- 14 Sep, 2022 11 commits
-
-
Frank Tang authored
Correct the call the the one which take the UTC based time instead of the one taking the local wall time. Bug: v8:11544 Change-Id: Ib288617e8f98b21865c306ca36cd905a3e5315bd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3892639 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by:
Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#83205}
-
Frank Tang authored
Sync with 2210 and 2240 https://github.com/tc39/proposal-temporal/pull/2210 https://github.com/tc39/proposal-temporal/pull/2400 Add AO: RoundNumberToIncrementAsIfPositive Change AO parameter: DifferenceInstant Spec: https://tc39.es/proposal-temporal/#sec-temporal-roundnumbertoincrementasifpositive https://tc39.es/proposal-temporal/#sec-temporal-roundtemporalinstant https://tc39.es/proposal-temporal/#sec-temporal-differenceinstant https://tc39.es/proposal-temporal/#sec-temporal-addduration https://tc39.es/proposal-temporal/#sec-temporal-differencetemporalinstant https://tc39.es/proposal-temporal/#sec-temporal-differencetemporalzoneddatetime Bug: v8:11544 Change-Id: I6b613bd19014d770852b9ba587278e714f9ac110 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3857451Reviewed-by:
Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#83204}
-
Seth Brenith authored
A couple of customers have asked about using devtools to get information about temporary allocations, with the goal of reducing GC time and/or peak memory usage. Currently, the sampling heap profiler reports only objects which are still alive at the end of the profiling session. In this change, I propose adding configuration options when starting the sampling heap profiler so that it can optionally include information about objects which were discarded by the GC before the end of the profiling session. A user could run the sampling heap profiler in several different modes depending on their goals: 1. To find memory leaks or determine which functions contribute most to steady-state memory consumption, the current default mode is best. 2. To find functions which cause large temporary memory spikes or large GC pauses, the user can request data about both live objects and those collected by major GC. 3. To tune for minimal GC activity in latency-sensitive applications like real-time audio processing, the user can request data about every allocation, including objects collected by major or minor GC. 4. I'm not sure why anybody would want data about objects collected by minor GC and not objects collected by major GC, but it's also a valid flags combination. Change-Id: If55d5965a1de04fed3ae640a02ca369723f64fdf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3868522Reviewed-by:
Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
Camillo Bruni <cbruni@chromium.org> Reviewed-by:
Simon Zünd <szuend@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/main@{#83202}
-
Samuel Groß authored
When regenerating v8heapconst.py, the v8 sandbox now has to be enabled explicitly (using the v8_enabe_sandbox=true gn arg) as it is enabled by default in Chromium builds, but not standalone v8 builds. Bug: v8:13281 Change-Id: I1a0861b1d63f340465d7433e042b27eace706ca7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3895622 Commit-Queue: Adam Klein <adamk@chromium.org> Auto-Submit: Samuel Groß <saelo@chromium.org> Reviewed-by:
Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#83201}
-
Leszek Swirski authored
Check whether the exception phi for the accumulator (i.e. the exception message object) is dead, and don't assign rax to it if yes. Note that maglev node liveness can differ from bytecode liveness, since the bytecode accumulator could have been considered "live" just because of a move to a (dead) register. Bug: v8:7700 Change-Id: If1384284f6f55a565e2ae94e5e7a32455fdedb93 Fixed: chromium:1359382 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3892353 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by:
Jakob Linke <jgruber@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#83197}
-
Leszek Swirski authored
Use Script as the key for the template object cache, instead of the SharedFunctionInfo. This is because SharedFunctionInfos can be garbage collected and then later recompiled, which would mean that we break the spec's expectation that the template object stays constant. Now the association of cached template object with SharedFunctionInfo is via the function_literal_id of the SharedFunctionInfo, stored on the CachedTemplateObject. These are linearly searched, similar to the linear search over slot ids. Bug: v8:13190 Change-Id: I3f67811c16ea4cd39c99b2fa034aa7e1f03c171e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3892787Reviewed-by:
Camillo Bruni <cbruni@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#83195}
-
Omer Katz authored
SimulateFullSpace starts with no LAB, iterates over pages and allocates all free space on each page. After the first page, the LAB is empty but is no longer null. Bug: v8:12612 Change-Id: I2c00b9ba68fdd5f60eda086ea940cb6e211a986e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3891294 Commit-Queue: Omer Katz <omerkatz@chromium.org> Reviewed-by:
Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#83186}
-
Tobias Tebbi authored
Change-Id: I2a35ae0d07bcd5c570bcaae8ae6ef886a5b5e926 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3852484Reviewed-by:
Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#83185}
-
Manos Koukoutos authored
Before, import and export wrappers were cached based on their signature. This change - makes wrapper canonicalization consistent with that of types and call_indirect signatures under --wasm-type-canonicalization, - removes the last uses of signature maps, which will enable us to remove them in a future CL. Change-Id: I512bc234f0ae10e50bd94237e8e675ca47ed13c5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3891250 Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#83183}
-
Greg Thompson authored
Bug: chromium:1092804 Change-Id: I9f4385d00af464eb2b9251b7c1dcfe0d4b69cdf2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3891279 Auto-Submit: Greg Thompson <grt@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by:
Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#83182}
-
Jakob Linke authored
Ignition remembers the correct context to restore when entering an exception handler by moving the context to an interpreter register when entering a try block, and restoring it from there when unwinding the frame and entering the catch block. Maglev code has to do the same by taking the context from the appropriate register for the handler's frame state. Bug: v8:7700 Change-Id: I294fcccc845c660b2289b6d7b40f49f1aa46283d Fixed: chromium:1359928 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3892352Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Auto-Submit: Jakob Linke <jgruber@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#83181}
-
- 13 Sep, 2022 12 commits
-
-
Thibaud Michaud authored
Trap if the suspender argument provided to the JSPI import wrapper is invalid. For now, the suspender argument is expected to be the active suspender. In the future, it will also be possible to suspend to a parent of the current suspender. This will only be possible once wasm-to-wasm suspending wrappers are supported, or if and when JSPI suspenders become compatible with their core stack-switching counterpart (e.g. Fibers in the fiber proposal). R=jkummerow@chromium.org Bug: v8:12191 Change-Id: I650454ed076bd251b0aa18656774d4c4b2d3bfdc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3892697Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#83173}
-
Frank Tang authored
1. Return null if the transition is out of bound. 2. Remove incorrect MAYBE_RETURN which is handled by the IsNothing check. Bug: v8:11544 Change-Id: Ia54f68831120bd2460cb813464168b1a2c92da3d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3893595 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by:
Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#83171}
-
Andy Wingo authored
Instead of having e.g. `string.new_wtf8` that takes an immediate specifying the particular UTF-8 flavor to parse, make one instruction per flavor. See https://github.com/WebAssembly/stringref/pull/46. Bug: v8:12868 Change-Id: I2e9f2735c557b2352b6e75314037e473710d87a9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3892695Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Andy Wingo <wingo@igalia.com> Cr-Commit-Position: refs/heads/main@{#83170}
-
Teodor Dutu authored
This also allows allocation folding to be tested in cctests. Bug: v8:13070 Change-Id: I7b6991461dd7ad4423539b33f59a05d6b247c3e7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3891257 Auto-Submit: Teo Dutu <teodutu@google.com> Commit-Queue: Teo Dutu <teodutu@google.com> Reviewed-by:
Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#83169}
-
Omer Katz authored
1) Cast to PagedSpaceBase instead of PagedSpace in sweeper.cc 2) Free LAB before filling space in heap-utils.cc Bug: v8:12612 Change-Id: I5820c2d2f4ab832a4b5a829fc55973d93296ec10 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3892690 Commit-Queue: Omer Katz <omerkatz@chromium.org> Reviewed-by:
Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Auto-Submit: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/main@{#83168}
-
Shu-yu Guo authored
Bug: v8:12547 Change-Id: I89dbaea6b8559ada651b6ed986c842c1dc2b6df9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3892129Reviewed-by:
Milad Farazmand <mfarazma@redhat.com> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#83167}
-
Matthias Liedtke authored
Fixed: v8:12463 Change-Id: I7ca2d3db803ca6ac50c1340d747f98d03c3985a4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3890982Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Matthias Liedtke <mliedtke@chromium.org> Cr-Commit-Position: refs/heads/main@{#83162}
-
Matthias Liedtke authored
GetIterator on object o consists of two steps: 1) iter = load o[#Symbol.Iterator] 2) call iter For null / undefined step (1) throws an exception, meaning step (2) is never reached. Up to this change, turbofan deopts if for either of the two steps there isn't enough feedback, meaning that we have a deopt loop for null and undefined. Change-Id: Ie0eaf8e231a149313e10af9e95fd80bc77dc0beb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3890980Reviewed-by:
Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Auto-Submit: Matthias Liedtke <mliedtke@chromium.org> Cr-Commit-Position: refs/heads/main@{#83159}
-
Omer Katz authored
FillCurrentPage assumed that everything after top is empty, which doesn't work with MinorMC and sweeping. Revise FillCurrentPage based SimulateFullSpace for MinorMC. I similar implementation is provided both in unittests and cctest. Migrating affected cctest to unittests is left a future work. Bug: v8:12612 Change-Id: Ie29be2fc7aaee25e1fd5f66b1c0959c2a45f007f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3885888Reviewed-by:
Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/main@{#83158}
-
Liu Yu authored
Bug: v8:13206 Change-Id: Ifb5daeff2a1e91fd098bc5abe9f81339575636bf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3837160Reviewed-by:
Hannes Payer <hpayer@chromium.org> Reviewed-by:
Jakob Linke <jgruber@chromium.org> Reviewed-by:
Michael Achenbach <machenbach@chromium.org> Auto-Submit: Liu Yu <liuyu@loongson.cn> Commit-Queue: Liu Yu <liuyu@loongson.cn> Cr-Commit-Position: refs/heads/main@{#83148}
-
Shu-yu Guo authored
The normative change in https://github.com/tc39/proposal-resizablearraybuffer/pull/93 changed the behavior of TypedArray.prototype.subarray(begin, end) such that if the receiver is a length-tracking TA and end is undefined, the result TypedArray is also length-tracking. This change reached consensus in the March 2022 TC39. Bug: v8:11111 Change-Id: If1a84cc3134f3ce8046196d6cc36683b6996dec0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3888382 Commit-Queue: Marja Hölttä <marja@chromium.org> Auto-Submit: Shu-yu Guo <syg@chromium.org> Reviewed-by:
Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#83147}
-
Frank Tang authored
Only change the implementation in BalanceISODate from https://github.com/tc39/proposal-temporal/pull/2178/files#diff-113bc23f7ddc769c78deac4268f2400a0a8ca75258f4a6a8af8219cf430a0788 Changes of other AOs in that PR is not in this cl. Note: Split from cl/3864358 Bug: v8:11544 Change-Id: I8c8514642cdb522975b23bcc9c2bb9eb56cb2839 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3892177Reviewed-by:
Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#83141}
-
- 12 Sep, 2022 5 commits
-
-
Frank Tang authored
https://chromium.googlesource.com/external/github.com/tc39/test262/+log/8dcc0e19..7461973 Bug: v8:7834 Change-Id: I2dc32c22a01f0a6729e326864812f4230ad6ac54 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3880731Reviewed-by:
Shu-yu Guo <syg@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#83138}
-
Manos Koukoutos authored
Bug: v8:12166 Change-Id: Ib1d9ac90a2b9c03915c496f1d23586ab8a94aef7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3891209 Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#83137}
-
Seth Brenith authored
BackgroundMergeTask::CompleteMergeInForeground contained an incorrect assumption that some SharedFunctionInfos would have bytecode arrays. Bug: v8:12808, chromium:1360024 Change-Id: I42ca22fc3a4412aea5e5a433e63c685eaf2af242 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3888198Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/main@{#83133}
-
Samuel Groß authored
This is a reland of commit 49c59678 The non-deterministic snapshot issue has been fixed by using the correct field size for CodeDataContainers in serializer.cc. Original change's description: > [sandbox] Fold V8_SANDBOXED_EXTERNAL_POINTERS into V8_ENABLE_SANDBOX > > Now that all external pointers have been sandboxed, > V8_SANDBOXED_EXTERNAL_POINTERS is no longer needed. This change also > shrinks external pointer slots to 32 bits when the sandbox is enabled. > > Bug: v8:10391 > Change-Id: Iccbef27ac107b988cb23fe9ef66da6fe0bae087a > Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3869269 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> > Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Commit-Queue: Samuel Groß <saelo@chromium.org> > Cr-Commit-Position: refs/heads/main@{#83083} Bug: v8:10391 Change-Id: I29870404406902d99ba6016c570cc0c4d05c6c85 Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3887899Reviewed-by:
Igor Sheludko <ishell@chromium.org> Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Reviewed-by:
Nico Hartmann <nicohartmann@chromium.org> Reviewed-by:
Manos Koukoutos <manoskouk@chromium.org> Commit-Queue: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#83130}
-
Leszek Swirski authored
Make the flush-baseline-code tests use --no-maglev in addition to --no-turbofan. Bug: v8:7700 Change-Id: I12145735e7a88f156d30e15621a9fe12e18abecf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3890990 Commit-Queue: Jakob Linke <jgruber@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by:
Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#83127}
-
- 10 Sep, 2022 3 commits
-
-
Frank Tang authored
Not passing null object but passing undefined while calling ToTemporalDate() Bug: v8:11544 Change-Id: I9376c32f306b000980d37bf233ffef3e83baf706 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3885352 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by:
Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#83124}
-
Frank Tang authored
Add TimeHourMinuteBasicFormatNotAmbiguousWithMonthDay TimeZoneNumericUTCOffsetNotAmbiguousWithDayOfMonth TimeZoneNumericUTCOffsetNotAmbiguousWithMonth TimeZoneIdentifier, UnpaddedHour, TimeZoneIANALegacyName productions. Sync the spec of TemporalInstantString, TemporalTimeString TimeZone, TimeZoneBracketedAnnotation, TemporalTimeZoneString, ToTemporalTimeZone, TimeZoneIANAName productions. Fix bug in ScanCalendarDateTimeTimeRequired, ToTemporalTimeZone Change name from Handle<String> to Handle<Object> to hold undefined Update parser tests accordingly. Spec Text: https://tc39.es/proposal-temporal/#sec-temporal-iso8601grammar https://tc39.es/proposal-temporal/#sec-temporal-totemporaltimezone Related PR changes: https://github.com/tc39/proposal-temporal/pull/2284 https://github.com/tc39/proposal-temporal/pull/2287 https://github.com/tc39/proposal-temporal/pull/2345 Bug: v8:11544 Change-Id: I6f1a5e5dedba461db9f36abe76fa97119c1f8c2c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3822342Reviewed-by:
Shu-yu Guo <syg@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#83123}
-
Shu-yu Guo authored
This reverts commit 0a1f0e33. Reason for revert: JetStream regressions: https://bugs.chromium.org/p/chromium/issues/detail?id=1362212 Original change's description: > [strings] Fix raw hash lookup for forwarded strings > > Raw hashes may need to be looked up via the forwarding table when > internalized strings are forwarded to external resources. Notably, the > megamorphic ICs were not correctly fetching the raw hash. > > Bug: v8:12007 > Change-Id: Ibbc75de57e707788f544fbd1a0f8f0041350e29d > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3885379 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Shu-yu Guo <syg@chromium.org> > Reviewed-by: Patrick Thier <pthier@chromium.org> > Cr-Commit-Position: refs/heads/main@{#83115} Bug: v8:12007 Change-Id: I64853d55ea32b04b3325377c0c1affd0c1a27c6e No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3887949 Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Auto-Submit: Shu-yu Guo <syg@chromium.org> Owners-Override: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#83121}
-
- 09 Sep, 2022 9 commits
-
-
Marja Hölttä authored
With everything related to map transitions, RAB/GSAB typed array elements kinds should behave exactly like non-RAB/GSAB typed array elements kinds. Bug: chromium:1360736, v8:11111 Change-Id: Ie5cef928a25856f0c476653275066b49dfee6e41 Fixed: chromium:1360736 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3879497Reviewed-by:
Shu-yu Guo <syg@chromium.org> Auto-Submit: Marja Hölttä <marja@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#83119}
-
Shu-yu Guo authored
Bug: v8:12547 Change-Id: I6e48ac252361b3f3b495d2feaa5ad4e708e78eb9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3888379 Auto-Submit: Shu-yu Guo <syg@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Reviewed-by:
Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#83118}
-
Shu-yu Guo authored
Raw hashes may need to be looked up via the forwarding table when internalized strings are forwarded to external resources. Notably, the megamorphic ICs were not correctly fetching the raw hash. Bug: v8:12007 Change-Id: Ibbc75de57e707788f544fbd1a0f8f0041350e29d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3885379Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Reviewed-by:
Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/main@{#83115}
-
Al Muthanna Athamina authored
Bug: v8:13269 Change-Id: Icb8b83b5f4695a9739d10d15936f4fead3b35ad1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3886865Reviewed-by:
Michael Achenbach <machenbach@chromium.org> Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> Cr-Commit-Position: refs/heads/main@{#83114}
-
Matthias Liedtke authored
This reverts commit 49c59678. Reason for revert: The change is suspected to be breaking chromium's determinism test: https://ci.chromium.org/ui/p/chromium/builders/ci/Deterministic%20Linux/35003/overview Original change's description: > [sandbox] Fold V8_SANDBOXED_EXTERNAL_POINTERS into V8_ENABLE_SANDBOX > > Now that all external pointers have been sandboxed, > V8_SANDBOXED_EXTERNAL_POINTERS is no longer needed. This change also > shrinks external pointer slots to 32 bits when the sandbox is enabled. > > Bug: v8:10391 > Change-Id: Iccbef27ac107b988cb23fe9ef66da6fe0bae087a > Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3869269 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> > Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Commit-Queue: Samuel Groß <saelo@chromium.org> > Cr-Commit-Position: refs/heads/main@{#83083} Bug: v8:10391 Change-Id: I515ba771aa21f58b752a3a5b36b4deb2abc5f9c0 Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3886870 Commit-Queue: Matthias Liedtke <mliedtke@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Owners-Override: Matthias Liedtke <mliedtke@chromium.org> Cr-Commit-Position: refs/heads/main@{#83111}
-
Ting Chou authored
Storing with E64 when SEW=32 has EMUL=2, which copies |n| 64 bit wide data to the result double array already. Besides, accessing v1 when EMUL=2 is reserved. R=yahan@iscas.ac.cn Change-Id: I0870d53c36b642529cab753409f52016d79219b8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3878442 Commit-Queue: Yahan Lu <yahan@iscas.ac.cn> Reviewed-by:
Yahan Lu <yahan@iscas.ac.cn> Cr-Commit-Position: refs/heads/main@{#83110}
-
Ting Chou authored
32-bit values are held in a sign-extended format in 64-bit registers. Which the vaule 0x856AF894 becomes 0xFFFFFFFF856AF894 and failed equality comparison with lwu's result 0x00000000856AF894. XOR the result with 0xFFFFFFFF00000000 before comparison. R=yahan@iscas.ac.cn Change-Id: I4d225ff653070022023ac7f10257ad0c30c24e5b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3881601 Commit-Queue: Yahan Lu <yahan@iscas.ac.cn> Reviewed-by:
Yahan Lu <yahan@iscas.ac.cn> Cr-Commit-Position: refs/heads/main@{#83109}
-
Victor Gomes authored
Bug: v8:12445 Change-Id: Iec07b49986a6ceff3842b55af24d375149930a91 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3885877 Auto-Submit: Victor Gomes <victorgomes@chromium.org> Reviewed-by:
Almothana Athamneh <almuthanna@chromium.org> Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> Cr-Commit-Position: refs/heads/main@{#83099}
-
Frank Tang authored
Bug: v8:11544 Change-Id: I23435db7f625ee35f560fd84ee98d481081fb5ff Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3868513 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by:
Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#83092}
-