- 10 Dec, 2020 15 commits
-
-
cjihrig authored
This commit updates the gen-postmortem-metadaa.py script to incorporate changes in V8 8.5. This removes the need to float a patch to the script in Node.js. Change-Id: I6532495bee906f51eb2b773ec38ff0a6e404dafe Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2582705Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Joyee Cheung <joyee@igalia.com> Cr-Commit-Position: refs/heads/master@{#71699}
-
Omer Katz authored
Add fields to HeapOptions to denote on heap creation that the heap does not support incremental/concurrent marking/sweeping. This only applies to standalone heaps. When triggering a GC (either explicitly or by the heap growing heuristics), the given config is limited to not trigger unsupported marking/sweeping types. Bug: chromium:1156170 Change-Id: Id7b5cf82962e7c40920f942df9415d798e2b6686 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2581961 Commit-Queue: Omer Katz <omerkatz@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#71698}
-
Andreas Haas authored
R=ecmziegler@chromium.org Change-Id: I35b87585a1fab35fd2e0265d0cf74a092521a872 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2584244Reviewed-by: Emanuel Ziegler <ecmziegler@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#71697}
-
Clemens Backes authored
The NativeModule should not die before the WasmEngine, since state owned by the engine will still be accessed in the destructor of the NativeModule. This CL ensures that by moving the OperationsBarrier from the CompilationStateImpl to the NativeModule. R=thibaudm@chromium.org, etiennep@chromium.org Bug: v8:11250, v8:11243 Change-Id: Ic4d69222e9e6076578c35986b0051817dbd8dbef Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_isolates_rel_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2581959 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/master@{#71696}
-
Clemens Backes authored
So far we reported the script ID, but DevTools ignores that and uses the source url instead. That url was just set to "wasm ", which the frontend couldn't make any sense of. This CL fixes this by passing the source URL to the code create event, and also setting the position of the code inside the script (i.e. wasm module). R=thibaudm@chromium.org, petermarshall@chromium.org Bug: chromium:1125986 Change-Id: Ic41dcd2768c60fd6748468d3a89fc4ffccb35932 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2581543 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Reviewed-by: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#71695}
-
Andreas Haas authored
NOTRY=true R=thibaudm@chromium.org CC=clemensb@chromium.org Change-Id: I387421edeb1404479e76aaae6f73c6b956672cf5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2581966Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#71694}
-
Andreas Haas authored
NOTRY=true R=manoskouk@chromium.org Bug: v8:9495 Change-Id: I72142c4992e969852341b49a8e5628b53ec1d5b9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2581965Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#71693}
-
Peter Marshall authored
Function prototypes can be lazily allocated. This means they go into the temporary objects set that debug-eval uses to figure out if a write will be side-effect free. We were incorrectly classifying writes to function prototypes as side-effect free because the prototype happened to be lazily allocated when we first accessed it during debug-eval, but was actually reachable from the function (not allocated temporarily). To do this we introduced a way to temporarily turn off the temporary object tracking, and we use it when lazily allocating function prototypes. This could mean that we incorrectly report side-effects when writing to function prototypes for functions which were themselves created during debug-eval side-effect free mode. However, it's unclear if this is a problem, because function declarations set global variables which would already throw due to side-effects. Bug: chromium:1154193 Change-Id: I444a673662095f6deabaafdce3cdf3d86b71446d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2581968Reviewed-by: Simon Zünd <szuend@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#71692}
-
Frank Tang authored
This is a reland of c9c3ec4c Original change's description: > [intl] Clean up intl_segmenter flag > > Intl.Segmenter shipped in m87 and launched. > > Bug: v8:11225 > Change-Id: I4213e261e1aea717c1281f19785a8c29ff1bbd8b > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2570461 > Commit-Queue: Frank Tang <ftang@chromium.org> > Reviewed-by: Shu-yu Guo <syg@chromium.org> > Cr-Commit-Position: refs/heads/master@{#71653} Bug: v8:11225, v8:11240 Change-Id: Ibded9038671862d90206d328f8a12db51c40e63c Cq-Include-Trybots: luci.v8.try:v8_linux64_gc_stress_custom_snapshot_dbg_ng,v8_linux_arm64_gc_stress_dbg_ng,v8_linux_gc_stress_dbg_ng,v8_mac64_gc_stress_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2579043 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/master@{#71691}
-
Peter Marshall authored
Bug: v8:10996 Change-Id: I90a1e7bb8b5b961c5d22f53cd1319f25194c66bf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2581967 Auto-Submit: Peter Marshall <petermarshall@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Reviewed-by: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#71690}
-
LiuYu authored
Bug: v8:11215 Change-Id: Ib608e580f1b460640d19b6dc6acb09f2fad289b6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2578654 Auto-Submit: Liu yu <liuyu@loongson.cn> Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Reviewed-by: Zhi An Ng <zhin@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#71689}
-
Zhi An Ng authored
Add new macro-assembler instructions that can handle both AVX and SSE. In the SSE case it checks that dst == src1. (This is different from that the AvxHelper does, which passes dst as the first operand to AVX instructions.) Sorted SSSE3_INSTRUCTION_LIST by instruction code. Header additions are added by clangd, we were already using something from those headers via transitive includes, adding them explicitly gets us closer to IWYU. Codegen sequences are from https://github.com/WebAssembly/simd/pull/380 and also https://github.com/WebAssembly/simd/pull/380#issuecomment-707440671. Bug: v8:11086 Change-Id: I4c04f836e471ed8b00f9ff1a1b2e6348a593d4de Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2578797 Commit-Queue: Zhi An Ng <zhin@chromium.org> Reviewed-by: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#71688}
-
Zhi An Ng authored
SSE2_INSTRUCTION_LIST is unchanged, just sorting by the opcode. Added ucomisd to the SSE2_UNOP_INSTRUCTION_LIST. The disassembly for these instructions were mixed with some other special cases, extracted those out into their own clauses. Bug: v8:11074 Change-Id: I34871d4bff79d714c006eb5fd96225f7589cf115 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2576886 Commit-Queue: Zhi An Ng <zhin@chromium.org> Reviewed-by: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#71687}
-
Zhi An Ng authored
Bug: v8:11008 Change-Id: Ic72e71eb10a5b47c97467bf6d25e55d20425273a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2575784Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#71686}
-
Zhi An Ng authored
Implement vclt and add some assembler tests. Bug: v8:10983 Change-Id: I78c701180ddc90af4b59db86a25188f281167366 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2575783 Commit-Queue: Zhi An Ng <zhin@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#71685}
-
- 09 Dec, 2020 15 commits
-
-
Maya Lekova authored
Bug: v8:11240 Change-Id: Idaf06d76d4cfb5458922b476c08a60148972165f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2581962 Auto-Submit: Maya Lekova <mslekova@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#71684}
-
Milad Fa authored
Prototype v128.{load,store}{8,16,32,64}_lane on arm. Code for instruction selector is put in comments, will be moved into instruction-scheduler-ppc.cc once we mark it as implemented under instruction-scheduler.cc. Bug: v8:10975 Change-Id: I43be8f32d0324ffb34220889365340e319fbb9d0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2581622Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#71683}
-
Clemens Backes authored
Looks like this was accidentally added in https://crrev.com/c/979952. The file is not loaded by any other test, hence we don't need the dependency. R=machenbach@chromium.org Cq-Include-Trybots: luci.v8.try:v8_android_arm64_n5x_rel_ng Change-Id: I02f25924980c02e6091bd5d275763adb66bd0b27 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2578977 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#71682}
-
cjihrig authored
Refs: https://chromium-review.googlesource.com/c/v8/v8/+/2509594 Change-Id: I98f55b404c0b2b26fbee0453b976119b39255b31 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2565273Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Joyee Cheung <joyee@igalia.com> Cr-Commit-Position: refs/heads/master@{#71681}
-
Clemens Backes authored
We currently report "wasm " as the source URL on all wasm code, with no position information. This will change in a follow-up CL. To make that difference visible, extend a test to show the URL and position reported for wasm code. R=thibaudm@chromium.org Bug: chromium:1125986 Change-Id: I09f1820d591f27c1ff3c2acb41f8e279ac08a9e7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2575071Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#71680}
-
Clemens Backes authored
Since there is no dependence defined in gn, the other file will not be uploaded to android devices for testing. We could add this dependence, but not selectively for the one test which actually needs that dependence. Hence fix it by duplicating the test body instead. R=mslekova@chromium.org CC=machenbach@chromium.org Change-Id: Ic65eea05a865cf4f521f66e293c4725bc2861444 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2577475Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#71679}
-
Andrey Kosyakov authored
This includes a fix to issue 1156334. BUG: chromium:1156334 Change-Id: I27a97436d7a1ed567077495846dc6260ca3f2340 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2580408Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Auto-Submit: Andrey Kosyakov <caseq@chromium.org> Cr-Commit-Position: refs/heads/master@{#71678}
-
Manos Koukoutos authored
Diamond patterns need to be chained to the current control node. This was not done consistently in wasm code, particularly the parts implementing asm-js specific instructions. Additionally, the graph structure for BuildI32AsmjsDivS is improved. Change-Id: I4a17e431b5795c197bf56dd034ff5e7d95dd6db0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2578982Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/master@{#71677}
-
Michael Achenbach authored
Seems after an OS upgrade the dimension Mac-11 doesn't work anymore as swarming captures it only under Mac-11.0. No-Try: true Bug: chromium:1156547 Change-Id: If3f975c0aa6f8930634681c5cb05e3fdf58f322b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2579922 Auto-Submit: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#71676}
-
Andreas Haas authored
R=manoskouk@chromium.org Bug: v8:11074 Change-Id: I5a0d99d22b683aee7bd63d68335ef7f775cf0816 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2579921Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#71675}
-
Camillo Bruni authored
- Display the source code in the code-panel - Add selection dropdown to code-panel - Add more filter propertyNames to CodeLogEntry - Rename list panel titles to "XXX List" - Add +10, +100 buttons for LazyTables - Add Color.darken Change-Id: Ia41c41c1d6cc949dfe766397ba6b72edc29797aa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2578945Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Auto-Submit: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#71674}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/115823d..68a1580 Rolling v8/buildtools: https://chromium.googlesource.com/chromium/src/buildtools/+log/6302c11..86a7f72 Rolling v8/third_party/aemu-linux-x64: SdFzWCen9aCYiL4t1JtDSA-58NHJJaXuKuTxYN5wLfgC..FZmiNfUmb6lJR28DxZkS03xoY4oJh4177LjCbVwbpCMC Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/3b055d3..99b0e4a TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com Change-Id: Id938d3b2e20644da2ed03e1824cefd66eea89ffe Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2581070Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#71673}
-
Zhi An Ng authored
Bug: v8:11217 Change-Id: I82719eb2c4b35cc54fc1b4b6f01eca6a48afb152 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2576884Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#71672}
-
Zhi An Ng authored
Add new instruction vpaddl for signed and unsigned integers, adding assembler, disassembler, simulator support, and also tests. The signed and unsigned opcodes for vpaddl are separate enums, because the helper EncodeNeonUnaryOp only takes a NeonSize (not NeonDataType). I considered changing the signature, but none of the other instructions use a NeonDataType, so it seems unnecessary. Bug: v8:11086 Change-Id: I5e6694ae407779c1fd3604c5a40ca0a1b6ce061b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2578233Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#71671}
-
Zhi An Ng authored
Add a new option to disassembler NEON size encoded in instructions with two registers, 'size2. Rename the current only to 'size3. Clean up existing operations to use this new formatting option. Bug: v8:11074 Change-Id: Ie309d93d24602439c3293c8bbfd6c2ecbc9fdfb7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2575786Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#71670}
-
- 08 Dec, 2020 10 commits
-
-
Paolo Severini authored
The GDB-stub for Wasm debugging (which builds with the flag v8_enable_wasm_gdb_remote_debugging) doesn't build anymore after a few changes in the interface of wasm::DebugInfo. This CL fixes the build, and also adds a few small changes to the protocol. Change-Id: I250a8c86fd83048434e68cbdc5cb8ae243577393 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2571341Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Philip Pfaffe <pfaffe@chromium.org> Commit-Queue: Paolo Severini <paolosev@microsoft.com> Cr-Commit-Position: refs/heads/master@{#71669}
-
Milad Fa authored
As an example, kEagerWithResumeDeoptExitSize is always expected to emit a 6 byte instruction "brcl", however, if the branch offset is small enough, brc (a 4 byte instruction) might get emitted. We need a way to force the emission of brcl at times like above. Change-Id: Ic42c1ad80098067df6a0049bdde20e90f12ef1b0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2578061Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#71668}
-
Andrew Comminos authored
Currently, GetConsName incorrectly includes the null terminator as part of the length used in the string's hash. Exclude this to be consistent with GetCopy, GetName, etc. and permit coalescing. Bug: v8:0 Change-Id: I1e8a4eb7055637f3ed178014725b44e84d7788b6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2578192Reviewed-by: Peter Marshall <petermarshall@chromium.org> Commit-Queue: Andrew Comminos <acomminos@fb.com> Cr-Commit-Position: refs/heads/master@{#71667}
-
Z Nguyen-Huu authored
This is follow-up of 289d25c1 Improve loop using Subslice, improve common-case check. Bug: v8:8996 Change-Id: I59ba14b87e1b034fd2d41c92a506e142550363ce Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2527608 Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#71666}
-
Milad Fa authored
Prototype v128.{load,store}{8,16,32,64}_lane on Big Endian machines. Lood/Stores need to be reversed manually on BE machines and as such LoadLane and StoreLane opcodes cannot be done in a single instruction. Therefore we divide them into separate "Load/Store" and "operation" nodes. Bug: v8:10975 Change-Id: If21c9663de41b872fe035d15526830f244605c48 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2577820Reviewed-by: Zhi An Ng <zhin@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#71665}
-
Seth Brenith authored
Currently, all runtime C++ code generated for Torque macros all goes into a single .cc file and corresponding header. This is simple, but limits how we can use that generated code. For example, field accessors are generally expected to be inlinable at compilation time (not relying on LTO). This change updates the Torque compiler to output runtime C++ code into the same *-tq-inl.inc files that contain implementations of member functions for generated classes. All Torque macros transitively called from the top-level macros are included in the same file, to avoid any need for these generated files to #include each other. These macros are emitted within per-file namespaces to avoid multiple-definition build failures. Bug: v8:7793 Change-Id: Ic9ac3748c5020a05304773a66d7249efdc56b080 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2565067 Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#71664}
-
Clemens Backes authored
This is a reland of ab4d9717. The original CL did a std::move before the final use of the NativeModule. PS2 removes that. TBR=petermarshall@chromium.org, thibaudm@chromium.org Original change's description: > [wasm] Pass the script ID to code logging > > We didn't pass a script ID with the code creation events for profiling. > This made DevTools lose the connection to the wasm script, hence > jumping from the profiler entry to the source did not work. > > This CL changes the timing of code logging a bit such that the script is > always allocated before logging. In the queue of code to be logged we > then also store the script ID, and finally set it on the {CodeEntry} > object. > > R=thibaudm@chromium.org > > Bug: chromium:1125986 > Change-Id: I2248c1d520bc819436bbe732373f7a3446b64f48 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2575057 > Commit-Queue: Clemens Backes <clemensb@chromium.org> > Reviewed-by: Peter Marshall <petermarshall@chromium.org> > Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> > Cr-Commit-Position: refs/heads/master@{#71654} Bug: chromium:1125986 Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng Change-Id: I2a7c5fe04fff726836b1279e3d05b1702a4efb76 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2578980Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#71663}
-
Etienne Pierre-doray authored
This is a reland of 064ee3c8 Issue 1: WasmEngine UAF when CompilationState is destroyed asynchronously Fix: Include https://chromium-review.googlesource.com/c/v8/v8/+/2565508 in this CL. Use OperationBarrier to keep WasmEngine alive. Issue 2: In gin, JobTask lifetime is not extended beyond JobHandle, thus making CancelAndDetach unusable. This is fixed in chromium here: https://chromium-review.googlesource.com/c/chromium/src/+/2566724 Original change's description: > Reland "[wasm]: Use CancelAndDetach and barrier on BackgroundCompileJob." > > Reason for revert: Data race: > https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20TSAN/34121 > > It was assume that MockPlatform runs everything on 1 thread. However, > MockPlatform::PostJob previously would schedule the job through > TestPlatform, which eventually posts concurrent tasks, thus causing > data race. > Fix: Manually calling NewDefaultJobHandle and passing the MockPlatform > ensures the jobs also run sequentially. > > Additional change: > - CancelAndDetach is now called in ~CompilationStateImpl() to make sure > it's called in sequence with ScheduleCompileJobForNewUnits > > Original CL description: > To avoid keeping around a list of job handles, CancelAndDetach() is > used in CancelCompilation. Dependency on WasmEngine is handled by a > barrier that waits on all jobs to finish. > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2498659 > Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Clemens Backes <clemensb@chromium.org> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Cr-Original-Commit-Position: refs/heads/master@{#71074} > Change-Id: Ie9556f7f96f6fb9a61ada0e5cbd58d4fb4a0f571 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2559137 > Commit-Queue: Etienne Pierre-Doray <etiennep@chromium.org> > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Cr-Commit-Position: refs/heads/master@{#71459} TBR=ulan@chromium.org Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_isolates_rel_ng Change-Id: I6175092c97fea0d5f63a97af232e2d54cccea535 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2569360 Commit-Queue: Etienne Pierre-Doray <etiennep@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#71662}
-
Manos Koukoutos authored
In AnalyzeLoopAssignment, tail calls were marked as invalidating the memory cache, which in turn caused its reloading in generated code. This is not correct since return calls end the current control branch. Change-Id: Id3b5e60a810915ace6d9b0b13160177251adaa5e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2578981Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/master@{#71661}
-
Clemens Backes authored
This reverts commit ab4d9717. Reason for revert: UBSan issues: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/14184/overview Original change's description: > [wasm] Pass the script ID to code logging > > We didn't pass a script ID with the code creation events for profiling. > This made DevTools lose the connection to the wasm script, hence > jumping from the profiler entry to the source did not work. > > This CL changes the timing of code logging a bit such that the script is > always allocated before logging. In the queue of code to be logged we > then also store the script ID, and finally set it on the {CodeEntry} > object. > > R=thibaudm@chromium.org > > Bug: chromium:1125986 > Change-Id: I2248c1d520bc819436bbe732373f7a3446b64f48 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2575057 > Commit-Queue: Clemens Backes <clemensb@chromium.org> > Reviewed-by: Peter Marshall <petermarshall@chromium.org> > Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> > Cr-Commit-Position: refs/heads/master@{#71654} TBR=petermarshall@chromium.org,clemensb@chromium.org,thibaudm@chromium.org Change-Id: I03c90c77b55e770797a6d66b1d778992a047e07a No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:1125986 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2575070Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#71660}
-