- 16 Dec, 2021 13 commits
-
-
Igor Sheludko authored
This CL * removes Builtins::codet() and Builtins::codet_handle() returning builtins as CodeT objects in favor of code() and code_handle(), * removes BUILTIN_CODET macro in favor of BUILTIN_CODE, * removes CodeDataContainer table. Bug: v8:11880 Change-Id: Ic868549030744b0ff3ea5d5edbfcacf77c6de96d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3344650Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#78399}
-
Clemens Backes authored
This bitset is used to quickly find the set of used / free registers, and it should always be consistent with the information in the {RegisterState}. This CL adds a little validation after the register allocation of each instruction. This should help fuzzers to catch inconsistencies earlier. R=thibaudm@chromium.org Bug: v8:12330 Change-Id: Ia8da9708e982726d72d156f5bca04213a3f03b7f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3341520Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#78398}
-
Seth Brenith authored
This reverts commit 00a757fa. Reason for revert: Caused perf regressions, https://crbug.com/1280236 Original change's description: > Shorten generated code for binary-search switches > > On some branches of the search tree for a binary-search switch, the > input value is sufficiently constrained that we could unconditionally > jump to the last possible case rather than checking for value equality. > This shortens some builtins by a few instructions and might speed things > up, though I expect the effect to be small. > > Change-Id: I2313f26976e6d3c182f03bd927b338c8175b3af3 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3335437 > Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> > Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> > Cr-Commit-Position: refs/heads/main@{#78376} Bug: chromium:1280236 Change-Id: I88d9ff64641b85d48198b7012df2eeb9441913b5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3343234 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/main@{#78397}
-
Leszek Swirski authored
We don't need this with reversed arguments. Change-Id: I86c5183bccc62ba1727080ebbd685df083608d2f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3344947 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/main@{#78396}
-
Alexander Schulze authored
Bug: chromium:1279426 Change-Id: If7c1c96d4637a6d2c2fe20bf6aac921ad9b81490 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3341513Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Alexander Schulze <alexschulze@chromium.org> Auto-Submit: Alexander Schulze <alexschulze@chromium.org> Cr-Commit-Position: refs/heads/main@{#78395}
-
Manos Koukoutos authored
We switch the order of inlining and loop unrolling optimizations. This gives small improvements to wasm-gc benchmarks. Changes: - Change the loop analysis algorithm to accept loops directly connected to the graph's end. This is required because some nodes in an inlined function, such as tail calls, might be directly connected to the outer function's end without an intervening LoopExit node. - Based on the above, skip emitting loop exits for some Throw nodes in WasmGraphBuildingInterface. - Introduce WasmInliningPhase, add it before loop unrolling. Remove inlining from WasmOptimizationPhase. - Handle graph terminators in loop unrolling. - Add loops in the inlined function to the callers loop_infos. Drive-by: - Allow more wasm builtins in unrolled loops. - Reduce inlining parameters to reflect that functions are now slightly smaller during inlining, as no unrolling has taken place yet. Bug: v8:12166 Change-Id: Iadd6b2f75170aa153ca1efb47fbb0d185c2b8371 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3329783Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#78394}
-
Igor Sheludko authored
... in order to avoid Code <-> CodeT conversions in builtins. This CL changes the meaning of RelocInfo::CODE_TARGET which now expects CodeT objects as a code target. In order to reduce code churn this CL makes BUILTIN_CODE and friends return CodeT instead of Code. In the follow-up CLs BUILTIN_CODET and friends will be removed. Bug: v8:11880 Change-Id: Ib8f60973e55c60fc62ba84707471da388f8201b4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3338483Reviewed-by: Patrick Thier <pthier@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#78393}
-
Benedikt Meurer authored
This is the first step towards moving away from sending `url` with every call frame when emitting the `Debugger.paused` event. Bug: chromium:1270316, chromium:1271078 Change-Id: I2f57f21e15bf908ffb53f5c7b5862d3efa329c86 Doc: https://bit.ly/devtools-debugger-callframe-url Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3344946Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/main@{#78392}
-
Manos Koukoutos authored
In the WebAssembly Turbofan pipeline, inlining should come before unrolling. When we inline a function, we link unhandled throwing calls in it to the handler of the caller node. If a throwing call is in a loop, we need to generate loop exits between the call and the handler if we want to unroll later. This CL adds dangling IfException/LoopExit nodes following each throwing call in an inlined function. These nodes are connected as required in inlining. Drive-by: Remove CheckForException from tail calls, which are kNoThrow. Bug: v8:12166 Change-Id: Icb8371a0a27234f07d4880e5b3005fc90a91a4b6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3322975Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#78391}
-
Manos Koukoutos authored
Since load elimination is only enabled for wasm-gc, we should use LoadImmutable over LoadImmutableFromObject when possible. This is possible for instance fields, which are always populated before the start of function execution. Bug: v8:11510, chromium:1279211 Change-Id: Ib11e8d19b91a16f509983378f74bdc4c3c2150ad Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3341522Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#78390}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/568d316..539f2b4 Rolling v8/buildtools: https://chromium.googlesource.com/chromium/src/buildtools/+log/075dd7e..d7bdd6f Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/563885e..58f3a92 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/9e5809e..168ca4d Rolling v8/third_party/googletest/src: https://chromium.googlesource.com/external/github.com/google/googletest/+log/054a986..97a4675 R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: Ib8167be98698f85d8c196cfee9a053d00ecb3cc3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3344127 Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#78389}
-
Piotr Sikora authored
While there, make sure to exit on failures (e.g. missing tools). Signed-off-by: Piotr Sikora <piotrsikora@google.com> Change-Id: Ie84425bbedefc8c37cf12afbf0ad541caa125ac0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3333634Reviewed-by: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#78388}
-
Frank Tang authored
https://chromium.googlesource.com/external/github.com/tc39/test262/+log/1f16a6ad0..04cd6da0 Bug: v8:7834 Change-Id: Ia7bd4f86974bf96ed3fd6e74d88c98145488c518 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3340192Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#78387}
-
- 15 Dec, 2021 8 commits
-
-
Dmitrii Tsykunov authored
When compiled with gn argument 'is_debug=false' these tests fail on Windows due to the fact that they're compiled with '/guard:cf'. This CL changes the use of FUNCTION_CAST to GeneratedCode::Call which contains DISABLE_CFI_ICALL attribute. This is analogous to how assembled functions are called in Assembler tests for other architectures. Change-Id: I330e29a508ad1421cb98dea3d9761f05272ab763 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3341511 Auto-Submit: Dmitrii Tsykunov <dtsykunov1@yandex-team.ru> Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#78386}
-
Piotr Sikora authored
Signed-off-by: Piotr Sikora <piotrsikora@google.com> Change-Id: I33ef12d28d2e76694f971bab56bd7b7b66731709 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3336502Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#78385}
-
Samuel Groß authored
This CL renames a number of things related to the V8 sandbox. Mainly, what used to be under V8_HEAP_SANDBOX is now under V8_SANDBOXED_EXTERNAL_POINTERS, while the previous V8 VirtualMemoryCage is now simply the V8 Sandbox: V8_VIRTUAL_MEMORY_CAGE => V8_SANDBOX V8_HEAP_SANDBOX => V8_SANDBOXED_EXTERNAL_POINTERS V8_CAGED_POINTERS => V8_SANDBOXED_POINTERS V8VirtualMemoryCage => Sandbox CagedPointer => SandboxedPointer fake cage => partially reserved sandbox src/security => src/sandbox This naming scheme should simplify things: the sandbox is now the large region of virtual address space inside which V8 mainly operates and which should be considered untrusted. Mechanisms like sandboxed pointers are then used to attempt to prevent escapes from the sandbox (i.e. corruption of memory outside of it). Furthermore, the new naming scheme avoids the confusion with the various other "cages" in V8, in particular, the VirtualMemoryCage class, by dropping that name entirely. Future sandbox features are developed under their own V8_SANDBOX_X flag, and will, once final, be merged into V8_SANDBOX. Current future features are sandboxed external pointers (using the external pointer table), and sandboxed pointers (pointers guaranteed to point into the sandbox, e.g. because they are encoded as offsets). This CL then also introduces a new build flag, v8_enable_sandbox_future, which enables all future features. Bug: v8:10391 Change-Id: I5174ea8f5ab40fb96a04af10853da735ad775c96 Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3322981Reviewed-by: Hannes Payer <hpayer@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#78384}
-
Marja Hölttä authored
Bug: v8:11111 Change-Id: I5cdd26070eb6ddf264e46763a71097e9fb716bf0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3333924Reviewed-by: Shu-yu Guo <syg@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#78383}
-
Benedikt Meurer authored
This is the final change list in the list of refactorings to split off the implementations of v8::StackFrame and CallSite objects (as used by the V8 JavaScript stack API). See https://bit.ly/v8-stack-frame for the whole story. This CL adds the v8::internal::StackFrameInfo class as new backing implementation of v8::StackFrame, and puts it into debug-objects.tq to indicate that it's used for the debugger API only. This new class is lightweight and only holds on to static information about the stack frame, and is thus usable for the V8 inspector to implement async stack traces in a cheaper manner going forward. Doc: https://bit.ly/v8-stack-frame Bug: chromium:1258599, chromium:1278650 Fixed: chromium:1278647 Change-Id: I4dbf2d850f47797263af225895129499169aad02 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3302794 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#78382}
-
v8-ci-autoroll-builder authored
Rolling v8/third_party/google_benchmark/src: https://chromium.googlesource.com/external/github.com/google/benchmark/+log/b000672..3b3de69 Fix `-DBENCHMARK_ENABLE_INSTALL=OFF` (Fixes #1275) (#1305) (Roman Lebedev) https://chromium.googlesource.com/external/github.com/google/benchmark/+/3b3de69 R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com,mlippautz@chromium.org Change-Id: Iec9f6588bbcd31c949418b0bdd213d114e3d0b92 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3339106 Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#78381}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/864a567..568d316 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/1ba82f6..563885e Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/2777fd9..9e5809e R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I18c84f9c76a4a251a0464eae80d27c6b76cd4b97 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3340273 Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#78380}
-
Frank Tang authored
This ship one method in Intl Intl.supportedValuesOf which is a Stage 3 TC39 proposal Design Doc: https://docs.google.com/document/d/1lbj_YVW-xhzYNMQeHB-qDjVkf4SA-eTHYpYXx3Oaud8 API Owner LGTMs: miketaylr@chromium.org, chrishtr@chromium.org, tkent@chromium.org Spec: https://tc39.es/proposal-intl-enumeration/ https: //chromestatus.com/guide/edit/5649454590853120 I2P: https://groups.google.com/a/chromium.org/g/blink-dev/c/Txtf_rSqGH8/m/e27FY33JAQAJ R2T: https://groups.google.com/a/chromium.org/g/blink-dev/c/IaTkvH_9DAY/m/1rDxe8lvAAAJ I2S: https://groups.google.com/a/chromium.org/g/blink-dev/c/I0Y4FrRMNSY/m/XIN_fgA5DAAJ Bug: v8:10743 Change-Id: I1e4c80e93ef903347a0e6da73b1e8514863bde09 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3315228Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#78379}
-
- 14 Dec, 2021 19 commits
-
-
Frank Tang authored
DD: https://docs.google.com/document/d/1OwEsvs8VQwvR-ug01xLyIwpgcvUfaP24u9owc7aBKJ4/ Status: https://www.chromestatus.com/feature/5566859262820352 R2T: https://groups.google.com/a/chromium.org/g/blink-dev/c/5spmAncbooE/m/NdwZGjLpAgAJ I2S: https://groups.google.com/a/chromium.org/g/blink-dev/c/4ZMt5ukQNRs/m/0flHnuaBBgAJ API Owners LGTMs: chrishtr@chromium.org, miketaylr@chromium.org, tkent@chromium.org Bug: v8:11638 Change-Id: Ief40b7d545a268723e5fbe654cdc86dcb9523300 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3315223Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#78378}
-
Igor Sheludko authored
This CL migrates the following objects' APIs to CodeT: * WasmFunctionData, * WasmInternalFunction. Bug: v8:11880 Change-Id: Ib3f0eb41894cbd3c6b30430c4e5616eb45fbbaec Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3338701Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#78377}
-
Seth Brenith authored
On some branches of the search tree for a binary-search switch, the input value is sufficiently constrained that we could unconditionally jump to the last possible case rather than checking for value equality. This shortens some builtins by a few instructions and might speed things up, though I expect the effect to be small. Change-Id: I2313f26976e6d3c182f03bd927b338c8175b3af3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3335437Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/main@{#78376}
-
Camillo Bruni authored
Multiple threads can modify async_wraps_ in parallel, which is not ok. Drive-by-fix: - Use normal constructor/destructor for AsyncHooksWrap - Use unique_ptr for storing AsyncHooksWrap Bug: chromium:1278276 Change-Id: I667980151c775be29e603790e589b1de76fae05a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3338257Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Auto-Submit: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#78375}
-
Benedikt Meurer authored
This decouples the stack trace visitation logic from the creation of actual stack frame objects, in preparation to introduce a second kind of stack frame object (`v8::internal::StackFrameInfo` as part of http://crrev.com/c/3302794) in addition to the existing `v8::internal::CallSiteInfo`. Doc: https://bit.ly/v8-stack-frame Bug: chromium:1258599, chromium:1278647, chromium:1278650 Change-Id: I398933653e29cc2fe5c222526d9dd686ef8239b4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3334781 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#78374}
-
Nico Hartmann authored
This reverts commit 69564827. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Clusterfuzz%20Linux%20MSAN%20no%20origins/25955/overview Original change's description: > [counters] Improve v8.execute histogram timer > > - Mark uncommon timer-paths as V8_NOINLINE > - Add explicit LongTaskNestedTimedHistogramScope class > - Use explicit LongTaskRecordMode enum > - Mark a few more isolate methods as const > - Add more timer scopes: > - Accessors::ArrayLengthSetter > - v8::NewContext > > Bug: v8:12498, chromium:1275056 > Change-Id: I7896ee341c3c3a1fd5acf8f3f59347ff01dda9c0 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3338258 > Reviewed-by: Marja Hölttä <marja@chromium.org> > Auto-Submit: Camillo Bruni <cbruni@chromium.org> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> > Cr-Commit-Position: refs/heads/main@{#78372} Bug: v8:12498, chromium:1275056 Change-Id: I0147c57085f114201e1d5fa293282d38c81d0148 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3338699 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Owners-Override: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#78373}
-
Camillo Bruni authored
- Mark uncommon timer-paths as V8_NOINLINE - Add explicit LongTaskNestedTimedHistogramScope class - Use explicit LongTaskRecordMode enum - Mark a few more isolate methods as const - Add more timer scopes: - Accessors::ArrayLengthSetter - v8::NewContext Bug: v8:12498, chromium:1275056 Change-Id: I7896ee341c3c3a1fd5acf8f3f59347ff01dda9c0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3338258Reviewed-by: Marja Hölttä <marja@chromium.org> Auto-Submit: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#78372}
-
Andreas Haas authored
R=jkummerow@chromium.org Bug: v8:12281 Change-Id: If00f34053bb970a71a1826010050b79557dbb381 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3338259Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#78371}
-
Seth Brenith authored
We probably expect a binary-search switch to take log(n) time in all cases, but there is currently a possibility of that expectation being broken. I'm not aware of any place where this actually happens, but if the default handler immediately follows the switch dispatch block in assembly order, then unconditional jump instructions for that handler would be omitted. This omission could cause linear execution time, where every case is checked before falling through to the default handler. This change introduces a new function to emit an unconditional jump instruction regardless of whether the target is the following block, and uses that new function when generating a binary-search switch to ensure consistently log(n) behavior. Change-Id: I5cab86fd66386762519035410e3b532dc6fd764c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3335222Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/main@{#78370}
-
Andreas Haas authored
With dynamic tiering, the "serialize" function provided by the c-api does not work anymore, and it is unclear how it should work. R=jkummerow@chromium.org Bug: v8:12281 Change-Id: Ib70bf118ba42b0752eb5dab5f43893da0404931e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3338657Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#78369}
-
Manos Koukoutos authored
An asm-js module has all wasm feature flags disabled, despite the global flag configuration. Therefore, in WasmExportedFunction::New, we should retrieve the enabled features from the NativeModule instead of the flags. Bug: chromium:1279151 Change-Id: Ic44fe535baa7cb851644457cce533c24d4c9824e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3338256Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#78368}
-
Igor Sheludko authored
This CL * migrates FeedbackVector::optimized_code to CodeT, * migrates OSROptimizedCodeCache to CodeT. Bug: v8:11880 Change-Id: I2082412fb9fdf90e7ed90f4454ecf55f4f3d53d8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3330468Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#78367}
-
Benedikt Meurer authored
This is a non-functional refactoring to make naming of stack traces more consistent, and thus easier to reason about whether the "simple stack trace" (stack trace API) or the "detailed stack trace" (inspector API) is meant. Granted, these names aren't great by themselves, but at least we should be consistent. This also adds a new `Isolate::GetSimpleStackTrace()` and uses that directly to implement the Wasm C-API, avoiding the roundtrip via the `JSMessageObject`, which actually carries a detailed stack trace (which by chance worked out so far). Doc: https://bit.ly/v8-stack-frame Bug: chromium:1258599, chromium:1278647, chromium:1278650 Change-Id: I29e1a956ed156d6eeceb50150a28afaa2f11b9c7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3334780 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/main@{#78366}
-
Igor Sheludko authored
This CL migrates JSFunction's code accessors to CodeT. Bug: v8:11880 Change-Id: I8cf367eb79cc1d59548dd4f3e18c010f76f101cb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3330466Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#78365}
-
Leszek Swirski authored
Fixed: chromium:1279383 Change-Id: I0fb6e15d47698b90c51cc27e18a526ba6d0fc1d1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3338656 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#78364}
-
Corentin Pescheloche authored
EmbedderState is forward declared in public header for EmbedderStateScope. Default std::unique_ptr's destructor needs a fully defined class. Defining default destructor in implementation file fixes this. Bug: chromium:1263871 Change-Id: I8ccc58f56a758927dc5d7a39387188185e7d3827 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3338697 Auto-Submit: Corentin Pescheloche <cpescheloche@fb.com> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#78363}
-
Camillo Bruni authored
Use build_flags_ with @if/@ifnot in torque for the following flags: - V8_ENABLE_JAVASCRIPT_PROMISE_HOOKS - V8_ENABLE_SWISS_NAME_DICTIONARY - Make sure Torque and CSA code actually respect V8_ENABLE_JAVASCRIPT_PROMISE_HOOKS. - Rename V8_ALLOW_JAVASCRIPT_IN_PROMISE_HOOKS to V8_ENABLE_JAVASCRIPT_PROMISE_HOOKS - Rename gn/bazel arg v8_allow_javascript_in_promise_hooks to v8_enable_javascript_promise_hooks - Unship context promise hooks in chrome and enable them only in d8 for testing purposes - Make sure d8 and the API throw when using promise hooks without the compile time feature enabled Bug: chromium:1265186, v8:11025 Change-Id: I69834d44d683a36d0d7be3c3d68888321be0fd7f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3301474Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#78362}
-
Benedikt Meurer authored
This is the second step in the refactoring to make v8::StackFrame more lightweight and usable for (long time storage) by the V8 inspector (see https://bit.ly/v8-stack-frame for an overview). This is a purely mechanical change without any functional aspects. The intention is to make the use case for the CallSiteInfo objects clear, namely to serve as the backing store for the CallSite objects exposed via the Error.prepareStackTrace() API and used under the hood to implement the error.stack accessor. Doc: https://bit.ly/v8-stack-frame Bug: chromium:1258599, chromium:1278647, chromium:1278650 Change-Id: I39dffd1f1a8e5158ddc56f2a0a2b1b28321f487a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3300138Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Simon Zünd <szuend@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/main@{#78361}
-
Igor Sheludko authored
Drive-by: fix TSAN issue. Bug: v8:11880 Change-Id: I8a31391c6a1855a20a243eb740e4e3e1223ecbbf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3333930Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#78360}
-