Commit Graph

13367 Commits

Author SHA1 Message Date
Georg Neis
ec6134a4c7 Reland "[compiler] Remove one ObjectRef constructor"
This reland is a manual revert of the previous revert
(commit 815bab9faa). Manual
due to merge conflicts. No other changes.

Original change's description:
> [compiler] Remove one ObjectRef constructor
>
> Remove the handle-taking ObjectRef constructor in favor of
> (Try)MakeRef as bottleneck.
>
> Bug: v8:7790
> Change-Id: I3cc3a1dcef4bac53a91c573d1a532332b88c6eb4
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2883664
> Commit-Queue: Georg Neis <neis@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74593}

Bug: v8:7790
Tbr: jgruber@chromium.org
Change-Id: Iafc68f68df06ca9f404427d272b663c218d6550a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2917039
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74757}
2021-05-25 16:38:45 +00:00
Ulan Degenbaev
9d9bbddf8c Reland "[test] Re-enable test-heap/OutOfMemory* test"
This is a reland of 83c11a308f

Original change's description:
> [test] Re-enable test-heap/OutOfMemory* test
>
> The underlying issue was fixed in
> https://chromium-review.googlesource.com/c/v8/v8/+/2505724
>
> Bug: v8:7605,v8:8296
> Change-Id: I4a35fd4b73f86934a9d1339655433e2d4c26bd53
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2912890
> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74729}

Bug: v8:7605
Bug: v8:8296
Change-Id: I734ad0424d8432d01bf1d1701a232f4535b32569
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2916817
Auto-Submit: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74749}
2021-05-25 14:36:33 +00:00
Igor Sheludko
f051293f5e [wasm-gc] Make WasmObject a subclass of JSReceiver
This is a first step towards supporting unwrapped WasmObject objects on
JavaScript side.

In addition this CL
1) introduces Representation::WasmValue which is used for all WasmObject
   fields exposed to JavaScript side.
2) adds creation of meaningful DescriptorArrays for WasmObject's Maps.

Bug: v8:11804
Change-Id: I4afcd39da5cb77b659943da54a2ca34d13bcc9bd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2912776
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74744}
2021-05-25 12:11:42 +00:00
Clemens Backes
95af09e634 Revert "[test] Re-enable test-heap/OutOfMemory* test"
This reverts commit 83c11a308f.

Reason for revert: Test is consistently timing out on TSan: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN/36827/overview

Original change's description:
> [test] Re-enable test-heap/OutOfMemory* test
>
> The underlying issue was fixed in
> https://chromium-review.googlesource.com/c/v8/v8/+/2505724
>
> Bug: v8:7605,v8:8296
> Change-Id: I4a35fd4b73f86934a9d1339655433e2d4c26bd53
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2912890
> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74729}

Bug: v8:7605
Bug: v8:8296
Change-Id: Ie1dab9bef269ac980dcd2663c76f80713a68d9d6
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2910631
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#74738}
2021-05-25 10:48:14 +00:00
Dominik Inführ
f6ac5064ba Reland "[heap] Disable the young generation in shared heaps"
This is a reland of 1186fc5008

This reland fixes NewSpaceAllocationTopAddress() and
NewSpaceAllocationLimitAddress() by returning nullptr if no new space
is available. This is okay since those are never used later on.

We can't make this a build-time flag because we may only want to disable
the new space for the shared heap.

Original change's description:
> [heap] Disable the young generation in shared heaps
>
> A shared heap will not have a young generation in the beginning.
>
> Bug: v8:11708
> Change-Id: I947ddb91a23a72a8cee3aa3e554723dda8146011
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2891569
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74697}

Bug: v8:11708
Change-Id: I254b919f7076ce624d15c924e63cbde5eb4df749
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2912731
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74735}
2021-05-25 09:19:32 +00:00
Ulan Degenbaev
3e0f116b67 [test] Re-enable test-mark-compact/MarkCompactCollector on arm
Bug: v8:3742
Change-Id: Ib63b7bacac07456dc1d7bf496b67980a34be306c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2912883
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74731}
2021-05-25 08:04:02 +00:00
Ulan Degenbaev
83c11a308f [test] Re-enable test-heap/OutOfMemory* test
The underlying issue was fixed in
https://chromium-review.googlesource.com/c/v8/v8/+/2505724

Bug: v8:7605,v8:8296
Change-Id: I4a35fd4b73f86934a9d1339655433e2d4c26bd53
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2912890
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74729}
2021-05-25 07:50:52 +00:00
Ulan Degenbaev
4d7e6f4ce7 [test] Make cctest/test-spaces/OldLargeObjectSpace more robust
The test has a loop that allocates large objects until it gets an
allocation failure. The test then asserts that the subsequent allocation
should also fail. That however does not necessarily hold because the
previously allocated objects may be collected to free up the space.

This change creates a handle for each allocated object. It also
restricts the size of the heap to 20MB to reduce memory consumption.

Bug: v8:11172
Change-Id: Ic3dc1a0f5f235b0313bab2071546b59a77bd55e5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2912884
Auto-Submit: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74728}
2021-05-25 07:48:02 +00:00
Paolo Severini
baa8c6e5de Fix lite-mode buils broken by Generalize CallWithArrayLike optimization
Lite-mode builds were broken by
https://chromium-review.googlesource.com/c/v8/v8/+/2805623
[compiler] Generalize CallWithArrayLike optimization
This patch fixes the build.

Bug: v8:9974
Change-Id: I07530307e321a260a5d8ff59ab2c440764ebfc41
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2915678
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Paolo Severini <paolosev@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#74726}
2021-05-25 07:07:12 +00:00
Paolo Severini
fed41a9235 [compiler] Generalize CallWithArrayLike optimization
CallWithArrayLike was optimized in TF only for 'arguments' in inlined
functions. Here we add logic to optimize also in non inlined functions,
enabling the rewriting of Function.prototype.apply(f, [1, 2, 3])
as f(1, 2, 3).

Bug: v8:9974
Change-Id: Icc9ccfc2276f75d06755176b55e7a02ddfdb04ed
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2805623
Commit-Queue: Paolo Severini <paolosev@microsoft.com>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74723}
2021-05-24 19:44:36 +00:00
Michael Achenbach
ee56a9863e [test] Run heavy tests sequentially
This adds a new status file indicator "HEAVY" to mark tests with high
resource demands. There will be other tests running in parallel,
but only a limited number of other heavy tests. The limit is
controlled with a new parameter --max-heavy-tests and defaults to 1.

The change also marks a variety of tests as heavy that recently had
flaky timeouts. Heavy also implies slow, hence heavy tests are
executed at the beginning with a higher timeout like other slow tests.

The implementation is encapsulated in the test-processor chain. A
new processor buffers heavy tests in a queue and adds buffered tests
only if other heavy tests have ended their computation.

Bug: v8:5861
Change-Id: I89648ad0030271a3a5af588ecc9c43285b728d6d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2905767
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74712}
2021-05-21 12:59:49 +00:00
Ross McIlroy
55cbb2ce3b Remove one-shot function optimizations.
They have been disabled for some time and are superseeded by lazy
feedback vector allocation.

Change-Id: Iafc3989b0c1f866ce7d6295d9b13ccaa5ef1c115
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2905609
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74711}
2021-05-21 12:38:18 +00:00
Manos Koukoutos
e916c7d7c4 [wasm-gc] Implement br_on_non_{func, data, i31}
Additional changes:
- Clean up liftoff implementation of br_on_*.
- Bundle operations everywhere based on operation rather than type.
- Remove reference argument from WASM_BR_ON_* macros, to bring them in
  sync with WASM_BR_ON_CAST.
- Add missing function decoding unittests for br_on_*.

Bug: v8:7748
Change-Id: I5f5ebfac5b50b5a9a201acb435344d7471326242
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2909857
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74709}
2021-05-21 12:11:58 +00:00
Santiago Aboy Solanes
4636b43bdb [cleanup] Remove synchronized_ from slot_count and used accessors
Continuing the cleanups and using the tags rather than synchronized_
in the name of the accessors.

Bug: v8:7790
Change-Id: I3fe942b1decae3b248f8662547d793777acd0e8d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2897096
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74700}
2021-05-20 15:19:48 +00:00
Sathya Gunasekaran
bd32997620 Revert "[heap] Disable the young generation in shared heaps"
This reverts commit 1186fc5008.

Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/16531/overview

Original change's description:
> [heap] Disable the young generation in shared heaps
>
> A shared heap will not have a young generation in the beginning.
>
> Bug: v8:11708
> Change-Id: I947ddb91a23a72a8cee3aa3e554723dda8146011
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2891569
> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74697}

Bug: v8:11708
Change-Id: I8de67f70b00b5bd3066659e07fb1fd3ecfb76211
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2909693
Auto-Submit: Sathya Gunasekaran  <gsathya@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#74699}
2021-05-20 14:09:09 +00:00
Dominik Inführ
1186fc5008 [heap] Disable the young generation in shared heaps
A shared heap will not have a young generation in the beginning.

Bug: v8:11708
Change-Id: I947ddb91a23a72a8cee3aa3e554723dda8146011
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2891569
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74697}
2021-05-20 13:28:08 +00:00
Ulan Degenbaev
350be8d461 [test] Re-enable ReleaseStackTraceData with --always-opt
Change-Id: Idbe26a82ba0e208985ab2b1e5b85c6f98c3ec925
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2844663
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74692}
2021-05-20 10:34:39 +00:00
Manos Koukoutos
e90c366be4 Reland "[wasm-gc] Implement br_on_cast_fail"
This is a reland of 8f39a58586

Changes compared to original:
Change the type of arguments of WASM_I32V from byte to int for MSVC
compatibility.

Original change's description:
> [wasm-gc] Implement br_on_cast_fail
>
> Bug: v8:7748
> Change-Id: I7894ad51ccf8ac41a5081c272a583a4ff25c1835
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2900225
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74652}

Bug: v8:7748
Change-Id: I39f39ff6979382f5618683a8e7754f56df4ec9e3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2905599
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74689}
2021-05-20 09:35:09 +00:00
Luis Fernando Pardo Sixtos
3ef42c03d0 Refactor of ScopeInfo::ContextSlotIndex
Refactoring ScopeInfo::ContextSlotIndex so it accepts a pointer to
LookupResult instead of references to the individual arguments.

Change-Id: I52bc7800f14e790bd4788c213ab0eff2354ab20e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2900837
Commit-Queue: Luis Fernando Pardo Sixtos <lpardosixtos@microsoft.com>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74683}
2021-05-19 18:12:40 +00:00
Clemens Backes
98ecaf6091 [cctest] Test SharedMutex plus sampling
The combination of pthread_rwlock_t and signals causes spurious
deadlocks on Mac (see linked issue).
This adds a cctest which tests this combination. This test is skipped on
Mac, where it would deadlock. This test can be used to document and
further investigate the issue, and test potential fixes.

R=jkummerow@chromium.org

Bug: v8:11399
Change-Id: I5d1fcdd84db253ec2d0637575239f212aae2ecb7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2856553
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74662}
2021-05-19 12:11:28 +00:00
Sathya Gunasekaran
fc91261600 Revert "[wasm-gc] Implement br_on_cast_fail"
This reverts commit 8f39a58586.

Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Win64%20-%20msvc/17874/blamelist

Original change's description:
> [wasm-gc] Implement br_on_cast_fail
>
> Bug: v8:7748
> Change-Id: I7894ad51ccf8ac41a5081c272a583a4ff25c1835
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2900225
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74652}

Bug: v8:7748
Change-Id: I90ca2d789e943cd00c2344e2d333c9175fcedee5
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2903482
Auto-Submit: Sathya Gunasekaran  <gsathya@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#74658}
2021-05-19 10:50:09 +00:00
Marja Hölttä
587a04f02a [rab/gsab] Simplify BackingStore::ResizeInPlace
The logic is different for shared and non-shared memory, so it's
cleaner to have different functions for them.

Bug: v8:11111
Change-Id: I95d43b54c207b8059ea59d6d0f873623de946be3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2903152
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74656}
2021-05-19 09:49:48 +00:00
Manos Koukoutos
8f39a58586 [wasm-gc] Implement br_on_cast_fail
Bug: v8:7748
Change-Id: I7894ad51ccf8ac41a5081c272a583a4ff25c1835
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2900225
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74652}
2021-05-19 07:10:48 +00:00
Jakob Gruber
24ff68e8bc Reland "[compiler] Consider IsPendingAllocation in Ref construction"
This is the second reland of 4683d6fe52

Initial CL:   crrev.com/c/2874663
First reland: crrev.com/c/2886861

The first reland fixes Ref construction failures in:
- MapRef::instance_descriptors
- NativeContext reads (see also crrev.com/c/2891575)

The second reland (this CL):
- Adds required infrastructure (e.g. kAssumeMemoryFence) but
  without enabling the IsPendingAllocation check. Enabling the check
  will be done separately to avoid further revert chains.

Original change's description:
> [compiler] Consider IsPendingAllocation in Ref construction
>
> The logic in JSHeapBroker::TryGetOrCreateData assumes that parts
> of the object are safe to read. In particular, the instance type
> must be readable for the chain of `Is##Name()` type checks.
>
> This is guaranteed if
>
>  - a global memory fence happened after object initialization and
>    prior to the read by the compiler; or
>  - the object was published through a release store and read through
>    an acquire read.
>
> The former is protected by the new call to ObjectMayBeUninitialized
> (which internally calls IsPendingAllocation) in TryGetOrCreateData.
>
> The latter must be marked explicitly by calling the new
> MakeRefAssumeMemoryFence variant.
>
> Note that support in this CL is expected to be incomplete and will
> have to be extended in the future as more cases show up in which
> MakeRef calls must be converted to MakeRefAssumeMemoryFence or to
> TryMakeRef.
>
> Bug: v8:7790,v8:11711
> Change-Id: Ic2f7d9fc46e4bfc3f6bbe42816f73fc5ec174337
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874663
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74474}

Bug: v8:7790,v8:11711,chromium:1207680,chromium:1207679
Change-Id: I123b2962df724a13dd2c7334ae949234bc3bf27a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2902738
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74638}
2021-05-18 14:03:57 +00:00
Lu Yahan
e5a53a4c61 [riscv64] Fix error in LeaveExitFrame
Bug: v8:11767
Change-Id: Ie697921bf9d4247d1032015bddcbcc892223efdf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2902341
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Yahan Lu <yahan@iscas.ac.cn>
Cr-Commit-Position: refs/heads/master@{#74626}
2021-05-18 08:00:24 +00:00
Sathya Gunasekaran
815bab9faa Revert "[compiler] Remove one ObjectRef constructor"
This reverts commit 59bb432572.

Reason for revert: 4683d6fe52 broke TSAN, reverting all its dependencies first (including this)
https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN/36744/overview


Original change's description:
> [compiler] Remove one ObjectRef constructor
>
> Remove the handle-taking ObjectRef constructor in favor of
> (Try)MakeRef as bottleneck.
>
> Bug: v8:7790
> Change-Id: I3cc3a1dcef4bac53a91c573d1a532332b88c6eb4
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2883664
> Commit-Queue: Georg Neis <neis@chromium.org>
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74593}

Bug: v8:7790
Change-Id: Ifdecf93a3a8c09a3da7118a269fc66c2ae0f1a09
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2901988
Reviewed-by: Sathya Gunasekaran  <gsathya@chromium.org>
Commit-Queue: Sathya Gunasekaran  <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74618}
2021-05-18 06:17:55 +00:00
Clemens Backes
aee11991d0 [nowasm] Add missing includes
This fixes a compile error after https://crrev.com/c/2891829 if
webassembly is disabled (v8_enable_webassembly = false).

R=pfaffe@chromium.org

Change-Id: Ia425a49d3de11e7c71bb65680ac6a94acd63599e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2900231
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Philip Pfaffe <pfaffe@chromium.org>
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Philip Pfaffe <pfaffe@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74610}
2021-05-17 16:13:43 +00:00
Santiago Aboy Solanes
f4d362b6fd [cleanup] Remove synchronized_ from map accessors
Continuing the cleanups and using the tags rather than synchronized_
in the name of the accessors.

Bug: v8:7790
Change-Id: I3c2d0ccf54fa6161dbd9d12b1b9743a046534521
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2897095
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74609}
2021-05-17 15:07:46 +00:00
Philip Pfaffe
b4942eb3a3 Reland "[ic] Fix handling of API properties with side effects"
This is a reland of 0ce36e7d0e

The reland includes two fixes:
- Move the EvaluateGlobalForTesting into libv8 to avoid linkage issues
  and to avoid having to export ThreadLocalTop symbols.
- Give the ExecutionMode enum a uint8_t backing type to avoid endianess
  issues.

Original change's description:
> [ic] Fix handling of API properties with side effects
>
> DebugEvaluate can evaluate expressions in side-effect-free mode, where
> any operation that would cause observable side effects throws an
> exception. Currently, when accessors are backed by callbacks, it's
> possible that ICs call those accessors directly, bypassing the
> side-effect checks. This CL introduces a bailouts to runtime in those
> cases.
>
> Fixed: chromium:1201781
> Also-By: ishell@chromium.org, pfaffe@chromium.org
> Change-Id: Ie53bfb2bff7b3420f2b27091e8df6723382cf53c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2857634
> Commit-Queue: Philip Pfaffe <pfaffe@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74507}

Fixes: v8:11761
Change-Id: I58cde8bd11ba0fc9d83adc19fa87733628ab6c13
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2891829
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Philip Pfaffe <pfaffe@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74602}
2021-05-17 12:47:24 +00:00
Georg Neis
59bb432572 [compiler] Remove one ObjectRef constructor
Remove the handle-taking ObjectRef constructor in favor of
(Try)MakeRef as bottleneck.

Bug: v8:7790
Change-Id: I3cc3a1dcef4bac53a91c573d1a532332b88c6eb4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2883664
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74593}
2021-05-17 10:54:10 +00:00
Santiago Aboy Solanes
8256254513 [object] Remove synchronized_ from smi accessors
This ends up cleaning up the last of the macros in object-macros which
were using `synchronized_`. There are still a few methods which use
`synchronized_` but those were defined ad-hoc (i.e. w/o macros).

Bug: v8:7790
Change-Id: Ib2d35030fd032293e746c09e10156e526af8d032
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2897085
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74589}
2021-05-17 09:38:30 +00:00
Junliang Yan
89e3b1ee3c ppc/s390: replace LoadP with LoadU64
Change-Id: I636b9e8ab8ac89cbdf9814bc1bce2eaad2bcf030
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2892606
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/master@{#74578}
2021-05-15 13:35:08 +00:00
Manos Koukoutos
0e1cf1fa05 [wasm-gc] Implement br_on_non_null
Bug: v8:7748
Change-Id: I9a4dad42f433ce0adf928461cf0db589df3d69e9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2897087
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74571}
2021-05-14 15:27:29 +00:00
Yuri Iozzelli
50d725f1e5 Implementation of the branch hinting proposal for WebAssembly.
See https://github.com/WebAssembly/branch-hinting for a description of
the proposal.

Change-Id: Ib6e980fc20aa750decabdeb9e281f502c9fe84ed
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2784696
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74569}
2021-05-14 13:40:57 +00:00
Vicky Kontoura
add69092c5 [web snapshot] Support RegExp
This CL adds support for regular expressions. To serialize a regular
expression, the pattern and flags are extracted and serialized as
strings.

Also, JSRegExp::StringFromFlags() is introduced to allow for
transforming back from JSRegExp::Flags to the corresponding flag string.
To verify that this implementation is on par with
RegExp.prototype.flags, unittests are introduced under
regexp/regexp-unittest.cc and RegExpBuiltinsAssembler::FlagsGetter()
is updated to include a slow path that calls JSRegExp::StringFromFlags()
through a runtime function.

Bug: v8:11525, v8:11706
Change-Id: I9cad4c464129ba1cbf64672130d8410730d7d679
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2878751
Commit-Queue: Vicky Kontoura <vkont@google.com>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74566}
2021-05-14 10:27:57 +00:00
Shu-yu Guo
8613ac24bc Revert "[ptr-cage] Better support sharing CodeRange with re-embedded builtins"
This reverts commit a61aa4919f.

Reason for revert: Did not fix the original issue with chromium
tests toggling jitless mode after V8 has already been initialized
on Win64.

Original change's description:
> [ptr-cage] Better support sharing CodeRange with re-embedded builtins
>
> If a shared CodeRange is already allocated when creating an Isolate in
> jitless mode, the CodeRange will be used. This is to better support the
> following use pattern:
>
> ```
> FLAG_jitless = false;
> v8::Isolate::New();
> FLAG_jitless = true;
> v8::Isolate::New();
> ```
>
> Note that the other direction of toggling jitless from true to false is
> unsupported and may have undefined behavior.
>
> Bug: v8:11460
> Change-Id: I1c451c53bc160be4122056d8b309323a94d4b8b6
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2890591
> Commit-Queue: Shu-yu Guo <syg@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74535}

TBR=ishell@chromium.org

Bug: v8:11460
Change-Id: I0acd7d0d444efbf6b9860bcc5e91034319b78601
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2893827
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#74559}
2021-05-13 21:40:27 +00:00
Bill Budge
9ee5bdc975 Revert "Reland^3 "[ptr-cage] Turn on shared pointer cage by default for arm64 and x64"""
This reverts commit 8b74fd4590.

Reason for revert: Blocking the roll into Chromium, example failure on Windows 64 bot:

https://ci.chromium.org/p/chromium/builders/try/win10_chromium_x64_rel_ng/863189?

Original change's description:
> Reland^3 "[ptr-cage] Turn on shared pointer cage by default for arm64 and x64""
>
> This is a reland of 054ff044bc
>
> Change since revert:
>
> - Remove assignment to FLAG_enable_short_builtins in test since
>   it's write-once in CFI.
>
> Original change's description:
> > Reland^2 "[ptr-cage] Turn on shared pointer cage by default for arm64 and x64"
> >
> > This is a reland of 1f504c36da
> >
> > Changes since revert:
> >
> > - Removed disabling of RO heap sharing when --stress-snapshot is passed;
> >   was fixed by f4a6c628c9
> > - Fixed crashing tests that caused revert separately in
> >   a61aa4919f
> >
> > Original change's description:
> > > > [ptr-cage] Turn on shared pointer cage by default for arm64 and x64
> > > >
> > > > Reviewed-on:
> > > https://chromium-review.googlesource.com/c/v8/v8/+/2873226
> > > > Reviewed-by: Igor Sheludko <ishell@chromium.org>
> > > > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> > > > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> > > > Cr-Commit-Position: refs/heads/master@{#74422}
> > >
> > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2878855
> > > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> > > Reviewed-by: Adam Klein <adamk@chromium.org>
> > > Reviewed-by: Igor Sheludko <ishell@chromium.org>
> > > Reviewed-by: Dan Elphick <delphick@chromium.org>
> > > Cr-Commit-Position: refs/heads/master@{#74448}
> >
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2891460
> > Reviewed-by: Adam Klein <adamk@chromium.org>
> > Commit-Queue: Shu-yu Guo <syg@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#74546}
>
> TBR=adamk@chromium.org
>
> Bug: v8:11460
> Change-Id: Ib7526270d421a562cb00aec9a28b4fc2296e4a86
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2893567
> Reviewed-by: Shu-yu Guo <syg@chromium.org>
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Commit-Queue: Shu-yu Guo <syg@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74548}

Bug: v8:11460
Change-Id: Ie1a6a5d7e7928f6b90571a33dc743ca5d1d082b4
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2893823
Auto-Submit: Bill Budge <bbudge@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#74557}
2021-05-13 19:21:08 +00:00
Lu Yahan
eda9412286 [riscv64] Skip incompatible cctests
In debug mode, these will currently cause a DCHECK failure or a
segmentation fault.

See also: https://github.com/riscv/v8/issues/490

Change-Id: I2a4b8e0c9b0fb85393b41b1016b2caa2f013bcc4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2881505
Commit-Queue: Yahan Lu <yahan@iscas.ac.cn>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74550}
2021-05-13 02:33:46 +00:00
Shu-yu Guo
8b74fd4590 Reland^3 "[ptr-cage] Turn on shared pointer cage by default for arm64 and x64""
This is a reland of 054ff044bc

Change since revert:

- Remove assignment to FLAG_enable_short_builtins in test since
  it's write-once in CFI.

Original change's description:
> Reland^2 "[ptr-cage] Turn on shared pointer cage by default for arm64 and x64"
>
> This is a reland of 1f504c36da
>
> Changes since revert:
>
> - Removed disabling of RO heap sharing when --stress-snapshot is passed;
>   was fixed by f4a6c628c9
> - Fixed crashing tests that caused revert separately in
>   a61aa4919f
>
> Original change's description:
> > > [ptr-cage] Turn on shared pointer cage by default for arm64 and x64
> > >
> > > Reviewed-on:
> > https://chromium-review.googlesource.com/c/v8/v8/+/2873226
> > > Reviewed-by: Igor Sheludko <ishell@chromium.org>
> > > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> > > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> > > Cr-Commit-Position: refs/heads/master@{#74422}
> >
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2878855
> > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> > Reviewed-by: Adam Klein <adamk@chromium.org>
> > Reviewed-by: Igor Sheludko <ishell@chromium.org>
> > Reviewed-by: Dan Elphick <delphick@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#74448}
>
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2891460
> Reviewed-by: Adam Klein <adamk@chromium.org>
> Commit-Queue: Shu-yu Guo <syg@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74546}

TBR=adamk@chromium.org

Bug: v8:11460
Change-Id: Ib7526270d421a562cb00aec9a28b4fc2296e4a86
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2893567
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74548}
2021-05-13 01:36:36 +00:00
QiuJi
c7d8556355 [riscv64] Add flag to control disassembling of C-ext
Also handling kArchStackPointerGreaterThan in AssembleArchBoolean

Change-Id: I253c1a6cb924364eead3b9fe58c7cf7d6f0696af
Bug: v8:11737
Bug: v8:11747
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2876854
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Brice Dobry <brice.dobry@futurewei.com>
Commit-Queue: Brice Dobry <brice.dobry@futurewei.com>
Cr-Commit-Position: refs/heads/master@{#74543}
2021-05-12 22:04:43 +00:00
Michael Lippautz
fc49e77f26 api,heap: Avoid dropping global handles when stack state is overridden
This CL only affects non-production code. In non-production code, test
runners may invoke tasks (base::RunLoop()) with an interesting stack.
V8 assumes that it can clear certain data structures when running from
a non-nested task due to not having any interesting stack on top.
During testing this can lead to UAF on stack as data structures are
prematurely cleared.

With cppgc this failure can be fixed as the information on whether
test runners invoke tasks with a non-trivial stack is actually
present.

Example failure: https://logs.chromium.org/logs/chromium/buildbucket/cr-buildbucket.appspot.com/8847453411432681120/+/steps/webkit_unit_tests__with_patch__on_Ubuntu-18.04/0/logs/Flaky_failure:_WebSocketStreamTest.ConnectWithFailedHandshake__status_CRASH_SUCCESS_/0

Change-Id: Ib9f6fb2d8a1aa43d0b973afeb2d0a740c769e784
Bug: chromium:1056170
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2891574
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74539}
2021-05-12 19:20:23 +00:00
Shu-yu Guo
a61aa4919f [ptr-cage] Better support sharing CodeRange with re-embedded builtins
If a shared CodeRange is already allocated when creating an Isolate in
jitless mode, the CodeRange will be used. This is to better support the
following use pattern:

```
FLAG_jitless = false;
v8::Isolate::New();
FLAG_jitless = true;
v8::Isolate::New();
```

Note that the other direction of toggling jitless from true to false is
unsupported and may have undefined behavior.

Bug: v8:11460
Change-Id: I1c451c53bc160be4122056d8b309323a94d4b8b6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2890591
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74535}
2021-05-12 16:38:16 +00:00
Georg Neis
719cffa3b2 [compiler] Make ContextRef never-serialized
Also delete undefined ContextRef methods and make
Context::set_previous private (it is only used when
creating a new context).

Bug: v8:7790
Change-Id: I25a701f317f0f4e82432f7537eec1d63c5ef63f4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2886860
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74521}
2021-05-12 10:27:21 +00:00
Maya Lekova
57afcaf4f5 [fastcall] Allow receiver to be passed as Object
This CL enhances the fast C API in a way to allow passing the receiver
to the fast callback as Local<Object> instead of Local<Value>. It also
fixes documentation comments.

Bug: chromium:1052746
Change-Id: I424aa83023c2e6633b9df08ee040bf170db32b3d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2887510
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74519}
2021-05-12 09:55:37 +00:00
Maya Lekova
ba6a1a7c34 Revert "[ic] Fix handling of API properties with side effects"
This reverts commit 0ce36e7d0e.

Reason for revert: Speculative revert for a Chromium build breakage causing a blocked roll - https://bugs.chromium.org/p/v8/issues/detail?id=11761

Original change's description:
> [ic] Fix handling of API properties with side effects
>
> DebugEvaluate can evaluate expressions in side-effect-free mode, where
> any operation that would cause observable side effects throws an
> exception. Currently, when accessors are backed by callbacks, it's
> possible that ICs call those accessors directly, bypassing the
> side-effect checks. This CL introduces a bailouts to runtime in those
> cases.
>
> Fixed: chromium:1201781
> Also-By: ishell@chromium.org, pfaffe@chromium.org
> Change-Id: Ie53bfb2bff7b3420f2b27091e8df6723382cf53c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2857634
> Commit-Queue: Philip Pfaffe <pfaffe@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#74507}

Change-Id: Ifb5c24682af29572591d436ab92b0304058e99af
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2891650
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#74515}
2021-05-12 07:54:08 +00:00
Camillo Bruni
f64bd67f82 [codegen] Rename TurboAssembler::Set to Move
On x64 we can emit more compact instructions for mov(reg, imm). However
currently this only happens when using the Set method explicitly.
This CL renames Set to Move to avoid confusion and yield better code
by default.

Also use the new Move helper for Smis as well.

Change-Id: I06558e88d1142098f77fb98870f09742d494f3dc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874450
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74512}
2021-05-11 21:53:44 +00:00
Dominik Inführ
e404af787f [heap] Support simple shared GCs without any clients
Allow GC of the shared heap without any attached clients. This
CL also disables incremental marking for shared heaps for now.

Bug: v8:11708
Change-Id: I1eb47a42fe3ced0f23f679ecaae0c32e09eab461
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2886878
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74511}
2021-05-11 20:04:04 +00:00
Philip Pfaffe
0ce36e7d0e [ic] Fix handling of API properties with side effects
DebugEvaluate can evaluate expressions in side-effect-free mode, where
any operation that would cause observable side effects throws an
exception. Currently, when accessors are backed by callbacks, it's
possible that ICs call those accessors directly, bypassing the
side-effect checks. This CL introduces a bailouts to runtime in those
cases.

Fixed: chromium:1201781
Also-By: ishell@chromium.org, pfaffe@chromium.org
Change-Id: Ie53bfb2bff7b3420f2b27091e8df6723382cf53c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2857634
Commit-Queue: Philip Pfaffe <pfaffe@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74507}
2021-05-11 14:26:04 +00:00
Victor Gomes
4f51af6de8 [runtime] TryFastArrayFill can throw exception
Bug: chromium:1206994, chromium:1206754, chromium:1206822
Change-Id: I8ccd501c5a918613fad59afdd65ca499ee57d7a1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2882805
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74500}
2021-05-11 11:12:59 +00:00
Camillo Bruni
cc06b8c778 [cleanup] Convert some global enums to enum class
Convert StoreOrigin, TypeOfMode, SaveFPRegsMode and ArgvMode to
enum classes with k-prefixed values.

Change-Id: Ib6ca3a9995297e8303a7e013b1d829613c0db510
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2885042
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74497}
2021-05-11 10:47:49 +00:00