- 31 Aug, 2022 22 commits
-
-
Samuel Groß authored
Bug: v8:10391 Change-Id: I567f94800119a9afd3f684134a6f4885026f813e Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3859347 Commit-Queue: Samuel Groß <saelo@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#82866}
-
Tobias Tebbi authored
Bug: v8:12783 Change-Id: I97f6a28bfef7c9aed679c84f33d60a71cf467718 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3859327Reviewed-by: Darius Mercadier <dmercadier@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#82865}
-
Jakob Linke authored
Bug: v8:7700 Change-Id: I7bdb64c5a8c73aefd19c972337d488de2103ad13 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865320 Commit-Queue: Jakob Linke <jgruber@chromium.org> Reviewed-by: Victor Gomes <victorgomes@chromium.org> Auto-Submit: Jakob Linke <jgruber@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#82864}
-
Patrick Thier authored
In preparation for the new `v`-flag, extend RegExp flags from 1-byte to 2-byte. Bug: v8:11935 Change-Id: I2dacb5e8dba889947054aa5c155708b8d315b898 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3857561Reviewed-by: Jakob Linke <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/main@{#82863}
-
Jakob Linke authored
OSR is triggered based on the condition: bytecode_size <= x + profiler_ticks * y where x and y are constants selected in the dawn of time. Since the presence of Maglev introduces multiple interrupt budgets for different target tiers (which control how often profiler_ticks are incremented), constant y must be adapted to stay somewhat close to the old OSR timing behavior. Bug: v8:7700 Change-Id: I0f182d28fd64a58f2f6d8346cca0d553fbeae184 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3866175 Commit-Queue: Jakob Linke <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Jakob Linke <jgruber@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#82862}
-
Dominik Inführ authored
During shared heap verification, we might verify the client heap from the shared heap's thread. In this case this DCHECK doesn't hold. Since there is no strong need for that DCHECK simply remove it. Bug: v8:11708, v8:13244 Change-Id: I90897915290f5238da2559538ce3cfe7ab4e9dff Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865967Reviewed-by: Omer Katz <omerkatz@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#82861}
-
Michael Achenbach authored
Due to https://crbug.com/1195263, large typed arrays can have an observable difference on the same architecture, depending on optimization behavior. For differential fuzzing comparisons, we previously used a proxy for typed arrays that capped the maximum size only when comparing different architectures - there an observable difference is WAI. We move the capping code and make it arch-independent for now until the bug above gets fixed, since it caused too many duplicates, which degrade fuzzing performance. Bug: chromium:1195263 Change-Id: Ic81c383e547413378cbe037de3c38eb900a9e5dc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3866173 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#82860}
-
Jakob Linke authored
.. since ticks collected in lower tiers use a different budget than ticks collected in ML code. Keeping ticks from a lower tier would lead to earlier-than-expected TF compilation requests. Also, remove the runtime call between loops in osr-from-ml-to-tf.js to not give TF too much time to tier up. It should no longer happen now that ticks are cleared, but there's also no reason for the runtime function to between the loops. Bug: v8:7700 Fixed: v8:13242 Change-Id: I901c636079de05cb62d2aae1c92f0285a0f8c1ad Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3867310 Auto-Submit: Jakob Linke <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#82859}
-
Leszek Swirski authored
This reverts commit 911c7170. Reason for revert: Reverting because of the revert in https://crrev.com/c/3867311 Original change's description: > [debug] CHECK that a function's context is always available > > After https://crrev.com/c/3854501 has landed, we no longer have to > handle the case that we do not find a function's context in the > scope iterator even though the function requires one. > > This CL renames `NeedsAndHasContext` to `NeedsContext` since we > always find a scope's context now. Additionally we turn this > assumption into a dedicated check. > > R=bmeurer@chromium.org > > Bug: chromium:1246907 > Change-Id: I6458df76689c0bfa6d6b2f8c421f9ce481855547 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865153 > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> > Commit-Queue: Simon Zünd <szuend@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82848} Bug: chromium:1246907 Change-Id: I1c8849ce60533f5c6da99f432bf1902ade47bb8b No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3866174 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Owners-Override: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#82858}
-
Tobias Tebbi authored
- Remove TruncateInt64ToInt32 instead of translating to Turboshaft, since it has no effect. Removing it simplifies pattern-matching in optimizations. - Change how exception handling is done in Turboshaft: The exception value is obtained as the result of `CatchExceptionOp` instead of a special projection. This simplifies projections. - Add `TupleOp` as the counterpart to `ProjectionOp`, which is useful for lowerings of operations that have multiple outputs. - Split BinopOp into WordBinopOp and FloatBinopOp because they have quite different semantics and many kinds only exist for one of them. - rename IntegerUnary to WordUnary and other occurences of Integer/Integral - rename ChangeOp::Kind::kUnsignedFloatTruncate` to `kJSFloatTruncate` because it actually has JS wrap-around semantics. - move/add representation DCHECKs to operation constructors. - add some convinience helpers to `AssemblerInterface`. - Add a mechanism to check which operations are supported by the machine. Drive-by fix: Abort current block in OptimizationPhase::VisitBlock if we lower to a block-terminator. Bug: v8:12783 Change-Id: Ib738accccd22fb1606d9dab86f57ac1e739fcec2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3857449 Auto-Submit: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Darius Mercadier <dmercadier@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#82857}
-
Victor Gomes authored
There are 2 kinds of WasmToJs code: one uses a WasmFrame and the other a simple TypedFrame TF frame. This CL introduces WasmToJsFunctionFrame (as a simple TypedFrame) to dfferentiate from the WasmFrame counterpart. This was not an issue before https://crrev.com/c9c490891ab3d63fc790770cb1c76f8013ba963f since we used to use a single master function for pointer iteration. No-Tree-Checks: true Bug: v8:13243 Change-Id: I97f7e8c897159ca3cafa65ff6ddf836c5ef7b76e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865969Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#82856}
-
Leszek Swirski authored
This reverts commit 3297ccca. Reason for revert: V8 roll is failing https://luci-milo.appspot.com/ui/inv/build-8804330987023399745/test-results?q=DevToolsTest.TestPauseWhenScriptIsRunning Original change's description: > [debug] Immediately step-in for 'stack check triggered' debug breaks > > This CL changes debug breaks that are triggered via interrupts (i.e. > via stack check). One client of this behavior is the `Debugger.pause` > CDP method. > > The problem is that when we pause so early, the JSFunction didn't have > time yet to create and push it's context. This requires special > handling in the ScopeIterator and makes an upcoming change unnecessary > complex. > > Another (minor) problem is that local debug-evaluate can't change > context-allocated local variables (see changed regression bug). Since > the context is not yet created and pushed, variables are written to > the DebugEvaluateContext that goes away after the evaluation. > > The solution is to mirror what `BreakOnNextFunction` does. Instead > of staying paused in the middle of the function entry, we trigger > a "step in" and pause at the first valid breakable position instead. > This ensures that the function context is already created and pushed. > > Note that we do this only in case for JSFunctions. In all other cases > we keep the existing behavior and stay paused in the entry. > > R=jgruber@chromium.org > > Fixed: chromium:1246907 > Change-Id: I0cd8ae6e049a3b55bdd44858e769682a1ca47064 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3854501 > Reviewed-by: Jakob Linke <jgruber@chromium.org> > Commit-Queue: Simon Zünd <szuend@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82817} Change-Id: I0c34b7b4a788572a73ca380b3d767223fb6e7ea1 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3867311 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Owners-Override: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#82855}
-
Dominik Inführ authored
Use raw_native_context().normalized_map_cache() to avoid handle creation in a safepoint. Handles have all kinds of DCHECKs that may not hold during heap verification. Bug: v8:11708, v8:13244 Change-Id: I3f9ceae6533059c119287b833d5795f8fa67f9d1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865965Reviewed-by: Omer Katz <omerkatz@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#82854}
-
Shu-yu Guo authored
Object.hasOwn has shipped since 9.3. Also drive-by removing other removed feature flags from test262 config. Bug: chromium:1213927, v8:13220 Change-Id: I3d11298e1348adf5b26d63a23a6606a4ad22892c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3863807 Auto-Submit: Shu-yu Guo <syg@chromium.org> Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#82853}
-
Jakob Linke authored
.. mostly mentions in mjsunit `Flags:` lines and in comments. Bug: v8:10386 Change-Id: If79dfdc448d0a3f19883ef1f816e77e750cb4061 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865964 Commit-Queue: Jakob Linke <jgruber@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#82852}
-
Matthias Liedtke authored
Bug: v8:7748 Change-Id: Ie94e8f7f5afdaea7b4406bf8c57b294bf8f5733c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865959Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Matthias Liedtke <mliedtke@chromium.org> Cr-Commit-Position: refs/heads/main@{#82851}
-
Liu Yu authored
Port commit c2d46fe9 Bug: chromium:1350384 Change-Id: Id1cfb2dbb69093799658f366ade3b422a6b68f07 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3867134 Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Auto-Submit: Liu Yu <liuyu@loongson.cn> Cr-Commit-Position: refs/heads/main@{#82850}
-
Dominik Inführ authored
Concurrent marking jobs were only joined in Heap::TearDown and therefore may still update counters while DumpAndResetStats() emits stats. This CL stops concurrent marking tasks in Heap::StartTearDown when also stopping other concurrent tasks like sweeping or unmapping of pages. Bug: v8:13175, v8:12775 Change-Id: Iccddbfce5e30002e0db63ba0bdea5ea6b2d5cc40 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3827869Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#82849}
-
Simon Zünd authored
After https://crrev.com/c/3854501 has landed, we no longer have to handle the case that we do not find a function's context in the scope iterator even though the function requires one. This CL renames `NeedsAndHasContext` to `NeedsContext` since we always find a scope's context now. Additionally we turn this assumption into a dedicated check. R=bmeurer@chromium.org Bug: chromium:1246907 Change-Id: I6458df76689c0bfa6d6b2f8c421f9ce481855547 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865153Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/main@{#82848}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/adc338f..d74c524 Rolling v8/buildtools: https://chromium.googlesource.com/chromium/src/buildtools/+log/cf8185c..69f262d Rolling v8/buildtools/third_party/libc++/trunk: https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libcxx/+log/26e3467..e5670a0 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/bbb66d7..b0fb8d5 Rolling v8/third_party/fuchsia-sdk/sdk: version:9.20220826.3.1..version:9.20220830.2.1 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/ad4caa4..b72e51a R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I642b0da0a35c541f74246b668c86b4448ce3dc09 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3866212 Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#82847}
-
Frank Tang authored
Sync to https://github.com/tc39/proposal-temporal/pull/2219 Also sync the MergeLargestUnitOption to latest spec Change some of the type from JSObject to JSReceiver based on the code change. Change AOs: MergeLargestUnitOption, PrepareTemporalFields, AddDurationToOrSubtractDurationFromPlainYearMonth Spec text: https://tc39.es/proposal-temporal/#sec-temporal-mergelargestunitoption https://tc39.es/proposal-temporal/#sec-temporal-preparetemporalfields https://tc39.es/proposal-temporal/#sec-temporal-adddurationtoorsubtractdurationfromplainyearmonth Change the parameter or return from type Handle<Object> to Handle<JSReceiver> in DifferenceISODateTime, PrepareTemporalFieldsOrPartial, PrepareTemporalFields, PreparePartialTemporalFields, MergeLargestUnitOption Bug: v8:11544 Change-Id: I30e997521f0ed644f5ec50d0982acf1e12f2977d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3855977 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#82846}
-
Frank Tang authored
Adjust order of operations in ISO{Date,MonthDay}FromFields https://github.com/tc39/proposal-temporal/pull/2203 Spec text: https://tc39.es/proposal-temporal/#sec-temporal-isodatefromfields https://tc39.es/proposal-temporal/#sec-temporal-isomonthdayfromfields Bug: v8:11544 Change-Id: I4ae945656e3f35d0af422ee86e1f5108a350b6a6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3857452Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#82845}
-
- 30 Aug, 2022 18 commits
-
-
Michael Lippautz authored
So far Oilpan garbage collection was only ever triggered via growing strategies in either V8 or stand-alone heap growing. This CL implements a fallback for GC on allocation. - Stand-alone implementation will defer to GCInvoker which is aware of stack support. - CppHeap implementation will just trigger a full V8 GC. Bug: chromium:1352649 Change-Id: If92f705b4e272290ca7022864fd7b90f0fcb809e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865148Reviewed-by: Anton Bikineev <bikineev@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#82844}
-
snek authored
The representation of `options.data` was previously refactored to `v8::Value` when removing `v8::ApiObject`, but this is invalid for a number of reasons (SMIs, v8::Value being a ZST, etc). To fix this, it has been changed to `Local<Value>`, which also matches the representation used for other fastcall parameters. Bug: chromium:1052746 Change-Id: Ia4450bf3d908d4e1b7a85d6bd7ab45ea5f5f08f4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3844662Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: snek <snek@chromium.org> Cr-Commit-Position: refs/heads/main@{#82843}
-
Matthias Liedtke authored
Fix for 75391be2. The fuzzer should not generate type immediates for the new array len opcode. As the old opcode was renamed in C++, the fuzzer switched to the new opcode automatically. Bug: v8:7748 Change-Id: Ife2d420e8ce5486f683f00bfff168f47745a86d2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3866171 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Auto-Submit: Matthias Liedtke <mliedtke@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Matthias Liedtke <mliedtke@chromium.org> Cr-Commit-Position: refs/heads/main@{#82842}
-
Jakob Kummerow authored
No-Try: True No-Tree-Checks: True Change-Id: Id63d073abaff59f975883f95870704ea6d55ac0a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3866172 Auto-Submit: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/main@{#82841}
-
Feng Yu authored
Test names should be separated by "." but not "/". This CL fixes all test names which are separated by "." Bug: v8:13240 Change-Id: I4d97b0cc4b647f28cc2af9685c35b45b7d4561e5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3864190 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#82840}
-
Jakob Kummerow authored
Per https://github.com/WebAssembly/function-references/pull/76, call_ref and return_call_ref should consume type immediates specifying the signature of the funcref. This is a breaking change. To ease the migration, this patch introduces a temporary alternative binary encoding for call_ref: - 0x14 continues to *not* take a type immediate for now. - 0x17 (formerly "let") is the new call_ref *with* type immediate. Module producers are encouraged to emit this encoding ASAP. - After a few weeks of transitionary period, we'll update 0x14 to take a type immediate as well. At this point, module producers will be encouraged to switch back to 0x14. - After a few more weeks of transitionary period, we'll drop 0x17 again. We're not doing the same dance for return_call_ref because it currently has no uses that we know of. Bug: v8:7748,v8:9495 Change-Id: Id8d468be3949f84571efff713c937ffd1addff70 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3863280Reviewed-by: Matthias Liedtke <mliedtke@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Auto-Submit: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#82839}
-
Igor Sheludko authored
Bug: v8:12547 Change-Id: I9956b91a6211345bd5a0e0f51bc04367835f82f8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3863275 Auto-Submit: Igor Sheludko <ishell@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#82838}
-
Feng Yu authored
- move cctest/test-parsing -> unittests/parser/parsing-unittest - move common/{scope-test-helper, unicode-helper} to unittests/parser directory because these are only be used by tests in unittests/parser Bug: v8:12781 Change-Id: Ie0fb043d5df6178bbe088d140a76f606454bbf29 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3855313Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Feng Yu <f3n67u@gmail.com> Cr-Commit-Position: refs/heads/main@{#82837}
-
Matthias Liedtke authored
- fix handling of undefined for non-externref tables - add test for non-nullable ref table Bug: v8:7748 Change-Id: I3f0f3aa68eb43208aea84cb8f21b37a539e14d26 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3862206 Commit-Queue: Matthias Liedtke <mliedtke@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#82836}
-
Peter Kasting authored
This fixes a compile error under C++20. Bug: chromium:1284275 Change-Id: Ib263d3817c578825d303926f321eaec227e5add8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3864103 Auto-Submit: Peter Kasting <pkasting@chromium.org> Commit-Queue: Peter Kasting <pkasting@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#82835}
-
Anton Bikineev authored
The 2GB cage caused new OOMs on M106. While those issues are being investigated, this CL returns the 4GB back. The pointer compression is still enabled. Bug: chromium:1325007, chromium:1354660 Change-Id: I4fa4fabece2910ca84913d8df201acfbdf4b26e2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865004Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#82834}
-
Manos Koukoutos authored
This reverts commit ddafb7a3. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/43620/overview Original change's description: > [heap] Verify client heaps during shared GC > > With --verify-heap verify all client heaps before and after a shared > GC. This ensures that the OLD_TO_SHARED remembered set is properly > filled for each client isolate. > > Bug: v8:11708 > Change-Id: I1506a419c7a91c5baa87ce251da9861d8ad9e066 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3857559 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82829} Bug: v8:11708 Change-Id: I421bce59211fe420b0893aaa9d35750ecaf23570 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3863282 Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Owners-Override: Manos Koukoutos <manoskouk@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#82833}
-
Junliang Yan authored
Change-Id: Iebbd01499dc7cf7ebc19b98c194fcddba3d5465c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3863278Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Junliang Yan <junyan@redhat.com> Cr-Commit-Position: refs/heads/main@{#82832}
-
Manos Koukoutos authored
... from WasmDecoder::AnalyzeLoopAssignment. Bug: v8:9495 Change-Id: I937aca15ca77914ed920766e0e55b6d337139e17 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865956Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#82831}
-
Michael Achenbach authored
This will help catching issues with tests that require SIMD and might need skipping on bots without SIMD support. Bug: v8:13008 Change-Id: I44a5b3094059c7661a6cb3d90ab96f9e79b55ca2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865159Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Auto-Submit: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#82830}
-
Dominik Inführ authored
With --verify-heap verify all client heaps before and after a shared GC. This ensures that the OLD_TO_SHARED remembered set is properly filled for each client isolate. Bug: v8:11708 Change-Id: I1506a419c7a91c5baa87ce251da9861d8ad9e066 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3857559Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#82829}
-
Milad Fa authored
Port af62c4f0 Original Commit Message: Adapted from https://crrev.com/c/3862264. Add a new teardown trampoline for the case where a Sparkplug function is deoptimized during its function entry stack check. In these cases, the stack is in an incomplete setup state, so instead of forwarding to interpreter re-entry, we undo the partial stack setup and forward to the standard interpreter entry. R=szuend@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: I6e3b906938dc9a297b602290e762426e56fb8d9d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3864189Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#82828}
-
Milad Fa authored
Port ed90ea5c Original Commit Message: This implementation sticks closely to what Ignition-to-Turbofan (and now Sparkplug-to-TF) does. OSR is detected in the TieringManager by having optimized code available, without having entered it. The osr_urgency is increased to enable OSR for increasing loop depths. When a candidate JumpLoop backedge is reached, we call into runtime to trigger OSR compilation. JumpLoop also detects the availability of cached OSR'd code. When a matching OSR code object is available, Maglev 1) deoptimizes s.t. the unoptimized frame layout is reconstructed, and 2) delegates the actual OSR tierup to the unoptimized tier. For purposes of 1), we add a new DeoptimizeReason that causes a one-time eager deopt without invalidating any code. into a generic spot that both SP and ML can use. R=jgruber@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: I2de3ef530b9d1aac97e499fee75716a958cd9d09 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3863277 Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Reviewed-by: Junliang Yan <junyan@redhat.com> Cr-Commit-Position: refs/heads/main@{#82827}
-