Fix Heap-use-after-free READ 2 in Intl.Segmenter
when the segments got free during the iteration
We need to keep a copy of the string in the iterator instead
of depending on the one referenced from the segments.
Bug: chromium:1121156, v8:6891
Change-Id: I26ef5baccaa470dc1bd8cc229c737f556d27160e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2376173
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69575}
This is a partial reland of 7b9a0c20f3
Reason for reland: Reverted since the ScopeInfoData part was causing
issues. Relanding the macro structure, which shouldn't cause issues
and it is needed for other CLs.
Original changes description:
> [compiler] Replace ScopeInfoData with direct reads
>
> As part of this, introduce a new ObjectData kind for objects that we
> want to read directly from the background thread rather than serialize.
> ScopeInfoRef is the first user of that.
>
> For details, see:
> https://docs.google.com/document/d/1U6x6Q2bpylfxS55nxSe17yyBW0bQG-ycoBhVA82VmS0/edit?usp=sharing
>
> Bug: v8:7790
> Change-Id: Ia3cda4f67d3922367afa4a5da2aeaae7160cf1f2
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2346405
> Auto-Submit: Georg Neis <neis@chromium.org>
> Commit-Queue: Georg Neis <neis@chromium.org>
> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
> Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#69473}
Bug: v8:7790
Change-Id: I8d13dc206bb319638e3f7209446c24d06a07c110
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2377690
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69573}
It has several variants that might need to be simplified but this
CL focuses on removing ParameterMode.
Bug: v8:9708, v8:6949
Change-Id: I1c300b7abe0b698a9f3d063e0af1ed931dbf4af2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2376820
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69572}
The {priority_} field is being updated in {DefaultJobState::Join}, under
{mutex_}. In other places though, it is read unprotected (without
holding the mutex), leading to data races.
This CL fixes that by reading the field while holding the mutex and
using the read priority after releasing the mutex.
Note that the {priority_} field is documented to be protected by
{mutex_}, so the unprotected read was a bug.
R=ulan@chromium.orgCC=etiennep@chromium.org
Bug: v8:10822
Change-Id: I80079f3cb6689e26116ffeb33755c6938c4a2cf1
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_isolates_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2377685
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69571}
The fuzzers were calling the compiled function without passing explicit
arguments. Thus all arguments were converted from the "undefined" value,
which typically results in a zero value, as expected.
For BigInt though, it's not allowed to pass "undefined". We have to pass
a proper BigInt.
This CL implements this by passing explicit parameter values for all
parameters.
This effectively unlocks testing BigInt parameters in all fuzzers, thus
may increase coverage and find new bugs.
R=ahaas@chromium.org
Bug: chromium:1120355
Change-Id: I4e451d2418eb73d460fa937d1cf95a1ab6c99cf5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2377945
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69570}
I forgot to remove them when I removed the old API in
https://chromium-review.googlesource.com/c/v8/v8/+/2369174.
Bug: v8:8116
Change-Id: I74a9670f56d09b7907187d5abcf15d707c8100a6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2377688
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Auto-Submit: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69569}
Partially TNodify the method just to get ParameterMode out of the
way. There is more TNodification needed but method is complicated
and we are now focusing on removing ParameterMode entirely.
Bug: v8:9708, v8:6949
Change-Id: I705c35e9665488a280111683c275b7292bc47576
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2374547
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69568}
This CL unifies both map-processor and ic-processor's map processing
pipeline to the same format. Also, adds the functionality to search
for map transitions on map panel by clicking on map property of the
ic-panel.
Bug: v8:10644
Change-Id: I9f95feebb08620fd489486cf459ebe0babbd32d6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2367865
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Zeynep Cankara <zcankara@google.com>
Cr-Commit-Position: refs/heads/master@{#69567}
When we used the tasks API, we distributed the compilation deadlines
such that different tasks would finish (and publish) at slightly
different times. When moving to the jobs API, this feature was lost, and
all tasks now only publish once all compilation is done. This creates
major contention and synchronization overhead after compilation, which
can take roughly as long as the actual concurrent compilation.
This CL reintroduces a mechanism for ensuring regular publishing. We
choose a limit which is high enough to ensure that we don't publish too
often (because that comes with overhead), but low enough to ensure that
not too many units are published at the end, when all compilation is
done. At that point, there will still be some contention.
Also, choose a slightly different limit per task to ensure proper
distribution of publishing over time (different tasks are likely to
publish at different times).
This removes the last remaining regressions when compiling big modules
via the jobs API. In local measurements, it makes us even faster than
with the tasks API.
R=ahaas@chromium.org
Bug: chromium:1101340, chromium:1113234
Change-Id: I504f32606b8ad31a951449709cf407c471fa9b25
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2375196
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69566}
Decommitting memory ranges is expensive, so try to merge as many of them
as possible before decommitting.
Minor drive-by: Slightly extend a GC tracing message.
R=ahaas@chromium.org
Change-Id: I91e44db1212f0c9b70b8c8fccebe8fd33ff37d9c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2375825
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69564}
This documents the outcome of the discussion with chromium security
guts.
R=ecmziegler@chromium.org
Change-Id: I55835fe5b40e3daf856a8ec1d5ef0d3fed5adb4c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2375386
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Emanuel Ziegler <ecmziegler@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69563}
Some shuffles take have either register or memory operand for second
input, but the codegen incorrectly assumes that it is always a register.
Bug: v8:10824
Change-Id: Ia2df233dad4ed451e52e57e35cce5c80db0905db
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2373586
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69562}
Experiment with enabling FLAG_local_heaps for a few days to see whether
pause times regress and to catch bugs.
Bug: v8:10315
Change-Id: Iefc329bbc1b8131796f1db2a729ee358bef88894
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2375190
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69561}
This is a reland of c2ea20473d
Original change's description:
> [wasm] Move kMaxWasmCodeSpaceSize to wasm directory
>
> This limit is wasm-internal, and does not need to be exposed via
> src/common/globals.h.
> This CL moves it into the {WasmCodeAllocator}.
>
> Drive-by: Minor simplification in jump table stress test.
>
> R=ecmziegler@chromium.org
>
> Change-Id: Iff8c4657697ae98123d840a022c5b21c4948fcdf
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2375189
> Reviewed-by: Emanuel Ziegler <ecmziegler@chromium.org>
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#69558}
Change-Id: I6e0432d14d23978dea599233e620e84d8255caf9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2375388
Reviewed-by: Emanuel Ziegler <ecmziegler@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69560}
This reverts commit c2ea20473d.
Reason for revert: Link failures: https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20-%20cfi/26209
Original change's description:
> [wasm] Move kMaxWasmCodeSpaceSize to wasm directory
>
> This limit is wasm-internal, and does not need to be exposed via
> src/common/globals.h.
> This CL moves it into the {WasmCodeAllocator}.
>
> Drive-by: Minor simplification in jump table stress test.
>
> R=ecmziegler@chromium.org
>
> Change-Id: Iff8c4657697ae98123d840a022c5b21c4948fcdf
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2375189
> Reviewed-by: Emanuel Ziegler <ecmziegler@chromium.org>
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#69558}
TBR=clemensb@chromium.org,ecmziegler@chromium.org
Change-Id: Ic3466eb17f2b3dfa4a0864002b0590fa0f571bb5
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2375387
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69559}
This limit is wasm-internal, and does not need to be exposed via
src/common/globals.h.
This CL moves it into the {WasmCodeAllocator}.
Drive-by: Minor simplification in jump table stress test.
R=ecmziegler@chromium.org
Change-Id: Iff8c4657697ae98123d840a022c5b21c4948fcdf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2375189
Reviewed-by: Emanuel Ziegler <ecmziegler@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69558}
While LocalHeap allow to dereference handles on background threads, this
is only possible when FLAG_local_heaps is enabled.
Bug: v8:10315
Change-Id: Ia27582cda7e4b4faf4d2c76959de418415e1ae68
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2372147
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69557}
This CL is the start to implement reference types support in Liftoff.
As a first step this CL implements the ref.null instruction, and allows
reference types as return values. This allows register allocation to be
extended to support reference types, and also adds an easy way to get a
reference type value for tests. Additionally with ref.null we don't have
to worry about garbage collection because 'null' is an immovable object
and therefore does not have to be scanned by the GC.
R=thibaudm@chromium.org
Bug: v8:7581
Change-Id: I5785dcf522c0d9881e1386f2d8b5d8560a16225c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2352784
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69556}
We already make sure hints are 16K aligned on the Mac. On linux, it's
possible to run with 64K pages enabled so we also need to align the
hint there.
Bug: v8:10808
Change-Id: I4ae7a56828135f6aa2980f164f25e2eb932b3cc0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2369176
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Pierre Langlois <pierre.langlois@arm.com>
Cr-Commit-Position: refs/heads/master@{#69554}
- JobHandle::IsCompleted()
- JobDelegate::GetTaskId()
- worker_count passed as argument to GetMaxConcurrency().
Jobs implementation must call the new GetMaxConcurrency(), but Jobs
users aren't migrated yet.
Bug: chromium:1114823
Change-Id: I0f4295ccaf9eba866dd771f30e2e49aa3eae9551
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2352484
Commit-Queue: Etienne Pierre-Doray <etiennep@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69553}
Also we can do ParameterToIntPtr since this was the last use.
Bug: v8:9708, v8:6949
Change-Id: I61747205d9d747c80bd13cd98bc51d8f97946130
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2374546
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69552}
The cctests need to simulate full pages, however the calculation of the
remainging available space is wrong causing an assertion when we change
the V8 page size to 512K:
$ cctest test-array-buffer-tracker/ArrayBuffer_PagePromotion
#
# Fatal error in ../../test/cctest/heap/heap-utils.cc, line 94
# Check failed: padding_size <= overall_free_memory || overall_free_memory == 0.
The reason is:
- On startup, we register a scavenger observer on the new space. The
observer is set to trigger when the new space capacity is at 80% by
default.
- On linux, the initial capacity of the new space is 512K, so the
scavenger observer will be placed at 80% of 512K, which will either
be in the second page of the space if the page size is 256K, or in
the first page if the page size is 512K.
- When placing the observer, if the observer hits the first page, we
lower the allocation limit (see `ComputeLimit()`). This makes sure
the observer isn't skipped by allocations inlined in generated code.
However, when we simulate filling the current page, we compute the space
left in the current page by comparing the top with the `page_high()`
rather than `limit()`. This was done so the tests would also work when
inlined allocations are disabled. If we don't look at the `limit()`, we
don't take the observer into account and fill more space than is
available, triggering the assertion.
This can also be reproduced by reducing the % at which the scavenger is
triggered so that it hits the first page instead of the second when the
page size is 256K, for example passing --scavenge-task-trigger=10.
Bug v8:10808, v8:9906
Change-Id: Iad50bb68995de5ee017dcbe069d1fb229c9f5985
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2372545
Commit-Queue: Pierre Langlois <pierre.langlois@arm.com>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69550}
With WebAssembly streaming compilation it is possible that FinishStream
indirectly calls AbortStream. This had the effect that while
FinishStream fulfilled the promise, AbortStream disposed the promise
by removing the compile job from the wasm engine and thereby deallocated
AsyncCompileJob and all the state that belongs to it. Without that
state, FinishStream could not finish fulfilling the promise correctly.
With this CL the streaming decoder remembers that the stream has
already been finished. When the stream has been finished, all calls to
Abort get ignored.
The regression test for this issue requires the Chrome embedding, see
https://crrev.com/c/2368359R=clemensb@chromium.org
Bug: chromium:1117258
Change-Id: Ifc28a1ee38c228b051c4d7d85b305fe2a721fa1f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2367858
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69549}
This bumps the engine-wide limit for generated machine code from 1GB to
2GB. This will allow compiling (and debugging) bigger modules, as they
occur particularly in the debugging use case because the module will be
unoptimized then.
The limit per allocated code space is left at 1024MB (1GB), so a module
will need to allocate two separate code spaces to make use of the full
2GB code space.
R=ecmziegler@chromium.org
Bug: chromium:1117033, chromium:1114093, chromium:1107649, chromium:1111266
Change-Id: Iab95b3130cbacc21ba078bf0d4ee2d6cd121d675
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2372604
Reviewed-by: Emanuel Ziegler <ecmziegler@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69548}
This reverts commit f16d3abf06.
Reason for revert: register_count() is read from the heap on the
background thread. This is only safe when FLAG_local_heaps is enabled
(set to true) but this isn't the case on tip-of-tree.
Original change's description:
> [compiler] Access the heap for BytecodeArray int/Register members
>
> We can create a new macro to skip the xxxData classes and read directly
> from the heap.
>
> Bug: v8:7790
> Change-Id: I8de9ba0aee78c74d4c3113eb6bc4870a314de552
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2362687
> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#69471}
TBR=neis@chromium.org,solanes@chromium.org
Bug: v8:7790
Change-Id: I35bdd44721ce1e9d2f46df7cf5d1f413e22d9acf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2372602
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69547}
This is a reland of 8358094d81
Original change's description:
> [atomics] Missing detach check in Atomics.store on MIPS
>
> There was a missing detach check in the runtime implementation of
> Atomics.store on BigInt TypedArrays. This runtime function is only used
> on MIPS.
>
> Bug: v8:10687
> Change-Id: I77946d2ab0abf70c583af514ddaba0d384a21309
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2369663
> Auto-Submit: Shu-yu Guo <syg@chromium.org>
> Commit-Queue: Ben Smith <binji@chromium.org>
> Reviewed-by: Ben Smith <binji@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#69525}
Bug: v8:10687
Change-Id: If75e2100712786fc9b39782e24b1457031060169
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2369974
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Ben Smith <binji@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69543}
Also remove ParameterMode since it is not needed.
Bug: v8:9708, v8:6949
Change-Id: If82cd5ffb89502e3feed7f5af613182df668080e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2370639
Reviewed-by: Dan Elphick <delphick@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69541}
Also remove unused macros from the list.
Bug: v8:9708, v8:6949
Change-Id: Ib90ce7c2c4996b3f8892106a89884d7e83610ca6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2370637
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69540}
This CL highlights the items with clickable functionality.
It is implemented based on the received feedback from the
V8 Mobile Team.
Bug: v8:10644
Change-Id: I0489327681d485eedde59594d36083efdc216575
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2370626
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Zeynep Cankara <zcankara@google.com>
Cr-Commit-Position: refs/heads/master@{#69537}
This cleanup CL adds a timeline property to ic-panel and directly
assigns the logEvents to selectedLogEvents upon data load.
Bug: v8:10644
Change-Id: Ic1707ea237abbf57417c0b14e24fc0bf797d9679
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2370627
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Zeynep Cankara <zcankara@google.com>
Cr-Commit-Position: refs/heads/master@{#69535}
Marking on allocation assumes a non-empty stack. Thus marking on
allocation will not finalize even if it runs out of work (we prefer
to finalize in a non-nestable task with no stack).
Instead it will schedule another marking task and delegates
finalization to the next marking task.
Bug: chromium:1056170
Change-Id: I457090fe0a235707bb9973e330ff24fb25ac66c0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2366764
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69534}
Prior to this CL, one had to artificially insert a
basic-block-terminating node after Unreachable. The common pattern was
Unreachable();
Goto(&some_label); // Never reached but generates useless code.
This CL improves usability by automatically merging Unreachable nodes
to the end node, and terminating current effect/control. The updated
pattern is just
Unreachable();
or in cases where Turboprop must maintain a schedule:
Unreachable(&some_label);
Bug: v8:8888
Change-Id: I26a0b11b5e67252a6dc3584ae09ed06370f1eacc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2362690
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69531}
Starboard is the platform abstraction for Cobalt.
This CL introduces all Cobalt changes in src/base/platform.
The review was conducted mostly on:
https://chromium-review.googlesource.com/c/v8/v8/+/2247918
See b/156155426 for background
Tbr: mlippautz@chromium.org
Change-Id: I6cd092304ba6485acd38e82aa2dc4505d7dfb0aa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2346090
Commit-Queue: John Xu <johnx@google.com>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69530}
Rolling v8/build: d2b7ca1..134058c
Rolling v8/buildtools: b00ad0a..ff93f3e
Rolling v8/buildtools/linux64: git_revision:e327ffdc503815916db2543ec000226a8df45163..git_revision:6f13aaac55a977e1948910942675c69f2b4f7a94
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/7f34313..e6244cc
Rolling v8/third_party/depot_tools: 87a7605..4909610
Rolling v8/tools/clang: a4bb1c6..9784c4fTBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com
Change-Id: I5979068c4c7066b845adc8576281de66a36fdc6d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2370070
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#69527}
This reverts commit 8358094d81.
Reason for revert: Closed the tree on arm pointer compression:
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20-%20arm64%20-%20sim%20-%20pointer%20compression/6256?
Original change's description:
> [atomics] Missing detach check in Atomics.store on MIPS
>
> There was a missing detach check in the runtime implementation of
> Atomics.store on BigInt TypedArrays. This runtime function is only used
> on MIPS.
>
> Bug: v8:10687
> Change-Id: I77946d2ab0abf70c583af514ddaba0d384a21309
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2369663
> Auto-Submit: Shu-yu Guo <syg@chromium.org>
> Commit-Queue: Ben Smith <binji@chromium.org>
> Reviewed-by: Ben Smith <binji@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#69525}
TBR=binji@chromium.org,syg@chromium.org
Change-Id: I955cdbf5d83674b8acb5b67bbe8754f3d39261aa
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10687
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2369973
Reviewed-by: Francis McCabe <fgm@chromium.org>
Commit-Queue: Francis McCabe <fgm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69526}