There currently is no way to enforce explicit bounds checks if the
embedder installed the signal handler for wasm trap handling (queried
via {trap_handler::IsTrapHandlerEnabled()}).
This CL adds a respective flag and makes all compilation emit explicit
bounds checks if it is disabled.
R=ahaas@chromium.org
Bug: v8:11926
Change-Id: Ie19faab1766d3105f3c22cb4470c0f15398f1d09
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2989129
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75453}
https://crrev.com/c/2972915 previously added more gitignore files to the
repository. This left the repo dirty after running mjsunit tests due to
lingering .log files.
- Add test/mjsunit/tools/tmp dir to keep and ignore temporary log files
without the need for a platform specific tmp dir
- Use temporary logfiles with --logfile=+ for log-ci.js tests
Change-Id: I1b1a47f45603d6c3027c6ca7050c78e8df0664ce
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2992720
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75451}
This is a reland of edab873071
It was speculatively reverted but the issue turned out to just be slow
tests.
Original change's description:
> Fix -Wimplicit-int-float-conversions.
>
> Bug: chromium:989932
> Change-Id: Ief917b023cb079f5ff87dc8963d74f225d074d7a
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2989096
> Reviewed-by: Bill Budge <bbudge@chromium.org>
> Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
> Auto-Submit: Peter Kasting <pkasting@chromium.org>
> Commit-Queue: Peter Kasting <pkasting@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75413}
Bug: chromium:989932
Change-Id: Iec8ac8ee32705c6a699a2df2f292ffe07cde99f7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2994802
Reviewed-by: Bill Budge <bbudge@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75443}
Several headers in the large inline objects header cycle were depending
on deserializer.h to access Deserializer::uninitialized_field_value().
Unfortunately this meant that a change to many snapshot headers caused a
rebuild of over 1480 files.
This moves the constant into smi.h which would always be included by the
objects inline headers.
Bug: v8:11879
Change-Id: I2efd1c42efd43e6cd4630cea7fd76dd2bd29ae3d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2992717
Commit-Queue: Dan Elphick <delphick@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75439}
WasmValueObjects used to not have a constructor defined. That prevents
custom devtoolsFormatters from being applied to such objects.
Change-Id: Id775cdb710d0c4106f70858cc1fc92b1f8bd4590
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2991243
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Philip Pfaffe <pfaffe@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75438}
This CL skips some recently added tests that do not work for TPH at the moment,
including:
* One uses --concurrent_inlining
* One Requires local heaps
* 7 tests that create multiple isplates
* 3 LogMaps* tests that is expected to fail due to map address reuse
This CL also set v8_enable_allocation_folding = true for TPH.
Bug: v8:11641
Change-Id: I5db32f5f9e730dc4e12e4869ec78210bde23ca0d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2994219
Commit-Queue: Wenyu Zhao <wenyu.zhao@anu.edu.au>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Auto-Submit: Wenyu Zhao <wenyu.zhao@anu.edu.au>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75432}
This is a reland of 8f17052ce0
Changes can be seen in PS1..4 (re-marked kraken/audio-beat-detection)
Original change's description:
> [test] Unmark TSAN tests as SLOW/SKIP
>
> We allowed more time for tsan testing [1] so unmarking some tests.
>
> [1]: https://chromium-review.googlesource.com/c/v8/v8/+/2979671
>
> Bug: v8:7790, v8:11600, v8:11906
> Change-Id: I026a32abe0380c2d32327aaa8b301ef51f22a5e2
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979602
> Reviewed-by: Mythri Alle <mythria@chromium.org>
> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75357}
Bug: v8:7790, v8:11600, v8:11906
Change-Id: Ie5b8886820d8e7d18c8ceee612a5c4d9ef72bc49
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2983536
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75408}
Newly added test under https://crrev.com/c/2987824 needs
to be skipped on unsupported platforms.
Change-Id: Ib5d222c09726cd63328ea894c3e6ea7e1e1bd3e5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2988361
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/master@{#75390}
The cached memory start was not preserved across stack checks in debug
code. This only manifests if the stack check is actually executed, hence
it's tricky to reproduce.
R=ahaas@chromium.org
Bug: chromium:1222648
Change-Id: I8d678305022e3521bd457ad49ebed30d81b05231
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2987824
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75388}
We would be allowing or disallowing using the local heap rather than
that scope. There's one case that remains in common-operator-reducer.cc.
Bug: v8:7790
Change-Id: Ice0b407aa37b3aa349fc68f4a7c2644156097e3e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2983206
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75379}
These indicate when a range-based for loop is using an index whose type
(value, pointer, or reference) doesn't match what the loop actually
extracts from the range. Fix by matching the actual type better.
This shouldn't cause any behavior/performance change, just be slightly
clearer about what's actually happening when reading the code.
Bug: chromium:1223264
Change-Id: Ib8773fbbeb038609c54a52c7cd6ce5bd11fd99ba
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2983710
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Peter Kasting <pkasting@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75373}
This is a reland of 9701d4a420
with a small fix for some code landed in between the dry-run and
submission.
Original change's description:
> [base] Move most of src/numbers into base
>
> Moves all but conversions.*, hash-seed-inl.h and math-random.* into
> base, in preparation for moving the parts of conversions that don't
> access HeapObjects.
>
> Also moves uc16 and uc32 out of commons/globals.h into base/strings.h.
>
> Bug: v8:11917
> Change-Id: Ife359148bb0961a63833aff40d26331454b6afb6
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979595
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Auto-Submit: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75354}
Bug: v8:11917
Change-Id: Ie1ec9032fe56646a7c7303185cecc70fce5694ae
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2982607
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75368}
This reverts commit 9701d4a420.
Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Mac64/40802/overview
Original change's description:
> [base] Move most of src/numbers into base
>
> Moves all but conversions.*, hash-seed-inl.h and math-random.* into
> base, in preparation for moving the parts of conversions that don't
> access HeapObjects.
>
> Also moves uc16 and uc32 out of commons/globals.h into base/strings.h.
>
> Bug: v8:11917
> Change-Id: Ife359148bb0961a63833aff40d26331454b6afb6
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979595
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
> Auto-Submit: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75354}
Bug: v8:11917
Change-Id: Iacf796c95256016fa74f0a910c5bb1a86baa425a
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2982605
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75356}
Because of catch-less try blocks, we have to check the exception stack
one more time so that we don't try to rethrow to an outer try scope if
this is already the outermost one.
R=clemensb@chromium.org
Bug: chromium:1219746
Change-Id: I6ad7e4afec669f04bc10197998db5d6eb38a2205
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2983205
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75355}
Moves all but conversions.*, hash-seed-inl.h and math-random.* into
base, in preparation for moving the parts of conversions that don't
access HeapObjects.
Also moves uc16 and uc32 out of commons/globals.h into base/strings.h.
Bug: v8:11917
Change-Id: Ife359148bb0961a63833aff40d26331454b6afb6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979595
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Auto-Submit: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75354}
Adds support for Turboprop, limiting the amount of bytecode that
can be inlined into a function compared with TurboFan using a
scaling factor, currently set to 1/4.
To enable inlining, we make sure to only emit the tierup check
for the main (non-inlined) function and skip it for any inlined
functions.
BUG=v8:9684
Change-Id: I1399e2b275f797a5d3fd49c89f23296f75439eee
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2982337
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75352}
https://github.com/tc39/ecma262/pull/1490 changed the spec so that the
"name" property of a class should be installed after "length" but before
"prototype". This CL adapts accordingly.
After this change, there is now no need for the separate code path to
set the "name" accessor at runtime. Delete the relevant runtime code as
well.
Bug: v8:8771
Change-Id: I8f809b45bf209c899cf5df76d0ebf6d9a45a6d4e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2974772
Commit-Queue: Timothy Gu <timothygu@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75340}
Instrument floating-point operations to set a flag if the result is NaN.
Does not handle f32x4 and f64x2 results yet.
R=clemensb@chromium.org
Bug: v8:11856
Change-Id: I1c3603e2c0c92e71bea8418e85852c01904379af
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2979600
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75335}
This CL adds support in TurboFan for passing JSArrays as arguments to
fast API callbacks. It also extends the v8::Array class with a
CopyAndConvertArrayToCppBuffer method to allow the embedder to perform
quick conversions of their JSArrays to a C++ buffer. The CL also adds
tests in d8. Design doc:
https://docs.google.com/document/d/1BNKKZNgrGYafx8kqSfNEQqQYY5n4A6mGufss_Vz-h-4/edit#heading=h.c0kgf82jnlpp
Bug: chromium:1052746, chromium:715122
Change-Id: If47ac60d9ebe6462bbf3adff002e2da8e14e8fc8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2940900
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75333}
... which didn't properly handle non-Smi integer indices with
JSTypedArray receivers.
The addition of new JSReceiver::OrdinaryDefineOwnProperty() overload
with LookupIterator::Key caused circular dependency between lookup.h
and js-objects.h, so the LookupIterator::Key was moved out of the
LookupIterator class in order to make it forward-declarable.
Bug: chromium:1209405
Change-Id: I265f0c00f65ab6476c8f1d0ca1264f555d43465f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2972727
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75326}
The change is made since for switch statements with lots of cases,
where each case is a constant integer, the emitted bytecode is still
a series of jumps, when we can instead use a jump table.
If there are 6 or more cases (similar to GCC) of Smi literals, and
if the max Smi case minus the min Smi case is not more than 3 times
the number of cases, we use a jump table up front to handle Smi's,
and then use traditional if-else logic for the rest of the cases.
We then use the jump table in interpreter/bytecode-jump-table to
do the optimization.
This tries to go off issue 9738 in v8's issue tracker. It is not
exactly the same, since that recommends doing the work at JIT-time,
but has similar ideas. It also partially goes off issue 10764.
Bug: v8:9738
Change-Id: Ic805682ee3abf9ce464bb733b427fa0c83a6e10c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2904926
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75323}
Code such as
var a;
(a) = function() {};
should not lead to a.name being set to "a".
This fixes the last of the anonymous function naming bugs.
Bug: v8:4709
Change-Id: I70c2fcbcec1a57752fd58038262d02aefe26e28a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2970705
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75321}
This is a reland of 3296de2f65
It includes pthier@'s fix of overzealous OSR
Original change's description:
> [sparkplug] Trigger compilation when a FBV exists
>
> We were gating baseline compilation on FBV allocation, but in some
> cases, the feedback vector may be allocated eagerly (notably, if we are
> logging function events). Instead, unconditionally try baseline
> compilation after ensuring the feedback vector exists.
>
> Bug: v8:11420
> Change-Id: I1264a1d541a74d4eccb5caf65c360ac23836a1a8
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2953161
> Auto-Submit: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Patrick Thier <pthier@chromium.org>
> Reviewed-by: Patrick Thier <pthier@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75242}
Bug: v8:11420
Change-Id: Ia6864856926d6760bbe6c89ee010fa62cf23b6ca
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2976660
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Patrick Thier <pthier@chromium.org>
Reviewed-by: Patrick Thier <pthier@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75319}
To enable experimentation with inlining, temporarily disable dynamic
map checks which currently don't support inlining.
BUG=v8:9684
Change-Id: Iba674550213b393ab150ba241a2dad4ca8fdfd85
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2978257
Commit-Queue: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75311}
The Burnikel-Ziegler division algorithm is used for divisors
with 57 or more internal digits. It has better asymptotic
complexity than "schoolbook" division because it can make use
of fast multiplication under the hood.
Bug: v8:11515
Change-Id: Ib5d573a0afa560d42972c4ae06aff810a8b9cadb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2960221
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75310}
Moves VSNPrintf, SNPrintf and StrNCpy out of utils/utils.h into
base/strings.h.
Bug: v8:11879
Change-Id: I0e165cb27c42f89c9acd1c6378514b40a90cd18d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2972732
Auto-Submit: Dan Elphick <delphick@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75308}
This partially reverts https://crrev.com/c/2649032
The previous CL was a bit too aggressive in replaceing movl with Move
which does sign extension for int32.
We can only safely replace movl if the input is in the [0, 2**31] range.
Bug: chromium:1220855
Change-Id: I6c29db1acd7de6b03ffaf802a868b6a531252bc0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2975860
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75304}
It was not in sync with the optimization, which relies on
inspecting up the length and name fields even for bound
functions.
To make a now meaningful serializer test actually pass, I have
to to make some changes to the test setup.
I'm also moving the function name and length index constants
from JSFunction to JSFunctionOrBoundFunction for clarity.
TBR=marja@chromium.org
Bug: v8:7790
Change-Id: I36dd3c80996ccb53810c7ea9bfceb5c84ffd60ab
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2972919
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75299}
StringBuilder and its base class SimpleStringBuilder aren't very safe
and are a potential source of memory leaks or double-frees.
This removes the StringBuilder class and converts all of its usages to
use the standard library.
(As a drive-by, this converts std::ostream* to std::ostream& which is
more idiomatic C++).
Bug: v8:11917
Change-Id: I0eaf9d60cf49836e65bb28f0e114b33ef8103a61
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2978252
Auto-Submit: Dan Elphick <delphick@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75298}
We can get rid of this by deferring adding a new global to the module's
globals, and using the current size of globals to determine allowed
global indices.
Bug: v8:11895
Change-Id: Ide80eab2de4abdbab96a7298acf3665599c394ff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2972908
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75295}
Various field dependencies assume that the receiver map and the field
owner map agree on field meta data. That's not necessarily true when
the receiver map is already deprecated. We should skip over deprecated
maps.
- Fix a bug in SerializerForBackgroundCompilation. It used to process
even deprecated maps.
- Fix a bug in FilterRelevantReceiverMaps. It used to store the original
map rather than the new version.
- Turn some compilation dependency DCHECKs into CHECKs.
- CHECK in MapRef::FindFieldOwner that the map is not deprecated. While
there might be valid use cases for calling the underlying
Map::FindFieldOwner on a deprecated map, we never want to do that in
the compiler.
Note that we skip any deprecated maps in JSNativeContextSpecialization's
ReduceNamedAccess. That's why I believe the issue could only be observed
with --concurrent-inlining and only in the form of a failing DCHECK.
Bug: chromium:1221812, v8:7790
Change-Id: I998b4ce1954be01eb6e0feb491ccc6b8306c685f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2976655
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75294}
- Add an expected type argument in DecodeWasmInitExprForTesting. This
eliminates the need to check for kWasmVoid in consume_init_expr.
- Invoke StartDecoding() to initialize module in
DecodeWasmInitExprForTesting.
- Pass the current module to DecodeInitExprForTesting.
- Adjust tests.
Bug: v8:11895
Change-Id: I13b71b68a2011bf08742701cb9dd986afd6e55f8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2972907
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75292}
This reverts commit 3296de2f65.
Reason for revert: Blocks the roll - https://chromium-review.googlesource.com/c/chromium/src/+/2970676
Original change's description:
> [sparkplug] Trigger compilation when a FBV exists
>
> We were gating baseline compilation on FBV allocation, but in some
> cases, the feedback vector may be allocated eagerly (notably, if we are
> logging function events). Instead, unconditionally try baseline
> compilation after ensuring the feedback vector exists.
>
> Bug: v8:11420
> Change-Id: I1264a1d541a74d4eccb5caf65c360ac23836a1a8
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2953161
> Auto-Submit: Leszek Swirski <leszeks@chromium.org>
> Commit-Queue: Patrick Thier <pthier@chromium.org>
> Reviewed-by: Patrick Thier <pthier@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#75242}
Bug: v8:11420
Change-Id: Ia9524e3a57eda7ec069f29652acc7593bf680509
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2976654
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75287}
