- 18 Jun, 2022 1 commit
-
-
Frank Tang authored
Also add AOs: TimeZoneEquals Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.compare https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.prototype.equals https://tc39.es/proposal-temporal/#sec-temporal-timezoneequals Bug: v8:11544 Change-Id: Ibcd1e42d72f86f16e0f5ddb1fd589bbe7ab2225c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3709217 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#81227}
-
- 17 Jun, 2022 16 commits
-
-
Milad Fa authored
This CL corrects the selection and print of fcfid variations (singe and double precision). Change-Id: I438a76793ec5fdb814ea6bc46bd0a2b0c9b2acd2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3712063Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#81226}
-
Shu-yu Guo authored
Due to shared GCs it's easy to accidentally deadlock V8 by forgetting to park a thread before blocking. This CL does the following: - Adds ParkingConditionVariable and ParkingSemaphore, which hide the Wait[For] methods in favor of ParkedWait[For], which parks the thread before blocking the thread. - Migrate to the Parking* variants in JS shared memory tests. Bug: v8:11708 Change-Id: I6d1b2b26a05e7df0a69a1614c03308f538a8782f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3708017Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#81225}
-
Shu-yu Guo authored
Bug: v8:12547 Change-Id: I94697ebf41ce5c132ad4bfc6472b9fc925d1f176 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3709240Reviewed-by: Samuel Groß <saelo@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#81224}
-
Patrick Thier authored
Bug: chromium:1336516 Change-Id: I28a2b9d72e00a17792f80cf2a65312eeb47f165a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707290 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Auto-Submit: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/main@{#81223}
-
Samuel Groß authored
Bug: v8:12878 Change-Id: I79ca182fcf59f520cdf8f25dd0daac9ced07881a Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707283 Commit-Queue: Samuel Groß <saelo@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#81222}
-
Milad Fa authored
Fixing build with `v8_enable_webassembly = false`. Change-Id: I911ea533a7a0a3111525066e6f9d57d27a351e5f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3708105Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#81221}
-
Tobias Tebbi authored
This reverts commit c56edd3e. Reason for revert: should be fixed now Original change's description: > Skip mjsunit/turboshaft/simple on numfuzz until flake is solved > > NOTRY=true > > Bug: v8:12826 > Change-Id: I08be2980f92c69504290bb6152e48595e6a6c9aa > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3629540 > Auto-Submit: Almothana Athamneh <almuthanna@chromium.org> > Commit-Queue: Michael Achenbach <machenbach@chromium.org> > Reviewed-by: Michael Achenbach <machenbach@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80369} Bug: v8:12826 Change-Id: I615c682447df58bf9ae7acd9e4429b3a55697d8a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707593 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#81220}
-
Igor Sheludko authored
... which doesn't expect GCs caused by concurrent allocations. Bug: v8:12779 Change-Id: I4ab13711ed4d98e7a46d759f0020b5983dec4ee0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707278 Commit-Queue: Omer Katz <omerkatz@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Auto-Submit: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#81219}
-
Tobias Tebbi authored
This reverts commit 1ed7d0b8. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Blink%20Linux%20Future/13719/overview Original change's description: > [flags] Enable freezing of flags > > This enables the --freeze-flags-after-init flag globally. Note that > tests, fuzzers, Node and other still explicitly disable the flag. The > chrome renderer process and default d8 execution will have it enabled > though. > > R=cbruni@chromium.org > > Bug: v8:12887 > Change-Id: I9a15ef64227e5e6e04779d8d671a2c50d99c9097 > Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695264 > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Commit-Queue: Clemens Backes <clemensb@chromium.org> > Cr-Commit-Position: refs/heads/main@{#81214} Bug: v8:12887 Change-Id: I63c45d4b026345d95a5de179600df960eae8ca0a Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707280 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#81218}
-
Tobias Tebbi authored
In addition to checking that a node is owned, CanCover() also needs to check if there are any side-effects in between the current node and the merged node. When merging inputs of inputs, this check was done with the wrong side-effect level of the in-between node. We partially fixed this before with `CanCoverTransitively`. This CL addresses the issue by always comparing to the side-effect level of the node from which we started, making `CanCoverTransitively` superfluous. Bug: chromium:1336869 Change-Id: I78479b32461ede81138f8b5d48d60058cfb5fa0a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707277Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#81217}
-
Samuel Groß authored
Drive-by: include the right header in sandboxed-pointer-inl.h and fix missing sandbox initialization in generate-bytecode-expectations.cc. Bug: v8:10391 Change-Id: Ic39ba04b7c98eaa58ea3943189c23b297f581f5a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3630082Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#81216}
-
JianxiaoLuIntel authored
Change-Id: I9d135e2add4f6ae7b0b19b97081ec40096ff75b2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3708026Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Jianxiao Lu <jianxiao.lu@intel.com> Cr-Commit-Position: refs/heads/main@{#81215}
-
Clemens Backes authored
This enables the --freeze-flags-after-init flag globally. Note that tests, fuzzers, Node and other still explicitly disable the flag. The chrome renderer process and default d8 execution will have it enabled though. R=cbruni@chromium.org Bug: v8:12887 Change-Id: I9a15ef64227e5e6e04779d8d671a2c50d99c9097 Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695264Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#81214}
-
Michael Lippautz authored
This reverts commit 8325f86d. Reason for revert: Speculative revert for chromium:1336850. Original change's description: > [heap] Sweep code pages on the background thread > > We already make code pages writable & executable for concurrent > Sparkplug. We can use the same mechanism for sweeping of code pages on > the background thread, instead of scheduling incremental tasks on the > main thread. This allows us to remove almost all special > handling for code pages in the sweeper and allows us to off-load more > work from the main thread. > > Bug: v8:12967 > Change-Id: Idb8e9f8e2eadbec26a386f2de683a80087f671f3 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695557 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Cr-Commit-Position: refs/heads/main@{#81139} Bug: v8:12967, chromium:1336850 Change-Id: I1fb775892c2679984221efa7ceb682800c88cb2f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707274 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/main@{#81213}
-
Frank Tang authored
Also add AOs: ToTemporalRoundingMode, ToSmallestTemporalUnit, ToTemporalRoundingIncrement, RoundHalfAwayFromZero, RoundNumberToIncrement, RoundTemporalInstant Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.instant.prototype.round https://tc39.es/proposal-temporal/#sec-temporal-totemporalroundingmode https://tc39.es/proposal-temporal/#sec-temporal-tosmallesttemporalunit https://tc39.es/proposal-temporal/#sec-temporal-totemporalroundingincrement https://tc39.es/proposal-temporal/#sec-temporal-roundhalfawayfromzero https://tc39.es/proposal-temporal/#sec-temporal-roundnumbertoincrement https://tc39.es/proposal-temporal/#sec-temporal-roundtemporalinstant Bug: v8:11544 Change-Id: I37750f166e6b5597db16574d2ce4d5f92065a7b0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3566671 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#81212}
-
Adam Klein authored
This reverts commit 035ba1d8. Reason for revert: fails on Blink Linux Debug bots: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Blink%20Linux%20Debug/14932/overview Original change's description: > [wasm] Use the API callback to resolve the wasm result promise > > This CL switches resolving and rejecting the wasm result promise from > the V8-internal API to the external API added in > https://chromium-review.googlesource.com/c/v8/v8/+/3695584. > > This CL can land once Chrome provided an implementation of the callback. > > R=jkummerow@chromium.org > > Bug: v8:12953 > Change-Id: I3ca395594b4e7b5018fdcdac8c215dd4d6bf8de0 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695589 > Commit-Queue: Andreas Haas <ahaas@chromium.org> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Cr-Commit-Position: refs/heads/main@{#81206} Bug: v8:12953 Change-Id: I35f85d056e2c9063f5b1280c7a3e96a20d67fcad No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3709409 Auto-Submit: Adam Klein <adamk@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#81211}
-
- 16 Jun, 2022 8 commits
-
-
Andreas Haas authored
This reverts commit be41754f. Reason for revert: This change breaks the GCC component build (e.g. https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20gcc%20-%20debug%20builder/1997/overview) Original change's description: > [wasm] Deprecate WasmModuleObjectBuilderSteraming > > This class is just dead code. > > Bug: v8:12926 > Change-Id: Ic780c0b1bf5b1e517aa919b820fad4ec083d9ef7 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3689581 > Reviewed-by: Adam Klein <adamk@chromium.org> > Commit-Queue: Andreas Haas <ahaas@chromium.org> > Cr-Commit-Position: refs/heads/main@{#81169} Bug: v8:12926 Change-Id: I8ef0dbd6ebaac0cbcc752338b7bfdf6049e6874c No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707219 Owners-Override: Adam Klein <adamk@chromium.org> Auto-Submit: Andreas Haas <ahaas@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#81210}
-
Junliang Yan authored
Change-Id: I8776f1a77a809dc21797dbc1673539780249cf00 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3708481 Commit-Queue: Junliang Yan <junyan@redhat.com> Reviewed-by: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#81209}
-
Thibaud Michaud authored
Exceptions should propagate inside the logical stack, which can consist of multiple wasm stack segments. When the outermost frame of the current segment is reached, pick up the parent stack and continue the search from there, and update the state to reflect the implicit stack switch. Drive-by: cleanups. R=ahaas@chromium.org CC=fgm@chromium.org Bug: v8:12191, v8:12960 Change-Id: Ia5cb39a6ae197fb68e635f986952419dc43c7b98 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695376Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#81208}
-
Milad Fa authored
Fixing build with `v8_enable_webassembly = false`. Change-Id: Ib69e3f462f6fe9122707d1b3260262bbb83f5399 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3708474 Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Reviewed-by: Junliang Yan <junyan@redhat.com> Cr-Commit-Position: refs/heads/main@{#81207}
-
Andreas Haas authored
This CL switches resolving and rejecting the wasm result promise from the V8-internal API to the external API added in https://chromium-review.googlesource.com/c/v8/v8/+/3695584. This CL can land once Chrome provided an implementation of the callback. R=jkummerow@chromium.org Bug: v8:12953 Change-Id: I3ca395594b4e7b5018fdcdac8c215dd4d6bf8de0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695589 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#81206}
-
Manos Koukoutos authored
Bug: v8:7748 Change-Id: Ib3b1d99107ad2a9c703e9dc546b522e208204d1c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702443 Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#81205}
-
Manos Koukoutos authored
Changes: - Rename InitExpression -> ConstantExpression in places which reference the ConstantExpression type. - Move ConstantExpression to its own file, along with ValueOrError and EvaluateConstantExpression. Change-Id: Ife572d783531216b6ea3d2626e4fbf4048463253 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702798Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#81204}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/4be7c7b..7e8d64b Rolling v8/buildtools/linux64: git_revision:2ecd43a10266bd091c98e6dcde507c64f6a0dad3..git_revision:e62d4e1938a45babc9afb6db543f388cd1802a52 Rolling v8/buildtools/third_party/libc++/trunk: https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libcxx/+log/b126981..1a63708 Rolling v8/buildtools/third_party/libc++abi/trunk: https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libcxxabi/+log/013bcd8..2dba7d2 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/d854027..0eef537 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/b603090..c5c4853 Rolling v8/third_party/fuchsia-sdk/sdk: version:8.20220613.2.1..version:8.20220614.2.1 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/30892fa..aab5788 R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I97d4ae83dccc42a36734fd2ae3b047632fac8be6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3708478 Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#81203}
-
- 15 Jun, 2022 15 commits
-
-
Adam Klein authored
Bug: v8:12912 Change-Id: Ibfd8d29660ee55fa1d4cd0cac76942826ea541fc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3708852 Auto-Submit: Adam Klein <adamk@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#81202}
-
Adam Klein authored
This is useful for cases where we're calling a Maybe-returning function only for its side effects and possible exception-throwing. Change-Id: I64e73598d40b3565d83cb17166c762d8affd7a84 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3708022Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#81201}
-
Frank Tang authored
Also implement AOs: ParseTemporalZonedDateTimeString, ToTemporalZonedDateTime Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.zoneddatetime.from https://tc39.es/proposal-temporal/#sec-temporal-parsetemporalzoneddatetimestring https://tc39.es/proposal-temporal/#sec-temporal-totemporalzoneddatetime Sync ToTemporalOffset and ToTemporalDisambiguation to latest spec to take undefined. https://tc39.es/proposal-temporal/#sec-temporal-totemporaloffset https://tc39.es/proposal-temporal/#sec-temporal-totemporaldisambiguation Bug: v8:11544 Change-Id: I4137725155201b025066538ce337f6ae4749dc5e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3699684 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#81200}
-
Frank Tang authored
https://github.com/tc39/proposal-intl-numberformat-v3/pull/85 Also add test to show the problem while using numberingSystem with formatRange Bug: v8:12977, v8:10776 Change-Id: I09845b6f04994dc84b9a21e272d39d785db3317a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3708020 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#81199}
-
Frank Tang authored
Stage 3 proposal flag --harmony-intl-number-format-v3 Spec: https://github.com/tc39/proposal-intl-numberformat-v3 R2T: https://groups.google.com/a/chromium.org/g/blink-dev/c/vy6rCuh3r_0/m/1Q2FHx9hBAAJ Design Doc: https://docs.google.com/document/d/19jAogPBb6W4Samt8NWGZKu47iv0_KoQhBvLgQH3xvr8/edit https://docs.google.com/document/d/14zxGub6Os6nARzH6XstOZX05w2537sZo_ZSSlGjGpBM/edit#heading=h.86ckkob9p59r https://chromestatus.com/feature/5707621009981440 Bug: v8:10776 Change-Id: I81d0385b09c283628c7c36096d26e07a817888a1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3703471Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#81198}
-
Adam Klein authored
Extend V8_OS_LINUX ifdef guards to surround PrintToStderr() helper. Change-Id: Ia27d532eef60aa162b99c6989b1312515a038110 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3708021 Commit-Queue: Adam Klein <adamk@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/main@{#81197}
-
Manos Koukoutos authored
This is a reland of commit 76a07814 Changes compared to original: - Add WasmArray::SetTaggedElement, which uses write barriers. - In Factory::NewWasmArrayFromElementSegment, the new array may have moved to OldSpace until it is initialized. Therefore, it needs write barriers; use the new method for that. - Small readability improvements. Original change's description: > [wasm-gc] Implement array.init_from_elem > > Bug: v8:7748 > Change-Id: I65dbb496302045820063bd0f4f9ea054e6a645bd > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695580 > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> > Cr-Commit-Position: refs/heads/main@{#81128} Bug: v8:7748 Change-Id: Ic5def1886f662bddce72b8eaea274eb5e8ec0c68 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3704513Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#81196}
-
Toon Verwaest authored
This moves constant nodes to separate data structures on the graph so they can be looked up there. Graph processors walk the constants before walking other nodes. Bug: v8:7700 Change-Id: Id4bec2c2a26011dcacf3355fe17d821451f79397 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3706625 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#81195}
-
Patrick Thier authored
In addition change DCHECKs to CHECKs in StringForwardingTable. The added CHECKs hopefully make it easier to reason about crashes on canary. Bug: chromium:1336516 Change-Id: I30bbabbc2a9186eaeac42c2963e7ae8dbb9fb527 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707103Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/main@{#81194}
-
Seth Brenith authored
This is a partial reland of https://crrev.com/c/3597106 , except for the changes in compiler.cc, which are just the minimal possible changes to make the code compile. With this change, it is possible that a call to CompilationCache::LookupScript returns any of: 1. A Script and a toplevel SharedFunctionInfo (cache hit) 2. A Script but no toplevel SharedFunctionInfo (partial cache hit) 3. Nothing (cache miss) Bug: v8:12808 Change-Id: Id33a4cd0cb28562d6b862fbb113ea9d03f255b2b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687425Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/main@{#81193}
-
Igor Sheludko authored
Namely the ones that might be locked for a second time by the sampling profiler while iterating the call stack. Bug: v8:12966 Change-Id: I081de804143e5ca4da4e2296919428b2c1bff1b0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707105Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Auto-Submit: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#81192}
-
Samuel Groß authored
SIGABRT is harmless as it indicates a CHECK failure. Further, memory access violations at non-canonical addresses and memory permission violations should be ignored as well as they can legitimately be triggered from memory corruption inside the sandbox and are not directly exploitable. See code comments for more details. Bug: v8:12878 Change-Id: Idddd805f5d52c87f2b67a974716acd5d5abf11cf Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707106Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#81191}
-
Samuel Groß authored
This is a reland of commit ae55e4d2 crrev.com/c/3706618 should fix the Android failures. Original change's description: > [sandbox] Enable sandboxed pointers on Android > > Bug: chromium:1218005 > Change-Id: Ie7c100193848544e661ee62f88be4601426a4e18 > Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702251 > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Commit-Queue: Samuel Groß <saelo@chromium.org> > Cr-Commit-Position: refs/heads/main@{#81117} Bug: chromium:1218005 Change-Id: Ia6dbbd2c7629614391ea49f898b0784f39cf27f1 Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702445Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#81190}
-
jameslahm authored
... ArrayBuffer and shared ArrayBuffer. Bug: v8:11525 Change-Id: I6b3f78d5cf6528123b40c49f2767ade2b6bfbed1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3706279 Commit-Queue: 王澳 <wangao.james@bytedance.com> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#81189}
-
Andy Wingo authored
Bug: v8:12868 Change-Id: I2f12858db1956a3b14b95341f1459df8abc03db0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702797 Commit-Queue: Andy Wingo <wingo@igalia.com> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#81188}
-