1. 05 Dec, 2019 1 commit
  2. 29 Nov, 2019 3 commits
    • Sigurd Schneider's avatar
      Reland "[exceptions] Don't re-request interrupt in InvokeWithTryCatch" · b9df6e1c
      Sigurd Schneider authored
      This is a reland of 4ed9d48f
      
      CompileRun leads to undefined behavior if the compile fails;
      CompileRunChecked can be used to assert that the compile must
      succeed. I've removed the attempt to compile and rely on a
      simpler check in the tests now.
      
      Original change's description:
      > [exceptions] Don't re-request interrupt in InvokeWithTryCatch
      >
      > This CL changes InvokeWithTryCatch to not re-request the terminate
      > execution interrupt, but instead schedule the termination exception.
      > This ensures that leaving the outermost TryCatch scope will clear
      > the exception, and no interrupt remains.
      >
      > Previously, the interrupt request could remain and prevent further
      > JavaScript execution even after the TryCatch scope was left.
      >
      > Change-Id: I1e603dc822bbcb0def4cf0a898d59cf8d4b9d039
      > Bug: chromium:1014415
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1871910
      > Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
      > Reviewed-by: Yang Guo <yangguo@chromium.org>
      > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#65255}
      
      Tbr: yangguo@chromium.org, verwaest@chromium.org
      Bug: chromium:1014415
      Change-Id: I29444c4b7ea5a158865f54d4608f374914f7b133
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1943151Reviewed-by: 's avatarSigurd Schneider <sigurds@chromium.org>
      Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#65258}
      b9df6e1c
    • Leszek Swirski's avatar
      Revert "[exceptions] Don't re-request interrupt in InvokeWithTryCatch" · 48367856
      Leszek Swirski authored
      This reverts commit 4ed9d48f.
      
      Reason for revert: UBSan failure https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20UBSan/9084
      
      Original change's description:
      > [exceptions] Don't re-request interrupt in InvokeWithTryCatch
      > 
      > This CL changes InvokeWithTryCatch to not re-request the terminate
      > execution interrupt, but instead schedule the termination exception.
      > This ensures that leaving the outermost TryCatch scope will clear
      > the exception, and no interrupt remains.
      > 
      > Previously, the interrupt request could remain and prevent further
      > JavaScript execution even after the TryCatch scope was left.
      > 
      > Change-Id: I1e603dc822bbcb0def4cf0a898d59cf8d4b9d039
      > Bug: chromium:1014415
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1871910
      > Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
      > Reviewed-by: Yang Guo <yangguo@chromium.org>
      > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#65255}
      
      TBR=yangguo@chromium.org,sigurds@chromium.org,verwaest@chromium.org
      
      Change-Id: Iedefe5320d8bdc442a87e03698a20daf6a0ebf4f
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: chromium:1014415
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1943149Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
      Commit-Queue: Leszek Swirski <leszeks@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#65256}
      48367856
    • Sigurd Schneider's avatar
      [exceptions] Don't re-request interrupt in InvokeWithTryCatch · 4ed9d48f
      Sigurd Schneider authored
      This CL changes InvokeWithTryCatch to not re-request the terminate
      execution interrupt, but instead schedule the termination exception.
      This ensures that leaving the outermost TryCatch scope will clear
      the exception, and no interrupt remains.
      
      Previously, the interrupt request could remain and prevent further
      JavaScript execution even after the TryCatch scope was left.
      
      Change-Id: I1e603dc822bbcb0def4cf0a898d59cf8d4b9d039
      Bug: chromium:1014415
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1871910
      Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
      Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
      Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#65255}
      4ed9d48f
  3. 12 Jul, 2019 1 commit
  4. 28 Jun, 2019 1 commit
  5. 27 Jun, 2019 1 commit
  6. 13 Jun, 2019 2 commits
  7. 06 Jun, 2019 1 commit
  8. 27 May, 2019 1 commit
  9. 23 May, 2019 1 commit
  10. 22 May, 2019 1 commit
  11. 21 May, 2019 1 commit
  12. 17 May, 2019 1 commit
  13. 16 May, 2019 3 commits
  14. 07 May, 2019 1 commit
  15. 17 Apr, 2019 2 commits
    • Clemens Hammacher's avatar
      Reland "[wasm] Add stack guard for logging code" · 48635511
      Clemens Hammacher authored
      This is a reland of 067ba2a0.
      Unchanged reland, hence TBR.
      
      Original change's description:
      > [wasm] Add stack guard for logging code
      >
      > Benchmarks or worker threads might never return to the event queue,
      > hence they will never execute the scheduled foreground task to log
      > compiled and published wasm code.
      > This CL adds a stack guard to log the code, to ensure that we also log
      > it for wasm code that never returns to the event queue.
      >
      > R=mstarzinger@chromium.org
      >
      > Bug: v8:9104
      > Change-Id: I176959cadb4ab3a60153d0717530c032272ad3e8
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1561073
      > Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
      > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#60879}
      
      TBR=mstarzinger@chromium.org
      
      Bug: v8:9104
      Change-Id: I105b37ef8429d16ef5b983919ba8bca615e347c0
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570017Reviewed-by: 's avatarClemens Hammacher <clemensh@chromium.org>
      Reviewed-by: 's avatarMichael Starzinger <mstarzinger@chromium.org>
      Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#60899}
      48635511
    • Michael Hablich's avatar
      Revert "[wasm] Add stack guard for logging code" · 6ce63fd8
      Michael Hablich authored
      This reverts commit 067ba2a0.
      
      Reason for revert: blocks roll: https://chromium-review.googlesource.com/c/chromium/src/+/1570208
      
      21:26:22.251 27507   # Fatal error in ../../v8/src/profiler/profile-generator.cc, line 19
      21:26:22.251 27507   # Debug check failed: line > 0 (0 vs. 0).
      21:26:22.251 27507   #
      21:26:22.251 27507   #
      21:26:22.251 27507   #
      21:26:22.252 27507   #FailureMessage Object: 0x7ffe851046a0#0 0x56532cb371f9 base::debug::CollectStackTrace()
      21:26:22.252 27507   #1 0x56532ca70863 base::debug::StackTrace::StackTrace()
      21:26:22.252 27507   #2 0x56532e99610b gin::(anonymous namespace)::PrintStackTrace()
      21:26:22.252 27507   #3 0x56532e989468 V8_Fatal()
      21:26:22.252 27507   #4 0x56532e9891c5 v8::base::(anonymous namespace)::DefaultDcheckHandler()
      21:26:22.252 27507   #5 0x56532b2bb876 v8::internal::SourcePositionTable::SetPosition()
      21:26:22.252 27507   #6 0x56532b2c2268 v8::internal::ProfilerListener::CodeCreateEvent()
      21:26:22.252 27507   #7 0x56532ae25275 v8::internal::(anonymous namespace)::LogFunctionCompilation()
      21:26:22.252 27507   #8 0x56532ae26008 v8::internal::OptimizedCompilationJob::RecordFunctionCompilation()
      21:26:22.252 27507   #9 0x56532ae32a08 v8::internal::Compiler::FinalizeOptimizedCompilationJob()
      21:26:22.252 27507   #10 0x56532ae228eb v8::internal::OptimizingCompileDispatcher::InstallOptimizedFunctions()
      21:26:22.252 27507   #11 0x56532af14e4a v8::internal::StackGuard::HandleInterrupts()
      21:26:22.252 27507   #12 0x56532b35f2ec v8::internal::__RT_impl_Runtime_StackGuard()
      21:26:22.252 27507   #13 0x56532bba6720 <unknown>
      
      Original change's description:
      > [wasm] Add stack guard for logging code
      > 
      > Benchmarks or worker threads might never return to the event queue,
      > hence they will never execute the scheduled foreground task to log
      > compiled and published wasm code.
      > This CL adds a stack guard to log the code, to ensure that we also log
      > it for wasm code that never returns to the event queue.
      > 
      > R=​mstarzinger@chromium.org
      > 
      > Bug: v8:9104
      > Change-Id: I176959cadb4ab3a60153d0717530c032272ad3e8
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1561073
      > Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
      > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#60879}
      
      TBR=mstarzinger@chromium.org,clemensh@chromium.org
      
      Change-Id: I63dc56a41747caf683b14869a2d62017fd0301c1
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: v8:9104
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1570012Reviewed-by: 's avatarMichael Hablich <hablich@chromium.org>
      Commit-Queue: Michael Hablich <hablich@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#60890}
      6ce63fd8
  16. 16 Apr, 2019 1 commit
  17. 25 Mar, 2019 1 commit
    • Benedikt Meurer's avatar
      [tracing] Properly trace stack guards and interrupts. · b8490293
      Benedikt Meurer authored
      Add tracing support for the %StackGuard() and %Interrupt() runtime calls
      and the individual actions performed in StackGuard::HandleInterrupts().
      This includes:
      
       - "V8.GCHandleGCRequest" (in "disabled-by-default-v8.gc") when the
         GC_REQUEST bit is set.
       - "V8.WasmGrowSharedMemory" (in "disabled-by-default-v8.wasm") when
         the GROW_SHARED_MEMORY bit is set.
       - "V8.TerminateExecution" (in "v8.execute") when the
         TERMINATE_EXECUTION bit is set.
       - "V8.GCDeoptMarkedAllocationSites" (in "disabled-by-default-v8.gc")
         when the DEOPT_MARKED_ALLOCATION_SITES bit is set.
       - "V8.InstallOptimizedFunctions" (in "disabled-by-default-v8.compile")
         when the INSTALL_CODE bit is set.
       - "V8.InvokeApiInterruptCallbacks" (in "v8.execute") when the
         API_INTERRUPT bit is set.
      
      Now we also emit a trace event "V8.MarkCandidatesForOptimization" (in
      "disabled-by-default-v8.compile") in addition to the above from the
      RuntimeProfiler when we mark candidates for optimization at the end
      of each stack check.
      
      An example of the "V8.InstallOptimizedFunctions" in action (in the
      trace viewer) can be seen here:
      
        https://i.paste.pics/094a04af035eedc0690cd4079afa28f1.png
      
      This supersedes the previously introduced --trace-interrupts CLI flag,
      which is thus removed as part of this change.
      
      Bug: v8:8598
      Change-Id: I3c3375d00b07cbe700b6912097d7264031ace802
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1538116
      Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
      Reviewed-by: 's avatarPeter Marshall <petermarshall@chromium.org>
      Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#60428}
      b8490293
  18. 06 Mar, 2019 3 commits
    • Deepti Gandluri's avatar
      Reland "[wasm] Lazy update instances on a shared Memory.Grow" · 365b637c
      Deepti Gandluri authored
      This is a reland of 80f06d6f
      
      Original change's description:
      > [wasm] Lazy update instances on a shared Memory.Grow
      > 
      >  - Introduce a GROW_SHARED_MEMORY interrupt, and handler
      >  - Memory objects for isolates are updated on a stack check, add
      >    tracking for isolates that hit the stack check
      >  - When enough memory is not reserved ahead of time, fail to grow
      >  - Add tracking for externalized buffers in the MemoryTracker so
      >    that the MemoryTracker will know when backing_stores can be freed.
      >  - For shared buffer, do not always allocate a new buffer when
      >    growing an externalized buffer
      > 
      > 
      > Change-Id: I9cf1be19f2f165fa6ea4096869f7d6365304c8c4
      > Bug: v8:8564
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1472430
      > Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
      > Reviewed-by: Ben Smith <binji@chromium.org>
      > Reviewed-by: Andreas Haas <ahaas@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#60064}
      
      Bug: v8:8564
      Change-Id: Id0cf8e42a9d54ac702dba351e248a1b92713c98a
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1506357Reviewed-by: 's avatarBill Budge <bbudge@chromium.org>
      Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#60071}
      365b637c
    • Bill Budge's avatar
      Revert "[wasm] Lazy update instances on a shared Memory.Grow" · e15bb0b3
      Bill Budge authored
      This reverts commit 80f06d6f.
      
      Reason for revert: failing grow-memory tests
      
      Original change's description:
      > [wasm] Lazy update instances on a shared Memory.Grow
      > 
      >  - Introduce a GROW_SHARED_MEMORY interrupt, and handler
      >  - Memory objects for isolates are updated on a stack check, add
      >    tracking for isolates that hit the stack check
      >  - When enough memory is not reserved ahead of time, fail to grow
      >  - Add tracking for externalized buffers in the MemoryTracker so
      >    that the MemoryTracker will know when backing_stores can be freed.
      >  - For shared buffer, do not always allocate a new buffer when
      >    growing an externalized buffer
      > 
      > 
      > Change-Id: I9cf1be19f2f165fa6ea4096869f7d6365304c8c4
      > Bug: v8:8564
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1472430
      > Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
      > Reviewed-by: Ben Smith <binji@chromium.org>
      > Reviewed-by: Andreas Haas <ahaas@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#60064}
      
      TBR=binji@chromium.org,titzer@chromium.org,gdeepti@chromium.org,ahaas@chromium.org
      
      Change-Id: I2ed0b59bcbb285b701172b401d606963261d375c
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: v8:8564
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1506355Reviewed-by: 's avatarBill Budge <bbudge@chromium.org>
      Commit-Queue: Bill Budge <bbudge@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#60068}
      e15bb0b3
    • Deepti Gandluri's avatar
      [wasm] Lazy update instances on a shared Memory.Grow · 80f06d6f
      Deepti Gandluri authored
       - Introduce a GROW_SHARED_MEMORY interrupt, and handler
       - Memory objects for isolates are updated on a stack check, add
         tracking for isolates that hit the stack check
       - When enough memory is not reserved ahead of time, fail to grow
       - Add tracking for externalized buffers in the MemoryTracker so
         that the MemoryTracker will know when backing_stores can be freed.
       - For shared buffer, do not always allocate a new buffer when
         growing an externalized buffer
      
      
      Change-Id: I9cf1be19f2f165fa6ea4096869f7d6365304c8c4
      Bug: v8:8564
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1472430
      Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
      Reviewed-by: 's avatarBen Smith <binji@chromium.org>
      Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#60064}
      80f06d6f
  19. 04 Mar, 2019 1 commit
  20. 04 Feb, 2019 1 commit
  21. 18 Jan, 2019 1 commit
  22. 17 Jan, 2019 2 commits
  23. 10 Jan, 2019 1 commit
    • tzik's avatar
      Shuffle the parameter ordering of JSEntry · 7efa02a3
      tzik authored
      This moves |root_register_value| parameter of JSEntryFunction to the
      first. I.e. the type of entry function will be changed from
       Object*(Object* new_target, Object* target, Object* receiver,
               int argc, Object*** args,
               Address root_register_value)
      to
       Object*(Address root_register_value,
               Object* new_target, Object* target, Object* receiver,
               int argc, Object*** args),
      and moves all parameter handling except for |root_register_value| from
      JSEntryVariant to JSEntryTrampolineHelper.
      
      This is a preparation to add another JS entry point for RunMicrotasks,
      whose type will be
       Object*(Address root_register_value, MicrotaskQueue*).
      The new entry point requires |root_register_value| to be the first to
      share the implementation of the EntryFrame setup with existing ones.
      
      Bug: v8:8124
      Change-Id: I675376a2ccd240f61cf04eea6fe9a91031e06ede
      Reviewed-on: https://chromium-review.googlesource.com/c/1372857
      Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
      Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#58683}
      7efa02a3
  24. 08 Jan, 2019 2 commits
    • Jakob Kummerow's avatar
      [ubsan] Rename ObjectPtr to Object · ae8f83fe
      Jakob Kummerow authored
      The two names refer to the same thing by now, so this patch is
      entirely mechanical.
      
      Bug: v8:3770
      Change-Id: Ia360c06c89af6b3da27fd21bbcaeb2bdaa28ce22
      Reviewed-on: https://chromium-review.googlesource.com/c/1397705Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
      Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
      Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#58615}
      ae8f83fe
    • tzik's avatar
      Pass argc of JSEntry as intptr_t · 088f9c60
      tzik authored
      |argc| parameter of JSEntry is passed as int from C++ code, and loaded
      into a register on the asm code. As int is 32 bit, and registers are
      64 bit on 64 bit platforms, upper 32 bits of the loaded value may be
      contaminated by a random value if it's passed as a stack parameter.
      
      For now, |argc| is passed as a register parameter on all platforms, and
      the upper 32 bits of |argc| is filled by zero, fortunately. However, if
      we shuffle the order of parameters, |argc| can be passed as a stack
      parameter and its value may be broken.
      
      Specifically on x64 Windows, the first 4 parameters are passed as
      register parameters and the rest are stack parameters. As |argc| is the
      4th parameter, if we prepend another parameter and shift |argc| to
      the 5th parameter, |argc| will become a stack parameter and its load
      to 64 bit register breaks the value.
      
      This CL converts the type of the |argc| parameter to intptr_t, so that
      it's safe to load from stack to full width registers.
      
      Bug: v8:8124
      Change-Id: Ie7407cf5e6252ed7323a9c42389db387b0064673
      Reviewed-on: https://chromium-review.googlesource.com/c/1400326Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#58614}
      088f9c60
  25. 26 Dec, 2018 1 commit
  26. 20 Dec, 2018 1 commit
  27. 18 Dec, 2018 2 commits
  28. 10 Dec, 2018 1 commit
    • Peter Marshall's avatar
      [runtime] Set arguments limit to FixedArray::kMaxLength · 4d2b197d
      Peter Marshall authored
      Right now, this is the limit implicitly imposed for spread/apply calls
      as to actually do a spread/apply call through CallVarargs, you need to
      pass a FixedArray with the args to be pushed.
      
      Likewise, turbofan can only materialize an arguments object with a
      backing store of length FixedArray::kMaxLength.
      
      The practical limit that users will actually hit is the stack - this
      change doesn't change that, it just documents what the actual limit is.
      
      This would actually allow an embedder/custom fork to increase stack
      size and still be able to make spread/apply calls with a large number
      of args.
      
      Change-Id: If5e66a61ed3f9df36031eb098646d48fc2ca2507
      Reviewed-on: https://chromium-review.googlesource.com/c/1367451Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
      Reviewed-by: 's avatarJaroslav Sevcik <jarin@chromium.org>
      Commit-Queue: Peter Marshall <petermarshall@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#58119}
      4d2b197d
  29. 07 Dec, 2018 1 commit
    • Jakob Gruber's avatar
      [nojit] Migrate JSEntry variants to builtins · b89d4249
      Jakob Gruber authored
      This migrates the JSEntryStub to three dedicated builtins:
      
      JSEntry
      JSConstructEntry
      JSRunMicrotasksEntry
      
      Drive-by: Tweaks to make the code isolate-independent (e.g. using the
      correct macro assembler method to load and store external references
      through the kRootRegister).
      Drive-by: The context slot on x64/ia32 must be set up after
      kRootRegister is initialized, so we first reserve the slot and later
      load its value.
      Drive-by: Update all remaining comments referencing JSEntryStub.
      
      Bug: v8:7777
      Change-Id: Ie3ba17ffb3bde6f18ec1d26d778b258719b2d4ef
      Reviewed-on: https://chromium-review.googlesource.com/c/1365275Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#58088}
      b89d4249