- 10 Aug, 2020 5 commits
-
-
evih authored
A new field for signature type was added to WasmExportedFunctionData. It is set to 0 or 1 depending on the parameter count. (It's set and being used only in 0 and 1 parameter cases.) Added new JS tests for 1 parameter wasm functions. Bug: v8:10701 Change-Id: I349d881a2860f1a50b91e08d0126ca71c5f6483b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2339622 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/master@{#69302}
-
Dominik Inführ authored
New space size needs to be adjusted during global safepoint. Bug: v8:10315 Change-Id: I670024faa55ce68a4091af6f358f45d20c66fa0b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2239573Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/master@{#69301}
-
Sathya Gunasekaran authored
Previously, all ThisExpression's had kNoSourcePositions leading to incorrect error messages like this: ➜ d8 -e "function t() { for (const x of this) {} } t();" unnamed:1: TypeError: undefined is not a function function t() { for (const x of this) {} } t(); ^ TypeError: undefined is not a function at t (unnamed:1:11) at unnamed:1:43 This patch allows creation of a ThisExpression with a source position, leading to a better error message: ➜ d8 -e "function t() { for (const x of this) {} } t();" unnamed:1: TypeError: this is not iterable function t() { for (const x of this) {} } t(); ^ TypeError: this is not iterable at t (unnamed:1:32) at unnamed:1:43 This patch does not remove the existing cached version of ThisExpression and instead creates a new one when required. Bug: v8:6513 Change-Id: Idee4fe8946a9b821d06ff4a5e7eaefe54874ec59 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2345226Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#69300}
-
Marja Hölttä authored
Bug: chromium:1105318 Change-Id: I105fc4cfc1b781dc0a481c7bee9faee1923f474f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2343071 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/master@{#69299}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/de527f4..7dff8d4 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/95f204a..6b794b9 TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com Change-Id: I1e8f66ecd8475053fe710f5e961a727aedb1f3f1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2345610Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#69298}
-
- 09 Aug, 2020 1 commit
-
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/a740400..de527f4 Rolling v8/third_party/aemu-linux-x64: OPyy2ts1trS4QpWQ4KGvoohvI1WfiBoTrjuFjdL-PcsC..NHKI_hy9EiYHTk25-SwU9lqq_Nmk1LQ748n-ZAtBu9YC TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com Change-Id: I04fa691b73931aef5f4d44b9f43493d5a64962f4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2344793Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#69297}
-
- 08 Aug, 2020 1 commit
-
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/2943e82..a740400 Rolling v8/buildtools: https://chromium.googlesource.com/chromium/src/buildtools/+log/1ecfe3c..b00ad0a Rolling v8/buildtools/linux64: git_revision:3028c6a426a4aaf6da91c4ebafe716ae370225fe..git_revision:e327ffdc503815916db2543ec000226a8df45163 Rolling v8/third_party/aemu-linux-x64: xa2xI0A-kKlMVwMtJRzexwWWPSwHynmUpB0Z6C9Y7wkC..OPyy2ts1trS4QpWQ4KGvoohvI1WfiBoTrjuFjdL-PcsC Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/5cf00e2..c4d3ff4 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/24289f2..0fa91d0 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/e6863f8..95f204a TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com Change-Id: I6b94a2aa7ecec9e2f3e158a54f21cd808720d6a1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2341731Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#69296}
-
- 07 Aug, 2020 13 commits
-
-
Santiago Aboy Solanes authored
Drive-by: Also from WordOrSmiShr Bug: v8:9708, v8:6949 Change-Id: Ic00b91988abf2120b433809dac3871eb887b8484 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2339614Reviewed-by: Dan Elphick <delphick@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#69295}
-
Mythri A authored
Temporarily turnoff dynamic map checks for TurboProp to measure the impact after changing OSR heuristics. Bug: v8:10582, v8:9684 Change-Id: Ia458be139bf7c281bda40cbcd76e7a0c3fa5d60b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2343070Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#69294}
-
Almothana Athamneh authored
Bug: chromium:1110824 Change-Id: I77835942a81b6430ec23c16fa41dabac857e8c22 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2343079Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> Cr-Commit-Position: refs/heads/master@{#69293}
-
Michael Achenbach authored
Bug: v8:10788 Change-Id: Iebc3f8dd892fd0f8123feaf11333eae6832589dc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2342852Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#69292}
-
Andreas Haas authored
Up until now. we only checked the size of tables defined in a module at instantiation time. For imported tables we only checked if the imported table matched the declared import in size. This causes a problem because we allocate function tables also for imported tabled before we actually look at the imported table. With this CL we first check the size of all tables, and only then start to initialize and load them. R=jkummerow@chromium.org Bug: chromium:1114006 Change-Id: Iaf194ed21fb83304fe3a7f0f7ba7b282396e3954 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2339473 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#69291}
-
Marja Hölttä authored
Forgetting to add a new bytecode into the lists in serializer-in-background-compiler.cc results in a confusing CHECK failure. This moves the failure to a discoverable place. Change-Id: I3e78b4702bfa724748ec8ed3f7f49e0eedc504fc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2324246 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#69290}
-
Andreas Haas authored
The cast from uint32_t to int caused an integer overflow that let a bounds check succeed that should have failed. R=jkummerow@chromium.org Bug: chromium:1114005 Change-Id: Iea1af70af300be54c2a33d7dd10b3faa34d56eaa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2339472Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#69289}
-
Almothana Athamneh authored
Bug: chromium:1113183 Change-Id: Ic877bf392756733c2b61a834016a3d6bf7f48f2a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2339103 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#69288}
-
Marja Hölttä authored
The test have been rewritten to be more robust -> maybe they're robust enough for the GC fuzzer (DelayedTasksPlatform)? Bug: v8:10239 Change-Id: I743cc2f804357aaef888bff7985dfb68a7feec5f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2342848Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#69287}
-
Zeynep Cankara authored
This CL unifies the custom events by creating classes specialised based on the event type. Multiple entry selection causes panels to emit 'showentries' event. Single entry selection causes panels to emit 'showentrydetail' event. The events are received by the controller App class and updates the view of the panels and state of the app. Bug: v8:10644 Change-Id: Ibe26223459ba605c6d6d3f0025bf3a556dfb0578 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335188 Commit-Queue: Zeynep Cankara <zcankara@google.com> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#69286}
-
Marja Hölttä authored
They're not valid, since the embedder is allowed to process tasks in several threads, if they do it in a thread safe manner. Bug: v8:10239 Change-Id: I6c397a8bba75ab7aec3ee8ea8de416af817d9514 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2342846Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#69285}
-
Leszek Swirski authored
This reverts commit 60ee70bb. Reason for revert: wasm-api-tests/WasmCapiTest.Serialize starts flaking: https://crbug.com/v8/10784 Original change's description: > [wasm] Ensure that only TurboFan code is serialized > > We have the implicit assumption that Liftoff code will never be > serialized, and we start relying on that when implementing new features > (debugging, dynamic tiering). > > This CL makes the serializer fail if the module contains any Liftoff > code. Existing tests are changed to ensure that we fully tiered up > before serializing a module (similar to the logic in Chromium). > The "wasm-clone-module" test needs to serialize the module before > enabling the debugger. > > Note that chrome currently only serializes a module after it fully > tiered up, so that should be fine. If other embedders need the ability > to serialize a module in an arbitrary state, we will have to fix this > later. With this CL we will be on the safe side though and (gracefully) > fail serialization instead of accidentally serializing Liftoff code. > > R=ahaas@chromium.org > > Bug: v8:10777 > Change-Id: I1245e5f7fda3447a544c1e3525e1239cde759174 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2336799 > Commit-Queue: Clemens Backes <clemensb@chromium.org> > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Cr-Commit-Position: refs/heads/master@{#69276} TBR=ahaas@chromium.org,clemensb@chromium.org Change-Id: Ic1349375bd562bb0a2724c39c27ef3247461c97b No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:10777 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2342845Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#69284}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/2e78142..2943e82 Rolling v8/third_party/aemu-linux-x64: TfK3Whl6AfZifLOotcOS_jvckKztERlPvmVyZo16fN0C..xa2xI0A-kKlMVwMtJRzexwWWPSwHynmUpB0Z6C9Y7wkC Rolling v8/third_party/android_platform: https://chromium.googlesource.com/chromium/src/third_party/android_platform/+log/c1f84dc..5edcbfd Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/ac60992..5cf00e2 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/486f181..24289f2 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/1078c41..e6863f8 Rolling v8/tools/luci-go: git_revision:56ae79476e3caf14da59d75118408aa778637936..git_revision:b022173f8069cf8001d4cf2a87ce7c5f0eae220f Rolling v8/tools/luci-go: git_revision:56ae79476e3caf14da59d75118408aa778637936..git_revision:b022173f8069cf8001d4cf2a87ce7c5f0eae220f Rolling v8/tools/luci-go: git_revision:56ae79476e3caf14da59d75118408aa778637936..git_revision:b022173f8069cf8001d4cf2a87ce7c5f0eae220f TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com Change-Id: I783e91f9c10a8c295a9df81a16f85fdbecfcc13c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2340190Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#69283}
-
- 06 Aug, 2020 20 commits
-
-
Georg Neis authored
The test relies on certain maps not dying but didn't ensure that. Bug: v8:10783 Change-Id: I708f7fc027ee0bf5656be9bb4f29130f5b924597 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2340912Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Auto-Submit: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#69282}
-
Bill Budge authored
This is a reland of ce249dbb As it's unchanged, TBR=leszeks@chromium.org,tebbi@chromium.org Original change's description: > [torque] Port some constructor builtins to Torque. > > - FastNewFunctionContextEval > - FastNewFunctionContextFunction > - CreateEmptyLiteralObject > - CreateRegExpLiteral > - CreateEmptyArrayLiteral > - CreateShallowArrayLiteral > - CreateShallowObjectLiteral > - NumberConstructor > - ObjectConstructor > - GenericLazyDeoptContinuation > > Bug: v8:9891 > > Change-Id: Idd4bf035d8dbeec03b9ef727e1bfb80eab4bc43c > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2311411 > Commit-Queue: Bill Budge <bbudge@chromium.org> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/master@{#69082} Bug: v8:9891 Change-Id: I566d4167c02488ef6a9a1c73015af5e2f484a31d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2330382 Commit-Queue: Bill Budge <bbudge@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#69281}
-
Santiago Aboy Solanes authored
This will ensure that the PersistentHandles are all created, and in the OptimizedCompilationInfo before going into Exectute. Bug: v8:7790 Change-Id: I1bc4f45153113c48422371498ff2cf79a1267737 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2336803Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#69280}
-
Milad Farazmand authored
Change-Id: I0362b4123ccce5d2709b1705453a32697581e526 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2339551Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#69279}
-
Santiago Aboy Solanes authored
Now that we are using PersistentHandles, we don't need it anymore. Bug: v8:7790 Change-Id: Id0b9d555191c00fb08dc2bb9099746076c5ad1b7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2332161 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#69278}
-
Thibaud Michaud authored
Spill registers before stack checks so that we can inspect them, similar to traps. OSR during a stack check is still unsupported and will be fixed in a follow-up CL. R=clemensb@chromium.org Bug: v8:10235 Change-Id: I22c2da6b3f79b30c3838c568f9680204afc85d36 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2339467 Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#69277}
-
Clemens Backes authored
We have the implicit assumption that Liftoff code will never be serialized, and we start relying on that when implementing new features (debugging, dynamic tiering). This CL makes the serializer fail if the module contains any Liftoff code. Existing tests are changed to ensure that we fully tiered up before serializing a module (similar to the logic in Chromium). The "wasm-clone-module" test needs to serialize the module before enabling the debugger. Note that chrome currently only serializes a module after it fully tiered up, so that should be fine. If other embedders need the ability to serialize a module in an arbitrary state, we will have to fix this later. With this CL we will be on the safe side though and (gracefully) fail serialization instead of accidentally serializing Liftoff code. R=ahaas@chromium.org Bug: v8:10777 Change-Id: I1245e5f7fda3447a544c1e3525e1239cde759174 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2336799 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#69276}
-
Marja Hölttä authored
This is a reland of 28ead054 The failure is a test that is sensitive to adding a function in a FunctionTemplate in d8: https://bugs.chromium.org/p/v8/issues/detail?id=10783 Original change's description: > [Atomics.waitAsync] Fix removing multiple nodes when Isolate deinits > > RemoveNode already nullifies the next_ pointer of FutexWaitListNode, > and DeleteAsyncNode was trying to retrieve it. > > Bug: v8:10239 > Change-Id: I595885de87f433d263eeacfc825a689efd467f5e > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2332812 > Commit-Queue: Marja Hölttä <marja@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Shu-yu Guo <syg@chromium.org> > Cr-Commit-Position: refs/heads/master@{#69259} Bug: v8:10239 Tbr: leszeks@chromium.org Change-Id: Icec590354886433a0b41c8f9b7af7101b54b7690 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2339469Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#69275}
-
Maya Lekova authored
TBR=cbruni@chromium.org Bug: chromium:1052746 Change-Id: Ib61b06bcc4cd7cf9cfa741899322739e807605b0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2339619 Commit-Queue: Maya Lekova <mslekova@chromium.org> Auto-Submit: Maya Lekova <mslekova@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#69274}
-
Marja Hölttä authored
Bug: v8:10783 No-Try: true Change-Id: I605813842af639158909bce13e162869b3cfc6db Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2339621 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#69273}
-
Z Nguyen-Huu authored
Just a fast iteration over bytes written in Torque for Smi number and non-decimal radix, also only for more than one string character result. Improve following micro-benchmark by ~75% Before toHexString toHexString-Numbers(Score): 7905000 After toHexString toHexString-Numbers(Score): 14419000 Bug: v8:10477 Change-Id: I366092d4d70156ad33830352c1122af8794bea76 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2330221 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#69272}
-
Leszek Swirski authored
This reverts commit 28ead054. Reason for revert: mjsunit/compiler/serializer-transition-propagation failure seems to bisect to this (despite looking unrelated): https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/32532 Original change's description: > [Atomics.waitAsync] Fix removing multiple nodes when Isolate deinits > > RemoveNode already nullifies the next_ pointer of FutexWaitListNode, > and DeleteAsyncNode was trying to retrieve it. > > Bug: v8:10239 > Change-Id: I595885de87f433d263eeacfc825a689efd467f5e > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2332812 > Commit-Queue: Marja Hölttä <marja@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Shu-yu Guo <syg@chromium.org> > Cr-Commit-Position: refs/heads/master@{#69259} TBR=ulan@chromium.org,marja@chromium.org,syg@chromium.org Change-Id: I5db179aec5a04f59770903b17d059a7150c7efbd No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:10239 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2339466Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#69271}
-
Leszek Swirski authored
Changes the isolate's string table into an off-heap structure. This allows the string table to be resized without allocating on the V8 heap, and potentially triggering a GC. This allows existing strings to be inserted into the string table without requiring allocation. This has two important benefits: 1) It allows the deserializer to insert strings directly into the string table, rather than having to defer string insertion until deserialization completes. 2) It simplifies the concurrent string table lookup to allow resizing the table inside the write lock, therefore eliminating the race where two concurrent lookups could both resize the table. The off-heap string table has the following properties: 1) The general hashmap behaviour matches the HashTable, i.e. open addressing, power-of-two sized, quadratic probing. This could, of course, now be changed. 2) The empty and deleted sentinels are changed to Smi 0 and 1, respectively, to make those comparisons a bit cheaper and not require roots access. 3) When the HashTable is resized, the old elements array is kept alive in a linked list of previous arrays, so that concurrent lookups don't lose the data they're accessing. This linked list is cleared by the GC, as then we know that all threads are in a safepoint. 4) The GC treats the hash table entries as weak roots, and only walks them for non-live reference clearing and for evacuation. 5) Since there is no longer a FixedArray to serialize for the startup snapshot, there is now a custom serialization of the string table, and the string table root is considered unserializable during weak root iteration. As a bonus, the custom serialization is more efficient, as it skips non-string entries. As a drive-by, rename LookupStringExists_NoAllocate to TryStringToIndexOrLookupExisting, to make it clearer that it returns a non-string for the case when the string is an array index. As another drive-by, extract StringSet into a separate header. Bug: v8:10729 Change-Id: I9c990fb2d74d1fe222920408670974a70e969bca Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2339104 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#69270}
-
Georg Neis authored
There were a few places where we would do such verification even without --verify-heap. The CL changes these to be in line with all the rest. Change-Id: Ia43708104c7d7818dc8d41d645a84f9b5e7446a8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2336796 Auto-Submit: Georg Neis <neis@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Commit-Queue: Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/master@{#69269}
-
Omer Katz authored
This is a revival of https://chromium-review.googlesource.com/c/v8/v8/+/2228332 The CL establishes the following: *) Objects are marked before being pushed to the worklists. *) Live bytes are always accounted after tracing an object (i.e. move from Gray to Black below). *) Previously not fully constructed objects are traced immediately instead of pushed to the marking worklist. This establishes the following invariants for all marking worklists: 1) White = !object.is_marked() && !worklist.contains(object) 2) Gray = object.is_marked() && worklist.contains(object) 3) Black = object.is_marked() && !worklist.contains(object) Bug: chromium:1056170 Change-Id: I821573b3fbc057e6ffb836154271ff986ecb4d2b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2336797Reviewed-by: Anton Bikineev <bikineev@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/master@{#69268}
-
Andreas Haas authored
We used to check the size of tables at compile time, and threw a CompilationError if a given size exceeded the implementation-defined limit. However, the spec defines that an error should only be thrown when the implementation-defined limit is reached, which is either at instantiation time of during runtime at a table.grow. With this CL the V8 implementation becomes spec compliant in this regard. R=jkummerow@chromium.org Bug: v8:10556 Change-Id: I7d0e688b385a65e4060a569e5ab1dec68947ceea Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2326331 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#69267}
-
Marja Hölttä authored
Bug: v8:10239, v8:10775 Change-Id: I0189dd8a71ef82d7c863f26511790a1ca426f72d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2340906Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#69266}
-
Clemens Backes authored
Wasm recently switched from spawning a number of background tasks for compilation to just using a single job (via the pretty new {Platform::PostJob} API). This caused major regressions in several benchmarks running in d8, because the {DefaultPlatform} is only using half of the available worker threads for executing jobs with "user visible" priority. This CL changes this to use all available worker threads for "user blocking" or "user visible" jobs, and two threads for "best effort" jobs. The limit of two threads for best effort is identical to what chromium does with best effort *tasks*. For user blocking and user visible, chromium does not impose any limit, so we also remove the limitation to half of the threads from d8. Drive-by: Use {NewDefaultJobHandle} for constructing {DefaultJobHandle}. R=mlippautz@chromium.org CC=ahaas@chromium.org, gab@chromium.org, etiennep@chromium.org Bug: chromium:1113234, chromium:1101340 Change-Id: I9280e649a1cf3832c562ff7251e8bda0103af111 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2339481Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Commit-Queue: Hannes Payer <hpayer@chromium.org> Auto-Submit: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#69265}
-
Tobias Tebbi authored
This is a reland of 408e7240 Change: Allow CSA load elimination accross code comments Original change's description: > [torque] typed context slot access > > This introduces a new type Slot<ContextType, SlotType> that is used > for enum values used to access context slots. > Together with new types for the various custom contexts used in > Torque, this results in fairly type-safe access to context slots, > including the NativeContext's slots. > > Drive-by changes: > - Introduce a new header file to specify headers needed for > generated CSA headers, to reduce the amount of includes specified > in implementation-visitor.cc > - Port AllocateSyntheticFunctionContext to Torque. > > Bug: v8:7793 > Change-Id: I509a128916ca408eeeb636a9bcc376b2cc868532 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2335064 > Commit-Queue: Tobias Tebbi <tebbi@chromium.org> > Reviewed-by: Seth Brenith <seth.brenith@microsoft.com> > Cr-Commit-Position: refs/heads/master@{#69249} Bug: v8:7793 Change-Id: I1fe100d8d62e8220524eddb8ecc4faa85219748d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2339462Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#69264}
-
Zeynep Cankara authored
This CL sync the timeline-tracks positions upon receiving a horizontal scrolling event. Bug: v8:10644 Change-Id: I69bc1066a3f5da6ddc978ad71fe77820df8066bd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2336806 Commit-Queue: Zeynep Cankara <zcankara@google.com> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#69263}
-