So far the slot is set to 0; in an upcoming CL it will be
used for an actual feedback vector.
Bug: v8:7748
Change-Id: I79f7502757d2cd8b07ced7105bf7532f5bc9b4f0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3205898
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77279}
In addition, trigger the observer only every ~256KiB to avoid
excessive incremental marking steps on fragemented heaps that have to
set up LABs repeatedly.
Bug: v8:12285
Change-Id: Id3d85d2c3f96d9d914c731f998df827898e1863d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3208810
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77278}
The current implementation of the default ArrayBufferAllocator for the
virtual memory cage is highly inefficient as it simply forwards all
requests to the cage's PageAllocator. With this CL, this allocator is
now only used when the heap sandbox is enabled, in which case
ArrayBuffer backing stores must be located inside the cage. In all other
cases, in particular when only the virtual memory cage is enabled, the
backing stores can be located outside the cage and so the malloc-based
ArrayBufferAllocator is used.
This change only affects configurations in which V8's default
ArrayBufferAllocator is used.
Bug: chromium:1218005
Change-Id: I39cb5de3034ccd4b6975dc5193d8c7309857433b
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3205018
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77276}
Rolling v8/build: ebad853..c40c33e
Rolling v8/buildtools/third_party/libc++abi/trunk: 9959b06..fdbb919
Rolling v8/buildtools/third_party/libunwind/trunk: a002c72..15999e7
Rolling v8/third_party/aemu-linux-x64: FAd7QuRV-mCjbKgg2SO4BBlRCvGIsI672THjo3tEIZAC..ekZcu3VD0XVbtKxyJwVgI96y6Sr0eYcdLkgCt6ejF0gC
Rolling v8/third_party/android_platform: 7a11b79..1a68ade
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/c0b9d25..ee3f2f4
Rolling v8/third_party/depot_tools: 0e2fb33..281edf7
Rolling v8/third_party/googletest/src: 3b49be0..075810f
Rolling v8/third_party/icu: 3f44383..4df07a2
Rolling v8/third_party/zlib: dfa96e8..bffc82b
Rolling v8/tools/clang: c06edd1..8640ca8
Rolling v8/tools/luci-go: git_revision:a373a19da0fbbbe81b2b684e3797260294393e40..git_revision:293cb303c8d63cc435a32b2fd1e834db15bfc069
Rolling v8/tools/luci-go: git_revision:a373a19da0fbbbe81b2b684e3797260294393e40..git_revision:293cb303c8d63cc435a32b2fd1e834db15bfc069
Rolling v8/tools/luci-go: git_revision:a373a19da0fbbbe81b2b684e3797260294393e40..git_revision:293cb303c8d63cc435a32b2fd1e834db15bfc069
TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com
Change-Id: I99dbd70ee899e1d1c9fafcf72509f2f50b1ae8a5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3210331
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77275}
IsActive() is only supposed to be used in DCHECKs and supporting
this is going to get harder when introducing safepoints across multiple
isolates because there won't be this single counter anymore to check.
With AssertActive() we can just invoke AssertHold() on our mutex.
No functional changes.
Bug: v8:11708
Change-Id: Ic8d17738afdc90e92e6b54f615ec9757a826cc64
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3207903
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77272}
... to support creation of fillers in external code space.
Bug: v8:11880
Change-Id: I47b352b8b44733c529b6b0cb2b39cf676ce83923
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3208813
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77271}
We are going to introduce safepoints across multiple isolates, with
this the name GlobalSafepoint might be misleading. Use IsolateSafepoint
as name to emphasise this class reaches a safepoint for a single
isolate only.
No functional changes.
Bug: v8:11708
Change-Id: I8254031dd0bc8e6dcf9f7353297803c37dba47ed
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3207901
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77268}
Marking the labels as unused is only needed when we abort code
generation. Otherwise the DCHECKs in the label destructors are useful to
catch bugs.
R=jgruber@chromium.org
Bug: v8:12244
Change-Id: I63198f98a7acd1f2528d31964c01bc6815ba99a9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3205899
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77267}
Liftoff is temporarily disabled on PPC.
After https://crrev.com/c/3202593 the newly skipped tests
are failing with this error:
```
Check failed: tester.native_module()->GetCode(0)->is_liftoff()
```
Change-Id: I681a27930909fd6ac4e5087c2d03608b891a6066
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3208070
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#77265}
Use a url-like source position format for emited defnition
locations. Hopefully this will make links clickable on codesearch.
Change-Id: I343c6bc3cc4f159d5e3974d7ec5af4a578aaf03a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3207887
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77261}
This is a reland of 16df1dfa13
No changes have been made to this reland as previous commit was reverted
due to a new test revealing an existing bug. This bug has now been fixed.
Original change's description:
> [arm64][wasm-simd] Use Cm(0) for integer comparison with 0
>
> Use an immediate zero operand for integer comparison when possible. This
> gives ~1% runtime performance improvement in some benchmarks on Neoverse
> N1.
>
> Change-Id: I727a8104f8e6ca3d122d6b5b8b3d38d7bdd76c47
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3158327
> Reviewed-by: Zhi An Ng <zhin@chromium.org>
> Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
> Cr-Commit-Position: refs/heads/main@{#76847}
Change-Id: I77d6923d79407a83becbd39970c6a3f62d3a304d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3178482
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Rodolph Perfetta <rodolph.perfetta@arm.com>
Cr-Commit-Position: refs/heads/main@{#77260}
This method had been marked as deprecated over a year ago and since
then only `0` on every invocation, and it's not used in Chromium
anymore.
Fixed: chromium:1246908
Change-Id: Id92a48ac6e42608b1bc023187436f57939466b2c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3208031
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77259}
_ReadWriteBarrier() is deprecated, and <atomic> has been available for
a while now.
Ports part of https://chromium-review.googlesource.com/c/chromium/src/+/2365092
to v8.
No behavior change.
Bug: chromium:1255114
Change-Id: I9954193a69dad9396a5e9e7450066382de2fb172
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3204827
Auto-Submit: Nico Weber <thakis@chromium.org>
Commit-Queue: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77258}
WebAssembly dynamic tiering should be tested with an origin trial. For
the origin trial the feature flag value has to be loaded from blink.
This CL stores the value of the --wasm-dynamic-tiering flag in the
compilation state, from where it gets passed forward to all uses of the
flag. The flag value gets loaded from blink when a new NativeModule is
created.
R=clemensb@chromium.org
Bug: v8:12281
Change-Id: Ia26355a665b7dfcdb47144863c1bec296774abb2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3204963
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77256}
The expected assertion is specific to irregexp codegen.
Bug: chromium:1255368
Change-Id: I14d033285014727de2e63582ed798fc82570497d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3207892
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77254}
Replace 'virtual' by 'override' when overriding methods.
This uncovered one method which was unnecessarily virtual:
{RegExpMacroAssemblerARM64::CheckCharacters}.
R=jgruber@chromium.org
Bug: v8:12244
Change-Id: Ia4480b7b234d3d40cc5821c38ef83f74f8421b6b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3204966
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77252}
With dynamic tiering, typically not all functions of a WebAssembly
module get compiled with TurboFan, and therefore the code caching would
never get triggered. With this CL code caching is triggered whenever
{FLAG_wasm_caching_threshold} bytes of TurboFan code are generated.
This new caching event is only triggered when --wasm-dynamic-tiering is
enabled.
R=clemensb@chromium.org
Bug: v8:12281
Change-Id: I939325aea7e4310aa76c936636799661c05d4079
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3202593
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77251}
When aborting code generation, we need to call {AbortedCodeGeneration}
on the {MacroAssembler} contained in the {RegExpMacroAssemblerARM}.
R=jgruber@chromium.org
Bug: chromium:1255368
Change-Id: If37351e8f5715e23affd21ad2de8a8eaad3ea094
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3204965
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77250}
Mirroring Code::entry and CodeDataContainer::code_entry_point.
Unused for now; will be used very soon.
Change-Id: I93b86f0c601a044bb4e6afea642d5d3f721ef73a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3205893
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77249}
Allocate code range close to binary (<2GB) when pointer compression is
disabled. And enable short builtin calls if it succeeds.
Bug: v8:12045, v8:11527
Change-Id: I1a9d635b243337980fd75883d9802bc0cee75e43
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3069457
Commit-Queue: Hao A Xu <hao.a.xu@intel.com>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77248}
Rolling v8/build: ebad853..98d97fd
Rolling v8/buildtools/third_party/libc++abi/trunk: 9959b06..fd29545
Rolling v8/buildtools/third_party/libunwind/trunk: a002c72..15999e7
Rolling v8/third_party/aemu-linux-x64: FAd7QuRV-mCjbKgg2SO4BBlRCvGIsI672THjo3tEIZAC..3M11fN4tUefKOZExDkJbUXnPiJICCo0TwPwoejHowg8C
Rolling v8/third_party/android_platform: 7a11b79..1a68ade
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/c0b9d25..4b10835
Rolling v8/third_party/depot_tools: 0e2fb33..281edf7
Rolling v8/third_party/googletest/src: 3b49be0..075810f
Rolling v8/third_party/zlib: dfa96e8..bffc82b
Rolling v8/tools/clang: c06edd1..8640ca8
Rolling v8/tools/luci-go: git_revision:a373a19da0fbbbe81b2b684e3797260294393e40..git_revision:ec7a06c4fcde59629839f8e89c52a08d647e75f4
Rolling v8/tools/luci-go: git_revision:a373a19da0fbbbe81b2b684e3797260294393e40..git_revision:ec7a06c4fcde59629839f8e89c52a08d647e75f4
Rolling v8/tools/luci-go: git_revision:a373a19da0fbbbe81b2b684e3797260294393e40..git_revision:ec7a06c4fcde59629839f8e89c52a08d647e75f4
TBR=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com
Change-Id: I007b32f3475eb71678e50dbf4efa15a88ec85ff6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3206022
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77247}
This reverts commit a1e6efd80c.
Reason for revert: Break Arm64
Original change's description:
> [intl] Fix consistency in Intl API
>
> Fix several edge cases consistency issues with ICU discovered by test262 test by
> using Intl Enumeration API
> 1. Work around ICU short coming of always fallback in currency display
> name so when the fallback is "none" in DisplayNames, the force fallback
> code will produce the correct undefined from the of(currency_code) method.
> 2. Always check numbering system is not algorithm based numbering system
> to fix DateTimeFormat/RelativeTimeFormat/NumberFormat
> resolvedOptions().numberingSystem when the reqested numberingSystem is one
> of the numbering systems that we filter out the resources and not supported.
> 3. Generalize the iso8601 bit solution in DateTimeFormat and rename it to
> alt_calendar bit to also fix DateTimeFormat resolvedOptions report
> calendar as "islamic" while requesting "islamic-rgsa".
> 4. Work around reporting inconsistency of currency code and display name
> in ICU.
>
> Bug: v8:12209
> Change-Id: Ibd349ee55426fad7d6f20a5e93fb35ff7438e111
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3153576
> Commit-Queue: Frank Tang <ftang@chromium.org>
> Reviewed-by: Shu-yu Guo <syg@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77242}
Bug: v8:12209
Change-Id: I6b8ac7dc89eda158e29c9d653825cb20a89341aa
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3207379
Reviewed-by: Frank Tang <ftang@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77246}
... capable of computing the forwarding pointer for objects allocated
outside of the main pointer compression cage.
Drive-by: hoist computation of pointer compression cage base out of
certain loops in GC code.
Bug: v8:11880
Change-Id: I23efdffd1a237d9eedd0e2975e8e40811417ef31
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3204968
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77244}
IsActive is misleading as the current implementation forces to use
v8::Locker for all Isolate access once any Locker has been used in
the same process.
Bug: chromium:1240851
Change-Id: Ieb2cfa352313b6f2cbec1bafdbc94a3fc718f3d6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3190093
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77243}
Fix several edge cases consistency issues with ICU discovered by test262 test by
using Intl Enumeration API
1. Work around ICU short coming of always fallback in currency display
name so when the fallback is "none" in DisplayNames, the force fallback
code will produce the correct undefined from the of(currency_code) method.
2. Always check numbering system is not algorithm based numbering system
to fix DateTimeFormat/RelativeTimeFormat/NumberFormat
resolvedOptions().numberingSystem when the reqested numberingSystem is one
of the numbering systems that we filter out the resources and not supported.
3. Generalize the iso8601 bit solution in DateTimeFormat and rename it to
alt_calendar bit to also fix DateTimeFormat resolvedOptions report
calendar as "islamic" while requesting "islamic-rgsa".
4. Work around reporting inconsistency of currency code and display name
in ICU.
Bug: v8:12209
Change-Id: Ibd349ee55426fad7d6f20a5e93fb35ff7438e111
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3153576
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77242}
A mov can be up to 10 bytes, 6 for displacement, 4 for instr. Other
instructions (like pshufb) with a complex addressing mode can take 10
bytes too. So adjust the padding for disassembly of hex accordingly.
This requires fixing up all the test cases too.
Bug: v8:12207
Change-Id: I372d67a818a5dbfe6f49f67047493d7f67b59bcd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3180375
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77241}
This is a reland of 75dd3600b4
crrev.com/c/3205901 should fix the test failures on Fuchsia.
Original change's description:
> Reland "Turn on v8_enable_virtual_memory_cage for Chromium builds"
>
> This is a reland of 4fb3eae7af
>
> crrev.com/c/3202002 fixed the Chromium build issue.
>
> Original change's description:
> > Turn on v8_enable_virtual_memory_cage for Chromium builds
> >
> > This CL enables the virtual memory cage at compile time by default for
> > Chromium builds on x64 and arm64. However, the cage will only be used at
> > runtime if the correpsonding Chromium feature is enabled as well.
> >
> > Bug: chromium:1218005
> > Change-Id: I5a452d299ac950f8ec0f741f6b9a153e57b2a666
> > Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3200081
> > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> > Commit-Queue: Samuel Groß <saelo@chromium.org>
> > Cr-Commit-Position: refs/heads/main@{#77212}
>
> Bug: chromium:1218005
> Change-Id: I32b1a4088ca44827ca4f76b5d19b8138875bfc97
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3204950
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Samuel Groß <saelo@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77229}
Bug: chromium:1218005
Change-Id: Id258ded659e4abc31f052ff4c57804d4bd9c5ba0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3205897
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77240}
Bug: chromium:794619
Change-Id: I335291b8ea7a326abbf66df535d3fa98aff9e4fc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3206277
Commit-Queue: Peter Kasting <pkasting@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Auto-Submit: Peter Kasting <pkasting@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77239}
The error showed when printing the resulting code object, because the
tier was neither TurboFan nor Liftoff, even though the code was
registered as a standard wasm function (instead of an import wrapper).
R=jkummerow@chromium.org
Bug: chromium:1254674
Change-Id: I26482fd88d72403393428979abf08e9f60cd8c4c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3202001
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77238}
The {wasm_kind} is completely unused, thus remove it before fixing a
wrong {CodeKind} for wasm-to-js functions.
R=mslekova@chromium.org
Bug: chromium:1254674
Change-Id: Ie3d260a7664d9a390d7edc49c2bf0692c8d798d7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3202000
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77235}
The Merge node for merging exceptions into the catch environment had
type kWord32, which is not a reference type. Because of this the GC does
not visit it and can collect it too early. Change the type to
kTaggedPointer.
Also change the type of ExceptionLocation() from IntPtr to TaggedPointer
for consistency. This one does not affect correctness because the
IfException node is already marked as tagged.
R=clemensb@chromium.org
Bug: v8:12254
Change-Id: I190d48b85f4b889ab083228b8fcedd439090e1de
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3201994
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Michael Stanton <mvstanton@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77232}
Do not require the --verify-heap flag to test aborting evacuation of a
page but randomly abort evacuation in debug builds with
--stress-compaction. This is intended to increase test coverage of this
mechanism.
Bug: v8:12251
Change-Id: I6cd08904ee195dbf2a1ef1e9c2c773c514c2cf7e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3201999
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77230}
