- 12 Aug, 2022 24 commits
-
-
Jakob Kummerow authored
When trying to understand why a given module fails to validate, it can be helpful to disassemble it as far as possible until reaching the erroneous byte(s). Change-Id: I0056ba1a81b85a486c0446d15bbf54ccb2e8332e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3827866Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#82433}
-
Michael Lippautz authored
Worklist uses a singly-linked list of segments to hold entries. Segment size was based on a compile-time constant but already stored in the segment itself. Rework the segments to query `malloc_usable_size()` on allocation and adjust the capacity properly. For PartitionAlloc, it turns out that there's ~20% more capacity available for the 64-element segments. This slows down actual allocation of the segments with the upside of improving utilization and requiring 20% less segments. Change-Id: Ib8595c3fb9fb75b02e4022f6c525bb59a2df7ab7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3826047 Commit-Queue: Anton Bikineev <bikineev@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/main@{#82432}
-
Omer Katz authored
Use AllocationMemento::kSize instead of HeapObject::kHeaderSize Bug: v8:12612 Change-Id: Ieae62546f10c96fe5e5bcf98f9235f0c7ef7ff77 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3826248Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Auto-Submit: Omer Katz <omerkatz@chromium.org> Commit-Queue: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/main@{#82431}
-
ishell@chromium.org authored
Bug: v8:11880 Change-Id: I745caa10106870eb06526cccb8693797a36ba7bd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3825888Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Jakob Linke <jgruber@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#82430}
-
Marja Hölttä authored
Only hardening; no behavioral changes. Bug: v8:11111 Change-Id: I66765b661485334b1b14d9ceaa16a8df355d1898 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3826246Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#82429}
-
Camillo authored
Bug: v8:13115, chromium:1351395 Change-Id: I8804e2cbc13ed040754ab7426780c4528ed6daaa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3826247Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#82428}
-
Liu Yu authored
Port commit ca33c73e Bug: v8:7700 Change-Id: I4da1e75be2418ddf6651614c7902a6393b19479a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3828411 Auto-Submit: Liu Yu <liuyu@loongson.cn> Reviewed-by: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Cr-Commit-Position: refs/heads/main@{#82427}
-
Matthias Liedtke authored
This adds `extern.internalize(ref null extern): ref null any` to wasm which unpacks the wrapped wasm object if the js-interop flag is not set. I31 values are still wrapped in object wrappers and don't use SMIs. Bug: v8:7748 Change-Id: Ie4a4507961d0ad41caf430054a3d341f474b8e66 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3819645Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Matthias Liedtke <mliedtke@chromium.org> Cr-Commit-Position: refs/heads/main@{#82426}
-
Matthias Liedtke authored
nullfuncref = ref null nofunc nullexternref = ref null noextern nullref = ref null none Bug: v8:7748 Change-Id: Ia54ac52c81bde4315e2d6819cff032cb739216c7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3820064 Commit-Queue: Matthias Liedtke <mliedtke@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Auto-Submit: Matthias Liedtke <mliedtke@chromium.org> Cr-Commit-Position: refs/heads/main@{#82425}
-
Matthias Liedtke authored
This has been broken even prior to the any <-> extern split. The code decided to use the generic wrapper for type any even though the generic wrapper doesn't support wrapping the return value of functions and unwrapping arguments passed to it. Bug: v8:7748 Change-Id: I9dbb893cc4bc4f2bb789b3b3a9addd0208d526ae Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3826056Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Auto-Submit: Matthias Liedtke <mliedtke@chromium.org> Commit-Queue: Matthias Liedtke <mliedtke@chromium.org> Cr-Commit-Position: refs/heads/main@{#82424}
-
Clemens Backes authored
Instead of defining one global (FLAG_foo) per flag, define all flag values as fields in a global {v8_flags} struct. This guarantees that the memory is contiguous, and together with proper alignment allows us to later memory-protect that memory space. In order to avoid rewriting all existing code that uses the {FLAG_foo} syntax, we define global aliases: {FLAG_foo} is a reference to {v8_flags.foo}. After the next branch cut (v10.6), follow-up CLs will rewrite all existing code to use the {v8_flags.foo} syntax, and after another branch cut (v10.7) the aliases will be removed. This should allow us to merge back most fixes to the previous branch (N-1). Merges to stable (N-2) might still require resolving merge conflicts manually, if they modify code that reads flags. R=cbruni@chromium.org CC=sroettger@chromium.org Bug: v8:12887 Change-Id: I8bc44429767f611484fe345d7268af1d55c98124 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3810187 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#82423}
-
Dominik Inführ authored
This reverts commit 01aed57e. Reason for revert: Might have caused some regressions, see https://crbug.com/1351991. Original change's description: > [heap] Add IncrementalMarking::AdvanceOnTask as new bottleneck > > Introduce common bottleneck for all incremental marking step > invocations from a task context. This will later be used to move > code out of IncrementalMarking::Step. > > Bug: v8:11708 > Change-Id: Iba2dc2402083f8b4152ded56eaf0e13d473442a8 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3822682 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82343} Bug: v8:11708 Change-Id: I1ec74974d90b865baf223f9820f5bf346f113d86 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3827865 Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#82422}
-
Danylo Boiko authored
Bug: v8:7327 Change-Id: I41faceac568a87cec4ae47ce2e4fc2c03822ddca Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3794649 Commit-Queue: Danylo Boiko <danielboyko02@gmail.com> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#82421}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/9497cae..36b3854 R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I2b0eb070497a2f538bf93f1b26af5d1c4c43592f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3827295 Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#82420}
-
v8-ci-autoroll-builder authored
Rolling v8/buildtools/linux64: git_revision:c8c63300ac8ecb66d8126af5407257209ae59044..git_revision:0bcd37bd2b83f1a9ee17088037ebdfe6eab6d31a Rolling v8/buildtools/third_party/libc++/trunk: https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libcxx/+log/4d0f32e..55e0c49 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/47666e0..b2cd647 Rolling v8/third_party/fuchsia-sdk/sdk: version:9.20220810.1.1..version:9.20220811.2.1 R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I42adf5759bb464a9dd17e66b472435fe4e1e1139 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3827294 Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#82419}
-
Milad Fa authored
temporary bailing out to investigate an intermittent issue. Change-Id: I0fcda62e4c64716aca69bda5a321ea6a91c5a78d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3827867Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#82418}
-
Milad Fa authored
Port 8b4272c2 Original Commit Message: There's no need to decode the tiering state in generated code - merge these runtime functions and decode in the new generic CompileOptimized runtime function instead. CompileMaglev_Synchronized CompileMaglev_Concurrent CompileTurbofan_Synchronized CompileTurbofan_Concurrent -> CompileOptimized R=jgruber@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: Ia61852825fc747ad7fec9983a18bf4e9d4245ad0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3826053 Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Reviewed-by: Junliang Yan <junyan@redhat.com> Cr-Commit-Position: refs/heads/main@{#82417}
-
Milad Fa authored
Port de04959f Original Commit Message: StringConstantXXX were introduced when we switched to concurrent compilation, as a way to build strings in Turbofan in a background thread, without having to actually allocate them on the main heap from the background. See https://crrev.com/c/1221807. Now that we have local heaps, we can actually allocate strings from the background, making StringConstantXXX useless. Moreover, we would fold constant string concatenations into ConsString, which sounds a bit dubious for performance. Now, small constant string concatenations will be folded into SeqStrings, while larger ones will remain ConsString, just to avoid the quadratic worst-case. R=dmercadier@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: I0fb010dfda4a94ba8c5d09de96fa1932c6c91113 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3826049Reviewed-by: Darius Mercadier <dmercadier@chromium.org> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#82416}
-
Lu Yahan authored
Port commit ca33c73e Port commit 8b4272c2 Also [compiler] Remove delayed string constants Port commit de04959f Bug: v8:7700 Change-Id: I28e876231e580710354876a6841e15ca2b35e372 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3826517Reviewed-by: ji qiu <qiuji@iscas.ac.cn> Commit-Queue: ji qiu <qiuji@iscas.ac.cn> Cr-Commit-Position: refs/heads/main@{#82415}
-
Adam Klein authored
Bug: v8:13181 Change-Id: I8eaa84ffc408225ee28dca17607b940fd3f34977 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3826068 Commit-Queue: Adam Klein <adamk@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Auto-Submit: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#82414}
-
Adam Klein authored
This reverts commit cf765fc3. Reason for revert: fixes more tests than expected in test262: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20shared/49412/overview Original change's description: > [Temporal] Use double instead of int32_t for input of BalanceTime > > To avoid overflow int32_t in the math of balancing time. > > Bug: v8:13182, v8:11544 > Change-Id: Ib76cf95bbd4f9b47efd6921a67b09d3024e72b13 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3827310 > Reviewed-by: Adam Klein <adamk@chromium.org> > Commit-Queue: Frank Tang <ftang@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82409} Bug: v8:13182, v8:11544 Change-Id: Id7dd491b4485d13b0e2cc6aae8603479c7949ce8 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3827670 Auto-Submit: Adam Klein <adamk@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#82413}
-
Nico Hartmann authored
This is a reland of commit 6e0251f9 No changes since revert. Was reverted on suspicion of breaking node integration, but was not the culprit. Original change's description: > [turboshaft] Print operator properties as custom data for turbolizer > > Bug: v8:12783 > Change-Id: Ie5812217b3e858d94174087fc492887b00dd2e9a > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3820581 > Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Commit-Queue: Tobias Tebbi <tebbi@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82401} Bug: v8:12783 Change-Id: I3d220e031d89f960b8cd23860f82ec0a8f147aa2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3827665 Commit-Queue: Shu-yu Guo <syg@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#82412}
-
Adam Klein authored
Change-Id: I877a5ebe8e8dff51d7bbd49d203cf71131e4d9fd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3805821Reviewed-by: Frank Tang <ftang@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#82411}
-
Adam Klein authored
Change-Id: I7ecdfa6ee865d87851bf1975ddd48bd0bfcd39ba Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3805822Reviewed-by: Frank Tang <ftang@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#82410}
-
- 11 Aug, 2022 16 commits
-
-
Frank Tang authored
To avoid overflow int32_t in the math of balancing time. Bug: v8:13182, v8:11544 Change-Id: Ib76cf95bbd4f9b47efd6921a67b09d3024e72b13 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3827310Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#82409}
-
Frank Tang authored
https://chromium.googlesource.com/external/github.com/tc39/test262/+log/e41d581c6d..adba7dfd9c Bug: v8:7834 Change-Id: I1150ce8da79c452b9bbf662d9486a79a64148509 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3824881Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#82408}
-
Shu-yu Guo authored
This reverts commit 6e0251f9. Reason for revert: On suspicion of breaking node integration https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20-%20node.js%20integration%20ng/21832/overview Original change's description: > [turboshaft] Print operator properties as custom data for turbolizer > > Bug: v8:12783 > Change-Id: Ie5812217b3e858d94174087fc492887b00dd2e9a > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3820581 > Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Commit-Queue: Tobias Tebbi <tebbi@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82401} Bug: v8:12783 Change-Id: I3812a358c45e8e848ec1fb622a19d12f7aa6411b No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3827664 Auto-Submit: Shu-yu Guo <syg@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Owners-Override: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#82407}
-
Frank Tang authored
This reverts commit d9f58973. Reason for revert: Break UBSAN Original change's description: > [Temporal] Mark fixed tests > > Bug: v8:11544 > Change-Id: Iefd64619e6361683e70fdac26d155aa8d27da9e5 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3824751 > Reviewed-by: Shu-yu Guo <syg@chromium.org> > Commit-Queue: Frank Tang <ftang@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82405} Bug: v8:11544 Change-Id: I5501bf416345a69508a07f4bbe70bb300f49c296 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3827663Reviewed-by: Frank Tang <ftang@chromium.org> Commit-Queue: Mathias Bynens <mathias@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Reviewed-by: Mathias Bynens <mathias@chromium.org> Cr-Commit-Position: refs/heads/main@{#82406}
-
Frank Tang authored
Bug: v8:11544 Change-Id: Iefd64619e6361683e70fdac26d155aa8d27da9e5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3824751Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#82405}
-
Frank Tang authored
in AdjustRoundedDurationDays Bug: v8:11544 Change-Id: I5067aba802b5051312afdd38b0f9c71bfdc14c2a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3825617Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#82404}
-
Frank Tang authored
Remove the unnecessary int64_t version of RoundNumberToIncrement and remove the unneeded RoundHalfAwayFromZero. Change the type of the increment to double from int64_t. split from cl/3750098 Bug: v8:11544 Change-Id: I591486c472e9c1343306ff9a1d0384d06fe01835 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3824194 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/main@{#82403}
-
Frank Tang authored
Sync to spec to allow BalanceDuration to throw. Spec text: https://tc39.es/proposal-temporal/#sec-temporal.calendar.prototype.dateadd PR change: https://github.com/tc39/proposal-temporal/pull/2094 split from cl/3750098 Bug: v8:11544 Change-Id: I5a73dede2335bcf3f3e61a0ce789555671e5dda5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3824662Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/main@{#82402}
-
Nico Hartmann authored
Bug: v8:12783 Change-Id: Ie5812217b3e858d94174087fc492887b00dd2e9a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3820581 Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#82401}
-
Jakob Kummerow authored
So far, we decoded instructions with the 0xFB prefix as two-byte, i.e. a single "u8" byte following the prefix. This patch changes that to 0xFB + LEB, which is how all prefixed instructions are supposed to do it. Currently this makes a difference only for the stringref proposal (instructions 0x80 through 0xb3). It has the unfortunate consequence that all stringref instructions need three bytes for now. We expect them to go back to a two-byte encoding scheme (while remaining LEB compliant) when their final encoding is decided. Bug: v8:12868 Change-Id: I603f60adae88e9b985cb65288d9eeb7f98da8138 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3825887 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#82400}
-
Milad Fa authored
Port c5d48121 Original Commit Message: This CL adds the shared barrier to the RecordWrite builtin which is used in generated code for builtins, interpreted and optimized code. The out-of-line part of the barrier now checks whether either the POINTERS_TO_HERE_ARE_INTERESTING or the IN_SHARED_HEAP bit is set in the value object's page flags. Outside of marking the RecordWrite builtin now needs to check whether to insert into the generational or shared remembered set. Inserting into the shared remembered set will always call into C++ code. During marking the RecordWrite builtin now also needs to check whether this store created an old-to-shared pointer. R=dinfuehr@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: I850fc234fa34868c6320fc64c6dac7e2f24af1c3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3825891 Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#82399}
-
Clemens Backes authored
This is a reland of commit 9d36b2dd. The test case is fixed to actually protect a part of the data section instead of the stack (which was unintended and could lead to segfaults). Original change's description: > [base] Add new API to protect data memory > > This adds a new {base::OS::SetDataReadOnly} method, which is similar to > {SetPermissions(kRead)}, but using another system call on Windows such > that it works on pages in the data segment. > {VirtualAlloc} will fail if called on a page of the data section, > whereas {VirtualProtect} succeeds. For the general {SetPermissions} > API we still want to use {VirtualAlloc} though, as it also changes the "committed" state of the pages. > > Note that we do not add a platform API for this, as the memory was > never allocated through the platform. We just directly protect it in > V8. > > R=mlippautz@chromium.org > > Bug: v8:12887 > Change-Id: If83bf6e5c500cc5cf08c76d04dfac5e2b4d35a2d > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3820482 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Commit-Queue: Clemens Backes <clemensb@chromium.org> > Cr-Commit-Position: refs/heads/main@{#82349} Bug: v8:12887 Change-Id: Ib7c24b43b53d568dafb4a56cf8db7479c784e8d8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3825889Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#82398}
-
Jakob Linke authored
The buggy version was introduced in crrev.com/c/3629149. Currently we only use this OSR mechanic for a Turbofan target tier. Bug: v8:7700,chromium:1352010 Change-Id: I5e6d5803c489360a6fa5cca6cca1966dd4bb5c48 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3825890 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Jakob Linke <jgruber@chromium.org> Auto-Submit: Jakob Linke <jgruber@chromium.org> Reviewed-by: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#82397}
-
Omer Katz authored
Explicitly check that the memento is not in the unallocated portion of the current LAB. Bug: v8:12612 Change-Id: Ie060f44187d2280e72e2eebb0f3c284e2d6c7446 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3824337 Commit-Queue: Omer Katz <omerkatz@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#82396}
-
Victor Gomes authored
Two inputs might alias the same node. If one input is assigned any location before the second input is assigned a register, we might have two inputs in the node in different locations. Assigning any location later forces the inputs to point to the same location (either a register or a stack slot). Bug: v8:7700 Change-Id: I53e35e5d5afa7e82e2a62a9b0c551b609079c79b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3825886 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Jakob Linke <jgruber@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#82395}
-
Andreas Haas authored
R=thibaudm@chromium.org Bug: v8:12926 Change-Id: I10a48d2f43cd6b9eac2690a62654bdf25bd3b889 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3825884Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#82394}
-