Skip to content

V
V8
Switch branch/tag
  1. 19 Jan, 2021 1 commit
    • Clemens Backes's avatar
      [wasm] Fix tier-down test for multiple isolates · 81b3372e
      Clemens Backes authored 
      The test was explicitly tiering up or down a module, without respecting
other isolates. Thus it was failing in multi-isolate mode.
This CL removes two runtime functions which do not make sense in a
multi-isolate setting (and were only used in this one test), and
replaces them with runtime functions that mimic what enabling/disabling
the debugger domain does: As long as there is at least one isolate which
needs modules to be tiered down, we keep them tiered down.

R=thibaudm@chromium.org

Bug: v8:10359, v8:10099
Change-Id: Ia85f4ea29ba6a6bb54aca54a48fadd351121d3eb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2637231Reviewed-by: 's avatarThibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72164}
      81b3372e
  3. 17 Dec, 2020 1 commit
  5. 16 Dec, 2020 1 commit
  7. 10 Dec, 2020 1 commit
  9. 08 Dec, 2020 3 commits
    • Clemens Backes's avatar
      Reland "[wasm] Pass the script ID to code logging" · a58a5e59
      Clemens Backes authored 
      This is a reland of ab4d9717.
The original CL did a std::move before the final use of the NativeModule.
PS2 removes that.

TBR=petermarshall@chromium.org, thibaudm@chromium.org

Original change's description:
> [wasm] Pass the script ID to code logging
>
> We didn't pass a script ID with the code creation events for profiling.
> This made DevTools lose the connection to the wasm script, hence
> jumping from the profiler entry to the source did not work.
>
> This CL changes the timing of code logging a bit such that the script is
> always allocated before logging. In the queue of code to be logged we
> then also store the script ID, and finally set it on the {CodeEntry}
> object.
>
> R=thibaudm@chromium.org
>
> Bug: chromium:1125986
> Change-Id: I2248c1d520bc819436bbe732373f7a3446b64f48
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2575057
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71654}

Bug: chromium:1125986
Cq-Include-Trybots: luci.v8.try:v8_linux64_ubsan_rel_ng
Change-Id: I2a7c5fe04fff726836b1279e3d05b1702a4efb76
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2578980Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Reviewed-by: 's avatarPeter Marshall <petermarshall@chromium.org>
Reviewed-by: 's avatarThibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71663}
      a58a5e59
    • Clemens Backes's avatar
      Revert "[wasm] Pass the script ID to code logging" · 8d013ea1
      Clemens Backes authored 
      This reverts commit ab4d9717.

Reason for revert: UBSan issues: https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20UBSan/14184/overview

Original change's description:
> [wasm] Pass the script ID to code logging
>
> We didn't pass a script ID with the code creation events for profiling.
> This made DevTools lose the connection to the wasm script, hence
> jumping from the profiler entry to the source did not work.
>
> This CL changes the timing of code logging a bit such that the script is
> always allocated before logging. In the queue of code to be logged we
> then also store the script ID, and finally set it on the {CodeEntry}
> object.
>
> R=​thibaudm@chromium.org
>
> Bug: chromium:1125986
> Change-Id: I2248c1d520bc819436bbe732373f7a3446b64f48
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2575057
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#71654}

TBR=petermarshall@chromium.org,clemensb@chromium.org,thibaudm@chromium.org

Change-Id: I03c90c77b55e770797a6d66b1d778992a047e07a
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:1125986
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2575070Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71660}
      8d013ea1
    • Clemens Backes's avatar
      [wasm] Pass the script ID to code logging · ab4d9717
      Clemens Backes authored 
      We didn't pass a script ID with the code creation events for profiling.
This made DevTools lose the connection to the wasm script, hence
jumping from the profiler entry to the source did not work.

This CL changes the timing of code logging a bit such that the script is
always allocated before logging. In the queue of code to be logged we
then also store the script ID, and finally set it on the {CodeEntry}
object.

R=thibaudm@chromium.org

Bug: chromium:1125986
Change-Id: I2248c1d520bc819436bbe732373f7a3446b64f48
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2575057
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: 's avatarPeter Marshall <petermarshall@chromium.org>
Reviewed-by: 's avatarThibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71654}
      ab4d9717
  11. 02 Dec, 2020 1 commit
  13. 30 Nov, 2020 1 commit
  15. 28 Nov, 2020 1 commit
  17. 24 Nov, 2020 1 commit
  19. 20 Nov, 2020 1 commit
  21. 18 Nov, 2020 1 commit
  23. 30 Oct, 2020 1 commit
    • Martin Bidlingmaier's avatar
      [regexp] Add 'l' flag to force experimental engine · 5720d205
      Martin Bidlingmaier authored 
      This commit adds the 'l' (linear) RegExp flag (as in e.g. /asdf|123/l)
that forces execution in linear time.  These regexps are handled by the
experimental engine.  If the experimental engine cannot handle the
pattern, an exception is thrown on creation of the regexp.

The commit also adds a new global V8 flag and changes an existing one:
* --enable-experimental-engine, which turns on recognition of the RegExp
  'l' flag.  Previously this flag also caused all supported regexps to
  be executed by the experimental engine; this is not the case anymore.
* --default-to-experimental-regexp-engine takes over the previous
  semantics of --enable-experimental-regexp-engine:  We execute all
  supported regexps with the experimental engine.

Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel_ng
Bug: v8:10765
Change-Id: I5622a89b19404105e8be280d454e9fdd63c003b3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2461244Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
Reviewed-by: 's avatarSimon Zünd <szuend@chromium.org>
Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
Commit-Queue: Martin Bidlingmaier <mbid@google.com>
Cr-Commit-Position: refs/heads/master@{#70892}
      5720d205
  25. 28 Oct, 2020 2 commits
  27. 27 Oct, 2020 2 commits
  29. 26 Oct, 2020 1 commit
    • Leszek Swirski's avatar
      [test] Speed up mjsunit/regress/regress-542823 more · 2361c7c6
      Leszek Swirski authored 
      Make the array elements in msunit/regress/regress-542823 larger, so that
it takes fewer of them to force the joined string to go into large
object space. Also, set the array's size dynamically based on the
maximum non-large object size, rather than having a fixed magic "large
enough" size, and verify that the resulting joined string is indeed in
LO space.

This reduces the runtime of this test under slow_path and gc-stress from
minutes to seconds.

Bug: v8:11060
Change-Id: I51d960b6a3e052199f50c1a6ba6fbce1b6d1ae38
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2498689
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: 's avatarMichael Achenbach <machenbach@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70762}
      2361c7c6
  31. 23 Oct, 2020 1 commit
  33. 15 Sep, 2020 2 commits
  35. 14 Sep, 2020 1 commit
  37. 10 Sep, 2020 1 commit
    • Pierre Langlois's avatar
      [cctest][heap] Do not rely on page limit for full space simulation. · 01dbc9f6
      Pierre Langlois authored 
      This reverts https://chromium-review.googlesource.com/c/v8/v8/+/2372545
in favour of different solution. In order to simulate filling up a page,
it's not suitable to look at the limit() since there might be observers
that have lowered it, so the page will not actually be full.

Instead, let's relax the CHECK() in CreatePadding() to not look at the
limit() but all available space.

For instance, the test-heap/Regress978156 cctest uses FillCurrentPage()
to fill the current page. However if there's an observer on the current
page, it will not be filled entirely and the test will fail. This works
because by default, when the new space is empty, the scavenger observer
happens to be on the second page of the space. However if one changes
the V8 page size to 512k, then it fails.

This can be reproduced as such:

    # Make sure the scavenge trigger is on the first page.
    ./cctest test-heap/Regress978156  --scavenge-task-trigger=10

    # Stress marking adds random observers to trigger incremental
    # marking.
    ./cctest test-heap/Regress978156  --stress-marking=100

This issue also causes crashes when using the %SimulateNewspaceFull()
runtime test function, as found by fuzzing and you can find more details
in the bug.

Bug: v8:10808, v8:9906, chromium:1122848
Change-Id: Ie043ae0a1d3754d2423cb5d97f2b3e1ee860e5c8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2401427Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
Commit-Queue: Pierre Langlois <pierre.langlois@arm.com>
Cr-Commit-Position: refs/heads/master@{#69805}
      01dbc9f6
  39. 31 Aug, 2020 1 commit
  41. 25 Aug, 2020 1 commit
    • Pierre Langlois's avatar
      [cctest][heap] Fix remaining memory calculation to simulate full pages. · 243b7f63
      Pierre Langlois authored 
      The cctests need to simulate full pages, however the calculation of the
remainging available space is wrong causing an assertion when we change
the V8 page size to 512K:

    $ cctest test-array-buffer-tracker/ArrayBuffer_PagePromotion

    #
    # Fatal error in ../../test/cctest/heap/heap-utils.cc, line 94
    # Check failed: padding_size <= overall_free_memory || overall_free_memory == 0.

The reason is:

  - On startup, we register a scavenger observer on the new space. The
    observer is set to trigger when the new space capacity is at 80% by
    default.

  - On linux, the initial capacity of the new space is 512K, so the
    scavenger observer will be placed at 80% of 512K, which will either
    be in the second page of the space if the page size is 256K, or in
    the first page if the page size is 512K.

  - When placing the observer, if the observer hits the first page, we
    lower the allocation limit (see `ComputeLimit()`). This makes sure
    the observer isn't skipped by allocations inlined in generated code.

However, when we simulate filling the current page, we compute the space
left in the current page by comparing the top with the `page_high()`
rather than `limit()`. This was done so the tests would also work when
inlined allocations are disabled. If we don't look at the `limit()`, we
don't take the observer into account and fill more space than is
available, triggering the assertion.

This can also be reproduced by reducing the % at which the scavenger is
triggered so that it hits the first page instead of the second when the
page size is 256K, for example passing --scavenge-task-trigger=10.

Bug v8:10808, v8:9906

Change-Id: Iad50bb68995de5ee017dcbe069d1fb229c9f5985
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2372545
Commit-Queue: Pierre Langlois <pierre.langlois@arm.com>
Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69550}
      243b7f63
  43. 11 Aug, 2020 2 commits
  45. 07 Aug, 2020 1 commit
    • Leszek Swirski's avatar
      Revert "[wasm] Ensure that only TurboFan code is serialized" · cf325b5a
      Leszek Swirski authored 
      This reverts commit 60ee70bb.

Reason for revert: wasm-api-tests/WasmCapiTest.Serialize starts flaking: https://crbug.com/v8/10784

Original change's description:
> [wasm] Ensure that only TurboFan code is serialized
> 
> We have the implicit assumption that Liftoff code will never be
> serialized, and we start relying on that when implementing new features
> (debugging, dynamic tiering).
> 
> This CL makes the serializer fail if the module contains any Liftoff
> code. Existing tests are changed to ensure that we fully tiered up
> before serializing a module (similar to the logic in Chromium).
> The "wasm-clone-module" test needs to serialize the module before
> enabling the debugger.
> 
> Note that chrome currently only serializes a module after it fully
> tiered up, so that should be fine. If other embedders need the ability
> to serialize a module in an arbitrary state, we will have to fix this
> later. With this CL we will be on the safe side though and (gracefully)
> fail serialization instead of accidentally serializing Liftoff code.
> 
> R=​ahaas@chromium.org
> 
> Bug: v8:10777
> Change-Id: I1245e5f7fda3447a544c1e3525e1239cde759174
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2336799
> Commit-Queue: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#69276}

TBR=ahaas@chromium.org,clemensb@chromium.org

Change-Id: Ic1349375bd562bb0a2724c39c27ef3247461c97b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:10777
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2342845Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69284}
      cf325b5a
  47. 06 Aug, 2020 1 commit
    • Clemens Backes's avatar
      [wasm] Ensure that only TurboFan code is serialized · 60ee70bb
      Clemens Backes authored 
      We have the implicit assumption that Liftoff code will never be
serialized, and we start relying on that when implementing new features
(debugging, dynamic tiering).

This CL makes the serializer fail if the module contains any Liftoff
code. Existing tests are changed to ensure that we fully tiered up
before serializing a module (similar to the logic in Chromium).
The "wasm-clone-module" test needs to serialize the module before
enabling the debugger.

Note that chrome currently only serializes a module after it fully
tiered up, so that should be fine. If other embedders need the ability
to serialize a module in an arbitrary state, we will have to fix this
later. With this CL we will be on the safe side though and (gracefully)
fail serialization instead of accidentally serializing Liftoff code.

R=ahaas@chromium.org

Bug: v8:10777
Change-Id: I1245e5f7fda3447a544c1e3525e1239cde759174
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2336799
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69276}
      60ee70bb
  49. 05 Aug, 2020 2 commits
  51. 29 Jul, 2020 1 commit
  53. 07 Jul, 2020 2 commits
  55. 06 Jul, 2020 1 commit
  57. 30 Jun, 2020 1 commit
  59. 18 Jun, 2020 1 commit
  61. 05 Jun, 2020 2 commits
    • Clemens Backes's avatar
      [wasm][debug] Fully tier up on Debugger.disable · 7637ed59
      Clemens Backes authored 
      When the last debugger is disabled, we tier up the module to TurboFan.
Doing this in the background creates problems with profiling, where the
debugger is disabled before starting to profile, in order to guarantee
profiling of top-tier code.

Hence this CL changes the logic such that we only return from the
{TierUpAllModulesPerIsolate} methods once tier up is complete. Since
the DevTools frontend disables all debuggers before starting a profile,
this will ensure that all new calls execute TurboFan code.
Because of this change, the {TriggerRecompilation} method is renamed to
{RecompileForTiering}.

The test cases stay unchanged (do a busy wait until tier up is done),
because in the multi-isolates tests it is not guaranteed that tier up is
complete after disabling a single debugger.

R=thibaudm@chromium.org

Bug: v8:10580
Change-Id: I75c4b97825f856f562cfa656c11293d3b964898b
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_isolates_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2232539
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: 's avatarThibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68212}
      7637ed59
    • Arnaud Robin's avatar
      [wasm] Add indentation and function names when tracing function calls · e9380ae2
      Arnaud Robin authored 
      Added display of identation, function index, function names and compiler
used when tracing function calls in wasm.

R=clemensb@chromium.org

Bug: v8:10559
Change-Id: I58b4e7b077365bdee7bae9b5ad8a50178c322147
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2230532
Commit-Queue: Arnaud Robin <arobin@google.com>
Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68198}
      e9380ae2