- 26 Jan, 2021 1 commit
-
-
Shu-yu Guo authored
This CL implements the upcoming spec change: https://github.com/tc39/proposal-regexp-match-indices/pull/49 A new JSRegExpResultWithIndices subclass is introduced with a separate map and an extra slot for storing the indices. If /d is passed, exec() constructs a JSRegExpResultWithIndices and eagerly builds indices. The existing re-execution logic is removed. Bug: v8:9548 Change-Id: Ic11853e7521017af5e8bd583c7b82bb672821132 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2616873 Commit-Queue: Shu-yu Guo <syg@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#72306}
-
- 20 Jan, 2021 1 commit
-
-
Jakob Gruber authored
This reflects the actual contents of the type, which is an offset into the bytecode (or certain marker values). Historically, in the days of FCG the bailout id used to refer to node ids - this is why certain tracing output still calls the bailout id 'node id' and 'ast id'. These spots will be fixed in a follow-up CL. This change is mechanical: git grep -l BailoutId | while read f; do \ sed -i 's/BailoutId/BytecodeOffset/g' $f; done With a manual component of updating the DeoptimizationData method name from 'BytecodeOffset' to 'GetBytecodeOffset'. Bug: v8:11332 Change-Id: I956b947a480bf52263159c0eb1e895360bcbe6d2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2639754 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#72189}
-
- 19 Jan, 2021 1 commit
-
-
Sathya Gunasekaran authored
`last` indicates that it's the last element of the list but in reality this supposed to indicate the previous entry in the list. Rename this to something more clearer. Change-Id: I26c9a1fca02cf6b10d0447768da694d590a43932 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2637229Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#72167}
-
- 30 Nov, 2020 1 commit
-
-
Seth Brenith authored
ScopeInfo objects generally start with three fields: flags, parameter count, and local variable count. But a single read-only ScopeInfo instance has none of those fields. This is the empty ScopeInfo, which is used for contexts that don't correspond to any scope (the native context and contexts for builtin functions). Since there is only ever a single instance of the empty ScopeInfo, the memory savings of omitting these fields is trivial, and we can simplify logic somewhat by including them. Rather than checking for length to be zero, this change introduces a new flag indicating that a ScopeInfo instance is the empty one. On its own, this change doesn't provide a whole lot of value. However, it sets us up for two further improvements, which are consistent with the goals outlined in [1]: 1. We should fully describe ScopeInfo fields in Torque. Getting rid of the requirement to check for emptiness would substantially simplify the indexed field expressions. 2. ScopeInfo shouldn't inherit from FixedArray, and shouldn't begin with a `length` field when the length can be computed from the other fields. This would save a small amount of heap memory and avoid any possibility of a mismatch between the two ways of computing the length. [1] https://docs.google.com/document/d/1tiGK7_lubxPHnInI2vscUwMHfadn8gIEa1apmI8HxR4/edit#heading=h.n63k76b3zfwa Bug: v8:8952 Change-Id: I018127698a5d91fb2a91684bc3aec2e27ee27c41 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2561598Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/master@{#71500}
-
- 20 Nov, 2020 1 commit
-
-
Leszek Swirski authored
Because of LocalHeap safepoints, our existing assert scopes don't necessarily maintain the same guarantees as desired. In particular, DisallowHeapAllocation no longer guarantees that objects don't move. This patch transitions DisallowHeapAllocation to DisallowGarbageCollection, to ensure that code using this scope is also protected against safepoints. Change-Id: I0411425884f6849982611205fb17bb072881c722 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2540547 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#71319}
-
- 06 Nov, 2020 1 commit
-
-
Zhi An Ng authored
Bug: v8:11074 Change-Id: I7b34b6a647bf9ad317bdb97a344739302f892957 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2519184Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#70997}
-
- 30 Oct, 2020 1 commit
-
-
Martin Bidlingmaier authored
This commit adds the 'l' (linear) RegExp flag (as in e.g. /asdf|123/l) that forces execution in linear time. These regexps are handled by the experimental engine. If the experimental engine cannot handle the pattern, an exception is thrown on creation of the regexp. The commit also adds a new global V8 flag and changes an existing one: * --enable-experimental-engine, which turns on recognition of the RegExp 'l' flag. Previously this flag also caused all supported regexps to be executed by the experimental engine; this is not the case anymore. * --default-to-experimental-regexp-engine takes over the previous semantics of --enable-experimental-regexp-engine: We execute all supported regexps with the experimental engine. Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel_ng Bug: v8:10765 Change-Id: I5622a89b19404105e8be280d454e9fdd63c003b3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2461244Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Simon Zünd <szuend@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Martin Bidlingmaier <mbid@google.com> Cr-Commit-Position: refs/heads/master@{#70892}
-
- 06 Aug, 2020 1 commit
-
-
Leszek Swirski authored
Changes the isolate's string table into an off-heap structure. This allows the string table to be resized without allocating on the V8 heap, and potentially triggering a GC. This allows existing strings to be inserted into the string table without requiring allocation. This has two important benefits: 1) It allows the deserializer to insert strings directly into the string table, rather than having to defer string insertion until deserialization completes. 2) It simplifies the concurrent string table lookup to allow resizing the table inside the write lock, therefore eliminating the race where two concurrent lookups could both resize the table. The off-heap string table has the following properties: 1) The general hashmap behaviour matches the HashTable, i.e. open addressing, power-of-two sized, quadratic probing. This could, of course, now be changed. 2) The empty and deleted sentinels are changed to Smi 0 and 1, respectively, to make those comparisons a bit cheaper and not require roots access. 3) When the HashTable is resized, the old elements array is kept alive in a linked list of previous arrays, so that concurrent lookups don't lose the data they're accessing. This linked list is cleared by the GC, as then we know that all threads are in a safepoint. 4) The GC treats the hash table entries as weak roots, and only walks them for non-live reference clearing and for evacuation. 5) Since there is no longer a FixedArray to serialize for the startup snapshot, there is now a custom serialization of the string table, and the string table root is considered unserializable during weak root iteration. As a bonus, the custom serialization is more efficient, as it skips non-string entries. As a drive-by, rename LookupStringExists_NoAllocate to TryStringToIndexOrLookupExisting, to make it clearer that it returns a non-string for the case when the string is an array index. As another drive-by, extract StringSet into a separate header. Bug: v8:10729 Change-Id: I9c990fb2d74d1fe222920408670974a70e969bca Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2339104 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#69270}
-
- 22 Jun, 2020 1 commit
-
-
Dan Elphick authored
This changes black/white list to block/allow list. Bug: v8:10619 Change-Id: Id55d72f90891670ca57b62dfeb6b3251025927dc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2257228Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Cr-Commit-Position: refs/heads/master@{#68464}
-
- 10 Jun, 2020 1 commit
-
-
Victor Gomes authored
Change-Id: I3a624b9cb164dd4a49606f311f71ea0115afe30a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2238572 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#68296}
-
- 14 Apr, 2020 1 commit
-
-
Andreas Haas authored
When memory.grow was executed concurrently on multiple threads a data race could happen such that two memory.grow operations result in the same return value. With this CL the return value of memory.grow is unique, given that memory.grow actually grows the memory. As a concrete example, assume a shared WebAssembly memory initially has a size of 100. Assume two threads call memory.grow concurrently with a parameter `10`. Then with the existing code, memory would grow correctly to a size of 120, but the data race may cause both memory.grow operations to return 100. With the change in this CL one memory.grow operation would return 100, the other would return 110. R=gdeepti@chromium.org CC=rreverser@google.com Bug: chromium:1067621 Change-Id: Ib22b5135714a56799e0818ccb39e5dce327e5f8e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2144113Reviewed-by: Ben Smith <binji@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#67135}
-
- 09 Mar, 2020 1 commit
-
-
Dan Elphick authored
String::NewFromLiteral is a templated function that takes a char[N] argument that can be used as an alternative to String::NewFromUtf8 and returns a Local<String> rather than a MaybeLocal<String> reducing the number of ToLocalChecked() or other checks. Since the string length is known at compile time, it can statically assert that the length is less than String::kMaxLength, which means that it can never fail at runtime. This also converts all found uses of NewFromUtf8 taking a string literal or a variable initialized from a string literal to use the new API. In some cases the types of stored string literals are changed from const char* to const char[] to ensure the size is retained. This API does introduce a small difference compared to NewFromUtf8. For a case like "abc\0def", NewFromUtf8 (using length -1 to infer length) would treat this as a 3 character string, whereas the new API will treat it as a 7 character string. As a drive-by fix, this also fixes all redundant uses of v8::NewStringType::kNormal when passed to any of the String::New* functions. Change-Id: Id96a44bc068d9c4eaa634aea688e024675a0e5b3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2089935 Commit-Queue: Dan Elphick <delphick@chromium.org> Reviewed-by: Mathias Bynens <mathias@chromium.org> Reviewed-by: Mythri Alle <mythria@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#66622}
-
- 22 Jan, 2020 4 commits
-
-
Clemens Backes authored
This flag was used for IndexedDB support. Last uses in chrome were removed in https://crrev.com/c/2013046, hence the API method can be deprecated. Also remove deserializer tests that were disabled by default or just test that random bytes (from the deserializer's perspective) fail to decode. R=adamk@chromium.org Bug: v8:10146 Change-Id: I8596849c3b51ab1c60272a49ff3fdaa0946452bf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2013104 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#65931}
-
Clemens Backes authored
Both the API wrapper as well as the internal object are named "WasmModuleObject". This CL renames the object type check from "IsWebAssemblyCompiledModule" to "IsWasmModuleObject" to be consistent. R=adamk@chromium.org Bug: v8:10021 Change-Id: I6d5814421f38bc5f5bd73a492ff4a36f552ff763 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2013109Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#65930}
-
Clemens Backes authored
Serialization of WasmModuleObject was our first implementation for postMessage, and was used for IndexedDB. IndexedDB support is removed since a long time, and postMessage works by just messaging an identifier and reusing the underlying NativeModule when receiving this. Thus the logic to serialize the actual code is unused, and thus should be removed together with all tests. R=ahaas@chromium.org Bug: v8:10146 Change-Id: I599296736dabd486c45ced2b6e5996e490fa40c8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2013110Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#65922}
-
Clemens Backes authored
This API was used for IndexedDB support and for transferring modules by serializing and deserializing (before we were sharing code between isolates). Last uses were removed in https://crrev.com/c/1847366, thus this whole API is unused by now. This CL deprecates the API and refactors tests to use the internal APIs instead. R=adamk@chromium.org Bug: v8:10146 Change-Id: I838039b4be7ea4eebe6769f31f48e51e7bcd4645 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2006090 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#65908}
-
- 08 Jan, 2020 1 commit
-
-
Dominik Inführ authored
So far creating scripts always grew the script_list without ever reusing cleared slots or shrinking. While this is probably not a problem with script_list in practice, this is still a memory leak. Fix this leak by using WeakArrayList::Append instead of AddToEnd. Append adds to the end of the array, but potentially compacts and shrinks the list as well. Other WeakArrayLists can use this method as well, as long as they are not using indices into this array. Bug: v8:10031 Change-Id: If743c4cc3f8d67ab735522f0ded038b2fb43e437 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1967385 Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#65640}
-
- 09 Dec, 2019 1 commit
-
-
Simon Zünd authored
This CL is a prepatory step towards moving the stack locals blacklist from the DebugEvaluateContext to the respective {ScopeInfo} objects. The locals blacklist is used during local debug evaluate to decide whether a context lookup can advance the context chain upwards, or if lookup needs to stop at the current scope. This CL also introduces a "Recreate" static helper method, that allows an existing ScopeInfo to be cloned, but with a locals blacklist attached. This will be needed since blacklists are only created on-demand during debugging. R=leszeks@chromium.org Bug: chromium:1027475, v8:9938 Change-Id: I673dbc99ce9fdc84cb5cda3f9710ba2b76ab92ee Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1946349 Commit-Queue: Simon Zünd <szuend@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#65380}
-
- 29 Oct, 2019 1 commit
-
-
Andreas Haas authored
The new API with v8::BackingStore should be used instead as explained in https://docs.google.com/document/d/1sTc_jRL87Fu175Holm5SV0kajkseGl2r8ifGY76G35k This also relaxes the pre-condition for [Shared]ArrayBuffer::Detach to not require externalization first. Bug: v8:9380, v8:9908 Change-Id: Idd119fcd28be84a2fae74ae86f7381fd997766f5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1859628 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#64625}
-
- 11 Oct, 2019 2 commits
-
-
Seth Brenith authored
Design doc: https://docs.google.com/document/d/1ZU6rCvF2YHBGMLujWqqaxlPsjFfjKDE9C3-EugfdlAE/edit Changes from the design doc: - Changed to use 'class' declarations rather than 'type' declarations for things that need instance types but whose layout is not known to Torque. These declarations end with a semicolon rather than having a full set of methods and fields surrounded by {}. If the class's name should not be treated as a class name in generated output (because it's actually a template, or doesn't exist at all), we use the standard 'generates' clause to declare the most appropriate C++ class. - Removed @instanceTypeName. - @highestInstanceType became @highestInstanceTypeWithinParentClassRange to indicate a semantic change: it no longer denotes the highest instance type globally, but only within the range of values for its immediate parent class. This lets us use it for Oddball, which is expected to be the highest primitive type. - Added new abstract classes JSCustomElementsObject and JSSpecialObject to help with some range checks. - Added @lowestInstanceTypeWithinParentClassRange so we can move the new classes JSCustomElementsObject and JSSpecialObject to the beginning of the JSObject range. This seems like the least-brittle way to establish ranges that also include JSProxy (and these ranges are verified with static assertions in instance-type.h). - Renamed @instanceTypeValue to @apiExposedInstanceTypeValue. - Renamed @instanceTypeFlags to @reserveBitsInInstanceType. This change introduces the new annotations and adds the ability for Torque to assign instance types that satisfy those annotations. Torque now emits two new macros: - TORQUE_ASSIGNED_INSTANCE_TYPES, which is used to define the InstanceType enumeration - TORQUE_ASSIGNED_INSTANCE_TYPE_LIST, which replaces the non-String parts of INSTANCE_TYPE_LIST The design document mentions a couple of other macro lists that could easily be replaced, but I'd like to defer those to a subsequent checkin because this one is already pretty large. Bug: v8:7793 Change-Id: Ie71d93a9d5b610e62be0ffa3bb36180c3357a6e8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1757094 Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#64258}
-
Ulan Degenbaev authored
The backing store is now propagated to the constructors directly, instead of being attached after the construction. This ensures that the backing store is allocated before the array buffer so that we can trigger GCs on backing store allocation (if allocation fails). The only exception is builtin where we have to allocate the array buffer before the backing store to comply with the spec. Bug: v8:9380 Tbr: verwaest@chromium.org Change-Id: Ib37db65853f3673dd769368cc3e8b6538ad07ff2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1853444 Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#64240}
-
- 10 Oct, 2019 1 commit
-
-
Clemens Backes authored
The flag is enabled since M-70, and we do not use the previous behaviour anywhere. Hence, remove the flag and clean up some API code. In particular, the concept of {TransferrableModule} is not needed any more, we can just use {CompiledWasmModule}. R=mstarzinger@chromium.org, adamk@chromium.org Bug: v8:9810 Change-Id: I9b3aa4972277a9262b58da70b141e90d1de31f35 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1847366 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#64209}
-
- 27 Sep, 2019 3 commits
-
-
Mythri A authored
This is a reland of cfb10028 with a fix for failures in lite mode. Original change's description: > [compiler] Cache OSR optimized code > > With lazy feedback allocation, for functions that get OSRed we may > not have feedback for the initial part of the functions since feedback > vectors might be allocated after the function started executing. Hence > we would not be able to optimize the function on the next call. This > means we may have to OSR twice before we actually optimize function. > This cl introduces OSR cache, so we could reuse the optimized code. One > side effect of this cl is that the OSRed code won't be function context > specialized anymore. > > Bug: chromium:987523 > Change-Id: Ic1e2abca85ccfa0a66a0fa83f7247392cc1e7cb2 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796329 > Commit-Queue: Mythri Alle <mythria@chromium.org> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Cr-Commit-Position: refs/heads/master@{#64014} Bug: chromium:987523 Change-Id: I9c782242b07b24d15247533ab4ee044334b429ff TBR: rmcilroy@chromium.org Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1826898 Commit-Queue: Mythri Alle <mythria@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#64023}
-
Michael Achenbach authored
This reverts commit cfb10028. Reason for revert: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20arm%20-%20sim%20-%20lite/6483 Original change's description: > [compiler] Cache OSR optimized code > > With lazy feedback allocation, for functions that get OSRed we may > not have feedback for the initial part of the functions since feedback > vectors might be allocated after the function started executing. Hence > we would not be able to optimize the function on the next call. This > means we may have to OSR twice before we actually optimize function. > This cl introduces OSR cache, so we could reuse the optimized code. One > side effect of this cl is that the OSRed code won't be function context > specialized anymore. > > Bug: chromium:987523 > Change-Id: Ic1e2abca85ccfa0a66a0fa83f7247392cc1e7cb2 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796329 > Commit-Queue: Mythri Alle <mythria@chromium.org> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Cr-Commit-Position: refs/heads/master@{#64014} TBR=rmcilroy@chromium.org,neis@chromium.org,mythria@chromium.org Change-Id: Ib3692e7570bed5d3e88ca8a0247b185d70497a04 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:987523 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1826668Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#64015}
-
Mythri A authored
With lazy feedback allocation, for functions that get OSRed we may not have feedback for the initial part of the functions since feedback vectors might be allocated after the function started executing. Hence we would not be able to optimize the function on the next call. This means we may have to OSR twice before we actually optimize function. This cl introduces OSR cache, so we could reuse the optimized code. One side effect of this cl is that the OSRed code won't be function context specialized anymore. Bug: chromium:987523 Change-Id: Ic1e2abca85ccfa0a66a0fa83f7247392cc1e7cb2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1796329 Commit-Queue: Mythri Alle <mythria@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#64014}
-
- 19 Sep, 2019 1 commit
-
-
Ulan Degenbaev authored
This adds an additional V8 API to get the backing store of an array buffer. Unlike the existing API, the backing store comes wrapped in a std::shared_ptr, making lifetime management with the embedder explicit. This obviates the need for the old GetContents() and Externalize() APIs, which will be deprecated in a future CL. Contributed by titzer@chromium.org Bug: v8:9380 Change-Id: I8a87f5dc141dab684693fe536b636e33f6e45173 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1807354Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#63883}
-
- 09 Sep, 2019 1 commit
-
-
Ulan Degenbaev authored
This reverts commit 9da34831 Original change's description: > "Reland x4 [arraybuffer] Rearchitect backing store ownership" > > This is a reland of bc33f5ae > > Contributed by titzer@chromium.org > > Original change's description: > > [arraybuffer] Rearchitect backing store ownership > > > > This CL completely rearchitects the ownership of array buffer backing stores, > > consolidating ownership into a {BackingStore} C++ object that is tracked > > throughout V8 using unique_ptr and shared_ptr where appropriate. > > > > Overall, lifetime management is simpler and more explicit. The numerous > > ways that array buffers were initialized have been streamlined to one > > Attach() method on JSArrayBuffer. The array buffer tracker in the > > GC implementation now manages std::shared_ptr<BackingStore> pointers, > > and the construction and destruction of the BackingStore object itself > > handles the underlying page or embedder-allocated memory. > > > > The embedder API remains unchanged for now. We use the > > v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to > > keep the backing store alive properly, even in the case of aliases > > from live heap objects. Thus the embedder has a lower chance of making > > a mistake. Long-term, we should move the embedder to a model where they > > manage backing stores using shared_ptr to an opaque backing store object. > > TBR=yangguo@chromium.org > > BUG=v8:9380,v8:9221,chromium:986318 > > Change-Id: If671a4a9ca0476e8f084efae46e0d2bf99ed99ef > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1731005 > Commit-Queue: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Clemens Hammacher <clemensh@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#63041} TBR=yangguo@chromium.org Change-Id: I3cc4bb80081c662b1751234bc16a821c20e744be Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792166 Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#63617}
-
- 30 Aug, 2019 1 commit
-
-
Ulan Degenbaev authored
This reverts commit 62e16830. Reason for revert: it will be relanded after branch Original change's description: > Reland x5 [arraybuffer] Rearchitect backing store ownership > > This reverts commit 8fdb2387. > > Original change's description: > > "Reland x4 [arraybuffer] Rearchitect backing store ownership" > > > > This is a reland of bc33f5ae > > > > Contributed by titzer@chromium.org > > > > Original change's description: > > > [arraybuffer] Rearchitect backing store ownership > > > > > > This CL completely rearchitects the ownership of array buffer backing stores, > > > consolidating ownership into a {BackingStore} C++ object that is tracked > > > throughout V8 using unique_ptr and shared_ptr where appropriate. > > > > > > Overall, lifetime management is simpler and more explicit. The numerous > > > ways that array buffers were initialized have been streamlined to one > > > Attach() method on JSArrayBuffer. The array buffer tracker in the > > > GC implementation now manages std::shared_ptr<BackingStore> pointers, > > > and the construction and destruction of the BackingStore object itself > > > handles the underlying page or embedder-allocated memory. > > > > > > The embedder API remains unchanged for now. We use the > > > v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to > > > keep the backing store alive properly, even in the case of aliases > > > from live heap objects. Thus the embedder has a lower chance of making > > > a mistake. Long-term, we should move the embedder to a model where they > > > manage backing stores using shared_ptr to an opaque backing store object. > > > > TBR=yangguo@chromium.org > > > > BUG=v8:9380,v8:9221,chromium:986318 > > > > Change-Id: If671a4a9ca0476e8f084efae46e0d2bf99ed99ef > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1731005 > > Commit-Queue: Ulan Degenbaev <ulan@chromium.org> > > Reviewed-by: Clemens Hammacher <clemensh@chromium.org> > > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#63041} > > TBR=yangguo@chromium.org,clemensh@chromium.org,mstarzinger@chromium.org > > Change-Id: Iba55c7ab71e5642b5cb6aeb699d6fc9cf9061486 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771795 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Commit-Queue: Ulan Degenbaev <ulan@chromium.org> > Cr-Commit-Position: refs/heads/master@{#63461} TBR=ulan@chromium.org,mlippautz@chromium.org Change-Id: Id8f67a68ab398032eb2975b1b24ee125394d9c4b No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1776095Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#63471}
-
- 29 Aug, 2019 1 commit
-
-
Ulan Degenbaev authored
This reverts commit 8fdb2387. Original change's description: > "Reland x4 [arraybuffer] Rearchitect backing store ownership" > > This is a reland of bc33f5ae > > Contributed by titzer@chromium.org > > Original change's description: > > [arraybuffer] Rearchitect backing store ownership > > > > This CL completely rearchitects the ownership of array buffer backing stores, > > consolidating ownership into a {BackingStore} C++ object that is tracked > > throughout V8 using unique_ptr and shared_ptr where appropriate. > > > > Overall, lifetime management is simpler and more explicit. The numerous > > ways that array buffers were initialized have been streamlined to one > > Attach() method on JSArrayBuffer. The array buffer tracker in the > > GC implementation now manages std::shared_ptr<BackingStore> pointers, > > and the construction and destruction of the BackingStore object itself > > handles the underlying page or embedder-allocated memory. > > > > The embedder API remains unchanged for now. We use the > > v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to > > keep the backing store alive properly, even in the case of aliases > > from live heap objects. Thus the embedder has a lower chance of making > > a mistake. Long-term, we should move the embedder to a model where they > > manage backing stores using shared_ptr to an opaque backing store object. > > TBR=yangguo@chromium.org > > BUG=v8:9380,v8:9221,chromium:986318 > > Change-Id: If671a4a9ca0476e8f084efae46e0d2bf99ed99ef > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1731005 > Commit-Queue: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Clemens Hammacher <clemensh@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#63041} TBR=yangguo@chromium.org,clemensh@chromium.org,mstarzinger@chromium.org Change-Id: Iba55c7ab71e5642b5cb6aeb699d6fc9cf9061486 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771795Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#63461}
-
- 05 Aug, 2019 1 commit
-
-
Ulan Degenbaev authored
This reverts commit 5611f70b. Reason for revert: flaky tests: v8:9588, v8:9587 Original change's description: > "Reland x4 [arraybuffer] Rearchitect backing store ownership" > > This is a reland of bc33f5ae > > Contributed by titzer@chromium.org > > Original change's description: > > [arraybuffer] Rearchitect backing store ownership > > > > This CL completely rearchitects the ownership of array buffer backing stores, > > consolidating ownership into a {BackingStore} C++ object that is tracked > > throughout V8 using unique_ptr and shared_ptr where appropriate. > > > > Overall, lifetime management is simpler and more explicit. The numerous > > ways that array buffers were initialized have been streamlined to one > > Attach() method on JSArrayBuffer. The array buffer tracker in the > > GC implementation now manages std::shared_ptr<BackingStore> pointers, > > and the construction and destruction of the BackingStore object itself > > handles the underlying page or embedder-allocated memory. > > > > The embedder API remains unchanged for now. We use the > > v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to > > keep the backing store alive properly, even in the case of aliases > > from live heap objects. Thus the embedder has a lower chance of making > > a mistake. Long-term, we should move the embedder to a model where they > > manage backing stores using shared_ptr to an opaque backing store object. > > TBR=yangguo@chromium.org > > BUG=v8:9380,v8:9221,chromium:986318 > > Change-Id: If671a4a9ca0476e8f084efae46e0d2bf99ed99ef > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1731005 > Commit-Queue: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Clemens Hammacher <clemensh@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Cr-Commit-Position: refs/heads/master@{#63041} TBR=ulan@chromium.org,yangguo@chromium.org,mstarzinger@chromium.org,clemensh@chromium.org # Not skipping CQ checks because original CL landed > 1 day ago. Bug: v8:9380, v8:9221, chromium:986318 Change-Id: Ic7381239f4e90d0c437b7e47a5ac6e8bce60f882 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1736747Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#63081}
-
- 02 Aug, 2019 1 commit
-
-
Ulan Degenbaev authored
This is a reland of bc33f5ae Contributed by titzer@chromium.org Original change's description: > [arraybuffer] Rearchitect backing store ownership > > This CL completely rearchitects the ownership of array buffer backing stores, > consolidating ownership into a {BackingStore} C++ object that is tracked > throughout V8 using unique_ptr and shared_ptr where appropriate. > > Overall, lifetime management is simpler and more explicit. The numerous > ways that array buffers were initialized have been streamlined to one > Attach() method on JSArrayBuffer. The array buffer tracker in the > GC implementation now manages std::shared_ptr<BackingStore> pointers, > and the construction and destruction of the BackingStore object itself > handles the underlying page or embedder-allocated memory. > > The embedder API remains unchanged for now. We use the > v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to > keep the backing store alive properly, even in the case of aliases > from live heap objects. Thus the embedder has a lower chance of making > a mistake. Long-term, we should move the embedder to a model where they > manage backing stores using shared_ptr to an opaque backing store object. TBR=yangguo@chromium.org BUG=v8:9380,v8:9221,chromium:986318 Change-Id: If671a4a9ca0476e8f084efae46e0d2bf99ed99ef Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1731005 Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#63041}
-
- 31 Jul, 2019 2 commits
-
-
Francis McCabe authored
This reverts commit df8e6177. Reason for revert: Multiple flakes in apparently related areas: https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket.appspot.com/8906409837768155568/+/steps/Check__flakes_/0/logs/BackingStoreTest.RacyGrowWasmMem.../0 Original change's description: > "Reland x3 [arraybuffer] Rearchitect backing store ownership" > > This is a reland of bc33f5ae > > Original change's description: > > [arraybuffer] Rearchitect backing store ownership > > > > This CL completely rearchitects the ownership of array buffer backing stores, > > consolidating ownership into a {BackingStore} C++ object that is tracked > > throughout V8 using unique_ptr and shared_ptr where appropriate. > > > > Overall, lifetime management is simpler and more explicit. The numerous > > ways that array buffers were initialized have been streamlined to one > > Attach() method on JSArrayBuffer. The array buffer tracker in the > > GC implementation now manages std::shared_ptr<BackingStore> pointers, > > and the construction and destruction of the BackingStore object itself > > handles the underlying page or embedder-allocated memory. > > > > The embedder API remains unchanged for now. We use the > > v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to > > keep the backing store alive properly, even in the case of aliases > > from live heap objects. Thus the embedder has a lower chance of making > > a mistake. Long-term, we should move the embedder to a model where they > > manage backing stores using shared_ptr to an opaque backing store object. > > R=mlippautz@chromium.org > BUG=v8:9380,v8:9221,chromium:986318 > TBR=ulan@chromium.org > > Change-Id: I6c49e2425029b5664ef1c68dab8b5146f4ed0ff2 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1719191 > Reviewed-by: Ben Titzer <titzer@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Commit-Queue: Ben Titzer <titzer@chromium.org> > Cr-Commit-Position: refs/heads/master@{#63007} TBR=mstarzinger@chromium.org,titzer@chromium.org,mlippautz@chromium.org Change-Id: If0266e5893b1325a332d5986337fa7ece2cb6943 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:9380, v8:9221, chromium:986318 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1729549Reviewed-by: Francis McCabe <fgm@chromium.org> Commit-Queue: Francis McCabe <fgm@chromium.org> Cr-Commit-Position: refs/heads/master@{#63011}
-
Ben L. Titzer authored
This is a reland of bc33f5ae Original change's description: > [arraybuffer] Rearchitect backing store ownership > > This CL completely rearchitects the ownership of array buffer backing stores, > consolidating ownership into a {BackingStore} C++ object that is tracked > throughout V8 using unique_ptr and shared_ptr where appropriate. > > Overall, lifetime management is simpler and more explicit. The numerous > ways that array buffers were initialized have been streamlined to one > Attach() method on JSArrayBuffer. The array buffer tracker in the > GC implementation now manages std::shared_ptr<BackingStore> pointers, > and the construction and destruction of the BackingStore object itself > handles the underlying page or embedder-allocated memory. > > The embedder API remains unchanged for now. We use the > v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to > keep the backing store alive properly, even in the case of aliases > from live heap objects. Thus the embedder has a lower chance of making > a mistake. Long-term, we should move the embedder to a model where they > manage backing stores using shared_ptr to an opaque backing store object. R=mlippautz@chromium.org BUG=v8:9380,v8:9221,chromium:986318 TBR=ulan@chromium.org Change-Id: I6c49e2425029b5664ef1c68dab8b5146f4ed0ff2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1719191Reviewed-by: Ben Titzer <titzer@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#63007}
-
- 23 Jul, 2019 1 commit
-
-
Ben L. Titzer authored
This reverts commit 306cf403. Reason for revert: performance regressions / too near branch point TBR=mslekova@chromium.org BUG=v8:9380 Change-Id: If77630b73eafbf1190c823199fe2a34361da303f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1714867Reviewed-by: Ben Titzer <titzer@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#62867}
-
- 22 Jul, 2019 1 commit
-
-
Ben L. Titzer authored
This is a reland of bc33f5ae Original change's description: > Reland "[arraybuffer] Rearchitect backing store ownership" > > This is a reland of 31cd5d83 > > Original change's description: > > [arraybuffer] Rearchitect backing store ownership > > > > This CL completely rearchitects the ownership of array buffer backing stores, > > consolidating ownership into a {BackingStore} C++ object that is tracked > > throughout V8 using unique_ptr and shared_ptr where appropriate. > > > > Overall, lifetime management is simpler and more explicit. The numerous > > ways that array buffers were initialized have been streamlined to one > > Attach() method on JSArrayBuffer. The array buffer tracker in the > > GC implementation now manages std::shared_ptr<BackingStore> pointers, > > and the construction and destruction of the BackingStore object itself > > handles the underlying page or embedder-allocated memory. > > > > The embedder API remains unchanged for now. We use the > > v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to > > keep the backing store alive properly, even in the case of aliases > > from live heap objects. Thus the embedder has a lower chance of making > > a mistake. Long-term, we should move the embedder to a model where they > > manage backing stores using shared_ptr to an opaque backing store object. > > > > R=mlippautz@chromium.org > > BUG=v8:9380,v8:9221 > > > > Change-Id: I48fae5ac85dcf6172a83f252439e77e7c1a16ccd > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584323 > > Commit-Queue: Ben Titzer <titzer@chromium.org> > > Reviewed-by: Ben Titzer <titzer@chromium.org> > > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > > Reviewed-by: Yang Guo <yangguo@chromium.org> > > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#62572} > > Bug: v8:9380, v8:9221 > Change-Id: If3f72967a8ebeb067c0edcfc16ed631e36829dbc > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1691906 > Commit-Queue: Ben Titzer <titzer@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > Reviewed-by: Yang Guo <yangguo@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Cr-Commit-Position: refs/heads/master@{#62809} Bug: v8:9380, v8:9221 Change-Id: I9a2525753ae2424108d074fa81df5f25d945c824 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1709409 Commit-Queue: Ben Titzer <titzer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#62847}
-
- 18 Jul, 2019 2 commits
-
-
Clemens Hammacher authored
This reverts commit bc33f5ae. Reason for revert: Still failing (OOM on win32): https://ci.chromium.org/p/v8/builders/ci/V8%20Win32/22210 Original change's description: > Reland "[arraybuffer] Rearchitect backing store ownership" > > This is a reland of 31cd5d83 > > Original change's description: > > [arraybuffer] Rearchitect backing store ownership > > > > This CL completely rearchitects the ownership of array buffer backing stores, > > consolidating ownership into a {BackingStore} C++ object that is tracked > > throughout V8 using unique_ptr and shared_ptr where appropriate. > > > > Overall, lifetime management is simpler and more explicit. The numerous > > ways that array buffers were initialized have been streamlined to one > > Attach() method on JSArrayBuffer. The array buffer tracker in the > > GC implementation now manages std::shared_ptr<BackingStore> pointers, > > and the construction and destruction of the BackingStore object itself > > handles the underlying page or embedder-allocated memory. > > > > The embedder API remains unchanged for now. We use the > > v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to > > keep the backing store alive properly, even in the case of aliases > > from live heap objects. Thus the embedder has a lower chance of making > > a mistake. Long-term, we should move the embedder to a model where they > > manage backing stores using shared_ptr to an opaque backing store object. > > > > R=mlippautz@chromium.org > > BUG=v8:9380,v8:9221 > > > > Change-Id: I48fae5ac85dcf6172a83f252439e77e7c1a16ccd > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584323 > > Commit-Queue: Ben Titzer <titzer@chromium.org> > > Reviewed-by: Ben Titzer <titzer@chromium.org> > > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > > Reviewed-by: Yang Guo <yangguo@chromium.org> > > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#62572} > > Bug: v8:9380, v8:9221 > Change-Id: If3f72967a8ebeb067c0edcfc16ed631e36829dbc > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1691906 > Commit-Queue: Ben Titzer <titzer@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > Reviewed-by: Yang Guo <yangguo@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Cr-Commit-Position: refs/heads/master@{#62809} TBR=ulan@chromium.org,yangguo@chromium.org,mstarzinger@chromium.org,titzer@chromium.org,gdeepti@chromium.org,mlippautz@chromium.org Change-Id: Iea755df9aaa1e95d284135bd0a6681b1340b6832 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:9380, v8:9221 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1708487Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#62811}
-
Ben L. Titzer authored
This is a reland of 31cd5d83 Original change's description: > [arraybuffer] Rearchitect backing store ownership > > This CL completely rearchitects the ownership of array buffer backing stores, > consolidating ownership into a {BackingStore} C++ object that is tracked > throughout V8 using unique_ptr and shared_ptr where appropriate. > > Overall, lifetime management is simpler and more explicit. The numerous > ways that array buffers were initialized have been streamlined to one > Attach() method on JSArrayBuffer. The array buffer tracker in the > GC implementation now manages std::shared_ptr<BackingStore> pointers, > and the construction and destruction of the BackingStore object itself > handles the underlying page or embedder-allocated memory. > > The embedder API remains unchanged for now. We use the > v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to > keep the backing store alive properly, even in the case of aliases > from live heap objects. Thus the embedder has a lower chance of making > a mistake. Long-term, we should move the embedder to a model where they > manage backing stores using shared_ptr to an opaque backing store object. > > R=mlippautz@chromium.org > BUG=v8:9380,v8:9221 > > Change-Id: I48fae5ac85dcf6172a83f252439e77e7c1a16ccd > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584323 > Commit-Queue: Ben Titzer <titzer@chromium.org> > Reviewed-by: Ben Titzer <titzer@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Reviewed-by: Yang Guo <yangguo@chromium.org> > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Cr-Commit-Position: refs/heads/master@{#62572} Bug: v8:9380, v8:9221 Change-Id: If3f72967a8ebeb067c0edcfc16ed631e36829dbc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1691906 Commit-Queue: Ben Titzer <titzer@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#62809}
-
- 12 Jul, 2019 1 commit
-
-
Yutaka Hirano authored
This is a reland of https://crrev.com/c/v8/v8/+/1692366. The original change was reverted because it broke some blink tests. This will be landed after suppressing them: https://crrev.com/c/chromium/src/+/1695541 Make native errors serializable. The implementation is mostly straightforward, but there is one exception: the stack property. Although the property is not specified, the spec for error cloning asks us to preserve the property if possible. This implementation serializes the property only when it is a string, and otherwise ignores it. Spec: https://github.com/whatwg/html/pull/4665 Intent-to-Ship: https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/f8JngIi8qYs Bug: chromium:970079, v8:9462 Change-Id: Ibf012754f30237f6b5acf119ef834e73727a230f Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1695202 Auto-Submit: Yutaka Hirano <yhirano@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Reviewed-by: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#62659}
-
- 10 Jul, 2019 1 commit
-
-
Clemens Hammacher authored
This reverts commit 8f8ae4f8. Reason for revert: Still failing layout tests: https://ci.chromium.org/p/v8/builders/ci/V8-Blink%20Linux%2064/33036 Original change's description: > Reland: Serialize native errors > > This is a reland of https://crrev.com/c/v8/v8/+/1649257. The original > change was reverted because it conflicted with a blink-side serialization > tag. > > Make native errors serializable. > > The implementation is mostly straightforward, but there is one > exception: the stack property. Although the property is not specified, > the spec for error cloning asks us to preserve the property if > possible. This implementation serializes the property only when it is > a string, and otherwise ignores it. > > Spec: https://github.com/whatwg/html/pull/4665 > Intent-to-Ship: https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/f8JngIi8qYs > > Bug: chromium:970079 > Change-Id: Ic1ff07be2c5be415bfb564fa3975bc1a55a06a72 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692366 > Reviewed-by: Simon Zünd <szuend@chromium.org> > Commit-Queue: Yutaka Hirano <yhirano@chromium.org> > Cr-Commit-Position: refs/heads/master@{#62607} TBR=jbroman@chromium.org,yhirano@chromium.org,szuend@chromium.org Change-Id: Ia52b3e3997663fc293e9d217e5a56544b28d050d No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:970079 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1695462Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#62614}
-
- 09 Jul, 2019 1 commit
-
-
Yutaka Hirano authored
This is a reland of https://crrev.com/c/v8/v8/+/1649257. The original change was reverted because it conflicted with a blink-side serialization tag. Make native errors serializable. The implementation is mostly straightforward, but there is one exception: the stack property. Although the property is not specified, the spec for error cloning asks us to preserve the property if possible. This implementation serializes the property only when it is a string, and otherwise ignores it. Spec: https://github.com/whatwg/html/pull/4665 Intent-to-Ship: https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/f8JngIi8qYs Bug: chromium:970079 Change-Id: Ic1ff07be2c5be415bfb564fa3975bc1a55a06a72 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692366Reviewed-by: Simon Zünd <szuend@chromium.org> Commit-Queue: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#62607}
-