This doesn’t have much practical effect, since the actual
byte contents referred to by `StartupData` are already marked
`const`, but adding the qualifier communicates more clearly
to users that V8 does not perform modifications on the object.
Practically speaking, this also allows for cases in which the
startup data is included as readonly data in the current executable
without requiring a `const_cast`.
Refs: https://github.com/nodejs/node/pull/45786#discussion_r1043489245
Change-Id: I53075ebb493c3617e470decb601b803f5294848d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4089203
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84764}
Make the separation between Operands pointing to Label locations and
standard memory operands more clear.
Also provide a separate method for emitting "label operands", so this
does not get inlined everywhere (label operands are used much less often
than memory operands).
R=jkummerow@chromium.org
Bug: v8:13570
Change-Id: I3482598cbf47eea878e06acc1ce2465325a597e0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4088644
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84763}
My previous change https://crrev.com/c/4071249 reduced the size of
translation arrays, but caused substantial speed regressions for code
that needs to read those arrays. This is because each translation could
use MATCH_PREVIOUS_TRANSLATION instructions to indicate areas where it
was unchanged from the preceding translation, but that preceding
translation might also use MATCH_PREVIOUS_TRANSLATION because it was
similar to its preceding translation, and so forth up to the limit
imposed by kMaxLookback.
This change is a proposal to fix the decoding speed while keeping most
of the size benefit from the previous change, by imposing a rule that
the "previous" translation referred to by a MATCH_PREVIOUS_TRANSLATION
instruction must not also use MATCH_PREVIOUS_TRANSLATION. A simple way
to accomplish this would be to decrease kMaxLookback to 1 and keep the
rest of the encoder unchanged, but we can do somewhat better by letting
several translations in a row refer to the same "basis" translation, as
long as they're successfully finding matching content.
Total size of translation arrays generated in an Octane run:
- Before my previous change: 2.6 MB
- Current code (kMaxLookback=10): 1.1 MB
- This CL: 1.4 MB
- Setting kMaxLookback=1: 1.8 MB
Bug: chromium:1399556, chromium:1396229
Change-Id: I077da8aae93ec667ff587a1db1bff483de76cf34
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4089944
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#84762}
This CL introduces two JS operators JSToBigInt and
JSToBigIntConvertNumber and one simplified operator
Integral32OrMinusZeroToBigInt.
- BigInt constructors are lowered to JSToBigIntConvertNumber in the
inlining phase.
- JSToBigIntConvertNumber is replaced with
Integral32OrMinusZeroToBigInt if the input is typed as Integral32
in typed lowering.
- In simplified lowering, Integral32OrMinusZeroToBigInt is lowered
to conversion to word64 accordingly.
- If the input is not Integral32 or BigInt, JSToBigIntConvertNumber
is lowered to a builtin call in generic lowering.
Bug: v8:9407
Change-Id: I8539d742e82cce515bd9350797f5f9b0876ee6f2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4055670
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Qifan Pan <panq@google.com>
Cr-Commit-Position: refs/heads/main@{#84761}
Similar to the `AsyncFunctionReject` builtin, the
`AsyncGeneratorReject` should also mark the promise rejection as a
non-debuggable event.
That is because the initial throw that causes the generator rejection
downstream alreay triggered the debuggable event.
We can re-use one of the existing tests as a regression test here:
If we wait for the Runtime.evaluate promise to resolve after the first
pause, we ensure that we already paused once. The test in its current
form swallowed the second pause implicitly by disabling the debugger.
R=bmeurer@chromium.org
Bug: chromium:1270780
Change-Id: I97ab08934804fefd097e9bd01081469da5379154
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4084925
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84756}
This reverts commit e5dbd05dcf.
Reason for revert: Causes failures with --shared-string-table
https://bugs.chromium.org/p/chromium/issues/detail?id=1399489https://bugs.chromium.org/p/chromium/issues/detail?id=1399491https://bugs.chromium.org/p/chromium/issues/detail?id=1399488https://bugs.chromium.org/p/v8/issues/detail?id=13574
Original change's description:
> [heap] Fix crash in promoted pages iteration
>
> Iterating promoted pages uses a snapshot of the allocated pages to avoid
> using locks (which locally resulted in regressions). Large pages may
> have been freed between taking the snapshot and concurrent sweeping.
> If that page is found by LookupChunkContainingAddress as the closest
> page, we will try to access it and crash.
>
> Fix by refresshing the snapshot after all pages have been freed.
>
> Bug: v8:12612, chromium:1399331, chromium:1399328, chromium:1399330
> Change-Id: I01a1dbcb9efde3a34a99d01260b0529dcf04c37a
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4088363
> Commit-Queue: Omer Katz <omerkatz@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#84740}
Bug: v8:12612, chromium:1399331, chromium:1399328, chromium:1399330
Change-Id: Id7e4c057493478956108e4ae4f28ca91cc20f406
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4092594
Auto-Submit: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#84755}
On Mac, we spend around 30% of lazy compile time in {ThreadTicks::Now}.
On Linux it's less severe, but still around 10%.
That's too much overhead for measurements that only show up in UKM, so
remove that.
The unused fields will be removed from the UKM events after the plumbing
on the chromium side has been removed.
R=ahaas@chromium.org, mlippautz@chromium.org
CC=ecmziegler@chromium.org
Bug: v8:13565
Change-Id: I2dad88d899482801888940499d2d1761ff075578
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4078966
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84754}
We introduce V8InspectorSession::stop API to enable safe
detach from the session. In particular, after calling 'stop',
the session will leave any instrumentation pause it might
be in and disarm all its instrumentation breakpoints.
This is useful when the session disconnect request is registered
on V8 interrupt (so it is unsafe to disconnect at that point),
and the execution should first get to the message loop
where the disconnect can be handled safely.
Bug: chromium:1354043
Change-Id: I3caab12a21b123229835e8374efadc1f4c9954c2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4085143
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Kim-Anh Tran <kimanh@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84753}
This reverts commit 331c577e1d.
Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20-%20debug%20-%20single%20generation%20-%20builder/9912/overview
Original change's description:
> [static-roots] Allow creating isolates from existing r/o snapshot
>
> This adds the ability to create an isolate from scratch, except the
> read only roots, which are initialized from a read_only_data snapshot.
> To do this we split the heap setup in a read/only part and the rest.
> The goal of these changes is to later support writing serializer tests,
> even if the read only roots are static and have to be loaded from a
> fixed snapshot.
>
> Bug: v8:13466
> Change-Id: I078695b95710e5281da013ca0c08af0e153b4725
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4037271
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> Commit-Queue: Olivier Flückiger <olivf@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#84750}
Bug: v8:13466
Change-Id: I91512140abb98993578d27e65e6080e1d3f317e6
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4089967
Auto-Submit: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84751}
This adds the ability to create an isolate from scratch, except the
read only roots, which are initialized from a read_only_data snapshot.
To do this we split the heap setup in a read/only part and the rest.
The goal of these changes is to later support writing serializer tests,
even if the read only roots are static and have to be loaded from a
fixed snapshot.
Bug: v8:13466
Change-Id: I078695b95710e5281da013ca0c08af0e153b4725
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4037271
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Olivier Flückiger <olivf@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84750}
This reverts commit 36bac1bcae.
Reason for revert: This possibly caused clusterfuzz issues and test flakiness.
Original change's description:
> [heap] Fix conservative stack scanning for client isolates
>
> With this CL, the context of stacks corresponding to all client isolates
> are saved, so that conservative stack scanning can be used correctly
> during a shared garbage collection. This happens:
>
> 1) in Heap::PerformSharedGarbageCollection, for the stacks of the shared
> isolate and the initiator;
> 2) when an isolate's main thread is waiting in a safepoint; and
> 3) when an isolate's main thread is parked.
>
> Bug: v8:13257
> Change-Id: I9ff060f2c0c1ec12977c70d67d65d9c543e2d165
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4027210
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Omer Katz <omerkatz@chromium.org>
> Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#84712}
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:13257
Change-Id: I7eb50b24243084d45b3f1bcc37a559b9f92e0318
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4092363
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Owners-Override: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84749}
Resolve a data race between concurrent sweeping and writing fillers by
the main thread.
Bug: v8:13554, v8:12612
Change-Id: I00bbceca92b4729b2d2bb32be0916a981cfde3e6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4084762
Auto-Submit: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84747}
Rolling v8/build: e3833ca..2c6fbff
Rolling v8/buildtools: 71c674d..4fb9b31
Rolling v8/buildtools/third_party/libc++/trunk: a9779c1..e4e39ce
Rolling v8/buildtools/third_party/libc++abi/trunk: f46bba9..25a3d07
Rolling v8/third_party/fuchsia-sdk/sdk: version:10.20221207.2.1..version:10.20221207.3.1
Rolling v8/tools/clang: 72ab320..6d77ba2
Change-Id: Iad0f45ed412bfe0d201485218731eb4050281ba9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4091444
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#84746}
The last CL created an array with length zero and enough capacity, and let FastCreateDataProperty to append values. But, there are unnecessary checks in FastCreateDataProperty when appending values. Thus, it's more efficient to create an array filled with smi zero, and fill the values.
Bug: chromium:1395728
Change-Id: Ibe52c688c260637993983ab25f069ee80b212895
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4086126
Commit-Queue: Choongwoo Han <choongwoo.han@microsoft.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84745}
Iterating promoted pages uses a snapshot of the allocated pages to avoid
using locks (which locally resulted in regressions). Large pages may
have been freed between taking the snapshot and concurrent sweeping.
If that page is found by LookupChunkContainingAddress as the closest
page, we will try to access it and crash.
Fix by refresshing the snapshot after all pages have been freed.
Bug: v8:12612, chromium:1399331, chromium:1399328, chromium:1399330
Change-Id: I01a1dbcb9efde3a34a99d01260b0529dcf04c37a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4088363
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84740}
This was a slightly overzealous optimization that ended up being more
tricky than expected without measurable value on the benchmarks (as far
as we know). Let's try to remove it and see whether an important
benchmark notices.
Bug: chromium:1385941
Change-Id: If2e81f6cb6758f9c373e7c2c8beaa308ed323f93
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4088624
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Auto-Submit: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84739}
Test ids would get an uniform format between different kinds of tests:
prefix//test_id//suffix
- prefix:
- empty for regular tests
- or 'special test' token, as in 'numfuzz'
- test_id is the full name of the test as generated by test runner:
- suite_name/path/to/actual/test_name
- suffix is anything a test runner processor might want to add to the name:
- numfuzz processor will add 'analysis' of a numeric value
- variant processor will add the variant name
Bug: v8:13316
Change-Id: Ied8f958173f82d8e26c62e39ccc21167ca2928ab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4084763
Commit-Queue: Liviu Rau <liviurau@google.com>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84736}
Adds new `br_on_cast_fail <branch depth> <heap type>` instruction
with opcode 0xfb43.
The instruction branches if the cast fails. `null` is treated as a cast
failure (meaning the branch is taken).
The heap type may be any concreate heap type index or an abstract
type like `(ref null eq)`.
Bug: v8:7748
Change-Id: I97a78d6d0872703ab825016cab4e737f8f79995f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4084981
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Matthias Liedtke <mliedtke@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84733}
Wasm stack switching breaks the expectations of the unified V8/C++
heap by breaking the stack into multiple segments. To fix this:
- Store a list of interesting inactive stacks in the heap's Stack object
- When wasm switches stack, update this list, and also update the stack
start pointer
- Change {Stack::IteratePointers} to also visit pointers in the current
list of inactive stacks
R=nikolaos@chromium.org,jkummerow@chromium.org
CC=irezvov@chromium.org
Bug: v8:13493
Change-Id: Ieafeb89da31325e542e67403b6dc66c28d3be2fe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4081126
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84731}
MinorMC needed to process pretenuring feedback both after sweeping and
at the end of the atomic pause, despite having no new feedback at the
end of the atomic pause, because the heuristics didn't hold after
sweeping. This CL adjusts the heuristics for MinorMC so that processing
twice is no longer needed.
Bug: v8:12612
Change-Id: I4d3ebaeaa6e7868bcdcae6fbdb3bcecb0ebcb8bf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4085983
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84730}
Specifically, the methods in {WasmJSFunction} and {WasmCapiFunction}.
Drive-by:
- Fix a bug in {WasmCapiFunction::GetSignature}.
- Fix a bug in wasm-module-builder.js.
Bug: v8:7748
Change-Id: I7408d07766536ed37f23b97ad210212b986412bf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4079097
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84728}
TSLint has been deprecated and so the presubmit script will not
run because of tslint:recommended. Removing this allows the
explicit rules to be run but does not properly fix the use of
TSLint. Also fix the issues that do not pass the linter.
Bug: v8:7327
Change-Id: I9f463ba9520ee2caa4141b21b81fd15012afedff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4085145
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: George Wort <george.wort@arm.com>
Cr-Commit-Position: refs/heads/main@{#84725}
When reducing the apply() builtin, we should force the arguments
to be tagged.
Bug: v8:7700
Fixed: chromium:1394787
Change-Id: Ic62ea1dcf669a271f9ab20454b70dbb9374f166f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4086544
Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84724}
When we split MaterialisedValueNodes to x64 and arm64, we
changed a bit the logic and we should return early in case
of a constant, otherwise we would fail in the DCHECK in line 269.
Bug: v8:7700
Fixed: chromium:1395603
Change-Id: I3ce6dcb5e4e8e0040ef16fb3b3065ef7b86c7c36
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4088362
Commit-Queue: Patrick Thier <pthier@chromium.org>
Reviewed-by: Patrick Thier <pthier@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84723}
A scavenger GC can run on a client isolate while incremental marking
is enabled in the shared space isolate. While we pause black
allocation in the client's heap, we can't really pause it in the
shared heap isolate.
This CL solves that by marking ConcurrentAllocator instances created
for the GC. Black allocation is never enabled during GC. This will
probably also be useful when moving LABs out of the spaces.
Bug: v8:13267
Change-Id: Ie92848854c39229a8eca74cb07bd4be19a725ec8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4085503
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Auto-Submit: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84722}
Add the option to swap what is displayed on which
axis and increase the density in the horizontal axis
when displaying live ranges in turbolizer.
Bug: v8:7327
Change-Id: I47ac94d93942bdf760ad330a19f8f567078fd531
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4085144
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: George Wort <george.wort@arm.com>
Cr-Commit-Position: refs/heads/main@{#84721}
Data added:
- subtest_id as it is generated by Processors
- processor_name to trace back the processors that generate subtests
- path of the test
- test_id suffixes introduced by processors:
- numfuzz will have
- an `analysis` suffix for analysis phase
- a number suffix for the variants generated after analysis
- variant processor adds a suffix for every variant
- subtests will inherit suffixes from the parent tests (origin)
V8-Recipe-Flags: resultdb
Cq-Include-Trybots: luci.v8.try:v8_numfuzz_dbg,v8_numfuzz_rel,v8_numfuzz_tsan_compile_rel,v8_numfuzz_tsan_rel
Bug: v8:13316
Change-Id: I67d8b92b575c31b201238cfbcfc76cd076a2f7af
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4081127
Commit-Queue: Liviu Rau <liviurau@google.com>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84720}
ForInPrepare should store the accumulator into the {cache_type}
register. Since this was not being done, we were extending
the lifetime of whatever was in this register (in this case
a CallRuntime coming from a catch block) to ForInNext.
So we were basically doing an uninitialized read in that node.
Bug: v8:7700
Fixed: chromium:1393547
Change-Id: If3fe4118bfffac089757170ae9ed5ccba9e4af86
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4084792
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84719}
Keep the ValueSerializer version number the same but add a separate
value type for resizable ArrayBuffers.
Bug: v8:11111
Change-Id: I895e9ffcc63cce2e83a09d4be81312fdcffa67f0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4083067
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84718}
A SharedFunctionInfo might have AsmWasmData instead of BytecodeArray and
it would be considered compiled. Code using GetBytecodeArray should
check specifically for the presence of a bytecode array.
Bug: chromium:1397348
Change-Id: I1e376da8ac59204afdcc012e1cb068766be75eb7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4087502
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#84716}
Adds v8::[Shared]ArrayBuffer::MaxByteLength and
v8::BackingStore::IsResizableByUserJavaScript.
This is needed for embedders who need to check if a buffer is resizable
by user JS, like blink, to check for the [AllowResizable] WebIDL
extended attribute.
Bug: v8:11111
Change-Id: Ie7e03979ef3884123df8a3eeb5c3516c4a6967c2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4082276
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84715}
