- 19 Nov, 2019 20 commits
-
-
Ng Zhi An authored
Bug: v8:9813 Change-Id: I75ca39612f0420548a56cc32edaa13a36a9713e9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1900661Reviewed-by: Bill Budge <bbudge@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#65041}
-
Igor Sheludko authored
Bug: v8:9708 Change-Id: Iba4bf148437b9aa27d9b57ee2ebf48948d1ac163 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1801838Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#65040}
-
Jakob Gruber authored
This reduction relies on a known object layout of the regexp instance in order to access the lastIndex field through a statically-determined offset. Prior to this CL, we checked only for instance types, not for the map, and thus it was possible to read garbage from either inside or outside the current object. Bug: chromium:1024758,v8:7779 Change-Id: I1eec8220797f443bdf3d05804e54f33b21fa2f00 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1924353Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#65039}
-
Michael Achenbach authored
TBR=neis@chromium.org NOTRY=true Bug: v8:9984 Change-Id: If192eb8680f8147d64aaa796955cb2ca38d0246d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1924360Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#65038}
-
Nico Hartmann authored
This CL implements torque builtins for BigInt subtraction and extends the compilation pipeline to lower calls to the generic subtraction to SpeculativeBigIntSubtract and later to BigIntSubtract with necessary checks in case of BigInt feedback. The CL also implements lowering of these operators to native machine word operations on 64 bit architectures if they are used in a truncating context (aka BigInt.asUintN). Bug: v8:9407 Change-Id: Idf5da14c380bc7c12375e7f084a3e1c455303f5f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1895566Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/master@{#65037}
-
Georg Neis authored
Bytecode flushing bit me again. Bug: v8:9945, v8:9983 Change-Id: I9e4f9dd5e1793d60b24def447a8374e550fa248a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1924352 Auto-Submit: Georg Neis <neis@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#65036}
-
Joey Gouly authored
For arm64 decompressing a TaggedSigned results in a 64-bit value, with the top 32 bits zeroed and the lower 32 bits being the SMI. This patch, with the --debug-code flag enabled, will corrupt the top 32 bits to try and catch places that are using 64-bit operations instead of 32-bit operations. Change-Id: I3d3048c4f4b87f3bce26d0c7eb41789ec6b99f5b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1917099Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Joey Gouly <joey.gouly@arm.com> Cr-Commit-Position: refs/heads/master@{#65035}
-
Mythri A authored
Bug: v8:9810 Change-Id: I6d7b9099a53badfdfdfa6b57211931b39ae72124 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1917154Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#65034}
-
Igor Sheludko authored
Bug: v8:7703 Change-Id: Iaa7a35a2438dc1181f60289190191b519e45bed0 Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng,v8_linux64_tsan_rel Cq-Include-Trybots: luci.v8.try:v8_linux64_cfi_rel_ng Cq-Include-Trybots: luci.chromium.try:fuchsia_x64,linux-rel,mac-rel Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1924347Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#65033}
-
Georg Neis authored
The optimization behavior in these configurations is strange, I'm still trying to understand what exactly is going on. Bug: v8:9945, v8:9983 Change-Id: I52782b9e73decb9f3b2439cddd5e23068faebdf4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1924349Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#65032}
-
Zhao Jiazhong authored
Former CL 352bbb12 https://crrev.com/c/1893192 made an optimization that move non-JS linkage builtins code objects into RO_SPACE, but caused v8 crash on mips platform, so temporarily disable the change on mips platform. Change-Id: Iffba1a35985ccf6688e29e35db20602d69a496e6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1919442 Auto-Submit: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Reviewed-by: Dan Elphick <delphick@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Cr-Commit-Position: refs/heads/master@{#65031}
-
Jakob Gruber authored
Drive-by: For more flexibility (e.g. for future IsNull methods), remove 'Constant' from names in the list of constants. Bug: v8:9972 Change-Id: I66ec64c30cb397641d77cd26b514e8ac52763e16 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1924348 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Auto-Submit: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#65030}
-
Clemens Backes authored
In most cases where we bail out to TurboFan, we actually have a fallback that just calls a C function instead. This fallback did not exist initially, but was added later for other platforms (see e.g. https://crrev.com/c/1044187). By reusing that fallback on intel, we remove another portion of function that could not be compiled in Liftoff on specific CPUs. R=ahaas@chromium.org Bug: v8:9919 Change-Id: I151000c004dc330362337bf7ddeaec68390c3467 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1921986Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#65029}
-
Michael Starzinger authored
R=jgruber@chromium.org Change-Id: If4b439ac7465cd984600816ff619d66f04cf174b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1917156Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#65028}
-
Georg Neis authored
... by disallowing checkpoint elimination across function boundaries. See the comment in checkpoint-elimination.cc and the tests for details. Bug: v8:9945 Change-Id: Ibf4ab6f0e4e709e26d3c4428a082ef45dcbeb8b0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1906208 Auto-Submit: Georg Neis <neis@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#65027}
-
Simon Zünd authored
Individual frames of a stack frame in the frame cache might point to the JSFunction of that corresponding stack frame. It is illegal to serialize JSFunction objects in the isolate snapshot, so the attempt to serialize the stack frame cache results in a crash. This can happen when a warmup script is run, before a snapshot is created. This CL fixes the crash by not utilizing the stack frame cache in case the serializer is enabled. Change-Id: I8b79a06b8cff36e1f54b54d3d8e5397b07ba52e7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1923068 Auto-Submit: Simon Zünd <szuend@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#65026}
-
Jakob Gruber authored
We recently extended function-entry stack checks by an offset representing the difference in optimized and unoptimized frame sizes, with the intent of avoiding stack overflows during deopts. Although the generated code is very efficient (just a single additional register subtraction, executed exactly once per call), perf impact is measurable. To avoid the overhead in most cases, this CL adds a stack slack, currently set to 256 bytes, by which deopts are allowed to exceed the real V8 stack limit. For function-entry stack checks with an offset less than stack slack, the offset is not applied and the more efficient version of the stack check is emitted. The V8 limit is chosen to be smaller than OS stack size (assumed to be at least 1 MB). This guarantee is upheld even with slack. Bug: chromium:1020989,v8:9534 Change-Id: Idee2e7ad1fa7810bf086a9f72ce00a9717010310 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1910099Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#65025}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/253c17c..456253c Rolling v8/buildtools: https://chromium.googlesource.com/chromium/src/buildtools/+log/140e4d7..6b3e658 Rolling v8/buildtools/third_party/libc++/trunk: https://chromium.googlesource.com/chromium/llvm-project/libcxx/+log/5938e05..78d6a77 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/a6bbfb9..f7d5f0c Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/1f392b8..35a67a5 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/fdd6048..7506d59 TBR=machenbach@chromium.org,tmrts@chromium.org Change-Id: I0f90feffadd437d852796e7f9268167841c4cb92 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1923090Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#65024}
-
Shu-yu Guo authored
Merged upstream in https://github.com/tc39/test262/commit/a31961f7ea Bug: v8:7834 Change-Id: Ic2e0e4558357edabf3d155fdebd3bc195c12e68c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1922889 Auto-Submit: Shu-yu Guo <syg@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#65023}
-
Frank Tang authored
https://chromium.googlesource.com/external/github.com/tc39/test262/+log/1bc19352..3682ddd7 3682ddd Add tests for String#replaceAll (#2423) by Leo Balter · 7 hours ago master 7040938 Fix tests for AggregateError (#2419) by Leo Balter · 3 days ago 43b0c76 Update tests for FinalizationGroup#register (#2424) by Jon Coppeard · 4 days ago aa9ba4b Add tests for Intl.DisplayNames#resolvedOptions (#2405) by Leo Balter · 5 days ago 8f8b337 Merge pull request #2420 from shvaikalesh/improve-json-parse-coverage by Leo Balter · 6 days ago 8544b06 Merge pull request #2418 from leobalter/remote-aggregateerror-tostring by Leo Balter · 6 days ago 3433399 tag subclass tests with WeakSet and WeakMap (#2421) by Gus Caplan · 7 days ago 5728e1b Add reviver prototype chain lookup tests by Alexey Shvayka · 7 days ago 80a99f7 Add reviver object with non-configurable property tests by Alexey Shvayka · 7 days ago 027cc0c Add reviver array with non-configurable property tests by Alexey Shvayka · 7 days ago 64ce046 Add reviver wrapper test by Alexey Shvayka · 7 days ago da9612d Add some more Proxy/ownKeys invariants tests (#2413) by Alexey Shvayka · 7 days ago 600245f Add integer index tests for Proxy "set" and "has" traps (#2412) by Alexey Shvayka · 7 days ago 13016eb Merge pull request #2416 from devsnek/fix-newlines by Leo Balter · 7 days ago 206c0cb Merge branch 'master' into fix-newlines by Leo Balter · 7 days ago 9bb90d1 Fix failure phase in coalesce tests (#2415) by Gus Caplan · 7 days ago 02bdf77 Add test for AggregateError's toString by Leo Balter · 7 days ago 90231ad Remote tests for AggregateError.prototype.toString by Leo Balter · 7 days ago a53f43e add missing newlines in tests by Gus Caplan · 8 days ago 8338258 add lint check for newline at end of file by Gus Caplan · 8 days ago Bug: v8:7834 Change-Id: I929f4f52fdb962d40b3314f50c98bb13f53f43fc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1919955Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/master@{#65022}
-
- 18 Nov, 2019 20 commits
-
-
Frank Tang authored
Design Doc https://shorturl.at/emEHW I2I: http://shorturl.at/pKRUV Bug: v8:8703 Change-Id: I9573b2ee6f1dce4dc594aa1df2753095f45af15e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1848683Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/master@{#65021}
-
Z Nguyen-Huu authored
We detect a stepping in Wasm from Javascript into Wasm then prepare the target function for debugging. The trick is redirect the target to interpreter and set a 'fake' breakpoint in the first instruction. Currently we don't need to clear this 'fake' breakpoint since it won't notify unless user intend to step in. Change-Id: Ibe1f9ba31dc6c7919895d3fe31967e9c4699ef63 Bug: chromium:1019606 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1902259 Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#65020}
-
Jakob Kummerow authored
This is a reland of 556f44c4 Original change's description: > [strings] Fix hash for exactly 512MB long strings > > Bug: chromium:1016237 > Change-Id: Idda1e44b5d578d1213aa54927ca68289bcdce8ac > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1878487 > Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Cr-Commit-Position: refs/heads/master@{#64552} Bug: chromium:1016237 Change-Id: I92ff4da0b25877faddfd171105b77680f9e08037 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1918251Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#65019}
-
Milad Farazmand authored
Port 63dc5556 Original Commit Message: A window is a Blink concept. This API marks the context as backing a detached window. This doesn't necessarily mean that the context is detached. Every time a JS function is called within a context that has a non-zero DetachedWindowReason, Runtime::kReportDetachedWindowAccess is invoked, which will report this call to Blink via a callback, which in turn can report number of such calls via UKM metrics. R=bartekn@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: I2243898115287e103ba5700499b9547fe155dceb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1919954Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#65018}
-
Ng Zhi An authored
This implements the rest of the load extend instructions: - i32x4.load16x4_s - i32x4.load16x4_u - i64x2.load32x2_s - i64x2.load32x2_u Bug: v8:9886 Change-Id: I4649f77bae5224042a1628d9f0498c050b1e599d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1903812Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#65017}
-
Seth Brenith authored
As one of several steps involved in supporting struct-valued fields within classes, this CL generates type verification code for the data contained in those structs. In order to generate verification code, Torque needs to know about struct field offsets and the total size of structs. Those calculations are added to StructType itself and the function TypeVisitor::ComputeType which initializes the StructType. I repurposed the Field::offset value to behave in structs more like it does in classes (it had previously indicated the index of a field within a struct, but nobody used that value). Overall this works okay, and I think it's less confusing to have Field::offset mean the same thing everywhere. However, some struct fields have types with unknown size (Field::GetFieldSizeInformation fails), so those fields are now marked with offset Field::kInvalidOffset to indicate that the structs containing them should not be used within class fields or anywhere else that requires packed layout. Bug: v8:7793 Change-Id: If2677c8c81efc85e63b4bfb831d818a748427e18 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1897247 Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#65016}
-
Anna Henningsen authored
Having had these would have saved me quite a bit of time :) Change-Id: I36a04cc89db9ceaa786a146d01a6b0f4444f5729 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1914214Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#65015}
-
Anna Henningsen authored
At least under some circumstances (GCC 6 with x64 Linux for me), the code in `serializer-for-background-compilation.cc` guarded by `ENABLE_SLOW_DCHECKS` attempts to use `std::iterator_traits` on the `FunctionalList`, which previously failed compilation because the standard iterator member types were unavailable. This adds these members. Refs: https://chromium-review.googlesource.com/c/v8/v8/+/1800578 Change-Id: Ifece423fce31d98777c6a65ef442623c321ecba3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1921800Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#65014}
-
Tobias Tebbi authored
For many subclasses of JSObject, we used kSize instead of kHeaderSize even though they can contain in-object properties. In fact, kSize was very much used as the header size, as can be seen in many examples in this CL. This change is a preparation for a for a cleanup of how Torque generates field offsets. TBR=hpayer@chromium.org Change-Id: I350e996057cd66c427381334080f8ac93de88597 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1917141 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#65013}
-
Simon Zünd authored
R=bmeurer@chromium.org Change-Id: I7338c4a5a259b7f81e8f7719d29c41e721ec1b00 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1921795 Auto-Submit: Simon Zünd <szuend@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#65012}
-
Georg Neis authored
The serialization of Construct was accidentally using the wrong hints for the receiver. Also, the recursion in ProcessCallOrConstruct was not quite right: for example, it overwrote the accumulator hints in each recursion. With this CL the Octane raytrace score for --concurrent-inlining is back to the default configuration's score. Bug: v8:7790 Change-Id: I501c9cc0b0c8de04520742b9c6b392a4a732bf78 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1921789 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#65011}
-
Georg Neis authored
That warning about missing data was sometimes printed even when nothing was missing. (Also drop an outdated TODO.) Bug: v8:7790 Change-Id: I9550b3237c87b7b0e59f740c34b13d3e38d8d36e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1917153 Commit-Queue: Georg Neis <neis@chromium.org> Auto-Submit: Georg Neis <neis@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#65010}
-
Simon Zünd authored
This CL adds one undeclared "torque_base" header, as well as two headers that are generated by the Torque compiler itself. R=tebbi@chromium.org Bug: v8:9810 Change-Id: I76c552d897da08b47c03efba959b348f0c2e5843 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1918256 Auto-Submit: Simon Zünd <szuend@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#65009}
-
Maya Lekova authored
Bug: v8:9810 Change-Id: I239a624541a4132092c8be9e20da6d49dd5506ed Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1918252 Commit-Queue: Maya Lekova <mslekova@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#65008}
-
Mike Stanton authored
Bug: v8:9810 Change-Id: If793739dd24ff6249bbec6e2ffddaf9111995e34 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1918254 Commit-Queue: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#65007}
-
Andreas Haas authored
R=mstarzinger@chromium.org Change-Id: I1eefd4cbb2a00535a8d6a9c830aadf3620011ea9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1921788Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#65006}
-
Dan Elphick authored
Converts Node*s to TNode<>s in the following functions: GotoIfNotNumber GotoIfNumber BitwiseOp InitializePropertyArrayLength LoadFixedDoubleArrayElement GotoIfContextElementEqual LoadJSFunctionPrototype AllocateCellWithValue AllocateSmiCell LoadCellValue StoreCellValue AllocateOrderedHashTable AllocateJSObjectFromMap InitializeJSObjectFromMap Bug: v8:9810 Change-Id: I323da8d72a0e164c70bd6026b32fa46010c7c256 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1910109Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Cr-Commit-Position: refs/heads/master@{#65005}
-
Dan Elphick authored
Since WASM can generate direct calls to any function that it knows the arity of and these can be any JS linkage builtin, we need to ensure that CPP builtins also go into CODE_SPACE. This moves 276 builtins (~25KiB) from RO_SPACE back to CODE_SPACE. Bug: chromium:1022695, v8:7464 Change-Id: I4cda8b68ddf6a5ddad09c6e7d4e6a08c8e6c2ccb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1916600 Commit-Queue: Dan Elphick <delphick@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#65004}
-
Deepti Gandluri authored
The DCHECK in the lookup method compares the stashed length of the backing store and the byte_length queried on lookup. These two are not guaranteed to be equal as there can be grow calls that update the lenght of the buffer between the length being stashed and the equality check. Bug: chromium:1010272 Change-Id: I754fa0a9ab676cd838e893d12ef6b13fc7d335e1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1911490Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/master@{#65003}
-
Michael Starzinger authored
This makes sure that the {WasmGraphBuilder} properly detects the presence of Simd128 global.get and global.set opcodes and triggers scalar lowering on architectures without Simd128 support. R=clemensb@chromium.org TEST=cctest/test-run-wasm-simd/RunWasm_S128Globals BUG=v8:9973 Change-Id: I1538bd1d3fea40cc78e82b125d4f113842faf68a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1917148Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#65002}
-