roll_merge_gerrit.py now loops, waiting for the merge to be submitted.
Once it is, it adds a tag with the version number.
Bug: v8:12849
Change-Id: I7c2765877efad2ccbe082b984642f5e989dc3c8a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3705379
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81150}
- removed some 'feature envy' instances:
- created a AugmentedOptions class to take care of non trivial option look-ups
- moved some calculation closer the the actual data
- promoted parameter that was passed around a lot (options) to filed in the offending class
- similar object creation looks a bit more similar
- CommandContext provides a wrapper that ensures resource de-allocation
- separate tests from standard and num_fuzz runners
- added a couple of more tests to improve coverage
This is still in flux. But further changes risk creating a disconnect between the original implementation and further refactorings.
Bug: v8:12785
Change-Id: I0ec2e9c6a81604a5cd1d4a80982dd3329c1b48db
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3686411
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81148}
The chromium.tests pool migrates to Windows 1909 (Windows-10-18363). We switch to the same version due to higher bot availability (for now).
Bug: chromium:1335886,chromium:1124829
Change-Id: I82177ad9a86b438a46747998b1fbd4108911d17b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3704498
Auto-Submit: Alexander Schulze <alexschulze@chromium.org>
Commit-Queue: Alexander Schulze <alexschulze@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81146}
The CHECK was checking that we return the exception sentinel if an
exception is pending. The other way is actually equally important: If we
return the exception sentinel, a pending exception must be scheduled.
Since the CEntry stub assumes that all values returned from runtime
functions are valid tagged values (pointing into the JS heap), do also
check that. This check would have prevented the linked issue.
Bug: chromium:1311960
R=jkummerow@chromium.org
CC=cbruni@chromium.org
Change-Id: I833d2968529e3b73f3009e0104b46182197c2d23
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3675098
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81145}
The names we returned in WasmOpcodes::OpcodeName(...) for Atomics opcodes
did not match the spec. This patch fixes that.
This matters in particular when we want to provide disassembly of
modules.
Bug: v8:6532
Change-Id: Ia8791feee617b75d598ad373bafba7da5687f523
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3704496
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81142}
Asynchronous WebAssembly compilation returns the compilation result
through resolving a result promise. So far the result promise was
resolved through V8-internal APIs. This caused problems, because
resolving promises requires correct handling of microtasks, and
microtasks are controlled by the embedder, and not by V8.
This CL adds an API to allow the embedder to resolve the result
promise itself, and handle microtasks as necessary.
The use of the new API is available in a full CL, without API dance:
https://chromium-review.googlesource.com/c/v8/v8/+/3694975R=cbruni@chromium.org
Bug: v8:12953
Change-Id: Ie9a56041f2d3e0c46664f1938e995f1e2c22f981
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695584
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81141}
rep stos appears to be much slower for small stacks. Use pushq instead,
in a loop, unrolled to push eight at a time.
Bug: v8:7700
Change-Id: Ieddf52ed514cb86f5c1dd7b159cc9a1a1c440103
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702440
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81140}
We already make code pages writable & executable for concurrent
Sparkplug. We can use the same mechanism for sweeping of code pages on
the background thread, instead of scheduling incremental tasks on the
main thread. This allows us to remove almost all special
handling for code pages in the sweeper and allows us to off-load more
work from the main thread.
Bug: v8:12967
Change-Id: Idb8e9f8e2eadbec26a386f2de683a80087f671f3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695557
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81139}
This CL adds serialization and deserialization
support for ArrayBuffer and TypedArray.
TODOs:
- Support resizable ArrayBuffer.
- Support detached ArrayBuffer.
- Support shared ArrayBuffer.
Bug: v8:11525
Change-Id: Ic9267a78e427ee20d55f2f0483b677eeee5c214b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3688896
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81136}
Check the turbofan and maglev filters when deciding whether to tier up,
rather than tiering up even when filters don't pass, then failing to
compile when actually trying the compilation.
Change-Id: I92eac9aaca1e33e97b77afcc531b9af4d3a9288a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702444
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81135}
Currently getting the following errors:
```
error: variable 'string' set but not used
unused variable 'start'
```
Bug: v8:12868
Change-Id: I9ee8a14da7d126270255558a630ffd2af3f87f15
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702966
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81134}
The native module cache makes it difficult to test deserialization,
because the native module just gets loaded from the cache instead of
deserializing the serialized module. This CL adds a new flag,
--wasm-native-module-cache-enabled, to control whether the native module
cache is enabled or not. The cache gets disabled by handling all modules
like asm.js modules when the cache gets disabled, as the cache is not
used for asm.js.
The name of the flag is positive (i.e.
`enabled` instead of `disabled`) to avoid double negation. The flag is
true by default, and set to false in tests.
R=thibaudm@chromium.orgCC=clemensb@chromium.org
Bug: v8:12964
Change-Id: If2b96a95ccf37f2eb8a868ad1661c3325c1048f6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3703836
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81132}
When using the StringForwardingTable for all strings, string shapes can
change during GC. This led to an issue when a ConsString was
transitioned to a ThinString (and potentially shortcutted to
InternalizedString) while flattening.
Bug: chromium:1335826, chromium:1329726
Change-Id: Ide243a5e24fd41374053972fb7bab8217d7a14fd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3705377
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Auto-Submit: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81131}
This reverts commit dac6155649.
Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20no-concurrent-marking/9288/overview
Original change's description:
> [inspector] Allow Debugger.setScriptSource to edit top-most function
>
> This CL adds a new boolean flag on the Debugger.setScriptSource CDP
> method that gets piped all the way through to the live-edit mechanism.
> The new flag enables live-editing of the top-most function while
> paused.
>
> The CL adds a couple of tests that cover the new core use cases for
> this flag.
>
> R=jarin@chromium.org
>
> Bug: chromium:1334484
> Change-Id: I12fec591b2b6550d89748714620e629548e1b9c1
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695354
> Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
> Commit-Queue: Simon Zünd <szuend@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81127}
Bug: chromium:1334484
Change-Id: I165269d6c1b001b516f10ae3716ffb57b675ab39
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3705378
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Owners-Override: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81130}
Empty blocks were skipped when performing register merges (since they
don't have a state), but we were still doing phi value injection only
when visiting the empty block. This meant that empty blocks have
inconsistent register state with the nodes they are trying to use.
Fix this by removing the skipping code, and adding a register merge
state to empty blocks.
Bug: v8:7700
Change-Id: I305b1474c1f956c5c5775c62e3cd1d0c70b5cfdc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3698553
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81129}
This CL adds a new boolean flag on the Debugger.setScriptSource CDP
method that gets piped all the way through to the live-edit mechanism.
The new flag enables live-editing of the top-most function while
paused.
The CL adds a couple of tests that cover the new core use cases for
this flag.
R=jarin@chromium.org
Bug: chromium:1334484
Change-Id: I12fec591b2b6550d89748714620e629548e1b9c1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695354
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81127}
This reverts commit c14b3e4d11.
Reason for revert: https://crbug.com/1335195
Original change's description:
> [regalloc] add hint for operands in gap moves.
>
> To eliminate unnecessary move instructions from register to fixed register. We check the fixed register hint for operands in move gaps
> when building LiveRanges. If a to_operand has a hint_operand (with fixed register), then set the hint_operand for from_operand too. This can avoid the register allocator ignore hint information about fixed register.
>
> Bug: v8:12909
> Change-Id: I17f9afa484ee08de8ac1ab42945caba2c362fc9e
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3669019
> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
> Commit-Queue: Jialu Zhang <jialu.zhang@intel.com>
> Cr-Commit-Position: refs/heads/main@{#80844}
Bug: v8:12909
Change-Id: Iedba9244a75074e448c5e85880cc202866b91e71
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702335
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81126}
This is a reland of commit dec4bb0629
Original change's description:
> [turbofan] Support additional operators in SLVerifier
>
> This CL extends SimplifiedLoweringVerifier by a few additional operators.
>
> It fixes the missing type on a LoadElement node generated during
> js-typed-lowering, that was detected by the verifier.
>
> Bug: v8:12619
> Change-Id: I14e3ece15f6a90e6906c140696dcd2e6b74a2527
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3557510
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#80014}
Bug: v8:12619
Change-Id: If3cb6efe2005c41118f37b39b0209195b3e63a38
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702330
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81125}
A TracedReference handle may be moved into a slot of an already
processed object, requiring a write barrier.
Bug: chromium:1322114
Change-Id: I9c1018422df896c5753b213ebc4a7a7df79c0d80
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3703840
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81124}
In previous refactoring, the CSS files are moved to subdirectory css
Change-Id: I38e05ae1a9e56f36d5bd25131e605a93cfdb61f9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3701958
Commit-Queue: Jie Pan <jie.pan@intel.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81120}
Concurrent sparkplug adds functions to batches and sends those batches
off for compilation, but doesn't note what functions are currently
compiling. This means that we can spawn multiple compilation jobs for a
function, most of which will be throw away.
Add a bit to SharedFunctionInfo to note whether concurrent compilation
has been started for it.
Change-Id: Ifa442481611044713b2893488387e97f071e408a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702336
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81116}
This should help us with various DCHECKs, maybe even with actual
branches.
Bug: v8:7700
Change-Id: I6317635b59ba9ed1ee1146f6da31abf7eb099c75
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3700072
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81115}
The CL aims to improve write-barrier filtering and thereby reduce the
current regressions. With 8MB AgeTable the card size becomes 512 bytes.
The memory overhead of the 8MB AgeTable is 0.2%.
Bug: chromium:1029379
Change-Id: I86f51361b9b9f0a1c22a1deef0b0540d1d9808bc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3700079
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Anton Bikineev <bikineev@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81114}
This should fix unexpected regressions which occur after builtins
modifications.
This CL affects alignment of embedded builtins on all configurations
and Code header size only for non-pointer compression configuration.
Bug: v8:11708
Change-Id: I8058197c5b768a699e7f52446424013e86203b57
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3700392
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81113}
This is a reland of commit 7787ed2007
Updates since original: specified that cctest sources depend on
generated files from the inspector.
Original change's description:
> Build cctest while building V8
>
> I noticed in a recent build that C++ files from cctest didn't start
> compiling until after several slow non-parallel tasks such as running
> mksnapshot and linking v8_for_testing. I don't see any reason that
> cctest sources should wait for those tasks, so in this change I propose
> adjusting the build dependencies for more parallelism.
>
> Change-Id: I2472117c8555ac397fa1232954c8b699d6429d38
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3690170
> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
> Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
> Cr-Commit-Position: refs/heads/main@{#80976}
Change-Id: I9f507c3c07bda1638b81de4b1ac82afda1168999
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3699405
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81112}
This is a reland of commit c2f254548a.
We revert to using x17 for the call target, to be compliant with CFI.
Some comments are extended to point to that requirement.
Original change's description:
> Avoid use of x18 register on arm64
>
> This causes crashes on Windows, as x18 is the "platform register",
> holding a pointer to thread-local storage.
>
> R=jkummerow@chromium.org
> CC=seth.brenith@microsoft.com
>
> Bug: v8:12959
> Change-Id: I20b8bee145d4ab3a40d8d140d98572df8300251c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695569
> Reviewed-by: Seth Brenith <seth.brenith@microsoft.com>
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81090}
Bug: v8:12959
Change-Id: If4ead8f7a7aece756cef7d32bb98d7d33dfe4911
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702331
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Seth Brenith <seth.brenith@microsoft.com>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81111}
This is a reland of commit c8c176190a
This CL includes:
- crrev.com/c/3679846 Add condition use_ic to the removing the optimized OSR code logic
- crrev.com/c/3686589 Add out of bytecode array to break condition of removing OSR code cache logic
- Add JumpLoop nesting level 0 to break condition of removing OSR code cache logic
- Change to use Deoptimizer::DeoptimizeFunction() to deoptimize OSR code
Original change's description:
> [compiler] Remove the optimized OSR code if deoptimizing at inside of loop
>
> If the optimized code is deoptimized and the deoptimized exit offset is
> inside of the optimized OSR code related loop, the optimized OSR code is
> also out of date, remove the optimized OSR code, it will avoid hit the
> optimized OSR code and soon later deoptimization of the optimized OSR
> code.
> This CL will reduce deoptimization. E.g. Deoptimization of JetStream2
> case navier-stokes function addFields is reduced from twice to once.
>
> Change-Id: I5bbf3039e916c3736b5b967d1f36b6ea90cfd40b
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3648219
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Tao Pan <tao.pan@intel.com>
> Cr-Commit-Position: refs/heads/main@{#80826}
Bug: chromium:1330444
Change-Id: I97a466ddfa764438b45f33c6ae33cb921d57278d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3690451
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Tao Pan <tao.pan@intel.com>
Cr-Commit-Position: refs/heads/main@{#81110}
A few more fixes for visiting bytecodes that are known to be dead:
* Change JumpLoop dead frame merging to remove the loop predecessor,
by moving the loop predecessor to be the last in the list and
allowing it to be dropped the same way as other predecessors.
* Remove the bytecode walk in EmitUnconditionalDeopt, opting instead
to check for null current_block in the real bytecode visitor. This
allows us to handle the case where the start of a basic block is
dead, but there's no fallthrough into it, so it wouldn't be visited
by the loop in EmitUnconditionalDeopt.
Bug: v8:7700
Change-Id: I7cf1a54c49a2affc0363c1a0919bb3d427f83f5c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3700070
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81109}
The race occurs when the write to instance_ happens after the static
thread-local initialization. The change simply moves the write into
CagedHeap's ctor.
Bug: chromium:1325007
No-Try: true
Change-Id: I55b6e286f311c9ddb4f3f89d12f7f9437b96cc58
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702334
Auto-Submit: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81108}
We don't need to reset the entire age table, but merely the pages that
are known to contain young objects. This must improve memory use with
generational GC enabled.
The CL is a prerequisite for another CL that'll increase the size of
the age-table.
Bug: chromium:1029379
Change-Id: Ibb5b607af20380c3936b7396b3d9767f6f17c44b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695268
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81106}
Currently, young generation assumes that all the on-heap pointers are
compressed, which is currently not the case due to the backing-store
pointers in Blink. Fixing collections to have Member<> is not easy,
because the inlined collections may have the semantics that
backing_pointer_ == inlined_buffer_;
where the inlined_buffer_ can be off-heap (e.g. on stack).
The CL introduces another type of barrier specifically for uncompressed
pointers. The followup is to use that barrier from Blink.
Bug: chromium:1029379
Change-Id: If0f519220658268dbdf915235c2e5afd7887dc0c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695358
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81105}
Add a new --wasm-max-module-size flag to replace the unused and more
specific --experimental-wasm-allow-huge-modules flag.
The new flag can be used in fuzzers to reduce the maximum allowed module
size, avoiding OOM on some systems (like 32-bit ASan builds).
R=ahaas@chromium.org
Bug: chromium:1334577
Change-Id: I2830d407c5b01be21a47b21392c1210061c40b20
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695267
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81102}
This is just a minor refactoring: We include the kUnknownSectionCode in
the set of valid sections. There are only two uses of that function: The
first one already checks for kUnknownSectionCode in a separate
condition, the second one can be simplified with this refactoring.
R=ahaas@chromium.org
Bug: chromium:1335023
Change-Id: Ie1ae316db41f8111fff0af0d97a6c775f527156c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3698556
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81101}
