- 18 Dec, 2018 2 commits
-
-
Jakob Kummerow authored
Bug: v8:3770 Change-Id: If88c285bf1528f03401d3a83349b61435ac79f85 Reviewed-on: https://chromium-review.googlesource.com/c/1382455 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#58337}
-
Jakob Kummerow authored
Bug: v8:3770 Change-Id: Iafde7e4514fcc803b627a4a9b3469c84b7413282 Reviewed-on: https://chromium-review.googlesource.com/c/1382453Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#58319}
-
- 08 Dec, 2018 1 commit
-
-
Jakob Kummerow authored
Bug: v8:3770 Change-Id: I1d74ffe9e5478b4b8bc0acbf088d20919d458d50 Reviewed-on: https://chromium-review.googlesource.com/c/1363822 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#58112}
-
- 04 Dec, 2018 1 commit
-
-
Yang Guo authored
R=delphick@chromium.org Change-Id: Iad128dc76a8d399bbf18053fc1f32e34fa36c198 Reviewed-on: https://chromium-review.googlesource.com/c/1357056Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#58015}
-
- 30 Nov, 2018 1 commit
-
-
Jakob Kummerow authored
Bug: v8:3770 Change-Id: I6ad84a663926fffc9e1acc590c13780c39461274 Reviewed-on: https://chromium-review.googlesource.com/c/1351248 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#57952}
-
- 05 Nov, 2018 1 commit
-
-
Jakob Kummerow authored
and split Smi out of objects.h into smi.h. Bug: v8:3770, v8:5402 Change-Id: I5ff7461495d29c785a76c79aca2616816a29ab1e Reviewed-on: https://chromium-review.googlesource.com/c/1313035Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#57252}
-
- 17 Oct, 2018 1 commit
-
-
Florian Sattler authored
Store the bits of a small type into the lower bits of a pointer type that are free due to alignment. Furthermore, reordering of members to reduce size of some classes. Change-Id: I3c619cb74053f64995ea7d0cb395e8edda604f18 Reviewed-on: https://chromium-review.googlesource.com/c/1273019 Commit-Queue: Florian Sattler <sattlerf@google.com> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#56726}
-
- 11 Oct, 2018 1 commit
-
-
Jakob Kummerow authored
The primary purpose of this is to untangle a circular dependency objects.h -> handles.h -> objects.h. Most compilation units only need message-template.h, without the rest of messages.h. Bonus: change the enum to an enum class for improved type safety. Bug: v8:3770 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: I8102c55197a450811de2588a68a08e7f99ea6b9e Reviewed-on: https://chromium-review.googlesource.com/c/1272193 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#56583}
-
- 23 Jul, 2018 1 commit
-
-
Stephan Herhut authored
This moves the static handle() helper function to handles-inl.h as it ultimately depends on handles-inl.h anyway. To make this possible, also move some other code to -inl.h files and split up some header files into a -inl.h part. Bug: v8:7490 Change-Id: I0f68e0728ba082b87ffa911aaf205d9b1523d2c9 Reviewed-on: https://chromium-review.googlesource.com/1146723Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Stephan Herhut <herhut@chromium.org> Cr-Commit-Position: refs/heads/master@{#54617}
-
- 26 Jun, 2018 5 commits
-
-
Georg Neis authored
This is a reland of f0bcbc90. A few casts were still wrong. Original change's description: > Reland "Introduce MutableHeapNumber class." > > This is a reland of 40ac6b18, which > was incorrect due to a bad merge. > > Original change's description: > > Introduce MutableHeapNumber class. > > > > V8 knows heap numbers and mutable heap numbers. They have > > difference instance types, but in C++ code we've used the > > same class for both (HeapNumber). Confusingly, however, > > IsHeapNumber would return false for mutable heap numbers, > > while HeapNumber::cast would succeed. > > > > This CL adds a separate class MutableHeapNumber and > > eliminates the confusing behavior. > > [...] > TBR=bmeurer@chromium.org > TBR=ulan@chromium.org > > Change-Id: I3af1014c949821dfac0754a3e48c65ce1bad1ad1 > Reviewed-on: https://chromium-review.googlesource.com/1114539 > Reviewed-by: Georg Neis <neis@chromium.org> > Commit-Queue: Georg Neis <neis@chromium.org> > Cr-Commit-Position: refs/heads/master@{#54022} Change-Id: I19a33da4b6abcd445b528a84d4f56ba1964d337b Reviewed-on: https://chromium-review.googlesource.com/1114100 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#54027}
-
Georg Neis authored
This reverts commit f0bcbc90. Reason for revert: Still failing bots. Original change's description: > Reland "Introduce MutableHeapNumber class." > > This is a reland of 40ac6b18, which > was incorrect due to a bad merge. > > Original change's description: > > Introduce MutableHeapNumber class. > > > > V8 knows heap numbers and mutable heap numbers. They have > > difference instance types, but in C++ code we've used the > > same class for both (HeapNumber). Confusingly, however, > > IsHeapNumber would return false for mutable heap numbers, > > while HeapNumber::cast would succeed. > > > > This CL adds a separate class MutableHeapNumber and > > eliminates the confusing behavior. > > > > TBR=bmeurer@chromium.org > > > > Change-Id: Id894d177c7fe8cc3f451be80c273b50daee91378 > > Reviewed-on: https://chromium-review.googlesource.com/1113544 > > Commit-Queue: Georg Neis <neis@chromium.org> > > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#54012} > > TBR=bmeurer@chromium.org > TBR=ulanchromium.org > > Change-Id: I3af1014c949821dfac0754a3e48c65ce1bad1ad1 > Reviewed-on: https://chromium-review.googlesource.com/1114539 > Reviewed-by: Georg Neis <neis@chromium.org> > Commit-Queue: Georg Neis <neis@chromium.org> > Cr-Commit-Position: refs/heads/master@{#54022} TBR=ulan@chromium.org,jarin@chromium.org,neis@chromium.org,bmeurer@chromium.org Change-Id: I99c226e95dfb0b913903cc83193f6e51de8c1b47 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/1114099Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#54024}
-
Georg Neis authored
This is a reland of 40ac6b18, which was incorrect due to a bad merge. Original change's description: > Introduce MutableHeapNumber class. > > V8 knows heap numbers and mutable heap numbers. They have > difference instance types, but in C++ code we've used the > same class for both (HeapNumber). Confusingly, however, > IsHeapNumber would return false for mutable heap numbers, > while HeapNumber::cast would succeed. > > This CL adds a separate class MutableHeapNumber and > eliminates the confusing behavior. > > TBR=bmeurer@chromium.org > > Change-Id: Id894d177c7fe8cc3f451be80c273b50daee91378 > Reviewed-on: https://chromium-review.googlesource.com/1113544 > Commit-Queue: Georg Neis <neis@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Cr-Commit-Position: refs/heads/master@{#54012} TBR=bmeurer@chromium.org TBR=ulanchromium.org Change-Id: I3af1014c949821dfac0754a3e48c65ce1bad1ad1 Reviewed-on: https://chromium-review.googlesource.com/1114539Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#54022}
-
Yang Guo authored
This reverts commit 40ac6b18. Reason for revert: https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8%20Linux%20-%20debug/21009 Original change's description: > Introduce MutableHeapNumber class. > > V8 knows heap numbers and mutable heap numbers. They have > difference instance types, but in C++ code we've used the > same class for both (HeapNumber). Confusingly, however, > IsHeapNumber would return false for mutable heap numbers, > while HeapNumber::cast would succeed. > > This CL adds a separate class MutableHeapNumber and > eliminates the confusing behavior. > > TBR=bmeurer@chromium.org > > Change-Id: Id894d177c7fe8cc3f451be80c273b50daee91378 > Reviewed-on: https://chromium-review.googlesource.com/1113544 > Commit-Queue: Georg Neis <neis@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Cr-Commit-Position: refs/heads/master@{#54012} TBR=ulan@chromium.org,jarin@chromium.org,neis@chromium.org,bmeurer@chromium.org Change-Id: I358a822f20b9110def968e69463a753a2a32c68c No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/1114538Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#54013}
-
Georg Neis authored
V8 knows heap numbers and mutable heap numbers. They have difference instance types, but in C++ code we've used the same class for both (HeapNumber). Confusingly, however, IsHeapNumber would return false for mutable heap numbers, while HeapNumber::cast would succeed. This CL adds a separate class MutableHeapNumber and eliminates the confusing behavior. TBR=bmeurer@chromium.org Change-Id: Id894d177c7fe8cc3f451be80c273b50daee91378 Reviewed-on: https://chromium-review.googlesource.com/1113544 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#54012}
-
- 06 Apr, 2018 1 commit
-
-
Clemens Hammacher authored
Replace all uses with V8_WARN_UNUSED_RESULT. WARN_UNUSED_RESULT was defined in src/base/compiler-specific.h, which includes include/v8config.h, which already defined V8_WARN_UNUSED_RESULT. R=mstarzinger@chromium.org Bug: v8:7570 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I662072294605036ca5aa0c8fdaa0218ac5d95f23 Reviewed-on: https://chromium-review.googlesource.com/998893Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#52457}
-
- 08 Mar, 2018 3 commits
-
-
Jakob Kummerow authored
This is a reland of 609aaa55 Originally reviewed at: https://chromium-review.googlesource.com/952626 Tbr: adamk@chromium.org Bug: v8:6791 Change-Id: If0699fbfb280192bed61538ccc67c7c95893e691 Reviewed-on: https://chromium-review.googlesource.com/954665Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#51819}
-
Michael Achenbach authored
This reverts commit 609aaa55. Reason for revert: https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/22157 Original change's description: > [bigint] Serialization support for BigInts > > Bug: v8:6791 > Change-Id: I6d428d0bfc08b7447cd4a961b9f4053c89ed158b > Reviewed-on: https://chromium-review.googlesource.com/952626 > Reviewed-by: Adam Klein <adamk@chromium.org> > Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> > Cr-Commit-Position: refs/heads/master@{#51795} TBR=adamk@chromium.org,jkummerow@chromium.org Change-Id: I3c5ab51c40fcd897638d039d433cd764ca7f4e77 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:6791 Reviewed-on: https://chromium-review.googlesource.com/954942Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#51796}
-
Jakob Kummerow authored
Bug: v8:6791 Change-Id: I6d428d0bfc08b7447cd4a961b9f4053c89ed158b Reviewed-on: https://chromium-review.googlesource.com/952626Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#51795}
-
- 25 Jan, 2018 1 commit
-
-
Yang Guo authored
This is somewhat of a revival of what used to be UnseededNumberDictionary. The difference to NumberDictionary is that each entry only has two fields (no field for property details) and there is no header field for a bitfield. The reason for this change is memory regression introduced when we removed UnseededNumberDictionary (6e1c57ea). We now use SimpleNumberDictionary for - slow template instantiation cache - code stubs table - value serializer map - stack frame cache - type profile source positions R=ishell@chromium.org, ulan@chromium.org Bug: chromium:783695 Change-Id: I3cd32e485060bb379fb2279eeefbbbded7455f0e Reviewed-on: https://chromium-review.googlesource.com/885811Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#50869}
-
- 18 Jan, 2018 1 commit
-
-
Malcolm White authored
This is the v8 side of changes; blink changes are at https://chromium-review.googlesource.com/c/chromium/src/+/809228 BUG=chromium:716320 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: Ia77764aed09dd609bf2304fe3c392a0e8ee16334 Reviewed-on: https://chromium-review.googlesource.com/847337Reviewed-by: v8 autoroll <v8-autoroll@chromium.org> Cr-Original-Commit-Position: refs/heads/6.5.123@{#1} Cr-Original-Branched-From: 2a8e1e4a-refs/heads/master@{#50331} Reviewed-on: https://chromium-review.googlesource.com/854395 Commit-Queue: Malcolm White <malcolmwhite@google.com> Reviewed-by: Ben Smith <binji@chromium.org> Cr-Commit-Position: refs/heads/master@{#50699}
-
- 07 Nov, 2017 1 commit
-
-
Yang Guo authored
Use (Seeded)NumberDictionary instead. Change-Id: I426cd0a33df7d47fe4fec0c108be5632ef7c0f19 Reviewed-on: https://chromium-review.googlesource.com/756697Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#49179}
-
- 20 Oct, 2017 1 commit
-
-
Ben Smith authored
The wasm memory deserialization didn't properly increment the object id, so wouldn't work properly if the memory object (or its contained SharedArrayBuffer) where included multiple times in the object. Bug: v8:6895 Change-Id: I5c4c25bad2ec6152883c5a7321038aba1950480a Reviewed-on: https://chromium-review.googlesource.com/721630Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Ben Smith <binji@chromium.org> Cr-Commit-Position: refs/heads/master@{#48767}
-
- 16 Oct, 2017 1 commit
-
-
Ben Smith authored
This is only enabled when --experimental-wasm-threads is enabled. In addition, only shared WebAssembly.Memory may be sent, as specified here: https://github.com/WebAssembly/design/pull/1074/files#diff-8e85308ab5cc1e83e91ef59233648be2R227 Bug: v8:6895 Change-Id: Id009a7f890d15fa6c98e93f03806f7e7eff30c2a Reviewed-on: https://chromium-review.googlesource.com/719417 Commit-Queue: Brad Nelson <bradnelson@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Reviewed-by: Brad Nelson <bradnelson@chromium.org> Cr-Commit-Position: refs/heads/master@{#48609}
-
- 07 Jul, 2017 1 commit
-
-
titzer authored
This CL refactors the internal representation of JavaScript-exposed WebAssembly objects to be more like other such objects in V8. By introducing a new instance type for each of the JS-exposed types, we get more robust typechecking without using embedder fields (which were previously used when these objects where instance type JS_API_OBJECT). In addition to the new instance types, the subclasses X of JSObject (WasmInstanceObject, WasmMemoryObject, WasmModuleObject, WasmTableObject) now have appropriate Is##X() methods on Object and are now robust. BUG=v8:6547 CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_rel_ng Review-Url: https://codereview.chromium.org/2964943002 Cr-Commit-Position: refs/heads/master@{#46475}
-
- 22 Jun, 2017 1 commit
-
-
Toon Verwaest authored
SeededNumberDictionaries are used to implement element backing stores of JSObjects, not internally used dictionaries. This saves space for the anyway unused PropertyDetails entry (1/3 fields). Bug: Change-Id: I6fe9fae6de500dd0bcb722f51a7543952c7813e9 Reviewed-on: https://chromium-review.googlesource.com/543343 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#46124}
-
- 27 Apr, 2017 1 commit
-
-
jbroman authored
BUG=chromium:704293 Review-Url: https://codereview.chromium.org/2804643006 Cr-Commit-Position: refs/heads/master@{#44945}
-
- 04 Apr, 2017 1 commit
-
-
jbroman authored
This enables clients like IndexedDB to know when the data format version has decreased (i.e. the user has switched to an earlier version) and deal with the resulting incompatibility up front. BUG=chromium:704293 Review-Url: https://codereview.chromium.org/2772723005 Cr-Commit-Position: refs/heads/master@{#44391}
-
- 21 Mar, 2017 2 commits
-
-
mtrofin authored
Reland of [wasm] Transferrable modules (patchset #1 id:1 of https://codereview.chromium.org/2762163002/ ) Reason for revert: Temporarily disabled tests on chromium side (https://codereview.chromium.org/2764933002) Original issue's description: > Revert of [wasm] Transferrable modules (patchset #13 id:280001 of https://codereview.chromium.org/2748473004/ ) > > Reason for revert: > Breaks layout tests: > https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/14312 > > See https://github.com/v8/v8/wiki/Blink-layout-tests > > Original issue's description: > > [wasm] Transferrable modules > > > > We want to restrict structured cloning in Chrome to: > > - postMessage senders and receivers that are co-located > > in the same process > > - indexedDB (just https). > > > > For context, on the Chrome side, we will achieve the postMessage part > > by using a mechanism similar to transferrables: the > > SerializedScriptValue will have a list of wasm modules, separate from > > the serialized data stream; and this list won't be copied cross > > process boundaries. The IDB part is achieved by explicitly opting in > > reading/writing to the serialization stream. To block attack vectors > > in IPC cases, the default for deserialization will be to expect data > > in the wasm transfers list. > > > > This change is the V8 side necessary to enabling this design. We > > introduce TransferrableModule, an opaque datatype exposed to the > > embedder. Internally, TransferrableModules are just serialized data, > > because we don't have a better mechanism, at the moment, for > > de-contextualizing/re-contextualizing wasm modules (wrt Isolate and > > Context). > > > > The chrome defaults will be implemented in the > > serialization/deserialization delegates on that side. For the v8 side > > of things, in the absence of a serialization delegate, the V8 > > serializer will write to serialization stream. In the absence of a > > deserialization delegate, the deserializer won't work. This asymmetry > > is intentional - it communicates to the embedder the need to make a > > policy decision, otherwise wasm serialization/deserialization won't > > work "out of the box". > > > > BUG=v8:6079 > > > > Review-Url: https://codereview.chromium.org/2748473004 > > Cr-Commit-Position: refs/heads/master@{#43955} > > Committed: https://chromium.googlesource.com/v8/v8/+/99743ad460ea5b9795ba9d70a074e75d7362a3d1 > > TBR=jbroman@chromium.org,bradnelson@chromium.org,mtrofin@chromium.org > # Skipping CQ checks because original CL landed less than 1 days ago. > NOPRESUBMIT=true > NOTREECHECKS=true > NOTRY=true > BUG=v8:6079 > > Review-Url: https://codereview.chromium.org/2762163002 > Cr-Commit-Position: refs/heads/master@{#43981} > Committed: https://chromium.googlesource.com/v8/v8/+/e538b70e1a45289dfe0fa9789563f023a5e9c22b TBR=jbroman@chromium.org,bradnelson@chromium.org,machenbach@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:6079 Review-Url: https://codereview.chromium.org/2762273002 Cr-Commit-Position: refs/heads/master@{#43994}
-
machenbach authored
Revert of [wasm] Transferrable modules (patchset #13 id:280001 of https://codereview.chromium.org/2748473004/ ) Reason for revert: Breaks layout tests: https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/14312 See https://github.com/v8/v8/wiki/Blink-layout-tests Original issue's description: > [wasm] Transferrable modules > > We want to restrict structured cloning in Chrome to: > - postMessage senders and receivers that are co-located > in the same process > - indexedDB (just https). > > For context, on the Chrome side, we will achieve the postMessage part > by using a mechanism similar to transferrables: the > SerializedScriptValue will have a list of wasm modules, separate from > the serialized data stream; and this list won't be copied cross > process boundaries. The IDB part is achieved by explicitly opting in > reading/writing to the serialization stream. To block attack vectors > in IPC cases, the default for deserialization will be to expect data > in the wasm transfers list. > > This change is the V8 side necessary to enabling this design. We > introduce TransferrableModule, an opaque datatype exposed to the > embedder. Internally, TransferrableModules are just serialized data, > because we don't have a better mechanism, at the moment, for > de-contextualizing/re-contextualizing wasm modules (wrt Isolate and > Context). > > The chrome defaults will be implemented in the > serialization/deserialization delegates on that side. For the v8 side > of things, in the absence of a serialization delegate, the V8 > serializer will write to serialization stream. In the absence of a > deserialization delegate, the deserializer won't work. This asymmetry > is intentional - it communicates to the embedder the need to make a > policy decision, otherwise wasm serialization/deserialization won't > work "out of the box". > > BUG=v8:6079 > > Review-Url: https://codereview.chromium.org/2748473004 > Cr-Commit-Position: refs/heads/master@{#43955} > Committed: https://chromium.googlesource.com/v8/v8/+/99743ad460ea5b9795ba9d70a074e75d7362a3d1 TBR=jbroman@chromium.org,bradnelson@chromium.org,mtrofin@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:6079 Review-Url: https://codereview.chromium.org/2762163002 Cr-Commit-Position: refs/heads/master@{#43981}
-
- 20 Mar, 2017 1 commit
-
-
mtrofin authored
We want to restrict structured cloning in Chrome to: - postMessage senders and receivers that are co-located in the same process - indexedDB (just https). For context, on the Chrome side, we will achieve the postMessage part by using a mechanism similar to transferrables: the SerializedScriptValue will have a list of wasm modules, separate from the serialized data stream; and this list won't be copied cross process boundaries. The IDB part is achieved by explicitly opting in reading/writing to the serialization stream. To block attack vectors in IPC cases, the default for deserialization will be to expect data in the wasm transfers list. This change is the V8 side necessary to enabling this design. We introduce TransferrableModule, an opaque datatype exposed to the embedder. Internally, TransferrableModules are just serialized data, because we don't have a better mechanism, at the moment, for de-contextualizing/re-contextualizing wasm modules (wrt Isolate and Context). The chrome defaults will be implemented in the serialization/deserialization delegates on that side. For the v8 side of things, in the absence of a serialization delegate, the V8 serializer will write to serialization stream. In the absence of a deserialization delegate, the deserializer won't work. This asymmetry is intentional - it communicates to the embedder the need to make a policy decision, otherwise wasm serialization/deserialization won't work "out of the box". BUG=v8:6079 Review-Url: https://codereview.chromium.org/2748473004 Cr-Commit-Position: refs/heads/master@{#43955}
-
- 22 Feb, 2017 1 commit
-
-
Ross McIlroy authored
In order to use the IdentityMap in the CompilerDispatcher the following support is added: - Support for deleting entries - Support for iterating through the entries. - Support for AllocationPolicy to enable non-zone allocation of backing stores. - Also refactors the code a bit. BUG=v8:5203 Change-Id: I8b616cba8ae9dc22a7f4d76070fbb318c4edc80d Reviewed-on: https://chromium-review.googlesource.com/444409Reviewed-by: Ben Titzer <titzer@chromium.org> Reviewed-by: Jochen Eisinger <jochen@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#43362}
-
- 17 Feb, 2017 1 commit
-
-
addaleax authored
Add `ValueSerializer::SetTreatArrayBufferViewsAsHostObjects()` which instructs the `ValueSerializer` to treat ArrayBufferView objects as host objects. BUG=v8:5926 Review-Url: https://codereview.chromium.org/2696133007 Cr-Commit-Position: refs/heads/master@{#43281}
-
- 01 Feb, 2017 1 commit
-
-
jbroman authored
This avoids the need to pull in the UTF-8 encoding code from the public API, and allows it to take advantage of any supported way that i::String can be encoded (one- or two-byte). Backward compatibility is maintained, but this is the behavior beginning with this version. BUG=chromium:686159 Review-Url: https://codereview.chromium.org/2665653004 Cr-Commit-Position: refs/heads/master@{#42872}
-
- 28 Jan, 2017 1 commit
-
-
jbroman authored
memcpy is faster than UTF-8 encoding/decoding. This yields 10-20% wins on serializing and deserializing long ASCII strings, according to blink_perf.bindings -- and these are already in a fast path where the entire string is known to be ASCII (but this has to be checked). The win may be larger for strings in Latin-1 but not ASCII (though I suspect this is an uncommon case). A change is also made to make ValueSerializerTest.EncodeTwoByteStringUsesPadding survive wire format version number changes. This is the first of a series of wire format changes from the previous Blink format. The deserializer continues to be able to read the old format, but Chromium M56 will no longer be able to read the messages written by this, in M58. BUG=chromium:686159 Review-Url: https://codereview.chromium.org/2658793004 Cr-Commit-Position: refs/heads/master@{#42753}
-
- 27 Jan, 2017 1 commit
-
-
binji authored
Review-Url: https://codereview.chromium.org/2643723010 Cr-Commit-Position: refs/heads/master@{#42749}
-
- 03 Jan, 2017 1 commit
-
-
binji authored
This behavior changed recently. SharedArrayBuffers should not be put in the transfer list, because they are not detached, and that is the meaning of being in the transfer list. This is the V8 side of the change, the Blink side will come next. Reland of https://codereview.chromium.org/2570433005, it was reverted because of a Blink-side test failure which has been temporarily disabled; see https://codereview.chromium.org/2590003002. BUG=https://bugs.chromium.org/p/chromium/issues/detail?id=676063 Review-Url: https://codereview.chromium.org/2594793005 Cr-Commit-Position: refs/heads/master@{#42054}
-
- 16 Dec, 2016 1 commit
-
-
machenbach authored
Revert of Disallow passing a SharedArrayBuffer in the transfer list. (patchset #4 id:60001 of https://codereview.chromium.org/2570433005/ ) Reason for revert: Breaks layout tests: https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/12098 See: https://github.com/v8/v8/wiki/Blink-layout-tests Original issue's description: > Disallow passing a SharedArrayBuffer in the transfer list. > > This behavior changed recently. SharedArrayBuffers should not be put in the > transfer list, because they are not detached, and that is the meaning of being > in the transfer list. > > This is the V8 side of the change, the Blink side will come next. > > Review-Url: https://codereview.chromium.org/2570433005 > Cr-Commit-Position: refs/heads/master@{#41740} > Committed: https://chromium.googlesource.com/v8/v8/+/1c5e1504e0305363cd262f1706cbd63f9a62ae46 TBR=jbroman@chromium.org,jkummerow@chromium.org,binji@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Review-Url: https://codereview.chromium.org/2579963002 Cr-Commit-Position: refs/heads/master@{#41744}
-
- 15 Dec, 2016 1 commit
-
-
binji authored
This behavior changed recently. SharedArrayBuffers should not be put in the transfer list, because they are not detached, and that is the meaning of being in the transfer list. This is the V8 side of the change, the Blink side will come next. Review-Url: https://codereview.chromium.org/2570433005 Cr-Commit-Position: refs/heads/master@{#41740}
-
- 12 Nov, 2016 1 commit
-
-
jbroman authored
BUG=chromium:148757 Review-Url: https://codereview.chromium.org/2492943002 Cr-Commit-Position: refs/heads/master@{#40943}
-
- 04 Nov, 2016 1 commit
-
-
jbroman authored
Compatible with the current (unshipped) Blink implementation. BUG=chromium:148757 Review-Url: https://codereview.chromium.org/2471923002 Cr-Commit-Position: refs/heads/master@{#40775}
-