- 31 Jan, 2022 11 commits
-
-
Manos Koukoutos authored
We temporarily disable fuzzing for wasm-gc until we update the fuzzer to the isorecursive hybrid type system. Bug: chromium:1291959 Change-Id: I2238c37bc49cbac2bf1c4085815a2283db982ab3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3423782Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#78869}
-
Manos Koukoutos authored
For backwards compatibility, we do not impose this restriction on nominal modules. Bug: v8:7748 Change-Id: I42c4dc824fc9824280527522b05fa3bf68c8929b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3422638Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#78868}
-
Igor Sheludko authored
Bug: v8:12590 Change-Id: I621bed34445a245cd077f06817496c1539454c5d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3423784 Auto-Submit: Igor Sheludko <ishell@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#78867}
-
Clemens Backes authored
{NativeModuleSerializer::WriteCode} does always return {true}, hence remove the return value to avoid dead code in callers. R=ahaas@chromium.org Bug: v8:12425 Change-Id: I3c07829f327fc039b3baffdec3f9f6637adc2861 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3425357Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#78866}
-
Manos Koukoutos authored
Bug: v8:7748 Change-Id: If5027ac632438937407aeea0bb266b58cb1cbba2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3422633Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#78865}
-
Benedikt Meurer authored
Previously we'd predict exceptions thrown in [[Reject]] handlers as always caught (by PromiseRejectReactionJob), but that's not what is actually specified in ECMAScript. The PromiseRejectReactionJob will turn any exception thrown into a promise rejection just like we do in the case of PromiseFulfillReactionJob, and so the catch prediction should match that behavior. Fixed: chromium:1290861 Change-Id: Id992708b009666da7c6bf1b6e3cf30752ca0a227 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3423775 Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/main@{#78864}
-
Leszek Swirski authored
This reverts commit 7ddacd68. Reason for revert: GC Stress failures: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/40615/overview Original change's description: > [web snapshot] Dehandlify more parts of the deserializer > > - Use Heap::AddGCEpilogueCallback to update often accessed FixedArrays > in the WebSnapshotDeserializer. > - ReadValue returns now a raw value to avoid handle creation in more > cases > - Drop representation support for now in ReadValue > - Avoid a few more handles when setting up objects > > Bug v8:11525 > > Change-Id: I6955b56887834bc655bdaa9c390016d9a17db82d > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3416242 > Reviewed-by: Marja Hölttä <marja@chromium.org> > Commit-Queue: Camillo Bruni <cbruni@chromium.org> > Cr-Commit-Position: refs/heads/main@{#78862} Change-Id: I44385ac118707ec60aa8c76e219b387bc3ba322e No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3423781 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Owners-Override: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#78863}
-
Camillo Bruni authored
- Use Heap::AddGCEpilogueCallback to update often accessed FixedArrays in the WebSnapshotDeserializer. - ReadValue returns now a raw value to avoid handle creation in more cases - Drop representation support for now in ReadValue - Avoid a few more handles when setting up objects Bug v8:11525 Change-Id: I6955b56887834bc655bdaa9c390016d9a17db82d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3416242Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#78862}
-
Paolo Severini authored
This reverts commit 7f26cbd2. Reason for revert: Issue 1292333: DCHECK failure in op->IsStackSlot() || op->IsFPStackSlot() in code-generator-x64.cc Original change's description: > [fastcall] Add Wasm entry for Fast API calls > > Allow Wasm to generate calls directly to Fast API C functions. > This massively reduces the overhead of these calls (~300%). > Currently options parameter is not supported. > > This is a reland of > https://chromium-review.googlesource.com/c/v8/v8/+/3364356 > with a fix to a data race. > > Bug: chromium:1052746 > Change-Id: I8c1c255419496d03a94ec2b443329842469586d5 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3398394 > Reviewed-by: Maya Lekova <mslekova@chromium.org> > Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Commit-Queue: Paolo Severini <paolosev@microsoft.com> > Cr-Commit-Position: refs/heads/main@{#78714} Bug: chromium:1052746 Change-Id: Ieb3f6f836bd604b0e4c5801f082997831eb7ac26 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3426610 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/main@{#78861}
-
Manos Koukoutos authored
Since inheritance depth of every type is known in the isorecursive hybrid type system, rtts with depth are removed. This enables simplification of type checks in Liftoff and Turbofan, as well as decoding of object allocation instructions. Bug: v8:7748 Change-Id: I6b52579b584191d92644de1c6e805d9f054641d3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3422626Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#78860}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/b2cde2a..eaca789 Rolling v8/buildtools/third_party/libunwind/trunk: https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libunwind/+log/676f5e9..d0ad43c R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I22e5012fd5245b7970191584cf5985be13d01843 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3425203 Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#78859}
-
- 30 Jan, 2022 1 commit
-
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/2772370..b2cde2a R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I80306ea6a3403005e79081726685704c7ccb356a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3425202 Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#78858}
-
- 29 Jan, 2022 2 commits
-
-
Clemens Backes authored
Those versions are broken, and sporadically reset the PKRU register on context switches (observed on ChromeOS only). This was fixed by this patch: https://lore.kernel.org/all/20210623121456.399107624@linutronix.de/ Thus we detect the running kernel version (once per process), and disable PKU if we detect a potentially broken kernel version. R=jkummerow@chromium.org Bug: v8:11974 Change-Id: Ib5158b4cf51d5c2811678b1b7dcc1494bc0ff46a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3417440Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#78857}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/3a3da2d..2772370 Rolling v8/buildtools/third_party/libunwind/trunk: https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libunwind/+log/7246413..676f5e9 Rolling v8/third_party/android_ndk: https://chromium.googlesource.com/android_ndk/+log/401019b..9644104 Rolling v8/third_party/android_sdk/public: Yw53980aNNn0n9l58lN7u0wSVmxlY0OM1zFnGDQeJs4C..7EcXjyZWkTu3sCA8d8eRXg_aCBCYt8ihXgxp29VXLs8C Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/d90eeee..6b30850 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/289dedd..8dd74d4 Rolling v8/third_party/googletest/src: https://chromium.googlesource.com/external/github.com/google/googletest/+log/0b7798b..28e1da2 R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: Iaedd20189695738095ec8353654bdab1a4c96f87 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3425201 Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#78856}
-
- 28 Jan, 2022 26 commits
-
-
Adam Klein authored
They're failing due to Inf/NaN differences after the latest clang roll, skipping for now to keep the tree green. A follow-up CL will likely want to broaden the expectations for these tests to allow both Inf & NaN in certain cases. Bug: v8:12588 Change-Id: I8055b67077fc67cc65246a89a4b4949d8838829e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3425660 Commit-Queue: Adam Klein <adamk@chromium.org> Auto-Submit: Adam Klein <adamk@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/main@{#78855}
-
Igor Sheludko authored
This is a reland #3. The fixes were landed separately. Perf Sheriffs: this CL might regress some benchmarks while improving the others. Bug: v8:11880 Change-Id: I8ed5bf59360649718960dc34c06015ee6ff1532a Cq-Include-Trybots: luci.v8.try:v8_android_arm64_compile_dbg Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3422643Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#78854}
-
Adam Klein authored
Change-Id: I88ea54d02bb6600acc1105dce112285c68861007 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3423667Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#78853}
-
Michael Achenbach authored
No-Try: true Bug: chromium:1292016 Change-Id: I9c3e5271bad6e05342840fafc0e405d5d4e65efc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3424482Reviewed-by: Almothana Athamneh <almuthanna@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#78852}
-
Shu-yu Guo authored
Change-Id: Ie62c4d46b767f1dcf70e8e75a30b5fc4d90ac295 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3424897 Auto-Submit: Shu-yu Guo <syg@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#78851}
-
Marja Hölttä authored
Runtime_HasProperty already does the right thing; this CL is directing more cases to it. Bug: v8:12580 Change-Id: I16ae6099fa9781ecc663085e87a7fc59abd10d02 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3422639Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#78850}
-
Camillo Bruni authored
This reverts commit e4311846. Reason for revert: Breaking gc-stress bots https://cr-buildbucket.appspot.com/build/8823780450691075553 Original change's description: > Reland "[counters] Improve v8.execute histogram timer" > > This is a reland of 69564827 > > Original change's description: > > [counters] Improve v8.execute histogram timer > > > > - Mark uncommon timer-paths as V8_NOINLINE > > - Add explicit LongTaskNestedTimedHistogramScope class > > - Use explicit LongTaskRecordMode enum > > - Mark a few more isolate methods as const > > - Add more timer scopes: > > - Accessors::ArrayLengthSetter > > - v8::NewContext > > > > Bug: v8:12498, chromium:1275056 > > Change-Id: I7896ee341c3c3a1fd5acf8f3f59347ff01dda9c0 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3338258 > > Reviewed-by: Marja Hölttä <marja@chromium.org> > > Auto-Submit: Camillo Bruni <cbruni@chromium.org> > > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > > Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> > > Cr-Commit-Position: refs/heads/main@{#78372} > > Bug: v8:12498, chromium:1275056 > Change-Id: Ic153f1235d83340722fbd1053d2eba41133364d2 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3338700 > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Commit-Queue: Camillo Bruni <cbruni@chromium.org> > Cr-Commit-Position: refs/heads/main@{#78843} Bug: v8:12498, chromium:1275056 Change-Id: Id5702025320b146e1b5b032650ffe3799c38300e No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3424491 Auto-Submit: Camillo Bruni <cbruni@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#78849}
-
Al Muthanna Athamina authored
We can now specify the trials for clusterfuzz using the file clusterfuzz_trials_config.json. There is also a presubmit check to make sure that it is formatted correctly. Change-Id: Iafb7063b63b1daeb7653830542d13b419cf187d6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3416191Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> Cr-Commit-Position: refs/heads/main@{#78848}
-
Nico Hartmann authored
This reverts commit 517ed4ad. Reason for revert: There still seems to be an issue on V8 Win msvc related to this CL (https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Win64%20-%20msvc/20568/overview). Original change's description: > Reland "[Torque] Generalize Torque literals to larger size" > > Previously, literals in Torque were stored as double values, which > made it impossible to precisely represent 64 bit integer values. > This CL replaces the old literal expression with an integer and > floating point literal expression that are unbounded in size. We > allow implicit conversion of these literals to arbitary integer > and floating point types respectively and insert a corresponding > bounds check into generated CSA. > > Changes in the reland: Simplified IntegerLiteral to single digit. > > Bug: v8:7793, chromium:1289282 > Change-Id: I31c762c2f31165c7a1d0b07842b764e5851ce189 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3406750 > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> > Cr-Commit-Position: refs/heads/main@{#78811} Bug: v8:7793, chromium:1289282 Change-Id: I818cec9625fbd827a4a30088d8c8b759fb6c50d7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3424484 Owners-Override: Nico Hartmann <nicohartmann@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#78847}
-
Milad Fa authored
Change-Id: Ie596dbb2041456e334d5cd7956a0717ccc7005c6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3420832Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#78846}
-
Thibaud Michaud authored
This reverts commit a865d16b. Reason for revert: breaks tsan and gc-stress Original change's description: > [wasm] Resume suspender on resolved promise > > Implement the WasmResume builtin, which resumes a wasm suspender > when the corresponding JS promise resolves. > > Drive-by 1: Fix detection of empty stacks in the stack frame iterator. > Drive-by 2: Add a stack ID for better tracing. > > R=ahaas@chromium.org > CC=fgm@chromium.org > > Bug: v8:12191 > Change-Id: Ifa3f00c4259f802292b04d426c739e9b551f87b9 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3420827 > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> > Cr-Commit-Position: refs/heads/main@{#78842} Bug: v8:12191 Change-Id: I3352c8b1dcc8d99e1bd782a09276add219a3ecda No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3424489 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Owners-Override: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#78845}
-
Dominik Inführ authored
Enable compaction of objects in the map space during a full GC. So far pages in the map space were never chosen as evacuation candidates. We might be able to improve memory usage a bit by also compacting map space. Luckily for us the marking barrier was already emitted when updating an object's map word. This CL adds a new flag FLAG_compact_map_space to easily turn off this feature again. For now we keep this flag (and with that map space compaction) disabled by default. So GC behavior does not change with this CL. Bug: v8:12578 Change-Id: I99c0cd826bd824af5383fb3ce64796693a59d1ff Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3404775Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#78844}
-
Camillo Bruni authored
This is a reland of 69564827 Original change's description: > [counters] Improve v8.execute histogram timer > > - Mark uncommon timer-paths as V8_NOINLINE > - Add explicit LongTaskNestedTimedHistogramScope class > - Use explicit LongTaskRecordMode enum > - Mark a few more isolate methods as const > - Add more timer scopes: > - Accessors::ArrayLengthSetter > - v8::NewContext > > Bug: v8:12498, chromium:1275056 > Change-Id: I7896ee341c3c3a1fd5acf8f3f59347ff01dda9c0 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3338258 > Reviewed-by: Marja Hölttä <marja@chromium.org> > Auto-Submit: Camillo Bruni <cbruni@chromium.org> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> > Cr-Commit-Position: refs/heads/main@{#78372} Bug: v8:12498, chromium:1275056 Change-Id: Ic153f1235d83340722fbd1053d2eba41133364d2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3338700Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#78843}
-
Thibaud Michaud authored
Implement the WasmResume builtin, which resumes a wasm suspender when the corresponding JS promise resolves. Drive-by 1: Fix detection of empty stacks in the stack frame iterator. Drive-by 2: Add a stack ID for better tracing. R=ahaas@chromium.org CC=fgm@chromium.org Bug: v8:12191 Change-Id: Ifa3f00c4259f802292b04d426c739e9b551f87b9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3420827Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#78842}
-
Igor Sheludko authored
The contents of CodeDataContainer::code_cage_base field was accidentally written during serialization while zeros should have been written instead. Bug: v8:11880 Change-Id: Ib1d66d2fe8cceace19f4feb57950838bfbc89efa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3422642 Commit-Queue: Igor Sheludko <ishell@chromium.org> Auto-Submit: Igor Sheludko <ishell@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#78841}
-
Nico Hartmann authored
This reverts commit 4b8f1b1c. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20stress-incremental-marking/6292/overview Original change's description: > Reland "[heap] Support client-to-shared refs in Code objects" > > This is a reland of 12e46091 > > Original change's description: > > [heap] Support client-to-shared refs in Code objects > > > > Support references from code objects in the client heaps to shared heap objects. Such references are stored in a remembered set during marking, which is later used for updating pointers. > > > > Bug: v8:11708 > > Change-Id: I8aeb508ddd14514ca65fa5acf3030dd8c2040168 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3401588 > > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > > Cr-Commit-Position: refs/heads/main@{#78819} > > Bug: v8:11708 > Change-Id: I47bcf44b452fcffe8675fba03244b736ede14247 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3422630 > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Cr-Commit-Position: refs/heads/main@{#78838} Bug: v8:11708 Change-Id: I0ec57ad4d7dccf2271ff8c1048762cf2c1b97a42 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3424477 Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Owners-Override: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#78840}
-
Milad Fa authored
Port 99a5bb74 Original Commit Message: CallFunction is only called for targets that are checked not to be class constructors, therefore we can remove the check for class constructors from CallFunction. R=pthier@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: I327c075bdd2e561236820818c2a26e8fc4ed6522 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3421506Reviewed-by: Patrick Thier <pthier@chromium.org> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Reviewed-by: Junliang Yan <junyan@redhat.com> Cr-Commit-Position: refs/heads/main@{#78839}
-
Dominik Inführ authored
This is a reland of 12e46091 Original change's description: > [heap] Support client-to-shared refs in Code objects > > Support references from code objects in the client heaps to shared heap objects. Such references are stored in a remembered set during marking, which is later used for updating pointers. > > Bug: v8:11708 > Change-Id: I8aeb508ddd14514ca65fa5acf3030dd8c2040168 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3401588 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Cr-Commit-Position: refs/heads/main@{#78819} Bug: v8:11708 Change-Id: I47bcf44b452fcffe8675fba03244b736ede14247 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3422630Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#78838}
-
Igor Sheludko authored
This reverts commit e7ffb257. Reason for revert: speculative revert because it might be causing these failures: https://ci.chromium.org/p/chromium/builders/ci/Deterministic%20Linux/32597 Original change's description: > [ext-code-space] Enable external code space on x64 and desktop arm64 > > This is a reland #2. The fixes were landed separately. > > Perf Sheriffs: this CL might regress some benchmarks while improving > the others. > > Bug: v8:11880 > Change-Id: I397aef5ad5cce42ef189ee10b482805c90ec925a > Cq-Include-Trybots: luci.v8.try:v8_android_arm64_compile_dbg > Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3417000 > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Commit-Queue: Igor Sheludko <ishell@chromium.org> > Cr-Commit-Position: refs/heads/main@{#78817} Bug: v8:11880 Change-Id: I74ec916267626433a060aa1b7804a4bfffeff269 Cq-Include-Trybots: luci.v8.try:v8_android_arm64_compile_dbg Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3422640 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#78837}
-
Shu-yu Guo authored
Currently the reconstruction of the shared heap object cache for testing incorrectly includes the terminating undefined value. Unlike the RO cache reconstruction, which does not change, the shared heap object cache may be extended by serializing the live Isolate during testing, so it should skip the original terminating undefined. Bug: v8:12007, v8:12584 Change-Id: If73b865567ed7d5b658506e15b1dc8d14bd755d6 Cq-Include-Trybots: luci.v8.try:v8_linux64_gc_stress_custom_snapshot_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3421726 Auto-Submit: Shu-yu Guo <syg@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#78836}
-
Camillo Bruni authored
- Use more HeapObject instead of Object - Use raw instance_type Bug: v8:11525 Change-Id: I5f1b8ea95fa14acc9c94555a95e8586f3c7e8888 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3422637Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#78835}
-
Camillo Bruni authored
Bug: v8:11263 Change-Id: I4d7d614666ff846740e1bfc1146bd82f08f6a739 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3420830Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#78834}
-
Hao Xu authored
The Descriptor of Builtin defines the allocated machine registers for its parameters. However, when an argument is in InterpreterAccumulatorRegister, the Descriptor might require another machine register holding the the value of this argument and result in a redundant register-to-register move. This CL avoids this move by allocating a same register for such argument. It also changes the assigned registers for Typeof, KeyedLoadIC and KeyedHasIC to align the use in Baseline Builtins. Change-Id: I14004d8e44c4c45f2a1bea2c09b06160f615709b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3416544Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#78833}
-
Victor Gomes authored
Change-Id: I7cde42eb5c3a2df81950cc622dd9b3fa3f74caa3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3422634 Auto-Submit: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#78832}
-
Clemens Backes authored
This extracts all {dlsym} calls to a single function which is called once during initialization. R=jkummerow@chromium.org Bug: v8:11974 Change-Id: I068f180e26b92d72e3e1e0ba7c6232c760f202e8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3417439Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#78831}
-
Camillo Bruni authored
We can avoid a pointer deref if the ValueSerializer is inlined in WebSnapshotDeserializer. Bug: v8:11525 Change-Id: I92d8cac37af3fdbe04a66465f97761bf5a9fd705 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3417433Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#78830}
-