- 17 Jun, 2021 3 commits
-
-
Paolo Severini authored
Fuzzing found a problem with --turbo-optimize-apply when the Array.prototype iterator is replaced with a generator function. We can the issue by installing a protector on the array iterator. This CL also defines the --turbo-optimize-apply as 'future' to get more test coverage. Bug: v8:9974 Change-Id: Id5bc68fde98ea5d1f6a951c4381ca6283b892632 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2966058 Commit-Queue: Paolo Severini <paolosev@microsoft.com> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#75197}
-
Maya Lekova authored
Bug: v8:11898 Change-Id: If0e3c21a2b1b84ae81ac962417cdf91ca78a95c6 No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2967464 Auto-Submit: Maya Lekova <mslekova@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#75196}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/bc21621..1a575de Rolling v8/buildtools: https://chromium.googlesource.com/chromium/src/buildtools/+log/be7dcbc..466954e Rolling v8/buildtools/linux64: git_revision:72d5a6e15d868abc8451fe0a3b6596e86a2ffc40..git_revision:d2dce7523036ed7c55fbb8d2f272ab3720d5cf34 Rolling v8/buildtools/third_party/libunwind/trunk: https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libunwind/+log/7e85c7a..a38ef11 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/6434229..96bc38d Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/e319aba..74ef838 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/c6949cb..66b4484 TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: Ica54fc71a73e1ae7ff791fadde4fe7f402416205 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2967749Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#75195}
-
- 16 Jun, 2021 28 commits
-
-
Frank Tang authored
LGTM1 Mike West mkwst@chromium.org LGTM2 Chris Harrelson chrishtr@chromium.org LGTM3 Yoav Weiss yoavweiss@chromium.org Design Doc: https://docs.google.com/document/d/1cPGfiihn76yj2iAomKcspPFyLLcnk3WkCiqceBQPQyk R2T: https://groups.google.com/a/chromium.org/g/blink-dev/c/W7TcX1tSHDI/m/1AthUhEWBAAJ I2S: https://groups.google.com/a/chromium.org/g/blink-dev/c/TpAvyXwHM_c/m/QXJKbClfAwAJ Stage in m92 Canary 92 92.0.4500.0 Dev 92 92.0.4503.3 Beta 92 92.0.4515.40 https://chromiumdash.appspot.com/commit/eb6482784ca71d3b22db449fd941bfa9872d244a Bug: v8:7051, v8:11868, v8:11869 Change-Id: Id1ae20234b764e6f6def83af651daf70056d0725 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2950559Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/master@{#75194}
-
Andrew Comminos authored
To enable deallocation of CodeEntry objects after they're no longer being referenced by an active profile or alive on the heap, replace the |used| bit with a proper reference count maintained by a CodeMap. Bug: v8:11054 Change-Id: I3016cdbcbd1b4e8a26c3b1689e968cb2eef8e6d8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2965493Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Andrew Comminos <acomminos@fb.com> Cr-Commit-Position: refs/heads/master@{#75193}
-
Milad Fa authored
Port c7949470 Original Commit Message: ... when we do have an isolate. This is a little leaner. R=verwaest@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: Ifd466b48f4f7a909d00fc32304f90ebd19e93110 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2965156Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#75192}
-
Clemens Backes authored
Empty function bodies can actually reach the compiler. We could prevent this by making this a decoder error instead, but that would be a redundant check, so we should just remove the DCHECK instead. R=ahaas@chromium.org Bug: chromium:1219898 Change-Id: Ie1bed30cee44be9ac42b5f5f980a122c8dc8b2ec Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2966385Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#75191}
-
Frank Tang authored
Add tests for Intl Locale Info API to ensure the return items fit the type definition in UTS35 Bug: v8:11887 Change-Id: Ie92d80518909df9472ffd887800832a656807b5c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2964597Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/master@{#75190}
-
Michael Lippautz authored
The object may have been poisoned again between marking and compaction through executing pre-finalizers or custom weakness handling of related objects. Bug: chromium:1220666, chromium:1056170 Change-Id: Ibba4b42852a2921640d6f3ded473521febb2114f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2966386Reviewed-by: Omer Katz <omerkatz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Auto-Submit: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#75189}
-
Milad Fa authored
When pushing/popping registers, we need a way in PPC and S390 to detect if Simd registers need to be pushed or not. On PPC Simd registers are separate from FP registers, hence we need to push them both. If Simd is not available then we push an empty space in place of Simd registers. On S390 the Simd and FP registers are shared. If Simd is available then we only push them and not the FPs, else we push FP registers as well as an empty space the size of FPs as the stack needs to look like as if Simds were saved too. We also need to check if we are generating builtins or call is being made at runtime. We cannot use `SupportsWasmSimd128` when generating builtin as `CpuFeatures` are turned off, so we need to emit the `if/else` manually for checking the value of `SupportsWasmSimd128`. Change-Id: Id149c6578db9c2f92d903fd871d85c648d43ce70 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2958963Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#75188}
-
Manos Koukoutos authored
Bug: v8:7748 Change-Id: I4382c73bf089672ab9f054754a87e27b51478b86 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2964602 Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#75187}
-
Mike Stanton authored
In heap-refs.cc, GetOwnFastDataPropertyFromHeap() bottlenecks reading a fast property. To make it safe to use from the background thread we need to verify the object didn't shrink, and risk an out of heap bounds read. Bug: v8:7790 Change-Id: Idebbe0ffea089bf2a70aa7d611618430169082fd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2928185Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#75186}
-
Dominik Inführ authored
This mutex wasn't really used anymore. This should also speed up code object allocation a bit. Bug: v8:11888 Change-Id: I8ddc2ecc1aec74e8eb3e2d4b96354c50f3bff350 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2966382Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/master@{#75185}
-
Seth Brenith authored
Rather than letting a recursive macro expansion cause a stack overflow and crash the compiler, this change updates Torque to emit an error as soon as the recursion is detected. Eventually it would be nice to make Cast macros a little more magical so they don't require so much human effort to maintain, but at least this way Torque displays some information about what went wrong. An example error message (manually wrapped to 72 character width) follows. src/builtins/cast.tq:157:10: Torque Error: Recursive macro call to callable Cast<(class Context | Undefined | Zero)>(implicit class Context)(Object): (class Context | Undefined | Zero) src/builtins/cast.tq:758:3: Torque Error: Note: in specialization Cast<(class Context | Undefined | Zero)> requested here src/builtins/cast.tq:764:10: Torque Error: Note: in specialization Is<(class Context | Undefined | Zero), Object> requested here src/builtins/torque-internal.tq:64:3: Torque Error: Note: in specialization UnsafeCast<(class Context | Undefined | Zero)> requested here src/objects/contexts.tq:75:10: Torque Error: Note: in specialization ReferenceCast<(class Context | Undefined | Zero), Object> requested here src/builtins/iterator.tq:142:16: Torque Error: Note: in specialization ContextSlot<class Context, class Context, (class Context | Undefined | Zero)> requested here Bug: v8:11727 Change-Id: I7b5b1852dee16a6860f593f27783f6b2d9366146 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2965032Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/master@{#75184}
-
Andreas Haas authored
On a loop back edge both the cached instance and the cached memory start have to get restored for the next loop iteration. In the original CL we did not consider the case that by restoring the instance we may overwrite the currently cached memory start. Original description: WebAssembly functions often have subsequent memory accesses, and each of these memory accesses need the start address of the memory in a register. With this CL the register with the memory start address is cached, so only the first memory access has to load the memory start address into a register, subsequent memory accesses can just reuse the register. In first measurements with the epic benchmark this reduces the size of the generated Liftoff code by a bit more than 5%. R=clemensb@chromium.org Bug: v8:11862 Change-Id: I884c0da24be8bc6b10f2c6bf5437b9a279819538 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2960220Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#75183}
-
Michael Achenbach authored
No-Try: true Bug: v8:11893 Change-Id: Iee4164cc25f736f4d9aa0b24319e947215439938 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2964607 Auto-Submit: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#75182}
-
Toon Verwaest authored
... when we do have an isolate. This is a little leaner. Change-Id: Ia95d9888b11cab9e43362f4fe78689a79dfa8b2d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2964604 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#75181}
-
Jakob Kummerow authored
When we pass function arguments on the stack, untagged parameters "come first", i.e. are put to lower addresses / can be popped off first. So when a function instructs the stack walker to visit its parameters (belonging to its caller's frame), it must skip past any untagged parameters at the top of the caller's frame. Change-Id: I5a42e4850b0808237ae937c90b0cec930df8571b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2964394 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Auto-Submit: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#75180}
-
Igor Sheludko authored
... behind the v8_enable_external_code_space build flag. This is a first CL in a row of CLs that will make CodeDataContainer the only type of objects that could contain references to Code objects (besides the Code objects embedded into the generated code). Eventually these changes will allow us to move Code space out of the V8 heap cage. This CL adds |code| field to ensure that CodeDataContainer keeps the respective Code object alive and |code_entry_point| field that contains cached value of the code().InstructionStart(). Bug: v8:11880 Change-Id: Ie7ce75667d8da306797d203691b429671bc4530d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2964093 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#75179}
-
Dominik Inführ authored
Since DiscardCompiled() can allocate, it could also a cause a GC. A full GC might perform bytecode flushing, which could change the return value of CanDiscardCompiled(). So a DiscardCompiled() invocation in one loop iteration could violate the assumption that CanDiscardCompiled() holds in subsequent iterations. Prevent DCHECK failure by checking whether CanDiscardCompiled() still holds for each SharedFunctionInfo. Bug: v8:11772 Change-Id: Ie9c704abeea801bd3f4f1bdf8fa9c51a8a9d447d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2960274Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/master@{#75178}
-
Andreas Haas authored
Bug: chromium:1219630 Change-Id: Idf187bfb16157074b0affda1db3b8ac0b0870e7a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2964094Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#75177}
-
Camillo Bruni authored
Now you can also clean build directories: x64.optdebug.clean Or clean and build: x64.release.clean.d8 No-Try: True Change-Id: I3df59416d4ce7db5306c0b09c9ee8293c7a345f9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2964595 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#75176}
-
Michael Lippautz authored
Rolling v8/third_party/google_benchmark/src: https://chromium.googlesource.com/external/github.com/google/benchmark/+log/0e1255a..5b75184 Manually roll forward to: - roll across a compile-time failure - adjust BUILD.gn Change-Id: I4733fbc1ba565293a15d5360815c92b293eedc34 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2966378 Auto-Submit: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#75175}
-
Patrick Thier authored
Remove the neg-neg implication sparkplug --> baseline-batch-compilation, because it is wrong in the current setting. Since sparkplug is off per default, the implication will turn off batch compilation. When sparkplug is turned on explicitly, there is no implication to turn on batch compilation again. Since batch compilation is gated behind --sparkplug anyways we can safely remove it. Bug: v8:11790 Change-Id: I8f5ffb542625bc8061ceef02bae688edecea8438 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2964600Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/master@{#75174}
-
Michaël Zasso authored
This fixes compilation of V8 in Node.js with Visual Studio 2019. Without this change, MSVC errors with C3779 (a function that returns 'auto' cannot be used before it is defined) on the `static constexpr auto registers()` method. Bug: v8:11420 Change-Id: Id545199e2cdc10c8560031fb5950ec1171e5d554 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2964095 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#75173}
-
Ross McIlroy authored
As we push TurboProp's interrupt budget back, the deopt savings we get from this aren't worth the runtime overhead in the generated code. BUG=v8:9684 Change-Id: I6eeb941b25c13958f6b9ddf33439d7928af9b302 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2964813 Auto-Submit: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#75172}
-
John Xu authored
The Cobalt team uses base/wrappers.h to intercept some low level OS functions and recently we found strdup to be a blocker. Thankfully it only appeared once in V8. Change-Id: Ib20f399f94933b5d407c1e22e1df674420003ba2 Bug: v8:10927 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2963805 Auto-Submit: John Xu <johnx@google.com> Commit-Queue: John Xu <johnx@google.com> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#75171}
-
John Xu authored
Cobalt is a V8 embedder and it has its own platform abstraction. So to V8 the OS name is "Starboard" instead of Win/Linux/Android even though the real OS is one of them. To select the right embedded file writer for Cobalt, we need some customizations in platform-embedded-file-writer-base.*. Bug: v8:10927 Change-Id: I6dadb4690ade0b4aebec14bc87fdc6d71c03b3bb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2963804 Auto-Submit: John Xu <johnx@google.com> Commit-Queue: John Xu <johnx@google.com> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#75170}
-
Camillo Bruni authored
- Show related code object for Maps - Fix opening transition trees - Rename *LogEntry.prototype.codeLogEntry to .code - Show Arrays as dropdowns in tooltips - Avoid hiding the tooltip when clicking on the tooltip itself - Show links to code variants (bytecode/baseline/optimized) - Fix chunk offset calculation - Fix code for browsers that don't support navigator.scheduling.isInputPending Bug: v8:10644 Change-Id: I858dc410657d26d076214368814a52177b124f4c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2964592 Auto-Submit: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#75169}
-
Lu Yahan authored
- 2944844: [sparkplug][arm][arm64[ia32] Callee-saved registers for RecordWrite - Delete kTestReg due to 2945538 - 2949104: [runtime] Rename Builtins::Name to Builtin Change-Id: I33d12df7cbee6842a05c1dbe3e6158be1ff4cbc7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2952865 Commit-Queue: Yahan Lu <yahan@iscas.ac.cn> Reviewed-by: Brice Dobry <brice.dobry@futurewei.com> Reviewed-by: Ji Qiu <qiuji@iscas.ac.cn> Cr-Commit-Position: refs/heads/master@{#75168}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/e6942ef..bc21621 Rolling v8/buildtools/linux64: git_revision:e0c476ffc83dc10897cb90b45c03ae2539352c5c..git_revision:72d5a6e15d868abc8451fe0a3b6596e86a2ffc40 Rolling v8/buildtools/third_party/libc++abi/trunk: https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libcxxabi/+log/6c29693..f4328ad Rolling v8/third_party/aemu-linux-x64: XSqCv80jM_M_v5sYf8LVksQaL1zsbc6Pp9y-6WBCkbsC..D99f9rA6SsUg1U4VGdh-MSQQX94eeW2Mi8I_xw6-ccwC Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/e30a74f..6434229 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/3b56309..e319aba Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/de043ec..c6949cb TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: Ia70979bb89a4f20a75995819f4a9dc5c02a4ae1a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2965998Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#75167}
-
- 15 Jun, 2021 9 commits
-
-
Igor Sheludko authored
... to ensure that it'll not be triggered for Code objects which are known to never be in new space. This removes the need for having custom implementation of setters with Code values - existing [CONDITIONAL_]WRITE_BARRIER macros will work just fine. Bug: v8:11879, v8:11880 Change-Id: I7ed70e51f9459040086dd4c67e61b11617dbdc24 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2964812Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#75166}
-
Deepti Gandluri authored
This reverts commit 8e44ee5f. Reason for revert: Reverting due to UBSan failures - https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20UBSan/16888. Original change's description: > [cpu-profiler] Reference counting for code entries > > To enable deallocation of CodeEntry objects after they're no longer > being referenced by an active profile or alive on the heap, replace the > |used| bit with a proper reference count maintained by a CodeMap. > > Bug: v8:11054 > Change-Id: Id3d5941e509504415692f833e406ecdd2553d426 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2945541 > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Commit-Queue: Andrew Comminos <acomminos@fb.com> > Cr-Commit-Position: refs/heads/master@{#75164} Bug: v8:11054 Change-Id: Iae3ae73014c7eafe20917cf088a569f370d9b53d No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2965489 Auto-Submit: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#75165}
-
Andrew Comminos authored
To enable deallocation of CodeEntry objects after they're no longer being referenced by an active profile or alive on the heap, replace the |used| bit with a proper reference count maintained by a CodeMap. Bug: v8:11054 Change-Id: Id3d5941e509504415692f833e406ecdd2553d426 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2945541Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Andrew Comminos <acomminos@fb.com> Cr-Commit-Position: refs/heads/master@{#75164}
-
Ross McIlroy authored
Moves TurboProp to optimize around the time of TurboFan right now, and removes some of the special-case logic we had to avoid aggressive early optimization of TurboProp. BUG=v8:9684 Change-Id: I0299408891ff6fd57e6523ff309b5f16624466a9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2964814 Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#75163}
-
Frank Tang authored
1. Add test to ensure none of the array contains undefined 2. Calculate the fixed array size by considering the code may filter out some itmes returned by ICU. 3. Add test to check there are no undefined. 4. Add test to check the locale.timeZones return sorted array. 5. Also refactor the JSArray generation code. Bug: v8:11871 Change-Id: I8ad4a779d137d9b7e2deead7a1aa38e599e1af2e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2953517 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#75162}
-
Camillo Bruni authored
The shorter xorl + movb instructions cause regressions. Bug: chromium:1220093 Change-Id: Ib7da0ea16669fa490b78a8095f6f3b35e972e1cb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2964396Reviewed-by: Zhi An Ng <zhin@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#75161}
-
Michael Lippautz authored
StateBase requires a virtual destructor as it is destroyed through the base class. Failing to provide a virtual dtor leaks internal state in State (and possible in future RootState). Bug: chromium:1056170 Change-Id: I4408a57dc05fdeb81408f571dd6eb87312ba7c9d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2964815Reviewed-by: Omer Katz <omerkatz@chromium.org> Commit-Queue: Omer Katz <omerkatz@chromium.org> Auto-Submit: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#75160}
-
Camillo Bruni authored
Long live --log-ic! Change-Id: I4d8cefd64cdbf693a868019deb2a864d43cbd2ff Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2964393 Auto-Submit: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#75159}
-
Jakob Kummerow authored
No changes to the algorithm; minor speedup due to the move from Handle<BigInt> to Digits. Bug: v8:11515 Change-Id: Id85fe4f0c276d3ad826fee79205719092d0e0715 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2947412 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#75158}
-