- 02 Aug, 2022 30 commits
-
-
Milad Fa authored
Port 4e329f8c Original Commit Message: The original CL did not handle the case where a GC gets triggered by the allocation of the error object when compilation fails. Orignal message: Feedback vector allocation can trigger a GC, and thereby make the WasmCompileLazyFrame visible for the GC. This CL add stack scanning for the WasmCompileLazyFrame. Design doc: http://doc/1peovM6N6C4nSEdC77l4uxU1L0njA0RTaOjy5F12r2CQ R=ahaas@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: I3cdd5b0cd72463a6b492fcafcabcf65e1da55eea Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3804694Reviewed-by:
Andreas Haas <ahaas@chromium.org> Reviewed-by:
Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#82151}
-
Feng Yu authored
Bug: v8:12918 Change-Id: Id3419cf7cef833cc8e18948874c40e13a3f20675 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3798522 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by:
Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#82150}
-
Samuel Groß authored
Bug: v8:10391 Change-Id: I7f1b69b1fe41507e4eb72a35b4c143a970cc2f74 Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3788205 Commit-Queue: Samuel Groß <saelo@chromium.org> Reviewed-by:
-
Victor Gomes authored
Bug: v8:7700 Change-Id: I27db2c8d0cbbf4324d9f2b214b909326fc61968d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3805065 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#82148}
-
Omer Katz authored
Bug: v8:12612 Change-Id: Iaf967da524413b6701aa93fa471d79e2a82e43e2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3805064Reviewed-by:
Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/main@{#82147}
-
Milad Fa authored
Change-Id: I43e4a4cadc60e958d6c9d80e725a49a3e36d8ba9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3797832Reviewed-by:
Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#82146}
-
jameslahm authored
Bug: v8:7700 Change-Id: I36018a3323d778b8657087736e1bff70b0fdbf2d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3779920 Commit-Queue: 王澳 <wangao.james@bytedance.com> Reviewed-by:
Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#82145}
-
Milad Fa authored
Port 044a18ac Original Commit Message: The {LiftoffAssembler::Load} method already receives an {i64_offset} parameter which skips the UXTW (zero extension of 32-bit addresses) in the memory operand. The same needs to happen on stores. On 32-bit platforms, we cannot have addresses >=4GB anyway (they would be detected as OOB before reaching the point in question), so this is not a problem. On x64, all 32-bit registers are zero-extended already (which is debug-checked in the generated code), so this is also no problem (and we just ignore the additional parameter). R=clemensb@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: Ic531618875bf3b6abcf3741bcbe153e603d9f250 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3794647Reviewed-by:
Clemens Backes <clemensb@chromium.org> Reviewed-by:
-
Tobias Tebbi authored
Bug: chromium:1348929 Change-Id: I14ce163dbebd7e83023286e210411e8a8208e238 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3804603 Auto-Submit: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by:
Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#82143}
-
Liu Yu authored
Port commit ec6368bf Bug: v8:11325 Change-Id: I3805ec4886dc2cb109fa450c0141d5e3f0779292 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3803673Reviewed-by:
Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Auto-Submit: Liu Yu <liuyu@loongson.cn> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Cr-Commit-Position: refs/heads/main@{#82142}
-
Victor Gomes authored
This also creates a generic CallBuiltin node. Bug: v8:7700 Change-Id: I7c7a4f8205fc6847372e880ad21658b825ab9bce Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3798723 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Reviewed-by:
-
Qifan Pan authored
Bug: v8:9407 Change-Id: Iab0a4ca8dd5d83444d1addd6043a5c8e3a8577a7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3773773Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Reviewed-by:
-
Matthias Liedtke authored
This reverts commit 6735d74a (relands cd617a58) and fixes the SIMD issue. Change-Id: I86894f2d4fbdb7ba85aae3730f90ab2b11c088bc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3793709 Auto-Submit: Matthias Liedtke <mliedtke@chromium.org> Commit-Queue: Matthias Liedtke <mliedtke@chromium.org> Reviewed-by:
-
Andreas Haas authored
The original CL did not handle the case where a GC gets triggered by the allocation of the error object when compilation fails. Orignal message: Feedback vector allocation can trigger a GC, and thereby make the WasmCompileLazyFrame visible for the GC. This CL add stack scanning for the WasmCompileLazyFrame. Design doc: http://doc/1peovM6N6C4nSEdC77l4uxU1L0njA0RTaOjy5F12r2CQ Change-Id: I9be66c696e27f9ecf8228daf40ad6258f0e963d1 Bug: v8:12852 Fix: v8:13133 Change-Id: I9be66c696e27f9ecf8228daf40ad6258f0e963d1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3804599Reviewed-by:
-
Nico Hartmann authored
This reverts commit a1392fa1. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/43149/overview Original change's description: > Enable background merging when --stress-background-compile > > This change adds new functions to BackgroundCompileTask which closely > match those in BackgroundDeserializeTask. These functions allow a caller > to manage background merging of newly compiled content into an existing > Script from the Isolate compilation cache. These functions are not yet > exposed via the API; instead, StressBackgroundCompileThread uses them to > increase test coverage of the merging logic. > > Bug: v8:12808 > Change-Id: I4d2f429164223785169fe447ce2bdd8beaee00d4 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3793959 > Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82121} Bug: v8:12808 Change-Id: Ibb0bc2adb79e4655b39a8a6ac33d8c8ffc5ebdb9 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3804602 Owners-Override: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#82137}
-
Nico Hartmann authored
This reverts commit 872b7faa. Reason for revert: Somewhat speculative revert because of https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20gc%20stress/39673/overview (reverting locally resolved the issue for me) Original change's description: > Fix Context PromiseHook behaviour with debugger enabled > > This is a solution for https://github.com/nodejs/node/issues/43148. > > Due to differences in behaviour between code with and without the debugger enabled, some promise lifecycle events were being missed and some extra ones were being added. This change resolves this and verifies the event sequence is consistent between code with and without the debugger. > > Change-Id: I3dabf1dceb14233226b1752083d659f1c2f97966 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3779922 > Reviewed-by: Victor Gomes <victorgomes@chromium.org> > Commit-Queue: Camillo Bruni <cbruni@chromium.org> > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82132} Change-Id: I3e05adead5d8033906055e0741854da68aade2ac No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3804859 Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Owners-Override: Nico Hartmann <nicohartmann@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#82136}
-
Liu Yu authored
This reverts commit 7af609f9. Original change's description: > [loong64][mips64][wasm] WasmCompileLazyFrame scanning > > Port commit eb3fb6cb > > Change-Id: Ic2c87341458b7867fea2d5b8cea56315ac727477 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3803996 > Auto-Submit: Liu Yu <liuyu@loongson.cn> > Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> > Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> > Cr-Commit-Position: refs/heads/main@{#82126} Change-Id: I81a0b0a6d6bb4409c4f763e0dca64979dee8e19b No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3803672 Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Auto-Submit: Liu Yu <liuyu@loongson.cn> Cr-Commit-Position: refs/heads/main@{#82135}
-
Andreas Haas authored
In TierDown mode, all functions have to be compiled with Liftoff, even if lazy compilation is enabled. R=clemensb@chromium.org Bug: v8:12852 Change-Id: If450563a6768f82439c77ef7c21ecef8e2b25475 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3804255Reviewed-by:
-
Al Muthanna Athamina authored
Add flag contradictions for "assert-types" flag and a README file for how to add trials from the source side. Also restore "assert-types" and its contradictions' probability since we can avoid contradictions now. Bug: v8:1340816,v8:1336577 No-Try: true Change-Id: I2a3af2d13cd2f9f542bec5c013c50bf26ff93cc1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3787878 Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> Reviewed-by:
Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#82133}
-
Stephen Belanger authored
This is a solution for https://github.com/nodejs/node/issues/43148. Due to differences in behaviour between code with and without the debugger enabled, some promise lifecycle events were being missed and some extra ones were being added. This change resolves this and verifies the event sequence is consistent between code with and without the debugger. Change-Id: I3dabf1dceb14233226b1752083d659f1c2f97966 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3779922Reviewed-by:
Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#82132}
-
Camillo authored
Previously we've added has_scheduled_exception DCHECKs that were a bit too strict in some cases. - Remove unused exception_out param for TryRunMicrotasks - Simplify overzealous DCHECK and clean up MicrotaskQueue::RunMicrotasks Change-Id: I3a945a731573b6b3e44e17487fb8bf871b9a6793 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3789504 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by:
-
Nico Hartmann authored
This reverts commit eb3fb6cb. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Mac64%20GC%20Stress/23845/overview Original change's description: > [wasm] WasmCompileLazyFrame scanning > > Feedback vector allocation can trigger a GC, and thereby make the > WasmCompileLazyFrame visible for the GC. This CL add stack scanning > for the WasmCompileLazyFrame. > > Design doc: http://doc/1peovM6N6C4nSEdC77l4uxU1L0njA0RTaOjy5F12r2CQ > > Change-Id: Iec16f50ad2c8ad7e6dcf05f9e620163d3b60ea0a > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3789516 > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Commit-Queue: Andreas Haas <ahaas@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82119} Change-Id: I694cd288d3a299bd397d4417e6864f7075a7c181 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3804256 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Owners-Override: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#82130}
-
Andreas Haas authored
Bug: v8:12852 Change-Id: I4f38a41afe07633060038151acee986f318103b5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3795376Reviewed-by:
-
Victor Gomes authored
Bug: v8:7700 Change-Id: If911ff32d42c7c907da88d52192bb839bf459d5b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3803028 Auto-Submit: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by:
-
Michael Lippautz authored
This reverts commit 61193620. Reason for revert: Blocking roll: https://chromium-review.googlesource.com/c/chromium/src/+/3802992/ Original change's description: > [heap, api] Check assumptions for embedder fields on set > > Previously, we would set embedder fields and do type checks (on > embedder fields) in the GC. This does not work nicely as embedder > fields contain system pointers whereas we can only operate with > tag-aligned reads/writes. The end result of assembling pointers was > somtimes broken for concurrent marking. > > In this CL we reverse the mode and check assumptions when writing the > fields. From Blink we generally only write once and use the fields in > the GC and via reads multiple times. > > We assume, that when running with CppHeap, any pointer on an instance > field that points into CppHeap, also has the type field set with the > appropriate tracing information. In debug builds we also verify that > the embedder field indeed points to the start of an Oilpan object. > > Bug: chromium:1337690 > Change-Id: I9f9a8e691cdcf666861a455dcf8f65f2fe80b034 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3788206 > Commit-Queue: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> > Reviewed-by: Omer Katz <omerkatz@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82120} Bug: chromium:1337690 Change-Id: Iaece8f51883c7d001fb18ef48faaf271c48b8f11 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3804245 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Owners-Override: Leszek Swirski <leszeks@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#82127}
-
Liu Yu authored
Port commit eb3fb6cb Change-Id: Ic2c87341458b7867fea2d5b8cea56315ac727477 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3803996 Auto-Submit: Liu Yu <liuyu@loongson.cn> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Reviewed-by:
-
Matthias Liedtke authored
Preparation step to remove the subtype relationship between funcref and anyref. Bug: v8:7748 Change-Id: Ie4b29bfc4b874aaca668082018f5359d1b6e3a2e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3803226Reviewed-by:
-
Simon Zünd authored
This is a strictly code moving change. We move the diffing algorithm out of liveedit.cc into its own file. We want to replace the current diffing algorithm and to stay safe we will ship old and new algorithm side-by-side for a release for easy revertability. Given that liveedit.cc is already large enough we extract the diffing algo into a separate file. R=kimanh@chromium.org Bug: chromium:1205288 Change-Id: If5ebb6c2dff2f00387c9e2ab87e4bb61d1f1484a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3802687Reviewed-by:
Kim-Anh Tran <kimanh@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/main@{#82124}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/4bfce1a..b1d3dce Rolling v8/buildtools: https://chromium.googlesource.com/chromium/src/buildtools/+log/6940fd4..56cc5bc Rolling v8/third_party/zlib: https://chromium.googlesource.com/chromium/src/third_party/zlib/+log/c4e1268..8d1d3e3 R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I2800a7fab761b9bdfa08faf777d62311dfaa1f93 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3804026 Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#82123}
-
Pan, Tao authored
We record Sparkplug compiled into SFI which will be saved in disk cache, once deserializes SFI from disk cache, and the SFI was Sparkplug compiled, we trigger concurrent batch Sparkplug compilation, and directly allocate feedback vector on the first call. This CL can improve Speedometer2 by +2%. Change-Id: I89b0ffc6d7a107a1b8c131529e02cd7eb2890888 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3725612Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Reviewed-by:
-
- 01 Aug, 2022 10 commits
-
-
Seth Brenith authored
This change adds new functions to BackgroundCompileTask which closely match those in BackgroundDeserializeTask. These functions allow a caller to manage background merging of newly compiled content into an existing Script from the Isolate compilation cache. These functions are not yet exposed via the API; instead, StressBackgroundCompileThread uses them to increase test coverage of the merging logic. Bug: v8:12808 Change-Id: I4d2f429164223785169fe447ce2bdd8beaee00d4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3793959 Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Reviewed-by:
-
Michael Lippautz authored
Previously, we would set embedder fields and do type checks (on embedder fields) in the GC. This does not work nicely as embedder fields contain system pointers whereas we can only operate with tag-aligned reads/writes. The end result of assembling pointers was somtimes broken for concurrent marking. In this CL we reverse the mode and check assumptions when writing the fields. From Blink we generally only write once and use the fields in the GC and via reads multiple times. We assume, that when running with CppHeap, any pointer on an instance field that points into CppHeap, also has the type field set with the appropriate tracing information. In debug builds we also verify that the embedder field indeed points to the start of an Oilpan object. Bug: chromium:1337690 Change-Id: I9f9a8e691cdcf666861a455dcf8f65f2fe80b034 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3788206 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
Dominik Inführ <dinfuehr@chromium.org> Reviewed-by:
Omer Katz <omerkatz@chromium.org> Reviewed-by:
-
Andreas Haas authored
Feedback vector allocation can trigger a GC, and thereby make the WasmCompileLazyFrame visible for the GC. This CL add stack scanning for the WasmCompileLazyFrame. Design doc: http://doc/1peovM6N6C4nSEdC77l4uxU1L0njA0RTaOjy5F12r2CQ Change-Id: Iec16f50ad2c8ad7e6dcf05f9e620163d3b60ea0a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3789516Reviewed-by:
-
Andreas Haas authored
R=jkummerow@chromium.org Bug: v8:12926 Change-Id: I5942af918142a72158149e9820f49d4f07bb5266 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3790860Reviewed-by:
-
Nico Weber authored
As requested in https://chromium-review.googlesource.com/c/v8/v8/+/3794708 No intended behavior change. Bug: none Change-Id: I5816ecf6073dc3c0d558d52518e38e4dbee7d562 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3796233Reviewed-by:
Adam Klein <adamk@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Auto-Submit: Nico Weber <thakis@chromium.org> Reviewed-by:
-
Leon Bettscheider authored
This CL fixes issues in YoungGenerationConcurrentMarkingVisitor (YGCMV) that were discovered during an offline integration test which uses YGCMV during MinorMC's final pause. This also adds PopOnHold() to EmptyMarkingWorklist, in order to process on-hold objects during final pause once concurrent marking is working. Bug: v8:13012 Change-Id: Ia4fef101bd974de9f5b031974cdae787dcbd3819 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3803030 Commit-Queue: Leon Bettscheider <bettscheider@google.com> Reviewed-by:
-
Clemens Backes authored
The type stored in {Result} should not always be the same as derived by the compiler for the argument to {Decoder::toResult}. If we pass in a temporary, we most often want it to be stored by value, not by reference. This CL enforces this; if requirements change in the future, we can remove the static assertions and think about how to protect against accidental UAF when referencing a temporary value. R=jkummerow@chromium.org CC=mliedtke@chromium.org Change-Id: Ia0449e6ed7342319799479b200af35660fccc6d7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3792115Reviewed-by: -
Victor Gomes authored
Bug: v8:7700 Change-Id: I72b85094b22c2fb5a94c42d5920f750aee2fd167 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3803025 Auto-Submit: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Reviewed-by:
Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#82114}
-
Leszek Swirski authored
Refactor out the parallel move algorithm into a helper class, and add stack slot support for cases where stack slots can clobber each other (e.g. a Phi which is an input to another Phi). Also add some documentation for how these parallel moves work. Bug: v8:7700 Change-Id: Ib9bb1cce8287e2ad34b4417b77b148a1ad483268 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3803032Reviewed-by:
-
Matthias Liedtke authored
Change-Id: I57c805b899a25e58035f2ed9accd10e43114fd80 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3802689Reviewed-by:
-
