Rolling v8/build: 536c882..d4924be
Rolling v8/buildtools: 6f9b470..88e9a29
Rolling v8/buildtools/third_party/libc++abi/trunk: 671803f..e4b161d
Rolling v8/buildtools/third_party/libunwind/trunk: 83f8edb..5f26300
Rolling v8/third_party/aemu-linux-x64: JV2fBSeIQc_xaqKsVDvLIvDmvx2ejeL-Y75N37PloLMC..6VzMt4Yj2cR2686nGtmYD_6idAkR2f0lTHjpGAYPr1oC
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/77a7089..ebf22ea
Rolling v8/third_party/depot_tools: c4e2b36..52b4510
Rolling v8/third_party/googletest/src: 0134d73..2f80c2b
Rolling v8/third_party/jinja2: 6ac5f7e..6db8da1
Rolling v8/tools/clang: f1ab49b..6002926
Rolling v8/tools/luci-go: git_revision:a5735121c6339dee9b1b3644535e230744daaac9..git_revision:24b519169c7848dbeae2dba04698c41666388a45
Rolling v8/tools/luci-go: git_revision:a5735121c6339dee9b1b3644535e230744daaac9..git_revision:24b519169c7848dbeae2dba04698c41666388a45
Rolling v8/tools/luci-go: git_revision:a5735121c6339dee9b1b3644535e230744daaac9..git_revision:24b519169c7848dbeae2dba04698c41666388a45
TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com
Change-Id: I3cb55842d72cf0e8bd892f0cce24ebd5c8465cbc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3111616
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#76416}
Consider reading the internal node pointer instead of the actual pointer
when trying to figure out whether a node needs to be destroyed. This
preserves the non-atomiticity of the actual pointer which highlights
races using TSAN while fixing destruction.
Bug: chromium:1239081
Change-Id: I1d1fa29d40d86e4b156269abc90142ee71a8d8f4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3110199
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76415}
This reverts commit 6ae18c2d3c.
Reason for revert: breaks a bunch of tests on Mac arm64 bots:
https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Mac%20-%20arm64%20-%20release/5754/overviewhttps://ci.chromium.org/ui/p/v8/builders/ci/V8%20Mac%20-%20arm64%20-%20debug/2421/overview
Original change's description:
> [wasm] Move write scope out of NativeModule::AddCode
>
> {NativeModule::AddCode} is a central method that should usually be
> called in batches, where the caller holds a {CodeSpaceWriteScope} for a
> longer time (over several compilations).
> This CL moves us closer to that by removing the scope from that central
> method and instead putting it in callers where it becomes more visible.
> There are already TODOs to introduce caching or batching to avoid some
> switching, and one more TODO is added.
>
> Drive-by: Remove an unneeded {CodeSpaceMemoryModificationScope}.
>
> R=jkummerow@chromium.org
>
> Bug: v8:11974
> Change-Id: Ia13c601abc766e5fca6ca053bf1fc4d647b53ed0
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3098186
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#76344}
Bug: v8:11974
Change-Id: Ia6a6814f153f7602d5d691bc5c930601ff4622a7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3111268
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76414}
End of an era https://www.youtube.com/watch?v=jbf9ZYi8eac
Change-Id: I64eb201a9073df55564a3ba38ac5511974485c08
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3103316
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Auto-Submit: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76412}
Avoids emitting scopes when not even running. This can be a problem for
metrics computation which may recursively invoke
EnsureSweepingCompleted() when starting marking even though the sweeper
is guaranteed to be not running at this point.
Bug: chromium:1211795
Change-Id: I8d7692f4e8c640f38d3c52df5c111fff4f06df9e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3109674
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76411}
Add infra-staging flag to test runner
which adds the no-fail flag. This will
be used to see the accuracy of numfuzz
builders when we ignore exit code 1.
Bug: v8:11826
Change-Id: I6684331efe9c801d02716d94cb16e8ba816d9c68
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3110196
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76409}
Port 6a487504ed
Original Commit Message:
This is a reland of faf2208a0b
Changes since revert:
- Fix arm64 codegen for full pointer mode
Original change's description:
> [compiler] Support acq/rel accesses and atomic accesses on tagged
>
> This CL adds an AtomicMemoryOrder parameter to the various atomic load
> and store operators. Currently only acquire release (kAcqRel) and
> sequentially consistent (kSeqCst) orders are supported.
>
> Additionally, atomic loads and stores are extended to work with tagged
> values.
>
> This CL is a pre-requisite for supporting atomic accesses in Torque,
> which is in turn a pre-requisite for prototyping shared strings.
>
> Bug: v8:11995
> Change-Id: Ic77d2640e2dc7e5581b1211a054c93210c219355
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3101765
> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
> Reviewed-by: Zhi An Ng <zhin@chromium.org>
> Commit-Queue: Shu-yu Guo <syg@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#76393}
R=syg@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N
Change-Id: I859320f1e752a8e79a0855ecad8651c635092f46
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3108289
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/main@{#76407}
The heap snapshot view in the dev tools reports some incorrect retaining
paths involving weak references from relocation data in Code objects.
This change updates IndexedReferencesExtractor::VisitEmbeddedPointer to
better match the behavior in MarkingVisitorBase.
Drive-by cleanup: ObjectVisitor::VisitRelocInfo needn't be virtual
because there's only one implementation.
Bug: v8:12126
Change-Id: I669a7408e7a46e797b8c2b372235b4ea42ee22e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3107214
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#76406}
Combining parts in a balanced-binary-tree like order allows us to
use fast multiplication algorithms.
Bug: v8:11515
Change-Id: I6829929671770f009f10f6f3b383501fede476ab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3049079
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76404}
The skipped tests have been flaking on the last
ten runs on V8 NumFuzz - debug.
Bug: v8:11826
Change-Id: I925c8e581b34c1b08fb295856278e506b8d62f26
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3103305
Auto-Submit: Almothana Athamneh <almuthanna@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76403}
Port 3107220: Reland "[compiler] Support acq/rel accesses and atomic accesses on tagged" | 3107220
Change-Id: I190f6b62458b0abe193ca7f5ea9d6912117439fe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3108945
Reviewed-by: Ji Qiu <qiuji@iscas.ac.cn>
Commit-Queue: Ji Qiu <qiuji@iscas.ac.cn>
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#76400}
This is a reland of faf2208a0b
Changes since revert:
- Fix arm64 codegen for full pointer mode
Original change's description:
> [compiler] Support acq/rel accesses and atomic accesses on tagged
>
> This CL adds an AtomicMemoryOrder parameter to the various atomic load
> and store operators. Currently only acquire release (kAcqRel) and
> sequentially consistent (kSeqCst) orders are supported.
>
> Additionally, atomic loads and stores are extended to work with tagged
> values.
>
> This CL is a pre-requisite for supporting atomic accesses in Torque,
> which is in turn a pre-requisite for prototyping shared strings.
>
> Bug: v8:11995
> Change-Id: Ic77d2640e2dc7e5581b1211a054c93210c219355
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3101765
> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
> Reviewed-by: Zhi An Ng <zhin@chromium.org>
> Commit-Queue: Shu-yu Guo <syg@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#76393}
Bug: v8:11995
Change-Id: I23577486334fec6b08fb3a2f5be1f6e5e16db11b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3107220
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76399}
Whenever we are adding a new AddressRegion to the CodeMap, we first
remove all overlapping regions. The logic to check for overlapping
region is incomplete. For example, if all existing regions are less than
the region to be added, we incorrectly remove all regions, effectively
deleting all JITCodeEntry we have constructed.
We extract this overlapping check into a helper function, so that we can
unittest this without worrying about JITCodeEvent functionality, and also
without dealing with V8 internals (like Isolate and SFI).
The overlapping logic is rather hard to understand, has many special
cases, it will probably be much easier to just loop through all the
entries, rather than using lower_bound. Ideally, we can refactor this to
use some sort of sweep-line algorithm. Hopefully the unittests catch the
most obvious cases.
Bug: v8:11908
Change-Id: Id96975599ac59974185c3dbf64cdfceb17e98d18
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3105381
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76397}
This reverts commit faf2208a0b.
Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20-%20arm64%20-%20sim%20-%20pointer%20compression/10870/overview
Original change's description:
> [compiler] Support acq/rel accesses and atomic accesses on tagged
>
> This CL adds an AtomicMemoryOrder parameter to the various atomic load
> and store operators. Currently only acquire release (kAcqRel) and
> sequentially consistent (kSeqCst) orders are supported.
>
> Additionally, atomic loads and stores are extended to work with tagged
> values.
>
> This CL is a pre-requisite for supporting atomic accesses in Torque,
> which is in turn a pre-requisite for prototyping shared strings.
>
> Bug: v8:11995
> Change-Id: Ic77d2640e2dc7e5581b1211a054c93210c219355
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3101765
> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
> Reviewed-by: Zhi An Ng <zhin@chromium.org>
> Commit-Queue: Shu-yu Guo <syg@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#76393}
Bug: v8:11995
Change-Id: Id9936672f9e96c509b1cdf866de1ac5303996945
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3107229
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#76394}
This CL adds an AtomicMemoryOrder parameter to the various atomic load
and store operators. Currently only acquire release (kAcqRel) and
sequentially consistent (kSeqCst) orders are supported.
Additionally, atomic loads and stores are extended to work with tagged
values.
This CL is a pre-requisite for supporting atomic accesses in Torque,
which is in turn a pre-requisite for prototyping shared strings.
Bug: v8:11995
Change-Id: Ic77d2640e2dc7e5581b1211a054c93210c219355
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3101765
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76393}
- Introduce helper to push arguments onto the stack (Standalone this
change doesn't make a lot of sense, but is in preparation for including
the receiver in argc).
- Introduce helper to shift arguments already on the stack to make room
for new arguments (Varargs).
- arm64 is not included because a) there was already a helper similar
to ShiftArguments and b) PushArguments is not similar enough to make
sense for arm64 because of small differences (e.g. also pushing the
function) in conjunction with stack alignment.
Drive-by: Use masm DropArguments in Sparkplug EmitReturn
Bug: v8:11112
Change-Id: Id7a3a5f025abb19e2a52dae27b3b484fe87e9faf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3097275
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76392}
It must be possible to determine an object's size on the heap without
relying on the presence of any other objects. Specifically, if an
object and its WasmTypeInfo die at the same time, they can be swept
in any order, and the sweeper may need to know their sizes.
This patch solves the problem by repurposing two bytes in the Map,
where WasmStructs can store their instance size, and WasmArrays can
store their element size (which can be used to compute their size).
Fixed: chromium:1240670
Change-Id: Ib960fd0a409936aff1aef4daafed4c38b8497880
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3106649
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76391}
Passing directories to fopen is not a defined behaviour in C/C++.
A new test case added by https://crrev.com/c/3098189 is trying to
import directories which is expected to fail.
Test however is not passing on some platforms including on S390 Linux
as `fopen` is successful, size gets set to 0 and a (non-existent)
empty file gets returned.
This CL uses `stat` to make sure the path is valid and is
not a directory.
Change-Id: Ibcc762b21145d2198cba07953387a31f39f59300
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3102346
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#76389}
Some of the Array benchmarks were unintentionally spending a lot of
time on Number-to-String conversions. This patch avoids that, by
computing the dynamically-created strings only once.
Bug: chromium:1240981
Change-Id: If10826813d555398b45c22c958dee27e17f35d3c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3106747
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76387}
.. and decrease the include-ball size.
Change-Id: Id35358a6882156f6684475b7f0b0193f8ca5eaf5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3103313
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76386}
Operator::kEliminatable has the unfortunate consequence that depending
on surrounding code, the allocating builtin call could get scheduled
before the max length check, causing a crash instead of a trap.
Fixed: chromium:1239954
Change-Id: Ice2e3e4f67e8fce44a886c0079e0e31f124c02b0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3103315
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76385}
Functions CopyAndConvertArrayToCppBufferInt32 and
CopyAndConvertArrayToCppBufferFloat64 used by specializations of
template functions TryCopyAndConvertArrayToCppBuffer were
removed with https://chromium-review.googlesource.com/c/v8/v8/+/3056988.
Bug: v8:11739
Change-Id: I495b8878780adb7d2274cc733c7d4c5938171eb7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3095651
Commit-Queue: Paolo Severini <paolosev@microsoft.com>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76384}
This fix consists of 2 parts:
a) Fix async hooks:
- Allow initialising the promise hook properties
- Do not call async hooks if we're overflowing the stack
b) Avoid some more recursion when reporting the stack trace
Bug: chromium:1240723
Change-Id: Icedfc8b48655bacc3f79591944e3869b85f1c4de
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3103321
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76383}
HAS_PROGRESS_BAR is set after page initialization at which point all
flags are assumed to be immutable while a GC is running.
Separating out the progress bar from flags allows setting it lazily at
allocation time.
Bug: v8:11915
Change-Id: I48a877e0e80d583d7a0fadef2546fc70417806e7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3085268
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76382}
The JSRegExp heap object should not be the source of truth for regexp
flags, which are also relevant in places that don't need or want to
care about the heap object layout (e.g.: the regexp parser).
Introduce RegExpFlags as a new source of truth, and base everything
else on these flags.
As a first change, remove the js-regexp.h dependency from the regexp
parser. Other files in src/regexp/ should be updated in follow-up
work.
Change-Id: Id9a6706c7f09e93f743b08b647b211d0cb0b9c76
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3103306
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76379}
This reverts commit edcc8ff5b5.
Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Blink%20Linux%20Debug/10806/overview
A prefinalizer is creating a WeakMember from a raw pointer to a dead object for checking whether it is in a set.
Original change's description:
> cppgc: Enable checks for assignments in prefinalizers
>
> Bug: v8:11749
> Change-Id: Ic027f732030fb6a2befeffeca9db2eacfd0830a5
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3099953
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Omer Katz <omerkatz@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#76370}
Bug: v8:11749
Change-Id: I0c90f232df9ae363f05f8b9ba26c2a7eede8a269
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3106646
Auto-Submit: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#76377}
The NumFuzz fuzzers need to make use of this flag to ignore
Mjsunit exceptions and other exceptions. The flag ignores
the exit code 1.
R=clemensb@chromium.org
R=cbruni@chromium.org
Bug: v8:11826
Change-Id: Ic0878078edec7292e43cdb18dd6fb32f7bbad12c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3103310
Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76376}
S10 is a Callee save register and be used in scratch_list.
In cctest, could use scratch but not does't go through the JSEntry function that can save callee save reg. So cctest could be crashed due to using s10.
Bug: v8:12124
Change-Id: I62c3582ad490681d5efb24e8bfe0884006d42e66
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3103425
Reviewed-by: Ji Qiu <qiuji@iscas.ac.cn>
Commit-Queue: Ji Qiu <qiuji@iscas.ac.cn>
Auto-Submit: Yahan Lu <yahan@iscas.ac.cn>
Cr-Commit-Position: refs/heads/main@{#76375}
liftoff-assembler-ia32.h can now use it. TurboFan ia32 doesn't use it
because it generates different instruction codes (movlps, movhps).
Bug: v8:11589
Change-Id: I07540814acff2d8ea48e06d1e00023d80b276a3d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3095009
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76373}
Move optimized implementation (accounts for AVX2) into
shared-macro-assembler, and use it everywhere.
Drive-by fix in liftoff-assembler-ia32.h to use Movss and Movsd
macro-assembler functions to that they emit AVX when supported.
Bug: v8:11589
Change-Id: Ibc4f2709d323d5b835bcac175a32b422d47d3355
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3095008
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76372}
This adds the option to list disallowed flags for differential
fuzzing directly in the harness. Flags that can crash in smoke
tests shoule be added there.
No-Try: true
Bug: chromium:1240812
Change-Id: I57c772bedeac0ca6ba023c6b4929515b4b0e6cca
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3103314
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76369}
This is probably a latent bug, but since we didn't have a test that used
'--gdbjit', our fuzzers weren't testing this code path.
Bug: chromium:1240714
Change-Id: I6225e17b60d3a7a73a9c5502fde315207b8e721a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3101265
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76368}
After building V8 using Clang (./out/x64.release/v8_build_config.json
says that "is_clang" is true), I could reproduce the referenced bug
report locally. Replacing the getMinutes() calls with getUTCMinutes()
calls fixed the test failure.
Signed-off-by: Darshan Sen <raisinten@gmail.com>
Bug: v8:11200
Change-Id: Ia36be481f2c8728380d550ead856ef8e51b1069c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3093362
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76367}
