- 16 Jul, 2021 9 commits
-
-
Jakob Kummerow authored
When the FFT multiplication algorithm invokes itself for the recursive steps, the input is "mod Fn"-normalized, i.e. it is at most of the shape (1 << N), but we only read N bits of it, so in the rare case where it was exactly 1 << N, that lone top bit was ignored, leading to an incorrect result of the overall multiplication. Fixed: chromium:1228267 Change-Id: I7b245fc3701696d95e5d75fb970f02d72ce40ff8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3032081Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#75755}
-
Junliang Yan authored
Change-Id: Id843b276e59baeaf700f92e6bf71e20edcb0dd9d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3031581Reviewed-by: Milad Fa <mfarazma@redhat.com> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#75754}
-
Milad Fa authored
vlr is placed in the middle since second input could be the same as dst register and this avoids overwriting it. Change-Id: Ifb6c2157d4bc5c3d83fda118b53b4f960291436a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3027226Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#75753}
-
Clemens Backes authored
Just like many other operations implemented in elements.cc, copyWithin also needs to use relaxed atomics if operating on a shared array buffer to avoid races with other threads. Since the ranges can overlap, this CL also adds a {Relaxed_Memmove} function that either copies forwards (like {Relaxed_Memcpy}) or backwards depending on the ordering of source and destination. R=leszeks@chromium.org Bug: chromium:1221035 Change-Id: I76b7e43810ac9b85f4ff9abbc5a0406618771c25 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3032084Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#75752}
-
Victor Gomes authored
This fixes 2 cluster fuzz bugs. Bug: chromium:1229885, chromium:1229813 Change-Id: Icc2738d7fac35f36f50bd2e723ac8ab4add40068 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3034742 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#75751}
-
Liu Yu authored
Change-Id: Ide2aca9e7cbcd204a5668e59aa902bd2de363799 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3033842 Auto-Submit: Liu yu <liuyu@loongson.cn> Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Cr-Commit-Position: refs/heads/master@{#75750}
-
Al Muthanna Athamina authored
Bug: v8:11980 Change-Id: Ic861186b7457990dea2d4f8f9c0b702e4837895f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3026721 Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#75749}
-
Maya Lekova authored
This CL fixes the syntax of an entry in variants.py for stress_snapshot (which got introduced in https://chromium-review.googlesource.com/c/v8/v8/+/3024147). Change-Id: I8e25ce26d546a022dbf9c038719f3e7cfac1d250 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3031898 Auto-Submit: Maya Lekova <mslekova@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#75748}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/a0ffb5c..c0b24c3 Rolling v8/buildtools/third_party/libc++abi/trunk: https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libcxxabi/+log/bb27865..486cb62 Rolling v8/buildtools/third_party/libunwind/trunk: https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libunwind/+log/333cca2..70006b7 Rolling v8/third_party/aemu-linux-x64: LVzqlcQA3SZ_in57BIRK96jsF2AlRnyVHndAywtOCA8C..ez3lWv5ncjyheCkRQs_v1WGTCLoiJvIecfY-dKKkXcUC Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/f61fac0..88e3e03 Rolling v8/third_party/icu: https://chromium.googlesource.com/chromium/deps/icu/+log/b9dfc58..2a822c5 Rolling v8/third_party/logdog/logdog: https://chromium.googlesource.com/infra/luci/luci-py/client/libs/logdog/+log/794d09a..88ab863 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/9ae36fe..c81b8b9 TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: Iaf7079485a95f1708d47156a3aa95c6b6aaacf84 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3032504Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#75747}
-
- 15 Jul, 2021 18 commits
-
-
Shu-yu Guo authored
I2S: https://groups.google.com/a/chromium.org/g/blink-dev/c/pzy_Z3AwmaY/m/FeXzN3hnAwAJ Bug: v8:11375 Change-Id: I2fda99286d6bb817e65b3b07df8872a0b252ae10 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2773786 Commit-Queue: Shu-yu Guo <syg@chromium.org> Auto-Submit: Shu-yu Guo <syg@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#75746}
-
Shu-yu Guo authored
Bug: v8:7834 Change-Id: I17ded5565514c16e19543cd357df4574bd5b0ebd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3031843 Commit-Queue: Shu-yu Guo <syg@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Auto-Submit: Shu-yu Guo <syg@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#75745}
-
Dan Elphick authored
Unfortunately GN check does not detect missing dependencies for headers that don't appear in any build rule, so it failed to report that these headers are not referenced at all. Bug: v8:7330 Change-Id: I5d11467f322e5497f2d952f734bc69ccf0896bfe Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3032082 Auto-Submit: Dan Elphick <delphick@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#75744}
-
Jakob Kummerow authored
Dividing by first computing a multiplicative inverse is faster than Burnikel-Ziegler division for very large inputs. Bug: v8:11515 Change-Id: Ice45690c3fa4eef7102d418cdd3d82a942a076c5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3015573 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#75743}
-
Ross McIlroy authored
BUG=chromium:1228666 Change-Id: Id5ef86170d5be8db507da80202836558a2fa6eb1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3030703 Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#75742}
-
Victor Gomes authored
This checks if we have emitted the correct constant. If for wherever reason we grow the assembler buffer and fall back to off-heap compilation, we must ensure that we have in the buffer a pointer to the object handle (or the index in embedded_objects_ for arm64). Bug: v8:11872 Change-Id: If989727206f8ee0fd0035307d2dadc8424676b2a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3030708 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#75741}
-
Georg Neis authored
... in FixedArrayBaseData's constructor. Also make get/TryGet check if right-trimming happened (at the moment these methods are used such that it can't happen yet). Bug: v8:7790, v8:11956 Change-Id: I6bd23426b26bb7115c9d0f190eb4be04149368fa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3018087 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#75740}
-
Clemens Backes authored
This removes the low-level {SwitchMemoryPermissionsToWritable()} and {SwitchMemoryPermissionsToExecutable()} functions. They are only used in tests and can be replaced by {CodeSpaceWriteScope} objects that we also use in production. R=jkummerow@chromium.org Change-Id: I7ba702c836f3ac2dd7c7a81d6362040b28e8bef4 Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_rel_ng Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3024150 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#75739}
-
Victor Gomes authored
Bug: v8:11872 Change-Id: I78c480e3266212adf1e71f728ca16b704c2e7d77 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3030702 Auto-Submit: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#75738}
-
Victor Gomes authored
- Initial implementation of Array.concat on Torque. - Adds fast paths for `[].concat()` and `x.concat()`, these are now as fast as `[...x]` and `x.slice()` for non-optimised code. Bug: v8:7152 Change-Id: I86ca15e4e1e67f53424ef0c8bb7eea12d7e660b3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3026716Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/master@{#75737}
-
Benedikt Meurer authored
The order of the enum values is important for the BreakLocation predicates. This wasn't an issue so far, since the DEBUG_BREAK_AT_ENTRY case is anyways treated separately, but for the future I've added a comment and fixed the order. Drive-by-fix: Remove the useless `inline` markers on the predicates. Bug: chromium:1162229, chromium:700516 Change-Id: I05653ac9b5ea225e30c5c2beeff809b8848c2ec7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3026712 Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#75736}
-
Dan Elphick authored
The files src/base/v8-fallthrough.h, src/heap/cppgc/globals.h and src/heap/cppgc/visitor.h were missing from BUILD.gn. This adds them and modified the dependencies to make them visible. Bug: v8:7330 Change-Id: I2be336697d50dd5623c0fc22637c8ab4b184ae39 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3028384Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Cr-Commit-Position: refs/heads/master@{#75735}
-
Michael Lippautz authored
Use a mutex guard when the unprotection is triggered from a compaction space in which case it is actually parallel. Main-thread only unprotection does not require acquiring the mutex. The list itself is only used from the main thread and thus the actual process does not require a mutex. The issue was introduced in https://crrev.com/c/2966382 Bug: v8:11982 Change-Id: I593c0659eb5a96c8206d0b4014f07ab13827be85 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3026705Reviewed-by: Hannes Payer <hpayer@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#75734}
-
Clemens Backes authored
We had two implementations of a thread-local counter for the number of writers: One in {CodeSpaceWriteScope} and one in {WasmCodeManager::SetThreadWritable}. This CL removes the latter, and uses the counter in {CodeSpaceWriteScope} for all implementations. R=jkummerow@chromium.org Bug: v8:11974 Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_rel_ng Cq-Include-Trybots: luci.v8.try:v8_mac_arm64_dbg_ng Change-Id: I683131296c6106a2b12986942bb18e6c0e716612 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3024148Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#75733}
-
Georg Neis authored
Bug: chromium:1228233 Change-Id: I7868cefd2123261f144d61e322a233ed460100ff Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3026717 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/master@{#75732}
-
Lutz Vahl authored
TBR=hablich@chromium.org, vahl@chromium.org Change-Id: Ibf751a42269f4bc5febc12ac4e0e3d03ade260a3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3029086Reviewed-by: Lutz Vahl <vahl@chromium.org> Commit-Queue: Lutz Vahl <vahl@chromium.org> Cr-Commit-Position: refs/heads/master@{#75731}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/2d99938..a0ffb5c Rolling v8/buildtools/third_party/libc++abi/trunk: https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libcxxabi/+log/6803464..bb27865 Rolling v8/buildtools/third_party/libunwind/trunk: https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libunwind/+log/a5feaf6..333cca2 Rolling v8/third_party/aemu-linux-x64: m4sM10idq7LeFHXpoLKLBtaOZsQzuj63Usa3Cl9af1YC..LVzqlcQA3SZ_in57BIRK96jsF2AlRnyVHndAywtOCA8C Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/2814ff3..f61fac0 Rolling v8/third_party/instrumented_libraries: https://chromium.googlesource.com/chromium/src/third_party/instrumented_libraries/+log/4ae2535..9a8087b Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/9d0a403..9ae36fe Rolling v8/tools/luci-go: git_revision:8b8a9a6040ca6debd30694a71a99a1eac97d72fd..git_revision:91a04914ac71b7b6fe7b95ce8691d45eeb69bf4f Rolling v8/tools/luci-go: git_revision:8b8a9a6040ca6debd30694a71a99a1eac97d72fd..git_revision:91a04914ac71b7b6fe7b95ce8691d45eeb69bf4f Rolling v8/tools/luci-go: git_revision:8b8a9a6040ca6debd30694a71a99a1eac97d72fd..git_revision:91a04914ac71b7b6fe7b95ce8691d45eeb69bf4f TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: Ic5336234ae14fd3dcab93b94f433ba1cf1ee76a8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3027047Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#75730}
-
jing.bao authored
Change-Id: I9b0f746e68924d22bdd2c0f693a9b0e8b078a4f9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3026035Reviewed-by: Zhi An Ng <zhin@chromium.org> Commit-Queue: Jing Bao <jing.bao@intel.com> Cr-Commit-Position: refs/heads/master@{#75729}
-
- 14 Jul, 2021 13 commits
-
-
Adam Klein authored
This test is only testing a d8-specific feature, so there's no need to test it under a wide variety of conditions. And at the moment its flakiness in the arm64/debug/simulator config are blocking the v8 roll. Change-Id: I35456989f7875331a415ca3ff478c67a8e7e79bd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3027743 Commit-Queue: Adam Klein <adamk@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Auto-Submit: Adam Klein <adamk@chromium.org> Reviewed-by: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#75728}
-
Igor Sheludko authored
Bug: v8:11985 Change-Id: I2d9cd602d9ef2491f0a757773bd4b110b03a064d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3028381 Commit-Queue: Igor Sheludko <ishell@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Auto-Submit: Igor Sheludko <ishell@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#75727}
-
Milad Fa authored
Change-Id: I25ac85bdc6a72b8527fa84770bce70cfc390c047 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3027222Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#75726}
-
Adam Klein authored
This reverts commit 0b091e9b. Reason for revert: Causes Web Platform Test failures, blocking roll E.g., https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Blink%20Linux/12616/overview Original change's description: > [wasm][eh] Rename Exception to Tag in the JS API > > See: > https://github.com/WebAssembly/exception-handling/issues/159 > > This change only does the rename where it's observable. This should also > be renamed throughout the codebase for consistency and will be done > separately. > > R=ahaas@chromium.org > > Bug: v8:8091 > Change-Id: Iec1118194981dfd33be6e30256b6e72d12143e1f > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3021172 > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> > Cr-Commit-Position: refs/heads/master@{#75718} Bug: v8:8091 Change-Id: Id2067e1cdc33fa657ef738ef5fafad84057f7209 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3027261 Auto-Submit: Adam Klein <adamk@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#75725}
-
Benedikt Meurer authored
Previously we had passed kOnEntryBreakpointPosition as a marker through the regular SetBreakPointForScript() logic and handled that specially in WasmScript, however this instrumentation breakpoint is special and gets in the way of returning more information about a regular breakpoint in case of crbug.com/700516, so I decided to just isolate that into it's own method, especially since the only user already special-cases Wasm anyways. Bug: chromium:1162229, chromium:700516 Change-Id: Ie7966c1701365a4b03710d6dc32cc8278577ee3a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3026711 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#75724}
-
Milad Fa authored
This CL includes the following changes: - Avoid using `UniqueRegister` as much as possible - Try to group opcodes under Binary or Unary when possible Separate selectors are added to use `UniqueRegister` when necessary mainly when `Temp` registers are used. This is to make sure temp, dst and src registers are allocated differently and cannot be overwritten during codegen. Some codegen ops had to also be modified to avoid using `Temp` registers. Change-Id: I4d5bdec58cb4874e7c3d344091cde8c8a9a4d01b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3024149Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/master@{#75723}
-
Clemens Backes authored
If the debugger is disabled for an isolate, we first remove all breakpoints for that isolate, and then tier up the module (if there is no other isolate that keeps it tiered down). During the first step, functions might get recompiled since the set breakpoints change. This is not needed in case we will tier-up the module afterwards anyway. It also triggers a DCHECK if we reinstall debugging code even though the module is already marked "tiered up". This CL avoids the installation of debugging if the module is not tiered down, and also slightly modified the condition for installing new code when tiered-up (to allow overwriting debugging code with non-debugging code even if it's the same tier). R=thibaudm@chromium.org Bug: chromium:1228628 Change-Id: I83828d4186e299f779a858006eafa3dbc7966c35 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3026707Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#75722}
-
Victor Gomes authored
Port of https://chromium-review.googlesource.com/c/v8/v8/+/3024146 to arm. Adds DCHECKs after emitting any code on the heap. Bug: v8:11872 Change-Id: Ia8186143e3caca17a25f8fb23c378e64cc248095 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3024158Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/master@{#75721}
-
Mike Stanton authored
JSHeapBroker::ReadFeedbackForCall() - it may be that the JSFunction we read in the feedback vector hasn't been store-ordered and is therefore unsafe to read. Therefore, we need to call the gc predicate to ensure safety. JSFunctionRef::feedback_vector() & raw_feedback_cell() - I was able to remove the TODO warning about uninitialized data visible from a direct read of these fields from the background. This is because we either store-order into those fields, or rely on a prior store-ordering. Additionally, FeedbackVectorRef and FeedbackCellRef are never-serialized objects, so their first encounter on the background thread is fine (we don't need to have seen and serialized them on the main thread first). Bug: v8:7790 Change-Id: I9cd19999e70fadcf62778dac2b0f679966a4a53f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3026708Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#75720}
-
Jakob Gruber authored
.. and the corresponding map cache. This cache was only used for CreateArray reductions, thus we mostly expect to see unmodified JSArray initial maps. These are already accessible from the native context and don't need to be cached separately. We may also see initial maps for custom JSArray subclasses. New map allocation may be necessary in this case if the requested elements kind differs from that of the current given initial map. Since we can't (easily) allocate on the background thread, we skip the optimization starting with this CL. Bug: v8:7790 Change-Id: Ib8d81094e1572f49eda18e9ec485d317cec62473 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3021175Reviewed-by: Michael Stanton <mvstanton@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Auto-Submit: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#75719}
-
Thibaud Michaud authored
See: https://github.com/WebAssembly/exception-handling/issues/159 This change only does the rename where it's observable. This should also be renamed throughout the codebase for consistency and will be done separately. R=ahaas@chromium.org Bug: v8:8091 Change-Id: Iec1118194981dfd33be6e30256b6e72d12143e1f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3021172Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/master@{#75718}
-
Mike Stanton authored
Also, copying hints can be removed from literals. Shallow copying wasn't used for some time, because of the way we treat mutable heap numbers. Change-Id: Ieeba44a9f8e80c4183af8f4751f68dd3a542532e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3009230Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Michael Stanton <mvstanton@chromium.org> Cr-Commit-Position: refs/heads/master@{#75717}
-
Clemens Backes authored
This avoids a DCHECK failure if we continue using the Assembler after code generation abortion. Even though it might not be the best style to still call methods on the Assembler after abortion, it's not a problem apart from the firing DCHECK, so we apply this simple fix instead of making sure to really abort everything immediately. R=leszeks@chromium.org Bug: chromium:1228720, chromium:1217074 Change-Id: Iac3a652f21e34534dd28fb1ab580ab2ee6df06dd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3024157Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#75716}
-