- 02 Mar, 2022 2 commits
-
-
Jakob Gruber authored
.. to distinguish between Maglev and Turbofan targets. Also move one tracing function to tiering-manager. We may want to move all --trace-opt code into one place in the future (it's currently split between here and compiler.cc). Bug: v8:7700 Change-Id: I9756460124b14fc3213296d083071f338421966a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3500612 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Auto-Submit: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79332}
-
Jakob Gruber authored
When --maglev is set, tier up to Maglev from unoptimized tiers based on --interrupt-budget-for-maglev, initially set to 40KB (which should very roughly by 1/10th of the time until the TF tierup decision is made). On the first interrupt, a non-concurrent optimization to Maglev is requested, which the next call to the marked function will perform. - There is no support for tiering from Maglev to TF yet. - Maglev's language support is minimal and tests are not expected to pass with --maglev. - Disable --maglev by default for now. Drive-by: fixes related to Maglev flag definitions. Bug: v8:7700 Change-Id: I121bb3f4f3830fdd20e1d4a12d3e04f08a99be38 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3500302Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79328}
-
- 01 Mar, 2022 1 commit
-
-
Jakob Gruber authored
- Add the Isolate as an explicit param (we already have it at all callsites) - Pass an explicit CodeKind param to MarkForOptimization in preparation for Maglev. - Split EnsureFeedbackVector into that, plus CreateAndAttachFeedbackVector for when we know it has to be created. Bug: v8:7700 Change-Id: Ie9022deccd31d472d6df3d442b25583af5569ab0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3497383 Commit-Queue: Jakob Gruber <jgruber@chromium.org> Auto-Submit: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79318}
-
- 24 Feb, 2022 2 commits
-
-
Camillo Bruni authored
With this change we can easily track and filter unsupported objects for full-page snapshots. Bug: v8:11525 Change-Id: Id75b6f4edf68b47d6dfbe79aed2b686aeec61068 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3484320Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#79252}
-
Leszek Swirski authored
Maglev is mid-tier optimising compiler designed mainly for compilation speed that can still generate good code for straightforward JS. This initial commit is an MVP for Maglev which can compile and run some very simple code, and sets up a framework that we can build upon. Design: https://docs.google.com/document/d/13CwgSL4yawxuYg3iNlM-4ZPCB8RgJya6b8H_E2F-Aek/edit# Bug: v8:7700 Change-Id: I5ae074ae099126c2c0d50864ac9b3d6fa5c9e85a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3483664Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79247}
-
- 23 Feb, 2022 3 commits
-
-
Jakob Gruber authored
It's no longer needed. Bug: v8:12552 Change-Id: I3522ab621001ee07ce7037888934279e4050dea9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3484318 Auto-Submit: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79235}
-
Jakob Gruber authored
- Move feedback / SP into TieringManager. - Rename OnInterruptTickFromBytecode to OnInterruptTick (it's called from both Code and Bytecode). - Remove the SealHandleScope / HandleScope dance. Bug: v8:7700 Change-Id: I800542deb3805097a589b7766907efb6f40c7dae Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3467875Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Auto-Submit: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79220}
-
Shu-yu Guo authored
This is a reland of 1025bf26 Changes since revert: - TSAN issue fixed by https://crrev.com/c/3475084 - Skip the shared-struct-workers test until shared GC deadlock is fixed, being tracked in v8:12645 Original change's description: > [shared-struct] Prototype JS shared structs > > Unlike the Stage 1 proposal, for simplicity the prototype does not add > any new syntax, instead opting for exposing a SharedStructType > constructor which takes an array of field names. This type constructor > returns constructors for shared structs. > > Shared structs can be shared across Isolates, are fixed layout, have no > prototype, have no .constructor, and can only store primitives and > other shared structs. > > The initial prototype does not have TurboFan support. > > Bug: v8:12547 > Change-Id: I23bdd819940b42139692bcdb53d372099b0d4426 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3390643 > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Reviewed-by: Marja Hölttä <marja@chromium.org> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> > Commit-Queue: Shu-yu Guo <syg@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79156} Bug: v8:12547 Change-Id: Ic1f5cf9fa9791ae2d5d5dc7c110614ca10b5d98e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3475078Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#79215}
-
- 22 Feb, 2022 1 commit
-
-
Camillo Bruni authored
This CL prepares WebSnapshot for skipping and re-injecting external references in the web snapshot. External references are encoded as separate object type and allows us to create partial snapshots at runtime and reconnect a deserialised snapshot to an existing object graph. Part II will also collect all objects which cannot be serialized by the web-snapshot serializer. Usage: snapshot = %WebSnapshotSerialize(root, skip_externals); object = %eWebSnapshotDeserializ(snapshot, replaced_externals); Drive-by-changes: - Reduce JSObject Map size in serializer (we ended up with 4 embedder fields) - Avoid adding non-HeapObject to the discovery_queue_ - Split off ReadXXX handlers into separate functions Bug: v8:11525 Change-Id: Ia6a9914259614c6c288667621b38daa0202d4d72 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3461936Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#79211}
-
- 21 Feb, 2022 2 commits
-
-
Leszek Swirski authored
This reverts commit 9f902b74. Reason for revert: Reverting due to various fuzzing issues (numfuzz issues listed in original CL comments, ochang fuzzer in https://bugs.chromium.org/p/chromium/issues/detail?id=1299418) Original change's description: > [turbofan] Making OSR concurrent > > ... to reduce compilation overhead on the main thread for OSR > > Bug: v8:12161 > Change-Id: I54ca5fa6201405daf92dac9cf51d5de4b46577b3 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3369361 > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Leszek Swirski <leszeks@chromium.org> > Commit-Queue: Fanchen Kong <fanchen.kong@intel.com> > Cr-Commit-Position: refs/heads/main@{#79188} Bug: v8:12161 Change-Id: Id6f6086517cd77fb1aa60b20fd03528b8e2ca686 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3477104 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Owners-Override: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79194}
-
Fanchen Kong authored
... to reduce compilation overhead on the main thread for OSR Bug: v8:12161 Change-Id: I54ca5fa6201405daf92dac9cf51d5de4b46577b3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3369361Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Fanchen Kong <fanchen.kong@intel.com> Cr-Commit-Position: refs/heads/main@{#79188}
-
- 18 Feb, 2022 2 commits
-
-
Shu-yu Guo authored
Currently the Isolate is gotten off of the object that the operation is being performed on. GetDataProperty may end up using a per-Isolate lookup cache, which is not threadsafe when the Isolate is shared. Plumb the executing, non-shared Isolate through. Bug: v8:12646, v8:12547 Change-Id: Ia08ece9a9e8cbd7eba9ea38b01caa511895f5bf4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3475084Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#79180}
-
Michael Achenbach authored
This reverts commit 1025bf26. Reason for revert: https://crbug.com/v8/12645 Original change's description: > [shared-struct] Prototype JS shared structs > > Unlike the Stage 1 proposal, for simplicity the prototype does not add > any new syntax, instead opting for exposing a SharedStructType > constructor which takes an array of field names. This type constructor > returns constructors for shared structs. > > Shared structs can be shared across Isolates, are fixed layout, have no > prototype, have no .constructor, and can only store primitives and > other shared structs. > > The initial prototype does not have TurboFan support. > > Bug: v8:12547 > Change-Id: I23bdd819940b42139692bcdb53d372099b0d4426 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3390643 > Reviewed-by: Tobias Tebbi <tebbi@chromium.org> > Reviewed-by: Marja Hölttä <marja@chromium.org> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> > Commit-Queue: Shu-yu Guo <syg@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79156} Bug: v8:12547 Change-Id: I44f2b8bb7487b4d39ba1282585e0b2282501230f No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3474676 Auto-Submit: Michael Achenbach <machenbach@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Owners-Override: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/main@{#79170}
-
- 17 Feb, 2022 1 commit
-
-
Shu-yu Guo authored
Unlike the Stage 1 proposal, for simplicity the prototype does not add any new syntax, instead opting for exposing a SharedStructType constructor which takes an array of field names. This type constructor returns constructors for shared structs. Shared structs can be shared across Isolates, are fixed layout, have no prototype, have no .constructor, and can only store primitives and other shared structs. The initial prototype does not have TurboFan support. Bug: v8:12547 Change-Id: I23bdd819940b42139692bcdb53d372099b0d4426 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3390643Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#79156}
-
- 16 Feb, 2022 3 commits
-
-
Michael Lippautz authored
The information was previously kept heap-global but is really only used by spaces when refilling their LABs. Bug: v8:12615 Change-Id: Iee256d35ffa0112c93ec721bc3afdc2881c4743b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3465898Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#79122}
-
Jakob Gruber authored
TierUpCheck and UpdateInterruptBudget were only used by Turboprop (likewise feedback_cell_node). Bug: v8:12552 Change-Id: Ic73d44a5734e183bc1a2eda58cdf85163220e4d9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3463954 Auto-Submit: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#79116}
-
Jakob Gruber authored
This predicate is just confusing - it's a renamed version of HasBytecodeArray; but HasBytecodeArray also returns true if the SFI has attached Sparkplug code - and is thus not interpreted. Simply replace it by HasBytecodeArray. Bug: v8:7700 Change-Id: Id4be2048a625142ade1096044133d9cd2896b51d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3461935Reviewed-by: Leszek Swirski <leszeks@chromium.org> Auto-Submit: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79115}
-
- 15 Feb, 2022 3 commits
-
-
Jakob Gruber authored
This was mostly unused. We should simply be able to use CodeKind plus related predicates instead. Replace FeedbackVector::optimization_tier with maybe_has_optimized_code, which states whether the optimized code cache is filled. The value is updated lazily and may lag behind the actual code cache state. We only use this field for quick cache-empty? checks from generated code. Bug: v8:7700,v8:12552 Change-Id: Ibfc5c0128eac56167a68ecba5690eab2e9369640 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3460741Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79107}
-
Jakob Gruber authored
.. to resolve the overloaded 'runtime' term and overall pick a more meaningful name for this class. It's neither very related to runtime (instead it's called periodically when the bytecode interrupt budget is exhausted); nor is profiling its main purpose. This class is responsible for controlling tiering decisions, hence the new name 'TieringManager'. Bug: v8:7700 Change-Id: Id6f1edf4ebe016d0d81903d0a13e0e1fe6e02142 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3463716Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79101}
-
Jakob Gruber authored
.. in preparation for integrating addtl tiers into a single tiering system. 1. Explicitly spell out whether the request is concurrent or not. 2. Explicitly request the target compiler. Bug: v8:7700 Change-Id: I9d6e9f6a5d5f0f7218fe136ff50cea2ad7987f67 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3460739 Auto-Submit: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#79092}
-
- 14 Feb, 2022 2 commits
-
-
Dominik Inführ authored
This is a reland of 2694b75e The reason for the revert was fixed and landed in https://crrrev.com/c/3456023, together with all changes in d8.cc. This reland itself doesn't change the CL apart from rebasing. Original change's description: > Reland "Reland "[heap] Support client-to-shared refs in Code objects"" > > This is a reland of 4b8f1b1c > > After landing https://crrev.com/c/3447371, we can reland this CL as-is > correctness-wise. > > What's new in this CL is that we now treat references from client > objects into the shared heap as roots for the --track-retaining-path > feature. > > Original change's description: > > Reland "[heap] Support client-to-shared refs in Code objects" > > > > This is a reland of 12e46091 > > > > Original change's description: > > > [heap] Support client-to-shared refs in Code objects > > > > > > Support references from code objects in the client heaps to shared heap objects. Such references are stored in a remembered set during marking, which is later used for updating pointers. > > > > > > Bug: v8:11708 > > > Change-Id: I8aeb508ddd14514ca65fa5acf3030dd8c2040168 > > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3401588 > > > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > > > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > > > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > > > Cr-Commit-Position: refs/heads/main@{#78819} > > > > Bug: v8:11708 > > Change-Id: I47bcf44b452fcffe8675fba03244b736ede14247 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3422630 > > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > > Cr-Commit-Position: refs/heads/main@{#78838} > > Bug: v8:11708 > Change-Id: I5b48e942fa469eabb40e797e221d06c25af16443 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3425358 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79023} Bug: v8:11708 Change-Id: I83de1dc4dc4701cba4936a68923f6d9b97f7a6a8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3455242Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#79070}
-
Victor Gomes authored
This is a reland of c927ada7 Fix: Recalculate encoding after an allocation (that can potentially trigger GC) in EnsureHasFullTransitionArray. Original change's description: > [runtime] Refactor TransitionsAccessor > > Problems: > - The class uses a bare Map field, but some methods can trigger GC > causing it to have a potential dangling pointer in case of map > compaction. > - Some methods invalidate the object state and should not be used again. > - Complicate logic with a no_gc and a gc aware constructors. Some > methods can only be called if the object is constructed with a > particular constructor (e.g, Insert and PutPrototypeTransition). > > Note: Most usages of this class is done by constructing an object and > calling a single method: > `TransitionAccessor(...).Method(...)` > So we can easily change them to a static method. > > This CL: > 1. Adds DISALLOW_GARBAGE_COLLECTION to the class. > 2. Makes methods that can trigger GC static. > 3. Creates static helper functions that wrap the class in a different > scope, since TransitionsAccessor now forces the scope to disallow gc. > 4. Removes now unnecessary "Reload" logic. > > Bug: chromium:1295133, v8:12578 > Change-Id: I85484e7235fbd5e69894e26f5e1c491c6f69635e > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3450416 > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Commit-Queue: Victor Gomes <victorgomes@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79051} Bug: chromium:1295133, v8:12578 Change-Id: If3880c2480433b78567870c8d14508d6ad9eccbd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3460405Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#79069}
-
- 11 Feb, 2022 4 commits
-
-
Kim-Anh Tran authored
This changes the way how we are handling instrumentation breakpoints. Motivation: with instrumentation breakpoints, we need a way to break on (conditional) breakpoints that were just set by the client on the instrumentation pause. How: We want to first find out if we have an instrumentation break, and trigger a pause. For this to work, we need to distinguish between regular and instrumentation breakpoints in the debugger back-end. On resume, we want to check if we have hit any breakpoints (may now contain new breakpoints due to the client setting new breakpoints at the previous instrumentation pause) and trigger a separate pause for them. Fixed: chromium:1292930 Change-Id: Idaadd276c44c693f856c4b08c7a72ea67271f420 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3442676Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Kim-Anh Tran <kimanh@chromium.org> Cr-Commit-Position: refs/heads/main@{#79053}
-
Deepti Gandluri authored
This reverts commit c927ada7. Reason for revert: GC stress failures: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20gc%20stress/37276/overview Original change's description: > [runtime] Refactor TransitionsAccessor > > Problems: > - The class uses a bare Map field, but some methods can trigger GC > causing it to have a potential dangling pointer in case of map > compaction. > - Some methods invalidate the object state and should not be used again. > - Complicate logic with a no_gc and a gc aware constructors. Some > methods can only be called if the object is constructed with a > particular constructor (e.g, Insert and PutPrototypeTransition). > > Note: Most usages of this class is done by constructing an object and > calling a single method: > `TransitionAccessor(...).Method(...)` > So we can easily change them to a static method. > > This CL: > 1. Adds DISALLOW_GARBAGE_COLLECTION to the class. > 2. Makes methods that can trigger GC static. > 3. Creates static helper functions that wrap the class in a different > scope, since TransitionsAccessor now forces the scope to disallow gc. > 4. Removes now unnecessary "Reload" logic. > > Bug: chromium:1295133, v8:12578 > Change-Id: I85484e7235fbd5e69894e26f5e1c491c6f69635e > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3450416 > Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Commit-Queue: Victor Gomes <victorgomes@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79051} Bug: chromium:1295133, v8:12578 Change-Id: Ia567cdcae73bc7fdfaf08b62eeeb899d6a933e21 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3456682 Auto-Submit: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Owners-Override: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/main@{#79052}
-
Victor Gomes authored
Problems: - The class uses a bare Map field, but some methods can trigger GC causing it to have a potential dangling pointer in case of map compaction. - Some methods invalidate the object state and should not be used again. - Complicate logic with a no_gc and a gc aware constructors. Some methods can only be called if the object is constructed with a particular constructor (e.g, Insert and PutPrototypeTransition). Note: Most usages of this class is done by constructing an object and calling a single method: `TransitionAccessor(...).Method(...)` So we can easily change them to a static method. This CL: 1. Adds DISALLOW_GARBAGE_COLLECTION to the class. 2. Makes methods that can trigger GC static. 3. Creates static helper functions that wrap the class in a different scope, since TransitionsAccessor now forces the scope to disallow gc. 4. Removes now unnecessary "Reload" logic. Bug: chromium:1295133, v8:12578 Change-Id: I85484e7235fbd5e69894e26f5e1c491c6f69635e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3450416Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/main@{#79051}
-
Michael Lippautz authored
The flag has been turned on for a long time and we do not intend to support a mode without young LO objects. A side effect is that it removes a branch in AllocateRaw for the young generation. Drive-by: Reinstantiate the LO space verifier checking that only certain types can appear as large objects. Bug: v8:12615 Change-Id: I8c33019a04670f20459ea2faa9dc2f98b8cda40b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3450420Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#79044}
-
- 10 Feb, 2022 3 commits
-
-
Joyee Cheung authored
Handle the case of nested super() by checking if the class scope contains a private brand. In this case the ContextScope chain is different from the actual context chain so this added back the AddPrivateBrand() runtime function but with the additional step of walking the context chain to get the correct class context that will be stored as the value of the brand property for the debugger. Bug: v8:12354 Change-Id: Ieeb9b9d6372bfbb1a39c4c2dc9e9848e9109f02a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3275137Reviewed-by: Shu-yu Guo <syg@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Joyee Cheung <joyee@igalia.com> Cr-Commit-Position: refs/heads/main@{#79032}
-
Dominik Inführ authored
This reverts commit 2694b75e. Reason for revert: Causes timeouts on waterfall (https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux%20-%20debug/38375/overview) Original change's description: > Reland "Reland "[heap] Support client-to-shared refs in Code objects"" > > This is a reland of 4b8f1b1c > > After landing https://crrev.com/c/3447371, we can reland this CL as-is > correctness-wise. > > What's new in this CL is that we now treat references from client > objects into the shared heap as roots for the --track-retaining-path > feature. > > Original change's description: > > Reland "[heap] Support client-to-shared refs in Code objects" > > > > This is a reland of 12e46091 > > > > Original change's description: > > > [heap] Support client-to-shared refs in Code objects > > > > > > Support references from code objects in the client heaps to shared heap objects. Such references are stored in a remembered set during marking, which is later used for updating pointers. > > > > > > Bug: v8:11708 > > > Change-Id: I8aeb508ddd14514ca65fa5acf3030dd8c2040168 > > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3401588 > > > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > > > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > > > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > > > Cr-Commit-Position: refs/heads/main@{#78819} > > > > Bug: v8:11708 > > Change-Id: I47bcf44b452fcffe8675fba03244b736ede14247 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3422630 > > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > > Cr-Commit-Position: refs/heads/main@{#78838} > > Bug: v8:11708 > Change-Id: I5b48e942fa469eabb40e797e221d06c25af16443 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3425358 > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Cr-Commit-Position: refs/heads/main@{#79023} Bug: v8:11708 Change-Id: I3c5cb945261882122cd76a50aba5237106a25b65 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3451719 Auto-Submit: Dominik Inführ <dinfuehr@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/main@{#79026}
-
Dominik Inführ authored
This is a reland of 4b8f1b1c After landing https://crrev.com/c/3447371, we can reland this CL as-is correctness-wise. What's new in this CL is that we now treat references from client objects into the shared heap as roots for the --track-retaining-path feature. Original change's description: > Reland "[heap] Support client-to-shared refs in Code objects" > > This is a reland of 12e46091 > > Original change's description: > > [heap] Support client-to-shared refs in Code objects > > > > Support references from code objects in the client heaps to shared heap objects. Such references are stored in a remembered set during marking, which is later used for updating pointers. > > > > Bug: v8:11708 > > Change-Id: I8aeb508ddd14514ca65fa5acf3030dd8c2040168 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3401588 > > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > > Cr-Commit-Position: refs/heads/main@{#78819} > > Bug: v8:11708 > Change-Id: I47bcf44b452fcffe8675fba03244b736ede14247 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3422630 > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Cr-Commit-Position: refs/heads/main@{#78838} Bug: v8:11708 Change-Id: I5b48e942fa469eabb40e797e221d06c25af16443 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3425358Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#79023}
-
- 09 Feb, 2022 1 commit
-
-
Jakob Gruber authored
Drive-by: Change the macro magic around elements kind runtime predicates to make the function names grep-able. Fixed: v8:10105 Change-Id: Id5046bd0e60f40611c6c264613729fb9c6b73853 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3420306Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Auto-Submit: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/main@{#79005}
-
- 08 Feb, 2022 1 commit
-
-
Benedikt Meurer authored
Previously the inspector was trying to handle step-out for async functions by annotating the async stacks, but this was merely a hack and didn't work reliably (a) when the async caller that is `await`ing the result of the callee was still in the synchronous part (because then there was no async task yet in the inspector), or (b) not at all when the async stack tracking wasn't enabled or the maximum async stack depth was too small. This CL replaces that hack with a pragmatic solution inside the V8 debugger, where upon `await` we memorize the async function object of the caller on the outer promise of the callee, and when stepping out of the callee we check whether the returned promise has a memorized async function object and if so, we schedule that to resume. This CL thereby effectively reverts https://crrev.com/c/1054618 and replaces it with a V8 debug solution, and thereby further reduces the (memory) overhead of an AsyncStackTrace. Fixed: chromium:1246867 Bug: v8:6161, v8:7753, chromium:1277451, chromium:1280519 Change-Id: I6aa79e90f49d204f66bfd37e7a328c7fb8d635b1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3439865Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/main@{#78990}
-
- 05 Feb, 2022 3 commits
-
-
Shu-yu Guo authored
Currently the Isolate is gotten off of the object that the operation is being performed on. Shared objects return the shared Isolate, which is incorrect as it shouldn't be used to run JS, nor does it have HandleScopes open. Plumb the executing Isolate through. Bug: v8:12547 Change-Id: I428d21f5e6a9c51c8c7c4577395bf27c8706bdb4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3441033Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#78963}
-
Shu-yu Guo authored
Currently the Isolate is gotten off of the object that the operation is being performed on. Shared objects return the shared Isolate, which is incorrect as it shouldn't be used to run JS, nor does it have HandleScopes open. Plumb the executing Isolate through. Bug: v8:12547 Change-Id: I52d5a172ea602f4ad058d979003d51a80cdb4405 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3441022Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#78961}
-
Shu-yu Guo authored
Currently the Isolate is gotten off of the object that the operation is being performed on. Shared objects return the shared Isolate, which is incorrect as it shouldn't be used to run JS, nor does it have HandleScopes open. Plumb the executing Isolate through. Bug: v8:12547 Change-Id: I4d2c9f5d4d7bc50b3aeb515eb78c08eb1b2a6824 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3440902Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#78960}
-
- 03 Feb, 2022 1 commit
-
-
Thibaud Michaud authored
This is a reland of f942f656 Changes: Change the order of initialization for wasm continuations to ensure object integrity if a GC happens during allocation. Also add missing handles. Original change's description: > Reland "[wasm] Resume suspender on resolved promise" > > This is a reland of a865d16b > > Changes: > - Make the next ID atomic > - Leave more space for runtime calls in debug mode > > Original change's description: > > [wasm] Resume suspender on resolved promise > > > > Implement the WasmResume builtin, which resumes a wasm suspender > > when the corresponding JS promise resolves. > > > > Drive-by 1: Fix detection of empty stacks in the stack frame iterator. > > Drive-by 2: Add a stack ID for better tracing. > > > > R=ahaas@chromium.org > > CC=fgm@chromium.org > > > > Bug: v8:12191 > > Change-Id: Ifa3f00c4259f802292b04d426c739e9b551f87b9 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3420827 > > Reviewed-by: Andreas Haas <ahaas@chromium.org> > > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > > Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> > > Cr-Commit-Position: refs/heads/main@{#78842} > > Bug: v8:12191 > Change-Id: I3c231690b27be79a0c00e13043342bb4a3628886 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3427203 > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> > Cr-Commit-Position: refs/heads/main@{#78890} Bug: v8:12191 Change-Id: I0e1362d3a9da1fd8c0d600ad9776ce2fd26c6a52 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3434145Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#78922}
-
- 01 Feb, 2022 2 commits
-
-
Thibaud Michaud authored
This reverts commit f942f656. Reason for revert: Breaks gc-stress Original change's description: > Reland "[wasm] Resume suspender on resolved promise" > > This is a reland of a865d16b > > Changes: > - Make the next ID atomic > - Leave more space for runtime calls in debug mode > > Original change's description: > > [wasm] Resume suspender on resolved promise > > > > Implement the WasmResume builtin, which resumes a wasm suspender > > when the corresponding JS promise resolves. > > > > Drive-by 1: Fix detection of empty stacks in the stack frame iterator. > > Drive-by 2: Add a stack ID for better tracing. > > > > R=ahaas@chromium.org > > CC=fgm@chromium.org > > > > Bug: v8:12191 > > Change-Id: Ifa3f00c4259f802292b04d426c739e9b551f87b9 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3420827 > > Reviewed-by: Andreas Haas <ahaas@chromium.org> > > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > > Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> > > Cr-Commit-Position: refs/heads/main@{#78842} > > Bug: v8:12191 > Change-Id: I3c231690b27be79a0c00e13043342bb4a3628886 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3427203 > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> > Cr-Commit-Position: refs/heads/main@{#78890} Bug: v8:12191 Change-Id: I5037419b6cee7a3bb49c1649e5a5d11a935a9b28 No-Presubmit: true No-Tree-Checks: true No-Try: true Auto-submit: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3429500 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Auto-Submit: Thibaud Michaud <thibaudm@chromium.org> Owners-Override: Maya Lekova <mslekova@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#78893}
-
Thibaud Michaud authored
This is a reland of a865d16b Changes: - Make the next ID atomic - Leave more space for runtime calls in debug mode Original change's description: > [wasm] Resume suspender on resolved promise > > Implement the WasmResume builtin, which resumes a wasm suspender > when the corresponding JS promise resolves. > > Drive-by 1: Fix detection of empty stacks in the stack frame iterator. > Drive-by 2: Add a stack ID for better tracing. > > R=ahaas@chromium.org > CC=fgm@chromium.org > > Bug: v8:12191 > Change-Id: Ifa3f00c4259f802292b04d426c739e9b551f87b9 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3420827 > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> > Cr-Commit-Position: refs/heads/main@{#78842} Bug: v8:12191 Change-Id: I3c231690b27be79a0c00e13043342bb4a3628886 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3427203Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#78890}
-
- 28 Jan, 2022 3 commits
-
-
Thibaud Michaud authored
This reverts commit a865d16b. Reason for revert: breaks tsan and gc-stress Original change's description: > [wasm] Resume suspender on resolved promise > > Implement the WasmResume builtin, which resumes a wasm suspender > when the corresponding JS promise resolves. > > Drive-by 1: Fix detection of empty stacks in the stack frame iterator. > Drive-by 2: Add a stack ID for better tracing. > > R=ahaas@chromium.org > CC=fgm@chromium.org > > Bug: v8:12191 > Change-Id: Ifa3f00c4259f802292b04d426c739e9b551f87b9 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3420827 > Reviewed-by: Andreas Haas <ahaas@chromium.org> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> > Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> > Cr-Commit-Position: refs/heads/main@{#78842} Bug: v8:12191 Change-Id: I3352c8b1dcc8d99e1bd782a09276add219a3ecda No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3424489 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Owners-Override: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#78845}
-
Thibaud Michaud authored
Implement the WasmResume builtin, which resumes a wasm suspender when the corresponding JS promise resolves. Drive-by 1: Fix detection of empty stacks in the stack frame iterator. Drive-by 2: Add a stack ID for better tracing. R=ahaas@chromium.org CC=fgm@chromium.org Bug: v8:12191 Change-Id: Ifa3f00c4259f802292b04d426c739e9b551f87b9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3420827Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/main@{#78842}
-
Nico Hartmann authored
This reverts commit 4b8f1b1c. Reason for revert: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20stress-incremental-marking/6292/overview Original change's description: > Reland "[heap] Support client-to-shared refs in Code objects" > > This is a reland of 12e46091 > > Original change's description: > > [heap] Support client-to-shared refs in Code objects > > > > Support references from code objects in the client heaps to shared heap objects. Such references are stored in a remembered set during marking, which is later used for updating pointers. > > > > Bug: v8:11708 > > Change-Id: I8aeb508ddd14514ca65fa5acf3030dd8c2040168 > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3401588 > > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > > Cr-Commit-Position: refs/heads/main@{#78819} > > Bug: v8:11708 > Change-Id: I47bcf44b452fcffe8675fba03244b736ede14247 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3422630 > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> > Cr-Commit-Position: refs/heads/main@{#78838} Bug: v8:11708 Change-Id: I0ec57ad4d7dccf2271ff8c1048762cf2c1b97a42 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3424477 Auto-Submit: Nico Hartmann <nicohartmann@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Owners-Override: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/main@{#78840}
-