- 24 Oct, 2018 13 commits
-
-
Tobias Tebbi authored
In preparation of porting Array.of to Torque, restructure the code and add Construct() and ArrayCreate() to match spec text. As a drive-by change, add and improve a bunch of CSA types and remove direct usage of JSConstruct. Bug: v8:8321 Change-Id: I445093388214d5b17b6dbc8d24c76ee296163071 Reviewed-on: https://chromium-review.googlesource.com/c/1296487Reviewed-by: Mathias Bynens <mathias@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#56928}
-
Jaroslav Sevcik authored
Bug: v8:5495, v8:8361 Change-Id: I8bf37c75113cff212d9899c39cffbca47c448924 Reviewed-on: https://chromium-review.googlesource.com/c/1297310 Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#56927}
-
Jaroslav Sevcik authored
This makes the prototype add function check compatible with constant field tracking (which is still under a flag). Change-Id: I768feb55e1568f3e2642f573c9a79755fe3e8d9c Bug: v8:5495, v8:8361 Reviewed-on: https://chromium-review.googlesource.com/c/1296481Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#56926}
-
Benedikt Meurer authored
This CL introduces proper Oddball and ReceiverOrOddball states for the CompareOperationFeedback, and updates the StrictEqual IC to collect this feedback as well. Previously it would not collect Oddball feedback, not even in the sense of NumberOrOddball, since that's not usable for the SpeculativeNumberEqual. The new feedback is handled via newly introduced CheckReceiverOrOddball and CheckOddball operators in TurboFan, introduced by JSTypedLowering. Just like with the Receiver feedback, it's enough to check one side and do a ReferenceEqual afterwards, since strict equal can only yield true if both sides refer to the same instance. This improves the benchmark mentioned in http://crbug.com/v8/8356 from naive: 2950 ms. tenary: 2456 ms. to around naive: 2996 ms. tenary: 2192 ms. which corresponds to a roughly 10% improvement in the case for the tenary pattern, which is currently used by dart2js. In real world scenarios this will probably help even more, since TurboFan is able to optimize across the strict equality, i.e. there's no longer a stub call forcibly spilling all registers that are live across the call. This new feedback will be used as a basis for the JSEqual support for ReceiverOrOddball, which will allow dart2js switching to the shorter a==b form, at the same peak performance. Bug: v8:8356 Change-Id: Iafbf5d64fcc9312f9e575b54c32c631ce9b572b2 Reviewed-on: https://chromium-review.googlesource.com/c/1297309Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#56925}
-
Jakob Kummerow authored
as part of the ongoing quest to get rid of Object*/Object** entirely. Turns out the Deserializer was actually using unaligned MaybeObject** pointers, which is undefined behavior. This patch makes the unaligned values obvious (as "UnalignedSlot") and safe. Bug: v8:3770 Change-Id: I20f2cca10cc025fa4867e56d9d740a3653837749 Reviewed-on: https://chromium-review.googlesource.com/c/1295792 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#56924}
-
Frank Tang authored
Remove ICUService and decentralize GetAvailableLocales to each class. Refactor part of the Intl::GetAvailableLocales into Intl::BuildLocaleSet as helper function. Bug: v8:5751 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: Ic82d919cbf7ec840a7df3b0fa040561534c105a1 Reviewed-on: https://chromium-review.googlesource.com/c/1295934 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#56923}
-
Johannes Henkel authored
See https://chromium.googlesource.com/deps/inspector_protocol/+/460186cff1f0eead0d418626e7e75f52105182b2 Bug: chromium:891377 Change-Id: I10332e68fb33f8bc06a489162171c52675373536 Reviewed-on: https://chromium-review.googlesource.com/c/1297591 Commit-Queue: Johannes Henkel <johannes@chromium.org> Reviewed-by: Dmitry Gozman <dgozman@chromium.org> Cr-Commit-Position: refs/heads/master@{#56922}
-
Frank Tang authored
Bug: v8:5751 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: I9653b862f58f25e35b5443fb5d47d69c36792768 Reviewed-on: https://chromium-review.googlesource.com/c/1295929 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#56921}
-
Jakob Kummerow authored
as part of the continuing quest to get rid of Object*/Object**. This is a fairly mechanical replacement of Object**/MaybeObject** with wrapper objects carrying the same data. No change in behavior is intended. Overloaded operators are provided to minimize code churn. Bug: v8:3770 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I76cee82b8bf2dd80a1b66f09dd2bb2b65038eeb7 Reviewed-on: https://chromium-review.googlesource.com/c/1287889 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#56920}
-
Alexey Kozyatinskiy authored
wrapValue can destroy injected script. R=dgozman@chromium.org Bug: chromium:898062 Cq-Include-Trybots: luci.chromium.try:linux_chromium_headless_rel;master.tryserver.blink:linux_trusty_blink_rel Change-Id: I60c8d4a4b510b896a175346a3ba72ca8be43bca5 Reviewed-on: https://chromium-review.googlesource.com/c/1297290Reviewed-by: Dmitry Gozman <dgozman@chromium.org> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Cr-Commit-Position: refs/heads/master@{#56919}
-
Jakob Kummerow authored
This patch adds two improvements to gm.py: (1) Fix "mksnapshot failure" detection to match the error message that is generated when embedded builtins are enabled. (2) Run "gn gen" whenever build.ninja is missing. This can happen when out/<config>/args.gn exists already when gm.py is run for the first time. Bug: v8:6666, v8:8335 Change-Id: I71836b832754fa21b6443d57a6c3c49718a9a8d1 Reviewed-on: https://chromium-review.googlesource.com/c/1294174Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#56918}
-
Frank Tang authored
Bug: v8:5751 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: I5a482014fa482c62b014506df45846496d909a63 Reviewed-on: https://chromium-review.googlesource.com/c/1295933Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/master@{#56917}
-
Caitlin Potter authored
The assertion was intended to verify that the function is only called at appropriate times (at a point when it was called both by by other builtins, and by desugarings added in the parser and during bytecode generation) --- However, it didn't account for the case where the wrapper Promise is resolved with another JSPromise with a non-callable "then" method. (Step 12 of https://tc39.github.io/ecma262/#sec-promise-resolve-functions): "If IsCallable(thenAction) is false, then Return FulfillPromise(promise, resolution)." It would be observable to verify this behaviour by loading the "then" value and asserting that it's non-callable, so instead the CSA_ASSERT is just removed and replaced with a comment explaining the appropriate use of the function. BUG=chromium:897436, v8:5855 R=bmeurer@chromium.org Change-Id: Ib4b11abfe3339409b57ccfda9c3f75a34e0db532 Reviewed-on: https://chromium-review.googlesource.com/c/1296909 Commit-Queue: Caitlin Potter <caitp@igalia.com> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#56916}
-
- 23 Oct, 2018 27 commits
-
-
Jakob Kummerow authored
This reverts commit ec969ea3. Reason for revert: test fails consistently on arm bots. I can't repro the failure locally, but it does consume ~512MB of memory (for a single string, I think?), so my guess is that the bots don't have enough contiguous address space. Original change's description: > [builtins] Fix Array.p.join length overflow and invalid string length handling > > - Fixes and simplify allocating the temporary fixed array for ToString-ed elements. > - When the array size is greater than representable by an intptr, it overflowed into a negative value causing a non-negative assert to fail. > - Simplify fallback behavior by always allocating a conservatively sized temporary fixed array. Previously, if the array had dictionary elements, the temporary fixed array was sized based on %GetNumberDictionaryNumberOfElements() and then resized when entering the fallback. > > - Fixes related invalid string length handling. When the running total of the resulting string length overflowed or exceeded String::kMaxLength, a RangeError is thrown. Previously, this thrown RangeError bypassed JoinStackPop and left the receiver on the stack. > > Bug: chromium:897404 > Change-Id: I157b71ef04ab06125a5b1c3454e5ed3713bdb591 > Reviewed-on: https://chromium-review.googlesource.com/c/1293070 > Commit-Queue: Peter Wong <peter.wm.wong@gmail.com> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Cr-Commit-Position: refs/heads/master@{#56907} TBR=danno@chromium.org,peter.wm.wong@gmail.com,jgruber@chromium.org,tebbi@chromium.org Change-Id: I8ca80bd75833aacc94ccb25ceb82bbc8880991db No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:897404 Reviewed-on: https://chromium-review.googlesource.com/c/1297471Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#56915}
-
Yang Guo authored
This reverts commit 1d837093. Reason for revert: Speculative revert for https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Arm%20-%20debug/8158 Original change's description: > [heap] Clean-up MemoryChunk allocation area constants. > > Change-Id: I8ba59546ab93c7af98bc5ece2f0160628844dd92 > Reviewed-on: https://chromium-review.googlesource.com/c/1280584 > Reviewed-by: Yang Guo <yangguo@chromium.org> > Commit-Queue: Hannes Payer <hpayer@chromium.org> > Cr-Commit-Position: refs/heads/master@{#56908} TBR=ulan@chromium.org,yangguo@chromium.org,hpayer@chromium.org Change-Id: I0ce51513864d3f7e4337391dc510fb828c083d48 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/1296488Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#56914}
-
Clemens Hammacher authored
When resetting the {unique_ptr} to the {CompilationState} in the {NativeModule}, what actually happens is that first the pointer stored in the {unique_ptr} is reset to {nullptr}, then the destructor is called. The destructor of {CompilationState} cancels and waits for background compile jobs. While doing so, background compile jobs still try to access the {unique_ptr} in the {NativeModule}. This CL fixes this race by splitting the shutdown in two steps: First, cancel and wait the background compile jobs, and only later reset the pointer. R=ahaas@chromium.org Bug: v8:8359 No-Tree-Checks: true Change-Id: Ifa3bdf3424dfd5a4712d33f8ca85f9382b1766a6 Reviewed-on: https://chromium-review.googlesource.com/c/1296486 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#56913}
-
Michael Hablich authored
This reverts commit fcbb023b. Reason for revert: blocks roll https://chromium-review.googlesource.com/c/chromium/src/+/1296315 Original change's description: > Add Windows ARM64 ABI support to V8 > > This change added Windows ARM64 ABI support, major things are: > 1. Excluding x18 register from any usage because it is reserved as > platform register. Preserve alignment after the change. > 2. Fix the assumption of LP64 in arm64 backend. Windows ARM64 is > still LLP64. > 3. Stack guard page probe for large allocation on stack. > > Reference: > Windows ARM64 ABI: > https://docs.microsoft.com/en-us/cpp/build/arm64-windows-abi-conventions?view=vs-2017 > > Bug: chromium:893460 > Change-Id: I325884ac8dab719154a0047141e18a9fcb8dff7e > Reviewed-on: https://chromium-review.googlesource.com/c/1285129 > Commit-Queue: Michael Achenbach <machenbach@chromium.org> > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Cr-Commit-Position: refs/heads/master@{#56881} TBR=bbudge@chromium.org,ulan@chromium.org,machenbach@chromium.org,hpayer@chromium.org,brucedawson@chromium.org,mlippautz@chromium.org,ahaas@chromium.org,bmeurer@chromium.org,Tom.Tan@microsoft.com Change-Id: I0b804af6dfca9409a655194fa6e5407f209be2dc No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:893460 Reviewed-on: https://chromium-review.googlesource.com/c/1296460Reviewed-by: Michael Hablich <hablich@chromium.org> Commit-Queue: Michael Hablich <hablich@chromium.org> Cr-Commit-Position: refs/heads/master@{#56912}
-
Michael Lippautz authored
Marking resets global handles which touches the corresponding slots on the embedder side. The embedder may already have freed the memory which results in use after free. Bug: chromium:843903 Change-Id: I05a62f28d801b4de167f6fbf1be29743544c1293 Reviewed-on: https://chromium-review.googlesource.com/c/1296457Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#56911}
-
Joyee Cheung authored
This patch merges ClassLiteralProperty::PUBLIC_FIELD and ClassLiteralProperty::PRIVATE_FIELD into ClassLiteralProperty::FIELD, and moves the visibility part into ClassLiteralProperty::is_private() for the ease of adding new combinations in the future. Bug: v8:8330 R=gsathya@chromium.org Change-Id: I54f64d05bccb1867d9111e4c80158a6075406d80 Reviewed-on: https://chromium-review.googlesource.com/c/1291052Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Mythri Alle <mythria@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Joyee Cheung <joyee@igalia.com> Cr-Commit-Position: refs/heads/master@{#56910}
-
Clemens Hammacher authored
Background tasks are not throttled any more, so there is no need to restart background compile after finishing units. Background tasks will only stop if all compilation units have been processed. R=ahaas@chromium.org Change-Id: I2b28c079bf5847cd5eb4f65629b9aed89afa8d1e Reviewed-on: https://chromium-review.googlesource.com/c/1296477Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#56909}
-
Hannes Payer authored
Change-Id: I8ba59546ab93c7af98bc5ece2f0160628844dd92 Reviewed-on: https://chromium-review.googlesource.com/c/1280584Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/master@{#56908}
-
peterwmwong authored
- Fixes and simplify allocating the temporary fixed array for ToString-ed elements. - When the array size is greater than representable by an intptr, it overflowed into a negative value causing a non-negative assert to fail. - Simplify fallback behavior by always allocating a conservatively sized temporary fixed array. Previously, if the array had dictionary elements, the temporary fixed array was sized based on %GetNumberDictionaryNumberOfElements() and then resized when entering the fallback. - Fixes related invalid string length handling. When the running total of the resulting string length overflowed or exceeded String::kMaxLength, a RangeError is thrown. Previously, this thrown RangeError bypassed JoinStackPop and left the receiver on the stack. Bug: chromium:897404 Change-Id: I157b71ef04ab06125a5b1c3454e5ed3713bdb591 Reviewed-on: https://chromium-review.googlesource.com/c/1293070 Commit-Queue: Peter Wong <peter.wm.wong@gmail.com> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#56907}
-
Clemens Hammacher authored
R=mstarzinger@chromium.org Bug: v8:8238 Change-Id: I93c9d2a643731766f15f4db1bf7647a85488a6d0 Reviewed-on: https://chromium-review.googlesource.com/c/1296454Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#56906}
-
Florian Sattler authored
Bug: chromium:897815, chromium:897935, chromium:897766 Change-Id: Ie8c4105867f84054559a4c43c23be82365502c1e Reviewed-on: https://chromium-review.googlesource.com/c/1296469Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Florian Sattler <sattlerf@google.com> Cr-Commit-Position: refs/heads/master@{#56905}
-
Michael Starzinger authored
R=ulan@chromium.org Change-Id: I73f6fc0baee8e1219a88d4d8f594bba16e64f332 Reviewed-on: https://chromium-review.googlesource.com/c/1296480Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#56904}
-
Jakob Gruber authored
Whenever left-trimming is possible (e.g. whenever user code is called), we must not store a reference to an exposed JSArray's elements. Bug: chromium:897366,v8:7382 Change-Id: I8dd6a93aa6ed19e755ccce7122e0e019dc578a31 Reviewed-on: https://chromium-review.googlesource.com/c/1292066Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#56903}
-
Benedikt Meurer authored
This introduces a new bit on the Isolate which tells whether promise hooks, async event delegate or the debug delegate are enabled. Use this new bit in places where we generally need to take the slow path due to async instrumentation. Bug: v8:7253, v8:7522, v8:8238 Change-Id: I8f34eeb9f8f7b56fcbb4deb59ac51b2d0907ff6c Reviewed-on: https://chromium-review.googlesource.com/c/1296473 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#56902}
-
Dan Elphick authored
Bug: v8:8329 Change-Id: I5be972698809ca77a621bb960cbc6a23b9f0f4b0 Reviewed-on: https://chromium-review.googlesource.com/c/1296474Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Cr-Commit-Position: refs/heads/master@{#56901}
-
Michael Achenbach authored
NOTRY=true TBR=sergiyb@chromium.org Bug: chromium:830557 Change-Id: I598a8591559c489944da6aa06fea793aaed0fa6e Reviewed-on: https://chromium-review.googlesource.com/c/1296479Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#56900}
-
Michael Achenbach authored
NOTRY=true TBR=sergiyb@chromium.org Bug: chromium:830557 Change-Id: Ie9022b04cb5858654c6903f38031c860e8681b9e Reviewed-on: https://chromium-review.googlesource.com/c/1296478Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#56899}
-
Michael Achenbach authored
NOTRY=true Bug: v8:8291 Change-Id: Iae948ef9de027f86702accf34487524fd1c6b538 Reviewed-on: https://chromium-review.googlesource.com/c/1296455 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#56898}
-
Clemens Hammacher authored
This is the last method which modified the Result after construction. Turn this into a named constructor instead. Drive-by: Replace a Result<bool> by VoidResult, since the bool is not used anywhere. R=mstarzinger@chromium.org Bug: v8:8238 Change-Id: I352e0687e99a90e6ad00587d6fdf388f68c9b60a Reviewed-on: https://chromium-review.googlesource.com/c/1296271 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#56897}
-
Clemens Hammacher authored
Instead, create it when needed and pass it down to the actual compilation. This saves memory by making the WasmCompilationUnit smaller and will eventually allow us to implement the trap handler fallback correctly by using an updated ModuleEnv in background compilation and tier up. R=mstarzinger@chromium.org Bug: v8:5277, v8:8343 Change-Id: I0dc3a37fb88e54eb4822dc99d58ff024f4b2a367 Reviewed-on: https://chromium-review.googlesource.com/c/1293953 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#56896}
-
Clemens Hammacher authored
Update two more uses of {bool} instead of {UseTrapHandler}. R=mstarzinger@chromium.org Change-Id: I83715661a2238004a4cbccf271a2bf781ef2f44d Reviewed-on: https://chromium-review.googlesource.com/c/1293952 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#56895}
-
Michael Achenbach authored
NOTRY=true TBR=sergiyb@chromium.org Bug: chromium:830557 Change-Id: I2dd9e040c0d29a49aa0a23283da67d550a110677 Reviewed-on: https://chromium-review.googlesource.com/c/1296453Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#56894}
-
Clemens Hammacher authored
This is to prepare larger refactorings that reduce the amount of information stored in the WasmCompilationUnits and avoid ever storing the ModuleEnv. Instead, we will generate it when needed. This will allow us to correctly switch from a trap-handler configuration to non-trap-handler. R=mstarzinger@chromium.org Bug: v8:8343, v8:5277 Change-Id: I383a8105448ccdcae1148ddfebd74db70c648ecf Reviewed-on: https://chromium-review.googlesource.com/c/1293951Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#56893}
-
Florian Sattler authored
Bug: v8:8351 Change-Id: I6ea08e0eb8b77a578a6a4fbe3eb0b96e6c3a0f95 Reviewed-on: https://chromium-review.googlesource.com/c/1296451Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Florian Sattler <sattlerf@google.com> Cr-Commit-Position: refs/heads/master@{#56892}
-
Michael Achenbach authored
All configs auto-generated with https://crrev.com/c/1270796. NOTRY=true TBR=sergiyb@chromium.org Bug: chromium:830557 Change-Id: Ie421a3a01bbcd996297ab3a8585dd6f116e29886 Reviewed-on: https://chromium-review.googlesource.com/c/1296449Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#56891}
-
Yang Guo authored
This is to fix test262 tests which expect that there is no arguments object. Bug: v8:7186 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: I56205c29609666dc832297e4d36a4d487eae36cc Reviewed-on: https://chromium-review.googlesource.com/c/1291469Reviewed-by: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Mathias Bynens <mathias@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#56890}
-
Peter Marshall authored
This reverts commit c92a1dda. Reason for revert: Breaks arm sim: https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20arm%20-%20sim/15207 Original change's description: > [cpu-profiler] Fix a bug which caused a pure virtual function call > > We need to remove each Sampler from the SamplerManager before we call > the Sampler destructor. This is because the signal handler can interrupt > the destructor, and call DoSampler(), which calls sampler->SampleStack() > on the sampler being destructed, causing general unhappiness and > "Pure virtual function called!" crashes. > > Bug: v8:8346, v8:5193 > Change-Id: Iaa595a196eab33fb1af31584e9a68fd1ce0a18f6 > Reviewed-on: https://chromium-review.googlesource.com/c/1293949 > Commit-Queue: Peter Marshall <petermarshall@chromium.org> > Reviewed-by: Alexei Filippov <alph@chromium.org> > Cr-Commit-Position: refs/heads/master@{#56882} TBR=alph@chromium.org,yangguo@chromium.org,petermarshall@chromium.org Change-Id: I517e07d75045f6253e7f12714304fba77959fbc2 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:8346, v8:5193 Reviewed-on: https://chromium-review.googlesource.com/c/1296472Reviewed-by: Peter Marshall <petermarshall@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#56889}
-