daf Reviewed-on: https://chromium-review.googlesource.com/c/1480378Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#59810}
-
- 24 Feb, 2019 2 commits
-
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/93f8c0e..9f11dc3 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/e4abf4c..a4323c9 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/d7f7a3e..95ea36e TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: I14c7bbc2fa38d2fc5d4d6135c73bab8c4b2b3184 Reviewed-on: https://chromium-review.googlesource.com/c/1485240Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#59809}
-
peterwmwong authored
Change-Id: I96935cd8e16715ce729a9830c00357c740696b3b Reviewed-on: https://chromium-review.googlesource.com/c/1470445 Commit-Queue: Peter Wong <peter.wm.wong@gmail.com> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#59808}
-
- 23 Feb, 2019 3 commits
-
-
Mike Stanton authored
BUG: v8:7672 Change-Id: I8816ab9051e7900119fd65c239f9e207f5c3d417 Reviewed-on: https://chromium-review.googlesource.com/c/1478697 Commit-Queue: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#59807}
-
v8-ci-autoroll-builder authored
Rolling v8/base/trace_event/common: https://chromium.googlesource.com/chromium/src/base/trace_event/common/+log/e31a170..936ba8a Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/ba245a9..93f8c0e Rolling v8/test/wasm-js/data: https://chromium.googlesource.com/external/github.com/WebAssembly/spec/+log/2e2e3a9..4da0540 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/76fb063..e4abf4c Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/36974ad..d7f7a3e TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: I5fa05932b8a7a2e9a8e97d00f5be84d2e5d0c2ec Reviewed-on: https://chromium-review.googlesource.com/c/1485018Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#59806}
-
Deepti Gandluri authored
When using a shared WebAssembly.Memory, always try to reserve up to the maximum to avoid having to move the buffer. If after multiple retries it is not possible to reserve the maximum, fall back to initial size reservation. - Add new methods to allocate a Shared WebAssemblyMemory.buffer - Use these to reserve upto the mazimum for a Shared WebAssembly.Memory - Cleanup js-api so actual allocation is done inside the constructor BUG: v8:8564 Change-Id: I97815c7c94a2b84416cd867fb23b3c815d7f0f12 Reviewed-on: https://chromium-review.googlesource.com/c/1480910Reviewed-by: Ben Smith <binji@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/master@{#59805}
-
- 22 Feb, 2019 21 commits
-
-
Deepti Gandluri authored
This reverts commit 6a88f0b1. Reason for revert: Fails UBSAN bots - https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux64%20UBSan/4866 Original change's description: > [wasm] ReturnCall Implementation (interpreter) > > Implement the ReturnCall functionality for the interpreter. > > Note that some tests have had to be deferred to the implementation > of ReturnCall for TurboFan. > > Bug: v8:7431 > Change-Id: I091528e72f9113ddf1929bd1a5650b490bc8cc0c > Reviewed-on: https://chromium-review.googlesource.com/c/1467343 > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Reviewed-by: Clemens Hammacher <clemensh@chromium.org> > Commit-Queue: Francis McCabe <fgm@chromium.org> > Cr-Commit-Position: refs/heads/master@{#59803} TBR=adamk@chromium.org,ahaas@chromium.org,clemensh@chromium.org,fgm@chromium.org Change-Id: Ib2a85e586549e9c36f94d70f04f6e103a8272367 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:7431 Reviewed-on: https://chromium-review.googlesource.com/c/1484574Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/master@{#59804}
-
Francis McCabe authored
Implement the ReturnCall functionality for the interpreter. Note that some tests have had to be deferred to the implementation of ReturnCall for TurboFan. Bug: v8:7431 Change-Id: I091528e72f9113ddf1929bd1a5650b490bc8cc0c Reviewed-on: https://chromium-review.googlesource.com/c/1467343Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Francis McCabe <fgm@chromium.org> Cr-Commit-Position: refs/heads/master@{#59803}
-
Ulan Degenbaev authored
This fixes a corner case where the main thread has items in the local segments but the global pool is empty. In such case concurrent marking tasks are not posted and marking is performed on the main thread. Bug: chromium:934453 Change-Id: Ic34cd4ecb59b848021d8d8b086904b415669f5e6 Reviewed-on: https://chromium-review.googlesource.com/c/1482739Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#59802}
-
Deepti Gandluri authored
This reverts commit 4950dec7. Reason for revert: Breaks on stress_background_compile variant https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket.appspot.com/8920804687849034208/+/steps/Mjsunit/0/logs/number-divide/0 Original change's description: > Temporarily unship constant field tracking > > This is to get better handle on improvements and regressions. > > Bug: v8:8361, chromium:930680 > Change-Id: I2963b55f3480036ada885267a277a95d24a67656 > Reviewed-on: https://chromium-review.googlesource.com/c/1482737 > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> > Cr-Commit-Position: refs/heads/master@{#59800} TBR=jarin@chromium.org,ishell@chromium.org Change-Id: Ibf38c9cb2bf0921b7d93972a1e6cdd4c3d57c592 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:8361, chromium:930680 Reviewed-on: https://chromium-review.googlesource.com/c/1483610Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/master@{#59801}
-
Jaroslav Sevcik authored
This is to get better handle on improvements and regressions. Bug: v8:8361, chromium:930680 Change-Id: I2963b55f3480036ada885267a277a95d24a67656 Reviewed-on: https://chromium-review.googlesource.com/c/1482737Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#59800}
-
Junliang Yan authored
Bug: v8:8075 Change-Id: I8547706b56bab28dc11685e73b5fc084c8f1bf69 Reviewed-on: https://chromium-review.googlesource.com/c/1480912 Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#59799}
-
Santiago Aboy Solanes authored
This now makes it so TurboFan now uses full pointer loads for arguments values located on stack. Bug: v8:8876, v8:7703 Change-Id: Ib82d6f3b0f4c8d33669c7f86ce803381d210c019 Reviewed-on: https://chromium-review.googlesource.com/c/1480382Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#59798}
-
Igor Sheludko authored
... which will work for 32-bit kTaggedSize but we are not there yet. Bug: v8:7703 Change-Id: Iaceb126ba316f37532221597cbd4f7e85ceb4fb9 Reviewed-on: https://chromium-review.googlesource.com/c/1482917Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#59797}
-
Farazmand authored
Port b0b1ba9a Original Commit Message: This CL changes the secondary stack check for WebAssembly functions with big stack frames in the code generator from calling a runtime function to calling a code stub. The runtime function caused problems with serialization. R=ahaas@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: Ie2175eedb043304405fd271c3bf1337dac76ab49 Reviewed-on: https://chromium-review.googlesource.com/c/1483210Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#59796}
-
Stephan Herhut authored
Also cleans up the code slightly. Change-Id: I9d1e7305f69e5f746833ed7985a320023fc90f2e Reviewed-on: https://chromium-review.googlesource.com/c/1477744Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Stephan Herhut <herhut@chromium.org> Cr-Commit-Position: refs/heads/master@{#59795}
-
Simon Zünd authored
The recent introduction of 'end' positions incorrectly tracked column positions. This CL fixes that. R=tebbi@chromium.org Bug: v8:7793 Change-Id: I2170ebb2dda062c9842dad657c3c516e0550b459 Reviewed-on: https://chromium-review.googlesource.com/c/1482830Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#59794}
-
Igor Sheludko authored
This is a reland of 6f763280 Original change's description: > [cleanup] Cleanup handling of padding field in Map > > Bug: v8:8834 > Change-Id: Iae9cbcccb8747298c5680ac1e865efebee85acec > Reviewed-on: https://chromium-review.googlesource.com/c/1480385 > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Commit-Queue: Igor Sheludko <ishell@chromium.org> > Cr-Commit-Position: refs/heads/master@{#59774} Bug: v8:8834 Change-Id: I6a3b436984a7a412f07bb66647864472a134d264 Reviewed-on: https://chromium-review.googlesource.com/c/1482914Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#59793}
-
Maciej Goszczycki authored
All HeapObjects already have roots access so this was redundant and made ComputeAndSetHash difficult to use. Eventually we need to get rid of the Isolate version of HashSeed, but this will touch a lot of files, so leaving it for now. Bug: v8:8562 Change-Id: I27d8fe10df72494d0a2146f408a2158cf02ce226 Reviewed-on: https://chromium-review.googlesource.com/c/1481630 Commit-Queue: Maciej Goszczycki <goszczycki@google.com> Reviewed-by: Dan Elphick <delphick@chromium.org> Reviewed-by: Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#59792}
-
Michael Achenbach authored
Change-Id: I41bd7204e6c94bb26d25a16cb863dba1fb60688b Reviewed-on: https://chromium-review.googlesource.com/c/1482912Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#59791}
-
Andreas Haas authored
This CL changes the secondary stack check for WebAssembly functions with big stack frames in the code generator from calling a runtime function to calling a code stub. The runtime function caused problems with serialization. R=mstarzinger@chromium.org CC=bbudge@chromium.org Bug: v8:8882 Change-Id: Iab4a1a8af233726d322722d87433f0cb33e60ac3 Reviewed-on: https://chromium-review.googlesource.com/c/1480375 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#59790}
-
Michael Achenbach authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/e148b4c..ba245a9 Rolling v8/buildtools: https://chromium.googlesource.com/chromium/src/buildtools/+log/106e9fc..3e50219 Rolling v8/buildtools/third_party/libc++/trunk: https://chromium.googlesource.com/chromium/llvm-project/libcxx/+log/e713cc0..22d3f6d Rolling v8/buildtools/third_party/libc++abi/trunk: https://chromium.googlesource.com/chromium/llvm-project/libcxxabi/+log/307bb62..0d52966 Rolling v8/test/wasm-js/data: https://chromium.googlesource.com/external/github.com/WebAssembly/spec/+log/1fff613..2e2e3a9 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/11e283f..76fb063 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/61d0c29..36974ad Rolling v8/third_party/icu: https://chromium.googlesource.com/chromium/deps/icu/+log/07e7295..960f195 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/1dc7541..987f14b TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Bug: v8:8242, v8:8246, v8:8260, v8:8894 Change-Id: I359fb0609c9487488120b6ab8b432db3c5ec2cec Reviewed-on: https://chromium-review.googlesource.com/c/1482118 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#59789}
-
Dan Elphick authored
Move FRAME_SUMMARY_FIELD undef to after its define. Bug: v8:8834 Change-Id: I431b3b8fd3de9589c10364178fd00882d74f19bc Reviewed-on: https://chromium-review.googlesource.com/c/1480389Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Cr-Commit-Position: refs/heads/master@{#59788}
-
Jaroslav Sevcik authored
Bug: chromium:934175 Change-Id: I00b4d6931d196037f0ead168cc9cbb19cb83a12d Reviewed-on: https://chromium-review.googlesource.com/c/1481632Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#59787}
-
Farazmand authored
A compiler may not implicitly cast the output of first->spill_type() to an integer, adding a cast to fix the problem Change-Id: Ic4e779d447fba9d040b81ee315327b631dfd6ad3 Reviewed-on: https://chromium-review.googlesource.com/c/1480913Reviewed-by: Stephan Herhut <herhut@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Stephan Herhut <herhut@chromium.org> Cr-Commit-Position: refs/heads/master@{#59786}
-
Jon Kunkee authored
When Assembler::nop is in the header, it is considered an inline function. With GN arg is_component_build=true, the V8_EXPORT_PRIVATE mark on the class causes it to be exported every time the header is included. This, in turn, produces a reference to Register::XRegFromCode. Register::XRegFromCode is only ever defined as an inlined function, so that reference is never fulfilled. Clang can avoid this using the /Fc:dllexportInlines- flag to suppress the export of Assembler::nop and so avoid generating the reference to Register::XRegFromCode. MSVC does not support this flag, so this change suppresses the export by moving Assembler::nop's definition to the .cc file. This also allows it to use the inline definition of Register::XRegFromCode. Bug: v8:8870 Change-Id: I1cd33195677256c9dd06c7047fe84e1b912d3151 Reviewed-on: https://chromium-review.googlesource.com/c/1478216Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#59785}
-
Erik Chen authored
Recent changes to luci/client-py contain functionality improvement/fixes to swarming.py. This is needed by v8 recipes to dispatch swarming tasks. Bug: chromium:934482 Change-Id: Icdbf213918f10d5bc67d6ce078179e95888281e5 Reviewed-on: https://chromium-review.googlesource.com/c/1480920Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Erik Chen <erikchen@chromium.org> Cr-Commit-Position: refs/heads/master@{#59784}
-
- 21 Feb, 2019 11 commits
-
-
Francis McCabe authored
Bug: v8:7431 Change-Id: I80ec116d21d67868747093887ca4660675dab8e4 Reviewed-on: https://chromium-review.googlesource.com/c/1473795Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Francis McCabe <fgm@chromium.org> Cr-Commit-Position: refs/heads/master@{#59783}
-
Sathya Gunasekaran authored
This reverts commit f1b21a10. Reason for revert: breaks https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/24373 Original change's description: > [Intl] Ship Intl.Locale > > Bug: v8:7684 > Change-Id: I5994c3fc4b97c4322c4e0cf20305da75e66efd5a > Reviewed-on: https://chromium-review.googlesource.com/c/1478220 > Reviewed-by: Adam Klein <adamk@chromium.org> > Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> > Commit-Queue: Frank Tang <ftang@chromium.org> > Cr-Commit-Position: refs/heads/master@{#59780} TBR=adamk@chromium.org,gsathya@chromium.org,ftang@chromium.org Change-Id: I7ae570d3cd0dd62f2b1a37c43b7f8b9ca51d7a5b No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:7684 Reviewed-on: https://chromium-review.googlesource.com/c/1481901Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#59782}
-
Tobias Tebbi authored
This is a reland of c3148664 Original change's description: > [csa] disable selected bounds checks for remaining regressions > > Bug: chromium:932919 > TBR: jarin@chromium.org > Change-Id: Id1125dcd2978f790af4cf00125bcbb94741d0bf8 > Reviewed-on: https://chromium-review.googlesource.com/c/1480387 > Commit-Queue: Tobias Tebbi <tebbi@chromium.org> > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Cr-Commit-Position: refs/heads/master@{#59773} Bug: chromium:932919 Change-Id: Ifb115ded2ff272abae4fba557ef669eee8e3c687 TBR: tebbi@chromium.org Reviewed-on: https://chromium-review.googlesource.com/c/1481746Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#59781}
-
Frank Tang authored
Bug: v8:7684 Change-Id: I5994c3fc4b97c4322c4e0cf20305da75e66efd5a Reviewed-on: https://chromium-review.googlesource.com/c/1478220Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/master@{#59780}
-
Sathya Gunasekaran authored
Bug: v8:5368 Change-Id: I0d33076f8e9d31e07535b28f783e33cd24b946ad Reviewed-on: https://chromium-review.googlesource.com/c/1481024Reviewed-by: Mathias Bynens <mathias@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#59779}
-
Tom Tan authored
Windows ARM64 does cross build for V8 and runs snapshot tool on build host under simulator. Simulator is built with LLP64 data model so 0xFFFFL is 32-bit long by default. It causes problem for the expression "0xFFFFL << shift" when shift is 32, which actually does nothing on x64 because 0xFFFFL is only 32-bit. The issue happens for instruction "movk rd, NUM lsl 32" which is simulated in Simulator::VisitMoveWideImmediate. "0xFFFL << shift" acts as mask to clear bits 32-47 of the orignal value in rd. Under LLP64, the mask happens unexpectedly to the lowest 16 bits of rd register and corrupts the result of rd. Specify 0xFFFFL as 64 bit as 0xFFFFLL fixes this problem. Bug: chromium:893460 Change-Id: Ibd911ce595e83637432a3e1f79a9bf28fcbe09f6 Reviewed-on: https://chromium-review.googlesource.com/c/1475330 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#59778}
-
Sathya Gunasekaran authored
This reverts commit c3148664. Reason for revert: speculative revert for MSAN failure https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/25398 Original change's description: > [csa] disable selected bounds checks for remaining regressions > > Bug: chromium:932919 > TBR: jarin@chromium.org > Change-Id: Id1125dcd2978f790af4cf00125bcbb94741d0bf8 > Reviewed-on: https://chromium-review.googlesource.com/c/1480387 > Commit-Queue: Tobias Tebbi <tebbi@chromium.org> > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Cr-Commit-Position: refs/heads/master@{#59773} TBR=jarin@chromium.org,jgruber@chromium.org,leszeks@chromium.org,tebbi@chromium.org Change-Id: Ib6cb825375725773db73f40ad3b65e084645b568 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:932919 Reviewed-on: https://chromium-review.googlesource.com/c/1480914Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#59777}
-
Sathya Gunasekaran authored
This reverts commit 6f763280. Reason for revert: speculative revert for MSAN failure: https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/25398 Original change's description: > [cleanup] Cleanup handling of padding field in Map > > Bug: v8:8834 > Change-Id: Iae9cbcccb8747298c5680ac1e865efebee85acec > Reviewed-on: https://chromium-review.googlesource.com/c/1480385 > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Commit-Queue: Igor Sheludko <ishell@chromium.org> > Cr-Commit-Position: refs/heads/master@{#59774} TBR=ulan@chromium.org,ishell@chromium.org,verwaest@chromium.org Change-Id: Icf42e4566382c8539c8d7fb709a91bf0c6353858 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:8834 Reviewed-on: https://chromium-review.googlesource.com/c/1481025Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#59776}
-
Jaroslav Sevcik authored
This should recover the regression from constant field tracking in Speedometer/angular. Bug: chromium:930680 Change-Id: I9ccbcbdaf11556596ed5df5c08829b7ae329cab7 Reviewed-on: https://chromium-review.googlesource.com/c/1480383Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#59775}
-
Igor Sheludko authored
Bug: v8:8834 Change-Id: Iae9cbcccb8747298c5680ac1e865efebee85acec Reviewed-on: https://chromium-review.googlesource.com/c/1480385Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#59774}
-
Tobias Tebbi authored
Bug: chromium:932919 TBR: jarin@chromium.org Change-Id: Id1125dcd2978f790af4cf00125bcbb94741d0bf8 Reviewed-on: https://chromium-review.googlesource.com/c/1480387 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#59773}
-