- 01 Oct, 2021 16 commits
-
-
Omer Katz authored
Bug: chromium:1056170 Change-Id: Ib508e996bd714077ca49aa9496b7630c23d02836 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3199879 Commit-Queue: Omer Katz <omerkatz@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Auto-Submit: Omer Katz <omerkatz@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#77196}
-
Seth Brenith authored
This is mostly just whitespace tweaks, plus removing a redundant public access specifier. Bug: v8:7793 Change-Id: Ic8b3efe4f707108d29dc2dfd55c46d9a47c48058 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3199603Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Cr-Commit-Position: refs/heads/main@{#77195}
-
Michael Achenbach authored
This is a reland of da35064b Original change's description: > Update V8 DEPS. > > Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/ecb990f..ebad853 > > Rolling v8/buildtools/third_party/libc++abi/trunk: https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libcxxabi/+log/50e90b8..9959b06 > > Rolling v8/third_party/aemu-linux-x64: e_KiIcYNB7sHa2eqRBhqVoR_Mmg2Q7nqmzRCXzegWQAC..FAd7QuRV-mCjbKgg2SO4BBlRCvGIsI672THjo3tEIZAC > > Rolling v8/third_party/android_platform: https://chromium.googlesource.com/chromium/src/third_party/android_platform/+log/6e5dc9a..7a11b79 > > Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/5afc365..c0b9d25 > > Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/764c927..0e2fb33 > > Rolling v8/third_party/googletest/src: https://chromium.googlesource.com/external/github.com/google/googletest/+log/ab36804..3b49be0 > > Rolling v8/third_party/instrumented_libraries: https://chromium.googlesource.com/chromium/src/third_party/instrumented_libraries/+log/eb740e9..5df06a4 > > Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/278dd91..c06edd1 > > TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com > > Change-Id: Ifafd7fe3250976867f35c4d709b0220a23930c3f > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3199830 > Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> > Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> > Cr-Commit-Position: refs/heads/main@{#77190} Bug: v8:12277 Cq-Include-Trybots: luci.v8.try.triggered:v8_linux64_msan_rel_ng_triggered Change-Id: Ie5bd6b01d0acbe836b8881717b09280e782c8827 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3199876Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Auto-Submit: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#77194}
-
Victor Gomes authored
Bug: chromium:1245634 Change-Id: I48eb590fa8c75fe2eded6b85dab6680efb751fd0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3199873 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#77193}
-
Maya Lekova authored
This reverts commit da35064b. Reason for revert: Still failing on MSAN, see https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/40662/overview Original change's description: > Update V8 DEPS. > > Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/ecb990f..ebad853 > > Rolling v8/buildtools/third_party/libc++abi/trunk: https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libcxxabi/+log/50e90b8..9959b06 > > Rolling v8/third_party/aemu-linux-x64: e_KiIcYNB7sHa2eqRBhqVoR_Mmg2Q7nqmzRCXzegWQAC..FAd7QuRV-mCjbKgg2SO4BBlRCvGIsI672THjo3tEIZAC > > Rolling v8/third_party/android_platform: https://chromium.googlesource.com/chromium/src/third_party/android_platform/+log/6e5dc9a..7a11b79 > > Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/5afc365..c0b9d25 > > Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/764c927..0e2fb33 > > Rolling v8/third_party/googletest/src: https://chromium.googlesource.com/external/github.com/google/googletest/+log/ab36804..3b49be0 > > Rolling v8/third_party/instrumented_libraries: https://chromium.googlesource.com/chromium/src/third_party/instrumented_libraries/+log/eb740e9..5df06a4 > > Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/278dd91..c06edd1 > > TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com > > Change-Id: Ifafd7fe3250976867f35c4d709b0220a23930c3f > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3199830 > Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> > Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> > Cr-Commit-Position: refs/heads/main@{#77190} Change-Id: Icf6b30f4c09d9604e25bfacbf7e844147a105c09 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3199875 Auto-Submit: Maya Lekova <mslekova@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Owners-Override: Maya Lekova <mslekova@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#77192}
-
Al Muthanna Athamina authored
Bug: v8:11826 Change-Id: I7f93b4bfeccc47c1a4e6c2b3a72d2595b4af8bfb Cq-Include-Trybots: luci.v8.try:v8_numfuzz_dbg_ng,v8_numfuzz_ng,v8_numfuzz_tsan_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3197716 Auto-Submit: Almothana Athamneh <almuthanna@chromium.org> Commit-Queue: Almothana Athamneh <almuthanna@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#77191}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/ecb990f..ebad853 Rolling v8/buildtools/third_party/libc++abi/trunk: https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libcxxabi/+log/50e90b8..9959b06 Rolling v8/third_party/aemu-linux-x64: e_KiIcYNB7sHa2eqRBhqVoR_Mmg2Q7nqmzRCXzegWQAC..FAd7QuRV-mCjbKgg2SO4BBlRCvGIsI672THjo3tEIZAC Rolling v8/third_party/android_platform: https://chromium.googlesource.com/chromium/src/third_party/android_platform/+log/6e5dc9a..7a11b79 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/5afc365..c0b9d25 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/764c927..0e2fb33 Rolling v8/third_party/googletest/src: https://chromium.googlesource.com/external/github.com/google/googletest/+log/ab36804..3b49be0 Rolling v8/third_party/instrumented_libraries: https://chromium.googlesource.com/chromium/src/third_party/instrumented_libraries/+log/eb740e9..5df06a4 Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/278dd91..c06edd1 TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com Change-Id: Ifafd7fe3250976867f35c4d709b0220a23930c3f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3199830Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#77190}
-
Camillo Bruni authored
It's not always easy to spot what exact configuration of V8 is run within embedders. With --print-flag-values we can easily compare different configurations. Drive-by-fix: - Use new FlagValue and FlagName helpers for printing - Remove unused FlagList::argv helper Change-Id: Ic8a25479d7b1e72f714b22ae7d2e56e06e810556 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3197713Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#77189}
-
Toon Verwaest authored
By changing AllocationFlag from enum to enum class Bug: v8:12244, v8:12245 Change-Id: Ifdd04bb12026619f6422a98ee0890bd557f0e4e1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3181536 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Auto-Submit: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#77188}
-
Maria Tîmbur authored
When we generate identical signatures in the fuzzer, we generate one function for each of the copies. However, when these functions are added to WasmModulBuilder, all will be assigned the same signature index. Therefore, when ref.func tries to find a function corresponding to a signature index, it will fail, despite a matching signature existing in the module. This CL fixes this issue by looking up functions by signature over signature index. Bug: v8:11954, chromium:1254387 Change-Id: Iac8d5444d4914d993da63d0630ca4d95e671630c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3197711Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Maria Tîmbur <mtimbur@google.com> Cr-Commit-Position: refs/heads/main@{#77187}
-
Benedikt Meurer authored
The logic to locate the correct function to set a breakpoint in based on script position was treating SharedFunctionInfo::EndPosition() as inclusive rather than exclusive. There are various assumptions all over the Debugger that seem to demand this treatment for the toplevel script. But it's definitely wrong for function literals. Fixed: chromium:1253277 Change-Id: I3421703673f4d78aee28e923e03e2fca24bc06ac Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3197715 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Kim-Anh Tran <kimanh@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Kim-Anh Tran <kimanh@chromium.org> Cr-Commit-Position: refs/heads/main@{#77186}
-
Victor Gomes authored
Smi constants in 32 bit machines are guaranteed to be 31 bits. Bug: chromium:1254189 Change-Id: I4ea296a7212c5e6ea14119fbd71cfb5789762b55 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3195874 Commit-Queue: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/main@{#77185}
-
Maya Lekova authored
This CL adds a getStorageIfAligned method to obtaining a typed pointer to the underlying TypedArray data, if the pointer to it is properly aligned. Bug: chromium:1052746 Change-Id: Ie8cb3438135b0da060e2b42ec71bba0e72ae4f5e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3195875Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/main@{#77184}
-
Benedikt Meurer authored
Previously we'd treat %_AsyncFunctionReject (and %AsyncFunctionReject) as side-effect free (in async functions), but that's not correct, since promise rejections have side-effects (at the very least triggering the unhandled promise rejection machinery in the browser). This required a minor refactoring as previously we'd classify functions as side-effecting or not depending on whether they contain any calls to side-effecting intrinsics, no matter whether this call is actually executed or not. That would break REPL mode however if we'd generally treat all async functions with %_AsyncFunctionReject intrinsic calls as side-effecting, so instead of performing the intrinsic checks ahead of time, we now perform the test at execution time. Before: https://imgur.com/5BvJP9d.png After: https://imgur.com/10FanNr.png Fixed: chromium:1249275 Change-Id: Ib06f945ba21f1e06ee9b13a1363fad342464fd9a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3197712 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/main@{#77183}
-
Benedikt Meurer authored
Fixed: chromium:1073804 Change-Id: Idb8b4b5558bb243eb1cbe70b2de1c22d8dd07f9d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3198152 Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Reviewed-by: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/main@{#77182}
-
Manos Koukoutos authored
We implement two optimizations for trap conditionals for patterns that come up in wasm-gc. In case of a Merge followed by a trap, where the path conditions of all branches of the Merge contain the trap condition, we lift the trap into the branches of the Merge. In case of a Branch whose IfTrue branch is followed by a TrapIf with the same condition, we replace it with the trap followed by the IfFalse branch. Symmetrically for IfFalse and TrapUnless. Bug: v8:7748 Change-Id: I43040aebe60eab7b2230fc3130e3b8250e8b2f45 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3190109Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#77181}
-
- 30 Sep, 2021 24 commits
-
-
Milad Fa authored
Port 3e3a027d Original Commit Message: Irregexp reentrancy (crrev.com/c/3162604) introduced a bug for global regexp execution in which each iteration would use a new stack region (i.e. we forgot to pop the regexp stack pointer when starting a new iteration). This CL fixes that by popping the stack pointer on the loop backedge. At a high level: - Initialize the backtrack_stackpointer earlier and avoid clobbering it by setup code. - Pop it on the loop backedge. - Slightly refactor Push/Pop operations to avoid unneeded memory accesses. R=jgruber@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: Iafe6814d3695e83fced6a46209accf5e712d56f6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3198391Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#77180}
-
Milad Fa authored
Port b9a6301e Original Commit Message: Load instance type into a register instead of using memory operands for several checks on ia32 and x64. R=pthier@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com BUG= LOG=N Change-Id: I05ea2bd32ea2a2053b601323813c580d55094e46 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3198130Reviewed-by: Junliang Yan <junyan@redhat.com> Commit-Queue: Milad Fa <mfarazma@redhat.com> Cr-Commit-Position: refs/heads/main@{#77179}
-
Seth Brenith authored
Currently, it is possible to declare macros, builtins, etc., without specifying a return type, in which case the return type is treated as void. This is confusing; the code is more clear if we require the return type to be specified. Aside from src/torque, this change is almost entirely just adding `: void` until the compiler is happy. However, two intrinsics in src/builtins/torque-internal.tq have been corrected to declare an appropriate return type. Those two intrinsics were only used in code generated within the compiler after the type-checking phase, so we never noticed that their return types were declared incorrectly. Bug: v8:7793 Change-Id: Ib7df88678c25393a9e3eba389a6a1c4d9233dcbb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3176502 Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#77178}
-
Nico Hartmann authored
Bug: chromium:1254191, v8:9407 Change-Id: Ieb22063dad1ea8dfde359662d0330e689b6b2e05 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3193547Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#77177}
-
Junliang Yan authored
Change-Id: Iec020471bd8268043961c62207cc03ca8a315d33 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3197290Reviewed-by: Milad Fa <mfarazma@redhat.com> Commit-Queue: Junliang Yan <junyan@redhat.com> Cr-Commit-Position: refs/heads/main@{#77176}
-
Manos Koukoutos authored
Loop exits are only used during loop unrolling and are then removed, as they cannot be handled by later optimization stages. Since unrolling comes before inlining in the compilation pipeline, we should not emit loop exits in inlined functions. Bug: v8:12166 Change-Id: I28b3ebaf67c9e15b127eeb1a63906c4ecfd77480 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3195871Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#77175}
-
Austin Eng authored
Bug: chromium:1052746 Change-Id: I368ef855f711ca09c1a34b2be6e9bf72e6a7310c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3193873Reviewed-by: Maya Lekova <mslekova@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Austin Eng <enga@chromium.org> Auto-Submit: Austin Eng <enga@chromium.org> Cr-Commit-Position: refs/heads/main@{#77174}
-
Maya Lekova authored
This reverts commit f4099832. Reason for revert: The new test is failing on noi18n, see https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20noi18n%20-%20debug/39705/blamelist Original change's description: > [inspector] Mark `Intl` builtins as side-effect free. > > Fixed: chromium:1073804 > Change-Id: Ia8cd29323e2b1c4faa0f115b5f60bc216b7813f1 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3196175 > Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> > Commit-Queue: Simon Zünd <szuend@chromium.org> > Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> > Reviewed-by: Simon Zünd <szuend@chromium.org> > Cr-Commit-Position: refs/heads/main@{#77171} Change-Id: Ibb11ba2e835992e8b2fdd374bb38e245d32a1047 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3197192 Auto-Submit: Maya Lekova <mslekova@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Maya Lekova <mslekova@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Owners-Override: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/main@{#77173}
-
Jakob Kummerow authored
The NewWasmStruct/NewWasmArray factory functions didn't take pointer compression into account; this patch fixes that. Bug: v8:7748 Change-Id: I7a77d867971aad1df6660a3b7279ca3b2819b86a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3195873Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/main@{#77172}
-
Benedikt Meurer authored
Fixed: chromium:1073804 Change-Id: Ia8cd29323e2b1c4faa0f115b5f60bc216b7813f1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3196175 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/main@{#77171}
-
Michael Lippautz authored
Minor MC does not support processing the specialized remembered set for ephemeron tables. Temporarily delegate to the regular write barrier for correctness until the other barrier is supported. Bug: v8:12262 Change-Id: Iad74b27f8738237dcc1e146b2df3aa6ed8c9a505 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3195895Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#77170}
-
Manos Koukoutos authored
Bug: v8:7748 Change-Id: Id6adc39af6818f5a37307f26cfe40de11a0ce3c2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3195872Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#77169}
-
Seth Brenith authored
This is a reland of 94958172 Original change's description: > [torque] Get rid of @noVerifier annotation > > As one small step toward reducing annotations, I propose that all > classes get generated verifiers unless they've opted out of C++ class > generation via @doNotGenerateCppClass, and that generated verifiers > always verify every Torque-defined field. If a generated verifier is > incorrect, such as for JSFunction or DataHandler, we can just avoid > calling it and hand-code the verification. > > Bug: v8:7793 > Change-Id: I7c0edb660574d0c688a59c7e90c41ee7ad464b42 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3171758 > Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> > Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> > Cr-Commit-Position: refs/heads/main@{#77145} Bug: v8:7793 Change-Id: I3da34705bf9fc2b1886161f8f59c7275583f7fc4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3194812 Commit-Queue: Seth Brenith <seth.brenith@microsoft.com> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#77168}
-
Clemens Backes authored
We currently could produce the error message 'not enough arguments on the stack for block, expected 0 more'. This CL fixes this by printing the available number of arguments and the needed number, and adds DCHECKs to catch similar miscomputations in the future. It also adds a new test that produced the broken error before, and includes the expected failure message in a few more tests for robustness. R=manoskouk@chromium.org Change-Id: Ia08863889ae36ae0a05d96d36e92295b7159a01e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3194264Reviewed-by: Manos Koukoutos <manoskouk@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#77167}
-
Marja Hölttä authored
Bug: v8:12244, v8:12245 Change-Id: I46cc6fca7d4dda82c825ac15c97bba41ec61378a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3183347Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#77166}
-
Al Muthanna Athamina authored
Bug: v8:11826 Change-Id: I5b7f64df8bf067d85cf89bc6c5e6a6804e6b2bc1 Cq-Include-Trybots: luci.v8.try:v8_numfuzz_dbg_ng,v8_numfuzz_ng,v8_numfuzz_tsan_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3196130 Auto-Submit: Almothana Athamneh <almuthanna@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#77165}
-
Clemens Backes authored
The test allocates a lot of wasm memories. This got a low slower after https://crrev.com/c/3190476, because we can now allocate more than 102 memories, and do not explicitly trigger a GC any more to get rid of unused memories. We should figure out how to tell the GC about the external memory such that the memories get collected earlier. R=ahaas@chromium.org Bug: v8:12076, v8:12278 Change-Id: I9b8795a9999a806380d86f22e751de2727942648 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3196131Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#77164}
-
Omer Katz authored
Bug: chromium:1056170 Change-Id: I355187177d062bf7117bcbd402821f2b9dd739de Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3194267 Commit-Queue: Omer Katz <omerkatz@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#77163}
-
Omer Katz authored
Bug: chromium:1056170 Change-Id: I0876d1977694c50995a7b97145748bdb365289ad Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3194266 Commit-Queue: Omer Katz <omerkatz@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#77162}
-
Clemens Backes authored
The address space limit puts an arbitrary cap on the total reservation size, thus limiting the total number of Wasm memories to around 100 on 64-bit systems. Since the usable address space on 64 bit is much larger than the 1TB+4GB limit, this makes us reject code that we could otherwise just execute. This CL thus removes that limit completely. See the linked issue for more discussion, including security considerations. R=jkummerow@chromium.org, rsesek@chromium.org Bug: v8:12076 Change-Id: I1f61511d68efdab1f8cef4e09c0a39fc1d6fed60 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3190476Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#77161}
-
Marja Hölttä authored
It's confusing that we have CSA_CHECK and CSA_ASSERT and it's not clear from the names that the former works in release mode and the latter only in debug mode. Renaming CSA_ASSERT to CSA_DCHECK makes it clear what it does. So now we have CSA_CHECK and CSA_DCHECK and they're not confusing. This also renames assert() in Torque to dcheck(). Bug: v8:12244 Change-Id: I6f25d431ebc6eec7ebe326b6b8ad3a0ac5e9a108 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3190104Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Shu-yu Guo <syg@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#77160}
-
Maya Lekova authored
This reverts commit 6e6385a0. Reason for revert: Breaks MSAN, see https://bugs.chromium.org/p/v8/issues/detail?id=12277 Original change's description: > Update V8 DEPS. > > Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/ecb990f..28fa03f > > Rolling v8/buildtools/third_party/libc++abi/trunk: https://chromium.googlesource.com/external/github.com/llvm/llvm-project/libcxxabi/+log/50e90b8..31a3660 > > Rolling v8/third_party/aemu-linux-x64: e_KiIcYNB7sHa2eqRBhqVoR_Mmg2Q7nqmzRCXzegWQAC..pE8RqfOzLp5AXCDDOSrlKJ4MZInfuyxWzRSwdXBe1doC > > Rolling v8/third_party/android_platform: https://chromium.googlesource.com/chromium/src/third_party/android_platform/+log/6e5dc9a..7a11b79 > > Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/5afc365..01df326 > > Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/764c927..9c24aed > > Rolling v8/third_party/instrumented_libraries: https://chromium.googlesource.com/chromium/src/third_party/instrumented_libraries/+log/eb740e9..0aa3fcf > > TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com > > Change-Id: If86099561baf7a927d6c5109790dad7b958208d0 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3194881 > Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> > Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> > Cr-Commit-Position: refs/heads/main@{#77153} Change-Id: I40135e9ed7adfcbfca054969c729aba5d8c9c91e No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3195713 Auto-Submit: Maya Lekova <mslekova@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Maya Lekova <mslekova@chromium.org> Owners-Override: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/main@{#77159}
-
Jakob Gruber authored
Irregexp reentrancy (crrev.com/c/3162604) introduced a bug for global regexp execution in which each iteration would use a new stack region (i.e. we forgot to pop the regexp stack pointer when starting a new iteration). This CL fixes that by popping the stack pointer on the loop backedge. At a high level: - Initialize the backtrack_stackpointer earlier and avoid clobbering it by setup code. - Pop it on the loop backedge. - Slightly refactor Push/Pop operations to avoid unneeded memory accesses. Bug: v8:11382 Change-Id: Ibad6235767e110089a2b346034f923590b286a05 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3194251Reviewed-by: Patrick Thier <pthier@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#77158}
-
Benedikt Meurer authored
The V8 Inspector was sending an additional frame as part of async stack traces for async functions, which pointed to the first executed `await` in the async function. This is leaking an implementation detail of how (and more precisely when) the inspector decides to collect this stack trace. From the users perspective the async part of the stack trace is supposed to capture what happened _prior to the task_ - meaning in case of async functions: What lead to the execution of the async function. This is reflected by the fact that the DevTools front-end (and the V8 Inspector itself) performs post-processing on these async call stacks, removing the misleading top frame from it. But this post-processing is not applied consistently to all async stack traces (i.e. the Console message stack traces don't get this), and potentially also not applied consistently across consumers of the Chromium debugger backend. Instead the V8 Inspector now removes the top frame itself and thus reports `await` consistently with how other async tasks are reported to debugger front-ends. Note: This preserves backwards compatibility with old versions of devtools-frontend, which do post-processing (for the Call Stack) only on async stack traces marked with "async function", while we now mark these async stack traces with "await" instead (aligned with what the front-end is using as user visibile string anyways in the Call Stack section, and this matching will be updated in a separate follow up CL to look for "await" instead of "async function"). Before: https://imgur.com/kIrWcIc.png After: https://imgur.com/HvZGqiP Fixed: chromium:1254259 Bug: chromium:1229662 Change-Id: I57ce051a28892177b6b96221f083ae957f967e52 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3193535 Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Kim-Anh Tran <kimanh@chromium.org> Cr-Commit-Position: refs/heads/main@{#77157}
-