This reverts commit 819c3ae2f8.
Reason for revert: Sorry Patrick, still failing on some layout tests :( https://test-results.appspot.com/data/layout_results/mac-rel/726365/blink_web_tests%20%28retry%20shards%20with%20patch%29/layout-test-results/results.html
Original change's description:
> Reland "Reland "Improve error messages for property access on null/undefined""
>
> This is a reland of 8b18c5e6a5
>
> Original change's description:
> > Reland "Improve error messages for property access on null/undefined"
> >
> > This is a reland of 24c626c1f7
> >
> > Original change's description:
> > > Improve error messages for property access on null/undefined
> > >
> > > Only print the property name when accessing null/undefined if we can
> > > convert it to a string without causing side effects.
> > > If we can't, omit the property name in the error message.
> > > This should avoid confusion when the key is an object with toString().
> > > E.g. undefined[{toString:()=>'a'}] doesn't print 'read property [object
> > > Object]' anymore, which was misleading since the property accessed would
> > > be 'a', but we can't evaluate the key without side effects.
> > >
> > > Bug: v8:11365
> > > Change-Id: If82d1adb42561d4851e2bd2ca297a1c71738aee8
> > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2960211
> > > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> > > Commit-Queue: Patrick Thier <pthier@chromium.org>
> > > Cr-Commit-Position: refs/heads/master@{#75250}
> >
> > Bug: v8:11365
> > Change-Id: Ie2312337f4f1915faa31528a728d90833d80dbd1
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979599
> > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> > Commit-Queue: Patrick Thier <pthier@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#75571}
>
> Bug: v8:11365
> Change-Id: I90360641ecd870bd93247aa6d91dfb0ad049cfb8
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008219
> Auto-Submit: Patrick Thier <pthier@chromium.org>
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75604}
Bug: v8:11365
Change-Id: I7d7c0f201288384c2aa38a51418b582a64213ae0
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3013352
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75626}
According to go/kqovk, the builder name should be '(reclient)' instead
of '- reclient'.
Bug: chromium:1222951
Change-Id: I22e119d50fd48103f195bb03bc3ccc584a596e57
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3012340
Auto-Submit: Yoshisato Yanagisawa <yyanagisawa@chromium.org>
Commit-Queue: Liviu Rau <liviurau@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75625}
Rolling v8/build: 8969ad2..dc699aa
Rolling v8/buildtools: fd3f3c1..2500c1d
Rolling v8/buildtools/third_party/libc++/trunk: 8fa8794..79a2e92
Rolling v8/buildtools/third_party/libc++abi/trunk: d87a06d..cb34896
Rolling v8/tools/clang: ccc7ba2..293314a
Rolling v8/tools/luci-go: git_revision:3501536c6f762461d322d6694711bb384ffce6f2..git_revision:6808332cfd84a07aeefa906674273fc762510c8c
Rolling v8/tools/luci-go: git_revision:3501536c6f762461d322d6694711bb384ffce6f2..git_revision:6808332cfd84a07aeefa906674273fc762510c8c
Rolling v8/tools/luci-go: git_revision:3501536c6f762461d322d6694711bb384ffce6f2..git_revision:6808332cfd84a07aeefa906674273fc762510c8c
TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com
Change-Id: I9e62582c0f092257334fe50e998baa7aeb7c46ec
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3010323
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75623}
- Allows for differentiating committed and physical (resident) size on
a page. This change merely adjusts the API surface and does not
implement resident set size tracking.
- Add object types on page level as well which helps diagnosing almost
empty pages.
Bug: chromium:1056170
Change-Id: I64c69dc55873a0ce97d2064356bfcd957e10cbf9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3011164
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75621}
This makes jco on gdb behave the same as jco on lldb.
Bug: v8:11879
Change-Id: Id6a338878d518984986d2b719588966ee09de3c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3000956
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75620}
We had some (dead) logic to create different parameter values pending on
the position of the parameter. As it was not used any more, it got
removed in https://crrev.com/c/3003464.
This CL changes the existing logic for creating default parameter values
to use a similar logic, which matches what --wasm-fuzzer-gen-test
creates and has a slightly higher chance of triggering interesting
behaviour.
R=ahaas@chromium.org
Change-Id: Ibb4394c1978f25d70166a03002e084211bfe7e1e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3003465
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75619}
A few fixes are applied in this CL:
1- Instructions which use UIM in V8 only use bits 16 to 19 inclusive.
2- get_simd_register is set to return a reference and not a copy.
3- On vector extract and insert instructions, UIM could be used
to select specific bytes as starting point which may not reflect a lane.
Vector splat uses UIM as a lane selector which remains
unchanged in this CL.
Change-Id: Ieb43afb977dac11d3ea10a2f265c2823f64457e3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3011166
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#75618}
This is a reland of 1532f8ff92
Changes since revert:
- Fix race in initialization
Original change's description:
> [heap] Tie process-wide CodeRange lifetime to any remaining Heaps
>
> Currently the process-wide CodeRange, once created, lives until process
> shutdown. This CL changes it to be alive as long as there is a Heap,
> when the last Heap is gone it gets destroyed and will be recreated the
> next time a Heap is created. This behavior is shared with
> SingleCopyReadOnlyArtifacts.
>
> Bug: v8:11929
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2989103
> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> Commit-Queue: Shu-yu Guo <syg@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75522}
Bug: v8:11929
Change-Id: If250d8901044bcba1f7d7f797b398c29cc2c5a61
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3003910
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75616}
The bugfix yesterday missed a case (CL
758816f438).
A better approach is to compute the ideal representation of the
value, then check if it can be in-place changed to the
recorded representation.
Bug: chromium:1226988, v8:7790
Change-Id: I90e58b8efb83892c033693a1a0f946b3059a330c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3011162
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75615}
Behind a new --experimental-wasm-nn-locals flag.
The checking policy implemented here is that locals count as
initialized until the end of the current control structure,
as described here:
https://github.com/WebAssembly/function-references/issues/44#issuecomment-801977331
Bug: v8:7748
Change-Id: I954fdf1b4e02ed4b45ef61b8379b7c0bbe802400
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3010283
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75613}
... by recording dependencies not based on whether the caller
remembered to pass non-null CompilationDependencies* but on whether
the method is called in serialization mode or not.
Bug: v8:7790
Change-Id: I841fe8fab57e94fff03dc3ce8dc8a02c49677560
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3009223
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75610}
We can't create Refs inside a DisallowGarbageCollection scope since
the MapData constructor uses a parking mutex (which may park the local
heap and let GC run).
Bug: v8:11957, v8:7790
Change-Id: I300b76a15f0f63514ca049f78099e1e6125a6569
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3010281
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75609}
This CL implements GC in a shared heap. A shared GC is started from
an attached client isolate that fails to allocate a shared object. In
order to perform a shared GC all other running client isolates need
to be stopped and their roots need to be scanned.
Bug: v8:11708
Change-Id: I45ac50e6b4a1e9270f9e39b69f9b8ee5e6e14134
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2964816
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75606}
This is still incomplete, but already able to pass all tests on x64.
Sparkplug (on pointer compression) only generates two relocation types:
FULL_EMBEDDED_OBJECT and RUNTIME_ENTRY.
Bug: v8:11872
Change-Id: I6aefbbc9690511a06b2a4a942c48fef85d536bef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3009221
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75605}
This is a reland of 8b18c5e6a5
Original change's description:
> Reland "Improve error messages for property access on null/undefined"
>
> This is a reland of 24c626c1f7
>
> Original change's description:
> > Improve error messages for property access on null/undefined
> >
> > Only print the property name when accessing null/undefined if we can
> > convert it to a string without causing side effects.
> > If we can't, omit the property name in the error message.
> > This should avoid confusion when the key is an object with toString().
> > E.g. undefined[{toString:()=>'a'}] doesn't print 'read property [object
> > Object]' anymore, which was misleading since the property accessed would
> > be 'a', but we can't evaluate the key without side effects.
> >
> > Bug: v8:11365
> > Change-Id: If82d1adb42561d4851e2bd2ca297a1c71738aee8
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2960211
> > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> > Commit-Queue: Patrick Thier <pthier@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#75250}
>
> Bug: v8:11365
> Change-Id: Ie2312337f4f1915faa31528a728d90833d80dbd1
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979599
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Patrick Thier <pthier@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75571}
Bug: v8:11365
Change-Id: I90360641ecd870bd93247aa6d91dfb0ad049cfb8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008219
Auto-Submit: Patrick Thier <pthier@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75604}
We did not handle conflicts between regular register moves and the
cached instance / cached memory start correctly. This could lead to us
overwriting a regular register when restoring the cached instance, which
results in either crashes or miscalculations afterwards.
R=ahaas@chromium.org
Bug: chromium:1217064
Change-Id: Icd4b08b97a47726108a50d51b3a7ba410d132f98
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3003158
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75602}
The {TestingModuleBuilder} had separate logic to compute the bounds
checking strategy. This can lead to compiled code that does not match
the bounds checking strategy stored in the NativeModule. Hence, tests
should use {NativeModule::bounds_checks_} for initializing their
compilation environment.
R=ahaas@chromium.org
Change-Id: I366c2ea5d06062273fa21e388871fc1adab54fef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3009222
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75601}
To avoid external-reference.cc having to depend on code-assembler.h,
this moves ObjectType and CheckObjectType into a separate
objects/object-type.h/.cc.
Bug: v8:11879
Change-Id: Ia086b37f72c330eefef2ce4d35cdf31d2a0ebe62
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3009220
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75599}
A generalization of Karatsuba's idea for even larger inputs.
Bug: v8:11515
Change-Id: I50eac2d313bf4217bf2f55ca2e64b5f120f40206
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2999870
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75598}
This should mitigate some of the regressions introduced in
https://chromium-review.googlesource.com/c/v8/v8/+/2972910.
Changes:
- Use a single Zone for all init. expressions in InstanceBuilder.
- Specialize DecodeFunctionBody() for init. expressions.
Bug: v8:11895, chromium:1226551
Change-Id: Ie39f981efeaa89e57f8ccb68903c6e7cc1cb7f09
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3009465
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75597}
This allows for marking promises as silent. Setting this flag prevents
the debugger from pausing when the promise rejects.
Bug: chromium:1132506
Change-Id: I260e52faa45ebedd9e8d84e092bd0260e828a902
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3001354
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75595}
We only care about huge functions (>100kB) as they can cause extended
compilation times and OOM situations. These are difficult to see in the
existing histogram as they only account for a tiny fraction of functions.
We therefore introduce a new counter that only covers those functions
and remove the other histogram.
Bug: chromium:1222273
Change-Id: I72fcec3fda5a358de6e29eb78d1fcf40059fb6c8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008646
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Emanuel Ziegler <ecmziegler@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75594}
Rolling v8/build: ced9667..8969ad2
Rolling v8/buildtools/third_party/libc++abi/trunk: ae0481e..d87a06d
Rolling v8/buildtools/third_party/libunwind/trunk: 5f424e3..e7ac0f8
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/de5768d..096f6b4
Rolling v8/tools/clang: 081034a..ccc7ba2
Rolling v8/tools/luci-go: git_revision:a5505c14c78e1a27562164fb55f7d2d8190a0a9b..git_revision:3501536c6f762461d322d6694711bb384ffce6f2
Rolling v8/tools/luci-go: git_revision:a5505c14c78e1a27562164fb55f7d2d8190a0a9b..git_revision:3501536c6f762461d322d6694711bb384ffce6f2
Rolling v8/tools/luci-go: git_revision:a5505c14c78e1a27562164fb55f7d2d8190a0a9b..git_revision:3501536c6f762461d322d6694711bb384ffce6f2
TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com
Change-Id: Iac99d089064a592e9de2f3e6d21a4fb9a1be862f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3009800
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75593}
This adds a check similar to Word32ReverseBytes.
Change-Id: I3a75f29ae1b9cb75dd0fda471d6d42ca21915bf9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3009795
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#75591}
With this change, we use Float64Pow for both Smi and Float inputs, also
introduce new speculative operator.
For this PoC
==========================================================
let result = [NaN]; // Avoid HeapNumber-boxing the results.
function slow(){
for(let i = 0; i < 100000000; i++) {
result[0] = i ** 2;
}
}
start = Date.now();
slow();
console.log(Date.now() - start);
==========================================================
Before: 1313
After: 112
Bug: v8:11731
Change-Id: I07a1bde068bef8184b9f556be9d1fe2d6a288705
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2960064
Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75590}
The preparser doesn't support extension parsing so always return false
there, and move the field to the parser instead.
Change-Id: Ie9ad0bd710858120467eb709ec92e59b38eaffba
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3009214
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75588}
In GetOwnFastDataPropertyFromHeap, we read a property value
then compare it with the expected representation. We already
had code to bail out of that particular optimization if there
was a mismatch, however it missed the case of expected
representation being a HeapObject, and when a Smi value was found.
The fix is to use the excellent pre-existing method
Object::FitsRepresentation() to make this check. Thusly, all
cases are handled.
Bug: chromium:1225607, v8:7790
Change-Id: I7d9b1b7722d9691cf5427f8456a6deb466dda0d3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008218
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75587}
TurboFan reads the value in HeapNumber, and TSAN detects a data
race between this read and sets on the main thread elsewhere.
We mark this as relaxed atomic (meaning, correct value of the read
is not guaranteed). The compiler uses the dependency mechanism
to re-read the value safely on the main thread later, and aborts
compilation if a change is detected.
Bug: chromium:1224277, v8:7790
Change-Id: I8931d8989812550c0c57b6bd27aa796f6f5e779d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2996201
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75586}
In the schedule phase (and only in this phase!) the node 0 was not
being selected due to `!0` being true. We meant to be checking
against undefined rather than this.
Bug: v8:7327
Notry: true
Change-Id: Ie675979219868725b0e345065cec7a2a7091fda8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008215
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75585}
This CL adds support for updating code objects. So far code objects
were immutable. Sparkplug makes compilation a very frequent operation
and thus wants to avoid copying the instruction stream from the
AssemblerBuffer into the code object (with more overhead that entails).
The idea is to allocate an "empty" Code object initially, which is
likely large enough to hold the full instruction stream. Then Sparkplug
will compile the given function and write the instruction stream
directly into the code object. After compilation is done Sparkplug trims
the Code to the right size and finishes its initialization.
We use relocation_info to determine whether a Code object is fully
initialized: undefined means that this object is filled by SparkPlug
at the moment. If it's a proper ByteArray, this code object is assumed
to be initialized. Turbofan still fully initializes the Code object
immediately.
Before changing the size of the code object, EnsureSweepingCompleted()
makes sure that the code object's page is swept already. This prevents
that the concurrent sweeper loads the new and smaller object size and
stores that memory in the free list.
NotifyCodeObjectChanged() signals the GC that the code object is now
fully initialized and revisits that object (even if it is black already)
to find and record outgoing references in the instruction stream.
Design doc: https://docs.google.com/document/d/12LHGkRXY1H3IFMBrdxs2vhgtG9bfJTdquQUsX1oPoSE/edit?usp=sharing
Bug: v8:11872
Change-Id: Ie1b95b27842eea5ec7e9d345052585a27d6ea7f3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2999087
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75582}
There's only few testing code required for embedders. Add testing
directly to the regular cppgc target to allow working around an ODR
violation issue with //v8:v8 and //v8:v8_for_testing, see bug.
This unblock Oilpan library builds in Chromium.
Bug: v8:11952, chromium:1056170
Change-Id: I0f0448faa0904b9ece58bd5a24c79c86ee55e2bf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008216
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75581}
Associating exception meta-data may throw an exception if the
browser is under memory pressure. This CL adds a try-catch
scope to prevent surfacing of said exceptions in Chrome.
Bug: chromium:1226360
Change-Id: Ide969273b2ac6dc109370ba2adcb20586ef30bff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008214
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75580}
This reverts commit 8b18c5e6a5.
Reason for revert: Still failing: https://test-results.appspot.com/data/layout_results/V8_Blink_Linux/12469/blink_web_tests%20%28retry%20shards%20with%20patch%29/layout-test-results/results.html
Original change's description:
> Reland "Improve error messages for property access on null/undefined"
>
> This is a reland of 24c626c1f7
>
> Original change's description:
> > Improve error messages for property access on null/undefined
> >
> > Only print the property name when accessing null/undefined if we can
> > convert it to a string without causing side effects.
> > If we can't, omit the property name in the error message.
> > This should avoid confusion when the key is an object with toString().
> > E.g. undefined[{toString:()=>'a'}] doesn't print 'read property [object
> > Object]' anymore, which was misleading since the property accessed would
> > be 'a', but we can't evaluate the key without side effects.
> >
> > Bug: v8:11365
> > Change-Id: If82d1adb42561d4851e2bd2ca297a1c71738aee8
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2960211
> > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> > Commit-Queue: Patrick Thier <pthier@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#75250}
>
> Bug: v8:11365
> Change-Id: Ie2312337f4f1915faa31528a728d90833d80dbd1
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979599
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Patrick Thier <pthier@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75571}
Bug: v8:11365
Change-Id: Ic4137f0d70fa9b10ca70fa921b98ea7e1499f11b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3008217
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#75577}
