- 24 May, 2022 28 commits
-
-
Frank Tang authored
Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaintime.prototype.tozoneddatetime Bug: v8:11544 Change-Id: I147b1d21b4728520c5667a30548ec77f71d7445a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3554456Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80730}
-
Clemens Backes authored
The Runtime_WasmCompileLazy function was returning a ptr-sized address, wrapped in an Object. This worked because no GC is triggered between the return from the runtime function and the point where we jump to the returned address. In a pointer-compressed world though, generated code assumes that all objects live in the same 4GB heap, so comparisons only compare the lower 32 bit. On a 64-bit system, this can lead to collisions where a comparison determines that the returned address equals a heap object, even though the upper 32-bit differ. This happens occasionally in the wild, where the returned function entry pointer has the same lower half than the exception sentinel value. This leads to triggering stack unwinding (by the CEntry stub), which then fails (with a CHECK) because there is no pending exception. This CL fixes that by returning a Smi instead which is the offset in the jump table where the kWasmCompileLazy builtin should jump to. The builtin then gets the jump table start address from the instance object, adds the offset that the runtime function returned, and performs the jump. We do not include a regression test because this failure is very spurious and hard to reproduce. R=jkummerow@chromium.org Bug: chromium:1311960 Change-Id: I5a72daf78905904f8ae8ade8630793c42e223984 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663093 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#80729}
-
Patrick Thier authored
The underlying issue was fixed with https://crrev.com/c/3660258 Bug: v8:12883 Change-Id: If7a1fdaf122396396cfbaaae3a68ef89bafc1703 Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663342 Auto-Submit: Patrick Thier <pthier@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#80728}
-
Clemens Backes authored
The Wasm C API currently disabled dynamic tiering, in order to have deterministic behaviour for serialization of Wasm modules. As dynamic tiering is now shipped, also the C API should follow. Serialization of a Wasm module now just serializes the current state, so embedders are responsible for warming up a module before serializing it. If requested, we can add an internal API to enforce full tier-up of all functions, but we will leave that for later. R=ahaas@chromium.org, jkummerow@chromium.org Bug: v8:12899 Change-Id: I55df63f0b6c1f285e4983f9f7d5fb66aa41637bd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3660261Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#80727}
-
Junliang Yan authored
Change-Id: Ifbfa391482215ed13954422fef028a5697ac6bb8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663149Reviewed-by: Milad Farazmand <mfarazma@redhat.com> Commit-Queue: Junliang Yan <junyan@redhat.com> Cr-Commit-Position: refs/heads/main@{#80726}
-
Junliang Yan authored
Change-Id: I25b6f6d76177394e3812ce506a06381a1afcc863 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663148Reviewed-by: Milad Farazmand <mfarazma@redhat.com> Commit-Queue: Junliang Yan <junyan@redhat.com> Cr-Commit-Position: refs/heads/main@{#80725}
-
Junliang Yan authored
Change-Id: Ic7ac221c18f242740ae088b856d9295cd1256936 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663147Reviewed-by: Milad Farazmand <mfarazma@redhat.com> Commit-Queue: Junliang Yan <junyan@redhat.com> Cr-Commit-Position: refs/heads/main@{#80724}
-
Leszek Swirski authored
Same pattern as Int32 compare ops. Bug: v8:7700 Change-Id: Ia090cb97d6c5c99c6aa719ec5db1a2a8e2156472 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663340Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80723}
-
Peter Kasting authored
Math between disparate enums is deprecated. Use constexprs instead. This requires switching some caller code to work with the new non-enum constants also. Bug: chromium:1284275 Change-Id: Ifb3c8757ed62e2a0966120f830f0a7e282b53a16 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3661148 Auto-Submit: Peter Kasting <pkasting@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Peter Kasting <pkasting@chromium.org> Cr-Commit-Position: refs/heads/main@{#80722}
-
Leszek Swirski authored
We can check map validity cells for Sminess without checking their value, since their value as a Smi (and not a Cell) should always be "valid" Change-Id: Ie73079107144e352c358c0ec42abd0c10bdcf73a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663090 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#80721}
-
Leszek Swirski authored
Clean up a couple of the StoreHandler methods returning Builtins to directly return the Code object, so that it can be used as a handler straight away without having to go via the MakeCodeHandler helper (which wasn't making anything anymore). Change-Id: I4976829d25e2bdad0cf41088b76121ac9b500cd5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663083 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#80720}
-
Camillo Bruni authored
Bug: v8:7700 Change-Id: I6b03c715153c7e9a63abc848ac87faef809b49a8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663089Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80719}
-
Dominik Inführ authored
Stop the unmapper tasks before running a full GC. This ensures that all freed memory is actually reusable in the following full GC. We also need to keep freed pages around until after the GC in order to be able to perform page flags checks on them when updating pointers. However, when unmapper tasks are still running pages freed during the GC may be unmapped too early. Bug: chromium:1327132 Change-Id: I4fde7853b987975ae6ef304e89c53eb20b004d55 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3660247 Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80718}
-
Dominik Inführ authored
Fix failing tests with --no-use-map-space enabled. Bug: v8:12578 Change-Id: I121b0d22cd69e76b6c5c02d1f83a166af0610b83 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663343Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#80717}
-
Michael Lippautz authored
The phase is generally sub-ms. What's left as a follow up is to remove the finalization step that schedules a finalization step (including embedder callbacks) through a stack guard. Bug: v8:12775 Change-Id: I35f36e5ba07f9acb4e92acf2a414559ccd6ad9bd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663081 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#80716}
-
Leszek Swirski authored
Print the function, bytecode and feedback vector of any function we attempt to compile with maglev while any of the printing flags are enabled. Bug: v8:7700 Change-Id: I92831fbd6c687e10afee7e0698ef2c42d11c63ee Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3663085 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#80715}
-
Liu Yu authored
Due to differences in compiler versions and optimization levels, std::floor treats snan differently, as does std::ceil and std::trunc. So the implementation of some instructions is sometimes inconsistent with the physical machine. We add extra processing to them. Besides, fix Loong64Debugger::Debug error in simulator, IsTrap returns true only if break is encountered. Change-Id: I240d91ed658645a2453162107b6dd172735fbfef Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3661259Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Auto-Submit: Liu Yu <liuyu@loongson.cn> Cr-Commit-Position: refs/heads/main@{#80714}
-
jameslahm authored
... timeout in the big websnapshot tests. Bug: v8:12891 Change-Id: I7837ba985f835e20af294ea0206dfafb5def7619 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3660705Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80713}
-
Dominik Inführ authored
Instead of invoking both the generational and marking barrier explicitly, we can just invoke the combined barrier which does both for us. Also we simply use the full write barrier for all writes in the deserializer. While we could avoid the generational barrier in a few cases, this only costs us a single predictable untaken branch without an additional load. Bug: v8:11708 Change-Id: Iebd0af06efe42a3ac4e5725131362600ab16bc7a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3662900 Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80712}
-
Solomon Kinard authored
Change-Id: I924a2b4dc4ab5e7be22fd2a9a1084473ba65fc35 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3651039Reviewed-by: Hannes Payer <hpayer@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80711}
-
Patrick Thier authored
Disable --always-use-string-forwarding-table when --shared-string-table is set. With --shared-string-table we can have parallel GCs in multiple client isolates. With --always-use-string-forwarding-table we can have young generation strings in the forwarding table, requiring table updates when the string gets promoted. This is not supported for parallel GCs. This CL also reverts the incorrect try to fix an issue with these flag combination introduced in https://crrev.com/c/3650719 Bug: v8:12877, v8:12007 Change-Id: I49a2aa300af36b82007a7d215afe9a70ac1ce39e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3660258 Commit-Queue: Patrick Thier <pthier@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#80710}
-
Frank Tang authored
Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaindate.prototype.tozoneddatetime Bug: v8:11544 Change-Id: I758e46efdc33cfc3f336e5c595a402123ae6c485 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3535920Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80709}
-
Frank Tang authored
Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaindate.prototype.with https://tc39.es/proposal-temporal/#sec-temporal.plainyearmonth.prototype.with https://tc39.es/proposal-temporal/#sec-temporal.plainmonthday.prototype.with Bug: v8:11544 Change-Id: I311d6246646ce18503804352bc95a374af3d8c6e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3565014Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80708}
-
Frank Tang authored
Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.plaindate.prototype.toplaindatetime Bug: v8:11544 Change-Id: Ie86a5d8a2f1206a44d0e74638392ae26e0f8e900 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3534454Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80707}
-
Frank Tang authored
Spec text: https://tc39.es/proposal-temporal/#sec-temporal.plaindatetime.prototype.withplaintime Bug: v8:11544 Change-Id: I5277fb88675bb6d99b028a289329db06b95cc003 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3565026 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80706}
-
Frank Tang authored
Sync to PR2036 https://github.com/tc39/proposal-temporal/pull/2036 Treat -000000 in DateExtendedYear as syntax error Bug: v8:11544 Change-Id: I8cf7a506e85ad2b74d572142d646f3f98cd8bffa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3633620 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#80705}
-
Lu Yahan authored
Change-Id: Ie6c88a0e371b2ce0bfad6ac887168e08fce26c05 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3662541 Commit-Queue: ji qiu <qiuji@iscas.ac.cn> Auto-Submit: Yahan Lu <yahan@iscas.ac.cn> Reviewed-by: ji qiu <qiuji@iscas.ac.cn> Cr-Commit-Position: refs/heads/main@{#80704}
-
Shu-yu Guo authored
Bug: v8:12764 Change-Id: I7e76647be838749b723400914b144b9ec2a27cd7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3656520 Commit-Queue: Shu-yu Guo <syg@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#80703}
-
- 23 May, 2022 12 commits
-
-
Andrey Kosyakov authored
This includes conversion of python scripts to python3. Change-Id: I5c05b3ab2aa00711a0dc26f1885a73f0ef4dbd85 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3530115Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Andrey Kosyakov <caseq@chromium.org> Cr-Commit-Position: refs/heads/main@{#80702}
-
Deepti Gandluri authored
Also remove the SKIP statement for relaxed min/max tests Bug: v8:12284 Change-Id: Iff67fe2a1c281295f237fbb95a9a36da668f27e1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3651530Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/main@{#80701}
-
Joyee Cheung authored
Previously the LookupIterator ignores private symbols (including private names) for the access check. This patch removes these exceptions so that they are always checked. Drive-by: removes the unused should_throw parameter in Runtime::DefineObjectOwnProperty() Bug: chromium:1321899 Change-Id: I9677b1e377f01d966daa1603eee1ed9535ffab92 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3623419Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Joyee Cheung <joyee@igalia.com> Cr-Commit-Position: refs/heads/main@{#80700}
-
Manos Koukoutos authored
Not peeling very large loops gives speedups on some benchmarks. Change-Id: Ifbdf08ddaee0e9c638238a6bcf4a3a5ea319b817 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3660243 Auto-Submit: Manos Koukoutos <manoskouk@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/main@{#80699}
-
Leszek Swirski authored
Fix requesting an Int32 from a tagged value that was already converted to Float64 (because it was on one side of Number feedback but was itself a Smi), and DoubleRegister locations in deopts. Bug: v8:7700 Change-Id: I01615a6c520c9e086f3544c2656aa04bf3fc1eaa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3660254Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80698}
-
Seth Brenith authored
My previous change https://crrev.com/c/3597106 led to some performance regressions in time spent on parsing and compilation. Those regressions might be due to increasing the reuse of old top-level SharedFunctionInfos. If the top-level SFI is old enough that its bytecode can be flushed, then perhaps other SFIs within the script have already been flushed. In that case, discarding information from a background compilation or code cache deserialization could be harmful. Bug: v8:12808, chromium:1325566, chromium:1325567, chromium:1325601 Change-Id: Ia7651bed86eecdbef8878e6132b894ed10163cdc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3657472 Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80697}
-
Benedikt Meurer authored
This was an oversight in https://crrev.com/c/3557234, which led to a really weird developer experience: once a `window.onerror` handler was installed, typing into the Console or other side-effect free debug evaluations triggered this handler. Fixed: chromium:1328008 Bug: chromium:1295750 Change-Id: I4029ff19ceb7cfe0a8eb6afff19c3ef9a4a82e25 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3660253 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/main@{#80696}
-
Marja Hölttä authored
It sometimes meant just the field and sometimes the computed byte length. This rename makes it less confusing. Bug: v8:11111 Change-Id: I64bb8b6b9be2befb57d53ae5456b6ce8f6472456 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3657429Reviewed-by: Shu-yu Guo <syg@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#80695}
-
Leszek Swirski authored
Add an implementation of BranchIfInt32Compare, which is emitted whenever a compare op is immediately followed by a branch. Bug: v8:7700 Change-Id: I2c56d9de199bac8de33b33201f8614aee8e9894e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3647693Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80694}
-
Liu Yu authored
SimulatorBase::ConvertArg should be a protect member so that CallArgument::CallArgument can access it. Change-Id: I60b23b45c2247cd28e73808df7b77e604d154932 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3659057Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Auto-Submit: Yu Liu <liuyu@loongson.cn> Cr-Commit-Position: refs/heads/main@{#80693}
-
Leszek Swirski authored
Add an implementation of compare ops which, like binary ops, speculatively reads integers (but still returns a tagged true/false value). Bug: v8:7700 Change-Id: I38f0ba99f8f7af30c89d0b987e28483c9610463f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3657440 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#80692}
-
Leszek Swirski authored
We weren't always clearing latest_checkpoint_state on merge points, so bottleneck it in a better location. Bug: v8:7700 Change-Id: Iaac5922d769d97d49b85613d5390196a14ad8059 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3657437Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80691}
-