- 27 Jun, 2019 17 commits
-
-
Hannes Payer authored
Bug: chromium:966832 Change-Id: If705f3b3a58f1fa316499fb7f645751fd1e6f8a3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1679507 Commit-Queue: Hannes Payer <hpayer@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#62415}
-
Dan Elphick authored
If --stress-lazy-source-positions is enabled then always collect source positions after lazy compilation to try and flush out bytecode mismatch bugs. Bug: v8:8510 Change-Id: I895611c9fde2c4743d62951674277973def01d3c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1679502 Commit-Queue: Dan Elphick <delphick@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Auto-Submit: Dan Elphick <delphick@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#62414}
-
Igor Sheludko authored
... and add getters with Isolate parameter. Bug: v8:9353, v8:9396 Change-Id: Iab1e4652859f0a8922af6243bac3caee0888df63 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1679503Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#62413}
-
Santiago Aboy Solanes authored
In https://chromium-review.googlesource.com/c/v8/v8/+/1621941 we added missing representation changes. By changing the return to an assignation, we forgot to include the (now needed) else. Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng Bug: v8:7703 Change-Id: Ibc54a24ea4430fd43d70251ef1a44ef15c06aa46 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678659Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#62412}
-
Dan Elphick authored
Second attempt to reland 69fafb5f now that the maybe_assigned bug is fixed. > Original change's description: > Enable lazy source positions by default > > Also adds a compile time flag which allows the default to be configured > so node can disable it since it hangs the node cpu profiler tests. > > Bug: v8:8510 > Change-Id: Idf4785036dc6242769410091518a67ac9179b718 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1491491 > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Commit-Queue: Dan Elphick <delphick@chromium.org> > Cr-Commit-Position: refs/heads/master@{#62089} Bug: v8:8510 Change-Id: Ia6d5d1d3a3c2b6a14c70ee67b02bec62a6a1a1d4 Cq-Include-Trybots: luci.v8.try:v8_linux_gc_stress_dbg, v8_linux64_gc_stress_custom_snapshot_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1679498 Commit-Queue: Dan Elphick <delphick@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#62411}
-
Clemens Hammacher authored
Additionally to the baseline compilation time, do also measure the time it takes to tier up to TurboFan. Since the {AsyncCompileJob} will be gone after baseline compilation, the timing has to be done via a separate callback, which will survive until after top-tier compilation. R=ahaas@chromium.org CC=jwd@chromium.org Bug: chromium:978425 Change-Id: I7914173191c8a7a2aeb47343973d4034010047a4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678362 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#62410}
-
Andreas Haas authored
With recent spec changes (I think in the bulk memory proposal), WebAssembly instances exist and can be used even when instantiation itself fails. Therefore the order of checks and assignents during instantiation may matter. That's why I move the table import after the checks of the import in this CL. Note that I'm not aware that this is a problem yet. I think in the worst case this CL has no effect. In the best case it helps. R=clemensh@chromium.org Bug: v8:9396 Change-Id: I83998ff98bded443b3f015cee778fa29a3374534 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678656Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#62409}
-
Zhang, Shiyu authored
The localeCompare for ASCII chars needs to expand the string contents from one-byte representation into two-byte representation, which requires memory copy. This CL skips the representation conversion by using compareUTF8. It can improve the JetStream2 cdjs case by 21% on my machine. Change-Id: I3841dc700e36744aadd9a1ff9fa7d93c84dc04fd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1624705 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#62408}
-
Leszek Swirski authored
If there was an assignment to a maybe-shadowing dynamic variable, then the shadowing variable would be marked maybe_assigned, but the maybe-shadowed variable would stay unchanged. This meant that in non-shadowing cases, the not-actually-shadowed variable would have the wrong maybe_assigned state, and e.g. would break context specialization. This patch pessimistically unconditionally sets maybe_assigned on variables shadowed by a dynamic variable in a `with` scope. This marking can cause false positives and sub-optimal optimization for some functions with 'with' blocks, but it's also the simplest fix for this issue which doesn't affect performance in the common case of no 'with' blocks. Bug: v8:9394 Change-Id: I6924bd7d48dda61232aa9d72c39df1c76c665c67 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678365 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#62407}
-
Michael Achenbach authored
NOTRY=true TBR=tmrts@chromium.org Bug: chromium:978771 Change-Id: I997d212344af2e3940d5220349485685ba04040c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678360Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#62406}
-
Sigurd Schneider authored
This reverts commit a8fccd95. Reason for revert: We'd need to investigate on a range of hardware generations to assess if this is a good change; in general new hardware (intel 9th gen / amd ryzen) seems to be happier with xchg, while older hardware is not happy with xchg. Original change's description: > [codegen] Swap using xchgq rather than three movq on x64 > > R=sigurds@chromium.org > > Change-Id: Icd6e66b9bb23ca0dbf9fc5fe5c737a0bc3056a89 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678359 > Auto-Submit: Thibaud Michaud <thibaudm@chromium.org> > Reviewed-by: Sigurd Schneider <sigurds@chromium.org> > Commit-Queue: Sigurd Schneider <sigurds@chromium.org> > Cr-Commit-Position: refs/heads/master@{#62386} TBR=sigurds@chromium.org,thibaudm@chromium.org Change-Id: I8dc84d0899e6cbeccbca2cc557da9fb97c8d4bc8 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1679495Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#62405}
-
Thibaud Michaud authored
This reverts commit c1ea574e. Reason for revert: We'd need to investigate on a range of hardware generations to assess if this is a good change; in general new hardware (intel 9th gen / amd ryzen) seems to be happier with xchg, while older hardware is not happy with xchg. Original change's description: > [codegen] Use xchg instead of push/pop for swap > > R=sigurds@chromium.org > > Change-Id: Id22a44fa15827d5c076496d872fe3be7da360b5e > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678356 > Auto-Submit: Thibaud Michaud <thibaudm@chromium.org> > Reviewed-by: Sigurd Schneider <sigurds@chromium.org> > Commit-Queue: Sigurd Schneider <sigurds@chromium.org> > Cr-Commit-Position: refs/heads/master@{#62383} TBR=sigurds@chromium.org,thibaudm@chromium.org Change-Id: Ieecbbc21fa7094fdfd190b266f6d8486ee8611b8 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1679494Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#62404}
-
Jaroslav Sevcik authored
We also introduce a subclass of AbstractBytecodeArray to allow access to the off-heap copy of bytecode array from the bytecode iterator. Note that not all bytecode iterators have been converted to iterate the off-heap copy; in particular, bytecode analysis still iterates the on-heap bytecode array. Bug: v8:7790 Change-Id: Icc1b0adb5f63d7cfe94286311f64f209067bbfd5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1672931 Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#62403}
-
Z Nguyen-Huu authored
ObjectSetPrototypeOf and ReflectSetPrototypeOf are now Torque builtins (previously CPP) and the Proxy path is implemented completely in Torque while everything else calls into runtime (and is thus a bit slower than previously). Perf improvement in micro-benchmark JSTests/Proxies Before: SetPrototypeOfWithoutTrap-Proxies(Score): 120 SetPrototypeOfWithTrap-Proxies(Score): 112 After: SetPrototypeOfWithoutTrap-Proxies(Score): 131 SetPrototypeOfWithTrap-Proxies(Score): 127 Bug: v8:6664 Change-Id: I630096e1964c91d1ec39e19f380a2e9e948de4bb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1669787 Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#62402}
-
Yang Guo authored
This is a reland of 8de427fa Original change's description: > [debugger] Expose reference to the function in debug-evaluate > > R=verwaest@chromium.org > > Bug: chromium:878723 > Change-Id: Ic07f75f15230018b6d19cd1ee21f4be6dcad6360 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1667408 > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Commit-Queue: Yang Guo <yangguo@chromium.org> > Cr-Commit-Position: refs/heads/master@{#62385} TBR=jgruber@chromium.org Bug: chromium:878723 Change-Id: I0386655a9b2632d2d9438e674d4205ce5e5365f5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1679490Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#62401}
-
Nico Hartmann authored
Bug: v8:9400 Change-Id: I98123cba0c81d5a7437d0ad08cfac1b3a366bc0e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678357Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#62400}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/fa4e56c..deba8b5 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/304e510..d16c410 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/2cfafaf..788d9e0 TBR=machenbach@chromium.org,sergiyb@chromium.org,tmrts@chromium.org Change-Id: Ib9f322499b6d3253beb951467fefa1b38cac59fe Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1679668Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#62399}
-
- 26 Jun, 2019 23 commits
-
-
Michael Achenbach authored
NOTRY=true TBR=tmrts@chromium.org Change-Id: I2529fde85060571d0fd73e81e384948ef4cbd880 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678662Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#62398}
-
Jakob Kummerow authored
Just the low-hanging fruit. There is more to do. Bug: v8:2487 Change-Id: Ia9afa32797960f6c4c7c4fa0f39c70efc63663e6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1669698Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#62397}
-
Harley Li authored
Bug: chromium:967927 Change-Id: Id84f8ebd1ecbad1b3d1fc41ec5d35a497e1ce506 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649174 Commit-Queue: Harley Li <hhli@chromium.org> Reviewed-by: Alexei Filippov <alph@chromium.org> Cr-Commit-Position: refs/heads/master@{#62396}
-
Francis McCabe authored
This reverts commit 8de427fa. Reason for revert: Seems to be causing GC memory issues: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20nosnap%20-%20debug/24545 But, also see: https://chromium.googlesource.com/v8/v8.git/+/7440edae1da2b78a37e6fe3a558e249dc33444aa Original change's description: > [debugger] Expose reference to the function in debug-evaluate > > R=verwaest@chromium.org > > Bug: chromium:878723 > Change-Id: Ic07f75f15230018b6d19cd1ee21f4be6dcad6360 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1667408 > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Commit-Queue: Yang Guo <yangguo@chromium.org> > Cr-Commit-Position: refs/heads/master@{#62385} TBR=yangguo@chromium.org,jgruber@chromium.org,verwaest@chromium.org Change-Id: I099f7b2f40e8afdddc50201a8929950b2f4ac1e2 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:878723 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678401Reviewed-by: Francis McCabe <fgm@chromium.org> Commit-Queue: Francis McCabe <fgm@chromium.org> Cr-Commit-Position: refs/heads/master@{#62395}
-
Georg Schmid authored
[objects] Migrate kHoleNanInt64 unboxed doubles to uninitialized values during boilerplate serialization Boilerplate values may possess an unboxed double field filled with the kHoleNan64Int sentinel value, which indicates that the field is uninitialized. When a boilerplate value migrates away from the unboxed double representation to a tagged one, we should replace the sentinel value by the proper uninitialized oddball value. This fixes an issue with JSCreateLowering::AllocateFastLiteral not detecting const stores of uninitialized values properly. R=bmeurer@chromium.org, jarin@chromium.org Bug: chromium:976598 Change-Id: I6bb216c0618a3105e6c8cfc04b1900d2f83a52ce Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1674034Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Georg Schmid <gsps@google.com> Cr-Commit-Position: refs/heads/master@{#62394}
-
Z Nguyen-Huu authored
According to spec https://tc39.es/ecma262/#sec-object.preventextensions, the commit 8e0ef9b9 is missing the last step when object is proxy, it needs to return the object. var proxy = new Proxy({}, {}); var object = Object.preventExtensions(proxy); proxy === object; // should be true Also, add mjsunit test. Bug: v8:6664 Change-Id: Ic3688519539f8903ee0bc7e885905a86d195a4db Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1668443 Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com> Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#62393}
-
Irina Yatsenko authored
Bug: chromium:977893 Change-Id: Ibd4be9b9ce13bcb8aca4b6ac6d7a1c56a01e39d9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1676606Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Irina Yatsenko <irinayat@microsoft.com> Cr-Commit-Position: refs/heads/master@{#62392}
-
Igor Sheludko authored
Bug: v8:9353 Change-Id: I740b2987da1719af6c3d4a6471e7f047801cfd5b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678368Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#62391}
-
Andreas Haas authored
This makes the code easier to read, and will also be helpful for the extension to multiple indirect function tables. R=clemensh@chromium.org Bug: v8:9396 Change-Id: Idba143611e13f6b6cfc0e9d6c6f380ee3566db80 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678476 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#62390}
-
Johannes Henkel authored
... when building inspector objects. This is useful in Chromium, when recording the initiator information for navigations. See https://chromium-review.googlesource.com/c/chromium/src/+/1674885 Change-Id: Ib9ddcaf05586ca1f48a31921a20ab11a703ec7b0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1677381Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Alexei Filippov <alph@chromium.org> Commit-Queue: Johannes Henkel <johannes@chromium.org> Cr-Commit-Position: refs/heads/master@{#62389}
-
Sigurd Schneider authored
Also show constant for ArchNops that encode assigning from a constant. Change-Id: I84590005dda62ebf445aada57f826f5ffcd5a802 Bug: v8:7327 Notry: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1672943 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Daniel Clifford <danno@chromium.org> Cr-Commit-Position: refs/heads/master@{#62388}
-
Clemens Hammacher authored
For float to int conversions and vice versa the MacroAssembler on x64 was using a mix of AVX and non-AVX instructions. This CL fixes that to consistently use AVX if available. R=jkummerow@chromium.org Change-Id: I3aecda9b99881254b24949ced5bed870fdc2a754 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678361Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#62387}
-
Thibaud Michaud authored
R=sigurds@chromium.org Change-Id: Icd6e66b9bb23ca0dbf9fc5fe5c737a0bc3056a89 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678359 Auto-Submit: Thibaud Michaud <thibaudm@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#62386}
-
Yang Guo authored
R=verwaest@chromium.org Bug: chromium:878723 Change-Id: Ic07f75f15230018b6d19cd1ee21f4be6dcad6360 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1667408Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#62385}
-
Junliang Yan authored
Offset adjustment on misaligned loads causes offset to be overflow. This fixes it by using ldx if the new offset overflows. Change-Id: Ib0fd339c127b70d5cbc9096b54480eb4355e753c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678396 Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com> Auto-Submit: Junliang Yan <jyan@ca.ibm.com> Reviewed-by: Milad Farazmand <miladfar@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#62384}
-
Thibaud Michaud authored
R=sigurds@chromium.org Change-Id: Id22a44fa15827d5c076496d872fe3be7da360b5e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678356 Auto-Submit: Thibaud Michaud <thibaudm@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#62383}
-
Mike Stanton authored
We only need to save the native context scope info object to properly brokerize promise call reductions, rather than adding the field to each ContextRef. Bug: v8:7790 Change-Id: Id13dc8505972123cf77a50573c816c9a913686e3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678416Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#62382}
-
Nico Hartmann authored
This is a reland of 5ff38bae Original change's description: > [TurboFan] Fast path for JSAdd with BigInt feedback > > This CL introduces the necessary infrastructure to generate speculative > BigInt operations in case of BigInt feedback. In particular, the JSAdd > operator is lowered to a speculative call to the BigIntAdd builtin, > with a deopt bailout in case of exceptions or violated assumptions. > > Bug: v8:9213 > Change-Id: I05796336eef9a4389fc31d59cad2d69f75512647 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1657916 > Commit-Queue: Nico Hartmann <nicohartmann@google.com> > Reviewed-by: Georg Neis <neis@chromium.org> > Reviewed-by: Sigurd Schneider <sigurds@chromium.org> > Cr-Commit-Position: refs/heads/master@{#62362} Bug: v8:9213 Change-Id: Ic0caf7aab2103b8f5e22a504427e8604cc894d75 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1677209Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Nico Hartmann <nicohartmann@google.com> Cr-Commit-Position: refs/heads/master@{#62381}
-
Igor Sheludko authored
... instead of [Maybe]ObjectSlot. Bug: v8:9353 Change-Id: I9747da70895e459882a83d06cc20a13b8519e500 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1678196Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#62380}
-
Junliang Yan authored
Bug: v8:9355 Change-Id: I42a683f9480435499e603083e844a47150ae57c8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1676244Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Alexei Filippov <alph@chromium.org> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#62379}
-
Igor Sheludko authored
When concurrent marking is on then normal stores to tagged fields must be relaxed stores. Bug: v8:9396 Change-Id: Id1189a6c7df5ae8e9e5dc4dad653d35bdd109c5e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1677207Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#62378}
-
Leszek Swirski authored
Deprecated maps might not be updated before being passed to PrepareForDataProperty. If the target map is a dictionary map, then adding the data property can fail. As a drive-by, remove the dead ForTransitionHandler code, which was another (potentially unsafe) caller of PrepareForDataProperty Bug: chromium:977012 Change-Id: I894bbc9bca2001555474a3570eb03fe6b0f69ddd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1674029 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#62377}
-
Jakob Gruber authored
There's no reason to use the API RegExp type instead of the internal JSRegExp type. In fact, the parsed flags end up in Runtime_CreateRegExpLiteral, which assumes them to be of type JSRegExp::Flags. Drive-by: Additional asserts and helper functions in JSRegExp. Bug: v8:9359 Change-Id: I5c12aba7d4e39a4891fb23d8b47c55fc480a28d9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1667004Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#62376}
-