| Age | Commit message (Collapse) | Author |
|---|
|
Refs: https://github.com/v8/v8/compare/7.9.317.20...7.9.317.23
PR-URL: https://github.com/nodejs/node/pull/30560
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
|
|
Original commit message:
[objects] Move functions to inline headers
This moves a series of functions from dictionary.h and hash-table.h
to resp. dictionary-inl.h and hash-table-inl.h.
The functions that were moved all somehow use other functions that
are defined in -inl.h files.
This change fixes the Node.js Windows builds.
Change-Id: I0bbf0222beb3619a5e6f1fb451bc78691025de65
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1893346
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Michaël Zasso <mic.besace@gmail.com>
Cr-Commit-Position: refs/heads/master@{#64709}
Refs: https://github.com/v8/v8/commit/5e755c6ee6d3ab81b2f6daf2f0b04418f91fed9b
PR-URL: https://github.com/nodejs/node/pull/30020
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
|
|
Original commit message:
Make SetSyntheticModuleExport throw instead of crash for nonexistent export name
Per spec, Module::SetSyntheticModuleExport should throw a ReferenceError
when called with an export name that was not supplied when constructing
that SyntheticModule. Instead, the current implementation crashes with
a failed CHECK().
Add a new Module::SyntheticModuleSetExport that throws (without an ensuing
crash) for this case, and deprecate the old
Module::SetSyntheticModuleExport.
Bug: v8:9828
Change-Id: I3b3d353064c3851882781818099bd8f6ee74c809
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1860996
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Dan Clark <daniec@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#64438}
Refs: https://github.com/v8/v8/commit/777fa98cc47ac32f0fde3d9aafd830949deb5d23
PR-URL: https://github.com/nodejs/node/pull/30020
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
|
|
Original commit message:
[objects] Add missing include of isolate-utils.h
On Windows with MSVC, compilation fails because it cannot find
the GetIsolateForPtrCompr identifier.
Change-Id: Ib03f5c5ef34e409242bbbe93ec83b7734012feb2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1878712
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64551}
Refs: https://github.com/v8/v8/commit/7228ef8040785d3237867558b8444422b306c3ce
PR-URL: https://github.com/nodejs/node/pull/30020
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
|
|
Original commit message:
[api] Add possibility for BackingStore to keep Allocator alive
Add an `array_buffer_allocator_shared` field to the
`Isolate::CreateParams` struct that allows embedders to share
ownership of the ArrayBuffer::Allocator with V8, and which in
particular means that when this method is used that the
BackingStore deleter will not perform an use-after-free access to the
Allocator under certain circumstances.
For Background:
tl;dr: This is necessary for Node.js to perform the transition to
V8 7.9, because of the way that ArrayBuffer::Allocators and their
lifetimes currently work there.
In Node.js, each Worker thread has its own ArrayBuffer::Allocator.
Changing that would currently be impractical, as each allocator
depends on per-Isolate state. However, now that backing stores
are managed globally and keep a pointer to the original
ArrayBuffer::Allocator, this means that when transferring an
ArrayBuffer (e.g. from one Worker to another through postMessage()),
the original Allocator has to be kept alive until the ArrayBuffer
no longer exists in the receiving Isolate (or until that Isolate
is disposed). See [1] for an example Node.js test that fails with
V8 7.9.
This problem also existed for SharedArrayBuffers, where Node.js
was broken by V8 earlier for the same reasons (see [2] for the bug
report on that and [3] for the resolution in Node.js).
For SharedArrayBuffers, we already had extensive tracking logic,
so adding a shared_ptr to keep alive the ArrayBuffer::Allocator
was not a significant amount of work. However, the mechanism for
transferring non-shared ArrayBuffers is quite different, and
it seems both easier for us and better for V8 from an API standpoint
to keep the Allocator alive from where it is being referenced.
By sharing memory with the custom deleter function/data pair,
this comes at no memory overhead.
[1]: https://github.com/nodejs/node/pull/30044
[2]: https://github.com/nodejs/node-v8/issues/115
[3]: https://github.com/nodejs/node/pull/29637
Bug: v8:9380
Change-Id: Ibc2c4fb6341b53653cbd637bd8cb3d4ac43809c7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1874347
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64542}
Refs: https://github.com/v8/v8/commit/6b0a9535e6983a626420d864b45582167cd61540
PR-URL: https://github.com/nodejs/node/pull/30020
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
|
|
Original commit message:
[api] Add API functions for constructing standalone BackingStores
These are useful for the cases when an embedder works with backing
stores without creating JS ArrayBuffer objects.
Bug: v8:9380
Change-Id: I452bd911e7b20fb38568f18f9d15ea1a7ffb5a57
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1825339
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64460}
Refs: https://github.com/v8/v8/commit/bba5f1f43d59cf06e6043eb94d689021cc94a4e2
PR-URL: https://github.com/nodejs/node/pull/30020
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/30020
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
|
|
Original commit message:
Make SetSyntheticModuleExport throw instead of crash for nonexistent export name
Per spec, Module::SetSyntheticModuleExport should throw a ReferenceError
when called with an export name that was not supplied when constructing
that SyntheticModule. Instead, the current implementation crashes with
a failed CHECK().
Add a new Module::SyntheticModuleSetExport that throws (without an ensuing
crash) for this case, and deprecate the old
Module::SetSyntheticModuleExport.
Bug: v8:9828
Change-Id: I3b3d353064c3851882781818099bd8f6ee74c809
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1860996
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Dan Clark <daniec@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#64438}
Refs: https://github.com/v8/v8/commit/777fa98cc47ac32f0fde3d9aafd830949deb5d23
PR-URL: https://github.com/nodejs/node/pull/30062
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
|
|
Refs: https://github.com/v8/v8/compare/7.8.279.12...7.8.279.14
PR-URL: https://github.com/nodejs/node/pull/29694
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/27375
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/29694
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/27375
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/28918
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
|
|
Original commit message:
GCC: explicitely instantiate JSObject::ApplyAttributesToDictionary for NumberDictionary
elements.cc invokes ApplyAttributesToDictionary using NumberDictionary as its template
parameter. But the declaration of the template method is in js-object.cc, so nobody
can actually compile the version for number dictionary. This is fixed requesting
explicit instantiation for NumberDictionary.
This was breaking GCC build.
Bug: chromium:819294
Change-Id: I685ddc5b97e129d1a534dbdb04025c0932bc5ecd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1649565
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: José Dapena Paz <jose.dapena@lge.com>
Cr-Commit-Position: refs/heads/master@{#62097}
Refs: https://github.com/v8/v8/commit/3b8c624bda58d05aea80dd9626cd550537d6ac3f
PR-URL: https://github.com/nodejs/node/pull/28016
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Refael Ackermann (רפאל פלחי) <refack@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/27375
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/28016
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Refael Ackermann (רפאל פלחי) <refack@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/27375
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
|
|
Fails to link for missing:
void JSObject::ApplyAttributesToDictionary<NumberDictionary>(...)
PR-URL: https://github.com/nodejs/node/pull/27375
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/27375
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
|
|
Refs: https://github.com/v8/v8/compare/7.4.288.21...7.4.288.27
PR-URL: https://github.com/nodejs/node/pull/27615
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
|
|
Original commit message:
[ptr-compr][ubsan] Use [Read/Write]UnalignedValue for unaligned fields
When pointer compression is enabled the [u]intptr_t and double fields are
only kTaggedSize aligned so in order to avoid undefined behavior in C++ code
we have to access these values in an unaligned pointer friendly way although
both x64 and arm64 architectures (where pointer compression is supported)
allow unaligned access.
These changes will be removed once v8:8875 is fixed and all the
kSystemPointerSize fields are properly aligned.
Bug: v8:7703
Change-Id: I4df477cbdeab806303bb4f675d52b61c06342c8e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1528996
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60321}
Refs: https://github.com/v8/v8/commit/0188634ee523aef39ba71732b1ab9d422f449825
PR-URL: https://github.com/nodejs/node/pull/27013
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
|
|
Cherry-pick ad49f12.
Original commit message:
[cleanup] Move Compressed[XXX]Slot definitions to separate header
... and fix header includes to please the respective bot.
Drive-by-fix: decompression implementation is now MSVC friendly.
Bug: v8:7703, v8:8834
Change-Id: Iaf589138e5bafb32b0d9feab5cf074b71f241a3c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1505579
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60074}
Refs: https://github.com/v8/v8/commit/ad49f12908644fa1dc7e5aa28839a85872084f8c
Cherry-pick 14f07a8.
Original commit message:
[ptr-compr] Define kTaggedPayloadOffset correctly on Big Endian
smi size is sill 8 bytes when V8_COMPRESS_POINTERS is undefined.
Bug: v8:7703
Change-Id: I0d1e757e42e8b1e6b10960420135245e24553175
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1508572
Commit-Queue: Junliang Yan <jyan@ca.ibm.com>
Auto-Submit: Junliang Yan <jyan@ca.ibm.com>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60097}
Refs: https://github.com/v8/v8/commit/14f07a8b30dd28bd6508924fae01e0c2d1892aad
Cherry-pick 676014b.
Original commit message:
[ptr-compr] Fix MSVC build
... which complained about truncating uintptr_t constant to uint32_t.
Bug: v8:7703
Change-Id: I6fae2bf1e5de79e6131479b84a8d8aa5b9de909f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1508672
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60100}
Refs: https://github.com/v8/v8/commit/676014b36ffb28f9d25e5d232547deb5735baa44
Cherry-pick 4e6a1a7.
Original commit message:
[heap] Clean-up some weak map entries in scavenger
This change enables clean-up of weak map entries in the
scavenger of the weak map is in the young generation.
With this change, the scavenger treats keys in ephemerons as
weak instead of strong, but does not implement full ephemeron
semantics: Values are treated always as strong, independently
of whether the key is live or not.
This approach ensures that no value is cleaned up accidentally.
After scavenging, all entries with dead keys are removed from
weak maps. After that, some values that are not referenced anywhere
anymore might still be in the heap, and those can be cleaned up
in the next scavenge.
What the scavenger does, amounts to one iteration of the
fixed-point algorithm required to implement ephemeron semantics.
We hope that this is a reasonable trade-off between time spent
tracing and cleaned-up entries.
This change does not affect weak maps that reside in old space.
Bug: v8:8557
Change-Id: Ic5618b3b863ad8c314c87449571150e756fecbf0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1467182
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60101}
Refs: https://github.com/v8/v8/commit/4e6a1a75cd75916b45956071e581df6121bceaa8
Cherry-pick afbfd75.
Original commit message:
[ptr-compr] Fix ptr-compr broken by 4e6a1a75
(https://chromium-review.googlesource.com/c/v8/v8/+/1467182)
Bug: v8:7703
Change-Id: Ia6b74b985735af67bde56b30e4a709247eb591be
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1508674
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60102}
Refs: https://github.com/v8/v8/commit/afbfd7563d88b90b095b454344f91de6138cbbf3
Cherry-pick f792eb8.
Original commit message:
[ptr-compr][arm64] Update pointer compression arm64's implementation
Since kTaggedSize got shrinked and we are actually compressing
the pointers (as oppposed to zeroing their upper bits),
we need to update the arm64 codebase to accommodate this change.
Cq-Include-Trybots: luci.v8.try:v8_linux64_arm64_pointer_compression_rel_ng
Bug: v8:7703
Change-Id: I890f3ab8c046f47232e80f85830f9ae8f4dbced4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1499498
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60172}
Refs: https://github.com/v8/v8/commit/f792eb83a6501d44d4ef51b11894ce2ba9dc8f91
PR-URL: https://github.com/nodejs/node/pull/26685
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
|
|
Original commit message:
[ubsan] Fix various ClusterFuzz-found issues
Fixing a few float and int overflows.
Drive-by fix: with --experimental-wasm-bigint, Number values
may not be used to initialize i64-typed globals. The existing
code for doing that relied on UB; since it's a spec violation
the fix is to throw instead.
No regression test for 933103 because it will OOM anyway.
No regression test for 932896 because it would be extremely slow.
Bug: chromium:927894, chromium:927996, chromium:930086, chromium:932679, chromium:932896, chromium:933103, chromium:933134
Change-Id: Iae1c1ff1038af4512a52d3e56b8c4b75f2233314
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1495911
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60075}
Refs: https://github.com/v8/v8/commit/91f0cd00820a6e8d4567c1ce3a51d48a28165ab5
PR-URL: https://github.com/nodejs/node/pull/26685
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
|
|
Original commit message:
[ptr-compr][x64] Define kTaggedSize as kInt32Size
... when pointer compression is enabled and some number of cleanups.
Bug: v8:7703
Change-Id: If7344abf68a1c4d54e4a79d066dc185f25055d7d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1477737
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60056}
Refs: https://github.com/v8/v8/commit/392316ddd11104ad759131732dfe0805f3972ab2
PR-URL: https://github.com/nodejs/node/pull/26685
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/26685
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/25852
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
|
|
Original commit message 9365d09:
[coverage] Rework continuation counter handling
This changes a few bits about how continuation counters are handled.
It introduces a new mechanism that allows removal of a continuation
range after it has been created. If coverage is enabled, we run a first
post-processing pass on the AST immediately after parsing, which
removes problematic continuation ranges in two situations:
1. nested continuation counters - only the outermost stays alive.
2. trailing continuation counters within a block-like structure are
removed if the containing structure itself has a continuation.
R=bmeurer@chromium.org, jgruber@chromium.org, yangguo@chromium.org
Bug: v8:8381, v8:8539
Change-Id: I6bcaea5060d8c481d7bae099f6db9f993cc30ee3
Reviewed-on: https://chromium-review.googlesource.com/c/1339119
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58443}
Refs: v8/v8@9365d09
Original commit message aac2f8c:
[coverage] Filter out singleton ranges that alias full ranges
Block coverage is based on a system of ranges that can either have
both a start and end position, or only a start position (so-called
singleton ranges). When formatting coverage information, singletons
are expanded until the end of the immediate full parent range. E.g.
in:
{0, 10} // Full range.
{5, -1} // Singleton range.
the singleton range is expanded to {5, 10}.
Singletons are produced mostly for continuation counters that track
whether we execute past a specific language construct.
Unfortunately, continuation counters can turn up in spots that confuse
our post-processing. For example:
if (true) { ... block1 ... } else { ... block2 ... }
If block1 produces a continuation counter, it could end up with the
same start position as the else-branch counter. Since we merge
identical blocks, the else-branch could incorrectly end up with an
execution count of one.
We need to avoid merging such cases. A full range should always take
precedence over a singleton range; a singleton range should never
expand to completely fill a full range. An additional post-processing
pass ensures this.
Bug: v8:8237
Change-Id: Idb3ec7b2feddc0585313810b9c8be1e9f4ec64bf
Reviewed-on: https://chromium-review.googlesource.com/c/1273095
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56531}
Refs: v8/v8@aac2f8c
deps: V8: backport 47d34a3
Original commit message:
Revert "[coverage] change block range to avoid ambiguity."
This reverts commit 471fef0469d04d7c487f3a08e81f3d77566a2f50.
Reason for revert: A more general fix incoming at https://crrev.com/c/1273095.
Original change's description:
> [coverage] change block range to avoid ambiguity.
>
> By moving the block range end to left of closing bracket,
> we can avoid ambiguity where an open-ended singleton range
> could be both interpreted as inside the parent range, or
> next to it.
>
> R=<U+200B>verwaest@chromium.org
>
> Bug: v8:8237
> Change-Id: Ibc9412b31efe900b6d8bff0d8fa8c52ddfbf460a
> Reviewed-on: https://chromium-review.googlesource.com/1254127
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#56347}
TBR=yangguo@chromium.org,neis@chromium.org,verwaest@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:8237
Change-Id: I39310cf3c2f06a0d98ff314740aaeefbfffc0834
Reviewed-on: https://chromium-review.googlesource.com/c/1273096
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56513}
Refs: https://github.com/v8/v8/commit/47d34a317e47bad86b68326607cd2e6de3901f3e
PR-URL: https://github.com/nodejs/node/pull/25429
Reviewed-By: Yang Guo <yangguo@chromium.org>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/23423
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
|
|
Refs: https://github.com/v8/v8/compare/7.0.276.25...7.0.276.28
PR-URL: https://github.com/nodejs/node/pull/23424
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Yang Guo <yangguo@chromium.org>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
|
|
This serves as mitigation for the so-called HashWick vulnerability.
Original commit messages:
commit 3833fef57368c53c6170559ffa524c8c69f16ee5
Author: Yang Guo <yangguo@chromium.org>
Date: Thu Sep 20 11:43:13 2018
Refactor integer hashing function names
We now clearly differentiate between:
- unseeded hash for 32-bit integers
- unseeded hash for 64-bit integers
- seeded hash for 32-bit integers
- seeded hash for strings
R=bmeurer@chromium.org
Bug: chromium:680662
Change-Id: I7459958c4158ee3501c962943dff8f33258bb5ce
Reviewed-on: https://chromium-review.googlesource.com/1235973
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56068}
commit 95a979e02d7154e45b293261a6998c99d71fc238
Author: Yang Guo <yangguo@chromium.org>
Date: Thu Sep 20 14:34:48 2018
Call into C++ to compute seeded integer hash
R=bmeurer@chromium.org
Bug: chromium:680662
Change-Id: I8dace89d576dfcc5833fd539ce698a9ade1cb5a0
Reviewed-on: https://chromium-review.googlesource.com/1235928
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56091}
commit 2c2af0022d5feb9e525a00a76cb15db9f3e38dba
Author: Yang Guo <yangguo@chromium.org>
Date: Thu Sep 27 16:37:57 2018
Use 64-bit for seeded integer hashes
R=petermarshall@chromium.org
Bug: chromium:680662
Change-Id: If48d1043dbe1e1bb695ec890c23e103a6cacf2d4
Reviewed-on: https://chromium-review.googlesource.com/1244220
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56271}
Refs: https://github.com/nodejs/node/issues/23259
PR-URL: https://github.com/nodejs/node/pull/23264
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/22754
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/21983
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
|
|
Original commit message:
[API] Expand BigInt API
Provide a more complete BigInt API.
Bug: v8:7712
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ic8562d616f3125deabdf8b52c7019b191bef0e07
Reviewed-on: chromium-review.googlesource.com/1101198
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54122}
PR-URL: https://github.com/nodejs/node/pull/21644
Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
|
|
PR-URL: https://github.com/nodejs/node/pull/21079
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Yang Guo <yangguo@chromium.org>
|
|
Original commit message:
[API] Expand BigInt API
Provide a more complete BigInt API.
Bug: v8:7712
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
Change-Id: Ic8562d616f3125deabdf8b52c7019b191bef0e07
Reviewed-on: chromium-review.googlesource.com/1101198
Commit-Queue: Yang Guo <yangguo@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#54122}
PR-URL: https://github.com/nodejs/node/pull/21644
Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
|
|
Original commit message:
Revert promises optimizations due to regressions in async hooks
Revert "[async-await] Eliminate throwaway promise in async functions."
This reverts commit a840f1f8f7e6c9ab32dec456a954612619855093.
Revert "[async-generators] Also avoid throwaway promise here."
This reverts commit feb545ceba5cb477ba883b46b60142f441ad5a3d.
Revert "[async-await] Turn await closures into intrinsics."
This reverts commit d97bb317386506a6798386b74647cbe0502fce35.
Revert "[async-generators] Add fast-path for primitives in AsyncGeneratorYield."
This reverts commit e57b500eb26dc595609613963468910eb4bcae2e.
Revert "[async-generators] Add fast-path to skip "then" lookup in AsyncGeneratorResolve."
This reverts commit c15802e11e30976528d1b711a9b9e6ff6b490117.
Revert "[promises] Correctly run before/after hooks for await."
This reverts commit ca7639239fc13e992e857710cbf7dbaac87163bf.
Bug: v8:7253, v8:7745
Change-Id: I25ad0d2df3cfbc84dbb431aa25b268bce8a39e89
Reviewed-on: https://chromium-review.googlesource.com/1049975
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53139}
Refs: https://github.com/v8/v8/commit/91ddb65d3b34c07c5026727de84dc91b5e0a43cd
Fixes: https://github.com/nodejs/node/issues/20516
Co-authored-by: Matteo Collina <matteo.collina@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/19989
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Matheus Marchini <matheus@sthima.com>
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/19989
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Matheus Marchini <matheus@sthima.com>
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/19201
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/18453
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Yang Guo <yangguo@chromium.org>
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/17489
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/16271
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
|
|
Original commit message:
Introduce ScriptOrModule and HostDefinedOptions
This patch introduces a new container type ScriptOrModule which
provides the name and the host defined options of the script/module.
This patch also introduces a new PrimitivesArray that can hold
Primitive values, which the embedder can use to store metadata.
The HostDefinedOptions is passed to V8 through the ScriptOrigin, and
passed back to the embedder through HostImportModuleDynamically for
module loading.
Bug: v8:5785, v8:6658, v8:6683
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I56c26fc9a680b273ac0a6691e5ad75f15b8dc80a
Reviewed-on: https://chromium-review.googlesource.com/622158
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47724}
PR-URL: https://github.com/nodejs/node/pull/16889
Refs: https://github.com/v8/v8/commit/dbfe4a49d88f6655ed31285a40b63786ab1e8e49
Refs: https://github.com/nodejs/node/pull/15713
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/15362
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
|
|
PR-URL: https://github.com/nodejs/node/pull/14730
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
|
|
Original commit message:
Fix GCC 7 build errors
BUG=chromium:691681
R=franzih@chromium.org
Change-Id: Id7e5698487f16dc217a804f6d3f24da7213c72b9
Reviewed-on: https://chromium-review.googlesource.com/530227
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46045}
Refs: https://github.com/nodejs/node/pull/13517
Fixes: https://github.com/nodejs/node/issues/10388
Refs: https://github.com/nodejs/node/pull/12392
PR-URL: https://github.com/nodejs/node/pull/14004
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/14004
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
|
|
Original commit message:
Fix GCC 7 build errors
BUG=chromium:691681
R=franzih@chromium.org
Change-Id: Id7e5698487f16dc217a804f6d3f24da7213c72b9
Reviewed-on: https://chromium-review.googlesource.com/530227
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46045}
PR-URL: https://github.com/nodejs/node/pull/13517
Fixes: https://github.com/nodejs/node/issues/10388
Refs: https://github.com/nodejs/node/pull/12392
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
|
|
PR-URL: https://github.com/nodejs/node/pull/13263
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/12784
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/11752
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com>
|
