1. 08 Dec, 2018 1 commit
  2. 26 Nov, 2018 1 commit
  3. 24 Nov, 2018 1 commit
  4. 23 Nov, 2018 3 commits
    • Michael Lippautz's avatar
      [heap] Cleanup embedder tracing APIs · ce02d86b
      Michael Lippautz authored
      Provide processing scope that makes it impossible to maintain locally
      cached wrappers that could get invalidated in Blink and yield in
      crashers.
      
      Bug: chromium:843903, v8:8238
      Change-Id: I7ba1905f6c77a97bcc61ac42f921dcac4772471f
      Reviewed-on: https://chromium-review.googlesource.com/c/1349276
      Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#57795}
      ce02d86b
    • Michael Lippautz's avatar
      Reland "[heap] Improve embedder tracing during incremental marking" · 81b5f713
      Michael Lippautz authored
      Add a path into embedder tracing on allocation. This is safe as as Blink
      is not allowed to call into V8 during object construction.
      
      This is a reland of caed2cc0.
      
      Bug: chromium:843903
      Change-Id: I7faa8413966f6b4d37f19b235d46bb09e4d47235
      Bug: chromium:843903
      Reviewed-on: https://chromium-review.googlesource.com/c/1349330
      Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#57770}
      81b5f713
    • Yang Guo's avatar
      Revert "[heap] Improve embedder tracing during incremental marking" · cb93a308
      Yang Guo authored
      This reverts commit caed2cc0.
      
      Reason for revert: Breaks layout tests, e.g.
      
      https://test-results.appspot.com/data/layout_results/V8-Blink_Linux_64__dbg_/14924/webkit_layout_tests%20%28with%20patch%29/layout-test-results/results.html
      
      crash log for renderer (pid <unknown>):
      STDOUT: <empty>
      STDERR: 
      STDERR: 
      STDERR: #
      STDERR: # Fatal error in ../../v8/src/base/platform/elapsed-timer.h, line 24
      STDERR: # Debug check failed: !IsStarted().
      STDERR: #
      STDERR: #
      STDERR: #
      STDERR: #FailureMessage Object: 0x7ffc46707640#0 0x565409263b6f base::debug::StackTrace::StackTrace()
      STDERR: #1 0x56540a8a32fb gin::(anonymous namespace)::PrintStackTrace()
      STDERR: #2 0x56540a8980d8 V8_Fatal()
      STDERR: #3 0x56540a897e35 v8::base::(anonymous namespace)::DefaultDcheckHandler()
      STDERR: #4 0x565407971f02 v8::base::ElapsedTimer::Start()
      STDERR: #5 0x565407d08edf v8::internal::TimedHistogram::Start()
      STDERR: #6 0x565407e500d5 v8::internal::IncrementalMarking::AdvanceIncrementalMarkingOnAllocation()
      STDERR: #7 0x565407e4f977 v8::internal::IncrementalMarking::Observer::Step()
      STDERR: #8 0x565407e48092 v8::internal::AllocationObserver::AllocationStep()
      STDERR: #9 0x565407eb0751 v8::internal::SpaceWithLinearArea::InlineAllocationStep()
      STDERR: #10 0x565407eb3e44 v8::internal::NewSpace::EnsureAllocation()
      STDERR: #11 0x565407e258ff v8::internal::NewSpace::AllocateRaw()
      STDERR: #12 0x565407e06b2d v8::internal::Heap::AllocateRaw()
      STDERR: #13 0x565407e432ef v8::internal::Heap::AllocateRawWithLightRetry()
      STDERR: #14 0x565407e433cf v8::internal::Heap::AllocateRawWithRetryOrFail()
      STDERR: #15 0x565407e04d48 v8::internal::Factory::NewFixedArrayWithFiller()
      STDERR: #16 0x565407fd6339 v8::internal::HashTable<>::New()
      STDERR: #17 0x565407fd7be8 v8::internal::HashTable<>::EnsureCapacity()
      STDERR: #18 0x565407fc7e95 v8::internal::Dictionary<>::Add()
      STDERR: #19 0x565407fcf453 v8::internal::BaseNameDictionary<>::Add()
      STDERR: #20 0x565407f89ee4 v8::internal::LookupIterator::ApplyTransitionToDataProperty()
      STDERR: #21 0x5654080036e2 v8::internal::Object::AddDataProperty()
      STDERR: #22 0x56540793061f v8::internal::(anonymous namespace)::DefineDataProperty()
      STDERR: #23 0x56540792da59 v8::internal::(anonymous namespace)::InstantiateObject()
      STDERR: #24 0x56540792b75a v8::internal::(anonymous namespace)::InstantiateFunction()
      STDERR: #25 0x56540792b4db v8::internal::ApiNatives::InstantiateFunction()
      STDERR: #26 0x5654079594bf v8::FunctionTemplate::GetFunction()
      STDERR: #27 0x56540a7af74e blink::V8ObjectConstructor::CreateInterfaceObject()
      STDERR: #28 0x56540a7afe01 blink::V8PerContextData::ConstructorForTypeSlowCase()
      STDERR: #29 0x56540a7afdd6 blink::V8PerContextData::ConstructorForTypeSlowCase()
      STDERR: #30 0x56540a7afdd6 blink::V8PerContextData::ConstructorForTypeSlowCase()
      STDERR: #31 0x56540a7afcb4 blink::V8PerContextData::CreateWrapperFromCacheSlowCase()
      STDERR: #32 0x56540a7aef73 blink::V8DOMWrapper::CreateWrapper()
      STDERR: #33 0x56540a7abf6b blink::ScriptWrappable::Wrap()
      STDERR: #34 0x56540a677199 blink::V8Document::documentElementAttributeGetterCallback()
      STDERR: #35 0x565407a0aec3 v8::internal::FunctionCallbackArguments::Call()
      STDERR: #36 0x565407a097be v8::internal::(anonymous namespace)::HandleApiCallHelper<>()
      STDERR: #37 0x565407a0877b v8::internal::Builtins::InvokeApiFunction()
      STDERR: #38 0x565407fe785a v8::internal::Object::GetPropertyWithAccessor()
      STDERR: #39 0x565407fe697e v8::internal::Object::GetProperty()
      STDERR: #40 0x565407ec8c71 v8::internal::LoadIC::Load()
      STDERR: #41 0x565407ed6401 v8::internal::__RT_impl_Runtime_LoadIC_Miss()
      STDERR: #42 0x5654087593f2 <unknown>
      STDERR: [16162:16185:1122/143518.356897:WARNING:crash_handler_host_linux.cc(341)] Could not translate tid, attempt = 1 retry ...
      
      
      Original change's description:
      > [heap] Improve embedder tracing during incremental marking
      > 
      > Add a path into embedder tracing on allocation. This is safe as as Blink
      > is not allowed to call into V8 during object construction.
      > 
      > Bug: chromium:843903
      > Change-Id: I5af053c3169f5a33778ebce5d7c5c43e4efb1aa4
      > Reviewed-on: https://chromium-review.googlesource.com/c/1348749
      > Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
      > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#57757}
      
      TBR=ulan@chromium.org,mlippautz@chromium.org
      
      Change-Id: Ide2c0b284b52bee17573adcc89f14be4e40dab91
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: chromium:843903
      Reviewed-on: https://chromium-review.googlesource.com/c/1349189Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
      Commit-Queue: Yang Guo <yangguo@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#57759}
      cb93a308
  5. 22 Nov, 2018 1 commit
  6. 19 Sep, 2018 1 commit
  7. 21 Aug, 2018 1 commit
    • Michael Lippautz's avatar
      [embedder-tracing] Add GarbageCollectionForTesting call · a6938128
      Michael Lippautz authored
      This call can be used by embedder to request a GC for testing reasons.
      The GC also takes the current embedder stack state as an argument that
      is forwarded to the embedder when entering the atomic pause.
      
      This way embedders can request garbage collections for testing and set
      how the embedder should treat the stack.
      
      Bug: chromium:843903
      Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
      Change-Id: Id10604565b4457dd0fca402afeb5f8e592fa0bae
      Reviewed-on: https://chromium-review.googlesource.com/1183431
      Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#55285}
      a6938128
  8. 09 Jul, 2018 1 commit
  9. 23 Jun, 2017 1 commit
  10. 02 Jan, 2017 1 commit
  11. 24 Dec, 2016 1 commit
  12. 23 Dec, 2016 3 commits
  13. 22 Dec, 2016 3 commits
    • mlippautz's avatar
      Reland "[heap] Ensure progress when incrementally marking wrappers" · 61a55548
      mlippautz authored
      1) Alternate between processing v8 and wrappers
      2) Once v8 is empty, try 3 rounds of finding the fixpoint between v8 and wrappers
      3) After that, finalize once v8 marking deque is empty again
      
      BUG=
      
      Review-Url: https://codereview.chromium.org/2591383004
      Cr-Commit-Position: refs/heads/master@{#41932}
      61a55548
    • mlippautz's avatar
      Revert of [heap] Ensure progress when incrementally marking wrappers (patchset... · 73036fb6
      mlippautz authored
      Revert of [heap] Ensure progress when incrementally marking wrappers (patchset #3 id:60001 of https://codereview.chromium.org/2592403002/ )
      
      Reason for revert:
      This won't work because the finalization still checks whether both marking deques are empty, also calling into blink. So we never proceed there.
      
      Original issue's description:
      > [heap] Ensure progress when incrementally marking wrappers
      >
      > The problem here is estimating the marking step size for wrapper tracing. If the
      > steps are too small, we cannot keep up with the mutator creating new wrappers.
      > The result is an endless stream of incremental marking steps, alternating v8 and
      > wrappers tracing, without ever finalizing in a GC.
      >
      > The mitigation here is to abort finding the fix point after 10 incremental
      > iterations.
      >
      > A proper solution would track newly created wrappers on the blink side during
      > wrapper tracing. Will give this more thought after the holidays.
      >
      > BUG=chromium:668164, chromium:468240
      >
      > Review-Url: https://codereview.chromium.org/2592403002
      > Cr-Commit-Position: refs/heads/master@{#41923}
      > Committed: https://chromium.googlesource.com/v8/v8/+/a47417b89373c615f9256800cfc803d84ba58378
      
      TBR=ulan@chromium.org
      # Skipping CQ checks because original CL landed less than 1 days ago.
      NOPRESUBMIT=true
      NOTREECHECKS=true
      NOTRY=true
      BUG=chromium:668164, chromium:468240
      
      Review-Url: https://codereview.chromium.org/2602433002
      Cr-Commit-Position: refs/heads/master@{#41924}
      73036fb6
    • mlippautz's avatar
      [heap] Ensure progress when incrementally marking wrappers · a47417b8
      mlippautz authored
      The problem here is estimating the marking step size for wrapper tracing. If the
      steps are too small, we cannot keep up with the mutator creating new wrappers.
      The result is an endless stream of incremental marking steps, alternating v8 and
      wrappers tracing, without ever finalizing in a GC.
      
      The mitigation here is to abort finding the fix point after 10 incremental
      iterations.
      
      A proper solution would track newly created wrappers on the blink side during
      wrapper tracing. Will give this more thought after the holidays.
      
      BUG=chromium:668164, chromium:468240
      
      Review-Url: https://codereview.chromium.org/2592403002
      Cr-Commit-Position: refs/heads/master@{#41923}
      a47417b8
  14. 20 Dec, 2016 1 commit