- 17 Mar, 2022 10 commits
-
-
Manos Koukoutos authored
This reverts commit 406bcd69. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64/46797/overview Original change's description: > [maglev] Finish & enable basic Maglev concurrent tierups > > This implements the last bits of basic concurrent Maglev compilation. > When jobs have been processed, schedule an interrupt to trigger codegen > and building the Code object on the main thread. > > Bug: v8:7700 > Change-Id: I348ade4777ddddf7c3a6b0575d9f51e5fa00c9fb > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3528494 > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79516} Bug: v8:7700 Change-Id: I1faa092b96e56149b4db2e271680f39c7af61554 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3532231 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#79517}
-
Jakob Gruber authored
This implements the last bits of basic concurrent Maglev compilation. When jobs have been processed, schedule an interrupt to trigger codegen and building the Code object on the main thread. Bug: v8:7700 Change-Id: I348ade4777ddddf7c3a6b0575d9f51e5fa00c9fb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3528494Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79516}
-
Jakob Gruber authored
.. into new virtual subclass TurbofanCompilationJob. Update all TF code to derive from this class. Specifically, the OptimizedCompilationInfo is TF-specific and now lives in TurbofanCompilationJob. The motivation behind this is that Maglev now also uses this infrastructure. Drive-by: Replace CompilationMode with ConcurrencyMode. Bug: v8:7700 Change-Id: Iae6d1ffd1c810e2e45cad6c9b4e43d4c82ac54a7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3528493Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Auto-Submit: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#79515}
-
jameslahm authored
In JSCallReducer::ReduceArrayPrototypeShift, add Unsigned32 TypeGuard for index Node used in fast path, avoid representing kRepFloat64 (Range(1, inf)) to kRepWord64 when converting input for kLoadElement. Bug: v8:12632 Change-Id: I2e4b00840dc5462e4351e13a372c33b6272b9ea1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3528373Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#79514}
-
Victor Gomes authored
Fixes wrong conditional logic in BaselineCompilerTask::Install. Removes is_compiled(), since CanCompileWithBaseline already checks for HasBytecodeArray. Bug: chromium:1307072 Change-Id: I4cc61e2bab8d1fb5a5b253d291c7079b82c3fa44 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3532230 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#79513}
-
Jakob Gruber authored
This started out as a minor code move of early-osr logic, but became a more general refactor of the tiering decisions. Early-OSR: the intent here is to trigger OSR as soon as possible when matching OSR'd code is cached. Move this out of ShouldOptimize (since it has side effects), and into a dedicated function that's called early in the decision process. Note that with this change, we no longer trigger normal TF optimization along with the OSR request - TF tiering heuristics are already complex enough, let's not add yet another special case right now. Other refactors: - Clarify terminology around OSR. None of the functions in TM actually perform OSR; instead, they only increase the OSR urgency, effectively increasing the set of loops that will trigger OSR compilation. - Clarify the control flow through the tiering decisions. Notably, we only increment OSR urgency when normal tierup has previously been requested. Also, there is a bytecode size limit involved. These conditions were previously hidden inside other functions. Bug: v8:12161 Change-Id: I8f58b4332bd9851c6b299655ce840555fb7efa92 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3529448Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79512}
-
王澳 authored
This reverts commit 9f9f36f8. Reason for revert: regressed ai-astar on the M1 Original change's description: > [call reducer] inline Array.prototype.indexOf/includes in js-call-reducer. > > - inline Array.prototype.indexOf in js-call-reducer > - inline Array.prototype.includes in js-call-reducer > > Bug: v8:12390 > Change-Id: Idb5669da3019f0f56af0084fccd1d616d4c5098e > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3473994 > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Marja Hölttä <marja@chromium.org> > Commit-Queue: Marja Hölttä <marja@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79461} Bug: v8:12390, chromium:1306250 Change-Id: I91c666c2f56c30db4f43bb009ee6206ad219f51a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3532399 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79511}
-
Jakob Gruber authored
- Restructure the runtime function implementation. - Rename osr_loop_nesting_level to osr_urgency and add helpers. The motivation for the latter: I've always struggled with the `osr_loop_nesting_level` term; it neither matches terminology of what it's compared against (= the loop depth), nor implies what it's used for (= osr is triggered when `loop depth < osr nesting level`). In this CL it's renamed to `osr_urgency` to reflect that as urgency rises, we consider more and more loops as OSR candidates. Bug: v8:12161 Change-Id: I194ec5a3f1f02526641af1c7796ee0956b6fd3a1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3528735Reviewed-by: Patrick Thier <pthier@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79509}
-
Shu-yu Guo authored
Bug: v8:12547 Change-Id: Ie27831b793f214368a003adac24b7c92f1a5fc11 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3518426Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#79504}
-
Yuxiang Cao authored
Bug: v8:12707 Change-Id: I411950dc92336f73f10614e75bd64647d4137857 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3523995Reviewed-by: ji qiu <qiuji@iscas.ac.cn> Reviewed-by: Yahan Lu <yahan@iscas.ac.cn> Commit-Queue: Yahan Lu <yahan@iscas.ac.cn> Cr-Commit-Position: refs/heads/main@{#79503}
-
- 16 Mar, 2022 12 commits
-
-
Darius M authored
CL https://chromium-review.googlesource.com/c/v8/v8/+/3514072 tried to improve code generation for patterns like "x >> n == k" when n and k are constant, and to generate instead "x == k << n" (with "k << n" being computed at compile time). However, this was also done when "x >> n" was reused later, which caused "x" to be kept alive longer that it could have, which could increase register pressure. This CL thus ensures that this optimization is done only if "x >> n" has a single use. Bug: chromium:1305389 Change-Id: I377e120c4825e2a0deb4a5478138da838bcebc77 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3528987Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Darius Mercadier <dmercadier@chromium.org> Cr-Commit-Position: refs/heads/main@{#79502}
-
Vasili Skurydzin authored
Change-Id: I2ff012f0da2c536d78e12c7b8f02fe2d28b7b7ea Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3526338Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Milad Farazmand <mfarazma@redhat.com> Commit-Queue: Vasili Skurydzin <vasili.skurydzin@ibm.com> Cr-Commit-Position: refs/heads/main@{#79501}
-
Victor Gomes authored
We check if debugger needs to hook into every call when we enqueue the function to batch and when we compile, but we do not check it when we install it (that is, set_baseline_code), which is done in the main thread. Bug: v8:12713 Change-Id: I81ba221caed1060976e8865174d392a861f2ab24 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3528988 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#79500}
-
Marja Hölttä authored
Please revert this CL if it causes any trouble! Bug: v8:11111 Change-Id: I6061fdc0aed82952f093ede9ecd252be1ac99519 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3528495Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#79499}
-
Clemens Backes authored
In text, we should use the properly capitalized "Wasm" instead of "WASM". In particular for frame output, other frames typically use CamelCase (like "JsToWasmFrame", "ExitFrame", "InternalFrame"), so Wasm should do the same. The "0xa" comment in some assemblers is also outdated, the current tag we emit for StackFrame::WASM is 0x8 (0x4 shifted by one). R=jkummerow@chromium.org Bug: v8:12425 Change-Id: Ic3e00c401b219c28b5424c82efb0f1a9df51690f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3525195Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#79498}
-
Samuel Groß authored
JSObject::InitializeBody now checks whether the instance type of the object being initialized can have embedder data slots around the initialization logic for these slots. This fixes a performance regression on certain benchmarks. To perform this check efficiently, a new instance type, JSObjectWithEmbedderSlots, is introduced so that the check becomes a simple range check. Bug: chromium:1304139 Change-Id: I00c892bc2276e950b59602257ca1c2435c10e517 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3507712Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#79497}
-
Samuel Groß authored
This method now handles external pointers in HeapObjects during serialization by encoding the representation of the external pointer (sandboxed, raw), the origin (internal, api) and potentially the external pointer tag. It is currently only used to handle JSExternalObjects but could, in the future, be extended to handle all external pointers that need special handling during serialization/deserialization. Bug: v8:12700 Change-Id: Ib0747d765ddc632e4ca4ee94521616d0271be0bc Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3521904Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#79496}
-
Frank Tang authored
Implement the Intl.PluralRules.prototype.selectRange (start, end) of the spec See https://tc39.es/proposal-intl-numberformat-v3/out/pluralrules/diff.html https://chromestatus.com/guide/edit/5707621009981440 Design Doc: https://docs.google.com/document/d/19jAogPBb6W4Samt8NWGZKu47iv0_KoQhBvLgQH3xvr8/edit Bug: v8:10776 Change-Id: Ie9c56df7ce68199492281fdf2483c3d6f822cc9e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3504421Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#79495}
-
Marja Hölttä authored
Bug: v8:11111 Change-Id: Id6eafbd3a70cd8edd552d06942517ffaf413f568 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497815Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#79494}
-
Zhao Jiazhong authored
Port commit I3cb2a4d386cb92a4dcd2edbdd3fba9ef71f354d6 Besides, clean some useless "SafepointRegister" stuff for MIPS. Change-Id: I85bc7592faa1a7939330bef8453ea5eff4ac7f71 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3527185Reviewed-by: Yu Liu <liuyu@loongson.cn> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Cr-Commit-Position: refs/heads/main@{#79493}
-
Clemens Backes authored
This reverts commit f01a6098. Reason for revert: Consistent TSan failures: https://crbug.com/v8/12713 Original change's description: > [baseline] Enable concurrent sparkplug > > Bug: v8:12054 > Change-Id: I1b0ee1a9541a75412b882b259e421aa6e88317da > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3259658 > Auto-Submit: Victor Gomes <victorgomes@chromium.org> > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Commit-Queue: Toon Verwaest <verwaest@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79485} Bug: v8:12054 Change-Id: Ide6bbac8c280a1373c5082bbe5356a205f3396c5 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3528496 Auto-Submit: Clemens Backes <clemensb@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#79492}
-
Jakob Gruber authored
This CL implements most parts of the concurrent maglev pipeline. - MaglevConcurrentDispatcher: controls concurrent jobs. - MaglevCompilationInfo: holds job-global data, controls handle fiddling between the main isolate and local isolates, owns job-global state like the Zone. - MaglevCompilationUnit: same as before, holds per-unit data. Still missing: job finalization. Bug: v8:7700 Change-Id: I281178d945e79a0ba97fa2ac7023285d84a16641 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3516036Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79489}
-
- 15 Mar, 2022 7 commits
-
-
Samuel Groß authored
This is necessary due to the indirect call to memfd_create. The function is only used for testing though. Bug: v8:12682 Change-Id: Ifb9fd855213064165fa4c2125846ff592368b625 No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3525534Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Samuel Groß <saelo@chromium.org> Auto-Submit: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#79487}
-
Samuel Groß authored
The use of memfd_create causes V8 to require glibc 2.27 which wasn't previously needed. This CL rewrites the affected code to check at runtime whether memfd_create is available and otherwise use mkstemp. Bug: v8:12682 Change-Id: I84dc3f5ab7504cec2b599bc92501ddecc2ae22cf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3516870Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#79486}
-
Victor Gomes authored
Bug: v8:12054 Change-Id: I1b0ee1a9541a75412b882b259e421aa6e88317da Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3259658 Auto-Submit: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#79485}
-
Milad Fa authored
Port 8a0d1b6f Original Commit Message: Modernise the RegList interface to be a proper class, rather than a typedef to an integer, and add proper methods onto it rather than ad-hoc bit manipulation. In particular, this makes RegList typesafe, adding a DoubleRegList for DoubleRegisters. The Arm64 CPURegList isn't updated to use (or extend) the new RegList interface, because of its weird type-erasing semantics (it can store Registers and VRegisters). Maybe in the future we'll want to get rid of CPURegList entirely and use RegList/DoubleRegList directly. R=leszeks@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: I997156fe4f4f2ccc40b2631d5cb752efdc8a5ad2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3525084Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#79484}
-
Clemens Backes authored
It turned out that on arm and arm64 we over-estimated the code size of a Wasm module quite a bit. This CL adds some more output for the --trace-wasm-compilation-times flag, and adds a script to compute the factors we use for code size estimates from that output. I ran the script on a few benchmarks (an older Epic module, the current Photoshop module, and the benchmark from the linked bug), and adjusted the constants accordingly. Also, simplify the API of {ReservationSize} to only return a single number, and fail internally if we need to allocate more than the engine supports (which would only fail for artificially large modules). R=jkummerow@chromium.org Bug: chromium:1302310 Change-Id: I5b2c27ff3e360fb6738cf5dd697bcee09e106b6d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3522067Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#79482}
-
haoyuintel authored
This CL fixed cmpq in TestMoveSmi by using cmp_tagged and further optimizes Move(Register, Smi) for 31-bit negative Smi. To move a Smi of -1 to register, the disassembly before the commit is as: 48c7c0feffffff REX.W movq rax, 0xfffffffe The disassembly after the commit is as: b8feffffff movl rax, 0xfffffffe Bug: v8:12696 Change-Id: I6fafeec7959491ba8b084acf797c58910c2928fa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3514654Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Haoyu Zhang <haoyu.zhang@intel.com> Cr-Commit-Position: refs/heads/main@{#79475}
-
Clemens Backes authored
This reverts commit 6e2c9bb2. Reason for revert: Fails layout test: external/wpt/wasm/serialization/arraybuffer/transfer.window.html Original change's description: > [serialize] copy bytes for non detachable array_buffer > in WriteJSArrayBuffer when array_buffer is not in > array_buffer_transfer_map_ > > According to https://html.spec.whatwg.org/multipage/structured-data.html#structuredserializeinternal > steps 13.3.2-4, should normally serialize array buffer which > is not detachable > > Bug: v8:12703 > Change-Id: I4554c5d07ae85e1a96a728ebba04c6a071575f6f > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3518910 > Reviewed-by: Marja Hölttä <marja@chromium.org> > Commit-Queue: Marja Hölttä <marja@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79466} Bug: v8:12703 Change-Id: I548ab191ab7d0f8fa699958396a5e32e34d39568 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3524742 Auto-Submit: Clemens Backes <clemensb@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#79474}
-
- 14 Mar, 2022 11 commits
-
-
Milad Fa authored
Port: c69b0c80 Change-Id: Ie29079f976c7ab6fa14e5edc1da296a9e75b1bcf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3523822Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#79471}
-
Nikolaos Papaspyrou authored
This CL moves the call to GCTracer::StopCycle for the full GC from Heap::CompleteSweeping full, which is called to force sweeping to finish, to GCTracer::NotifySweepingComplete, which is called as soon as sweeping finishes --- and symmetrically to a new method GCTracer::NotifyCppGCCompleted, which is called as soon as sweeping of the managed C++ heap finishes. In this way, a full GC cycle is reported as soon as sweeping is finished both for the V8 and the C++ managed heap. The changes introduced in this CL are essentially a partial revert of https://crrev.com/c/3456563, fixed in such a way that when the full GC cycle is reported, the current tracer event will be the correct one corresponding to that cycle. Bug: v8:12503 Bug: chromium:1154636 Change-Id: Icea07cf35a9565994e798b0500e9da72cd95f9ac Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497318Reviewed-by: Omer Katz <omerkatz@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org> Cr-Commit-Position: refs/heads/main@{#79470}
-
Darius Mercadier authored
This reverts commit 3d5d99ff. Reason for revert: causes this crash: https://bugs.chromium.org/p/chromium/issues/detail?id=1303458 Original change's description: > [compiler] let InstructionSelector duplicate branch conditions > > Bug: v8:12484 > Change-Id: I44c2028efadbd70e7711f01d107995e0462f05d4 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3477094 > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Commit-Queue: Darius Mercadier <dmercadier@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79239} Bug: chromium:1303458, v8:12484 Change-Id: I129467bcb2507f2fba894f5dd58304eb139f739c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3522069Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Darius Mercadier <dmercadier@chromium.org> Cr-Commit-Position: refs/heads/main@{#79469}
-
jameslahm authored
strict parameters error before parse parentheses expression in ParsePrimaryExpression clear last next_arrow_function_info tracked strict parameters error, avoid throw syntax error when parse arrow function nested in a parentheses expression. Bug: v8:12688 Change-Id: Ib190ff5e04c9a83329c59421e9dd44f5a5907b07 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3516729Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#79468}
-
Victor Gomes authored
Bug: v8:7700 Change-Id: Ib3b3f453e162e0913b8077ac8f8b9e2273deaed9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3521783 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79467}
-
jameslahm authored
in WriteJSArrayBuffer when array_buffer is not in array_buffer_transfer_map_ According to https://html.spec.whatwg.org/multipage/structured-data.html#structuredserializeinternal steps 13.3.2-4, should normally serialize array buffer which is not detachable Bug: v8:12703 Change-Id: I4554c5d07ae85e1a96a728ebba04c6a071575f6f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3518910Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#79466}
-
Milad Fa authored
Running `OS::AllocatePageSize()` on PPC simulator (which runs on x64 Linux) will make a `sysconf(_SC_PAGESIZE)` call which returns the native x64 Linux page size and not the PPC specific page size. This can cause a problem if used along side the current value of `kPageSizeBits` which is set to use PPC value even on Sim. As an example a newly added DHCECK under https://crrev.com/c/3497363 was failing on PPC Sim as a call to `AllocatableMemoryInDataPage` was being made which used kPageSizeBits on Sim. Meanwhile another function was using the `page_size_bits` value which gets set by _SC_PAGESIZE. The mismatch caused an incorrect final value being generated which failed the DCHECK. Change-Id: Iaf2d9cff16bbe5f6be5f3ec6a13b99be94776f48 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3519758Reviewed-by: Junliang Yan <junyan@redhat.com> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#79465}
-
Marja Hölttä authored
The fuzzers were passing the flag --es-staging which doesn't exist. This CL updates them to pass the flag --harmony which does exist. Change-Id: I02c83026e5b9bdf49e51e700f16702bf56cd49e8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3522064Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#79464}
-
Toon Verwaest authored
If a value is in multiple registers, pick one of them to be freed. Bug: v8:7700 Change-Id: I1886b977187b4d8e939ff106edde4ccf716661d7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3522063 Auto-Submit: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79463}
-
Victor Gomes authored
The CL implements binary operations bytecodes as generic nodes that call the correspondent runtime builtin. Bug: v8:7700 Change-Id: I82c5e20e4103d4ef367184af1242bae7f7f93fe0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3509392Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#79462}
-
jameslahm authored
- inline Array.prototype.indexOf in js-call-reducer - inline Array.prototype.includes in js-call-reducer Bug: v8:12390 Change-Id: Idb5669da3019f0f56af0084fccd1d616d4c5098e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3473994Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#79461}
-