- 02 Sep, 2021 6 commits
-
-
Liu Yu authored
Besides, fix an error in set_if_nan, because if src is a NaN, we should set the i32 instead of i64 at address dst to a non-zero value. Port e6961df2 Bug: v8:11856 Change-Id: Icc9afda35d4cca4fd5ae82356ecaec77bf92d009 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3139055Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Auto-Submit: Liu yu <liuyu@loongson.cn> Cr-Commit-Position: refs/heads/main@{#76636}
-
Zhao Jiazhong authored
Change-Id: Icf548bcbb619dd6d5fa8ac6f11f9ba01820e4215 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3139481Reviewed-by: Liu yu <liuyu@loongson.cn> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Cr-Commit-Position: refs/heads/main@{#76635}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/85ec285..1dfc04f Rolling v8/buildtools: https://chromium.googlesource.com/chromium/src/buildtools/+log/ac4ea2d..9e8b0c9 Rolling v8/buildtools/third_party/libc++abi/trunk: https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libcxxabi/+log/be47d0e..9f0517e Rolling v8/third_party/aemu-linux-x64: 8RPB9bFL9jMqtkuzgf6G69QDdAGV9Re0Exh-3rzLXvoC..LrM1UivUqag71JX4WdAnr5pc_zp92frKvtN6GhDs2zEC Rolling v8/third_party/android_platform: https://chromium.googlesource.com/chromium/src/third_party/android_platform/+log/e98c753..6e5dc9a Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/83a41f1..d9a9ebb Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/9c1a533..ae44ef1 Rolling v8/third_party/instrumented_libraries: https://chromium.googlesource.com/chromium/src/third_party/instrumented_libraries/+log/ee10dbd..ea83816 TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I90d1c0251372cd4d5ff2ca6db7f28842747b7769 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3138519Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#76634}
-
QiuJi authored
Also fix several out of date comments. Change-Id: I15ee6c718ad50f231cd0a8e5c6416ccb58375140 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3121693 Commit-Queue: Ji Qiu <qiuji@iscas.ac.cn> Reviewed-by: Brice Dobry <brice.dobry@futurewei.com> Cr-Commit-Position: refs/heads/main@{#76633}
-
Liu Yu authored
Acquire a scratch register instead of passing scratch register in JumpIfSmi and JumpIfNotSmi. Change-Id: I21776e1cd9d19f0d55c25a5bb3f7efcc247c80e5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3135155Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Auto-Submit: Liu yu <liuyu@loongson.cn> Cr-Commit-Position: refs/heads/main@{#76632}
-
legendecas authored
Removes outdated type-error throwing on TypedArray.prototype.set when the first argument is a number. Bug: v8:11294 Change-Id: Ida3a46dec154b645620e2b064ded7a18de238649 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3136773Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#76631}
-
- 01 Sep, 2021 19 commits
-
-
QiuJi authored
Port: 732f394c Change-Id: I1a7a8dd7870a71df9f0e7c30392cd9a23b5cab3e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3126820 Commit-Queue: Brice Dobry <brice.dobry@futurewei.com> Reviewed-by: Brice Dobry <brice.dobry@futurewei.com> Cr-Commit-Position: refs/heads/main@{#76630}
-
Pierre Langlois authored
The --turbo-stats and --turbo-stats-wasm flags are useful but they do not work on Chromium on Android, given we cannot print on exit of the renderer process. To cover all scenarios, we can encode the statistics as a string argument in the trace format. It's also helpful to see those statistics, as well as the code kind and function name, when clicking on a slice in chrome://tracing or perfetto. As a drive-by cleanup, rename ESCAPE to QUOTE in the JSON serialization code. Change-Id: I86f03d0e020c9543feb869620164bf1aad3a2432 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3132966Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Cr-Commit-Position: refs/heads/main@{#76629}
-
Georg Neis authored
After manually triggering finalization we should clear a potential pending InstallCode interrupt request as there's nothing else to do and keeping the request would defeat the purpose of the intrinsic. Fixed: v8:12152 Change-Id: I063959c97c31868864a82c0584cabf779750d10d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3135578Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/main@{#76628}
-
Manos Koukoutos authored
Bug: v8:7748 Change-Id: I78a41e593b668f417f1cc18b24bc61a4b6e098c1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3135577Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#76627}
-
Clemens Backes authored
This is a reland of 6ae18c2d, with {CompileWasmCapiCallWrapper} fixed to also contain a {CodeSpaceWriteScope}. Original change's description: > [wasm] Move write scope out of NativeModule::AddCode > > {NativeModule::AddCode} is a central method that should usually be > called in batches, where the caller holds a {CodeSpaceWriteScope} for a > longer time (over several compilations). > This CL moves us closer to that by removing the scope from that central > method and instead putting it in callers where it becomes more visible. > There are already TODOs to introduce caching or batching to avoid some > switching, and one more TODO is added. > > Drive-by: Remove an unneeded {CodeSpaceMemoryModificationScope}. > > R=jkummerow@chromium.org > > Bug: v8:11974 > Change-Id: Ia13c601abc766e5fca6ca053bf1fc4d647b53ed0 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3098186 > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Commit-Queue: Clemens Backes <clemensb@chromium.org> > Cr-Commit-Position: refs/heads/master@{#76344} Bug: v8:11974 Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_dbg_ng Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_rel_ng Change-Id: I6367bbd9dc52c403513eb1a168aa1f6eb4044ca1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3129703Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#76626}
-
Manos Koukoutos authored
This is needed so tables are available for table operations. Bug: v8:11954 Change-Id: If0cbb07ddf0852d2e2515aca3e1f54168c2e0ab8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3135576Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#76625}
-
Victor Gomes authored
This reverts commit 20dc4dcc. Reason for revert: We're killing SP on the heap. Original change's description: > [baseline] Enable SP on the heap on future > > Bug: v8:11872 > Change-Id: Iaaf3ed68950a6a9fe60f91d73be8a0fbc17e1116 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3129424 > Commit-Queue: Victor Gomes <victorgomes@chromium.org> > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > Auto-Submit: Victor Gomes <victorgomes@chromium.org> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Cr-Commit-Position: refs/heads/main@{#76578} Bug: v8:11872, v8:12158 Change-Id: Ib12912250013cdebeca1597f6c9dcd4f763b7a4a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3135660 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#76624}
-
Jakob Gruber authored
Broken by crrev.com/c/3129420 error: ‘CompilationDependency::AsTransition() const’ defined but not used. Bug: v8:7790 Change-Id: I06839c4d33d3a52909e0e5a276c567eca83e910f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3133147 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#76623}
-
Michael Lippautz authored
Other threads may write the stack of a different thread and use a lock to synchronize such an access. An example for this is interrupt handling. Ignore TSAN for the methods performing the stack walk. There's no need to use relaxed atomic reads as same-thread writes are consistent and for other-thread writes there's no guarantee on what values to observe. Bug: chromium:1245409 Change-Id: Ia3d3621590f1f5524d245632a2e8a2db23313f35 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3135573 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Anton Bikineev <bikineev@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/main@{#76622}
-
Al Muthanna Athamina authored
Bug: v8:12013 Change-Id: I382f505914633598865586bc6a1d5dac7c875994 No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3135581 Auto-Submit: Almothana Athamneh <almuthanna@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#76621}
-
Pierre Langlois authored
Building with v8_use_perfetto requires that the categories passed to TRACE_EVENT* be a constexpr. Change-Id: Iee4b713d8fe0b3f52f6e5cfe5baef0ced87f9855 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3135575Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Pierre Langlois <pierre.langlois@arm.com> Cr-Commit-Position: refs/heads/main@{#76620}
-
Jakob Kummerow authored
When an attempt to parse a huge string to a BigInt fails, then including the entire string in it makes the exception's message unwieldy, so this patch puts only the first 1000 characters of such invalid strings into the exception message. Bug: chromium:1245239 Change-Id: I2c62f0d34256653ba67da9666e8c5a1a4bbe0599 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3133142 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Mathias Bynens <mathias@chromium.org> Cr-Commit-Position: refs/heads/main@{#76619}
-
Al Muthanna Athamina authored
Bug: v8:12013 Change-Id: I7cee883f22b96b291ac9679fbe05ca2742993dc6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3135574 Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Auto-Submit: Almothana Athamneh <almuthanna@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#76618}
-
Hao Xu authored
This is a reland of commit 40af03b8 The original CL failed one test in Windows, and this CL fix this issue. Original changes's description: > [codegen] Align the code start at 64 byte in x64 > > In order to make loop header aligned at 64 byte (relative to memory address), code start should also be aligned at 64 byte. > > Bug: chromium:1231471 > Change-Id: I95390babd9cc78492e0beb0f1b03901eb481d5d5 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3094167 > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Commit-Queue: Hao A Xu <hao.a.xu@intel.com> > Cr-Commit-Position: refs/heads/main@{#76484} Bug: chromium:1231471 Change-Id: Ia927305c792c7486588bc15e9e87840d6db18478 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3133957Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Hao A Xu <hao.a.xu@intel.com> Cr-Commit-Position: refs/heads/main@{#76617}
-
Camillo Bruni authored
- Disable automatic module file extensions for the test - Use uncommon name suffix to prevent accidental loading of an existing file Change-Id: I26c1092a1e559cbbebce442a8d5ff3fb6dd5aa84 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3122145Reviewed-by: Patrick Thier <pthier@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#76616}
-
Michael Lippautz authored
Drive-by: Pointer to reference conversions and other smaller cleanups. Change-Id: I83ed114e4b27d5986a389a9753333716b0e20524 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3133146Reviewed-by: Anton Bikineev <bikineev@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#76615}
-
Jakob Gruber authored
JSFunctionData has a fairly heavy serialized payload, and likewise consistency validation validates many fields and thus has many opportunities to fail. We therefore want to avoid or reduce validation whenever possible. This CL adds tracking s.t. we know which fields were actually used, and we limit validation to used fields. Drive-by: Make serialized_ debug-only. Drive-by: Don't create deps for context/native_context/shared. Bug: v8:7790 Change-Id: Ic32c9919f0c75a76d9c36e4396b6bce383151b62 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3132962 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/main@{#76614}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/36b1f71..85ec285 Rolling v8/third_party/aemu-linux-x64: CPOECXfDP5keozFnmr0QOiSuGL3ELWB3zIOKJ0CkoAwC..8RPB9bFL9jMqtkuzgf6G69QDdAGV9Re0Exh-3rzLXvoC Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/2bbb839..83a41f1 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/d4534cc..9c1a533 TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: Ie6227f85af716753d32d51b62099cfc814be4ba7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3133209Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#76613}
-
Shu-yu Guo authored
This CL does the following for x64: - Add seq cst TSAN helpers. - Refactors codegen's handling of TSAN helpers to also support seq cst accesses. - Perform stores only once instead twice under TSAN, since duplicating stores is unsound. Previously this was "fine" because all duplicated stores were relaxed. SeqCst stores are used for synchronization, however, and duplicating them breaks the synchronization. Bug: v8:7790, v8:11600, v8:11995 Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng Change-Id: I43071b0ed516cb0917a10f3b2b9861d74edca041 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3103308 Commit-Queue: Shu-yu Guo <syg@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#76612}
-
- 31 Aug, 2021 15 commits
-
-
legendecas authored
%TypedArray.prototype% methods that receive a user callback fn should not break in the mid-way of the iteration when the backing array buffer was been detached. Instead, the iteration should continue with the value set to undefined. Notably, %TypedArray.prototype%.filter was throwing when the backing buffer was detached during iteration. This should not throw now. Refs: https://github.com/tc39/ecma262/pull/2164 Bug: v8:4895 Change-Id: Ia7fab63264c8148a11f8f123b43c7b3ee0893300 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3066941Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#76611}
-
Milad Fa authored
This CL takes advantage of the z15 `load byte reverse element` instruction to optimize Simd Load and Zero opcodes. On the simulator we only run `load element` as reversing is not required. Change-Id: I868bda865249cdc525f804c8ddf4d45df5977a86 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3132965Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#76610}
-
Camillo Bruni authored
Always return an empty string when formatting stack traces with --correctness-fuzzer-suppressions. In out-of-stack-space situations it's easy to get different values depending on whether emergency formatting is chosen or not. Bug: chromium:1244626 Change-Id: I2f3d1692deae2533b70b62f28b39875e812b4b0c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3132968Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#76609}
-
Ng Zhi An authored
Wasm stubs (C to Wasm and Wasm to JS) aren't logged, so they show up as ??? in GDB backtraces. Emit a CodeCreateEvent in the finalization phase of the compilation job so that the JitCodeLogger can keep track of it. With this, a backtrace shows up like (truncated): -(gdb) bt -#0 v8::internal::Runtime_WasmArrayCopy -#1 0x00007fc69d2e155f in Builtins_CEntry_Return1_DontSaveFPRegs_ArgvOnStack_NoBuiltinExit -#2 0x00001c368159fcfc in Function:wasm-function[0]-0-turbofan -#3 0x000000fa00044096 in Stub:c-wasm-entry:i:i -#4 0x00007fc69dc76b76 in v8::internal::GeneratedCode -#5 0x00007fc69dc75b25 in v8::internal::Execution::CallWasm -#6 0x000056506d1a2b6b in v8::internal::wasm::test_gc::WasmGCTester::CallFunctionImpl Bug: v8:11908 Change-Id: I1223b496091f99a94f2e4e665831462cc9617286 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3109050Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/main@{#76608}
-
Omer Katz authored
Replace non-null pointer in ObjectAllocator with references. Bug: chromium:1056170 Change-Id: I55124610490bb903819f88a70b1f8e0fea4e430d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3132969 Commit-Queue: Omer Katz <omerkatz@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#76607}
-
Omer Katz authored
Prefinalizers have long been forbidden to allocate. This restriction often proved problematic and has caused several issues in the past. This CL adds support for allowing allocations in prefinalizers. At the start of prefinalizer invocations we clear the linear allocation buffers, such that all allocations go through the slow path for allocation. The slow path checks whether prefinalizers are currently being invoked and marks the newly allocated object if they are (i.e. black allocation during prefinalizers). The new behavior is disabled by default and can be enabled by setting the cppgc_allow_allocations_in_prefinalizers gn arg to true. Bug: chromium:1056170 Change-Id: Ib86e780dcff88fa7b0f762ac2ab83c42393d33af Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3097877 Commit-Queue: Omer Katz <omerkatz@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#76606}
-
Martyn Capewell authored
Instrument floating-point operations to set a flag if the result is NaN. Port: e699762e Bug: v8:11856 Change-Id: Iae8121dd17ae8acf402ac74e41122cad77387db7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3099945Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Martyn Capewell <martyn.capewell@arm.com> Cr-Commit-Position: refs/heads/main@{#76605}
-
Camillo Bruni authored
Bug: chromium:1244320 Change-Id: I4472f7ffbc3f6a0ec5ca12f9e8b3501d3f0d3dc0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3133140 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/main@{#76604}
-
Pierre Langlois authored
The PipelineRunScope scope is live on every Run() phase and it isn't allowed to nest. This means we cannot open a new PipelineRunScope during TraceScheduleAndVerify() because it can be called in the middle of a Run(), which we do during effect-control-linearization in the JS pipeline. We can fix this by directly using a RuntimeCallTimerScope and a tracing event, instead of relying on PipelineRunScope to do that. Change-Id: I3c17b2c0a58ff3cac0d1dcc796f54d29b3444468 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3132506 Auto-Submit: Pierre Langlois <pierre.langlois@arm.com> Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/main@{#76603}
-
Georg Neis authored
Fixed: v8:12154, v8:7790 Change-Id: Ib5f3617f6d992b5916faf623ddced06d6e81bbfd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3132960Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/main@{#76602}
-
Jakob Gruber authored
Bug: v8:7790,v8:12149 Change-Id: I0c23b2c1126b2a950efe848973618407f64afeb7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3132268 Auto-Submit: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/main@{#76601}
-
Clemens Backes authored
Avoid an additional copy of the name, and inline single-use (and small) functions. Also, use an early exit for the generic wrapper to make the code simpler. R=zhin@chromium.org Bug: v8:11879 Change-Id: Ic66a2c9430f7c3481b9038d2a517c4c76888503b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3132267Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#76600}
-
Michael Lippautz authored
Double-checked locking pattern for destruction was missing the acquire barrier for the initial load. TSAN complained with a data race where: T1: ClearAllUsedNodes(), clearing out the node T2: a. if(GetNodeSafe()) { Lock; ... } T2: b. operator delete Since GetNodeSafe() was a relaxed load, operator delete was allowed to be reordered which raced with ClearAllUsedNodes(). Bug: chromium:1239081, chromium:1242795 Change-Id: I3906555b13cc51538a1a54b7ca481a96d81fd84e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3132264 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Reviewed-by: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#76599}
-
Michael Achenbach authored
Until now, the cross-over mutator would choke on several expressions from DB and bail out (just wastes some time). We also have a script, test_db.js to test on how many expressions it is going to bail out. With this change, we already omit adding such expressions to the DB in the first place. As a result, the test_db script now returns zero failing expressions (while all other expressions remain). Regression tests that now no longer apply are removed, instead a test is added that ensures that a failing expression isn't added to the DB. No-Try: true Bug: chromium:1044942 Change-Id: I14a4fe802c99114cf3a8f71188273475a7cb9c13 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3129340Reviewed-by: Liviu Rau <liviurau@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#76598}
-
Manos Koukoutos authored
WasmModuleBuilder is a class that is used to build Wasm modules in the asm.js parser, in the fuzzer, as well as some tests. When it comes to Wasm tables, WasmModuleBuilder currently supports only basic tables (before the reftypes proposal) using an ad-hoc indirect-function index vector. This CL adds proper support for element sections and tables that use them in the full potential of the reftypes extension. The new functionality will only be used in the fuzzer and potentially some tests in the future. Along this, we drop some functionality from WasmModuleBuilder that was only used in tests and is redundant with the new architecture. Additionally, we remove tables other than externref and funcref from the fuzzer (which were not supported properly or used anyway). We will reintroduce them at a later time. Bug: v8:11954 Change-Id: I0a4f6e7b63b6e3d9f7da03b5202fbf14d8678332 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3122162 Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#76597}
-