- 15 Jun, 2022 28 commits
-
-
Seth Brenith authored
This is a partial reland of https://crrev.com/c/3597106 , except for the changes in compiler.cc, which are just the minimal possible changes to make the code compile. With this change, it is possible that a call to CompilationCache::LookupScript returns any of: 1. A Script and a toplevel SharedFunctionInfo (cache hit) 2. A Script but no toplevel SharedFunctionInfo (partial cache hit) 3. Nothing (cache miss) Bug: v8:12808 Change-Id: Id33a4cd0cb28562d6b862fbb113ea9d03f255b2b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3687425Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/main@{#81193}
-
Igor Sheludko authored
Namely the ones that might be locked for a second time by the sampling profiler while iterating the call stack. Bug: v8:12966 Change-Id: I081de804143e5ca4da4e2296919428b2c1bff1b0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707105Reviewed-by:
Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Auto-Submit: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#81192}
-
Samuel Groß authored
SIGABRT is harmless as it indicates a CHECK failure. Further, memory access violations at non-canonical addresses and memory permission violations should be ignored as well as they can legitimately be triggered from memory corruption inside the sandbox and are not directly exploitable. See code comments for more details. Bug: v8:12878 Change-Id: Idddd805f5d52c87f2b67a974716acd5d5abf11cf Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707106Reviewed-by:
Igor Sheludko <ishell@chromium.org> Commit-Queue: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#81191}
-
Samuel Groß authored
This is a reland of commit ae55e4d2 crrev.com/c/3706618 should fix the Android failures. Original change's description: > [sandbox] Enable sandboxed pointers on Android > > Bug: chromium:1218005 > Change-Id: Ie7c100193848544e661ee62f88be4601426a4e18 > Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702251 > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Commit-Queue: Samuel Groß <saelo@chromium.org> > Cr-Commit-Position: refs/heads/main@{#81117} Bug: chromium:1218005 Change-Id: Ia6dbbd2c7629614391ea49f898b0784f39cf27f1 Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702445Reviewed-by:
-
jameslahm authored
... ArrayBuffer and shared ArrayBuffer. Bug: v8:11525 Change-Id: I6b3f78d5cf6528123b40c49f2767ade2b6bfbed1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3706279 Commit-Queue: 王澳 <wangao.james@bytedance.com> Reviewed-by:
Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#81189}
-
Andy Wingo authored
Bug: v8:12868 Change-Id: I2f12858db1956a3b14b95341f1459df8abc03db0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702797 Commit-Queue: Andy Wingo <wingo@igalia.com> Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#81188}
-
Milad Fa authored
Currently getting the following errors: ``` error: suggest parentheses around comparison in operand of '!=' ``` Bug: v8:10776 Change-Id: I1c7e95470462efcc33f90bf015b37373472e32b6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707653Reviewed-by:
Shu-yu Guo <syg@chromium.org> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#81187}
-
Junliang Yan authored
Change-Id: I10e917111acd7fd3eeaa92b2b38cf6e8b66ffeab Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707655 Commit-Queue: Junliang Yan <junyan@redhat.com> Reviewed-by:
Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#81186}
-
Camillo authored
Instead of doing multiple separate checks with branches, turn the name check into a single range check. This means that the symbols and strings for properties than can invalidate protectors need to be allocated consecutively in memory. Change-Id: Id3a2003534bab5ecf83393a60167f779d636fc4b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695360 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by:
Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#81185}
-
Vasili Skurydzin authored
Related: https://chromium-review.googlesource.com/c/v8/v8/+/3696481 Change-Id: I5cfe4fc7dc6ece68aacf8afe5b069928243b0919 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3704900Reviewed-by:
-
Leszek Swirski authored
This can happen in concurrent compilation, we should fall back to generic LoadGlobal when it's the case. Drive-by refactor the property cell load builder to return false on failure. Bug: v8:7700 Change-Id: Iad3fc4bc794e4ec8c4061f2dce1561c15593e215 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3706616Reviewed-by:
-
Igor Sheludko authored
The CodeObjectSlot might contain Smi zero during CodeDataContainer/Code initialization. Bug: v8:11880, v8:12962 Change-Id: I5fba135dfa1786716f30d7c8cdad3052a967d894 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707100 Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Auto-Submit: Igor Sheludko <ishell@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by:
Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#81182}
-
jameslahm authored
... deoptimizer/deoptimization-unittest. Bug: v8:12781 Change-Id: I453d02f6ead59ee274af600197dedc01cb144a4e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3705237 Commit-Queue: 王澳 <wangao.james@bytedance.com> Reviewed-by:
-
Anton Bikineev authored
The CL fixes PMF regressions that happend after increasing the AgeTable size. Bug: chromium:1336529 Change-Id: If1f099b43bfcb3a8c7dd4a1c229fcb08735eb744 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707098Reviewed-by:
-
Clemens Backes authored
This CL explicitly disables the --freeze-flags-after-init flag for cases where we modify flags after initialization. This is only tests, fuzzers, and special options to d8, thus not security relevant. These should be the last blockers for enabling the flag globally. R=cbruni@chromium.org Bug: v8:12887 Change-Id: I1d8a03dcc20e524d30c967f6fe15f6401de77612 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3706619Reviewed-by:
-
Clemens Backes authored
Flags need to be set before initializing V8. R=cbruni@chromium.org Bug: v8:12887 Change-Id: Idb815a6a85ccb86c79d826da487a7bbc6fab7d1a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707096 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by:
-
Andreas Haas authored
Bug: v8:12864 Change-Id: Ieea0706f64517355ba0533dd8b37a2320d1b5300 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707099Reviewed-by:
Manos Koukoutos <manoskouk@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#81177}
-
Anton Bikineev authored
Now that the cage is shared, its metadata must be thread-safe. Bug: chromium:1336529 Change-Id: I0650462d1faf171fc3325808ca45ebe044e91f45 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707097 Auto-Submit: Anton Bikineev <bikineev@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Reviewed-by:
-
Samuel Groß authored
It should be V8_TARGET_OS_ANDROID instead of V8_OS_ANDROID. Bug: chromium:1218005 Change-Id: I4b92977c5d8b70ca5023e30a966508965ea9f0fe Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3706618Reviewed-by:
-
Leszek Swirski authored
We may want to access their deopt checkpoint to create a tagged value during merging. Bug: v8:7700 Change-Id: I0f81e3ea5e871b775e1509044fa1d1f7bb70db4e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3706617 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by:
-
Dominik Inführ authored
--no-use-map-space should now be fixed, it is already enabled with --future. Bug: v8:12578, chromium:1317880 Change-Id: I9ea10dfaebf7b17cb1c953e272bc3358932a10b5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702232Reviewed-by:
Liviu Rau <liviurau@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#81173}
-
Clemens Backes authored
We are always passing a valid buffer to WasmMemoryObject::New, hence make it a Handle instead of MaybeHandle, and remove the code to allocate an empty buffer if none was passed. R=ahaas@chromium.org Bug: v8:10949 Change-Id: Ic10dfda741773a8f3d3895f81a83048cfe0eb293 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702805 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by:
Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#81172}
-
Simon Zünd authored
This is a reland of commit dac61556 This is a straight-up reland with no changes, because: 1) The failure doesn't reproduce locally 2) The failing flaky test that triggered the revert is not related to the code modified by this CL and should (in theory) not be impacted. Original change's description: > [inspector] Allow Debugger.setScriptSource to edit top-most function > > This CL adds a new boolean flag on the Debugger.setScriptSource CDP > method that gets piped all the way through to the live-edit mechanism. > The new flag enables live-editing of the top-most function while > paused. > > The CL adds a couple of tests that cover the new core use cases for > this flag. > > R=jarin@chromium.org > > Bug: chromium:1334484 > Change-Id: I12fec591b2b6550d89748714620e629548e1b9c1 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695354 > Reviewed-by: Kim-Anh Tran <kimanh@chromium.org> > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Commit-Queue: Simon Zünd <szuend@chromium.org> > Cr-Commit-Position: refs/heads/main@{#81127} Bug: chromium:1334484 Change-Id: I9a9bf7e03d81c86adb4819b9756dd9afcf6fa021 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3706398Reviewed-by:
Kim-Anh Tran <kimanh@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/main@{#81171}
-
Igor Sheludko authored
... which alone requires up to 12 KB of stack space. Bug: chromium:1327833 Change-Id: I6a565fdc590f89804b1207eeddd23400dd6f9553 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702807 Commit-Queue: Patrick Thier <pthier@chromium.org> Reviewed-by:
Patrick Thier <pthier@chromium.org> Auto-Submit: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#81170}
-
Andreas Haas authored
This class is just dead code. Bug: v8:12926 Change-Id: Ic780c0b1bf5b1e517aa919b820fad4ec083d9ef7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3689581Reviewed-by:
Adam Klein <adamk@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#81169}
-
Frank Tang authored
Design Document: https://docs.google.com/document/d/14zxGub6Os6nARzH6XstOZX05w2537sZo_ZSSlGjGpBM/edit# Bug: v8:10776 Change-Id: I506eadcf70f6855a79601a7cb1ce47849cfc066a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3594118Reviewed-by:
-
Frank Tang authored
Spec Text: https://tc39.es/proposal-temporal/#sec-temporal.duration.prototype.tolocalestring This does NOT implement the intl version of toLocale in (noteice 'sup' vs 'sec' after #) https://tc39.es/proposal-temporal/#sup-temporal.duration.prototype.tolocalestring since the details is not specified yet. Bug: v8:11544 Change-Id: I7f5a2e9766005d1a7f6409d428ca53b5a38a3960 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3696482Reviewed-by:
-
Etienne Pierre-doray authored
CreateJob() is similar to PostJob() but doesn't schedule anything until Join() or Notify*() is called. This allows - CreateJob().Join() without too many worker. - Early 'empty' CreateJob() for initialization without causing spurious calls to GetMaxConcurrency() Bug: chromium:1287665 Change-Id: I8fd8b139392ad30218f0cf8f580b2d76f1078777 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3668842Reviewed-by:
Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#81166}
-
- 14 Jun, 2022 12 commits
-
-
Frank Tang authored
https://chromium.googlesource.com/external/github.com/tc39/test262/+log/8f5c7aed0..b1f49b5c Bug: v8:7834 Change-Id: Icb4ab0c9b26962ed60ba30419f3976ddf05e91e4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3704910Reviewed-by:
-
Danylo Boiko authored
- source resolver clean up - started inregration of turboshaft schedule phase Bug: v8:7327 Change-Id: I4335c275f4cfb2e313ac383a5b9fa12c7b9aa744 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3700078Reviewed-by:
Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Danylo Boiko <danielboyko02@gmail.com> Cr-Commit-Position: refs/heads/main@{#81164}
-
Darius M authored
For FixedDoubleArrays that are not aligned on 8 bytes, the SIMD fast path of array.IndexOf actually falls back on a scalar loop. Because of how this loop was written, it was failing to see that 0.0 == -0.0. Bug: chromium:1335445 Change-Id: Idf70fd3ed9950e5b2b7cc72bb2ebca6879b3a04e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702803Reviewed-by:
-
Anton Bikineev authored
This fixes an ODR violation: the macro V8_TARGET_ARCH_ARM64 was only visible when building V8, but not outside it. The CL implements a quick fix that relies on compiler-based macros (__aarch64__). The proper fix would be to make these target macros be part of the public config. Bug: chromium:1336222 Change-Id: I46ba6c1a3cd1ac4fcd3aced60ee112e6098eba6c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3705540 Commit-Queue: Anton Bikineev <bikineev@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
-
Camillo authored
"Function:" and "LazyCompile:" are confusing by now and use up too much space.# Enter a description of the change. This also changes the function names visible when using linux-perf Change-Id: Ib2d4b7df39068c27b5b06db578fc550d2973ebb4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3693705 Commit-Queue: Camillo Bruni <cbruni@chromium.org> Reviewed-by:
-
Junliang Yan authored
Change-Id: I78ef9bf817f32b8f2b96092ed9f77f223b2aa381 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702975Reviewed-by:
-
Camillo authored
Bug: v8:7700 Change-Id: Ib5b6b570829cfb7de9c61115b45bb37437c70dde Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702804Reviewed-by:
-
Dominik Inführ authored
Shrink life range of worklists and add IsEmpty-CHECKs for them. Also move some logic into its own method ProcessChunksWithEmptyBuckets. Bug: chromium:1336158 Change-Id: Ia2f34c824f5b1c5d61391a1a1243a46881040de1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3704511 Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by:
-
Tobias Tebbi authored
This prevents accidental use for release branch merging, which works but shouldn't. Change-Id: I4db99bb721c935a8a1c7c44c1b4d909f44a8bf9c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3705382 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Tobias Tebbi <tebbi@chromium.org> Reviewed-by:
-
Leszek Swirski authored
Bug: v8:7700 Change-Id: I1f552587403bdec439c611d56d6bf4c54508a76f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702802Reviewed-by:
-
Michael Lippautz authored
In preparation for removing the finalization step, simplify incremental marking logic. Change-Id: I929034e389edb0c9da78cd39fd497d5783aff7c4 Bug: v8:12775 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3704509Reviewed-by:
-
Maya Lekova authored
Bug: chromium:1052746 Change-Id: If5c7b9871047ea27a76efa4f04c9e6c0ea48b6ca Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3705381 Auto-Submit: Maya Lekova <mslekova@chromium.org> Reviewed-by:
-
