This is required by the register allocator.
Bug: v8:11796
Change-Id: I714576fdd89487b88e5c412fe0d2981eb39210d8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2756538
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74725}
Following up on https://crrev.com/c/1946349, this moves the blocklist to
the ScopeInfo instead of storing it directly on the DebugEvaluate
contexts. This is not the final state that we're looking for, but a
small step along the way.
Bug: chromium:1027475, v8:9938, chromium:1072939
Change-Id: I529f2fcacaf057a1236847bf0eb8e12cc1686515
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2910774
Reviewed-by: Simon Zünd <szuend@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74724}
CallWithArrayLike was optimized in TF only for 'arguments' in inlined
functions. Here we add logic to optimize also in non inlined functions,
enabling the rewriting of Function.prototype.apply(f, [1, 2, 3])
as f(1, 2, 3).
Bug: v8:9974
Change-Id: Icc9ccfc2276f75d06755176b55e7a02ddfdb04ed
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2805623
Commit-Queue: Paolo Severini <paolosev@microsoft.com>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74723}
This is a reland of 2c096b539e
Relanding as-is. Reason for reland: was speculatively reverted.
Original change's description:
> [codegen] Add TSAN support for tagged stores in generated code
>
> Mimics the kArchStoreWithWriteBarrier store in generated code by having
> a relaxed store to the same address, with the same value. This is done
> in order for TSAN to see these stores from generated code.
>
> Since it is done only for kArchStoreWithWriteBarrier TSAN will see
> tagged stores only.
>
> Bug: v8:7790, v8:11600
>
> Change-Id: I275dd46f5556b3a095c416adc03f2f0ac5bde41c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2848470
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74568}
Bug: v8:7790
Bug: v8:11600
Change-Id: Id1616a0f65b56cb96ca2ffd25d6ef51d0e7230da
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2914874
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74721}
In WasmCapiCallWrappers, the address is passed in a register instead
of as an immediate, so we reduced 3 instructions to load the address
to t9;
before: lui + ori + dsll + ori;
after: mov;
Port: 54d84cf385
Bug: v8:11774
Change-Id: I423e54216ff65f1c12128c2b26443e1838b68003
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2914771
Auto-Submit: Liu yu <liuyu@loongson.cn>
Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn>
Cr-Commit-Position: refs/heads/master@{#74720}
.. for ObjectData creation.
Bug: v8:7790
Change-Id: I45ca3d8f404862752c2a9c7e7dc983d8f509624a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2909861
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74719}
No-try: true
Bug: v8:5861
Change-Id: I7d09d796788abeced5cae86ff52c052efc0fa456
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2912789
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74718}
Bug: v8:11805
Change-Id: Ieb366a45ef0bdb69a64b4e3cc7b0715d7617141d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2912592
Auto-Submit: Georg Neis <neis@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74716}
Register allocator experienced some issues with multiple nodes for
the same parameter, which occurred in a few cases running turboprop.
This CL adds caching of Parameter nodes in BytecodeGraphBuilder such
that there exists only one node for each parameter index.
Bug: v8:11796
Change-Id: I90be5438f43368510ec4c317fa532c92a446e76a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2910314
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74715}
... and use the generated WasmObject instance type range for data refs
checks.
Bug: v8:11804
Change-Id: I855ff76404ff7e3ca919dabec238d35cb39c0baf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2910784
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74713}
This adds a new status file indicator "HEAVY" to mark tests with high
resource demands. There will be other tests running in parallel,
but only a limited number of other heavy tests. The limit is
controlled with a new parameter --max-heavy-tests and defaults to 1.
The change also marks a variety of tests as heavy that recently had
flaky timeouts. Heavy also implies slow, hence heavy tests are
executed at the beginning with a higher timeout like other slow tests.
The implementation is encapsulated in the test-processor chain. A
new processor buffers heavy tests in a queue and adds buffered tests
only if other heavy tests have ended their computation.
Bug: v8:5861
Change-Id: I89648ad0030271a3a5af588ecc9c43285b728d6d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2905767
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74712}
They have been disabled for some time and are superseeded by lazy
feedback vector allocation.
Change-Id: Iafc3989b0c1f866ce7d6295d9b13ccaa5ef1c115
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2905609
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74711}
Additional changes:
- Clean up liftoff implementation of br_on_*.
- Bundle operations everywhere based on operation rather than type.
- Remove reference argument from WASM_BR_ON_* macros, to bring them in
sync with WASM_BR_ON_CAST.
- Add missing function decoding unittests for br_on_*.
Bug: v8:7748
Change-Id: I5f5ebfac5b50b5a9a201acb435344d7471326242
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2909857
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74709}
Existing tests already exercise KeyedStoreIC; this CL makes them
take the fast path instead of the slow path.
Bug: v8:11111
Change-Id: I13b84650ae37abe1a8a46d53c9a9b7104bed31de
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2910315
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74706}
Generating C++ source files is very cumbersome using raw ostreams. This
CL introduces a few classes und the torque::cpp namespace that build an
abstraction of printing/formatting C++ source code (mostly functions for
now).
This is an initial implementation with a limited set of features and
uses. Landing features incrementally shall avoid huge CLs (+reviews) and
complex rebasing.
Bug: v8:7793
Change-Id: I3ae869755156175c7b37ea9f649e2f9c431ce3a3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2784688
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Seth Brenith <seth.brenith@microsoft.com>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74705}
These don't improve codegen and are unecessary overhead.
BUG=v8:9684
Change-Id: I2feb1c1200eb0c347f4a21be5444b6a15924e6de
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2903162
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74704}
Trivial follow up fix for https://crrev.com/c/1946349 which fixes the
call to length on a half-initialized ScopeInfo. ScopeInfo::length()
looks at the uninitialized fields (i.e. in case of ScopeInfo for module
scopes) and would thus crash.
Bug: chromium:1027475, v8:9938, chromium:1072939
Change-Id: I7e4e81edfbbde25063ab40b8e7807fd70625a8a3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2910773
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74703}
This CL adds vector splat byte, word and halfword to
codegen, disassembler and the simulator.
It also optimizes a number of Simd opcodes by using
the added instructions as well as VSX splat immediate (xxspltib).
Change-Id: I2c4eba33e81542f901d7cdc669c50b510e48c4c8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2909525
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#74701}
Continuing the cleanups and using the tags rather than synchronized_
in the name of the accessors.
Bug: v8:7790
Change-Id: I3fe942b1decae3b248f8662547d793777acd0e8d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2897096
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74700}
This also removes small TODOs that are not worth tracking in a bug
Change-Id: If61acd1239ac90a908327694b280846b1f676c25
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2909859
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74698}
A shared heap will not have a young generation in the beginning.
Bug: v8:11708
Change-Id: I947ddb91a23a72a8cee3aa3e554723dda8146011
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2891569
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74697}
Calling Heap::Print in GC is not safe because the function tries
to print the stack and may allocate.
Change-Id: I48fe29863076792657e2184c52d355821375f969
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2835239
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74695}
The old code was relying on identical alignment of both the source and
the destination of the Relaxed_Memcpy. This is not always given, thus
check for alignment of both.
R=mlippautz@chromium.org
Bug: chromium:1208782, v8:11704
Change-Id: Ic5dca3a5f0ecaea0df6eb123105520bd7785853c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2905611
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74694}
Used include-what-you-use [1] to clean up cppgc API headers. The tool
does somewhat work but requires some cleanup afterwards as it cannot
nicely deal with `v8config.h` and the defines it generates.
[1] https://github.com/include-what-you-use/include-what-you-use/
Bug: chromium:1056170
Change-Id: I7b03797c615f8e033510fc959bbdb792d8b7a4ee
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2907612
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74693}
Also make the output more helpful in the error case.
Bug: v8:11724
Change-Id: Ibb8bd328f936f3d4f847ba7e14adf9c30b9460f0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2903158
Auto-Submit: Georg Neis <neis@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74691}
With this CL, V8 adds an internal field to the WebAssembly Table object
that is sent to DevTools to also show table entries. As WebAssembly
Tables get initialized lazily, V8 only shows the name of the function
instead of the function object itself.
Screenshot before change: https://imgur.com/a/XFvy3lA
Screenshot after change: https://imgur.com/kT84kstR=kimanh@chromium.org
Change-Id: I56a0b07785ff3484f1447419fe39ae5ec3f93247
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2897097
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74690}
This is a reland of 8f39a58586
Changes compared to original:
Change the type of arguments of WASM_I32V from byte to int for MSVC
compatibility.
Original change's description:
> [wasm-gc] Implement br_on_cast_fail
>
> Bug: v8:7748
> Change-Id: I7894ad51ccf8ac41a5081c272a583a4ff25c1835
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2900225
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74652}
Bug: v8:7748
Change-Id: I39f39ff6979382f5618683a8e7754f56df4ec9e3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2905599
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74689}
gcc may throw the following compilation error if UNREACHABLE
is used within a constexpr function:
```
error: call to non-'constexpr' function
'void V8_Fatal(const char*, ...)'
```
Bug: v8:11420
Change-Id: I7f8237d00ba1a5d9bd778d45eb833b89cbe8eb24
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2906032
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74688}
This fixes a compile error if webassembly is disabled. It was introduced
in https://crrev.com/c/2902731.
R=cbruni@chromium.org
Cq-Include-Trybots: luci.v8.try:v8_linux64_no_wasm_compile_rel
Change-Id: Icf12b22d54dbd4710130e0f2b56c44f42ac86424
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2905602
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74687}
Rolling v8/build: 4036cf1..d3e8244
Rolling v8/buildtools: 20b1d0f..b9af93e
Rolling v8/third_party/aemu-linux-x64: -Sz2gSN_5yVSHDlitjxUlmZpHuz-F2kFDW6TnmggCZoC..uDQJbkoDWGwLYtnDu3A7LnRVwsKkaFQkUWtChrVO_hYC
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/c1e1d55..7da48e9
Rolling v8/third_party/depot_tools: 6b0a611..51e3708
Rolling v8/third_party/google_benchmark/src: 7d0d906..e539e80
Rolling v8/tools/luci-go: git_revision:22d464e2f8f3bd2bd33f69fe819326d63f881008..git_revision:9cd9603def7a649cd3e29517180d6622be2fa898
Rolling v8/tools/luci-go: git_revision:22d464e2f8f3bd2bd33f69fe819326d63f881008..git_revision:9cd9603def7a649cd3e29517180d6622be2fa898
Rolling v8/tools/luci-go: git_revision:22d464e2f8f3bd2bd33f69fe819326d63f881008..git_revision:9cd9603def7a649cd3e29517180d6622be2fa898
TBR=v8-waterfall-sheriff@grotations.appspotmail.com
Change-Id: Ia80861e8b13e2b9c57916f1ac0a55fca6bb50227
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2908255
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#74686}
This reverts commit 5ef4e14fb8.
Reason for revert: Seems to be causing a lot of flakes
e.g., https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64/42913
Original change's description:
> [heap] Replace usages of CollectionRequested with SafepointRequested
>
> CollectionRequested was used exclusively on the main thread when a
> background thread requested a GC. The main thread never used
> SafepointRequested at any time. Now with the shared GC we might need to
> stop multiple isolates in a safepoint in the future. In such a situation
> we would need to use SafepointRequested also on the main thread.
>
> This CL prepares V8 for this situation by using SafepointRequested
> instead of CollectionRequested and friends on the main thread. The slow
> path of Safepoint(), Park() and Unpark() will check in the future
> whether the main thread needs to halt for a shared GC or needs to
> perform a local GC. At the moment, simply performing the local GC is
> still enough.
>
> Bug: v8:11708
> Change-Id: I819b6f7db8251074a4adf8b554e0a1393c76f7da
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2891834
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74673}
Bug: v8:11708
Change-Id: I51c51e68110e83f729bd43ef62eef1396aa0cb96
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2906913
Auto-Submit: Francis McCabe <fgm@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#74684}
Refactoring ScopeInfo::ContextSlotIndex so it accepts a pointer to
LookupResult instead of references to the individual arguments.
Change-Id: I52bc7800f14e790bd4788c213ab0eff2354ab20e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2900837
Commit-Queue: Luis Fernando Pardo Sixtos <lpardosixtos@microsoft.com>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74683}
We used to recompile WasmCapiCallWrappers whenever they were
needed, but never garbage-collected them, which caused a memory
leak when many short-lived instances of the same module were
created. This patch makes the wrappers cacheable and caches them,
which avoids both repeated compilation effort and the unbounded
memory growth.
Drive-by cleanup: unify WasmCapiFunctionData with the other
Wasm*FunctionData classes by making it inherit from WasmFunctionData.
Bug: v8:11774
Change-Id: Ia0c0d76be2938dc7bebfdc845f4a1cfeafef4a70
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2905605
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74682}
When adding new instances to the WeakArrayList of a script's
instances, use Append() instead of AddToEnd() to allow possible
compaction of the WAL.
Also, check for interrupt requests every now and then, which
allows incremental marking to get finalized when appropriate.
Bug: v8:11774
Change-Id: I8be959a78d8ef370f65e8f9849f48e34c9691a13
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2905603
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74681}
Attempting to trace object stats ran into an UNREACHABLE because
the FieldStatsCollector didn't override VisitMapPointer.
Change-Id: I38f2739c204e462e5a35f2a7ca6e0f100161b240
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2905604
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74679}
This is a reland of 4a037f871e
Changes compared to original change: None. This seems not to create
problems after all.
Original change's description:
> [wasm][bug] Fix a couple of bugs in validation of unreachable code
>
> Changes:
> - SetBlockType now instantiates the block's start merge with values of
> the correct type in unreachable code.
> - EnsureStackArguments now keeps the existing stack values and moves
> them over the new bottom values.
> - Drop stack size validation in Drop().
> - Add new tests in unreachable-validation.js.
>
> Change-Id: Ie68b3d9abb0a41d1623d4a123fb526e71941c4e7
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2902733
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74650}
Change-Id: Id620f7fb6677b772b0dcfd38108256384db44439
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2905598
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74677}
