Skip to content

V
V8
Switch branch/tag
  1. 14 May, 2020 2 commits
  3. 07 May, 2020 1 commit
  5. 04 May, 2020 1 commit
  7. 28 Apr, 2020 2 commits
    • Dan Elphick's avatar
      [heap] Move base::List to heap::List · 9827c716
      Dan Elphick authored 
      base::List is only used inside of heap and has some pretty strange
semantics that don't lend themselves to it being a general purpose data
structure so this moves it to heap where it can be safe isolated.

Bug: v8:10454
Change-Id: I7921c22286276432956005c72143b22b0364fc93
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2170029
Auto-Submit: Dan Elphick <delphick@chromium.org>
Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67448}
      9827c716
    • Dan Elphick's avatar
      [heap] Add SharedReadOnlySpace for shared RO_SPACE · 93cfa458
      Dan Elphick authored 
      When RO_SPACE is to be shared, this constructs SharedReadOnlySpace
object (via ReadOnlySpace::DetachPagesAndAddToArtifacts) that contains
the shared artifacts and the original ReadOnlySpace is destroyed. This
is mostly a conceptual change and SharedReadOnlySpace behaves
identically to ReadOnlySpace (and subclasses it).

Also adds ReadOnlyArtifacts that contains the shared artifacts and which
is stored as a std::weak_ptr in a global so it can be destroyed when all
std::shared_ptrs to it are destroyed. Since this allows the ReadOnlyHeap
to be reconstructed when all Isolates are destroyed,
ReadOnlyHeap::ClearSharedHeapForTest is removed along with all uses
since that is now done automatically.

The ReadOnlyArtifacts class now owns all the shared artifacts and is
responsible for deleting them on exit (mostly via unique_ptr).

Bug: v8:10454
Change-Id: I2fe7110a4ab9cf8719dd198bafc1d083bee641b1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2154204
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67440}
      93cfa458
  9. 22 Apr, 2020 1 commit
    • Clemens Backes's avatar
      [wasm] Fix performance bottleneck in DisjointAllocationPool · 7e0279fa
      Clemens Backes authored 
      When compiling modules with many functions, the list of regions in the
{DisjointAllocationPool} can become quite large if the functions die in
a random order (which they typically do, since the order of Liftoff
compilation is different than the order to TurboFan compilation; which
work stealing, both are nondeterministic).
Iterating the list of regions in the {DisjointAllocationPool} was thus
linear in the number of regions, which is linear in the number of
functions of the module. Since we insert new regions one by one, overall
runtime was quadratic.

This CL fixes this by switching from a linked list to a std::set.
Merging a new region is thus logarithmic instead of linear, and overall
we are {n*log(n)} instead of {n^2}.

Note: For {AllocateInRegion} we still need to linearly iterate all
regions that overlap the requested region, but this has not shown to be
a problem so far.

R=ahaas@chromium.org

Bug: v8:10432
Change-Id: I193e56c2abab782e386194fbe64dadfa250916f7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2154797
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67303}
      7e0279fa
  11. 20 Apr, 2020 1 commit
  13. 14 Apr, 2020 1 commit
  15. 09 Apr, 2020 1 commit
  17. 07 Apr, 2020 1 commit
    • Clemens Backes's avatar
      [wasm][debug] Do not hold lock while recompiling functions · 813c5954
      Clemens Backes authored 
      This is to avoid a lock inversion problem. In many situation, the
{NativeModule} lock is held while getting the {DebugInfo} lock.
Hence we should never do is the other way around, otherwise we risk a
deadlock.
When setting a breakpoint, we hold the {DebugInfo} lock when triggering
recompilation, but recompilation accesses the {NativeModule} for
creating the {CompilationEnv}, and therefore takes the {NativeModule}
lock.
This CL fixes this lock inversion by giving up the {DebugInfo} lock
before recompiling functions.

R=thibaudm@chromium.org

Bug: v8:10351
Change-Id: Ic818c6589b2b532006aee4c16bac92b2fe79fa65
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2139574
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: 's avatarThibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#67042}
      813c5954
  19. 01 Apr, 2020 1 commit
  21. 27 Mar, 2020 2 commits
  23. 25 Mar, 2020 1 commit
    • Michael Lippautz's avatar
      cppgc: Add HeapObjectHeader · 0a64a52b
      Michael Lippautz authored 
      This adds HeapObjectHeader, a meta object that is put in front of
every managed object. HeapObjectHeader provides accessors for:
1. GCInfoIndex
2. In construction bit
3. size
4. Mark bit

Meta info is distributed among two uint16_t fields as (1.,2.) and
(3.,4.). This is convenient as the non-bit accessors (size,
GCInfoIndex) are constant during marking.

Object layout see heap-object-header.h.

Note: The current implementation does not bypass ASAN poisoning and
assumes an unpoisoned header whenever performing an access.

Bug: chromium:1056170
Change-Id: I753f15467ed5c2b22b47e64d3aa5a3c1baddf8e1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2116031
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
Reviewed-by: 's avatarOmer Katz <omerkatz@chromium.org>
Reviewed-by: 's avatarHannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66861}
      0a64a52b
  25. 24 Mar, 2020 1 commit
    • Michael Lippautz's avatar
      cppgc: Add GCInfo machinery · 4132d725
      Michael Lippautz authored 
      GCInfo and its related infrastructure is used to record information
about types. Currently, we store finalization and vtable information.
Future changes will introduce naming and tracing, similar to Oilpan in
Blink.

Information is stored in a process-wide global table that is
maintained at runtime. For static builds such information can be
recorded in the binary without the runtime overhead which is future
work.

This ports `third_party/blink/renderer/platform/heap/gc_info.{h,cc}`
on a semantic level. In addition to adjusting to V8's needs, we also
re-commit the already filled parts of the info table as read-only when
possible, making it harder to override type information.

Bug: chromium:1056170
Change-Id: Ib01eb24e6f8a94a4a647efde7af37689f8c20ba2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2111214
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: 's avatarHannes Payer <hpayer@chromium.org>
Reviewed-by: 's avatarOmer Katz <omerkatz@chromium.org>
Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66847}
      4132d725
  27. 17 Mar, 2020 1 commit
  29. 16 Mar, 2020 1 commit
    • Clemens Backes's avatar
      [wasm] Fix registers spilled in DebugBreak frame · e47f9a9d
      Clemens Backes authored 
      The set of registers to spill was wrong. Instead of spilling wasm
parameter registers (like the WasmCompileLazy builtin), we should spill
all registers that are being used as Liftoff cache registers.
This CL defines platform-specific WasmDebugBreakFrameConstants which
hold the set of registers to spill. This set is used in the builtin, and
will later be used for inspecting the spilled registers.

In order to iterate bit sets more easily in both direction (MSB to LSB
or LSB to MSB), we add a base::bits::IterateBits{,Backwards} method
which provides the respective iterators.

R=jkummerow@chromium.org
CC=thibaudm@chromium.org

Bug: v8:10222
Change-Id: I73ecbdff9b29e244c478b404063c0c9ee25bc821
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2102570Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66715}
      e47f9a9d
  31. 09 Mar, 2020 1 commit
  33. 26 Feb, 2020 7 commits
    • Clemens Backes's avatar
      Reland "[wasm] Refactor callback triggering" · 9a96f1bb
      Clemens Backes authored 
      This is a reland of 0dc598df

Original change's description:
> [wasm] Refactor callback triggering
> 
> 1) Instead of passing three boolean values to |TriggerCallbacks|, pass
>    one EnumSet which contains all events to trigger.
> 2) Remember which events already happened, to avoid triggering them
>    again.
> 3) Compute triggered events once after the loop in |OnFinishedUnits|,
>    instead of checking for every finished unit.
> 4) When a new callback is registered, trigger all previous events
>    immediately. This solves issue v8:10217.
> 5) Replace |NotifyTopTierReady| by |AddCallback| which is identical now.
> 6) Do not call |OnFinishedJSToWasmWrapperUnits| if no wrappers were
>    compiled (this is a minor performance optimization; we save taking
>    and releasing a lock).
> 7) Drive-by: Make the |EnumSet| constructor really constexpr (by making
>    |Mask| constexpr).
> 
> R=ahaas@chromium.org
> 
> Bug: v8:10217
> Change-Id: Ib3688a1687ad7b523e90efd73f4073e9f1193016
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2072737
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#66459}

Bug: v8:10217
Change-Id: I9f7ca424fa7f1d0379dabe230bebf62522dfc857
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2074501Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66468}
      9a96f1bb
    • Clemens Backes's avatar
      Revert "[wasm] Refactor callback triggering" · 6a2865d2
      Clemens Backes authored 
      This reverts commit 0dc598df.

Reason for revert: Fails the wasm-cache-test blink test.

Original change's description:
> [wasm] Refactor callback triggering
> 
> 1) Instead of passing three boolean values to |TriggerCallbacks|, pass
>    one EnumSet which contains all events to trigger.
> 2) Remember which events already happened, to avoid triggering them
>    again.
> 3) Compute triggered events once after the loop in |OnFinishedUnits|,
>    instead of checking for every finished unit.
> 4) When a new callback is registered, trigger all previous events
>    immediately. This solves issue v8:10217.
> 5) Replace |NotifyTopTierReady| by |AddCallback| which is identical now.
> 6) Do not call |OnFinishedJSToWasmWrapperUnits| if no wrappers were
>    compiled (this is a minor performance optimization; we save taking
>    and releasing a lock).
> 7) Drive-by: Make the |EnumSet| constructor really constexpr (by making
>    |Mask| constexpr).
> 
> R=​ahaas@chromium.org
> 
> Bug: v8:10217
> Change-Id: Ib3688a1687ad7b523e90efd73f4073e9f1193016
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2072737
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#66459}

TBR=ahaas@chromium.org,clemensb@chromium.org

Change-Id: I564b053e898db5f7b51cefa4626c0625a225c89a
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10217
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2074638Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66461}
      6a2865d2
    • Clemens Backes's avatar
      [wasm] Refactor callback triggering · 0dc598df
      Clemens Backes authored 
      1) Instead of passing three boolean values to |TriggerCallbacks|, pass
   one EnumSet which contains all events to trigger.
2) Remember which events already happened, to avoid triggering them
   again.
3) Compute triggered events once after the loop in |OnFinishedUnits|,
   instead of checking for every finished unit.
4) When a new callback is registered, trigger all previous events
   immediately. This solves issue v8:10217.
5) Replace |NotifyTopTierReady| by |AddCallback| which is identical now.
6) Do not call |OnFinishedJSToWasmWrapperUnits| if no wrappers were
   compiled (this is a minor performance optimization; we save taking
   and releasing a lock).
7) Drive-by: Make the |EnumSet| constructor really constexpr (by making
   |Mask| constexpr).

R=ahaas@chromium.org

Bug: v8:10217
Change-Id: Ib3688a1687ad7b523e90efd73f4073e9f1193016
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2072737
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66459}
      0dc598df
    • Georg Neis's avatar
      Revert "[builtins] stop using imprecise fdlibm pow" · 3aa52a22
      Georg Neis authored 
      This reverts commit b12ba06e.

Reason for revert:
After further discussion we decided to stick with fdlibm.

Original change's description:
> [builtins] stop using imprecise fdlibm pow
>
> This CL reinstates the old pow implementation which calls out to the
> system implementation of pow.
>
> Bug: v8:9622
> Change-Id: I3df997888ced3fb8b5bd4b810098e967649aaa55
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1774898
> Reviewed-by: Hannes Payer <hpayer@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Georg Neis <neis@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#66303}

TBR=yangguo@chromium.org,neis@chromium.org,hpayer@chromium.org,me@gus.host

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: v8:9622
Change-Id: I941f70c7432cd2fab86e0eadcb2e1a9ec8195e91
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2072746
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66452}
      3aa52a22
    • Clemens Backes's avatar
      [base] Extend EnumSet · 1e4b0435
      Clemens Backes authored 
      This extends EnumSet by
1) adding element-wise operations (without first creating an EnumSet of
   that element in the caller),
2) adding arithmetic assignment operators, and
3) adding a subtraction operation which removes all elements in another
   EnumSet, or a single element.

R=mlippautz@chromium.org

Change-Id: Ibe694e9e111e506ad09cf9729fa0b0ba38430b79
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2071874
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66451}
      1e4b0435
    • Georg Neis's avatar
      Revert "[builtins] Replace V8_INFINITY with its definition" · 51022eb8
      Georg Neis authored 
      This reverts commit 73f91a2d.

Reason for revert: Reverting b12ba06e

Original change's description:
> [builtins] Replace V8_INFINITY with its definition
> 
> V8_INFINITY is not defined here.
> "src/common/globals.h" is also not allowed to be included
> in this source file.
> 
> Change-Id: Ia3b14db8ac5099b6ce65839eb0fc59340dc59555
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2062930
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com>
> Cr-Commit-Position: refs/heads/master@{#66336}

TBR=neis@chromium.org,clemensb@chromium.org,me@gus.host,miladfar@ca.ibm.com

# Not skipping CQ checks because original CL landed > 1 day ago.

Change-Id: Ia43c3f7f735dfb622d4f5464a52a142d19ddeb26
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2072745Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66449}
      51022eb8
    • Clemens Backes's avatar
      [base] Pass EnumSet by value · 151b85a0
      Clemens Backes authored 
      EnumSet hold a single integral field, hence it should be passed by
value. All users already do this, we are just inconsistent within the
declaration of EnumSet itself.

R=mlippautz@chromium.org

Change-Id: Ic2cac35fbd8fe3e98c1fe135bd334547dca30ab5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2071872Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66447}
      151b85a0
  35. 21 Feb, 2020 2 commits
  37. 20 Feb, 2020 1 commit
    • Clemens Backes's avatar
      [wasm] Avoid unnecessary jump tables · 1403fd7d
      Clemens Backes authored 
      If multiple code spaces are created, each of them currently gets its own
jump table (on 64 bit platforms). Since we try to allocate new code
spaces right after existing ones, this is often not necessary. We could
instead reuse the existing jump table(s).
This saves code space for the unneeded jump tables and avoid the cost of
patching the redundant jump tables when we replace code objects.

This CL implements this by checking whether an existing jump table (or
pair of far jump table and (near) jump table) fully covers a new code
space, and reuses the existing jump table in that case.

R=ahaas@chromium.org

Change-Id: Id8751b9c4036cf8f85f9baa2b0be8b2cfb5716ff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2043846Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66364}
      1403fd7d
  39. 19 Feb, 2020 1 commit
  41. 18 Feb, 2020 1 commit
  43. 14 Feb, 2020 1 commit
  45. 12 Feb, 2020 1 commit
  47. 10 Feb, 2020 2 commits
  49. 28 Jan, 2020 1 commit
    • Philip Pfaffe's avatar
      Improve iterator_range to take non-&& arguments · c51c9f7c
      Philip Pfaffe authored 
      The current implementation takes forwarding reference arguments, which
is fine when you call it with rvalues, like
make_iterator_range(V.begin(), V.end()). If you call it with lvalues
though, it doesn't do what you'd expect. ForwardIterator becomes a
reference:

Foo I = V.begin();
make_iterator_range(I, I); //ForwardIterator is deduced as Foo&

Since iterator are supposed to be small, no harm in passing them by
value.

Change-Id: I151c87304949d810c72c42f60e9d1a7151f61f83
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2020780
Commit-Queue: Philip Pfaffe <pfaffe@chromium.org>
Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66007}
      c51c9f7c
  51. 16 Jan, 2020 1 commit
  53. 15 Jan, 2020 1 commit
  55. 10 Jan, 2020 1 commit
    • Clemens Backes's avatar
      [base] Improve logging for long error messages · 193c08ad
      Clemens Backes authored 
      When comparing objects which get printed to very long strings (e.g.
collections like vectors), it's much more readable if they get printed
to individual lines. Differences are much easier to spot then.

This CL refactors the CHECK/DCHECK macros to print the left hand side
and right-hand side in individual lines if any of them is longer than 50
characters.

To that end, the {PrintCheckOperand} method (only used from
{MakeCheckOpString}) is changed to return the string directly instead of
printing to an output stream.

R=mlippautz@chromium.org

Change-Id: I6e24a5cbfeb1af53fa0aca2828e23f642b15569c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1991866Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65705}
      193c08ad
  57. 20 Dec, 2019 1 commit
    • Tobias Tebbi's avatar
      [torque] multiple arrays in one object · 59e8d45a
      Tobias Tebbi authored 
      This allows the definition of classes with several arrays and ports
SmallOrderedHashTable subclasses to Torque as an example, including
the existing CSA allocation functions for them.

Overview of changes:
- Introduce ResidueClass to encapsulate the modulo-arithmetic
  necessary to do alignment checks.
- Add MachineOperatorReducer to the CSA pipeline to address now
  missing CSA ad-hoc constant folding that got blocked by a
  temporary phi.
- Allow assignments to references to structs. This is needed to
  initialize the data_table part of SmallOrderedHashMap.
- Make the NumberLiteralExpression AST-node store a double instead
  of a string. This is necessary to detect arrays with constant size
  used for padding.
- Turn offsets into base::Optional<size_t> to ensure we don't use
  an invalid or statically unknown offset.
- Remove CreateFieldReferenceInstruction since it doesn't work for
  complex offset computations and the logic can be expressed better
  in ImplementationVisitor.
- Validate alignment of structs embedded in classes.

Bug: v8:10004 v8:7793
Change-Id: Ifa414b42278e572a0c577bf9da3d37f80771a258
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1958011
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Reviewed-by: 's avatarNico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65538}
      59e8d45a