Skip to content

V
V8
Switch branch/tag
  1. 22 May, 2018 1 commit
  3. 18 May, 2018 1 commit
    • Peter Marshall's avatar
      [cpu-profiler] Move bailout reason into rare_info struct · 29ea4d1e
      Peter Marshall authored 
      This was set very regularly in FillFunctionInfo, but it was almost
always set to kNoReason, because the associated SFI had no bailout
reason. Given that having a bailout reason is the rare case, we
just assume an empty bailout reason, and use the rare_data_ struct
to store the string pointer if we do need it.

This saves another pointer of space on the CodeEntry object (approx
1.4 MiB on the node server example).

Bug: v8:7719
Change-Id: I8e2272b572285ddf353ba0b303e6da095b7d5272
Reviewed-on: https://chromium-review.googlesource.com/1064370
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: 's avatarAlexei Filippov <alph@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53244}
      29ea4d1e
  5. 17 May, 2018 1 commit
  7. 16 May, 2018 1 commit
    • Alexei Filippov's avatar
      [cpu-profiler] Eagerly delete not used CodeEntry'es · c6c28f7a
      Alexei Filippov authored 
      Currently ProfilerListener holds all the CodeEntries it ever
created during the profiling session. It is not capable of removing
entries corresponding to the code objects discarded by GC as there's
no such code event.

However it is sometimes possible to tell if a code object was GCed.
Hook up to the CodeMap code entry removal and if the entry has never
been hit by a sample we can safely delete it.

As a bonus the CodeEntryInfo size has been reduced on x64, which also
saves 8 x <number of code entries> bytes.

BUG=v8:7719

Change-Id: I988bc5b59f3fba07157a9f472cbcf68596fcd969
Reviewed-on: https://chromium-review.googlesource.com/1054346Reviewed-by: 's avatarPeter Marshall <petermarshall@chromium.org>
Commit-Queue: Alexei Filippov <alph@chromium.org>
Cr-Commit-Position: refs/heads/master@{#53222}
      c6c28f7a
  9. 11 May, 2018 1 commit
  11. 09 May, 2018 3 commits
  13. 08 May, 2018 2 commits
  15. 07 May, 2018 4 commits
  17. 04 May, 2018 2 commits
  19. 03 May, 2018 1 commit
  21. 02 May, 2018 1 commit
  23. 27 Apr, 2018 1 commit
  25. 23 Apr, 2018 1 commit
  27. 18 Apr, 2018 3 commits
  29. 17 Apr, 2018 2 commits
  31. 16 Apr, 2018 1 commit
  33. 14 Apr, 2018 1 commit
    • Jakob Kummerow's avatar
      [ubsan] Change Address typedef to uintptr_t · 2459046c
      Jakob Kummerow authored 
      The "Address" type is V8's general-purpose type for manipulating memory
addresses. Per the C++ spec, pointer arithmetic and pointer comparisons
are undefined behavior except within the same array; since we generally
don't operate within a C++ array, our general-purpose type shouldn't be
a pointer type.

Bug: v8:3770
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ib96016c24a0f18bcdba916dabd83e3f24a1b5779
Reviewed-on: https://chromium-review.googlesource.com/988657
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52601}
      2459046c
  35. 12 Apr, 2018 1 commit
    • Peter Marshall's avatar
      [cpu-profiler] Fix bugs and add tests for JITLineInfoTable · 4feb5ce7
      Peter Marshall authored 
      Looking up line numbers with the JITLineInfoTable would sometimes give
wrong answers. Fix these bugs and add a cctest for this data structure.

Also do some cleanup while we're here like inlining the (empty)
constructor and destructor and removing the empty() method which is
only used unnecessarily anyway, to make the contract of
GetSourceLineNumber a bit clearer.

Also rename the data structure to SourcePositionTable, because it
doesn't just provide info for JIT code, but also bytecode, and 'Info'
is pretty ambiguous.

Bug: v8:7018
Change-Id: I126581c844d85df6b2b3f80f2f5acbce01c16ba1
Reviewed-on: https://chromium-review.googlesource.com/1006795Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52571}
      4feb5ce7
  37. 11 Apr, 2018 1 commit
  39. 09 Apr, 2018 1 commit
  41. 06 Apr, 2018 1 commit
  43. 05 Apr, 2018 4 commits
    • Marja Hölttä's avatar
      [reland] [in-place weak refs] Replace the WeakCell potentially in Map::raw_transitions_. · ceaf02d6
      Marja Hölttä authored 
      Previous: https://chromium-review.googlesource.com/972962

BUG=v8:7308

Change-Id: I6882e36ad9f9360d006937a2f41b07839a73a768
Reviewed-on: https://chromium-review.googlesource.com/995014Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52404}
      ceaf02d6
    • Peter Marshall's avatar
      Reland "[runtime] Remove the construct_stub field of the SFI" · b158bfdc
      Peter Marshall authored 
      This is a reland of 63ecddc8

Original change's description:
> [runtime] Remove the construct_stub field of the SFI
>
> Don't dispatch based on the construct_stub field anymore. Rather than
> read it out and jump to the construct stub, we can switch on the
> builtin_id.
>
> Builtins will always have builtin_id as a Smi, so this signals we need
> to jump to JSBuiltinsConstructStub. The only exception is for uncompiled
> functions, which will have kCompileLazy as the builtin_id, but need to
> jump to the generic stub instead.
>
> API function calls will have a FunctionTemplateInfo in the SFI
> function_data field, and need to go to the builtins stub as well.
>
> The final case is everything else, which should go to the generic stub.
>
> Bug: v8:7503
> Change-Id: I14790a5f9784dc0d940bf10a05f5310026e1d482
> Reviewed-on: https://chromium-review.googlesource.com/980941
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Commit-Queue: Peter Marshall <petermarshall@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52345}

TBR=bmeurer@chromium.org

Bug: v8:7503
Change-Id: Ie46bfb0af173ad7ac8cbdfeed1865e60f3f413f7
Reviewed-on: https://chromium-review.googlesource.com/997712Reviewed-by: 's avatarPeter Marshall <petermarshall@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52389}
      b158bfdc
    • jgruber's avatar
      Rename Code::instruction_{start,end,size} functions · 7b29fe43
      jgruber authored 
      In order to clarify the difference between, e.g., InstructionStart and
instruction_start, rename as follows:

Code::instruction_start -> raw_instruction_start
Code::instruction_end   -> raw_instruction_end
Code::instruction_size  -> raw_instruction_size

The difference between the camel-case and raw_* function families is
in how they handle off-heap-trampoline Code objects. For example, when
called on an off-heap-trampoline: raw_instruction_start returns the
trampoline's entry point, while InstructionStart returns the off-heap
code's entry point (located in the .text section of the binary).

Some callsites were updated to call the camel-case function family as
appropriate.

Bug: v8:6666
Change-Id: I4a572f47c2d161a853599d7c17879e263b0d1a87
Reviewed-on: https://chromium-review.googlesource.com/997532
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: 's avatarMichael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52387}
      7b29fe43
    • Alexey Kozyatinskiy's avatar
      Reland "[debug] introduced runtime side effect check" · 71018812
      Alexey Kozyatinskiy authored 
      This is a reland of 7a2c3713

Original change's description:
> [debug] introduced runtime side effect check
> 
> This CL demonstrates minimum valuable addition to existing debug evaluate
> without side effects mechanism.
> With this CL user can evaluate expressions like:
> [a,b] // create any kind of temporary array literals
> [a,b].reduce((x,y) => x + y, 0); // use reduce method
> [1,2,3].fill(2); // change temporary arrays
> 
> The core idea: any change of the object created during evaluation without
> side effects is side effect free. As soon as we try to store this temporary
> object to object existed before evaluation we will terminate execution.
> 
> Implementation:
> - track all objects allocated during evaluation and mark them as temporary,
> - patch all bytecodes which change objects.
> 
> A little more details (including performance analysis): [1].
> 
> [1] https://docs.google.com/document/d/10qqAtZADspPnpYa6SEdYRxrddfKIZJIzbLtGpsZQkRo/edit#
> 
> Bug: v8:7588
> Change-Id: I69f7b96e1ebd7ad0022219e8213211c7be72a111
> Reviewed-on: https://chromium-review.googlesource.com/972615
> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52370}

Bug: v8:7588
Change-Id: Ibc92bf19155f2ddaedae39b0c576b994e84afcf8
Reviewed-on: https://chromium-review.googlesource.com/996760Reviewed-by: 's avatarAleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52373}
      71018812
  45. 04 Apr, 2018 4 commits
    • Aleksey Kozyatinskiy's avatar
      Revert "[debug] introduced runtime side effect check" · 539a2443
      Aleksey Kozyatinskiy authored 
      This reverts commit 7a2c3713.

Reason for revert: msan is broken

Original change's description:
> [debug] introduced runtime side effect check
> 
> This CL demonstrates minimum valuable addition to existing debug evaluate
> without side effects mechanism.
> With this CL user can evaluate expressions like:
> [a,b] // create any kind of temporary array literals
> [a,b].reduce((x,y) => x + y, 0); // use reduce method
> [1,2,3].fill(2); // change temporary arrays
> 
> The core idea: any change of the object created during evaluation without
> side effects is side effect free. As soon as we try to store this temporary
> object to object existed before evaluation we will terminate execution.
> 
> Implementation:
> - track all objects allocated during evaluation and mark them as temporary,
> - patch all bytecodes which change objects.
> 
> A little more details (including performance analysis): [1].
> 
> [1] https://docs.google.com/document/d/10qqAtZADspPnpYa6SEdYRxrddfKIZJIzbLtGpsZQkRo/edit#
> 
> Bug: v8:7588
> Change-Id: I69f7b96e1ebd7ad0022219e8213211c7be72a111
> Reviewed-on: https://chromium-review.googlesource.com/972615
> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52370}

TBR=ulan@chromium.org,rmcilroy@chromium.org,yangguo@chromium.org,kozyatinskiy@chromium.org,leszeks@chromium.org

Change-Id: Ied1739c6308b13a4981189e0999f5912316cf456
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7588
Reviewed-on: https://chromium-review.googlesource.com/996135Reviewed-by: 's avatarAleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52371}
      539a2443
    • Alexey Kozyatinskiy's avatar
      [debug] introduced runtime side effect check · 7a2c3713
      Alexey Kozyatinskiy authored 
      This CL demonstrates minimum valuable addition to existing debug evaluate
without side effects mechanism.
With this CL user can evaluate expressions like:
[a,b] // create any kind of temporary array literals
[a,b].reduce((x,y) => x + y, 0); // use reduce method
[1,2,3].fill(2); // change temporary arrays

The core idea: any change of the object created during evaluation without
side effects is side effect free. As soon as we try to store this temporary
object to object existed before evaluation we will terminate execution.

Implementation:
- track all objects allocated during evaluation and mark them as temporary,
- patch all bytecodes which change objects.

A little more details (including performance analysis): [1].

[1] https://docs.google.com/document/d/10qqAtZADspPnpYa6SEdYRxrddfKIZJIzbLtGpsZQkRo/edit#

Bug: v8:7588
Change-Id: I69f7b96e1ebd7ad0022219e8213211c7be72a111
Reviewed-on: https://chromium-review.googlesource.com/972615
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52370}
      7a2c3713
    • Michael Achenbach's avatar
      Revert "[runtime] Remove the construct_stub field of the SFI" · f49a1a67
      Michael Achenbach authored 
      This reverts commit 63ecddc8.

Reason for revert:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20-%20internal%20snapshot/builds/14773

Original change's description:
> [runtime] Remove the construct_stub field of the SFI
> 
> Don't dispatch based on the construct_stub field anymore. Rather than
> read it out and jump to the construct stub, we can switch on the
> builtin_id.
> 
> Builtins will always have builtin_id as a Smi, so this signals we need
> to jump to JSBuiltinsConstructStub. The only exception is for uncompiled
> functions, which will have kCompileLazy as the builtin_id, but need to
> jump to the generic stub instead.
> 
> API function calls will have a FunctionTemplateInfo in the SFI
> function_data field, and need to go to the builtins stub as well.
> 
> The final case is everything else, which should go to the generic stub.
> 
> Bug: v8:7503
> Change-Id: I14790a5f9784dc0d940bf10a05f5310026e1d482
> Reviewed-on: https://chromium-review.googlesource.com/980941
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Commit-Queue: Peter Marshall <petermarshall@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52345}

TBR=petermarshall@chromium.org,leszeks@chromium.org,bmeurer@chromium.org

Change-Id: I2031913ab5a12018ad932f920792aa1f6faa5e22
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:7503
Reviewed-on: https://chromium-review.googlesource.com/995293Reviewed-by: 's avatarMichael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52346}
      f49a1a67
    • Peter Marshall's avatar
      [runtime] Remove the construct_stub field of the SFI · 63ecddc8
      Peter Marshall authored 
      Don't dispatch based on the construct_stub field anymore. Rather than
read it out and jump to the construct stub, we can switch on the
builtin_id.

Builtins will always have builtin_id as a Smi, so this signals we need
to jump to JSBuiltinsConstructStub. The only exception is for uncompiled
functions, which will have kCompileLazy as the builtin_id, but need to
jump to the generic stub instead.

API function calls will have a FunctionTemplateInfo in the SFI
function_data field, and need to go to the builtins stub as well.

The final case is everything else, which should go to the generic stub.

Bug: v8:7503
Change-Id: I14790a5f9784dc0d940bf10a05f5310026e1d482
Reviewed-on: https://chromium-review.googlesource.com/980941Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52345}
      63ecddc8
  47. 28 Mar, 2018 1 commit