- 22 Dec, 2020 1 commit
-
-
Andrew Comminos authored
As a first step towards freeing CodeEntry objects that are neither still referenced by JS or stored in a profile, enable freeing of refcounted strings by CodeEntry instances. For now, this leaves behaviour unchanged until we receive CodeEntry destruction events. Bug: v8:11054 Change-Id: Iabd05aa730343cd1a879ff5b04326f23e68aa948 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2590604 Commit-Queue: Andrew Comminos <acomminos@fb.com> Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#71858}
-
- 10 Dec, 2020 1 commit
-
-
Clemens Backes authored
So far we reported the script ID, but DevTools ignores that and uses the source url instead. That url was just set to "wasm ", which the frontend couldn't make any sense of. This CL fixes this by passing the source URL to the code create event, and also setting the position of the code inside the script (i.e. wasm module). R=thibaudm@chromium.org, petermarshall@chromium.org Bug: chromium:1125986 Change-Id: Ic41dcd2768c60fd6748468d3a89fc4ffccb35932 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2581543 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by:
Thibaud Michaud <thibaudm@chromium.org> Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#71695}
-
- 08 Dec, 2020 4 commits
-
-
Andrew Comminos authored
Currently, GetConsName incorrectly includes the null terminator as part of the length used in the string's hash. Exclude this to be consistent with GetCopy, GetName, etc. and permit coalescing. Bug: v8:0 Change-Id: I1e8a4eb7055637f3ed178014725b44e84d7788b6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2578192Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Commit-Queue: Andrew Comminos <acomminos@fb.com> Cr-Commit-Position: refs/heads/master@{#71667}
-
Clemens Backes authored
This is a reland of ab4d9717. The original CL did a std::move before the final use of the NativeModule. PS2 removes that. TBR=petermarshall@chromium.org, thibaudm@chromium.org Original change's description: > [wasm] Pass the script ID to code logging > > We didn't pass a script ID with the code creation events for profiling. > This made DevTools lose the connection to the wasm script, hence > jumping from the profiler entry to the source did not work. > > This CL changes the timing of code logging a bit such that the script is > always allocated before logging. In the queue of code to be logged we > then also store the script ID, and finally set it on the {CodeEntry} > object. > > R=thibaudm@chromium.org > > Bug: chromium:1125986 > Change-Id: I2248c1d520bc819436bbe732373f7a3446b64f48 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2575057 > Commit-Queue: Clemens Backes <clemensb@chromium.org> > Reviewed-by: Peter Marshall <petermarshall@chromium.org> > Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> > Cr-Commit-Position: refs/heads/master@{#71654} Bug: chromium:1125986 Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng Change-Id: I2a7c5fe04fff726836b1279e3d05b1702a4efb76 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2578980Reviewed-by:
Clemens Backes <clemensb@chromium.org> Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Reviewed-by:
Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#71663}
-
Clemens Backes authored
This reverts commit ab4d9717. Reason for revert: UBSan issues: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/14184/overview Original change's description: > [wasm] Pass the script ID to code logging > > We didn't pass a script ID with the code creation events for profiling. > This made DevTools lose the connection to the wasm script, hence > jumping from the profiler entry to the source did not work. > > This CL changes the timing of code logging a bit such that the script is > always allocated before logging. In the queue of code to be logged we > then also store the script ID, and finally set it on the {CodeEntry} > object. > > R=thibaudm@chromium.org > > Bug: chromium:1125986 > Change-Id: I2248c1d520bc819436bbe732373f7a3446b64f48 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2575057 > Commit-Queue: Clemens Backes <clemensb@chromium.org> > Reviewed-by: Peter Marshall <petermarshall@chromium.org> > Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> > Cr-Commit-Position: refs/heads/master@{#71654} TBR=petermarshall@chromium.org,clemensb@chromium.org,thibaudm@chromium.org Change-Id: I03c90c77b55e770797a6d66b1d778992a047e07a No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:1125986 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2575070Reviewed-by:
Clemens Backes <clemensb@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#71660}
-
Clemens Backes authored
We didn't pass a script ID with the code creation events for profiling. This made DevTools lose the connection to the wasm script, hence jumping from the profiler entry to the source did not work. This CL changes the timing of code logging a bit such that the script is always allocated before logging. In the queue of code to be logged we then also store the script ID, and finally set it on the {CodeEntry} object. R=thibaudm@chromium.org Bug: chromium:1125986 Change-Id: I2248c1d520bc819436bbe732373f7a3446b64f48 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2575057 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Reviewed-by:
Thibaud Michaud <thibaudm@chromium.org> Cr-Commit-Position: refs/heads/master@{#71654}
-
- 26 Nov, 2020 1 commit
-
-
Santiago Aboy Solanes authored
Scopes in V8 are used to guarantee one or more properties during its lifetimes. If a scope is not named e.g MyClassScope(args) instead of MyClassScope scope(args) it will get created and automatically destroyed and therefore, being useless as a scope. This CL would produce a compiling warning when that happens to ward off this developer error. Follow-up to ccrev.com/2552415 in which it was introduced and implemented for Guard classes. Change-Id: Ifa0fb89cc3d9bdcdee0fd8150a2618af5ef45cbf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2555001 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Reviewed-by:
Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Reviewed-by:
Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#71425}
-
- 24 Nov, 2020 1 commit
-
-
Georg Neis authored
Apart from removing Min and Max (utils.h), this is mostly a renaming. In a few cases I had to add a cast. In a bunch of cases I had to use initializer lists to force call-by-value for static member constants because call-by-reference wouldn't compile (like in the previous CL). In a few places I used initializer lists in place of nested min/max operations. Bug: v8:11074 Change-Id: I53a5411be6334ff41e7a8517e6b87fb46f14d086 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2545523 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by:
Hannes Payer <hpayer@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#71380}
-
- 20 Nov, 2020 2 commits
-
-
Leszek Swirski authored
Because of LocalHeap safepoints, our existing assert scopes don't necessarily maintain the same guarantees as desired. In particular, DisallowHeapAllocation no longer guarantees that objects don't move. This patch transitions DisallowHeapAllocation to DisallowGarbageCollection, to ensure that code using this scope is also protected against safepoints. Change-Id: I0411425884f6849982611205fb17bb072881c722 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2540547 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Clemens Backes <clemensb@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Tobias Tebbi <tebbi@chromium.org> Reviewed-by:
Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#71319}
-
Clemens Backes authored
We had a test which first enabled the profiler, and then compiled wasm code. In this case, all code objects were registered correctly and the profile looked as expected. This CL extends the test for also test another order: First compile the wasm code, then enable the profiler. In that case, we were reporting a wrong debug name of the exported wasm function. The name of that function is spec'ed to be the string representation of the function index. But for debugging, we want to see a more meaningful name, identical to the name we show when reporting the code during compilation. This fix requires handlifying the {SharedFunctionInfo::DebugName} method, because for exported wasm functions, it needs to allocate a new name on the JS heap. In order to avoid this allocation where possible, a second variant is added which returns a unique_ptr directly. This can be used in all places where the name is just being printed, which turned out to be the majority of cases ({DebugName().ToCString()}). R=petermarshall@chromium.org Bug: chromium:1141787 Change-Id: I0343c2f06f0b852007535ff07459b712801ead01 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2543931 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by:
Andreas Haas <ahaas@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Igor Sheludko <ishell@chromium.org> Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#71308}
-
- 19 Nov, 2020 1 commit
-
-
Frank Emrich authored
This CL adds partial support for objects whose slow mode dictionaries are OrderedNameDictionaries. This is the case for all slow mode objects if V8_DICT_MODE_PROTOTYPES is enabled. In particular, this part contains the remaining fixes to runtime code, except for the class templating logic, which follows in a later CL. Bug: v8:7569 Change-Id: Ib4d08d7d352125709ca916dfc75018dabf71b0cd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2540549Reviewed-by:
Dominik Inführ <dinfuehr@chromium.org> Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Reviewed-by:
Marja Hölttä <marja@chromium.org> Reviewed-by:
Igor Sheludko <ishell@chromium.org> Commit-Queue: Frank Emrich <emrich@google.com> Cr-Commit-Position: refs/heads/master@{#71275}
-
- 18 Nov, 2020 1 commit
-
-
Maya Lekova authored
This CL introduces a new fast_api_call_target field on the isolate, which is set by Turbofan before making the fast call. It then uses the field when creating a stack sample and stores it in the existing external_callback_entry used for regular API callbacks. The CL also adds a cctest with simple usage scenario and introduces a minor refactoring in test-api.cc. Design doc: https://docs.google.com/document/d/1r32qlPzGz0P7nieisJ5h2qfSnWOs40Cigt0LXPipejE/edit Bug: chromium:1052746 Change-Id: I2dab1bc395ccab0c14088f7c354fb52b08df8d32 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2488683 Commit-Queue: Maya Lekova <mslekova@chromium.org> Reviewed-by:
Georg Neis <neis@chromium.org> Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#71254}
-
- 13 Nov, 2020 1 commit
-
-
Georg Neis authored
Bug: v8:7790 Change-Id: I4b6ef907c66bdc0a327d211db2f86ebb75f969a7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2536638Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#71183}
-
- 11 Nov, 2020 2 commits
-
-
Igor Sheludko authored
This CL * renames Name::hash_field field to raw_hash_field. * all local variables that store raw_hash_field value are also renamed to raw_hash_field where possible. Bug: chromium:1133527, v8:11074 Change-Id: I17313f386110b33a64f629cc2b9d4afd1e06c6c0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2471999Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#71114}
-
Zhi An Ng authored
Bug: v8:11074 Change-Id: I11632ad59ec3826b71e901e0eb34ef6dc1295637 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2524419Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#71098}
-
- 29 Oct, 2020 2 commits
-
-
Nico Hartmann authored
This is the 1st step in series of CLs to move the SharedFunctionInfo class to kNeverSerialized and make it concurrently accessible from the background thread. This CL: * Enables direct heap reads for the most basic members of SFI if FLAG_turbo_direct_heap_reads is enabled. * Adds synchronization to SharedFunctionInfo::script_or_debug_info. Bug: v8:7790 Change-Id: Ia7d28033e9053aae5771b1b9b174de40f194534d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2461238Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Georg Neis <neis@chromium.org> Reviewed-by:
Santiago Aboy Solanes <solanes@chromium.org> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/master@{#70877}
-
Michael Lippautz authored
This is a reland of e68285e2 Failing wasm tests seemed to recover on their own. Original change's description: > cppgc-js: heap snapshot: Add logic for querying detachedness > > Adds infrastructure to allow embedders specifying a detachedness state > that is queried when encountering an object with a TraceReference that > has a non-zero wrapper class id set. > > Change-Id: Ie7f2f253544ee25a25565eb08d82e9df5f0a74d2 > Bug: chromium:1056170 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2502345 > Commit-Queue: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Omer Katz <omerkatz@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Cr-Commit-Position: refs/heads/master@{#70841} Bug: chromium:1056170 Change-Id: I293a9d38f841b4d0faa4af7408bb57544f11d566 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2505713 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
Omer Katz <omerkatz@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#70867}
-
- 28 Oct, 2020 4 commits
-
-
Francis McCabe authored
This reverts commit e68285e2. Reason for revert: ASAN test failing: https://ci.chromium.org/p/v8/builders/ci/V8%20Mac64%20ASAN/29838? Original change's description: > cppgc-js: heap snapshot: Add logic for querying detachedness > > Adds infrastructure to allow embedders specifying a detachedness state > that is queried when encountering an object with a TraceReference that > has a non-zero wrapper class id set. > > Change-Id: Ie7f2f253544ee25a25565eb08d82e9df5f0a74d2 > Bug: chromium:1056170 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2502345 > Commit-Queue: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Omer Katz <omerkatz@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Cr-Commit-Position: refs/heads/master@{#70841} TBR=ulan@chromium.org,mlippautz@chromium.org,omerkatz@chromium.org Change-Id: Ic13337b9c5b336a81efa5f2672f5a501084b5326 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:1056170 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2505613Reviewed-by:
Francis McCabe <fgm@chromium.org> Commit-Queue: Francis McCabe <fgm@chromium.org> Cr-Commit-Position: refs/heads/master@{#70843}
-
Michael Lippautz authored
Adds infrastructure to allow embedders specifying a detachedness state that is queried when encountering an object with a TraceReference that has a non-zero wrapper class id set. Change-Id: Ie7f2f253544ee25a25565eb08d82e9df5f0a74d2 Bug: chromium:1056170 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2502345 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
Omer Katz <omerkatz@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#70841}
-
Mythri A authored
This is a reland of d7ece57e with a fix to failures on NumFuzz. Original change's description: > [turboprop] Add a slot for optimization marker in feedback vector > > Optimization marker and the optimized code used to share the same slot > in the feedback vector as they were mutually exclusive. With turboprop > we would want to mark the function for tier up to Turbofan while holding > the optimized code for Turboprop. So this cl uses the existing padding > field to hold the optimization marker instead. > > As a driveby, removes unused JSFunction::ClearOptimizedCodeSlot function > and fixes a minor bug in Runtime_GetOptimizationStatus. > > Bug: v8:9684 > Change-Id: I18c551a69648a0837d16c5453d023c0b295b1521 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2467836 > Commit-Queue: Mythri Alle <mythria@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Cr-Commit-Position: refs/heads/master@{#70789} Bug: v8:9684 Change-Id: Ie6aa3c061a852bb047b5921e4e747d43505568e3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2502871 Commit-Queue: Mythri Alle <mythria@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#70834}
-
Ulan Degenbaev authored
This calls Heap::CollectAllAvailableGarbage() in the heap snapshot generator. Bug: chromium:1113467 Change-Id: Ia7f58893a36f11f80f1bffafcea0e73f5ec49901 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2456687 Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#70829}
-
- 27 Oct, 2020 5 commits
-
-
Nicolas Dubus authored
- Created status enum with statuses kStarted, kAlreadyStarted and kErrorTooManyProfilers, returning when StartProfiling is invoked - Tests spin up one profiler, check kStarted returned; spin up another with same name, check kAlreadyStarted returned; Spin up 99 more profilers (100 total), check each returning kStarted, and one more, expecting 101st to return kErrorTooManyProfilers R=acomminos@fb.com, petermarshall@chromium.org, ulan@chromium.org Change-Id: I64e2e6396775f90f9f49f75331a075a47efa7fca Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2486240Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#70808}
-
Mythri Alle authored
This reverts commit d7ece57e. Reason for revert: failures on NumFuzz https://ci.chromium.org/p/v8/builders/ci/V8%20NumFuzz%20-%20debug/11818? Original change's description: > [turboprop] Add a slot for optimization marker in feedback vector > > Optimization marker and the optimized code used to share the same slot > in the feedback vector as they were mutually exclusive. With turboprop > we would want to mark the function for tier up to Turbofan while holding > the optimized code for Turboprop. So this cl uses the existing padding > field to hold the optimization marker instead. > > As a driveby, removes unused JSFunction::ClearOptimizedCodeSlot function > and fixes a minor bug in Runtime_GetOptimizationStatus. > > Bug: v8:9684 > Change-Id: I18c551a69648a0837d16c5453d023c0b295b1521 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2467836 > Commit-Queue: Mythri Alle <mythria@chromium.org> > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Cr-Commit-Position: refs/heads/master@{#70789} TBR=rmcilroy@chromium.org,mythria@chromium.org,jgruber@chromium.org Change-Id: Ia9894fef713a522b9c3d349bef4abcde3e1e1832 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:9684 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2502870Reviewed-by:
Mythri Alle <mythria@chromium.org> Commit-Queue: Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#70803}
-
Peter Marshall authored
We kept the CodeMap filled with entries between profiles, even in kLazyLogging mode which will re-fill the CodeMap when profiling starts again. See the bug for more details. This fix manually clears the CodeMap after the last profile is deleted. We already call DisableLogging() when the last profile is stopped. At this point we still need the CodeMap alive because the profile object we expose via the API is backed by the CodeEntry objects in the CodeMap. Once the last profile is deleted though, we can empty the CodeMap. There is still another bug, which is that we never delete CodeEntry objects for deleted code, as there are no CodeDeleteEvents from the GC. We will work on that separately, but this fix should stop those leaks accumulating between profiles as we wipe the CodeMap entirely between profiles (at least for kLazyLogging mode). kEagerLogging mode still has this problem and will only be fixed by introducing CodeDelete events or similar. Bug: v8:11051 Change-Id: Iab9570747d17c657e6e318d434f935af8047d05f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2491033 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Reviewed-by:
Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#70792}
-
Mythri A authored
Optimization marker and the optimized code used to share the same slot in the feedback vector as they were mutually exclusive. With turboprop we would want to mark the function for tier up to Turbofan while holding the optimized code for Turboprop. So this cl uses the existing padding field to hold the optimization marker instead. As a driveby, removes unused JSFunction::ClearOptimizedCodeSlot function and fixes a minor bug in Runtime_GetOptimizationStatus. Bug: v8:9684 Change-Id: I18c551a69648a0837d16c5453d023c0b295b1521 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2467836 Commit-Queue: Mythri Alle <mythria@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#70789}
-
Charles Kerr authored
Halve the number of lookups in ExtractLocationForJSFunction() by calling GetPositionInfo() directly instead of making separate calls for column and line number. Improve the efficiency of position lookups in slow mode. The current code does a linear walk through the source by calling String::Get() for each character. This PR also does a linear walk, but avoids the overhead of multiple Get() calls by pulling the String's flat content into a local vector and walking through that. Downstream Electron discussion of this can be found at https://github.com/electron/electron/issues/24509 Apologies in advance if I've missed anything; this is my first V8 CL... Change-Id: I22b034dc1bfe967164d2f8515a9a0c1d7f043c83 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2496065 Commit-Queue: Simon Zünd <szuend@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#70783}
-
- 26 Oct, 2020 1 commit
-
-
Leszek Swirski authored
Split GlobalObject tagging into collecting pairs of tags, followed by writing those tags into an unordered_map after entering a safepoint scope. This ensures that we follow moved global objects if they move in the GCs between the tagging and the safepoint. Bug: v8:11050 Change-Id: I333d50d000ec49e6c4218e71f0cc84a49b460ecf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2494932 Auto-Submit: Leszek Swirski <leszeks@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#70749}
-
- 20 Oct, 2020 1 commit
-
-
Edward Lesmes authored
Generate DIR_METADATA files and remove metadata from OWNERS files for v8. R=jkummerow@chromium.org, ochang@chromium.org, yangguo@chromium.org Bug: chromium:1113033 Change-Id: I82cbb62e438d82dbbc408e87120af39fa9da0afa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2476680Reviewed-by:
Adam Klein <adamk@chromium.org> Reviewed-by:
Maya Lekova <mslekova@chromium.org> Reviewed-by:
Jakob Kummerow <jkummerow@chromium.org> Reviewed-by:
Yang Guo <yangguo@chromium.org> Commit-Queue: Edward Lesmes <ehmaldonado@chromium.org> Auto-Submit: Edward Lesmes <ehmaldonado@chromium.org> Cr-Commit-Position: refs/heads/master@{#70669}
-
- 16 Oct, 2020 3 commits
-
-
Michael Lippautz authored
This reverts commit fba14bde. Reland fixes: - const vector<const string> -> const vector<string> Original message: The following implements a snapshotting algorithm for C++ objects that also filters strongly-connected components (SCCs) of only "hidden" objects that are not (transitively) referencing any non-hidden objects. C++ objects come in two versions. a. Named objects that have been assigned a name through NameProvider. b. Unnamed objects, that are potentially hidden if the build configuration requires Oilpan to hide such names. Hidden objects have their name set to NameProvider::kHiddenName. The main challenge for the algorithm is to avoid blowing up the final object graph with hidden nodes that do not carry information. For that reason, the algorithm filters SCCs of only hidden objects, e.g.: ... -> (object) -> (object) -> (hidden) -> (hidden) In this case the (hidden) objects are filtered from the graph. The trickiest part is maintaining visibility state for objects referencing other objects that are currently being processed. Main algorithm idea (two passes): 1. First pass marks all non-hidden objects and those that transitively reach non-hidden objects as visible. Details: - Iterate over all objects. - If object is non-hidden mark it as visible and also mark parent as visible if needed. - If object is hidden, traverse children as DFS to find non-hidden objects. Post-order process the objects and mark those objects as visible that have child nodes that are visible themselves. - Maintain an epoch counter (StateStorage::state_count_) to allow deferring the visibility decision to other objects in the same SCC. This is similar to the "lowlink" value in Tarjan's algorithm for SCC. - After the first pass it is guaranteed that all deferred visibility decisions can be resolved. 2. Second pass adds nodes and edges for all visible objects. - Upon first checking the visibility state of an object, all deferred visibility states are resolved. For practical reasons, the recursion is transformed into an iteration. We do not use plain Tarjan's algorithm to avoid another pass over all nodes to create SCCs. Follow ups: 1. Adding wrapper nodes for cpp objects that are wrappables for V8 wrappers. 2. Adding detachedness information. Bug: chromium:1056170 Change-Id: Ib47df5c912c57d644d052f209276e9d926cece0f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2480362 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Auto-Submit: Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#70577}
-
Maya Lekova authored
This reverts commit 02849fd9. Reason for revert: Breaks Win64 MSVC bot and closes the tree - https://ci.chromium.org/p/v8/builders/ci/V8%20Win64%20-%20msvc/15416 Original change's description: > cppgc-js: Add snapshot for C++ objects > > The following implements a snapshotting algorithm for C++ objects that > also filters strongly-connected components (SCCs) of only "hidden" > objects that are not (transitively) referencing any non-hidden > objects. > > C++ objects come in two versions. > a. Named objects that have been assigned a name through NameProvider. > b. Unnamed objects, that are potentially hidden if the build > configuration requires Oilpan to hide such names. Hidden objects have > their name set to NameProvider::kHiddenName. > > The main challenge for the algorithm is to avoid blowing up the final > object graph with hidden nodes that do not carry information. For that > reason, the algorithm filters SCCs of only hidden objects, e.g.: > ... -> (object) -> (object) -> (hidden) -> (hidden) > In this case the (hidden) objects are filtered from the graph. The > trickiest part is maintaining visibility state for objects referencing > other objects that are currently being processed. > > Main algorithm idea (two passes): > 1. First pass marks all non-hidden objects and those that transitively > reach non-hidden objects as visible. Details: > - Iterate over all objects. > - If object is non-hidden mark it as visible and also mark parent > as visible if needed. > - If object is hidden, traverse children as DFS to find non-hidden > objects. Post-order process the objects and mark those objects as > visible that have child nodes that are visible themselves. > - Maintain an epoch counter (StateStorage::state_count_) to allow > deferring the visibility decision to other objects in the same > SCC. This is similar to the "lowlink" value in Tarjan's algorithm > for SCC. > - After the first pass it is guaranteed that all deferred > visibility decisions can be resolved. > 2. Second pass adds nodes and edges for all visible objects. > - Upon first checking the visibility state of an object, all deferred > visibility states are resolved. > > For practical reasons, the recursion is transformed into an iteration. > We do not use plain Tarjan's algorithm to avoid another pass over > all nodes to create SCCs. > > Follow ups: > 1. Adding wrapper nodes for cpp objects that are wrappables for V8 > wrappers. > 2. Adding detachedness information. > > Change-Id: I6e127d2c6d65e77defe08e39295a2594f463b962 > Bug: chromium:1056170 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2467854 > Commit-Queue: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Reviewed-by: Omer Katz <omerkatz@chromium.org> > Cr-Commit-Position: refs/heads/master@{#70567} TBR=ulan@chromium.org,mlippautz@chromium.org,bikineev@chromium.org,omerkatz@chromium.org Change-Id: I64a2cf2259bdaed81f6e0f92bdcc7a1f0df4d197 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:1056170 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2479471Reviewed-by:
Maya Lekova <mslekova@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#70571}
-
Michael Lippautz authored
The following implements a snapshotting algorithm for C++ objects that also filters strongly-connected components (SCCs) of only "hidden" objects that are not (transitively) referencing any non-hidden objects. C++ objects come in two versions. a. Named objects that have been assigned a name through NameProvider. b. Unnamed objects, that are potentially hidden if the build configuration requires Oilpan to hide such names. Hidden objects have their name set to NameProvider::kHiddenName. The main challenge for the algorithm is to avoid blowing up the final object graph with hidden nodes that do not carry information. For that reason, the algorithm filters SCCs of only hidden objects, e.g.: ... -> (object) -> (object) -> (hidden) -> (hidden) In this case the (hidden) objects are filtered from the graph. The trickiest part is maintaining visibility state for objects referencing other objects that are currently being processed. Main algorithm idea (two passes): 1. First pass marks all non-hidden objects and those that transitively reach non-hidden objects as visible. Details: - Iterate over all objects. - If object is non-hidden mark it as visible and also mark parent as visible if needed. - If object is hidden, traverse children as DFS to find non-hidden objects. Post-order process the objects and mark those objects as visible that have child nodes that are visible themselves. - Maintain an epoch counter (StateStorage::state_count_) to allow deferring the visibility decision to other objects in the same SCC. This is similar to the "lowlink" value in Tarjan's algorithm for SCC. - After the first pass it is guaranteed that all deferred visibility decisions can be resolved. 2. Second pass adds nodes and edges for all visible objects. - Upon first checking the visibility state of an object, all deferred visibility states are resolved. For practical reasons, the recursion is transformed into an iteration. We do not use plain Tarjan's algorithm to avoid another pass over all nodes to create SCCs. Follow ups: 1. Adding wrapper nodes for cpp objects that are wrappables for V8 wrappers. 2. Adding detachedness information. Change-Id: I6e127d2c6d65e77defe08e39295a2594f463b962 Bug: chromium:1056170 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2467854 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/master@{#70567}
-
- 12 Oct, 2020 1 commit
-
-
Anna Henningsen authored
Fix a crash/hang that occurred when deleting a snapshot during the GC that is part of taking another one. Specifically, when deleting the only other snapshot in such a situation, the `v8::HeapSnapshot::Delete()` method sees that there is only one (complete) snapshot at that point, and decides that it is okay to perform “delete all snapshots” instead of just deleting the requested one. That resets the internal string lookup table of the heap profiler, but the new snapshot that is currently in progress still holds references to the old string lookup table, leading to a use-after-free segfault or infinite loop. Fix this by guarding against resetting the string table while another heap snapshot is being taken, and add a test that would crash before this fix. This can be triggered in Node.js by repeatedly calling `v8.getHeapSnapshot()`, which provides heap snapshots as weakly held host objects. Change-Id: If9ac3728bf79114000982f1e7bb05e8034299e3c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2464823Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#70445}
-
- 08 Oct, 2020 1 commit
-
-
Georg Neis authored
Bug: v8:7790 Change-Id: I1ffb2289f613a03d0246db2d66c3caaf0e4d6d2a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2448796 Auto-Submit: Georg Neis <neis@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Reviewed-by:
Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by:
Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/master@{#70406}
-
- 07 Oct, 2020 1 commit
-
-
Leszek Swirski authored
Introduce an IsolateRoot class, which encapsulates the root address needed for pointer decompression. This class is implicitly constructible from both Isolate* and LocalIsolate*, allowing us to avoid templating methods that can take both, or awkwardly creating a `const Isolate*` from a `LocalIsolate*` just for getters. Change-Id: I6d4b9492409fc7d5b375162e381192cb48c8ba01 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2440605 Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Tobias Tebbi <tebbi@chromium.org> Reviewed-by:
Igor Sheludko <ishell@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#70365}
-
- 05 Oct, 2020 1 commit
-
-
Santiago Aboy Solanes authored
We can use tag dispatching to distinguish between the synchronized and non-synchronized accessors. Also eliminated the need of adding explicit "synchronized" in the name when using the macros. As a note, we currently have one case of using both relaxed and synchronized accessors (Map::instance_descriptors). Cleaned up: * BytecodeArray::source_position_table * Code::code_data_container * Code::source_position_table * FunctionTemplateInfo::call_code * Map::instance_descriptors * Map::layout_descriptor * SharedFunctionInfo::function_data Bug: v8:7790 Change-Id: I5a502f4b2df6addb6c45056e77061271012c7d90 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2424130 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by:
Georg Neis <neis@chromium.org> Reviewed-by:
Dominik Inführ <dinfuehr@chromium.org> Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#70306}
-
- 03 Oct, 2020 1 commit
-
-
Peter Marshall authored
We used to have extra data in this but now it's just an indirection to CodeEntryAndLineNumber so use that everywhere instead. Change-Id: I6dcedabc1502bc1eed25c05e23f04b996b91bae7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2440829 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Reviewed-by:
Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#70294}
-
- 01 Oct, 2020 1 commit
-
-
Peter Marshall authored
Rename it to Symbolizer because it does exactly that. Change the SymbolizeTickSample method to return the symbolized state rather than pass it on to the ProfilesCollection. This makes it easier to test as now it only relies on the CodeMap provided to it. Make EntryForVMState a free-floating function as it doesn't rely on state and then we can avoid importing the StateTag definition in the header. Remove the UNREACHABLE from EntryForVMState as the compiler got smarter and doesn't need it anymore. Pass the CpuProfilesCollection to SamplingEventsProcessor instead, as it is now responsible for putting the symbolized samples into the collection to be sorted into the appropriate profiles. Change-Id: I104290eff22b7d94a1bd34ba904036badccf4e13 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2440522 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Reviewed-by:
Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#70248}
-
- 23 Sep, 2020 1 commit
-
-
Clemens Backes authored
This CL fixes two things: 1) It properly creates code entries for the generic js-to-wasm builtin (others are left out because we don't want to include all builtins in profiles). 2) It includes js-to-wasm frames in profiles. The generic js-to-wasm builtin will map to that frame type in the future (see referenced bug). js-to-wasm frames are currently included because they are wrongly mapped to OPTIMIZED frames by the SafeStackTraceIterator. R=petermarshall@chromium.org CC=ahaas@chromium.org, evih@google.com Bug: v8:10701 Change-Id: I26e3fa6901890e041feab7c001069e67a616c986 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2416495Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#70095}
-
- 18 Sep, 2020 1 commit
-
-
Michael Lippautz authored
Fix merging of detachedness state. Drive-by: Split lookup and merging of nodes. Bug: chromium:1110816 Change-Id: I27dba7a6f22c75e5aae130d8cec01ccf755fad79 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2416492 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#69985}
-
- 16 Sep, 2020 1 commit
-
-
Alex Kodat authored
While the sampler checked if the sampled thread had the Isolate locked (if locks are being used) under Linux, the check was not done under Windows (or Fuchsia) which meant that in a multi-threading application under Windows, thread locking was not checked making it prone to seg faults and the like as the profiler would be using isolate->js_entry_sp to determine the stack to walk but isolate->js_entry_sp is the stack pointer for the thread that currently has the Isolate lock so, if the sampled thread does not have the lock, the sampler woud be iterating over the wrong stack, one that might actually be actively changing on another thread. The fix was to move the lock check into CpuSampler and Ticker (--prof) so all OSes would do the correct check. The basic concept is that on all operating systems a CpuProfiler, and so its corresponding CpuCampler, the profiler is tied to a thread. This is not based on first principles or anything, it's simply the way it works in V8, though it is a useful conceit as it makes visualization and interpretation of profile data much easier. To collect a sample on a thread associated with a profiler the thread must be stopped for obvious reasons -- walking the stack of a running thread is a formula for disaster. The mechanism for stopping a thread is OS-specific and is done in sample.cc. There are currently three basic approaches, one for Linux/Unix variants, one for Windows and one for Fuchsia. The approaches vary as to which thread actually collects the sample -- under Linux the sample is actually collected on the (interrupted) sampled thread whereas under Fuchsia/Windows it's on a separate thread. However, in a multi-threaded environment (where Locker is used), it's not sufficient for the sampled thread to be stopped. Because the stack walk involves looking in the Isolate heap, no other thread can be messing with the heap while the sample is collected. The only ways to ensure this would be to either stop all threads whenever collecting a sample, or to ensure that the thread being sampled holds the Isolate lock so prevents other threads from messing with the heap. While there might be something to be said for the "stop all threads" approach, the current approach in V8 is to only stop the sampled thread so, if in a multi-threaded environment, the profiler must check if the thread being sampled holds the Isolate lock. Since this check must be done, independent of which thread the sample is being collected on (since it varies from OS to OS), the approach is to save the thread id of the thread to be profiled/sampled when the CpuSampler is instantiated (on all OSes it is instantiated on the sampled thread) and then check that thread id against the Isolate lock holder thread id before collecting a sample. If it matches, we know sample.cc has stop the sampled thread, one way or another, and we know that no other thread can mess with the heap (since the stopped thread holds the Isolate lock) so it's safe to walk the stack and collect data from the heap so the sample can be taken. It it doesn't match, we can't safely collect the sample so we don't. Bug: v8:10850 Change-Id: Iba6cabcd3e11a19c261c004103e37e806934dc6f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2411343Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#69952}
-