- 01 Mar, 2022 14 commits
-
-
Manos Koukoutos authored
According to the latest changes in wasm-gc, externref will be renamed to anyref, and will be assigned as the top of the reference type hierarchy. Since in the current wasm type system funcref is not a subtype of anyref, subtyping is now dependent on whether wasm-gc is enabled. Bug: v8:7748 Change-Id: I0c0ae3dd5523e624d4490ca33d1fba4c2ae59393 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3468345Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#79322}
-
Michael Lippautz authored
Before this CL Oilpan would schedule concurrent marking and sweeping even in the presence of --single-threaded-gc. This e.g. flakily breaks Blink tests that do not set up a thread-pool in certain configurations where they pass --single-threaded (implying --single-threaded-gc). Bug: chromium:1300492 Change-Id: I64f0c6a20f9c29d689a62e63cc5a8d024962ff2c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497760Reviewed-by: Omer Katz <omerkatz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#79321}
-
Leszek Swirski authored
InitialValue needs to have a spill slot (e.g. for deopts) but shouldn't emit an actual spill (since they're already on stack). Drive-by, fix printing of Checkpoint and CheckMaps parameters. Bug: v8:7700 Change-Id: I3c1acfce6638b1ad604f7c7a1938694814c326ee Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497371 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#79320}
-
Leszek Swirski authored
GetFreeRegisters is supposed to find some number of free registers that the current node can use as safe temporaries, but they shouldn't be considered "allocated", as they will be free as soon as the node's code completes. Now we no longer decrement free_register_count_ in GetFreeRegisters, to avoid leaking registers allocated for temporaries. Bug: v8:7700 Change-Id: I485607fedec79fbeca4675781923b7ad3a6bfc6b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497381Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79319}
-
Jakob Gruber authored
- Add the Isolate as an explicit param (we already have it at all callsites) - Pass an explicit CodeKind param to MarkForOptimization in preparation for Maglev. - Split EnsureFeedbackVector into that, plus CreateAndAttachFeedbackVector for when we know it has to be created. Bug: v8:7700 Change-Id: Ie9022deccd31d472d6df3d442b25583af5569ab0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497383 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Auto-Submit: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79318}
-
Pierre Langlois authored
When running with the simulator, Assembler::debug() can record an inline comment to be printed when the simulator encounters it. We need to make sure pools are not emitted while the comment is recorded in the code stream. However the BlockPoolsScope was missing its margin argument to tell it how much code we're going to generate, and could forget to emit pools when it should have, causing crashes later on when a branch cannot jump over the code comment. Bug: v8:12637 Change-Id: I39e50f176d87c781c865b81fb9aca57d69c8c019 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494544Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Cr-Commit-Position: refs/heads/main@{#79317}
-
Michael Lippautz authored
Single generation doesn't have a young generation, so we cannot check whether it's inline allocation is enabled. Bug: v8:12615 Change-Id: I145e7c3ff225dc0099136289c9aef4ddd28b3578 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487993 Auto-Submit: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#79316}
-
Victor Gomes authored
Bug: v8:7700 Change-Id: I117f0ed7df60eff145b0ecd509ffa7debc137038 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494239Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#79315}
-
Jakob Gruber authored
gcc builds seem to have troubles with this: error: call to non-constexpr function Remove the UNREACHABLE() calls for now but keep a TODO to potentially re-enable them again once we've figured this out. Bug: v8:7700,v8:12667 Change-Id: I9628a1326c1c4200b90aad25cd2eabfeb06608fb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494237 Auto-Submit: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79314}
-
Igor Sheludko authored
1) add relaxed version of Code::main_cage_base accessors and use them from in those cases where they can be called from backround thread, 2) pass the main cage base value to IsCode() predicate to avoid accessing non-acomic Heap pointer value in page headers from background compilation thread. Drive-by cleanup: use MarkingVerifier::cage_base() instead of Code::main_cage_base(). Bug: v8:11880, v8:12611 Change-Id: I9fd28c1a3babb862d08fec09f6cfc369beaad231 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494238Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#79313}
-
Lu Yahan authored
Change-Id: I55fa83f403464522ee8cebb8dd79e9aecdcc23a4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3492398 Auto-Submit: Yahan Lu <yahan@iscas.ac.cn> Reviewed-by: ji qiu <qiuji@iscas.ac.cn> Commit-Queue: ji qiu <qiuji@iscas.ac.cn> Cr-Commit-Position: refs/heads/main@{#79312}
-
Benedikt Meurer authored
Don't expose the line end table logic to V8DebuggerScript, but instead use the existing Script::GetPositionInfo() logic to resolve end line and column numbers for scripts. This also avoids having to copy (the potentially huge) line ends tables to std::vector's twice per script. Bug: chromium:1162229 Change-Id: I03365d42c320d462360bacc444f7fa97904a9748 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494240 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Simon Zünd <szuend@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/main@{#79311}
-
jameslahm authored
LiftoffAssembler::RecordSpillsInSafepoint use Safepoint will be mistaken for v8::internal::Safepoint, which cause build failure on riscv64, change it to use SafepointTableBuilder::Safepoint Bug: v8:12665 Change-Id: I597ea04b0c8b466c2f5a322d22ed989d00bedc5c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3492397Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#79310}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/19909af..27d089d Rolling v8/buildtools/linux64: git_revision:0725d7827575b239594fbc8fd5192873a1d62f44..git_revision:e3f114f46537152cfbdb553015518d1db1b812fd Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/666eff9..2cfdaa8 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/6b28c1d..2bad9f0 Rolling v8/third_party/fuchsia-sdk: https://chromium.googlesource.com/chromium/src/third_party/fuchsia-sdk/+log/5e0b0d0..7c9c220 Rolling v8/third_party/zlib: https://chromium.googlesource.com/chromium/src/third_party/zlib/+log/5de4327..aa5ea60 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/55aa202..3a67a50 R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I51ce67dd1f61d7585c1e107ea24ae80b16a23b07 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3496123 Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#79309}
-
- 28 Feb, 2022 10 commits
-
-
Nikolaos Papaspyrou authored
The following histograms have been deprecated, as they are superseded by V8.GC.Cycle.*.Young or not needed anymore (next to each, the corresponding isolate counter): - V8.GCScavenger (gc_scavenger) - V8.GCScavengerBackground (gc_scavenger_background) - V8.GCScavengeReason (scavenge_reason) - V8.GCScavengerForeground (gc_scavenger_foreground) - V8.GCBackgroundScavenger (background_scavenger) - V8.GCMarkCompactor (gc_mark_compactor) This CL removes the corresponding instrumentation in the code and the isolate counters. Bug: chromium:1154636 Bug: chromium:1299555 Change-Id: I62d28ff60ef47a058fe148c7855af8e2c1cc0aed Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487548Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org> Cr-Commit-Position: refs/heads/main@{#79308}
-
Milad Fa authored
Change-Id: I0938fa9cf52334cbf84a0b38b8e80b88431dff0d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494439Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#79307}
-
Milad Fa authored
inspector tests are not yet enabled as a few issues need to be solved related to endianness and IBM lane numbering. Change-Id: I3c5c87af45037033d4a112cb7e1da8b7923ce0f3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3489244Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#79306}
-
Jakob Gruber authored
Maglev is currently enabled only on x64; BUILD.gn knows about this through v8_enable_maglev, but v8_check_header_includes doesn't. It thus tries to compile maglev files on platforms that don't have maglev support yet. Add an explicit maglev exclude rule until we support other platforms. Bug: v8:7700 Change-Id: Iac991741c7d630dc4ed9f9fbf6df7656853cc743 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494536 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Auto-Submit: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79305}
-
Benedikt Meurer authored
This was originally introduced to address http://crbug.com/794941, to make the disassembly generation for WebAssembly modules lazy. Nowadays we no longer generate a text representation for the Wasm disassembly in V8, and this method always returns `false`. Bug: chromium:794941, chromium:1162229 Change-Id: I8b67e451a3657bf732615585577525aeea2b2f55 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494236 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Simon Zünd <szuend@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/main@{#79304}
-
Stephan Hartmann authored
Bug: chromium:957519 Change-Id: I33377e652f31e5dc54b8941a6b49ea8c76690597 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3492522Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Stephan Hartmann <stha09@googlemail.com> Cr-Commit-Position: refs/heads/main@{#79303}
-
Stephan Hartmann authored
Otherwise std::allocator is used and there is no conversion. Bug: chromium:819294 Change-Id: Ic93e75a3facef96dc901dda29a6be3b4539b68e7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3492523Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Stephan Hartmann <stha09@googlemail.com> Cr-Commit-Position: refs/heads/main@{#79302}
-
Benedikt Meurer authored
Nowadays these methods allocate a single handle, so there's no point in having a dedicated handle scope just to close it immediately and escape the single allocated handle. Bug: chromium:1162229 Change-Id: I695d8c5577db43b8974b28bdfa6e0600eb41cce9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3494156 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Simon Zünd <szuend@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/main@{#79301}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/ed3b0ef..19909af R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I1afde2c861ba619fdbbbe403e2899ad09d6adb24 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3492580 Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#79300}
-
Lu Yahan authored
Change-Id: I0ecd8450fce35925dc00f5db65a1132deb813b59 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3483696Reviewed-by: ji qiu <qiuji@iscas.ac.cn> Commit-Queue: ji qiu <qiuji@iscas.ac.cn> Cr-Commit-Position: refs/heads/main@{#79299}
-
- 27 Feb, 2022 1 commit
-
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/f8bb978..ed3b0ef R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I0713351c5a01ff0c13fad1ae6ccf1640f4a6af41 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3492286 Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#79298}
-
- 26 Feb, 2022 1 commit
-
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/9e7c4ed..f8bb978 Rolling v8/buildtools/third_party/libunwind/trunk: https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libunwind/+log/8cd7191..2ea265b Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/57a228b..666eff9 Rolling v8/third_party/zlib: https://chromium.googlesource.com/chromium/src/third_party/zlib/+log/27dbe48..5de4327 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/3730026..55aa202 R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: Id61492b5fe22779aec5c516eeb879a2ea8494bfc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3491482 Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#79297}
-
- 25 Feb, 2022 14 commits
-
-
Anton Bikineev authored
The CL gets rid of the assumption that WeakCallbackItem::parameter always points to an object with a custom callback, which might not be the case for weak containers. This fixes failures in cppgc-non-default bot. Bug: chromium:1029379 Change-Id: I9ab6cb357153801efaa0d902c9eedff07d12ffe7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3490932Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#79296}
-
Milad Fa authored
This CL assures scratch registers are passed where needed and cleans up Simd functions shared between TF and LO. Change-Id: Ib7633e0d51f3aa92d2bcdfc69d0efe779062af62 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3489239Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#79295}
-
Adam Klein authored
This reverts commit 679c373e. Reason for revert: DCHECK failures in post_job.cc when running Chromium gtests, blocking V8 roll into Chromium. See https://ci.chromium.org/ui/p/chromium/builders/try/mac-rel/928210/overview for example failures/stacks. Original change's description: > Reland "heap: Force incremental marking in C++ only workloads" > > This is a reland of 4fde3328 > > Another Blink-related test fix landed, see chromium:1300492. > > Original change's description: > > heap: Force incremental marking in C++ only workloads > > > > ... when above a certain minimum threshold. This is to guard against > > memory running away in scenarios where the JS heap is empty and > > there's only high throughput C++ allocations that don't allow for a > > memory reducer GC to kick in. > > > > This logic should be revisited after Oilpan's young generation > > collector is implemented which may allow switching to a more efficient > > shrinking strategy for initial heap setup. > > > > Bug: chromium:1029379, chromium:1300028, chromium:1300492 > > Change-Id: I93924fc2fe77d6226c29358d3afb1cc9d6fbf3b1 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3484319 > > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> > > Commit-Queue: Michael Lippautz <mlippautz@chromium.org> > > Cr-Commit-Position: refs/heads/main@{#79255} > > Bug: chromium:1029379, chromium:1300028, chromium:1300492 > Change-Id: Ida66e0c944094472b4856d5fecef2d199d29549b > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487991 > Commit-Queue: Michael Lippautz <mlippautz@chromium.org> > Auto-Submit: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79281} Bug: chromium:1029379, chromium:1300028, chromium:1300492 Change-Id: Ifbdcf996a91cbdb5cce3b07059c333a7f1a9444a No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3491187 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#79294}
-
legendecas authored
Bootstrap ShadowRealm.prototype.evaluate, WrappedFunction and WrappedFunction.[[Call]]. Bug: v8:11989 Change-Id: Id380acb71cd5719e783c8f5d741cc4ccf2a93e78 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3432729Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Chengzhong Wu <legendecas@gmail.com> Cr-Commit-Position: refs/heads/main@{#79293}
-
Yuri Iozzelli authored
The main change is the section name, which is now 'metadata.code.branch_hint'. The binary format has also a couple of minor changes. Semantics remain unchanged. Change-Id: I056c9f672ae494979e8ea55266fa766139b71d38 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487788Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#79292}
-
Leszek Swirski authored
Defer reg->reg moves at end-of-block Phi resolution, and resolve them as parallel moves using a recursive algorithm with cycle detection. Bug: v8:7700 Change-Id: I74b9e451775595e6ec3bf1ca2f50e483b876f204 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487992 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79291}
-
Clemens Backes authored
After https://crrev.com/c/3484317, passing {nullptr} to the {CodeSpaceWriteScope} won't work any more. Since the tests do not have a {NativeModule} to pass instead, make them use {pthread_jit_write_protect_np} directly. The jump-table assembler tests have dedicated threads for writing and executing the code, so we just switch once per thread. The icache test switches between writing and executing, so we use a little struct for switching. R=jkummerow@chromium.org, tebbi@chromium.org Bug: v8:12644, v8:11974 Change-Id: I116f3ad75454f749cdc4635802a4617ff91548b2 Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_rel_ng Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487995Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#79290}
-
Toon Verwaest authored
Instead of storing a single register, store the entire RegList. This simplifies a lot of things. We will use RegLists for free registers etc too later. Bug: v8:7700 Change-Id: I32146023c7b9bc9e553e3db98fe034e8cef7d09d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487994Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Auto-Submit: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#79289}
-
Jakob Kummerow authored
When we can eliminate a branch-on-type instruction based on statically available type information and replace it with an unconditional branch, we have to mark the rest of the current block as unreachable. Change-Id: I9b8cc2f8e76da0b1b7cdf72b150ec675e9aae1a3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3490931Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#79288}
-
Clemens Backes authored
{Invoke} is the central bottleneck for calling into generated code. Check that at this point, no {CodeSpaceWriteScope} is open, otherwise the JS code could write to the code space once it gains access to an arbitrary-write gadget. R=jkummerow@chromium.org Bug: v8:11974 Change-Id: Ie323cea442a5ea355a1c975b300a1cc5a6edf433 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487787Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#79287}
-
Clemens Backes authored
In very rare cases we open CodeSpaceWriteScopes for multiple native modules at the same time, e.g. for tier down (debugging) via ExecuteCompilationUnits --> PublishCompilationResults --> OnFinishedUnits --> TriggerCallbacks --> AsyncCompileJob::CompilationStateCallback::call --> WasmEngine::UpdateNativeModuleCache --> RecompileNativeModule [for tier down] --> InitializeRecompilation --> FindFunctionsToRecompile --> CodeSpaceWriteScope Fixing this would be difficult because we actually want to keep the CodeSpaceWriteScope open during subsequent publishing. So instead, remove the assumption that scopes are always only open for one module at a time. In order to do this, we remove the {code_space_write_nesting_level_} counter and instead use the {current_native_module_} field in all configurations to check whether a scope is currently open, and for which module. R=jkummerow@chromium.org Bug: v8:12644, v8:11974 Change-Id: Idd24c87f5938c43e867c41fa1cd3879def6f3873 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3484317Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#79286}
-
jameslahm authored
The per-Isolate Symbol tables are implemented using NameDictionary before, which has additional property details overhead And NameDictionary is limited to 2^23, which limits the Symbol tables to be a maximum of 2^23. - replace NameDictionary with SymbolTable in isolate Bug: v8:12575 Change-Id: Ica4f05aac3494f7dfa3a074c240d4ba25df814e9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3476897Reviewed-by: Shu-yu Guo <syg@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#79285}
-
Toon Verwaest authored
The helper function removes a register from the list and returns it Bug: v8:7700 Change-Id: I3f9fe9d30113b9e6c7362dc8443e39ae3d1adf07 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3488372Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#79284}
-
Clemens Backes authored
When checking whether to merge a region with its surrounding regions in {InsertIntoWritableRegions}, we did not check first whether the determined {insert_pos} is within the vector. We were thus accessing (reading) after the end of the vector. The bug only happened on MSVC builds, suggesting that clang deterministically read a value which is never equal to the end of the new region, whereas for MSVC it sometimes happened that we read exactly the {region.end()} value, and we tried to merge regions. R=jkummerow@chromium.org Bug: v8:12643 Change-Id: If30d910ed6e996f7b0e1d8c5b439c3d842a498f6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3487988Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#79283}
-