- 23 Jun, 2022 13 commits
-
-
Nico Hartmann authored
This reverts commit 543acf34. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Mac%20-%20arm64%20-%20release/10365/overview Original change's description: > cppgc: Minor fix in cppgc efficiency calculation > > Efficiency calculation (freed bytes over GC duration) assumes that the > duration of the GC is non zero. However, if the clock resolution is > not small enough and the entire GC is very short, the timed value > appears to be zero. This leads to NaN values showing in metrics and > CHECKs failing. This CL fixes the issue. > > Bug: chromium:1338256 > Change-Id: I1dbc52072fcde3411aa38fa0c11da25afd107ca8 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714356 > Reviewed-by: Omer Katz <omerkatz@chromium.org> > Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org> > Cr-Commit-Position: refs/heads/main@{#81329} Bug: chromium:1338256 Change-Id: Ie9a23651494fc28a11bb59485a9812ee1a7cff48 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3721697 Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Owners-Override: Nico Hartmann <nicohartmann@chromium.org> Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#81331}
-
snek authored
Code for map methods was added a really long time ago but no one ever brought that to set. Adds new common lowering for both collections and updates the SetPrototypeHas builtin. My initial testing shows this to be as much as 50x faster in some cases. Change-Id: Ifea5be01c9e51013d57ac00bd817759ceace6669 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3709246Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: snek <snek@chromium.org> Cr-Commit-Position: refs/heads/main@{#81330}
-
Nikolaos Papaspyrou authored
Efficiency calculation (freed bytes over GC duration) assumes that the duration of the GC is non zero. However, if the clock resolution is not small enough and the entire GC is very short, the timed value appears to be zero. This leads to NaN values showing in metrics and CHECKs failing. This CL fixes the issue. Bug: chromium:1338256 Change-Id: I1dbc52072fcde3411aa38fa0c11da25afd107ca8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714356Reviewed-by: Omer Katz <omerkatz@chromium.org> Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org> Cr-Commit-Position: refs/heads/main@{#81329}
-
Milad Fa authored
Port e35039e7 Original Commit Message: If the returned promise rejects, we switch to the suspender's stack and throw the value. Re-purpose the WasmOnFulfilled data to also represent the rejecting case and rename it to WasmResumeData. R=thibaudm@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: Ic9e5b959df90f1041353662dc054a849fea9874e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3721416Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#81328}
-
Sunny Sachanandani authored
This reverts commit 83f60359. Reason for revert: RB-Dev crash - crbug.com/1338687 Original change's description: > [snapshot] Turn alignment DCHECKS into CHECKS > > This is a temporary change to get more detailed crash reports for > further investigations. > > Bug: chromium:1330861 > Change-Id: Ifdd8d61692577dffd54d07fadb65575a5c30dcd3 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3707592 > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Camillo Bruni <cbruni@chromium.org> > Cr-Commit-Position: refs/heads/main@{#81262} Bug: chromium:1330861, chromium:1338687 Change-Id: I845aee5cfe02dee399851484d1a72f73dc56f1f4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3718943 Auto-Submit: Sunny Sachanandani <sunnyps@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#81327}
-
Thibaud Michaud authored
Throw a wasm trap when trying to re-enter a suspender that is active or suspended. R=ahaas@chromium.org Bug: v8:12191 Change-Id: Ic448a15db29de14fb8d6bb8408af8fbaae82a2b4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3716481Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#81326}
-
Thibaud Michaud authored
If the returned promise rejects, we switch to the suspender's stack and throw the value. Re-purpose the WasmOnFulfilled data to also represent the rejecting case and rename it to WasmResumeData. R=ahaas@chromium.org CC=fgm@chromium.org Bug: v8:12191 Change-Id: I91a301c3c6d9d243efbfabe7263555e11f0d9277 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3706606Reviewed-by: Omer Katz <omerkatz@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#81325}
-
Patrick Thier authored
To be able to share external strings, we need to share the external pointer table in sandbox builds. To avoid branches at runtime all pointers for external strings are stored in the shared external pointer table. Bug: v8:12957 Change-Id: Iaa6be7839a2f5e50f80fd58c5b33fb9c6af61057 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695263Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Patrick Thier <pthier@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Reviewed-by: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#81324}
-
Leon Bettscheider authored
MinorMC events were incorrectly grouped under the V8.GCScavenger trace event name. This CL introduces the trace event name V8.GCMinorMC and uses it when MinorMC is used instead of Scavenger. Change-Id: Ide22526adfa9cc6dec91d3c34186b1c2ea6eb862 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717989 Commit-Queue: Leon Bettscheider <bettscheider@google.com> Reviewed-by: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/main@{#81323}
-
Marja Hölttä authored
Bug: v8:11111 Change-Id: I2984b3ed6ac6b769f9b4ce758fdf4bfc3b6f6d49 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714661Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#81322}
-
Hao Xu authored
Change-Id: I171a2562517f589e20950b8d6df14bfa488885ae Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3719686Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Hao A Xu <hao.a.xu@intel.com> Cr-Commit-Position: refs/heads/main@{#81321}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/3a562c9..5753f4e R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: Ia87b7dd33a1b7c943a2582f82040f54ca219f9e6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3719050 Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#81320}
-
Lu Yahan authored
Change-Id: Ib606da34b76b28fd55811225de47e407a1ebd8ef Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717551Reviewed-by: ji qiu <qiuji@iscas.ac.cn> Auto-Submit: Yahan Lu <yahan@iscas.ac.cn> Commit-Queue: ji qiu <qiuji@iscas.ac.cn> Cr-Commit-Position: refs/heads/main@{#81319}
-
- 22 Jun, 2022 27 commits
-
-
Manos Koukoutos authored
TrapIf and TrapUnless had an effect input, but not an effect output. This is not canonical for Turbofan graphs. This CL puts them properly into the effect chain. Drive-by: - Remove premature optimization in WasmGraphBuilder::TrapIfEq{32,64}. - Change LoadFromObject to Load when loading from a stack slot. Change-Id: I3fc43e693fa0507406dc31208e487026b0e5156b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714240Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#81318}
-
Liviu Rau authored
Bug: skia:10306 Change-Id: Ibcddc8c724130e315471413c2835687fe0571475 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3718660 Auto-Submit: Liviu Rau <liviurau@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#81317}
-
Shu-yu Guo authored
Bug: v8:12547 Change-Id: I13ef21d5246fb1115cf75fb1f6b4bcde33f84dd6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3715379 Auto-Submit: Shu-yu Guo <syg@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/main@{#81316}
-
snek authored
A lot of logic is missing from the Wasm entry for fast api calls. The majority of the lowering is shared between wasm and js, and uses the same graph operators, so this adds a common fast api call builder which can be called from the wasm compiler and the js compiler. Bug: chromium:1052746 Change-Id: I9dbd82548951b2b155a7b2459714239d0b251d71 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3708842 Commit-Queue: snek <snek@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#81315}
-
Shu-yu Guo authored
Add ParkedScopes in d8 where it blocks. Change-Id: I369fbdb361b4e357ff6ceef53fbf52f543979438 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3704903Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Auto-Submit: Shu-yu Guo <syg@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#81314}
-
Milad Fa authored
Changes for TF instruction selector will be pasted in the CL comments and will get applied once all relaxed opcodes have been implemented in codegen/liftoff. Change-Id: I231aa6fcc702a19704b7707331eba549c44232d7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3718393Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#81313}
-
Shu-yu Guo authored
This reverts commit c801d529. Reason for revert: Broke perfetto builder: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20-%20debug%20-%20perfetto%20-%20builder/19620/overview Original change's description: > Refactor dynamic name to perfetto::DynamicString > > Recently perfetto introduced `perfetto::DynamicString` to allow clients > to wrap dynamic event name strings. So that clients don't have to > manually set event name inside trace lambda. > > With that: > > TRACE_EVENT("cat", nullptr, [&](EventContext ctx) { > ctx.event().set_name(dynamic_name_str) > }); > > is simplified to: > > TRACE_EVENT("cat", perfetto::DynamicString{dynamic_name_str}); > > In this change we are making use of perfetto::DynamicString to pass > dynamic event name string. > > Change-Id: Ic6b501df67409d6faa4d60b59095ad0e79ce585e > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3716473 > Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> > Commit-Queue: Mohit Saini <mohitms@google.com> > Cr-Commit-Position: refs/heads/main@{#81298} Change-Id: I06d1d6baa4413e53acfd7ac1e3163c5a6a15597c No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3718436 Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Auto-Submit: Shu-yu Guo <syg@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#81312}
-
Andreas Haas authored
With recent changes, we resolve the promise of e.g. WebAssembly.compile with the external API, and not the V8-internal API. The external API, however, also handles microtasks, and depending on the MicrotasksPolicy, may also execute microtasks immediately. This means the then-handler of WebAssembly.compile may get executed within all the scopes that were open when the external API was called. One of the open scopes is the CancelableTask that finishes WebAssembly compilation. The deadlock seen in the issue arises now when {quit()} gets called in the then-handler of WebAssembly compilation. The reason is that {quit()} terminates the isolate, and during isolate termination, we wait for all running CancelableTasks to finish. This, however, means a deadlock, because the task that terminates the isolate is waiting for itself to finish. R=jkummerow@chrommium.org Bug: chromium:1338150 Change-Id: I89243daffc76a456293519e24bfaad88277bb99a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717990Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/main@{#81311}
-
Shu-yu Guo authored
Also remove the unused AllocateTwoByteInternalizedString method. Change-Id: I28e2c39a0196c48e56942efc263009aa3676cdec Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714988Reviewed-by: Patrick Thier <pthier@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#81310}
-
Danylo Boiko authored
- "Remember graph layout" button - Graph layout caching (almost 10x speed up) - Camera position and zoom saving - Refactored graph.ts, graph-layout.ts and graphmultiview.ts Bug: v8:7327 Change-Id: I6a9db1ddbbaf506bff0b9d1c1e015f245c7c3974 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714248 Commit-Queue: Danylo Boiko <danielboyko02@gmail.com> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#81309}
-
Andy Wingo authored
Following change in https://github.com/WebAssembly/stringref/pull/22. Bug: v8:12868 Change-Id: Ic7728bff5d03ab547cb26ff41d6966f95bfb6b62 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717986 Commit-Queue: Andy Wingo <wingo@igalia.com> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#81308}
-
legendecas authored
SourceTextModule::ExecuteAsyncModule asserts the execution of the module's async function to succeed without exception. However, the problem is that TerminateExecution initiated by embedders is breaking that assumption. The execution can be terminated with an exception and the exception is not catchable by JavaScript. The uncatchable exceptions during the async module evaluation need to be raised to the embedder and not crash the process if possible. Refs: https://github.com/nodejs/node/issues/43182 Change-Id: Ifc152428b95945b6b49a2f70ba35018cfc0ce40b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3696493Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Chengzhong Wu <legendecas@gmail.com> Cr-Commit-Position: refs/heads/main@{#81307}
-
Igor Sheludko authored
... which might fail during map configuration. Bug: v8:12993, v8:12547 Change-Id: Ia57fe60abf4164d81a1352966f9d07016e882be9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717993Reviewed-by: Patrick Thier <pthier@chromium.org> Auto-Submit: Igor Sheludko <ishell@chromium.org> Commit-Queue: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/main@{#81306}
-
Igor Sheludko authored
This CL also makes the PGO-related scripts executable. Bug: v8:10470 Change-Id: Iedf81464ff591e641aae4f1f0aa37312875f2637 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3716482Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Auto-Submit: Igor Sheludko <ishell@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#81305}
-
Milad Fa authored
There seems to be a bug in gcc which causes link errors after this CL: https://crrev.com/c/3714238 Issue seems to happen when using default template argument of function type. A related bug report on bugzilla: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105848 A workaround is to explicitly instantiate the template for type <bool>. Bug: v8:12991 Change-Id: I74db7d42d7b41e8af5d721b8c10130a7a0f2a999 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3718379 Commit-Queue: Milad Farazmand <mfarazma@redhat.com> Reviewed-by: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/main@{#81304}
-
Patrick Thier authored
- Check that internalized strings always have a computed hash value. - Check that ThinStrings never have a forwarding index. - Add a simple test of various property access with --always-use-string-forwarding-table to make the CF aware of the flag. Change-Id: Ie047c9f635d5e0ed999208ec3379ef09c395b3f5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717988Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Patrick Thier <pthier@chromium.org> Cr-Commit-Position: refs/heads/main@{#81303}
-
v8-ci-autoroll-builder authored
Rolling v8/buildtools/linux64: git_revision:8883070fe77f9b484818e73e5892c08ca8a0fe7f..git_revision:ae474cc51337c3fe823f936371c5e92891e86b48 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/4ea19a6..c083518 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/39e4055..28190a2 Rolling v8/third_party/fuchsia-sdk/sdk: version:8.20220614.2.1..version:8.20220622.0.1 R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: I0654e6e87504c32d8f82c78afabd5d5eeb4b2ead Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717741 Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#81302}
-
Marja Hölttä authored
Part 1: Revert "PPC: skip slow tests on the ppc simulator" This reverts commit 9dfac00a. Part 2: Make the slow test faster. Bug: v8:11111 Change-Id: I8f0291098d29917fa65c4b5b28bf03cbdbe7ebc6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3714229 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#81301}
-
Marja Hölttä authored
If parsing fails in ScopeIterator::TryParseAndRetrieveScopes, the intention was to fail silently (see the TODO there). However, closure_scope_ being nullptr caused us to fail less silently. This alone is not enough for fixing chromium:1316811 but the other fixes needed are sufficiently unrelated. Bug: chromium:1316811 Change-Id: I4eb0f5a13fa4da5fd5dd7ff76a1aa1a6a8ee4c63 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3716477Reviewed-by: Simon Zünd <szuend@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#81300}
-
jameslahm authored
Bug: v8:11525 Change-Id: I5a29542032692c106bba14d010605e90954097b8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3706964 Commit-Queue: 王澳 <wangao.james@bytedance.com> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#81299}
-
Mohit Saini authored
Recently perfetto introduced `perfetto::DynamicString` to allow clients to wrap dynamic event name strings. So that clients don't have to manually set event name inside trace lambda. With that: TRACE_EVENT("cat", nullptr, [&](EventContext ctx) { ctx.event().set_name(dynamic_name_str) }); is simplified to: TRACE_EVENT("cat", perfetto::DynamicString{dynamic_name_str}); In this change we are making use of perfetto::DynamicString to pass dynamic event name string. Change-Id: Ic6b501df67409d6faa4d60b59095ad0e79ce585e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3716473Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> Commit-Queue: Mohit Saini <mohitms@google.com> Cr-Commit-Position: refs/heads/main@{#81298}
-
Samuel Groß authored
When the sandbox is enabled, an empty ArrayBuffer does not have a nullptr backing store but instead points to a special EmptyBackingStore pseudo-object inside the sandbox. This then requires special handling during deserialization. This CL fixes two cases where this was not done correctly, which caused some crashes when --stress-snapshot is active. Bug: v8:10391 Change-Id: I412adace229b979b317864a3e8c12ed4c601b850 Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3716480Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#81297}
-
Andy Wingo authored
0x65 is unavailable after https://github.com/WebAssembly/gc/pull/295/files. Bug: v8:12868 Change-Id: I8bdffb279c7e7cf72242c1565cf3401e5fa3f4d5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717984 Commit-Queue: Andy Wingo <wingo@igalia.com> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#81296}
-
Nikolaos Papaspyrou authored
This CL introduces a compile flag v8_enable_inner_pointer_resolution_osb behind which lies the experimental implementation of the object start bitmap. It disassociates the object start bitmap from the compile flag v8_enable_conservative_stack_scanning. At the moment the former flag is a prerequisite for the latter, as conservative stack scanning requires some mechanism for inner pointer resolution and the object start bitmap provides one such mechanism. Bug: v8:12851 Change-Id: I24c6b389453fbaefc79ae50c34c5ec7a1bf23347 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717322Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org> Cr-Commit-Position: refs/heads/main@{#81295}
-
Toon Verwaest authored
This should not be necessary, but something was failing previously when removed. Now that we have the blocklist just merging once seems to work. Bug: v8:7700 Change-Id: I6534506263ae739f28043eef2dee7aba8f28eadf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717983Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#81294}
-
Michael Lippautz authored
Check against copying around a TracedReference containing a zap value. Bug: chromium:1322114 Change-Id: Ie97ecaf18931006516fc70be262829a267d1285c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3717323Reviewed-by: Omer Katz <omerkatz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Auto-Submit: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#81293}
-
Igor Sheludko authored
This reverts commit 319e747a. Reason for revert: it brought unexpected performance regressions. Original change's description: > [arm64] Increase code alignment to 64 > > This should fix unexpected regressions which occur after builtins > modifications. > > This CL affects alignment of embedded builtins on all configurations > and Code header size only for non-pointer compression configuration. > > Bug: v8:11708 > Change-Id: I8058197c5b768a699e7f52446424013e86203b57 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3700392 > Commit-Queue: Igor Sheludko <ishell@chromium.org> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Cr-Commit-Position: refs/heads/main@{#81113} Bug: v8:11708 Change-Id: I238e799284d59e80dee244b240fe2a72c33e83b0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3716485 Auto-Submit: Igor Sheludko <ishell@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#81292}
-