- 03 May, 2022 13 commits
-
-
Anton Bikineev authored
This fixes: runtime error: upcast of misaligned address 0x000000000001 for type 'cppgc::internal::(anonymous namespace)::SimpleGCed<64>', which requires 8 byte alignment Bug: chromium:1029379 Change-Id: Id03ce022e72fc07a18c171d4cf5e42f50cb684f1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3622918 Auto-Submit: Anton Bikineev <bikineev@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80332}
-
Georgia Kouveli authored
Mark the labels to the code and data global, which removes the need for having separate pointers to these labels in the .data section. This means that `v8_Default_embedded_blob_code_` and `v8_Default_embedded_blob_data_` can now actually be read-only when RELRO is enabled. The actual contents of `v8_Default_embedded_blob_code_` remain potentially non-readable for platforms where code is marked as execute-only, but these changes do not attempt to read them. Bug: v8:12850 Change-Id: Ic1bc8e68fe44a9ce45380c83b0be5fa94e7da267 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616510 Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com> Reviewed-by: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#80331}
-
Al Muthanna Athamina authored
Bug: v8:12842 Change-Id: Ice4ef2f1e62773238a0d9b08b6af36e9bed48ddd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3622919 Auto-Submit: Almothana Athamneh <almuthanna@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#80330}
-
jameslahm authored
This CL changes MaybeLocal::ToLocal documentation to assign |out| with nullptr when the MaybeLocal is empty to be consistent with the behavior. Bug: v8:12845 Change-Id: I8145d6604c51b79f137b686b3e9b4f328534e0a8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616432 Commit-Queue: 王澳 <wangao.james@bytedance.com> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80329}
-
Marja Hölttä authored
Fix: copy-paste error in raw ptr GC update function. Bug: v8:11525 Change-Id: I915ae92191b2add60962395a2d0ad28f57e02fd4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3622915 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80328}
-
Jakob Kummerow authored
When lowering signatures, we must preserve the separation of parameters into tagged and untagged sections. Fixed: chromium:1320614 Change-Id: I8119ba23e35f499630c2d2494e99191ca793cb1a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620283Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#80327}
-
Patrick Thier authored
For entries in the string forwarding table, mark the internalized string if the original string is marked. The logic is moved from the string forwarding table implementation to the mark compact implementation, using RootVisitor. Bug: v8:12007 Change-Id: I860de75077c864dd4e5f2c47ab647d2eafcc5ced Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3610625Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/main@{#80326}
-
Camillo Bruni authored
Due to the consistent overhead of snapshot checksum verification we ideally want to avoid it all-together. However there are still enough devices out there that suffer from corrupted snapshots that might cause hard to debug heap corruptions. This CL exposes the calculated (dummy value for now) and the expected snapshot checksum as a crash key, so it can be easily consulted during investigation. Note: The calculated crash key contains 0x0 for now as a dummy value. We will come up with a strategy later-on to limit the overhead of calculating the checksum. Bug: v8:12195 Change-Id: I6da6d74c035cb6f9b0edae212a36e6c41c048a5b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605813Reviewed-by: Jakob Linke <jgruber@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80325}
-
Samuel Groß authored
While nullptr also mostly seems to work, GetCurrentProcess() is the correct way of specifying the current process for operations like MapViewOfFile3 or VirtualAlloc2. Bug: chromium:1218005 Change-Id: I988140374a708018dca089c29eb699e0536a5285 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620288Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Auto-Submit: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#80324}
-
Benedikt Meurer authored
When formatting console messages (for consumption in Chromium/Blink), we have special logic to unwrap value wrapper objects. But this logic was not very consistent, and especially Number values and NumberObject values were formatted differently. This changes the V8ValueStringBuilder::append() logic to always unwrap any value wrapper first and then use the regular dispatch for the primitive value. Fixed: chromium:1321833 Change-Id: I9996671e1f91da0841e5d5f1687cf647ab72a561 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3622913 Commit-Queue: Yang Guo <yangguo@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/main@{#80323}
-
Frank Tang authored
In v3 we allow both significant digits and fraction digits to be set in some conditions. Also fix the case in v2 we didn't handle "precision-integer" with currency format. Related spec text: https://tc39.es/proposal-intl-numberformat-v3/out/numberformat/diff.html#sec-intl.numberformat.prototype.resolvedoptions https://tc39.es/proposal-intl-numberformat-v3/out/numberformat/diff.html#sec-setnfdigitoptions Bug: v8:11544 Change-Id: I89c147dcc7803eae7aad2a380e85d1d877e30370 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3615217 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#80322}
-
Shu-yu Guo authored
Bug: v8:11989 Change-Id: Idd7ab73f923a7a0114c0fb7a40807b4b163d6bcf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3595106Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Auto-Submit: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#80321}
-
Rob Paveza authored
This change adds support for computing SHA-256 hashes in the stack output of errors by adding a function to the prototype of the `CallSite` object, passed to `Error.prepareStackTrace`. Additionally, it updates the `hash` property from `Debugger.scriptParsed` and `Debugger.scriptFailedToParse` to be SHA-256 instead of the proprietary hash it is today. It is intended to be an advancement in indexing source maps to support improved tooling, especially for post-hoc or in-production diagnostics scenarios. The explainer can be found here: https://docs.google.com/document/d/13hNeeLC2Ve_FVieNndZUUUP15x2O4ltvjnGWwOsMlrU/edit?usp=sharing Change-Id: Ifbbed4b22c8256e74e6d79974d2dd1e444143eda Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3229957Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Auto-Submit: Robert Paveza <Rob.Paveza@microsoft.com> Commit-Queue: Shu-yu Guo <syg@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/main@{#80320}
-
- 02 May, 2022 27 commits
-
-
Frank Tang authored
This is a reland of commit 89600314 Changes since revert: None, reverted wrong suspect CL Original change's description: > [Temporal] Fix Calendar.prototype.fields CSA > > Use LoadAndUntagToWord32ObjectField instead of LoadObjectField<Uint32T> > to load the flag since it is defined as > flags: SmiTagged<JSTemporalCalendarFlags>; > > Otherwise LoadObjectField<Uint32T> will load the zero part when > v8_enable_pointer_compression = false > > Add unit tests to intl (because the problem only show up on calendar > other than non iso8601. > > Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel > > > Bug: v8:12848 > Change-Id: I44b685af99dc9820dfa228447e2b42ae0a82464c > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3617388 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Frank Tang <ftang@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80314} Bug: v8:12848 Change-Id: I423ea5f0a4a30fc73546df208d24aec84db76eb4 Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620838 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#80319}
-
Shu-yu Guo authored
This reverts commit 31009706. Reason for revert: UBSan failure: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/21069/overview Original change's description: > cppgc: young-gen: Enable cppgc_enable_young_generation by default > > Oilpan Young Generation is now controlled by the runtime flag > --cppgc-young-generation. > > Bug: chromium:1029379 > Change-Id: I9ded9637f43a2f86993cff898cd7f272a051ae3c > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616728 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Commit-Queue: Anton Bikineev <bikineev@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80312} Bug: chromium:1029379 Change-Id: I18ac696380df5f77d0978072b8e5af2f2e305994 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620839 Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Auto-Submit: Shu-yu Guo <syg@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80318}
-
Shu-yu Guo authored
This reverts commit 89600314. Reason for revert: UBSAN errors in GC tests https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/21069/overview Original change's description: > [Temporal] Fix Calendar.prototype.fields CSA > > Use LoadAndUntagToWord32ObjectField instead of LoadObjectField<Uint32T> > to load the flag since it is defined as > flags: SmiTagged<JSTemporalCalendarFlags>; > > Otherwise LoadObjectField<Uint32T> will load the zero part when > v8_enable_pointer_compression = false > > Add unit tests to intl (because the problem only show up on calendar > other than non iso8601. > > Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel > > > Bug: v8:12848 > Change-Id: I44b685af99dc9820dfa228447e2b42ae0a82464c > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3617388 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Frank Tang <ftang@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80314} Bug: v8:12848 Change-Id: I3a8af8acbbdfc5d0f5386f2a9d50d62b9f422fb8 Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620837 Auto-Submit: Shu-yu Guo <syg@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80317}
-
Michael Lippautz authored
This is a reland of commit 445190bf The fix addresses the issue where object size accounting went out of sync because of right-trimmed LO in new space that were migrated with a different size than they were accounted for. The fix now iterates only live objects for size computation which avoids accessing reclaimed maps and fixes up the objects accounting. Original change's description: > [heap] Fix bogus object size computation > > The map of an object may be gone by the time we try to compute its > size for accounting purposes. > > Bug: chromium:1319217 > Change-Id: I93cca766a8cedebf4ed30a3a65fd6eff5bc72bcf > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605817 > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> > Commit-Queue: Michael Lippautz <mlippautz@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80271} Bug: chromium:1319217 Change-Id: I8d032edf96a4bf4b0faa4bbd9b0be247051c49fb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616507Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80316}
-
Milad Fa authored
This is a reland of commit c575e8ae Original change's description: > PPC/S390: Reland "[osr] Use the new OSR cache" > > Port 91453880 > > Original Commit Message: > > This is a reland of commit 91da3883 > > Original change's description: > > Fixed: Use an X register for JumpIfCodeTIsMarkedForDeoptimization > > on arm64. > > Bug: v8:12161 > > Change-Id: I6e63bd5995340bac32654ef12c52d25b496140e3 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607997 > Reviewed-by: Junliang Yan <junyan@redhat.com> > Commit-Queue: Milad Farazmand <mfarazma@redhat.com> > Cr-Commit-Position: refs/heads/main@{#80194} Change-Id: Id5e41c659a3c29a6d22c0393ad0003a24fa1ef5a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3621273 Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Reviewed-by: Junliang Yan <junyan@redhat.com> Cr-Commit-Position: refs/heads/main@{#80315}
-
Frank Tang authored
Use LoadAndUntagToWord32ObjectField instead of LoadObjectField<Uint32T> to load the flag since it is defined as flags: SmiTagged<JSTemporalCalendarFlags>; Otherwise LoadObjectField<Uint32T> will load the zero part when v8_enable_pointer_compression = false Add unit tests to intl (because the problem only show up on calendar other than non iso8601. Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel Bug: v8:12848 Change-Id: I44b685af99dc9820dfa228447e2b42ae0a82464c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3617388Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#80314}
-
jameslahm authored
This CL adds serialization and deserialization support for HOLEY_ELEMENTS and HOLEY_SMI_ELEMENTS kind arrays. Bug: v8:11525 Change-Id: Ib6fdcd1916badd02e567571e1c0748dce85cd8a0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620753Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80313}
-
Anton Bikineev authored
Oilpan Young Generation is now controlled by the runtime flag --cppgc-young-generation. Bug: chromium:1029379 Change-Id: I9ded9637f43a2f86993cff898cd7f272a051ae3c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616728Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#80312}
-
Leszek Swirski authored
This reverts commit 25e32252. Reason for revert: Suspect for roll failure: https://ci.chromium.org/ui/p/chromium/builders/try/android_optional_gpu_tests_rel/98554/overview Original change's description: > Reland "[heap] Refactor atomic marking phase" > > This is a reland of commit a3f66927 > > The reland addresses a few CHECKs that were too agressive and also > properly adjusts Oilpan's marking configurations depending on V8's > flags. > > Original change's description: > > [heap] Refactor atomic marking phase > > > > The atomic marking phase was organized in many distinct smaller > > phases. In particular, before http://crrev.com/c/3584115 the marking > > phase split into two large separate phases. > > > > This CL reorganizes marking into two phases that perform regular V8 > > heap marking, Oilpan, and ephemerons: > > - A parallel phase that likely drains all marking worklists; > > - A single-threaded final phase to catch any left overs; > > > > This avoids artificial splitting in phases and also avoids repeated > > starting and joining of jobs. > > > > Change-Id: I5cccfc5777837d9ece10d8f4925781bf2d07d9da > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602507 > > Reviewed-by: Omer Katz <omerkatz@chromium.org> > > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> > > Commit-Queue: Michael Lippautz <mlippautz@chromium.org> > > Cr-Commit-Position: refs/heads/main@{#80265} > > Change-Id: I26648da361b92d787c173aa9d390100ce8958728 > Bug: chromium:1320896 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616519 > Commit-Queue: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Omer Katz <omerkatz@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80301} Bug: chromium:1320896 Change-Id: I01742f25d54de8e4e22fefe87ce61ba295950baa No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620286 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Owners-Override: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80311}
-
Darshan Sen authored
I was trying to build chromium with Perfetto enabled and I ran into this compilation error: ``` ../../v8/src/libplatform/tracing/recorder-win.cc(48,42): error: no member named 'GetCategoryGroupName' in 'v8::platform::tracing::TracingController' TracingController::GetCategoryGroupName( ~~~~~~~~~~~~~~~~~~~^ 1 error generated. ``` This happens because the GetCategoryGroupName() function is added to the TracingController class only if Perfetto is disabled. Signed-off-by: Darshan Sen <raisinten@gmail.com> Change-Id: If53dab5ea9b8c3e2f69e8e84c8d6ba06ee3c496e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616427Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80310}
-
Patrick Thier authored
https://crrev.com/c/3571817 introduced a bug that string table lookups failed on SlicedStrings with a start offset of 0. This CL fixes the issue by re-using the already computed hash only if the length of the source string matches the length of the string to lookup. Bug: chromium:1320179, chromium:1321573 Change-Id: Ic8755a0266a9ec67fe5eb9c96fdab1b55d5009f2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616723 Auto-Submit: Patrick Thier <pthier@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80309}
-
jameslahm authored
In Sampler::DoSample, we only guard SignalHandler::Installed before and Sampler::Stop may happen at the same time, which may cause SIGPROF signal handler was already restored before SIGPROF was emit and trigger profiling timer expired. This CL changes Sampler::DoSample to use SignalHandler::mutex() to guard the entire function and also change the mutex to recursive mutex. Bug: v8:12838 Change-Id: I5195742ecdbade342986755233840d7be5d83c62 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616429Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80308}
-
Camillo Bruni authored
We usually run benchmarks in multiple variants: default, future, noopt This is currently only achieved by copying the run-perf json file and changing the flags at the top-level (or copy whole subsections). Using "variants" we can duplicate the tests at the current level with different values and easily create benchmarks that differ only in v8 flags. Drive-by-fix: - Add Node.__iter__ and log the whole config graph in debug mode - Add GraphConfig.__str__ method for better debugging - Rename TraceConfig to LeafTraceConfig - Rename RunnableTraceConfig to RunnableLeafTraceConfig - Make --filter accept a regexp to better filter out variants Bug: v8:12821, v8:11113 Change-Id: I56a2ba2dd24da15c7757406e9961746219cd8061 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596128Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Tamer Tas <tmrts@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80307}
-
Jakob Linke authored
This is a reland of commit 91453880 Fixed: properly reference the ClearedValue in CSA (i.e. without the cage_base upper 32 bits). Original change's description: > Reland "[osr] Use the new OSR cache" > > This is a reland of commit 91da3883 > > Fixed: Use an X register for JumpIfCodeTIsMarkedForDeoptimization > on arm64. > > Original change's description: > > [osr] Use the new OSR cache > > > > This CL switches over our OSR system to be based on the feedback > > vector osr caches. > > > > - OSRing to Sparkplug is fully separated from OSR urgency. If > > SP code exists, we simply jump to it, no need to maintain an > > installation request. > > - Each JumpLoop checks its dedicated FeedbackVector cache slot. > > If a valid target code object exists, we enter it *without* > > calling into runtime to fetch the code object. > > - Finally, OSR urgency still remains as the heuristic for > > requesting Turbofan OSR compile jobs. Note it no longer has a > > double purpose of being a generic untargeted installation > > request. > > > > With the new system in place, we can remove now-unnecessary > > hacks: > > > > - Early OSR tierup is replaced by the standard OSR system. Any > > present OSR code is automatically entered. > > - The synchronous OSR compilation fallback is removed. With > > precise installation (= per-JumpLoop-bytecode) we no longer > > have the problem of 'getting unlucky' with JumpLoop/cache entry > > mismatches. Execution has moved on while compiling? Simply spawn > > a new concurrent compile job. > > - Remove the synchronous (non-OSR) Turbofan compile request now > > that we always enter available OSR code as early as possible. > > - Tiering into Sparkplug no longer messes with OSR state. > > > > Bug: v8:12161 > > Change-Id: I0a85e53d363504b7dac174dbaf69c03c35e66700 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596167 > > Commit-Queue: Jakob Linke <jgruber@chromium.org> > > Auto-Submit: Jakob Linke <jgruber@chromium.org> > > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > > Cr-Commit-Position: refs/heads/main@{#80147} > > Bug: v8:12161 > Change-Id: Ib3597cf1d99cdb5d0f2c5ac18e311914f376231d > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3606232 > Auto-Submit: Jakob Linke <jgruber@chromium.org> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Leszek Swirski <leszeks@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80167} Bug: v8:12161,chromium:1320189 Change-Id: Ibd9a2ab61f51ebb32a3f5a66f7c602faead71c3e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620273Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#80306}
-
Milad Farazmand authored
This reverts commit c575e8ae. Reason for revert: Original CL reverted https://crrev.com/c/3615219. Original change's description: > PPC/S390: Reland "[osr] Use the new OSR cache" > > Port 91453880 > > Original Commit Message: > > This is a reland of commit 91da3883 > > Original change's description: > > Fixed: Use an X register for JumpIfCodeTIsMarkedForDeoptimization > > on arm64. > > Bug: v8:12161 > > Change-Id: I6e63bd5995340bac32654ef12c52d25b496140e3 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607997 > Reviewed-by: Junliang Yan <junyan@redhat.com> > Commit-Queue: Milad Farazmand <mfarazma@redhat.com> > Cr-Commit-Position: refs/heads/main@{#80194} Change-Id: I977e59238e1f03c21307c1499cde8b567d1e3e2c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620538 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Reviewed-by: Milad Farazmand <mfarazma@redhat.com> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#80305}
-
Anton Bikineev authored
The CL prepares the sources and the tests for enabling cppgc_enable_young_generation by default. The static initializer in YoungGenerationEnabler (due to v8::base::Mutex) changed to be lazy. The tests are now checking the runtime flag. Bug: chromium:1029379 Change-Id: I1497a3dd2b8d62c1acd48496821f07324b7944d5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616726Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Auto-Submit: Anton Bikineev <bikineev@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#80304}
-
Dominik Inführ authored
When deleting a JSObject's last property, only that particular slot in the old-to-new rememebered set needs to be deleted. The object's slots don't need to be invalidated anymore since V8 doesn't use unboxed doubles anymore. While the runtime could install another property at this address, it will therefore always be a tagged pointer. Bug: v8:12578, chromium:1316289 Change-Id: Ief072f58e53501c1c1f01c902e21467a37ccdc3c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620274 Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80303}
-
Leszek Swirski authored
This reverts commit 1267e518. Reason for revert: Turned out to not support them: https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket/8815278972589078465/+/u/Bisect_1267e518/Retry/web-snapshot-4 Original change's description: > [web snap] Support Symbols > > Bug: v8:11525,v8:12820 > Change-Id: Ie8b1bbe209d8bb6f759623ea01223a05d11090aa > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616514 > Commit-Queue: Marja Hölttä <marja@chromium.org> > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80299} Bug: v8:11525,v8:12820 Change-Id: Ia0107dfec12e72dc976348985e5c35dac28c170a No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620278 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Owners-Override: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#80302}
-
Michael Lippautz authored
This is a reland of commit a3f66927 The reland addresses a few CHECKs that were too agressive and also properly adjusts Oilpan's marking configurations depending on V8's flags. Original change's description: > [heap] Refactor atomic marking phase > > The atomic marking phase was organized in many distinct smaller > phases. In particular, before http://crrev.com/c/3584115 the marking > phase split into two large separate phases. > > This CL reorganizes marking into two phases that perform regular V8 > heap marking, Oilpan, and ephemerons: > - A parallel phase that likely drains all marking worklists; > - A single-threaded final phase to catch any left overs; > > This avoids artificial splitting in phases and also avoids repeated > starting and joining of jobs. > > Change-Id: I5cccfc5777837d9ece10d8f4925781bf2d07d9da > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602507 > Reviewed-by: Omer Katz <omerkatz@chromium.org> > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> > Commit-Queue: Michael Lippautz <mlippautz@chromium.org> > Cr-Commit-Position: refs/heads/main@{#80265} Change-Id: I26648da361b92d787c173aa9d390100ce8958728 Bug: chromium:1320896 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616519 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/main@{#80301}
-
Marja Hölttä authored
Integrity levels are not handled yet (but there's a TODO now). Bug: v8:11525, v8:12820 Change-Id: Id72e49b363615e51ec89a353101cc4cf76ccbab4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616515Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#80300}
-
Marja Hölttä authored
Bug: v8:11525,v8:12820 Change-Id: Ie8b1bbe209d8bb6f759623ea01223a05d11090aa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616514 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#80299}
-
jameslahm authored
... not exceeding the maximum size of the backing store before ReplacementStringBuilder in StringReplaceGlobalRegExpWithString. Bug: v8:12843 Change-Id: I3ccf07a4e6de35a3a571ebfccc34e54eb27a0819 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616555Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Jakob Linke <jgruber@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80298}
-
Victor Gomes authored
Bug: v8:7700 Change-Id: I389574d93725fe68816eddbebeef7fbfd3e136fb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616724 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#80297}
-
https://crrev.com/c/3472077Maksim Sadym authored
1. Use `StringBuffer` instead of `StringView` in `WebDriverValue`. 2. Add some `DCHECK`s. 3. Reserve vector size. 4. Respect properties with `undefined` values. 5. Minor clean-ups. Change-Id: Ic109acb1e3adf2d950767173c17a9203e3c816dc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596173Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Auto-Submit: Maksim Sadym <sadym@chromium.org> Cr-Commit-Position: refs/heads/main@{#80296}
-
jameslahm authored
... moved into unittests. - test-compiler was moved under https://chromium-review.googlesource.com/c/v8/v8/+/3596442. And move test-compiler/DeepEagerCompilationPeakMemory to unittests.status. Remove test-compiler/DecideToPretenureDuringCompilation because it has been removed in https://chromium-review.googlesource.com/c/v8/v8/+/2839550. - test-code-pages was moved under https://chromium-review.googlesource.com/c/v8/v8/+/3599404. - test-api/TEST(TryCatch...) was moved under https://chromium-review.googlesource.com/c/v8/v8/+/3586770. And added ''APIExceptionTest.*': [SKIP],' in unittests.status according to here https://source.chromium.org/chromium/chromium/src/+/master:v8/test/cctest/cctest.status;l=549. Bug: v8:12781 Change-Id: Ie5067c1312c9d69f75d3efb831e15bea2eb38fa1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3612665Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: 王澳 <wangao.james@bytedance.com> Cr-Commit-Position: refs/heads/main@{#80295}
-
Marja Hölttä authored
Bug: v8:11525 Change-Id: Ifec7ff76b5407d61f339d298a6f2eabbe77b7731 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3613398Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#80294}
-
Marja Hölttä authored
Bug: v8:11111 Change-Id: I9bd8db01232d147e309711837e69177a84600787 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616501 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#80293}
-