1. 18 Jan, 2022 4 commits
    • Anton Bikineev's avatar
      Handles: Fix OnStackTracedNodeSpace with -fsanitize=safe-stack · c7fbac6a
      Anton Bikineev authored
      When the stack is split in safe and unsafe parts, on-stack
      TracedReferences are allocated on the unsafe stack. What currently
      happens is that on GC we destroy all the on-stack references below the
      current frame of the *safe* stack. If the safe stack is allocated above
      the unsafe counterpart, then all the traced references will be
      preliminary destructed on GC. This CL fixes it by using
      __builtin___get_unsafe_stack_ptr() if -fsanitize=safe-stack is enabled.
      
      In addition, deduplicate OnStackTracedNodeSpace::IsOnStack() and
      Stack::IsOnStack() and move more logic into ::heap::base::Stack.
      
      Bug: chromium:1278780
      Change-Id: I9582bb1321958b7ec8ef2c0c46b9e42d51bb6f94
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3395033Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
      Commit-Queue: Anton Bikineev <bikineev@chromium.org>
      Auto-Submit: Anton Bikineev <bikineev@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#78660}
      c7fbac6a
    • Joyee Cheung's avatar
      [class] handle existing readonly properties in StoreOwnIC · 80bbbb14
      Joyee Cheung authored
      Previously, StoreOwnIC incorrectly reuses the [[Set]] semantics
      when initializing public literal class fields and object literals in
      certain cases (e.g. when there's no feedback).
      This was less of an issue for object literals, but with public class
      fields it's possible to define property attributes while the
      instance is still being initialized, or to encounter existing static
      "name" or "length" properties that should be readonly. This patch
      fixes it by
      
      1) Emitting code that calls into the slow stub when
         handling StoreOwnIC with existing read-only properties.
      2) Adding extra steps in StoreIC::Store to handle such stores
         properly with [[DefineOwnProperty]] semantics.
      
      Bug: v8:12421, v8:9888
      Change-Id: I6547320a1caba58c66ee1043cd3183a2de7cefef
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3300092Reviewed-by: 's avatarShu-yu Guo <syg@chromium.org>
      Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
      Commit-Queue: Joyee Cheung <joyee@igalia.com>
      Cr-Commit-Position: refs/heads/main@{#78659}
      80bbbb14
    • v8-ci-autoroll-builder's avatar
      Update V8 DEPS. · d3055c93
      v8-ci-autoroll-builder authored
      Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/1af42f8..79e39b3
      
      Rolling v8/third_party/googletest/src: https://chromium.googlesource.com/external/github.com/google/googletest/+log/4e9fe30..c9643a2
      
      R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com
      
      Change-Id: I9361683537801e8beebe557f272c4b8efeb29c76
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3396457
      Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
      Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
      Cr-Commit-Position: refs/heads/main@{#78658}
      d3055c93
    • Maya Lekova's avatar
      Revert "[wasm] Various small cleanups/fixes" · b1e12d70
      Maya Lekova authored
      This reverts commit f1c2a208.
      
      Reason for revert: Breaks some tests on no-sse configuration, please see https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux/45243/overview
      
      Original change's description:
      > [wasm] Various small cleanups/fixes
      >
      > Changes:
      > - Fix a bug in objects-printer where array elements were not treated as
      >   tagged pointers.
      > - Fix a few TODOs, mainly in the wasm interpreter.
      > - Improve documentation, small refactorings.
      >
      > Change-Id: I1d70ad454b3a0693b9b784b17395434d81d01b61
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3383136
      > Reviewed-by: Nikolaos Papaspyrou <nikolaos@chromium.org>
      > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
      > Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
      > Cr-Commit-Position: refs/heads/main@{#78656}
      
      Change-Id: Ic698177259bb14b4c251a4212c79cc0d945b07f8
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3398109
      Auto-Submit: Maya Lekova <mslekova@chromium.org>
      Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Commit-Queue: Maya Lekova <mslekova@chromium.org>
      Owners-Override: Maya Lekova <mslekova@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#78657}
      b1e12d70
  2. 17 Jan, 2022 20 commits
  3. 16 Jan, 2022 1 commit
    • Dan Clark's avatar
      Don't double-fetch a module specified on the d8 command line · 8ee40cfc
      Dan Clark authored
      Shell::FetchModuleTree assumes that the module at file_name wasn't
      already fetched. Shell::ExecuteModule is calling into
      FetchModuleTree without checking if the module is already in the module
      map, violating this assumption.
      
      This change fixes this by having Shell::ExecuteModule check for the
      existence of the module before calling into Shell::ExecuteModule, the
      same way that Shell::DoHostImportModuleDynamically does.
      
      Bug: v8:12530
      Change-Id: Ia038cbd1715e85c9c92c4554fd486c657ef952e8
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3388130Reviewed-by: 's avatarMarja Hölttä <marja@chromium.org>
      Commit-Queue: Marja Hölttä <marja@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#78636}
      8ee40cfc
  4. 15 Jan, 2022 3 commits
  5. 14 Jan, 2022 12 commits