- 06 May, 2021 25 commits
-
-
Daniel Clark authored
It turns out that KeyAccumulator::GetKeys will fail if the object it is operating on is a Proxy with an ownKeys() or getOwnPropertyDescriptor() trap that throws. Handle this case in Isolate::GetImportAssertionsFromArgument by bailing out early. Bug: v8:11730 Change-Id: I363bf2d218f6ba7eeb2001cd644f5529901fdb3e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2875541Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Dan Clark <daniec@microsoft.com> Cr-Commit-Position: refs/heads/master@{#74417}
-
Anton Bikineev authored
The change broke msvc build. This CL fixes it. Original change description: > This reverts commit 97b4ed74. > > Microsoft x86_64 ABI considers XMM6-XMM15 as non-volatile > (callee-saved), which means that the compiler can store pointers in them. > We need to make sure they are pushed onto the stack inside the stack > scanning trampolines. > Bug: v8:11710 > Change-Id: Ida804fe49d3d3b6f179ec276903a42ec8d3d86be > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2865745 > Commit-Queue: Anton Bikineev <bikineev@chromium.org> > Auto-Submit: Anton Bikineev <bikineev@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Cr-Commit-Position: refs/heads/master@{#74376} Bug: v8:11710 Change-Id: I5357ceffe4dce5c570a15d8be86d6db11926e88c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2876846Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/master@{#74416}
-
Samuel Groß authored
The heap sandbox mode was broken after the introduction of WasmExportedFunctionData objects due to missing external pointer handling. This CL implements that. Bug: v8:10391 Change-Id: Icc6a2944b68f475c40b6431ab26400c35083b7bb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2862771Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Samuel Groß <saelo@google.com> Cr-Commit-Position: refs/heads/master@{#74415}
-
Clemens Backes authored
This reverts commit b271648e. Reason for revert: New test fails: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20shared/42282/overview Original change's description: > [runtime] Add length check in ConvertElementsWithCapacity > > This also propagates the exception through all the users of > ConvertElementsWithCapacity. > > Bug: chromium:1201626 > Change-Id: Ie44ba4327a4c3a20f1376477f45d3cd95d0da3b3 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2857961 > Commit-Queue: Victor Gomes <victorgomes@chromium.org> > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Cr-Commit-Position: refs/heads/master@{#74412} Bug: chromium:1201626 Change-Id: I764256e9d0dcc69ea3a2f3c77afaca73a910bb66 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2876861 Auto-Submit: Clemens Backes <clemensb@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#74414}
-
Fanchen Kong authored
When a function is invoked by prototype.apply, it may undergo following transformation in the JSCallReducer: receiver.apply(this, args) -> this.receiver(...args) Since the new target (also the receiver of apply()) is not collected to the feedback slot, further speculative optimization on the new target is not available if the new target is not a heapconstant. With this CL, the receiver will be collected to the feedback instead of the target if the target is a prototype.apply. It may improve the performance of the following usecase by ~80%. function reduceArray(func, arr, r) { for (var i = 0, len = arr.length; i < len; i++) { r = func.apply(null, r, arr[i]); } return r; } var a = 0; for (var i = 0; i < 10000000; i++) { a += reduceArray(Math.imul, [5,6,2,3,7,6,8,3,7,9,2,5,], 1); } console.log(a); This CL also improves the runTime score of JetStream2/richards-wasm by ~45% in default, ~60% with --turbo-inline-js-wasm-calls. Change-Id: I542eb8d3fcb592f4e0993af93ba1af70e89c3982 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2639813 Commit-Queue: Fanchen Kong <fanchen.kong@intel.com> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#74413}
-
Victor Gomes authored
This also propagates the exception through all the users of ConvertElementsWithCapacity. Bug: chromium:1201626 Change-Id: Ie44ba4327a4c3a20f1376477f45d3cd95d0da3b3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2857961 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#74412}
-
Milad Fa authored
Port dc7906c9 R=victorgomes@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: Ic6643492969efcf4113a25a886792038b291cacf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2876987Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#74411}
-
Benedikt Meurer authored
Within the inspector we should be consistent about passing the script ID always as integer, and only convert to String16 when actually needed. That (a) saves memory (and some runtime overhead) when stashing away call frames, for example in case of async stack traces, and (b) reduces confusion which representation to chose. Bug: chromium:1162229 Change-Id: I9591931da0a307779372f36aba6e155ec22bbe3d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2876856 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#74410}
-
QiuJi authored
Also remove the out of date comment after constant pool enabled. Change-Id: I80ded0242406097dfdb35e1356ed8fa7e43b2f00 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2839546Reviewed-by: Brice Dobry <brice.dobry@futurewei.com> Commit-Queue: Brice Dobry <brice.dobry@futurewei.com> Cr-Commit-Position: refs/heads/master@{#74409}
-
Clemens Backes authored
The test takes several minutes on slower bots, so speed it up a bit without removing the ability to hit the data race. R=ulan@chromium.org Bug: chromium:1205290, v8:11741 Change-Id: I57e411bfa2ff2a22bef1a916b74f7684b2f0be17 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2876855Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#74408}
-
Clemens Backes authored
After dropping support for older GCC versions, we can now assume full c++14 constexpr support, and can hence resolve a TODO to make a LiftoffCompiler method constexpr. This is also a proof-of-concept to verify that this indeed works on all bots now. R=ahaas@chromium.org Bug: v8:9686, v8:11384 Change-Id: I9b7da91152b0af98778312d653aebbf4236fed0d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2876850Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#74407}
-
Victor Gomes authored
Change-Id: I824a671c54c92975a94f9dc56e993d532f022ce6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874401Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/master@{#74406}
-
Wenyu Zhao authored
Bug: v8:11641 Change-Id: I675b6968219a315a4b6f4bf1899d81931b5b4e0e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2875316 Auto-Submit: Wenyu Zhao <wenyu.zhao@anu.edu.au> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/master@{#74405}
-
Nico Hartmann authored
This reverts commit bc1eb7b4. Reason for revert: https://ci.chromium.org/ui/p/chromium/builders/try/android-pie-arm64-rel/369203/overview Original change's description: > [api] Add API callback setter for the SAB origin trial > > This change makes it possible to enable SharedArrayBuffer per Context, > controlling whether it should be enabled or not with a callback. The > previous implementation of the reverse origin trial for > SharedArrayBuffer was broken, since the feature could only be enabled > globally per process, and only if the feature flag is set early enough > in the v8 initialization. This does not play well with how origin > trials work. > > The implementation is similar to the callbacks that already exist for > the origin trials for WebAssembly simd and exceptions. > > SharedArrayBuffer is still controlled by the flag > harmony_sharedarraybuffer. If that flag is disabled, then > SharedArrayBuffer is disabled unconditionally. On top of that, this CL > introduces a new flag for enabling SharedArrayBuffer per context. If > that flag is set, a callback is used to determine whether > SharedArrayBuffer should be enabled. > > > Note that this only controls whether the SharedArrayBuffer constructor > should be exposed on the global object or not. It is always possible > to construct a SharedArrayBuffer using > > new WebAssembly.Memory({ > shared:true, initial:0, maximum:0 }).buffer.constructor; > > > There are few things which I do not like of this approach, but I did > not have better ideas: > > 1. The complex logic of dobule flag + callback. However, this seemed > the best way to me to not break embedders which rely on that flag > being enabled by default. > > 2. The fact that what actually matters is just whether the callback > returns `true` once. It would be good to check that the callback gives > a consistent return value, or to provide a better API that cannot be > missunderstood. > > > Bug: chromium:923807,chromium:1071424,chromium:1138860 > Change-Id: Ibe3776fad4d3bff5dda9066967e4b20328014266 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2867473 > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Antonio Sartori <antoniosartori@chromium.org> > Cr-Commit-Position: refs/heads/master@{#74378} Bug: chromium:923807 Bug: chromium:1071424 Bug: chromium:1138860 Change-Id: Iec678dee130db891c2096e47bc072a5d77ae9476 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874403 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Lutz Vahl <vahl@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#74404}
-
Clemens Backes authored
For copying the SharedArrayBuffer content, we cannot use a simple {memcpy} because that produces data races with thread concurrently modifying the content. Instead, use a custom {Relaxed_Memcpy} that uses proper relaxed atomics. The implementation is slightly optimized to do word-sized loads and stores where possible. If we still get performance regressions, we can optimize it further in follow-up CLs. R=ulan@chromium.org CC=mlippautz@chromium.org Bug: v8:11704, chromium:1205290 Change-Id: Ie34afc5c22ec5496c0fe822d55d4788031f06c54 Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874652 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#74403}
-
Clemens Backes authored
This is a reland of 296fa964. The fix is to dynamically check for alignment instead of relying on {alignof(ElementType)}. I updated the comment to state that independent of pointer compression we do not guarantee the alignment that the compiler assumes (hence we rely on undefined behaviour here). Original change's description: > [elements] Avoid racy data reads/writes > > Instead of annotating those racy reads / writes to be ignore by TSan, > just use relaxed atomics. This makes us not rely on undefined behaviour, > and is unlikely to introduce noticeable overhead. > > This removes the only uses of TSAN_ANNOTATE_IGNORE_WRITES_BEGIN and > friends, which allows us to remove the whole tsan.h header. > > R=ulan@chromium.org > CC=mlippautz@chromium.org > > Bug: v8:11704 > Change-Id: Ie6694c0ae5b40856b56fb97253ce626ec1f4c263 > Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng > Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_isolates_rel_ng > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2859957 > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Commit-Queue: Clemens Backes <clemensb@chromium.org> > Cr-Commit-Position: refs/heads/master@{#74321} Bug: v8:11704 Change-Id: If75674785ca776dac06ed821f0032f865793dd77 Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_isolates_rel_ng Cq-Include-Trybots: luci.v8.try:v8_odroid_arm_rel_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2867479Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#74402}
-
Georg Neis authored
Make code more readable, mainly by using MakeRef & co. and their overloads. Bug: v8:7790 Change-Id: Id45a69857a1be106c152615ac6dbc2f8a42fb7e8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874398Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#74401}
-
Ulan Degenbaev authored
Bug: v8:11732 Change-Id: I9156ad031d15f3c2054c16b5fb1f767b39165183 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2867481Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Liviu Rau <liviurau@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#74400}
-
Kim-Anh Tran authored
This returns a server error on setting breakpoints if the agent is disabled. Also-by: bmeurer@chromium.org Fixed: chromium:1202534 Change-Id: I87c80a4bd785fa5c59a8dd0d5ac5f4b31b015ed8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874662 Commit-Queue: Kim-Anh Tran <kimanh@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Auto-Submit: Kim-Anh Tran <kimanh@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#74399}
-
Georg Neis authored
Bug: v8:7790 Change-Id: I9b4ae95e2caf23e6574d2b48ec8796fcf82cfcc9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874656Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#74398}
-
Ross McIlroy authored
Order the bytecodes to enable range-based checks for IsWithoutExternalSideEffects. Also remove the now unecessary macro definitions for Jump bytecodes. BUG=v8:9684 Change-Id: Id2d7e2e0141b57864c65a752bc233f004f86f760 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2875208 Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#74397}
-
Georg Neis authored
This is a simplification and cleanup. Bug: v8:7790 Change-Id: I93a3ed2c9ddce4e300f25032be2085aef915ed8d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874655 Auto-Submit: Georg Neis <neis@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#74396}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/c5571d5..a5d4757 Rolling v8/third_party/aemu-linux-x64: Q9wrtYCFy4whHc75FrdwzygrqI5DSmX_tuj8UJUcrckC..QpXtlWg0Hrksvqhm2JkK5cg7xWznHgNj3aHSgOF-cCkC Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/1ae270e..5185110 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/3da9171..5009fd6 TBR=v8-waterfall-sheriff@grotations.appspotmail.com Change-Id: Ie9e6882480df3a07faf077f35ae7225ca62fc8e5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2876372Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#74395}
-
Frank Tang authored
Spec: https://tc39.es/proposal-intl-locale-info/ Design Doc: https://docs.google.com/document/d/1OwEsvs8VQwvR-ug01xLyIwpgcvUfaP24u9owc7aBKJ4/edit# https://www.chromestatus.com/feature/5566859262820352 Behind flag --harmony_intl_locale_info Bug: v8:11638 Change-Id: Ie616b3394d047c99d95ae46f112b5f0b367afe74 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2570218 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#74394}
-
Frank Tang authored
Design Doc: https://docs.google.com/document/d/1cPGfiihn76yj2iAomKcspPFyLLcnk3WkCiqceBQPQyk/edit# https://chromestatus.com/feature/5407573287108608 Bug: v8:7051 Change-Id: I880ca0b67f745283037226ce816a74d02128bfc9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874950Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/master@{#74393}
-
- 05 May, 2021 15 commits
-
-
Ng Zhi An authored
We have a scratch available, so we can use it instead of asking for a temporary register from the register allocator. We can also relax the unique register requirement, since we are careful not to overwrite src0 or src1 in the codegen. Bug: chromium:1204071 Change-Id: Ia7775167e323b3bca80f63304687cdbd425af0e5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2873227Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#74392}
-
Georg Neis authored
Change-Id: I5fcf6ca7974d2af9ab59b1d82dc6996322794f73 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874446 Auto-Submit: Georg Neis <neis@chromium.org> Commit-Queue: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#74391}
-
Nico Hartmann authored
Change-Id: I0f732a3e7e970c02925c0ba4e93273a27605dec3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2875206Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/master@{#74390}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/85859d6..c5571d5 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/d4ee032..1ae270e Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/6b022d1..3da9171 Rolling v8/third_party/google_benchmark/src: https://chromium.googlesource.com/external/github.com/google/benchmark/+log/33c133a..d0c227c TBR=v8-waterfall-sheriff@grotations.appspotmail.com Change-Id: Ifa5ee873b9133ceb50147d80cd40f3d271cd2680 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874931Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#74389}
-
Milad Fa authored
This compilation error might happen without the header: error: 'unique_ptr' in namespace 'std' does not name a template type Change-Id: I103ce0496eff5dda85557410b4e7863c1c65aad0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2873446Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#74388}
-
Michael Lippautz authored
- Take HeapHandle& parameter to allow a use case of free() on an already dead object during sweeping. - Change free() from T* to T& which forces an object and allows the caller to place the nullptr check before retrieving a heap handle. Bug: chromium:1056170 Change-Id: I80689d27d3abe410d177cd8c86b31ff2fe579a77 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874461 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/master@{#74387}
-
Santiago Aboy Solanes authored
This field has been used with atomically relaxed semantics due to a race with layout_descriptor [1]. Even though layout_descriptor doens't exist anymore, this race is still present presumably because the transition to a new map happens on StoreIC. We can set it as atomic for non-cm and atomic relaxed for cm like we did with the other Map's fields. Note that originally, this field was relaxed so we are reverting it back to what it was for concurrent marking. [1]: https://chromium-review.googlesource.com/c/v8/v8/+/555210/ Bug: v8:7790, v8:11696 Change-Id: I5d8c18bedb84b4bd5dc771e87310bc14409cfed8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874454Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#74386}
-
Georg Neis authored
... in favour of an optional return type for MapRef::prototype(). This also eliminates one kind of use of ShouldHaveBeenSerialized(), which I want to get rid of entirely. Bug: v8:7790 Change-Id: I031f067d644570e5c8aaeaf94c5ff69ff0515a99 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874456 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#74385}
-
Manos Koukoutos authored
Bug: v8:7748 Change-Id: I039fa3cc1c236027d8e44cd5d9f2d713099911fc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874452Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/master@{#74384}
-
Ross McIlroy authored
Effect control linearization already does splitting on most constant nodes it introduces, and we don't get much benifit otherwise for what is a fairly BUG=v8:9684 Change-Id: I74301058d157cc163762722576f9301088f8e72a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874460Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#74383}
-
Benedikt Meurer authored
As per WebAssembly Web API[1], the engine should only consider names from the name section to synthesize function names in the context of call stacks. We previously also added support to harvest the exports table here in an attempt to improve the DevTools debugging experience, but that needs a separate fix specifically for the inspector (which should also take into account the imports to harvest names). [1]: https://webassembly.github.io/spec/web-api/index.html#conventions Fixed: chromium:1164305 Change-Id: I4bde5c8398a5164f1d8ac9060ad3743ed494c41e Bug: chromium:1159307, chromium:1164241, chromium:1071432 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874464 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#74382}
-
Camillo Bruni authored
The IC_BUILTIN and IC_BUILTIN_PARAM macro prevent code navigation and they only avoid very simple, non-performance critical code. Change-Id: Ic9d10a9c53a1890149d86b43a6989afae7f1d6f4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2871464Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#74381}
-
Michael Achenbach authored
Bug: chromium:1205004 Change-Id: Ib97dbc06ac62d7d1392d610651ccd15daf12bb89 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2872825 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Auto-Submit: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Liviu Rau <liviurau@chromium.org> Cr-Commit-Position: refs/heads/master@{#74380}
-
Clemens Backes authored
This reverts commit 305aa12f. Reason for revert: Breaks MSVC compilation: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Win64%20-%20msvc/17718/overview Original change's description: > cppgc: Save xmm registers on the stack > > Microsoft x86_64 ABI considers XMM6-XMM15 as non-volatile > (callee-saved), which means that the compiler can store pointers in them. > We need to make sure they are pushed onto the stack inside the stack > scanning trampolines. > > Bug: v8:11710 > Change-Id: Ida804fe49d3d3b6f179ec276903a42ec8d3d86be > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2865745 > Commit-Queue: Anton Bikineev <bikineev@chromium.org> > Auto-Submit: Anton Bikineev <bikineev@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Cr-Commit-Position: refs/heads/master@{#74376} Bug: v8:11710 Change-Id: I9593e55b5c935619a6707f3c00f9ac295475b30d No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874462 Auto-Submit: Clemens Backes <clemensb@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#74379}
-
Antonio Sartori authored
This change makes it possible to enable SharedArrayBuffer per Context, controlling whether it should be enabled or not with a callback. The previous implementation of the reverse origin trial for SharedArrayBuffer was broken, since the feature could only be enabled globally per process, and only if the feature flag is set early enough in the v8 initialization. This does not play well with how origin trials work. The implementation is similar to the callbacks that already exist for the origin trials for WebAssembly simd and exceptions. SharedArrayBuffer is still controlled by the flag harmony_sharedarraybuffer. If that flag is disabled, then SharedArrayBuffer is disabled unconditionally. On top of that, this CL introduces a new flag for enabling SharedArrayBuffer per context. If that flag is set, a callback is used to determine whether SharedArrayBuffer should be enabled. Note that this only controls whether the SharedArrayBuffer constructor should be exposed on the global object or not. It is always possible to construct a SharedArrayBuffer using new WebAssembly.Memory({ shared:true, initial:0, maximum:0 }).buffer.constructor; There are few things which I do not like of this approach, but I did not have better ideas: 1. The complex logic of dobule flag + callback. However, this seemed the best way to me to not break embedders which rely on that flag being enabled by default. 2. The fact that what actually matters is just whether the callback returns `true` once. It would be good to check that the callback gives a consistent return value, or to provide a better API that cannot be missunderstood. Bug: chromium:923807,chromium:1071424,chromium:1138860 Change-Id: Ibe3776fad4d3bff5dda9066967e4b20328014266 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2867473Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Antonio Sartori <antoniosartori@chromium.org> Cr-Commit-Position: refs/heads/master@{#74378}
-