- 24 Aug, 2022 31 commits
-
-
Jakob Kummerow authored
When walking the stack and visiting compressed spill slots, maintain their compressedness so that generated code can rely on spilled values not magically changing. Tested manually using the benchmark in the associated bug, as I'm not sure how to create a fast, reliable regression test for this. Fixed: v8:13216 Change-Id: Iebd1fb513975d9ee2567f7141f3ab18a04b0f4e1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854507 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#82705}
-
Jakob Kummerow authored
When we spill a register that we know contains only 32 interesting bits and then reload it from the spill slot, it's enough to reload its lower half. This may save a few bytes, and guards against accidental changes to the upper half (e.g. via pointer decompression). Bug: v8:13216 Change-Id: I1d950d6e33d8ae94cf385af4f3e1db028bf333c5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854506Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#82704}
-
Clemens Backes authored
Many tests have a long execution time already, and running them in stress mode is unlikely to flush out bugs (spec tests are supposed to check for spec-conform behaviour, and this is unlikely to change if run multiple times). R=jkummerow@chromium.org Bug: v8:13195 Change-Id: I029102e31f1e2e240e02376fbd5cd40ff0acc07a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3852488Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#82703}
-
Jakob Kummerow authored
On arm, SIMD registers alias with pairs of double registers. When deciding where to allocate the parameter values, we expect to see all register-passed parameters before all stack-passed parameters; but due to s128 and f64 params being arbitrarily interleaved this doesn't always hold. This patch fixes that by first finding all registers used for parameters, and then blocking these when allocating registers for other parameters. Fixed: chromium:1355070 Change-Id: I20deace58b960a9d1a5e3b794c46011f8f31b333 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854497Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#82702}
-
Clemens Backes authored
Team members expressed concerns that "v8_flags" is easier to miss in the code than the previous "FLAG_" syntax. After a poll and discussions we decided to rename the struct to "FLAGS", so the new syntax for addressing flag values is "FLAGS.foo" instead of the previous "FLAG_foo". R=cbruni@chromium.org CC=jkummerow@chromium.org Bug: v8:12887 Change-Id: I51af4aa7fd5a3b3c29310c0cb4c4ff42086ff012 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854508 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#82701}
-
Leszek Swirski authored
Since the function entry stack check happens outside of the IR, the standard register spilling mechanisms don't kick in and registers that expect to be valid might be clobbered. The only such case is, in fact, the new.target register, so make sure it is preserved across the stack check. R=jgruber@chromium.org Bug: v8:7700 Change-Id: I530b6af882ca188b0e3c7da752f810506f3340a0 Fixed: v8:13226, chromium:1356082 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3852389 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#82700}
-
Feng Yu authored
Bug: v8:12781 Change-Id: Ief6bd7ee0ff2876e19970b2fb6af4f3208ec7f4e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3815486 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#82699}
-
Samuel Groß authored
This reverts commit eca383c9. Reason for revert: Still seeing DCHECK failures in SweepAndCompact Original change's description: > Reland "[sandbox] Sandboxify EmbedderDataSlots" > > This is a reland of commit e1f585ed > > ExternalPointerTable issues have been fixed in > https://crrev.com/c/3849650 and https://crrev.com/c/3849376 > > Original change's description: > > [sandbox] Sandboxify EmbedderDataSlots > > > > Bug: v8:10391 > > Change-Id: If85a308a6f6ed1b17d86f87b4911c82d2327ea72 > > Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3757341 > > Reviewed-by: Igor Sheludko <ishell@chromium.org> > > Commit-Queue: Samuel Groß <saelo@chromium.org> > > Cr-Commit-Position: refs/heads/main@{#82623} > > Bug: v8:10391 > Change-Id: If77f6c10e81c30c2dfa6b33c788bc4a36e4da135 > Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3852602 > Commit-Queue: Samuel Groß <saelo@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82686} Bug: v8:10391 Change-Id: Icaa1ff64cabd1bb2f19d9b019eac0ca98e528eb6 Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854677Reviewed-by: Leszek Swirski <leszeks@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#82698}
-
Camillo authored
Bug: chromium:1355059 Change-Id: I0e654660501ed56ad73d76faeb371733de38af2b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854505 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#82697}
-
George Wort authored
This reverts commit aa541f1c. Reason for revert: Reverting due to large regressions for motionmark on M1. Original change's description: > [turbofan][arm64] Emit Lsl for Int32MulWithOverflow when possible > > Int32MulWithOverflow on arm64 uses a cmp to set flags rather than > the multiply instruction itself, thus we can use a left shift when > the multiplication is by a power of two. > > This provides 0.15% for Speedometer2 on a Neoverse-N1 machine, > with React being improved by 0.45%. > > Change-Id: Ic8db42ecc7cb14cf1ac7bbbeab0e9d8359104351 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3829472 > Commit-Queue: George Wort <george.wort@arm.com> > Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82499} Change-Id: I896530a53fbdf6d397922124abddda4140144448 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854222Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: George Wort <george.wort@arm.com> Cr-Commit-Position: refs/heads/main@{#82696}
-
Leon Bettscheider authored
This CL adds a soft limit (via AllocationObserver) to run incremental marking for MinorMC. Once the soft limit is triggered, roots are marked. This a stepping stone for concurrent marking (YoungGenerationConcurrentMarkingVisitor, go/YGCMV) integration. Bug: v8:13012 Change-Id: I5bc9aeb80511159561845deb494023ade3fb7365 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3824339Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Leon Bettscheider <bettscheider@google.com> Cr-Commit-Position: refs/heads/main@{#82695}
-
Dominik Inführ authored
Objects in the from page could be promoted into the shared heap as well. While this shouldn't happen for references into evacuation candidates, I think it's easier to understand when there is a single conditional branch at the end. Bug: v8:13227, v8:11708 Change-Id: I999f10228ed5fdd70675a6d9c1e178eb152f39f0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854502Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#82694}
-
Michael Lippautz authored
This is a reland of commit 2115ba50. Adds flags to allow overriding marking support. This adds compatibility with EmbedderHeapTracer which allows for disabling incremental marking support with `--no-incremental-marking-wrappers`. The corresponding CppHeap flags are * `--cppheap-incremental-marking` * `--cppheap-concurrent-marking` This allows embedders that use types that do not support incremental and concurrent marking to switch from EmbedderHeapTracer to CppHeap. Bug: v8:13207 Change-Id: I43a47d7d035bff5d4b437c5bf01336a895b61217 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3851543Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#82693}
-
Derek Gonyeo authored
Replace `v8_unittests.cmx` with `v8_unittests.cml`, thus migrating the tests to CFv2. Bug: chromium:1256503 Change-Id: Iab90b406973585a513bce5a1a0884860c7c88e90 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3826050Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Wez <wez@chromium.org> Commit-Queue: Derek Gonyeo <dgonyeo@google.com> Cr-Commit-Position: refs/heads/main@{#82692}
-
Matthias Liedtke authored
The StructProxy::Create() used the static type information to inspect the value. However, for abstract references like anyref, dataref, ... this does not contain the required struct_index. To fix this the WasmTypeInfo stores the type_index for structs and arrays. Bug: v8:7748 Change-Id: I6e1af054711ada5e12c08949c125007e8185e486 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3850296 Commit-Queue: Matthias Liedtke <mliedtke@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/main@{#82691}
-
Dominik Inführ authored
Concurrent markers could add work into the worklist before the CHECK. Bug: v8:12775, v8:13223 Change-Id: I8ac252b0fec8e5acbcfec56dad04830e596c709d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854496 Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#82690}
-
Leszek Swirski authored
This reverts commit 63b37c0e. Reason for revert: Seems to regress performance Original change's description: > Reland "[ptr-compr][x64][compiler] Support load map in compressed > form" > > This is a reland of commit 6ca3adb9 > > Fix build failed with V8_MAP_PACKING. > > Original change's description: > > [ptr-compr][x64][compiler] Support load map in compressed form > > > > ...to allow pointer decompression at use-site. > > > > Bug: v8:13056, v8:7703 > > Change-Id: If369286814c76340a945cc2a9fd863888a813080 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3811737 > > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > > Commit-Queue: Hao A Xu <hao.a.xu@intel.com> > > Cr-Commit-Position: refs/heads/main@{#82242} > > Bug: v8:13056, v8:7703 > Change-Id: Ic753558058f70f6ee7850019aac9235b87d0e56a > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3815779 > Commit-Queue: Hao A Xu <hao.a.xu@intel.com> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82322} Bug: v8:13056, v8:7703 Change-Id: I8693af9189e214ec54a56149e0b29038e85838c2 Fixed: chromium:1352384 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3842931 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#82689}
-
Clemens Backes authored
This is a reland of commit b3a27f22. Conditions needed to be switched to still ensure eager compilation of tiered-down modules (otherwise an existing test would fail). I opened https://crbug.com/v8/13224 to switch to lazy compilation for tier-down. Original change's description: > Reland "[wasm] Refactor compilation tier computations" > > This is a reland of commit e50472d6. > In {ApplyCompilationHintToInitialProgress} we would reset the baseline > tier to {kNone} if the compilation strategy is {kDefault}, which is > wrong. We would not generate code but also not install the lazy stub, > so whenever we start executing the code before top-tier is ready we > would crash. > > Original change's description: > > [wasm] Refactor compilation tier computations > > > > The way we initialized the "compilation progress" was pretty convoluted, > > with multiple levels of functions being called for initializing every > > single slot. > > > > This CL refactors this to compute one default value for the whole > > module, and only modifies those slots that need special handling (e.g. > > because of compilation hints, or lazy/eager compilation after > > deserialization). > > > > We also rename "liftoff_functions" to "eager_functions" in the > > deserialization path; the idea is that those functions should get > > eagerly compiled because we expect them to be needed during execution. > > Usually they would be Liftoff-compiled, but it's more consistent to use > > the existing logic to choose the baseline tier. In the default > > configuration, this will still use Liftoff, but if Liftoff is disabled > > we will use TurboFan instead. > > > > R=jkummerow@chromium.org, ahaas@chromium.org > > > > Bug: v8:12425 > > Change-Id: Ie58840b19efd0b1e98f1b02d5f1d4369410ed8e1 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3829606 > > Commit-Queue: Clemens Backes <clemensb@chromium.org> > > Reviewed-by: Andreas Haas <ahaas@chromium.org> > > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > > Cr-Commit-Position: refs/heads/main@{#82521} > > Bug: v8:12425 > Change-Id: Ie41e63148bf6bd0e38fc07a3a514f1094d9d26cf > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3838409 > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Commit-Queue: Clemens Backes <clemensb@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82585} Bug: v8:12425, v8:13224 Change-Id: I7da418a393cd470cfbe368f12b30a045b1bf9dcd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3850841Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#82688}
-
Leszek Swirski authored
Bug: v8:12463 Change-Id: I751b08d799afc348ecf0aadc979647a273c63b7a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3852392 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Reviewed-by: Igor Sheludko <ishell@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#82687}
-
Samuel Groß authored
This is a reland of commit e1f585ed ExternalPointerTable issues have been fixed in https://crrev.com/c/3849650 and https://crrev.com/c/3849376 Original change's description: > [sandbox] Sandboxify EmbedderDataSlots > > Bug: v8:10391 > Change-Id: If85a308a6f6ed1b17d86f87b4911c82d2327ea72 > Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3757341 > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Commit-Queue: Samuel Groß <saelo@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82623} Bug: v8:10391 Change-Id: If77f6c10e81c30c2dfa6b33c788bc4a36e4da135 Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3852602 Commit-Queue: Samuel Groß <saelo@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#82686}
-
Jakob Linke authored
.. to track how often OSR is used in the real world. Chromium CL: crrev.com/c/3853648 Bug: v8:13228 Change-Id: I9aee2eefb8a7b479e6ade403f46bfd7eac9ac5cd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3852388Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#82685}
-
George Wort authored
This is a reland of commit abd0adf1 Original change's description: > [compiler] Make ReduceWord32EqualForConstantRhs work for Word64Equal > > Adds reduction case in MachineOperatorReducer for when the left-hand side of a > Word64Equals is based on a 64-bit shift-and-mask operation, as is the case > when Torque accesses 64-bit bitfields. > > This improves Speedometer2 by 0.15% on a Neoverse-N1 machine, with > React-Redux being improved by 0.4%. > > Change-Id: Icd0451c00c1b25f7d370e81bddcfd668a5b2523c > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3834027 > Commit-Queue: George Wort <george.wort@arm.com> > Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82593} Change-Id: I62393c062b2c785a5dfa3500b80fe44ec08f6f21 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3841569 Commit-Queue: George Wort <george.wort@arm.com> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#82684}
-
ishell@chromium.org authored
This is a reland of commit 40901824 The Ubsan issue is fixed here: https://chromium-review.googlesource.com/c/v8/v8/+/3849038. Original change's description: > [ext-code-space] Enable Code-less embedded builtins > > Bug: v8:11880, v8:12592 > Change-Id: I8d3d6ad0a4c26eb1fea2a998ffeddd1d96afa690 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3784593 > Commit-Queue: Igor Sheludko <ishell@chromium.org> > Reviewed-by: Jakob Linke <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82642} Bug: v8:11880, v8:12592 Change-Id: I66373d6af30b060d1204b952d733e260228548df Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3846493 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#82683}
-
Danylo Boiko authored
New features: - bytecode source view handlers - turboshaft's nodes origins - turboshaft's nodes history - turboshaft's nodes source/bytecode positions Bug: v8:7327 Change-Id: Icb240dd84762284f1aa37db3c93bd133f8e70960 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3829481Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Danylo Boiko <danielboyko02@gmail.com> Cr-Commit-Position: refs/heads/main@{#82682}
-
Michael Lippautz authored
Users should rely on CppHeap which is the only supported way of using v8::TracedReference in going forward. Bug: v8:13207 Change-Id: Idd03f458167c74b06f285bb568e5c77ad46003fe Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3849037Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/main@{#82681}
-
Feng Yu authored
Bug: v8:12781 Change-Id: I1b0be6803d6a9f4ab7071bc3ae5abeb8f29ce9c9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3829753 Commit-Queue: Emanuel Ziegler <ecmziegler@chromium.org> Reviewed-by: Emanuel Ziegler <ecmziegler@chromium.org> Cr-Commit-Position: refs/heads/main@{#82680}
-
Samuel Groß authored
All (most) accesses to start_of_evacuation_area_ must be atomic as that value may be written to from a background marking thread (when compaction is aborted). Further, when evacuating entries, the start_of_evacuation_area_ should not be reloaded during entry allocation as it may have been modified by another background thread. In that case, the method may end up allocating an evacuation entry _after_ the entry to be evacuated, which doesn't make sense. Drive-by: move some methods from external-pointer-table-inl.h into external-pointer-table.cc. Bug: v8:10391 Change-Id: Ia93cffb2cc311ef03d96d3a9ae6f0cf461cf2434 Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3849376Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#82679}
-
Samuel Groß authored
This CL introduces new FixedArray subclasses that behave like fixed-sized arrays of integers. Under the hood, these are just ByteArrays with integer element accessors. These new classes will be used in follow-up CLs which moves various integer arrays from the native heap onto the V8 heap. Bug: chromium:1335046 Change-Id: Ie7497b4464c1a037e4eaf49e8bf7ac4da62512de Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3838775Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Jakob Linke <jgruber@chromium.org> Commit-Queue: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#82678}
-
Samuel Groß authored
When a NativeContext is being serialized, the NativeContext's microtask_queue is set to nullptr as it is not included in the snapshot. However, when the sandbox is enabled, this will only set the pointer in the external pointer table to nullptr, but not the handle stored in the object. This then causes the deserialized object to briefly be invalid, before it's microtask queue handle is (re-)initialized. If a GC runs during that timeframe, it will see an invalid external pointer handle, which may cause DCHECK failures. To fix this, this CL now introduces a generic mechanism for clearing and restoring external pointer slots for serialization. Bug: v8:13218 Change-Id: I03c8779bbec0a42a0b66687e76c951b1887e6122 Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3850294Reviewed-by: Jakob Linke <jgruber@chromium.org> Commit-Queue: Samuel Groß <saelo@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#82677}
-
Iain Ireland authored
Post-early-errors, syntax errors can't be caught, so the testcase has to be modified so that we parse successfully (then overflow the stack). Bug: v8:13163 Change-Id: I894c65bb4712f557d697b028b220444ccf6bb09c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3818602 Commit-Queue: Jakob Linke <jgruber@chromium.org> Reviewed-by: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#82676}
-
v8-ci-autoroll-builder authored
Rolling v8/third_party/icu: https://chromium.googlesource.com/chromium/deps/icu/+log/b3070c5..31c77cb Update TZ to 2022b (Frank Tang) https://chromium.googlesource.com/chromium/deps/icu/+/31c77cb R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com,ftang@chromium.org Change-Id: I9c209d387e5f1f3f79084bfd89a19a6bf3907a67 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3852451 Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#82675}
-
- 23 Aug, 2022 9 commits
-
-
Milad Fa authored
Change-Id: I8545da4fa9eff1ff7de3779022fe2c34966951d6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3846853Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#82674}
-
Michael Lippautz authored
No-Try: true Change-Id: Ica1a6a3d432392df8acee9acf7fc460d71ba8b10 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3851542Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#82673}
-
Leszek Swirski authored
This reverts commit e1f585ed. Reason for revert: GPU bot issues on roll (https://ci.chromium.org/ui/p/chromium/builders/try/linux_optional_gpu_tests_rel/87951/overview) Original change's description: > [sandbox] Sandboxify EmbedderDataSlots > > Bug: v8:10391 > Change-Id: If85a308a6f6ed1b17d86f87b4911c82d2327ea72 > Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3757341 > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Commit-Queue: Samuel Groß <saelo@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82623} Bug: v8:10391, chromium:1355640 Change-Id: Iaba70796de18d5f3b3dc74cf068943093c0bf567 Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3850722Reviewed-by: Igor Sheludko <ishell@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#82672}
-
Michael Lippautz authored
This reverts commit 2115ba50. Reason for revert: Breaking Blink tests. Original change's description: > [cppgc-js] Allow overriding marking support > > Adds flags to allow overriding marking support. This adds > compatibility with EmbedderHeapTracer which allows for disabling > incremental marking support with `--no-incremental-marking-wrappers`. > > The corresponding CppHeap flags are > * `--cppheap-incremental-marking` > * `--cppheap-concurrent-marking` > > This allows embedders that use types that do not support incremental > and concurrent marking to switch from EmbedderHeapTracer to CppHeap. > > Bug: v8:13207 > Change-Id: I74bdf8ef4be3f6aed8d4d587ea4399546ba2fda4 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3840939 > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> > Commit-Queue: Michael Lippautz <mlippautz@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82652} Bug: v8:13207 Change-Id: I9e0de0cacfab8489902fef1c371e36c2d45b80ec No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3850723 Auto-Submit: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#82671}
-
Seth Brenith authored
This can save memory in cases where multiple frames use the same script, with sufficient time between loads that the script's top-level SharedFunctionInfo is no longer present in the compilation cache. Merging is relatively fast; it generally takes about one tenth as long as deserialization. Bug: v8:12808 Change-Id: I317a89b77fb218798dfc9dfd888e808b17d62fdd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3845792Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/main@{#82670}
-
Darius M authored
Change-Id: I951bdf428a7429b3500757ae3fcfb029c814001a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3845631Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Darius Mercadier <dmercadier@chromium.org> Cr-Commit-Position: refs/heads/main@{#82669}
-
Feng Yu authored
Bug: v8:12781 Change-Id: I5b605db296c2a2813a44f05c74500cc1a0049f57 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3832175 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#82668}
-
ishell@chromium.org authored
... when the code range is created. This key should be more helpful than the existing kCodeSpaceFirstPageAddress crash key, especially for the cases when snapshot does not contain Code objects and thus the code space is not created during Isolate initialization. The mid-term plan is to remove the latter in favour of the former since the default configuration does not imply creation of the code space. Bug: v8:11880 Change-Id: Icdea38723c7ed73605c2df6589ec01193571d55c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3849038Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#82667}
-
ishell@chromium.org authored
Sparkplug generates a lot of code and the default limit of 128 MB also hurts non-pointer compression builds which is used by Node.js. This CL keeps the old limit only for pointer compression configurations without external code space because in this case the code range is allocated in the pointer compression cage and thus bigger code range steals the address space from the regular V8 heap. Bug: v8:12689 Change-Id: I3c68daf6cd5322d7e30249a054a7c6d6e38fb8c7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3850291 Auto-Submit: Igor Sheludko <ishell@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#82666}
-