- 21 Apr, 2021 27 commits
-
-
Leszek Swirski authored
For handles and external refs, use Move32BitImmediate directly rather than mov -- mov will first try more compact encodings which will almost certainly fail for embedded pointers, so it's not worth trying to use it in baseline compilation where the compiler speed matters. Bug: v8:11420 Change-Id: Ic0ed9f95d28302ae9737567aa863dc93666239e1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2843814 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#74103}
-
Maya Lekova authored
This CL hardens the test function for unwrapping the C++ object to only do so if the correct API object is passed from JS. Bug: chromium:1201057 Change-Id: I81eb16efe2711bd788c775e3bcb712720bbe4782 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2843347Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#74102}
-
Nico Hartmann authored
Some string constant optimizations in JSNativeContextSpecialization assumed an incorrect maximal string length of double values. Bug: chromium:1189077, chromium:1178718 Change-Id: Iae531f0e323679a4490e666a971b66655c25c757 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2843361 Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#74101}
-
Manos Koukoutos authored
Changes: - Remove TypeCheckBranchResult. Change TypeCheckBranch() to return bool. Refactor call sites to reflect this (decouple current code reachability check from type check). - Unify TypeCheckBranch(), TypeCheckFallthrough(), and the type-checking part of Return() into TypeCheckStackAgainstMerge(). - Make sure all TypeCheck* functions are only called within VALIDATE. - In graph-builder-interface, rename end_env -> merge_env to reflect its function for loops. - Change expected error messages in some tests. Change-Id: I857edc18db9c2454ad12d539ffe7a10e96367710 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2839560Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/master@{#74100}
-
Georg Neis authored
This reverts commit 47077d94. Reason for revert: realized a problem Original change's description: > [compiler] Fix more truncation bugs in SimplifiedLowering > > Bug: chromium:1200490 > Change-Id: I3555b6d99bdb4b4e7c302a43a82c17e8bff84ebe > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2840452 > Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> > Commit-Queue: Georg Neis <neis@chromium.org> > Cr-Commit-Position: refs/heads/master@{#74097} Bug: chromium:1200490 Change-Id: I07b4a34269184e801bef657c1c2c9334c58f348c No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2843810 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#74099}
-
Almothana Athamneh authored
Bug: v8:11639 Change-Id: I3352261c5593c33154aa8f1a931bf3ee351f536a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2831487Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> Cr-Commit-Position: refs/heads/master@{#74098}
-
Georg Neis authored
Bug: chromium:1200490 Change-Id: I3555b6d99bdb4b4e7c302a43a82c17e8bff84ebe Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2840452Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#74097}
-
Alex Rudenko authored
This CL extracts CommandLineAPIScope from V8Console and exposes it as V8CommandLineAPIScope. Also, it exposes V8InspectorSession::createCommandLineAPI. These changes will be used by InspectorPageAgent to install command line APIs when evaluating scripts added using CDP's command Page.addScriptToEvaluateOnNewDocument. Chromium CL: https://crrev.com/c/2835786 Doc: https://docs.google.com/document/d/1zGG7-NZMb-aOfFfHf1u4VsP4C-lZettopCvYDC6pkBw/ Bug: chromium:1200705 Change-Id: I39b27f957cfb6d682ea84e385eaf25d09d261b58 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2835712Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Alex Rudenko <alexrudenko@chromium.org> Cr-Commit-Position: refs/heads/master@{#74096}
-
Leszek Swirski authored
Similar to the recent change to --code-comments, make --debug-code a build-time enabled flag, enabled by default on debug builds. This also removes the emit_debug_code() option from the assembler, instead using the flag directly (there were no cases where this option didn't match the global flag). Change-Id: Ic26b0d37b615a055508c9dda099ffbe979eae030 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2843348 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#74095}
-
Camillo Bruni authored
- Add filter to skip baseline handlers - Make profiler types more readable - Refactor tickprocessor test to use serialized symbols - Add large tickprocessor stress test with a complete V8 log Change-Id: Icc09c2eb8ea63c1805d793d2d47f79b0d5080b5b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2784686 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/master@{#74094}
-
Leszek Swirski authored
Based on some test compiles (of three.js and jquery) we can get a decent estimate of expected bytecode offset table size for a given bytecode size. Reserve this expected size to avoid resize overhead. Bug: v8:11420 Change-Id: I8288b01fa796e765a20b11219687fa3d23272416 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2843354Reviewed-by: Patrick Thier <pthier@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#74093}
-
Leszek Swirski authored
Since there usually aren't many pending 32-bit constants, we can avoid the cost of malloc/free for most compiles by using a base::SmallVector instead of std::vector. I picked a value of 32 entries as the SmallVector's inline size, based on compiling three.js and jquery with Sparkplug, and printing the size of the constant pool when emitted. 93% of emitted constant pools had <=32 entries. Bug: v8:11420 Change-Id: I7d62da74c60feae08f8a4b16b1e7f93ea69d2c95 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2840447Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#74092}
-
Maya Lekova authored
This CL disables two more fast API calls tests that shouldn't be run on stress_snapshot and jitless variants. Change-Id: I2e3270ba7b93e598219b87195640675cfc4571ef Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2843362 Commit-Queue: Maya Lekova <mslekova@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Auto-Submit: Maya Lekova <mslekova@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#74091}
-
Camillo Bruni authored
Bug: chromium:1193459 Change-Id: Ia4a79a1f75bb82c459b8b0de35d95c5f25098f1c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2843355Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#74090}
-
Leszek Swirski authored
Use the general VLQ implementation for RelocInfo, rather than a custom varint implementation. Note that this reverses the tagging logic (from end bit to continuation bit) as this is more efficient for small values (that now don't need to be tagged/untagged when written/read). Change-Id: I09283f0557f9e182b4466858a2786922affb1453 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2839555 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#74089}
-
Camillo Bruni authored
Move NewStructInternal to header and templatize it to unroll initialisation loop. Bug: v8:11263 Change-Id: Iaaf2929c9a17b9195177b6afa7087b9b4ed6f0b4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2821706Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Anton Bikineev <bikineev@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#74088}
-
Sathya Gunasekaran authored
This reverts commit ebd9dcda. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20gcc/11378/overview Original change's description: > [compiler] Perform MapRef's SupportsFastArray methods concurrently > > We are safe to go through the native_contexts_list_ since we do it > through IsAnyInitialArrayPrototype which disallows the GC. Furthermore, > we read that list with an acquire load which guarantees that the fields > have been initialized. > > Bug: v8:7790 > Change-Id: I778d51f4ead44e472f842693a7e9ff577d6acfe3 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2826541 > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> > Cr-Commit-Position: refs/heads/master@{#74086} Bug: v8:7790 Change-Id: I4ef0056fb5ab9bd037375f67ec704f842e003283 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2843360 Auto-Submit: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#74087}
-
Santiago Aboy Solanes authored
We are safe to go through the native_contexts_list_ since we do it through IsAnyInitialArrayPrototype which disallows the GC. Furthermore, we read that list with an acquire load which guarantees that the fields have been initialized. Bug: v8:7790 Change-Id: I778d51f4ead44e472f842693a7e9ff577d6acfe3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2826541Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#74086}
-
Camillo Bruni authored
We have roughly a 7x (5x on ia32) ratio between bytecode and sparkplug code. Using this number to preallocate the buffer for the emitted code we can avoid a few copies for larger functions. Drive-by-fix: Make sure EnsureSpace is marked V8_INLINE Bug: v8:11420 Change-Id: I6ec48717d2e030c6118c59f5cdc286c952ec2843 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2835732 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#74085}
-
Manos Koukoutos authored
Bug: v8:11510 Change-Id: I6cb4bdb45a735bd85adfa02b92f01cd144517560 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2840324Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/master@{#74084}
-
Georg Neis authored
It can happen that the {value} handle initially (when we stored its contents into the property cell) contained a ThinString but was subsequently patched by the scavenger to hold the InternalizedString directly. Bug: v8:11675 Change-Id: Ia3e5fed5bd28313b6fd2031eee0658ac4136a7ca Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2843350Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#74083}
-
Jakob Gruber authored
Flag reads from background threads are unfortunately scattered and hard to completely avoid in the current state of V8. An example TSAN failure: ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN/36369/overview The root cause is that FlagScope destruction modifies flag values on the main thread, racing with flag reads from the background thread. In cctests, there's no need to reset flags back to initial values at the end of tests. Let's simply remove the problematic flag scopes. Bug: v8:11658 Change-Id: I59ed3794ddc9ed570772726a423dc22afc4dc207 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2843346 Auto-Submit: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#74082}
-
Leszek Swirski authored
Templatize the VLQ methods to avoid std::function overheads, and add a few optimisations (small value fast path, split writing and tagging). Change-Id: I840d60c972916d1a6023c8ea2a67bbd540f2d159 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2839554 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/master@{#74081}
-
Sara Tang authored
Turning on V8_ENABLE_SYSTEM_INSTRUMENTATION by default has broken node-v8 builds on Windows, tracked here: https://github.com/nodejs/node-v8/issues/192. It looks like it is due to the fact that Node uses pre-compiled headers, which undefines some macros needed for the event trace APIs to work. (see src/base/win32-headers.h) Bug: v8:11043 Change-Id: I3a6caeaaabab59d42e14b79defb2e37efd9ad04d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2830550Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Sara Tang <sartang@microsoft.com> Cr-Commit-Position: refs/heads/master@{#74080}
-
Maya Lekova authored
This CL hardens the test facility in d8 for interface types for the fast C API. Bug: chromium:1201011 Change-Id: Ibfe1bb242f86b4a5edd0d195e049852430f8a2fe Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2843344 Commit-Queue: Maya Lekova <mslekova@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#74079}
-
Wenyu Zhao authored
* Filtered some tests that rely on incremental_marking and shape tracking Bug: v8:11644 Change-Id: Ic9833bf1e49e6413422484858cd1054dd2500092 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2822284 Commit-Queue: Wenyu Zhao <wenyu.zhao@anu.edu.au> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#74078}
-
Maya Lekova authored
The compiler/fast-api-interface-types test is incompatible with jitless and stress_snapshot, so this CL disables it on these two variants. This fixes a failure on FYI bots: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20-%20fyi/21641/overview The test was first introduced in https://chromium-review.googlesource.com/c/v8/v8/+/2835711. Change-Id: I0f9e2cc5d444673a1ad2ca9f16cd789fc2c2a814 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2843343 Commit-Queue: Maya Lekova <mslekova@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Auto-Submit: Maya Lekova <mslekova@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#74077}
-
- 20 Apr, 2021 13 commits
-
-
Ng Zhi An authored
Bug: v8:11589 Change-Id: I90a0c9f8325eb56c607addf1adde60673dfbc9c7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2840688Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#74076}
-
Frank Tang authored
Diary https://docs.google.com/document/d/1T60FUG62FuvZ447FNoK81uE1fgJ7bayPf_w-rPqFrFM https://chromium.googlesource.com/chromium/deps/icu.git/+log/81d6568..7e7574bd chrome DEPS rolling https://chromium-review.googlesource.com/c/chromium/src/+/2824939 Bug: chromium:1193795 Change-Id: Ibccb97fe9b6b0601676800dea6c066e0d66a0a6f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2793151Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/master@{#74075}
-
Ulan Degenbaev authored
Enabling and disable RCS at runtime races with concurrent threads that use RCS. Bug: v8:11338 Change-Id: I8fa9edcbaefc339f88b2a0d079d094a7e4290fbf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2840446 Commit-Queue: Michael Achenbach <machenbach@chromium.org> Auto-Submit: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#74074}
-
Ng Zhi An authored
Bug: v8:11589 Change-Id: I13c57e1dcc77345bcc9d95a14cf878db6dd60e02 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2837589Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#74073}
-
Dan Elphick authored
Moves the platform-specific interface-descriptors-<platform>-inl.h into the v8_internal_headers target so interface-descriptors-inl.h can include them. (Fixes 1 gn check error). Bug: v8:7330 Change-Id: Id07635e93a4574b733d258ddba558b106d95c05f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2840448 Commit-Queue: Dan Elphick <delphick@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Dan Elphick <delphick@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#74072}
-
Stephen Belanger authored
This is a reland of d5457f5f after a speculative revert. Additionally it fixes an issue with throwing promise hooks. Original change's description: > [api] JSFunction PromiseHook for v8::Context > > This will enable Node.js to get much better performance from async_hooks > as currently PromiseHook delegates to C++ for the hook function and then > Node.js delegates it right back to JavaScript, introducing several > unnecessary barrier hops in code that gets called very, very frequently > in modern, promise-heavy applications. > > This API mirrors the form of the original C++ function based PromiseHook > API, however it is intentionally separate to allow it to use JSFunctions > triggered within generated code to, as much as possible, avoid entering > runtime functions entirely. > > Because PromiseHook has internal use also, beyond just the Node.js use, > I have opted to leave the existing API intact and keep this separate to > avoid conflicting with any possible behaviour expectations of other API > users. > > The design ideas for this new API stemmed from discussion with some V8 > team members at a previous Node.js Diagnostics Summit hosted by Google > in Munich, and the relevant documentation of the discussion can be found > here: https://docs.google.com/document/d/1g8OrG5lMIUhRn1zbkutgY83MiTSMx-0NHDs8Bf-nXxM/edit#heading=h.w1bavzz80l1e > > A summary of the reasons for why this new design is important can be > found here: https://docs.google.com/document/d/1vtgoT4_kjgOr-Bl605HR2T6_SC-C8uWzYaOPDK5pmRo/edit?usp=sharing > > Bug: v8:11025 > Change-Id: I0b403b00c37d3020b5af07b654b860659d3a7697 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2759188 > Reviewed-by: Marja Hölttä <marja@chromium.org> > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Reviewed-by: Anton Bikineev <bikineev@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Commit-Queue: Camillo Bruni <cbruni@chromium.org> > Cr-Commit-Position: refs/heads/master@{#73858} Bug: v8:11025 Bug: chromium:1197475 Change-Id: I73a71e97d9c3dff89a2b092c3fe4adff81ede8ef Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2823917Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Anton Bikineev <bikineev@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#74071}
-
Junliang Yan authored
Change-Id: I2925b0d1378736d3b357e5be7070b6b37510cbff Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2840325Reviewed-by: Milad Fa <mfarazma@redhat.com> Commit-Queue: Junliang Yan <junyan@redhat.com> Cr-Commit-Position: refs/heads/master@{#74070}
-
QiuJi authored
Change-Id: I34d31032b8f1704ddea6334398a4ff2198cc192d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2822631Reviewed-by: Brice Dobry <brice.dobry@futurewei.com> Reviewed-by: Hannes Payer <hpayer@chromium.org> Commit-Queue: Brice Dobry <brice.dobry@futurewei.com> Cr-Commit-Position: refs/heads/master@{#74069}
-
Liu Yu authored
Port: 2871e05c Bug: v8:11420 Change-Id: Id4e060ba95d7eb19c0a0a3f5eb224be5eb46fa8e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2839017Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Auto-Submit: Liu yu <liuyu@loongson.cn> Cr-Commit-Position: refs/heads/master@{#74068}
-
Camillo Bruni authored
Change-Id: Ia553e38ca65587c16c36c736c2b9ca9b686ed3e5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2839561 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Auto-Submit: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#74067}
-
Santiago Aboy Solanes authored
Mistakenly had its set as non-atomic when it was modifying maps the concurrent compiler could see. Since this accessor is set after map initialization, but it is not necessary for synchronization we can set it as relaxed write. Bug: v8:7790, v8:11668 Change-Id: I605935e96b3da47ed6abfb6676bf14456feeeddd Fixed: v8:11668 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2839548Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#74066}
-
Ulan Degenbaev authored
The test fails because of the race condition between concurrent GC threads and the destructor of the test. Bug: v8:11413 Change-Id: I5a138a61c16ddf2398e7c54defe6cc4008ca3330 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2839552Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#74065}
-
Maya Lekova authored
This is a reland of 6124a534 It fixes a UAF issue in the d8 test by moving the test API object constructor to PerIsolateData. It also fixes a crash in Chromium caused by current usage of v8::ApiObject, which should be migrated to v8::Value*. Original change's description: > [fastcall] Add support for leaf interface type checks > > This CL adds an IsTemplateForApiObject method to FunctionTemplate > allowing the embedder to check whether a given API object was > instantiated by this template without including parent templates > in the search. It also replaces the v8::ApiObject in the fast API > with a raw v8::Value pointer to allow use of standard C++ casts. > > Bug: chromium:1052746 > Change-Id: I0812ec8b4daaa5f5005aabf10b63e1e84e0b8f03 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2595310 > Commit-Queue: Maya Lekova <mslekova@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> > Cr-Commit-Position: refs/heads/master@{#73999} Bug: chromium:1052746, chromium:1199900 Change-Id: I4b7f0c9e9152919dde4a1d0c48fbf5ac8c5b13d8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2835711Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#74064}
-