- 01 Jun, 2021 5 commits
-
-
Camillo Bruni authored
- Move readFile helper to LogReader.readFile - Add static BaseArgumentsProcessor.process helper - Move SourceMap handling to the TickProcessor - Always skip example file mjsunit/tools/tickprocessor-test-large.js - Run tickprocessor and dumpcpp tests only in release mode Change-Id: I635fb2d2839233219b058faf9710fd0f19880fd2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2929117Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#74873}
-
Santiago Aboy Solanes authored
This CL would finish adding TSAN support for the generated tagged stores. Bug: v8:7790, v8:11600 Change-Id: Icaadc06ea740089dadf3d9f86da56d84dad1d4b6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2922113Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#74872}
-
Daniel Lehmann authored
So far, units compiled with TurboFan were published one-by-one as soon as they were ready, which reduces the latency until the faster code is available. However, especially when write-protecting code with mprotect, this yielded a lot of page protection switches, which incurs syscall and lock contention overhead. Thus, https://crrev.com/c/2922114 already introduced TurboFan batching when using write-protection. During experiments, we found this could even be beneficial in the default configuration, i.e., without write-protection enabled. This CL changes to always do the publishing in batches. This choice should be revisited once the tier-up strategy changes, e.g., with lazy compilation or dynamic tier-up. R=clemensb@chromium.org CC=jkummerow@chromium.org Change-Id: I0ba792c969f7e017ac57103d2bbfe9a142cf302d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2928186Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Daniel Lehmann <dlehmann@google.com> Cr-Commit-Position: refs/heads/master@{#74871}
-
Camillo Bruni authored
This is a reland of 17915002 with an added fix for TurboAssembler::CallTSANRelaxedStoreStub. Original change's description: > [builtins][x64] Use callee-saved registers for write barrier stubs > > Calls to the record write stub are quite frequent and the caller has to > save all registers used by the builtin. > > This CL moves the register saving to the builtin itself, reducing the > call-site code size significantly in many cases and thus improving > compilation speed of sparkplug. > > Follow-up CLs with introduce the same behaviour to other platforms. > > - CallRecordWriteStubSaveRegisters preserves the existing behaviour and > saves clobbered registers. > - CallRecordWriteStub expects the registers to match the ones specified > in the WriteBarrierDescriptor for more compact code. > > Bug: v8:11420 > Change-Id: Ib1260cf972712bb9ba879beacd34b06a7fa347f1 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2922103 > Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org> > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Commit-Queue: Camillo Bruni <cbruni@chromium.org> > Cr-Commit-Position: refs/heads/master@{#74831} Bug: v8:11420 Change-Id: Ibac3e6f0360d35579ee0b0dc5d698f8cdab93260 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2922604Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#74870}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/068753b..0f7c842 Rolling v8/buildtools/third_party/libunwind/trunk: https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libunwind/+log/c8d0fb8..c0776fc Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/edf4e0e..12d96cd TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I84fa018b8346e0dc49f95876359cbd83fd498f56 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2927417Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#74869}
-
- 31 May, 2021 21 commits
-
-
Milad Fa authored
All our Simd load/store opcodes are using MRR format. Added DCHECKs will make sure the passed MemOperands are using 2 registers and not an Immediate value. Change-Id: Ife470d3c80a10853bbb8365f8c00350ebdc98b2d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2927208Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Junliang Yan <junyan@redhat.com> Cr-Commit-Position: refs/heads/master@{#74868}
-
Manos Koukoutos authored
This will be thrown during array allocations if the requested size is larger than kV8MaxWasmArrayLength. Additional changes: - In test-gc.cc, add the possibility to check against the trap message in CheckHasThrown. - Small reorganization of WasmGCTester in test-gc.cc. Bug: v8:7748 Change-Id: I6f74b525bd7087fcc66f43c451ef130df022b0f9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2922247Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/master@{#74867}
-
Mike Stanton authored
AllocationSites are strongly rooted in various places. AllocationMementos, small heap objects immediately behind the objects which AllocationSites tracks, are purposely left unrooted. They do however, point to AllocationSites. This leads to a situation where an AllocationSite may no longer be seen to have strong roots at gc time, and yet new space is still repleat with AllocationMementos which point to it. The GC recognizes this, and marks the AllocationSite as a "zombie," that is, an object which should be kept alive for one more GC cycle because of the existence of those mementos which point to it. Change-Id: Ifa720c28f216dee2eaf7edd6f489b5c7427d4353 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2928500Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#74866}
-
Igor Sheludko authored
Bug: chromium:1209723 Change-Id: Ied077c7819312ea71d58997378d7c3f4acb02566 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2928193Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#74865}
-
Georg Neis authored
Bug: chromium:1212583 Change-Id: I6cce7e419b108a0d30cf4d9d9bb0ba304fb0803e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2922249Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/master@{#74864}
-
Vicky Kontoura authored
Bug: v8:11525, v8:11706 Change-Id: Ia1f15ab33708831323bed5cdd9b8d3cf029cb7a1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2928183Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Vicky Kontoura <vkont@google.com> Cr-Commit-Position: refs/heads/master@{#74863}
-
Mathias Bynens authored
Prior to this patch, regular expression objects with a monkeypatched `toString` were printed using the `toString` result value, rather than actually representing the regular expression’s contents. const re = /./; re.toString = () => 'whoops!'; console.log(re); // → logs 'whoops!' Now that `v8::RegExp::GetSource` properly escapes special characters in the source pattern [1], just like `RegExp#toString`, there is no longer any reason to avoid it. [1]: https://chromium-review.googlesource.com/c/v8/v8/+/2900737 Bug: v8:11693 Change-Id: I9a69cdb6813f76b669bdc24e4823c6d261f2ae73 Fixed: v8:11836 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2928188Reviewed-by: Philip Pfaffe <pfaffe@chromium.org> Commit-Queue: Mathias Bynens <mathias@chromium.org> Cr-Commit-Position: refs/heads/master@{#74862}
-
Manos Koukoutos authored
Changes: - Fix OpcodeLength for array.copy - Check that the destination array for array.copy is mutable. Bug: v8:7748 Change-Id: I2c84b967ba91e150b772a959e76ebb382bfc29bc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2928176Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/master@{#74861}
-
Camillo Bruni authored
This adds a first crude version of displaying a flamechart in the system-analyzer. - Basic function types are distinguishable by colors. - Tooltip information is available as well Bug: v8:11835 Change-Id: I87e092f749d4c16aa5017af39df8d2f7bd7e2edd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2928179 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/master@{#74860}
-
Victor Gomes authored
We must ensure that the sweeper is not running or has already swept mutable_double_buffer. Otherwise the GC can add it to the free list. Bug: v8:11837 Change-Id: Ifd9cf15f1c94f664fd6489c70bb38b59730cdd78 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2928181 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/master@{#74859}
-
Wenyu Zhao authored
When this flag is enabled, allocation folding behaviour depends on the --turbo-allocation-folding runtime flag. When it's disabled, --turbo-allocation-folding is ignored. This flag will be used later to control the CodeStubAssembler::InlineAllocate behaviour. Change-Id: Iea7bbafd8454571dda7d56349b3dc63d3b54ba99 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2878754Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Wenyu Zhao <wenyu.zhao@anu.edu.au> Cr-Commit-Position: refs/heads/master@{#74858}
-
Maya Lekova authored
This CL enhances the interface of the fast C API with constants and structs necessary for supporting JSArrays, TypedArrays and ArrayBuffers. It also adds checks for incompatible combinations of argument type/flags. Bug: chromium:1052746 Change-Id: I032167d0739d33f8151f78574c89d565cb9bd821 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2903147Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#74857}
-
Camillo Bruni authored
Bug: v8:11820 Change-Id: Iec8c75737648ca239363069511fd7783c26a5d64 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2928497Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#74856}
-
Thibaud Michaud authored
The delegate instruction is executed when an exception is thrown, not after the last instruction of the block. Handle reachability accordingly. R=ahaas@chromium.org Bug: chromium:1212396 Change-Id: I55e342cd73da44142cfbad7e16ab65ef513e6a60 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2928499Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/master@{#74855}
-
Patrick Thier authored
Change API RegExp::GetSource to return a string identical to ToString() and RegExp.prototype.source. Bug: v8:11693 Change-Id: I3d148883fe6f8a3ff49e552ddd72b1e92f52baf3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2900737Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/master@{#74854}
-
Vicky Kontoura authored
This CL refactors mjsunit tests, so that the common core of all tests is abstracted away. Bug: v8:11525, v8:11706 Change-Id: I24a1af4298380e21a64e4d17149422c32fbf8a4d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2914882Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Vicky Kontoura <vkont@google.com> Cr-Commit-Position: refs/heads/master@{#74853}
-
Maya Lekova authored
Bug: v8:10996 No-Try: true Change-Id: Ic75702e2d9db17762b21cd3d90e6fbf461c634bb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2928178 Auto-Submit: Maya Lekova <mslekova@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#74852}
-
Camillo Bruni authored
Removing some additional complexity that is not frequently used. Change-Id: I10195971d872d710ba3a87170fb62c1948e7716e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2923502Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#74851}
-
Victor Gomes authored
Bug: chromium:1213927 Change-Id: I11729540d9f20b437411f0b9f8077be2a7f066b3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2922117Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/master@{#74850}
-
Wael Almattar authored
Change-Id: I0e4de2d943db5a6af41bb1a1599e0ebb0568d290 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2912881Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/master@{#74849}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/e5a2e0c..068753b TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I93438a1eb2ef704a3a50d8374acfdb2e0aa87ff4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2927501Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#74848}
-
- 30 May, 2021 2 commits
-
-
Liu Yu authored
Port 032ab3d2 Bug: v8:11420 Change-Id: I7c5f627902db9f21ef35bf8d085ac6a6c72755ca Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2925315 Auto-Submit: Liu yu <liuyu@loongson.cn> Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Cr-Commit-Position: refs/heads/master@{#74847}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/ec279cc..e5a2e0c Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/dca1c97..edf4e0e TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I3468fe7b1d66da0cc4adb2cbc672eb141243504f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2923407Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#74846}
-
- 29 May, 2021 2 commits
-
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/ca9596f..ec279cc Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/e83a92e..dca1c97 TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I15cc4fbe2fba7d10cc8c7873ac8ddbadc4821f07 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2924506Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#74845}
-
v8-ci-autoroll-builder authored
Rolling v8/third_party/google_benchmark/src: https://chromium.googlesource.com/external/github.com/google/benchmark/+log/db2de74..0e1255a Removing freenode from README (Dominic Hamon) https://chromium.googlesource.com/external/github.com/google/benchmark/+/0e1255a TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com,mlippautz@chromium.org Change-Id: Ibf16c3ba389fe8b35685660d3e78d3eccda1e6e5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2924507Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#74844}
-
- 28 May, 2021 6 commits
-
-
Lu Yahan authored
Port 032ab3d2 Change-Id: I55715e1943e0e178079e810b8979d14d84e776cf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2924605 Auto-Submit: Yahan Lu <yahan@iscas.ac.cn> Commit-Queue: Brice Dobry <brice.dobry@futurewei.com> Reviewed-by: Brice Dobry <brice.dobry@futurewei.com> Cr-Commit-Position: refs/heads/master@{#74843}
-
Shu-yu Guo authored
Use Relaxed_Memcpy when making a new TypedArray that copies from a SharedArrayBuffer. Bug: chromium:1209639 Change-Id: Iaa1f069552f0aa42a1f423e5ee0a913b3330153c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2923274Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/master@{#74842}
-
Lu Yahan authored
And add s10 to scratch_register_list. Clean up t* register used in macroassembler Bug: v8:7703 Change-Id: Ib8477cd7528b8c2a2297da3f46659f30af45286e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2914246Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Brice Dobry <brice.dobry@futurewei.com> Commit-Queue: Yahan Lu <yahan@iscas.ac.cn> Cr-Commit-Position: refs/heads/master@{#74841}
-
Michael Lippautz authored
Bug: v8:11822 Change-Id: I35f3b5ce71ab5f86a5d9991bb9d729a2fe56f6dd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2919955Reviewed-by: Omer Katz <omerkatz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#74840}
-
Sigurd Schneider authored
The refactoring makes it explicit that a v8::Array results in a protocol::ListValue, and a v8::Object in a protocol::DictionaryValue, which will be useful in a follow-up. Bug: chromium:1213393 Change-Id: I0d6e5b013a828e12cb3200672d4fd9b14a14a807 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2919831Reviewed-by: Philip Pfaffe <pfaffe@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#74839}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/2f6e88e..ca9596f Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/6fc394f..0694fa6 Rolling v8/third_party/zlib: https://chromium.googlesource.com/chromium/src/third_party/zlib/+log/5ef44f0..d0e636e TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: Ic77cfdf2999bf19e8c50409a86e95ababe5dc73b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2922991Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#74838}
-
- 27 May, 2021 4 commits
-
-
Paolo Severini authored
To support Fast API calls with overloads, implement compile-time function resolution based on the number of arguments passed to the JS function. Bug: v8:11739 Change-Id: I96839dc0b6fc540eff94573ac9e77f678908fc3a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2901249Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Paolo Severini <paolosev@microsoft.com> Cr-Commit-Position: refs/heads/master@{#74837}
-
Dominik Inführ authored
The counter as size_t can legitimately overflow on 32-bit systems, since decreasing the counters is performed after all backing stores were freed on a background thread. Before sweeping is finished a new backing store could already be allocated which then leads to the overflow. Bug: v8:11788, chromium:1211437 Change-Id: Id9f3e58b0e84e831fe47109f7deb3a05ae7e489c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2922242 Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#74836}
-
Nico Hartmann authored
Bug: chromium:1212550 Change-Id: Ia3750305542caff97aeb83c078238c41cd2761d9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2919963 Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#74835}
-
Milad Fa authored
Port 032ab3d2 R=cbruni@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: I075377afc65999731223f4dce368e6aca4e784ba Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2920810Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#74834}
-