- 31 Aug, 2021 16 commits
-
-
Omer Katz authored
Prefinalizers have long been forbidden to allocate. This restriction often proved problematic and has caused several issues in the past. This CL adds support for allowing allocations in prefinalizers. At the start of prefinalizer invocations we clear the linear allocation buffers, such that all allocations go through the slow path for allocation. The slow path checks whether prefinalizers are currently being invoked and marks the newly allocated object if they are (i.e. black allocation during prefinalizers). The new behavior is disabled by default and can be enabled by setting the cppgc_allow_allocations_in_prefinalizers gn arg to true. Bug: chromium:1056170 Change-Id: Ib86e780dcff88fa7b0f762ac2ab83c42393d33af Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3097877 Commit-Queue: Omer Katz <omerkatz@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#76606}
-
Martyn Capewell authored
Instrument floating-point operations to set a flag if the result is NaN. Port: e699762e Bug: v8:11856 Change-Id: Iae8121dd17ae8acf402ac74e41122cad77387db7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3099945Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Martyn Capewell <martyn.capewell@arm.com> Cr-Commit-Position: refs/heads/main@{#76605}
-
Camillo Bruni authored
Bug: chromium:1244320 Change-Id: I4472f7ffbc3f6a0ec5ca12f9e8b3501d3f0d3dc0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3133140 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/main@{#76604}
-
Pierre Langlois authored
The PipelineRunScope scope is live on every Run() phase and it isn't allowed to nest. This means we cannot open a new PipelineRunScope during TraceScheduleAndVerify() because it can be called in the middle of a Run(), which we do during effect-control-linearization in the JS pipeline. We can fix this by directly using a RuntimeCallTimerScope and a tracing event, instead of relying on PipelineRunScope to do that. Change-Id: I3c17b2c0a58ff3cac0d1dcc796f54d29b3444468 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3132506 Auto-Submit: Pierre Langlois <pierre.langlois@arm.com> Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/main@{#76603}
-
Georg Neis authored
Fixed: v8:12154, v8:7790 Change-Id: Ib5f3617f6d992b5916faf623ddced06d6e81bbfd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3132960Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/main@{#76602}
-
Jakob Gruber authored
Bug: v8:7790,v8:12149 Change-Id: I0c23b2c1126b2a950efe848973618407f64afeb7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3132268 Auto-Submit: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/main@{#76601}
-
Clemens Backes authored
Avoid an additional copy of the name, and inline single-use (and small) functions. Also, use an early exit for the generic wrapper to make the code simpler. R=zhin@chromium.org Bug: v8:11879 Change-Id: Ic66a2c9430f7c3481b9038d2a517c4c76888503b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3132267Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#76600}
-
Michael Lippautz authored
Double-checked locking pattern for destruction was missing the acquire barrier for the initial load. TSAN complained with a data race where: T1: ClearAllUsedNodes(), clearing out the node T2: a. if(GetNodeSafe()) { Lock; ... } T2: b. operator delete Since GetNodeSafe() was a relaxed load, operator delete was allowed to be reordered which raced with ClearAllUsedNodes(). Bug: chromium:1239081, chromium:1242795 Change-Id: I3906555b13cc51538a1a54b7ca481a96d81fd84e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3132264 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Reviewed-by: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#76599}
-
Michael Achenbach authored
Until now, the cross-over mutator would choke on several expressions from DB and bail out (just wastes some time). We also have a script, test_db.js to test on how many expressions it is going to bail out. With this change, we already omit adding such expressions to the DB in the first place. As a result, the test_db script now returns zero failing expressions (while all other expressions remain). Regression tests that now no longer apply are removed, instead a test is added that ensures that a failing expression isn't added to the DB. No-Try: true Bug: chromium:1044942 Change-Id: I14a4fe802c99114cf3a8f71188273475a7cb9c13 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3129340Reviewed-by: Liviu Rau <liviurau@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#76598}
-
Manos Koukoutos authored
WasmModuleBuilder is a class that is used to build Wasm modules in the asm.js parser, in the fuzzer, as well as some tests. When it comes to Wasm tables, WasmModuleBuilder currently supports only basic tables (before the reftypes proposal) using an ad-hoc indirect-function index vector. This CL adds proper support for element sections and tables that use them in the full potential of the reftypes extension. The new functionality will only be used in the fuzzer and potentially some tests in the future. Along this, we drop some functionality from WasmModuleBuilder that was only used in tests and is redundant with the new architecture. Additionally, we remove tables other than externref and funcref from the fuzzer (which were not supported properly or used anyway). We will reintroduce them at a later time. Bug: v8:11954 Change-Id: I0a4f6e7b63b6e3d9f7da03b5202fbf14d8678332 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3122162 Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#76597}
-
Jakob Gruber authored
- Move the compilation-dependency.h header contents into compilation-dependencies.cc; - add macro lists to define type checks and casts; - add invalidated dependency tracing to the --trace-compilation-dependencies flag (renamed from --trace-code-dependencies). Bug: v8:7790 Change-Id: I34b950cd0b79b8d2673b1195599aec763f6b60d1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3129420 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/main@{#76596}
-
Liu Yu authored
Change-Id: I99351dd92dacf4d8d9160b2e33213b830657516e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3131952Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Auto-Submit: Liu yu <liuyu@loongson.cn> Cr-Commit-Position: refs/heads/main@{#76595}
-
Lu Yahan authored
Bug: v8:12151 Change-Id: I97d15e9089164c05715b3121839d4bd6ba08cb70 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3131782Reviewed-by: Ji Qiu <qiuji@iscas.ac.cn> Commit-Queue: Ji Qiu <qiuji@iscas.ac.cn> Cr-Commit-Position: refs/heads/main@{#76594}
-
Andrew Brown authored
This change implements longer-width SIMD instructions in the x64 assembler by adding 256-bit versions to one of the conversion macros. This emits mostly floating-point arithmetic and some boolean operations; see `SSE_UNOP_INSTRUCTION_LIST` and `SSE_BINOP_INSTRUCTION_LIST`. Design doc: https://docs.google.com/document/d/1VWZbkO5c_DdxlJObmSLN_9zQUZELVgXyudbpzv5WQM0 Change-Id: I36d56ee09d6b71f66734342cb37bfc9d4801d654 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3123648Reviewed-by: Zhi An Ng <zhin@chromium.org> Commit-Queue: Shiyu Zhang <shiyu.zhang@intel.com> Cr-Commit-Position: refs/heads/main@{#76593}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/609fda6..36b1f71 Rolling v8/buildtools: https://chromium.googlesource.com/chromium/src/buildtools/+log/66ed234..ac4ea2d Rolling v8/buildtools/third_party/libc++abi/trunk: https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libcxxabi/+log/996cd74..be47d0e Rolling v8/third_party/aemu-linux-x64: ddSGEd1PA5UG-ur2YFNiaY2SuddaJRHJB8HprZVuD68C..CPOECXfDP5keozFnmr0QOiSuGL3ELWB3zIOKJ0CkoAwC Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/bd0674c..d4534cc Rolling v8/third_party/instrumented_libraries: https://chromium.googlesource.com/chromium/src/third_party/instrumented_libraries/+log/9a8087b..ee10dbd TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I1425b7839fc335143338ae375ebc966c37a39210 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3131926Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#76592}
-
Milad Fa authored
template specialisations must be defined outside of class body to prevent the following compilation error: error: explicit specialization in non-namespace scope Change-Id: Ic4b74a28cd21d96991ad784fbd3c598668ffc476 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3129881Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#76591}
-
- 30 Aug, 2021 24 commits
-
-
Michael Lippautz authored
This guards against concurrent usages of PageBackend::Lookup() from HeapRegistry which can race with adding/removing pages. This race only manifests in debug mode. Change-Id: If34dbc255faeda085e522501ff2995693cd97b2e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3129702 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/main@{#76590}
-
Michael Achenbach authored
This was missing in one of the last refactorings. No-Try: true Bug: chromium:1044942 Change-Id: I2c6bfc75251fad61f35a75afec3a1b2682175d68 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3127705Reviewed-by: Liviu Rau <liviurau@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#76589}
-
Clemens Backes authored
The wasm-compile fuzzer sometimes needs to generate a boolean flag from the input bytes. Since the general {DataRange::get} method results in undefined behaviour if instantiated with the {bool} type, we are getting an 8-bit value instead and looking at the least significant bit only. This CL improves this situation by implementing a template specialization for {bool} which uses the same trick, and uses that instead of hand-coding the modulo operation at the call sites. R=manoskouk@chromium.org Bug: v8:11879 Change-Id: I6f9ce02dd8d9cd0998b83e081e4c6ca773e6cb53 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3129429Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#76588}
-
Z Nguyen-Huu authored
Bug: v8:12131 Change-Id: Id3800e20b136c9fc16770e8a5d5c95e4674c0069 No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3119380Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#76587}
-
Seth Brenith authored
Most Torque-defined extern classes already use CPP class generation. As Nico pointed out in [1], it would be nice to convert the remaining classes and remove this option. This change converts most of those remaining classes. I know that the future of Torque-defined classes is a subject of some debate right now, but I think that it's worth doing a few mechanical changes to reduce the existing variety of options. A couple of minor fixes in the Torque compiler were required so that it generates correct code for shapes. [1] https://docs.google.com/document/d/1q_gZLnXd4bGnCx3IUfbln46K3bSs9UHBGasy9McQtHI/edit# Bug: v8:8952 Change-Id: I7e6087153a18d6ee80e67926793e8ba8e01d501e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3015666Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Anton Bikineev <bikineev@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/main@{#76586}
-
Jakob Gruber authored
Bug: chromium:1209444 Change-Id: I4ec16a718061063dc01ec0d7c4a397c220e684c0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3127718 Auto-Submit: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/main@{#76585}
-
Georg Neis authored
... by removing some obsolete code. Bug: v8:7790 Change-Id: Iad31b60de5905ba05e1c622e81c3234071752e9f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3124806 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#76584}
-
Michael Lippautz authored
Back references to C++ objects may point to objects that never have their graph nodes materializes through other C++ edges. We can just create a graph node in this case, and avoid delaying the merging completetly. Bug: chromium:1244522 Change-Id: I0e9cb7a89ee90bfba217bc8475ac40bd7fe92a0b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3129426Reviewed-by: Omer Katz <omerkatz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#76583}
-
Georg Neis authored
... by removing some obsolete code. Bug: v8:7790 Change-Id: I3a244ef5fc7fe15321e5bb1c9bb2fe794030ba3b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3124801 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#76582}
-
Victor Gomes authored
It seems like SP on heap does not produce too much memory fragmentation, therefore we do not need UndoLastAllocationAt. Bug: v8:11872 Change-Id: Id2e44405329b52c1dcd6cd81bfc72ffba00035ee Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3129428 Auto-Submit: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#76581}
-
Georg Neis authored
... by removing some obsolete code. Bug: v8:7790 Change-Id: I722031158d45335f3e086eb335a447fbc5066cac Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3124798 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#76580}
-
Omer Katz authored
Bug: chromium:1056170 Change-Id: Ie639dd00fa146fa1ea166c282cbdead329604922 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3129423 Commit-Queue: Omer Katz <omerkatz@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#76579}
-
Victor Gomes authored
Bug: v8:11872 Change-Id: Iaaf3ed68950a6a9fe60f91d73be8a0fbc17e1116 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3129424 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#76578}
-
Milad Fa authored
Port 67113424 Original Commit Message: Like https://chromium-review.googlesource.com/c/v8/v8/+/2994804, but for arm and arm64. R=thakis@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: I4fbc42c48db2c43e55279ab40681c0735106d454 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3129640Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#76577}
-
Georg Neis authored
... by removing some obsolete code. Bug: v8:7790 Change-Id: I32880d2a4fbd943ea0e485d8e8aff07ac9903e9d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3124795 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#76576}
-
Georg Neis authored
... by removing some obsolete code. Bug: v8:7790 Change-Id: Ie098055a1849de5d853c126e0c7275164f964ce8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3124774 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#76575}
-
Jakob Gruber authored
Flaky due to concurrent inlining. Unskip once fixed. Bug: v8:12149,v8:7790 Change-Id: I97345a37e68d7dcb671afe0fbb1332ad0be0de8c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3129422 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#76574}
-
Leszek Swirski authored
The log test checks for log positions, which may change when background serialization / background compilation are enabled. Fixed: v8:12117 Change-Id: I193c9c23e016fad1e3f06a9f377bb53db84a6988 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3129421 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#76573}
-
Patrick Thier authored
Allow %CompileBaseline on architectures that support Sparkplug independent of runtime flags. The deicsion based on --sparkplug runtime flag lead to spurious errors on correctness fuzzers. Bug: chromium:1244474 Change-Id: I764bd80cd7dff7e72729145c165dc039c594753c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3127719Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/main@{#76572}
-
Zhao Jiazhong authored
Change-Id: Ia976df987bd4027d8bf1b22711a9611847d2be8d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3124095Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#76571}
-
Georg Neis authored
Instead create the appropriate data on demand. Note that this changes behavior of the default configuration. Bug: v8:7790 Change-Id: Ia6bfcaace655c0fd72e2dcc0c2547195dc1cc4a7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3123419Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/main@{#76570}
-
Michael Achenbach authored
As with other crashes, also SIGABRT cuts of execution earlier. While the reason might be interesting in normal fuzzing, in correctness fuzzing, it leads to spurious reports due to the output differences. No-Try: true Bug: chromium:1242193 Change-Id: I6ee9a8e2a0254255d02b0106575931b523fbf666 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3124808 Auto-Submit: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#76569}
-
Jakob Gruber authored
If a stack overflow occurs inside the regexp parser, propagate that information to the parser. Bug: v8:896,chromium:1243989 Change-Id: I5ced27ff968ad97764e156643e1980b3a722af1a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3127717 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#76568}
-
Georg Neis authored
Bug: v8:7790 Change-Id: Iaa2f7e0e0ae552089867d2789ec4e541df2d6a24 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3123413Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/main@{#76567}
-