1. 03 May, 2022 17 commits
  2. 02 May, 2022 23 commits
    • Frank Tang's avatar
      Reland "[Temporal] Fix Calendar.prototype.fields CSA" · 4776aee6
      Frank Tang authored
      This is a reland of commit 89600314
      
      Changes since revert: None, reverted wrong suspect CL
      
      Original change's description:
      > [Temporal] Fix Calendar.prototype.fields CSA
      >
      > Use LoadAndUntagToWord32ObjectField instead of LoadObjectField<Uint32T>
      > to load the flag since it is defined as
      >  flags: SmiTagged<JSTemporalCalendarFlags>;
      >
      > Otherwise LoadObjectField<Uint32T> will load the zero part when
      > v8_enable_pointer_compression = false
      >
      > Add unit tests to intl (because the problem only show up on calendar
      > other than non iso8601.
      >
      > Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel
      >
      >
      > Bug: v8:12848
      > Change-Id: I44b685af99dc9820dfa228447e2b42ae0a82464c
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3617388
      > Reviewed-by: Leszek Swirski <leszeks@chromium.org>
      > Commit-Queue: Frank Tang <ftang@chromium.org>
      > Cr-Commit-Position: refs/heads/main@{#80314}
      
      Bug: v8:12848
      Change-Id: I423ea5f0a4a30fc73546df208d24aec84db76eb4
      Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620838
      Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Commit-Queue: Shu-yu Guo <syg@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80319}
      4776aee6
    • Shu-yu Guo's avatar
      Revert "cppgc: young-gen: Enable cppgc_enable_young_generation by default" · 61be01e9
      Shu-yu Guo authored
      This reverts commit 31009706.
      
      Reason for revert: UBSan failure: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/21069/overview
      
      Original change's description:
      > cppgc: young-gen: Enable cppgc_enable_young_generation by default
      >
      > Oilpan Young Generation is now controlled by the runtime flag
      > --cppgc-young-generation.
      >
      > Bug: chromium:1029379
      > Change-Id: I9ded9637f43a2f86993cff898cd7f272a051ae3c
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616728
      > Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
      > Commit-Queue: Anton Bikineev <bikineev@chromium.org>
      > Cr-Commit-Position: refs/heads/main@{#80312}
      
      Bug: chromium:1029379
      Change-Id: I18ac696380df5f77d0978072b8e5af2f2e305994
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620839
      Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Auto-Submit: Shu-yu Guo <syg@chromium.org>
      Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Cr-Commit-Position: refs/heads/main@{#80318}
      61be01e9
    • Shu-yu Guo's avatar
      Revert "[Temporal] Fix Calendar.prototype.fields CSA" · f478546b
      Shu-yu Guo authored
      This reverts commit 89600314.
      
      Reason for revert: UBSAN errors in GC tests
      https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/21069/overview
      
      Original change's description:
      > [Temporal] Fix Calendar.prototype.fields CSA
      >
      > Use LoadAndUntagToWord32ObjectField instead of LoadObjectField<Uint32T>
      > to load the flag since it is defined as
      >  flags: SmiTagged<JSTemporalCalendarFlags>;
      >
      > Otherwise LoadObjectField<Uint32T> will load the zero part when
      > v8_enable_pointer_compression = false
      >
      > Add unit tests to intl (because the problem only show up on calendar
      > other than non iso8601.
      >
      > Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel
      >
      >
      > Bug: v8:12848
      > Change-Id: I44b685af99dc9820dfa228447e2b42ae0a82464c
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3617388
      > Reviewed-by: Leszek Swirski <leszeks@chromium.org>
      > Commit-Queue: Frank Tang <ftang@chromium.org>
      > Cr-Commit-Position: refs/heads/main@{#80314}
      
      Bug: v8:12848
      Change-Id: I3a8af8acbbdfc5d0f5386f2a9d50d62b9f422fb8
      Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620837
      Auto-Submit: Shu-yu Guo <syg@chromium.org>
      Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Cr-Commit-Position: refs/heads/main@{#80317}
      f478546b
    • Michael Lippautz's avatar
      Reland "[heap] Fix bogus object size computation" · 10eac4eb
      Michael Lippautz authored
      This is a reland of commit 445190bf
      
      The fix addresses the issue where object size accounting went out of
      sync because of right-trimmed LO in new space that were migrated with
      a different size than they were accounted for.
      
      The fix now iterates only live objects for size computation which
      avoids accessing reclaimed maps and fixes up the objects accounting.
      
      Original change's description:
      > [heap] Fix bogus object size computation
      >
      > The map of an object may be gone by the time we try to compute its
      > size for accounting purposes.
      >
      > Bug: chromium:1319217
      > Change-Id: I93cca766a8cedebf4ed30a3a65fd6eff5bc72bcf
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3605817
      > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
      > Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
      > Cr-Commit-Position: refs/heads/main@{#80271}
      
      Bug: chromium:1319217
      Change-Id: I8d032edf96a4bf4b0faa4bbd9b0be247051c49fb
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616507Reviewed-by: 's avatarDominik Inführ <dinfuehr@chromium.org>
      Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80316}
      10eac4eb
    • Milad Fa's avatar
      Reland "PPC/S390: Reland "[osr] Use the new OSR cache"" · 9a06f717
      Milad Fa authored
      This is a reland of commit c575e8ae
      
      Original change's description:
      > PPC/S390: Reland "[osr] Use the new OSR cache"
      >
      > Port 91453880
      >
      > Original Commit Message:
      >
      >   This is a reland of commit 91da3883
      >
      >   Original change's description:
      >   > Fixed: Use an X register for JumpIfCodeTIsMarkedForDeoptimization
      >   > on arm64.
      >   > Bug: v8:12161
      >
      > Change-Id: I6e63bd5995340bac32654ef12c52d25b496140e3
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607997
      > Reviewed-by: Junliang Yan <junyan@redhat.com>
      > Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
      > Cr-Commit-Position: refs/heads/main@{#80194}
      
      Change-Id: Id5e41c659a3c29a6d22c0393ad0003a24fa1ef5a
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3621273
      Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
      Reviewed-by: 's avatarJunliang Yan <junyan@redhat.com>
      Cr-Commit-Position: refs/heads/main@{#80315}
      9a06f717
    • Frank Tang's avatar
      [Temporal] Fix Calendar.prototype.fields CSA · 89600314
      Frank Tang authored
      Use LoadAndUntagToWord32ObjectField instead of LoadObjectField<Uint32T>
      to load the flag since it is defined as
       flags: SmiTagged<JSTemporalCalendarFlags>;
      
      Otherwise LoadObjectField<Uint32T> will load the zero part when
      v8_enable_pointer_compression = false
      
      Add unit tests to intl (because the problem only show up on calendar
      other than non iso8601.
      
      Cq-Include-Trybots: luci.v8.try:v8_linux_mipsel_compile_rel,v8_linux_mips64el_compile_rel
      
      
      Bug: v8:12848
      Change-Id: I44b685af99dc9820dfa228447e2b42ae0a82464c
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3617388Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
      Commit-Queue: Frank Tang <ftang@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80314}
      89600314
    • jameslahm's avatar
      [web snapshot] Add support for arrays w/holes · c4281cd9
      jameslahm authored
      This CL adds serialization and deserialization support
      for HOLEY_ELEMENTS and HOLEY_SMI_ELEMENTS kind arrays.
      
      Bug: v8:11525
      Change-Id: Ib6fdcd1916badd02e567571e1c0748dce85cd8a0
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620753Reviewed-by: 's avatarMarja Hölttä <marja@chromium.org>
      Commit-Queue: 王澳 <wangao.james@bytedance.com>
      Cr-Commit-Position: refs/heads/main@{#80313}
      c4281cd9
    • Anton Bikineev's avatar
      cppgc: young-gen: Enable cppgc_enable_young_generation by default · 31009706
      Anton Bikineev authored
      Oilpan Young Generation is now controlled by the runtime flag
      --cppgc-young-generation.
      
      Bug: chromium:1029379
      Change-Id: I9ded9637f43a2f86993cff898cd7f272a051ae3c
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616728Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
      Commit-Queue: Anton Bikineev <bikineev@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80312}
      31009706
    • Leszek Swirski's avatar
      Revert "Reland "[heap] Refactor atomic marking phase"" · 3d3d9c50
      Leszek Swirski authored
      This reverts commit 25e32252.
      
      Reason for revert: Suspect for roll failure: https://ci.chromium.org/ui/p/chromium/builders/try/android_optional_gpu_tests_rel/98554/overview
      
      Original change's description:
      > Reland "[heap] Refactor atomic marking phase"
      >
      > This is a reland of commit a3f66927
      >
      > The reland addresses a few CHECKs that were too agressive and also
      > properly adjusts Oilpan's marking configurations depending on V8's
      > flags.
      >
      > Original change's description:
      > > [heap] Refactor atomic marking phase
      > >
      > > The atomic marking phase was organized in many distinct smaller
      > > phases. In particular, before http://crrev.com/c/3584115 the marking
      > > phase split into two large separate phases.
      > >
      > > This CL reorganizes marking into two phases that perform regular V8
      > > heap marking, Oilpan, and ephemerons:
      > > - A parallel phase that likely drains all marking worklists;
      > > - A single-threaded final phase to catch any left overs;
      > >
      > > This avoids artificial splitting in phases and also avoids repeated
      > > starting and joining of jobs.
      > >
      > > Change-Id: I5cccfc5777837d9ece10d8f4925781bf2d07d9da
      > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602507
      > > Reviewed-by: Omer Katz <omerkatz@chromium.org>
      > > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
      > > Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
      > > Cr-Commit-Position: refs/heads/main@{#80265}
      >
      > Change-Id: I26648da361b92d787c173aa9d390100ce8958728
      > Bug: chromium:1320896
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616519
      > Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
      > Reviewed-by: Omer Katz <omerkatz@chromium.org>
      > Cr-Commit-Position: refs/heads/main@{#80301}
      
      Bug: chromium:1320896
      Change-Id: I01742f25d54de8e4e22fefe87ce61ba295950baa
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620286
      Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Owners-Override: Leszek Swirski <leszeks@chromium.org>
      Auto-Submit: Leszek Swirski <leszeks@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80311}
      3d3d9c50
    • Darshan Sen's avatar
      [diagnostics] Guard GetCategoryGroupName behind V8_USE_PERFETTO ifdef · 232f5c7e
      Darshan Sen authored
      I was trying to build chromium with Perfetto enabled and I ran into this
      compilation error:
      ```
      ../../v8/src/libplatform/tracing/recorder-win.cc(48,42): error: no member named 'GetCategoryGroupName' in 'v8::platform::tracing::TracingController'
                            TracingController::GetCategoryGroupName(
                            ~~~~~~~~~~~~~~~~~~~^
      1 error generated.
      ```
      This happens because the GetCategoryGroupName() function is added to
      the TracingController class only if Perfetto is disabled.
      Signed-off-by: 's avatarDarshan Sen <raisinten@gmail.com>
      Change-Id: If53dab5ea9b8c3e2f69e8e84c8d6ba06ee3c496e
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616427Reviewed-by: 's avatarCamillo Bruni <cbruni@chromium.org>
      Commit-Queue: Camillo Bruni <cbruni@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80310}
      232f5c7e
    • Patrick Thier's avatar
      [string] Fix string table lookup with SlicedStrings · ee247818
      Patrick Thier authored
      https://crrev.com/c/3571817 introduced a bug that string table lookups
      failed on SlicedStrings with a start offset of 0.
      This CL fixes the issue by re-using the already computed hash only
      if the length of the source string matches the length of the string to
      lookup.
      
      Bug: chromium:1320179, chromium:1321573
      Change-Id: Ic8755a0266a9ec67fe5eb9c96fdab1b55d5009f2
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616723
      Auto-Submit: Patrick Thier <pthier@chromium.org>
      Commit-Queue: Camillo Bruni <cbruni@chromium.org>
      Reviewed-by: 's avatarCamillo Bruni <cbruni@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80309}
      ee247818
    • jameslahm's avatar
      [sampler] Fix data race in Sampler::DoSample · 6e586b48
      jameslahm authored
      In Sampler::DoSample, we only guard SignalHandler::Installed before
      and Sampler::Stop may happen at the same time, which may cause SIGPROF
      signal handler was already restored before SIGPROF was emit and trigger
      profiling timer expired. This CL changes Sampler::DoSample to use
      SignalHandler::mutex() to guard the entire function and also change
      the mutex to recursive mutex.
      
      Bug: v8:12838
      Change-Id: I5195742ecdbade342986755233840d7be5d83c62
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616429Reviewed-by: 's avatarCamillo Bruni <cbruni@chromium.org>
      Commit-Queue: 王澳 <wangao.james@bytedance.com>
      Cr-Commit-Position: refs/heads/main@{#80308}
      6e586b48
    • Camillo Bruni's avatar
      [tools] Add variants support for run_perf.py · a42a2f41
      Camillo Bruni authored
      We usually run benchmarks in multiple variants: default, future, noopt
      This is currently only achieved by copying the run-perf json file and
      changing the flags at the top-level (or copy whole subsections).
      
      Using "variants" we can duplicate the tests at the current level with
      different values and easily create benchmarks that differ only in v8
      flags.
      
      Drive-by-fix:
      - Add Node.__iter__ and log the whole config graph in debug mode
      - Add GraphConfig.__str__ method for better debugging
      - Rename TraceConfig to LeafTraceConfig
      - Rename RunnableTraceConfig to RunnableLeafTraceConfig
      - Make --filter accept a regexp to better filter out variants
      
      Bug: v8:12821, v8:11113
      Change-Id: I56a2ba2dd24da15c7757406e9961746219cd8061
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596128Reviewed-by: 's avatarMichael Achenbach <machenbach@chromium.org>
      Reviewed-by: 's avatarTamer Tas <tmrts@chromium.org>
      Commit-Queue: Camillo Bruni <cbruni@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80307}
      a42a2f41
    • Jakob Linke's avatar
      Reland "Reland "[osr] Use the new OSR cache"" · 0e9a55d2
      Jakob Linke authored
      This is a reland of commit 91453880
      
      Fixed: properly reference the ClearedValue in CSA (i.e. without
      the cage_base upper 32 bits).
      
      Original change's description:
      > Reland "[osr] Use the new OSR cache"
      >
      > This is a reland of commit 91da3883
      >
      > Fixed: Use an X register for JumpIfCodeTIsMarkedForDeoptimization
      > on arm64.
      >
      > Original change's description:
      > > [osr] Use the new OSR cache
      > >
      > > This CL switches over our OSR system to be based on the feedback
      > > vector osr caches.
      > >
      > > - OSRing to Sparkplug is fully separated from OSR urgency. If
      > >   SP code exists, we simply jump to it, no need to maintain an
      > >   installation request.
      > > - Each JumpLoop checks its dedicated FeedbackVector cache slot.
      > >   If a valid target code object exists, we enter it *without*
      > >   calling into runtime to fetch the code object.
      > > - Finally, OSR urgency still remains as the heuristic for
      > >   requesting Turbofan OSR compile jobs. Note it no longer has a
      > >   double purpose of being a generic untargeted installation
      > >   request.
      > >
      > > With the new system in place, we can remove now-unnecessary
      > > hacks:
      > >
      > > - Early OSR tierup is replaced by the standard OSR system. Any
      > >   present OSR code is automatically entered.
      > > - The synchronous OSR compilation fallback is removed. With
      > >   precise installation (= per-JumpLoop-bytecode) we no longer
      > >   have the problem of 'getting unlucky' with JumpLoop/cache entry
      > >   mismatches. Execution has moved on while compiling? Simply spawn
      > >   a new concurrent compile job.
      > > - Remove the synchronous (non-OSR) Turbofan compile request now
      > >   that we always enter available OSR code as early as possible.
      > > - Tiering into Sparkplug no longer messes with OSR state.
      > >
      > > Bug: v8:12161
      > > Change-Id: I0a85e53d363504b7dac174dbaf69c03c35e66700
      > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3596167
      > > Commit-Queue: Jakob Linke <jgruber@chromium.org>
      > > Auto-Submit: Jakob Linke <jgruber@chromium.org>
      > > Reviewed-by: Leszek Swirski <leszeks@chromium.org>
      > > Commit-Queue: Leszek Swirski <leszeks@chromium.org>
      > > Cr-Commit-Position: refs/heads/main@{#80147}
      >
      > Bug: v8:12161
      > Change-Id: Ib3597cf1d99cdb5d0f2c5ac18e311914f376231d
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3606232
      > Auto-Submit: Jakob Linke <jgruber@chromium.org>
      > Reviewed-by: Leszek Swirski <leszeks@chromium.org>
      > Commit-Queue: Leszek Swirski <leszeks@chromium.org>
      > Cr-Commit-Position: refs/heads/main@{#80167}
      
      Bug: v8:12161,chromium:1320189
      Change-Id: Ibd9a2ab61f51ebb32a3f5a66f7c602faead71c3e
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620273Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
      Commit-Queue: Jakob Linke <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80306}
      0e9a55d2
    • Milad Farazmand's avatar
      Revert "PPC/S390: Reland "[osr] Use the new OSR cache"" · 3b5ba5a8
      Milad Farazmand authored
      This reverts commit c575e8ae.
      
      Reason for revert: Original CL reverted https://crrev.com/c/3615219.
      
      Original change's description:
      > PPC/S390: Reland "[osr] Use the new OSR cache"
      >
      > Port 91453880
      >
      > Original Commit Message:
      >
      >   This is a reland of commit 91da3883
      >
      >   Original change's description:
      >   > Fixed: Use an X register for JumpIfCodeTIsMarkedForDeoptimization
      >   > on arm64.
      >   > Bug: v8:12161
      >
      > Change-Id: I6e63bd5995340bac32654ef12c52d25b496140e3
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3607997
      > Reviewed-by: Junliang Yan <junyan@redhat.com>
      > Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
      > Cr-Commit-Position: refs/heads/main@{#80194}
      
      Change-Id: I977e59238e1f03c21307c1499cde8b567d1e3e2c
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620538
      Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Reviewed-by: 's avatarMilad Farazmand <mfarazma@redhat.com>
      Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
      Cr-Commit-Position: refs/heads/main@{#80305}
      3b5ba5a8
    • Anton Bikineev's avatar
      cppgc: young-gen: Fix compilation and tests with cppgc_enable_young_gen · 5c92b06e
      Anton Bikineev authored
      The CL prepares the sources and the tests for enabling
      cppgc_enable_young_generation by default. The static initializer
      in YoungGenerationEnabler (due to v8::base::Mutex) changed to be lazy.
      The tests are now checking the runtime flag.
      
      Bug: chromium:1029379
      Change-Id: I1497a3dd2b8d62c1acd48496821f07324b7944d5
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616726Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
      Auto-Submit: Anton Bikineev <bikineev@chromium.org>
      Commit-Queue: Anton Bikineev <bikineev@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80304}
      5c92b06e
    • Dominik Inführ's avatar
      [heap, runtime] Do not invalidate all slots in DeleteObjectPropertyFast · d489e88c
      Dominik Inführ authored
      When deleting a JSObject's last property, only that particular slot
      in the old-to-new rememebered set needs to be deleted. The object's
      slots don't need to be invalidated anymore since V8 doesn't use
      unboxed doubles anymore. While the runtime could install another
      property at this address, it will therefore always be a tagged pointer.
      
      Bug: v8:12578, chromium:1316289
      Change-Id: Ief072f58e53501c1c1f01c902e21467a37ccdc3c
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620274
      Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
      Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
      Reviewed-by: 's avatarCamillo Bruni <cbruni@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80303}
      d489e88c
    • Leszek Swirski's avatar
      Revert "[web snap] Support Symbols" · 9b782823
      Leszek Swirski authored
      This reverts commit 1267e518.
      
      Reason for revert: Turned out to not support them: https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket/8815278972589078465/+/u/Bisect_1267e518/Retry/web-snapshot-4
      
      Original change's description:
      > [web snap] Support Symbols
      >
      > Bug: v8:11525,v8:12820
      > Change-Id: Ie8b1bbe209d8bb6f759623ea01223a05d11090aa
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616514
      > Commit-Queue: Marja Hölttä <marja@chromium.org>
      > Reviewed-by: Camillo Bruni <cbruni@chromium.org>
      > Cr-Commit-Position: refs/heads/main@{#80299}
      
      Bug: v8:11525,v8:12820
      Change-Id: Ia0107dfec12e72dc976348985e5c35dac28c170a
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3620278
      Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Auto-Submit: Leszek Swirski <leszeks@chromium.org>
      Owners-Override: Leszek Swirski <leszeks@chromium.org>
      Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Cr-Commit-Position: refs/heads/main@{#80302}
      9b782823
    • Michael Lippautz's avatar
      Reland "[heap] Refactor atomic marking phase" · 25e32252
      Michael Lippautz authored
      This is a reland of commit a3f66927
      
      The reland addresses a few CHECKs that were too agressive and also
      properly adjusts Oilpan's marking configurations depending on V8's
      flags.
      
      Original change's description:
      > [heap] Refactor atomic marking phase
      >
      > The atomic marking phase was organized in many distinct smaller
      > phases. In particular, before http://crrev.com/c/3584115 the marking
      > phase split into two large separate phases.
      >
      > This CL reorganizes marking into two phases that perform regular V8
      > heap marking, Oilpan, and ephemerons:
      > - A parallel phase that likely drains all marking worklists;
      > - A single-threaded final phase to catch any left overs;
      >
      > This avoids artificial splitting in phases and also avoids repeated
      > starting and joining of jobs.
      >
      > Change-Id: I5cccfc5777837d9ece10d8f4925781bf2d07d9da
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602507
      > Reviewed-by: Omer Katz <omerkatz@chromium.org>
      > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
      > Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
      > Cr-Commit-Position: refs/heads/main@{#80265}
      
      Change-Id: I26648da361b92d787c173aa9d390100ce8958728
      Bug: chromium:1320896
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616519
      Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
      Reviewed-by: 's avatarOmer Katz <omerkatz@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80301}
      25e32252
    • Marja Hölttä's avatar
      [web snap] Bypass errors when encountering sealed / frozen arrays · 2f434c47
      Marja Hölttä authored
      Integrity levels are not handled yet (but there's a TODO now).
      
      Bug: v8:11525, v8:12820
      Change-Id: Id72e49b363615e51ec89a353101cc4cf76ccbab4
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616515Reviewed-by: 's avatarCamillo Bruni <cbruni@chromium.org>
      Commit-Queue: Marja Hölttä <marja@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80300}
      2f434c47
    • Marja Hölttä's avatar
      [web snap] Support Symbols · 1267e518
      Marja Hölttä authored
      Bug: v8:11525,v8:12820
      Change-Id: Ie8b1bbe209d8bb6f759623ea01223a05d11090aa
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616514
      Commit-Queue: Marja Hölttä <marja@chromium.org>
      Reviewed-by: 's avatarCamillo Bruni <cbruni@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80299}
      1267e518
    • jameslahm's avatar
      [runtime] Add TODO to check expected_parts · 1609f3b9
      jameslahm authored
      ... not exceeding the maximum size of the backing store
      before ReplacementStringBuilder in StringReplaceGlobalRegExpWithString.
      
      Bug: v8:12843
      Change-Id: I3ccf07a4e6de35a3a571ebfccc34e54eb27a0819
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616555Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
      Reviewed-by: 's avatarJakob Linke <jgruber@chromium.org>
      Commit-Queue: 王澳 <wangao.james@bytedance.com>
      Cr-Commit-Position: refs/heads/main@{#80298}
      1609f3b9
    • Victor Gomes's avatar
      [maglev] Push/Pop Context bytecodes · ac7d42c4
      Victor Gomes authored
      Bug: v8:7700
      Change-Id: I389574d93725fe68816eddbebeef7fbfd3e136fb
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616724
      Commit-Queue: Leszek Swirski <leszeks@chromium.org>
      Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
      Auto-Submit: Victor Gomes <victorgomes@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80297}
      ac7d42c4