- 29 May, 2019 11 commits
-
-
Jakob Kummerow authored
So far, calls to Wasm C/C++ API functions reused the call descriptors of WasmImportWrappers, and the stack frame type of regular Wasm functions. This CL cleans that up by introducing separate implementations for both. No change in functionality or performance is expected. Change-Id: I79301fa81da52283cc776ddf19d4712372f3a58b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632235 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#61914}
-
Andreas Haas authored
The proposal is changing accordingly, see https://github.com/WebAssembly/reference-types/issues/36. In our tests we were already using the new format implicitly, because bulk-memory-operations are enabled by default. I noticed the missing implementation when I executed spec tests with --no-experimental-wasm-bulk-memory. R=mstarzinger@chromium.org Bug: v8:7581 Change-Id: I13aaba9a8d60e8542245aac7f0a072da1be357dc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1631591Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#61913}
-
Jakob Gruber authored
The backtracking stack (which is actually a generic stack) used to be statically sized. At 10k elements, it was fairly large, but still easy to overflow on large subject strings. This CL changes it to a std::vector-based implementation instead which grows on-demand. Drive-by: Add braces to the BYTECODE cases to make clang-format produce a nicer output. Bug: v8:8776 Change-Id: If41a444fe3d05f6d5be1be019129788a86e6118b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1634914Reviewed-by: Peter Marshall <petermarshall@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#61912}
-
Clemens Hammacher authored
This removes two default switch cases for unsupported opcodes, and replaces them by explicit lists. This makes it easy to see what is currently not supported in Liftoff. In a follow-up CL, each bailout will be associated with a category to track which features currently cause Liftoff to bailout. This change also makes Liftoff crash (in UNREACHABLE) if invoked with asm.js code. Hence, change the asm.js tests to not test Liftoff. In production, we do not invoke Liftoff for asm.js anyway. R=mstarzinger@chromium.org Change-Id: I971c6146ed325103d14008c0e67a973a47a35bc2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1634909 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#61911}
-
Michael Starzinger authored
This is a reland of 8092acbe Original change's description: > [wasm] Store signature with {WebAssembly.Function} objects. > > This adds simple serialization and deserialization of the signature > provided when a {WebAssembly.Function} object is constructed. For now > this signature is only used by the {WebAssembly.Function.type} method, > but will soon be used when importing such functions as well. > > R=jkummerow@chromium.org > TEST=mjsunit/wasm/type-reflection > BUG=v8:7742 > > Change-Id: If4a687ea537d8c12f4f01a7d3ac5a795ceb999c6 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632211 > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#61898} Bug: v8:7742 Change-Id: I5d784165c460abd9d7b07f5cdafc746d5380ccd6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632159Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#61910}
-
Yu Yin authored
see https://crrev.com/c/1630678 that patch modify this by mistake. Change-Id: I7db0205a08beff3f7e6372d62dd810ef859c9fcc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1633932 Auto-Submit: Yu Yin <xwafish@gmail.com> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#61909}
-
Benedikt Meurer authored
Also generally cleanup the Copy* code in elements.cc a bit. Bug: v8:9183 Change-Id: I4a56db1f0b382a4b9583cae3b47e4ce572393d9e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1634249Reviewed-by: Simon Zünd <szuend@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#61908}
-
Georg Neis authored
There's a still a bug in the serializer related to resumables. I know what the problem is but I may not have time to prepare a fix this week. Given that --future is enabled on some canaries, let's exclude --concurrent-inlining for now. Bug: v8:7790 Change-Id: I78331ae423239ee7f0417a49e9eb58601a9a1590 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1634189 Auto-Submit: Georg Neis <neis@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Commit-Queue: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#61907}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/4cebfa3..c93f946 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/a7b3312..5db62d3 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/26af0d3..b97d193 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/fe8ba88..64bb071 TBR=machenbach@chromium.org,sergiyb@chromium.org,tmrts@chromium.org Change-Id: I74025ba882b945cb2aeae34e9390a4426b8a5a8a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1633599Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#61906}
-
Georg Neis authored
A given target offset may already have an environment associated with it (there can be multiple jumps to the same target). In that case we used to throw away the previous environment. With this CL we merge the environments instead. Bug: v8:7790 Change-Id: I0c22182436fc48e29675e49627729a33cbeaaf4d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1631603 Commit-Queue: Georg Neis <neis@chromium.org> Auto-Submit: Georg Neis <neis@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#61905}
-
Georg Neis authored
Kill the environment when encountering Throw, Rethrow or Abort, because the following code may be dead. Also add support for the SwitchOnSmi bytecode. Bug: v8:7790 Change-Id: Ia925aec854fea031be1df88a6a924e4b0d0406e9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1631602 Auto-Submit: Georg Neis <neis@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#61904}
-
- 28 May, 2019 29 commits
-
-
Ross McIlroy authored
On Android libraries there are zero length entries within the ranged symbols which break our range processing. This updates the logic to only add entries for zero-length entries if they aren't within the range of the previously added entry. Change-Id: I511a6221817c535d967a50413948a29d9deb1e85 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627985 Auto-Submit: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#61903}
-
Ross McIlroy authored
On Android we load the native library directly from the APK. As such, we need to convert symbols from the mapped APK to the underlying .so when symbolizing the ticks. This CL adds a --apk-embedded-library argument to tick processor to enable specifying which unstripped library file was embeded in the APK and enable symbolizing. Change-Id: Ic992825b831f984a1217eed71847bdb158eb992b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627546 Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#61902}
-
Seth Brenith authored
If we need to build an icu::UnicodeString for a string that is currently in one-byte representation, we first have to expand the string's content into a two-byte representation. Doing so involves allocating an array, which is slow. With this change, we can convert short strings on the stack instead to save time. The cutoff length for what counts as "short" is pretty arbitrary, but we believe many strings fit into an 80-column line. This increases the score of cdjs in JetStream 2 by 35% on my machine, because cdjs is basically a test of localeCompare throughput. Bug: v8:9305 Change-Id: Iba081ac5a8fa7659edf06ac97ba8acf3f8328d59 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1630848 Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#61901}
-
Peter Marshall authored
These are unused and unmaintained, there are probably a lot of paths by now which don't funnel through this, so remove them. Bug: v8:9183 Change-Id: I4b48034e396b3ee481ae87283ab9a860f2f41d1b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632155 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Auto-Submit: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#61900}
-
Michael Starzinger authored
This reverts commit 8092acbe. Reason for revert: Causes UBSan warnings: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20UBSan/6436 Original change's description: > [wasm] Store signature with {WebAssembly.Function} objects. > > This adds simple serialization and deserialization of the signature > provided when a {WebAssembly.Function} object is constructed. For now > this signature is only used by the {WebAssembly.Function.type} method, > but will soon be used when importing such functions as well. > > R=jkummerow@chromium.org > TEST=mjsunit/wasm/type-reflection > BUG=v8:7742 > > Change-Id: If4a687ea537d8c12f4f01a7d3ac5a795ceb999c6 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632211 > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#61898} TBR=jkummerow@chromium.org,mstarzinger@chromium.org Change-Id: I56ea9df5db3f95c05068186097e298cb73a3675d No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:7742 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632218Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#61899}
-
Michael Starzinger authored
This adds simple serialization and deserialization of the signature provided when a {WebAssembly.Function} object is constructed. For now this signature is only used by the {WebAssembly.Function.type} method, but will soon be used when importing such functions as well. R=jkummerow@chromium.org TEST=mjsunit/wasm/type-reflection BUG=v8:7742 Change-Id: If4a687ea537d8c12f4f01a7d3ac5a795ceb999c6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632211Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#61898}
-
Georg Schmid authored
R=tebbi@chromium.org Change-Id: I30aab2663180382a078901c10e39cd1ad6c906f5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627541 Commit-Queue: Georg Schmid <gsps@google.com> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#61897}
-
Yang Guo authored
Bug: v8:9247 Change-Id: I2f999ed3a8cc0931e5092f2ac6e709b8ff3f9e42 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1630678 Commit-Queue: Yang Guo <yangguo@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#61896}
-
Yang Guo authored
R=danno@chromium.org Bug: v8:9247 Change-Id: I98188260a6ef95570ababa403958f7a28845b450 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627331Reviewed-by: Daniel Clifford <danno@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#61895}
-
Georg Schmid authored
Feedback pollution can create situations in which we statically see stores to the same field with incompatible representations; dynamically this should be impossible for a single TurboFan compilation unit. Instead of failing an assertion we produce Unreachable nodes. R=tebbi@chromium.org Bug: chromium:967434 chromium:967506 Change-Id: Id549ec84f28b4fed2d2e5ef05b40b48bc5b30e97 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632169 Commit-Queue: Georg Schmid <gsps@google.com> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#61894}
-
Peter Marshall authored
Add .exe to the produced executable for the protoc compiler. Use include_dirs instead of -isystem. Remove some more warnings that that causes. Cq-Include-Trybots: luci.v8.try:v8_linux64_perfetto_dbg_ng Bug: v8:8339 Change-Id: Ia6b0df63107470ec78f8038834205a0e4fe34b21 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632069 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Auto-Submit: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#61893}
-
Santiago Aboy Solanes authored
There were some cases that were not yet contemplated on machine graph verifier. Also, there is some work to be done to create a Compressed HeapConstant. Until that happens, we have to ignore HeapConstants for DecompressionElimination's reductions. Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng Bug: v8:8977, v8:7703, v8:9298 Change-Id: I9de8dd4272866830807a8d88e625e863fb5f1d0d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632209 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#61892}
-
Tobias Tebbi authored
Due to bug chromium:893437, Torque has ASAN disabled on Windows, which makes it impossible to run unittests for Torque with ASAN being enabled in the unittests. To fix this, this skips Torque unittests in the unsupported configuration. Bug: chromium:893437 Change-Id: I6c8eee1448c63223af4d7336954190e649d125e9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632214Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#61891}
-
Georg Schmid authored
R=bmeurer@chromium.org Bug: v8:9299 Change-Id: I77e8b201bd5fd1c544cced301c8805571c4c1167 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632212Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Georg Schmid <gsps@google.com> Cr-Commit-Position: refs/heads/master@{#61890}
-
Clemens Hammacher authored
Just use standard C++ syntax to define structs and enums instead. R=ahaas@chromium.org Bug: v8:9183 Change-Id: Ibae1643bd1dc74267cdd14ec45a36fc65bf0ab4b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1631410Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#61889}
-
Benedikt Meurer authored
Bug: v8:4153 Change-Id: I0aa5a3947fbeb9b4f186cff459518d95512ec5a0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632151 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#61888}
-
Santiago Aboy Solanes authored
Reduces compressions of constants, going from Constant <- Compress <- Child to Compressed_Constant <- Child This pattern commonly appeared when the Constant was being used as a Store value (e.g StoreElement's value). Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng Bug: v8:8977, v8:7703 Change-Id: I2e71f79ddd2a6fba42cdfe782cc89fff3a8d5ac1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627988 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#61887}
-
Andreas Haas authored
The instruction is the same as the existing {select} instruction with type. Both inputs must be in a sub-type relationship with the type specified in the type instruction. R=clemensh@chromium.org Bug: v8:7581 Change-Id: Ibead6cd0253210828c8114336ea0942e6cbd6126 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1631413 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#61886}
-
Jakob Kummerow authored
In a new test suite: "wasm-api-tests", using a new binary "wasm_api_tests", powered by gtest/gmock (like unittests). Also fix a bunch of issues that these tests uncovered, mostly to ensure that the stack is walkable. Change-Id: I1d5604eea85da078ebecd4ebb7383647595f16ac Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627539 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#61885}
-
Yu Yin authored
see https://crrev.com/c/1627548 that CL remove this functions declaration in the header file, but did not drop function definition in the cpp file. Bug: v8:9183 Change-Id: I98bba3664510c0a6a6a047a8b9c7c43bcc4c3962 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1631812 Auto-Submit: Yu Yin <xwafish@gmail.com> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#61884}
-
Santiago Aboy Solanes authored
The DecompressionElimination reducer can handle that case with the comparison of Decompress vs HeapConstant. There is no need to do extra work. Reverts parts of https://chromium-review.googlesource.com/c/v8/v8/+/1518182. The rest of that CL was reverted in a previous CL where the AccessBuilders were updated. Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng Bug: v8:8977, v8:7703 Change-Id: I871577e49f9ccd95864af54bdd61884d34b7f223 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1628792Reviewed-by: Michael Stanton <mvstanton@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#61883}
-
Santiago Aboy Solanes authored
We currently have three different compresses that we thought it could be a good idea to merge into only one. Merging them would make sense since they all end up with the same code being generated. However, we would be losing knowing the MachineRepresentation in the cases of CompressSigned and Pointer. For example, in machine-graph-verifier everything will have to be MachineRepresentation::kCompressed https://cs.chromium.org/chromium/src/v8/src/compiler/machine-graph-verifier.cc?l=226 Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng Bug: v8:8977, v8:7703 Change-Id: I244e2e61cab2bb87830bc0aabdbe5e43f243b424 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1624798Reviewed-by: Michael Stanton <mvstanton@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#61882}
-
Georg Neis authored
Change-Id: I94ad60d487e64fa72cd3123c85a1b8460ea1007b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1630671 Auto-Submit: Georg Neis <neis@chromium.org> Reviewed-by: Mythri Alle <mythria@chromium.org> Commit-Queue: Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#61881}
-
Georg Neis authored
- Fix a non-observable bug in the typer. - Add some CHECKs where we rely on not receiving None types. - Remove an explicit handling of None types where it's redundant and misleading (later ToNumeric conversions can again introduce None). Bug: chromium:965911 Change-Id: I4bb84422de3f9297131e7304216b86884f04ed49 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1630679 Auto-Submit: Georg Neis <neis@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#61880}
-
Benedikt Meurer authored
This removes a special case from JSObject::WriteToField() where we didn't store anything in case of initializing a double field with the uninitialized sentinel. Instead we now store the hole NaN pattern there, as in other places. This makes it possible to do stricter checking in the TurboFan frontend when it comes to detecting bit patterns. Drive-by-fix: Refactor the related code in MigrateFastToFast() to make it easier to follow the control flow. Bug: v8:9299 Change-Id: Ic35d05c69fbbb136d422d29ce6abf2b09ebe22a6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1631606Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#61879}
-
Georg Neis authored
These two calls used Tagged, which may not match the field in question and thus might leak a MutableHeapNumber. Since the result was used in a very limited way, this was not a correctness bug but it should be fixed anyways. Bug: chromium:966229 Change-Id: Id237729b60d980ded154f70d03e98375f5edc4cc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1630681 Auto-Submit: Georg Neis <neis@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#61878}
-
Georg Neis authored
This is a quick fix for the recent bailout-on-uninitialized feature of the serializer, which does not work with resumables. For now, simply treat the ResumeGenerator bytecode as if it was an exception handler entry point. I want to revisit this later because the proper fix might be to teach the serializer about the SwitchOnGeneratorState bytecode. Bug: chromium:966560, v8:7790 Change-Id: I48bc6ba7299faa29802159cc7c36f4629667b5d8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1630670Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#61877}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/97564df..4cebfa3 Rolling v8/buildtools: https://chromium.googlesource.com/chromium/src/buildtools/+log/6884242..0218c0f Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/4d346fb..a7b3312 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/181e44c..26af0d3 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/9d46446..fe8ba88 TBR=machenbach@chromium.org,sergiyb@chromium.org,tmrts@chromium.org Change-Id: I956064690ecd2aded8da168065711f8d0ca4e210 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1629851Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#61876}
-
Sigurd Schneider authored
..to the case where the intermediary add is unused. Bug: chromium:967186 Change-Id: I8ff95e71fbad88b9b1544f375303eb5400377631 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1632071Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#61875}
-