- 23 Jul, 2019 23 commits
-
-
Seth Brenith authored
This change begins to implement the functionality described in https://docs.google.com/document/d/1evHnb1uLlSbvHAAsmOXyc25x3uh1DjgNa8u1RHvwVhk/edit# for investigating V8 state in crash dumps. This change adds a new library, v8_debug_helper, for providing platform- agnostic assistance with postmortem debugging. This library can be used by extensions built for debuggers such as WinDbg or lldb. Its public API is described by debug-helper.h; currently the only method it exposes is GetObjectProperties, but we'd like to add more functionality over time. The API surface is restricted to plain C-style structs and pointers, so that it's easy to link from a debugger extension built with a different toolchain. This change also adds a new cctest file to exercise some basic interaction with the new library. The API function GetObjectProperties takes an object pointer (which could be compressed, or weak, or a SMI), and returns a string description of the object and a list of properties the object contains. For now, the list of properties is entirely based on Torque object definitions, but we expect to add custom properties in future updates so that it can be easier to make sense of complex data structures such as dictionaries. GetObjectProperties does several things that are intended to generate somewhat useful results even in cases where memory may be corrupt or unavailable: - The caller may optionally provide a type string which will be used if the memory for the object's Map is inaccessible. - All object pointers are compared against the list of known objects generated by mkgrokdump. The caller may optionally provide the pointers for the first pages of various heap spaces, to avoid spurious matches. If those pointers are not provided, then any matches are prefixed with "maybe" in the resulting description string, such as "maybe UndefinedValue (0x4288000341 <Oddball>)". Bug: v8:9376 Change-Id: Iebf3cc2dea3133c7811bcefcdf38d9458b02fded Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1628012 Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#62882}
-
Ulan Degenbaev authored
Bug: v8:7857 Change-Id: I3940ae2830adb6c572e079551b7bba7d84462afd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1715444Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#62881}
-
Ulan Degenbaev authored
The fix in https://chromium-review.googlesource.com/c/v8/v8/+/1698383 was not complete. We can have a case when a function is neither optmized or intepreted but still has a feedback vector. This can happen when the code of the function was flushed. Bug: v8:7857 Change-Id: I9cb6e474d79a5d4956301e87705af136baeaeb8a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1714875 Auto-Submit: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#62880}
-
Mythri A authored
Preparing the value for storing into a typed array is user visible operation in some cases (for ex: calling ToNumber). To avoid doing this conversion twice pass the converted to the runtime when bailing out from the handlers. Bug: chromium:981236 Change-Id: I3de23d317d22cd6c201fe8a4db30014f4cf76251 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1692932 Commit-Queue: Mythri Alle <mythria@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#62879}
-
Georg Schmid authored
This CL introduces generic Torque structs. Generics are grounded early in the Torque compilation pipeline, meaning that every instantiation of a generic struct with concrete types will be turned into a distinct StructType. As an example, consider a Tuple of types T1, T2: struct Tuple<T1: type, T2: type> { const fst: T1; const snd: T2; } which can be manipulated using generic macros, such as macro Swap<T1: type, T2: type>(tuple: Tuple<T1, T2>): Tuple<T2, T1> { return Tuple<T2, T1>{fst: tuple.snd, snd: tuple.fst}; } Currently there is no type inference for struct instantiation sites, so type arguments have to be provided explicitly: const intptrAndSmi = Tuple<intptr, Smi>{fst: 1, snd: 2}; R=sigurds@chromium.org, tebbi@chromium.org Change-Id: I43111561cbe53144db473dc844a478045644ef6c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1714868 Commit-Queue: Georg Schmid <gsps@google.com> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#62878}
-
Sathya Gunasekaran authored
Bug: v8:8179 Change-Id: Iccc3569fd59a2fdf7af708aacb404452289d5225 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1714874 Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Mathias Bynens <mathias@chromium.org> Cr-Commit-Position: refs/heads/master@{#62877}
-
Sathya Gunasekaran authored
Bug: v8:8179 Change-Id: I45f9b1c462edcc984d2b8cdc6c767c00e9f8cf64 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1714873 Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#62876}
-
Maya Lekova authored
This reverts commit 26dad80f. Reason for revert: Breaks d8, see https://ci.chromium.org/p/v8/builders/ci/V8%20Win32/22272 Original change's description: > [d8] Cleanup message queues > > Simplifies some of the logic of message queues in d8 and makes sure > to delete any in-flight messages upon worker termination. Drive-by > cleanups of some other small d8 vestiges. > > R=clemensh@chromium.org > BUG=v8:9524 > > Change-Id: I587c0cb3eeed88107e7dba552389057f07c15c43 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710673 > Commit-Queue: Ben Titzer <titzer@chromium.org> > Reviewed-by: Clemens Hammacher <clemensh@chromium.org> > Cr-Commit-Position: refs/heads/master@{#62873} TBR=titzer@chromium.org,clemensh@chromium.org Change-Id: Ibc15d9fb76698a2bad51e3842392634fb2f0246b No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:9524 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1714877Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#62875}
-
Sathya Gunasekaran authored
test262 tests use this to trigger a gc and test WeakRefs Bug: v8:8179 Change-Id: I84ca88f0bf11734ea65d7f6c2a5e5e2d13dccb7d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1714871Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Mathias Bynens <mathias@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#62874}
-
Ben L. Titzer authored
Simplifies some of the logic of message queues in d8 and makes sure to delete any in-flight messages upon worker termination. Drive-by cleanups of some other small d8 vestiges. R=clemensh@chromium.org BUG=v8:9524 Change-Id: I587c0cb3eeed88107e7dba552389057f07c15c43 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710673 Commit-Queue: Ben Titzer <titzer@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#62873}
-
Santiago Aboy Solanes authored
We now have branchful decompression so this needs to be updated. Also, the sxtw doesn't happen so it is not included in the regex. I don't know why this didn't block the other CL's submission. Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng Bug: v8:7703 Change-Id: I7044878c4811f1ba39e957bfcb9bc9c77ccba172 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1706482Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#62872}
-
Santiago Aboy Solanes authored
Also add tests for it. Drive-by fix: Use ChangeInt32ToCompressedSmi since we have it Cq-Include-Trybots: luci.v8.try:v8_linux64_pointer_compression_rel_ng Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng Bug: v8:7703 Change-Id: I45f04f8857acfc57b69eb4022a24ba082d28a91f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1708480Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#62871}
-
Sathya Gunasekaran authored
Bug: v8:8179 Change-Id: I6a4d7e899076fadf848c187f9f4d86a676455215 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1714865Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#62870}
-
Sathya Gunasekaran authored
This will be used when the [[NewTarget]] is from another realm and it's prototype is not an object. Bug: v8:8179 Change-Id: Ic69db3cd95753c77ef6f1e677e71e1e20da0a6c9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1714864Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#62869}
-
Sathya Gunasekaran authored
Bug: v8:9433, v8:8179 Change-Id: I10a643cac348a5a76b137427e5e0565db81e3dbb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1714649Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#62868}
-
Ben L. Titzer authored
This reverts commit 306cf403. Reason for revert: performance regressions / too near branch point TBR=mslekova@chromium.org BUG=v8:9380 Change-Id: If77630b73eafbf1190c823199fe2a34361da303f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1714867Reviewed-by: Ben Titzer <titzer@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#62867}
-
Ben L. Titzer authored
A benign datarace can occur between the array buffer tracker and using an arraybuffer as an asm.js memory. The former reads the {is_shared} bit, which should never change, and the latter writes the {is_asmjs_memory} bit, but no other bits. Since these bits are packed into a single word, TSAN reports a race. R=ulan@chromium.org BUG=v8:9531 Change-Id: Icceff211368e13794b6678b5fd7748fb5b3235bf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1714647 Commit-Queue: Ben Titzer <titzer@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#62866}
-
Sathya Gunasekaran authored
Bug: v8:8179 Change-Id: I4db5412b5ed60aa100198628bfa09903c89a5c0d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710675Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#62865}
-
Mythri A authored
Reland after splitting large classes further. es6/classes.js is large and causes timeouts and OOM on some of the configurations. Bug: v8:9246 Change-Id: I51952447eb6a6b46d78410d5d3798292f5a8d87d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1706061 Commit-Queue: Mythri Alle <mythria@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#62864}
-
Ulan Degenbaev authored
This fixes benign data races reported by TSAN when a shared layout descriptor is updated at the end. Change-Id: I76662cb5fc2b8ab1728e3d1bf42a55a107442eed Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1709422Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#62863}
-
Maya Lekova authored
Bug: v8:7790, chromium:985660 Change-Id: I4e931a4a23421982f05e16c8ffa2ccc68fb34b63 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1709423 Commit-Queue: Maya Lekova <mslekova@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#62862}
-
Pierre Langlois authored
With compressed pointers, `kArchStoreWithBarrier` is a 32-bit store instead of 64-bit, and this means the index has a differerent immediate range. Bug: v8:7703 Change-Id: If61c8544b0da87ba2779ba2c1a6963b52e3e5d9a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710674 Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#62861}
-
Michael Starzinger authored
This removes two shortcuts ("UndefinedValue" and "NullValue") from the instance object and instead loads those values via the root set which is also referenced from the instance. It makes instance objects smaller. Note that this also contains an optimization to make sure "undefined" is only loaded once and then re-used within a single wrapper. R=clemensh@chromium.org Change-Id: I421f202230e91790fa9c8263770b4e4bbd3c47bd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710670Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#62860}
-
- 22 Jul, 2019 17 commits
-
-
Yang Qin authored
Change-Id: I43f342c3552e195fe5d96b07c93be7bfef5a708a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1713006Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#62859}
-
Debrian Figueroa authored
Allows writing of output error to json output path specified. Bug: chromium:985959 Change-Id: I4bbc94dbc8b0c21f1ce75e722c69fab18eeb1f01 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710205 Commit-Queue: Debrian Figueroa <debrian@google.com> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#62858}
-
Deepti Gandluri authored
Change-Id: I27f960268ae3aaf61ae8d7903e1b3b057e5d5ac8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710158Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/master@{#62857}
-
Frank Tang authored
1. Fix formatToParts show "plusSign" for -0 by using signbit instead of < 0 2. Fix crash bug of formatToParts while notation is either "engineering" or "scientific". Bug: v8:9513 Change-Id: I36b0b995c157dc642b9c201694d0ac0bb0396988 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710148 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#62856}
-
Adam Klein authored
Previously, if the new length was less than the current length, we ignored the "configurable" value and set the length as requested. We already threw if the new length was greater than or equal to the current length. New behavior matches the spec and other implementations. Bug: v8:9460 Change-Id: Idb92fd121bdaa707f6abd2d2082628bbf3541b83 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1709336Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#62855}
-
Ng Zhi An authored
Bug: v8:8460 Change-Id: I1d05e8a832d1b70f07c6782669c7b07764c7341d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1708454Reviewed-by: Bill Budge <bbudge@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#62854}
-
Milad Farazmand authored
Port cd34523b Original Commit Message: With this CL we add proposal tests to the wasm-spec-tests. For this I extended the update-wasm-spec-tests.sh script. Additionally to generating the spec tests it does the following: For each proposal it identifies those tests that are different to the spec tests, and then copies those tests also to the wasm-spec-tests directory. Additionally I adjusted the test runner of the wasm spec test to run the proposal tests with the correct flags. R=ahaas@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: Ia976d8017cacb61b46fe076c39ade6bc6137b7e9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1708989Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#62853}
-
Yang Qin authored
Added if statements to check if VECTOR_FACILITY are supported in order to avoid “illegal instruction” errors during SIMD tests on old s390 machines. Change-Id: I1ab841db02e6c47de54d4a15b973e5366f88e117 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1704937Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#62852}
-
Yang Qin authored
Change-Id: I3541750049c4a17a294f819f278d69943565a2a0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1707933Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Commit-Queue: Junliang Yan <jyan@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#62851}
-
Milad Farazmand authored
Port 4ca8b4dd Original Commit Message: This adds decoding and compilation of the "atomic.fence" operator, which is intended to preserve the synchronization guarantees of higher-level languages. Unlike other atomic operators, it does not target a particular linear memory. It may occur in modules which declare no memory, or a non-shared memory, without causing a validation error. See proposal: https://github.com/WebAssembly/threads/pull/141 See discussion: https://github.com/WebAssembly/threads/issues/140 R=mstarzinger@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG=v8:9452 LOG=N Change-Id: Ib8ad24e65154d7555a47e537f81110be47f4d4de Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710620 Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com> Reviewed-by: Junliang Yan <jyan@ca.ibm.com> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#62850}
-
Clemens Hammacher authored
Instead of computing the jump table slot, and subtracting the start of the jump table, we can just compute the offset directly. This method is then used to compute jump table slots. R=titzer@chromium.org Change-Id: I634e5ee71a0d2e9d0d2db0ea373f833df91fba8e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1709419Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#62849}
-
Ben L. Titzer authored
TBR=clemensh@chromium.org No-Try: true Change-Id: I993955063432cceedc6ef6fc1a999c8f2256279f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710668Reviewed-by: Ben Titzer <titzer@chromium.org> Commit-Queue: Ben Titzer <titzer@chromium.org> Cr-Commit-Position: refs/heads/master@{#62848}
-
Ben L. Titzer authored
This is a reland of bc33f5ae Original change's description: > Reland "[arraybuffer] Rearchitect backing store ownership" > > This is a reland of 31cd5d83 > > Original change's description: > > [arraybuffer] Rearchitect backing store ownership > > > > This CL completely rearchitects the ownership of array buffer backing stores, > > consolidating ownership into a {BackingStore} C++ object that is tracked > > throughout V8 using unique_ptr and shared_ptr where appropriate. > > > > Overall, lifetime management is simpler and more explicit. The numerous > > ways that array buffers were initialized have been streamlined to one > > Attach() method on JSArrayBuffer. The array buffer tracker in the > > GC implementation now manages std::shared_ptr<BackingStore> pointers, > > and the construction and destruction of the BackingStore object itself > > handles the underlying page or embedder-allocated memory. > > > > The embedder API remains unchanged for now. We use the > > v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to > > keep the backing store alive properly, even in the case of aliases > > from live heap objects. Thus the embedder has a lower chance of making > > a mistake. Long-term, we should move the embedder to a model where they > > manage backing stores using shared_ptr to an opaque backing store object. > > > > R=mlippautz@chromium.org > > BUG=v8:9380,v8:9221 > > > > Change-Id: I48fae5ac85dcf6172a83f252439e77e7c1a16ccd > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584323 > > Commit-Queue: Ben Titzer <titzer@chromium.org> > > Reviewed-by: Ben Titzer <titzer@chromium.org> > > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > > Reviewed-by: Yang Guo <yangguo@chromium.org> > > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#62572} > > Bug: v8:9380, v8:9221 > Change-Id: If3f72967a8ebeb067c0edcfc16ed631e36829dbc > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1691906 > Commit-Queue: Ben Titzer <titzer@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > Reviewed-by: Yang Guo <yangguo@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Cr-Commit-Position: refs/heads/master@{#62809} Bug: v8:9380, v8:9221 Change-Id: I9a2525753ae2424108d074fa81df5f25d945c824 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1709409 Commit-Queue: Ben Titzer <titzer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#62847}
-
Mike Stanton authored
In serialization for concurrent TurboFan, we need to fully consume context chains to the root. This interferes with existing protections, firing the assert IsBootstrappingOrValidParentContext if the chain is queried to root. Instead, use unchecked_previous(). Bug: v8:7790 Change-Id: Id69885570fb88486c2f292023509bb02413a8ac5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710666Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#62846}
-
Darius Mercadier authored
A few methods (Free, TryFindInNode, SearchForNodeInList) were identical in each FreeList implementation, yet redefined each time. They are now defined in the class FreeList, and inherited by subclasses (which can override them if needed). Additionnaly, GuaranteedAllocatable in FreeListFast and FreeListMany were wrong in their respective last case; they are now fixed. Consequently to fixing FreeListMany::GuaranteedAllocatable, FreeListMany was slightly reworked: - The last freelist is now fully searched during allocation (rather than just looking at its first element like for the other freelists). Bug: v8:9329 Change-Id: Ic86ade3b1acaa2ca91cce17bd6822ec12aa594d9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1706478Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Darius Mercadier <dmercadier@google.com> Cr-Commit-Position: refs/heads/master@{#62845}
-
Michael Achenbach authored
This adds a simple test calling: generate-bytecode-expectations --check-baseline It's added on one CQ and one CI builder. The infra side specifying the command line landed here: https://crrev.com/c/1709454 For the command to succeed on swarming we instruct the isolate server to archive the executable alongside with all the *.golden files needed for the --check-baseline command. Bug: v8:9520 Change-Id: I358ca7a7142c0fdaa7f6960515e524729a481394 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1709424Reviewed-by: Dan Elphick <delphick@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#62844}
-
Yu Yin authored
port 4ca8b4dd https://crrev.com/c/1701856 Original Commit Message: This adds decoding and compilation of the "atomic.fence" operator, which is intended to preserve the synchronization guarantees of higher-level languages. Unlike other atomic operators, it does not target a particular linear memory. It may occur in modules which declare no memory, or a non-shared memory, without causing a validation error. See proposal: https://github.com/WebAssembly/threads/pull/141 See discussion: https://github.com/WebAssembly/threads/issues/140 Change-Id: Ia60d58a6bf58e8236591d515d30184418cee47c5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1710337Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Yu Yin <xwafish@gmail.com> Cr-Commit-Position: refs/heads/master@{#62843}
-