The immediate offset passed to `lay` might be bigger than the
allowed 20 bits, in which case we need to add it to the base
register manually.
Issue came up after this CL https://crrev.com/c/2904926 when
a related test case started failing as the offset was changed.
Change-Id: I9997bf0ed4e42e32ac52bbd2771bbcb13a328e64
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2983164
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#75341}
https://github.com/tc39/ecma262/pull/1490 changed the spec so that the
"name" property of a class should be installed after "length" but before
"prototype". This CL adapts accordingly.
After this change, there is now no need for the separate code path to
set the "name" accessor at runtime. Delete the relevant runtime code as
well.
Bug: v8:8771
Change-Id: I8f809b45bf209c899cf5df76d0ebf6d9a45a6d4e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2974772
Commit-Queue: Timothy Gu <timothygu@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75340}
SNPrintF function is moved into base/strings.h [1],
so it needs to fix the scope of this function
for Windows on ARM related source as well.
[1] https://chromium-review.googlesource.com/c/v8/v8/+/2972732
Bug: None
Change-Id: Ia9934f17941558b6338f28900f069766507c87b2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2982016
Reviewed-by: Dan Elphick <delphick@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75339}
This is a reland of ac6546469d.
Two constants defined in {AssemblerBase} were not defined anywhere,
which is fixed now.
Original change's description:
> [wasm] Remove WasmInstructionBuffer
>
> {WasmInstructionBuffer} was basically a wrapper around {AssemblerBuffer}
> which remembered the last {AssemblerBuffer} on {Grow()}. Since the
> {Assembler} itself already keeps track of the latest {AssemblerBuffer},
> this functionality is mostly redundant. All we need instead is a method
> to retrieve the {AssemblerBuffer} from the {Assembler}.
>
> This CL thus removes {WasmInstructionBuffer} and instead adds
> {AssemblerBase::ReleaseBuffer}.
>
> R=jkummerow@chromium.org, mslekova@chromium.org
> CC=dlehmann@google.com
>
> Bug: v8:11714
> Change-Id: Id07945b67992802a6177bf09e5f5c5be08f657b0
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2982013
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Maya Lekova <mslekova@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75336}
Bug: v8:11714
Change-Id: I8797de1a7a78a93aaef936e46bfd1e73ec2cc9d5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2982015
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75338}
This reverts commit ac6546469d.
Reason for revert: Breaks ASAN no-inline - https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Clusterfuzz%20Linux64%20ASAN%20no%20inline%20-%20release%20builder/22909/overview
Original change's description:
> [wasm] Remove WasmInstructionBuffer
>
> {WasmInstructionBuffer} was basically a wrapper around {AssemblerBuffer}
> which remembered the last {AssemblerBuffer} on {Grow()}. Since the
> {Assembler} itself already keeps track of the latest {AssemblerBuffer},
> this functionality is mostly redundant. All we need instead is a method
> to retrieve the {AssemblerBuffer} from the {Assembler}.
>
> This CL thus removes {WasmInstructionBuffer} and instead adds
> {AssemblerBase::ReleaseBuffer}.
>
> R=jkummerow@chromium.org, mslekova@chromium.org
> CC=dlehmann@google.com
>
> Bug: v8:11714
> Change-Id: Id07945b67992802a6177bf09e5f5c5be08f657b0
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2982013
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Maya Lekova <mslekova@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75336}
Bug: v8:11714
Change-Id: Iff32952f712ab2f0f9a16d91906d0135c084f4df
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2982014
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75337}
{WasmInstructionBuffer} was basically a wrapper around {AssemblerBuffer}
which remembered the last {AssemblerBuffer} on {Grow()}. Since the
{Assembler} itself already keeps track of the latest {AssemblerBuffer},
this functionality is mostly redundant. All we need instead is a method
to retrieve the {AssemblerBuffer} from the {Assembler}.
This CL thus removes {WasmInstructionBuffer} and instead adds
{AssemblerBase::ReleaseBuffer}.
R=jkummerow@chromium.org, mslekova@chromium.orgCC=dlehmann@google.com
Bug: v8:11714
Change-Id: Id07945b67992802a6177bf09e5f5c5be08f657b0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2982013
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75336}
Instrument floating-point operations to set a flag if the result is NaN.
Does not handle f32x4 and f64x2 results yet.
R=clemensb@chromium.org
Bug: v8:11856
Change-Id: I1c3603e2c0c92e71bea8418e85852c01904379af
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979600
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75335}
If we were unlucky and start wrapper compilation exactly after the
isolate started shutting down, we would not have an isolate info any
more in the isolate and would access a nullptr.
This CL fixes that by just returning an invalid operations barrier token
in that case.
R=ahaas@chromium.org
Bug: v8:11878
Change-Id: I6dcb28a21debb12ba812f705cd5c6387c76eda09
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2982339
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75334}
This CL adds support in TurboFan for passing JSArrays as arguments to
fast API callbacks. It also extends the v8::Array class with a
CopyAndConvertArrayToCppBuffer method to allow the embedder to perform
quick conversions of their JSArrays to a C++ buffer. The CL also adds
tests in d8. Design doc:
https://docs.google.com/document/d/1BNKKZNgrGYafx8kqSfNEQqQYY5n4A6mGufss_Vz-h-4/edit#heading=h.c0kgf82jnlpp
Bug: chromium:1052746, chromium:715122
Change-Id: If47ac60d9ebe6462bbf3adff002e2da8e14e8fc8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2940900
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75333}
Detect if Simd is enabled and if so push/pop the entire
128 bit value, if not then only push/pop the double values.
Change-Id: I45d54dcf799a685066559cc3521ef44cd884b788
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979352
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#75332}
When checks are enabled, ensure that the global handle zap value never
leaks into user code as it indicates that the garbage collector failed
to keep alive an object.
Bug: chromium:1056170
Change-Id: I4836fe49cd6e443d689068af10276ed99b46eb10
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2972729
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75330}
Mark:
* ArrayBoilerplateDescription
* ObjectBoilerplateDescription
as NeverEverSerialized, disable their Data classes and remove the
related code.
Bug: v8:7790
Change-Id: I9ac1f27d9d7a0d36a04214422261e157cbbcd4b7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979604
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75327}
... which didn't properly handle non-Smi integer indices with
JSTypedArray receivers.
The addition of new JSReceiver::OrdinaryDefineOwnProperty() overload
with LookupIterator::Key caused circular dependency between lookup.h
and js-objects.h, so the LookupIterator::Key was moved out of the
LookupIterator class in order to make it forward-declarable.
Bug: chromium:1209405
Change-Id: I265f0c00f65ab6476c8f1d0ca1264f555d43465f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2972727
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75326}
LargeObjectSpace doesn't make use of filler objects, so if we
create them when right-trimming objects, then that's a waste
of time at best, and causes a segfault in a SLOW_DCHECK at worst,
namely when CreateFillerObjectAt calls GetHeapFromWritableObject
on what's effectively an inner pointer (on some random LO page).
Change-Id: I91bbcaa219db78a0f98660590d5156c4b4a5414e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2972914
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75325}
In preperation for enabling limited inlining in Turboprop, add support
for lowering of Wasm JS calls that could be inlined as a result.
BUG=v8:9684
Change-Id: I744e190d6f14eeed7a9758cbd7f784f759785f4a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979601
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75324}
The change is made since for switch statements with lots of cases,
where each case is a constant integer, the emitted bytecode is still
a series of jumps, when we can instead use a jump table.
If there are 6 or more cases (similar to GCC) of Smi literals, and
if the max Smi case minus the min Smi case is not more than 3 times
the number of cases, we use a jump table up front to handle Smi's,
and then use traditional if-else logic for the rest of the cases.
We then use the jump table in interpreter/bytecode-jump-table to
do the optimization.
This tries to go off issue 9738 in v8's issue tracker. It is not
exactly the same, since that recommends doing the work at JIT-time,
but has similar ideas. It also partially goes off issue 10764.
Bug: v8:9738
Change-Id: Ic805682ee3abf9ce464bb733b427fa0c83a6e10c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2904926
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75323}
Code such as
var a;
(a) = function() {};
should not lead to a.name being set to "a".
This fixes the last of the anonymous function naming bugs.
Bug: v8:4709
Change-Id: I70c2fcbcec1a57752fd58038262d02aefe26e28a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2970705
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75321}
This increases the base factor for timeouts on tsan as testing got
slower after https://crrev.com/c/2953321
Due to overall slower runtime we also increase the shards.
Bug: v8:11906
Change-Id: Ic5de5859755266a1e327433ce8efe6c171490a8d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979671
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75320}
This is a reland of 3296de2f65
It includes pthier@'s fix of overzealous OSR
Original change's description:
> [sparkplug] Trigger compilation when a FBV exists
>
> We were gating baseline compilation on FBV allocation, but in some
> cases, the feedback vector may be allocated eagerly (notably, if we are
> logging function events). Instead, unconditionally try baseline
> compilation after ensuring the feedback vector exists.
>
> Bug: v8:11420
> Change-Id: I1264a1d541a74d4eccb5caf65c360ac23836a1a8
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2953161
> Auto-Submit: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Patrick Thier <pthier@chromium.org>
> Reviewed-by: Patrick Thier <pthier@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75242}
Bug: v8:11420
Change-Id: Ia6864856926d6760bbe6c89ee010fa62cf23b6ca
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2976660
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Reviewed-by: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75319}
These are the changes Cobalt currently has in V8's cpu related code.
- Add missing Starboard CPU code
- Replace some V8_OS_WIN with V8_TARGET_OS_WIN, they are found when
cross-compiling for Linux platforms on Windows
Bug: v8:10927
Change-Id: Id63ae8614cbe6fe0eb53df89060c8ca2c9969ef4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2963803
Commit-Queue: John Xu <johnx@google.com>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75318}
This is part of Cobalt's upstream effort to be more in sync with V8.
Cobalt does not trigger the atomics functions in runtime-atomics.cc so
we use dummy implementations for now.
Bug: v8:10927
Change-Id: I2da75b7f9b22b41a1ff00af1ab4b43641e9a33bf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2963801
Commit-Queue: John Xu <johnx@google.com>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75317}
Rolling v8/build: 69cba92..e589a83
Rolling v8/buildtools: 7bff39b..9c143ac
Rolling v8/buildtools/linux64: git_revision:170c2dba1e0c0299fe8c6a441caf2f2352a42ae0..git_revision:e9b8433248ae2c117644b4e40b33203e7d3da192
Rolling v8/buildtools/third_party/libc++/trunk: 79a2e92..8fa8794
Rolling v8/third_party/aemu-linux-x64: KN9a-2MYhLQ9kDLdCOca4xZcBjrhMIzoD4ReyO0u95IC..LieFB6bFq-7RUGMVRhbOR3IXo6WdPE7fCzCMv4PnaScC
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/2ba6b1f..a2a4ced
Rolling v8/third_party/depot_tools: b714c17..09f358b
Rolling v8/third_party/googletest/src: 7153098..355d57d
Rolling v8/tools/clang: 2d4e9fd..8dd9ddaTBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com
Change-Id: I04c672d47a7f34507045c81964f869d5fe145d52
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2981458
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75316}
To enable experimentation with inlining, temporarily disable dynamic
map checks which currently don't support inlining.
BUG=v8:9684
Change-Id: Iba674550213b393ab150ba241a2dad4ca8fdfd85
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2978257
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75311}
The Burnikel-Ziegler division algorithm is used for divisors
with 57 or more internal digits. It has better asymptotic
complexity than "schoolbook" division because it can make use
of fast multiplication under the hood.
Bug: v8:11515
Change-Id: Ib5d573a0afa560d42972c4ae06aff810a8b9cadb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2960221
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75310}
Moves VSNPrintf, SNPrintf and StrNCpy out of utils/utils.h into
base/strings.h.
Bug: v8:11879
Change-Id: I0e165cb27c42f89c9acd1c6378514b40a90cd18d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2972732
Auto-Submit: Dan Elphick <delphick@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75308}
We don't need to serialize the descriptor array when concurrent
inlining so we can skip the methods related to serializing.
While doing so we bumped into two broken tests in serializer-tester.
Since we are planning on removing the serializer soon, it makes more
sense to remove them than trying to fix them.
Bug: v8:7790
Change-Id: Ib1feea16f09edebbd9927afc4178ed10f85fd42f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2975300
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75307}
In the first CL to introduce a histogram for deserialization time a
high-resolution counter was required to get microsecond precision.
However, with the histogram we want to detect if we need to optimize
deserialization or not. For this information high precision does not
matter, it is more important that we get information from all devices.
R=clemensb@chromium.org
Bug: v8:11862
Change-Id: Id72e25ab7e5ac8217393ab6fd11416187822a158
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2978256
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75306}
This partially reverts https://crrev.com/c/2649032
The previous CL was a bit too aggressive in replaceing movl with Move
which does sign extension for int32.
We can only safely replace movl if the input is in the [0, 2**31] range.
Bug: chromium:1220855
Change-Id: I6c29db1acd7de6b03ffaf802a868b6a531252bc0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2975860
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75304}
Add a similar check used in vlbr to make sure offset is
a 12 bit unsigned integer.
Change-Id: I12ef8734a7223fa375a31e55ecc81d1175de17c0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2977272
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#75303}
- Asynchronously load source map from sourceMappingURL
- Once loaded, annotate source positions with their original position
- Update script panel tooltip to include link to original source
- For the above, make DOM.element a slightly more flexible API,
allowing defining attributes and children
- Also fix ToolTipEvent handling to support nodes.
- Shuffle around some code to make createScriptNode async, in case
we want to load the source map when building the script node itself.
- Drive-by: make source markers a simple backgroundColor when there is
only one group.
Change-Id: I0926807761cbfe8b6dd8ff5154815a7e5ccb39bf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2972827
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75302}
Now that SimpleStringBuilder is only used in conversions.cc, it can be
moved there making it easier to assess its safety and limit further
use of this potentially unsafe API. (Additionally unused methods Reset
and size are removed).
Bug: v8:11917
Change-Id: I0515fe4f34bb8f7e7ea464b75394fa3d03939af1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2978253
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75300}
It was not in sync with the optimization, which relies on
inspecting up the length and name fields even for bound
functions.
To make a now meaningful serializer test actually pass, I have
to to make some changes to the test setup.
I'm also moving the function name and length index constants
from JSFunction to JSFunctionOrBoundFunction for clarity.
TBR=marja@chromium.org
Bug: v8:7790
Change-Id: I36dd3c80996ccb53810c7ea9bfceb5c84ffd60ab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2972919
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75299}
StringBuilder and its base class SimpleStringBuilder aren't very safe
and are a potential source of memory leaks or double-frees.
This removes the StringBuilder class and converts all of its usages to
use the standard library.
(As a drive-by, this converts std::ostream* to std::ostream& which is
more idiomatic C++).
Bug: v8:11917
Change-Id: I0eaf9d60cf49836e65bb28f0e114b33ef8103a61
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2978252
Auto-Submit: Dan Elphick <delphick@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75298}
If a test specifies --stress-concurrent-inlining it shouldn't be
run in predictable mode, since it is depending on some concurrent
behavior (a race condition) between threads.
Bug: v8:11907
Change-Id: I027eed056689a8ee62675fce7dfa0701d202e970
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2975298
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75297}
After a series of CLs per component, this removes all remaining NOLINT
annotations that my script identified as not needed (because removing
them does not cause a presubmit error).
R=mlippautz@chromium.org, jkummerow@chromium.org, leszeks@chromium.orgR=cbruni@chromium.org
Bug: v8:11879
Change-Id: Ia403c23588a0c2871b987931f6c26f85821e9e9c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2972733
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75296}
We can get rid of this by deferring adding a new global to the module's
globals, and using the current size of globals to determine allowed
global indices.
Bug: v8:11895
Change-Id: Ide80eab2de4abdbab96a7298acf3665599c394ff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2972908
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75295}
Various field dependencies assume that the receiver map and the field
owner map agree on field meta data. That's not necessarily true when
the receiver map is already deprecated. We should skip over deprecated
maps.
- Fix a bug in SerializerForBackgroundCompilation. It used to process
even deprecated maps.
- Fix a bug in FilterRelevantReceiverMaps. It used to store the original
map rather than the new version.
- Turn some compilation dependency DCHECKs into CHECKs.
- CHECK in MapRef::FindFieldOwner that the map is not deprecated. While
there might be valid use cases for calling the underlying
Map::FindFieldOwner on a deprecated map, we never want to do that in
the compiler.
Note that we skip any deprecated maps in JSNativeContextSpecialization's
ReduceNamedAccess. That's why I believe the issue could only be observed
with --concurrent-inlining and only in the form of a failing DCHECK.
Bug: chromium:1221812, v8:7790
Change-Id: I998b4ce1954be01eb6e0feb491ccc6b8306c685f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2976655
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75294}
- Add an expected type argument in DecodeWasmInitExprForTesting. This
eliminates the need to check for kWasmVoid in consume_init_expr.
- Invoke StartDecoding() to initialize module in
DecodeWasmInitExprForTesting.
- Pass the current module to DecodeInitExprForTesting.
- Adjust tests.
Bug: v8:11895
Change-Id: I13b71b68a2011bf08742701cb9dd986afd6e55f8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2972907
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75292}
