- 06 Jul, 2021 18 commits
-
-
Mike Stanton authored
In GetOwnFastDataPropertyFromHeap, we read a property value then compare it with the expected representation. We already had code to bail out of that particular optimization if there was a mismatch, however it missed the case of expected representation being a HeapObject, and when a Smi value was found. The fix is to use the excellent pre-existing method Object::FitsRepresentation() to make this check. Thusly, all cases are handled. Bug: chromium:1225607, v8:7790 Change-Id: I7d9b1b7722d9691cf5427f8456a6deb466dda0d3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008218 Commit-Queue: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#75587}
-
Mike Stanton authored
TurboFan reads the value in HeapNumber, and TSAN detects a data race between this read and sets on the main thread elsewhere. We mark this as relaxed atomic (meaning, correct value of the read is not guaranteed). The compiler uses the dependency mechanism to re-read the value safely on the main thread later, and aborts compilation if a change is detected. Bug: chromium:1224277, v8:7790 Change-Id: I8931d8989812550c0c57b6bd27aa796f6f5e779d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2996201Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#75586}
-
Santiago Aboy Solanes authored
In the schedule phase (and only in this phase!) the node 0 was not being selected due to `!0` being true. We meant to be checking against undefined rather than this. Bug: v8:7327 Notry: true Change-Id: Ie675979219868725b0e345065cec7a2a7091fda8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008215Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#75585}
-
Junliang Yan authored
Change-Id: I1b1d8d0485f037ba5c105741039e62db87fd2b6a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008642Reviewed-by: Milad Fa <mfarazma@redhat.com> Commit-Queue: Junliang Yan <junyan@redhat.com> Cr-Commit-Position: refs/heads/master@{#75584}
-
Camillo Bruni authored
Add and use two new RCS scopes: - RuntimeCallCounterId::kDebugger - RuntimeCallCounterId::kDebuggerCallback Change-Id: Ifd326424248948d0d5c1e0e29cacaecc92046e88 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3006415Reviewed-by: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#75583}
-
Dominik Inführ authored
This CL adds support for updating code objects. So far code objects were immutable. Sparkplug makes compilation a very frequent operation and thus wants to avoid copying the instruction stream from the AssemblerBuffer into the code object (with more overhead that entails). The idea is to allocate an "empty" Code object initially, which is likely large enough to hold the full instruction stream. Then Sparkplug will compile the given function and write the instruction stream directly into the code object. After compilation is done Sparkplug trims the Code to the right size and finishes its initialization. We use relocation_info to determine whether a Code object is fully initialized: undefined means that this object is filled by SparkPlug at the moment. If it's a proper ByteArray, this code object is assumed to be initialized. Turbofan still fully initializes the Code object immediately. Before changing the size of the code object, EnsureSweepingCompleted() makes sure that the code object's page is swept already. This prevents that the concurrent sweeper loads the new and smaller object size and stores that memory in the free list. NotifyCodeObjectChanged() signals the GC that the code object is now fully initialized and revisits that object (even if it is black already) to find and record outgoing references in the instruction stream. Design doc: https://docs.google.com/document/d/12LHGkRXY1H3IFMBrdxs2vhgtG9bfJTdquQUsX1oPoSE/edit?usp=sharing Bug: v8:11872 Change-Id: Ie1b95b27842eea5ec7e9d345052585a27d6ea7f3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2999087 Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#75582}
-
Michael Lippautz authored
There's only few testing code required for embedders. Add testing directly to the regular cppgc target to allow working around an ODR violation issue with //v8:v8 and //v8:v8_for_testing, see bug. This unblock Oilpan library builds in Chromium. Bug: v8:11952, chromium:1056170 Change-Id: I0f0448faa0904b9ece58bd5a24c79c86ee55e2bf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008216 Auto-Submit: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Reviewed-by: Dan Elphick <delphick@chromium.org> Cr-Commit-Position: refs/heads/master@{#75581}
-
Sigurd Schneider authored
Associating exception meta-data may throw an exception if the browser is under memory pressure. This CL adds a try-catch scope to prevent surfacing of said exceptions in Chrome. Bug: chromium:1226360 Change-Id: Ide969273b2ac6dc109370ba2adcb20586ef30bff Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008214Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#75580}
-
Liu Yu authored
Port: 6f48b7b3 Bug: v8:11856 Change-Id: I1828e307caa55a31090e09b6e24b3d6317fdf6fe Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3007176 Auto-Submit: Liu yu <liuyu@loongson.cn> Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Cr-Commit-Position: refs/heads/master@{#75579}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/a0862c3..ced9667 Rolling v8/buildtools/linux64: git_revision:4d207c94eab41f09c9a8505eb47f3d2919e47943..git_revision:31f2bba8aafa8015ca5761100a21f17c2d741062 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/e1e56a5..081034a Rolling v8/tools/luci-go: git_revision:40f945205c8670537d14901c310374774f589254..git_revision:a5505c14c78e1a27562164fb55f7d2d8190a0a9b Rolling v8/tools/luci-go: git_revision:40f945205c8670537d14901c310374774f589254..git_revision:a5505c14c78e1a27562164fb55f7d2d8190a0a9b Rolling v8/tools/luci-go: git_revision:40f945205c8670537d14901c310374774f589254..git_revision:a5505c14c78e1a27562164fb55f7d2d8190a0a9b TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I28f68680c554a54623bbeff106b3c6aafcde61f3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008257Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#75578}
-
Leszek Swirski authored
This reverts commit 8b18c5e6. Reason for revert: Still failing: https://test-results.appspot.com/data/layout_results/V8_Blink_Linux/12469/blink_web_tests%20%28retry%20shards%20with%20patch%29/layout-test-results/results.html Original change's description: > Reland "Improve error messages for property access on null/undefined" > > This is a reland of 24c626c1 > > Original change's description: > > Improve error messages for property access on null/undefined > > > > Only print the property name when accessing null/undefined if we can > > convert it to a string without causing side effects. > > If we can't, omit the property name in the error message. > > This should avoid confusion when the key is an object with toString(). > > E.g. undefined[{toString:()=>'a'}] doesn't print 'read property [object > > Object]' anymore, which was misleading since the property accessed would > > be 'a', but we can't evaluate the key without side effects. > > > > Bug: v8:11365 > > Change-Id: If82d1adb42561d4851e2bd2ca297a1c71738aee8 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2960211 > > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > > Commit-Queue: Patrick Thier <pthier@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#75250} > > Bug: v8:11365 > Change-Id: Ie2312337f4f1915faa31528a728d90833d80dbd1 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979599 > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Commit-Queue: Patrick Thier <pthier@chromium.org> > Cr-Commit-Position: refs/heads/master@{#75571} Bug: v8:11365 Change-Id: Ic4137f0d70fa9b10ca70fa921b98ea7e1499f11b No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008217 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#75577}
-
Santiago Aboy Solanes authored
Now we can click any panel and connect to the others via highlight. Note that we do not have a bijection between panels and (e.g. one node can be several instructions in the generated code. Bug: v8:7327, v8:11192 Notry: true Change-Id: Idfabce98bfdfc1b6cd26d540e6f0bbac47754de1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3001175 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#75576}
-
Santiago Aboy Solanes authored
Now, when we click an instruction in the register allocation phase we will have highlighted both the middle panel and right panel. Previously only the right panel was highlighted. Note that the reverse is not yet true (i.e. clickin the right panel does not highlight the middle panel). Bug: v8:7327 Notry: true Change-Id: Ia45d54a33587eac3706d5fbf56e01f19d6f94144 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3001170 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#75575}
-
Santiago Aboy Solanes authored
If you now click a line number on the source panel (left panel) you will get the nodes (middle panel) highlighted and the disassembly code (right panel). As a bonus, you can click on the middle or right panels and get the same result (i.e. you can click on a disassembly instruction and see the highlighted source text and nodes). Note that not all source text has a node or disassembly instruction associated with it. Bug: v8:7327, v8:11192 Notry: true Change-Id: Ia20aff02407e0d9d118c26a0b5895ee521288565 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3000965Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#75574}
-
Maya Lekova authored
This reverts commit d42ae802. Reason for revert: Broke Mac64 ASAN - https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Clusterfuzz%20Mac64%20ASAN%20-%20release%20builder/23150/overview Original change's description: > Update V8 DEPS. > > Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/a0862c3..05e78ec > > Rolling v8/buildtools/linux64: git_revision:4d207c94eab41f09c9a8505eb47f3d2919e47943..git_revision:31f2bba8aafa8015ca5761100a21f17c2d741062 > > Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/e1e56a5..081034a > > TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com > > Change-Id: Ic1191777085e8afc6f356fd2563fa27a13ec58a8 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3007654 > Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> > Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> > Cr-Commit-Position: refs/heads/master@{#75570} Change-Id: I4e3435c5ec778bb7f61b6919dd13f09d0d767753 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3006579 Auto-Submit: Maya Lekova <mslekova@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#75573}
-
Wenyu Zhao authored
This CL make TPH be able to access some heap private interfaces, by marking TPH classes as friend classes. Bug: v8:11641 Change-Id: I72aebf267c8f36593f50279bec5dccb44cda9528 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2994220 Auto-Submit: Wenyu Zhao <wenyu.zhao@anu.edu.au> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Wenyu Zhao <wenyu.zhao@anu.edu.au> Cr-Commit-Position: refs/heads/master@{#75572}
-
Patrick Thier authored
This is a reland of 24c626c1 Original change's description: > Improve error messages for property access on null/undefined > > Only print the property name when accessing null/undefined if we can > convert it to a string without causing side effects. > If we can't, omit the property name in the error message. > This should avoid confusion when the key is an object with toString(). > E.g. undefined[{toString:()=>'a'}] doesn't print 'read property [object > Object]' anymore, which was misleading since the property accessed would > be 'a', but we can't evaluate the key without side effects. > > Bug: v8:11365 > Change-Id: If82d1adb42561d4851e2bd2ca297a1c71738aee8 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2960211 > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Commit-Queue: Patrick Thier <pthier@chromium.org> > Cr-Commit-Position: refs/heads/master@{#75250} Bug: v8:11365 Change-Id: Ie2312337f4f1915faa31528a728d90833d80dbd1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979599Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/master@{#75571}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/a0862c3..05e78ec Rolling v8/buildtools/linux64: git_revision:4d207c94eab41f09c9a8505eb47f3d2919e47943..git_revision:31f2bba8aafa8015ca5761100a21f17c2d741062 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/e1e56a5..081034a TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: Ic1191777085e8afc6f356fd2563fa27a13ec58a8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3007654Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#75570}
-
- 05 Jul, 2021 22 commits
-
-
Camillo Bruni authored
Bug: v8:10644 Change-Id: Ic8fa0100a1e276f6c8f7c70b325718d5bdf9123e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3001349 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/master@{#75569}
-
Santiago Aboy Solanes authored
We were already performing these accessors in an atomic relaxed way for concurrent marking. In no-cm builds I thought we could get away with performing it non-atomically but we are seeing TSAN warnings. Bug: v8:7790, v8:11945 Change-Id: I4f3b1be3e2ae726ac15777e6eb464979b3c0159c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3001179 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#75568}
-
Victor Gomes authored
No-Try: true Bug: v8:11234 Change-Id: Icb1f40c18334f22c5d3afbf028eac79ab22610a2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3006635 Auto-Submit: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#75567}
-
Victor Gomes authored
We do not need to force the library to be linked statically. No-Try: true Change-Id: Ib2c639fa8c0f0857a902ccf80fff1ef0a17278c1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3006636 Auto-Submit: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Dan Elphick <delphick@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Cr-Commit-Position: refs/heads/master@{#75566}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/3cf06a3..a0862c3 TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I5a9f0ed25ca228f0ce17cbdf03611d82bcde4b82 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3006535Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#75565}
-
Milad Fa authored
Port 6f48b7b3 Original Commit Message: This is a reland of b0bcedcc Changes: - Consistently use int32_t for max_steps and nondeterminism - Skip SIMD tests on architectures that don't support it Original change's description: > [wasm][liftoff][ia32][x64] Detect SIMD NaNs for fuzzing > > R=clemensb@chromium.org > > Bug: v8:11856 > Change-Id: I9764e3e2944690ed0883afdab20afd47fdd4acfa > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979605 > Reviewed-by: Clemens Backes <clemensb@chromium.org> > Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> > Cr-Commit-Position: refs/heads/master@{#75512} R=thibaudm@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: I5d0281bb9668c22d9d068fdf95bc80404b982744 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3006474Reviewed-by: Junliang Yan <junyan@redhat.com> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#75564}
-
Yang Guo authored
Bug: none Change-Id: I634631515e392198c5a6c885ab033035ead97f25 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3003468Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Auto-Submit: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#75563}
-
Clemens Backes authored
The new DCHECK fires when the tier was set to {kNone}, which was the case for wrappers. Since the compiler is only interesting for proper Wasm functions, we keep the DCHECK but only print the compiler for code objects that represent actual Wasm functions. R=thibaudm@chromium.org Bug: chromium:1223839 Change-Id: Icc0f13b34b53fee2a8d53857a4769ab4d80ab805 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3003467 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/master@{#75562}
-
Michael Achenbach authored
The Chromium testing pool now has a sufficient number of devices for testing. The old pool is deprecated. No-Try: true Bug: chromium:1226561 Change-Id: I6a985da860d4d2d5a30ccfd2c6593cce54b930c4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3006414 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#75561}
-
Clemens Backes authored
The number of arguments and their values were generated and passed by the individual fuzzers, but were unused by the caller. Instead, default arguments are generated in {MakeDefaultInterpreterArguments} and {MakeDefaultArguments}. Thus this CL removes the dead parameters and assignments. R=ahaas@chromium.org Change-Id: I5ca5b06a0848c2a89e70ed739f44bc2161fcb2bb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3003464 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#75560}
-
Liu Yu authored
this is related to commit 6d54d948 Bug: v8:11420 Change-Id: I8e19b8a960fc7a1c499e04a170a4439f38750205 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3005678Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Auto-Submit: Liu yu <liuyu@loongson.cn> Cr-Commit-Position: refs/heads/master@{#75559}
-
Clemens Backes authored
This is a three-state field now: kTrapHandler, kExplicitBoundsChecks, kNoBoundsChecks. It is set once based on the flags (--wasm-bounds-checks and --wasm-enforce-bounds-checks) and depending on whether the signal handler for wasm trap handling was installed. All compilation then only uses the field value, and does not need to check any flags any more. R=ahaas@chromium.org Bug: v8:11926 Change-Id: I2c0eb5ecb742ee65d1c10e4dceff7204119dab7c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2996191 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#75558}
-
Thibaud Michaud authored
This is a reland of b0bcedcc Changes: - Consistently use int32_t for max_steps and nondeterminism - Skip SIMD tests on architectures that don't support it Original change's description: > [wasm][liftoff][ia32][x64] Detect SIMD NaNs for fuzzing > > R=clemensb@chromium.org > > Bug: v8:11856 > Change-Id: I9764e3e2944690ed0883afdab20afd47fdd4acfa > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979605 > Reviewed-by: Clemens Backes <clemensb@chromium.org> > Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> > Cr-Commit-Position: refs/heads/master@{#75512} Bug: v8:11856 Change-Id: I0a7858d1c21c0dfb961b9b2c3fa1074f9362886a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3001178Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/master@{#75557}
-
Benedikt Meurer authored
In order to implement eager (side effect free) evaluation of arbitrary accessor properties correctly, we need the ability to call getters while guaranteeing that we don't trigger side effects. This is accomplished by adding a `throwOnSideEffect` flag to the `Runtime.callFunctionOn` API, similar to what's already available with the `Runtime.evaluate` and the `Debugger.evaluateOnCallFrame` APIs. Bug: chromium:1076820, chromium:1119900, chromium:1222114 Change-Id: If2d6c51376669cbc71a9dd3c79403d24d62aee43 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3001360 Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#75556}
-
Liviu Rau authored
Bug: v8:11169 Change-Id: I32e9bb1f91c9583e900c96e158d66407d5560868 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3003466Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Liviu Rau <liviurau@chromium.org> Cr-Commit-Position: refs/heads/master@{#75555}
-
Clemens Backes authored
For static OOB accesses in Liftoff we were adding a protected instruction information, mapping the PC of a jump instruction to the landing pad. This is not needed, as the jump instruction is not supposed to trigger a signal. This CL slightly refactors the code to avoid this protected instruction information, and resolves the old TODO. R=ahaas@chromium.org Change-Id: I668f3ec6a0815af83cbc04fb307744000166fb8e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3003156Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#75554}
-
Georg Neis authored
A frame state's outer frame state input can be kDeadValue. A DCHECK did not take that into account. In release builds there was no issue because we branch on the opcode anyways. While fixing this bug, I'm strengthening the FrameState class such that a FrameState node must have a kFrameState operator. I'm also - changing the result type of outer_frame_state() from FrameState to Node* since it may in fact not be a kFrameState; - removing has_outer_frame_state() because I find it unintuitive to have outer_frame_state() return non-NULL even when has_outer_frame_state() would return true. Bug: chromium:1224758 Change-Id: I8ebed75c62e31f7eef71e2941fd18869d8a56af3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3001356Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#75553}
-
Yang Guo authored
Bug: none Change-Id: I95060382c0e10a252f1cec7b2d2c4b44f757b5f2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3003154 Commit-Queue: Yang Guo <yangguo@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Auto-Submit: Yang Guo <yangguo@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#75552}
-
Santiago Aboy Solanes authored
Mark: * InternalizedString * String * Symbol * Name Bug: v8:7790 Change-Id: I17463d51ffe8a50711f5b4916c9beb369bac7f38 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2982480 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#75551}
-
Yang Guo authored
Bug: none Change-Id: Icbc00fcdba6e408f34ac487b05e36deb71976e11 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3001357 Commit-Queue: Yang Guo <yangguo@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Auto-Submit: Yang Guo <yangguo@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#75550}
-
Camillo Bruni authored
- Change Group.prototype.size to .length - Use window.requestAnimationFrame when streaming-loading files to show the loading animation - Limit width of the timeline-track legend and add 'title' attribute to show the full text when cropped - Add duration for selected timeline events in timeline-track legend - Better error message when the local symbol server is not available Bug: v8:10644 Change-Id: Icdf2042341c9355ecb55e2fd8e6a4fa0feb5968f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3003151Reviewed-by: Patrick Thier <pthier@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#75549}
-
Dan Elphick authored
For very large snapshots, calculating the checksum of the snapshot can take at least 30% of the time to deserialize the snapshot, so add a flag to skip it. Change-Id: I8f3418f1d1e9f984e7334ac51096a1a166874722 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3001176 Auto-Submit: Dan Elphick <delphick@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#75548}
-