- 08 Jun, 2021 17 commits
-
-
Wenyu Zhao authored
The initial CL is suspected to break the --predictable CI. But looks like the CI is still crashing and also flaky after the revert. So reland it again. This is a reland of 59d58d72 Original change's description: > [csa] Remove InnerAllocate and replace with non-folded allocations > > This CL removes all uses of InnerAllocate (except memento allocations) > and replace with non-folded allocations. The change is based on the > fact that 1. Those InnerAllocates are not guarded by --allocation-folding > flag. 2. Hopefully the MemoryOptimizer can handle the folding and no > performance regression will happen. > > Two special versions of InnerAllocate is still kept: > * One for memento allocations (renamed to InnerAllocateMemento). > * One for AllocateUninitializedJSArrayWithElements (renamed to InnerAllocateElements). > > Change-Id: Ie77da6b2fba31b048241f7b7d927065305a01c27 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2873767 > Commit-Queue: Wenyu Zhao <wenyu.zhao@anu.edu.au> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/master@{#74899} Change-Id: I540c3a6b6e3f7c70c048f8ad1e5f702287fb086b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2946667 Commit-Queue: Wenyu Zhao <wenyu.zhao@anu.edu.au> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#75015}
-
Patrick Thier authored
Add flag --trace-baseline-batch-compilation to enable tracing for baseline batch compilation. Bug: v8:11790 Change-Id: I2b05017181b95bf3bccb70e2092250211dafb86c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2945174Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/master@{#75014}
-
Clemens Backes authored
Predictable does not contradict --wasm-tier-up any more, hence unskip the tests. R=ahaas@chromium.org Bug: v8:11319, v8:11848 Change-Id: Iaefcf6c80e65d27c527aa1a45b054ace1d85fe39 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2945171 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#75013}
-
Michael Lippautz authored
Heaps in V8 start with a large limit that is shrunk upon young generation GCs, based on some liveness estimate. This provides best throughput during startup while at the same time finding a reasonable first limit. For C++ (embedder memory) there is no estimate which is why it was piggy-backing on V8. This breaks in scenarios where no JS memory is allocated. In this fix we start a memory reducer after embedder memory has hit the activation threshold if no GC happened so far. As soon as a single Scavenger has happened, we leave it up to the JS estimate to figure out a limit. Memory reducing GCs will then find a regular limit based on the initial live size. Drive-by: Give embedders the same activiation threshold of 8MB as JS. Bug: chromium:1217076 Change-Id: I8469696002ac2af8d75d6b47def062d2608387a1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944935Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#75012}
-
Manos Koukoutos authored
Bug: v8:7748 Change-Id: I4d1badcc31accfc1a2efcd0d12118e7aa436e610 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2940894 Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#75011}
-
Camillo Bruni authored
Bug: v8:11420 Change-Id: Ic2b977c41dd71426838e1039b66dc7936cc4ff98 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2933658Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#75010}
-
Clemens Backes authored
This is a reland of 79d63a5e. Some fixes landed already, and two tests need to be skipped now (one with a tracking bug). Original change's description: > [wasm] Remove all implications from --predictable > > In predictable mode, we want to execute the same code as otherwise, > modulo timing. Hence remove any implications which change behaviour > (like tier-up or asynchronous compilation). > Note that --predictable is a debugging flag, so the configurations does > not need to "make sense" in production. > > R=ahaas@chromium.org > > Bug: v8:11848 > Change-Id: If74fbacadeb087d977922c41f33fd18738b50ded > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2940898 > Commit-Queue: Clemens Backes <clemensb@chromium.org> > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Cr-Commit-Position: refs/heads/master@{#74973} Bug: v8:11848 Change-Id: I3564e4351d6545bb9643d1ae44722eb2606b8961 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944936Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#75009}
-
Camillo Bruni authored
- Scale svg flamechart directly instead of rerendering - Convert markers to SVG as well - Fix scroll position after zooming - Support tooltips for flamechart Change-Id: I01c966d2705989cf45a91c64aa4302a8de035414 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944894 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/master@{#75008}
-
Clemens Backes authored
The predictable platform only executed background tasks if at least one foreground task was executed. Async compilation in Wasm only spawns a background task though, so that one could be missed. This CL fixes the loop to also execute background tasks if no foreground task was executed. R=ahaas@chromium.org Bug: v8:11848 Change-Id: Ia0b32427c24a79d5710c784b98528bf431471528 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944833Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#75007}
-
Manos Koukoutos authored
Changes: - Add struct.new_with_rtt as a new WasmInitExpr. Parse it in consume_init_expr(). Add it to InstanceBuilder::EvaluateInitExpression(). - Change WasmInitExpr::operand_ to vector operands_. - In consume_init_expr(), use parsed over hard-coded opcode length. - Improve WasmStruct::WasmStructPrint slightly. - Add Factory::NewWasmStruct(). - Add WasmValue::CopyToWithSystemEndianness. - In wasm-module-builder.js, generalize emit_init_expr for expressions with operands. Add missing init. expression types. - Add tests. Bug: v8:7748 Change-Id: Ica12378d202730aff1b57c7d4240aa00ef124f8e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2940893 Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#75006}
-
Zhao Jiazhong authored
This reverts commit febfbb21. Reason for revert: Introduced new bugs: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Mac64%20-%20debug/34472/overview Original change's description: > [sparkplug] Adjust compare and jump function in sparkplug > > Mips and risc-v do not have the flag register and can not decide > whether to jump through flags in JumpIf(); > > Therefor, we merge the comparison with the jump; > > Bug: v8:11803 > > Change-Id: If53752da93b97e8ff65affdfe99e5de8e1a1493f > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2921034 > Auto-Submit: Liu yu <liuyu@loongson.cn> > Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Cr-Commit-Position: refs/heads/master@{#75001} Bug: v8:11803 Change-Id: Ic982564ccdef9a07bf3a5fb4745a11cfa178cc0e No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2946818 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Cr-Commit-Position: refs/heads/master@{#75005}
-
Daniel Bevenius authored
This commit adds a TryGetCurrent() method to the v8::Isolate class. The motivation for adding this method this is that in Node.js we've run into situations where we need to check if there is a current Isolate and we are using GetCurrent() for this. The issue is that for a debug build of Node.js, the debug check in GetCurrent() will cause a failure. The suggestion in this changeset is to allow getting the current Isolate, or null if one does not exist, without any checks. Change-Id: I01676e4bcdbe86da0496f5df1982d14eb1c9ebf8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2910630Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#75004}
-
Liu Yu authored
Some supplements on mips for 8ab75a56 Change-Id: Id0928e59b6a265f34a4ee986fa80e6b9dee0198c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2946812 Auto-Submit: Liu yu <liuyu@loongson.cn> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Cr-Commit-Position: refs/heads/master@{#75003}
-
Clemens Backes authored
Jobs were still being posted on the underlying default platform, which caused concurrent execution. By directly returning a {NewDefaultJobHandle} with a pointer to the {PredictablePlatform}, we force execution of all posted tasks via that platform. R=ahaas@chromium.org, cbruni@chromium.org Bug: v8:11848 Change-Id: Ie10519583341b427776ca428f85641e96f821367 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944808Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#75002}
-
Liu Yu authored
Mips and risc-v do not have the flag register and can not decide whether to jump through flags in JumpIf(); Therefor, we merge the comparison with the jump; Bug: v8:11803 Change-Id: If53752da93b97e8ff65affdfe99e5de8e1a1493f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2921034 Auto-Submit: Liu yu <liuyu@loongson.cn> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#75001}
-
Michael Achenbach authored
The flag had no effect and was removed from fuzzilli instructions here: https://github.com/googleprojectzero/fuzzilli/commit/f31bfb7b5a3364e4cbcf7661f621fb5347521560 No-Try: true Change-Id: If28e79fdf469a4cb665a83793c9fef8c6c2a8232 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944431 Auto-Submit: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#75000}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/e353b02..8870cb4 Rolling v8/buildtools: https://chromium.googlesource.com/chromium/src/buildtools/+log/eb65cc3..c793cca Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/8bf7a0b..a8bae77 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/a5b6b2f..b508ecd Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/30cbc5c..0c64e83 TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: Ib0903c26326e045b1f2b1e2ac2f37dd3a883e6ed Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2946109Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#74999}
-
- 07 Jun, 2021 23 commits
-
-
Camillo Bruni authored
Directly use the correct registers for calling the RecordWrite stubs in sparkplug. To keep changes to existing builtins minimal there are certain register requirements which are now made explicit in WriteBarrierDescriptor::Verify. Bug: v8:11420 Change-Id: I3a0c500fbe26f82ee2243a61dbf574fd31656982 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2910313Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#74998}
-
Michael Achenbach authored
Test262 with extra variants times out on several debug bots regularly: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20-%20debug/37382 https://ci.chromium.org/p/v8/builders/ci/V8%20Linux%20-%20debug/35401 https://ci.chromium.org/p/v8/builders/try.triggered/v8_linux64_dbg_ng_triggered/b8845063257835477664 Bug: v8:11428 Change-Id: I749556be0e5dd5ce788ee66ba10e1431ebf47b93 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944938 Auto-Submit: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Reviewed-by: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#74997}
-
Junliang Yan authored
Change-Id: I363e9ecdcecacca34e87086506a9cc4ab8a19d91 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944594Reviewed-by: Milad Fa <mfarazma@redhat.com> Commit-Queue: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Fa <mfarazma@redhat.com> Auto-Submit: Junliang Yan <junyan@redhat.com> Cr-Commit-Position: refs/heads/master@{#74996}
-
Camillo Bruni authored
- Add new Builtin enum - Move Builtins::Name:kXXX to Builtin::kXXX - Update existing code Follow CLs will unify the mix of using int builtin-ids and Builtins::Name to only use the new Builtin enum and changing it to an enum class. Change-Id: Ib39aa45a25696acdf147f46392901b1e051deaa4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2905592 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Mythri Alle <mythria@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#74995}
-
Igor Sheludko authored
Bug: chromium:1216437 Change-Id: Ib8439aefc778beefed4dc40290473311cc23d5f9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944937Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#74994}
-
Chong Gu authored
This will allow Fuchsia tests to be run on v8 CI Bug: v8:11843, chromium:934932 Change-Id: I516329d8f29d9c94d46aa010fa729fa3ca0993ee Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2935024 Commit-Queue: Chong Gu <chonggu@google.com> Auto-Submit: Chong Gu <chonggu@google.com> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#74993}
-
Seth Brenith authored
The flag --trace-ignition-dispatches has been broken for a long time, since it was not designed to work with bytecode handlers that are generated ahead of time by mksnapshot. This splits the existing --trace-ignition-dispatches logic into two separate parts: 1. A gn argument which instructs mksnapshot to include dispatch counting in the bytecode handlers, and ensures that the Interpreter allocates the array of counters, and 2. A runtime flag which enables the ignition-statistics extension which implements the JS-accessible function getIgnitionDispatchCounters(). Change-Id: I89323425697f5641451f67b9ddcc0303b8ca209f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2937564Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/master@{#74992}
-
Patrick Thier authored
xmm0 and xmm1 are used to save/restore values in asm builtins, but they were not saved before calling RecordWrite, which calls C++ code. Instead of passing SaveFPRegsMode::kSave to RecordWriteField, which would save/restore all FP-regs, this CL explicitly saves/restores the FP-regs we rely on beyond the C-Call. Bug: chromium:1216295 Change-Id: Ifcc7ce4e8819303ffb79576a88304df2e3a6cc4c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944427Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/master@{#74991}
-
Patrick Thier authored
Add flag --lazy-feedback-allocation to prevent NumFuzz errors. Bug: v8:11853 Change-Id: I5170ef9db374e168cf248b86dbed3c3e7c87f826 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944428Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/master@{#74990}
-
Dominik Inführ authored
Left-trimming only works when there is a single reference to the backing store from the JS object. Main thread handles are an exception to this rule because it is not feasible to ensure that no such leftover handles may store such stale pointers. FixStaleLeftTrimmedHandlesVisitor clears such references in main thread handles, such that the GC never tries to visit them. This CL renames this class to ClearStaleLeftTrimmedHandlesVisitor to emphasize that such slots are cleared rather than "fixed up" to point to the new object start. Previously ClearStaleLeftTrimmedHandlesVisitor was used for local and persistent handles as well. Starting with this CL, stale references to left-trimmed objects are only allowed in main thread handles. https://crrev.com/c/2928502 enabled us to be more restrictive here. Change-Id: If4db0630f1df2d6c3fe5f242bf866c57a8ae2969 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944807Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/master@{#74989}
-
Igor Sheludko authored
Bug: chromium:1216437 Change-Id: Ic417583813ccef4d93b46d5b53af6dd0e6ba9840 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2940889 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#74988}
-
Camillo Bruni authored
- Introduce proper TickLogEntry and use a separate Timeline object - Update the main rendering to use SVG for speed - Separate custom-elements: timeline-track-map and timeline-track-tick - Revamp flame-chart drawing - Enable map-transitions overlay - Use mouse position to infer current log-entry instead of individual event handlers - Fix first timelineLegend column header - Fixing scrollbar-color for FireFox Change-Id: I7c53c13366b3e4614b1c5592dfaa69d0654a3b5f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944430 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/master@{#74987}
-
Marja Hölttä authored
This fix makes ObjectLiteral::CalculateEmitStore work correctly. Bug: v8:11810 Change-Id: I60f3d5cb657f4b2ca574d5224c8f1cb7a8216354 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2917040Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#74986}
-
Camillo Bruni authored
Use new Script.prototype.update method to set the url and the script source. Bug: v8:11850 Change-Id: I555d4d0158cdacb7cb42efa385371454542fc2f3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944438Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#74985}
-
Santiago Aboy Solanes authored
We have recursive calls such ThinStrings where we go String::Get into ThinString::Get into String::Get again for the internalized string. If we need to, we would acquire the StringAccessGuard in the first String::Get and it wouldn't be needed to be re-acquired for the second String::Get. Trying to re-acquire it would in fact be an error since we are already holding the lock. The code, however, didn't know if we acquired it or not. It was working correctly due to the way the methods were defined and called. By passing down the access guard through the Get() calls we make this interaction explicit. Also add some thin string tests to test the interaction. Bug: v8:7790 Change-Id: I1181edec1e802cb754c4d1d1ac268577257b92f3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2936598 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#74984}
-
Lu Yahan authored
Change-Id: Ia1dfb428e5518343252300bf4323f24a20bb7f2f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2939539 Commit-Queue: Brice Dobry <brice.dobry@futurewei.com> Reviewed-by: Brice Dobry <brice.dobry@futurewei.com> Cr-Commit-Position: refs/heads/master@{#74983}
-
Andreas Haas authored
A spec test (wasm-js/global/value-get-set) requires WebAssembly.Global.value.set to throw an exception if it is called with 0 arguments. The implementation in V8, however, just checked if the first parameter is `undefined`. This implementation indeed threw an exception if 0 arguments were provided, but it also threw an exception when `undefined` is provided as a parameter. This, however, violates the spec, because globals can be reset to `undefined`. With this CL we replace the checking for `undefined` by checking the length of the arguments that get provided. R=ecmziegler@chromium.org Bug: chromium:1211342 Change-Id: Ic87a0b369dea3e49eddb8f71f2c29dc6a8f5f558 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2940901Reviewed-by: Emanuel Ziegler <ecmziegler@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#74982}
-
Jakob Kummerow authored
instead of recursive. JS code can construct very long chains of nested bound functions or proxies, where the previous recursive implementation could run out of stack space. Fixed: chromium:1214616 Change-Id: I764718f03030d22c0873b3ed05277d4317789093 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2933668 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#74981}
-
Clemens Backes authored
When growing a memory without a maximum, we should still check against the spec'ed limit, to avoid an overflow when computing the new number of pages. R=ahaas@chromium.org Bug: chromium:1215808 Change-Id: I476b954268277e7dce1106a9b8c3c713b0d1a560 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944433Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#74980}
-
Dominik Inführ authored
While no scavenger thread reads the content of an object copied by another thread, we still need memory ordering in order to read the page flags for a forwarded object. Change-Id: I831e9dccb03d32daf3c4847613614d26533ba825 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944436Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/master@{#74979}
-
Michael Achenbach authored
This reverts commit 6596e8c6. Reason for revert: Main bug was fixed. Original change's description: > [infra] Switch back to Xenial on some bots > > This tests the hypothesis that the current timeout problems are on > Bionic bots only. > > Bug: v8:11818 > Change-Id: I68f84cda52ca392fbda5a400eb2bf136b7ee85a3 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2916816 > Auto-Submit: Michael Achenbach <machenbach@chromium.org> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > Cr-Commit-Position: refs/heads/master@{#74747} Bug: v8:11818 Change-Id: Ib5f952dc6f23f3a98bb1d79ae5ce689e288d6727 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2940897 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Reviewed-by: Tamer Tas <tmrts@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#74978}
-
Jakob Gruber authored
.. and replace them by elements read directly from the heap object. With this change, consistency between `map` and `elements` is no longer guaranteed. Users were updated, when necessary, to deal with this, e.g. by being more careful not to read out of bounds, by inserting new `actual_elements == elements_constant` runtime checks, or through a new compilation dependency that verifies unchanged elements at finalization time. Drive-by: inline GetElementsKind into callsites. Bug: v8:7790 Change-Id: Ifba78182e185ff0d4e954e3be52f0eb24328c853 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2909655Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#74977}
-
Jakob Kummerow authored
Change-Id: I244a28e29f14b05a50c8bb10db429b16b2052aca Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2944432Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#74976}
-