- 10 Sep, 2019 31 commits
-
-
Michael Lippautz authored
Reuse the existing builtin and extension infrastructure to provide a garbage collection mechanism that allows for asynchronous execution. On --expose-gc, this changes the gc call to parse parameters the following: (1) Parse options when encountering an options object with known properties. (2) No parameters is parsed as {type: 'major', execution: 'sync'}. (3) Truthy parameter that is not setting options is parsed as {type: 'minor', execution: 'sync'}. (2) and (3) preserve backwards compatibility for existing callers as this may be used widely across various test and benchmarking infrastructures. Valid options: - type: 'major' or 'minor' for full GC and Scavenge, respectively. - execution: 'sync' or 'async' for synchronous and asynchronous execution respectively. Returns a Promise that resolves when GC is done when asynchronous execution is requested, and undefined otherwise. Note: This is implemented as builtin to avoid having any stack at all. This information is also passed to the embedder to allow skipping stack scanning. Change-Id: Ie5c9b6f0d55238abfeb9051ffa1837501d474934 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1793143 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#63659}
-
Santiago Aboy Solanes authored
Bug: v8:6949, v8:9396 Change-Id: I4c9382079190379661a26fbe6e1f4f6040a56d08 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792902 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#63658}
-
Gus Caplan authored
Bug: v8:9553 Change-Id: I376d4bd3d1554e1ed0bdeea79c47bd2a45e643d8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795886 Commit-Queue: Adam Klein <adamk@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#63657}
-
Z Nguyen-Huu authored
Bug: v8:8976 Change-Id: I281dc72dcdf03a1d05fdc632c9e9228d62bd85b8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1783099 Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#63656}
-
Milad Farazmand authored
Port f72c844a Original Commit Message: Port f5ab7d38 Port 65f3861e Original Commit Message: In a new test suite: "wasm-api-tests", using a new binary "wasm_api_tests", powered by gtest/gmock (like unittests). Also fix a bunch of issues that these tests uncovered, mostly to ensure that the stack is walkable. R=miladfar@ca.ibm.com, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: Id52e771fee79210d6c295cecf56a322657cf2b8f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795864 Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com> Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#63655}
-
Clemens Hammacher authored
This reverts commit d7d25d2a. Reason for revert: crashes win32-debug: https://ci.chromium.org/p/v8/builders/ci/V8%20Win32%20-%20debug/21970 Original change's description: > [wasm] Patch jump tables in all code spaces > > If there are multiple code spaces, make sure to patch the jump tables > in all of them. > > R=mstarzinger@chromium.org > > Bug: v8:9477 > Change-Id: I2ec3d3de913b99623fd310004555337329588da0 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789289 > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Commit-Queue: Clemens Hammacher <clemensh@chromium.org> > Cr-Commit-Position: refs/heads/master@{#63651} TBR=mstarzinger@chromium.org,clemensh@chromium.org Change-Id: I4bdeb7394ebf002e3a84fececb0defba8bc9065d No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:9477 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796064Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#63654}
-
Igor Sheludko authored
This reverts commit 05d83a0e. Reason for revert: We passed the M78 branch point and should proceed testing the new elements kinds support. Original change's description: > Temporarily disable frozen/sealed elements kinds > > ... to prepare for merging this back to stable channel. > > Bug: chromium:992914 > Change-Id: Icbb257b5c02417d9222e60346575567360376264 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762021 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > Auto-Submit: Igor Sheludko <ishell@chromium.org> > Cr-Commit-Position: refs/heads/master@{#63277} TBR=leszeks@chromium.org,ishell@chromium.org # Not skipping CQ checks because original CL landed > 1 day ago. Bug: chromium:992914, v8:996176 Change-Id: Iaa36c140c0c9c72ca0e58f5c3e7d4cad67027085 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795342Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#63653}
-
Leszek Swirski authored
Rather than duplicating code paths for in- and out-of-object stores, have one code path which checks whether it needs to load the property store (and change the storage location to the HeapNumber value for unboxed doubles). As a drive-by, change the representation dispatch into a switch, and inline the representation checks into that switch, to make explicit what checks for what and which paths transform the value. Also, TNodify some of the surrounding functions. Change-Id: Ia1bf698b4cec3ffce9aaa5732cda2e3be9efd8e8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795345Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#63652}
-
Clemens Hammacher authored
If there are multiple code spaces, make sure to patch the jump tables in all of them. R=mstarzinger@chromium.org Bug: v8:9477 Change-Id: I2ec3d3de913b99623fd310004555337329588da0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789289Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#63651}
-
Bill Budge authored
- Eliminates non-const reference parameters in src/objects. Bug: v8:9429 Change-Id: Ic39a59d54bda26c622db29f07143055c3cc6c7a0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1794683Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#63650}
-
Michael Achenbach authored
NOTRY=true TBR=mslekova@chromium.org Change-Id: I3793426aaebd400ac93015b85ef11db5aecef52f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795357Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#63649}
-
Ana Peško authored
This CL changes how we handle the case when both --regexp-tier-up and --regexp-interpret-all flags are on. Previously, we had a CHECK that would crash if both flags were turned on, now we turn off the tier-up flag and print a warning message. Change-Id: I902a59cac9aaf316be05ab2acaee233aa32e023d Bug: chromium:1002242 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795353Reviewed-by: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Ana Pesko <anapesko@google.com> Cr-Commit-Position: refs/heads/master@{#63648}
-
Clemens Hammacher authored
After https://crrev.com/c/1793065 the test should be fast enough to execute it everywhere. R=mslekova@chromium.org Bug: v8:9696, v8:7783 Change-Id: I2485d703d6e973217eddde2f2814e31f7fcd8a61 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795343 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#63647}
-
Joshua Litt authored
Bug: v8:9463 Change-Id: I49d74c5103f4ee2e09114a609cffe82c838655dc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792782Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Joshua Litt <joshualitt@chromium.org> Cr-Commit-Position: refs/heads/master@{#63646}
-
Simon Zünd authored
An upcoming CL will remove the COLLECT_NON_LOCALS support of the ScopeIterator. The DebugStackTraceIterator uses the list of non-locals to restore the receiver for arrow functions. This CL extracts the relevant logic into a small helper and calls it directly. Change-Id: Ia396fd599e41ca65810497d2f5228619cfdf7cc4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1795347Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#63645}
-
Rong Wang authored
This CL is necessary for disabling write-barriers that involoves referencing pages via address arithmetic, which is required from third-party heap implementation. Change-Id: I1d3f572d48015e5c8cf691b2dc71a32834621c2f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1781008Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#63644}
-
Bill Budge authored
- Eliminates non-const reference parameters in test/unittests. Bug: v8:9429 Change-Id: Ia7b41482811183324a62859d27fc263e4032219a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1794802Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#63643}
-
Clemens Hammacher authored
Since we switched to C++14 now, we can use {std::make_unique} instead of our own {base::make_unique} from {template-utils.h}. R=mstarzinger@chromium.org, yangguo@chromium.org Bug: v8:9687 No-Try: true Change-Id: I660eb30038bbb079cee93c7861cd87ccd134f01b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789300 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#63642}
-
Thibaud Michaud authored
This is meant to check the performance impact of: https://chromium-review.googlesource.com/c/v8/v8/+/1776085/3 R=neis@chromium.org Bug: v8:9088 Change-Id: I8aad5272c1427b8bcaca02bdd0e51bf2779f7451 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1781054Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/master@{#63641}
-
Suraj Sharma authored
based on dicussion at docs.google.com/document/d/1UzCOai9H07fYcSaSqvF_H7BS2-sF5q91A4r9O1mRnHc/ Bug: v8:9305 Change-Id: I7464d4267b6465cc02bc27dffb602c8871d846f9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1696285 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#63640}
-
Mythri A authored
We don't handle all cases for stores to typed arrays in the builtins related to storing a property. Bailout to runtime when storing into a typed array if the property is not found on the object. Bug: chromium:996161 Change-Id: I684c7c4f526b15cdfb5bfe3fd23218910486a59e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789396 Commit-Queue: Mythri Alle <mythria@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#63639}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/6ff11c8..2d9fa32 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/fcd6915..884c81e Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/efce0d1..e5641be Rolling v8/third_party/googletest/src: https://chromium.googlesource.com/external/github.com/google/googletest/+log/3f05f65..3a45039 TBR=machenbach@chromium.org,tmrts@chromium.org Change-Id: I99a0be4d07f3e390d44aa11771d3c0dfc784f51a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1794125Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#63638}
-
Dominik Inführ authored
No invalidation of slots necessary for String::MakeThin. ThinString only stores tagged value, so it can't store an untagged value in a recorded slot. CreateFillerObjectAt takes care of slots in case of right-trimming objects. Bug: v8:9454 Change-Id: Id16e8ebceb334a845bdbf77282fbeb2069efce7d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1794682Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/master@{#63637}
-
Bill Budge authored
- Eliminates non-const reference parameters in test/cctest. Bug: v8:9429 Change-Id: I9b3f06d6dda447285673269819bdb405ebac2187 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1793064Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#63636}
-
Dan Elphick authored
When analyzing functions scopes with the script_scope as parent, don't skip migrating unresolved variables upwards if we could still be inside an arrow head, which means accesses to those variables will be correctly context allocated. Bug: v8:8510, chromium:1000094 Change-Id: I684f2f8bc692de420203990f93e5c943b5b769c9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789705Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Cr-Commit-Position: refs/heads/master@{#63635}
-
Milad Farazmand authored
Port af063685 R=bbudge@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: Iccbb0a968cd8490cfa1191ea8adb31007739b297 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1790544Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#63634}
-
Mu Tao authored
Fix build errors introduced by commit af063685 Change-Id: I467ea39f020d07bed00875f69152191b94029dd1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1794327 Auto-Submit: Mu Tao <pamilty@gmail.com> Reviewed-by: Bill Budge <bbudge@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#63633}
-
Mu Tao authored
Port 9f01d5c1 Original Commit Message: Stack overflow checks are typically implemented as part of the TurboFan graph of a function. This means that the stack check code is executed after frame construction. When a frame is too big, though, there may not be enough space on the stack anymore to throw the stack overflow exception after frame construction. With this CL we do an additional stack check before frame construction for functions with big frames. As discussed offline with mstarzinger, I do this change currently only for WebAssembly. This CL contains only the changes for arm. I will do the other platforms in separate CLs R=xwafish@gmail.com Change-Id: I46c6dd8fac1385e5da13e03cfffd9c640a7c2c57 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792582 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Auto-Submit: Mu Tao <pamilty@gmail.com> Cr-Commit-Position: refs/heads/master@{#63632}
-
Michael Starzinger authored
R=mvstanton@chromium.org BUG=v8:9396 Change-Id: Iaf1f6af19d3c4236c6f1c4b215b90b2e390e81d3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789297 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Zhi An Ng <zhin@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#63631}
-
Clemens Hammacher authored
It looks like the loop is there to create objects and trigger GC. It's also tailored to Crankshaft, which was removed long ago. This code currently times out on some arm bots, and it's hard to see any value in it. Thus remove it. R=mslekova@chromium.org Change-Id: Ia47d4f70d679f79cfea523f467ff7adc3360cf6c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1793065Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#63630}
-
Mike Stanton authored
NOPRESUBMIT=true NOTRY=true TBR=hpayer@chromium.org Change-Id: I87108e6dd739d2e4d5459b3abc27dee1f36d430b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792164 Commit-Queue: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/master@{#63629}
-
- 09 Sep, 2019 9 commits
-
-
Zhi An Ng authored
This reverts commit 306bb635. Reason for revert: Fails on Win64 msvc https://ci.chromium.org/p/v8/builders/ci/V8%20Win64%20-%20msvc/10601 Original change's description: > [wasm-simd] Implement F64x2ConvertI64x2 for x64 > > Bug: v8:8460 > Change-Id: Icefb90c67af77ac93bd75b4e452ba426232de83a > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710332 > Commit-Queue: Zhi An Ng <zhin@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Reviewed-by: Bill Budge <bbudge@chromium.org> > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > Cr-Commit-Position: refs/heads/master@{#63627} TBR=bbudge@chromium.org,mstarzinger@chromium.org,gdeepti@chromium.org,zhin@chromium.org Change-Id: I3ad568ec01f93e89ccc758170681035413b8414e No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:8460 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792232Reviewed-by: Zhi An Ng <zhin@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#63628}
-
Ng Zhi An authored
Bug: v8:8460 Change-Id: Icefb90c67af77ac93bd75b4e452ba426232de83a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710332 Commit-Queue: Zhi An Ng <zhin@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Bill Budge <bbudge@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/master@{#63627}
-
Ross McIlroy authored
BUG=v8:9684 Change-Id: Ifdcb8497fbbae157df270e87451639779f8a78c6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1784917 Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#63626}
-
Santiago Aboy Solanes authored
TNodify: * FloatOp * BigIntOp * Loads into their respective types * return type of: * GetContextAtDepth * ConstructWithSpread * Construct * CallBuiltin Also TNodify CheckEnumCache in code-stub-assembler. Bug: v8:6949, v8:9396 Change-Id: I79a90296b4851e47f4b89ed52fadfc9b61be1e6a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789161 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#63625}
-
Seth Brenith authored
v8_debug_helper attempts to flag known object pointers when it can recognize them, even if the memory pointed to is not available in the crash dump. In ptr-compr builds, the first pages of the map space, read-only space, and old space are always at the same offsets within the heap reservation region, so we can more easily detect known objects. Bug: v8:9376 Change-Id: I04e0d2357143d753f575f556e94f8fd42ce9d811 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1783729 Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#63624}
-
Ana Peško authored
This CL implements the tier-up strategy where the interpreter can be used for an arbitrary number of executions for every regex, before tiering-up to the compiler. The only exception is for functional global replaces, where we eagerly tier-up to native code right away. To use the tier-up logic --regexp-tier-up=value needs to be set. It is currently set to 0 by default. Change-Id: I770857e5eae710a952fe47661cb42957c53848b4 Bug: v8:9566 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789299 Commit-Queue: Ana Pesko <anapesko@google.com> Reviewed-by: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#63623}
-
Bill Budge authored
Bug: v8:9429 Change-Id: I13780eab38230ea62334485e10a5fa4dbb432e90 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789395 Commit-Queue: Bill Budge <bbudge@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#63622}
-
Andreas Haas authored
The fuzzer found a crash when we want to execute the {valueOf} function of an imported value for an i64-global. The problem is that we cannot execute JavaScript at that moment (I did not check why, I guess we open some scope at some point). I checked the WebAssembly spec now, and it defines that only numbers are valid values for imported globals. I adjust our bigint implementation accordingly with this CL, i.e. that only bigint values are valid as imported i64-globalsl. I also created github issues to discuss this problem. R=jkummerow@chromium.org Bug: chromium:1001804 Change-Id: I47f0b31fab53163346f341ad290fd3c58e7707bf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792167 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#63621}
-
Igor Sheludko authored
... to make them unique. With this fix the --trace-turbo no longer overwrites bytecode handler graphs and --trace-turbo-filter allows to select exact bytecode handler version. Bug: v8:9396 Change-Id: I260edc8872e320aadd5d70aa95cf5bf2cd24b22f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792904 Commit-Queue: Igor Sheludko <ishell@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Igor Sheludko <ishell@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#63620}
-